[syncd.sh] stop pmon ahead of syncd in flows except warm reboot #7
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -104,11 +104,12 @@ start() { | |
| if [[ x"$WARM_BOOT" != x"true" ]]; then | ||
| if [[ x"$(/bin/systemctl is-active pmon)" == x"active" ]]; then | ||
| /bin/systemctl stop pmon | ||
| debug "pmon is active while syncd starting, stop it first" | ||
| fi | ||
| /usr/bin/hw-management.sh chipdown | ||
|
There was a problem hiding this comment. previously if pmon not active, there is no action to pmon service, here we changed the behavior, no matter pmon is active or not, it will be restarted, I would like to hear comments from someone else. There was a problem hiding this comment.
Originally there is no dependency between pmon and syncd, which means they can start/stop independently. Now we've introduced a dependency on syncd for pmon so that pmon is stopped whenever syncd stops. However there is no mechanism to ensure that pmon will be started after syncd starts especially in case of "systemctl reload swss". |
||
| debug "Starting pmon service..." | ||
| /bin/systemctl restart pmon | ||
|
There was a problem hiding this comment. Any preference for 'restart' over 'start' ? There was a problem hiding this comment. In this case 'Restarting pmon service...' debug message should better describe the flow There was a problem hiding this comment. No need to use "restart" here. Use 'start' instead. |
||
| debug "Started pmon service" | ||
|
There was a problem hiding this comment.
In order to be consistent with other services. There was a problem hiding this comment. @stephenxs looks like these changes prevent pmon restart in case of config reload after warm-boot. Not sure if this is desired behaviour. |
||
| fi | ||
|
|
||
| if [[ x"$BOOT_TYPE" == x"fast" ]]; then | ||
|
|
@@ -150,6 +151,12 @@ stop() { | |
| TYPE=cold | ||
| fi | ||
|
|
||
| if [[ x$sonic_asic_platform == x"mellanox" ]] && [[ x$TYPE == x"cold" ]]; then | ||
|
There was a problem hiding this comment. Note that TYPE is set according to /proc/cmdline. In such flow x$TYPE == x"fastfast" but obviously such service restart was meant to be cold There was a problem hiding this comment. According to the code, type is determined by whether WARM_BOOT being "true" and WARM_BOOT is determined by whether WARM_RESTART_ENABLE_TABLE|system and WARM_RESTART_ENABLE_TABLE|syncd contain "enable" in the redisdb. There was a problem hiding this comment. @stephenxs Oh, yes. We have 3 variables here representing almost the same thing (BOOT_TYPE, WARM_BOOT, TYPE) which confused me |
||
| debug "Stopping pmon service ahead of syncd..." | ||
| /bin/systemctl stop pmon | ||
|
There was a problem hiding this comment. do we need chipdown here? There was a problem hiding this comment.
I don't think so. But this should be double-checked with @nazariig There was a problem hiding this comment. @stephenxs since the pmon was removed from the config reload sequence, i suggest to do pmon stop for all cases. There was a problem hiding this comment. @nazariig @stephenxs How long does it take to stop pmon? If we do stop pmon for all cases it affects warm shutdown. In warm shutdown every second matters There was a problem hiding this comment. @stepanblyschak a couple of seconds and yes, it might affect warm-boot flow. There was a problem hiding this comment. @nazariig @stephenxs I must say that right now in master we are very close to the limit 3 lacp timeouts 90sec, which is going to be optimized, however a couple of seconds can kill the warm reboot flow. There was a problem hiding this comment. Yes. This is why pmon isn't stopped for warm-reboot. I suggest remaining the current logic. There was a problem hiding this comment. @stephenxs This is done in this way (e.g. SNMP is delayed, however such delay seems to me more like a hack) |
||
| debug "Stopped pmon service." | ||
stephenxs marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| fi | ||
|
|
||
| if [[ x$sonic_asic_platform != x"mellanox" ]] || [[ x$TYPE != x"cold" ]]; then | ||
| debug "${TYPE} shutdown syncd process ..." | ||
| /usr/bin/docker exec -i syncd /usr/bin/syncd_request_shutdown --${TYPE} | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stephenxs since you have removed pmon restart from CLI, we do not need this anymore.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stephenxs i suggest the next flow:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're correct. The original code prevents pmon from starting in warm-reboot flow.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am also considering to remove it. originally I intend to make a protection here so that if pmon is still alive after syncd died somehow we can make it sure that pmon is stopped to avoid racing condition. however it seems that this situation has never happened.
so if all of us think it's unnecessary I am going to remove it.
@keboliu @nazariig @stepanblyschak what's your opinion?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When system is booting pmon can start ahead of syncd. To solve this we can put protection here.
Another way to solve this is to only add syncd.service as "after" of pmon.service, just like what is done for syncd.service. see sonic-buildimage/files/build_templates/syncd.service.j2
@keboliu @nazariig @stepanblyschak
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stephenxs after warm-boot it looks like the pmon won't be restrtaed at all regardless of any user actions except explicit service restart. This can be an issue.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This has been fixed. I haven't yet uploaded the code. Just as what you suggested.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm afraid that the original implementation may have an issue. Consider the following flow:
at the beginning the pmon is not active, and then syncd.sh is scheduled out somehow just ahead of "chipdown", and then systemd is scheduled and starts pmon, and then pmon can run simultaneously with chipdown, the race condition formed and critical section broken.
is it possible?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To address this situation, we have two options,
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Having gone through all the flow, the difference compared to the original flow includes:
for config reload and swss restart, pmon stops ahead of syncd in the updated flow and after syncd in the original one.
for warm-reboot, in the original flow, the point when pmon starts can be one of the following 2 cases:
1. ahead of syncd started. in this case, the updated flow doesn't have any difference.
2. at any point after syncd. in this case, in the updated flow the pmon starts immediate after "chipdown" called, which means it may introduce a bit more latency for warm reboot. It can be demonstrated as the following (The "ORI FLOW" stands for the time sequence in the original flow and the "UDT FLOW" stands for that of the updated one):
ORI FLOW: --syncd starting------chip down--------syncd fully started-----pmon starting------
UDT FLOW: --syncd starting------chip down--pmon starting---syncd fully started-------------
Fortunately, per my test it is always the first case which means in most cases no extra latency introduced. However, if we decide to address the second case, we can do as [syncd.sh,pmon.service] Prevent pmon from starting ahead of syncd