8:19 p.m.
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621318#621318
--------------------------------------------------------------
This is a starting point for discussion for the support of transaction control in
conjunction with Remoting-based invocation. All the items in this document are subject to
discussion and revision! There will be a design conference call among the concerned
parties in which the details of these points will be worked out; afterwards, a revised
version of this document will be made available for any further discussion.
Problem:
It is required that in order to maintain the appropriate level of compatibility with
previous releases, the Remoting EJB transport must support a means by which the
transactional state of the server can be controlled. Historically, this has been
accomplished using a remote view of UserTransaction. This is simple to implement in a
"thin" client, and is described in the first solution section. However,
implementing this in the context of a server communicating with another server is
difficult. Thus another approach is proposed below for this scenario, which has been
described as "JTA inflow" or "JCA-style inflow".
Note that these two solutions are in addition to two other existing options: JTS and
simply not supporting transactions.
0. Definitions
0.1. Client invocation context - the context associated with a thread on the client side
of an invocation, which in turn relates to a specific Remoting connection providing its
transport.
1. Solution description (Remoting JTA client):
This solution applies to standalone, "thin" clients without a local transaction
manager.
1.1. Client API and invocation
1.1.1. The client will control transactions on the server using a variation of the
UserTransaction interface, which may be accessed via JNDI or other mechanisms in place of
a TM-provided UserTransaction implementation.
1.1.2. Any initiated transaction will be associated with the client thread and client
invocation context, and assigned a simple ID which is associated with remote invocations
made by that thread during its duration.
1.1.3. The implementation of this interface will use a simple Remoting-based protocol to
forward the method invocations to the server along with the ID of the transaction in
question. (A connection may be shared across multiple client threads, thus it is possible
for one connection to control many transactions.)
1.1.4. Upon invocation, the client will attach the ID associated with the current
thread's transaction to the invocation as a "transaction ID attachment" as
it is executed.
1.2. Server side
1.2.1. Incoming transaction control commands cause transactions to be begun, committed,
and rolled back.
1.2.2. Begun transactions are suspended and the resultant Transaction object is associated
with the connection, along with the ID of the transaction.
1.2.3. Incoming invocations with a transaction ID attachment are associated with the
suspended Transaction, and the Transaction is resumed for the duration of the method
invocation.
1.2.4. If the client session is lost or terminated, any outstanding Transactions are
rolled back.
1.3. Unaddressed issues
1.3.1. Transaction timeout control
2. Solution description (Remoting JTA inflow):
This solution applies to servers with a local transaction manager.
2.1. Invocation, client side
2.1.1. Upon invocation, the client will locate (via the local TransactionManager) the
current active Transaction and enlist into it an XAResource instance corresponding to the
client invocation context.
2.1.2. The Xid and any pertinent ancillary information regarding the current transaction
which were provided to the XAResource will be attached to the invocation as a
"transaction inflow attachment" as it is executed.
2.1.2.1. Xid propagation should rely on a byte representation, not a serialized object, in
order to support multiple marshalling schemes.
2.1.3. Transaction control methods invoked upon the XAResource will be forwarded as
commands over the Remoting channel to the server.
2.2. Invocation, server side
2.2.1. Incoming invocations which have a transaction inflow attachment will trigger the
use of an interceptor which utilizes the XATerminator (or equivalent) interface to import
the transaction for the duration of the invocation execution.
2.2.2. Incoming XAResource commands will be translated into invocations on the local
XATerminator (or equivalent) to carry out transaction completion.
2.2.3. If the client session is lost or terminated, any open transactions are rolled back;
any prepared but incomplete transactions have to be recovered manually.
2.3. Recovery
2.3.1. The client is expected to use "JTA top-down recovery", which will treat
the participating server(s) as additional local resources to recover. The client is
always treated as the originator of the transaction.
2.3.2. The client invocation context must expose a means to acquire its XAResource in
order to facilitate local recovery.
2.4. Unaddressed Issues
2.4.1. Transaction timeout control
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621318#621318]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
1:54 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621427#621427
--------------------------------------------------------------
Some initial thoughts/questions:
a) what do you mean by "unaddressed issues - transaction timeout control"?
b) since this is distributed transactions (context propagation, commit protocol
termination etc.) have you considered the scope of the testing that needs to be done in
order to ensure this works in *all* cases?
c) "any prepared but incomplete transactions have to be recovered manually"?
d) in case 2, where the client is within the same container as a tm instance, which tm is
it trying to control/invoke? The remote one (in the other container instance) or the local
one? Because we seem to have gone from controlling transactions (begin, commit, rollback)
in the first scenario, to really doing distributed transactions in the second scenario. As
you can imagine, these are very different situations.
e) what about interoposition, particularly in the case where A calls B calls C calls D,
and maybe even D calls A?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621427#621427]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
1:56 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621432#621432
--------------------------------------------------------------
And of course another option is to replace JacORB with another IIOP implementation.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621432#621432]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
1:58 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jonathan Halliday [http://community.jboss.org/people/jhalliday] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621445#621445
--------------------------------------------------------------
re: ( 1 ) Whilst the remote UserTransaction model is easy to implement, it's tricky
to document. It behaves in an intuitive fashion only for a very limited, albeit common,
set of use cases. For more complex scenarios its inherent limitations manifest in ways
that can be confusing to users. The cost of this solution must be evaluated not just in
terms of implementation time, but in documentation and ongoing support cost.
re: ( 2 ) JCA inflow was either designed for propagation to leaf nodes only, or incredibly
badly thought out. Either way, the result is a model that simply isn't capable enough
for a full distributed transaction solution. So, once again you're going to wind up
with unintuitive behaviour and limitations for some use cases. For example, you can't
register more than one resource with an inflowed transaction, you can't allow a
context to be flowed into a node by more than one route and you need to register each
subordinate node in the parent for recovery purposes. So, whilst this may provide a faster
alternative to RMI/IIOP for simple use cases, it's not going to be an acceptable
substitute for more advanced cases. Offering it alongside the traditional RMI/IIOP model
is going to have implications beyond just the initial engineering, so the discussion may
require input from docs, support and QE too. I'm pretty sure that e.g. support will
tell you it is unacceptable to ship a solution that may require manual transaction
cleanup. We've had a small number of corner cases in JTA that suffered that limitation
and eliminating them and the support load they generate has been a high priority for the
transaction development work. Intentionally introducing new ones is definitely in the
category of Bad Ideas.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621445#621445]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:01 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621460#621460
--------------------------------------------------------------
Jonathan Halliday wrote:
re: ( 1 ) Whilst the remote UserTransaction model is easy to implement, it's tricky
to document. It behaves in an intuitive fashion only for a very limited, albeit common,
set of use cases. For more complex scenarios its inherent limitations manifest in ways
that can be confusing to users. The cost of this solution must be evaluated not just in
terms of implementation time, but in documentation and ongoing support cost.
re: ( 2 ) JCA inflow was either designed for propagation to leaf nodes only, or
incredibly badly thought out. Either way, the result is a model that simply isn't
capable enough for a full distributed transaction solution. So, once again you're
going to wind up with unintuitive behaviour and limitations for some use cases. For
example, you can't register more than one resource with an inflowed transaction, you
can't allow a context to be flowed into a node by more than one route and you need to
register each subordinate node in the parent for recovery purposes. So, whilst this may
provide a faster alternative to RMI/IIOP for simple use cases, it's not going to be an
acceptable substitute for more advanced cases. Offering it alongside the traditional
RMI/IIOP model is going to have implications beyond just the initial engineering, so the
discussion may require input from docs, support and QE too. I'm pretty sure that e.g.
support will tell you it is unacceptable to ship a solution that may require manual
transaction cleanup. We've had a small number of corner cases in JTA that suffered
that limitation and eliminating them and the support load they generate has been a high
priority for the transaction development work. Intentionally introducing new ones is
definitely in the category of Bad Ideas.
Rather than flinging FUD at the only two possible approaches that are available to us, can
you be more specific than "Bad Idea" or "some complex scenarios" or
"badly thought out" or "not capable enough" or "unintuitive
behavior" or "limitations" or "not acceptable substitute"? This
really is not productive. Better still, explain specific issues in specific scenarios
that apply to each approach, and why that issue is valid under the Remoting client/server
architecture?
Also - only one resource for inflowed transactions? How is that not a serious deficiency
in our implementation? You're basically saying that an MDB can never access more than
one resource. That's a major problem in and of itself.
Finally "unacceptable to ship a solution that may require manual transaction
cleanup" - you should know that any two-phase transaction system may require manual
transaction cleanup; that's the nature of two-phase transactions. You'll have to
be more specific about the circumstances in which it is not acceptable to require manual
cleanup. I'm pretty sure that if someone unplugs the ethernet cable of the
transaction coordinator after prepare but before commit, there's going to have to be
some manual cleanup.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621460#621460]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:01 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621462#621462
--------------------------------------------------------------
David Lloyd wrote:
Finally "unacceptable to ship a solution that may require manual transaction
cleanup" - you should know that any two-phase transaction system may require manual
transaction cleanup; that's the nature of two-phase transactions. You'll have to
be more specific about the circumstances in which it is not acceptable to require manual
cleanup. I'm pretty sure that if someone unplugs the ethernet cable of the
transaction coordinator after prepare but before commit, there's going to have to be
some manual cleanup.
So does this answer my question c) too? Are you saying that "any prepared but
incomplete transactions have to be recovered manually" is only a reference to
heuristic outcomes?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621462#621462]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:01 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621464#621464
--------------------------------------------------------------
Mark Little wrote:
And of course another option is to replace JacORB with another IIOP implementation.
Jonathan tells us this is prohibitive from a resource perspective. In any case, I do not
believe this would create a substantial enough improvement in performance, even if that
were the only issue with going the IIOP-only route.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621464#621464]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:01 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621463#621463
--------------------------------------------------------------
Mark Little wrote:
Some initial thoughts/questions:
a) what do you mean by "unaddressed issues - transaction timeout control"?
I mean that I haven't addressed the issue of transaction timeout control.
Mark Little wrote:
b) since this is distributed transactions (context propagation, commit protocol
termination etc.) have you considered the scope of the testing that needs to be done in
order to ensure this works in *all* cases?
Keeping in mind that this is nowhere near the only process of this complexity to be tested
- and no, don't trot out "it's more complex than you think" unless you
want to enumerate specific cases (which will probably then be appropriated into additional
tests) - I think we'd follow the same approach we'd follow for testing other
things. We'd unit test the protocol of course, and test to ensure that the
implementation matches the specification, and verify that the protocol handlers on either
"end" forward to the proper APIs.
If you're asking "can we write automated tests to prove the validity of the
approach", well no we can't; we're just coding against existing contracts,
and if those are "wrong", well, that fix needs to happen in a different
context.
Mark Little wrote:
c) "any prepared but incomplete transactions have to be recovered manually"?
That's just another way of saying we don't have any special, magical auto-recovery
"stuff" that isn't provided by the transaction coordinator (which might well
have some magical auto-recovery "stuff"). There might be a better way to
express that.
Mark Little wrote:
d) in case 2, where the client is within the same container as a tm instance, which tm is
it trying to control/invoke? The remote one (in the other container instance) or the local
one? Because we seem to have gone from controlling transactions (begin, commit, rollback)
in the first scenario, to really doing distributed transactions in the second scenario. As
you can imagine, these are very different situations.
In case 1, the client has no TM and it uses a remote UserTransaction interface to directly
control the remote TM. In case 2, the client is using the local TM to control
transactions, and is treating the remote TM as an enrolled resource into the current
transaction.
Case 1 cannot be made to work when a local TM is present without adding some notion in the
EE layer to determine whether it should use the local UserTransaction or the remote one.
This is possible but is a possibly significant amount of work.
Mark Little wrote:
e) what about interoposition, particularly in the case where A calls B calls C calls D,
and maybe even D calls A?
Theoretically each successive "step" will treat
the TM of the subsequent "step" as a participating resource. As to D calling A,
that will only work if the TM is clever enough to figure out what's happening (I
don't see why it wouldn't as the Xid should, well, identify the transaction so A
should recognize its own; but that's why we're having this discussion).
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621463#621463]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:02 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621467#621467
--------------------------------------------------------------
Mark Little wrote:
> David Lloyd wrote:
>
> Finally "unacceptable to ship a solution that may require manual transaction
cleanup" - you should know that any two-phase transaction system may require manual
transaction cleanup; that's the nature of two-phase transactions. You'll have to
be more specific about the circumstances in which it is not acceptable to require manual
cleanup. I'm pretty sure that if someone unplugs the ethernet cable of the
transaction coordinator after prepare but before commit, there's going to have to be
some manual cleanup.
So does this answer my question c) too? Are you saying that "any prepared but
incomplete transactions have to be recovered manually" is only a reference to
heuristic outcomes?
Let me frame it in terms of the SPIs we're dealing with.
If a transaction is prepared (XATerminator.prepare()) and then the connection is lost,
then the transaction is "stuck" in the prepared state - we aren't going to
do anything about that at the protocol level. But presumably the transaction coordinator
would be able to automatically recover once the resource was made available again, as the
transaction isn't "busted", it's just not fully completed.
If the same scenario exists but the commit was received and acted upon (but it failed),
then I guess this is what you refer to as a heuristic outcome, and, well we're not
going to deal with that either; presumably our recovery tooling will work exactly the same
way in this case as it does in the case where the same thing happens to your database
connection.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621467#621467]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:02 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621469#621469
--------------------------------------------------------------
David Lloyd wrote:
> Mark Little wrote:
>
> And of course another option is to replace JacORB with another IIOP implementation.
Jonathan tells us this is prohibitive from a resource perspective. In any case, I do not
believe this would create a substantial enough improvement in performance, even if that
were the only issue with going the IIOP-only route.
I don't know about the resource perspective at this point, but I know it would be a
lot less than writing another distributed transactions protocol ;-) I ported the C++ and
Java transaction services to pretty much every C++ or Java ORB on the planet by 2005.
As to performance? That really depends what we're trying to achieve and when. It's
an option. Whether it's the right option in the long term and for all use cases, I
don't think anyone can say precisely at this point.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621469#621469]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:02 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621472#621472
--------------------------------------------------------------
"I mean that I haven't addressed the issue of transaction timeout control."
What issues? The timeout is controlled by the coordinator, not the client. Or by
"control" do you mean setTimeout calls?
"Keeping in mind that this is nowhere near the only process of this complexity to be
tested - and no, don't trot out "it's more complex than you think"
unless you want to enumerate specific cases (which will probably then be appropriated into
additional tests) - I think we'd follow the same approach we'd follow for testing
other things. We'd unit test the protocol of course, and test to ensure that the
implementation matches the specification, and verify that the protocol handlers on either
"end" forward to the proper APIs."
Go take a look at the QA tests for JBossTS. You'll see that a sh*t load of them are
covering recovery. And then take a look at XTS and REST-AT. You'll see that a sh*t
load of them are covering recovery. Want to take a wild stab in the dark why that might be
the case ;-)? Yes, it's complex. It's got to be fault tolerant, so we have to test
all of the cases. There are no edge-cases with transactions: it either works or it fails.
Unit tests aren't sufficient for this.
"That's just another way of saying we don't have any special, magical
auto-recovery "stuff" that isn't provided by the transaction coordinator
(which might well have some magical auto-recovery "stuff"). There might be a
better way to express that."
Let me try and rephrase and let me know if I get it wrong: you assume that existing
recovery approaches are sufficient for this and nothing new will need to be invented?
"In case 1, the client has no TM and it uses a remote UserTransaction interface to
directly control the remote TM. In case 2, the client is using the local TM to control
transactions, and is treating the remote TM as an enrolled resource into the current
transaction."
Yeah, so it's interposition. Like I said, these are two difference scenarios.
"Case 1 cannot be made to work when a local TM is present without adding some notion
in the EE layer to determine whether it should use the local UserTransaction or the remote
one. This is possible but is a possibly significant amount of work."
How significant? If we're putting all options on the table then this needs to be there
too.
"Theoretically each successive "step" will treat the TM of the subsequent
"step" as a participating resource. As to D calling A, that will only work if
the TM is clever enough to figure out what's happening (I don't see why it
wouldn't as the Xid should, well, identify the transaction so A should recognize its
own; but that's why we're having this discussion)."
Please go take a look at what we have to do for interposition in JTS. And it's not
because JTS is more complex than it needs to be: interposition is a fundamental concept
within distributed transactions and the problems, optimisations, recovery semantics etc.
are there no matter what object model or distribution approach you use. Take a look at XTS
too, for instance.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621472#621472]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:02 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621474#621474
--------------------------------------------------------------
"If a transaction is prepared (XATerminator.prepare()) and then the connection is
lost, then the transaction is "stuck" in the prepared state - we aren't
going to do anything about that at the protocol level. But presumably the transaction
coordinator would be able to automatically recover once the resource was made available
again, as the transaction isn't "busted", it's just not fully
completed."
Well that really depends upon what the participant does or, even worse, what other
participants do in the same transaction. For instance, it could decide to autonomously
roll back, and in which case we're in heuristic land. So the transaction could well be
"busted" in as much as we now risk not having an atomic outcome. Some error
codes from XA allow for the transaction manager to periodically retry operations on the
RM. A heuristic isn't one of them.
"If the same scenario exists but the commit was received and acted upon (but it
failed), then I guess this is what you refer to as a heuristic outcome, and, well
we're not going to deal with that either; presumably our recovery tooling will work
exactly the same way in this case as it does in the case where the same thing happens to
your database connection."
No, in the scenario you just mentioned the recovery subsystem would retry and either get
back a "didn't you get my message" response (c.f. XTS) or eventually decide
that the RM did commit and it missed the message. Remember that we're using presumed
abort semantics here.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621474#621474]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:03 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621478#621478
--------------------------------------------------------------
Could you outline the pros and cons of the current approaches we have in AS5/AS6? I know
we've discussed them elsewhere already, but it would be good to capture it all here.
For instance, why you believe that IIOP isn't right.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621478#621478]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:05 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621483#621483
--------------------------------------------------------------
Mark Little wrote:
> David Lloyd wrote:
>
> > Mark Little wrote:
> >
> > And of course another option is to replace JacORB with another IIOP
implementation.
>
> Jonathan tells us this is prohibitive from a resource perspective. In any case, I
do not believe this would create a substantial enough improvement in performance, even if
that were the only issue with going the IIOP-only route.
I don't know about the resource perspective at this point, but I know it would be a
lot less than writing another distributed transactions protocol ;-) I ported the C++ and
Java transaction services to pretty much every C++ or Java ORB on the planet by 2005.
As to performance? That really depends what we're trying to achieve and when.
It's an option. Whether it's the right option in the long term and for all use
cases, I don't think anyone can say precisely at this point.
Okay, well
we've proposed more than once to move off of JacORB. I'd be in favor for sure.
But I think that's a peripheral topic at this point.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621483#621483]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:05 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621485#621485
--------------------------------------------------------------
David Lloyd wrote:
> Mark Little wrote:
>
> > David Lloyd wrote:
> >
> > > Mark Little wrote:
> > >
> > > And of course another option is to replace JacORB with another IIOP
implementation.
> >
> > Jonathan tells us this is prohibitive from a resource perspective. In any
case, I do not believe this would create a substantial enough improvement in performance,
even if that were the only issue with going the IIOP-only route.
>
> I don't know about the resource perspective at this point, but I know it would
be a lot less than writing another distributed transactions protocol ;-) I ported the C++
and Java transaction services to pretty much every C++ or Java ORB on the planet by 2005.
>
> As to performance? That really depends what we're trying to achieve and when.
It's an option. Whether it's the right option in the long term and for all use
cases, I don't think anyone can say precisely at this point.
Okay, well we've proposed more than once to move off of JacORB. I'd be in favor
for sure. But I think that's a peripheral topic at this point.
I'm not so sure it is. If moving off it to, say, the one in the JDK gives us better
performance, then this could well be a case where "good enough" is "good
enough", at least for AS 7.x. Longer term is obviously different. Anyway, no
decisions at this point, but good to have all of the options available.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621485#621485]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:06 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621489#621489
--------------------------------------------------------------
Mark Little wrote:
"I mean that I haven't addressed the issue of transaction timeout
control."
What issues? The timeout is controlled by the coordinator, not the client. Or by
"control" do you mean setTimeout calls?
Exactly. It's just a question
of how these get propagated, which seems somewhat outside of the core of this solution.
It's only mentioned because it's in the SPIs.
Mark Little wrote:
"Keeping in mind that this is nowhere near the only process of this complexity to be
tested - and no, don't trot out "it's more complex than you think"
unless you want to enumerate specific cases (which will probably then be appropriated into
additional tests) - I think we'd follow the same approach we'd follow for testing
other things. We'd unit test the protocol of course, and test to ensure that the
implementation matches the specification, and verify that the protocol handlers on either
"end" forward to the proper APIs."
Go take a look at the QA tests for JBossTS. You'll see that a sh*t load of them are
covering recovery. And then take a look at XTS and REST-AT. You'll see that a sh*t
load of them are covering recovery. Want to take a wild stab in the dark why that might be
the case ;-)? Yes, it's complex. It's got to be fault tolerant, so we have to test
all of the cases. There are no edge-cases with transactions: it either works or it fails.
Unit tests aren't sufficient for this.
Well, it's always good to have a set
of existing projects to draw test scenarios from. But otherwise I don't think this is
directly relevant to the discussion: unless you're saying "we must test these 200
different scenarios before I let you type 'git commit'". We need high
quality, detailed tests for every subsystem. For example having thorougly tested
transactions doesn't do us a lot of good if, for example, our JPA implementation or
HornetQ or something was writing corrupt data. I mean everything needs thorough testing.
Just the fact that these other projects have lots of tests covering recovery doesn't
mean that those tests are necessary, and on the other hand, there may be many scenarios
unaccounted-for in these tests as well. AS is riddled with highly complex systems that
need detailed testing.
If we use an SPI with a documented contract, it is not unreasonable to expect that
contract to be met by its implementation. If the contract is +not+ met by the
implementation, yeah that's a bug, but saying that it's the responsibility of
every project consuming that SPI to verify that its implementation(s) meet the SPI
contract is crazy. Yeah we may introduce a test here or there to catch regression in the
target project, but even this is not strictly necessary as the target project should be
doing this!
In this particular case (solution 2 that is), we're specifying an implementation for
XAResource, a transport for it, and an endpoint which controls XATerminator; this says to
me that our tests can be limited in scope to testing this mechanism from end to end. As I
said if we have other projects we can draw recovery scenarios from, that's fine, and
we will do so. I don't know what else to tell you.
Mark Little wrote:
"That's just another way of saying we don't have any special, magical
auto-recovery "stuff" that isn't provided by the transaction coordinator
(which might well have some magical auto-recovery "stuff"). There might be a
better way to express that."
Let me try and rephrase and let me know if I get it wrong: you assume that existing
recovery approaches are sufficient for this and nothing new will need to be invented?
Yes, that is my assumption, as we are using existing propagation mechanisms.
Mark Little wrote:
"In case 1, the client has no TM and it uses a remote UserTransaction interface to
directly control the remote TM. In case 2, the client is using the local TM to control
transactions, and is treating the remote TM as an enrolled resource into the current
transaction."
Yeah, so it's interposition. Like I said, these are two difference scenarios.
"Case 1 cannot be made to work when a local TM is present without adding some notion
in the EE layer to determine whether it should use the local UserTransaction or the remote
one. This is possible but is a possibly significant amount of work."
How significant? If we're putting all options on the table then this needs to be
there too.
The problem is that we'd need some way to control which kind of
UserTransaction is pulled from JNDI and thus injected into EE components. This can depend
on what the user intends to do with it; thus we'd need to isolate many use cases and
figure out what level this should be done at (deployment? component? server-wide?), and we
need to do some analysis to determine where and how the remote server connection(s) should
be specified and associate the two somehow. We're basically choosing between TMs on a
per-operation basis. This type of configuration is unprecedented as far as I know - I
think the analysis would take as long as the implementation, if not longer. Because it is
not known exactly how this should look, I can't say how much effort this is going to
be other than "lots".
Mark Little wrote:
"Theoretically each successive "step" will treat the TM of the subsequent
"step" as a participating resource. As to D calling A, that will only work if
the TM is clever enough to figure out what's happening (I don't see why it
wouldn't as the Xid should, well, identify the transaction so A should recognize its
own; but that's why we're having this discussion)."
Please go take a look at what we have to do for interposition in JTS. And it's not
because JTS is more complex than it needs to be: interposition is a fundamental concept
within distributed transactions and the problems, optimisations, recovery semantics etc.
are there no matter what object model or distribution approach you use. Take a look at XTS
too, for instance.
Yeah but keep in mind that we're dealing in a strict
hierarchy here, there are no peers. The transaction isn't so much
"distributed" as it is "controlled"; caller always dominates callee.
This if D calls A the behavior I'd +expect+ would be that A would treat the imported
work as a different or subordinate transaction; it need not really have any direct
knowledge that the two are related since the D→A relationship is controlled by D, and the
C→D relationship is controlled by C, etc. If the D→A outcome is in doubt then it's up
to D to resolve that branch, not A. But that's just my ignoramus opinion.
When it comes to reality, this situation is extremely unlikely to occur even in the
weirdest situations I've ever heard of. The reason is that if you've got two
nodes invoking on each other, it is highly likely that they are within the same
"tier", which greatly increases the likelihood that they could simply run JTS
and be done.
Here's what I consider to be a likely, real-world scenario:
Host A runs a thin client which uses the "solution 1" mechanism to control the
transaction when it talks to Host B.
Host B runs a "front" tier which is isolated by firewall. This tier has one or
more local transactional databases or caches, and a local TM. The services running on B
also perform EJB invocations on Host C.
Host C is the "rear" tier separated from B by one or more layer of firewall, and
maybe even a public network. B talks to C via remoting, using "solution 2" to
propagate transactions to it, using the client/server style of invocation.
Host C participates in a peer-to-peer relationship with other services on Hosts D, E, and
F in the same tier, using Remoting or IIOP but using JTS to coordinate the transaction at
this level since C, D, E, and F all mutulally execute operations on one another (and
possibly each consume local resources) in a distributed object graph style of invocation.
Note you can substitue A and B with an EIS and everything should be exactly the same
(except that recovery processes would be performed by the EIS rather than by B's TM).
Everything I understand about transaction processing (which is definitely at least as much
as a "joe user") says that there's no reason this shouldn't "just
work". And we should be able to utilize existing transaction recovery mechanisms as
well.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621489#621489]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:08 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621497#621497
--------------------------------------------------------------
Mark Little wrote:
Could you outline the pros and cons of the current approaches we have in AS5/AS6? I know
we've discussed them elsewhere already, but it would be good to capture it all here.
For instance, why you believe that IIOP isn't right.
When it comes around to
transaction control for the native invocation layer, as far as I am aware AS 5/6 only has
the ClientUserTransaction approach (basically equivalent to "solution 1"). This
is fine as far as it goes, but as I have said previously, integrating this at a server
level is problematic.
The cons of the AS5/6 native approach are obvious: no transaction propagation, limited
transaction control. And the problems in the existing transport implementation are
well-known.
As far as IIOP goes, I don't believe that it's "not right" per se; I do
believe that there are valid use cases which make IIOP (in general) less than opimal, for
example in the case where network topology or security environment makes it undesirable
(either in terms of security, performance, configurability, etc.; for example to run many
different protocols across a single physical connection or to use OTP-style
authentication). CORBA is complex no matter how you slice it, sometimes prohibitively
so. But that's my opinion which is really irrelevant here; as I said if we decide as
an organization (via the proper channels) to completely ditch the native transport in
favor of a full investment in CORBA/IIOP then I will do so happily (I definitely have a
lot of other stuff to be working on), though I do personally believe that in this case
that we would be passing up the opportunity to make something really special which
perfectly fits a real need.
The IIOP question is really about distributed object relationships versus client/server
hierarchical relationships. This is an old ideological debate of the absolute worst kind
which I will not be a part of, apart from saying that I see the merit of both
architectures and believe we should support both.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621497#621497]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:16 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jonathan Halliday [http://community.jboss.org/people/jhalliday] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621512#621512
--------------------------------------------------------------
> I'm pretty sure that e.g. support will tell you it is
unacceptable to ship a solution that may require manual transaction cleanup. We've had
a small number of corner cases in JTA that suffered that limitation and eliminating them
and the support load they generate has been a high priority for the transaction
development work. Intentionally introducing new ones is definitely in the category of Bad
Ideas.
can you be more specific than "Bad Idea"
Sure, explaining the chain of reasoning behind that one is easy:
Red Hat ships products and offers support on them. That support is fixed price based on
SLA, not proportional to the number of tickets filed. On the other hand, support costs
scale as a function of the number of issues reported. Thus the less support work we have
to do, the lower our cost and the higher our profit. Intentionally building and shipping
something we know is going to increase support load is contra-survival and therefore a Bad
Idea.
> [remote UserTransaction] ... behaves in an intuitive fashion only
for a very limited, albeit common, set of use cases. For more complex scenarios its
inherent limitations manifest in ways that can be confusing to users.
or "some complex scenarios"
yup, I can give you a some of them too:
1) The 'client' is actually another AS instance, either of the same or earlier
vintage, doing JNDI lookup of UserTransaction against a remote AS7.
2) The client wants to talk to two remote AS instances in the same tx.
3) The client is an environment that has its own UserTransaction implementation. This is
actually just a more general version of case 1). but in which you can't use tricks
like patching the client side lookup to return your actual UserTransaction instead of the
remote proxy.
4) you want to support load balancing or failover for the client-server connection.
> JCA inflow was either designed for propagation to leaf nodes
only, or incredibly badly thought out.
or "badly thought out"
yup, although it's really pretty obvious: The JCA inflow API uses an Xid as a poor
man's transaction propagation context. Xids were designed only for control flow
between a transaction manager and a resource manager, not for use in multi-level trees.
The JCA has no provision for allowing subordinates to create new branches in the global
transaction. For that it would have to pass in a mask of free bits in the bqual array as
well as the Xid to the subordinate. Indeed the JCA expressly prohibits the container
handling the inflow from altering the Xid. It has to remain immutable because without any
knowledge of which bits can safely be mutated, the container can't guarantee to
generate uniq Xids, a property which is required by the spec.
or "not capable enough"
The XA spec expects that each resource manager (give or take its XAResource's isSameRM
implementation) gets its own branch i.e. uniq Xid. With inflowed Xids you can't
generate new Xids to meet that expectation, you have to use the inflowed one verbatim.
That causes problems with the state machine for the XA protocol lifecycle, as it's
tied to the Xid. For example, if the inflowed tx is used to connect to two resource
managers, you can't recover from crashes cleanly as the recovery mechanism is tracking
state on the assumption that the Xid belongs to at most one RM and once it has cleaned
that one up it's done. Actually on further thought even an upper limit of one is
optimistic - the Xid contains the node Id of the originating parent and that parent may
connect to the same resource manager, in which case it's going to incorrectly manage
the lifecycle because it can't distinguish the XAResource representing the subordinate
tx from the one representing the RM as they have the same Xid. That last case is an
artifact of our implementation rather than the spec though.
or "unintuitive behavior"
yup, I can give you one for that too - the afterCompletions run relative to the commit in
the local node where they are registered, which may actually be before the commit in
another node and not correctly reflect heuristics outcomes or be suitable for triggering
subsequent steps in a process that depend on running after commits in the other nodes.
Likewise beforeCompletions run relative to the prepare in the local node, thus may run
after a prepare in another node. In the best case that's merely inefficient, in the
worst case, where resource managers are shared, it causes a flush of cached data to occur
after a prepare, which will fail. It that's not complicated enough for you, take the
inflowed transaction context and make a transactional call back to the originating parent
server. fun, fun.
Also - only one resource for inflowed transactions? How is that not
a serious deficiency in our implementation?
It's a deficiency in the JCA spec, see above. The spec assumes the inflowed container
is a leaf node i.e. RM, not a subordinate coordinator. There are some hacky things we can
potentially do to work around that limitation in the spec without outright breaking
compliance. They were on my list of things to do in the transactions upstream, but I seem
to be a bit busy with AS integration issues instead :-)
You're basically saying that an MDB can never access more than
one resource. That's a major problem in and of itself.
Not at all. MDBs don't normally run in inflowed transactions. The server hosting the
MDB container starts a top level transaction, enlists the JMS as a resource manager and
additionally enlists any resource managers the MDB calls e.g. a database. It's a flat
structure, not a hierarchic one.
Finally "unacceptable to ship a solution that may require manual
transaction cleanup" - you should know that any two-phase transaction system may
require manual transaction cleanup; that's the nature of two-phase transactions.
sure, but they are the small number of outcomes that result from one or more of the
players not behaving in accordance with the spec e.g. resource managers making autonomous
outcome decisions. We don't automatically do anything about those because we simply
can't - that's the point at which the spec basically says 'give up, throw a
heuristic and let a human deal with the mess'. You're talking about the much more
numerous expected failure cases that can be handled under automatically under the spec.
Indeed exactly the kinds of run of the mill system failures a distributed transaction
protocol is designed to protect a user against. Intentionally shipping a non spec
compliant XAResource implementation that will result in a support case for many of those
common failures is borderline business suicide, see above.
I'm pretty sure that if someone unplugs the ethernet cable of the
transaction coordinator after prepare but before commit, there's going to have to be
some manual cleanup.
Really? Got a test case for that? Other than the one a certain competitor wrote and we
soundly refuted as FUD? Because I've got an extensive test suite that shows no such
outcomes. Well, except for MS SQLServer and mysql, neither of which is fully XA compliant
at present. Ensuring clean transaction completion in crash situations is exactly what the
transaction manager is for after all.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621512#621512]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:18 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621519#621519
--------------------------------------------------------------
David Lloyd wrote:
> Mark Little wrote:
>
> "I mean that I haven't addressed the issue of transaction timeout
control."
>
> What issues? The timeout is controlled by the coordinator, not the client. Or by
"control" do you mean setTimeout calls?
Exactly. It's just a question of how these get propagated, which seems somewhat
outside of the core of this solution. It's only mentioned because it's in the
SPIs.
OK, so let's ignore this for now. In the grand scheme of things it's trivial.
> Mark Little wrote:
>
> "Keeping in mind that this is nowhere near the only process of this complexity
to be tested - and no, don't trot out "it's more complex than you think"
unless you want to enumerate specific cases (which will probably then be appropriated into
additional tests) - I think we'd follow the same approach we'd follow for testing
other things. We'd unit test the protocol of course, and test to ensure that the
implementation matches the specification, and verify that the protocol handlers on either
"end" forward to the proper APIs."
>
> Go take a look at the QA tests for JBossTS. You'll see that a sh*t load of them
are covering recovery. And then take a look at XTS and REST-AT. You'll see that a sh*t
load of them are covering recovery. Want to take a wild stab in the dark why that might be
the case ;-)? Yes, it's complex. It's got to be fault tolerant, so we have to test
all of the cases. There are no edge-cases with transactions: it either works or it fails.
Unit tests aren't sufficient for this.
Well, it's always good to have a set of existing projects to draw test scenarios
from. But otherwise I don't think this is directly relevant to the discussion: unless
you're saying "we must test these 200 different scenarios before I let you type
'git commit'". We need high quality, detailed tests for every subsystem.
For example having thorougly tested transactions doesn't do us a lot of good if, for
example, our JPA implementation or HornetQ or something was writing corrupt data. I mean
everything needs thorough testing. Just the fact that these other projects have lots of
tests covering recovery doesn't mean that those tests are necessary, and on the other
hand, there may be many scenarios unaccounted-for in these tests as well. AS is riddled
with highly complex systems that need detailed testing.
I'm saying that if we are talking about developing a new distributed transaction
protocol using JBR instead of CORBA, then I will need to see all of the transactions use
cases we have covered in QA pass against this new implementation. Call me overly
pessimistic, but even if you think that the scenario is narrowly focussed/self contained,
I like the nice warm fuzzy feeling that passing QA tests brings.
In this particular case (solution 2 that is), we're specifying
an implementation for XAResource, a transport for it, and an endpoint which controls
XATerminator; this says to me that our tests can be limited in scope to testing this
mechanism from end to end. As I said if we have other projects we can draw recovery
scenarios from, that's fine, and we will do so. I don't know what else to tell
you.
And the A->B->C scenario simply isn't possible?
> "Case 1 cannot be made to work when a local TM is present
without adding some notion in the EE layer to determine whether it should use the local
UserTransaction or the remote one. This is possible but is a possibly significant amount
of work."
>
> How significant? If we're putting all options on the table then this needs to be
there too.
The problem is that we'd need some way to control which kind of UserTransaction is
pulled from JNDI and thus injected into EE components. This can depend on what the user
intends to do with it; thus we'd need to isolate many use cases and figure out what
level this should be done at (deployment? component? server-wide?), and we need to do some
analysis to determine where and how the remote server connection(s) should be specified
and associate the two somehow. We're basically choosing between TMs on a
per-operation basis. This type of configuration is unprecedented as far as I know - I
think the analysis would take as long as the implementation, if not longer. Because it is
not known exactly how this should look, I can't say how much effort this is going to
be other than "lots".
Interestingly we've had several TS f2f meetings
where the discussion has arisen around running local JTA and remote JTA (JTS) in the same
container. Jonathan can say more on this, since he was driving those thoughts.
However, let's assume for the sake of argument that initially we decide that in any
container-to-container interactions that require transactions you either have to use HTTP,
SOAP/HTTP or IIOP, but want to leave the door open for other approaches later, would we be
having a different discussion? We discussed suitable abstractions earlier, which could be
independent of any commitment to changes at this stage, so I'm still trying to figure
out what all of those abstractions would be.
> Mark Little wrote:
>
> "Theoretically each successive "step" will treat the TM of the
subsequent "step" as a participating resource. As to D calling A, that will
only work if the TM is clever enough to figure out what's happening (I don't see
why it wouldn't as the Xid should, well, identify the transaction so A should
recognize its own; but that's why we're having this discussion)."
>
> Please go take a look at what we have to do for interposition in JTS. And it's
not because JTS is more complex than it needs to be: interposition is a fundamental
concept within distributed transactions and the problems, optimisations, recovery
semantics etc. are there no matter what object model or distribution approach you use.
Take a look at XTS too, for instance.
Yeah but keep in mind that we're dealing in a strict hierarchy here, there are no
peers. The transaction isn't so much "distributed" as it is
"controlled"; caller always dominates callee. This if D calls A the behavior
I'd +expect+ would be that A would treat the imported work as a different or
subordinate transaction; it need not really have any direct knowledge that the two are
related since the D→A relationship is controlled by D, and the C→D relationship is
controlled by C, etc. If the D→A outcome is in doubt then it's up to D to resolve that
branch, not A. But that's just my ignoramus opinion.
Controlling the
transaction termination protocol is definitely a parent/child relationship; that much is
obvious. However, I still don't see how you can say that A->B->C->D isn't
possible (remember that each of these letters represents an AS instance). So the
transaction flows between (across) 4 AS instances. It could even be
A->B|C->D|E->A, i.e., a (extended) diamond shape if you draw it out.
When it comes to reality, this situation is extremely unlikely to occur even in the
weirdest situations I've ever heard of. The reason is that if you've got two
nodes invoking on each other, it is highly likely that they are within the same
"tier", which greatly increases the likelihood that they could simply run JTS
and be done.
"Unlikely" isn't a term I like when thinking about
transactions. We're supposed to be working with (probabilistic) guarantees. As
I've said a few times, I believe there is a lot more to this problem than first
thought, so it needs to be more carefully discussed, designed/architected and, presumably,
implemented.
Here's what I consider to be a likely, real-world scenario:
Host A runs a thin client which uses the "solution 1" mechanism to control the
transaction when it talks to Host B.
Host B runs a "front" tier which is isolated by firewall. This tier has one or
more local transactional databases or caches, and a local TM. The services running on B
also perform EJB invocations on Host C.
Host C is the "rear" tier separated from B by one or more layer of firewall,
and maybe even a public network. B talks to C via remoting, using "solution 2"
to propagate transactions to it, using the client/server style of invocation.
Host C participates in a peer-to-peer relationship with other services on Hosts D, E, and
F in the same tier, using Remoting or IIOP but using JTS to coordinate the transaction at
this level since C, D, E, and F all mutulally execute operations on one another (and
possibly each consume local resources) in a distributed object graph style of invocation.
Note you can substitue A and B with an EIS and everything should be exactly the same
(except that recovery processes would be performed by the EIS rather than by B's TM).
Everything I understand about transaction processing (which is definitely at least as
much as a "joe user") says that there's no reason this shouldn't
"just work". And we should be able to utilize existing transaction recovery
mechanisms as well.
In this scenario why wouldn't we use something like REST-TX or XTS when bridging the
firewall? Then we'd be in the transaction bridging arena that Jonathan and team have
been working on for a while.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621519#621519]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:19 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621521#621521
--------------------------------------------------------------
David Lloyd wrote:
> Mark Little wrote:
>
> Could you outline the pros and cons of the current approaches we have in AS5/AS6? I
know we've discussed them elsewhere already, but it would be good to capture it all
here. For instance, why you believe that IIOP isn't right.
When it comes around to transaction control for the native invocation layer, as far as I
am aware AS 5/6 only has the ClientUserTransaction approach (basically equivalent to
"solution 1"). This is fine as far as it goes, but as I have said previously,
integrating this at a server level is problematic.
Understood.
The cons of the AS5/6 native approach are obvious: no transaction
propagation, limited transaction control. And the problems in the existing transport
implementation are well-known.
Humour me and put them here explicitly.
As far as IIOP goes, I don't believe that it's "not
right" per se; I do believe that there are valid use cases which make IIOP (in
general) less than opimal, for example in the case where network topology or security
environment makes it undesirable (either in terms of security, performance,
configurability, etc.; for example to run many different protocols across a single
physical connection or to use OTP-style authentication). CORBA is complex no matter how
you slice it, sometimes prohibitively so. But that's my opinion which is really
irrelevant here; as I said if we decide as an organization (via the proper channels) to
completely ditch the native transport in favor of a full investment in CORBA/IIOP then I
will do so happily (I definitely have a lot of other stuff to be working on), though I do
personally believe that in this case that we would be passing up the opportunity to make
something really special which perfectly fits a real need.
So what about using one
of the existing transports over which transactions are supported, rather than implement
yet another one? Of course the performance of, say, HTTP isn't as good as JBR or any
binary protocol, but I've yet to see any performance requirements being made against
this particular requirement. In fact as far as I can tell, we're talking about the
requirement to support a case that we couldn't support in 5/6 based only on the fact
that would couldn't support it, not on the fact that we need to support it and with N
tx/sec.
Yes SOAP/HTTP is equally slow (can be slower) than HTTP, but SOAP/JMS is an option. I
suppose if there was enough reason we could even consider a SOAP/JBR, though at that point
I'd be first in the queue to recommend removing SOAP from the equation entirely!
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621521#621521]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:21 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621525#621525
--------------------------------------------------------------
Jonathan Halliday wrote:
>> [remote UserTransaction] ... behaves in an intuitive fashion only for a very
limited, albeit common, set of use cases. For more complex scenarios its inherent
limitations manifest in ways that can be confusing to users.
> or "some complex scenarios"
yup, I can give you a some of them too:
1) The 'client' is actually another AS instance, either of the same or earlier
vintage, doing JNDI lookup of UserTransaction against a remote AS7.
2) The client wants to talk to two remote AS instances in the same tx.
3) The client is an environment that has its own UserTransaction implementation. This is
actually just a more general version of case 1). but in which you can't use tricks
like patching the client side lookup to return your actual UserTransaction instead of the
remote proxy.
4) you want to support load balancing or failover for the client-server connection.
Okay so these basically correspond to the same scenarios which have already been
outlined. As far as I know there's no need (in terms of existing functionality or
explicit requirement) to support #4 during mid-transaction though.
Jonathan Halliday wrote:
>> JCA inflow was either designed for propagation to leaf nodes only, or incredibly
badly thought out.
> or "badly thought out"
yup, although it's really pretty obvious: The JCA inflow API uses an Xid as a poor
man's transaction propagation context. Xids were designed only for control flow
between a transaction manager and a resource manager, not for use in multi-level trees.
The JCA has no provision for allowing subordinates to create new branches in the global
transaction. For that it would have to pass in a mask of free bits in the bqual array as
well as the Xid to the subordinate. Indeed the JCA expressly prohibits the container
handling the inflow from altering the Xid. It has to remain immutable because without any
knowledge of which bits can safely be mutated, the container can't guarantee to
generate uniq Xids, a property which is required by the spec.
I didn't find this
in the JCA spec (there was a bit about RMs not altering an XID data bits in transit but
this is not the same thing), but I see your point about XID generation in a hierarchical
system (it'd be fine as long as there are no cycles and you could just patch on stuff
to the end of the branch ID, but that's not technically very robust, and could violate
the XID "format" if there is one). I'm curious to know how other vendors
solve this problem with EIS transaction inflow. I could see a workaround in which
additional XAResources are enlisted to the root controller by propagating them back *up*
the chain, but this is back into custom SPI territory which I'd just as soon stay out
of.
Alternatively the subordinate TM could simply generate a new global transaction ID for
+its+ subordinate resources. It'd technically be a lie but it'd cleanly solve
this problem at least as far as transaction completion goes - recovery semantics might be
hard to work out though.
Jonathan Halliday wrote:
> or "not capable enough"
The XA spec expects that each resource manager (give or take its XAResource's
isSameRM implementation) gets its own branch i.e. uniq Xid. With inflowed Xids you
can't generate new Xids to meet that expectation, you have to use the inflowed one
verbatim. That causes problems with the state machine for the XA protocol lifecycle, as
it's tied to the Xid. For example, if the inflowed tx is used to connect to two
resource managers, you can't recover from crashes cleanly as the recovery mechanism is
tracking state on the assumption that the Xid belongs to at most one RM and once it has
cleaned that one up it's done. Actually on further thought even an upper limit of one
is optimistic - the Xid contains the node Id of the originating parent and that parent may
connect to the same resource manager, in which case it's going to incorrectly manage
the lifecycle because it can't distinguish the XAResource representing the subordinate
tx from the one representing the RM as they have the same Xid. That last case is an
artifact of our implementation rather than the spec though.
Again I can't find
this in the spec. It clearly says that an XID is used to identify the incoming
transaction, but nothing says that it cannot in turn generate different XIDs for its own
resources.
As for your latter point though, recalling that we're dealing with a strictly
hierarchical relationship here; even if the same transaction recursively flows in to a
node into which it had already flowed, it doesn't really have to treat it as another
branch of the same transaction, even if it were possible to do so. It's a departure
from CORBA-style distribution in that every inflow can be a new level in the transaction
hierarchy even if it passes through the same node (which you would not normally do in a
hierarchical relationship, by definition, because resources could then be accessed from
two wholly different XIDs even if they are logically a part of the same transaction). If
true distribution is desired, there's always JTS, after all. That's what this is
- you trade away the functionality you don't want anyway when you're in a
client/server environment, and in return you get much simpler semantics (and in turn, less
overhead) and the benefits of the optimized transport. Choices are good.
Jonathan Halliday wrote:
> or "unintuitive behavior"
yup, I can give you one for that too - the afterCompletions run relative to the commit in
the local node where they are registered, which may actually be before the commit in
another node and not correctly reflect heuristics outcomes or be suitable for triggering
subsequent steps in a process that depend on running after commits in the other nodes.
Likewise beforeCompletions run relative to the prepare in the local node, thus may run
after a prepare in another node. In the best case that's merely inefficient, in the
worst case, where resource managers are shared, it causes a flush of cached data to occur
after a prepare, which will fail. It that's not complicated enough for you, take the
inflowed transaction context and make a transactional call back to the originating parent
server. fun, fun.
I woudn't be worried about the Synchronization stuff in a multi-tier environment -
especially if we disallow resource sharing (i.e. treat each node's access to a
resource as separate), which seems prudent given my above thoughts about unorthodox XID
handling. In my experience, the use cases for the kind of boss/subordinate cascading
which we are talking about would generally not rely on the ability (resource sharing)
anyway. And if you're not sharing resources then if you look at the synchronization
issues, you'll see that their semantics probably only matter relative to what the
local node can see anyway. I think this lack of capability is fair if it saves us
implementation effort.
That isn't to say that we couldn't invent some great new SPI which does this all
much better. Given unlimited (or less limited) resources, this would be fine by me.
Furthermore since all of this XATerminator/XAResource stuff is implementation details, we
could do it one way now and change to a different, more feature-rich solution later on.
Maybe at the same time we can tackle the XID deficiency in the JCA spec somehow.
Jonathan Halliday wrote:
> You're basically saying that an MDB can never access more than one resource.
That's a major problem in and of itself.
Not at all. MDBs don't normally run in inflowed transactions. The server hosting the
MDB container starts a top level transaction, enlists the JMS as a resource manager and
additionally enlists any resource managers the MDB calls e.g. a database. It's a flat
structure, not a hierarchic one.
The purpose is execute Work in the context of a
transaction controlled by an outside party, and delivering messages as part of an imported
transaction is allowed and described in the spec as one of the three models (with respect
to transactions) in which messages my be delivered.
In any case, if that API was intended for flat execution then yeah it's an utter
failure of an SPI. If it's intended for hierarchical execution then it's only a
moderate failure (due to the XID problem), one that's actually workable in practice
(in my opinion). Without resources to control, after all, there's not a lot of point
to transactional inflow.
Jonathan Halliday wrote:
> Finally "unacceptable to ship a solution that may require manual transaction
cleanup" - you should know that any two-phase transaction system may require manual
transaction cleanup; that's the nature of two-phase transactions.
sure, but they are the small number of outcomes that result from one or more of the
players not behaving in accordance with the spec e.g. resource managers making autonomous
outcome decisions. We don't automatically do anything about those because we simply
can't - that's the point at which the spec basically says 'give up, throw a
heuristic and let a human deal with the mess'. You're talking about the much more
numerous expected failure cases that can be handled under automatically under the spec.
Indeed exactly the kinds of run of the mill system failures a distributed transaction
protocol is designed to protect a user against. Intentionally shipping a non spec
compliant XAResource implementation that will result in a support case for many of those
common failures is borderline business suicide, see above.
The whole idea is
predicated on complying with the XAResource contract; we would not intentionally ship a
non spec compliant XAResource implementation.
Jonathan Halliday wrote:
> I'm pretty sure that if someone unplugs the ethernet cable of the transaction
coordinator after prepare but before commit, there's going to have to be some manual
cleanup.
Really? Got a test case for that? Other than the one a certain competitor wrote and we
soundly refuted as FUD? Because I've got an extensive test suite that shows no such
outcomes. Well, except for MS SQLServer and mysql, neither of which is fully XA compliant
at present. Ensuring clean transaction completion in crash situations is exactly what the
transaction manager is for after all.
Okay, great. What I was trying to get across
with those requirement items is that we're only going to implement the contracts, and
we're not implementing any special recovery semantics beyond what the contracts
specify and what the TM does for us. If the TM can handle every crash scenario ever, all
the better.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621525#621525]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:21 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621530#621530
--------------------------------------------------------------
Mark Little wrote:
> David Lloyd wrote:
>
> > Mark Little wrote:
> >
> > Could you outline the pros and cons of the current approaches we have in
AS5/AS6? I know we've discussed them elsewhere already, but it would be good to
capture it all here. For instance, why you believe that IIOP isn't right.
> When it comes around to transaction control for the native invocation layer, as far
as I am aware AS 5/6 only has the ClientUserTransaction approach (basically equivalent to
"solution 1"). This is fine as far as it goes, but as I have said previously,
integrating this at a server level is problematic.
Understood.
> The cons of the AS5/6 native approach are obvious: no transaction propagation,
limited transaction control. And the problems in the existing transport implementation
are well-known.
Humour me and put them here explicitly.
See below.
Mark Little wrote:
> As far as IIOP goes, I don't believe that it's "not right" per se;
I do believe that there are valid use cases which make IIOP (in general) less than opimal,
for example in the case where network topology or security environment makes it
undesirable (either in terms of security, performance, configurability, etc.; for example
to run many different protocols across a single physical connection or to use OTP-style
authentication). CORBA is complex no matter how you slice it, sometimes prohibitively
so. But that's my opinion which is really irrelevant here; as I said if we decide as
an organization (via the proper channels) to completely ditch the native transport in
favor of a full investment in CORBA/IIOP then I will do so happily (I definitely have a
lot of other stuff to be working on), though I do personally believe that in this case
that we would be passing up the opportunity to make something really special which
perfectly fits a real need.
So what about using one of the existing transports over which transactions are supported,
rather than implement yet another one? Of course the performance of, say, HTTP isn't
as good as JBR or any binary protocol, but I've yet to see any performance
requirements being made against this particular requirement. In fact as far as I can tell,
we're talking about the requirement to support a case that we couldn't support in
5/6 based only on the fact that would couldn't support it, not on the fact that we
need to support it and with N tx/sec.
Yes SOAP/HTTP is equally slow (can be slower) than HTTP, but SOAP/JMS is an option. I
suppose if there was enough reason we could even consider a SOAP/JBR, though at that point
I'd be first in the queue to recommend removing SOAP from the equation entirely!
Well that's what I'm talking about: this is the direct functional
replacement for the Remoting 2.x-based UnifiedInvoker stuff, and the JRMPInvoker before
it. This is the functionality we're carrying over. I can tell you with absolute
certainty that porting this stuff over directly is not a viable option. We can discuss
the details offline if you like.
This is really bleeding over into another topic at this point. Remoting 3.x is the
transport layer that we're using for AS management; the plan was to bring over a
JSR-160 implementation plus EJB remote invocation which allows all these things to run
over the same channel, and to leverage JBMAR, to get an optimally-performant invocation
layer which supports all kinds of security strategies, and works with even the stupidest
of firewalls. In other words, replace the old broken stuff with a combination of a bunch
of existing good stuff. This in turn gives us a nice springboard for nicely supporting EE
app-client, getting this multi-tier transaction stuff for free (or at least, that was the
plan) and at the same time giving us a shiny new bullet point to throw up against the
competitors who have a similar sort of transport already. Also it gives us a nice path
forward to allow EAP 4 and 5 applications (and even applications running on third-party
appservers) to talk to EAP 6 applications using this protocol simply by way of a client
JAR which is something that has been requested of us more than once. We +know+ that JBMAR
outperforms everything else out there which claims any level of compliance to the
serialization spec; we can choose to use it, or not.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621530#621530]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:25 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621538#621538
--------------------------------------------------------------
Mark Little wrote:
> > Mark Little wrote:
> >
> > "Keeping in mind that this is nowhere near the only process of this
complexity to be tested - and no, don't trot out "it's more complex than you
think" unless you want to enumerate specific cases (which will probably then be
appropriated into additional tests) - I think we'd follow the same approach we'd
follow for testing other things. We'd unit test the protocol of course, and test to
ensure that the implementation matches the specification, and verify that the protocol
handlers on either "end" forward to the proper APIs."
> >
> > Go take a look at the QA tests for JBossTS. You'll see that a sh*t load of
them are covering recovery. And then take a look at XTS and REST-AT. You'll see that a
sh*t load of them are covering recovery. Want to take a wild stab in the dark why that
might be the case ;-)? Yes, it's complex. It's got to be fault tolerant, so we
have to test all of the cases. There are no edge-cases with transactions: it either works
or it fails. Unit tests aren't sufficient for this.
> Well, it's always good to have a set of existing projects to draw test scenarios
from. But otherwise I don't think this is directly relevant to the discussion: unless
you're saying "we must test these 200 different scenarios before I let you type
'git commit'". We need high quality, detailed tests for every subsystem.
For example having thorougly tested transactions doesn't do us a lot of good if, for
example, our JPA implementation or HornetQ or something was writing corrupt data. I mean
everything needs thorough testing. Just the fact that these other projects have lots of
tests covering recovery doesn't mean that those tests are necessary, and on the other
hand, there may be many scenarios unaccounted-for in these tests as well. AS is riddled
with highly complex systems that need detailed testing.
I'm saying that if we are talking about developing a new distributed transaction
protocol using JBR instead of CORBA, then I will need to see all of the transactions use
cases we have covered in QA pass against this new implementation. Call me overly
pessimistic, but even if you think that the scenario is narrowly focussed/self contained,
I like the nice warm fuzzy feeling that passing QA tests brings.
Okay, that's
reasonable, but bear in mind that what we're talking about is probably going to be
more constrained in some ways, so we may need fewer, or at most a few different, tests.
Some of these tests may simply verify that things we don't support in this scenario
are explicitly disallowed for example.
Mark Little wrote:
> In this particular case (solution 2 that is), we're specifying an
implementation for XAResource, a transport for it, and an endpoint which controls
XATerminator; this says to me that our tests can be limited in scope to testing this
mechanism from end to end. As I said if we have other projects we can draw recovery
scenarios from, that's fine, and we will do so. I don't know what else to tell
you.
And the A->B->C scenario simply isn't possible?
A->B->C yes is
possible, however this is really (A client -> B server -> (a bunch of existing
stuff) -> B client -> C server); which is to say that if we verify that we follow
the rules for what we implement, then it's up to JBTS to follow the rules for what
+it+ implements. Testing multiple steps like this is the task of the aforementioned QA
tests, I suppose, for the "warm and fuzzy" quality, but it wouldn't be
covered in the unit tests for any of the individual pieces as it is expected that the
components that they interact with all behave according to contract.
Mark Little wrote:
> > "Case 1 cannot be made to work when a local TM is present without adding
some notion in the EE layer to determine whether it should use the local UserTransaction
or the remote one. This is possible but is a possibly significant amount of work."
> >
> > How significant? If we're putting all options on the table then this needs
to be there too.
> The problem is that we'd need some way to control which kind of UserTransaction
is pulled from JNDI and thus injected into EE components. This can depend on what the
user intends to do with it; thus we'd need to isolate many use cases and figure out
what level this should be done at (deployment? component? server-wide?), and we need to do
some analysis to determine where and how the remote server connection(s) should be
specified and associate the two somehow. We're basically choosing between TMs on a
per-operation basis. This type of configuration is unprecedented as far as I know - I
think the analysis would take as long as the implementation, if not longer. Because it is
not known exactly how this should look, I can't say how much effort this is going to
be other than "lots".
Interestingly we've had several TS f2f meetings where the discussion has arisen
around running local JTA and remote JTA (JTS) in the same container. Jonathan can say more
on this, since he was driving those thoughts.
However, let's assume for the sake of argument that initially we decide that in any
container-to-container interactions that require transactions you either have to use HTTP,
SOAP/HTTP or IIOP, but want to leave the door open for other approaches later, would we be
having a different discussion? We discussed suitable abstractions earlier, which could be
independent of any commitment to changes at this stage, so I'm still trying to figure
out what all of those abstractions would be.
Well, all of this is predicated on the
assumption that we still need some kind of remote control of transactions from server to
server when using the Remoting-based transport in order to fulfill our obligations for
existing functionality. If we can work it out or establish that this is not the case,
then sure, we can revisit this discussion at a later time, assuming that such time would
ever arrive. I would very much like the opportunity to be able to work on establishing
requirements for such an abstraction. Such a discussion should come hand in hand with
fixing the shortcomings of XATerminator in the JCA specification as well though, as these
seem to me to be two faces of the same problem.
Mark Little wrote:
> > Mark Little wrote:
> >
> > "Theoretically each successive "step" will treat the TM of the
subsequent "step" as a participating resource. As to D calling A, that will
only work if the TM is clever enough to figure out what's happening (I don't see
why it wouldn't as the Xid should, well, identify the transaction so A should
recognize its own; but that's why we're having this discussion)."
> >
> > Please go take a look at what we have to do for interposition in JTS. And
it's not because JTS is more complex than it needs to be: interposition is a
fundamental concept within distributed transactions and the problems, optimisations,
recovery semantics etc. are there no matter what object model or distribution approach you
use. Take a look at XTS too, for instance.
> Yeah but keep in mind that we're dealing in a strict hierarchy here, there are
no peers. The transaction isn't so much "distributed" as it is
"controlled"; caller always dominates callee. This if D calls A the behavior
I'd +expect+ would be that A would treat the imported work as a different or
subordinate transaction; it need not really have any direct knowledge that the two are
related since the D→A relationship is controlled by D, and the C→D relationship is
controlled by C, etc. If the D→A outcome is in doubt then it's up to D to resolve that
branch, not A. But that's just my ignoramus opinion.
Controlling the transaction termination protocol is definitely a parent/child
relationship; that much is obvious. However, I still don't see how you can say that
A->B->C->D isn't possible (remember that each of these letters represents an
AS instance). So the transaction flows between (across) 4 AS instances. It could even be
A->B|C->D|E->A, i.e., a (extended) diamond shape if you draw it out.
I
don't think I said it wasn't possible, or at least I didn't intend to. I
think supporting trees or linear chains of appservers is fine. I just don't think we
necessarily have to support A->B->A kinds of scenarios or other non-tree (especially
cyclic) directed graphs as this is not generally a good fit for Remoting in the first
place; one would normally choose IIOP or JRMP for this kind of topology. Now we +could+
support this, of course, and if we did I imagine it might be a good idea to treat ->A
as a wholly new branch of the transaction, or even as a wholly new global transaction,
rather than trying to reconcile what resources on A are already active in the transaction
or whatever else you have to do for JTS style interposition. Likewise if we have
A->B->C and all three access a common resource, I don't think that we
necessarily need to support resource sharing in the Remoting scenario (though if we can,
that's great).
That said, I think that a proper implementation ought to be able to mix and match the
approaches. A linear chain of app servers and their resources using the Remoting
transaction approach could terminate an a JTS "cloud" of appservers, which in
turn could enroll more linear chains of app servers and their resources, so long as the
contstraints we place aren't broken (for example if we don't support shared
resources in the Remoting chains then we simply don't).
Mark Little wrote:
> Here's what I consider to be a likely, real-world scenario:
>
> Host A runs a thin client which uses the "solution 1" mechanism to control
the transaction when it talks to Host B.
> Host B runs a "front" tier which is isolated by firewall. This tier has
one or more local transactional databases or caches, and a local TM. The services running
on B also perform EJB invocations on Host C.
> Host C is the "rear" tier separated from B by one or more layer of
firewall, and maybe even a public network. B talks to C via remoting, using
"solution 2" to propagate transactions to it, using the client/server style of
invocation.
> Host C participates in a peer-to-peer relationship with other services on Hosts D,
E, and F in the same tier, using Remoting or IIOP but using JTS to coordinate the
transaction at this level since C, D, E, and F all mutulally execute operations on one
another (and possibly each consume local resources) in a distributed object graph style of
invocation.
>
> Note you can substitue A and B with an EIS and everything should be exactly the same
(except that recovery processes would be performed by the EIS rather than by B's TM).
>
> Everything I understand about transaction processing (which is definitely at least
as much as a "joe user") says that there's no reason this shouldn't
"just work". And we should be able to utilize existing transaction recovery
mechanisms as well.
In this scenario why wouldn't we use something like REST-TX or XTS when bridging the
firewall? Then we'd be in the transaction bridging arena that Jonathan and team have
been working on for a while.
Well, you could, of course (at least you could use XTS, but not REST-TX unless we designed
our own EJB-over-REST protocol). Or you could use an IIOP proxy. And we could map our
management protocol on to SOAP, or IIOP. But the point is that all of these approaches
are a pain for users and all lack the advantages of a native protocol - namely
performance, more flexible and efficient security, simpler client and server
implementation (i.e. no SOAP bindings or monkeying with IDL). In other words, I can say
"connect to this URL, authenticate thusly, give me this EJB, and start calling stuff
on it" with a native client, which you cannot do without extra steps and a lot of
configuration and complexity in SOAP or even CORBA. It's the API simplicity of RMI
(simpler, really) with sane firewall-friendly connection semantics and much better
performance, or at least that's the idea.
Could we drop a native transport in favor of SOAP+IIOP? Absolutely. But it would suck,
IMO. I think a native transport is an essential tool, and it's something we've
provided in the past, but it's not up to me to make that call in any case. Even if we
dropped it though, I'd probably develop it in my free time anyway just because I have
no inclination to use SOAP or IIOP for my personal projects, and it's something I
believe in. Granted my free time projects have this way of winding up back in the middle
of things these days.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621538#621538]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4:27 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621569#621569
--------------------------------------------------------------
While we need to figure out the short term, I really think we should start formulating a
plan for our long term direction as part of this discussion. As part of that I think we
should explore the possibility of making JTS capable of running on a native transport.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621569#621569]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
1:11 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621637#621637
--------------------------------------------------------------
"A->B->C yes is possible, however this is really (A client -> B server ->
(a bunch of existing stuff) -> B client -> C server); which is to say that if we
verify that we follow the rules for what we implement, then it's up to JBTS to follow
the rules for what +it+implements."
How do you expect to prevent the context from flowing from B server to B client? A
per-thread interceptor doing the disassociation, for instance?
"Well, all of this is predicated on the assumption that we still need some kind of
remote control of transactions from server to server when using the Remoting-based
transport in order to fulfill our obligations for existing functionality. If we can work
it out or establish that this is not the case, then sure, we can revisit this discussion
at a later time, assuming that such time would ever arrive. I would very much like the
opportunity to be able to work on establishing requirements for such an abstraction. Such
a discussion should come hand in hand with fixing the shortcomings of XATerminator in the
JCA specification as well though, as these seem to me to be two faces of the same
problem."
Whatever happens now, I think it's clear that we need to look at this for the future.
And a realistic future at that, i.e., not "years and years from now".
"I don't think I said it wasn't possible, or at least I didn't intend
to. I think supporting trees or linear chains of appservers is fine. I just don't
think we necessarily have to support A->B->A kinds of scenarios or other non-tree
(especially cyclic) directed graphs as this is not generally a good fit for Remoting in
the first place; one would normally choose IIOP or JRMP for this kind of topology."
OK, but this then comes back to my first question above: how do we prevent these things?
Leaving it up to the developer of the application/business object/EJB isn't going to
work.
"That said, I think that a proper implementation ought to be able to mix and match
the approaches. A linear chain of app servers and their resources using the Remoting
transaction approach could terminate an a JTS "cloud" of appservers, which in
turn could enroll more linear chains of app servers and their resources, so long as the
contstraints we place aren't broken (for example if we don't support shared
resources in the Remoting chains then we simply don't)."
Agreed, and in fact this sounds very much like the genesis of the bridging work that I
keep mentioning Jonathan has been doing (has done). The idea there was that a transaction
could start out over, say, SOAP, inflow to a container and then be sent out over another
transport, etc. Graphs of arbitrary size and complexity could be supported, with
extensibility to support arbitrary transports.
"Could we drop a native transport in favor of SOAP+IIOP? Absolutely. But it would
suck, IMO. I think a native transport is an essential tool, and it's something
we've provided in the past, but it's not up to me to make that call in any case.
Even if we dropped it though, I'd probably develop it in my free time anyway just
because I have no inclination to use SOAP or IIOP for my personal projects, and it's
something I believe in. Granted my free time projects have this way of winding up back in
the middle of things these days."
Yes, I understand the trade-offs. I mentioned it in order to determine if there was some
intermediate step(s) that we could take to help address the issue.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621637#621637]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
1:12 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/621638#621638
--------------------------------------------------------------
Definitely. Although it's not quite JTS over some other transport, but I know what you
mean.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/621638#621638]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:26 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jonathan Halliday [http://community.jboss.org/people/jhalliday] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/622932#622932
--------------------------------------------------------------
From the point of view of the transactions project roadmap, it seems
that -
ClientUserTransaction requires no additional implementation work. The same hooks that
supported the earlier implementations of this can be used for the new one too.
Transaction context inflow support falls into two parts: whole transaction (gtrid)
interposition and branch only (bqual) interposition.
For whole transaction interposition, a new subordinate transaction context is created on
each node receiving an inflow. Synchronizations are handled purely locally. The JCA inflow
API can be used, albeit with semantics which IMO are not spec compliant. This model would
be relatively simple to implement on the transaction manager side, as the existing
recovery architecture will mostly still apply. IMO it's of limited utility for users
though, as resource managers will see independent transactions and not do any transaction
branch coupling. That impacts both functionality and performance.
For branch only transaction interposition, subordinate nodes maintain the inflowed gtrid
but create new branches within an allocated portion of the bqual state space. This
requires information about the allocation of bqual space to be communicated, either by
explicit parameter passing for the general case or by encoding in the Xid for the
jboss->jboss inflow case. It affords the opportunity for branch coupling in resource
managers used by more than one node in the same transaction, but leads to more complicated
recovery needs. Specifically recovery can no longer be driven off consideration of the
gtrid ownership alone, but must also consider bqual ownership. This naturally requires
that the bqual value actually contain node ownership information, which will require a new
encoding. On the other hand we probably need one anyhow to communicate delegation of the
bqual state space on links where we're working with 3rd party implementations and thus
constrained to the JCA api rather than one that could carry additional parameters. For
links where we do control both ends, we need additional methods to support afterCompletion
as a separate phase. BeforeCompletion is already available as a separate step on
subordinate transactions, although it may need to be even finer grained to allow for JTA
1.1 TSR sync interposition semantics to be transaction global rather than node local.
In both models the communication is entirely top down - the coordinator does not exist as
a network endpoint as in JTS, as persistent ids are not supported by the remoting
transport. This constrains recovery to use the XA recovery scan model rather than the JTS
replayCompletion one. One consequence of this is that parent nodes will require to
maintain a list of all possible subordinates and have a recovery module plugin for them,
but that's probably not an undue burden for most deployment scenarios. Another
consequence is that it's probably going to be better to build it as distributed hooks
into JBossJTA rather than a pluggable transport layer for JBossJTS. That should also offer
better performance as resource records will get inlined to the tx rather than be separate
ostore entries.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/622932#622932]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
6:10 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/626589#626589
--------------------------------------------------------------
Okay it looks to me like we have a plan here, but do we have a path forward? What do you
need from the AS team, if anything?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/626589#626589]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
5:10 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627258#627258
--------------------------------------------------------------
David Lloyd wrote:
Okay it looks to me like we have a plan here, but do we have a path forward? What do you
need from the AS team, if anything?
Taking Jonathan's lack of reply, combined with an internal email that states he will
not be doing any improvements or changes for EAP6, leads me to believe that we should just
take the XATerminator option and do this ourselves. We are going to proceed down this path
until we here that the TM project is willing to cooperate.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627258#627258]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
5:44 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jonathan Halliday [http://community.jboss.org/people/jhalliday] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627264#627264
--------------------------------------------------------------
Sorry, running a bit behind what with having spent the last two work days in a meeting
room with lousy connectivity :-(
The discussion above is on the basis of 'what would we ideally like to have in the
future' per the related conf call. We're not even at the stage of 'we will
deliver feature enhancement X by date Y' yet. What we eventually commit to implement
will depend on what other requirements we have competing for attention in the same
timeframe and we don't have all that information yet.
For the AS7.1 release we've already delivered the final TS feature release, so if you
want tx over remoting in that you will indeed need to build it on whatever is already
there, which basically means JCA tx inflow.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627264#627264]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
6:40 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627278#627278
--------------------------------------------------------------
Jonathan Halliday wrote:
Sorry, running a bit behind what with having spent the last two work days in a meeting
room with lousy connectivity :-(
The discussion above is on the basis of 'what would we ideally like to have in the
future' per the related conf call. We're not even at the stage of 'we will
deliver feature enhancement X by date Y' yet. What we eventually commit to implement
will depend on what other requirements we have competing for attention in the same
timeframe and we don't have all that information yet.
For the AS7.1 release we've already delivered the final TS feature release, so if you
want tx over remoting in that you will indeed need to build it on whatever is already
there, which basically means JCA tx inflow.
Ok sounds like we are in agreement then
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627278#627278]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
1:34 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627453#627453
--------------------------------------------------------------
OK, but are we all in agreement that this is a stop-gap measure and not where we'd
like to be in some later release?
Also can you (Jason) stick the design discussions around what you will do in this forum,
or at least cross post?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627453#627453]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:30 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627470#627470
--------------------------------------------------------------
Sure we'll post something when we have time. Although honestly we have wasted enough
on this just to find out that the transaction project has no intention of resolving the
issues anytime soon. After EAP6 my team is going to look at doing our own fork, which is
unfortunate but it's the only way I see it happening by EAP6
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627470#627470]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:32 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627472#627472
--------------------------------------------------------------
That should read 6.1
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627472#627472]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
3:07 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627484#627484
--------------------------------------------------------------
Your own fork of what?!
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627484#627484]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
3:38 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627495#627495
--------------------------------------------------------------
Did you not see Jonathan's response from a few weeks back? There was no response to
that either. I'll copy it here:
"
From the point of view of the transactions project roadmap, it seems
that -
ClientUserTransaction requires no additional implementation work. The same hooks that
supported the earlier implementations of this can be used for the new one too.
Transaction context inflow support falls into two parts: whole transaction (gtrid)
interposition and branch only (bqual) interposition.
For whole transaction interposition, a new subordinate transaction context is created on
each node receiving an inflow. Synchronizations are handled purely locally. The JCA inflow
API can be used, albeit with semantics which IMO are not spec compliant. This model would
be relatively simple to implement on the transaction manager side, as the existing
recovery architecture will mostly still apply. IMO it's of limited utility for users
though, as resource managers will see independent transactions and not do any transaction
branch coupling. That impacts both functionality and performance.
For branch only transaction interposition, subordinate nodes maintain the inflowed gtrid
but create new branches within an allocated portion of the bqual state space. This
requires information about the allocation of bqual space to be communicated, either by
explicit parameter passing for the general case or by encoding in the Xid for the
jboss->jboss inflow case. It affords the opportunity for branch coupling in resource
managers used by more than one node in the same transaction, but leads to more complicated
recovery needs. Specifically recovery can no longer be driven off consideration of the
gtrid ownership alone, but must also consider bqual ownership. This naturally requires
that the bqual value actually contain node ownership information, which will require a new
encoding. On the other hand we probably need one anyhow to communicate delegation of the
bqual state space on links where we're working with 3rd party implementations and thus
constrained to the JCA api rather than one that could carry additional parameters. For
links where we do control both ends, we need additional methods to support afterCompletion
as a separate phase. BeforeCompletion is already available as a separate step on
subordinate transactions, although it may need to be even finer grained to allow for JTA
1.1 TSR sync interposition semantics to be transaction global rather than node local.
In both models the communication is entirely top down - the coordinator does not exist as
a network endpoint as in JTS, as persistent ids are not supported by the remoting
transport. This constrains recovery to use the XA recovery scan model rather than the JTS
replayCompletion one. One consequence of this is that parent nodes will require to
maintain a list of all possible subordinates and have a recovery module plugin for them,
but that's probably not an undue burden for most deployment scenarios. Another
consequence is that it's probably going to be better to build it as distributed hooks
into JBossJTA rather than a pluggable transport layer for JBossJTS. That should also offer
better performance as resource records will get inlined to the tx rather than be separate
ostore entries."
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627495#627495]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
8:54 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jonathan Halliday [http://community.jboss.org/people/jhalliday] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627593#627593
--------------------------------------------------------------
ok, so I guess we're jumping ahead to the implementation roadmap discussion without
waiting for the EAP6.1 spec then. Is that the same Jason who just got done telling me the
JBossTS planning cycle is too far in advance of the AS planning cycle? :-)
If the AS has no preference either way, then I'm inclined to go with the tx branch
interposition model rather than full interposition, on the basis that transaction branch
lock sharing is a more intuitive and powerful model for users. Whist I think it's the
right goal, it's undeniably more complex to implement than the full interposition
model. However, rather than go with full interposition as a stopgap and then change over
and waste that work, I'd prefer to look at how we can break down the branch
interposition implementation into smaller pieces to deliver the functionality
incrementally.
With an incremental approach we may even be able to put in place a partial solution for
some of the more limited but common use cases in AS7.1, much less a later release. For
example, I think it's feasible to extend the org.jboss.tm spi to support a subordinate
tx type that exposes beforeCompletion for remote usage. JCA tx inflow does not offer that,
but the TS impl under it already does, so we just need the ability to wire it through
without tying the AS too closely to the TS implementation classes. That kind of
conservative change should be possible on the existing maintenance branch without forking,
as it's not going to impact compatibility. Unifying the way the AS and TS do node
identity and putting in place the AS side management of the peer node id list that's
needed for recovery can also be done up front to avoid later alteration to the domain
model - not all the work is going to be on the TS code side.
Some of the more involved TS internal recovery changes may also make sense to do even
before we know if the wider feature does make the cut when it comes to prioritizing work
for the next release cycle. We could for example potentially enable recovery for multiple
resources even in the broken JCA spec semantics, which is an outstanding customer request.
It's been a low priority thus far as it's limited to one customer, albeit a large
one. But if the work overlaps with wider tx inflow support then it's easier to justify
the allocation of resources to it. As the new JCA integration spi is already in place
(finally!) the remaining bits needed would likely be entirely arjuna internal, so again
probably doesn't require a major version rev or fork on the TS code side.
Whilst getting at least some functionality out sooner rather than later is probably a good
thing, one of my concerns on delivering this in staged releases, potentially including the
current cycle, is the impact it will have on docs and QE. We'd need to clearly specify
what scenarios are expected to work in each release we provide, in order to test correctly
and manage user expectations thoroughly. We probably need an internal discussion with
those teams to see what resource they have available in addition to seeing what dev
resource we can shake loose for this by deprioritizing other things.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627593#627593]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
9:42 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627601#627601
--------------------------------------------------------------
Jonathan Halliday wrote:
Whilst getting at least some functionality out sooner rather than later is probably a
good thing, one of my concerns on delivering this in staged releases, potentially
including the current cycle, is the impact it will have on docs and QE. We'd need to
clearly specify what scenarios are expected to work in each release we provide, in order
to test correctly and manage user expectations thoroughly. We probably need an internal
discussion with those teams to see what resource they have available in addition to seeing
what dev resource we can shake loose for this by deprioritizing other things.
I
agree wholeheartedly with Jonathan and also think we definitely need to take heed on his
point re functionality available at each stage being documented accurately and the
overhead this will add to EAP. Jason, are we certain this is a feature that needs to be in
EAP6 vs EAP6.1? I guess more generally can you clarify your preferred and maximum
timescales you would like us to deliver this functionality within.
Another point that was raised earlier (or rather a detail of the one surrounding QA) is
the question of testing this with remoting itself. Clearly some work will be done on the
remoting side to chat with the API we expose so is it realistic to expect this level of
testing to be performed in the timescale needed?
It sounds like a nice piece of work, but our worry is we may simply not be able to add
this feature with enough capability/testing to address your desired use cases in the
timescale we anticipate you need this in. That said we are ready to work on this right now
so hopefully we can make an effective solution in the time available.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627601#627601]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:14 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627612#627612
--------------------------------------------------------------
Jonathan Halliday wrote:
If the AS has no preference either way, then I'm inclined to go with the tx branch
interposition model rather than full interposition, on the basis that transaction branch
lock sharing is a more intuitive and powerful model for users. Whist I think it's the
right goal, it's undeniably more complex to implement than the full interposition
model. However, rather than go with full interposition as a stopgap and then change over
and waste that work, I'd prefer to look at how we can break down the branch
interposition implementation into smaller pieces to deliver the functionality
incrementally.
Sounds great.
Jonathan Halliday wrote:
With an incremental approach we may even be able to put in place a partial solution for
some of the more limited but common use cases in AS7.1, much less a later release. For
example, I think it's feasible to extend the org.jboss.tm spi to support a subordinate
tx type that exposes beforeCompletion for remote usage. JCA tx inflow does not offer that,
but the TS impl under it already does, so we just need the ability to wire it through
without tying the AS too closely to the TS implementation classes. That kind of
conservative change should be possible on the existing maintenance branch without forking,
as it's not going to impact compatibility. Unifying the way the AS and TS do node
identity and putting in place the AS side management of the peer node id list that's
needed for recovery can also be done up front to avoid later alteration to the domain
model - not all the work is going to be on the TS code side.
To be honest I was
already planning on copying the things I liked out of the JBossXATerminator implementation
since Remoting inflow for EJBs will obviously not execute in terms of JCA Work objects.
So it sounds like we're aligned on this point at least. I wasn't sure about
beforeCompletion because I didn't see any of that in the code I have, so I'm glad
to hear that the underlying API has that.
As for tying AS to the TS implementation, that's not really a problem as that's
the whole point of the AS Transactions subsystem. If and when we need an SPI to abstract
around multiple TS implementations, we can probably do that on the AS side. I'm not
aware of any plans on our part to allow other TS implementations though. I'm not
really in favor of SPIs for the sake of SPIs.
Jonathan Halliday wrote:
Some of the more involved TS internal recovery changes may also make sense to do even
before we know if the wider feature does make the cut when it comes to prioritizing work
for the next release cycle. We could for example potentially enable recovery for multiple
resources even in the broken JCA spec semantics, which is an outstanding customer request.
It's been a low priority thus far as it's limited to one customer, albeit a large
one. But if the work overlaps with wider tx inflow support then it's easier to justify
the allocation of resources to it. As the new JCA integration spi is already in place
(finally!) the remaining bits needed would likely be entirely arjuna internal, so again
probably doesn't require a major version rev or fork on the TS code side.
Whilst getting at least some functionality out sooner rather than later is probably a
good thing, one of my concerns on delivering this in staged releases, potentially
including the current cycle, is the impact it will have on docs and QE. We'd need to
clearly specify what scenarios are expected to work in each release we provide, in order
to test correctly and manage user expectations thoroughly. We probably need an internal
discussion with those teams to see what resource they have available in addition to seeing
what dev resource we can shake loose for this by deprioritizing other things.
Well
before we get ahead of ourselves and drown in borrowed trouble, it might be better to
identify what specific tasks need to be accomplished, and by whom. Once we have a clear
sense of what needs to be done, then we can figure out how we want the releases to go and
what resources should be dedicated to what.
In particular I still only have a general sense of what is involved in the branch
interposition model - to be specific, it's not clear what the transport requirements
would be for negotiating the XID space; you mentioned alternate XID formats as well as
bitmask-based solutions, but none of this is really specific. And I don't have a
clear understanding of what issues we'll face in terms of recovery - though perhaps I
don't need to, as long as it is clear what the transport requirements would be for
this as well. By "transport requirements" I just mean, what communication steps
will the coordinators need to perform in order to accomplish the tasks which make up
propagation and recovery.
Also it's not clear to me how XIDs can actually be created, which I imagine will
follow directly from the solution we decide on for how the bqual is selected. It seems
like once this is figured out, the rest of the actual inflow code should be pretty
straightforward.
So how should we break down the task list? Off the cuff we have:
* Design the XID negotiation/generation scheme (conceptual work, no coding)
* Implement the XID negotiation/generation scheme (possibly split between AS-side and
TS-side)
* Design the XA inflow scheme (conceptual)
* Implement XA inflow (probably mostly AS-side, once the XID stuff is in place)
* Design the recovery scheme (conceptual)
* Implement the recovery transport mechanism (mostly AS-side)
For the design points, I think we should probably split each into a forum thread, but
honestly I think you TS folks should take the lead on these since you have the
experience. I'll jump into the implementation parts as soon as the design is clear
enough.
Thoughts?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627612#627612]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:29 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627615#627615
--------------------------------------------------------------
Tom said: "It sounds like a nice piece of work, but our worry is we may simply not be
able to add this feature with enough capability/testing to address your desired use cases
in the timescale we anticipate you need this in. That said we are ready to work on this
right now so hopefully we can make an effective solution in the time available."
Let's all remember that we have a "baking in the community first" mantra
here, and for critical (read complex) pieces of code like this, I definitely want to see
that baking taken into consideration. So let's be sure to factor that in too!
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627615#627615]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:32 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627616#627616
--------------------------------------------------------------
I'll talk with Jonathan tomorrow about this, but when you say:
"In particular I still only have a general sense of what is involved in the branch
interposition model - to be specific, it's not clear what the transport requirements
would be for negotiating the XID space; you mentioned alternate XID formats as well as
bitmask-based solutions, but none of this is really specific."
I don't see how this will have any requirements on Remoting other than as a
communication channel, i.e., the protocol should work just as well (conceptually) using
HTTP, raw socket, IIOP or carrier pidgeon.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627616#627616]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:37 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627619#627619
--------------------------------------------------------------
David Lloyd wrote:
So how should we break down the task list? Off the cuff we have:
* Design the XID negotiation/generation scheme (conceptual work, no coding)
* Implement the XID negotiation/generation scheme (possibly split between AS-side and
TS-side)
* Design the XA inflow scheme (conceptual)
* Implement XA inflow (probably mostly AS-side, once the XID stuff is in place)
* Design the recovery scheme (conceptual)
* Implement the recovery transport mechanism (mostly AS-side)
For the design points, I think we should probably split each into a forum thread, but
honestly I think you TS folks should take the lead on these since you have the
experience. I'll jump into the implementation parts as soon as the design is clear
enough.
I definitely want to see the design happen in the forums so it's all inclusive. As to
the steps, I'm pretty sure that Jonathan and Tom already have a plan of attack since
this is something we've discussed for a while and most recently last week at the
JBossTS f2f. I'll encourage one or other of them to post it here as soon as possible.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627619#627619]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:38 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627620#627620
--------------------------------------------------------------
Mark Little wrote:
I'll talk with Jonathan tomorrow about this, but when you say:
"In particular I still only have a general sense of what is involved in the branch
interposition model - to be specific, it's not clear what the transport requirements
would be for negotiating the XID space; you mentioned alternate XID formats as well as
bitmask-based solutions, but none of this is really specific."
I don't see how this will have any requirements on Remoting other than as a
communication channel, i.e., the protocol should work just as well (conceptually) using
HTTP, raw socket, IIOP or carrier pidgeon.
Right. But Remoting will have to carry
the messages so the sooner I know what they are, the better. Also this does impact the AS
side of things insofar as I have to use the right TS API and feed the results to/from
Remoting to get the XID to start the transaction.
But most of all, I just want to break the inertia get things jump-started here, so this is
mostly just a push in what I hope is the right direction.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627620#627620]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:43 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627622#627622
--------------------------------------------------------------
Tom Jenkinson wrote:
Jason, are we certain this is a feature that needs to be in EAP6 vs EAP6.1? I guess more
generally can you clarify your preferred and maximum timescales you would like us to
deliver this functionality within.
I've mentioned this before, but the
overriding issue here is that we will deliver EAP 6 on schedule. If the use cases we need
to have in EAP 6 from TS cannot be done by the ideal solution then we probably have no
option but to have a stop-gap implementation. We've discussed that on this forum
before and elsewhere so I think everyone understands what that would be. On the other
hand, if we can skip EAP 6 and go straight to EAP 6.1 and cover the use cases with the
ideal solution as outlined, then that gives us the better implementation, more time to
bake in the community, more time to QA etc.
Another point that was raised earlier (or rather a detail of the one
surrounding QA) is the question of testing this with remoting itself. Clearly some work
will be done on the remoting side to chat with the API we expose so is it realistic to
expect this level of testing to be performed in the timescale needed?
Yes, testing this is critical. We've seen over the past 20 years that testing the
recovery scenarios always take more time than anything else and for good reasons. So we
shouldn't underestimate how long this testing will take.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627622#627622]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:45 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627624#627624
--------------------------------------------------------------
David Lloyd wrote:
Right. But Remoting will have to carry the messages so the sooner I know what they are,
the better. Also this does impact the AS side of things insofar as I have to use the
right TS API and feed the results to/from Remoting to get the XID to start the
transaction.
But most of all, I just want to break the inertia get things jump-started here, so this
is mostly just a push in what I hope is the right direction.
Yes, believe me I understand the inertia aspect ;) But I'm expecting the impact on
you and Remoting for this specific bit of the protocol to be minimal. Let's put it
this way, if we have to change Remoting to cope with this then I'd be even more
concerned than I am at the moment :)
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627624#627624]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:58 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627627#627627
--------------------------------------------------------------
I've been traveling most of the day and I am cutting an AS release and working on a
presentation for a JBUG I need to do in a couple hours, so I don't have much time to
comment a more detailed reply to the topic (sorry!).
Breifly, I just wanted to mention that my primary concern was having a solution in ANY
EAP6 release. To me this was an escalated AS + TS integration problem that everyone agreed
needed to be fixed, so whatever stop gaps we go with need to be short lived, and 2 years
is just too long to have this issue. I realize that getting this into EAP 6.0 was a big
stretch, but the work should be able to start now, and as I mentioned in the past fixing
EAP6 integration issues is more important than any EAP7 feature. I definitely want to
avoid doing a one off patched fork, but after hearing that no changes are allowed to
happen in the only release branch that is compatible with EAP6, that appeared to be the
only option. We do have resource constraints for 6.0, but 6.1 we have breathing room so
can "make things happen".
I promise to explain in more detail later, but hopeful that clears up my position
somewhat.
Thanks.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627627#627627]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
8:54 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627675#627675
--------------------------------------------------------------
Yes, slightly. I think there was a misunderstanding between parties then at least as
timing goes, because the TS team were alreadly planning for 6.1. I suspect that the recent
comments also gave credence to the fact that there was a push to get something, no matter
what, into 6.0. Good to hear that that is clarified now on both sides, because as we keep
hearing these changes are going to require a lot of testing and input from others. My
biggest concern has always been pushing something into the release that's not fully
tested.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627675#627675]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:54 a.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627698#627698
--------------------------------------------------------------
Hi Jason,
Thanks for the clarifying the timescales involved. Certainly 6.1 is a comfortable position
to aim this functionality at and I for one have breathed a sigh of relief :)
As soon as we agree a clear picture of what the functionality looks like we should raise a
Jira for this in the JBTM project so we can track the functionality's progress.
Tom
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627698#627698]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4:56 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627817#627817
--------------------------------------------------------------
Mark Little wrote:
Yes, slightly. I think there was a misunderstanding between parties then at least as
timing goes, because the TS team were alreadly planning for 6.1.
That's
fantastic news then. My comment was in reaction to an email from Jonathan that all new
work most go into TS 5, which would be incompatible with 6.0 (and also that the planning
cycle for 5 is basically over). So I can take this to mean there will definitely be a 4.16
which will address discovered EAP 6.x issues such as this?
My biggest concern has always been pushing something into the
release that's not fully tested.
Yeah I certainly understand the concern here but to a certain extent we have to pick a
lesser evil. My understanding (feel free to correct), is that XATerminator when used with
4.15 may be unable to enlist more than one resource without detrimental side effects. It
does seem though that even with 4.15 there are some pretty powerful SPIs we might be able
to use for a stop-gap solution (perhaps some kind of bqual xid manipulation can be done
there?) This does make me wonder, that even conceeding the API is inadequate, what other
XATerminator implementations do to handle this issue.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627817#627817]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
5:34 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627831#627831
--------------------------------------------------------------
Mark Little wrote:
I suspect that the recent comments also gave credence to the fact that there was a push
to get something, no matter what, into 6.0.
Just to clarify my position is
1. We need a decent stop-gap for EAP 6.0, whatever that may be
2. We need the real solution in EAP 6.1
The fork comment wasn't emotive, it was a practical reality. If the TX project was not
going to do a 4 release that fixed the problem, then soemone else would have to. It's
essentially the same way we handle a thirdparty project (e.g. apache) that does not share
our schedule.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627831#627831]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
5:52 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Jason Greene [http://community.jboss.org/people/jason.greene] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627835#627835
--------------------------------------------------------------
Jonathan Halliday wrote:
ok, so I guess we're jumping ahead to the implementation roadmap discussion without
waiting for the EAP6.1 spec then. Is that the same Jason who just got done telling me the
JBossTS planning cycle is too far in advance of the AS planning cycle? :-)
Yep, and I think I have been entirely consistent on this front. I may not have
communicated clearly but maybe it helps to understand my motivation. I want EAP 6.0 to be
the +*best apppserver on the planet!*+ Everything I say is in connection with that. The
planning too far in advance position comment was about the practice of locking down a TS
release (in this case we are talking 4.x being locked down in April) and being unflexible
to changes which impact the quality of the current in progress EAP release (EAP 6). In
other words, to me the ends nearly always justify the means.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627835#627835]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
6:03 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627838#627838
--------------------------------------------------------------
Jason Greene wrote:
I want EAP 6.0 to be the +*best apppserver on the planet!*+
+1
I do believe there has been some misinterpretation in regards the content of the thread.
We are very happy to add this feature into 6.1 and work with you to provide an
intermediate solution for 6. The main concern we have is terms of the intermediate
solution is about ensuring we deliver a quality supportable component (i.e. QE/docs) in
the timescale available.
Perhaps now though is the time to move on to the more exciting part, designing this
feature work and seeing what can realistically make it into 6 vs 6.1?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627838#627838]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
7:45 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
David Lloyd [http://community.jboss.org/people/dmlloyd] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/627868#627868
--------------------------------------------------------------
Right, the part of this thread where we talk about who said what and timelines and
management and resources and positions is over. I want every subsequent post on this
topic to be 100% technical! Time to put the money where the mouths are. I'd like to
see the individual design topics kicked off ASAP; it's time to move forward.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/627868#627868]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
1:37 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/628210#628210
--------------------------------------------------------------
Hi,
Just to keep you all in the loop I have now created
https://issues.jboss.org/browse/JBTM-895 https://issues.jboss.org/browse/JBTM-895 to track
this work more formally. I have raised it as Blocker on 4.15.x and have personally
assigned it to myself. By all means we can keep discussions going in here but at a
suitable point it would be worth (perhaps when we have more than "more details
coming soon" in the description of the Jira) we can transition discussion to this
Jira.
Jason and David, I have added you as watchers on this Jira, feel free to become Voters too
on it but as you know, we are working on this already :)
I will spend the rest of today, this weekend and Monday fleshing out the description of
the Jira with what we have so far.
Tom
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/628210#628210]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4:47 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/629336#629336
--------------------------------------------------------------
Understood, but TS is not a 3rd party project and we shouldn't be in a situation where
it's even necessary to consider it as such.
Jason Greene wrote:
> Mark Little wrote:
>
> I suspect that the recent comments also gave credence to the fact that there was a
push to get something, no matter what, into 6.0.
Just to clarify my position is
1. We need a decent stop-gap for EAP 6.0, whatever that may be
2. We need the real solution in EAP 6.1
The fork comment wasn't emotive, it was a practical reality. If the TX project was
not going to do a 4 release that fixed the problem, then soemone else would have to.
It's essentially the same way we handle a thirdparty project (e.g. apache) that does
not share our schedule.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/629336#629336]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4:48 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/629338#629338
--------------------------------------------------------------
And created design discussion entries in the forums too please :)
Tom Jenkinson wrote:
Hi,
Just to keep you all in the loop I have now created
https://issues.jboss.org/browse/JBTM-895 https://issues.jboss.org/browse/JBTM-895 to track
this work more formally. I have raised it as Blocker on 4.15.x and have personally
assigned it to myself. By all means we can keep discussions going in here but at a
suitable point it would be worth (perhaps when we have more than "more details
coming soon" in the description of the Jira) we can transition discussion to this
Jira.
Jason and David, I have added you as watchers on this Jira, feel free to become Voters
too on it but as you know, we are working on this already :)
I will spend the rest of today, this weekend and Monday fleshing out the description of
the Jira with what we have so far.
Tom
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/629338#629338]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4:54 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/629341#629341
--------------------------------------------------------------
We have one happening live right now over:
http://community.jboss.org/message/629306#629306
http://community.jboss.org/message/629306
It has UML and everything :)
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/629341#629341]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:20 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/629544#629544
--------------------------------------------------------------
How does this look as an interface to drive the required behaviour?
I would assume you would acquire a singleton instance of this through a getter on the
impl, e.g.
JTADistributionManager manager = JTADistributionsManagerImpl.getJTADistributionManager()
public interface JTADistributionManager {
// TRANSACTION ASSOCIATION MANAGEMENT
void start(Xid xid, long timeout) // This should be the absolute time you want the
transaction to timeout
void resume(Xid xid) // TO BE CALLED WHEN YOU WANT TO RESUME THE TRANSACTION AT THIS
NODE
void suspend(Xid xid) // TO BE CALLED WHEN YOU WANT TO SUSPEND THE TRANSACTION AT
THIS NODE
/// TRANSACTION LIFECYCLE MANAGEMENT
int prepare(Xid xid) throws XAException;
void commit(Xid xid) throws XAException;
void rollback(Xid xid) throws XAException;
void forget(Xid xid)
Xid[] recover(int flag)
// SYNCHRONIZATION CONTROL
void beforeCompletion(Xid xid);
void afterCompletion(Xid xid, int status);
}
NOTES:
Regarding the timeout, I figured the transport would converted this to an absolute time? I
can only really see it working with an absolute time and clocks in sync, then when we add
it to the reaper we can calculate the remaining time. I am interested to know in the
original question some of Davids concerns regarding timeout.
Assumptions:
1. Every time remoting invokes a remote application server it must do the following two
things:
a. If not already done so, create a proxy Synchronization object and register it with the
transaction - distributed JTA interposed synchronizations are not supported in the initial
version. This will invoke the beforeCompletion and afterCompletion methods on the remote
JTADistributionManager
b. f not already done so, create a proxy XAResource object and register it with the
transaction, this is responsible for sending the subordinate transaction managers
transaction lifecycle messages prepare, commit, rollback, forget, recover,
setTransactionTimeout
c. On the remote side, it needs to call either start/resume dependent on whether remoting
detects it has sent the transaction to this server before
d. After remoting detects the interaction is complete, it can call end on the
JTADistributionManager
2. As we have no way to communicate back up the tree, I have assumed that only the
originating client can initiate completion of a transaction, this is consistent with the
JTA spec 3.2.2 but will need documenting
3. In the case of failure afterCompletion may not be called
As yet unresolved is how to modify the Xid correctly in order that local recovery managers
detect the indoubt transactions, watch this space, but this is being tackled, David
mentioned an approach on the Synchronizations thread that may assist:
http://community.jboss.org/thread/172869?tstart=0
http://community.jboss.org/thread/172869?tstart=0
If you are happy with the proposed interface I will update:
https://issues.jboss.org/browse/JBTM-895 https://issues.jboss.org/browse/JBTM-895
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/629544#629544]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
2:57 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/629555#629555
--------------------------------------------------------------
Let's create a new topic for this now :-)
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/629555#629555]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4:07 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Mark Little [http://community.jboss.org/people/marklittle] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/630236#630236
--------------------------------------------------------------
For distributed timeouts check out what we do with the JTS.
Tom Jenkinson wrote:
NOTES:
Regarding the timeout, I figured the transport would converted this to an absolute time?
I can only really see it working with an absolute time and clocks in sync, then when we
add it to the reaper we can calculate the remaining time. I am interested to know in the
original question some of Davids concerns regarding timeout.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/630236#630236]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4:34 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/630249#630249
--------------------------------------------------------------
Hi Mark,
I got your message just as I was creating a
http://community.jboss.org/thread/173231?tstart=0 new thread.
Mark Little wrote:
For distributed timeouts check out what we do with the JTS.
> Tom Jenkinson wrote:
>
>
> NOTES:
> Regarding the timeout, I figured the transport would converted this to an absolute
time? I can only really see it working with an absolute time and clocks in sync, then when
we add it to the reaper we can calculate the remaining time. I am interested to know in
the original question some of Davids concerns regarding timeout.
>
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/630249#630249]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
10:24 p.m.
New subject: [JBoss Transactions Development] - Re: Remoting Transport Transaction Inflow Design Discussion
Tom Jenkinson [http://community.jboss.org/people/tomjenkinson] created the discussion
"Re: Remoting Transport Transaction Inflow Design Discussion"
To view the discussion, visit: http://community.jboss.org/message/642551#642551
--------------------------------------------------------------
Just to confirm, the work for the transactions team side of this is now complete (as part
of https://issues.jboss.org/browse/JBTM-895 https://issues.jboss.org/browse/JBTM-895 and
friends).
If you look at the example I have mentioned before (
https://svn.jboss.org/repos/labs/labs/jbosstm/branches/JBOSSTS_4_16/atsin...
https://svn.jboss.org/repos/labs/labs/jbosstm/branches/JBOSSTS_4_16/atsin...)
you will see how to achieve use the APIs we have exposed to perform this work within the
transport tier.
Of particular note are:
1. The transport is responsible for providing a *Serializable* XAResource that is able to
proxy calls to remote servers.
2. Per transaction, only one link should be built to each subordinate, this is relatively
trivial to ensure and the example provides a suggestion based on registering the resource
after returning from the remote server where it is easy to detect an existing subordinate
atomic action, note this applies the transaction as a global notion, i.e. do not create a
subordinate transaction at the originating server even when the transaction flows back in
to the server, the example shows one way how to guard against this.
3. The transport should have no need to persist additional details of transaction state if
the pattern illustrated in the example is followed.
4. The transport is *not* responsible for maintaing a list of subordinate identifiers,
that requirement is removed and this is managed by the transaction manager.
5. Per subordinate transaction a proxy synchronization and proxy xa resource will need to
be registered.
6. As requested, the node names are able to be stored as Strings. The strings *must* be
able to be String::getBytes()'d into a byte array no longer than 32 bytes.
7. After you return from a remote server you are suggested to check the state of the
transaction returned in order to prevent needless propagation of a transaction that is set
in rollback only state.
8. Transaction timeout is shown how to be handled in the example and as discussed in a
different thread, it should not need "padding"
9. The transport is responsible for providing an org.jboss.tm.XAResourceRecovery to detect
orphan subordinate transactions, this is also illustrated in the example, this *must* be
the last registered XAResourceRecovery. The transports implementation of this class must
use a transport specific implementation to talk to any possible server that a transaction
may have flowed to in order to discover potential orphan transactions. This is because the
remote side may have a prepared a transaction and then crashed before the local side has
prepared therefore we have no other options available to us. In the example I hard code
all the remote server nodes before hand, an alternative is to build this list up
incrementally at each node as the transport detects a new remote server is being
communicated with.
10. The call to
com.arjuna.ats.jta.common.jtaPropertyManager.getJTAEnvironmentBean().setXaResourceOrphanFilterClassNames()
should add a filter for:
"com.arjuna.ats.internal.jta.recovery.arjunacore.SubordinateJTAXAResourceOrphanFilter"
When reading the example, one approach would be to look at:
com.arjuna.jta.distributed.example.server.impl.ProxyXAResource as the local interceptor
for an EJB (say) and consider its counterpart remote interceptor to be something along the
lines of: com.arjuna.jta.distributed.example.server.impl.RemoteServerImpl. The rest of the
code should fall into place when the responsibilities of these classes are understood,
alongside the addtional work mentioned in actually bringing the server up in a mode that
can recover a transports ProxyXAResource-esque class.
Any problems please do let us know, it sounds a lot more complicated that it is in
reality! The key part is getting the proxy registered and recoverable which hopefully the
transport demonstrates in a relatively straightforward manner - not the use of
classloaders in the example is to allow multiple transaction managers to run in the same
VM - this is for testing and is not a requirement of this feature and can be largely
ignored.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/642551#642551]
Start a new discussion in JBoss Transactions Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4504
days inactive
4630
days old
jboss-dev-forums@lists.jboss.org
61 comments
5 participants
participants (5)
-
David Lloyd -
Jason Greene
-
Jonathan Halliday
-
Mark Little
-
Tom Jenkinson