http-netty: let RetryingHttpRequesterFilter return responses on failure #3048
Conversation
Motivation: Sometimes people just want to get the last failed response when the retry loop ends. However, right now we only yield the exceptions that where created. Users can't do this smuggling themselves in a generic way via the HttpResponseException because it could lead to resource leaks. Modifications: Let users simply return the last failed response when the retry loop exits unsuccessfully.
| public Builder returnFailedResponses(final boolean returnFailedResponses) { | ||
| this.returnFailedResponses = returnFailedResponses; | ||
| return this; | ||
| } |
There was a problem hiding this comment.
I'm certain this can have a better name and clearly it needs docs before merging. Name suggestions welcome.
There was a problem hiding this comment.
I also think this API is a bit awkward: first you must turn a response into an HttpResponseException and then it's going to be discarded. Alternatively, we could just have a different lambda to the tune of Function<Boolean, HttpResponseMetadata> shouldRetry.
There was a problem hiding this comment.
Right now we don't have RS operators to achieve retries without mapping into exceptions. If we go the route of clean retry of response meta-data without mapping to exceptions, it's possible but will take longer.
Current rational was that some users want to always map responses to exceptions, that's why we have independent responseMapper. Then some users may want to retry that, so there is a 2nd method for them to retryResponses. We decided to put them next to each other on the same builder instead of offering 2 different filters bcz they often used together.
I agree that having a 3rd method that works only if the other 2 also configured is not intuitive. Alternatively, we can consider adding a retryResponses overload that takes a boolean to make a decision if it need to unwrap the original response or not.
There was a problem hiding this comment.
I like the idea of the boolean overload, which would signal that it needs to be configured "together". Alternatively when building, we should at least check if this value is set to true and others are in their default state to reject the config?
servicetalk-http-netty/src/main/java/io/servicetalk/http/netty/RetryingHttpRequesterFilter.java
Outdated
Show resolved
Hide resolved
|
A risk of this PR is that it's very difficult to know for sure that the deferred response is properly drained since it gets smuggled through the error channel. |
| public Builder returnFailedResponses(final boolean returnFailedResponses) { | ||
| this.returnFailedResponses = returnFailedResponses; | ||
| return this; | ||
| } |
There was a problem hiding this comment.
Right now we don't have RS operators to achieve retries without mapping into exceptions. If we go the route of clean retry of response meta-data without mapping to exceptions, it's possible but will take longer.
Current rational was that some users want to always map responses to exceptions, that's why we have independent responseMapper. Then some users may want to retry that, so there is a 2nd method for them to retryResponses. We decided to put them next to each other on the same builder instead of offering 2 different filters bcz they often used together.
I agree that having a 3rd method that works only if the other 2 also configured is not intuitive. Alternatively, we can consider adding a retryResponses overload that takes a boolean to make a decision if it need to unwrap the original response or not.
servicetalk-http-netty/src/main/java/io/servicetalk/http/netty/RetryingHttpRequesterFilter.java
Outdated
Show resolved
Hide resolved
servicetalk-http-netty/src/main/java/io/servicetalk/http/netty/RetryingHttpRequesterFilter.java
Outdated
Show resolved
Hide resolved
servicetalk-http-netty/src/main/java/io/servicetalk/http/netty/RetryingHttpRequesterFilter.java
Outdated
Show resolved
Hide resolved
bryce-anderson
force-pushed
the
bl_anderson/RetryingHttpRequesterCanReturnRepsonses
branch
from
c751f7c to
840fab0
Compare
bryce-anderson
force-pushed
the
bl_anderson/RetryingHttpRequesterCanReturnRepsonses
branch
from
840fab0 to
e80e98e
Compare
|
@idelpivnitskiy, with the additional constraint of not returning the body this got dramatically simpler but I'm not certain having an empty response body is what we wanted. |
| result = result.onErrorMap(backoffError -> ThrowableUtils.addSuppressed(t, backoffError)) | ||
| // If we get cancelled we also need to drain the message body as there is no guarantee | ||
| // we'll ever receive a completion event, error or success. | ||
| .beforeCancel(() -> drain(response).subscribe()) |
There was a problem hiding this comment.
does that retry draining collide/overlap with the draining @idelpivnitskiy added in the other PR?
There was a problem hiding this comment.
I don't think so. That leak should have been self contained and the problem was that we didn't drain a response that the redirect filter had decided to consume itself.
servicetalk-http-netty/src/main/java/io/servicetalk/http/netty/RetryingHttpRequesterFilter.java
Outdated
Show resolved
Hide resolved
| public Builder returnFailedResponses(final boolean returnFailedResponses) { | ||
| this.returnFailedResponses = returnFailedResponses; | ||
| return this; | ||
| } |
There was a problem hiding this comment.
I like the idea of the boolean overload, which would signal that it needs to be configured "together". Alternatively when building, we should at least check if this value is set to true and others are in their default state to reject the config?
servicetalk-http-netty/src/main/java/io/servicetalk/http/netty/RetryingHttpRequesterFilter.java
Show resolved
Hide resolved
servicetalk-http-netty/src/main/java/io/servicetalk/http/netty/RetryingHttpRequesterFilter.java
Outdated
Show resolved
Hide resolved
...talk-http-netty/src/test/java/io/servicetalk/http/netty/RetryingHttpRequesterFilterTest.java
Outdated
Show resolved
Hide resolved
…ttpRequesterCanReturnRepsonses
| // Disable request retrying | ||
| .retryRetryableExceptions((requestMetaData, e) -> ofNoRetries()) | ||
| // Retry only responses marked so | ||
| .retryResponses((requestMetaData, throwable) -> ofImmediate(maxTotalRetries - 1)) | ||
| .retryResponses((requestMetaData, throwable) -> { | ||
| if (throwable instanceof HttpResponseException && |
There was a problem hiding this comment.
Is it some intermediate change that not needed anymore? I tried locally reverting back to the original lambda and it worked.
| assertThat("Unexpected exception.", e, instanceOf(HttpResponseException.class)); | ||
| if (returnFailedResponses) { | ||
| HttpResponse response = normalClient.request(normalClient.get("/")); | ||
| assertThat(response.status(), is(HttpResponseStatus.OK)); |
There was a problem hiding this comment.
Consider enhancing server response to also add payload body and asserting here that payload is not drained.
| @@ -798,9 +844,28 @@ public Builder maxTotalRetries(final int maxRetries) { | |||
| * @param mapper a {@link Function} that maps a {@link HttpResponseMetaData} to an | |||
| * {@link HttpResponseException} or returns {@code null} if there is no mapping for response meta-data. The | |||
| * mapper should return {@code null} if no retry is needed or if it cannot be determined that a retry is needed. | |||
There was a problem hiding this comment.
Feels like this "The mapper should return" statement is here by mistake bcz this mapper is for mapping only, retries are handled by retryResponses. While you are here, could you please clean it up on both overloads?
| * @return {@code this} | ||
| */ | ||
| public Builder responseMapper(final Function<HttpResponseMetaData, HttpResponseException> mapper, | ||
| final boolean returnFailedResponses) { |
There was a problem hiding this comment.
To me it feels like this boolean better belongs to retryResponses rather than responseMapper bcz users may decide to map 4xx/5xx to exceptions even if they are no going to retry them. WDYT?
| // If we succeed, we need to drain the response body before we continue. If we fail we want to | ||
| // surface the original exception and don't worry about draining since it will be returned to | ||
| // the user. | ||
| result = result.onErrorMap(backoffError -> ThrowableUtils.addSuppressed(t, backoffError)) |
There was a problem hiding this comment.
In what cases is it possible that backoffError != t? Do we really need this mapping?
| // the user. | ||
| result = result.onErrorMap(backoffError -> ThrowableUtils.addSuppressed(t, backoffError)) | ||
| // If we get cancelled we also need to drain the message body as there is no guarantee | ||
| // we'll ever receive a completion event, error or success. |
There was a problem hiding this comment.
Thanks for clarification! Consider adding: and it's legit to do that because subscriber is no longer interested in the response
| } else if (LOGGER.isDebugEnabled()) { | ||
| if (!(t instanceof HttpResponseException)) { | ||
| LOGGER.debug("Couldn't unpack response due to unexpected dynamic types. Required " + | ||
| "exception of type HttpResponseException, found {}", t.getClass()); |
There was a problem hiding this comment.
Do we need to log in case t is not HttpResponseException? Any other exception type will fall under this condition and produce logging. Users may come to us worried about it.
+1 for logging when the exception type is HttpResponseException but metaData is not StreamingHttpResponse. It might be even better to increase this to info/warn and add an assertion.
Should we log here or inside single.onErrorResume(HttpResponseException.class, ...) or in both places?
| * @param mapper a {@link Function} that maps a {@link HttpResponseMetaData} to an | ||
| * {@link HttpResponseException} or returns {@code null} if there is no mapping for response meta-data. The | ||
| * mapper should return {@code null} if no retry is needed or if it cannot be determined that a retry is needed. | ||
| * @param returnFailedResponses whether to unwrap the response defined by the {@link HttpResponseException} |
There was a problem hiding this comment.
Wdyt about naming it returnOriginalResponses?
| @@ -258,19 +291,31 @@ protected Single<StreamingHttpResponse> request(final StreamingHttpRequester del | |||
| if (responseMapper != null) { | |||
| single = single.flatMap(resp -> { | |||
| final HttpResponseException exception = responseMapper.apply(resp); | |||
There was a problem hiding this comment.
Unrelated to your changes, but a find: if user-defined responseMapper throws, we leak resp 😢
| @@ -109,13 +117,14 @@ public final class RetryingHttpRequesterFilter | |||
|
|
|||
| RetryingHttpRequesterFilter( | |||
| final boolean waitForLb, final boolean ignoreSdErrors, final boolean mayReplayRequestPayload, | |||
| final int maxTotalRetries, | |||
| final boolean returnFailedResponses, final int maxTotalRetries, | |||
| @Nullable final Function<HttpResponseMetaData, HttpResponseException> responseMapper, | |||
| final BiFunction<HttpRequestMetaData, Throwable, BackOffPolicy> retryFor, | |||
There was a problem hiding this comment.
It seems like we may leak "pending response" if any user-defined function under retryFor throws. Scenario:
- Server responds with 503
- User maps it to
HttpResponseException - returnFailedResponses == true, we don't drain proactively
OuterRetryStrategy.applyis invokedretryForthrows- We won't invoke
applyRetryCallbacksand won't drain that response.
Consider adding a try-catch inside apply to make sure we drain t instance of HttpResponseException in case of any unexpected exception.
Adding a test will be highly appreciated.
Motivation:
Sometimes people just want to get the last failed response when the retry
loop ends. However, right now we only yield the exceptions that where
created. Users can't do this smuggling themselves in a generic way via the
HttpResponseException because it could lead to resource leaks.
Modifications:
Let users simply return the last failed response when the retry loop
exits unsuccessfully.