ddm-admin-client wraps calls with tokio::spawn-ed tasks that are never awaited #7378
Comments
smklein
added
bug
|
In discussion today we decided this is unlikely to affect sleds' bootstrap or underlay IPs (because we don't ever change those today) but could affect internal DNS IPs. Still, it would require a sequence where we decide to advertise a prefix, that fails, then we decide not to advertise it any more. For example, if we:
I think that's the sequence that would be required to create a problem (and if that happened, you'd see a similar impact to #7377). |
|
I think it's possible this happens even if we don't fail to advertise the prefix, but we are just slow to schedule the new spawned tokio task. However, I admit, the timing is still tight for this to be possible |
|
You're right -- the sequence is more like:
If we do #7377 with a reconciler loop, then I think this problem should correct itself, but it remains a problem and could cause weird transient behavior. |
Within https://github.com/oxidecomputer/omicron/blob/main/clients/ddm-admin-client/src/lib.rs , we have a handful of tasks which are
tokio::spawn-ed, and attempt to contact maghemite to configure state.In a world where this state is purely additive, this may not be an issue - it requests that the configuration "eventually get propagated" to maghemite. However, in a world where we actually try to remove routes (e.g., after expunging a zone - see #7377), this code introduces problems.
It's possible that we do the following:
(aside: Due to the scheduling of tokio tasks, we actually don't even need to "fail" here, the scheduling of the tokio task could just be delayed, resulting in a call to DELETE before the call to CREATE the prefixes)
The text was updated successfully, but these errors were encountered: