Collectioncompliance, epochmgr Engines Implement component.Component
#3248
Conversation
jordanschalm
changed the title
component.Componentcomponent.Component
jordanschalm
requested review from
AlexHentschel and
zhangchiqing
as code owners
jordanschalm
changed the title
component.Componentcompliance, epochmgr Engines Implement component.Component
…omponent-pattern-ln-engine
| // wait for shutdown to be commenced | ||
| <-ctx.Done() | ||
| // wait for compliance engine and event loop to shut down | ||
| <-util.AllDone(components.prop, components.sync, components.voteAggregator, components.timeoutAggregator) |
There was a problem hiding this comment.
can itself shut down before other components to shut down?
would it miss a few events if it's shut down earlier?
There was a problem hiding this comment.
can itself shut down before other components to shut down?
Do you mean, "can the epochmgr engine shut down before the epoch components shut down?" (What is itself referring to?)
would it miss a few events if it's shut down earlier?
Yes, although I think we can miss events regardless of the order in which we are shutting down. Shutting down means, we are either turning off an old cluster consensus or shutting down the whole node. In neither case are missed events problematic from my perspective.
There was a problem hiding this comment.
Oh, I see. the ctx is actually the shut down signal itself.
I thought it was an engine's Done channel, actually we are moving away from that pattern.
Codecov Report
@@ Coverage Diff @@
## feature/active-pacemaker #3248 +/- ##
=========================================================
Coverage 55.26% 55.27%
=========================================================
Files 746 748 +2
Lines 69325 69350 +25
=========================================================
+ Hits 38314 38330 +16
- Misses 27880 27889 +9
Partials 3131 3131
Flags with carried forward coverage won't be shown. Click here to find out more.
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
| // wait for shutdown to be commenced | ||
| <-ctx.Done() | ||
| // wait for compliance engine and event loop to shut down | ||
| <-util.AllDone(components.prop, components.sync, components.voteAggregator, components.timeoutAggregator) |
There was a problem hiding this comment.
Oh, I see. the ctx is actually the shut down signal itself.
I thought it was an engine's Done channel, actually we are moving away from that pattern.
…github.com:onflow/flow-go into jordan/6263-compliance-component-pattern-ln-engine
|
CI Test Failure:
|
…omponent-pattern-ln-engine
jordanschalm
removed request for
vishalchangrani,
yhassanzadeh13 and
AlexHentschel
| return e.lm.Stopped() | ||
| } | ||
| e.log.Info().Msg("starting hotstuff") | ||
| e.core.hotstuff.Start(ctx) |
There was a problem hiding this comment.
since both hotstuff and compliance are separate module which implement component.Component, do we want to start hotstuff from compliance engine? I would say we could start it as separate component, that would be more explicit
There was a problem hiding this comment.
Moreover it will simplify design of compliance engine
There was a problem hiding this comment.
Totally agree - might be better to do that along with MessageHub though. I feel like changing it now would largely get clobbered by MessageHub rewiring
engine/collection/epochmgr/engine.go
Outdated
| } | ||
|
|
||
| e.cm = component.NewComponentManagerBuilder(). | ||
| AddWorker(e.handleEpochSetupPhaseStartedLoop). |
There was a problem hiding this comment.
do we really need 3 different worker threads to dispatch very infrequent events? I feel like it's unnecessary
| e.comp.SubmitLocal(synced) | ||
| // forward the block to the compliance engine for validation and processing | ||
| // we use the network.MessageProcessor interface here because the block is un-validated | ||
| err := e.comp.Process(channels.SyncCluster(block.Header.ChainID), originID, synced) |
There was a problem hiding this comment.
I think we need to pass me.NodeID() here instead of originID, original sender is already part of SyncedClusterBlock
There was a problem hiding this comment.
Yeah, I feel like we're mixing practices a bit here.
- We decided to use
ProcessAPI, because the messages have not been validated (should be treated as originating from another node) - But passing
me.NodeID()asoriginIDindicates the message originates from this node (trusted)
The MessageProcessor interface says
Lines 43 to 47 in 6a39c8c
Overall I think the API doesn't fit well with this usage pattern, where an untrusted message is passing through an internal component, without being validated first. Though setting originID to the local node ID for an untrusted message seems like the worse of two not-great options here.
There was a problem hiding this comment.
I am not sure here. We need to define clear rules how should we treat such cases.
For instance sync engine doesn't do any checks so technically it's an untrusted input on other side it didn't come from network layer but from the sync engine.
I would treat this case as general one as if message comes from unknown origin and only use trusted callbacks when we actually need different processing logic.
There was a problem hiding this comment.
OK, for now I will do that and pass me.NodeID with a comment.
Co-authored-by: Yurii Oleksyshyn <yuraolex@gmail.com>
…github.com:onflow/flow-go into jordan/6263-compliance-component-pattern-ln-engine
…omponent-pattern-ln-engine
|
bors merge |
bors
bot
deleted the
jordan/6263-compliance-component-pattern-ln-engine
branch
3294: Front-Load HotStuff Verification Pt. 1: Update Compliance Engines r=jordanschalm a=jordanschalm This PR modifies compliance engines to front-load HotStuff verification: * Once a block connects to the finalized state, we validate the proposal using HotStuff first, and only then attempt to extend the state (compliance checks) * This means, all blocks in storage have been fully validated (there is no need for a separate `MarkValid` step)⚠️ Depends on #3248 👉 Removing `MarkValid` will be done in a separate PR: #3303 Co-authored-by: Jordan Schalm <jordan@dapperlabs.com>
3294: Front-Load HotStuff Verification Pt. 1: Update Compliance Engines r=jordanschalm a=jordanschalm This PR modifies compliance engines to front-load HotStuff verification: * Once a block connects to the finalized state, we validate the proposal using HotStuff first, and only then attempt to extend the state (compliance checks) * This means, all blocks in storage have been fully validated (there is no need for a separate `MarkValid` step)⚠️ Depends on #3248 👉 Removing `MarkValid` will be done in a separate PR: #3303 Co-authored-by: Jordan Schalm <jordan@dapperlabs.com>
3294: Front-Load HotStuff Verification Pt. 1: Update Compliance Engines r=jordanschalm a=jordanschalm This PR modifies compliance engines to front-load HotStuff verification: * Once a block connects to the finalized state, we validate the proposal using HotStuff first, and only then attempt to extend the state (compliance checks) * This means, all blocks in storage have been fully validated (there is no need for a separate `MarkValid` step)⚠️ Depends on #3248 👉 Removing `MarkValid` will be done in a separate PR: #3303 Co-authored-by: Jordan Schalm <jordan@dapperlabs.com> Co-authored-by: Alexander Hentschel <alex.hentschel@axiomzen.co>
This PR updates
collection/compliance.Engineandcollection/epochmgr.Engineto implementcomponent.Component(#3121, but for collection nodes).