Support insert into system.zookeeper#37596
Conversation
|
|
KochetovNicolai
added
the
can be tested
|
@KochetovNicolai @tavplubix Any suggestions to the fast check fail? I ran this test in my local enviroument: and succeeded. |
|
See runlog.log: Seems like some of SELECT queries from the test returned binary data, so Try to run locally other tests that use zookeeper before running your test: |
|
Got it! The problem is the test outputs all the zookeeper content but they are not cleaned by previous tests. I will change the test. |
|
@tavplubix @KochetovNicolai Hi, I failed the flaky test, could you please take a look of it? However, the test is written as insert z happens after insert y. I am not familiar with ClickHouse insert mechanism. Are multiple inserts executing concurrently? Do you have any suggestions to look into it? Thanks a lot! |
|
It's because we run tests in parallel by default. You should add |
We cannot check the unique path in the reference file though. I guess |
Actually we can, |
|
Perfect!
…On Sat, May 28, 2022, 2:38 AM Alexander Tokmakov ***@***.***> wrote:
We cannot check the unique path in the reference file though
Actually we can, clickhouse-test replaces randomly generated database
name (like test_z20leh) with default in test output before comparing it
with reference file
—
Reply to this email directly, view it on GitHub
<#37596 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AE7KYQT6LTOZPP6FQ2DE4GLVMEJD5ANCNFSM5XD4MIEQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
@tavplubix In fact, |
|
@tavplubix the flaky tests fail again. The error message is: Are insert statements running concurrently in the same sql file? |
|
@tavplubix anyway I refined the test and the flaky tests are still failing. Please see https://s3.amazonaws.com/clickhouse-test-reports/37596/d883194eb21ea53e32f7465e7064cf0d85edf49d/stateless_tests_flaky_check__address__actions_.html However, I cannot figure out any info from the report. Could you please take a look? |
No, it's a bug.
Open runlog.log and and it will become clear: But probably it's because of |
|
Our RBAC works a bit weird with |
Co-authored-by: Alexander Tokmakov <[email protected]>
Co-authored-by: Alexander Tokmakov <[email protected]>
|
@tavplubix maybe this feature should be behind a feature flag? e.g. I would never want non-readonly XML users to write to zookeeper. |
|
@tavplubix could you provide some suggestions to write "user" case. I got stuck on it. For example, in default config, when I run some user case, it reports error: What the config should I do in advance when I test these cases locally |
|
Do you have |
Makes sense, we should disable this feature by default, because it's too dangerous. For example, if someone can insert into |
|
@tavplubix if it were up to me, then I wouldn't allow writing from within ClickHouse to ZooKeeper at all, too low level and it opens the way to corrupt the system from within. E.g. possibly making it unable to (re-)start at all.
Edit: answered my question by reading the original issue. |
Added, PTAL |
tavplubix
left a comment
tavplubix
left a comment
There was a problem hiding this comment.
LGTM, but let's add a configuration parameter that enables this feature (disabled by default). See Context::getConfigRef()
|
Also |
Good Suggestion. I have added the config check and fixed the code style. |
src/Core/Settings.h
Outdated
| \ | ||
| M(Bool, allow_unrestricted_reads_from_keeper, false, "Allow unrestricted (without condition on path) reads from system.zookeeper table, can be handy, but is not safe for zookeeper", 0) \ | ||
| \ | ||
| M(Bool, allow_writes_to_zookeeper, false, "Allow writes to system.zookeeper table, can be handy, but is not safe for zookeeper", 0) \ |
There was a problem hiding this comment.
This does not protect from anything. Please, read previous comments in the conversation carefully.
There was a problem hiding this comment.
you mean a config item like "allow_zookeeper_write : true/false" in the config file? Well, I was too hurry
There was a problem hiding this comment.
Then how do we enable it in the tests?
There was a problem hiding this comment.
I found 01594_too_low_memory_limits.sh also uses ad-hoc config file, I will look into it
There was a problem hiding this comment.
01594_too_low_memory_limits is bad test that was added by mistake, it should have been integration test. The correct way to enable it in tests is to add xml file to tests/config/config.d/ and update tests/config/install.sh
There was a problem hiding this comment.
Understood. It makes better sense
|
@tavplubix I added the config |
|
Hm, I've downloaded build from this PR, tried it locally and found some unexpected behavior: Queries like this should throw an exception. |
|
Oops, I forgot to check the schema. Will fix it later.
…On Wed, 1 Jun 2022 at 21:00, Alexander Tokmakov ***@***.***> wrote:
Hm, I've downloaded build from this PR, tried it locally and found some
unexpected behavior:
dell9510 :) insert into system.zookeeper (name, version, czxid) values ('x', 1, 42)
INSERT INTO system.zookeeper (name, version, czxid) FORMAT Values
Query id: 6cc1ec2c-f9e4-4f5a-b547-24b196845c6a
Ok.
1 row in set. Elapsed: 0.026 sec.
dell9510 :) insert into system.zookeeper (name) values ('x')
INSERT INTO system.zookeeper (name) FORMAT Values
Query id: eeaeb659-56ce-4272-a68e-949099c42ea9
Ok.
1 row in set. Elapsed: 0.019 sec.
dell9510 :) insert into system.zookeeper (name, path) values ('x', '')
INSERT INTO system.zookeeper (name, path) FORMAT Values
Query id: 1fc282fa-e6c4-4160-b7d3-b7613925a603
Ok.
1 row in set. Elapsed: 0.019 sec.
Queries like this should throw an exception.
—
Reply to this email directly, view it on GitHub
<#37596 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AE7KYQW7GN2XJ3DDOLGDJPDVM5NGDANCNFSM5XD4MIEQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
I marked other columns as |
|
Stateless tests flaky check (address, actions) - OK |
|
|
||
| SinkToStoragePtr StorageSystemZooKeeper::write(const ASTPtr &, const StorageMetadataPtr &, ContextPtr context) | ||
| { | ||
| if (!context->getConfigRef().getBool("allow_zookeeper_write", false)) |
There was a problem hiding this comment.
Maybe it should be done via user grants?
8 participants
Changelog category (leave one):
Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):
This PR aims to resolve #22130 which allows inserting into
system.zookeeper. To simplify, this PR is designed as:In a same insert statement, transaction are ganranteed by zookeeper, but when reading data from zookeeper, changes may happen in the same time. So this is a "Read Commited" isolation level.
This PR uses a trie to cache all the path change to avoid creating path repeatedly.