If I understood correctly, currently the only overhead is every zone will process all logged buckets from the source zone but just by the shard entries and they will stop at

This pull request can no longer be automatically merged: a rebase is needed and changes have to be manually resolved

I believe the write path is now fully optimized, as it only logs when an enabled pipe is associated with the object.

For the polling phase, I propose two possible approaches:

1. Utilizing RADOS Namespacing: We can create a FIFO queue for each zone within its own RADOS namespace. This approach allows us to write logs directly to the corresponding zone's queue, ensuring that each zone only pulls the relevant logs.
2. Maintaining a FIFO Queue Index: An alternative would be to maintain an index that records the offset and size for each log entry in the queue. When a zone pulls data, it would read only from the specified offset. However, this could complicate the FIFO design, especially with respect to trimming and reading, as it might diverge from the simplicity of traditional FIFO mechanics.

I think I misunderstood the purpose of RGWDataChangesLog. It seems that it only logs the bi log marker, so the ideas mentioned earlier are not suitable for this implementation. I think the best approach would be to enable rgw_data_change to store the destination zone, and when other zones are polling for the logs, they can filter the entries by the dest_zone. This filtering operation should be inexpensive for the source zone.

thanks @clwluvw. does replication between zonegroups work with the changes from df1867f alone? if it does, we might want to do some testing to see how expensive the polling would be under a reasonable load and a reasonable number of zones before we optimize for its efficiency.
two zonegroup testing was disabled in our multisite testing suite due to failing test cases. now we run a subset of the whole suite and most of them should pass. I have enabled two zonegroup yaml here: #60172

Hi @smanjara. Thanks for the interest. I'll break my commits as below:

• df1867f will enable having zonegroups in the conn map. but the replication would still be blocked as log_data is set to false when we have only one zone in the zonegroup (so this alone needs a modification to set log_data: true manually in the zonegroup config.
• 9fb96a9 - this will eliminate the need for manual activation by checking whether the bucket has any active pipes rather than checking that boolean. but this will add the load for loading bucket sync pipe per any operation that before was checked by only a const bool. (but I checked and there is a sycn pipe cache already in place so hopefully this shouldn't introduce any significant perf drop)
• f980c03 - this is the same as above but I forgot to fix it for renew_entries() so you can assume these two are squashed.
• 8f87e0a - this will check per object than a bucket to whether to log an object or not. it should have the same cost as per bucket checking I believe as the check per object should be just a loop by rules checking prefix and obj tags (sometimes it loads object tags but those are for APIs that probably response time should not matter in difference x ms).

So to summarise the first three commits should let you replicate without any manual work but the last one will optimize to only log if the rule has any prefix/tag filter.

how expensive the polling would be under a reasonable load and a reasonable number of zones before we optimize for its efficiency.

With the current implementation, as I understand from (#59911 (comment)), other zones in different zonegroups will just list the datalog and ignore entries when they are not interested in a particular bucket. This would likely affect the sync status more, though it's unclear how much of the destination zone's resources would be consumed, which might lead to issues. Your load test could help determine this need.

There’s one incompatibility with AWS BucketReplication: the priority field in the ReplicationRule. AWS only replicates to one bucket per object, and if there are collisions with the rules defined on the source bucket, it selects the highest priority. Currently, RGW does not respect this priority, which might confuse users who rely on it.

However, with the proposed approach outlined here (#59911 (comment)), I believe we can address this issue while also reducing log processing by destination zones. In the logging phase, we can define where the object should be replicated. If I'm not mistaken, this might also replace the need for the zones_trace concept currently implemented.

@clwluvw sorry it took me so long to get back. the commit df1867f establishes connection objects for zones across zonegroups when zonegroup policy is set. this alone along with bucket location constraint fixes #59305 and #59960 should be sufficient to setup replication between two zonegroups.

along with zonegroup policy set to allowed, we need to enable bucket sync policy to either sync within zonegroup or between zones across zonegroups. although I am not sure how sync between the zones on non-master zonegroup will behave and what the sync status will look like. this will need some testing and investigation.

documenting configuration example here for reference.

at the zonegroup level:

$radosgw-admin sync group create  --group-id=group1 --status=allowed
$radosgw-admin sync group flow create  --group-id=group1 --flow-id=flow-mirror --flow-type=symmetrical --zones=zg1-1,zg1-2,zg2-3,zg2-4
$radosgw-admin sync group pipe create --group-id=group1 --pipe-id=pipe1 --source-zones='*' --source-bucket='*' --dest-zones='*' --dest-bucket='*'
$radosgw-admin period update --commit

enable bucket1 replication between zg1-2 and zg1-2 belonging to zonegroup zg1.

$radosgw-admin sync group create --bucket=bucket1 --group-id=bucket1-default --status=enabled
$radosgw-admin sync group flow create --bucket=bucket1 --group-id=bucket1-default --flow-id=bucket1-flow --flow-type=symmetrical --zones="zg1-1, zg1-2"
$radosgw-admin sync group pipe create --bucket=bucket1 --group-id=bucket1-default --pipe-id=bucket1-pipe --source-zones='*' --dest-zones='*'

enable bucket3 replication to sync between the zonegroups zg and zg2 involving all zones:

$radosgw-admin sync group create --bucket=bucket3 --group-id=bucket3-default --status=enabled
$radosgw-admin sync group flow create --bucket=bucket3 --group-id=bucket3-default --flow-id=bucket3-flow --flow-type=symmetrical --zones="zg1-1, zg1-2, zg2-3, zg2-4"
$radosgw-admin sync group pipe create --bucket=bucket3 --group-id=bucket3-default --pipe-id=bucket3-pipe --source-zones='*' --dest-zones='*'

please note that setting zonegroup sync policy allowed forces you to set sync policy on each bucket individually.
we can further reduce the number of zones participating probably by adding only one of the zones from zonegroup zg2 in the bucket sync flow, if you don't need redundancy within the zonegroup and you only care about data locality.

there is a commit in #60018 that sets multiple zonegroups for you to test with.

the other commits deal with changing the way we log data, that I am not very comfortable with. the most common multisite configuration is the one where we sync to/from all zones within a zonegroup. adding conditional checks for sync pipes or for specific objects may not work and adds an overhead for configurations that does not care about sync policies.

Thank you for your time on this @smanjara.

the commit df1867f establishes connection objects for zones across zonegroups when zonegroup policy is set. this alone along with bucket location constraint fixes #59305 and #59960 should be sufficient to setup replication between two zonegroups.

I'm not sure if this would be enough. Basically as long as log_data is not true on the zone config, RGW should not log anything:

along with zonegroup policy set to allowed, we need to enable bucket sync policy to either sync within zonegroup or between zones across zonegroups. although I am not sure how sync between the zones on non-master zonegroup will behave and what the sync status will look like. this will need some testing and investigation.

Right, from the concept I was thinking of the logging and polling mechanism independently and replaying them based on the filters and bucket's zonegroup availability. So I guess it should not matter whether the source or dest is master.

please note that setting zonegroup sync policy allowed forces you to set sync policy on each bucket individually. we can further reduce the number of zones participating probably by adding only one of the zones from zonegroup zg2 in the bucket sync flow, if you don't need redundancy within the zonegroup and you only care about data locality.

Right, currently AWS is also designed in a way that you can only replicate an object to a single bucket (zonegroup) and not concurrently to more. but still, that is not enough here, as you said before, the entry processing would be done by all zones no matter what the policy says, but only one will do that actual replication in terms of data.

the other commits deal with changing the way we log data, that I am not very comfortable with. the most common multisite configuration is the one where we sync to/from all zones within a zonegroup. adding conditional checks for sync pipes or for specific objects may not work and adds an overhead for configurations that does not care about sync policies.

Currently, the same check per object based on the sync policies available is done here:

Thank you for your time on this @smanjara.

the commit df1867f establishes connection objects for zones across zonegroups when zonegroup policy is set. this alone along with bucket location constraint fixes #59305 and #59960 should be sufficient to setup replication between two zonegroups.

I'm not sure if this would be enough. Basically as long as log_data is not true on the zone config, RGW should not log anything:

ceph/src/rgw/driver/rados/rgw_rados.cc

Lines 7319 to 7325 in 20af41d

	bool add_log = log_op && store->svc.zone->need_to_log_data();
	ret = store->cls_obj_complete_add(*bs, obj, optag, poolid, epoch, ent, category, remove_objs, bilog_flags, zones_trace, add_log);
	if (add_log) {
	add_datalog_entry(dpp, store->svc.datalog_rados,
	target->bucket_info, bs->shard_id, y);
	}

Currently log_data will be enabled when we have more than one zone in within the RGW's zonegroup

ceph/src/rgw/driver/rados/rgw_zone.cc

Line 234 in 20af41d

bool log_data = zones.size() > 1;

So I guess in your test case it accidentally worked because you had always more than one zone per zonegroup(?) and if you have a zonegroup with only one zone it shouldn't have log_data set to true. that's why the other two commits are needed I believe.

yeah I am looking at it as an extension of multisite where we will simply add new zones from other zonegroups seamlessly while 'log_data' is true on all zones. I have added your pr as a topic of discussion here: https://pad.ceph.com/p/rgw-weekly. hopefull you can make it.
cc @yehudasa

There is also another challenge regarding replicating an already replicated object. Currently, we log and replicate even when an object is being replicated again, which increases the load and adds complexity in managing zones_trace.

The main issue is that when an object is replicated via RGWBucketSyncSingleEntryCR(), we log it again because another active sync process matches this operation. If that sync points back to the original zone, it becomes redundant. I haven't found a clean way (even with the log_zonegroup implementation, which is insufficient since it might involve another zone) to stop logging when it's a circular replication. For now, the zones_trace logic simply ignores it during polling, but that still results in an unnecessary load.

AWS S3 doesn't support this type of replication, as described here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-what-is-isnot-replicated.html

Objects in the source bucket that are replicas that were created by another replication rule. For example, suppose you configure replication where bucket A is the source and bucket B is the destination. Now suppose that you add another replication configuration where bucket B is the source and bucket C is the destination. In this case, objects in bucket B that are replicas of objects in bucket A are not replicated to bucket C.

For performance and efficiency, could we consider dropping this replication? Or at least maybe we introduce an option in the configuration to disable this functionality.

This pull request can no longer be automatically merged: a rebase is needed and changes have to be manually resolved

This pull request has been automatically marked as stale because it has not had any activity for 60 days. It will be closed if no further activity occurs for another 30 days.
If you are a maintainer or core committer, please follow-up on this pull request to identify what steps should be taken by the author to move this proposed change forward.
If you are the author of this pull request, thank you for your proposed contribution. If you believe this change is still appropriate, please ensure that any feedback has been addressed and ask for a code review.

This pull request has been automatically marked as stale because it has not had any activity for 60 days. It will be closed if no further activity occurs for another 30 days.
If you are a maintainer or core committer, please follow-up on this pull request to identify what steps should be taken by the author to move this proposed change forward.
If you are the author of this pull request, thank you for your proposed contribution. If you believe this change is still appropriate, please ensure that any feedback has been addressed and ask for a code review.

This pull request has been automatically marked as stale because it has not had any activity for 60 days. It will be closed if no further activity occurs for another 30 days.
If you are a maintainer or core committer, please follow-up on this pull request to identify what steps should be taken by the author to move this proposed change forward.
If you are the author of this pull request, thank you for your proposed contribution. If you believe this change is still appropriate, please ensure that any feedback has been addressed and ask for a code review.

This pull request has been automatically marked as stale because it has not had any activity for 60 days. It will be closed if no further activity occurs for another 30 days.
If you are a maintainer or core committer, please follow-up on this pull request to identify what steps should be taken by the author to move this proposed change forward.
If you are the author of this pull request, thank you for your proposed contribution. If you believe this change is still appropriate, please ensure that any feedback has been addressed and ask for a code review.

This pull request has been automatically closed because there has been no activity for 90 days. Please feel free to reopen this pull request (or open a new one) if the proposed change is still appropriate. Thank you for your contribution!

Config Diff Tool Output

+ added: rgw_data_sync_allow_chain_replication (rgw.yaml.in)

The above configuration changes are found in the PR. Please update the relevant release documentation if necessary.
Ignore this comment if docs are already updated. To make the "Check ceph config changes" CI check pass, please comment /config check ok and re-run the test.