Improve stale replication (#21357)

stelfrag · web-flow · commit c6438952c2b4 · 2025-11-30T20:54:32.000+02:00
* Implement stuck replication detection and response handling

* Fix checks and commit response for not found chart

* Initialize replication stuck detection counter and refine replication completion conditions

* Refine streaming response handling to prevent data loss during buffer overflow
diff --git a/src/database/rrdset-index-id.c b/src/database/rrdset-index-id.c
@@ -103,6 +103,9 @@ static void rrdset_insert_callback(const DICTIONARY_ITEM *item __maybe_unused, v
 
     rw_spinlock_init(&st->alerts.spinlock);
 
+    // Initialize replication stuck detection counter
+    st->replication_empty_response_count = 0;
+
     // initialize the db tiers
     {
         for(size_t tier = 0; tier < nd_profile.storage_tiers; tier++) {
diff --git a/src/database/rrdset.h b/src/database/rrdset.h
@@ -228,6 +228,9 @@ struct rrdset {
     } replay;
 #endif // NETDATA_LOG_REPLICATION_REQUESTS
 
+    // Replication stuck detection - outside debug flag for production safety
+    uint8_t replication_empty_response_count;  // track consecutive empty responses
+
     SPINLOCK destroy_lock;
 };
 
diff --git a/src/plugins.d/pluginsd_replication.c b/src/plugins.d/pluginsd_replication.c
@@ -359,6 +359,9 @@ ALWAYS_INLINE PARSER_RC pluginsd_replay_rrdset_collection_state(char **words, si
 ALWAYS_INLINE PARSER_RC pluginsd_replay_end(char **words, size_t num_words, PARSER *parser) {
     if (num_words < 7) { // accepts 7, but the 7th is optional
         nd_log(NDLS_DAEMON, NDLP_ERR, "REPLAY: malformed " PLUGINSD_KEYWORD_REPLAY_END " command");
+        RRDSET *st = pluginsd_get_scope_chart(parser);
+        if(st)
+            st->replication_empty_response_count = 0;
         return PARSER_RC_ERROR;
     }
 
@@ -402,6 +405,10 @@ ALWAYS_INLINE PARSER_RC pluginsd_replay_end(char **words, size_t num_words, PARS
 
     parser->user.data_collections_count++;
 
+    // Reset empty response counter when we receive actual data
+    if(parser->user.replay.rset_enabled && st)
+        st->replication_empty_response_count = 0;
+
     if(parser->user.replay.rset_enabled && st->rrdhost->receiver) {
         time_t now = now_realtime_sec();
         time_t started = st->rrdhost->receiver->replication.first_time_s;
@@ -433,6 +440,9 @@ ALWAYS_INLINE PARSER_RC pluginsd_replay_end(char **words, size_t num_words, PARS
         st->replay.log_next_data_collection = true;
 #endif
 
+    if(start_streaming)
+        st->replication_empty_response_count = 0;
+
     if (start_streaming) {
 #ifdef REPLICATION_TRACKING
         st->stream.rcv.who = REPLAY_WHO_FINISHED;
@@ -465,6 +475,111 @@ ALWAYS_INLINE PARSER_RC pluginsd_replay_end(char **words, size_t num_words, PARS
         return PARSER_RC_OK;
     }
 
+    // ========================================================================
+    // SAFETY NET: Detect stuck replication loops
+    // ========================================================================
+    //
+    // We received start_streaming=false, which means we need to send another
+    // replication request. However, we need to detect if we're stuck in an
+    // infinite retry loop where no progress is being made.
+    //
+    // This can happen when:
+    // 1. Parent already has newer data than child
+    // 2. Child keeps splitting responses due to buffer constraints
+    // 3. Network issues causing repeated empty/failed responses
+
+    // Check parent's current retention to detect if we're already caught up
+    time_t local_first_entry = 0, local_last_entry = 0;
+    rrdset_get_retention_of_tier_for_collected_chart(
+        st, &local_first_entry, &local_last_entry, now_realtime_sec(), 0);
+
+    // Detect suspicious pattern: parent requested data but is already caught up
+    // This indicates we're in a loop where child keeps splitting responses
+    // even though parent doesn't need more data.
+    bool parent_already_caught_up = (local_last_entry >= last_entry_child);
+    bool requested_non_empty_range = (first_entry_requested != 0 || last_entry_requested != 0);
+    bool is_suspicious_response = (requested_non_empty_range && parent_already_caught_up);
+
+    bool should_check_for_stuck_replication = false;
+
+    // Track consecutive suspicious responses - applies to all builds
+    if(is_suspicious_response) {
+        st->replication_empty_response_count++;
+        // After 3 consecutive suspicious responses, we need to investigate
+        if(st->replication_empty_response_count >= 3) {
+            should_check_for_stuck_replication = true;
+        }
+    } else {
+        // Reset counter if this was a legitimate response (parent still catching up)
+        st->replication_empty_response_count = 0;
+    }
+
+    if (should_check_for_stuck_replication) {
+        // We already have local_first_entry and local_last_entry from above
+
+        // Check multiple conditions to ensure we're truly stuck:
+        //
+        // Condition 1: Parent has data that covers or exceeds child's retention
+        // (We already checked this in parent_already_caught_up, but verify again)
+        bool parent_has_equal_or_newer_data = (local_last_entry >= last_entry_child);
+
+        // Calculate the gap for logging purposes
+        time_t gap_to_child = (last_entry_child > local_last_entry) ?
+                              (last_entry_child - local_last_entry) : 0;
+
+        // Condition 2: Parent's data is reasonably recent
+        time_t wall_clock = now_realtime_sec();
+        bool parent_data_is_recent = (local_last_entry > 0 &&
+                                     (wall_clock - local_last_entry) < 300);
+
+        // Only finish replication if parent has equal or newer data than child
+        // Do NOT terminate if there's any gap, as that would cause data loss
+        if (parent_has_equal_or_newer_data) {
+
+            // Log with appropriate level based on confidence
+            ND_LOG_FIELD_PRIORITY level = (parent_has_equal_or_newer_data && parent_data_is_recent) ?
+                                          NDLP_INFO : NDLP_WARNING;
+
+            nd_log(NDLS_DAEMON, level,
+                   "PLUGINSD REPLAY: 'host:%s/chart:%s' detected stuck replication loop. "
+                   "Parent last entry: %llu, Child last entry: %llu, Gap: %llu seconds, "
+                   "Empty responses: %u. Forcing replication to finish.",
+                   rrdhost_hostname(host), rrdset_id(st),
+                   (unsigned long long)local_last_entry,
+                   (unsigned long long)last_entry_child,
+                   (unsigned long long)gap_to_child,
+                   (unsigned int)st->replication_empty_response_count
+            );
+
+            st->replication_empty_response_count = 0;
+
+            // IMPORTANT: Mark as finished and decrement counter NOW, before sending final request.
+            // This prevents infinite loops even if child continues to respond with start_streaming=false.
+            // The next REPLAY_END will see FINISHED flag and handle accordingly.
+            RRDSET_FLAGS old = rrdset_flag_set_and_clear(
+                st, RRDSET_FLAG_RECEIVER_REPLICATION_FINISHED,
+                RRDSET_FLAG_RECEIVER_REPLICATION_IN_PROGRESS | RRDSET_FLAG_SYNC_CLOCK);
+
+            if(!(old & RRDSET_FLAG_RECEIVER_REPLICATION_FINISHED)) {
+                if(rrdhost_receiver_replicating_charts_minus_one(st->rrdhost) == 0)
+                    pulse_host_status(host, PULSE_HOST_STATUS_RCV_RUNNING, 0);
+            }
+
+            pluginsd_clear_scope_chart(parser, PLUGINSD_KEYWORD_REPLAY_END);
+            host->stream.rcv.status.replication.percent = 100.0;
+            worker_set_metric(WORKER_RECEIVER_JOB_REPLICATION_COMPLETION, host->stream.rcv.status.replication.percent);
+
+            // Send one final request to notify child. If child responds with start_streaming=true,
+            // it will start streaming. If it responds with start_streaming=false, the next
+            // REPLAY_END will see the FINISHED flag and log a warning but not loop forever.
+            bool ok = replicate_chart_request(send_to_plugin, parser, host, st,
+                                             first_entry_child, last_entry_child, child_world_time,
+                                             0, 0);  // prev_wanted = 0,0 to trigger empty request path
+
+            return ok ? PARSER_RC_OK : PARSER_RC_ERROR;
+        }
+    }
+
 #ifdef REPLICATION_TRACKING
     st->stream.rcv.who = REPLAY_WHO_ME;
 #endif
diff --git a/src/streaming/stream-replication-sender.c b/src/streaming/stream-replication-sender.c
@@ -442,6 +442,16 @@ static bool replication_query_execute(BUFFER *wb, struct replication_query *q, s
 
             if(buffer_strlen(wb) > max_msg_size && last_end_time_in_buffer) {
                 q->query.before = last_end_time_in_buffer;
+
+                // CRITICAL: When splitting a response due to buffer overflow, we MUST set
+                // enable_streaming=false to prevent data loss. If we send start_streaming=true
+                // with partial data, the parent will think replication is complete when we've
+                // actually truncated the requested interval, causing permanent data loss.
+                //
+                // The parent-side stuck detection will handle infinite loops differently by:
+                // 1. Detecting when no progress is made after multiple rounds
+                // 2. Explicitly marking replication as FINISHED before sending final request
+                // 3. Handling the child's response appropriately whether it says true or false
                 q->query.enable_streaming = false;
 
                 internal_error(
@@ -1198,8 +1208,47 @@ static bool replication_execute_request(struct replication_request *rq, bool wor
         if(!rq->st) {
             __atomic_add_fetch(&replication_globals.atomic.error_not_found, 1, __ATOMIC_RELAXED);
             nd_log(NDLS_DAEMON, NDLP_ERR,
-                   "STREAM SND REPLAY ERROR: 'host:%s/chart:%s' not found",
+                   "STREAM SND REPLAY ERROR: 'host:%s/chart:%s' not found, sending empty response to unblock parent",
                    rrdhost_hostname(rq->sender->host), string2str(rq->chart_id));
+
+            // CRITICAL: Parent is waiting for a response! We MUST send REPLAY_END even if chart not found
+            // Otherwise parent will wait forever with chart stuck in replicating state.
+            // Send empty response with start_streaming=true to finish replication for this non-existent chart.
+            BUFFER *wb = sender_thread_buffer(rq->sender, REPLICATION_THREAD_BUFFER_INITIAL_SIZE);
+
+            bool with_slots = (rq->sender->capabilities & STREAM_CAP_SLOTS) ? true : false;
+            NUMBER_ENCODING integer_encoding = (rq->sender->capabilities & STREAM_CAP_IEEE754) ?
+                                               NUMBER_ENCODING_BASE64 : NUMBER_ENCODING_DECIMAL;
+
+            buffer_fast_strcat(wb, PLUGINSD_KEYWORD_REPLAY_BEGIN, sizeof(PLUGINSD_KEYWORD_REPLAY_BEGIN) - 1);
+            if(with_slots) {
+                buffer_fast_strcat(wb, " "PLUGINSD_KEYWORD_SLOT":", sizeof(PLUGINSD_KEYWORD_SLOT) - 1 + 2);
+                buffer_print_uint64_encoded(wb, integer_encoding, 0);  // slot 0 for unknown chart
+            }
+            buffer_fast_strcat(wb, " '", 2);
+            buffer_fast_strcat(wb, string2str(rq->chart_id), string_strlen(rq->chart_id));
+            buffer_fast_strcat(wb, "'\n", 2);
+
+            // Send REPLAY_END with empty data and start_streaming=true to unblock parent
+            buffer_fast_strcat(wb, PLUGINSD_KEYWORD_REPLAY_END " ", sizeof(PLUGINSD_KEYWORD_REPLAY_END) - 1 + 1);
+            buffer_print_int64_encoded(wb, integer_encoding, 0);  // update_every
+            buffer_fast_strcat(wb, " ", 1);
+            buffer_print_uint64_encoded(wb, integer_encoding, 0);  // db_first_entry
+            buffer_fast_strcat(wb, " ", 1);
+            buffer_print_uint64_encoded(wb, integer_encoding, 0);  // db_last_entry
+            buffer_fast_strcat(wb, " true  ", 7);  // start_streaming=true (force finish)
+            buffer_print_uint64_encoded(wb, integer_encoding, 0);  // after
+            buffer_fast_strcat(wb, " ", 1);
+            buffer_print_uint64_encoded(wb, integer_encoding, 0);  // before
+            buffer_fast_strcat(wb, " ", 1);
+            buffer_print_uint64_encoded(wb, integer_encoding, now_realtime_sec());  // wall_clock_time
+            buffer_fast_strcat(wb, "\n", 1);
+
+            sender_commit(rq->sender, wb, STREAM_TRAFFIC_TYPE_REPLICATION);
+            __atomic_add_fetch(&rq->sender->host->stream.snd.status.replication.counter_out, 1, __ATOMIC_RELAXED);
+            replication_replied_add();
+
+            ret = true;  // Consider this a successful response
             goto cleanup;
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -103,6 +103,9 @@ static void rrdset_insert_callback(const DICTIONARY_ITEM *item __maybe_unused, v`
`103`	`103`
`104`	`104`	`rw_spinlock_init(&st->alerts.spinlock);`
`105`	`105`
	`106`	`+ // Initialize replication stuck detection counter`
	`107`	`+ st->replication_empty_response_count = 0;`
	`108`	`+`
`106`	`109`	`// initialize the db tiers`
`107`	`110`	`{`
`108`	`111`	`for(size_t tier = 0; tier < nd_profile.storage_tiers; tier++) {`