Implement file-based leader election method

[nojima]

We are planning to deploy yrmcds to our Kubernetes cluster.

Currently yrmcds uses virtual_ip to detect whether the instance is master or not. However, virtual IPs are difficult to utilize in Kubernetes clusters. Therefore, I implemented the file-based leader election method. Strictly speaking, this PR does not implement leader election algorithm, but the way for yrmcds to receive the result of a leader election.

This PR introduces a new option leader_election_method:

# method of leader election. "virtual_ip" or "file".
# * virtual_ip:
#     The node that owns the virtual_ip address becomes the master.
#     "virtual_ip" must be set.
#     "master_host" and "master_file" are ignored.
# * file:
#     The node that has "master_file" becomes the master.
#     "master_host" and "master_file" must be set.
#     "virtual_ip" is ignored.
leader_election_method = "virtual_ip"

When leader_election_method is file, a yrmcds instance is considered to be master when a file exists on the certain path (specified by master_file).

When leader_election_method is virtual_ip, the current behavior remains.

This PR also adds a new option master_host, which is a address used by slaves to connect to the current master.

Minor fixes

This PR also fixes minor issues I found during implementing this PR.

1. When a slave node disconnected from master longer than 5 seconds, it clears all data it stores. That is, when a leader election takes more than 5 seconds, all data are lost.
2. When an error occurred in a name resolution in tcp_connect, yrmcds crushes without retry. This is an issue because we use dynamically created/updated Service resources to connect to the master node on Kubernetes cluster.
3. When slave cannot to promote to the master, yrmcds outputs too many logs, which are not useful.

[nojima]

@ymmt2005
May I ask for a review?

[ymmt2005]

@nojima
sure thing. Any deadline in mind?

[nojima]

@ymmt2005
There are no specific deadlines, as this is not an urgent task. Please review it when you are available.

[ymmt2005]

@nojima

When an error occurred in a name resolution in tcp_connect, yrmcds crushes without retry. This is an issue because we use dynamically created/updated Service resources to connect to the master node on Kubernetes cluster.

Is this really a problem? I guess Kubernetes Pod restarts yrmcdsd if it crashes.

[ymmt2005]

Looks mostly okay.
Please update docs/design.md to align with the new design.

[ymmt2005]

Shouldn't we initialize m_leader_election_method here as well?
It looks inconsistent to initialize the field elsewhere.

[nojima]

m_leader_election_method is initialized with the following line:

yrmcds::leader_election_method m_leader_election_method = yrmcds::leader_election_method::virtual_ip;

[ymmt2005]

I know. I thought it was inconsistent.

[nojima]

I will move all member initializations to the declaration statement.
I think it is easier to read when they are grouped together rather than separated in the constructor and member declarations.

[ymmt2005]

I guess this is always true because m_vip is initialized to "127.0.0.1".
Am I right?

[nojima]

Oh, that's right.

[ymmt2005]

Since m_vip is always set, I think using optional for this might be confusing and lead to bugs.

I'll leave this to you to figure out how to fix it.

[nojima]

When leader_election_method is file, yrmcds actually has no virtual IPs. Therefore, I feel that the type of m_vip should be std::optional to model the situation correctly.

What is wrong is the initial value of m_vip. It should be initialized to be nullopt and should only have the user-specified value or 127.0.0.1 when in virtual_ip mode.

[nojima]

↑This was wrong.

Since the initial value of leader_election_method is virtual_ip, the initial value of m_vip must be 127.0.0.1.
Therefore, we must empty m_vip when leader_election_method is changed to other than virtual_ip.

[ymmt2005]

What does this intend to do? A comment would be helpful.

[nojima]

It was called in the existing error handling, so I called it in the code I added.

    if( fd == -1 ) {
        m_reactor.run_once();
        return false;
    }

I'm not aware of the original intent of the code, so I'm just guessing: since signal handling, etc., depends on the reactor, we should sometimes run the reactor during re-connecting to the master.

[ymmt2005]

I see. Thanks.

[ymmt2005]

Ditto. This is always true, IIUC.

[nojima]

@ymmt2005

When an error occurred in a name resolution in tcp_connect, yrmcds crushes without retry. This is an issue because we use dynamically created/updated Service resources to connect to the master node on Kubernetes cluster.

Is this really a problem? I guess Kubernetes Pod restarts yrmcdsd if it crashes.

I consider this to be critical.

Consider the behavior of yrmcds running as a slave when master dies: the slave checks whether it can promote itself to master, and if it cannot promote itself to master for 5 seconds, it attempts to connect to the current master. If the connection fails, the slave returns to the loop of trying to be promoted to master again.

If the pod crashes when connecting to master, all data held by the slave will be lost at that point.

[ymmt2005]

If the pod crashes when connecting to master, all data held by the slave will be lost at that point.

Makes sense. Thank you.

[ymmt2005]

LGTM

[nojima]

I want to merge #91 first, so I'll leave this PR merge for a while.