CSHARP-3550: CSOT: Server Selection #1705
Conversation
|
|
||
| public TimeSpan Elapsed => _stopwatch.Elapsed; | ||
|
|
||
| public TimeSpan Timeout { get; } |
There was a problem hiding this comment.
I think we need TWO properties:
public TimeSpan OperationTimeout { get; }
public TimeSpan StepTimeout { get; }
to keep track of BOTH kinds of timeouts.
That probably also means we need two stopwatches. One for the operation as a whole, and the other for whatever sub step we are in (server selection, etc..).
The reason I say this is that when a timeout occurs we should be able to say in the message whether the whole operation timed out or whether a sub step timed out.
There was a problem hiding this comment.
Interesting idea. What about having single timeout as is and ParentContext property instead? Somehow I would like to keep the Context kind of immutable.
There was a problem hiding this comment.
Having a ParentContext might be a good idea in its own right.
You still need a way to detect when a timeout occurs whether it was the OperationTimeout or the StepTimeout that timed out. Does a ParentContext help you with that?
There was a problem hiding this comment.
Pseudo-code to check which the timeout occurred:
if (operationContext.IsTimedOut())
{
var isLocalTimeout = operationContext?.ParentContext.IsTimedOut() == false;
}
So the logic is: timeout is "local" when there is no parent context or parent context is not timed out yet.
There was a problem hiding this comment.
This code works, because child context is always more strict then parent. It means there should not be a case when ParentContext is timed out, but child is not.
There was a problem hiding this comment.
In a way we are talkinig about the same thing, since a context represents (among other things) a timeout.
d) whole operation is timed out, but server selection is not - this is impossible state as per spec.
I still think this is possible. I just have to configure the operation timeout to be smaller than the server selection timeout.
There was a problem hiding this comment.
Spec says we should use more strict timeout in such situation:
If timeoutMS is set, drivers MUST use min(serverSelectionTimeoutMS, remaining timeoutMS), referred to as computedServerSelectionTimeout as the timeout for server selection and connection checkout.
There was a problem hiding this comment.
I think we aren't talking about the same thing again.
I'm saying that the operation timeout can be less than the server selection timeout. Of course I can do that.
That's not the same thing as the "computedServerSelectionTimeout".
When the "computedServerSelectionTimeout" (NOT a configured value, but a value that is computed and is different evry time) times out, we probably need to know WHY it timed out. Did it timeout because the operation timed out or because server selection timed out? I think the error message should say why. Seems like the user would want to know which timeout timed out because they may want to know which timeout value to reconfigure if they actually didn't want to time out so quickly.
There was a problem hiding this comment.
d) whole operation is timed out, but server selection is not - this is impossible state as per spec.
I don't think the spec says this is impossible. The spec describes how to calculate the "computedServerSelectionTimeout", but if the configured operation timeout is less than the configured server selection timeout and we timeout during server selection it is NOT the server selection that timed out, but the WHOLE operation.
There was a problem hiding this comment.
As it was discussed offline:
We both were talking about the same thing, but there were small confusion regarding "configured" timeout and "computed" timeout. We confirmed that we DO need to distinguish what exactly timeout was occurred: was it "local" timeout or whole operation timeout. Also we decided to go with ParentContext approach as it seems to cover our needs and also let us have more the 2 level of nesting. To check whether it was local timeout occurred or whole operation - we have to examine the ParentContext property and see if it was timed out or not. If there is no ParentContext and the context is timed out - it means whole operation was timed out.
| { | ||
| _stopwatch = stopwatch; | ||
| Timeout = timeout; | ||
| CancellationToken = cancellationToken; |
There was a problem hiding this comment.
I recommend not mixing backing fields and auto-properties in the same class.
| return remainingTimeout < TimeSpan.Zero; | ||
| } | ||
|
|
||
| public OperationCancellationContext WithTimeout(TimeSpan timeout) |
There was a problem hiding this comment.
Maybe should be called WithStepTimeout?
There was a problem hiding this comment.
As it was discussed we will not introduce additional properties for now, so will leave the method name as is to match the property name.
|
|
||
| namespace MongoDB.Driver | ||
| { | ||
| internal sealed class OperationCancellationContext |
|
|
||
| public TimeSpan Elapsed => _stopwatch.Elapsed; | ||
|
|
||
| public TimeSpan Timeout { get; } |
There was a problem hiding this comment.
Having a ParentContext might be a good idea in its own right.
You still need a way to detect when a timeout occurs whether it was the OperationTimeout or the StepTimeout that timed out. Does a ParentContext help you with that?
| @@ -47,7 +47,7 @@ private Exception CreateTimeoutException(Stopwatch stopwatch, string message) | |||
| var checkOutsForOtherCount = checkOutsCount - checkOutsForCursorCount - checkOutsForTransactionCount; | |||
|
|
|||
| message = | |||
| $"Timed out after {stopwatch.ElapsedMilliseconds}ms waiting for a connection from the connection pool. " + | |||
| $"Timed out after {operationContext.Elapsed.TotalMilliseconds}ms waiting for a connection from the connection pool. " + | |||
There was a problem hiding this comment.
minor: Looks like Elapsed.TotalMilliseconds is frequently used, does this award a shortcut property:
ElapsedMilleseconds?
| // TODO: this static field is temporary here and will be removed in a future PRs in scope of CSOT. | ||
| public static readonly OperationContext NoTimeout = new(System.Threading.Timeout.InfiniteTimeSpan, CancellationToken.None); | ||
|
|
||
| private readonly Stopwatch _stopwatch; |
There was a problem hiding this comment.
So we are saving the multiple stopwatches creation on operation execution path, it's minor but still nice.
| } | ||
|
|
||
| stopwatch.Stop(); | ||
| throw CreateException(stopwatch); | ||
| throw CreateException(operationContext); |
There was a problem hiding this comment.
Is the stopwatch stopped at some point?
Should it be stopped after first IsTimedOut is called (or StopAndValidateTimeout or similar)? Seems that it's more accurate to report the elapsed when first validated and not on creation of the actual report /log later.
There was a problem hiding this comment.
It's not stopping, because the same context could be in use more. For example if IsTimedOut returned false, we could decide to wait more. May be we should replace IsTimedOut with EnsureTimeout method, that will throw in case of timeout and it could save the current elapsed time in the exception together with the timeout source (was it whole operation timeout or server selection timeout, or something else).
There was a problem hiding this comment.
Another idea might be to add out parameter to the IsTimedOut method. Let's discuss our options offline.
There was a problem hiding this comment.
We decided to go with additional out parameter approach.
| [Values(false, true)] | ||
| bool async) | ||
| { | ||
| var subject = CreateSubject(); | ||
| var subject = CreateSubject(serverSelectionTimeout: TimeSpan.FromMilliseconds(10)); |
There was a problem hiding this comment.
This adjusted serverSelectionTimeout is an optimization of the test: we probably do not have to wait whole 2 seconds here (the default server selection for this test class, see line 49).
| @@ -134,23 +134,13 @@ await Record.ExceptionAsync(() => subject.ExecuteWriteOperationAsync(null, opera | |||
| .Subject.ParamName.Should().Be("session"); | |||
| } | |||
|
|
|||
| private OperationExecutor CreateSubject(out Mock<IClusterInternal> clusterMock, out Mock<ICoreSessionHandle> implicitSessionMock) | |||
There was a problem hiding this comment.
Leftovers of the implicit session creation, that was factored out in one of the latest commits related to OperationExecutor refactoing.
There was a problem hiding this comment.
Pull Request Overview
This PR refactors various server selection and connection pool APIs to use a new OperationContext abstraction instead of separate CancellationToken and timeout TimeSpan parameters. Key changes include:
- Replaced all
CancellationToken(and internalStopwatchtimeout logic) withOperationContextthroughout connection pool helpers, cluster selection, and binding classes. - Updated
CreateTimeoutExceptionmethods to accept aTimeSpan elapsedrather than aStopwatch. - Removed legacy overloads and helper classes associated with
CancellationToken/TimeSpanand simplified server selection wait logic usingOperationContext.
Reviewed Changes
Copilot reviewed 141 out of 141 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/MongoDB.Driver/Core/ConnectionPools/ExclusiveConnectionPool.Helpers.cs | Swapped Stopwatch usage and token/timeouts for OperationContext |
| src/MongoDB.Driver/Core/Clusters/LoadBalancedCluster.cs | Updated server selection to use OperationContext and WithTimeout |
| src/MongoDB.Driver/Core/Clusters/IClusterExtensions.cs | Changed extension methods to accept OperationContext |
| src/MongoDB.Driver/Core/Clusters/ICluster.cs | Updated interface signatures to use OperationContext |
| src/MongoDB.Driver/Core/Clusters/Cluster.cs | Refactored internal select/wait loops to data in OperationContext |
| src/MongoDB.Driver/Core/Bindings/**/*.cs | Replaced all CancellationToken parameters in binding APIs with OperationContext |
Comments suppressed due to low confidence (3)
src/MongoDB.Driver/Core/ConnectionPools/ExclusiveConnectionPool.Helpers.cs:50
- [nitpick] Using TotalMilliseconds can include fractional values (e.g., 12.345ms). Consider formatting with a fixed precision or rounding (e.g.,
{elapsed.TotalMilliseconds:F0}) to produce a cleaner integer-based message.
message = $"Timed out after {elapsed.TotalMilliseconds}ms waiting for a connection from the connection pool. " +
src/MongoDB.Driver/Core/Clusters/LoadBalancedCluster.cs:179
- The new
WithTimeoutlogic andWaitTaskbehavior are significant changes to server selection. Please add unit tests that simulate both timeout and cancellation scenarios forSelectServer/SelectServerAsyncusing mocks/stubs for_serverReadyTaskCompletionSource.
var serverSelectionOperationContext = operationContext.WithTimeout(_settings.ServerSelectionTimeout);
src/MongoDB.Driver/Core/Clusters/ICluster.cs:64
- Removing the old
CancellationTokenoverloads is a breaking API change. Consider retaining the old overloads (marked obsolete) to preserve backward compatibility, or provide clear upgrade guidance in release notes.
IServer SelectServer(IServerSelector selector, OperationContext operationContext);
| if (index != 0) | ||
| try | ||
| { | ||
| serverSelectionOperationContext.WaitTask(_serverReadyTaskCompletionSource.Task); |
There was a problem hiding this comment.
The original code explicitly threw on cancellation (cancellationToken.ThrowIfCancellationRequested()), but this method only catches TimeoutException. Consider catching OperationCanceledException from WaitTask or explicitly checking operationContext.CancellationToken to ensure cancellations are surfaced correctly.
Copilot uses AI. Check for mistakes.
| // should be pinned. | ||
| var server = cluster.SelectServer(selector, cancellationToken); | ||
| var server = cluster.SelectServer(selector, operationContext); |
There was a problem hiding this comment.
[nitpick] We added non-null checks for selector and operationContext in core cluster methods; consider adding Ensure.IsNotNull(operationContext, nameof(operationContext)); here as well to maintain consistent validation.
Copilot uses AI. Check for mistakes.
| { | ||
| return GetReadChannelSource(null, cancellationToken); | ||
| return GetReadChannelSource(null, operationContext); | ||
| } | ||
|
|
||
| public Task<IChannelSourceHandle> GetReadChannelSourceAsync(CancellationToken cancellationToken) | ||
| public Task<IChannelSourceHandle> GetReadChannelSourceAsync(OperationContext operationContext) | ||
| { |
There was a problem hiding this comment.
[nitpick] Most public API methods now guard against null operationContext. Add an Ensure.IsNotNull(operationContext, nameof(operationContext)); at the top of this method to match the pattern in cluster selection.
Copilot uses AI. Check for mistakes.
No description provided.