unify caching across workers to maximize cache hits

[ankitk-me]

Fixes #937

[jfallows]

Suggested change

	private final ConcurrentHashMap<Integer, CompletableFuture<String>> cache;
	private final ConcurrentMap<Integer, CompletableFuture<String>> cachedSchemas;

[jfallows]

Suggested change

	ConcurrentHashMap<Integer, CompletableFuture<String>> cache)
	ConcurrentMap<Integer, CompletableFuture<String>> cachedSchemas)

[jfallows]

Suggested change

	this.cache = cache;
	this.cachedSchemas = cachedSchemas;

[jfallows]

There is still a race here, between cache.get(schemaId) and cache.put(schemaId, future).

To solve the race, we need to use one of the methods on ConcurrentMap that is not available on Map, such as:

CompletableFuture<> future = cache.get(schemaId);
if (future == null)
{
    CompletableFuture<> newFuture = new CompletableFuture<String>();
    future = cache.putIfAbsent(schemaId, newFuture);
    if (future == null)
    {
        // send request and complete newFuture
        future = newFuture;
    }
}
assert future != null;
schema = future.get();
if (schema != null)
{
    schemas.put(schemaId, schema);
}

[jfallows]

Note, we also need to prevent unnecessary concurrent requests to resolve the schemaIds, such as latest, same as for resolving the schemas themselves from schemaIds.

[jfallows]

Suggested change

	else if (schemaIds.containsKey(checkSum))
	else if (schemaIds.containsKey(schemaKey))

[jfallows]

Is this needed to handle the case where remote access fails, but we can serve from (stale) cache instead?

[ankitk-me]

yes.

[jfallows]

Suggest adding a convenience constructor that calls this(config, context, catalogId, new ConcurrentHashMap<>()) instead of requiring the test to handle the complexity.

[jfallows]

I don't think we can reassign newFuture here, as the value being lost is the one that already made it into the concurrent map, so if we reassign it then the one in the map would not be completed, agree?

[jfallows]

Same issue here as above, agree?

[jfallows]

I think we can perhaps simplify the logic by creating the candidate newFuture and calling:

CompletableFuture<> newFuture = new CompletableFuture<CachedSchemaId>();
CompletableFuture<> future = cachedSchemaIds.merge(schemaKey, newFuture, (v1, v2) -> v1 != null && !v1.isDone() ? v1 : v2);
if (future == newFuture)
{
    // send request
    // complete future
}
cachedSchemaId  = future.get();

[jfallows]

Suggested change

	private final ConcurrentMap<Long, KarapaceCache> cache;
	private final ConcurrentMap<Long, KarapaceCache> cachesById;

[jfallows]

Suggested change

	KarapaceCache karapaceCache = cache.computeIfAbsent(catalog.id, id -> new KarapaceCache());
	return new KarapaceCatalogHandler(KarapaceOptionsConfig.class.cast(catalog.options), context, catalog.id, karapaceCache);
	KarapaceCache cache = cachesById.computeIfAbsent(catalog.id, id -> new KarapaceCache());
	return new KarapaceCatalogHandler(KarapaceOptionsConfig.class.cast(catalog.options), context, catalog.id, cache);

[jfallows]

Suggested change

	public final ConcurrentMap<Integer, CompletableFuture<String>> cachedSchemas;
	public final ConcurrentMap<Integer, CompletableFuture<CachedSchemaId>> cachedSchemaIds;
	public final ConcurrentMap<Integer, CompletableFuture<String>> schemas;
	public final ConcurrentMap<Integer, CompletableFuture<CachedSchemaId>> schemaIds;

Probably don't need the cached prefix now that these are fields of KarapaceCache.

[jfallows]

The concept of a future is internal implementation detail. Let's change this to still make sense from an external perspective for someone observing the logs with no understanding of the implementation internals.

[jfallows]

How many times is this going to be logged while Karapace remains unreachable?

Perhaps we need to reconsider what events would convey the information necessary without overwhelming the logs when things are not operating perfectly.

The state transition that has occurred is that Karapace has been unreachable for long enough that we are forced to serve stale schemas, and then the next state transition would be that we had reestablished connectivity to Karapace so that stale schemas are no longer being served. Do we think these transition log events are sufficient or do we need something more verbose?

[jfallows]

How do these differ in the information they convey to the log observer?

[jfallows]

If these are both unmodifiable, then they should be marked final too.

[jfallows]

No need to explicitly pass 0 to AtomicInteger constructor.

[jfallows]

Does it make sense to have a convenience constructor with just schema defauting to new AtomicInteger().

[jfallows]

Not sure why this is called event.
Isn't this just tracking the number of retries, which is normally 0 when everything is working normally?

[jfallows]

Should some or all of these be final?

[jfallows]

I think it might be more readable if these methods were named onXxx instead of xxx.

So in the calling context it would be something like events.onUnretrievableSchemaSubjectVersion(...) (not event...), wdyt?

[jfallows]

Can these be private?

[jfallows]

This logic is trying to prevent the value from increasing if it would end up larger than maxAgeMillis, but that means maxAgeMillis is okay too.

Suggest it is easier to follow if you change to max out at maxAgeMillis instead of current.

Suggested change

	long current = cachedSchemaId.retry;
	long update = current * RETRY_MULTIPLER_DEFAULT;
	retry = update < maxAgeMillis ? update : current;
	retryAfter = Math.min(cachedSchemaId.retryAfter << 1, maxAgeMillis);

[jfallows]

Suggest we call this events instead of event.

[jfallows]

This doesn't look right to me, because the value of retryAttempts should be independent of serving stale schema, right?

[jfallows]

We don't really need success any more, right?

responseBody = httpResponse.statusCode() == 200 ? httpResponse.body() : null;

[jfallows]

This should be done as an IT with scripts verifying each different possible behavior of the remote Karapace system.

Is anything missing from test binding that would let the karapace catalog be tested that way?

Note: please see filesystem catalog EventIT.

[jfallows]

Prefer this IT done via scripts not mocks.

Note: if using mocks then it is a unit test, not an integration test - unit tests with mocks are not stable after a refactor of the code as they also need to be changed, whereas integration tests remain stable, providing better confidence after changing implementation.

[jfallows]

There should be no need to drive any direct calls to KarapaceCatalogHandler via code and mocks.

Instead, this should be driven by test binding in zilla.yaml for the test. It may be necessary to add support for expected schema in test binding options so that it can verify the retrieved schema matches expectations.

Note: this would be for test binding only, as other bindings have no need to validate expectations.

[jfallows]

There should be no need to drive any direct calls to KarapaceCatalogHandler via code and mocks.

Instead, this should be driven by test binding in zilla.yaml for the test. It may be necessary to add support for expected schema in test binding options so that it can verify the retrieved schema matches expectations.

Note: this would be for test binding only, as other bindings have no need to validate expectations.

[jfallows]

This is excellent. As mentioned above, we may need to add support for verifying the expected schema here, then reject the initial begin with a reset if the schema doesn't match expectations, as that will cause the IT to fail.

The expected schemas may be a separate test binding option, independent of cataloged so as not to interfere with that generic definition used by other bindings that don't need to validate expectations.

[jfallows]

It would seem more readable and descriptive of the intent to put subject: not-subject1 instead of id: 1 here, agree?

[jfallows]

This looks great!

Suggest we generalize the concept of assertions as we'll potentially need that later for vault, etc.

Suggested change

	catalog-assertion:
	- schema: null
	- schema: '{"fields":[{"name":"id","type":"string"},{"name":"status","type":"string"}],"name":"Event","namespace":"io.aklivity.example","type":"record"}'
	assertions:
	catalog:
	catalog0:
	- schema: null
	- schema: '{"fields":[{"name":"id","type":"string"},{"name":"status","type":"string"}],"name":"Event","namespace":"io.aklivity.example","type":"record"}'

[jfallows]

Perhaps delay instead of interval since it is not repeating.

[jfallows]

Is ti possible to use yaml syntax magic to let this be pretty printed json in the file, but compact format when parsed?

[ankitk-me]

I wasn't able to find a way to implement this feedback, tried using > (Folded Block Scalar) instead of |. But the result was still varying from the expected Schema string.