Hi.
I know Shoal has FailureRecoverySignalImpl for default FailureRecoverySignal.
As you know, FailureRecoverySignalImpl implements Signal.acquire().
The following are FailureRecoverySignalImpl.acquire() and GroupHandleImpl.raiseFence()
[FailureRecoverySignalImpl.java]
public void acquire() throws SignalAcquireException {
try {
final GroupHandle gh = ctx.getGroupHandle();
if(gh.isMemberAlive( failedMember ) ){
throw new GMSException( "Cannot raise fence on " + failedMember + " as it is already alive");
}
gh.raiseFence(componentName, failedMember);
logger.log(Level.FINE, "raised fence for component " + componentName + " and member " + failedMember);
} catch( GMSException e ) {
throw new SignalAcquireException(e);
}
}
[GroupHandleImpl.java]
public void raiseFence(final String componentNAme, final String failedMemberToken) throws GMSException {
if(!isFenced(componentName, failedMemberToken)){
...
}
}
I am interested in the case of returning no exception when FailureRecoverySignalImpl.acquire() is invoked.
1. when failedMember is not alive and isFenced() is false --> normal case
2. when failedMember is not alive and isFenced() is true --> abnormal case
Of course, I think that above 2 case is not occurred in current Shoal version because RecoveryTargetSelector.resolveWithSimpleSelectionAlgorithm() will select only same and one recoverer in current members.
But in the future, Shoal can provide custom recovery selection algorithm for users and another recovery selection algorithm that multiple recoverers can be selected,
I think that above 2 case can be occurred.
Of course, if users check GroupHandle.isFenced() before users invoke FailureRecoverySignal.acquire(), there is no problem.
But most users will use FailureRecoverySignalImpl and FailureRecoveryActionImpl like me.
Then in the above 2 case, if multiple recoverers can be selected, FailureRecoverySignal.acquire() is meaningless because FailureRecoverySignal.acquire() will be returned with no exception quietly.
So I think that it is better that FailureRecoverySignalImpl.acquire() should throw an exception or GroupHandleImpl.raiseFence should throw an exception when isFenced() is true.
Or I think it is better that additional documents and javadoc express that FailureRecoverySignalImpl.acquire() can be returned with no exceptions though isFenced() is true, so users should check isFenced() before invoking acquire() safely.
If recovery selection algorithm's rule allows only unique recoverer, this suggestion is meaningless. :-)
This is just my opinion.
Thanks.
--
Bongjae Chang