Distributed Lock Manager with Azure SQL database












1















We have Web API using Azure SQL database. Database model has Customers and Managers. Customers can add appointments. We can't allow overlapping appointments from 2 or more Customers for same Manager. Because we are working in a distributed environment (multiple instances of web server can insert records into database at the same time), there is a possibility that appointments that are not valid will be saved. As an example, Customer 1 wants an appointment between 10:00 - 10: 30. Customer 2 wants an appointment between 10:15 - 10:45. If both appointments happen during the same time, then the validation code in Web API, will not catch an error. That's why we need something like distributed lock manager. We read about Redlock from Redis and Zookeeper. My questions is: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



If we would use Redlock than we would go with Azure Redis Cache because we already use Azure Cloud to host our Web API. We plan to identify shared resource (resource we want to lock) by using ManagerId + Date. This would result in lock for Manager on one date, so it would be possible to have other locks for same Manager on some other date. We plan to use one instance of Azure Redis Cache, is this safe enough?






azure redis locking apache-zookeeper







share|improve this question




















  • 1





    I would not solve this by locking the whole thing down. This is a first-come, first-serve scenario, right? Before persisting the appointment, check that the appointment slot is still available. If not - return an HTTP 409 or something - and notify the user to find another slot - else return a 200 from your WebAPI.

    – Jochen van Wylick
    Apr 11 '16 at 14:21













  • We are using Entity Framework ORM so there is possibility that while one instance checks for appointment free slot and determines it is free, before it inserts new appointment to database, another instance of web service also determines that appointment slot is free and also insert appointment = we get appointments overlap, so we are trying to solve this problem

    – Vukasin Spasic
    Apr 11 '16 at 19:18











  • Sure I see your point - but still there are ways around this without the locking. For instance: use WebAPI to put the messages on a queue and use just 1 worker to pick up the messages, check for overlap and store in the database. A way to solve concurrency problems is to eliminate concurrency. I got this from Mark Seamann's course on Functional Architecture on Pluralsight: pluralsight.com/courses/functional-architecture-fsharp

    – Jochen van Wylick
    Apr 11 '16 at 20:08











  • Hey @JochenvanWylick, I'm one of Vukasins colleagues. Your right with the message queue that it can eliminate concurrency, but this brings two issues: You can't scale out the worker role and second, the user needs to be notified right away if the appointment was created successfully which would mean that we have to create a more complex notification system for the UI

    – Alex Maie
    Apr 12 '16 at 9:48











  • Yes, indeed, both points are correct. It's a tradeoff - but certainly possible. That's why I stronly suggest that course on pluralsight. A famous case of this is the Amazon inventory system. If you present '1 item left' to 2 users at the same time - and one buys the thing quicker, the second buyer could get an error. But amazon doesn't lock down buying that item as soon as someone looks at it - they compensate in case they sold more than they have in inventory ( which happens only a few times ).

    – Jochen van Wylick
    Apr 12 '16 at 10:28
















1















We have Web API using Azure SQL database. Database model has Customers and Managers. Customers can add appointments. We can't allow overlapping appointments from 2 or more Customers for same Manager. Because we are working in a distributed environment (multiple instances of web server can insert records into database at the same time), there is a possibility that appointments that are not valid will be saved. As an example, Customer 1 wants an appointment between 10:00 - 10: 30. Customer 2 wants an appointment between 10:15 - 10:45. If both appointments happen during the same time, then the validation code in Web API, will not catch an error. That's why we need something like distributed lock manager. We read about Redlock from Redis and Zookeeper. My questions is: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



If we would use Redlock than we would go with Azure Redis Cache because we already use Azure Cloud to host our Web API. We plan to identify shared resource (resource we want to lock) by using ManagerId + Date. This would result in lock for Manager on one date, so it would be possible to have other locks for same Manager on some other date. We plan to use one instance of Azure Redis Cache, is this safe enough?






azure redis locking apache-zookeeper







share|improve this question




















  • 1





    I would not solve this by locking the whole thing down. This is a first-come, first-serve scenario, right? Before persisting the appointment, check that the appointment slot is still available. If not - return an HTTP 409 or something - and notify the user to find another slot - else return a 200 from your WebAPI.

    – Jochen van Wylick
    Apr 11 '16 at 14:21













  • We are using Entity Framework ORM so there is possibility that while one instance checks for appointment free slot and determines it is free, before it inserts new appointment to database, another instance of web service also determines that appointment slot is free and also insert appointment = we get appointments overlap, so we are trying to solve this problem

    – Vukasin Spasic
    Apr 11 '16 at 19:18











  • Sure I see your point - but still there are ways around this without the locking. For instance: use WebAPI to put the messages on a queue and use just 1 worker to pick up the messages, check for overlap and store in the database. A way to solve concurrency problems is to eliminate concurrency. I got this from Mark Seamann's course on Functional Architecture on Pluralsight: pluralsight.com/courses/functional-architecture-fsharp

    – Jochen van Wylick
    Apr 11 '16 at 20:08











  • Hey @JochenvanWylick, I'm one of Vukasins colleagues. Your right with the message queue that it can eliminate concurrency, but this brings two issues: You can't scale out the worker role and second, the user needs to be notified right away if the appointment was created successfully which would mean that we have to create a more complex notification system for the UI

    – Alex Maie
    Apr 12 '16 at 9:48











  • Yes, indeed, both points are correct. It's a tradeoff - but certainly possible. That's why I stronly suggest that course on pluralsight. A famous case of this is the Amazon inventory system. If you present '1 item left' to 2 users at the same time - and one buys the thing quicker, the second buyer could get an error. But amazon doesn't lock down buying that item as soon as someone looks at it - they compensate in case they sold more than they have in inventory ( which happens only a few times ).

    – Jochen van Wylick
    Apr 12 '16 at 10:28














1












1








1


1






We have Web API using Azure SQL database. Database model has Customers and Managers. Customers can add appointments. We can't allow overlapping appointments from 2 or more Customers for same Manager. Because we are working in a distributed environment (multiple instances of web server can insert records into database at the same time), there is a possibility that appointments that are not valid will be saved. As an example, Customer 1 wants an appointment between 10:00 - 10: 30. Customer 2 wants an appointment between 10:15 - 10:45. If both appointments happen during the same time, then the validation code in Web API, will not catch an error. That's why we need something like distributed lock manager. We read about Redlock from Redis and Zookeeper. My questions is: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



If we would use Redlock than we would go with Azure Redis Cache because we already use Azure Cloud to host our Web API. We plan to identify shared resource (resource we want to lock) by using ManagerId + Date. This would result in lock for Manager on one date, so it would be possible to have other locks for same Manager on some other date. We plan to use one instance of Azure Redis Cache, is this safe enough?






azure redis locking apache-zookeeper







share|improve this question
















We have Web API using Azure SQL database. Database model has Customers and Managers. Customers can add appointments. We can't allow overlapping appointments from 2 or more Customers for same Manager. Because we are working in a distributed environment (multiple instances of web server can insert records into database at the same time), there is a possibility that appointments that are not valid will be saved. As an example, Customer 1 wants an appointment between 10:00 - 10: 30. Customer 2 wants an appointment between 10:15 - 10:45. If both appointments happen during the same time, then the validation code in Web API, will not catch an error. That's why we need something like distributed lock manager. We read about Redlock from Redis and Zookeeper. My questions is: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



If we would use Redlock than we would go with Azure Redis Cache because we already use Azure Cloud to host our Web API. We plan to identify shared resource (resource we want to lock) by using ManagerId + Date. This would result in lock for Manager on one date, so it would be possible to have other locks for same Manager on some other date. We plan to use one instance of Azure Redis Cache, is this safe enough?






azure redis locking apache-zookeeper




azure redis locking apache-zookeeper






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Apr 12 '16 at 9:59







Vukasin Spasic

















asked Apr 11 '16 at 13:08









Vukasin SpasicVukasin Spasic

113




113








  • 1





    I would not solve this by locking the whole thing down. This is a first-come, first-serve scenario, right? Before persisting the appointment, check that the appointment slot is still available. If not - return an HTTP 409 or something - and notify the user to find another slot - else return a 200 from your WebAPI.

    – Jochen van Wylick
    Apr 11 '16 at 14:21













  • We are using Entity Framework ORM so there is possibility that while one instance checks for appointment free slot and determines it is free, before it inserts new appointment to database, another instance of web service also determines that appointment slot is free and also insert appointment = we get appointments overlap, so we are trying to solve this problem

    – Vukasin Spasic
    Apr 11 '16 at 19:18











  • Sure I see your point - but still there are ways around this without the locking. For instance: use WebAPI to put the messages on a queue and use just 1 worker to pick up the messages, check for overlap and store in the database. A way to solve concurrency problems is to eliminate concurrency. I got this from Mark Seamann's course on Functional Architecture on Pluralsight: pluralsight.com/courses/functional-architecture-fsharp

    – Jochen van Wylick
    Apr 11 '16 at 20:08











  • Hey @JochenvanWylick, I'm one of Vukasins colleagues. Your right with the message queue that it can eliminate concurrency, but this brings two issues: You can't scale out the worker role and second, the user needs to be notified right away if the appointment was created successfully which would mean that we have to create a more complex notification system for the UI

    – Alex Maie
    Apr 12 '16 at 9:48











  • Yes, indeed, both points are correct. It's a tradeoff - but certainly possible. That's why I stronly suggest that course on pluralsight. A famous case of this is the Amazon inventory system. If you present '1 item left' to 2 users at the same time - and one buys the thing quicker, the second buyer could get an error. But amazon doesn't lock down buying that item as soon as someone looks at it - they compensate in case they sold more than they have in inventory ( which happens only a few times ).

    – Jochen van Wylick
    Apr 12 '16 at 10:28














  • 1





    I would not solve this by locking the whole thing down. This is a first-come, first-serve scenario, right? Before persisting the appointment, check that the appointment slot is still available. If not - return an HTTP 409 or something - and notify the user to find another slot - else return a 200 from your WebAPI.

    – Jochen van Wylick
    Apr 11 '16 at 14:21













  • We are using Entity Framework ORM so there is possibility that while one instance checks for appointment free slot and determines it is free, before it inserts new appointment to database, another instance of web service also determines that appointment slot is free and also insert appointment = we get appointments overlap, so we are trying to solve this problem

    – Vukasin Spasic
    Apr 11 '16 at 19:18











  • Sure I see your point - but still there are ways around this without the locking. For instance: use WebAPI to put the messages on a queue and use just 1 worker to pick up the messages, check for overlap and store in the database. A way to solve concurrency problems is to eliminate concurrency. I got this from Mark Seamann's course on Functional Architecture on Pluralsight: pluralsight.com/courses/functional-architecture-fsharp

    – Jochen van Wylick
    Apr 11 '16 at 20:08











  • Hey @JochenvanWylick, I'm one of Vukasins colleagues. Your right with the message queue that it can eliminate concurrency, but this brings two issues: You can't scale out the worker role and second, the user needs to be notified right away if the appointment was created successfully which would mean that we have to create a more complex notification system for the UI

    – Alex Maie
    Apr 12 '16 at 9:48











  • Yes, indeed, both points are correct. It's a tradeoff - but certainly possible. That's why I stronly suggest that course on pluralsight. A famous case of this is the Amazon inventory system. If you present '1 item left' to 2 users at the same time - and one buys the thing quicker, the second buyer could get an error. But amazon doesn't lock down buying that item as soon as someone looks at it - they compensate in case they sold more than they have in inventory ( which happens only a few times ).

    – Jochen van Wylick
    Apr 12 '16 at 10:28








1




1





I would not solve this by locking the whole thing down. This is a first-come, first-serve scenario, right? Before persisting the appointment, check that the appointment slot is still available. If not - return an HTTP 409 or something - and notify the user to find another slot - else return a 200 from your WebAPI.

– Jochen van Wylick
Apr 11 '16 at 14:21







I would not solve this by locking the whole thing down. This is a first-come, first-serve scenario, right? Before persisting the appointment, check that the appointment slot is still available. If not - return an HTTP 409 or something - and notify the user to find another slot - else return a 200 from your WebAPI.

– Jochen van Wylick
Apr 11 '16 at 14:21















We are using Entity Framework ORM so there is possibility that while one instance checks for appointment free slot and determines it is free, before it inserts new appointment to database, another instance of web service also determines that appointment slot is free and also insert appointment = we get appointments overlap, so we are trying to solve this problem

– Vukasin Spasic
Apr 11 '16 at 19:18





We are using Entity Framework ORM so there is possibility that while one instance checks for appointment free slot and determines it is free, before it inserts new appointment to database, another instance of web service also determines that appointment slot is free and also insert appointment = we get appointments overlap, so we are trying to solve this problem

– Vukasin Spasic
Apr 11 '16 at 19:18













Sure I see your point - but still there are ways around this without the locking. For instance: use WebAPI to put the messages on a queue and use just 1 worker to pick up the messages, check for overlap and store in the database. A way to solve concurrency problems is to eliminate concurrency. I got this from Mark Seamann's course on Functional Architecture on Pluralsight: pluralsight.com/courses/functional-architecture-fsharp

– Jochen van Wylick
Apr 11 '16 at 20:08





Sure I see your point - but still there are ways around this without the locking. For instance: use WebAPI to put the messages on a queue and use just 1 worker to pick up the messages, check for overlap and store in the database. A way to solve concurrency problems is to eliminate concurrency. I got this from Mark Seamann's course on Functional Architecture on Pluralsight: pluralsight.com/courses/functional-architecture-fsharp

– Jochen van Wylick
Apr 11 '16 at 20:08













Hey @JochenvanWylick, I'm one of Vukasins colleagues. Your right with the message queue that it can eliminate concurrency, but this brings two issues: You can't scale out the worker role and second, the user needs to be notified right away if the appointment was created successfully which would mean that we have to create a more complex notification system for the UI

– Alex Maie
Apr 12 '16 at 9:48





Hey @JochenvanWylick, I'm one of Vukasins colleagues. Your right with the message queue that it can eliminate concurrency, but this brings two issues: You can't scale out the worker role and second, the user needs to be notified right away if the appointment was created successfully which would mean that we have to create a more complex notification system for the UI

– Alex Maie
Apr 12 '16 at 9:48













Yes, indeed, both points are correct. It's a tradeoff - but certainly possible. That's why I stronly suggest that course on pluralsight. A famous case of this is the Amazon inventory system. If you present '1 item left' to 2 users at the same time - and one buys the thing quicker, the second buyer could get an error. But amazon doesn't lock down buying that item as soon as someone looks at it - they compensate in case they sold more than they have in inventory ( which happens only a few times ).

– Jochen van Wylick
Apr 12 '16 at 10:28





Yes, indeed, both points are correct. It's a tradeoff - but certainly possible. That's why I stronly suggest that course on pluralsight. A famous case of this is the Amazon inventory system. If you present '1 item left' to 2 users at the same time - and one buys the thing quicker, the second buyer could get an error. But amazon doesn't lock down buying that item as soon as someone looks at it - they compensate in case they sold more than they have in inventory ( which happens only a few times ).

– Jochen van Wylick
Apr 12 '16 at 10:28












1 Answer
1






active

oldest

votes


















0














Q1: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



I consider Redlock as not the best choice for your use case because:



a) its guarantees are for a specific amount of time (TTL) set before using the DB operation. If for some reason (talk to DevOps for incredible ones and also check How to do distributed locking) the DB operation takes longer than TTL you loose the guarantee for lock validity (see lock validity time in the official documentation). You could use large TTL (minutes) or you could try to extend its validity with another thread which would monitor the DB operation time - but this gets incredibly complicated. On the other hands with zookeeper (ZK) your lock is there till you remove it or the process dies; it could be the situation when your DB operation hangs which would lead to the lock also to hang but these kind of problems are easily spotted by DevOps tools which will kill the hanging process which in turn will free the ZK lock (there's also the option to have a monitoring process which to also do this faster and in a more specific to you business fashion).



b) while trying to lock the processes must “fight” to win a lock; the “fighting” suppose for them to wait then retry getting the lock. These could lead to retry-count to overflow which would lead to a fail to get the lock. This seems to me a less important issue but with ZK the solution is far better: there’s no “fight” but all processes will get in a line of ones waiting their turn to get the lock (check ZK lock recipe).



c) Redlock is based on time measures which is incredible tricky; check at least the paragraph containing “feeling smug” at How to do distributed locking (Conclusion paragraph too) then think again how large should be that TTL value in order to be sure about your RedLock (time) based locking.



For these reasons I consider RedLock a risky solution while Zookeeper a good solution for your use case. Other better distributed locking solution fit for your case I don’t know but other distributed locking solutions do exist, e.g. just check Apache ZooKeeper vs. etcd3.



Q2: We plan to use one instance of Azure Redis Cache, is this safe enough?



It could be safe for your use case because the TTL seems to be predictable (if we really trust the time measuring - see the warn below) but only if the slave taking over a failed master could be delayed (not sure if possible, you should check the Redis configuration capabilities). In case you loose the master before a lock is synchronized to the slave than another process could just acquire the same lock. Redlock recommends to use delayed restarts (check Performance, crash-recovery and fsync in official documentation) with a period at least of 1 TTL. If for the Q1:a+c reason your TTL is a very long one than your system won’t be able to lock for maybe an unacceptable large period (because the only 1 Redis master you have must be replaced by the slave in a delayed fashion).



PS: I stress again to read Martin Kleppmann's opinion on Redlock where you’ll find incredible reasons for a DB operation to be delayed (search for before reaching the storage service) and also incredible reasons for not relaying on time measuring when locking (and also an interesting argumentation against using Redlock)






share|improve this answer

























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f36549656%2fdistributed-lock-manager-with-azure-sql-database%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Q1: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



    I consider Redlock as not the best choice for your use case because:



    a) its guarantees are for a specific amount of time (TTL) set before using the DB operation. If for some reason (talk to DevOps for incredible ones and also check How to do distributed locking) the DB operation takes longer than TTL you loose the guarantee for lock validity (see lock validity time in the official documentation). You could use large TTL (minutes) or you could try to extend its validity with another thread which would monitor the DB operation time - but this gets incredibly complicated. On the other hands with zookeeper (ZK) your lock is there till you remove it or the process dies; it could be the situation when your DB operation hangs which would lead to the lock also to hang but these kind of problems are easily spotted by DevOps tools which will kill the hanging process which in turn will free the ZK lock (there's also the option to have a monitoring process which to also do this faster and in a more specific to you business fashion).



    b) while trying to lock the processes must “fight” to win a lock; the “fighting” suppose for them to wait then retry getting the lock. These could lead to retry-count to overflow which would lead to a fail to get the lock. This seems to me a less important issue but with ZK the solution is far better: there’s no “fight” but all processes will get in a line of ones waiting their turn to get the lock (check ZK lock recipe).



    c) Redlock is based on time measures which is incredible tricky; check at least the paragraph containing “feeling smug” at How to do distributed locking (Conclusion paragraph too) then think again how large should be that TTL value in order to be sure about your RedLock (time) based locking.



    For these reasons I consider RedLock a risky solution while Zookeeper a good solution for your use case. Other better distributed locking solution fit for your case I don’t know but other distributed locking solutions do exist, e.g. just check Apache ZooKeeper vs. etcd3.



    Q2: We plan to use one instance of Azure Redis Cache, is this safe enough?



    It could be safe for your use case because the TTL seems to be predictable (if we really trust the time measuring - see the warn below) but only if the slave taking over a failed master could be delayed (not sure if possible, you should check the Redis configuration capabilities). In case you loose the master before a lock is synchronized to the slave than another process could just acquire the same lock. Redlock recommends to use delayed restarts (check Performance, crash-recovery and fsync in official documentation) with a period at least of 1 TTL. If for the Q1:a+c reason your TTL is a very long one than your system won’t be able to lock for maybe an unacceptable large period (because the only 1 Redis master you have must be replaced by the slave in a delayed fashion).



    PS: I stress again to read Martin Kleppmann's opinion on Redlock where you’ll find incredible reasons for a DB operation to be delayed (search for before reaching the storage service) and also incredible reasons for not relaying on time measuring when locking (and also an interesting argumentation against using Redlock)






    share|improve this answer






























      0














      Q1: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



      I consider Redlock as not the best choice for your use case because:



      a) its guarantees are for a specific amount of time (TTL) set before using the DB operation. If for some reason (talk to DevOps for incredible ones and also check How to do distributed locking) the DB operation takes longer than TTL you loose the guarantee for lock validity (see lock validity time in the official documentation). You could use large TTL (minutes) or you could try to extend its validity with another thread which would monitor the DB operation time - but this gets incredibly complicated. On the other hands with zookeeper (ZK) your lock is there till you remove it or the process dies; it could be the situation when your DB operation hangs which would lead to the lock also to hang but these kind of problems are easily spotted by DevOps tools which will kill the hanging process which in turn will free the ZK lock (there's also the option to have a monitoring process which to also do this faster and in a more specific to you business fashion).



      b) while trying to lock the processes must “fight” to win a lock; the “fighting” suppose for them to wait then retry getting the lock. These could lead to retry-count to overflow which would lead to a fail to get the lock. This seems to me a less important issue but with ZK the solution is far better: there’s no “fight” but all processes will get in a line of ones waiting their turn to get the lock (check ZK lock recipe).



      c) Redlock is based on time measures which is incredible tricky; check at least the paragraph containing “feeling smug” at How to do distributed locking (Conclusion paragraph too) then think again how large should be that TTL value in order to be sure about your RedLock (time) based locking.



      For these reasons I consider RedLock a risky solution while Zookeeper a good solution for your use case. Other better distributed locking solution fit for your case I don’t know but other distributed locking solutions do exist, e.g. just check Apache ZooKeeper vs. etcd3.



      Q2: We plan to use one instance of Azure Redis Cache, is this safe enough?



      It could be safe for your use case because the TTL seems to be predictable (if we really trust the time measuring - see the warn below) but only if the slave taking over a failed master could be delayed (not sure if possible, you should check the Redis configuration capabilities). In case you loose the master before a lock is synchronized to the slave than another process could just acquire the same lock. Redlock recommends to use delayed restarts (check Performance, crash-recovery and fsync in official documentation) with a period at least of 1 TTL. If for the Q1:a+c reason your TTL is a very long one than your system won’t be able to lock for maybe an unacceptable large period (because the only 1 Redis master you have must be replaced by the slave in a delayed fashion).



      PS: I stress again to read Martin Kleppmann's opinion on Redlock where you’ll find incredible reasons for a DB operation to be delayed (search for before reaching the storage service) and also incredible reasons for not relaying on time measuring when locking (and also an interesting argumentation against using Redlock)






      share|improve this answer




























        0












        0








        0







        Q1: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



        I consider Redlock as not the best choice for your use case because:



        a) its guarantees are for a specific amount of time (TTL) set before using the DB operation. If for some reason (talk to DevOps for incredible ones and also check How to do distributed locking) the DB operation takes longer than TTL you loose the guarantee for lock validity (see lock validity time in the official documentation). You could use large TTL (minutes) or you could try to extend its validity with another thread which would monitor the DB operation time - but this gets incredibly complicated. On the other hands with zookeeper (ZK) your lock is there till you remove it or the process dies; it could be the situation when your DB operation hangs which would lead to the lock also to hang but these kind of problems are easily spotted by DevOps tools which will kill the hanging process which in turn will free the ZK lock (there's also the option to have a monitoring process which to also do this faster and in a more specific to you business fashion).



        b) while trying to lock the processes must “fight” to win a lock; the “fighting” suppose for them to wait then retry getting the lock. These could lead to retry-count to overflow which would lead to a fail to get the lock. This seems to me a less important issue but with ZK the solution is far better: there’s no “fight” but all processes will get in a line of ones waiting their turn to get the lock (check ZK lock recipe).



        c) Redlock is based on time measures which is incredible tricky; check at least the paragraph containing “feeling smug” at How to do distributed locking (Conclusion paragraph too) then think again how large should be that TTL value in order to be sure about your RedLock (time) based locking.



        For these reasons I consider RedLock a risky solution while Zookeeper a good solution for your use case. Other better distributed locking solution fit for your case I don’t know but other distributed locking solutions do exist, e.g. just check Apache ZooKeeper vs. etcd3.



        Q2: We plan to use one instance of Azure Redis Cache, is this safe enough?



        It could be safe for your use case because the TTL seems to be predictable (if we really trust the time measuring - see the warn below) but only if the slave taking over a failed master could be delayed (not sure if possible, you should check the Redis configuration capabilities). In case you loose the master before a lock is synchronized to the slave than another process could just acquire the same lock. Redlock recommends to use delayed restarts (check Performance, crash-recovery and fsync in official documentation) with a period at least of 1 TTL. If for the Q1:a+c reason your TTL is a very long one than your system won’t be able to lock for maybe an unacceptable large period (because the only 1 Redis master you have must be replaced by the slave in a delayed fashion).



        PS: I stress again to read Martin Kleppmann's opinion on Redlock where you’ll find incredible reasons for a DB operation to be delayed (search for before reaching the storage service) and also incredible reasons for not relaying on time measuring when locking (and also an interesting argumentation against using Redlock)






        share|improve this answer















        Q1: Is Redlock or Zookeeper good choise for our use case or there is some better solution?



        I consider Redlock as not the best choice for your use case because:



        a) its guarantees are for a specific amount of time (TTL) set before using the DB operation. If for some reason (talk to DevOps for incredible ones and also check How to do distributed locking) the DB operation takes longer than TTL you loose the guarantee for lock validity (see lock validity time in the official documentation). You could use large TTL (minutes) or you could try to extend its validity with another thread which would monitor the DB operation time - but this gets incredibly complicated. On the other hands with zookeeper (ZK) your lock is there till you remove it or the process dies; it could be the situation when your DB operation hangs which would lead to the lock also to hang but these kind of problems are easily spotted by DevOps tools which will kill the hanging process which in turn will free the ZK lock (there's also the option to have a monitoring process which to also do this faster and in a more specific to you business fashion).



        b) while trying to lock the processes must “fight” to win a lock; the “fighting” suppose for them to wait then retry getting the lock. These could lead to retry-count to overflow which would lead to a fail to get the lock. This seems to me a less important issue but with ZK the solution is far better: there’s no “fight” but all processes will get in a line of ones waiting their turn to get the lock (check ZK lock recipe).



        c) Redlock is based on time measures which is incredible tricky; check at least the paragraph containing “feeling smug” at How to do distributed locking (Conclusion paragraph too) then think again how large should be that TTL value in order to be sure about your RedLock (time) based locking.



        For these reasons I consider RedLock a risky solution while Zookeeper a good solution for your use case. Other better distributed locking solution fit for your case I don’t know but other distributed locking solutions do exist, e.g. just check Apache ZooKeeper vs. etcd3.



        Q2: We plan to use one instance of Azure Redis Cache, is this safe enough?



        It could be safe for your use case because the TTL seems to be predictable (if we really trust the time measuring - see the warn below) but only if the slave taking over a failed master could be delayed (not sure if possible, you should check the Redis configuration capabilities). In case you loose the master before a lock is synchronized to the slave than another process could just acquire the same lock. Redlock recommends to use delayed restarts (check Performance, crash-recovery and fsync in official documentation) with a period at least of 1 TTL. If for the Q1:a+c reason your TTL is a very long one than your system won’t be able to lock for maybe an unacceptable large period (because the only 1 Redis master you have must be replaced by the slave in a delayed fashion).



        PS: I stress again to read Martin Kleppmann's opinion on Redlock where you’ll find incredible reasons for a DB operation to be delayed (search for before reaching the storage service) and also incredible reasons for not relaying on time measuring when locking (and also an interesting argumentation against using Redlock)







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 28 '18 at 10:08

























        answered Nov 21 '18 at 21:12









        adrhcadrhc

        495314




        495314
































            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f36549656%2fdistributed-lock-manager-with-azure-sql-database%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            MongoDB - Not Authorized To Execute Command

            Image
            .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 0 I have successfully enabled authorization on MongoDB and I have created an account on the admin database and then I created an account for my database called test. The following connection string to connect to my test database works successfully: mongo --host 192.168.17.52 --port 27017 -u user1 -p password --authenticationDatabase test Only problem I have now is, I cannot execute commands such as: show dbs. I get the following error when I try to do so: "errmsg" : "not authorized on admin to execute command { listDatabases: 1.0, lsid: { id: UUID("a1d5bc0d-bc58-485e-b232-270758a89455") }, $db: "admin...
            Read more

            How to fix TextFormField cause rebuild widget in Flutter

            Image
            .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 0 I've got the same issue at #9280. I tried all solutions from that topic with/without GlobalKey for Scaffold and Form but the problem wasn't fixed. I tried to build a authentication form with login and signup. But the keyboard doesn't show when I tap the TextFormField at the first time. Then I try to input some letter from physical keyboard, the widget is rebuilt. Like this: login screen Nothing to be log when I run flutter run --verbose, so I logged manually. Every tapping on field, the widget called dispose -> init -> build. [√] Flutter (Channel beta, v1.0.0, on Microsoft Windows [Version 10.0.17763.195], ...
            Read more

            Npm cannot find a required file even through it is in the searched directory

            Image
            up vote 0 down vote favorite I got that error: users-Air:pdfuploader user$ npm run start client@0.1.0 start /Users/user/Documents/pdfuploader react-scripts start Could not find a required file. Name: index.html Searched in: /Users/user/Documents/pdfuploader/public npm ERR! code ELIFECYCLE npm ERR! errno 1 npm ERR! client@0.1.0 start: `react-scripts start` npm ERR! Exit status 1 npm ERR! npm ERR! Failed at the client@0.1.0 start script. npm ERR! This is probably not a problem with npm. There is likely additional logging output above. npm ERR! A complete log of this run can be found in: npm ERR! /Users/user/.npm/_logs/2018-11-19T10_19_14_555Z-debug.log users-Air:pdfuploader user$ And the file is in /Users/user/Documents/pdfuploader/public as you can see in my github repository: https://github.c...
            Read more