Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-28919

Soft drop for destructive table actions

Add voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      When we administratively drop a table column or entire table, or truncate a table, the process begins rapidly. Procedures are scheduled for immediate execution that then modify or remove descriptors and state in META and on disk, and take unrecoverable actions at the HDFS layer. Although HFiles are copied to the archive in a destructive action, recovery scenarios are not automatic and involve some operator labor to reconstruct the table and re-import the archived data. If the HFileCleaner is not properly configured to facilitate such recovery then some data is not recoverable soon after procedure execution commences and all affected data is not recoverable within minutes. A customer faced with such an accident will be unhappy because the recovery scenarios available to them from this will involve either a restore from backup or from an earlier snapshot, and any changes committed more recently than the time of the last backup or last snapshot will be lost. 

      An effective solution is very simple: We can easily prevent the deletion of the HFiles of a deleted table or table column family by taking a snapshot of the table immediately prior to taking any destructive actions. We set a TTL on the snapshot so housekeeping of truly unwanted HFiles remains no touch. Because we take a table snapshot all table structure and metadata is also captured and saved so fast recovery is possible, as either a restore from snapshot, or a clone from snapshot to a new table. For as long as the snapshot is retained it is straightforward to recover the table data by either restoring the table from the snapshot or cloning the snapshot to a new table, at the operator’s discretion.

      No manual actions are required to see the table or column family (or families) truly dropped. Once the snapshot TTL expires all the HFiles related to the dropped table become eligible for deletion. When the HFileCleaner chore executes after that time the HDFS level file deletes will commence with associated reduction in storage requirements. 

      Design document is attached. 

      I have a working implementation of this proposal based on a fork of branch-2.5. 

      Attachments

        1. Soft Drop for Destructive Table Actions.pdf
          364 kB
          Andrew Kyle Purtell

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            apurtell Andrew Kyle Purtell
            apurtell Andrew Kyle Purtell

            Dates

              Created:
              Updated:

              Slack

                Issue deployment