VACUUMING lmaster check is wrong when nodes are disconnected from the cluster
During vacuuming we incorrectly used the size of the VNN map as the range of possible/allowed lmaster values.
This is incorrect if for example one or more of the nodes in the cluster are permanently disconnected and taken out of service.
When this happens, there will be a slow and steady buildup of un-vacuumable records which belong to the last n nodes in the cluster.
Un vacuumnable since the vnn map is smaller than the niumber of nodes and any records belonging to a node with pnn id higher than the size of the vnn map size would always be ignored.
Eventually the cluster would be full of un-vacuumable dead records which would lead to ctdb outages.
Fix the vacuuming logic to use ctdb->num_nodes as the possible range for lmaster values. Fix the other references in the vacuuming to keep ctdb->num_nodes lists of records and not vnnmap->size.
To reproduce, start a 3 node cluster and shutdown node #1 so only node #0 and node #2 are running.
To not have to create unrealistically large number of records, we need to tweak the tunables for vacuuming so vacuuming also triggers for small number of rectords :
onnode all ctdb setvar VacuumLimit 10; onnode all ctdb setvar RepackLimit 10
Use smbtorture to create a large number of dead records in sessionid.tdb :
smbtorture //127.0.0.1/data -U<user>%<password> --num-ops=3000 BASE-BENCH-HOLDCON
Without the patch, many/most records would eventually be vacuumed, but the database would never become completely empty, there would always be a number of records that would hash to node#2 which would never be removed.
With this patch, all records will eventually become vacuumed and the database would become empty.
alternatively, by starting node#1, the database would also become empty.
The command 'tdbdump /var/ctdb/sessionid.tdb.* | grep data\(24\) | wc -l'
can be used to count how many dead records exist in the database.
CQ S1022203
git.samba.org / sahlberg / ctdb.git / commit