Hany,

Thanks for the effort. Here are my comments.

* passivation

From JBossCache eviction policy implementation, The eviction policy is invoked based on the configured wakeup interval to process cache nodes (sessions) eviction based on the configured eviction policy attributes. The CachePassivation Interceptor will intercept the evict method calls on the nodes (sessions). It'll emit pre-passivation notification and store them in the configured passivation store (cache loader store) (filesystem or database).

Hany,

1. Why do we need eviction ploicy in order to use passivation. All we need is "evict" method call and that will trigger the passivation, isn't it?

2. I meant background thread and eviction thread (if configured) may run into the same dataset, and therefore the contention.

3. OK. I guess how does Tomcat (non-clustered mode) do the passivation (or configured then)? I thought when the session expires, it is passivated? Or I am mistaken?

Thanks,

-Ben

Hany,

I am just curious when your implementation is completed, will we mimic what the standalone (non-clustered) notation as in here
http://tomcat.apache.org/tomcat-5.5-doc/config/manager.htm?

That is, will we have similar semantics like maxIdleSwap, etc?

Thanks,

-Benl

A few thoughts:

1) Re: JBossCache API needed to support session management. There are 4 events that cause removal of a session from a particular cluster node's cache:

a) Passivation. evict(Fqn) with the PassivationInterceptor should do.
b) Webapp shutdown -- again evict(Fqn) w/ PassivationInterceptor.
c) Logout via call to session.invalidate(). remove(Fqn) w/ the CacheStoreInterceptor removing the session from the persistent store as well.
d) Session expiration. remove(Fqn, Option) with the Option.setCacheModeLocal(), thus ensuring removal doesn't propagate. CacheStoreInterceptor removes the session from the persistent store as well.

Hany, does this sound like it matches your needs?

2) Shared vs. unshared store. This is an issue in the case of session expiration. Sessions are independently expired by different cluster nodes. If a shared store is used, a session expiring on one node could lead to invalid removal from a shared store. This is a bit of an edge case, where the background thread on one node expires a session, while on another node a request comes in just in the nick of time to keep the session alive. Can also happen if there is read-only activity on one node that is keeping the session alive but not causing it to replicate.

A potential solution to this problem is having the CacheStoreInterceptor check for Option.isCacheModeLocal() == true. If so, AND the cache loader is shared, don't remove. Haven't really thought this through, and implementing such behavior would be in JBossCache and thus affect all JBC use cases.

Also, if the session is not removed from a shared store when it expires, it may never be removed (i.e. it expires on all nodes, and is never removed from the store). So we'd need some kind of process to come along and do a cleanup. Ugly.

My initial inclination on this is to design for an unshared store and document this. Thoughts?

3) I'm a little confused by the bit about activation and the TreeCacheListener. I think we need to establish some ground rules as to what triggers a notification. There is an important distinction between the JBossCacheManager and the cache itself. IMHO, activity solely in the cache is insufficient to trigger a notification. For example, say a session has been passivated. Then a replication message comes in from another node. If I understand it correctly, processing the replication message would lead the ActivationInterceptor to activate the session's nodes in the TreeCache. However, this shouldn't trigger an activation event; the activation occurs when the JBossCacheManager once again loads the session from the cache. This may never happen.

Same thing with passivation. I'm working on a mechanism whereby sessions that are replicated (and thus in the cache) but never accessed on a given server never get loaded by JBossCacheManager -- they exist only in the cache. If such a session is never accessed on a cluster node, there would be no activation notification on that node. If the session were later passivated to clear space in the cache, there should be no passivation notification either.

4) Configuration. A major goal I have is to simplify configuration of session replication. Currently up to 4 files can be touched by session repl config -- jboss-service.xml, server.xml, tc5-cluster-service.xml and jboss-web.xml. Almost everything we currently configure is actually changeable per webapp. I'd like to move toward a simpler system where jboss-service.xml isn't involved, default values are set in server.xml (where most other web container config is done) and per-webapp overrides are in jboss-web.xml.

I'd like as little configuration in tc5-cluster-service.xml as possible. Basically, just choosing REPL_SYNC or REPL_ASYNC.

Controlling passivation via configuring eviction policies in tc5-cluster-service.xml runs counter to this. I guess there are global things that have to be configured here, such as the cache loader. (Not being able to persist different webapps' sessions to different stores is actually a flaw in our approach). But most of the other config switches should be configurable per webapp. Having to add separate eviction regions to tc5-cluster-service.xml to do this seems pretty painful.

Also, it seems that once activation/passivation is turned on in tc5-cluster-service.xml, it's going to apply to all webapps, whether needed or not. Is there any way around this, prior to a Region becoming a first-class citizen?

Hany, I was looking for ways to make you miserable, so I totally refactored the session repl code over the weekend ;) Sorry about that -- I needed to clean some things up for 4.0.4.CR2 and as I got into it found other issues that required some fairly major surgery to fix. Conceptually most things still work the same though.

"hmesha" wrote:
The rule is "If any of the cluster nodes touch a passivated session and cause the session to be activated in the cache, we would activate it in the session maanger as well". Is this rule not correct?

"hmesha" wrote:
If so, then I can remove the action in CacheListener.nodeActivate method to not load the session and that would solve the issue. The session activation, at this point, would only happen when JBossCacheManager.loadSession() is called on a session whether passivated or already exist in the cache. In other words, we'd decouple the session activation from the cache activation.

"hmesha" wrote:
I think we can acheive multiple cache loaders by chanining cache loaders but I'd rather leave this as an enhancement in future relases, what you think?

"hmesha" wrote:

But most of the other config switches should be configurable per webapp. Having to add separate eviction regions to tc5-cluster-service.xml to do this seems pretty painful.

I think, that is the only configuration available at the moment, Any thoughts here?

There are 3 caches related to sessions -- the JBC replicated cache, JBossManager.sessions_ and JBossCacheManager.unloadedSessions_. These have to be kept in sync. If a node is evicted from the replicated cache, it needs to also be removed from JBossManager.sessions_. Otherwise, the memory savings from eviction are incomplete. If it is removed from JBossManager.sessions_ an entry needs to be added to JBossCacheManager.unloadedSessions_, with a timestamp equal to the session's lastAccessedTime property. Otherwise the session may never be expired and we'll leak the persistent copy. If it never existed in JBossManager.sessions_, nothing more needs to be done.

Need to be careful about synchronization during this process. .....

Also, if the session is evicted from the local cache, all nodes that comprise that session should be evicted from JBC.

A bigger concern is the "maxNodes" configuration. The standard configuration of session passivation is at the session level, and a session will be comprised of one, two or many JBC nodes, depending on granularity. We need to allow configuration of this at the session level; the JBC maxNodes concept is insufficient. Users will want to be able to think in terms of sessions, not the internal implementation detail of nodes.

If FIELD replication is used, I don't know how it is possible to translate from a session config in jboss-web.xml to a maxNodes config for a JBC eviction region. There is no way to know how many nodes will comprise a session.

Also, if FIELD is used, I believe we need to use AopLRUPolicy for it to work correctly.

In general, the translation between session and nodes seems like a can of worms. We get this because we want to use an eviction policy rather than letting the TC background thread do the eviction.