JBossDeveloper

"mskonda" wrote:
Tim,

If the Recovery manager *somehow* gets hold of a XAResoruce reference, that'll be adequate (for now!) for recovery, am I correct in taking this direction?

"mskonda" wrote:
Tim,

If the Recovery manager *somehow* gets hold of a XAResoruce reference, that'll be adequate (for now!) for recovery, am I correct in taking this direction?

(It is almost same as your JMSRecoverable class publishing to JNDI from which you intended to grab the XAResource and then call recovery).

"timfox" wrote:

On recovery you need to "resurrect" the transaction instance from the database (since that is currently acting as our transaction log) and add it to the transaction repository. Whether this is done on startup or on demand is another question..

By adding to transaction repository, do you mean JBossTS object store? I can fetch the transaction from the database, but I am not sure whether we can merge with JBossTS (if I am not mis-reading your lines)

Most of the plumbing should be in place (although untested).

Just need to make sure the transaction repository is populated with prepared txs from the db on node recovery.

There is the issue that the xaresource needs to contact the possibly remote jms server in order to actually perform recovery.

I'm beginning to think that making it serializable as Mark suggests is the right way to go. The serializable XAResource knows the jms server to contact.

If the server hasn't been brought back up then the remote call will fail. (Not sure the best way to signal this to the transaction manager - just throw an exception from recover?).

I'm going to think about this some more tomorrow since I have quite bad jet lag right now :)

You only need to contact the remote server when the transaction manager instructs the XAResource to either commit or roll back. At that stage, you can throw an XAException with the right error code (XAER_RMFAIL) and the transaction service will simply try again later.

Ok, finally I have found some time to read (skim) the JBoss Transactions documentation :)

It's my understanding that making the XAResource serializable is only useful for "transaction iniitiated" recovery - this is when the failure occurs after an entry has been written in the tx log.

It's possible that failure can occur before this - in which case JBoss TS has no XAresource to deserialize, so needs to call a XAResourceRecovery instance to get an XAResource instance and call recover() on it.

It seems to me that we cannot guarantee that failure occurs after a record has been written in the tx log, so transaction initiated recovery is no good for us.

(Aside - Actually I am trying to think of a situation when you can guarantee that failure only occurs after a record has been written in the tx log and therefore it's appropriate to use transaction initiated recovery - maybe when it's all in one vm?)

So, if we're going to use resource initiated recovery then we need to implement XAResourceRecovery which should be fairly straightforward.

In the case the jms server node is not up, then XAResourceRecovery needs to signal to the TM that the node is not available - not sure how we do this - we can't wait until we have obtained the XAresource instance and call commit/rollback on it since we can't obtain the instance if the server is not up.

"mskonda" wrote:


I think the missing piece is - can the JBossMessaging XAResource be resurrected by the transaction manager to call recovery on it? (by making this serializable might give enough information to the recovery module?)

"mskonda" wrote:

Also, how does the TransactionManager treat non serialized XAResources?

"timfox" wrote:
Ok, finally I have found some time to read (skim) the JBoss Transactions documentation :)

It's my understanding that making the XAResource serializable is only useful for "transaction iniitiated" recovery - this is when the failure occurs after an entry has been written in the tx log.

It's possible that failure can occur before this - in which case JBoss TS has no XAresource to deserialize, so needs to call a XAResourceRecovery instance to get an XAResource instance and call recover() on it.

It seems to me that we cannot guarantee that failure occurs after a record has been written in the tx log, so transaction initiated recovery is no good for us.

(Aside - Actually I am trying to think of a situation when you can guarantee that failure only occurs after a record has been written in the tx log and therefore it's appropriate to use transaction initiated recovery - maybe when it's all in one vm?)

So, if we're going to use resource initiated recovery then we need to implement XAResourceRecovery which should be fairly straightforward.

In the case the jms server node is not up, then XAResourceRecovery needs to signal to the TM that the node is not available - not sure how we do this - we can't wait until we have obtained the XAresource instance and call commit/rollback on it since we can't obtain the instance if the server is not up.

"mark.little@jboss.com" wrote:

"mskonda" wrote:

Also, how does the TransactionManager treat non serialized XAResources?

For non-serializable XAResources, you need to register an appropriate XAResourceRecovery instance with the recovery sub-system.

We're not (currently) using distributed transactions.

We have something like the following:

Transaction Manager on node A (probably an app server) in which we enlist XAresources corresponding to jms servers on (potentially) different nodes e.g B, C

Effectively the XAResource enlist at node A is a remote proxy to the actual resource manager on node B or C (for example).

When prepare is issued on the XAresource this cause a remote call to node B or C, where the state is stored in the jboss messaging transaction log (current ly the db).

If the information about participants is only stored after prepare on node A, then it seems to me that if the node A can crash after the state has been stored on node B but before it has been logged on A.

In such a case I don't understand how we can use transaction initiated recovery as you suggest, since if we do so, then the transaction manager will never know to rollback the transaction (since it has no record).

What am I missing here?

"mskonda" wrote:

"timfox" wrote:

So, if we're going to use resource initiated recovery then we need to implement XAResourceRecovery which should be fairly straightforward.

In the case the jms server node is not up, then XAResourceRecovery needs to signal to the TM that the node is not available - not sure how we do this - we can't wait until we have obtained the XAresource instance and call commit/rollback on it since we can't obtain the instance if the server is not up.

I did implement this recovery mechanism (created a MessagingXARecovery class that implements XAResourceRecovery). However, there is one main issue:

I am trying to create the XAResoruce using the XA connection factory obtained from the JNDI in the getXAResource() method.
The problem is - the method getXAResource() (once the hasMoreResouces() returns true) is called prior to application sever complete boot up as the recovery precedes other tasks. Ths fails as JNDI server is not yet up and references have not been populated.

I am not sure whether we can postpone the recovery manager until for few minutes or until the server is completey up