Akka源码分析-Persistence-AtLeastOnceDelivery

Posted gabry

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Akka源码分析-Persistence-AtLeastOnceDelivery相关的知识,希望对你有一定的参考价值。

  使用过akka的应该都知道,默认情况下,消息是按照最多一次发送的,也就是tell函数会尽量把消息发送出去,如果发送失败,不会重发。但有些业务场景,消息的发送需要满足最少一次,也就是至少要成功发送一次。akka在Persistence的基础之上提供了at-least-once传递的语法。

  简单来说akka中的at-least-once机制,会在规定时间内等待消息接收成功的确认消息。如果收到,则发送成功;否则,尝试重发;超过重试次数则不再重发。

  其实如果不看akka的源码,让我们自己来实现至少一次的语法,实现基本功能也非常简单。首先,我们会在内存中保存消息ID与消息的映射列表,如果指定时间内收到确认消息,则从列表中移除;否则进行重发,到达指定次数之后将为确认的消息从列表移除。重发通过定时器来实现,也就是在固定时间间隔发送心跳消息,发送哪些已经发送且规定时间内没有收到确认消息的消息。当然了,这个映射列表不能无限增长,要不然内存就爆了,所以这应该是一个固定长度的列表。当然了,我们还可以把未确认消息保存到redis等第三方缓存中去,来避免OOM和actor重启后未确认消息列表丢失的问题。

  那akka是如何实现的呢?既然at-least-once是在Persistence章节出现,所以未确认消息会通过Persistence机制来持久化喽?

  在阅读akka的at-least-once源码之前,有些概念和结论需要说明一下,具体可参见官网,但为了更好的阅读源码,这里再啰嗦几句。

  • 发送方actor会在内存中保存为确认消息的列表,为了防止actor重启导致内存数据丢失,需要手动调用持久化相关的函数,来保存内存数据。AtLeastOnceDelivery只提供接口,不负责自动持久化。
  • AtLeastOnceDelivery通过deliver方法发送消息,开发者必须在手动通过confirmDelivery来确认消息已经收到。
  • 每个消息都必须有一个消息ID,这个消息ID由AtLeastOnceDelivery生成。
  • AtLeastOnceDelivery给ActorSelectioin发送消息,这就意味着是通过ActorPath给actor发消息。如果某个actor被开发者stop只有,重新actorOf创建,可能会收到上一个实例的消息。这一点开发者需要特别注意。
  • 由于未确认消息保存在内存,可能造成OOM,且在超过内存列表长度的时候,投递消息时会发生异常,需要开发者自行处理该异常。
  • 消息发送不再保证顺序,因为消息可能重发,会打乱顺序。

 

  首先来看下官网的demo。

case class Msg(deliveryId: Long, s: String)
case class Confirm(deliveryId: Long)

sealed trait Evt
case class MsgSent(s: String) extends Evt
case class MsgConfirmed(deliveryId: Long) extends Evt

class MyPersistentActor(destination: ActorSelection)
  extends PersistentActor with AtLeastOnceDelivery {

  override def persistenceId: String = "persistence-id"

  override def receiveCommand: Receive = {
    case s: String           ? persist(MsgSent(s))(updateState)
    case Confirm(deliveryId) ? persist(MsgConfirmed(deliveryId))(updateState)
  }

  override def receiveRecover: Receive = {
    case evt: Evt ? updateState(evt)
  }

  def updateState(evt: Evt): Unit = evt match {
    case MsgSent(s) ?
      deliver(destination)(deliveryId ? Msg(deliveryId, s))

    case MsgConfirmed(deliveryId) ? confirmDelivery(deliveryId)
  }
}

class MyDestination extends Actor {
  def receive = {
    case Msg(deliveryId, s) ?
      // ...
      sender() ! Confirm(deliveryId)
  }
}

   demo很简单,我们需要关注它都继承了哪些接口:PersistentActor、AtLeastOnceDelivery。之前说过,至少一次是基于持久化的,所以能不能只继承AtLeastOnceDelivery呢?能!AtLeastOnceDelivery本身就已经继承PersistentActor了。

/**
 * Scala API: Mix-in this trait with your `PersistentActor` to send messages with at-least-once
 * delivery semantics to destinations. It takes care of re-sending messages when they
 * have not been confirmed within a configurable timeout. Use the [[AtLeastOnceDeliveryLike#deliver]] method to
 * send a message to a destination. Call the [[AtLeastOnceDeliveryLike#confirmDelivery]] method when the destination
 * has replied with a confirmation message.
 *
 * At-least-once delivery implies that original message send order is not always retained
 * and the destination may receive duplicate messages due to possible resends.
 *
 * The interval between redelivery attempts can be defined by [[AtLeastOnceDeliveryLike#redeliverInterval]].
 * After a number of delivery attempts a [[AtLeastOnceDelivery.UnconfirmedWarning]] message
 * will be sent to `self`. The re-sending will still continue, but you can choose to call
 * [[AtLeastOnceDeliveryLike#confirmDelivery]] to cancel the re-sending.
 *
 * The `AtLeastOnceDelivery` trait has a state consisting of unconfirmed messages and a
 * sequence number. It does not store this state itself. You must persist events corresponding
 * to the `deliver` and `confirmDelivery` invocations from your `PersistentActor` so that the
 * state can be restored by calling the same methods during the recovery phase of the
 * `PersistentActor`. Sometimes these events can be derived from other business level events,
 * and sometimes you must create separate events. During recovery calls to `deliver`
 * will not send out the message, but it will be sent later if no matching `confirmDelivery`
 * was performed.
 *
 * Support for snapshots is provided by [[AtLeastOnceDeliveryLike#getDeliverySnapshot]] and [[AtLeastOnceDeliveryLike#setDeliverySnapshot]].
 * The `AtLeastOnceDeliverySnapshot` contains the full delivery state, including unconfirmed messages.
 * If you need a custom snapshot for other parts of the actor state you must also include the
 * `AtLeastOnceDeliverySnapshot`. It is serialized using protobuf with the ordinary Akka
 * serialization mechanism. It is easiest to include the bytes of the `AtLeastOnceDeliverySnapshot`
 * as a blob in your custom snapshot.
 *
 * @see [[AtLeastOnceDeliveryLike]]
 * @see [[AbstractPersistentActorWithAtLeastOnceDelivery]] for Java API
 */
trait AtLeastOnceDelivery extends PersistentActor with AtLeastOnceDeliveryLike

   请大家仔细、认真的阅读官方源码注释,它说明了AtLeastOnceDelivery这个接口几个非常重要的概念和细节,当然了,前面我们也已经提前说过了。

  AtLeastOnceDelivery源码很多,从头分析有点费事,简单起见,还是从官方demo用法入手。demo中发消息时调用了deliver,收到确认消息时调用了confirmDelivery,那就从这两个函数入手。

 /**
   * Scala API: Send the message created by the `deliveryIdToMessage` function to
   * the `destination` actor. It will retry sending the message until
   * the delivery is confirmed with [[#confirmDelivery]]. Correlation
   * between `deliver` and `confirmDelivery` is performed with the
   * `deliveryId` that is provided as parameter to the `deliveryIdToMessage`
   * function. The `deliveryId` is typically passed in the message to the
   * destination, which replies with a message containing the same `deliveryId`.
   *
   * The `deliveryId` is a strictly monotonically increasing sequence number without
   * gaps. The same sequence is used for all destinations of the actor, i.e. when sending
   * to multiple destinations the destinations will see gaps in the sequence if no
   * translation is performed.
   *
   * During recovery this method will not send out the message, but it will be sent
   * later if no matching `confirmDelivery` was performed.
   *
   * This method will throw [[AtLeastOnceDelivery.MaxUnconfirmedMessagesExceededException]]
   * if [[#numberOfUnconfirmed]] is greater than or equal to [[#maxUnconfirmedMessages]].
   */
  def deliver(destination: ActorSelection)(deliveryIdToMessage: Long ? Any): Unit = {
    internalDeliver(destination)(deliveryIdToMessage)
  }

   注释中说deliveryIdToMessage是一个函数,它根据消息ID构建Any类型的消息。它会一直重试发送消息,直到通过confirmDelivery来确认消息送达。deliveryId是一个自增长的序列号,步长为1。在恢复时不会对外发送消息,但之后会重新发送未确认消息。如果未确认消息到达maxUnconfirmedMessages阈值,则会抛出异常AtLeastOnceDelivery.MaxUnconfirmedMessagesExceededException。

 private[akka] final def internalDeliver(destination: ActorSelection)(deliveryIdToMessage: Long ? Any): Unit = {
    val isWildcardSelection = destination.pathString.contains("*")
    require(!isWildcardSelection, "Delivering to wildcard actor selections is not supported by AtLeastOnceDelivery. " +
      "Introduce an mediator Actor which this AtLeastOnceDelivery Actor will deliver the messages to," +
      "and will handle the logic of fan-out and collecting individual confirmations, until it can signal confirmation back to this Actor.")
    internalDeliver(ActorPath.fromString(destination.toSerializationFormat))(deliveryIdToMessage)
  }

   internalDeliver首先会校验ActorSelection中不能包含*号,它说你可以自己实现,其实就是用一个中转actor来做汇总。具体为啥就不讨论了,反正注意这一点就好了。

private[akka] final def internalDeliver(destination: ActorPath)(deliveryIdToMessage: Long ? Any): Unit = {
    if (unconfirmed.size >= maxUnconfirmedMessages)
      throw new MaxUnconfirmedMessagesExceededException(
        s"Too many unconfirmed messages, maximum allowed is [$maxUnconfirmedMessages]")

    val deliveryId = nextDeliverySequenceNr()
    val now = if (recoveryRunning) { System.nanoTime() - redeliverInterval.toNanos } else System.nanoTime()
    val d = Delivery(destination, deliveryIdToMessage(deliveryId), now, attempt = 0)

    if (recoveryRunning)
      unconfirmed = unconfirmed.updated(deliveryId, d)
    else
      send(deliveryId, d, now)
  }

   第一个if语句就不说了,就是判断当前内存列表大小的,而且未保存消息是保存在unconfirmed中的。nextDeliverySequenceNr用来生成消息ID。之后创建了Delivery消息,封装了一些参数,大家要注意下这个case class各个字段的值。最后调用send发送Delivery消息。

private def send(deliveryId: Long, d: Delivery, timestamp: Long): Unit = {
    context.actorSelection(d.destination) ! d.message
    unconfirmed = unconfirmed.updated(deliveryId, d.copy(timestamp = timestamp, attempt = d.attempt + 1))
  }

   send非常简单,就是把源消息发送出去,然后把对应的Delivery数据保存到unconfirmed中。

private var unconfirmed = immutable.SortedMap.empty[Long, Delivery]

   unconfirmed是一个有序的Map,按照序列号排序。

/**
   * Call this method when a message has been confirmed by the destination,
   * or to abort re-sending.
   * @see [[#deliver]]
   * @return `true` the first time the `deliveryId` is confirmed, i.e. `false` for duplicate confirm
   */
  def confirmDelivery(deliveryId: Long): Boolean = {
    if (unconfirmed.contains(deliveryId)) {
      unconfirmed -= deliveryId
      true
    } else false
  }

   confirmDelivery怎么实现的呢?就是从unconfirmed中移除对应deliveryId的数据,当然了没有收到deliveryId的确认消息,这个列表是不会移除相关数据的。这是不是太简单了点。你是不是想说一句f**k。哈哈,我也想说。不过消息重发是如何实现的呢?前文分析过,是通过心跳来实现的,这就会涉及到一个timer,timer一般会在preStart来实现或者在字段初始化时设定。不过翻遍AtLeastOnceDeliveryLike居然没找到相关的代码,只找到了一个timer的定义。

// will be started after recovery completed
  private var redeliverTask: Option[Cancellable] = None
private def startRedeliverTask(): Unit = {
    val interval = redeliverInterval / 2
    redeliverTask = Some(
      context.system.scheduler.schedule(interval, interval, self, RedeliveryTick)(context.dispatcher))
  }

    官方注释说,会在recovery完成的时候启动这个timmer。如果你看过之前关于持久化的文章,就一定知道,在PersistentActor启动时候,会首先进行recovery操作,而不管这是第一次启动,还是一次重启。所有消息都恢复之后,会再发送恢复成功的消息,同时调用onReplaySuccess方法。而在AtLeastOnceDeliveryLike中也覆盖了onReplaySuccess。其实我们可以把onReplaySuccess看做普通actor的preStart函数。

override private[akka] def onReplaySuccess(): Unit = {
    redeliverOverdue()
    startRedeliverTask()
    super.onReplaySuccess()
  }

   redeliverOverdue先不分析,可以看到startRedeliverTask的调用,也就是启动了一个timer。

/**
   * Interval between redelivery attempts.
   *
   * The default value can be configured with the
   * `akka.persistence.at-least-once-delivery.redeliver-interval`
   * configuration key. This method can be overridden by implementation classes to return
   * non-default values.
   */
  def redeliverInterval: FiniteDuration = defaultRedeliverInterval

  private val defaultRedeliverInterval: FiniteDuration =
    Persistence(context.system).settings.atLeastOnceDelivery.redeliverInterval

   根据startRedeliverTask的源码来看,它以akka.persistence.at-least-once-delivery.redeliver-interval配置的一半时间作为间隔给self发送RedeliveryTick消息。

override protected[akka] def aroundReceive(receive: Receive, message: Any): Unit =
    message match {
      case RedeliveryTick ?
        redeliverOverdue()

      case x ?
        super.aroundReceive(receive, message)
    }

   很显然收到RedeliveryTick消息,调用了redeliverOverdue方法,这个方法应该就是在重新投递未确认的消息喽。

private def redeliverOverdue(): Unit = {
    val now = System.nanoTime()
    val deadline = now - redeliverInterval.toNanos
    var warnings = Vector.empty[UnconfirmedDelivery]

    unconfirmed
      .iterator
      .filter { case (_, delivery) ? delivery.timestamp <= deadline }
      .take(redeliveryBurstLimit)
      .foreach {
        case (deliveryId, delivery) ?
          send(deliveryId, delivery, now)

          if (delivery.attempt == warnAfterNumberOfUnconfirmedAttempts)
            warnings :+= UnconfirmedDelivery(deliveryId, delivery.destination, delivery.message)
      }

    if (warnings.nonEmpty)
      self ! UnconfirmedWarning(warnings)
  }

   这段源码还算简单,就是用当前时间减去重发时间间隔,把小于该时间的消息重新发送,也就是说在一个时间间隔内的消息不会重发(因为还没有到重发的时间,这部分消息会在下一个时间间隔到达的时候发送)。

/**
   * Maximum number of unconfirmed messages that will be sent at each redelivery burst
   * (burst frequency is half of the redelivery interval).
   * If there‘s a lot of unconfirmed messages (e.g. if the destination is not available for a long time),
   * this helps to prevent an overwhelming amount of messages to be sent at once.
   *
   * The default value can be configured with the
   * `akka.persistence.at-least-once-delivery.redelivery-burst-limit`
   * configuration key. This method can be overridden by implementation classes to return
   * non-default values.
   */
  def redeliveryBurstLimit: Int = defaultRedeliveryBurstLimit

   redeliveryBurstLimit这个参数也需要注意下,也就是说在重发未确认消息时,不能一次性发送完,而是有一个最大值限制的。不要问我为啥,要是我,就直接一次性全部发送了,堆积的消息还留着撑爆内存啊。不过akka是个通用的、稳定的框架,考虑一下也不算坏事吧。

  注意,如果消息重试次数达到warnAfterNumberOfUnconfirmedAttempts这个阈值的话,会给self发送给一个UnconfirmedWarning消息,这跟直接丢弃好像不符合嘛,而且只有在等于阈值的时候才会发送UnconfirmedWarning消息。好丢脸,居然跟预想的不一样。不过这估计是为了考虑灵活性,如果到达重试阈值都没收到确认消息,需要开发者在收到UnconfirmedWarning消息后自行处理。如何处理?三个方案吧,手动调用confirmDelivery丢弃该消息,即发送失败;调用confirmDelivery先把该消息从内存中移除,然后再调用deliver相关的逻辑,做下一次重试,不过此时要做好重试消息的区分;忽略该消息。

  分析到这里,AtLeastOnceDelivery机制就基本清楚了,那读者可能会问,这就是把未确认消息先保存在内存,等收到确认消息后再从内存中移除,这是不是太简单了。如果内存爆了,或者actor失败重启了,消息不就丢了?既然是基于持久化的,为啥不把未确认消息持久化呢?我想大概有几点可以说明吧,保存在内存就是为了快,如果每发一个消息都需要持久化,性能上跟不上,而且还涉及到顺序写和随机读两次IO。当然了,AtLeastOnceDelivery提供了持久化的接口。

/**
   * Full state of the `AtLeastOnceDelivery`. It can be saved with [[PersistentActor#saveSnapshot]].
   * During recovery the snapshot received in [[SnapshotOffer]] should be set
   * with [[#setDeliverySnapshot]].
   *
   * The `AtLeastOnceDeliverySnapshot` contains the full delivery state, including unconfirmed messages.
   * If you need a custom snapshot for other parts of the actor state you must also include the
   * `AtLeastOnceDeliverySnapshot`. It is serialized using protobuf with the ordinary Akka
   * serialization mechanism. It is easiest to include the bytes of the `AtLeastOnceDeliverySnapshot`
   * as a blob in your custom snapshot.
   */
  def getDeliverySnapshot: AtLeastOnceDeliverySnapshot =
    AtLeastOnceDeliverySnapshot(
      deliverySequenceNr,
      unconfirmed.map { case (deliveryId, d) ? UnconfirmedDelivery(deliveryId, d.destination, d.message) }(breakOut))

   这个是啥呢?其实就是为你构建一个AtLeastOnceDeliverySnapshot,这个值包含当前的发送序列号和未确认的消息列表。

/**
   * If snapshot from [[#getDeliverySnapshot]] was saved it will be received during recovery
   * in a [[SnapshotOffer]] message and should be set with this method.
   */
  def setDeliverySnapshot(snapshot: AtLeastOnceDeliverySnapshot): Unit = {
    deliverySequenceNr = snapshot.currentDeliveryId
    val now = System.nanoTime()
    unconfirmed = snapshot.unconfirmedDeliveries.map(d ?
      d.deliveryId → Delivery(d.destination, d.message, now, 0))(breakOut)
  }

   还有一个就是setDeliverySnapshot,他就是从AtLeastOnceDeliverySnapshot中,恢复当前的发送序列号和未确认消息列表。

  AtLeastOnceDelivery关于持久化,就提供了这两个接口,仅此而已!那啥时候调用setDeliverySnapshot呢,调用setDeliverySnapshot时的AtLeastOnceDeliverySnapshot参数从哪里获取呢?哈哈,你猜。

  其实,这是AtLeastOnceDelivery灵活的地方,它让你自己去实现。怎么实现呢?如果你用过akka的持久化接口,就一定知道除了persist还有一个saveSnapshot函数,用来保存当前状态的快照。这就简单了,你可以给self发一个定时消息,或者在当前未确认消息达到一定值的时候,通过getDeliverySnapshot函数,获取当前未确认消息的快照,调用saveSnapshot保存起来。在receiveRecover方法中,收到SnapshotOffer消息后,再调用setDeliverySnapshot设置当前未确认消息。肿么样是不是很简单呢。

  AtLeastOnceDelivery就是太简单了,所以还是有点问题的。比如发送的消息中只包含一个发送序列号,并没有消息ID和重试次数相关的信息,那如何区别消息是重试的,还是第一次发送的呢?我觉得这是一个很大的bug啊,因为我自己是无法区分消息是不是重发的!这样在使用AtLeastOnceDelivery时,就注意几点。

  • 消息最好包含消息ID,即唯一值。
  • 对消息的处理一定要幂等,也就是说收到重复的消息不会影响业务逻辑。
  • 如果对消息的顺序要求严格,一定要仔细研究这其中的逻辑关系。

 

以上是关于Akka源码分析-Persistence-AtLeastOnceDelivery的主要内容,如果未能解决你的问题,请参考以下文章

Akka源码分析-Cluster-DistributedData

Akka源码分析-Actor创建

Akka源码分析-Persistence-AtLeastOnceDelivery

Akka源码分析-Event Bus

Akka源码分析-Actor&ActorContext&ActorRef&ActorCell

Akka源码分析-Remote-发消息