Improve initial metadata read using bson instead of unmarshal

[eparker-tulip]

Before entries can be masked out, or filtered by shard, an initial set of oplog entry metadata needs to be processed. This is currently done via the rawOplogEntry type which is populated using bson.Unmarshal(), but this is much slower compared to accessing the necessary properties directly using bson methods. Additionally, the namespace entry can be accessed before anything else, so that filtering can happen as far upstream as possible.

Benchmarking shows that small entries are 2x as fast, while the largest entries can be 100x faster.

[byronwasti]

Nice performance find!

[sannivasreddy]

Nice! I left a couple of comments below. It's strange that bson.Unmarshal even with raw bson is still worse (time and space complexity wise) than just looking up everything manually.

[sannivasreddy]

In this code, if there is any error in the unmarshal, we just returned here. Now, even if the various lookups or type checks fail, we log a message and continue. Should we just return if any step of this lookup process fails?

I'm also curious about when the previous unmarshal used to error. Did it error if the struct field type didn't match the type in the document? Probably. The change I proposed above deals with that. However, did it error if a matching key in the document for the struct wasn't found? I don't think so, and doing my change would mean different behavior in that case. I think looking into when bson unmarshalling errors and making sure behavior is the same as before (splitting the lookup and type check if necessary) is a good move.

[eparker-tulip]

Did it error if the struct field type didn't match the type in the document?

Yes, I tested this. If a field was missing or extra, there was no error. Only if a field existed but with a different type would the original unmarshal error. So this tries to mostly follow that pattern, but does error on namespace which would seem to be a required field. However, maybe none are -- I don't know what namespace would be set to in the case of a transaction. In that case, splitting up the lookup and type conversion and exactly matching the old behavior is probably best -- I had started that way, but wanted to avoid it since it makes for terribly messy code.

[sannivasreddy]

Yeah, it does get gnarly. Maybe put the conversion from bson to rawOplogEntry in a helper function? That might help that, and also make it easier to make changes in the future if necessary,

[eparker-tulip]

That would work -- I'd also have to pass in the denylist to allow for the early filtering, but that's probably fine

[sannivasreddy]

If we're doing a parse here, since we're not unmarshalling into the rawOplogEntry struct manually anymore, it might be worth it to store the returned database and collection name we get here in that struct, and then skipping the namespace parsing which happens later in parseRawOplogEntry by using the stored ones.

[eparker-tulip]

True, but it's more complicated because while it would work for the first one, parseRawOplogEntry is recursive for transactions, so it still needs to be done there anyway. And the parse is a pretty lightweight call, so to me this seems ok for the sake of simplicity.

[sannivasreddy]

We check the deny list again in line 420, which is probably not necessary anymore. That check would only do anything if the namespace exists and is parseable so we cover that case here.

[eparker-tulip]

The difference is that the second check is post-transaction, the way the original behavior was (though still it only checks the first entry in the transaction). But maybe we don't care about transactions for filtering? This might be good to confirm with @alex-goodisman, who originally added the denylist.

[sannivasreddy]

Actually, I think what you currently have is right. Rereading the parse code, it seems if there’s a command operation, the top level entry’s namespace is just admin.$cmd, so we probably do need to check that first sub-entry in the denylist. I’m also realising that we also now check this case (i.e. checking the namespace admin.$cmd) in the new denylist check, while we never had to do that before. Should be fine since admin shouldn’t be in the denylist, but something to keep in mind.

[sannivasreddy]

Nit: What about calling this just err? errID sounds like it stores an error ID, rather than it being the error for the ID parsing part.

[eparker-tulip]

Yeah, this is a pattern Yotam likes -- to be clear what each error variable is for, rather than just always err. But I'm fine either way, and I agree this could be confusing.

[sannivasreddy]

I see you used rawBson above and mustRaw in the other test cases. Why so? The pattern I notice seems to be that mustRaw is used for the input, and rawBson for the expected result. mustRaw seems weird actually. Other than what rawBson does, it checks if a byte array can be unmarshalled into bson.Raw, but that doesn't seem helpful, because they both have the same underlying type.

[eparker-tulip]

Yeah, mustRaw was already there, and I added rawBson for the other tests, so when I had to update this I used the rawBson, but I see now they're basically the same so I replaced all the mustRaw with rawBson to simplify.

[sannivasreddy]

Everything looks good, thanks for the changes! I've left a couple of minor thoughts below.

Other than those, it might be worth it to change the order of the functions in the tail.go file. For instance, getStartTime could be moved up before processEntry, and unmarshalEntryMetadata could be moved down to right before parseRawOplogEntry. I'm also not sure why some of these functions are methods on *Tailer. parseRawOplogEntry does nothing on *Tailer except call itself, and processEntry also does nothing. It might be worth doing some cleanup of this kind.

[sannivasreddy]

It might be nice to say a bit more about the performance issue with the usual unmarshalling, explaining why we need to do all these manual lookups.

[sannivasreddy]

Do you think it's worth it to replace the bson unmarshalling in the transaction case as well? We'd probably have to add a new function since we're now looking at a document array. I don't think this is necessary currently, but I just thought I'd mention it.

[eparker-tulip]

You're right -- I actually was intending to do this when I split off the function and then forgot after the long weekend