persist: expose API for writing/reading "free-standing" batches

[aljoscha]

Add API for writing and reading batches without creating a WriteHandle/ReadHandle. Writing batches still requires a ShardId, which is used for namespacing in blob storage.

Work towards
https://github.com/MaterializeInc/database-issues/issues/9180, where we want to use persist batches/blob to stash peek results when sending them back to environmentd.

[aljoscha]

You might object to these being exposed. We only need HollowBatch because we use it to sniff out the size/num_rows from stashed batches without turning them into a Batch and/or reading them.

[bkirwi]

I don't have immediate strong feelings here, but it'll be interesting to see the usage code in the next round!

[aljoscha]

The usage is in https://github.com/MaterializeInc/materialize/pull/32335/commits, its the last commit.

Specifically, the Schemas are used here:

• materialize/src/adapter/src/coord/peek.rs

  Line 793 in 2d08009

  let read_schemas: Schemas<SourceData, ()> = Schemas {

• materialize/src/compute/src/compute_state.rs

  Line 1708 in 12778b0

  let write_schemas: Schemas<SourceData, ()> = Schemas {

I managed to change to code so that it doesn't need HollowBatch exposed, by writing down the encoded batch sizes in the response struct itself. Though that requires exposing an encoded_size_bytes on Batch, which seems better?

[bkirwi]

Batch::encoded_size_bytes seems fine, yeah!

[aljoscha]

These are basically duplicated code. I could add a WriteHandle::batch_builder_inner that doesn't take a self but all the arguments it needs. And then both WriteHandle and the code here could call that one.

Same for read_batches_consolidated below.

I didn't do this for now because I felt that the method signature was almost the largest part of these methods. But happy to change that!

[ParkMyCar]

The new APIs make sense to me! It would be nice to have a single WriteHandle::batch_builder_inner method (and for the other too) to prevent the implementations from drifting, but I'll leave that final call up to you

[bkirwi]

Yeah, let's share the impl if it's not too costly. I'm optimistic we can simplify the batch builder machinery here, and it'll be nice if we can centralize that in one place instead of two.

[ParkMyCar]

The new APIs make sense to me! It would be nice to have a single WriteHandle::batch_builder_inner method (and for the other too) to prevent the implementations from drifting, but I'll leave that final call up to you

[bkirwi]

Yeah, let's share the impl if it's not too costly. I'm optimistic we can simplify the batch builder machinery here, and it'll be nice if we can centralize that in one place instead of two.

[bkirwi]

It looks like you've already done this via should_fetch_part! Seems fine!

[bkirwi]

I don't have strong feelings about this!

[bkirwi]

The job of the lease is to make sure that the parts that we're scanning through in the cursor don't get deleted out from under us.

I think the API as you currently have it is risky: right now nothing in this API ensures that the provided batches will outlive the cursor. (And if those batches are dropped, parts will be deleted and bad things will happen.) One option would be for the cursor to take ownership of the batches... we'd make the Cursor::_lease field have some more generic shape like Box<dyn Any>, and stuff the owned batches in there. Or perhaps the caller could provide a lease, and take responsibility for all that stuff.

(Does this method really need to be in persist-client at all? I feel like code like this has mostly lived in clients so far?)

[aljoscha]

Also agreed! I played around with this for quite a while but didn't find a satisfying solution yet. The basic problem when workin with persist batches is that nothing can really prevent the caller from dropping if they're "malicious". Even when passing in owned Batches, there's nothing stopping the caller from turning the same ProtoBatch into a Batch again and then deleting it, for example.

For reference, here's the code that uses the API:

materialize/src/adapter/src/coord/peek.rs

Line 888 in 2d08009

for batch in batches {

. Specifically it's the end of the batches' lifetime where they're deleted.

The code does the right thing, but yes, nothing enforces that the batches aren't deleted before we finish reading them.

Also, another difficulty is that dropping batches requires async. So when I pass in owned batches, all I could do is add an async clean_up_lease method on Cursor, with a trait DroppableLease that has an async release() method, where's that's a no-op for the current Lease. But I'd add a new struct that keeps the owned batches which can delete them when they're "released". This is a very rough sketch, so sorry if it's not clear. It would add quite a bit of complexity, though, imo.

Or, some more spitballing. I could add a generic parameter to Cursor for the lease type, and an into_lease() method that allows me to get back the lease. In the case of this method here, the lease type would be a Vec<Batches>, so the code that reads them could change the cursor for the original vec of batches and then clean them up. What do you think about that one?

[aljoscha]

(Does this method really need to be in persist-client at all? I feel like code like this has mostly lived in clients so far?)

It's in there because it uses private types like Consolidator and CursorConsolidator. The alternative of making these pub seemed worse. Also, if I want to put the impl of read_batches_consolidated in an _inner method in ReadHandle, as Parker and you suggested above, it would also still have to be here on PersistClient. What do you think now?

[bkirwi]

The code does the right thing, but yes, nothing enforces that the batches aren't deleted before we finish reading them.

Yeah, I think that looks about right. (Batches can be deleted while they're being read even there I think, because the reads happen in separate tasks and we sometimes exit early from the consolidation.) But you can imagine adding an error exit from the loop and things getting weirder...

Or, some more spitballing. [...] What do you think about that one?

Seems fine! I think my original proposal could also be salvaged by wrapping batches up in an Arc, passing a clone of the arc as the lease, and then unwrapping the arc at the end to drop the batches. But maybe that's all too much work to avoid the extra type parameter.

What do you think now?

Convinced!

[aljoscha]

But you still think we should do something, right? I'll try both the Arc thing or the extra type parameter next week Monday.

[bkirwi]

This is somewhat risky API, since it would be pretty easy for us to decode the same ProtoBatch twice and thus have two batches that think they have unique ownership.

Maybe that's necessary, but it feels like it at least warrants a warning in the name or docstring...

[aljoscha]

This mirrors

materialize/src/persist-client/src/write.rs

Line 703 in abd4987

pub fn batch_from_transmittable_batch(&self, batch: ProtoBatch) -> Batch<K, V, T, D> {

, but yeah I agree that the API is risky because of the double use. Unfortunately all bets are off when going from batches to proto batches and back, I think.

I'll add a warning in the docstring.

[bkirwi]

Yeah, that's fair! The danger of moving code... everything old is under scrutiny again.

[aljoscha]

Which is good, imo! 😅

[bkirwi]

I don't have immediate strong feelings here, but it'll be interesting to see the usage code in the next round!