$darkmode
Elektra 0.11.0
|
The features described in this document are experimental.
This document explains how notifications are implemented in Elektra and how they can be used by application developers.
Elektra's notification feature consists of several components. While sending and receiving notifications is implemented by plugins, applications use the notification API in order to use different plugins.
The notification API implemented by the elektra-notification
library allows receiving and handling notifications. An I/O abstraction layer allows asynchronous notification processing by compatible plugins. The abstraction layer consists of an interface used by transport plugins and different implementations of that interface called I/O bindings. An I/O binding implements the actual I/O management functions for a specific event loop API. Applications typically use one I/O binding but can also use none or multiple I/O bindings. For more on I/O bindings see the API documentation.
Transport plugins exchange notifications via different protocols like D-Bus or ZeroMQ. For each type of transport there are typically two types of plugins: One for sending and one for receiving notifications. Developers do not interact with those plugins directly. The underlying transports are transparent to them. The "internalnotification" plugin implements notification handling functions and feeds back configuration changes from within the application. It is only used internally by the elektra-notification
library.
When a configuration key is changed Elektra can generate change notifications that allow applications to process those changes. Developers can choose whether and how they want to receive and handle those notifications but not whether notifications are sent or which transport is used. How notifications are sent is specified in the notification configuration by the system operator.
System operators can mount the desired transport plugins and configure them (e.g. set channel, host, port and credentials) globally.
They need to mount both sending and receiving plugins in order to use transport.
Plugins usable as transport plugin are marked with notification
on the plugin page.
Developers do not need to change their programs in order to start sending notifications. However, without the integration of an I/O binding notifications may be sent synchronously which would block normal program execution. For programs without time constraints (e.g. CLI programs) this may not be important, but for GUIs or network services this will have negative impact.
The "zeromqsend" and "dbus" plugins do not block program execution for sending as sending is handled asynchronously be the underlying libraries.
The following is a basic example of an application using Elektra extended by the initialization of an I/O binding.
Make sure to compile/link with pkg-config --libs --cflags elektra-io-uv
.
Since there are many different I/O management libraries (e.g. libuv, glib or libev), the transport plugins use the I/O interface for their I/O operations. Each I/O management library needs its own I/O binding. Developers can also create their own I/O binding for the I/O management library of their choice. This is described in the last section.
Each I/O binding has its own initialization function that creates a new I/O binding and connects it to the I/O management library. For this tutorial we will assume that libuv 1.x is used. For details on how to use a specific binding please look at available I/O bindings on the bindings page.
In order to handle change notifications a developer can either register a variable or a callback.
Values of registered variables are automatically updated when the value of the assigned key has changed. In the following example we will register an integer variable.
The following examples are shortened for tangibility. The complete code is available in "notificationAsync" example.
After calling elektraNotificationRegisterInt()
the variable value
will be automatically updated if the key in the program above is changed by another program (e.g. by using the kdb
CLI command). For automatic updates to work transport plugins have to be mounted globally.
Registering a variable is suitable for programs where the key's value is simply displayed or used repeatedly (e.g. by a timer or in a loop). If an initialization code needs to be redone after configuration changes (e.g. a value sets the number of worker threads) updating a registered variable will not suffice. For these situations a callback should be used.
The following snippet shows how a callback can be used if the value of the changed key needs further processing.
This section shows how the notification feature is used to reload an application's KDB instance when Elektra's configuration has changed. This enables applications to apply changes to mount points or globally mounted plugins without restarting.
Step 1: Register for changes to Elektra's configuration
To achieve reloading on Elektra configuration changes we register for changes below the key /elektra
using elektraNotificationRegisterCallbackSameOrBelow()
.
Step 2: Create a function for reloading KDB
Since our application needs to repeatedly initialize KDB on configuration changes we need to create a function which cleans up and re-initializes KDB.
Step 3: Handle configuration changes
The last step is to connect the registration for changes to the (re-)initialization function. Directly calling the function is discouraged due to tight coupling (see guidelines in the next section) and also results in an application crash since the notification API is closed while processing notification callbacks. Therefore, we suggest to add a timer operation with a sufficiently small interval which is enabled only on configuration changes. This timer will then call the initialization function.
First, we create the timer in the main loop setup of the application.
Now we add the callback function for the registration from step 1:
Finally, we disable the timer in the initialization function:
By correct application of these three steps any application can react to changes to Elektra's configuration. The snippets above omit error handling for brevity. The complete code including error handling is available in the "notification reload" example. This example also omits globals by passing them as user data using the elektraIo*GetData()
functions.
When applications react to configuration changes made by other applications this can lead to emergent behavior. We speak of emergent behavior when the parts of a system are functioning as designed but an unintended, unexpected or unanticipated behavior at system level occurs.
For example, take the following sequence of events:
A
changes its configurationB
receives a notification about the change from A
and updates its configurationGiven these two steps, the sequence could be a case of wanted emergent behavior: Maybe application B
keeps track of the number of global configuration changes. Now consider adding the following events to the sequence:
A
receives a notification about the change from B
and changes its configurationThe additional step causes an infinite cycle of configuration updates which introduces unwanted behavior.
When designing a system it is desirable to use components with predictable and well-defined behavior. As a system grows larger and gets more complex unpredictable behavior emerges that was neither intended by the system designer nor by the designer of the components. This system behavior is called emergent behavior if it cannot be explained from its components but only from analysis of the whole system.
Emergent behavior can be beneficial for a system. An example from nature is useful cooperation in an ant colony. Nevertheless, it also has disadvantages. Systems that bear unwanted emergent behavior are difficult to manage and experience failures in the worst case. This kind of unwanted emergent behavior is called emergent misbehavior. Examples of emergent misbehavior are traffic jams or the Millennium Footbridge incident in London (see scientific paper or news article).
An evaluation of Elektra's notification feature shows that it can exhibit the following symptoms:
Building on these findings we will now present guidelines for preventing emergent misbehavior when using the notification API and callbacks in particular.
Most of the guidelines are related to callbacks. With normal use of the notification API emergent behavior should not occur.
Callbacks couple an application temporally to configuration changes of other applications or instances of the same application. This observation is the basis for Guidelines 1, 2 and 3. While it is possible with registered variables to check for configuration changes at regular time intervals and react to changes the coupling is not as tight as with callbacks.
Waiting after receiving a notification decouples an application from changes and reduces the risk for unwanted **_synchronization_**.
In applications where applying changes has impact on resource usage (e.g. CPU or disk) applying a time delay as suggested by this Guideline is a sensible choice. But this guideline is not only limited to these applications.
Generally waiting before reacting to changes reduces the risk for unwanted synchronization by decoupling the application temporally. Waiting can be implemented using random time delays which further promotes decoupling since applications react at different points in time to changes. Waiting can also be implemented using a flag: Callbacks set the flag and when the control flow is in the main loop again, the pending updates are applied and the flag is cleared.
Avoid changing the configuration as reaction to a change. This reduces the risk for unwanted **_oscillation_**.
While this guideline does not forbid updating the key database using kdbSet()
in a callback it advises to avoid it. If we recall the example from before we see how updating as reaction to change leads to unwanted oscillation. If necessary, the function kdbSet()
should be temporally decoupled as suggested in Guideline 2.
This guideline applies especially to callbacks but is also relevant when variables are polled for changes by the application.
Applications should not use notifications for synchronization as this can lead to **_phase change_**.
This guideline limits the use of the notification API to notifications about configuration changes. There are better suited techniques for different use cases. Applications should not keep track of changes and change their behavior on certain conditions.
For example, this happens when applications synchronize themselves at startup by incrementing a counter in the key database. When a certain limit of application instances is reached the applications proceed with different behavior. If this behavior affects other applications phase change has occurred.
Call
kdbSet()
to save updated configuration immediately after a change occurred. This reduces conflicting changes in the key database.
When a configuration setting is updated within an application this guideline suggests to write the change immediately to the key database using kdbSet()
. This ensures that other applications have the same view of the key database and operate on current settings.
Notification callbacks are called from within Elektra. Calling
kdbClose()
in a callback will lead to undefined behavior or an application crash.
Closing and cleaning up the KDB handle will cause an application crash because the control flow returns from the callback to now removed code. While this can be considered an implementation detail it aligns with Guideline 2 since reinitialization of KDB uses more resources than other operations like kdbGet()
or kdbSet()
.
In order to analyze application behavior the logging plugins (syslog, journald or logchange) can be used. In order to log not only kdbSet()
but also kdbGet()
, the option get=on
should be used when mounting these plugins.
Now both reading from and writing to Elektra's key database is logged.
Developers can create their own bindings if the I/O management library of their choice is not supported by an existing I/O binding.
For details on see the example doc" binding" or the API documentation. Existing I/O bindings provide a good inspiration on how to implement a custom binding. Since a binding is generic and not application specific it is much appreciated if you contribute your I/O binding back to the Elektra Initiative.