Merge pull request #11747 from mcoskun/mc_dividecollections

Mc dividecollections

Author: rjagiewich

articles/service-fabric/TOC.md

@@ -50,14 +50,19 @@
 #### Concepts
 ##### [Reliable Services lifecycle - C#](service-fabric-reliable-services-lifecycle.md)
 ##### [Reliable Services lifecycle - Java](service-fabric-reliable-services-lifecycle-java.md)
+
+#### Reliable Collections
 ##### [Reliable Collections](service-fabric-reliable-services-reliable-collections.md)
+##### [Reliable Collection guidelines & recommendations](service-fabric-reliable-services-reliable-collections-guidelines.md)
+##### [Working with Reliable Collections](service-fabric-work-with-reliable-collections.md)
+##### [Transactions and locks](service-fabric-reliable-services-reliable-collections-transactions-locks.md)
+##### [Reliable State Manager and Reliable Collection internals](service-fabric-reliable-services-reliable-collections-internals.md)
 
 #### Get started
 ##### [C# on Windows](service-fabric-reliable-services-quick-start.md)
 ##### [Java on Linux](service-fabric-reliable-services-quick-start-java.md)
 
 #### Reliable Services lifecycle
-#### [Use Reliable Collections](service-fabric-work-with-reliable-collections.md)
 #### [Configure](service-fabric-reliable-services-configuration.md)
 #### [Send notifications](service-fabric-reliable-services-notifications.md)
 #### [Backup and restore](service-fabric-reliable-services-backup-restore.md)

articles/service-fabric/service-fabric-reliable-services-reliable-collections-guidelines.md

@@ -0,0 +1,60 @@
+---
+title: Guidelines & Recommendations for Reliable Collections in  Azure Service Fabric | Microsoft Docs
+description: Guidelines and Recommendations for using Service Fabric Reliable Collections
+services: service-fabric
+documentationcenter: .net
+author: mcoskun
+manager: timlt
+editor: masnider,rajak
+
+ms.assetid: 62857523-604b-434e-bd1c-2141ea4b00d1
+ms.service: service-fabric
+ms.devlang: dotnet
+ms.topic: article
+ms.tgt_pltfrm: na
+ms.workload: required
+ms.date: 5/3/2017
+ms.author: mcoskun
+
+---
+# Guidelines and recommendations for Reliable Collections in Azure Service Fabric
+This section provides guidelines for using Reliable State Manager and Reliable Collections. The goal is to help users avoid common pitfalls.
+
+The guidelines are organized as simple recommendations prefixed with the terms *Do*, *Consider*, *Avoid* and *Do not*.
+
+* Do not modify an object of custom type returned by read operations (for example, `TryPeekAsync` or `TryGetValueAsync`). Reliable Collections, just like Concurrent Collections, return a reference to the objects and not a copy.
+* Do deep copy the returned object of a custom type before modifying it. Since structs and built-in types are pass-by-value, you do not need to do a deep copy on them.
+* Do not use `TimeSpan.MaxValue` for time-outs. Time-outs should be used to detect deadlocks.
+* Do not use a transaction after it has been committed, aborted, or disposed.
+* Do not use an enumeration outside of the transaction scope it was created in.
+* Do not create a transaction within another transaction’s `using` statement because it can cause deadlocks.
+* Do ensure that your `IComparable<TKey>` implementation is correct. The system takes dependency on `IComparable<TKey>` for merging checkpoints and rows.
+* Do use Update lock when reading an item with an intention to update it to prevent a certain class of deadlocks.
+* Consider keeping your items (for example, TKey + TValue for Reliable Dictionary) below 80 KBytes: smaller the better. This reduces the amount of Large Object Heap usage as well as disk and network IO requirements. Often, it reduces replicating duplicate data when only one small part of the value is being updated. Common way to achieve this in Reliable Dictionary, is to break your rows in to multiple rows. 
+* Consider using backup and restore functionality to have disaster recovery.
+* Avoid mixing single entity operations and multi-entity operations (e.g `GetCountAsync`, `CreateEnumerableAsync`) in the same transaction due to the different isolation levels.
+* Do handle InvalidOperationException. User transactions can be aborted by the system for variety of reasons. For example, when the Reliable State Manager is changing its role out of Primary or when a long-running transaction is blocking truncation of the transactional log. In such cases, user may receive InvalidOperationException indicating that their transaction has already been terminated. Assuming, the termination of the transaction was not requested by the user, best way to handle this exception is to dispose the transaction, check if the cancellation token has been signaled (or the role of the replica has been changed), and if not create a new transaction and retry.  
+
+Here are some things to keep in mind:
+
+* The default time-out is four seconds for all the Reliable Collection APIs. Most users should use the default time-out.
+* The default cancellation token is `CancellationToken.None` in all Reliable Collections APIs.
+* The key type parameter (*TKey*) for a Reliable Dictionary must correctly implement `GetHashCode()` and `Equals()`. Keys must be immutable.
+* To achieve high availability for the Reliable Collections, each service should have at least a target and minimum replica set size of 3.
+* Read operations on the secondary may read versions that are not quorum committed.
+  This means that a version of data that is read from a single secondary might be false progressed.
+  Reads from Primary are always stable: can never be false progressed.
+
+### Next steps
+* [Working with Reliable Collections](service-fabric-work-with-reliable-collections.md)
+* [Transactions and Locks](service-fabric-reliable-services-reliable-collections-transactions-locks.md)
+* [Reliable State Manager and Collection Internals](service-fabric-reliable-services-reliable-collections-internals.md)
+* Managing Data
+  * [Backup and Restore](service-fabric-reliable-services-backup-restore.md)
+  * [Notifications](service-fabric-reliable-services-notifications.md)
+  * [Serialization and Upgrade](service-fabric-application-upgrade-data-serialization.md)
+  * [Reliable State Manager configuration](service-fabric-reliable-services-configuration.md)
+(service-fabric-reliable-services-backup-restore.md)
+* Others
+  * [Reliable Services quick start](service-fabric-reliable-services-quick-start.md)
+  * [Developer reference for Reliable Collections](https://msdn.microsoft.com/library/azure/microsoft.servicefabric.data.collections.aspx)

articles/service-fabric/service-fabric-reliable-services-reliable-collections-internals.md

@@ -0,0 +1,55 @@
+---
+title: Azure Service Fabric Reliable State Manager and Reliable Collection internals | Microsoft Docs
+description: Deep dive on reliable collection concepts and design in Azure Service Fabric.
+services: service-fabric
+documentationcenter: .net
+author: mcoskun
+manager: timlt
+editor: rajak
+
+ms.assetid: 62857523-604b-434e-bd1c-2141ea4b00d1
+ms.service: service-fabric
+ms.devlang: dotnet
+ms.topic: article
+ms.tgt_pltfrm: na
+ms.workload: required
+ms.date: 5/1/2017
+ms.author: mcoskun
+
+---
+
+# Azure Service Fabric Reliable State Manager and Reliable Collection internals
+This document delves inside Reliable State Manager and Reliable Collections to see how core components work behind the scenes.
+
+> [!NOTE]
+> This document is work in-progress. Add comments to this article to tell us what topic you would like to learn more about.
+>
+
+##  Local persistence model: log and checkpoint
+The Reliable State Manager and Reliable Collections follow a persistence model that is called Log and Checkpoint.
+In this model, each state change is logged on disk first and then applied in memory.
+The complete state itself is persisted only occasionally (a.k.a. Checkpoint).
+The benefit is that deltas are turned into sequential append-only writes on disk for improved performance.
+
+To better understand the Log and Checkpoint model, let’s first look at the infinite disk scenario.
+The Reliable State Manager logs every operation before it is replicated.
+Logging allows the Reliable Collections to apply the operation only in memory.
+Since logs are persisted, even when the replica fails and needs to be restarted, the Reliable State Manager has enough information in its log to replay all the operations the replica has lost.
+As the disk is infinite, log records never need to be removed and the Reliable Collection needs to manage only the in-memory state.
+
+Now let’s look at the finite disk scenario.
+As log records accumulate, the Reliable State Manager will run out of disk space.
+Before that happens, the Reliable State Manager needs to truncate its log to make room for the newer records.
+Reliable State Manager requests the Reliable Collections to checkpoint their in-memory state to disk.
+At this point, the Reliable Collections' would persist its in-memory state.
+Once the Reliable Collections complete their checkpoints, the Reliable State Manager can truncate the log to free up disk space.
+When the replica needs to be restarted, Reliable Collections recover their checkpointed state, and the Reliable State Manager recovers and plays back all the state changes that occurred since the last checkpoint.
+
+Another value add of checkpointing is that it improves recovery times in common scenarios. 
+Log contains all operations that have happened since the last checkpoint.
+So it may include multiple versions of an item like multiple values for a given row in Reliable Dictionary.
+In contrast, a Reliable Collection checkpoints only the latest version of each value for a key.
+
+## Next steps
+* [Transactions and Locks](service-fabric-reliable-services-reliable-collections-transactions-locks.md)
+

articles/service-fabric/service-fabric-reliable-services-reliable-collections-transactions-locks.md

@@ -0,0 +1,95 @@
+---
+title: Transactions And Lock Modes in Azure Service Fabric Reliable Collections | Microsoft Docs
+description: Azure Service Fabric Reliable State Manager and Reliable Collections Transactions and Locking.
+services: service-fabric
+documentationcenter: .net
+author: mcoskun
+manager: timlt
+editor: masnider,rajak
+
+ms.assetid: 62857523-604b-434e-bd1c-2141ea4b00d1
+ms.service: service-fabric
+ms.devlang: dotnet
+ms.topic: article
+ms.tgt_pltfrm: na
+ms.workload: required
+ms.date: 5/1/2017
+ms.author: mcoskun
+
+---
+# Transactions and lock modes in Azure Service Fabric Reliable Collections
+
+## Transaction
+A transaction is a sequence of operations performed as a single logical unit of work.
+A transaction must exhibit the following ACID properties. (see: https://technet.microsoft.com/en-us/library/ms190612)
+* **Atomicity**: A transaction must be an atomic unit of work. In other words, either all its data modifications are performed, or none of them is performed.
+* **Consistency**: When completed, a transaction must leave all data in a consistent state. All internal data structures must be correct at the end of the transaction.
+* **Isolation**: Modifications made by concurrent transactions must be isolated from the modifications made by any other concurrent transactions. The isolation level used for an operation within an ITransaction is determined by the IReliableState performing the operation.
+* **Durability**: After a transaction has completed, its effects are permanently in place in the system. The modifications persist even in the event of a system failure.
+
+### Isolation levels
+Isolation level defines the degree to which the transaction must be isolated from modifications made by other transactions.
+There are two isolation levels that are supported in Reliable Collections:
+
+* **Repeatable Read**: Specifies that statements cannot read data that has been modified but not yet committed by other transactions and that no other transactions can modify data that has been read by the current transaction until the current transaction finishes. For more details, see [https://msdn.microsoft.com/library/ms173763.aspx](https://msdn.microsoft.com/library/ms173763.aspx).
+* **Snapshot**: Specifies that data read by any statement in a transaction is the transactionally consistent version of the data that existed at the start of the transaction.
+  The transaction can recognize only data modifications that were committed before the start of the transaction.
+  Data modifications made by other transactions after the start of the current transaction are not visible to statements executing in the current transaction.
+  The effect is as if the statements in a transaction get a snapshot of the committed data as it existed at the start of the transaction.
+  Snapshots are consistent across Reliable Collections.
+  For more details, see [https://msdn.microsoft.com/library/ms173763.aspx](https://msdn.microsoft.com/library/ms173763.aspx).
+
+Reliable Collections automatically choose the isolation level to use for a given read operation depending on the operation and the role of the replica at the time of transaction's creation.
+Following is the table that depicts isolation level defaults for Reliable Dictionary and Queue operations.
+
+| Operation \ Role | Primary | Secondary |
+| --- |:--- |:--- |
+| Single Entity Read |Repeatable Read |Snapshot |
+| Enumeration, Count |Snapshot |Snapshot |
+
+> [!NOTE]
+> Common examples for Single Entity Operations are `IReliableDictionary.TryGetValueAsync`, `IReliableQueue.TryPeekAsync`.
+> 
+
+Both the Reliable Dictionary and the Reliable Queue support Read Your Writes.
+In other words, any write within a transaction will be visible to a following read
+that belongs to the same transaction.
+
+## Locks
+In Reliable Collections, all transactions implement rigorous two phase locking: a transaction does not release
+the locks it has acquired until the transaction terminates with either an abort or a commit.
+
+Reliable Dictionary uses row level locking for all single entity operations.
+Reliable Queue trades off concurrency for strict transactional FIFO property.
+Reliable Queue uses operation level locks allowing one transaction with `TryPeekAsync` and/or `TryDequeueAsync` and one transaction with `EnqueueAsync` at a time.
+Note that to preserve FIFO, if a `TryPeekAsync` or `TryDequeueAsync` ever observes that the Reliable Queue is empty, they will also lock `EnqueueAsync`.
+
+Write operations always take Exclusive locks.
+For read operations, the locking depends on a couple of factors.
+Any read operation done using Snapshot isolation is lock free.
+Any Repeatable Read operation by default takes Shared locks.
+However, for any read operation that supports Repeatable Read, the user can ask for an Update lock instead of the Shared lock.
+An Update lock is an asymmetric lock used to prevent a common form of deadlock that occurs when multiple transactions lock resources for potential updates at a later time.
+
+The lock compatibility matrix can be found in the following table:
+
+| Request \ Granted | None | Shared | Update | Exclusive |
+| --- |:--- |:--- |:--- |:--- |
+| Shared |No conflict |No conflict |Conflict |Conflict |
+| Update |No conflict |No conflict |Conflict |Conflict |
+| Exclusive |No conflict |Conflict |Conflict |Conflict |
+
+Time-out argument in the Reliable Collections APIs is used for deadlock detection.
+For example, two transactions (T1 and T2) are trying to read and update K1.
+It is possible for them to deadlock, because they both end up having the Shared lock.
+In this case, one or both of the operations will time out.
+
+This deadlock scenario is a great example of how an Update lock can prevent deadlocks.
+
+## Next steps
+* [Working with Reliable Collections](service-fabric-work-with-reliable-collections.md)
+* [Reliable Services notifications](service-fabric-reliable-services-notifications.md)
+* [Reliable Services backup and restore (disaster recovery)](service-fabric-reliable-services-backup-restore.md)
+* [Reliable State Manager configuration](service-fabric-reliable-services-configuration.md)
+* [Developer reference for Reliable Collections](https://msdn.microsoft.com/library/azure/microsoft.servicefabric.data.collections.aspx)
+