[Distutils] [Infrastructure] changelog / CDN inconsistency
"Martin v. Löwis"
martin at v.loewis.de
Tue May 28 17:47:20 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Mirroring is in a bad state because it comes (and has always) with
> absolutely no guarantees of consistency.
That is not true. There are no absolute guarantees, but certainly
partial guarantees of consistency. It's a kind of "eventual
consistency": if the releases are all older than the mirror
frequency, the mirror will be consistent.
> You dismiss the issues of having serial n+1 changes, but that is a
> serious problem. If you fetch up to serial N of package1 which has
> the released version of 1.0, and then you fetch serial N+2 of
> package2 which has a hard requirement on package 1.1 (which was
> released in serial N+1) you now have packages that are not
> installable via your mirror because of inconsistent state.
Sure, but that is only a temporary problem, with a inconsistency window
of a few minutes in the worst case - and it only occurs if serials N,
N+1, and N+2 all happen within 5 minutes (i.e. two releases of package1,
and one release of package2).
When the mirror script runs again, it will find that serial N+1 already
happened, and fetch package1 and package2 again.
> If someone comes up with a better option that doesn't require a
> large rearch of the storage code in PyPI I'm happy to review and
> deploy it.
This could be fixed by having PyPI provide old versions of the simple
page. It would not be possible to do so exactly currently. However,
excluding releases newer than a given date would be possible, by
inspecting the journal.
Regards,
Martin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlGk0YgACgkQavBT8H2dyNImkQCffy1BKiYNxV71Bvtxpk+UAwPc
j7wAn39wK7vMmERQhpSTfJ5iBPcP3wCr
=yZBk
-----END PGP SIGNATURE-----
More information about the Distutils-SIG
mailing list