Don't allow for two identical snapshot tags for different backups

[Michal-Leszczynski]

Right now, SM snapshot tag is created like that:

// SnapshotTagAt creates new snapshot tag for specified time.
func SnapshotTagAt(t time.Time) string {
	return "sm_" + t.UTC().Format(tagDateFormat) + "UTC"
}

Snapshot tag is "random" only with respect to creation time with the precision of the whole second! This in theory allows for 2 different backups to have the same snapshot tag. There are several scenarios when this could happen:

• single cluster - run backup taking less than 1 sec, and another after that (backup policy prohibits 2 backups of the same cluster running at the same time)
• 2 clusters - just run 2 backups concurrently - either with 2 SMs or just 1

So the snapshot tag uniqueness is really weak in therms of any guarantees. The problem starts when two backups with the same snapshot tag end up in the same backup location. In the context of stored files, they are still differentiated by cluster ID and task ID in manifest paths. Unfortunately, as SM restore does not take any params like '--backup-cluster-id' or '--backup-task-id', it is impossible for it to decide which backup should be chosen, and right now SM would restore BOTH backups.

Adding mentioned params to restore seems like a bad idea, since snapshot tag should be enough to specify, which backup should be restored. The best would be to simply change snapshot tag format to some time base UUID and stop worrying about such collisions.

Even though snapshot tag collisions might not be common in the real life scenarios (but still possible), they are really annoying in tests with single backup location and many small backups running all the time. Also, this could simplify the backup bucket format and improve the speed of finding correct files.

UPDATE:
The problem of having two different backups with the same snapshot tag
is described in #3873. It was also the root cause of #4172 test flakiness.
Even though this commit does not fix a scenario with two different SM
instances backing up to the same bucket, it is rare enough in both
real life and testing that it can be treated as a fix to #3873 without
the need of reformatting snapshot tag syntax, which would require us
to support two versions of snapshot tag syntax not only directly in SM,
but also in any tooling which expects snapshot tag in given format.

[Michal-Leszczynski]

The case with concurrently backing up 2 cluster to the same backup location has been encountered in scylla operator tests by @rzetelskik (Scylla 6.0, SM 3.3):

2024-07-04T08:35:34.025077592Z {"L":"INFO","T":"2024-07-04T08:35:34.024Z","N":"backup","M":"Initializing backup","cluster_id":"a734d758-9541-45a8-b6db-c7c8fa8a00cb","task_id":"3603bfcf-6f5d-4ec8-8377-44a37e3e485b","run_id":"610ee5c9-39e0-11ef-8090-16eba40fc254","target":{"units":[{"keyspace":"jptmhwgm","tables":["test"],"all_tables":true},{"keyspace":"system_schema","tables":["view_virtual_columns","columns","types","tables","scylla_keyspaces","functions","indexes","scylla_tables","views","triggers","computed_columns","aggregates","keyspaces","dropped_columns","scylla_aggregates"],"all_tables":true}],"dc":["us-east-1"],"location":["gcs:so-fd17b5fb-fc2e-4ad3-a614-2722e4f7a7ea"],"retention":2,"retention_days":0,"rate_limit":["100"],"continue":true},"_trace_id":"VP98TzaxSkmjwDL740_Gfg"}
2024-07-04T08:35:34.028421781Z {"L":"INFO","T":"2024-07-04T08:35:34.028Z","N":"cluster.client","M":"Measuring datacenter latencies","dcs":["us-east-1"],"_trace_id":"HeNim98fRaGysBeUhINWcg"}
2024-07-04T08:35:34.044196184Z {"L":"INFO","T":"2024-07-04T08:35:34.044Z","N":"backup.snapshot","M":"Taking snapshot...","_trace_id":"VP98TzaxSkmjwDL740_Gfg"}
2024-07-04T08:35:34.050275711Z {"L":"INFO","T":"2024-07-04T08:35:34.050Z","N":"backup.snapshot","M":"Taking snapshots on host","host":"10.52.225.67","_trace_id":"VP98TzaxSkmjwDL740_Gfg"}
2024-07-04T08:35:34.055106469Z {"L":"INFO","T":"2024-07-04T08:35:34.055Z","N":"backup.snapshot","M":"No old snapshots to delete","host":"10.52.225.67","_trace_id":"VP98TzaxSkmjwDL740_Gfg"}
2024-07-04T08:35:34.056850188Z {"L":"INFO","T":"2024-07-04T08:35:34.056Z","N":"backup.snapshot","M":"Available disk space","host":"10.52.225.67","percent":56,"_trace_id":"VP98TzaxSkmjwDL740_Gfg"}
2024-07-04T08:35:34.056866078Z {"L":"INFO","T":"2024-07-04T08:35:34.056Z","N":"backup.snapshot","M":"Taking snapshot","host":"10.52.225.67","keyspace":"jptmhwgm","snapshot_tag":"sm_20240704083534UTC","_trace_id":"VP98TzaxSkmjwDL740_Gfg"}
...
2024-07-04T08:35:34.609975699Z {"L":"INFO","T":"2024-07-04T08:35:34.607Z","N":"backup","M":"Initializing backup","cluster_id":"34f59913-a17a-4ac5-924a-c3289a908126","task_id":"c75cc258-280a-4623-9886-7afe6cbd3eaf","run_id":"6140aa81-39e0-11ef-8091-16eba40fc254","target":{"units":[{"keyspace":"xvr6bftw","tables":["test"],"all_tables":true},{"keyspace":"system_schema","tables":["view_virtual_columns","scylla_aggregates","columns","tables","types","scylla_keyspaces","functions","scylla_tables","triggers","indexes","computed_columns","aggregates","views","keyspaces","dropped_columns"],"all_tables":true}],"dc":["us-east-1"],"location":["gcs:so-fd17b5fb-fc2e-4ad3-a614-2722e4f7a7ea"],"retention":3,"retention_days":0,"rate_limit":["100"],"continue":true},"_trace_id":"v_ZOxeLWRo6xU93X0JWW3A"}
2024-07-04T08:35:34.618943064Z {"L":"INFO","T":"2024-07-04T08:35:34.617Z","N":"backup.snapshot","M":"Taking snapshot...","_trace_id":"v_ZOxeLWRo6xU93X0JWW3A"}
2024-07-04T08:35:34.643830513Z {"L":"INFO","T":"2024-07-04T08:35:34.634Z","N":"backup.snapshot","M":"Taking snapshots on host","host":"10.52.225.53","_trace_id":"v_ZOxeLWRo6xU93X0JWW3A"}
2024-07-04T08:35:34.654177399Z {"L":"INFO","T":"2024-07-04T08:35:34.644Z","N":"backup.snapshot","M":"No old snapshots to delete","host":"10.52.225.53","_trace_id":"v_ZOxeLWRo6xU93X0JWW3A"}
2024-07-04T08:35:34.667965102Z {"L":"INFO","T":"2024-07-04T08:35:34.665Z","N":"backup.snapshot","M":"Available disk space","host":"10.52.225.53","percent":56,"_trace_id":"v_ZOxeLWRo6xU93X0JWW3A"}
2024-07-04T08:35:34.667980002Z {"L":"INFO","T":"2024-07-04T08:35:34.665Z","N":"backup.snapshot","M":"Taking snapshot","host":"10.52.225.53","keyspace":"xvr6bftw","snapshot_tag":"sm_20240704083534UTC","_trace_id":"v_ZOxeLWRo6xU93X0JWW3A"}

Which resulted in:

Error: create restore target, units and views: init target: look for schema file: get schema file from gcs:so-fd17b5fb-fc2e-4ad3-a614-2722e4f7a7ea/backup/schema: many schema files with sm_20240704083534UTC snapshot tag: [cluster/34f59913-a17a-4ac5-924a-c3289a908126/task_c75cc258-280a-4623-9886-7afe6cbd3eaf_tag_sm_20240704083534UTC_schema_with_internals.json.gz cluster/a734d758-9541-45a8-b6db-c7c8fa8a00cb/task_3603bfcf-6f5d-4ec8-8377-44a37e3e485b_tag_sm_20240704083534UTC_schema_with_internals.json.gz]
  Trace ID: q0EzqyiARo-gbl69kbl7rw (grep in scylla-manager logs)

[rzetelskik]

Hit this again scylladb/scylla-operator#2061.

[rzetelskik]

scylladb/scylla-operator#2061 (comment)

[rzetelskik]

we're hitting this frequently

scylladb/scylla-operator#2061 (comment)
scylladb/scylla-operator#2061 (comment)
scylladb/scylla-operator#2061 (comment)
scylladb/scylla-operator#2061 (comment)
scylladb/scylla-operator#2061 (comment)
scylladb/scylla-operator#2061 (comment)

[ylebi]

@Michal-Leszczynski can you please look into this one?

[Michal-Leszczynski]

@ylebi Right now we are focused on the efforts around making restore faster (1-1 restore, backup/restore with Scylla API), so I doubt we will have some spare time for that.
On one hand, this issue shouldn't require much implementation changes (at least at the first sight), but we would need to write new tests (also in SCT/DTests) in order to cover that. I can bring it up on the next planning.
The problem is that this issue basically hits tests only, so that's why it didn't get much traction.

[Michal-Leszczynski]

cc: @karol-kokoszka @tzach

[ylebi]

@ylebi Right now we are focused on the efforts around making restore faster (1-1 restore, backup/restore with Scylla API), so I doubt we will have some spare time for that. On one hand, this issue shouldn't require much implementation changes (at least at the first sight), but we would need to write new tests (also in SCT/DTests) in order to cover that. I can bring it up on the next planning. The problem is that this issue basically hits tests only, so that's why it didn't get much traction.

Thanks, we hit it too often (scylladb/scylla-operator#2061) and it's really annoying.