From de1d77d0b4e8ab9e507addf7878457202357ca32 Mon Sep 17 00:00:00 2001 From: Siri Hansen Date: Mon, 20 Oct 2014 16:59:10 +0200 Subject: Add documentation of maps in supervisor flags and child specs --- lib/stdlib/doc/src/supervisor.xml | 255 ++++++++++++++++++++++++-------------- 1 file changed, 161 insertions(+), 94 deletions(-) (limited to 'lib/stdlib/doc/src') diff --git a/lib/stdlib/doc/src/supervisor.xml b/lib/stdlib/doc/src/supervisor.xml index 3a5027d595..ffac1c0bd7 100644 --- a/lib/stdlib/doc/src/supervisor.xml +++ b/lib/stdlib/doc/src/supervisor.xml @@ -37,12 +37,12 @@ the gen_event, gen_fsm, or gen_server behaviours. A supervisor implemented using this module will have a standard set of interface functions and include functionality - for tracing and error reporting. Supervisors are used to build an + for tracing and error reporting. Supervisors are used to build a hierarchical process structure called a supervision tree, a nice way to structure a fault tolerant application. Refer to OTP Design Principles for more information.

-

A supervisor assumes the definition of which child processes to - supervise to be located in a callback module exporting a +

A supervisor expects the definition of which child processes to + supervise to be specified in a callback module exporting a pre-defined set of functions.

Unless otherwise stated, all functions in this module will fail if the specified supervisor does not exist or if bad arguments @@ -53,18 +53,30 @@ Supervision Principles

The supervisor is responsible for starting, stopping and monitoring its child processes. The basic idea of a supervisor is - that it should keep its child processes alive by restarting them + that it shall keep its child processes alive by restarting them when necessary.

-

The children of a supervisor is defined as a list of +

The children of a supervisor are defined as a list of child specifications. When the supervisor is started, the child processes are started in order from left to right according to this list. When the supervisor terminates, it first terminates its child processes in reversed start order, from right to left.

-

A supervisor can have one of the following restart strategies:

+ +

The properties of a supervisor are defined by the supervisor + flags. This is the type definition for the supervisor flags: +

+ 
sup_flags() = #{strategy => strategy(),         % optional
+                intensity => non_neg_integer(), % optional
+                period => pos_integer()}        % optional
+
+

A supervisor can have one of the following restart + strategies, specified with the strategy key in the + above map: +

one_for_one - if one child process terminates and - should be restarted, only that child process is affected.

+ should be restarted, only that child process is + affected. This is the default restart strategy.

one_for_all - if one child process terminates and @@ -94,43 +106,53 @@ instead the child specification identifier is used, terminate_child/2 will return {error,simple_one_for_one}.

-

Because a simple_one_for_one supervisor could have many - children, it shuts them all down at same time. So, order in which they - are stopped is not defined. For the same reason, it could have an - overhead with regards to the Shutdown strategy.

+

Because a simple_one_for_one supervisor could have + many children, it shuts them all down asynchronously. This + means that the children will do their cleanup in parallel, + and therefore the order in which they are stopped is not + defined.

To prevent a supervisor from getting into an infinite loop of - child process terminations and restarts, a maximum restart frequency - is defined using two integer values MaxR - and MaxT. If more than MaxR restarts occur within - MaxT seconds, the supervisor terminates all child - processes and then itself. + child process terminations and restarts, a maximum restart + intensity is defined using two integer values specified + with the intensity and period keys in the above + map. Assuming the values MaxR for intensity + and MaxT for period, then if more than MaxR + restarts occur within MaxT seconds, the supervisor will + terminate all child processes and then itself. The default value + for intensity is 1, and the default value + for period is 5.

This is the type definition of a child specification:

- 
-child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules}
- Id = term()
- StartFunc = {M,F,A}
-  M = F = atom()
-  A = [term()]
- Restart = permanent | transient | temporary
- Shutdown = brutal_kill | int()>0 | infinity
- Type = worker | supervisor
- Modules = [Module] | dynamic
-  Module = atom()
+ 
child_spec() = #{id => child_id(),       % mandatory
+                 start => mfargs(),      % mandatory
+                 restart => restart(),   % optional
+                 shutdown => shutdown(), % optional
+                 type => worker(),       % optional
+                 modules => modules()}   % optional
+

The old tuple format is kept for backwards compatibility, + see child_spec(), + but the map is preferred. +

-

Id is a name that is used to identify the child +

id is used to identify the child specification internally by the supervisor.

+

The id key is mandatory.

+

Note that this identifier on occations has been called + "name". As far as possible, the terms "identifier" or "id" + are now used but in order to keep backwards compatibility, + some occurences of "name" can still be found, for example + in error messages.

 -

StartFunc defines the function call used to start - the child process. It should be a module-function-arguments +

start defines the function call used to start the + child process. It must be a module-function-arguments tuple {M,F,A} used as apply(M,F,A).

The start function must create and link to the child - process, and should return {ok,Child} or + process, and must return {ok,Child} or {ok,Child,Info} where Child is the pid of the child process and Info an arbitrary term which is ignored by the supervisor.

@@ -143,20 +165,23 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} error tuple {error,Error}.

Note that the start_link functions of the different behaviour modules fulfill the above requirements.

+

The start key is mandatory.

 -

Restart defines when a terminated child process - should be restarted. A permanent child process should - always be restarted, a temporary child process should +

restart defines when a terminated child process + shall be restarted. A permanent child process will + always be restarted, a temporary child process will never be restarted (even when the supervisor's restart strategy is rest_for_one or one_for_all and a sibling's death causes the temporary process to be terminated) and a - transient child process should be restarted only if + transient child process will be restarted only if it terminates abnormally, i.e. with another exit reason than normal, shutdown or {shutdown,Term}.

+

The restart key is optional. If it is not given, the + default value permanent will be used.

 -

Shutdown defines how a child process should be +

shutdown defines how a child process shall be terminated. brutal_kill means the child process will be unconditionally terminated using exit(Child,kill). An integer timeout value means that the supervisor will tell @@ -166,35 +191,45 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} no exit signal is received within the specified number of milliseconds, the child process is unconditionally terminated using exit(Child,kill).

-

If the child process is another supervisor, Shutdown +

If the child process is another supervisor, the shutdown time should be set to infinity to give the subtree ample - time to shutdown. It is also allowed to set it to infinity, + time to shut down. It is also allowed to set it to infinity, if the child process is a worker.

-

Be careful by setting the Shutdown strategy to +

Be careful when setting the shutdown time to infinity when the child process is a worker. Because, in this situation, the termination of the supervision tree depends on the child process, it must be implemented in a safe way and its cleanup procedure must always return.

Note that all child processes implemented using the standard - OTP behavior modules automatically adhere to the shutdown + OTP behaviour modules automatically adhere to the shutdown protocol.

+

The shutdown key is optional. If it is not given, + the default value 5000 will be used if the child is + of type worker; and infinity will be used if + the child is of type supervisor.

 -

Type specifies if the child process is a supervisor or +

type specifies if the child process is a supervisor or a worker.

+

The type key is optional. If it is not given, the + default value worker will be used.

 -

Modules is used by the release handler during code +

modules is used by the release handler during code replacement to determine which processes are using a certain - module. As a rule of thumb Modules should be a list - with one element [Module], where Module is - the callback module, if the child process is a supervisor, - gen_server or gen_fsm. If the child process is an event - manager (gen_event) with a dynamic set of callback modules, - Modules should be dynamic. See OTP Design Principles - for more information about release handling.

+ module. As a rule of thumb, if the child process is a + supervisor, gen_server, or gen_fsm, + this should be a list with one element [Module], + where Module is the callback module. If the child + process is an event manager (gen_event) with a + dynamic set of callback modules, the value dynamic + shall be used. See OTP Design Principles for more + information about release handling.

+

The modules key is optional. If it is not given, it + defaults to [M], where M comes from the + child's start {M,F,A}

Internally, the supervisor also keeps track of the pid @@ -213,11 +248,20 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} +

The tuple format is kept for backwards compatibility + only. A map is preferred; see more details + above.

-

A (the argument list) has the value - undefined if Restart is temporary.

+ +

The value undefined for A (the + argument list) is only to be used internally + in supervisor. If the restart type of the child + is temporary, then the process is never to be + restarted and therefore there is no need to store the real + argument list. The value undefined will then be + stored instead.

 @@ -232,6 +276,12 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} + + +

The tuple format is kept for backwards compatibility + only. A map is preferred; see more details + above.

 + @@ -253,20 +303,20 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} the supervisor is linked to the calling process (its supervisor).

The created supervisor process calls Module:init/1 to - find out about restart strategy, maximum restart frequency + find out about restart strategy, maximum restart intensity and child processes. To ensure a synchronized start-up procedure, start_link/2,3 does not return until Module:init/1 has returned and all child processes have been started.

-

If SupName={local,Name} the supervisor is registered +

If SupName={local,Name}, the supervisor is registered locally as Name using register/2. If SupName={global,Name} the supervisor is registered globally as Name using global:register_name/2. If SupName={via,Module,Name} the supervisor is registered as Name using the registry represented by - Module. The Module callback should export the functions + Module. The Module callback must export the functions register_name/2, unregister_name/1 and send/2, - which should behave like the corresponding functions in global. + which shall behave like the corresponding functions in global. Thus, {via,global,Name} is a valid reference.

If no name is provided, the supervisor is not registered.

Module is the name of the callback module.

@@ -274,14 +324,14 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} the argument to Module:init/1.

If the supervisor and its child processes are successfully created (i.e. if all child process start functions return - {ok,Child}, {ok,Child,Info}, or ignore) + {ok,Child}, {ok,Child,Info}, or ignore), the function returns {ok,Pid}, where Pid is the pid of the supervisor. If there already exists a process - with the specified SupName the function returns + with the specified SupName, the function returns {error,{already_started,Pid}}, where Pid is the pid of that process.

If Module:init/1 returns ignore, this function - returns ignore as well and the supervisor terminates + returns ignore as well, and the supervisor terminates with reason normal. If Module:init/1 fails or returns an incorrect value, this function returns {error,Term} where Term @@ -297,7 +347,6 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} Dynamically add a child process to a supervisor. - @@ -314,35 +363,35 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} {via,Module,Name}, if the supervisor is registered through an alternative process registry. -

ChildSpec should be a valid child specification +

ChildSpec must be a valid child specification (unless the supervisor is a simple_one_for_one - supervisor, see below). The child process will be started by + supervisor; see below). The child process will be started by using the start function as defined in the child specification.

-

If the case of a simple_one_for_one supervisor, +

In the case of a simple_one_for_one supervisor, the child specification defined in Module:init/1 will - be used and ChildSpec should instead be an arbitrary + be used, and ChildSpec shall instead be an arbitrary list of terms List. The child process will then be started by appending List to the existing start function arguments, i.e. by calling apply(M, F, A++List) where {M,F,A} is the start function defined in the child specification.

If there already exists a child specification with - the specified Id, ChildSpec is discarded and + the specified identifier, ChildSpec is discarded, and the function returns {error,already_present} or {error,{already_started,Child}}, depending on if the corresponding child process is running or not.

If the child process start function returns {ok,Child} - or {ok,Child,Info}, the child specification and pid is + or {ok,Child,Info}, the child specification and pid are added to the supervisor and the function returns the same value.

If the child process start function returns ignore, the child specification is added to the supervisor, the pid - is set to undefined and the function returns + is set to undefined, and the function returns {ok,undefined}.

If the child process start function returns an error tuple or an erroneous value, or if it fails, the child specification is - discarded and the function returns {error,Error} where + discarded, and the function returns {error,Error} where Error is a term containing information about the error and child specification.

@@ -366,7 +415,7 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules}

If the child is temporary, the child specification is deleted as soon as the process terminates. This means - that delete_child/2 has no meaning + that delete_child/2 has no meaning, and restart_child/2 can not be used for these children.

@@ -375,13 +424,13 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} process is alive, but is not a child of the given supervisor, the function will return {error,not_found}. If the child specification - identifier is given instead instead of a pid(), the + identifier is given instead of a pid(), the function will return {error,simple_one_for_one}.

If successful, the function returns ok. If there is no child specification with the specified Id, the function returns {error,not_found}.

-

See start_child/2 for a description of - SupRef.

+

See start_child/2 + for a description of SupRef.

@@ -390,15 +439,15 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules}

Tells the supervisor SupRef to delete the child specification identified by Id. The corresponding child - process must not be running, use terminate_child/2 to + process must not be running. Use terminate_child/2 to terminate it.

-

See start_child/2 for a description of - SupRef.

+

See start_child/2 + for a description of SupRef.

If successful, the function returns ok. If the child specification identified by Id exists but the corresponding child process is running or about to be restarted, the function returns {error,running} or - {error,restarting} respectively. If the child specification + {error,restarting}, respectively. If the child specification identified by Id does not exist, the function returns {error,not_found}.

 @@ -410,10 +459,10 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules}

Tells the supervisor SupRef to restart a child process corresponding to the child specification identified by Id. The child - specification must exist and the corresponding child process + specification must exist, and the corresponding child process must not be running.

Note that for temporary children, the child specification - is automatically deleted when the child terminates, and thus + is automatically deleted when the child terminates; thus it is not possible to restart such children.

See start_child/2 for a description of SupRef.

@@ -429,7 +478,7 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} is added to the supervisor and the function returns the same value.

If the child process start function returns ignore, - the pid remains set to undefined and the function + the pid remains set to undefined, and the function returns {ok,undefined}.

If the child process start function returns an error tuple or an erroneous value, or if it fails, the function returns @@ -462,7 +511,7 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules}

Child - the pid of the corresponding child process, the atom restarting if the process is about to be - restarted or undefined if there is no such process.

+ restarted, or undefined if there is no such process.

Type - as defined in the child specification.

@@ -475,8 +524,8 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} - Return counts for the number of childspecs, active children, - supervisors and workers. + Return counts for the number of child specifications, + active children, supervisors, and workers.

Returns a property list (see proplists) containing the counts for each of the following elements of the supervisor's @@ -500,6 +549,8 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} process is still alive.

 +

See start_child/2 + for a description of SupRef.

@@ -511,11 +562,23 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} correct, or {error,Error} otherwise.

 + + + Return the child specification map for the given + child. + +

Returns the child specification map for the child identified + by Id under supervisor SupRef. The returned + map contains all keys, both mandatory and optional.

+

See start_child/2 + for a description of SupRef.

+ +
CALLBACK FUNCTIONS -

The following functions should be exported from a +

The following functions must be exported from a supervisor callback module.

@@ -524,33 +587,37 @@ child_spec() = {Id,StartFunc,Restart,Shutdown,Type,Modules} Return a supervisor specification. Args = term() - Result = {ok,{{RestartStrategy,MaxR,MaxT},[ChildSpec]}} | ignore -  RestartStrategy = strategy() -  MaxR = integer()>=0 -  MaxT = integer()>0 + Result = {ok,{SupFlags,[ChildSpec]}} | ignore +  SupFlags = sup_flags()  ChildSpec = child_spec()

Whenever a supervisor is started using supervisor:start_link/2,3, this function is called by the new process to find out about restart strategy, maximum - restart frequency and child specifications.

+ restart intensity, and child specifications.

Args is the Args argument provided to the start function.

-

RestartStrategy is the restart strategy and - MaxR and MaxT defines the maximum restart - frequency of the supervisor. [ChildSpec] is a list of - valid child specifications defining which child processes - the supervisor should start and monitor. See the discussion - about Supervision Principles above.

+

SupFlags is the supervisor flags defining the + restart strategy and max restart intensity for the + supervisor. [ChildSpec] is a list of valid child + specifications defining which child processes the supervisor + shall start and monitor. See the discussion about + Supervision Principles above.

Note that when the restart strategy is simple_one_for_one, the list of child specifications must be a list with one child specification only. - (The Id is ignored). No child process is then started + (The child specification identifier is ignored.) No child process is then started during the initialization phase, but all children are assumed to be started dynamically using supervisor:start_child/2.

The function may also return ignore.

+

Note that this function might also be called as a part of a + code upgrade procedure. For this reason, the function should + not have any side effects. See + Design + Principles for more information about code upgrade + of supervisors.

 -- cgit v1.2.3