Refine design and specify If-Match ETag validation in OM write path (no pre-flight RPC)

- Add If-Match implementation: validate ETag in OM validateAndUpdateCache,
  avoiding GetS3KeyDetails pre-flight check to optimize happy path
- Document If-None-Match using EXPECTED_DATA_GENERATION_CREATE_IF_NOT_EXISTS=-1
  constant for atomic create-if-not-exists semantics
- Reorganize spec sections: separate Write/Read/Copy specifications
- Clarify OM validation logic: locking, key lookup, ETag comparison, error cases
- Update error mapping: add PRECONDITION_FAILED for missing ETag scenarios
- Add HDDS-13963 reference for Create-If-Not-Exists capability

Author: peterxcli

hadoop-hdds/docs/content/design/s3-conditional-requests.md

@@ -26,23 +26,26 @@ AWS S3 supports conditional requests using HTTP conditional headers, enabling at
 ## Use Cases
 
 ### Conditional Writes
+
 - **Atomic key rewrites**: Prevent race conditions when updating existing objects
 - **Create-only semantics**: Prevent accidental overwrites (`If-None-Match: *`)
 - **Optimistic locking**: Enable concurrent access with conflict detection
 - **Leader election**: Implement distributed coordination using S3 as backing store
 
 ### Conditional Reads
+
 - **Bandwidth optimization**: Avoid downloading unchanged objects (304 Not Modified)
 - **HTTP caching**: Support standard browser/CDN caching semantics
 - **Conditional processing**: Only process objects that meet specific criteria
 
 ### Conditional Copy
+
 - **Atomic copy operations**: Copy only if source/destination meets specific conditions
 - **Prevent overwrite**: Copy only if destination doesn't exist
 
-## AWS S3 Conditional Write
+## Specification
 
-### Specification
+### AWS S3 Conditional Write Specification
 
 #### If-None-Match Header
 
@@ -69,75 +72,101 @@ If-Match: "<etag>"
 - Cannot use both headers together in same request
 - No additional charges for failed conditional requests
 
-### Implementation
+### AWS S3 Conditional Read Specification
+
+TODO
+
+### AWS S3 Conditional Copy Specification
+
+TODO
 
-#### Architecture Overview
+## Implementation
+
+### AWS S3 Conditional Write Implementation
+
+The implementation aims to minimize Redundant RPCs (RTT) while ensuring strict atomicity for conditional operations.
+
+- **If-None-Match** utilizes the atomic "Create-If-Not-Exists" capability ([HDDS-13963](https://issues.apache.org/jira/browse/HDDS-13963 "null")).
+- **If-Match** optimizes the happy path by pushing ETag validation directly into the Ozone Manager's write path, avoiding preliminary read operations.
 
 #### If-None-Match Implementation
 
+This implementation ensures strict create-only semantics by utilizing a specific generation ID marker.
+
+In `OzoneConsts.java`, add the `-1` as a constant for readability:
+```java
+/**
+ * Special value for expectedDataGeneration to indicate "Create-If-Not-Exists" semantics.
+ * When used with If-None-Match conditional requests, this ensures atomicity:
+ * if a concurrent write commits between Create and Commit phases, the commit
+ * fails the validation check, preserving strict create-if-not-exists semantics.
+ */
+public static final long EXPECTED_DATA_GENERATION_CREATE_IF_NOT_EXISTS = -1L;
+```
+
 ##### S3 Gateway Layer
 
 1. Parse `If-None-Match: *`.
-2. Set `existingKeyGeneration = -1`.
+2. Set `existingKeyGeneration = OzoneConsts.EXPECTED_DATA_GENERATION_CREATE_IF_NOT_EXISTS`.
 3. Call `RpcClient.rewriteKey()`.
 
 ##### OM Create Phase
 
-1. Validate `expectedDataGeneration == -1`.
-2. If key exists → throw `KEY_ALREADY_EXISTS`.
-3. Store `-1` in open key metadata.
+1. OM receives request with `expectedDataGeneration == OzoneConsts.EXPECTED_DATA_GENERATION_CREATE_IF_NOT_EXISTS`.
+2. **Pre-check**: If key is already in the OpenKeyTable or KeyTable, throw `KEY_ALREADY_EXISTS`.
+3. If not exists, proceed to create the open key entry.
 
-##### OM Commit Phase
+##### OM Commit Phase (Atomicity)
 
-1. Check `expectedDataGeneration == -1` from open key.
-2. If key now exists (race condition) → throw `KEY_ALREADY_EXISTS`.
-3. Commit key.
+1. During the commit phase (or strict atomic create), the OM validates that the key still does not exist.
+2. If a concurrent client created the key between the Create and Commit phases, the transaction fails with `KEY_ALREADY_EXISTS`.
 
 ##### Race Condition Handling
 
-Using `-1` ensures atomicity. If a concurrent write (Client B) commits between Client A's Create and Commit, Client A's commit fails the `-1` validation check (key now exists), preserving strict create-if-not-exists semantics.
+Using `OzoneConsts.EXPECTED_DATA_GENERATION_CREATE_IF_NOT_EXISTS = -1` ensures atomicity. If a concurrent write (Client B) commits between Client A's Create and Commit,
+Client A's commit fails the `CREATE IF NOT EXISTS` validation check, preserving strict create-if-not-exists semantics.
 
 #### If-Match Implementation
 
-Leverages existing `expectedDataGeneration` from HDDS-10656:
+To optimize performance and reduce latency, we avoid a pre-flight check (GetS3KeyDetails) and instead validate the ETag during the OM Write operation.
+This requires adding an optional `expectedETag` field to `KeyArgs`. This approach optimizes the "happy path" (successful match) by removing an extra network round trip.
+For failing requests, they still incur the cost of a write RPC and Raft log entry, but this is acceptable under optimistic concurrency control assumptions.
 
 ##### S3 Gateway Layer
 
-1. Parse `If-Match: "<etag>"` header
-2. Look up existing key via `getS3KeyDetails()`
-3. Validate ETag matches, else throw `PRECOND_FAILED` (412)
-4. Extract `expectedGeneration` from existing key
-5. Pass `expectedGeneration` to RpcClient
+1. Parse `If-Match: "<etag>"` header.
+3. Populate `KeyArgs` with the parsed `expectedETag`.
+4. Send the write request (CreateKey/OpenKey) to OM.
 
-##### OM Create Phase
+##### OM Layer (Validation Logic)
+
+Validation is performed within the `validateAndUpdateCache` method to ensure atomicity within the Ratis state machine application.
 
-1. Receive `expectedDataGeneration` parameter
-2. Look up current key and validate exists
-3. Extract current key's `updateID` value
-4. Create open key with `expectedDataGeneration = updateID`
-5. Return stream to S3 gateway
+1. **Locking**: The OM acquires the write lock for the bucket/key.
+2. **Key Lookup**: Retrieve the existing key from `KeyTable`.
+3. **Validation**:
 
-##### OM Commit Phase
+    - **Key Not Found**: If the key does not exist, throw `KEY_NOT_FOUND` (maps to S3 412).
+    - **No ETag Metadata**: If the existing key (e.g., uploaded via OFS) does not have an ETag property, validation fails. We do **not** calculate ETag on the spot to avoid performance overhead on the applier thread. Throws `PRECONDITION_FAILED`.
+    - **ETag Mismatch**: Compare `existingKey.ETag` with `expectedETag`. If they do not match, throw `PRECONDITION_FAILED` (maps to S3 412).
 
-1. Read open key (contains `expectedDataGeneration`)
-2. Read current committed key
-3. Validate `current.updateID == openKey.expectedDataGeneration`
-4. Commit if match, reject if mismatch (existing HDDS-10656 logic)
+4. **Execution**: If validation passes, proceed with the operation (adding to OpenKeyTable).
 
 #### Error Mapping
 
-| OM Error | S3 Status | S3 Error Code | Scenario |
-|----------|-----------|---------------|----------|
-| `KEY_ALREADY_EXISTS` | 412 | PreconditionFailed | If-None-Match failed |
-| `KEY_NOT_FOUND` | 412 | PreconditionFailed | If-Match failed (key missing) |
-| `ETAG_MISMATCH` | 412 | PreconditionFailed | If-Match failed (ETag mismatch) |
-| `GENERATION_MISMATCH` | 412 | PreconditionFailed | If-Match failed (concurrent modification) |
+|   |   |   |   |
+|---|---|---|---|
+|**OM Error**|**S3 Status**|**S3 Error Code**|**Scenario**|
+|`KEY_ALREADY_EXISTS`|412|PreconditionFailed|If-None-Match failed|
+|`KEY_NOT_FOUND`|412|PreconditionFailed|If-Match failed (key missing)|
+|`ETAG_MISMATCH`|412|PreconditionFailed|If-Match failed (ETag mismatch)|
+|`PRECONDITION_FAILED`|412|PreconditionFailed|If-Match failed (General/No ETag)|
 
-## AWS S3 Conditional Read
+## AWS S3 Conditional Read Implementation
 
 TODO
 
-## AWS S3 Conditional Copy
+## AWS S3 Conditional Copy Implementation
 
 TODO
 
@@ -146,4 +175,6 @@ TODO
 - [AWS S3 Conditional Requests](https://docs.aws.amazon.com/AmazonS3/latest/userguide/conditional-requests.html)
 - [RFC 7232 - HTTP Conditional Requests](https://tools.ietf.org/html/rfc7232)
 - [HDDS-10656 - Atomic Rewrite Key](https://issues.apache.org/jira/browse/HDDS-10656)
+- [HDDS-13963 - Atomic Create-If-Not-Exists](https://issues.apache.org/jira/browse/HDDS-13963)
 - [Leader Election with S3 Conditional Writes](https://www.morling.dev/blog/leader-election-with-s3-conditional-writes/)
+- [An MVCC-like columnar table on S3 with constant-time deletes](https://simonwillison.net/2025/Oct/11/mvcc-s3/)