Create overview page for the suspicious replica recoverer daemon

[ChristophAmes]

The suspicious replica recoverer daemon isn't easy to understand at first glance. Therefore, an overview page for the suspicious replica recoverer daemon will be created, which will explain the general structure of the daemon and what the goals of each step are.

[cserf]

The text is OK. I would add a schema describing the state machine similar to https://github.com/rucio/documentation/blob/main/website/static/img/request_state_transition_chart.svg even if it might be a bit complicated to fit everything in just one figure

[cserf]

You should mention that the poilcy is a json file and show an example

[voetberg]

Can you add a reference to this page here? Could be useful to also understand why replicas become suspicious in the first place and where the recoverer daemon comes in

[bari12]

Ping @ChristophAmes would you mind still doing these changes?

[haozturk]

I spent a while to read this daemon's code and adapt it into CMS. I'd like to add things into its documentation including this flow chart [1] and how it should be configured [2], which isn't trivial. If this PR is going to merged, I can wait and make a new PR to add my changes.

[1]https://cmsdmops.docs.cern.ch/CMSRucio/Daemon_configurations/image.png
[2]https://cmsdmops.docs.cern.ch/CMSRucio/Daemon_configurations/replica_recoverer/

[ChristophAmes]

Sorry I haven't responded, I've been rather busy.
I've added an example for the JSON file and added a link to the overview of the replica workflow.
I think the flow chart created by @haozturk looks good, so I won't make one myself.

[rdimaio]

Suggested change

Before replicas are handled individually, the daemon checks how many suspicious replicas are on each Rucio storage element (RSE), which are the servers that host replicas. If an RSE has more than `limit_suspicious_files_on_rse` suspicious replicas, then it is assumed that the problem lays with the RSE and not the replicas themselves. Under such a circumstance, the replicas on that RSE are set to the state `TEMPORARILY UNAVAILABLE` for three days. A replica in this state can't be interacted with. The assumption is that after three days, problems with the RSE will have been fixed. If not, then the replicas on that RSE will end-up being declared suspicious en masse, which will result in them being set as `TEMPORARILY UNAVAILABLE` again. This cycle will be repeated until the underlying issue is solved.

Before replicas are handled individually, the daemon checks how many suspicious replicas are on each Rucio storage element (RSE), which are the servers that host replicas. If an RSE has more than `limit_suspicious_files_on_rse` suspicious replicas, then it is assumed that the problem lays with the RSE and not the replicas themselves. Under such a circumstance, the replicas on that RSE are set to the state `TEMPORARILY UNAVAILABLE` for three days. A replica in this state can't be interacted with. The assumption is that after three days, problems with the RSE will have been fixed. If not, then the replicas on that RSE will end up being declared suspicious en masse, which will result in them being set as `TEMPORARILY UNAVAILABLE` again. This cycle will be repeated until the underlying issue is solved.

[rdimaio]

Suggested change

	The replica polices can easily be expanded in the future.
	The replica policies can easily be expanded in the future.

[rdimaio]

Suggested change

A very large number of suspicious replicas have `nattempts = 1`. To clean-up the database, replicas with `nattempts = 1` that also have a policy that would result in the replica being declared bad are given a "boost". This means that rules for those replicas are created. These rules only exist to create an attempt to interact with the replica. If there is in fact a problem with the replica (or the RSE), then each rule will result in an error and that replica will be declared `SUSPICIOUS` once for each rule, which will bring the number of declarations over the `nattempts` barrier. This results in the replica being handled normally by the daemon during the daemon's next cycle.

A very large number of suspicious replicas have `nattempts = 1`. To clean up the database, replicas with `nattempts = 1` that also have a policy that would result in the replica being declared bad are given a "boost". This means that rules for those replicas are created. These rules only exist to create an attempt to interact with the replica. If there is in fact a problem with the replica (or the RSE), then each rule will result in an error and that replica will be declared `SUSPICIOUS` once for each rule, which will bring the number of declarations over the `nattempts` barrier. This results in the replica being handled normally by the daemon during the daemon's next cycle.

[rdimaio]

I'd personally rewrite it like this for clarity, but it's just my opinion

Suggested change

	## Active mode
	By default, the entire suspicious replica recoverer is ran in a passive mode, meaning that it will create log files as if it were taking actions on replicas, however, it does not take any actions. This passive mode allows for test runs of the daemon without accidentally causing damage. The active mode, which then takes actions on the replicas, has to be specified when the daemon is called.
	## Passive and active modes
	The suspicious replica recoverer has two modes of operation:
	- **Passive (default)**: no actions are taken by the daemon, but log files are generated as if the actions were taken (like a dry-run mode). Useful for testing daemon runs without affecting data.
	- **Active**: the daemon is allowed to take actions on the replicas. This option has to explicitly be set when the daemon is called.