diff options
| author | Sami Hiltunen <shiltunen@gitlab.com> | 2021-05-26 16:28:55 +0300 |
|---|---|---|
| committer | Sami Hiltunen <shiltunen@gitlab.com> | 2021-07-12 12:09:17 +0300 |
| commit | e900df0947d188194f319b8afb9aa4fe857d357d (patch) | |
| tree | 4c8d0e928f0fe73c014ebe4de8e846bc0a7ffe1a /proto/praefect.proto | |
| parent | 7704c707d9ac3c0bd94c61a2a97e7ee5e06880bb (diff) | |
Support lazy failovers in `praefect dataloss`
With the recent failover changes, the output of `praefect dataloss`
is no longer accurate. Previously a repository would have been in
read-only mode if the primary of the repository was outdated. With
lazy failovers in place, it's no longer sufficient to check only
whether the current primary is outdated or not. If the current primary
is outdated, Praefect would immediately switch the repository's primary
on the next request if there is an up to date replica available. This
also means that there is no 'read-only mode' anymore, as we'd simply
failover to an up to date node rather than wait for the current primary
to be brought up to speed. This commit updates the dataloss sub-command
to take the new changes into account:
1. If there is an up to date, available replica for the repository, it's
considered to be available for both reads and writes.
2. If there are no up to date replicas available, the repository is considered
unavailable. As it is, Praefect does not distribute writes to outdated
replicas.
3. To make it easier to determine why a repository is unavailable, 'unavailable'
is printed next to the storages which are considered to be unavailable by the
consensus of the Praefect nodes.
Changelog: changed
Diffstat (limited to 'proto/praefect.proto')
| -rw-r--r-- | proto/praefect.proto | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/proto/praefect.proto b/proto/praefect.proto index 946fef596..71198a687 100644 --- a/proto/praefect.proto +++ b/proto/praefect.proto @@ -17,7 +17,7 @@ service PraefectInfoService { // need repair. rpc ConsistencyCheck(ConsistencyCheckRequest) returns (stream ConsistencyCheckResponse); - // DatalossCheck checks for outdated repository replicas. + // DatalossCheck checks for unavailable repositories. rpc DatalossCheck(DatalossCheckRequest) returns (DatalossCheckResponse); // SetAuthoritativeStorage sets the authoritative storage for a repository on a given virtual storage. @@ -62,10 +62,8 @@ message SetAuthoritativeStorageResponse {} message DatalossCheckRequest { string virtual_storage = 1; - // include_partially_replicated decides whether to include repositories which are fully up to date - // on the primary but are outdated on some secondaries. Such repositories are still writable and do - // not suffer from data loss. The data on the primary is not fully replicated which increases the - // chances of data loss following a failover. + // include_partially_unavailable indicates whether to include repositories which are available but + // are unavailable on some assigned storages. bool include_partially_replicated = 2; } @@ -78,14 +76,18 @@ message DatalossCheckResponse { int64 behind_by = 2; // assigned indicates whether the storage is assigned to host the repository. bool assigned = 3; + // healthy indicates whether the storage is considered healthy by the consensus of Praefect nodes. + bool healthy = 4; + // valid_primary indicates whether the storage is ready to act as the primary if necessary. + bool valid_primary = 5; } // relative path of the repository with outdated replicas string relative_path = 1; // storages on which the repository is outdated repeated Storage storages = 2; - // read_only indicates whether the repository is in read-only mode. - bool read_only = 3; + // unavailable indicates whether the repository is in unavailable. + bool unavailable = 3; // current primary storage of the repository string primary = 4; |