Feature: Failover: Tarantool leader election

All replicasets in a picodata cluster should be configured to use Tarantool's built-in automatic leader election.

Given a replicaset of 3 or more instances, exactly one of the instances should be writable at any moment. Which instance is writable is determined and set automatically.

If a writable instance becomes unavailable, then another instance of the replicaset should become writable in less than 15 seconds.

When some of the instances are unavailable and the count of the unavailable instances is less then the half of the replicaset instance count then write operation should be available.

When some of the instances of a replicaset go down and then up is such way that the count of the simultaneously unavailable instances is always less than the half of the replicaset instance count then the replicaset's write availability should not be interrupted for more than 15 seconds.

Motivation

Before Picodata implements it's own failover we should use Tarantool's built-in failover.

Notes

It is a client's responsibility to auto-reconnect to the active instance.

Edited May 26, 2022 by Sergey V

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information