raft: add strict fencing
With current leader fencing implementation old leader doesn't resign it's leadership before new leader may be elected. Because of this several "leaders" might coexist in replicaset for some time. This commit changes replication_disconnect_timeout that it is twice as short for current raft leader (2*replication_timeout) if strict fencing is enabled. Assuming that replication_timeout is the same for every replica in replicaset this makes it less probable that new leader can be elected before old one resigns it's leadership. Old fencing behaviour can be enabled by setting fencing to soft mode. This is useful when connection death timeouts shouldn't be affected (e.g. different replication_timeouts are set to prioritize some replicas as leader over the others). Closes #7110 @TarantoolBot document Title: Strict fencing In `box.cfg` option `election_fencing_enabled` is deprecated in favor of `election_fencing_mode`. `election_fencing_mode` can be set to one of the following values: 'off' - fencing turned off (same as `election_fencing_enabled` set to false before). Connection death timeout is 4*replication_timeout for all nodes. 'soft' (default) - fencing turned on, but connection death timeout is the same for leader and followers in replicaset. This is enough to solve cluster being readonly and not being to elect a new leader in some situations because of pre-vote. Connection death timeout is 4*replication_timeout for all nodes. 'strict' - fencing turned on. In this mode leader tries its best to resign leadership before new leader can be elected. This is achived by halving death timeout on leader. Connection death timeout is 4*replication_timeout for followers and 2*replication_timout for current leader.
Showing
- changelogs/unreleased/strict_fencing.md 7 additions, 0 deletionschangelogs/unreleased/strict_fencing.md
- src/box/box.cc 25 additions, 16 deletionssrc/box/box.cc
- src/box/box.h 1 addition, 1 deletionsrc/box/box.h
- src/box/lua/cfg.cc 3 additions, 3 deletionssrc/box/lua/cfg.cc
- src/box/lua/load_cfg.lua 11 additions, 5 deletionssrc/box/lua/load_cfg.lua
- src/box/raft.c 24 additions, 10 deletionssrc/box/raft.c
- src/box/raft.h 27 additions, 5 deletionssrc/box/raft.h
- src/box/replication.cc 10 additions, 0 deletionssrc/box/replication.cc
- src/box/replication.h 4 additions, 5 deletionssrc/box/replication.h
- test/app-tap/init_script.result 1 addition, 1 deletiontest/app-tap/init_script.result
- test/box/admin.result 2 additions, 2 deletionstest/box/admin.result
- test/box/cfg.result 4 additions, 4 deletionstest/box/cfg.result
- test/luatest_helpers/server.lua 6 additions, 0 deletionstest/luatest_helpers/server.lua
- test/replication-luatest/election_fencing_test.lua 73 additions, 18 deletionstest/replication-luatest/election_fencing_test.lua
- test/replication/election_replica.lua 2 additions, 2 deletionstest/replication/election_replica.lua
- test/replication/gh-3055-election-promote.result 1 addition, 1 deletiontest/replication/gh-3055-election-promote.result
- test/replication/gh-3055-election-promote.test.lua 1 addition, 1 deletiontest/replication/gh-3055-election-promote.test.lua
- test/replication/gh-5445-leader-inconsistency.result 4 additions, 4 deletionstest/replication/gh-5445-leader-inconsistency.result
- test/replication/gh-5445-leader-inconsistency.test.lua 4 additions, 4 deletionstest/replication/gh-5445-leader-inconsistency.test.lua
Loading
Please register or sign in to comment