-
-
Notifications
You must be signed in to change notification settings - Fork 276
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Let the orchestrator handle the read-only/writable of nodes #627
Comments
Thanks for writing up this issue, @AMecea! Unfortunately, I have not had a chance to finish making a global ignore-read-only option as we discussed in #522. I am still willing to do that, but I am not sure how much time I will have before the end of the year. I had a few comments on what you mentioned above...
I think this is a great idea. For us, letting Orchestrator manage failover is one of the biggest benefits of using it. I'm guessing many other users of the operator would feel the same way. When we enabled this, @stankevich dealt with making sure automatic promotion worked well with the operator-managed cluster. I'll let him comment on any operational considerations or best practices that users would need to think about when running in this mode.
I don't think this is strictly necessary because this option is meaningless when I think building this ignore-read-only setting could end up being a good default for many users. Maybe we could also consider highlighting it in the documentation, or making it the actual default mode, at some point in the future. Thanks for writing up this issue @AMecea! |
As @dougfales put it:
When we introduced the
readOnly
in #100 we wanted to have a quarantee that whenreadOnly
isTrue
the cluster will not get writable again but in case of a failover the orchestrator will set new master writable without knowing aboutreadOnly: True
. So in #222 we forced the orchestrator to do the failover but not apply promotion (which will not set node writable).There are a few issues with this approach:
See the other replication issues related to this: #613, #608, #588, #565
The fix that I propose here is to weaken the guarantees of
readOnly
attribute (and document it) and let the Orchestrator handle read-only/ writable nodes by configuring it as follows:For this we need to "revert" #222 and refactor #100 in a less invasive way. An implementation is already started in #522.
The text was updated successfully, but these errors were encountered: