[automatic failover] Add dual thresholds (min num of failures + failure rate) capabililty to circuit breaker

[atakavci]

Summary

Introduce dual-threshold circuit-breaker failover for Jedis multi‑cluster, simplify configuration, and align docs/tests. Failover now occurs only when BOTH of the following are exceeded: minimum number of failures and failure‑rate percentage.

Key changes

• Dual-threshold enforcement
  • New evaluation in CircuitBreakerFailoverBase: evaluateThresholds(cluster) checks metrics and opens the CB when thresholds are exceeded; clusterFailover(...) then forces open and switches clusters.
  • CircuitBreakerCommandExecutor and CircuitBreakerFailoverConnectionProvider now call evaluateThresholds before execution and on tracked exceptions to keep decisions consistent and deterministic.
• New CircuitBreakerThresholdsAdapter
  • Maps MultiClusterClientConfig → resilience4j CircuitBreakerConfig.
  • Special handling:
    • failureRateThreshold = 0.0f maps to 100.0f (resilience4j limitation).
    • minimumNumberOfCalls is derived from configured minFailures and rate; when rate == 0.0f, sets Integer.MAX_VALUE to prevent the CB from auto-opening on its own.
    • Uses TIME_BASED window; size comes from config.
• MultiClusterClientConfig simplification and new defaults
  • Added circuitBreakerMinNumOfFailures (default 1000) and validation that rejects both minFailures==0 and rate==0 simultaneously.
  • Defaults updated: failureRateThreshold=10.0f, slidingWindowSize=2.
  • Removed slow-call knobs (duration and rate) and sliding-window type/min-calls from the public API.
• MultiClusterPooledConnectionProvider
  • Builds the CircuitBreaker using CircuitBreakerThresholdsAdapter.
  • Exposes cluster getters for getCircuitBreakerMinNumOfFailures() and getCircuitBreakerFailureRateThreshold().
• Documentation
  • Updated failover.md to the new defaults and simplified table; removed slow-call and sliding window type/min-calls; clarified the dual-threshold model.
• Tests
  • New CircuitBreakerFailoverBaseTests: matrix coverage of minFailures × failure-rate using real CB metrics with mocked wiring.
  • New/updated CircuitBreakerThresholdsTest: exercises real provider + real executor + real CB/Retry with only the connection pool mocked (no network), validating threshold behavior and failover switching.
  • Integration tests (FailoverIntegrationTest, ActiveActiveLocalFailoverTest) adjusted to the new configuration style and defaults.

Behavior

Failover is triggered when BOTH conditions hold:

• failures >= circuitBreakerMinNumOfFailures
• (failed / (failed + successful)) × 100 >= circuitBreakerFailureRateThreshold

Notes

• With failureRateThreshold=0.0f, adapter maps to 100.0f and sets minimumNumberOfCalls=Integer.MAX_VALUE so resilience4j does not auto-open; Jedis still enforces the dual-threshold policy in the executor/base.
• Automatic transition from OPEN to HALF_OPEN remains disabled; failback is handled by existing health‑check/failback mechanisms.

Migration

Use these settings:

• circuitBreakerMinNumOfFailures(int)
• circuitBreakerFailureRateThreshold(float)
• circuitBreakerSlidingWindowSize(int) // time-based seconds

Removed settings (no longer applicable):

• slidingWindowType, slidingWindowMinCalls
• slowCallDurationThreshold, slowCallRateThreshold

If you previously relied on slow-call based opening, migrate to failure-based thresholds or external performance monitors.

Validation

• Unit/parameterized tests cover edge thresholds (0%, 100%), small/large sample sizes.
• Integration tests updated to the new API; docs reflect defaults and examples.
• CircuitBreakerThresholdsTest now validates end‑to‑end interaction among provider + executor + circuit breaker without using network calls.

[jit-ci]

Hi, I’m Jit, a friendly security platform designed to help developers build secure applications from day zero with an MVS (Minimal viable security) mindset.

In case there are security findings, they will be communicated to you as a comment inside the PR.

Hope you’ll enjoy using Jit.

Questions? Comments? Want to learn more? Get in touch with us.

[Copilot]

Pull Request Overview

This PR adds dual-threshold failover capability to Jedis multi-cluster circuit breaker functionality. The circuit breaker now requires both a minimum number of failures AND a failure rate threshold to be exceeded before triggering failover, providing more robust failover control.

Key changes:

• Introduces dual threshold logic requiring both minimum failures and failure rate criteria to be met
• Simplifies configuration by removing deprecated circuit breaker settings and updating defaults
• Adds new adapter class to handle threshold mapping to resilience4j configuration

Reviewed Changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
MultiClusterClientConfig.java	Updated configuration with new dual threshold properties and simplified circuit breaker settings
CircuitBreakerThresholdsAdapter.java	New adapter class for mapping configuration to resilience4j circuit breaker settings
CircuitBreakerCommandExecutor.java	Added dual threshold checking logic before triggering failover
CircuitBreakerFailoverBase.java	Base class with shared threshold validation logic
JedisFailoverThresholdsExceededException.java	New exception type for threshold-based failover
Various test files	Updated tests to remove deprecated configuration options and add threshold testing
docs/failover.md	Updated documentation with new defaults and simplified configuration

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Pull Request Overview

Copilot reviewed 16 out of 16 changed files in this pull request and generated 1 comment.

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Pull Request Overview

Copilot reviewed 17 out of 17 changed files in this pull request and generated 2 comments.

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[ggivo]

Still going trough the complete review, have some initial questions

[ggivo]

Not sure I get this one.
In which case, metrics are not increased yet?

[ggivo]

Some of the new properties need to be renamed to align the naming with the design:

circuitBreakerMinNumOfFailures(int) -> minNumOfFailuresThreshold
circuitBreakerFailureRateThreshold(float) -> failureRateThreshold
circuitBreakerSlidingWindowSize(int) -> failureDetectionWindowSize

We need to drop also circuitBreaker prefix from others.
Probably with follow-up PR?

[ggivo]

LGTM