feat(db): make rollout state runtime-local for distributed Nebraska#1396
Open
Moustafa-Moustafa wants to merge 1 commit into
Open
feat(db): make rollout state runtime-local for distributed Nebraska#1396Moustafa-Moustafa wants to merge 1 commit into
Moustafa-Moustafa wants to merge 1 commit into
Conversation
The `rollout_in_progress` indicator for a group is the only field on the admin-managed `groups` table that is written by the update-serving engine, not the admin. This is a step towards the distributed topology described in RFC flatcar#1375: admin state needs to flow one-way from the admin node to each runtime node, while runtime state must stay local so each runtime node records what it observes from its own clients. This change moves that single field onto its own runtime-local table. Standalone-mode behavior is unchanged. Note on `policy_safe_mode`: in distributed mode there is no path for runtime nodes to send observations back to the admin node, which means the `safe_mode` auto-pause cannot work as it does today. I'm proposing we do not support `safe_mode` while distributed mode is enabled, at least within the scope of this effort. A proper solution (e.g. some form of runtime-to-admin state sharing) can be designed separately. Refs: flatcar#1375 Signed-off-by: Moustafa Moustafa <momousta@microsoft.com>
Moustafa-Moustafa
force-pushed
the
feat/group-state-split
branch
from
a5c46ee to
035960b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The
rollout_in_progressindicator for a group is the only field on the admin-managedgroupstable that is written by the update-serving engine, not the admin. This is a step towards the distributed topology described in RFC #1375: admin state needs to flow one-way from the admin node to each runtime node, while runtime state must stay local so each runtime node records what it observes from its own clients.This change moves that single field onto its own runtime-local table. Standalone-mode behavior is unchanged.
Note on
policy_safe_mode: in distributed mode there is no path for runtime nodes to send observations back to the admin node, which means thesafe_modeauto-pause cannot work as it does today. I'm proposing we do not supportsafe_modewhile distributed mode is enabled, at least within the scope of this effort. A proper solution (e.g. some form of runtime-to-admin state sharing) can be designed separately.Refs: #1375
Separate the
groupstable[ describe the change in 1 - 3 paragraphs ]
How to use
No new behavior is introduced, Nebraska running in single instance mode (currently the only mode) shouldn't be impacted at all.
Testing done
`cd backend && make all` — clean (codegen, generators, golangci-lint, build)
`cd backend && make check-backend-with-container` — passes (full suite incl.
`backend/test/api` integration and `backend/test/auth/oidc`)
Smoke test on a local environment
Changelog entries added in the respective
changelog/directory (user-facing change, bug fix, security fix, update)Inspected CI output for image differences:
/bootand/usrsize, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.