Skip to content

rabbit_fifo: Add reject_publish_dlx overflow strategy#16673

Draft
the-mikedavis wants to merge 3 commits into
qq-vNextfrom
md/qq-reject-publish-dlx
Draft

rabbit_fifo: Add reject_publish_dlx overflow strategy#16673
the-mikedavis wants to merge 3 commits into
qq-vNextfrom
md/qq-reject-publish-dlx

Conversation

@the-mikedavis

Copy link
Copy Markdown
Collaborator

This operates just like the classic queue overflow strategy. If enqueueing a message would overflow the queue, the message is run through the dead lettering route and also the enqueue is rejected.

Prior to this change, QQs would fall back to drop-head when reject-publish-dlx was specified.

This is based on the next QQ version PR: #16583.

kjnilsson added 2 commits June 1, 2026 16:44
Implement the OSS infrastructure for ingress-dependent quorum queue leader
rebalancing. This adds:

- Per-node enqueue byte counters in the replicated state machine, updated
  deterministically on every enqueue via apply_enqueue/6
- Exposure of cumulative totals via overview/1, propagated to all replicas
  on every tick
- Aux state leaky integrators (via ra_li) to compute smoothed per-node
  ingress rates, updated on handle_tick
- A get_ingress_rates aux query that returns bytes/second per node,
  callable locally without cross-node coordination

The new field ingress_bytes_by_node defaults to #{} and is never read by
OSS, so pre-v9 members in mixed clusters are unaffected. The aux state
version is bumped to aux_v5 with an upgrade clause for rolling restarts.

Decay time is configurable via persistent_term.

Tests added to verify accumulation, snapshot persistence, v8→v9 conversion,
and rate decay behavior under controlled tick timing.
@the-mikedavis the-mikedavis requested a review from kjnilsson June 12, 2026 20:14
@the-mikedavis the-mikedavis self-assigned this Jun 12, 2026
@the-mikedavis

Copy link
Copy Markdown
Collaborator Author

I couldn't quite dig up the history for why this wasn't implemented, historically. I think it was because it doesn't stem publishers off when the queue is full like the reject_publish strategy? So publishers might extend the log with messages that won't end up in the queue and bump up the disk footprint. But with compaction I think this cost might be more acceptable?

This operates just like the classic queue overflow strategy. If
enqueueing a message would overflow the queue, the message is run
through the dead lettering route and also the enqueue is rejected.
@the-mikedavis the-mikedavis force-pushed the md/qq-reject-publish-dlx branch from ab26182 to c1f54b1 Compare June 12, 2026 20:38
@lukebakken lukebakken self-requested a review June 18, 2026 22:51
@lukebakken

Copy link
Copy Markdown
Collaborator

Is this PR related to #8495?

@the-mikedavis

Copy link
Copy Markdown
Collaborator Author

Not quite, but the concepts overlap in a way where it's not at all obvious. #8495 is about how reject-publish is ignored on the dead-letter target queue, not about the source queue's capabilities (i.e. queue being dead-lettered from). This PR covers the source QQ and makes the QQ both reject and dead-letter a new publish which would otherwise overflow the queue.

@kjnilsson kjnilsson force-pushed the qq-vNext branch 4 times, most recently from 84bb860 to 4409b16 Compare July 2, 2026 10:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants