Add logging for rejected MFSTART messages in cluster primary#4058
Conversation
When a primary receives an MFSTART (manual failover start) message, it was silently ignored if the sender was unknown or not a replica of this primary. This made it impossible to diagnose why a manual failover was timing out on the replica side — the primary had no indication that it ever received the request. In particular, cluster gossip may not have propagated the new replica relationship to the primary yet, so the primary may legitimately not recognize the sender as its replica. Without logging, this scenario leaves no trace on the primary side. Signed-off-by: Binbin <binloveplay1314@qq.com>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthrough
ChangesManual failover packet handling
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## unstable #4058 +/- ##
============================================
- Coverage 76.77% 76.75% -0.02%
============================================
Files 162 162
Lines 81023 81031 +8
============================================
- Hits 62206 62199 -7
- Misses 18817 18832 +15
🚀 New features to boost your workflow:
|
When a primary receives an MFSTART (manual failover start) message,
it was silently ignored if the sender was unknown or not a replica of
this primary. This made it impossible to diagnose why a manual failover
was timing out on the replica side — the primary had no indication that
it ever received the request.
In particular, cluster gossip may not have propagated the new replica
relationship to the primary yet, so the primary may legitimately not
recognize the sender as its replica. Without logging, this scenario
leaves no trace on the primary side.