feature(new_dc): Add new node with zero node dc #9230

aleksbykov · 2024-11-17T07:34:51Z

Test checks that in multidc symetric configuration:
DC1: 3, DC2: 3, we lost raft quorum if all nodes in any dc
will die (stopped, killed, etc) and with adding new DC with zero
node only allow to save raft quroum and restore failed dc with
topology operations

Testing

Passed job without tablets

PR pre-checks (self review)

I added the relevant backport labels
I didn't leave commented-out/debugging code

Reminders

Add New configuration option and document them (in sdcm/sct_config.py)
Add unit tests to cover my changes (under unit-test/ folder)
Update the Readme/doc folder relevant to this change (if needed)

soyacz · 2024-12-01T13:43:56Z

@aleksbykov can you verify unit tests error and resolve conflicts?

aleksbykov · 2025-02-16T12:25:24Z

@emdroid , @patjed41 can take a look on new tests? Need your opinions about test correctness for raft topology quorum and test steps

add_new_dc_test.py

patjed41 · 2025-03-07T12:47:07Z

test-cases/features/add-new-dc-with-zero-nodes.yaml

+user_prefix: 'add-new-dc'
+
+n_db_zero_token_nodes: '0 0 0'
+zero_token_instance_type_db: 'i4i.large'


I remember we wanted to verify that zero-token nodes can be run on weak instances. I don't know if someone did it. If not, I think we could do an experiment here: try to run this new test with the weakest possible instance for the zero-token node and see what happens. If the test passes, we can change the instance to the weakest one in this test. If it fails, then we should investigate it.

Zero-token nodes should work on basically any machine if their only job is participating in the Raft group 0, which is the case in this test. Zero-token nodes could also be used for something else like being proxy nodes for client requests or Alternator load balancers (these are the probable future use cases). In these use cases, the low storage still shouldn't be an issue, but weak CPU could become an issue depending on the traffic.

Note that I know almost nothing about stuff like instances, so take this comment with a pinch of salt.

lower instance was check in another tests. It could be also configured here

If it was checked in another tests, then we don't have to do it here, but we can. Your choice.

sdcm/rest/raft_api.py

Add new feature tests with Arbiter DC and zero nodes Test checks that in multidc symetric configuration: DC1: 3, DC2: 3, we lost raft quorum if all nodes in any dc will die (stopped, killed, etc) and after adding new arbiter DC with zero node only then it saves raft quroum after one dc is die and allow to restore failed dc with topology operations With limited voters features raft voters spread across cluster and has assymentric configuration. for example DC1 could have 2 voters DC2 will have 3 voters. in this case if dc1 will be down then raft quorum will still be presented. In this case DC wil the largest number of voters will killed to get lost raft quourum Test kill scylla on the node by sigstop signal. it is required because nodes should be stopped very fast, so raft couldn't reassign the voters to alive nodes.

aleksbykov · 2025-05-14T14:01:04Z

@patjed41 , can you take a look again. I fixed according to your comments
new:

added assertion to configuration
add support for limited voters(2025.2, master)
fixed c-s stress commands.

Copilot

Pull Request Overview

This PR introduces support for adding a new DC with zero nodes to preserve raft quorum in multidc clusters and adjusts related configurations, tests, and Jenkins pipelines. Key changes include:

Adding a new configuration parameter (ignore_dead_nodes_for_replace) in YAML files.
Implementing and raising a new ReadBarrierErrorException in raft utilities.
Extending the test suite and associated Jenkins pipelines to verify quorum preservation with arbiter and zero-node DC scenarios.

Reviewed Changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
unit_tests/test_scylla_yaml.py	Added new YAML field for dead node handling.
test-cases/features/restore-quorum-with-zero-nodes.yaml	Introduced test configuration for restoring quorum with zero-node DC.
sdcm/utils/raft/init.py	Updated to raise a new exception on read barrier failure.
sdcm/provision/scylla_yaml/scylla_yaml.py	Added configuration option for ignoring dead nodes.
sdcm/exceptions.py	Introduced new ReadBarrierErrorException class.
sdcm/cluster.py	Enhanced cluster node functions and introduced host-id mapping.
raft_quorum_with_arbiterdc_test.py	Added tests to validate quorum loss/restoration with arbiter and zero-node scenarios.
jenkins-pipelines/oss/features/*.jenkinsfile	New pipelines for quorum preservation tests.
configurations/zerotoken_nodes/multidc_config_with_empty_arbiter_dc.yaml	New configuration file for multidc with an arbiter DC.

Comments suppressed due to low confidence (1)

raft_quorum_with_arbiterdc_test.py:88

[nitpick] Consider renaming 'arbitor_dc_node' to 'arbiter_dc_node' for consistent and clear variable naming.

arbitor_dc_node = self.add_zero_node_to_dc(dc_idx=arbiter_dcx)

Copilot · 2025-05-29T08:04:58Z

sdcm/utils/raft/__init__.py

            LOGGER.error("Trigger read-barrier via rest api failed %s", exc)
+            raise ReadBarrierErrorException("Read Barrier call failed %s", exc)


Consider formatting the error message properly (e.g., using an f-string) to ensure the exception details are correctly included in the message.

Suggested change

LOGGER.error("Trigger read-barrier via rest api failed %s", exc)

raise ReadBarrierErrorException("Read Barrier call failed %s", exc)

LOGGER.error(f"Trigger read-barrier via rest api failed: {exc}")

raise ReadBarrierErrorException(f"Read Barrier call failed: {exc}")

Copilot · 2025-05-29T08:04:58Z