[
https://issues.apache.org/jira/browse/MESOS-1226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benjamin Mahler updated MESOS-1226:
-----------------------------------
Description:
As we're planning to add a non-strict replicated log backed registry in 0.19.0,
we need to add some flags related to the log:
# Specify the number of masters in the "ensemble". From this we will deduce the
quorum size, which is a bit safer than relying on operators to get the quorum
size and "ensemble" size to match up correctly.
# Make --work_dir required, as {{/tmp}} is a terrible place to store log
replica state!
# Use the existing {{--zk}} flag with an implicit non-sequence sub-znode for
the log's replica group. (E.g. --zk=.../masters uses /master for masters and
/masters/replicas for replicas).
# Add a flag for auto-initialization of the replicated log that defaults to
true. Production users may want this to be false for added safety in the event
of misconfiguration or full replica data loss.
We could consider making the number of masters required only if the zk path is
specified, and vice versa. If zk is not specified, then it could be assumed
that one is operating with a single master setup. Although, one might
accidentally swap machines without swapping the state on disk!
In the future, we'll want to be safer here and expose the log configuration in
a less dynamic nature. That is, it would be nice to _explicitly_ specify the
set of replicas in the configuration and disallow other replicas from
participating as this is clearly not safe! For example, one could specify a
cluster size of 5, but nothing prevents 7 masters from joining the zk group.
was:
As we're planning to add a non-strict replicated log backed registry in 0.19.0,
we need to add some flags related to the log:
# Specify the number of masters in the "ensemble". From this we will deduce the
quorum size, which is a bit safer than relying on operators to get the quorum
size and "ensemble" size to match up correctly.
# Make --work_dir required, as {{/tmp}} is a terrible place to store log
replica state!
# Use the existing {{--zk}} flag with an implicit non-sequence sub-znode for
the log's replica group. (E.g. --zk=.../masters uses /master for masters and
/masters/replicas for replicas).
We could consider making the number of masters required only if the zk path is
specified, and vice versa. If zk is not specified, then it could be assumed
that one is operating with a single master setup. Although, one might
accidentally swap machines without swapping the state on disk!
In the future, we'll want to be safer here and expose the log configuration in
a less dynamic nature. That is, it would be nice to _explicitly_ specify the
set of replicas in the configuration and disallow other replicas from
participating as this is clearly not safe! For example, one could specify a
cluster size of 5, but nothing prevents 7 masters from joining the zk group.
> Add flags for replicated log backed registry.
> ---------------------------------------------
>
> Key: MESOS-1226
> URL: https://issues.apache.org/jira/browse/MESOS-1226
> Project: Mesos
> Issue Type: Sub-task
> Components: master
> Reporter: Benjamin Mahler
> Assignee: Vinod Kone
> Fix For: 0.19.0
>
>
> As we're planning to add a non-strict replicated log backed registry in
> 0.19.0, we need to add some flags related to the log:
> # Specify the number of masters in the "ensemble". From this we will deduce
> the quorum size, which is a bit safer than relying on operators to get the
> quorum size and "ensemble" size to match up correctly.
> # Make --work_dir required, as {{/tmp}} is a terrible place to store log
> replica state!
> # Use the existing {{--zk}} flag with an implicit non-sequence sub-znode for
> the log's replica group. (E.g. --zk=.../masters uses /master for masters and
> /masters/replicas for replicas).
> # Add a flag for auto-initialization of the replicated log that defaults to
> true. Production users may want this to be false for added safety in the
> event of misconfiguration or full replica data loss.
> We could consider making the number of masters required only if the zk path
> is specified, and vice versa. If zk is not specified, then it could be
> assumed that one is operating with a single master setup. Although, one might
> accidentally swap machines without swapping the state on disk!
> In the future, we'll want to be safer here and expose the log configuration
> in a less dynamic nature. That is, it would be nice to _explicitly_ specify
> the set of replicas in the configuration and disallow other replicas from
> participating as this is clearly not safe! For example, one could specify a
> cluster size of 5, but nothing prevents 7 masters from joining the zk group.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
