Remove active sequencer nodetype #2254
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Why this change is needed
We have some annoying scenarios with the sequencer failover that are going to make thing fragile in the short term unless we address them.
It is problematic that the enclaves persist if they are active or not. It means if we failover then we have two active enclaves and the first one needs to be destroyed. This is not ideal while we are running with the current setup of host + 2xenclaves in a VM, the old turn it off and on again trick would no longer be available to us.
So I propose that enclaves do not persist that they are active. By the time a healthy one has restarted it would be treated as dead by the HA pool anyway so the persistence is never going to be useful. We could eventually do a check against mgmt contract or historical data that the sequencer ID has never published before before allowing to become active if that was the concern.
Eventually enclaves will be discarded/permanently excluded once they go down. The host will be able to start managing new enclaves dynamically without requiring initial config for them or a restart. But even in that end-state it doesn't help for the enclaves to persist that they were active I don't think.
What changes were made as part of this PR
Remove active/backup persisted node type separation. Introduce boolean for when the enclave is active.
PR checks pre-merging
Please indicate below by ticking the checkbox that you have read and performed the required
PR checks