Skip to content

Commit

Permalink
c/controller_backend: try to force-abort reconfiguration only on leaders
Browse files Browse the repository at this point in the history
Previously, when force-aborting a reconfiguration, we appended an
aborting configuration on all replicas. This can lead to log inconsistencies
as on followers the configuration will be duplicated (one from own append,
one replicated by the leader). Although these inconsistencies are
expected for force-abort, if the leader is alive, we can minimize the chance
of their appearance by waiting on followers for the aborting config to be
replicated from the leader.

Fixes redpanda-data#17847
  • Loading branch information
ztlpn committed Apr 23, 2024
1 parent 9e53406 commit 8e221d3
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions src/v/cluster/controller_backend.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1614,6 +1614,14 @@ controller_backend::force_abort_replica_set_update(
}
co_return errc::waiting_for_recovery;
} else {
auto leader_id = partition->get_leader_id();
if (leader_id && leader_id != _self) {
// The leader is alive and we are a follower. Wait for the leader to
// replicate the aborting configuration, but don't append it
// ourselves to minimize the chance of log inconsistency.
co_return errc::not_leader;
}

vlog(
clusterlog.debug,
"[{}] force-aborting reconfiguration",
Expand Down

0 comments on commit 8e221d3

Please sign in to comment.