Enforce read-only mode per repository (!2405) · Merge requests · GitLab.org / gitaly

Sami Hiltunen requested to merge smh-repository-generations-read-only into master Jul 21, 2020

Repositories are switched in to read-only mode after failovers in order to prevent new writes from conflicting with unreplicated writes on the previous primary.

Currently read-only mode is enabled after every failover for every repository on the virtual storage experiencing the failover. This puts also repositories which were fully replicated in to read-only mode. Read-only mode being enforced virtual storage wide forces the administrator to solve every data loss case before enabling writes to the virtual storage again. These points cause the read-only mode to be unnecessarily widely applied.

This commmit bases the read-only protection on repository generations. If the primary is not on the latest generation, the repository is considered to be in read-only mode. This effectively puts repositories without the latest changes in to read-only mode after a failover.

An administrator can solve the read-only mode by reconciling the latest changes to the new primary node.

Closes #2862 (closed), #2783 (closed)

Enforce read-only mode per repository

Merge request reports