Uploaded image for project: 'James Server'
  1. James Server
  2. JAMES-3960

Hints to ensure UID/ModSeq consistency in case of disaster

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • None
    • cassandra, mailbox
    • None

    Description

      Why?

      Given James runs on data-center-1
      AND connects in LOCAL_QUORUM and LOCAL_SERIAL to a 3 node cassandra cluster in data-center-1
      AND cassandra live replicate itself to a backup DC in data-center-2
      WHEN a disaster render data-center-1 unusable
      THEN I want to connect James to data-center-2
      

      Doing so can be done by flipping local.dc in cassandra.properties

      But uid/modseq monoticity can not be guarantied in the switch as dc2 is out of the quorum. This may result in email loss/failure to synchronise a given mail thus preventing a user to see it.

      We are looking for an heuristic to prevent such inconsistencies

      How?

      Upon the switch add a defensive amount to all uids and modseq. This will prevent double allocation.

      This can easdily be conffigured in cassandra.properties: uid.modseq.increment: an integer defaulting to 0 added to each uid / modseq

      Definition of done

      Unit tests showing that the configuration is well applied.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              btellier Benoit Tellier
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m