Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rabbit_feature_flags: Introduce hard vs. soft required feature flags #12466

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

dumbbell
Copy link
Member

@dumbbell dumbbell commented Oct 7, 2024

Why

Before this patch, required feature flags were basically checked during boot: they must have been enabled when they were mere stable feature flags. If they were not, the node refused to boot.

This was easy for the developer because making a feature flag required allowed to remove the entire compatibility code. Very satisfying.

Unfortunately, this was a pain point to end users, especially those who did not pay attention to RabbitMQ and the release notes and were just asking their package manager to update everything. They could end up with a node that refuse to boot. The only solution was to downgrade, enable the disabled stabte feature flags, upgrade again.

How

This patch introduces two levels of requirement to required feature flags:

  • hard: this corresponds to the existing behavior where a node will refuse to boot if a hard required feature flag is not enabled before the upgrade.
  • soft: such a required feature flag will be automatically enabled during the upgrade to a version where it is marked as required.

The level of requirement is set in the feature flag definition:

-rabbit_feature_flag(
   {my_feature_flag,
    #{stability     => required,
      require_level => hard
     }}).

The default requirement level is soft. All existing required feature flags have now a requirement level of hard.

The handling of soft required feature flag is done when the cluster feature flags states are verified and synchronized. If a required feature flag is not enabled yet, it is enabled at that time.

This means that as developers, we will have to keep compatibility code forever for every soft required feature flag, like the feature flag definition itself.

@dumbbell dumbbell self-assigned this Oct 7, 2024
@dumbbell dumbbell force-pushed the enable-required-feature-flags-during-sync branch 3 times, most recently from 558e99e to 2acffca Compare October 15, 2024 15:11
@dumbbell dumbbell force-pushed the enable-required-feature-flags-during-sync branch 4 times, most recently from 92379b4 to cd88a14 Compare October 16, 2024 16:32
@dumbbell dumbbell force-pushed the enable-required-feature-flags-during-sync branch from cd88a14 to 18729d3 Compare October 28, 2024 09:41
@dumbbell dumbbell marked this pull request as ready for review October 29, 2024 08:36
@dumbbell dumbbell force-pushed the enable-required-feature-flags-during-sync branch from 18729d3 to eef3862 Compare October 29, 2024 11:21
@dumbbell dumbbell marked this pull request as draft October 29, 2024 12:39
@dumbbell dumbbell force-pushed the enable-required-feature-flags-during-sync branch 2 times, most recently from 6fb7c50 to 28d511b Compare October 29, 2024 16:29
@dumbbell dumbbell changed the title rabbit_feature_flags: Enable required feature flags during sync rabbit_feature_flags: Introduce hard vs. soft required feature flags Oct 29, 2024
@dumbbell dumbbell force-pushed the enable-required-feature-flags-during-sync branch from 28d511b to b29fb1f Compare October 29, 2024 16:39
@dumbbell
Copy link
Member Author

The hard requirement level is mostly introduced to support existing required feature flags. I expect all future required feature flags will be soft (which is the default).

[Why]
Before this patch, required feature flags were basically checked during
boot: they must have been enabled when they were mere stable feature
flags. If they were not, the node refused to boot.

This was easy for the developer because making a feature flag required
allowed to remove the entire compatibility code. Very satisfying.

Unfortunately, this was a pain point to end users, especially those who
did not pay attention to RabbitMQ and the release notes and were just
asking their package manager to update everything. They could end up
with a node that refuse to boot. The only solution was to downgrade,
enable the disabled stable feature flags, upgrade again.

[How]
This patch introduces two levels of requirement to required feature
flags:
* `hard`: this corresponds to the existing behavior where a node will
  refuse to boot if a hard required feature flag is not enabled before
  the upgrade.
* `soft`: such a required feature flag will be automatically enabled
  during the upgrade to a version where it is marked as required.

The level of requirement is set in the feature flag definition:

    -rabbit_feature_flag(
       {my_feature_flag,
        #{stability     => required,
	  require_level => hard
         }}).

The default requirement level is `soft`. All existing required feature
flags have now a requirement level of `hard`.

The handling of soft required feature flag is done when the cluster
feature flags states are verified and synchronized. If a required
feature flag is not enabled yet, it is enabled at that time.

This means that as developers, we will have to keep compatibility code
forever for every soft required feature flag, like the feature flag
definition itself.
[Why]
`failed_to_initialize_feature_flags_registry` was a little too vague.
@dumbbell dumbbell force-pushed the enable-required-feature-flags-during-sync branch from b29fb1f to de1d076 Compare October 29, 2024 16:53
@michaelklishin michaelklishin added this to the 4.1.0 milestone Oct 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Development

Successfully merging this pull request may close these issues.

2 participants