This project will introduce a mechanism which will allow the C2C replicator daemon to put a cluster into an operational mode where only the daemon is capable of issuing writes.

Summary

A mechanism in the server access control system to block user writes on the source/destination cluster to be used by the C2C replicator

• Must provide a way to not block replicator writes
• Must work for both replica sets and sharded clusters

Motivation

Both Migration and Disaster Recovery use cases for C2C are required to satisfy a customer contract with Amadeus. As part of the contract, we have the following two requirements:
1) Any write attempt on the destination cluster will be forbidden and blocked while a replication from source to destination cluster is on-going.
2) Once the switch is initiated, write operations against the former source cluster will be rejected.
In order to satisfy our contractual obligations for 1), we will have to block user writes (i.e. CRUD and DDL operations) on the destination during C2C replication while allowing the replicators to replicate. Committing a migration or switching over to the destination cluster results in a cutover period where the source will drain user writes. This allows the destination to catch up before it is used as the primary cluster and starts accepting writes. And so for 2), once the user initiates a switch, we must provide a way to put the source cluster into a mode where it would reject all user writes. Both requirements 1) and 2) have to work on replica sets as well as sharded clusters. So we need this project to enable the source/destination cluster to block user writes.

Cast of Characters

• Product Owner: Fuat Ertunc
• Project Lead:
• Program Manager: Elizabeth Roytburd
• Drivers Contact:

Documentation

Product Description
Scope Document
Technical Design Document