Conversation
Documents three new admin endpoints under /_cluster_compat_version: GET returns the cluster-wide version, per-node versions, and the frozen value if set; POST /freeze pins the version to the current value to preserve rollback capability across upgrades; POST /unfreeze clears the freeze. Adds ClusterCompatVersionState response schema and RegistryFreeze record on GatewayRegistry. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds an admin-controlled freeze for the cluster compatibility version, allowing an operator to pin the reported version to its current value across rolling upgrades and preserve the option to roll back a node. Storage: GatewayRegistry gains a Frozen *RegistryFreeze field stored per bucket; the cluster-wide freeze is the aggregate (any bucket frozen means the cluster is held back). New CAS-safe SetRegistryFreeze and ClearRegistryFreeze methods on bootstrapContext mirror the existing node-registration helpers. Manager: clusterCompatManager tracks the auto-computed live-node minimum and the aggregate freeze separately. ClusterCompatVersion() reports the frozen value when set, otherwise the auto minimum. Refresh and RegisterBucket pick up the freeze record from each tracked registry. Freeze fans out to all tracked buckets and is success-on-any (safe direction); Unfreeze is success-on-all and returns the residual freeze on partial failure. REST: three new admin endpoints under /_cluster_compat_version (GET, POST /freeze, POST /unfreeze), DevOps-permission gated. Unfreeze returns the current state in a 503 body when partially applied. Three new audit events cover the read and state-changing operations. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- Align GatewayRegistry's Frozen JSON tag with the OpenAPI spec (frozen_cluster_compat_version). - Audit unfreeze attempts unconditionally so partial failures still produce an audit trail. - Verify each REST endpoint emits its audit event in the round-trip test by wiring it through the EE audit-logging test harness. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
CBG-5220
Add ability to freeze current cluster compatibility version to "pin" a cluster to a given version and avoid rolling CCV forwards.
Allows for supported downgrades/rollbacks even if all nodes in the cluster have been upgraded but are pinned behind the frozen version.
REST API changes:
GET /_cluster_compat_versionreturns the cluster-wide version, per-node versions, and the frozen value if set.POST /_cluster_compat_version/freezepins the version to the current value to preserve rollback capability across upgrades.POST /_cluster_compat_version/unfreezeclears the frozen version.Dependencies (if applicable)
Integration Tests