Skip to content

[automatic-failover] Integrate health checks with probing policies and retry logic (CAE-1685) #3541

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ggivo merged 34 commits into from
Dec 5, 2025
Merged

[automatic-failover] Integrate health checks with probing policies and retry logic (CAE-1685) #3541

ggivo merged 34 commits into from
Dec 5, 2025

Conversation

@ggivo
Copy link
Contributor

@ggivo ggivo commented Dec 1, 2025
edited
Loading

[automatic-failover] Integrate health checks with probing policies and retry logic

Summary

This PR integrates health check functionality into the automatic failover feature, providing endpoint health monitoring with configurable probing policies and retry logic. The implementation is ported from Jedis and adapted to Lettuce's architecture.

Key Features

Health Check System

  • HealthCheckImpl: Core implementation with periodic health status monitoring
  • HealthCheckStrategy: Configurable strategy interface for health check behavior
    • Interval, timeout, number of probes, delay between probes
    • Pluggable health check logic via doHealthCheck(RedisURI)
  • HealthStatusManager: Centralized management of health checks across multiple endpoints

Probing Policies

  • ANY_SUCCESS: Returns HEALTHY if any probe succeeds
  • ALL_SUCCESS: Returns HEALTHY only if all probes succeed
  • MAJORITY_SUCCESS: Returns HEALTHY if majority of probes succeed

Retry Logic

  • Configurable numProbes for multiple health check attempts
  • Configurable delay between probe retries
  • Thread-safe status updates with timestamp-based conflict resolution

MultiDbClient Integration

  • Health checks automatically created/started when databases are added
  • Health checks automatically stopped when databases are removed
  • Health checks stopped on connection close
  • Endpoints without health checks return HEALTHY by default

Implementation Details

Architecture:

  • Uses static ExecutorService (cached thread pool) for health check execution
  • Per-instance ScheduledExecutorService for periodic scheduling

Lifecycle Management:

  • Health checks start with UNKNOWN status
  • Transition to HEALTHY/UNHEALTHY after first check completes

Testing

Unit Tests

  • HealthCheckCollectionUnitTests - Collection management
  • HealthCheckImplUnitTests - Core functionality
  • HealthCheckImplRetryLogicUnitTests - Health Check Retry logic
  • HealthCheckImplProbingPolicyUnitTests - Probing policies
  • TestHealthCheckStrategy - Shared test helper, with controllable health statuses per endpoint

Integration Tests

  • HealthCheckIntegrationTest
    • Health check configuration and lifecycle
    • Failover triggering on unhealthy status
    • Circuit breaker coordination
    • Dynamic database add/remove
    • Health status transitions

Files Changed

Main Implementation:

  • src/main/java/io/lettuce/core/failover/health/ - Health check package (10 files)
  • src/main/java/io/lettuce/core/failover/MultiDbClientImpl.java - Integration
  • src/main/java/io/lettuce/core/failover/StatefulRedisMultiDbConnectionImpl.java - Connection lifecycle

Tests:

  • src/test/java/io/lettuce/core/failover/health/
  • src/test/java/io/lettuce/core/failover/HealthCheckIntegrationTest.java - Integration tests

Related Issues

  • CAE-1685: Integrate health checks and probing

Breaking Changes

None - This is a new feature addition.

Follow-up Items for Discussion

  1. Static ExecutorService vs EventExecutorGroup

    • Current: Uses static ExecutorService (unbounded cached thread pool) for health check execution
    • Consideration: Migrate to EventExecutorGroup from ClientResources for better lifecycle management and bounded thread pool
    • Trade-offs: Health checks use blocking future.get() which requires dedicated threads; EventExecutorGroup is shared across components
    • Decision needed: Keep per-instance scheduler + shared worker pool, or refactor to fully async pattern

  2. StatusTracker.waitForHealthStatus() Blocking Behavior

    • Current: Synchronous blocking wait for health status
    • Issue: Blocks calling thread until health status reaches desired state or timeout
    • Future work: Revisit once connectAsync() is introduced to provide non-blocking alternative
    • Potential solution: Add CompletableFuture<HealthStatus> awaitHealthStatus() method

  3. HealthCheckImpl.stop() Blocking Shutdown

    • Current: Synchronous shutdown with scheduler.awaitTermination()
    • Issue: Blocks calling thread during graceful shutdown (up to 1 second)
    • Future work: Provide CompletableFuture<Void> closeAsync() for non-blocking shutdown
    • Alignment: Should align with Lettuce's async shutdown patterns when available

ggivo added 28 commits November 26, 2025 15:31
@ggivo
initial port Jedis health monitoring
250e8d6
@ggivo
wip integrate healthchecks
eb3c5f1
@ggivo
formating
49bafa2
@ggivo
formating
4805536
@ggivo
add test case plan
89fbe0c
@ggivo
Endpoints without health checks configured should return HEALTHY
0d090f3 
Changes
 - add connection.getHealthStatus(RedisUri endpoint)
 - HEALTHY - returned for Databases without health checks configured
 - add test
@ggivo
Create MultiDbClient with custom health check strategy supplier
608670f 
Changes
 - add test to ensure health status changes from custom health checks are reflected
@ggivo
Create MultiDbClient with custom health check strategy supplier
ae281d4 
Changes
 - add test to ensure health status changes from custom health checks are reflected
@ggivo
faster await timeout
0ea9ecb
@ggivo
add test - use different health check strategies for different endpoints
feeec0e
@ggivo
wait for initial healthy database
d735f03
@ggivo
add test - configure health check interval and timeout
10cfdc1
@ggivo
add test - trigger failover when health check detects unhealthy endpoint
f9a349d
@ggivo
add test - should not failover to unhealthy endpoints
69f1f8a
@ggivo
add test - Should trigger failover via circuit breaker even when heal…
855c354 
…th check returns HEALTHY
@ggivo
reduce await poll interval in HealthCheckIntegrationTest
715636b
@ggivo
mark un-implemented tests are disabled
0ed095b
@ggivo
add test - Should transition from UNKNOWN to HEALTHY
c534f2c
@ggivo
add test - Should create health check when adding new database
e2ebd17
@ggivo
fix - Should stop health check when removing database
db3923d
@ggivo
add test - Should stop health check when removing database
1034dd7
@ggivo
add test - HealthCheckLifecycleTests
73947c7 
  - Should start health checks automatically when connection is created
  - Should stop health checks when connection is closed
@ggivo
fix HealthCheck not stopped on StatefulRedisMultiDbConnection.close()
9728ab9
@ggivo
remove HealthStatusListenerTests stubs, health check events, not expo…
9578bfe 
…sed publicly
@ggivo
format
eaa1c33
@ggivo
add health checks unit test
d6e4cda
@ggivo
clean up
c7a61b5 
   - rename health check thread names to lettuce-*
   - clean up warnings
   - format
   - javadocs & autor updated
@ggivo
address failing tests
33708db 
  - Update  StatefulMultiDbConnectionIntegrationTests to account for added additional test server in MultiDbTestSupport
  - Junit4  @after replaced with JUnit5
@ggivo ggivo changed the base branch from main to feature/automatic-failover-1 December 1, 2025 11:22
@ggivo
address failing tests
36f7619 
  - Update  StatefulMultiDbConnectionIntegrationTests to account for added additional test server in MultiDbTestSupport
  - Junit4  @after replaced with JUnit5
@ggivo ggivo requested review from atakavci and tishun and removed request for atakavci December 1, 2025 11:52
@ggivo ggivo marked this pull request as ready for review December 1, 2025 11:53
@ggivo ggivo requested review from a-TODO-rov and atakavci December 2, 2025 08:31
atakavci
atakavci reviewed Dec 3, 2025
View reviewed changes
Copy link
Collaborator

@atakavci atakavci left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some of them are nothing more than questions.
one to take more seriously is the order with registering listeners.
i ll try go another round with clear mind.

@ggivo ggivo mentioned this pull request Dec 5, 2025
Open
@ggivo ggivo requested a review from atakavci December 5, 2025 09:29
atakavci
atakavci approved these changes Dec 5, 2025
View reviewed changes
Copy link
Collaborator

@atakavci atakavci left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ggivo ggivo merged commit be6a0d1 into feature/automatic-failover-1 Dec 5, 2025
13 of 14 checks passed
@ggivo ggivo deleted the topic/failover/CAE-1685-integrate-healthchecks-and-probing branch December 5, 2025 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@atakavci atakavci atakavci approved these changes

@tishun tishun Awaiting requested review from tishun

@a-TODO-rov a-TODO-rov Awaiting requested review from a-TODO-rov

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ggivo @atakavci