Review fixes

Author: Lanayx

src/Pulsar.Client/Api/AutoClusterFailover.fs

@@ -23,13 +23,13 @@ type internal AutoClusterMode =
 
 type internal AutoClusterState = {
     Mode: AutoClusterMode
-    FailedTimestamp: DateTime option
-    RecoveredTimestamp: DateTime option
+    PrimaryFailedTimestamp: DateTime option
+    PrimaryRecoveredTimestamp: DateTime option
 }
 
 [<RequireQualifiedAccess>]
 type internal AutoClusterDecision =
-    | Noop
+    | NoAction
     | SwitchToSecondary of index: int
     | SwitchToPrimary
 
@@ -44,74 +44,56 @@ module internal AutoClusterFailoverLogic =
 
     let initialState = {
         Mode = AutoClusterMode.Primary
-        FailedTimestamp = None
-        RecoveredTimestamp = None
+        PrimaryFailedTimestamp = None
+        PrimaryRecoveredTimestamp = None
     }
 
-    /// Determines whether secondary endpoints need to be probed this tick.
-    /// This avoids unnecessary network calls when the primary is healthy or the
-    /// failover delay hasn't elapsed yet.
-    let shouldProbeSecondaries
-        (now: DateTime)
-        (config: AutoClusterConfig)
-        (primaryAvailable: bool)
-        (state: AutoClusterState)
-        : bool =
-        match state.Mode with
-        | AutoClusterMode.Primary ->
-            not primaryAvailable &&
-            match state.FailedTimestamp with
-            | Some ts -> now - ts >= config.FailoverDelay
-            | None -> false
-        | AutoClusterMode.Secondary _ ->
-            false
-
     /// Single pure state transition covering both primary and secondary modes.
     /// - primaryAvailable: result of probing the primary endpoint.
-    /// - availableSecondaryIndex: index of the first available secondary
+    /// - findFirstAvailableSecondary: get index of the first available secondary
     ///   (None means no secondary was probed or none was available).
     let step
         (now: DateTime)
         (config: AutoClusterConfig)
         (primaryAvailable: bool)
-        (availableSecondaryIndex: int option)
-        (state: AutoClusterState)
-        : AutoClusterState * AutoClusterDecision =
-
-        match state.Mode with
-        | AutoClusterMode.Primary ->
-            if primaryAvailable then
-                { state with FailedTimestamp = None }, AutoClusterDecision.Noop
-            else
-                match state.FailedTimestamp with
+        (findFirstAvailableSecondary: unit -> Task<int option>)
+        (state: AutoClusterState) =
+        backgroundTask {            
+            match state.Mode, primaryAvailable with
+            | AutoClusterMode.Primary, true ->
+                return { state with PrimaryFailedTimestamp = None }, AutoClusterDecision.NoAction
+            | AutoClusterMode.Primary, false ->
+                match state.PrimaryFailedTimestamp with
                 | None ->
-                    { state with FailedTimestamp = Some now }, AutoClusterDecision.Noop
+                    return { state with PrimaryFailedTimestamp = Some now }, AutoClusterDecision.NoAction
                 | Some ts when now - ts >= config.FailoverDelay ->
-                    match availableSecondaryIndex with
+                    match! findFirstAvailableSecondary() with
                     | Some idx ->
-                        { Mode = AutoClusterMode.Secondary idx
-                          FailedTimestamp = None
-                          RecoveredTimestamp = None },
-                        AutoClusterDecision.SwitchToSecondary idx
+                        return {
+                            Mode = AutoClusterMode.Secondary idx
+                            PrimaryFailedTimestamp = None
+                            PrimaryRecoveredTimestamp = None
+                        }, AutoClusterDecision.SwitchToSecondary idx
                     | None ->
-                        state, AutoClusterDecision.Noop
+                        Log.Logger.LogWarning("Secondary cluster is not available yet after failover delay")
+                        return state, AutoClusterDecision.NoAction
                 | _ ->
-                    state, AutoClusterDecision.Noop
-
-        | AutoClusterMode.Secondary _ ->
-            if primaryAvailable then
-                match state.RecoveredTimestamp with
+                    return state, AutoClusterDecision.NoAction
+            | AutoClusterMode.Secondary _, true ->
+                match state.PrimaryRecoveredTimestamp with
                 | None ->
-                    { state with RecoveredTimestamp = Some now }, AutoClusterDecision.Noop
+                    return { state with PrimaryRecoveredTimestamp = Some now }, AutoClusterDecision.NoAction
                 | Some ts when now - ts >= config.SwitchBackDelay ->
-                    { Mode = AutoClusterMode.Primary
-                      FailedTimestamp = None
-                      RecoveredTimestamp = None },
-                    AutoClusterDecision.SwitchToPrimary
+                    return {
+                        Mode = AutoClusterMode.Primary
+                        PrimaryFailedTimestamp = None
+                        PrimaryRecoveredTimestamp = None
+                    }, AutoClusterDecision.SwitchToPrimary
                 | _ ->
-                    state, AutoClusterDecision.Noop
-            else
-                { state with RecoveredTimestamp = None }, AutoClusterDecision.Noop
+                    return state, AutoClusterDecision.NoAction
+            | AutoClusterMode.Secondary _, false ->
+                return { state with PrimaryRecoveredTimestamp = None }, AutoClusterDecision.NoAction
+        }
 
 // Orchestrator
 
@@ -172,25 +154,19 @@ type AutoClusterFailover
                 match context with
                 | Some ctx -> do! ctx.UpdateServiceInfo(primary)
                 | None -> ()
-            | AutoClusterDecision.Noop -> ()
+            | AutoClusterDecision.NoAction -> ()
         }
 
     let tick () =
         backgroundTask {
             try
                 let! primaryAvailable = probeAvailable primaryServiceInfo.EndPointResolver
                 let now = getCurrentTime()
-                let! availableSecondaryIndex =
-                    if AutoClusterFailoverLogic.shouldProbeSecondaries now config primaryAvailable state then
-                        findFirstAvailableSecondary()
-                    else
-                        Task.FromResult(None)
-                let newState, decision =
-                    AutoClusterFailoverLogic.step now config primaryAvailable availableSecondaryIndex state
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step now config primaryAvailable findFirstAvailableSecondary state
                 state <- newState
                 do! applyDecision decision
-            with
-            | Flatten ex ->
+            with Flatten ex ->
                 Log.Logger.LogError(ex, "Error checking cluster")
         }
 
@@ -219,7 +195,7 @@ type AutoClusterFailover
                     use cts = new CancellationTokenSource(30_000)
                     do! client.ConnectAsync(endpoint.Host, endpoint.Port, cts.Token)
                     return true
-                with ex ->
+                with Flatten ex ->
                     Log.Logger.LogWarning(ex, "Failed to probe available, url: {0}", endpoint)
                     return false
             }

tests/UnitTests/Api/AutoClusterFailoverTests.fs

@@ -18,150 +18,118 @@ module AutoClusterFailoverTests =
         SwitchBackDelay = TimeSpan.FromSeconds(60.0)
         SecondaryCount = 2
     }
+    let noSecondaryAvailable = fun () -> Task.FromResult(None)
+    let secondaryAvailable index = fun () -> Task.FromResult(Some index)
 
     // ---- Pure state-machine tests ----
 
     [<Tests>]
-    let pureTests =
+    let stepTests =
 
         testList "AutoClusterFailoverLogic" [
 
-            // -- shouldProbeSecondaries --
-
-            test "shouldProbeSecondaries: false when primary is available" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
-                AutoClusterFailoverLogic.shouldProbeSecondaries t0 config true state
-                |> Expect.isFalse "should not probe when primary is up"
-            }
-
-            test "shouldProbeSecondaries: false when no failedTimestamp yet" {
-                let state = AutoClusterFailoverLogic.initialState
-                AutoClusterFailoverLogic.shouldProbeSecondaries t0 config false state
-                |> Expect.isFalse "should not probe before first failure recorded"
-            }
-
-            test "shouldProbeSecondaries: false when within failover delay" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
-                let now = t0 + TimeSpan.FromSeconds(29.0)
-                AutoClusterFailoverLogic.shouldProbeSecondaries now config false state
-                |> Expect.isFalse "should not probe before delay elapsed"
-            }
-
-            test "shouldProbeSecondaries: true when primary down and delay elapsed" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
-                let now = t0 + TimeSpan.FromSeconds(30.0)
-                AutoClusterFailoverLogic.shouldProbeSecondaries now config false state
-                |> Expect.isTrue "should probe after delay elapsed"
-            }
-
-            test "shouldProbeSecondaries: false when on secondary" {
-                let state = { AutoClusterFailoverLogic.initialState with Mode = AutoClusterMode.Secondary 0 }
-                AutoClusterFailoverLogic.shouldProbeSecondaries t0 config false state
-                |> Expect.isFalse "should not probe secondaries when already on secondary"
-            }
-
             // -- step: on primary --
 
-            test "step: primary available clears failedTimestamp" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
-                let newState, decision =
-                    AutoClusterFailoverLogic.step t0 config true None state
-                newState.FailedTimestamp |> Expect.isNone "FailedTimestamp should be cleared"
-                decision |> Expect.equal "should be Noop" AutoClusterDecision.Noop
+            testTask "step: primary available clears failedTimestamp" {
+                let state = { AutoClusterFailoverLogic.initialState with PrimaryFailedTimestamp = Some t0 }
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step t0 config true noSecondaryAvailable state
+                newState.PrimaryFailedTimestamp |> Expect.isNone "FailedTimestamp should be cleared"
+                decision |> Expect.equal "should be Noop" AutoClusterDecision.NoAction
             }
 
-            test "step: primary unavailable records failedTimestamp on first failure" {
+            testTask "step: primary unavailable records failedTimestamp on first failure" {
                 let state = AutoClusterFailoverLogic.initialState
-                let newState, decision =
-                    AutoClusterFailoverLogic.step t0 config false None state
-                newState.FailedTimestamp |> Expect.equal "should record timestamp" (Some t0)
-                decision |> Expect.equal "should be Noop" AutoClusterDecision.Noop
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step t0 config false noSecondaryAvailable state
+                newState.PrimaryFailedTimestamp |> Expect.equal "should record timestamp" (Some t0)
+                decision |> Expect.equal "should be Noop" AutoClusterDecision.NoAction
             }
 
-            test "step: does not switch before failover delay elapses" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
+            testTask "step: does not switch before failover delay elapses" {
+                let state = { AutoClusterFailoverLogic.initialState with PrimaryFailedTimestamp = Some t0 }
                 let now = t0 + TimeSpan.FromSeconds(29.0)
-                let newState, decision =
-                    AutoClusterFailoverLogic.step now config false (Some 0) state
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step now config false (secondaryAvailable 0) state
                 newState.Mode |> Expect.equal "should stay Primary" AutoClusterMode.Primary
-                decision |> Expect.equal "should be Noop" AutoClusterDecision.Noop
+                decision |> Expect.equal "should be Noop" AutoClusterDecision.NoAction
             }
 
-            test "step: switches to secondary after failover delay" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
+            testTask "step: switches to secondary after failover delay" {
+                let state = { AutoClusterFailoverLogic.initialState with PrimaryFailedTimestamp = Some t0 }
                 let now = t0 + TimeSpan.FromSeconds(30.0)
-                let newState, decision =
-                    AutoClusterFailoverLogic.step now config false (Some 1) state
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step now config false (secondaryAvailable 1) state
                 newState.Mode |> Expect.equal "should switch to Secondary 1" (AutoClusterMode.Secondary 1)
-                newState.FailedTimestamp |> Expect.isNone "FailedTimestamp should be cleared"
+                newState.PrimaryFailedTimestamp |> Expect.isNone "FailedTimestamp should be cleared"
                 decision |> Expect.equal "should switch" (AutoClusterDecision.SwitchToSecondary 1)
             }
 
-            test "step: no available secondary keeps state unchanged" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
+            testTask "step: no available secondary keeps state unchanged" {
+                let state = { AutoClusterFailoverLogic.initialState with PrimaryFailedTimestamp = Some t0 }
                 let now = t0 + TimeSpan.FromSeconds(30.0)
-                let newState, decision =
-                    AutoClusterFailoverLogic.step now config false None state
-                newState.FailedTimestamp |> Expect.equal "should keep timestamp" (Some t0)
-                decision |> Expect.equal "should be Noop" AutoClusterDecision.Noop
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step now config false noSecondaryAvailable state
+                newState.PrimaryFailedTimestamp |> Expect.equal "should keep timestamp" (Some t0)
+                decision |> Expect.equal "should be Noop" AutoClusterDecision.NoAction
             }
 
-            test "step: primary becomes available resets failedTimestamp" {
-                let state = { AutoClusterFailoverLogic.initialState with FailedTimestamp = Some t0 }
+            testTask "step: primary becomes available resets failedTimestamp" {
+                let state = { AutoClusterFailoverLogic.initialState with PrimaryFailedTimestamp = Some t0 }
                 let now = t0 + TimeSpan.FromSeconds(10.0)
-                let newState, _ =
-                    AutoClusterFailoverLogic.step now config true None state
-                newState.FailedTimestamp |> Expect.isNone "FailedTimestamp should be cleared"
+                let! newState, _ =
+                    AutoClusterFailoverLogic.step now config true noSecondaryAvailable state
+                newState.PrimaryFailedTimestamp |> Expect.isNone "FailedTimestamp should be cleared"
             }
 
             // -- step: on secondary --
 
-            test "step: on secondary, primary available records recoveredTimestamp" {
+            testTask "step: on secondary, primary available records recoveredTimestamp" {
                 let state = { AutoClusterFailoverLogic.initialState with Mode = AutoClusterMode.Secondary 0 }
-                let newState, decision =
-                    AutoClusterFailoverLogic.step t0 config true None state
-                newState.RecoveredTimestamp |> Expect.equal "should record timestamp" (Some t0)
-                decision |> Expect.equal "should be Noop" AutoClusterDecision.Noop
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step t0 config true noSecondaryAvailable state
+                newState.PrimaryRecoveredTimestamp |> Expect.equal "should record timestamp" (Some t0)
+                decision |> Expect.equal "should be Noop" AutoClusterDecision.NoAction
             }
 
-            test "step: on secondary, does not switch back before switchBackDelay" {
+            testTask "step: on secondary, does not switch back before switchBackDelay" {
                 let state = {
                     Mode = AutoClusterMode.Secondary 0
-                    FailedTimestamp = None
-                    RecoveredTimestamp = Some t0
+                    PrimaryFailedTimestamp = None
+                    PrimaryRecoveredTimestamp = Some t0
                 }
                 let now = t0 + TimeSpan.FromSeconds(59.0)
-                let newState, decision =
-                    AutoClusterFailoverLogic.step now config true None state
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step now config true noSecondaryAvailable state
                 newState.Mode |> Expect.equal "should stay Secondary" (AutoClusterMode.Secondary 0)
-                decision |> Expect.equal "should be Noop" AutoClusterDecision.Noop
+                decision |> Expect.equal "should be Noop" AutoClusterDecision.NoAction
             }
 
-            test "step: on secondary, switches back to primary after switchBackDelay" {
+            testTask "step: on secondary, switches back to primary after switchBackDelay" {
                 let state = {
                     Mode = AutoClusterMode.Secondary 0
-                    FailedTimestamp = None
-                    RecoveredTimestamp = Some t0
+                    PrimaryFailedTimestamp = None
+                    PrimaryRecoveredTimestamp = Some t0
                 }
                 let now = t0 + TimeSpan.FromSeconds(60.0)
-                let newState, decision =
-                    AutoClusterFailoverLogic.step now config true None state
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step now config true noSecondaryAvailable state
                 newState.Mode |> Expect.equal "should be Primary" AutoClusterMode.Primary
-                newState.RecoveredTimestamp |> Expect.isNone "RecoveredTimestamp should be cleared"
+                newState.PrimaryRecoveredTimestamp |> Expect.isNone "RecoveredTimestamp should be cleared"
                 decision |> Expect.equal "should switch back" AutoClusterDecision.SwitchToPrimary
             }
 
-            test "step: on secondary, primary goes down again clears recoveredTimestamp" {
+            testTask "step: on secondary, primary goes down again clears recoveredTimestamp" {
                 let state = {
                     Mode = AutoClusterMode.Secondary 0
-                    FailedTimestamp = None
-                    RecoveredTimestamp = Some t0
+                    PrimaryFailedTimestamp = None
+                    PrimaryRecoveredTimestamp = Some t0
                 }
                 let now = t0 + TimeSpan.FromSeconds(10.0)
-                let newState, decision =
-                    AutoClusterFailoverLogic.step now config false None state
-                newState.RecoveredTimestamp |> Expect.isNone "RecoveredTimestamp should be cleared"
-                decision |> Expect.equal "should be Noop" AutoClusterDecision.Noop
+                let! newState, decision =
+                    AutoClusterFailoverLogic.step now config false noSecondaryAvailable state
+                newState.PrimaryRecoveredTimestamp |> Expect.isNone "RecoveredTimestamp should be cleared"
+                decision |> Expect.equal "should be Noop" AutoClusterDecision.NoAction
             }
         ]