fix(inbound-api): resolve InboundAPI-002,004,006,008 — disconnect vs timeout, body size limit, active-node gate; surface InboundAPI-007
This commit is contained in:
Joseph Doherty
@@ -0,0 +1,24 @@
|
||||
namespace ScadaLink.InboundAPI;
|
||||
|
||||
/// <summary>
|
||||
/// InboundAPI-008: abstraction the inbound API endpoint uses to determine whether
|
||||
/// this node is the active (cluster-leader) central node.
|
||||
///
|
||||
/// The design states the inbound API is "Central cluster only (active node)" and
|
||||
/// "fails over with it". A standby central node must not execute method scripts or
|
||||
/// <c>Route.To()</c> calls — that can race the active node or run against stale
|
||||
/// singleton state. <see cref="InboundApiEndpointFilter"/> consults this gate and
|
||||
/// returns HTTP 503 from a standby so Traefik/clients only reach the live node.
|
||||
///
|
||||
/// The implementation lives in the Host (it needs Akka cluster state); when no
|
||||
/// implementation is registered, the endpoint defaults to "allow" so non-clustered
|
||||
/// hosts and tests are unaffected.
|
||||
/// </summary>
|
||||
public interface IActiveNodeGate
|
||||
{
|
||||
/// <summary>
|
||||
/// <c>true</c> when this node is the active central node and may serve the
|
||||
/// inbound API; <c>false</c> on a standby node.
|
||||
/// </summary>
|
||||
bool IsActiveNode { get; }
|
||||
}
|
||||
Reference in New Issue
Block a user