docs(health): resolve spec/contract/gaps consistency (review fixes)
Applies canonical resolutions for eight settled decisions: - GAPS: remove three stale "Decisions still open" bullets (#1 IActiveNodeGate placement, #2 GrpcChannel type, #3 OtOpcUaCompat named constant) - Shared contract: AkkaClusterHealthCheck, ActiveNodeHealthCheck constructors take IServiceProvider (lazy ActorSystem, Degraded-when-not-ready) - Shared contract: AkkaActiveNodeGate takes IServiceProvider; reads SelfMember+leader directly, null-guarded; does not proxy ActiveNodeHealthCheck - Shared contract: DatabaseHealthCheckOptions.Probe renamed to ProbeQuery; consumer matrix updated - Shared contract: settled AddZbHealthChecks open question removed (spec §5 is per-project AddHealthChecks) - SPEC §2.2: OtOpcUaCompat Leaving/Exiting cell updated from — to Degraded + footnote; §2.3 startup-safety note added - README: status line corrected from "built and tested" to "scaffolded … implementation is follow-on (task #7)"; IActiveNodeGate "left per-project" bullet removed - OtOpcUa current-state: AddZbHealthChecks → AddHealthChecks().AddCheck<...>(); IClusterRoleInfo note reframed as accepted trade-off - ScadaBridge current-state: IActiveNodeGate bullet rewritten — interface moves to ZB.MOM.WW.Health on adoption, InboundApiEndpointFilter references shared interface
This commit is contained in:
Joseph Doherty
@@ -61,12 +61,22 @@ mapping is **configurable** through `AkkaClusterStatusPolicy`.
|
||||
| Preset | Origin | `Up` / `Joining` | `Leaving` / `Exiting` | Other (`WeaklyUp`, `Down`, `Removed`, `Unknown`) |
|
||||
|---|---|---|---|---|
|
||||
| `AkkaClusterStatusPolicy.Default` | ScadaBridge `AkkaClusterHealthCheck.cs` | Healthy | Degraded | Unhealthy |
|
||||
| `AkkaClusterStatusPolicy.OtOpcUaCompat` | OtOpcUa `AkkaClusterHealthCheck.cs` | Healthy (if self is `Up` among reachable members) | — | Degraded |
|
||||
| `AkkaClusterStatusPolicy.OtOpcUaCompat` | OtOpcUa `AkkaClusterHealthCheck.cs` | Healthy (if self is `Up` among reachable members) | Degraded[^1] | Degraded |
|
||||
|
||||
[^1]: In the `OtOpcUaCompat` member-scan approach, `Leaving`/`Exiting` statuses also map to
|
||||
Degraded because a member with those statuses will not appear with `Status == Up` in the reachable
|
||||
member set — the scan finds self without `Up`, so the result is Degraded.
|
||||
|
||||
The `Default` preset is the convergence target. `OtOpcUaCompat` is provided for backward
|
||||
compatibility during OtOpcUa's migration; it maps any non-`Up`-among-members state to Degraded
|
||||
rather than Unhealthy. Registered to the `ready` tag.
|
||||
|
||||
> **Note on error/exception cases:** in both modes, if the ActorSystem is not yet ready or cluster
|
||||
> state is inaccessible (e.g. during startup), the check returns Degraded (startup-safety rule).
|
||||
> The status cells in the table above describe the normal-operation path only; the "—" cells in the
|
||||
> `OtOpcUaCompat` column refer to states that collapse into Degraded via the member-scan result,
|
||||
> not to an explicit policy match.
|
||||
|
||||
### 2.3 Active / leader probe — `ActiveNodeHealthCheck`
|
||||
|
||||
Checks whether this node is the designated leader (active node). Accepts an optional Akka
|
||||
|
||||
Reference in New Issue
Block a user