FrankChen021 commented on code in PR #19413:
URL: https://github.com/apache/druid/pull/19413#discussion_r3201245255
##########
services/src/main/java/org/apache/druid/server/router/TieredBrokerHostSelector.java:
##########
@@ -266,7 +284,26 @@ private Pair<String, Server> getServerPair(String
brokerServiceName)
nodesHolder = servers.get(tierConfig.getDefaultBrokerServiceName());
}
- return new Pair<>(brokerServiceName, nodesHolder.pick());
+ Server picked = nodesHolder.pick();
Review Comment:
[P2] Deployment-group filtering can be bypassed by router backup routing
When the filter removes all brokers for a service, this returns a Pair with
a null server, but `QueryHostFinder.findServerInner` then falls back to
`serverBackup` for the same/default service. After an acceptable broker has
been cached and later re-announces with a non-matching `deploymentGroup`, or is
removed while the same host remains reachable, queries can still be routed to
that cached broker despite the configured `acceptableDeploymentGroups`. This
breaks the intended fail-closed red/black isolation; the filtered/no-match case
should avoid backup fallback or validate/clear backup entries against the
deployment-group filter.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
