Gallardot commented on PR #1803: URL: https://github.com/apache/apisix-ingress-controller/pull/1803#issuecomment-1697188039
> In a high availability architecture, a simple hang is meaningless for non-leader nodes, they still need to watch k8s resources continue to work, and are not allowed to hold write permissions until they become elected (write k8s resources, write apisix) Great design, providing a clearer control plane and data plane architecture. However, I have a few questions: 1. Does the current architecture support high availability ? 2. Can a non-leader APISIX ingress controller be used as a viable ETCD server? How does APISIX avoid connecting to an unavailable ETCD server? 3. Some extreme edge cases may not be handled, such as when an APISIX ingress controller restarts before K8S CR resources such as `APISIXRoute` are synchronized to the corresponding ETCD server. Will the ETCD server come online prematurely and provide service? APISIX may obtain empty router data at this time, leading to failure. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
