-
Notifications
You must be signed in to change notification settings - Fork 470
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cosmos DB state store - does not support multi-master #701
Comments
ok, after digging into this myself a bit, unfortunately I have to say: No, it doesn't support it at all. Let me explain on the following setup and the implications: I have 3 regional deployments of my app. Lets say an AKS cluster in EastUS, WestEurope and EastAsia. I have a global load balancer (Azure Front Door or Traffic Manager) in front that sends client requests to the clusters based on client region and can transparently fail over if need be. This all works nicely when you test it. The data in the state store is available, no matter which region a request hits. However: When you look the Cosmos DB metrics, you will see that only the primary Cosmos DB region gets all requests. Primary region in that case is the first region in the list of replication locations. This has a couple of severe implications:
How to work around this? Actually, I don't know :( |
@sebader - please checkout our configuration Entries in private DNS zones in each region point to the next / regional Cosmos DB private endpoint, so that the cluster / Dapr sidecar always writes "locally". Does this make sense to you? |
thanks @KaiWalter ! This sure does look like an interesting workaround. But in the end it really is only that. You still don't get any real failover. If Cosmos has an issue in a region, you cannot fail over and basically you have to shut off your entire region (AKS etc.). Plus, you could probably already achieve the same without using Private Link: In each region instead of using the default cosmos db connection string in your Dapr binding, you modify it to include the region (mycosmos-westeurope.documents.azure.com...). But again, you dont get fail over. |
@sebader for us using Private Link and private DNS zones is the primary notion of shielding our environment (attack surface reduction). So it is not intended as a workaround with regards to the Cosmos endpoint routing per se - just a side effect. |
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged (pinned, good first issue, help wanted or triaged/resolved) or other activity occurs. Thank you for your contributions. |
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as pinned, good first issue, help wanted or triaged/resolved. Thank you for your contributions. |
@sebader - Dapr does not support for multi-master read-write configuration/component with Cosmos DB, nor does it provide automatic failover capabilities similar to available in the Cosmos DB SDK. It would be highly beneficial if Dapr could extend its functionality to include support for multi-master read-write operations in Cosmos DB. Therefore, it would be greatly appreciated if this issue could be revisited and re-opened for further consideration. |
Done @harvendra2022 |
Thank you, @yaron2! |
When using a multi-master write Azure Cosmos DB, does the state store component take this into account when I'm running Dapr in multiple geographical locations and redirects requests to the closest Cosmos DB region - instead of always going to the primary region?
The text was updated successfully, but these errors were encountered: