Details
-
Enhancement
-
Resolution: Unresolved
-
Optional
-
None
-
None
-
None
Description
The current implementation of enlisting a client (Compensator) has a strong assumption of the fact that the LRA Coordinator can send HTTP requests back to the Compensator.
That means if the connection is wired wrong - i.e. the Coordinator cannot actually "see" the client - it is discovered only after the LRA is finished or compensated, which can be too late in the process and therefore put the system in an inconsistent state.
What I propose is some system for verifying the connection ahead of time to prevent enlisting the client if the test fails - possibly also cancelling the entire LRA.
I would imagine it as follows:
When a Compensator tries to enlist itself, along with the other urls in the Link header, it MAY also provide a "ping" url. If it does, the Coordinator MUST perform a GET request to it before enlisting the Compensator and, unless it receives an OK response, reply with some failure status code and cancel the LRA.
