search

georchestra / georchestra-gateway

GNU General Public License v3.0
0 stars 6 forks source link

Discussion: gateway shouldn't crash is rabbitmq is not available or error with the communication to rabbitmq #75

Open edevosc2c opened 10 months ago

edevosc2c commented 10 months ago

This is a discussion/enhancement. (Ping @jeanpommier @pmauduit @marwanehcine @groldan @fvanderbiest @emmdurin)

The georchestra gateway is the central place for redirecting all the traffic to all the georchestra applications. If this component is down, nobody can interact with the georchestra applications.

The current behavior when rabbitmq is not available or there is an error when communicating with rabbitmq is to crash. Essentially rendering all the platform unusable.

I would propose to not make rabbitmq a hard requirement, but instead rely on mechanisms that will automatically retry to establish a communication to rabbitmq. These mechanisms can temporarily store in memory the messages that would send to the queue until the queue is available again.

Moreover, events are not a critical part of the well functioning of a georchestra platform. The users should still be able to interact with the overall platform when the event messaging is temporarily unavailable.

(I don't see how the gateway would be production ready for georchestra 25 with this issue.)

fvanderbiest commented 10 months ago

Moreover, events are not a critical part of the well functioning of a georchestra platform. The users should still be able to interact with the overall platform when the event messaging is temporarily unavailable.

100 % agree.

jeanpommier commented 10 months ago

+1

marwanehcine commented 10 months ago

Currently rabbitmq now is used to allow gateway to send email by sending notification to console (which has already the mecanism of email sending implemented). The whole idea is to limit the context of gateway and make it use services provided by other mirco-services. until now, there nothing critical (just upate admin when new OAuth2 user account is created) We can surround send function by a try catch bloc to manage exceptions thrown if rabbitmq is down or there a miscommunication issues. But include new feature to save message and retry to send it later may be a good idea, for me this needs extra work (how, which mecanisms : redis for example ?)