Details
-
Improvement
-
Resolution: Duplicate
-
Major
-
2.5.1, 3.0, 3.0.2, 4.0.0
-
Security Level: Public
-
None
Description
If all buckets in a cluster have more than 1 replica, we should be able to automatically sustain the loss of more than one node. I agree we still don't want to do anything if multiple nodes fail at one time, but if one node fails and is automatically failed over, a second node failure (or third) should also be automatically failed over if there are enough replicas.
We likely also want to add a setting for the cluster to limit the max number of nodes (extending the concept of autofailover quota we currently have).