--- layout: docs page_title: Federated cluster failure scenarios description: |- Review failure scenarios in multi-region federated cluster deployments. Learn which Nomad features continue to work under federated and authoritative region failures. --- # Federated cluster failure scenarios When running Nomad in federated mode, failure situations and impacts are different depending on whether the authoritative region is the impacted region or not, and what the failure mode is. In soft failures, the region's servers have lost quorum but the Nomad processes are still up, running, and reachable. In hard failures, the regional servers are completely unreachable and are akin to the underlying hardware having been terminated (cloud) or powered-off (on-prem). The scenarios are based on a Nomad deployment running three federated regions: * `asia-south-1` * `europe-west-1` - authoritative region * `us-east-1` ## Federated region failure: soft In this situation the region `asia-south-1` has lost leadership but the servers are reachable and up. All server logs in the impacted region have entries such as this example. ```console [ERROR] nomad/worker.go:504: worker: failed to dequeue evaluation: worker_id=d19e6bb5-5ec9-8f75-9caf-47e2513fe28d error="No cluster leader" ``` ✅ Request forwarding continues to work between all federated regions that are running with leadership. 🟨 API requests, either directly or attempting to use request forwarding to the impacted region, fail unless using the `stale=true` flag. ✅ Creation and deletion of replicated objects, such as namespaces, is written to the authoritative region. ✅ Any federated regions with leadership is able to continue to replicate all objects detailed previously. ✅ Creation of local ACL tokens continues to work for all regions with leadership. ✅ Jobs **without** the [`multiregion`][] block deploy to all regions with leadership. ❌ Jobs **with** the [`multiregion`][] block defined fail to deploy. ## Federated region failure: hard In this situation the region `asia-south-1` has gone down. When this happens, the Nomad server logs for the other regions have log entries similar to this example. ```console [DEBUG] go-hclog@v1.6.3/stdlog.go:58: nomad: memberlist: Failed UDP ping: asia-south-1-server-1.asia-south-1 (timeout reached) [INFO] go-hclog@v1.6.3/stdlog.go:60: nomad: memberlist: Suspect asia-south-1-server-1.asia-south-1 has failed, no acks received [DEBUG] go-hclog@v1.6.3/stdlog.go:58: nomad: memberlist: Initiating push/pull sync with: us-east-1-server-1.us-east-1 192.168.1.193:9002 [DEBUG] go-hclog@v1.6.3/stdlog.go:58: nomad: memberlist: Failed UDP ping: asia-south-1-server-1.asia-south-1 (timeout reached) [INFO] go-hclog@v1.6.3/stdlog.go:60: nomad: memberlist: Suspect asia-south-1-server-1.asia-south-1 has failed, no acks received ``` ✅ Request forwarding continues to work between all federated regions that are running with leadership. ❌ API requests, either directly or attempting to use request forwarding to the impacted region, fail. ✅ Creation and deletion of replicated objects, such as namespaces, are written to the authoritative region. ✅ Any federated regions with leadership continue to replicate all objects detailed above. ✅ Creation of local ACL tokens continues to work for all regions which are running with leadership. ✅ Jobs **without** the [`multiregion`][] block deploy to all regions with leadership. ❌ Jobs **with** the [`multiregion`][] block defined fail to deploy. ## Authoritative region failure: soft In this situation the region `europe-west-1` has lost leadership but the servers are reachable and up. The server logs in the authoritative region have entries such as this example. ```console [ERROR] nomad/worker.go:504: worker: failed to dequeue evaluation: worker_id=68b3abe2-5e16-8f04-be5a-f76aebb0e59e error="No cluster leader" ``` ✅ Request forwarding continues to work between all federated regions that are running with leadership. 🟨 API requests, either directly or attempting to use request forwarding to the impacted region, fail unless using the `stale=true` flag. ❌ Creation and deletion of replicated objects, such as namespaces, fails. ❌ Any federated regions are able to read data to replicate as they use the stale flag, but no writes can occur to the authoritative region as described previously. ✅ Creation of local ACL tokens continues to work for all federated regions which are running with leadership. ✅ Jobs **without** the [`multiregion`][] block deploy to all federated regions which are running with leadership. ❌ Jobs **with** the [`multiregion`][] block defined fails to deploy. ## Authoritative region failure: hard In this situation the region `europe-west-1` has gone down. When this happens, the Nomad server leader logs for the other regions have log entries similar to this example. ```console [ERROR] nomad/leader.go:544: nomad: failed to fetch namespaces from authoritative region: error="rpc error: EOF" [ERROR] nomad/leader.go:1767: nomad: failed to fetch policies from authoritative region: error="rpc error: EOF" [ERROR] nomad/leader.go:2498: nomad: failed to fetch ACL binding rules from authoritative region: error="rpc error: EOF" [ERROR] nomad/leader_ent.go:226: nomad: failed to fetch quota specifications from authoritative region: error="rpc error: EOF" [ERROR] nomad/leader.go:703: nomad: failed to fetch node pools from authoritative region: error="rpc error: EOF" [ERROR] nomad/leader.go:1909: nomad: failed to fetch tokens from authoritative region: error="rpc error: EOF" [ERROR] nomad/leader.go:2083: nomad: failed to fetch ACL Roles from authoritative region: error="rpc error: EOF" [DEBUG] nomad/leader_ent.go:84: nomad: failed to fetch policies from authoritative region: error="rpc error: EOF" [ERROR] nomad/leader.go:2292: nomad: failed to fetch ACL auth-methods from authoritative region: error="rpc error: EOF" [DEBUG] go-hclog@v1.6.3/stdlog.go:58: nomad: memberlist: Failed UDP ping: europe-west-1-server-1.europe-west-1 (timeout reached) [INFO] go-hclog@v1.6.3/stdlog.go:60: nomad: memberlist: Suspect europe-west-1-server-1.europe-west-1 has failed, no acks received [DEBUG] go-hclog@v1.6.3/stdlog.go:58: nomad: memberlist: Failed UDP ping: europe-west-1-server-1.europe-west-1 (timeout reached) ``` ✅ Request forwarding continues to work between all federated regions that are running with leadership. ❌ API requests, either directly or attempting to use request forwarding to the impacted region, fail. ❌ Creation and deletion of replicated objects, such as namespaces, fails. ❌ Any federated regions with leadership is not able to replicate objects detailed in the logs. ✅ Creation of local ACL tokens continues to work for all regions with leadership. ✅ Jobs **without** the [`multiregion`][] block deploy to regions with leadership. ❌ Jobs **with** the [`multiregion`][] block defined fail to deploy. [`multiregion`]: /nomad/docs/job-specification/multiregion