Skip to content

feat: Sequencer HA V2 — Raft-based high availability#928

Open
tomatoishealthy wants to merge 2 commits intofeat/p2p-broadcast-validationfrom
feat/sequencer-ha-v2
Open

feat: Sequencer HA V2 — Raft-based high availability#928
tomatoishealthy wants to merge 2 commits intofeat/p2p-broadcast-validationfrom
feat/sequencer-ha-v2

Conversation

@tomatoishealthy
Copy link
Copy Markdown
Contributor

@tomatoishealthy tomatoishealthy commented Apr 9, 2026

Summary

  • Implement Raft-based HA for the single sequencer using hashicorp/raft v1.7.1.
    Three nodes share the same sequencer key; Raft leader is the sole block producer.
    Automatic failover in ~2s when leader fails.
  • New node/hakeeper/ module: HAService, BlockFSM, Config (layered loading with
    auto-detection), leaderMonitor (Barrier-gated block production), RPC admin API
    with token auth middleware.
  • 7 new CLI flags (--ha.enabled, --ha.config, --ha.bootstrap, --ha.join,
    --ha.server-id, --ha.advertised-addr, --ha.rpc-token) with corresponding
    MORPH_NODE_HA_* environment variables.
  • Admin RPC endpoints: ha_leader, ha_leaderWithID, ha_clusterMembership,
    ha_addServerAsVoter, ha_addServerAsNonvoter, ha_removeServer,
    ha_transferLeader, ha_transferLeaderToServer. Write ops require auth token.
  • Docker compose override for 3-node HA cluster testing with hostname-based
    advertised_addr (survives container IP changes).
  • 29-case integration test suite (run-ha-test.sh): config validation, cluster
    formation, block production, leader failover, admin API, lifecycle management.

Depends on: morph-l2/tendermint#32

Test plan

  • go test ./node/hakeeper/rpc/... -v — 8 unit tests (RPC token auth)
  • go build ./... — clean compilation
  • run-ha-test.sh test — 29/29 integration tests pass
  • Dynamic block interval verified: ~300ms with txs, ~3s without (TC-DBI-01/02)
  • Non-HA nodes (node-3, sentry) coexist correctly with HA cluster

🤖 Generated with Claude Code

allen.wu and others added 2 commits April 8, 2026 11:43
@claude
fix: swap ServerSuffrage iota so Nonvoter=0 (safer zero value)
abb6b3e 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@claude
feat: Sequencer HA V2 — Raft-based high availability for single seque…
189d543 
…ncer

Add hakeeper module implementing a 3-node Raft cluster for sequencer HA.
The HA cluster provides automatic leader election, block replication, and
failover without changing the on-chain sequencer identity.

node/hakeeper/:
- HAService: wraps hashicorp/raft, implements SequencerHA interface
- Config: layered loading (defaults -> TOML file -> CLI flags -> resolve -> validate)
  supports auto-detection of server_id (hostname) and advertised_addr (local IP)
- BlockFSM: Raft FSM for block replication; onApplied callback drives geth apply
- leaderMonitor: gates block production behind Barrier to ensure log catch-up
- rpc/: JSON-RPC admin API (ha_leader, ha_clusterMembership, ha_addServerAsVoter,
  ha_removeServer, ha_transferLeader, ha_transferLeaderToServer)
  with HTTP middleware token auth on write operations

node/flags/flags.go:
- New flags: --ha.enabled, --ha.config, --ha.bootstrap, --ha.join,
  --ha.server-id, --ha.advertised-addr, --ha.rpc-token

node/cmd/node/main.go:
- initHAService(): init HA from flags/config when --ha.enabled is set
- Fix typed-nil interface bug: pass untyped nil when HA is disabled

node/sequencer/tm_node.go:
- Pass HA service to tendermint node setup

node/go.mod:
- Add hashicorp/raft v1.7.1, raft-boltdb/v2

ops/docker-sequencer-test/:
- docker-compose.ha-override.yml: 3-node Raft cluster config for devnet
- run-ha-test.sh: 29-case integration test suite (config, cluster, block
  production, failover, admin API, lifecycle)
- run-perf-test.sh: performance test harness

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@tomatoishealthy tomatoishealthy requested a review from a team as a code owner April 9, 2026 06:04
@tomatoishealthy tomatoishealthy requested review from twcctop and removed request for a team April 9, 2026 06:04
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Apr 9, 2026

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1c2618be-2cd6-4fae-930c-3ab778a19632

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/sequencer-ha-v2

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@twcctop twcctop Awaiting requested review from twcctop twcctop is a code owner automatically assigned from morph-l2/security

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tomatoishealthy