Struct PartitionDriver 

pub struct PartitionDriver { /* private fields */ }

Workflow driver that encodes the correct SF-style lifecycle sequences for a partition. Operates on ReplicaHandle trait objects — agnostic to whether replicas are in-process or remote.

Mirrors StatefulServicePartitionDriver from service-fabric-rs.

Implementations

impl PartitionDriver

pub fn new() -> Self

pub fn primary_id(&self) -> Option<ReplicaId>

pub fn epoch(&self) -> Epoch

pub fn replica_ids(&self) -> Vec<ReplicaId>

pub fn handle(&self, id: ReplicaId) -> Option<&dyn ReplicaHandle>

pub fn remove_replica_from_driver( &mut self, id: ReplicaId, ) -> Option<Box<dyn ReplicaHandle>>

Remove a replica from the driver’s tracking without notifying the primary’s replicator. Used when the reconciler detects a pod is permanently dead before failover. Returns the handle for cleanup.

pub async fn create_partition( &mut self, handles: Vec<Box<dyn ReplicaHandle>>, ) -> Result<()>

Create a partition from pre-created replica handles. The first handle becomes primary; the rest become secondaries.

Follows the exact SF workflow:

1. Open all replicators
2. Assign primary role (replicator first)
3. Assign idle role to secondaries
4. build_replica for each secondary
5. Promote each secondary to active
6. Update configuration incrementally
7. Set access status

pub async fn delete_partition(&mut self) -> Result<()>

Gracefully shut down all replicas.

pub async fn failover(&mut self, failed_primary_id: ReplicaId) -> Result<()>

Failover after the primary has failed. The failed primary’s handle may be unreachable — the driver does not call it.

Matches SF’s reconfiguration phases:

1. Remove failed primary, increment epoch
2. Select new primary by highest current_progress (Phase 1: GetLSN)
3. Promote new primary with new epoch (Phase 4: Activate)
4. Reconfigure quorum — epoch distributed to secondaries as part of the new configuration (best-effort, skip unreachable)

pub async fn switchover(&mut self, target_id: ReplicaId) -> Result<()>

Graceful primary change to a specific target secondary.

Matches SF’s SwapPrimary reconfiguration:

1. Revoke write status on old primary (SF Phase 0: Demote)
2. Demote old primary → ActiveSecondary
3. Promote target → Primary (SF Phase 4: Activate)
4. Distribute epoch to other secondaries (best-effort)
5. Reconfigure quorum + catchup

pub async fn remove_secondary( &mut self, secondary_id: ReplicaId, min_replicas: usize, ) -> Result<()>

Remove a secondary from the partition. Config-first: the configuration is updated before the replica is closed, maintaining write quorum.

1. Verify not removing primary, and above min count
2. Reconfigure without the target replica
3. Change role to None + close the removed replica
4. Remove from driver

pub async fn add_replica( &mut self, handle: Box<dyn ReplicaHandle>, ) -> Result<()>

Add a new replica to the partition. The primary builds it via the copy protocol, then it joins the quorum configuration.

Used for:

• Scale-up: operator creates a new pod, calls add_replica
• Restart: restart_secondary calls this after closing the old handle

Flow:

1. Open + set epoch + assign idle role
2. build_replica on primary (copies state via data plane)
3. Promote idle → active
4. Reconfigure quorum (must_catch_up on the new replica)

pub async fn restart_secondary( &mut self, secondary_id: ReplicaId, new_handle: Box<dyn ReplicaHandle>, ) -> Result<()>

Restart a secondary replica. The old handle is replaced with a new one (simulating pod restart with fresh state). The primary rebuilds it via the copy protocol.

Trait Implementations

impl Default for PartitionDriver

fn default() -> Self

Returns the “default value” for a type.