compaction_manager: cancel submission timer on drain

The `drain` method, cancels all running compactions and moves the
compaction manager into the disabled state. To move it back to
the enabled state, the `enable` method shall be called.

This, however, throws an assertion error as the submission time is
not cancelled and re-enabling the manager tries to arm the armed timer.

Thus, cancel the timer, when calling the drain method to disable
the compaction manager.

Fixes https://github.com/scylladb/scylladb/issues/24504

All versions are affected. So it's a good candidate for a backport.

Closes scylladb/scylladb#24505

(cherry picked from commit a9a53d9178)

Closes scylladb/scylladb#24585

.clang-format

@@ -0,0 +1,225 @@
+---
+Language: Cpp
+AccessModifierOffset: -4
+AlignAfterOpenBracket: Align
+AlignArrayOfStructures: None
+AlignConsecutiveAssignments:
+  Enabled: false
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: false
+  PadOperators: true
+AlignConsecutiveBitFields:
+  Enabled: false
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: false
+  PadOperators: false
+AlignConsecutiveDeclarations:
+  Enabled: false
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: false
+  PadOperators: false
+AlignConsecutiveMacros:
+  Enabled: false
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCompound: false
+  PadOperators: false
+AlignConsecutiveShortCaseStatements:
+  Enabled: false
+  AcrossEmptyLines: false
+  AcrossComments: false
+  AlignCaseColons: false
+AlignEscapedNewlines: Right
+AlignOperands: Align
+AlignTrailingComments:
+  Kind: Always
+  OverEmptyLines: 0
+AllowAllArgumentsOnNextLine: true
+AllowAllParametersOfDeclarationOnNextLine: true
+AllowShortBlocksOnASingleLine: Never
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortEnumsOnASingleLine: true
+AllowShortFunctionsOnASingleLine: InlineOnly
+AllowShortIfStatementsOnASingleLine: Never
+AllowShortLambdasOnASingleLine: All
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakAfterDefinitionReturnType: None
+AlwaysBreakAfterReturnType: None
+AlwaysBreakBeforeMultilineStrings: false
+AlwaysBreakTemplateDeclarations: Yes
+AttributeMacros:
+  - __capability
+BinPackArguments: false
+BinPackParameters: false
+BitFieldColonSpacing: Both
+BraceWrapping:
+  AfterCaseLabel: false
+  AfterClass: false
+  AfterControlStatement: Never
+  AfterEnum: false
+  AfterExternBlock: false
+  AfterFunction: false
+  AfterNamespace: false
+  AfterObjCDeclaration: false
+  AfterStruct: false
+  AfterUnion: false
+  BeforeCatch: false
+  BeforeElse: false
+  BeforeLambdaBody: false
+  BeforeWhile: false
+  IndentBraces: false
+  SplitEmptyFunction: true
+  SplitEmptyRecord: true
+  SplitEmptyNamespace: true
+BreakAfterAttributes: Never
+BreakAfterJavaFieldAnnotations: false
+BreakArrays: true
+BreakBeforeBinaryOperators: None
+BreakBeforeConceptDeclarations: Always
+BreakBeforeBraces: Attach
+BreakBeforeInlineASMColon: OnlyMultiline
+BreakBeforeTernaryOperators: true
+BreakConstructorInitializers: BeforeComma
+BreakInheritanceList: BeforeColon
+BreakStringLiterals: true
+ColumnLimit: 160
+CommentPragmas: '^ IWYU pragma:'
+CompactNamespaces: false
+ConstructorInitializerIndentWidth: 4
+ContinuationIndentWidth: 4
+Cpp11BracedListStyle: true
+DerivePointerAlignment: false
+DisableFormat: false
+EmptyLineAfterAccessModifier: Never
+EmptyLineBeforeAccessModifier: LogicalBlock
+ExperimentalAutoDetectBinPacking: false
+FixNamespaceComments: true
+ForEachMacros:
+  - foreach
+  - Q_FOREACH
+  - BOOST_FOREACH
+IfMacros:
+  - KJ_IF_MAYBE
+IncludeBlocks: Preserve
+IncludeCategories:
+  - Regex: '^"(llvm|llvm-c|clang|clang-c)/'
+    Priority: 2
+    SortPriority: 0
+    CaseSensitive: false
+  - Regex: '^(<|"(gtest|gmock|isl|json)/)'
+    Priority: 3
+    SortPriority: 0
+    CaseSensitive: false
+  - Regex: '.*'
+    Priority: 1
+    SortPriority: 0
+    CaseSensitive: false
+IncludeIsMainRegex: '(Test)?$'
+IncludeIsMainSourceRegex: ''
+IndentAccessModifiers: false
+IndentCaseBlocks: false
+IndentCaseLabels: false
+IndentExternBlock: AfterExternBlock
+IndentGotoLabels: true
+IndentPPDirectives: None
+IndentRequiresClause: true
+IndentWidth: 4
+IndentWrappedFunctionNames: false
+InsertBraces: false
+InsertNewlineAtEOF: true
+InsertTrailingCommas: None
+IntegerLiteralSeparator:
+  Binary: 0
+  BinaryMinDigits: 0
+  Decimal: 0
+  DecimalMinDigits: 0
+  Hex: 0
+  HexMinDigits: 0
+JavaScriptQuotes: Leave
+JavaScriptWrapImports: true
+KeepEmptyLinesAtTheStartOfBlocks: true
+KeepEmptyLinesAtEOF: false
+LambdaBodyIndentation: Signature
+LineEnding: DeriveLF
+MacroBlockBegin: ''
+MacroBlockEnd: ''
+MaxEmptyLinesToKeep: 2
+NamespaceIndentation: None
+PackConstructorInitializers: NextLine
+PenaltyBreakAssignment: 2
+PenaltyBreakBeforeFirstCallParameter: 19
+PenaltyBreakComment: 300
+PenaltyBreakFirstLessLess: 120
+PenaltyBreakOpenParenthesis: 0
+PenaltyBreakString: 1000
+PenaltyBreakTemplateDeclaration: 10
+PenaltyExcessCharacter: 1000000
+PenaltyIndentedWhitespace: 0
+PenaltyReturnTypeOnItsOwnLine: 60
+PointerAlignment: Left
+PPIndentWidth: -1
+QualifierAlignment: Leave
+ReferenceAlignment: Pointer
+ReflowComments: true
+RemoveBracesLLVM: false
+RemoveParentheses: Leave
+RemoveSemicolon: false
+RequiresClausePosition: OwnLine
+RequiresExpressionIndentation: OuterScope
+SeparateDefinitionBlocks: Leave
+ShortNamespaceLines: 1
+SortIncludes: CaseSensitive
+SortJavaStaticImport: Before
+SortUsingDeclarations: LexicographicNumeric
+SpaceAfterCStyleCast: false
+SpaceAfterLogicalNot: false
+SpaceAfterTemplateKeyword: true
+SpaceAroundPointerQualifiers: Default
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeCaseColon: false
+SpaceBeforeCpp11BracedList: false
+SpaceBeforeCtorInitializerColon: true
+SpaceBeforeInheritanceColon: true
+SpaceBeforeJsonColon: false
+SpaceBeforeParens: ControlStatements
+SpaceBeforeParensOptions:
+  AfterControlStatements: true
+  AfterForeachMacros: true
+  AfterFunctionDefinitionName: false
+  AfterFunctionDeclarationName: false
+  AfterIfMacros: true
+  AfterOverloadedOperator: false
+  AfterRequiresInClause: false
+  AfterRequiresInExpression: false
+  BeforeNonEmptyParentheses: false
+SpaceBeforeRangeBasedForLoopColon: true
+SpaceBeforeSquareBrackets: false
+SpaceInEmptyBlock: false
+SpacesBeforeTrailingComments: 1
+SpacesInAngles: Never
+SpacesInContainerLiterals: true
+SpacesInLineCommentPrefix:
+  Minimum: 1
+  Maximum: -1
+SpacesInParens: Never
+SpacesInParensOptions:
+  InCStyleCasts: false
+  InConditionalStatements: false
+  InEmptyParentheses: false
+  Other: false
+SpacesInSquareBrackets: false
+Standard: Latest
+TabWidth: 8
+UseTab: Never
+VerilogBreakBetweenInstancePorts: true
+WhitespaceSensitiveMacros:
+  - BOOST_PP_STRINGIZE
+  - CF_SWIFT_NAME
+  - NS_SWIFT_NAME
+  - PP_STRINGIZE
+  - STRINGIZE
+...
+

.gitattributes

@@ -1,3 +1,4 @@
 *.cc diff=cpp
 *.hh diff=cpp
 *.svg binary
+docs/_static/api/js/* binary

.github/CODEOWNERS

@@ -1,5 +1,5 @@
 # AUTH
-auth/* @elcallio @vladzcloudius
+auth/* @nuivall @ptrsmrn @KrzaQ
 
 # CACHE
 row_cache* @tgrabiec
@@ -7,9 +7,9 @@ row_cache* @tgrabiec
 test/boost/mvcc* @tgrabiec
 
 # CDC
-cdc/* @kbr- @elcallio @piodul @jul-stas
-test/cql/cdc_* @kbr- @elcallio @piodul @jul-stas
-test/boost/cdc_* @kbr- @elcallio @piodul @jul-stas
+cdc/* @kbr-scylla @elcallio @piodul
+test/cql/cdc_* @kbr-scylla @elcallio @piodul
+test/boost/cdc_* @kbr-scylla @elcallio @piodul
 
 # COMMITLOG / BATCHLOG
 db/commitlog/* @elcallio @eliransin
@@ -19,24 +19,24 @@ db/batch* @elcallio
 service/storage_proxy* @gleb-cloudius
 
 # COMPACTION
-compaction/* @raphaelsc @nyh
+compaction/* @raphaelsc
 
 # CQL TRANSPORT LAYER
 transport/*
 
 # CQL QUERY LANGUAGE
-cql3/* @tgrabiec @cvybhu @nyh
+cql3/* @tgrabiec @nuivall @ptrsmrn @KrzaQ
 
 # COUNTERS
-counters* @jul-stas
-tests/counter_test* @jul-stas
+counters* @nuivall @ptrsmrn @KrzaQ
+tests/counter_test* @nuivall @ptrsmrn @KrzaQ
 
 # DOCS
 docs/* @annastuchlik @tzach
-docs/alternator @annastuchlik @tzach @nyh @havaker @nuivall
+docs/alternator @annastuchlik @tzach @nyh @nuivall @ptrsmrn @KrzaQ
 
 # GOSSIP
-gms/* @tgrabiec @asias
+gms/* @tgrabiec @asias @kbr-scylla
 
 # DOCKER
 dist/docker/*
@@ -45,44 +45,44 @@ dist/docker/*
 utils/logalloc* @tgrabiec
 
 # MATERIALIZED VIEWS
-db/view/* @nyh @cvybhu @piodul
-cql3/statements/*view* @nyh @cvybhu @piodul
-test/boost/view_* @nyh @cvybhu @piodul
+db/view/* @nyh @piodul
+cql3/statements/*view* @nyh @piodul
+test/boost/view_* @nyh @piodul
 
 # PACKAGING
 dist/* @syuu1228
 
 # REPAIR
-repair/* @tgrabiec @asias @nyh
+repair/* @tgrabiec @asias
 
 # SCHEMA MANAGEMENT
-db/schema_tables* @tgrabiec @nyh
-db/legacy_schema_migrator* @tgrabiec @nyh
-service/migration* @tgrabiec @nyh
-schema* @tgrabiec @nyh
+db/schema_tables* @tgrabiec
+db/legacy_schema_migrator* @tgrabiec
+service/migration* @tgrabiec
+schema* @tgrabiec
 
 # SECONDARY INDEXES
-index/* @nyh @cvybhu @piodul
-cql3/statements/*index* @nyh @cvybhu @piodul
-test/boost/*index* @nyh @cvybhu @piodul
+index/* @nyh @piodul
+cql3/statements/*index* @nyh @piodul
+test/boost/*index* @nyh @piodul
 
 # SSTABLES
-sstables/* @tgrabiec @raphaelsc @nyh
+sstables/* @tgrabiec @raphaelsc
 
 # STREAMING
 streaming/* @tgrabiec @asias
 service/storage_service.* @tgrabiec @asias
 
 # ALTERNATOR
-alternator/* @nyh @havaker @nuivall
-test/alternator/* @nyh @havaker @nuivall
+alternator/* @nyh @nuivall @ptrsmrn @KrzaQ
+test/alternator/* @nyh @nuivall @ptrsmrn @KrzaQ
 
 # HINTED HANDOFF
 db/hints/* @piodul @vladzcloudius @eliransin
 
 # REDIS
-redis/* @nyh @syuu1228
-test/redis/* @nyh @syuu1228
+redis/* @syuu1228
+test/redis/* @syuu1228
 
 # READERS
 reader_* @denesb
@@ -94,8 +94,8 @@ test/boost/querier_cache_test.cc @denesb
 test/cql-pytest/* @nyh
 
 # RAFT
-raft/* @kbr- @gleb-cloudius @kostja
-test/raft/* @kbr- @gleb-cloudius @kostja
+raft/* @kbr-scylla @gleb-cloudius @kostja
+test/raft/* @kbr-scylla @gleb-cloudius @kostja
 
 # HEAT-WEIGHTED LOAD BALANCING
 db/heat_load_balance.* @nyh @gleb-cloudius

.github/clang-include-cleaner.json

@@ -0,0 +1,20 @@
+{
+    "problemMatcher": [
+        {
+            "owner": "clang-include-cleaner",
+            "severity": "error",
+            "pattern": [
+                {
+                    "regexp": "^([^\\-\\+].*)$",
+                    "file": 1
+                },
+                {
+                    "regexp": "^(-\\s+[^\\s]+)\\s+@Line:(\\d+)$",
+                    "line": 2,
+                    "message": 1,
+                    "loop": true
+                }
+            ]
+        }
+    ]
+}

.github/clang-matcher.json

@@ -0,0 +1,18 @@
+{
+    "problemMatcher": [
+        {
+            "owner": "clang",
+            "pattern": [
+                {
+                    "regexp": "^([^:]+):(\\d+):(\\d+):\\s+(warning|error):\\s+(.*?)\\s+\\[(.*?)\\]$",
+                    "file": 1,
+                    "line": 2,
+                    "column": 3,
+                    "severity": 4,
+                    "message": 5,
+                    "code": 6
+                }
+            ]
+        }
+    ]
+}

.github/mergify.yml

@@ -0,0 +1,92 @@
+pull_request_rules:
+  - name: put PR in draft if conflicts
+    conditions:
+      - label = conflicts
+      - author = mergify[bot]
+      - head ~= ^mergify/
+    actions:
+      edit:
+         draft: true
+  - name: Delete mergify backport branch
+    conditions:
+      - base~=branch-
+      - or:
+        - merged
+        - closed
+    actions:
+      delete_head_branch:
+  - name: Automate backport pull request 6.1
+    conditions:
+      - or:
+        - closed
+        - merged
+      - or:
+          - base=master
+          - base=next
+      - label=backport/6.1 # The PR must have this label to trigger the backport
+      - label=promoted-to-master
+    actions:
+      copy:
+        title: "[Backport 6.1] {{ title }}"
+        body: |
+          {{ body }}
+
+          {% for c in commits %}
+          (cherry picked from commit {{ c.sha }})
+          {% endfor %}
+
+           Refs #{{number}}
+        branches:
+          - branch-6.1
+        assignees:
+          - "{{ author }}"
+  - name: Automate backport pull request 5.4
+    conditions:
+      - or:
+        - closed
+        - merged
+      - or:
+          - base=master
+          - base=next
+      - label=backport/5.4 # The PR must have this label to trigger the backport
+      - label=promoted-to-master
+    actions:
+      copy:
+        title: "[Backport 5.4] {{ title }}"
+        body: |
+          {{ body }}
+
+          {% for c in commits %}
+          (cherry picked from commit {{ c.sha }})
+          {% endfor %}
+
+          Refs #{{number}}
+        branches:
+          - branch-5.4
+        assignees:
+          - "{{ author }}"
+  - name: Automate backport pull request 6.0
+    conditions:
+      - or:
+        - closed
+        - merged
+      - or:
+          - base=master
+          - base=next
+      - label=backport/6.0 # The PR must have this label to trigger the backport
+      - label=promoted-to-master
+    actions:
+      copy:
+        title: "[Backport 6.0] {{ title }}"
+        body: |
+          {{ body }}
+
+          {% for c in commits %}
+          (cherry picked from commit {{ c.sha }})
+          {% endfor %}
+
+           Refs #{{number}}
+        branches:
+          - branch-6.0
+        assignees:
+          - "{{ author }}"

.github/pull_request_template.md

@@ -0,0 +1 @@
+**Please replace this line with justification for the backport/\* labels added to this PR**

.github/scripts/auto-backport.py

@@ -0,0 +1,186 @@
+#!/usr/bin/env python3
+
+import argparse
+import os
+import re
+import sys
+import tempfile
+import logging
+
+from github import Github, GithubException
+from git import Repo, GitCommandError
+
+logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')
+try:
+    github_token = os.environ["GITHUB_TOKEN"]
+except KeyError:
+    print("Please set the 'GITHUB_TOKEN' environment variable")
+    sys.exit(1)
+
+
+def is_pull_request():
+    return '--pull-request' in sys.argv[1:]
+
+
+def parse_args():
+    parser = argparse.ArgumentParser()
+    parser.add_argument('--repo', type=str, required=True, help='Github repository name')
+    parser.add_argument('--base-branch', type=str, default='refs/heads/master', help='Base branch')
+    parser.add_argument('--commits', default=None, type=str, help='Range of promoted commits.')
+    parser.add_argument('--pull-request', type=int, help='Pull request number to be backported')
+    parser.add_argument('--head-commit', type=str, required=is_pull_request(), help='The HEAD of target branch after the pull request specified by --pull-request is merged')
+    return parser.parse_args()
+
+
+def create_pull_request(repo, new_branch_name, base_branch_name, pr, backport_pr_title, commits, is_draft=False):
+    pr_body = f'{pr.body}\n\n'
+    for commit in commits:
+        pr_body += f'- (cherry picked from commit {commit})\n\n'
+    pr_body += f'Parent PR: #{pr.number}'
+    try:
+        backport_pr = repo.create_pull(
+            title=backport_pr_title,
+            body=pr_body,
+            head=f'scylladbbot:{new_branch_name}',
+            base=base_branch_name,
+            draft=is_draft
+        )
+        logging.info(f"Pull request created: {backport_pr.html_url}")
+        backport_pr.add_to_assignees(pr.user)
+        if is_draft:
+            backport_pr.add_to_labels("conflicts")
+            pr_comment = f"@{pr.user} - This PR was marked as draft because it has conflicts\n"
+            pr_comment += "Please resolve them and mark this PR as ready for review"
+            backport_pr.create_issue_comment(pr_comment)
+        logging.info(f"Assigned PR to original author: {pr.user}")
+        return backport_pr
+    except GithubException as e:
+        if 'A pull request already exists' in str(e):
+            logging.warning(f'A pull request already exists for {pr.user}:{new_branch_name}')
+        else:
+            logging.error(f'Failed to create PR: {e}')
+
+
+def get_pr_commits(repo, pr, stable_branch, start_commit=None):
+    commits = []
+    if pr.merged:
+        merge_commit = repo.get_commit(pr.merge_commit_sha)
+        if len(merge_commit.parents) > 1:  # Check if this merge commit includes multiple commits
+            commits.append(pr.merge_commit_sha)
+        else:
+            if start_commit:
+                promoted_commits = repo.compare(start_commit, stable_branch).commits
+            else:
+                promoted_commits = repo.get_commits(sha=stable_branch)
+            for commit in pr.get_commits():
+                for promoted_commit in promoted_commits:
+                    commit_title = commit.commit.message.splitlines()[0]
+                    # In Scylla-pkg and scylla-dtest, for example,
+                    # we don't create a merge commit for a PR with multiple commits,
+                    # according to the GitHub API, the last commit will be the merge commit,
+                    # which is not what we need when backporting (we need all the commits).
+                    # So here, we are validating the correct SHA for each commit so we can cherry-pick
+                    if promoted_commit.commit.message.startswith(commit_title):
+                        commits.append(promoted_commit.sha)
+
+    elif pr.state == 'closed':
+        events = pr.get_issue_events()
+        for event in events:
+            if event.event == 'closed':
+                commits.append(event.commit_id)
+    return commits
+
+
+def create_pr_comment_and_remove_label(pr, comment_body):
+    labels = pr.get_labels()
+    pattern = re.compile(r"backport/\d+\.\d+$")
+    for label in labels:
+        if pattern.match(label.name):
+            print(f"Removing label: {label.name}")
+            comment_body += f'- {label.name}\n'
+            pr.remove_from_labels(label)
+    pr.create_issue_comment(comment_body)
+
+
+def backport(repo, pr, version, commits, backport_base_branch):
+    new_branch_name = f'backport/{pr.number}/to-{version}'
+    backport_pr_title = f'[Backport {version}] {pr.title}'
+    repo_url = f'https://scylladbbot:{github_token}@github.com/{repo.full_name}.git'
+    fork_repo = f'https://scylladbbot:{github_token}@github.com/scylladbbot/{repo.name}.git'
+    with (tempfile.TemporaryDirectory() as local_repo_path):
+        try:
+            repo_local = Repo.clone_from(repo_url, local_repo_path, branch=backport_base_branch)
+            repo_local.git.checkout(b=new_branch_name)
+            is_draft = False
+            for commit in commits:
+                try:
+                    repo_local.git.cherry_pick(commit, '-m1', '-x')
+                except GitCommandError as e:
+                    logging.warning(f'Cherry-pick conflict on commit {commit}: {e}')
+                    is_draft = True
+                    repo_local.git.add(A=True)
+                    repo_local.git.cherry_pick('--continue')
+            if not repo.private and not repo.has_in_collaborators(pr.user.login):
+                repo.add_to_collaborators(pr.user.login, permission="push")
+                comment = f':warning:  @{pr.user.login} you have been added as collaborator to scylladbbot fork '
+                comment += f'Please check your inbox and approve the invitation, once it is done, please add the backport labels again'
+                create_pr_comment_and_remove_label(pr, comment)
+                return
+            repo_local.git.push(fork_repo, new_branch_name, force=True)
+            create_pull_request(repo, new_branch_name, backport_base_branch, pr, backport_pr_title, commits,
+                                is_draft=is_draft)
+
+        except GitCommandError as e:
+            logging.warning(f"GitCommandError: {e}")
+
+
+def main():
+    args = parse_args()
+    base_branch = args.base_branch.split('/')[2]
+    promoted_label = 'promoted-to-master'
+    repo_name = args.repo
+    if 'scylla-enterprise' in args.repo:
+        promoted_label = 'promoted-to-enterprise'
+    stable_branch = base_branch
+    backport_branch = 'branch-'
+
+    backport_label_pattern = re.compile(r'backport/\d+\.\d+$')
+
+    g = Github(github_token)
+    repo = g.get_repo(repo_name)
+    closed_prs = []
+    start_commit = None
+
+    if args.commits:
+        start_commit, end_commit = args.commits.split('..')
+        commits = repo.compare(start_commit, end_commit).commits
+        for commit in commits:
+            match = re.search(rf"Closes .*#([0-9]+)", commit.commit.message, re.IGNORECASE)
+            if match:
+                pr_number = int(match.group(1))
+                pr = repo.get_pull(pr_number)
+                closed_prs.append(pr)
+    if args.pull_request:
+        start_commit = args.head_commit
+        pr = repo.get_pull(args.pull_request)
+        closed_prs = [pr]
+
+    for pr in closed_prs:
+        labels = [label.name for label in pr.labels]
+        backport_labels = [label for label in labels if backport_label_pattern.match(label)]
+        if promoted_label not in labels:
+            print(f'no {promoted_label} label: {pr.number}')
+            continue
+        if not backport_labels:
+            print(f'no backport label: {pr.number}')
+            continue
+        commits = get_pr_commits(repo, pr, stable_branch, start_commit)
+        logging.info(f"Found PR #{pr.number} with commit {commits} and the following labels: {backport_labels}")
+        for backport_label in backport_labels:
+            version = backport_label.replace('backport/', '')
+            backport_base_branch = backport_label.replace('backport/', backport_branch)
+            backport(repo, pr, version, commits, backport_base_branch)
+
+
+if __name__ == "__main__":
+    main()

.github/scripts/label_promoted_commits.py

@@ -1,8 +1,9 @@
-from github import Github
 import argparse
 import re
 import sys
 import os
+from github import Github
+from github.GithubException import UnknownObjectException
 
 try:
     github_token = os.environ["GITHUB_TOKEN"]
@@ -15,13 +16,8 @@ def parser():
     parser = argparse.ArgumentParser()
     parser.add_argument('--repository', type=str, required=True,
                         help='Github repository name (e.g., scylladb/scylladb)')
-    parser.add_argument('--commit_before_merge', type=str, required=True, help='Git commit ID to start labeling from ('
-                                                                               'newest commit).')
-    parser.add_argument('--commit_after_merge', type=str, required=True,
-                        help='Git commit ID to end labeling at (oldest '
-                             'commit, exclusive).')
-    parser.add_argument('--update_issue', type=bool, default=False, help='Set True to update issues when backport was '
-                                                                         'done')
+    parser.add_argument('--commits', type=str, required=True, help='Range of promoted commits.')
+    parser.add_argument('--label', type=str, default='promoted-to-master', help='Label to use')
     parser.add_argument('--ref', type=str, required=True, help='PR target branch')
     return parser.parse_args()
 
@@ -52,10 +48,11 @@ def main():
     target_branch = re.search(r'branch-(\d+\.\d+)', args.ref)
     g = Github(github_token)
     repo = g.get_repo(args.repository, lazy=False)
-    commits = repo.compare(head=args.commit_after_merge, base=args.commit_before_merge)
+    start_commit, end_commit = args.commits.split('..')
+    commits = repo.compare(start_commit, end_commit).commits
     processed_prs = set()
     # Print commit information
-    for commit in commits.commits:
+    for commit in commits:
         print(f'Commit sha is: {commit.sha}')
         match = pr_pattern.search(commit.commit.message)
         if match:
@@ -65,21 +62,24 @@ def main():
             if target_branch:
                 pr = repo.get_pull(pr_number)
                 branch_name = target_branch[1]
-                refs_pr = re.findall(r'Refs (?:#|https.*?)(\d+)', pr.body)
+                refs_pr = re.findall(r'Parent PR: (?:#|https.*?)(\d+)', pr.body)
                 if refs_pr:
                     print(f'branch-{target_branch.group(1)}, pr number is: {pr_number}')
                     # 1. change the backport label of the parent PR to note that
-                    #    we've merge the corresponding backport PR
+                    #    we've merged the corresponding backport PR
                     # 2. close the backport PR and leave a comment on it to note
-                    #    that it has been merged with a certain git commit,
+                    #    that it has been merged with a certain git commit.
                     ref_pr_number = refs_pr[0]
                     mark_backport_done(repo, ref_pr_number, branch_name)
                     comment = f'Closed via {commit.sha}'
                     add_comment_and_close_pr(pr, comment)
             else:
-                print(f'master branch, pr number is: {pr_number}')
-                pr = repo.get_pull(pr_number)
-                pr.add_to_labels('promoted-to-master')
+                try:
+                    pr = repo.get_pull(pr_number)
+                    pr.add_to_labels('promoted-to-master')
+                    print(f'master branch, pr number is: {pr_number}')
+                except UnknownObjectException:
+                    print(f'{pr_number} is not a PR but an issue, no need to add label')
             processed_prs.add(pr_number)
 
 

.github/scripts/sync_labels.py

@@ -0,0 +1,95 @@
+#!/usr/bin/env python3
+import argparse
+import os
+import sys
+from github import Github
+import re
+
+try:
+    github_token = os.environ["GITHUB_TOKEN"]
+except KeyError:
+    print("Please set the 'GITHUB_TOKEN' environment variable")
+    sys.exit(1)
+
+
+def parser():
+    parse = argparse.ArgumentParser()
+    parse.add_argument('--repo', type=str, required=True, help='Github repository name (e.g., scylladb/scylladb)')
+    parse.add_argument('--number', type=int, required=True, help='Pull request or issue number to sync labels from')
+    parse.add_argument('--label', type=str, default=None, help='Label to add/remove from an issue or PR')
+    parse.add_argument('--is_issue', action='store_true', help='Determined if label change is in Issue or not')
+    parse.add_argument('--action', type=str, choices=['opened', 'labeled', 'unlabeled'], required=True, help='Sync labels action')
+    return parse.parse_args()
+
+
+def copy_labels_from_linked_issues(repo, pr_number):
+    pr = repo.get_pull(pr_number)
+    if pr.body:
+        linked_issue_numbers = set(re.findall(r'Fixes:? (?:#|https.*?/issues/)(\d+)', pr.body))
+        for issue_number in linked_issue_numbers:
+            try:
+                issue = repo.get_issue(int(issue_number))
+                for label in issue.labels:
+                    pr.add_to_labels(label.name)
+                print(f"Labels from issue #{issue_number} copied to PR #{pr_number}")
+            except Exception as e:
+                print(f"Error processing issue #{issue_number}: {e}")
+
+
+def get_linked_pr_from_issue_number(repo, number):
+    linked_prs = []
+    for pr in repo.get_pulls(state='all', base='master'):
+        if pr.body and f'{number}' in pr.body:
+            linked_prs.append(pr.number)
+            break
+        else:
+            continue
+    return linked_prs
+
+
+def get_linked_issues_based_on_pr_body(repo, number):
+    pr = repo.get_pull(number)
+    repo_name = repo.full_name
+    pattern = rf"(?:fix(?:|es|ed)|resolve(?:|d|s))\s*:?\s*(?:(?:(?:{repo_name})?#)|https://github\.com/{repo_name}/issues/)(\d+)"
+    issue_number_from_pr_body = []
+    if pr.body is None:
+        return issue_number_from_pr_body
+    matches = re.findall(pattern, pr.body, re.IGNORECASE)
+    if matches:
+        for match in matches:
+            issue_number_from_pr_body.append(match)
+            print(f"Found issue number: {match}")
+    return issue_number_from_pr_body
+
+
+def sync_labels(repo, number, label, action, is_issue=False):
+    if is_issue:
+        linked_prs_or_issues = get_linked_pr_from_issue_number(repo, number)
+    else:
+        linked_prs_or_issues = get_linked_issues_based_on_pr_body(repo, number)
+    for pr_or_issue_number in linked_prs_or_issues:
+        if is_issue:
+            target = repo.get_issue(pr_or_issue_number)
+        else:
+            target = repo.get_issue(int(pr_or_issue_number))
+        if action == 'labeled':
+            target.add_to_labels(label)
+            print(f"Label '{label}' successfully added.")
+        elif action == 'unlabeled':
+            target.remove_from_labels(label)
+            print(f"Label '{label}' successfully removed.")
+        elif action == 'opened':
+            copy_labels_from_linked_issues(repo, number)
+        else:
+            print("Invalid action. Use 'labeled', 'unlabeled' or 'opened'.")
+
+
+def main():
+    args = parser()
+    github = Github(github_token)
+    repo = github.get_repo(args.repo)
+    sync_labels(repo, args.number, args.label, args.action, args.is_issue)
+
+
+if __name__ == "__main__":
+    main()

.github/workflows/add-label-when-promoted.yaml

@@ -5,9 +5,10 @@ on:
     branches:
       - master
       - branch-*.*
-
-env:
-  DEFAULT_BRANCH: 'master'
+      - enterprise
+    pull_request_target:
+      types: [labeled]
+      branches: [master, next, enterprise]
 
 jobs:
   check-commit:
@@ -20,17 +21,51 @@ jobs:
         env:
           GITHUB_CONTEXT: ${{ toJson(github) }}
         run: echo "$GITHUB_CONTEXT"
+      - name: Set Default Branch
+        id: set_branch
+        run: |
+          if [[ "${{ github.repository }}" == *enterprise* ]]; then
+            echo "DEFAULT_BRANCH=enterprise" >> $GITHUB_ENV
+          else
+            echo "DEFAULT_BRANCH=master" >> $GITHUB_ENV
+          fi
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
           repository: ${{ github.repository }}
           ref: ${{ env.DEFAULT_BRANCH }}
+          token: ${{ secrets.AUTO_BACKPORT_TOKEN }}
           fetch-depth: 0  # Fetch all history for all tags and branches
-
+      - name: Set up Git identity
+        run: |
+          git config --global user.name "GitHub Action"
+          git config --global user.email "action@github.com"
+          git config --global merge.conflictstyle diff3
       - name: Install dependencies
-        run: sudo apt-get install -y python3-github
-
+        run: sudo apt-get install -y python3-github python3-git
       - name: Run python script
+        if: github.event_name == 'push'
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: python .github/scripts/label_promoted_commits.py --commit_before_merge ${{ github.event.before }} --commit_after_merge ${{ github.event.after }} --repository ${{ github.repository }} --ref ${{ github.ref }}
+          GITHUB_TOKEN: ${{ secrets.AUTO_BACKPORT_TOKEN }}
+        run: python .github/scripts/label_promoted_commits.py  --commits ${{ github.event.before }}..${{ github.sha }} --repository ${{ github.repository }} --ref ${{ github.ref }}
+      - name: Run auto-backport.py when promotion completed
+        if: ${{ github.event_name == 'push' && github.ref == format('refs/heads/{0}', env.DEFAULT_BRANCH) }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.AUTO_BACKPORT_TOKEN }}
+        run: python .github/scripts/auto-backport.py --repo ${{ github.repository }} --base-branch ${{ github.ref }} --commits ${{ github.event.before }}..${{ github.sha }}
+      - name: Check if label starts with 'backport/' and contains digits
+        id: check_label
+        run: |
+          label_name="${{ github.event.label.name }}"
+          if [[ "$label_name" =~ ^backport/[0-9]+\.[0-9]+$ ]]; then
+            echo "Label matches backport/X.X pattern."
+            echo "backport_label=true" >> $GITHUB_OUTPUT
+          else
+            echo "Label does not match the required pattern."
+            echo "backport_label=false" >> $GITHUB_OUTPUT
+          fi
+      - name: Run auto-backport.py when label was added
+        if: ${{ github.event_name == 'pull_request_target' && steps.check_label.outputs.backport_label == 'true' && github.event.pull_request.state == 'closed' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.AUTO_BACKPORT_TOKEN }}
+        run: python .github/scripts/auto-backport.py --repo ${{ github.repository }} --base-branch ${{ github.ref }} --pull-request ${{ github.event.pull_request.number }} --head-commit ${{ github.event.pull_request.base.sha }}

.github/workflows/backport-pr-fixes-validation.yaml

@@ -0,0 +1,33 @@
+name: Fixes validation for backport PR
+
+on:
+  pull_request:
+    types: [opened, reopened, edited]
+    branches: [branch-*]
+
+jobs:
+  check-fixes-prefix:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check PR body for "Fixes" prefix patterns
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const body = context.payload.pull_request.body;
+            const repo = context.payload.repository.full_name;
+            
+            // Regular expression pattern to check for "Fixes" prefix
+            // Adjusted to dynamically insert the repository full name
+            const pattern = `Fixes:? (?:#|${repo.replace('/', '\\/')}#|https://github\\.com/${repo.replace('/', '\\/')}/issues/)(\\d+)`;
+            const regex = new RegExp(pattern);
+            
+            if (!regex.test(body)) {
+              const error = "PR body does not contain a valid 'Fixes' reference.";
+              core.setFailed(error);
+              await github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: `:warning: ${error}`
+              });
+            }

.github/workflows/build-scylla.yaml

@@ -0,0 +1,39 @@
+name: Build Scylla
+
+on:
+  workflow_call:
+    inputs:
+      build_mode:
+        description: 'the build mode'
+        type: string
+        required: true
+    outputs:
+      md5sum:
+        description: 'the md5sum for scylla executable'
+        value: ${{ jobs.build.outputs.md5sum }}
+
+jobs:
+  read-toolchain:
+    uses: ./.github/workflows/read-toolchain.yaml
+  build:
+    if: github.repository == 'scylladb/scylladb'
+    needs:
+      - read-toolchain
+    runs-on: ubuntu-latest
+    container: ${{ needs.read-toolchain.outputs.image }}
+    outputs:
+      md5sum: ${{ steps.checksum.outputs.md5sum }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - name: Generate the building system
+        run: |
+          git config --global --add safe.directory $GITHUB_WORKSPACE
+          ./configure.py --mode ${{ inputs.build_mode }} --with scylla
+      - run: |
+          ninja build/${{ inputs.build_mode }}/scylla
+      - id: checksum
+        run: |
+          checksum=$(md5sum build/${{ inputs.build_mode }}/scylla | cut -c -32)
+          echo "md5sum=$checksum" >> $GITHUB_OUTPUT

.github/workflows/clang-nightly.yaml

@@ -0,0 +1,66 @@
+name: clang-nightly
+
+on:
+  schedule:
+    # only at 5AM Saturday
+    - cron: '0 5 * * SAT'
+
+env:
+  # use the development branch explicitly
+  CLANG_VERSION: 20
+  BUILD_DIR: build
+
+permissions: {}
+
+# cancel the in-progress run upon a repush
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  clang-dev:
+    name: Build with clang nightly
+    if: github.repository == 'scylladb/scylladb'
+    runs-on: ubuntu-latest
+    container: fedora:40
+    strategy:
+      matrix:
+        build_type:
+          - Debug
+          - RelWithDebInfo
+          - Dev
+    steps:
+      - run: |
+          sudo dnf -y install git
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Install build dependencies
+        run: |
+          # use the copr repo for llvm snapshot builds, see
+          # https://copr.fedorainfracloud.org/coprs/g/fedora-llvm-team/llvm-snapshots/
+          sudo dnf -y install 'dnf-command(copr)'
+          sudo dnf copr enable -y @fedora-llvm-team/llvm-snapshots
+          # do not install java dependencies, which is not only not used here
+          sed -i.orig \
+            -e '/tools\/.*\/install-dependencies.sh/d' \
+            -e 's/(minio_download_jobs)/(true)/' \
+            ./install-dependencies.sh
+          sudo ./install-dependencies.sh
+          sudo dnf -y install lld
+      - name: Generate the building system
+        run: |
+          cmake                                         \
+            -DCMAKE_BUILD_TYPE=${{ matrix.build_type }} \
+            -DCMAKE_C_COMPILER=clang-$CLANG_VERSION     \
+            -DCMAKE_CXX_COMPILER=clang++-$CLANG_VERSION \
+            -G Ninja                                    \
+            -B $BUILD_DIR                               \
+            -S .
+      # see https://github.com/actions/toolkit/blob/main/docs/problem-matchers.md
+      - run: |
+          echo "::add-matcher::.github/clang-matcher.json"
+      - run: |
+          cmake --build $BUILD_DIR --target scylla
+      - run: |
+          echo "::remove-matcher owner=clang::"

.github/workflows/clang-tidy.yaml

@@ -0,0 +1,64 @@
+name: clang-tidy
+
+on:
+  pull_request:
+    branches:
+      - master
+    paths-ignore:
+      - '**/*.rst'
+      - '**/*.md'
+      - 'docs/**'
+      - '.github/**'
+  workflow_dispatch:
+
+env:
+  BUILD_TYPE: RelWithDebInfo
+  BUILD_DIR: build
+  CLANG_TIDY_CHECKS: '-*,bugprone-use-after-move'
+
+permissions: {}
+
+# cancel the in-progress run upon a repush
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  read-toolchain:
+    uses: ./.github/workflows/read-toolchain.yaml
+  clang-tidy:
+    name: Run clang-tidy
+    needs:
+      - read-toolchain
+    runs-on: ubuntu-latest
+    container: ${{ needs.read-toolchain.outputs.image }}
+    steps:
+      - env:
+          IMAGE: ${{ needs.read-toolchain.image }}
+        run: |
+          echo ${{ needs.read-toolchain.image }}
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - run: |
+          sudo dnf -y install clang-tools-extra
+      - name: Generate the building system
+        run: |
+          cmake                                         \
+            -DCMAKE_BUILD_TYPE=$BUILD_TYPE              \
+            -DCMAKE_C_COMPILER=clang                    \
+            -DScylla_USE_LINKER=ld.lld                  \
+            -DCMAKE_CXX_COMPILER=clang++                \
+            -DCMAKE_EXPORT_COMPILE_COMMANDS=ON          \
+            -DCMAKE_CXX_CLANG_TIDY="clang-tidy;--checks=$CLANG_TIDY_CHECKS" \
+            -G Ninja                                    \
+            -B $BUILD_DIR                               \
+            -S .
+      # see https://github.com/actions/toolkit/blob/main/docs/problem-matchers.md
+      - run: |
+          echo "::add-matcher::.github/clang-matcher.json"
+      - name: Build with clang-tidy enabled
+        run: |
+          cmake --build $BUILD_DIR --target scylla
+      - run: |
+          echo "::remove-matcher owner=clang::"

.github/workflows/codespell.yaml

@@ -0,0 +1,17 @@
+name: codespell
+on:
+  pull_request:
+    branches:
+      - master
+permissions: {}
+jobs:
+  codespell:
+    name: Check for spelling errors
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: codespell-project/actions-codespell@master
+        with:
+          only_warn: 1
+          ignore_words_list: "ans,datas,fo,ser,ue,crate,nd,reenable,strat,stap,te,raison"
+          skip: "./.git,./build,./tools,*.js,*.lock,./test,./licenses,./redis/lolwut.cc,*.svg"

.github/workflows/docs-amplify-enhanced.yaml

@@ -1,17 +0,0 @@
-name: "Docs / Amplify enhanced"
-
-on: issue_comment
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.issue.pull_request }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - name: Amplify enhanced
-        env:
-          TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        uses: scylladb/sphinx-scylladb-theme/.github/actions/amplify-enhanced@master

.github/workflows/docs-pages.yaml

@@ -4,12 +4,14 @@ name: "Docs / Publish"
 
 env:
   FLAG: ${{ github.repository == 'scylladb/scylla-enterprise' && 'enterprise' || 'opensource' }}
+  DEFAULT_BRANCH: ${{ github.repository == 'scylladb/scylla-enterprise' && 'enterprise' || 'master' }}
 
 on:
   push:
     branches:
       - 'master'
       - 'enterprise'
+      - 'branch-**'
     paths:
       - "docs/**"
   workflow_dispatch:
@@ -19,14 +21,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
+          ref: ${{ env.DEFAULT_BRANCH }}
           persist-credentials: false
           fetch-depth: 0
       - name: Set up Python
-        uses: actions/setup-python@v3
+        uses: actions/setup-python@v5
         with:
-          python-version: 3.7
+          python-version: "3.10"
       - name: Set up env
         run: make -C docs FLAG="${{ env.FLAG }}" setupenv
       - name: Build docs

.github/workflows/docs-pr.yaml

@@ -12,20 +12,21 @@ on:
       - enterprise
     paths:
       - "docs/**"
-
+      - "db/config.hh"
+      - "db/config.cc"
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           persist-credentials: false
           fetch-depth: 0
       - name: Set up Python
-        uses: actions/setup-python@v3
+        uses: actions/setup-python@v5
         with:
-          python-version: 3.7
+          python-version: "3.10"
       - name: Set up env
         run: make -C docs FLAG="${{ env.FLAG }}" setupenv
       - name: Build docs

.github/workflows/iwyu.yaml

@@ -0,0 +1,80 @@
+name: iwyu
+
+on:
+  pull_request:
+    branches:
+      - master
+
+env:
+  BUILD_TYPE: RelWithDebInfo
+  BUILD_DIR: build
+  CLEANER_OUTPUT_PATH: build/clang-include-cleaner.log
+  CLEANER_DIRS: test/unit exceptions alternator api auth cdc compaction
+
+permissions: {}
+
+# cancel the in-progress run upon a repush
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  read-toolchain:
+    uses: ./.github/workflows/read-toolchain.yaml
+  clang-include-cleaner:
+    name: "Analyze #includes in source files"
+    needs:
+      - read-toolchain
+    runs-on: ubuntu-latest
+    container: ${{ needs.read-toolchain.outputs.image }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - run: |
+          sudo dnf -y install clang-tools-extra
+      - name: Generate compilation database
+        run: |
+          cmake                                         \
+            -DCMAKE_BUILD_TYPE=$BUILD_TYPE              \
+            -DCMAKE_C_COMPILER=clang                    \
+            -DCMAKE_CXX_COMPILER=clang++                \
+            -DCMAKE_EXPORT_COMPILE_COMMANDS=ON          \
+            -G Ninja                                    \
+            -B $BUILD_DIR                               \
+            -S .
+      - name: Build headers
+        run: |
+          swagger_targets=''
+          for f in api/api-doc/*.json; do
+            if test "${f#*.}" = json; then
+              name=$(basename "$f" .json)
+              if test $name != swagger20_header; then
+                swagger_targets+=" scylla_swagger_gen_$name"
+              fi
+            fi
+          done
+          cmake                                         \
+            --build build                               \
+             --target seastar_http_request_parser       \
+             --target idl-sources                       \
+             --target $swagger_targets
+      - run: |
+          echo "::add-matcher::.github/clang-include-cleaner.json"
+      - name: clang-include-cleaner
+        run: |
+          for d in $CLEANER_DIRS; do
+            find $d -name '*.cc' -o -name '*.hh'          \
+              -exec echo {} \;                            \
+              -exec clang-include-cleaner                 \
+                --ignore-headers=seastarx.hh              \
+                --print=changes                           \
+                -p $BUILD_DIR                             \
+                {} \; | tee --append $CLEANER_OUTPUT_PATH
+          done
+      - run: |
+          echo "::remove-matcher owner=clang-include-cleaner::"
+      - uses: actions/upload-artifact@v4
+        with:
+          name: Logs (clang-include-cleaner)
+          path: "./${{ env.CLEANER_OUTPUT_PATH }}"

.github/workflows/make-pr-ready-for-review.yaml

@@ -0,0 +1,27 @@
+name: Mark PR as Ready When Conflicts Label is Removed
+
+on:
+  pull_request_target:
+    types:
+      - unlabeled
+
+env:
+  DEFAULT_BRANCH: 'master'
+
+jobs:
+  mark-ready:
+    if: github.event.label.name == 'conflicts'
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: ${{ github.repository }}
+          ref: ${{ env.DEFAULT_BRANCH }}
+          token: ${{ secrets.AUTO_BACKPORT_TOKEN }}
+          fetch-depth: 1
+      - name: Mark pull request as ready for review
+        run:  gh pr ready "${{ github.event.pull_request.number }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.AUTO_BACKPORT_TOKEN }}

.github/workflows/pr-require-backport-label.yaml

@@ -0,0 +1,22 @@
+name: PR require backport label
+on:
+  pull_request:
+    types: [opened, labeled, unlabeled, synchronize]
+    branches:
+      - master
+      - next
+jobs:
+  label:
+    if: github.event.pull_request.draft == false
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: mheap/github-action-required-labels@v5
+        with:
+          mode: minimum
+          count: 1
+          labels: "backport/none\nbackport/\\d.\\d"
+          use_regex: true
+          add_comment: false

.github/workflows/read-toolchain.yaml

@@ -0,0 +1,23 @@
+name: Read Toolchain
+
+on:
+  workflow_call:
+    outputs:
+      image:
+        description: "the toolchain docker image"
+        value: ${{ jobs.read-toolchain.outputs.image }}
+
+jobs:
+  read-toolchain:
+    runs-on: ubuntu-latest
+    outputs:
+      image: ${{ steps.read.outputs.image }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          sparse-checkout: tools/toolchain/image
+          sparse-checkout-cone-mode: false
+      - id: read
+        run: |
+          image=$(cat tools/toolchain/image)
+          echo "image=$image" >> $GITHUB_OUTPUT

.github/workflows/reproducible-build.yaml

@@ -0,0 +1,35 @@
+name: Check Reproducible Build
+
+on:
+  schedule:
+    # 5AM every friday
+    - cron: '0 5 * * FRI'
+
+permissions: {}
+
+env:
+  BUILD_MODE: release
+jobs:
+  build-a:
+    uses: ./.github/workflows/build-scylla.yaml
+    with:
+      build_mode: release
+  build-b:
+    uses: ./.github/workflows/build-scylla.yaml
+    with:
+      build_mode: release
+  compare-checksum:
+    if: github.repository == 'scylladb/scylladb'
+    runs-on: ubuntu-latest
+    needs:
+      - build-a
+      - build-b
+    steps:
+      - env:
+          CHECKSUM_A: ${{needs.build-a.outputs.md5sum}}
+          CHECKSUM_B: ${{needs.build-b.outputs.md5sum}}
+        run: |
+          if [ $CHECKSUM_A != $CHECKSUM_B ]; then                             \
+            echo "::error::mismatched checksums: $CHECKSUM_A != $CHECKSUM_B"; \
+            exit 1;                                                           \
+          fi

.github/workflows/seastar.yaml

@@ -0,0 +1,50 @@
+name: Build with the latest Seastar
+
+on:
+  schedule:
+    # 5AM everyday
+    - cron: '0 5 * * *'
+
+permissions: {}
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  BUILD_DIR: build
+
+jobs:
+  build-with-the-latest-seastar:
+    runs-on: ubuntu-latest
+    # be consistent with tools/toolchain/image
+    container: scylladb/scylla-toolchain:fedora-40-20240621
+    strategy:
+      matrix:
+        build_type:
+          - Debug
+          - RelWithDebInfo
+          - Dev
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - run: |
+          rm -rf seastar
+      - uses: actions/checkout@v4
+        with:
+          repository: scylladb/seastar
+          submodules: true
+          path: seastar
+      - name: Generate the building system
+        run: |
+          git config --global --add safe.directory $GITHUB_WORKSPACE
+          cmake                                         \
+            -DCMAKE_BUILD_TYPE=${{ matrix.build_type }} \
+            -DCMAKE_C_COMPILER=clang                    \
+            -DCMAKE_CXX_COMPILER=clang++                \
+            -G Ninja                                    \
+            -B $BUILD_DIR                               \
+            -S .
+      - run: |
+          cmake --build $BUILD_DIR --target scylla

.github/workflows/sync-labels.yaml

@@ -0,0 +1,49 @@
+name: Sync labels
+
+on:
+  pull_request_target:
+    types: [opened, labeled, unlabeled]
+    branches: [master, next]
+  issues:
+    types: [labeled, unlabeled]
+
+jobs:
+  label-sync:
+    if: ${{ github.repository == 'scylladb/scylladb' }}
+    name:  Synchronize labels between PR and the issue(s) fixed by it
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      issues: write
+    steps:
+      - name: Dump GitHub context
+        env:
+          GITHUB_CONTEXT: ${{ toJson(github) }}
+        run: echo "$GITHUB_CONTEXT"
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: |
+            .github/scripts/sync_labels.py
+          sparse-checkout-cone-mode: false
+
+      - name: Install dependencies
+        run: sudo apt-get install -y python3-github
+
+      - name: Pull request opened event
+        if: ${{ github.event.action == 'opened' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: python .github/scripts/sync_labels.py --repo ${{ github.repository }} --number ${{ github.event.number }} --action ${{ github.event.action }}
+
+      - name: Pull request labeled or unlabeled event
+        if: github.event_name == 'pull_request_target' && startsWith(github.event.label.name, 'backport/')
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: python .github/scripts/sync_labels.py --repo ${{ github.repository }} --number ${{ github.event.number }} --action ${{ github.event.action }} --label ${{ github.event.label.name }}
+
+      - name: Issue labeled or unlabeled event
+        if: github.event_name == 'issues' && startsWith(github.event.label.name, 'backport/')
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: python .github/scripts/sync_labels.py --repo ${{ github.repository }} --number ${{ github.event.issue.number }} --action ${{ github.event.action }} --is_issue --label ${{ github.event.label.name }}

.gitignore

@@ -3,6 +3,8 @@
 .settings
 build
 build.ninja
+cmake-build-*
+build.ninja.new
 cscope.*
 /debian/
 dist/ami/files/*.rpm
@@ -12,13 +14,14 @@ dist/ami/scylla_deploy.sh
 Cql.tokens
 .kdev4
 *.kdev4
+.idea
 CMakeLists.txt.user
 .cache
 .tox
 *.egg-info
 __pycache__CMakeLists.txt.user
 .gdbinit
-resources
+/resources
 .pytest_cache
 /expressions.tokens
 tags
@@ -30,3 +33,4 @@ compile_commands.json
 .ccls-cache/
 .mypy_cache
 .envrc
+clang_build

.gitmodules

@@ -6,9 +6,9 @@
 	path = swagger-ui
 	url = ../scylla-swagger-ui
 	ignore = dirty
-[submodule "scylla-jmx"]
-	path = tools/jmx
-	url = ../scylla-jmx
+[submodule "abseil"]
+	path = abseil
+	url = ../abseil-cpp
 [submodule "scylla-tools"]
 	path = tools/java
 	url = ../scylla-tools-java

CMakeLists.txt

@@ -2,56 +2,106 @@ cmake_minimum_required(VERSION 3.27)
 
 project(scylla)
 
-include(CTest)
-
 list(APPEND CMAKE_MODULE_PATH
   ${CMAKE_CURRENT_SOURCE_DIR}/cmake
   ${CMAKE_CURRENT_SOURCE_DIR}/seastar/cmake)
 
 # Set the possible values of build type for cmake-gui
 set(scylla_build_types
-    "Debug" "Release" "Dev" "Sanitize" "Coverage")
-set_property(CACHE CMAKE_BUILD_TYPE PROPERTY STRINGS
-  ${scylla_build_types})
-if(NOT CMAKE_BUILD_TYPE)
-    set(CMAKE_BUILD_TYPE "Release" CACHE
-        STRING "Choose the type of build." FORCE)
-    message(WARNING "CMAKE_BUILD_TYPE not specified, Using 'Release'")
-elseif(NOT CMAKE_BUILD_TYPE IN_LIST scylla_build_types)
-    message(FATAL_ERROR "Unknown CMAKE_BUILD_TYPE: ${CMAKE_BUILD_TYPE}. "
-        "Following types are supported: ${scylla_build_types}")
-endif()
-string(TOUPPER "${CMAKE_BUILD_TYPE}" build_mode)
-include(mode.${build_mode})
+    "Debug" "RelWithDebInfo" "Dev" "Sanitize" "Coverage")
+if(DEFINED CMAKE_BUILD_TYPE)
+    set_property(CACHE CMAKE_BUILD_TYPE PROPERTY STRINGS
+     ${scylla_build_types})
+    if(NOT CMAKE_BUILD_TYPE)
+        set(CMAKE_BUILD_TYPE "RelWithDebInfo" CACHE
+            STRING "Choose the type of build." FORCE)
+        message(WARNING "CMAKE_BUILD_TYPE not specified, Using 'RelWithDebInfo'")
+    elseif(NOT CMAKE_BUILD_TYPE IN_LIST scylla_build_types)
+        message(FATAL_ERROR "Unknown CMAKE_BUILD_TYPE: ${CMAKE_BUILD_TYPE}. "
+            "Following types are supported: ${scylla_build_types}")
+    endif()
+endif(DEFINED CMAKE_BUILD_TYPE)
+
 include(mode.common)
-add_compile_definitions(
-    ${Seastar_DEFINITIONS_${build_mode}}
-    FMT_DEPRECATED_OSTREAM)
+if(CMAKE_CONFIGURATION_TYPES)
+    foreach(config ${CMAKE_CONFIGURATION_TYPES})
+        include(mode.${config})
+        list(APPEND scylla_build_modes ${scylla_build_mode_${config}})
+    endforeach()
+    add_custom_target(mode_list
+        COMMAND ${CMAKE_COMMAND} -E echo "$<JOIN:${scylla_build_modes}, >"
+        COMMENT "List configured modes"
+        BYPRODUCTS mode-list.phony.stamp
+        COMMAND_EXPAND_LISTS)
+else()
+    include(mode.${CMAKE_BUILD_TYPE})
+    add_custom_target(mode_list
+        ${CMAKE_COMMAND} -E echo "${scylla_build_mode}"
+        COMMENT "List configured modes")
+endif()
+
 include(limit_jobs)
 # Configure Seastar compile options to align with Scylla
-set(CMAKE_CXX_STANDARD "20" CACHE INTERNAL "")
+set(CMAKE_CXX_STANDARD "23" CACHE INTERNAL "")
 set(CMAKE_CXX_EXTENSIONS ON CACHE INTERNAL "")
+set(CMAKE_CXX_SCAN_FOR_MODULES OFF CACHE INTERNAL "")
 set(CMAKE_CXX_VISIBILITY_PRESET hidden)
 
 set(Seastar_TESTING ON CACHE BOOL "" FORCE)
 set(Seastar_API_LEVEL 7 CACHE STRING "" FORCE)
+set(Seastar_DEPRECATED_OSTREAM_FORMATTERS OFF CACHE BOOL "" FORCE)
 set(Seastar_APPS ON CACHE BOOL "" FORCE)
 set(Seastar_EXCLUDE_APPS_FROM_ALL ON CACHE BOOL "" FORCE)
+set(Seastar_EXCLUDE_TESTS_FROM_ALL ON CACHE BOOL "" FORCE)
+set(Seastar_IO_URING OFF CACHE BOOL "" FORCE)
+set(Seastar_SCHEDULING_GROUPS_COUNT 16 CACHE STRING "" FORCE)
+set(Seastar_UNUSED_RESULT_ERROR ON CACHE BOOL "" FORCE)
 add_subdirectory(seastar)
+set(ABSL_PROPAGATE_CXX_STD ON CACHE BOOL "" FORCE)
+
+find_package(Sanitizers QUIET)
+set(sanitizer_cxx_flags
+    $<$<CONFIG:Debug,Sanitize>:$<TARGET_PROPERTY:Sanitizers::address,INTERFACE_COMPILE_OPTIONS>;$<TARGET_PROPERTY:Sanitizers::undefined_behavior,INTERFACE_COMPILE_OPTIONS>>)
+if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
+    set(ABSL_GCC_FLAGS ${sanitizer_cxx_flags})
+elseif(CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
+    set(ABSL_LLVM_FLAGS ${sanitizer_cxx_flags})
+endif()
+set(ABSL_DEFAULT_LINKOPTS
+    $<$<CONFIG:Debug,Sanitize>:$<TARGET_PROPERTY:Sanitizers::address,INTERFACE_LINK_LIBRARIES>;$<TARGET_PROPERTY:Sanitizers::undefined_behavior,INTERFACE_LINK_LIBRARIES>>)
+add_subdirectory(abseil)
+add_library(absl-headers INTERFACE)
+target_include_directories(absl-headers SYSTEM INTERFACE
+    "${PROJECT_SOURCE_DIR}/abseil")
+add_library(absl::headers ALIAS absl-headers)
+
+# Exclude absl::strerror from the default "all" target since it's not
+# used in Scylla build and, moreover, makes use of deprecated glibc APIs,
+# such as sys_nerr, which are not exposed from "stdio.h" since glibc 2.32,
+# which happens to be the case for recent Fedora distribution versions.
+#
+# Need to use the internal "absl_strerror" target name instead of namespaced
+# variant because `set_target_properties` does not understand the latter form,
+# unfortunately.
+set_target_properties(absl_strerror PROPERTIES EXCLUDE_FROM_ALL TRUE)
 
 # System libraries dependencies
 find_package(Boost REQUIRED
     COMPONENTS filesystem program_options system thread regex unit_test_framework)
+target_link_libraries(Boost::regex
+  INTERFACE
+    ICU::i18n
+    ICU::uc)
 find_package(Lua REQUIRED)
 find_package(ZLIB REQUIRED)
 find_package(ICU COMPONENTS uc i18n REQUIRED)
-find_package(absl COMPONENTS hash raw_hash_set REQUIRED)
+find_package(fmt 10.0.0 REQUIRED)
 find_package(libdeflate REQUIRED)
 find_package(libxcrypt REQUIRED)
 find_package(Snappy REQUIRED)
 find_package(RapidJSON REQUIRED)
-find_package(Thrift REQUIRED)
 find_package(xxHash REQUIRED)
+find_package(zstd REQUIRED)
 
 set(scylla_gen_build_dir "${CMAKE_BINARY_DIR}/gen")
 file(MAKE_DIRECTORY "${scylla_gen_build_dir}")
@@ -59,6 +109,14 @@ file(MAKE_DIRECTORY "${scylla_gen_build_dir}")
 include(add_version_library)
 generate_scylla_version()
 
+add_library(scylla-zstd STATIC
+    zstd.cc)
+target_link_libraries(scylla-zstd
+  PRIVATE
+    db
+    Seastar::seastar
+    zstd::libzstd)
+
 add_library(scylla-main STATIC)
 target_sources(scylla-main
   PRIVATE
@@ -78,9 +136,9 @@ target_sources(scylla-main
     debug.cc
     init.cc
     keys.cc
-    message/messaging_service.cc
     multishard_mutation_query.cc
     mutation_query.cc
+    node_ops/task_manager_module.cc
     partition_slice_builder.cc
     querier.cc
     query.cc
@@ -94,21 +152,52 @@ target_sources(scylla-main
     serializer.cc
     sstables_loader.cc
     table_helper.cc
+    tasks/task_handler.cc
     tasks/task_manager.cc
     timeout_config.cc
     unimplemented.cc
     validation.cc
-    vint-serialization.cc
-    zstd.cc)
+    vint-serialization.cc)
 target_link_libraries(scylla-main
   PRIVATE
+    "$<LINK_LIBRARY:WHOLE_ARCHIVE,scylla-zstd>"
     db
+    absl::headers
+    absl::btree
     absl::hash
     absl::raw_hash_set
     Seastar::seastar
     Snappy::snappy
     systemd
     ZLIB::ZLIB)
+
+option(Scylla_CHECK_HEADERS
+  "Add check-headers target for checking the self-containness of headers")
+if(Scylla_CHECK_HEADERS)
+    add_custom_target(check-headers)
+    # compatibility target used by CI, which builds "check-headers" only for
+    # the "Dev" mode.
+    # our CI currently builds "dev-headers" using ninja without specify a build
+    # mode. where "dev" is actually a prefix encoded in the target name for the
+    # underlying "headers" target. while we don't have this convention in CMake
+    # targets. in contrast, the "check-headers" which is built for all
+    # configurations defined by "CMAKE_DEFAULT_CONFIGS". however, we only need
+    # to build "check-headers" for the "Dev" configuration. Therefore, before
+    # updating the CI to use build "check-headers:Dev", let's add a new target
+    # that specifically builds "check-headers" only for Dev configuration. The
+    # new target will do nothing for other configurations.
+    add_custom_target(dev-headers
+        COMMAND ${CMAKE_COMMAND}
+          "$<IF:$<CONFIG:Dev>,--build;${CMAKE_BINARY_DIR};--config;$<CONFIG>;--target;check-headers,-E;echo;skipping;dev-headers;in;$<CONFIG>>"
+        COMMAND_EXPAND_LISTS)
+endif()
+
+include(check_headers)
+check_headers(check-headers scylla-main
+  GLOB ${CMAKE_CURRENT_SOURCE_DIR}/*.hh)
+
+add_custom_target(compiler-training)
+
 add_subdirectory(api)
 add_subdirectory(alternator)
 add_subdirectory(db)
@@ -121,9 +210,9 @@ add_subdirectory(dht)
 add_subdirectory(gms)
 add_subdirectory(idl)
 add_subdirectory(index)
-add_subdirectory(interface)
 add_subdirectory(lang)
 add_subdirectory(locator)
+add_subdirectory(message)
 add_subdirectory(mutation)
 add_subdirectory(mutation_writer)
 add_subdirectory(node_ops)
@@ -138,7 +227,6 @@ add_subdirectory(service)
 add_subdirectory(sstables)
 add_subdirectory(streaming)
 add_subdirectory(test)
-add_subdirectory(thrift)
 add_subdirectory(tools)
 add_subdirectory(tracing)
 add_subdirectory(transport)
@@ -165,6 +253,7 @@ target_link_libraries(scylla PRIVATE
     index
     lang
     locator
+    message
     mutation
     mutation_writer
     raft
@@ -178,52 +267,24 @@ target_link_libraries(scylla PRIVATE
     sstables
     streaming
     test-perf
-    thrift
     tools
     tracing
     transport
     types
     utils)
-target_link_libraries(Boost::regex
-  INTERFACE
-    ICU::i18n
-    ICU::uc)
 
 target_link_libraries(scylla PRIVATE
     seastar
+    absl::headers
     Boost::program_options)
 
-# Force SHA1 build-id generation
-set(default_linker_flags "-Wl,--build-id=sha1")
-include(CheckLinkerFlag)
-set(Scylla_USE_LINKER
-    ""
-    CACHE
-    STRING
-    "Use specified linker instead of the default one")
-if(Scylla_USE_LINKER)
-    set(linkers "${Scylla_USE_LINKER}")
-else()
-    set(linkers "lld" "gold")
-endif()
-
-foreach(linker ${linkers})
-    set(linker_flag "-fuse-ld=${linker}")
-    check_linker_flag(CXX ${linker_flag} "CXX_LINKER_HAVE_${linker}")
-    if(CXX_LINKER_HAVE_${linker})
-        string(APPEND default_linker_flags " ${linker_flag}")
-        break()
-    elseif(Scylla_USE_LINKER)
-        message(FATAL_ERROR "${Scylla_USE_LINKER} is not supported.")
-    endif()
-endforeach()
-
-set(CMAKE_EXE_LINKER_FLAGS "${default_linker_flags}" CACHE INTERNAL "")
-
-# TODO: patch dynamic linker to match configure.py behavior
-
 target_include_directories(scylla PRIVATE
     "${CMAKE_CURRENT_SOURCE_DIR}"
     "${scylla_gen_build_dir}")
 
+add_custom_target(maybe-scylla
+  DEPENDS $<$<CONFIG:Dev>:$<TARGET_FILE:scylla>>)
+add_dependencies(compiler-training
+  maybe-scylla)
+
 add_subdirectory(dist)

HACKING.md

@@ -19,18 +19,18 @@ $ git submodule update --init --recursive
 ### Dependencies
 
 Scylla is fairly fussy about its build environment, requiring a very recent
-version of the C++20 compiler and numerous tools and libraries to build.
+version of the C++23 compiler and numerous tools and libraries to build.
 
 Run `./install-dependencies.sh` (as root) to use your Linux distributions's
 package manager to install the appropriate packages on your build machine.
 However, this will only work on very recent distributions. For example,
 currently Fedora users must upgrade to Fedora 32 otherwise the C++ compiler
-will be too old, and not support the new C++20 standard that Scylla uses.
+will be too old, and not support the new C++23 standard that Scylla uses.
 
 Alternatively, to avoid having to upgrade your build machine or install
 various packages on it, we provide another option - the **frozen toolchain**.
 This is a script, `./tools/toolchain/dbuild`, that can execute build or run
-commands inside a Docker image that contains exactly the right build tools and
+commands inside a container that contains exactly the right build tools and
 libraries. The `dbuild` technique is useful for beginners, but is also the way
 in which ScyllaDB produces official releases, so it is highly recommended.
 
@@ -43,6 +43,12 @@ $ ./tools/toolchain/dbuild ninja build/release/scylla
 $ ./tools/toolchain/dbuild ./build/release/scylla --developer-mode 1
 ```
 
+Note: do not mix environemtns - either perform all your work with dbuild, or natively on the host.
+Note2: you can get to an interactive shell within dbuild by running it without any parameters:
+```bash
+$ ./tools/toolchain/dbuild
+```
+
 ### Build system
 
 **Note**: Compiling Scylla requires, conservatively, 2 GB of memory per native
@@ -116,6 +122,13 @@ Run all tests through the test execution wrapper with
 $ ./test.py --mode={debug,release}
 ```
 
+or, if you are using `dbuild`, you need to build the code and the tests and then you can run them at will:
+
+```bash
+$ ./tools/toolchain/dbuild ninja {debug,release,dev}-build
+$ ./tools/toolchain/dbuild ./test.py --mode {debug,release,dev}
+```
+
 The `--name` argument can be specified to run a particular test.
 
 Alternatively, you can execute the test executable directly. For example,
@@ -199,7 +212,7 @@ The `scylla.yaml` file in the repository by default writes all database data to
 
 Scylla has a number of requirements for the file-system and operating system to operate ideally and at peak performance. However, during development, these requirements can be relaxed with the `--developer-mode` flag.
 
-Additionally, when running on under-powered platforms like portable laptops, the `--overprovisined` flag is useful.
+Additionally, when running on under-powered platforms like portable laptops, the `--overprovisioned` flag is useful.
 
 On a development machine, one might run Scylla as
 

README.md

@@ -15,7 +15,7 @@ For more information, please see the [ScyllaDB web site].
 ## Build Prerequisites
 
 Scylla is fairly fussy about its build environment, requiring very recent
-versions of the C++20 compiler and of many libraries to build. The document
+versions of the C++23 compiler and of many libraries to build. The document
 [HACKING.md](HACKING.md) includes detailed information on building and
 developing Scylla, but to get Scylla building quickly on (almost) any build
 machine, Scylla offers a [frozen toolchain](tools/toolchain/README.md),
@@ -65,11 +65,13 @@ $ ./tools/toolchain/dbuild ./build/release/scylla --help
 
 ## Testing
 
+[![Build with the latest Seastar](https://github.com/scylladb/scylladb/actions/workflows/seastar.yaml/badge.svg)](https://github.com/scylladb/scylladb/actions/workflows/seastar.yaml) [![Check Reproducible Build](https://github.com/scylladb/scylladb/actions/workflows/reproducible-build.yaml/badge.svg)](https://github.com/scylladb/scylladb/actions/workflows/reproducible-build.yaml) [![clang-nightly](https://github.com/scylladb/scylladb/actions/workflows/clang-nightly.yaml/badge.svg)](https://github.com/scylladb/scylladb/actions/workflows/clang-nightly.yaml)
+
 See [test.py manual](docs/dev/testing.md).
 
 ## Scylla APIs and compatibility
-By default, Scylla is compatible with Apache Cassandra and its APIs - CQL and
-Thrift. There is also support for the API of Amazon DynamoDB™,
+By default, Scylla is compatible with Apache Cassandra and its API - CQL.
+There is also support for the API of Amazon DynamoDB™,
 which needs to be enabled and configured in order to be used. For more
 information on how to enable the DynamoDB™ API in Scylla,
 and the current compatibility of this feature as well as Scylla-specific extensions, see
@@ -82,11 +84,11 @@ Documentation can be found [here](docs/dev/README.md).
 Seastar documentation can be found [here](http://docs.seastar.io/master/index.html).
 User documentation can be found [here](https://docs.scylladb.com/).
 
-## Training 
+## Training
 
-Training material and online courses can be found at [Scylla University](https://university.scylladb.com/). 
-The courses are free, self-paced and include hands-on examples. They cover a variety of topics including Scylla data modeling, 
-administration, architecture, basic NoSQL concepts, using drivers for application development, Scylla setup, failover, compactions, 
+Training material and online courses can be found at [Scylla University](https://university.scylladb.com/).
+The courses are free, self-paced and include hands-on examples. They cover a variety of topics including Scylla data modeling,
+administration, architecture, basic NoSQL concepts, using drivers for application development, Scylla setup, failover, compactions,
 multi-datacenters and how Scylla integrates with third-party applications.
 
 ## Contributing to Scylla

SCYLLA-VERSION-GEN

@@ -28,7 +28,7 @@ The files created are:
 
 By default, these files are created in the 'build'
 subdirectory under the directory containing the script.
-The destination directory can be overriden by
+The destination directory can be overridden by
 using '-o PATH' option.
 END
 )
@@ -78,7 +78,7 @@ fi
 
 # Default scylla product/version tags
 PRODUCT=scylla
-VERSION=5.4.10
+VERSION=6.2.4
 
 if test -f version
 then
@@ -87,12 +87,14 @@ then
 else
 	SCYLLA_VERSION=$VERSION
 	if [ -z "$SCYLLA_RELEASE" ]; then
-		DATE=$(date --utc +%Y%m%d)
 		GIT_COMMIT=$(git -C "$SCRIPT_DIR" log --pretty=format:'%h' -n 1 --abbrev=12)
-		# For custom package builds, replace "0" with "counter.your_name",
+		# For custom package builds, replace "0" with "counter.yourname",
 		# where counter starts at 1 and increments for successive versions.
 		# This ensures that the package manager will select your custom
 		# package over the standard release.
+		# Do not use any special characters like - or _ in the name above!
+		# These characters either have special meaning or are illegal in
+		# version strings.
 		SCYLLA_BUILD=0
 		SCYLLA_RELEASE=$SCYLLA_BUILD.$DATE.$GIT_COMMIT
 	elif [ -f "$OUTPUT_DIR/SCYLLA-RELEASE-FILE" ]; then
@@ -102,7 +104,7 @@ else
 fi
 
 if [ -f "$OUTPUT_DIR/SCYLLA-RELEASE-FILE" ]; then
-	GIT_COMMIT_FILE=$(cat "$OUTPUT_DIR/SCYLLA-RELEASE-FILE" |cut -d . -f 3)
+	GIT_COMMIT_FILE=$(cat "$OUTPUT_DIR/SCYLLA-RELEASE-FILE" | rev | cut -d . -f 1 | rev)
 	if [ "$GIT_COMMIT" = "$GIT_COMMIT_FILE" ]; then
 		exit 0
 	fi

alternator/CMakeLists.txt

@@ -27,4 +27,8 @@ target_link_libraries(alternator
   cql3
   idl
   Seastar::seastar
-  xxHash::xxhash)
+  xxHash::xxhash
+  absl::headers)
+
+check_headers(check-headers alternator
+  GLOB_RECURSE ${CMAKE_CURRENT_SOURCE_DIR}/*.hh)

alternator/auth.cc

@@ -7,37 +7,37 @@
  */
 
 #include "alternator/error.hh"
+#include "auth/common.hh"
 #include "log.hh"
 #include <string>
 #include <string_view>
 #include "bytes.hh"
 #include "alternator/auth.hh"
 #include <fmt/format.h>
-#include "auth/common.hh"
 #include "auth/password_authenticator.hh"
-#include "auth/roles-metadata.hh"
 #include "service/storage_proxy.hh"
 #include "alternator/executor.hh"
 #include "cql3/selection/selection.hh"
-#include "query-result-set.hh"
 #include "cql3/result_set.hh"
+#include "types/types.hh"
 #include <seastar/core/coroutine.hh>
 
 namespace alternator {
 
 static logging::logger alogger("alternator-auth");
 
-future<std::string> get_key_from_roles(service::storage_proxy& proxy, std::string username) {
-    schema_ptr schema = proxy.data_dictionary().find_schema("system_auth", "roles");
+future<std::string> get_key_from_roles(service::storage_proxy& proxy, auth::service& as, std::string username) {
+    schema_ptr schema = proxy.data_dictionary().find_schema(auth::get_auth_ks_name(as.query_processor()), "roles");
     partition_key pk = partition_key::from_single_value(*schema, utf8_type->decompose(username));
     dht::partition_range_vector partition_ranges{dht::partition_range(dht::decorate_key(*schema, pk))};
     std::vector<query::clustering_range> bounds{query::clustering_range::make_open_ended_both_sides()};
     const column_definition* salted_hash_col = schema->get_column_definition(bytes("salted_hash"));
-    if (!salted_hash_col) {
-        co_await coroutine::return_exception(api_error::unrecognized_client(format("Credentials cannot be fetched for: {}", username)));
+    const column_definition* can_login_col = schema->get_column_definition(bytes("can_login"));
+    if (!salted_hash_col || !can_login_col) {
+        co_await coroutine::return_exception(api_error::unrecognized_client(fmt::format("Credentials cannot be fetched for: {}", username)));
     }
-    auto selection = cql3::selection::selection::for_columns(schema, {salted_hash_col});
-    auto partition_slice = query::partition_slice(std::move(bounds), {}, query::column_id_vector{salted_hash_col->id}, selection->get_query_options());
+    auto selection = cql3::selection::selection::for_columns(schema, {salted_hash_col, can_login_col});
+    auto partition_slice = query::partition_slice(std::move(bounds), {}, query::column_id_vector{salted_hash_col->id, can_login_col->id}, selection->get_query_options());
     auto command = ::make_lw_shared<query::read_command>(schema->id(), schema->version(), partition_slice,
             proxy.get_max_result_size(partition_slice), query::tombstone_limit(proxy.get_tombstone_limit()));
     auto cl = auth::password_authenticator::consistency_for_user(username);
@@ -51,11 +51,18 @@ future<std::string> get_key_from_roles(service::storage_proxy& proxy, std::strin
 
     auto result_set = builder.build();
     if (result_set->empty()) {
-        co_await coroutine::return_exception(api_error::unrecognized_client(format("User not found: {}", username)));
+        co_await coroutine::return_exception(api_error::unrecognized_client(fmt::format("User not found: {}", username)));
     }
-    const managed_bytes_opt& salted_hash = result_set->rows().front().front(); // We only asked for 1 row and 1 column
+    const auto& result = result_set->rows().front();
+    bool can_login = result[1] && value_cast<bool>(boolean_type->deserialize(*result[1]));
+    if (!can_login) {
+        // This is a valid role name, but has "login=False" so should not be
+        // usable for authentication (see #19735).
+        co_await coroutine::return_exception(api_error::unrecognized_client(fmt::format("Role {} has login=false so cannot be used for login", username)));
+    }
+    const managed_bytes_opt& salted_hash = result.front();
     if (!salted_hash) {
-        co_await coroutine::return_exception(api_error::unrecognized_client(format("No password found for user: {}", username)));
+        co_await coroutine::return_exception(api_error::unrecognized_client(fmt::format("No password found for user: {}", username)));
     }
     co_return value_cast<sstring>(utf8_type->deserialize(*salted_hash));
 }

alternator/auth.hh

@@ -9,10 +9,8 @@
 #pragma once
 
 #include <string>
-#include <string_view>
-#include <array>
-#include "gc_clock.hh"
 #include "utils/loading_cache.hh"
+#include "auth/service.hh"
 
 namespace service {
 class storage_proxy;
@@ -22,6 +20,6 @@ namespace alternator {
 
 using key_cache = utils::loading_cache<std::string, std::string, 1>;
 
-future<std::string> get_key_from_roles(service::storage_proxy& proxy, std::string username);
+future<std::string> get_key_from_roles(service::storage_proxy& proxy, auth::service& as, std::string username);
 
 }

alternator/conditions.cc

@@ -6,12 +6,9 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
-#include <list>
-#include <map>
 #include <string_view>
 #include "alternator/conditions.hh"
 #include "alternator/error.hh"
-#include "cql3/constants.hh"
 #include <unordered_map>
 #include "utils/rjson.hh"
 #include "serialization.hh"
@@ -45,12 +42,12 @@ comparison_operator_type get_comparison_operator(const rjson::value& comparison_
             {"NOT_CONTAINS", comparison_operator_type::NOT_CONTAINS},
     };
     if (!comparison_operator.IsString()) {
-        throw api_error::validation(format("Invalid comparison operator definition {}", rjson::print(comparison_operator)));
+        throw api_error::validation(fmt::format("Invalid comparison operator definition {}", rjson::print(comparison_operator)));
     }
     std::string op = comparison_operator.GetString();
     auto it = ops.find(op);
     if (it == ops.end()) {
-        throw api_error::validation(format("Unsupported comparison operator {}", op));
+        throw api_error::validation(fmt::format("Unsupported comparison operator {}", op));
     }
     return it->second;
 }
@@ -342,7 +339,7 @@ static bool check_NOT_NULL(const rjson::value* val) {
 }
 
 // Only types S, N or B (string, number or bytes) may be compared by the
-// various comparion operators - lt, le, gt, ge, and between.
+// various comparison operators - lt, le, gt, ge, and between.
 // Note that in particular, if the value is missing (v->IsNull()), this
 // check returns false.
 static bool check_comparable_type(const rjson::value& v) {
@@ -432,7 +429,7 @@ static bool check_BETWEEN(const T& v, const T& lb, const T& ub, bool bounds_from
     if (cmp_lt()(ub, lb)) {
         if (bounds_from_query) {
             throw api_error::validation(
-                format("BETWEEN operator requires lower_bound <= upper_bound, but {} > {}", lb, ub));
+                fmt::format("BETWEEN operator requires lower_bound <= upper_bound, but {} > {}", lb, ub));
         } else {
             return false;
         }
@@ -616,7 +613,7 @@ conditional_operator_type get_conditional_operator(const rjson::value& req) {
         return conditional_operator_type::OR;
     } else {
         throw api_error::validation(
-                format("'ConditionalOperator' parameter must be AND, OR or missing. Found {}.", s));
+                fmt::format("'ConditionalOperator' parameter must be AND, OR or missing. Found {}.", s));
     }
 }
 

alternator/conditions.hh

@@ -18,8 +18,6 @@
 
 #pragma once
 
-#include "cql3/restrictions/statement_restrictions.hh"
-#include "serialization.hh"
 #include "expressions_types.hh"
 
 namespace alternator {

alternator/controller.cc

@@ -32,8 +32,10 @@ controller::controller(
         sharded<service::memory_limiter>& memory_limiter,
         sharded<auth::service>& auth_service,
         sharded<qos::service_level_controller>& sl_controller,
-        const db::config& config)
-    : _gossiper(gossiper)
+        const db::config& config,
+        seastar::scheduling_group sg)
+    : protocol_server(sg)
+    , _gossiper(gossiper)
     , _proxy(proxy)
     , _mm(mm)
     , _sys_dist_ks(sys_dist_ks)
@@ -62,7 +64,9 @@ std::vector<socket_address> controller::listen_addresses() const {
 }
 
 future<> controller::start_server() {
-    return seastar::async([this] {
+    seastar::thread_attributes attr;
+    attr.sched_group = _sched_group;
+    return seastar::async(std::move(attr), [this] {
         _listen_addresses.clear();
 
         auto preferred = _config.listen_interface_prefer_ipv6() ? std::make_optional(net::inet_address::family::INET6) : std::nullopt;
@@ -73,11 +77,11 @@ future<> controller::start_server() {
         // shards - if necessary for LWT.
         smp_service_group_config c;
         c.max_nonlocal_requests = 5000;
-        _ssg = create_smp_service_group(c).get0();
+        _ssg = create_smp_service_group(c).get();
 
         rmw_operation::set_default_write_isolation(_config.alternator_write_isolation());
 
-        net::inet_address addr = utils::resolve(_config.alternator_address, family).get0();
+        net::inet_address addr = utils::resolve(_config.alternator_address, family).get();
 
         auto get_cdc_metadata = [] (cdc::generation_service& svc) { return std::ref(svc.get_cdc_metadata()); };
         auto get_timeout_in_ms = [] (const db::config& cfg) -> utils::updateable_value<uint32_t> {
@@ -156,7 +160,9 @@ future<> controller::stop_server() {
 }
 
 future<> controller::request_stop_server() {
-    return stop_server();
+    return with_scheduling_group(_sched_group, [this] {
+        return stop_server();
+    });
 }
 
 }

alternator/controller.hh

@@ -80,7 +80,8 @@ public:
         sharded<service::memory_limiter>& memory_limiter,
         sharded<auth::service>& auth_service,
         sharded<qos::service_level_controller>& sl_controller,
-        const db::config& config);
+        const db::config& config,
+        seastar::scheduling_group sg);
 
     virtual sstring name() const override;
     virtual sstring protocol() const override;

alternator/error.hh

@@ -10,6 +10,7 @@
 
 #include <seastar/http/httpd.hh>
 #include "seastarx.hh"
+#include "utils/rjson.hh"
 
 namespace alternator {
 
@@ -27,10 +28,16 @@ public:
     status_type _http_code;
     std::string _type;
     std::string _msg;
-    api_error(std::string type, std::string msg, status_type http_code = status_type::bad_request)
+    // Additional data attached to the error, null value if not set. It's wrapped in copyable_value
+    // class because copy constructor is required for exception classes otherwise it won't compile
+    // (despite that its use may be optimized away).
+    rjson::copyable_value _extra_fields; 
+    api_error(std::string type, std::string msg, status_type http_code = status_type::bad_request,
+    rjson::value extra_fields = rjson::null_value())
         : _http_code(std::move(http_code))
         , _type(std::move(type))
         , _msg(std::move(msg))
+        , _extra_fields(std::move(extra_fields))
     { }
 
     // Factory functions for some common types of DynamoDB API errors
@@ -58,8 +65,13 @@ public:
     static api_error access_denied(std::string msg) {
         return api_error("AccessDeniedException", std::move(msg));
     }
-    static api_error conditional_check_failed(std::string msg) {
-        return api_error("ConditionalCheckFailedException", std::move(msg));
+    static api_error conditional_check_failed(std::string msg, rjson::value&& item) {
+        if (!item.IsNull()) {
+            auto tmp = rjson::empty_object();
+            rjson::add(tmp, "Item", std::move(item));
+            item = std::move(tmp);
+        }
+        return api_error("ConditionalCheckFailedException", std::move(msg), status_type::bad_request, std::move(item));
     }
     static api_error expired_iterator(std::string msg) {
         return api_error("ExpiredIteratorException", std::move(msg));

alternator/executor.hh

@@ -9,7 +9,6 @@
 #pragma once
 
 #include <seastar/core/future.hh>
-#include <seastar/http/httpd.hh>
 #include "seastarx.hh"
 #include <seastar/json/json_elements.hh>
 #include <seastar/core/sharded.hh>
@@ -263,4 +262,9 @@ public:
 // add more than a couple of levels in its own output construction.
 bool is_big(const rjson::value& val, int big_size = 100'000);
 
+// Check CQL's Role-Based Access Control (RBAC) permission (MODIFY,
+// SELECT, DROP, etc.) on the given table. When permission is denied an
+// appropriate user-readable api_error::access_denied is thrown.
+future<> verify_permission(const service::client_state&, const schema_ptr&, auth::permission);
+
 }

alternator/expressions.cc

@@ -28,7 +28,7 @@
 
 namespace alternator {
 
-template <typename Func, typename Result = std::result_of_t<Func(expressionsParser&)>>
+template <typename Func, typename Result = std::invoke_result_t<Func, expressionsParser&>>
 static Result do_with_parser(std::string_view input, Func&& f) {
     expressionsLexer::InputStreamType input_stream{
         reinterpret_cast<const ANTLR_UINT8*>(input.data()),
@@ -43,7 +43,7 @@ static Result do_with_parser(std::string_view input, Func&& f) {
     return result;
 }
 
-template <typename Func, typename Result = std::result_of_t<Func(expressionsParser&)>>
+template <typename Func, typename Result = std::invoke_result_t<Func, expressionsParser&>>
 static Result parse(const char* input_name, std::string_view input, Func&& f) {
     if (input.length() > 4096) {
         throw expressions_syntax_error(format("{} expression size {} exceeds allowed maximum 4096.",
@@ -57,10 +57,10 @@ static Result parse(const char* input_name, std::string_view input, Func&& f) {
         // TODO: displayRecognitionError could set a position inside the
         // expressions_syntax_error in throws, and we could use it here to
         // mark the broken position in 'input'.
-        throw expressions_syntax_error(format("Failed parsing {} '{}': {}",
+        throw expressions_syntax_error(fmt::format("Failed parsing {} '{}': {}",
             input_name, input, e.what()));
     } catch (...) {
-        throw expressions_syntax_error(format("Failed parsing {} '{}': {}",
+        throw expressions_syntax_error(fmt::format("Failed parsing {} '{}': {}",
             input_name, input, std::current_exception()));
     }
 }
@@ -133,21 +133,6 @@ void path::check_depth_limit() {
     }
 }
 
-std::ostream& operator<<(std::ostream& os, const path& p) {
-    os << p.root();
-    for (const auto& op : p.operators()) {
-        std::visit(overloaded_functor {
-            [&] (const std::string& member) {
-                os << '.' << member;
-            },
-            [&] (unsigned index) {
-                os << '[' << index << ']';
-            }
-        }, op);
-    }
-    return os;
-}
-
 } // namespace parsed
 
 // The following resolve_*() functions resolve references in parsed
@@ -175,12 +160,12 @@ static std::optional<std::string> resolve_path_component(const std::string& colu
     if (column_name.size() > 0 && column_name.front() == '#') {
         if (!expression_attribute_names) {
             throw api_error::validation(
-                    format("ExpressionAttributeNames missing, entry '{}' required by expression", column_name));
+                    fmt::format("ExpressionAttributeNames missing, entry '{}' required by expression", column_name));
         }
         const rjson::value* value = rjson::find(*expression_attribute_names, column_name);
         if (!value || !value->IsString()) {
             throw api_error::validation(
-                    format("ExpressionAttributeNames missing entry '{}' required by expression", column_name));
+                    fmt::format("ExpressionAttributeNames missing entry '{}' required by expression", column_name));
         }
         used_attribute_names.emplace(column_name);
         return std::string(rjson::to_string_view(*value));
@@ -217,16 +202,16 @@ static void resolve_constant(parsed::constant& c,
         [&] (const std::string& valref) {
             if (!expression_attribute_values) {
                 throw api_error::validation(
-                        format("ExpressionAttributeValues missing, entry '{}' required by expression", valref));
+                        fmt::format("ExpressionAttributeValues missing, entry '{}' required by expression", valref));
             }
             const rjson::value* value = rjson::find(*expression_attribute_values, valref);
             if (!value) {
                 throw api_error::validation(
-                        format("ExpressionAttributeValues missing entry '{}' required by expression", valref));
+                        fmt::format("ExpressionAttributeValues missing entry '{}' required by expression", valref));
             }
             if (value->IsNull()) {
                 throw api_error::validation(
-                        format("ExpressionAttributeValues null value for entry '{}' required by expression", valref));
+                        fmt::format("ExpressionAttributeValues null value for entry '{}' required by expression", valref));
             }
             validate_value(*value, "ExpressionAttributeValues");
             used_attribute_values.emplace(valref);
@@ -723,7 +708,7 @@ rjson::value calculate_value(const parsed::value& v,
             auto function_it = function_handlers.find(std::string_view(f._function_name));
             if (function_it == function_handlers.end()) {
                 throw api_error::validation(
-                        format("{}: unknown function '{}' called.", caller, f._function_name));
+                        fmt::format("{}: unknown function '{}' called.", caller, f._function_name));
             }
             return function_it->second(caller, previous_item, f);
         },
@@ -756,3 +741,20 @@ rjson::value calculate_value(const parsed::set_rhs& rhs,
 }
 
 } // namespace alternator
+
+auto fmt::formatter<alternator::parsed::path>::format(const alternator::parsed::path& p, fmt::format_context& ctx) const
+        -> decltype(ctx.out()) {
+    auto out = ctx.out();
+    out = fmt::format_to(out, "{}", p.root());
+    for (const auto& op : p.operators()) {
+        std::visit(overloaded_functor {
+            [&] (const std::string& member) {
+                out = fmt::format_to(out, ".{}", member);
+            },
+            [&] (unsigned index) {
+                out = fmt::format_to(out, "[{}]", index);
+            }
+        }, op);
+    }
+    return out;
+}

alternator/expressions.hh

@@ -60,24 +60,30 @@ enum class calculate_value_caller {
     UpdateExpression, ConditionExpression, ConditionExpressionAlone
 };
 
-inline std::ostream& operator<<(std::ostream& out, calculate_value_caller caller) {
-    switch (caller) {
-        case calculate_value_caller::UpdateExpression:
-            out << "UpdateExpression";
-            break;
-        case calculate_value_caller::ConditionExpression:
-            out << "ConditionExpression";
-            break;
-        case calculate_value_caller::ConditionExpressionAlone:
-            out << "ConditionExpression";
-            break;
-        default:
-            out << "unknown type of expression";
-            break;
-    }
-    return out;
 }
 
+template <> struct fmt::formatter<alternator::calculate_value_caller> {
+    constexpr auto parse(format_parse_context& ctx) { return ctx.begin(); }
+    auto format(alternator::calculate_value_caller caller, fmt::format_context& ctx) const {
+        std::string_view name = "unknown type of expression";
+        switch (caller) {
+            using enum alternator::calculate_value_caller;
+            case UpdateExpression:
+                name = "UpdateExpression";
+                break;
+            case ConditionExpression:
+                name = "ConditionExpression";
+                break;
+            case ConditionExpressionAlone:
+                name = "ConditionExpression";
+                break;
+        }
+        return fmt::format_to(ctx.out(), "{}", name);
+    }
+};
+
+namespace alternator {
+
 rjson::value calculate_value(const parsed::value& v,
         calculate_value_caller caller,
         const rjson::value* previous_item);

alternator/expressions_types.hh

@@ -66,7 +66,6 @@ public:
     std::vector<std::variant<std::string, unsigned>>& operators() {
         return _operators;
     }
-    friend std::ostream& operator<<(std::ostream&, const path&);
 };
 
 // When an expression is first parsed, all constants are references, like
@@ -255,3 +254,7 @@ public:
 
 } // namespace parsed
 } // namespace alternator
+
+template <> struct fmt::formatter<alternator::parsed::path> : fmt::formatter<string_view> {
+    auto format(const alternator::parsed::path&, fmt::format_context& ctx) const -> decltype(ctx.out());
+};

alternator/rmw_operation.hh

@@ -19,7 +19,7 @@ namespace alternator {
 // operations which may involve a read of the item before the write
 // (so-called Read-Modify-Write operations). These operations include PutItem,
 // UpdateItem and DeleteItem: All of these may be conditional operations (the
-// "Expected" parameter) which requir a read before the write, and UpdateItem
+// "Expected" parameter) which require a read before the write, and UpdateItem
 // may also have an update expression which refers to the item's old value.
 //
 // The code below supports running the read and the write together as one
@@ -69,7 +69,11 @@ protected:
     enum class returnvalues {
         NONE, ALL_OLD, UPDATED_OLD, ALL_NEW, UPDATED_NEW
     } _returnvalues;
+    enum class returnvalues_on_condition_check_failure {
+        NONE, ALL_OLD
+    } _returnvalues_on_condition_check_failure;
     static returnvalues parse_returnvalues(const rjson::value& request);
+    static returnvalues_on_condition_check_failure parse_returnvalues_on_condition_check_failure(const rjson::value& request);
     // When _returnvalues != NONE, apply() should store here, in JSON form,
     // the values which are to be returned in the "Attributes" field.
     // The default null JSON means do not return an Attributes field at all.
@@ -77,6 +81,8 @@ protected:
     // it (see explanation below), but note that because apply() may be
     // called more than once, if apply() will sometimes set this field it
     // must set it (even if just to the default empty value) every time.
+    // Additionally when _returnvalues_on_condition_check_failure is ALL_OLD
+    // then condition check failure will also result in storing values here.
     mutable rjson::value _return_attributes;
 public:
     // The constructor of a rmw_operation subclass should parse the request

alternator/serialization.cc

@@ -11,7 +11,6 @@
 #include "log.hh"
 #include "serialization.hh"
 #include "error.hh"
-#include "rapidjson/writer.h"
 #include "concrete_types.hh"
 #include "cql3/type_json.hh"
 #include "mutation/position_in_partition.hh"
@@ -59,7 +58,7 @@ type_representation represent_type(alternator_type atype) {
 // calculate its magnitude and precision from its scale() and unscaled_value().
 // So in the following ugly implementation we calculate them from the string
 // representation instead. We assume the number was already parsed
-// sucessfully to a big_decimal to it follows its syntax rules.
+// successfully to a big_decimal to it follows its syntax rules.
 //
 // FIXME: rewrite this function to take a big_decimal, not a string.
 // Maybe a snippet like this can help:
@@ -144,17 +143,17 @@ static big_decimal parse_and_validate_number(std::string_view s) {
         big_decimal ret(s);
         auto [magnitude, precision] = internal::get_magnitude_and_precision(s);
         if (magnitude > 125) {
-            throw api_error::validation(format("Number overflow: {}. Attempting to store a number with magnitude larger than supported range.", s));
+            throw api_error::validation(fmt::format("Number overflow: {}. Attempting to store a number with magnitude larger than supported range.", s));
         }
         if (magnitude < -130) {
-            throw api_error::validation(format("Number underflow: {}. Attempting to store a number with magnitude lower than supported range.", s));
+            throw api_error::validation(fmt::format("Number underflow: {}. Attempting to store a number with magnitude lower than supported range.", s));
         }
         if (precision > 38) {
-            throw api_error::validation(format("Number too precise: {}. Attempting to store a number with more significant digits than supported.", s));
+            throw api_error::validation(fmt::format("Number too precise: {}. Attempting to store a number with more significant digits than supported.", s));
         }
         return ret;
     } catch (const marshal_exception& e) {
-        throw api_error::validation(format("The parameter cannot be converted to a numeric value: {}", s));
+        throw api_error::validation(fmt::format("The parameter cannot be converted to a numeric value: {}", s));
     }
 
 }
@@ -266,7 +265,7 @@ bytes get_key_column_value(const rjson::value& item, const column_definition& co
     std::string column_name = column.name_as_text();
     const rjson::value* key_typed_value = rjson::find(item, column_name);
     if (!key_typed_value) {
-        throw api_error::validation(format("Key column {} not found", column_name));
+        throw api_error::validation(fmt::format("Key column {} not found", column_name));
     }
     return get_key_from_typed_value(*key_typed_value, column);
 }
@@ -278,19 +277,26 @@ bytes get_key_column_value(const rjson::value& item, const column_definition& co
 // mentioned in the exception message).
 // If the type does match, a reference to the encoded value is returned.
 static const rjson::value& get_typed_value(const rjson::value& key_typed_value, std::string_view type_str, std::string_view name, std::string_view value_name) {
-    if (!key_typed_value.IsObject() || key_typed_value.MemberCount() != 1 ||
-            !key_typed_value.MemberBegin()->value.IsString()) {
+    if (!key_typed_value.IsObject() || key_typed_value.MemberCount() != 1) {
         throw api_error::validation(
-                format("Malformed value object for {} {}: {}",
+                fmt::format("Malformed value object for {} {}: {}",
                         value_name, name, key_typed_value));
     }
 
     auto it = key_typed_value.MemberBegin();
     if (rjson::to_string_view(it->name) != type_str) {
         throw api_error::validation(
-                format("Type mismatch: expected type {} for {} {}, got type {}",
+                fmt::format("Type mismatch: expected type {} for {} {}, got type {}",
                         type_str, value_name, name, it->name));
     }
+    // We assume this function is called just for key types (S, B, N), and
+    // all of those always have a string value in the JSON.
+    if (!it->value.IsString()) {
+        throw api_error::validation(
+            fmt::format("Malformed value object for {} {}: {}",
+                    value_name, name, key_typed_value));
+
+    }
     return it->value;
 }
 
@@ -396,16 +402,16 @@ position_in_partition pos_from_json(const rjson::value& item, schema_ptr schema)
 
 big_decimal unwrap_number(const rjson::value& v, std::string_view diagnostic) {
     if (!v.IsObject() || v.MemberCount() != 1) {
-        throw api_error::validation(format("{}: invalid number object", diagnostic));
+        throw api_error::validation(fmt::format("{}: invalid number object", diagnostic));
     }
     auto it = v.MemberBegin();
     if (it->name != "N") {
-        throw api_error::validation(format("{}: expected number, found type '{}'", diagnostic, it->name));
+        throw api_error::validation(fmt::format("{}: expected number, found type '{}'", diagnostic, it->name));
     }
     if (!it->value.IsString()) {
         // We shouldn't reach here. Callers normally validate their input
         // earlier with validate_value().
-        throw api_error::validation(format("{}: improperly formatted number constant", diagnostic));
+        throw api_error::validation(fmt::format("{}: improperly formatted number constant", diagnostic));
     }
     big_decimal ret = parse_and_validate_number(rjson::to_string_view(it->value));
     return ret;
@@ -486,7 +492,7 @@ rjson::value set_sum(const rjson::value& v1, const rjson::value& v2) {
     auto [set1_type, set1] = unwrap_set(v1);
     auto [set2_type, set2] = unwrap_set(v2);
     if (set1_type != set2_type) {
-        throw api_error::validation(format("Mismatched set types: {} and {}", set1_type, set2_type));
+        throw api_error::validation(fmt::format("Mismatched set types: {} and {}", set1_type, set2_type));
     }
     if (!set1 || !set2) {
         throw api_error::validation("UpdateExpression: ADD operation for sets must be given sets as arguments");
@@ -514,7 +520,7 @@ std::optional<rjson::value> set_diff(const rjson::value& v1, const rjson::value&
     auto [set1_type, set1] = unwrap_set(v1);
     auto [set2_type, set2] = unwrap_set(v2);
     if (set1_type != set2_type) {
-        throw api_error::validation(format("Set DELETE type mismatch: {} and {}", set1_type, set2_type));
+        throw api_error::validation(fmt::format("Set DELETE type mismatch: {} and {}", set1_type, set2_type));
     }
     if (!set1 || !set2) {
         throw api_error::validation("UpdateExpression: DELETE operation can only be performed on a set");

alternator/server.cc

@@ -8,6 +8,7 @@
 
 #include "alternator/server.hh"
 #include "log.hh"
+#include <fmt/ranges.h>
 #include <seastar/http/function_handlers.hh>
 #include <seastar/http/short_streams.hh>
 #include <seastar/core/coroutine.hh>
@@ -16,14 +17,18 @@
 #include <seastar/util/short_streams.hh>
 #include "seastarx.hh"
 #include "error.hh"
+#include "service/client_state.hh"
 #include "service/qos/service_level_controller.hh"
+#include "utils/assert.hh"
+#include "timeout_config.hh"
 #include "utils/rjson.hh"
 #include "auth.hh"
 #include <cctype>
+#include <string_view>
+#include <utility>
 #include "service/storage_proxy.hh"
 #include "gms/gossiper.hh"
 #include "utils/overloaded_functor.hh"
-#include "utils/fb_utilities.hh"
 #include "utils/aws_sigv4.hh"
 
 static logging::logger slogger("alternator-server");
@@ -34,8 +39,6 @@ using reply = http::reply;
 
 namespace alternator {
 
-static constexpr auto TARGET = "X-Amz-Target";
-
 inline std::vector<std::string_view> split(std::string_view text, char separator) {
     std::vector<std::string_view> tokens;
     if (text == "") {
@@ -118,7 +121,7 @@ public:
                  }
                  return make_ready_future<std::unique_ptr<reply>>(std::move(rep));
              }
-             auto res = resf.get0();
+             auto res = resf.get();
              std::visit(overloaded_functor {
                  [&] (const json::json_return_type& json_return_value) {
                      slogger.trace("api_handler success case");
@@ -156,6 +159,9 @@ public:
 protected:
     void generate_error_reply(reply& rep, const api_error& err) {
         rjson::value results = rjson::empty_object();
+        if (!err._extra_fields.IsNull() && err._extra_fields.IsObject()) {
+            results = rjson::copy(err._extra_fields);
+        }
         rjson::add(results, "__type", rjson::from_string("com.amazonaws.dynamodb.v20120810#" + err._type));
         rjson::add(results, "message", err._msg);
         rep._content = rjson::print(std::move(results));
@@ -210,9 +216,11 @@ protected:
         for (auto& ip : local_dc_nodes) {
             // Note that it's not enough for the node to be is_alive() - a
             // node joining the cluster is also "alive" but not responsive to
-            // requests. We need the node to be in normal state. See #19694.
-            if (_gossiper.is_normal(ip)) {
-                rjson::push_back(results, rjson::from_string(ip.to_sstring()));
+            // requests. We alive *and* normal. See #19694, #21538.
+            if (_gossiper.is_alive(ip) && _gossiper.is_normal(ip)) {
+                // Use the gossiped broadcast_rpc_address if available instead
+                // of the internal IP address "ip". See discussion in #18711.
+                rjson::push_back(results, rjson::from_string(_gossiper.get_rpc_address(ip)));
             }
         }
         rep->set_status(reply::status_type::ok);
@@ -255,7 +263,7 @@ future<std::string> server::verify_signature(const request& req, const chunked_c
     std::string_view authorization_header = authorization_it->second;
     auto pos = authorization_header.find_first_of(' ');
     if (pos == std::string_view::npos || authorization_header.substr(0, pos) != "AWS4-HMAC-SHA256") {
-        throw api_error::invalid_signature(format("Authorization header must use AWS4-HMAC-SHA256 algorithm: {}", authorization_header));
+        throw api_error::invalid_signature(fmt::format("Authorization header must use AWS4-HMAC-SHA256 algorithm: {}", authorization_header));
     }
     authorization_header.remove_prefix(pos+1);
     std::string credential;
@@ -290,7 +298,7 @@ future<std::string> server::verify_signature(const request& req, const chunked_c
 
     std::vector<std::string_view> credential_split = split(credential, '/');
     if (credential_split.size() != 5) {
-        throw api_error::validation(format("Incorrect credential information format: {}", credential));
+        throw api_error::validation(fmt::format("Incorrect credential information format: {}", credential));
     }
     std::string user(credential_split[0]);
     std::string datestamp(credential_split[1]);
@@ -311,8 +319,8 @@ future<std::string> server::verify_signature(const request& req, const chunked_c
         }
     }
 
-    auto cache_getter = [&proxy = _proxy] (std::string username) {
-        return get_key_from_roles(proxy, std::move(username));
+    auto cache_getter = [&proxy = _proxy, &as = _auth_service] (std::string username) {
+        return get_key_from_roles(proxy, as, std::move(username));
     };
     return _key_cache.get_ptr(user, cache_getter).then([this, &req, &content,
                                                     user = std::move(user),
@@ -375,7 +383,7 @@ static tracing::trace_state_ptr maybe_trace_query(service::client_state& client_
         std::string buf;
         tracing::add_session_param(trace_state, "alternator_op", op);
         tracing::add_query(trace_state, truncated_content_view(query, buf));
-        tracing::begin(trace_state, format("Alternator {}", op), client_state.get_client_address());
+        tracing::begin(trace_state, seastar::format("Alternator {}", op), client_state.get_client_address());
         if (!username.empty()) {
             tracing::set_username(trace_state, auth::authenticated_user(username));
         }
@@ -385,10 +393,10 @@ static tracing::trace_state_ptr maybe_trace_query(service::client_state& client_
 
 future<executor::request_return_type> server::handle_api_request(std::unique_ptr<request> req) {
     _executor._stats.total_operations++;
-    sstring target = req->get_header(TARGET);
-    std::vector<std::string_view> split_target = split(target, '.');
-    //NOTICE(sarna): Target consists of Dynamo API version followed by a dot '.' and operation type (e.g. CreateTable)
-    std::string op = split_target.empty() ? std::string() : std::string(split_target.back());
+    sstring target = req->get_header("X-Amz-Target");
+    // target is DynamoDB API version followed by a dot '.' and operation type (e.g. CreateTable)
+    auto dot = target.find('.');
+    std::string_view op = (dot == sstring::npos) ? std::string_view() : std::string_view(target).substr(dot+1);
     // JSON parsing can allocate up to roughly 2x the size of the raw
     // document, + a couple of bytes for maintenance.
     // TODO: consider the case where req->content_length is missing. Maybe
@@ -400,7 +408,7 @@ future<executor::request_return_type> server::handle_api_request(std::unique_ptr
         ++_executor._stats.requests_blocked_memory;
     }
     auto units = co_await std::move(units_fut);
-    assert(req->content_stream);
+    SCYLLA_ASSERT(req->content_stream);
     chunked_content content = co_await util::read_entire_stream(*req->content_stream);
     auto username = co_await verify_signature(*req, content);
 
@@ -411,7 +419,7 @@ future<executor::request_return_type> server::handle_api_request(std::unique_ptr
     auto callback_it = _callbacks.find(op);
     if (callback_it == _callbacks.end()) {
         _executor._stats.unsupported_operations++;
-        co_return api_error::unknown_operation(format("Unsupported operation {}", op));
+        co_return api_error::unknown_operation(fmt::format("Unsupported operation {}", op));
     }
     if (_pending_requests.get_count() >= _max_concurrent_requests) {
         _executor._stats.requests_shed++;
@@ -419,11 +427,11 @@ future<executor::request_return_type> server::handle_api_request(std::unique_ptr
     }
     _pending_requests.enter();
     auto leave = defer([this] () noexcept { _pending_requests.leave(); });
-    //FIXME: Client state can provide more context, e.g. client's endpoint address
-    // We use unique_ptr because client_state cannot be moved or copied
-    executor::client_state client_state = username.empty()
-        ? service::client_state{service::client_state::internal_tag()}
-        : service::client_state{service::client_state::internal_tag(), _auth_service, _sl_controller, username};
+    executor::client_state client_state(service::client_state::external_tag(),
+        _auth_service, &_sl_controller, _timeout_config.current_values(), req->get_client_address());
+    if (!username.empty()) {
+        client_state.set_login(auth::authenticated_user(username));
+    }
     co_await client_state.maybe_update_per_service_level_params();
 
     tracing::trace_state_ptr trace_state = maybe_trace_query(client_state, username, op, content);
@@ -470,6 +478,7 @@ server::server(executor& exec, service::storage_proxy& proxy, gms::gossiper& gos
         , _enforce_authorization(false)
         , _enabled_servers{}
         , _pending_requests{}
+        , _timeout_config(_proxy.data_dictionary().get_config())
       , _callbacks{
         {"CreateTable", [] (executor& e, executor::client_state& client_state, tracing::trace_state_ptr trace_state, service_permit permit, rjson::value json_request, std::unique_ptr<request> req) {
             return e.create_table(client_state, std::move(trace_state), std::move(permit), std::move(json_request));
@@ -569,14 +578,14 @@ future<> server::init(net::inet_address addr, std::optional<uint16_t> port, std:
             set_routes(_https_server._routes);
             _https_server.set_content_length_limit(server::content_length_limit);
             _https_server.set_content_streaming(true);
-            _https_server.set_tls_credentials(creds->build_reloadable_server_credentials([](const std::unordered_set<sstring>& files, std::exception_ptr ep) {
+            auto server_creds = creds->build_reloadable_server_credentials([](const std::unordered_set<sstring>& files, std::exception_ptr ep) {
                 if (ep) {
                     slogger.warn("Exception loading {}: {}", files, ep);
                 } else {
                     slogger.info("Reloaded {}", files);
                 }
-            }).get0());
-            _https_server.listen(socket_address{addr, *https_port}).get();
+            }).get();
+            _https_server.listen(socket_address{addr, *https_port}, std::move(server_creds)).get();
             _enabled_servers.push_back(std::ref(_https_server));
         }
     });
@@ -634,7 +643,7 @@ future<> server::json_parser::stop() {
 
 const char* api_error::what() const noexcept {
     if (_what_string.empty()) {
-        _what_string = format("{} {}: {}", static_cast<int>(_http_code), _type, _msg);
+        _what_string = fmt::format("{} {}: {}", std::to_underlying(_http_code), _type, _msg);
     }
     return _what_string.c_str();
 }

alternator/server.hh

@@ -42,6 +42,11 @@ class server {
     bool _enforce_authorization;
     utils::small_vector<std::reference_wrapper<seastar::httpd::http_server>, 2> _enabled_servers;
     gate _pending_requests;
+    // In some places we will need a CQL updateable_timeout_config object even
+    // though it isn't really relevant for Alternator which defines its own
+    // timeouts separately. We can create this object only once.
+    updateable_timeout_config _timeout_config;
+
     alternator_callbacks_map _callbacks;
 
     semaphore* _memory_limiter;

alternator/stats.cc

@@ -21,10 +21,12 @@ stats::stats() : api_operations{} {
     _metrics.add_group("alternator", {
 #define OPERATION(name, CamelCaseName) \
                 seastar::metrics::make_total_operations("operation", api_operations.name, \
-                        seastar::metrics::description("number of operations via Alternator API"), {op(CamelCaseName)}),
+                        seastar::metrics::description("number of operations via Alternator API"), {op(CamelCaseName)}).set_skip_when_empty(),
 #define OPERATION_LATENCY(name, CamelCaseName) \
                 seastar::metrics::make_histogram("op_latency", \
-                        seastar::metrics::description("Latency histogram of an operation via Alternator API"), {op(CamelCaseName)}, [this]{return to_metrics_histogram(api_operations.name);}),
+                        seastar::metrics::description("Latency histogram of an operation via Alternator API"), {op(CamelCaseName)}, [this]{return to_metrics_histogram(api_operations.name.histogram());}).aggregate({seastar::metrics::shard_label}).set_skip_when_empty(), \
+				seastar::metrics::make_summary("op_latency_summary", \
+						                        seastar::metrics::description("Latency summary of an operation via Alternator API"), [this]{return to_metrics_summary(api_operations.name.summary());})(op(CamelCaseName)).set_skip_when_empty(),
             OPERATION(batch_get_item, "BatchGetItem")
             OPERATION(batch_write_item, "BatchWriteItem")
             OPERATION(create_backup, "CreateBackup")
@@ -65,6 +67,8 @@ stats::stats() : api_operations{} {
             OPERATION_LATENCY(get_item_latency, "GetItem")
             OPERATION_LATENCY(delete_item_latency, "DeleteItem")
             OPERATION_LATENCY(update_item_latency, "UpdateItem")
+            OPERATION_LATENCY(batch_write_item_latency, "BatchWriteItem")
+            OPERATION_LATENCY(batch_get_item_latency, "BatchGetItem")
             OPERATION(list_streams, "ListStreams")
             OPERATION(describe_stream, "DescribeStream")
             OPERATION(get_shard_iterator, "GetShardIterator")
@@ -92,6 +96,10 @@ stats::stats() : api_operations{} {
                     seastar::metrics::description("number of rows read and matched during filtering operations")),
             seastar::metrics::make_total_operations("filtered_rows_dropped_total", [this] { return cql_stats.filtered_rows_read_total - cql_stats.filtered_rows_matched_total; },
                     seastar::metrics::description("number of rows read and dropped during filtering operations")),
+                    seastar::metrics::make_counter("batch_item_count", seastar::metrics::description("The total number of items processed across all batches"),{op("BatchWriteItem")},
+                            api_operations.batch_write_item_batch_total).set_skip_when_empty(),
+                    seastar::metrics::make_counter("batch_item_count", seastar::metrics::description("The total number of items processed across all batches"),{op("BatchGetItem")},
+                            api_operations.batch_get_item_batch_total).set_skip_when_empty(),
     });
 }
 

alternator/stats.hh

@@ -11,8 +11,7 @@
 #include <cstdint>
 
 #include <seastar/core/metrics_registration.hh>
-#include "seastarx.hh"
-#include "utils/estimated_histogram.hh"
+#include "utils/histogram.hh"
 #include "cql3/stats.hh"
 
 namespace alternator {
@@ -27,6 +26,8 @@ public:
     struct {
         uint64_t batch_get_item = 0;
         uint64_t batch_write_item = 0;
+        uint64_t batch_get_item_batch_total = 0;
+        uint64_t batch_write_item_batch_total = 0;
         uint64_t create_backup = 0;
         uint64_t create_global_table = 0;
         uint64_t create_table = 0;
@@ -66,11 +67,13 @@ public:
         uint64_t get_shard_iterator = 0;
         uint64_t get_records = 0;
 
-        utils::time_estimated_histogram put_item_latency;
-        utils::time_estimated_histogram get_item_latency;
-        utils::time_estimated_histogram delete_item_latency;
-        utils::time_estimated_histogram update_item_latency;
-        utils::time_estimated_histogram get_records_latency;
+        utils::timed_rate_moving_average_summary_and_histogram put_item_latency;
+        utils::timed_rate_moving_average_summary_and_histogram get_item_latency;
+        utils::timed_rate_moving_average_summary_and_histogram delete_item_latency;
+        utils::timed_rate_moving_average_summary_and_histogram update_item_latency;
+        utils::timed_rate_moving_average_summary_and_histogram batch_write_item_latency;
+        utils::timed_rate_moving_average_summary_and_histogram batch_get_item_latency;
+        utils::timed_rate_moving_average_summary_and_histogram get_records_latency;
     } api_operations;
     // Miscellaneous event counters
     uint64_t total_operations = 0;

alternator/streams.cc

@@ -13,8 +13,7 @@
 
 #include <seastar/json/formatter.hh>
 
-#include "utils/base64.hh"
-#include "log.hh"
+#include "auth/permission.hh"
 #include "db/config.hh"
 
 #include "cdc/log.hh"
@@ -25,7 +24,6 @@
 #include "utils/UUID_gen.hh"
 #include "cql3/selection/selection.hh"
 #include "cql3/result_set.hh"
-#include "cql3/type_json.hh"
 #include "cql3/column_identifier.hh"
 #include "schema/schema_builder.hh"
 #include "service/storage_proxy.hh"
@@ -33,7 +31,6 @@
 #include "gms/feature_service.hh"
 
 #include "executor.hh"
-#include "rmw_operation.hh"
 #include "data_dictionary/data_dictionary.hh"
 
 /**
@@ -237,11 +234,8 @@ struct shard_id {
 
     // dynamo specifies shardid as max 65 chars. 
     friend std::ostream& operator<<(std::ostream& os, const shard_id& id) {
-        boost::io::ios_flags_saver fs(os);
-        return os << marker << std::hex  
-            << id.time.time_since_epoch().count()
-            << ':' << id.id.to_bytes()
-            ;
+        fmt::print(os, "{} {:x}:{}", marker, id.time.time_since_epoch().count(), id.id.to_bytes());
+        return os;
     }
 };
 
@@ -280,7 +274,7 @@ struct sequence_number {
          * Timeuuids viewed as msb<<64|lsb are _not_,
          * but they are still sorted as
          *  timestamp() << 64|lsb
-         * so we can simpy unpack the mangled msb
+         * so we can simply unpack the mangled msb
          * and use as hi 64 in our "bignum".
          */
         uint128_t hi = uint64_t(num.uuid.timestamp());
@@ -419,7 +413,7 @@ using namespace std::string_literals;
  *
  * In scylla, this is sort of akin to an ID having corresponding ID/ID:s
  * that cover the token range it represents. Because ID:s are per
- * vnode shard however, this relation can be somewhat ambigous.
+ * vnode shard however, this relation can be somewhat ambiguous.
  * We still provide some semblance of this by finding the ID in
  * older generation that has token start < current ID token start.
  * This will be a partial overlap, but it is the best we can do.
@@ -526,7 +520,7 @@ future<executor::request_return_type> executor::describe_stream(client_state& cl
         // (see explanation above) since we want to find closest
         // token boundary when determining parent.
         // #7346 - we processed and searched children/parents in
-        // stored order, which is not neccesarily token order,
+        // stored order, which is not necessarily token order,
         // so the finding of "closest" token boundary (using upper bound)
         // could give somewhat weird results.
         static auto token_cmp = [](const cdc::stream_id& id1, const cdc::stream_id& id2) {
@@ -783,7 +777,7 @@ struct event_id {
     cdc::stream_id stream;
     utils::UUID timestamp;
 
-    static const auto marker = 'E';
+    static constexpr auto marker = 'E';
 
     event_id(cdc::stream_id s, utils::UUID ts)
         : stream(s)
@@ -791,10 +785,8 @@ struct event_id {
     {}
     
     friend std::ostream& operator<<(std::ostream& os, const event_id& id) {
-        boost::io::ios_flags_saver fs(os);
-        return os << marker << std::hex << id.stream.to_bytes()
-            << ':' << id.timestamp
-            ;
+        fmt::print(os, "{}{}:{}", marker, id.stream.to_bytes(), id.timestamp);
+        return os;
     }
 };
 }
@@ -827,11 +819,13 @@ future<executor::request_return_type> executor::get_records(client_state& client
     }
 
     if (!schema || !base || !is_alternator_keyspace(schema->ks_name())) {
-        throw api_error::resource_not_found(fmt::to_string(iter.table));
+        co_return api_error::resource_not_found(fmt::to_string(iter.table));
     }
 
     tracing::add_table_name(trace_state, schema->ks_name(), schema->cf_name());
 
+    co_await verify_permission(client_state, schema, auth::permission::SELECT);
+
     db::consistency_level cl = db::consistency_level::LOCAL_QUORUM;
     partition_key pk = iter.shard.id.to_partition_key(*schema);
 
@@ -896,7 +890,7 @@ future<executor::request_return_type> executor::get_records(client_state& client
     auto command = ::make_lw_shared<query::read_command>(schema->id(), schema->version(), partition_slice, _proxy.get_max_result_size(partition_slice),
             query::tombstone_limit(_proxy.get_tombstone_limit()), query::row_limit(limit * mul));
 
-    return _proxy.query(schema, std::move(command), std::move(partition_ranges), cl, service::storage_proxy::coordinator_query_options(default_timeout(), std::move(permit), client_state)).then(
+    co_return co_await _proxy.query(schema, std::move(command), std::move(partition_ranges), cl, service::storage_proxy::coordinator_query_options(default_timeout(), std::move(permit), client_state)).then(
             [this, schema, partition_slice = std::move(partition_slice), selection = std::move(selection), start_time = std::move(start_time), limit, key_names = std::move(key_names), attr_names = std::move(attr_names), type, iter, high_ts] (service::storage_proxy::coordinator_query_result qr) mutable {       
         cql3::selection::result_set_builder builder(*selection, gc_clock::now());
         query::result_view::consume(*qr.query_result, partition_slice, cql3::selection::result_set_builder::visitor(builder, *schema, *selection));
@@ -1020,7 +1014,7 @@ future<executor::request_return_type> executor::get_records(client_state& client
             // shard did end, then the next read will have nrecords == 0 and
             // will notice end end of shard and not return NextShardIterator.
             rjson::add(ret, "NextShardIterator", next_iter);
-            _stats.api_operations.get_records_latency.add(std::chrono::steady_clock::now() - start_time);
+            _stats.api_operations.get_records_latency.mark(std::chrono::steady_clock::now() - start_time);
             return make_ready_future<executor::request_return_type>(make_jsonable(std::move(ret)));
         }
 
@@ -1043,7 +1037,7 @@ future<executor::request_return_type> executor::get_records(client_state& client
                 shard_iterator next_iter(iter.table, iter.shard, utils::UUID_gen::min_time_UUID(high_ts.time_since_epoch()), true);
                 rjson::add(ret, "NextShardIterator", iter);
             }
-            _stats.api_operations.get_records_latency.add(std::chrono::steady_clock::now() - start_time);
+            _stats.api_operations.get_records_latency.mark(std::chrono::steady_clock::now() - start_time);
             if (is_big(ret)) {
                 return make_ready_future<executor::request_return_type>(make_streamed(std::move(ret)));
             }
@@ -1061,9 +1055,6 @@ void executor::add_stream_options(const rjson::value& stream_specification, sche
     if (stream_enabled->GetBool()) {
         auto db = sp.data_dictionary();
 
-        if (!db.features().cdc) {
-            throw api_error::validation("StreamSpecification: streams (CDC) feature not enabled in cluster.");
-        }
         if (!db.features().alternator_streams) {
             throw api_error::validation("StreamSpecification: alternator streams feature not enabled in cluster.");
         }

alternator/ttl.cc

@@ -26,19 +26,19 @@
 #include "log.hh"
 #include "gc_clock.hh"
 #include "replica/database.hh"
+#include "service/client_state.hh"
 #include "service_permit.hh"
 #include "timestamp.hh"
 #include "service/storage_proxy.hh"
 #include "service/pager/paging_state.hh"
 #include "service/pager/query_pagers.hh"
 #include "gms/feature_service.hh"
-#include "sstables/types.hh"
 #include "mutation/mutation.hh"
 #include "types/types.hh"
 #include "types/map.hh"
+#include "utils/assert.hh"
 #include "utils/rjson.hh"
 #include "utils/big_decimal.hh"
-#include "utils/fb_utilities.hh"
 #include "cql3/selection/selection.hh"
 #include "cql3/values.hh"
 #include "cql3/query_options.hh"
@@ -81,6 +81,11 @@ future<executor::request_return_type> executor::update_time_to_live(client_state
         co_return api_error::validation("UpdateTimeToLive requires boolean Enabled");
     }
     bool enabled = v->GetBool();
+    // Alternator TTL doesn't yet work when the table uses tablets (#16567)
+    if (enabled && _proxy.local_db().find_keyspace(schema->ks_name()).get_replication_strategy().uses_tablets()) {
+        co_return api_error::validation("TTL not yet supported on a table using tablets (issue #16567). "
+            "Create a table with the tag 'experimental:initial_tablets' set to 'none' to use vnodes.");
+    }
     v = rjson::find(*spec, "AttributeName");
     if (!v || !v->IsString()) {
         co_return api_error::validation("UpdateTimeToLive requires string AttributeName");
@@ -94,6 +99,7 @@ future<executor::request_return_type> executor::update_time_to_live(client_state
     }
     sstring attribute_name(v->GetString(), v->GetStringLength());
 
+    co_await verify_permission(client_state, schema, auth::permission::ALTER);
     co_await db::modify_tags(_mm, schema->ks_name(), schema->cf_name(), [&](std::map<sstring, sstring>& tags_map) {
         if (enabled) {
             if (tags_map.contains(TTL_TAG_KEY)) {
@@ -155,7 +161,7 @@ future<executor::request_return_type> executor::describe_time_to_live(client_sta
 // node owning this range as a "primary range" (the first node in the ring
 // with this range), but when this node is down, the secondary owner (the
 // second in the ring) may take over.
-// An expiration thread is reponsible for all tables which need expiration
+// An expiration thread is responsible for all tables which need expiration
 // scans. Currently, the different tables are scanned sequentially (not in
 // parallel).
 // The expiration thread scans item using CL=QUORUM to ensures that it reads
@@ -309,7 +315,7 @@ static size_t random_offset(size_t min, size_t max) {
 // this range's primary node is down. For this we need to return not just
 // a list of this node's secondary ranges - but also the primary owner of
 // each of those ranges.
-static std::vector<std::pair<dht::token_range, gms::inet_address>> get_secondary_ranges(
+static future<std::vector<std::pair<dht::token_range, gms::inet_address>>> get_secondary_ranges(
         const locator::effective_replication_map_ptr& erm,
         gms::inet_address ep) {
     const auto& tm = *erm->get_token_metadata_ptr();
@@ -320,6 +326,7 @@ static std::vector<std::pair<dht::token_range, gms::inet_address>> get_secondary
     }
     auto prev_tok = sorted_tokens.back();
     for (const auto& tok : sorted_tokens) {
+        co_await coroutine::maybe_yield();
         inet_address_vector_replica_set eps = erm->get_natural_endpoints(tok);
         if (eps.size() <= 1 || eps[1] != ep) {
             prev_tok = tok;
@@ -347,7 +354,7 @@ static std::vector<std::pair<dht::token_range, gms::inet_address>> get_secondary
         }
         prev_tok = tok;
     }
-    return ret;
+    co_return ret;
 }
 
 
@@ -380,65 +387,68 @@ static std::vector<std::pair<dht::token_range, gms::inet_address>> get_secondary
 // the chances of covering all ranges during a scan when restarts occur.
 // A more deterministic way would be to regularly persist the scanning state,
 // but that incurs overhead that we want to avoid if not needed.
-enum primary_or_secondary_t {primary, secondary};
-template<primary_or_secondary_t primary_or_secondary>
-class token_ranges_owned_by_this_shard {
-    // ranges_holder_primary holds just the primary ranges themselves
-    class ranges_holder_primary {
-        const dht::token_range_vector _token_ranges;
-     public:
-        ranges_holder_primary(const locator::vnode_effective_replication_map_ptr& erm, gms::gossiper& g, gms::inet_address ep)
-            : _token_ranges(erm->get_primary_ranges(ep)) {}
-        std::size_t size() const { return _token_ranges.size(); }
-        const dht::token_range& operator[](std::size_t i) const {
-            return _token_ranges[i];
-        }
-        bool should_skip(std::size_t i) const {
-            return false;
-        }
-    };
-    // ranges_holder<secondary> holds the secondary token ranges plus each
-    // range's primary owner, needed to implement should_skip().
-    class ranges_holder_secondary {
-        std::vector<std::pair<dht::token_range, gms::inet_address>> _token_ranges;
-        gms::gossiper& _gossiper;
-     public:
-        ranges_holder_secondary(const locator::effective_replication_map_ptr& erm, gms::gossiper& g, gms::inet_address ep)
-            : _token_ranges(get_secondary_ranges(erm, ep))
-            , _gossiper(g) {}
-        std::size_t size() const { return _token_ranges.size(); }
-        const dht::token_range& operator[](std::size_t i) const {
-            return _token_ranges[i].first;
-        }
-        // range i should be skipped if its primary owner is alive.
-        bool should_skip(std::size_t i) const {
-            return _gossiper.is_alive(_token_ranges[i].second);
-        }
-    };
+//
+// FIXME: Check if this algorithm is safe with tablet migration.
+// https://github.com/scylladb/scylladb/issues/16567
 
+// ranges_holder_primary holds just the primary ranges themselves
+class ranges_holder_primary {
+    dht::token_range_vector _token_ranges;
+public:
+    explicit ranges_holder_primary(dht::token_range_vector token_ranges) : _token_ranges(std::move(token_ranges)) {}
+    static future<ranges_holder_primary> make(const locator::vnode_effective_replication_map_ptr& erm, gms::inet_address ep) {
+        co_return ranges_holder_primary(co_await erm->get_primary_ranges(ep));
+    }
+    std::size_t size() const { return _token_ranges.size(); }
+    const dht::token_range& operator[](std::size_t i) const {
+        return _token_ranges[i];
+    }
+    bool should_skip(std::size_t i) const {
+        return false;
+    }
+};
+// ranges_holder<secondary> holds the secondary token ranges plus each
+// range's primary owner, needed to implement should_skip().
+class ranges_holder_secondary {
+    std::vector<std::pair<dht::token_range, gms::inet_address>> _token_ranges;
+    const gms::gossiper& _gossiper;
+public:
+    explicit ranges_holder_secondary(std::vector<std::pair<dht::token_range, gms::inet_address>> token_ranges, const gms::gossiper& g)
+        : _token_ranges(std::move(token_ranges))
+        , _gossiper(g) {}
+    static future<ranges_holder_secondary> make(const locator::effective_replication_map_ptr& erm, gms::inet_address ep, const gms::gossiper& g) {
+        co_return ranges_holder_secondary(co_await get_secondary_ranges(erm, ep), g);
+    }
+    std::size_t size() const { return _token_ranges.size(); }
+    const dht::token_range& operator[](std::size_t i) const {
+        return _token_ranges[i].first;
+    }
+    // range i should be skipped if its primary owner is alive.
+    bool should_skip(std::size_t i) const {
+        return _gossiper.is_alive(_token_ranges[i].second);
+    }
+};
+
+template<class primary_or_secondary_t>
+class token_ranges_owned_by_this_shard {
     schema_ptr _s;
+    locator::effective_replication_map_ptr _erm;
     // _token_ranges will contain a list of token ranges owned by this node.
     // We'll further need to split each such range to the pieces owned by
     // the current shard, using _intersecter.
-    using ranges_holder = std::conditional_t<
-            primary_or_secondary == primary_or_secondary_t::primary,
-            ranges_holder_primary,
-            ranges_holder_secondary>;
-    const ranges_holder _token_ranges;
+    const primary_or_secondary_t _token_ranges;
     // NOTICE: _range_idx is used modulo _token_ranges size when accessing
     // the data to ensure that it doesn't go out of bounds
     size_t _range_idx;
     size_t _end_idx;
     std::optional<dht::selective_token_range_sharder> _intersecter;
-    locator::effective_replication_map_ptr _erm;
 public:
-    token_ranges_owned_by_this_shard(replica::database& db, gms::gossiper& g, schema_ptr s)
+    token_ranges_owned_by_this_shard(schema_ptr s, primary_or_secondary_t token_ranges)
         :  _s(s)
-        , _token_ranges(db.find_keyspace(s->ks_name()).get_effective_replication_map(),
-                g, utils::fb_utilities::get_broadcast_address())
+        , _erm(s->table().get_effective_replication_map())
+        , _token_ranges(std::move(token_ranges))
         , _range_idx(random_offset(0, _token_ranges.size() - 1))
         , _end_idx(_range_idx + _token_ranges.size())
-        , _erm(s->table().get_effective_replication_map())
     {
         tlogger.debug("Generating token ranges starting from base range {} of {}", _range_idx, _token_ranges.size());
     }
@@ -492,6 +502,7 @@ struct scan_ranges_context {
     bytes column_name;
     std::optional<std::string> member;
 
+    service::client_state internal_client_state;
     ::shared_ptr<cql3::selection::selection> selection;
     std::unique_ptr<service::query_state> query_state_ptr;
     std::unique_ptr<cql3::query_options> query_options;
@@ -501,6 +512,7 @@ struct scan_ranges_context {
         : s(s)
         , column_name(column_name)
         , member(member)
+        , internal_client_state(service::client_state::internal_tag())
     {
         // FIXME: don't read the entire items - read only parts of it.
         // We must read the key columns (to be able to delete) and also
@@ -519,10 +531,9 @@ struct scan_ranges_context {
         std::vector<query::clustering_range> ck_bounds{query::clustering_range::make_open_ended_both_sides()};
         auto partition_slice = query::partition_slice(std::move(ck_bounds), {}, std::move(regular_columns), opts);
         command = ::make_lw_shared<query::read_command>(s->id(), s->version(), partition_slice, proxy.get_max_result_size(partition_slice), query::tombstone_limit(proxy.get_tombstone_limit()));
-        executor::client_state client_state{executor::client_state::internal_tag()};
         tracing::trace_state_ptr trace_state;
         // NOTICE: empty_service_permit is used because the TTL service has fixed parallelism
-        query_state_ptr = std::make_unique<service::query_state>(client_state, trace_state, empty_service_permit());
+        query_state_ptr = std::make_unique<service::query_state>(internal_client_state, trace_state, empty_service_permit());
         // FIXME: What should we do on multi-DC? Will we run the expiration on the same ranges on all
         // DCs or only once for each range? If the latter, we need to change the CLs in the
         // scanner and deleter.
@@ -545,7 +556,7 @@ static future<> scan_table_ranges(
         expiration_service::stats& expiration_stats)
 {
     const schema_ptr& s = scan_ctx.s;
-    assert (partition_ranges.size() == 1); // otherwise issue #9167 will cause incorrect results.
+    SCYLLA_ASSERT (partition_ranges.size() == 1); // otherwise issue #9167 will cause incorrect results.
     auto p = service::pager::query_pagers::pager(proxy, s, scan_ctx.selection, *scan_ctx.query_state_ptr,
             *scan_ctx.query_options, scan_ctx.command, std::move(partition_ranges), nullptr);
     while (!p->is_exhausted()) {
@@ -718,7 +729,9 @@ static future<bool> scan_table(
     expiration_stats.scan_table++;
     // FIXME: need to pace the scan, not do it all at once.
     scan_ranges_context scan_ctx{s, proxy, std::move(column_name), std::move(member)};
-    token_ranges_owned_by_this_shard<primary> my_ranges(db.real_database(), gossiper, s);
+    auto erm = db.real_database().find_keyspace(s->ks_name()).get_vnode_effective_replication_map();
+    auto my_address = erm->get_topology().my_address();
+    token_ranges_owned_by_this_shard my_ranges(s, co_await ranges_holder_primary::make(erm, my_address));
     while (std::optional<dht::partition_range> range = my_ranges.next_partition_range()) {
         // Note that because of issue #9167 we need to run a separate
         // query on each partition range, and can't pass several of
@@ -738,7 +751,7 @@ static future<bool> scan_table(
     // by tasking another node to take over scanning of the dead node's primary
     // ranges. What we do here is that this node will also check expiration
     // on its *secondary* ranges - but only those whose primary owner is down.
-    token_ranges_owned_by_this_shard<secondary> my_secondary_ranges(db.real_database(), gossiper, s);
+    token_ranges_owned_by_this_shard my_secondary_ranges(s, co_await ranges_holder_secondary::make(erm, my_address, gossiper));
     while (std::optional<dht::partition_range> range = my_secondary_ranges.next_partition_range()) {
         expiration_stats.secondary_ranges_scanned++;
         dht::partition_range_vector partition_ranges;

api/CMakeLists.txt

@@ -7,6 +7,7 @@ set(swagger_files
   api-doc/commitlog.json
   api-doc/compaction_manager.json
   api-doc/config.json
+  api-doc/cql_server_test.json
   api-doc/endpoint_snitch_info.json
   api-doc/error_injection.json
   api-doc/failure_detector.json
@@ -15,10 +16,12 @@ set(swagger_files
   api-doc/lsa.json
   api-doc/messaging_service.json
   api-doc/metrics.json
+  api-doc/raft.json
   api-doc/storage_proxy.json
   api-doc/storage_service.json
   api-doc/stream_manager.json
   api-doc/system.json
+  api-doc/tasks.json
   api-doc/task_manager.json
   api-doc/task_manager_test.json
   api-doc/utils.json)
@@ -44,6 +47,7 @@ target_sources(api
     commitlog.cc
     compaction_manager.cc
     config.cc
+    cql_server_test.cc
     endpoint_snitch.cc
     error_injection.cc
     authorization_cache.cc
@@ -52,12 +56,15 @@ target_sources(api
     hinted_handoff.cc
     lsa.cc
     messaging_service.cc
+    raft.cc
     storage_proxy.cc
     storage_service.cc
     stream_manager.cc
     system.cc
+    tasks.cc
     task_manager.cc
     task_manager_test.cc
+    token_metadata.cc
     ${swagger_gen_files})
 target_include_directories(api
   PUBLIC
@@ -66,6 +73,9 @@ target_include_directories(api
 target_link_libraries(api
   idl
   wasmtime_bindings
-
   Seastar::seastar
-  xxHash::xxhash)
+  xxHash::xxhash
+  absl::headers)
+
+check_headers(check-headers api
+  GLOB_RECURSE ${CMAKE_CURRENT_SOURCE_DIR}/*.hh)

api/api-doc/collectd.json

@@ -67,7 +67,7 @@
                "parameters":[
                   {
                      "name":"pluginid",
-                     "description":"The plugin ID, describe the component the metric belongs to. Examples are cache, thrift, etc'. Regex are supported.The plugin ID, describe the component the metric belong to. Examples are: cache, thrift etc'. regex are supported",
+                     "description":"The plugin ID, describe the component the metric belongs to. Examples are cache and alternator, etc'. Regex are supported.",
                      "required":true,
                      "allowMultiple":false,
                      "type":"string",
@@ -199,4 +199,4 @@
          }
       }
    }
-}
+}

api/api-doc/column_family.json

@@ -92,6 +92,14 @@
                      "type":"boolean",
                      "paramType":"query"
                   },
+                  {
+                     "name":"consider_only_existing_data",
+                     "description":"Set to \"true\" to flush all memtables and force tombstone garbage collection to check only the sstables being compacted (false by default). The memtable, commitlog and other uncompacted sstables will not be checked during tombstone garbage collection.",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  },
                   {
                      "name":"split_output",
                      "description":"true if the output of the major compaction should be split in several sstables",
@@ -211,7 +219,7 @@
          "operations":[
             {
                "method":"POST",
-               "summary":"Sets the minumum and maximum number of sstables in queue before compaction kicks off",
+               "summary":"Sets the minimum and maximum number of sstables in queue before compaction kicks off",
                "type":"string",
                "nickname":"set_compaction_threshold",
                "produces":[

api/api-doc/commitlog.json

@@ -144,6 +144,21 @@
           "parameters": []
         }
       ]
+    },
+    {
+      "path": "/commitlog/metrics/max_disk_size",
+      "operations": [
+        {
+          "method": "GET",
+          "summary": "Get max disk size",
+          "type": "long",
+          "nickname": "get_max_disk_size",
+          "produces": [
+            "application/json"
+          ],
+          "parameters": []
+        }
+      ]
     }
    ]
 }

api/api-doc/cql_server_test.json

@@ -0,0 +1,26 @@
+{
+    "apiVersion":"0.0.1",
+    "swaggerVersion":"1.2",
+    "basePath":"{{Protocol}}://{{Host}}",
+    "resourcePath":"/cql_server_test",
+    "produces":[
+        "application/json"
+    ],
+    "apis":[
+        {
+            "path":"/cql_server_test/connections_params",
+            "operations":[
+                {
+                    "method":"GET",
+                    "summary":"Get service level params of each CQL connection",
+                    "type":"connections_service_level_params",
+                    "nickname":"connections_params",
+                    "produces":[
+                        "application/json"
+                    ],
+                    "parameters":[]
+                }
+            ]
+        }
+    ]
+}

api/api-doc/error_injection.json

@@ -63,6 +63,28 @@
                      "paramType":"path"
                   }
                ]
+            },
+            {
+               "method":"GET",
+               "summary":"Read the state of an injection from all shards",
+               "type":"array",
+               "items":{
+                  "type":"error_injection_info"
+               },
+               "nickname":"read_injection",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"injection",
+                     "description":"injection name",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  }
+               ]
             }
          ]
       },
@@ -90,6 +112,30 @@
             }
          ]
       },
+      {
+         "path":"/v2/error_injection/disconnect/{ip}",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Drop connection to a given IP",
+               "type":"void",
+               "nickname":"inject_disconnect",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"ip",
+                     "description":"IP address to disconnect from",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  }
+               ]
+            }
+         ]
+      },
       {
          "path":"/v2/error_injection/injection",
          "operations":[
@@ -128,5 +174,39 @@
             }
          }
       }
+   },
+   "models":{
+      "mapper":{
+         "id":"mapper",
+         "description":"A key value mapping",
+         "properties":{
+            "key":{
+               "type":"string",
+               "description":"The key"
+            },
+            "value":{
+               "type":"string",
+               "description":"The value"
+            }
+         }
+      },
+       "error_injection_info":{
+         "id":"error_injection_info",
+         "description":"Information about an error injection",
+         "properties":{
+            "enabled":{
+               "type":"boolean",
+               "description":"Is the error injection enabled"
+            },
+            "parameters":{
+               "type":"array",
+               "items":{
+                  "type":"mapper"
+               },
+               "description":"The parameter values"
+            }
+         },
+         "required":["enabled"]
+      }
    }
 }

api/api-doc/gossiper.json

@@ -12,7 +12,7 @@
          "operations":[
             {
                "method":"GET",
-               "summary":"Get the addreses of the down endpoints",
+               "summary":"Get the addresses of the down endpoints",
                "type":"array",
                "items":{
                   "type":"string"
@@ -31,7 +31,7 @@
          "operations":[
             {
                "method":"GET",
-               "summary":"Get the addreses of live endpoints",
+               "summary":"Get the addresses of live endpoints",
                "type":"array",
                "items":{
                   "type":"string"

api/api-doc/metrics.def.json

@@ -7,11 +7,11 @@
                 "items": {
                     "type": "string"
                 },
-                "description": "The source labels, a match is based on concatination of the labels"
+                "description": "The source labels, a match is based on concatenation of the labels"
             },
             "action": {
                 "type": "string",
-                "description": "The action to perfrom on match",
+                "description": "The action to perform on match",
                 "enum": ["skip_when_empty", "report_when_empty", "replace", "keep", "drop", "drop_label"]
             },
             "target_label": {
@@ -28,7 +28,7 @@
             },
             "separator": {
                 "type": "string",
-                "description": "The separator string to use when concatinating the labels"
+                "description": "The separator string to use when concatenating the labels"
             }
         }
     }

api/api-doc/raft.json

@@ -38,6 +38,62 @@
                ]
             }
          ]
+      },
+      {
+         "path":"/raft/leader_host",
+         "operations":[
+            {
+               "method":"GET",
+               "summary":"Returns host ID of the current leader of the given Raft group",
+               "type":"string",
+               "nickname":"get_leader_host",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"group_id",
+                     "description":"The ID of the group. When absent, group0 is used.",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path": "/raft/read_barrier",
+         "operations": [
+            {
+               "method": "POST",
+               "summary": "Triggers read barrier for the given Raft group to wait for previously committed commands in this group to be applied locally. For example, can be used on group 0 to wait for the node to obtain latest schema changes.",
+               "type": "string",
+               "nickname": "read_barrier",
+               "produces": [
+                  "application/json"
+               ],
+               "parameters": [
+                  {
+                     "name": "group_id",
+                     "description": "The ID of the group. When absent, group0 is used.",
+                     "required": false,
+                     "allowMultiple": false,
+                     "type": "string",
+                     "paramType": "query"
+                  },
+                  {
+                     "name": "timeout",
+                     "description": "Timeout in seconds after which the endpoint returns a failure. If not provided, 60s is used.",
+                     "required": false,
+                     "allowMultiple": false,
+                     "type": "long",
+                     "paramType": "query"
+                  }
+               ]
+            }
+         ]
       }
    ]
 }

api/api-doc/storage_service.json

@@ -90,7 +90,7 @@
          "operations":[
             {
                "method":"GET",
-               "summary":"Returns a list of the tokens endpoint mapping",
+               "summary":"Returns a list of the tokens endpoint mapping, provide keyspace and cf param to get tablet mapping",
                "type":"array",
                "items":{
                   "type":"mapper"
@@ -100,6 +100,22 @@
                   "application/json"
                ],
                "parameters":[
+                  {
+                     "name":"keyspace",
+                     "description":"The keyspace to provide the tablet mapping for",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"The table to provide the tablet mapping for",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  }
                ]
             }
          ]
@@ -336,6 +352,14 @@
                      "allowMultiple":false,
                      "type":"boolean",
                      "paramType":"query"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"Column family name",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
                   }
                ]
             }
@@ -368,25 +392,6 @@
             }
          ]
       },
-      {
-         "path":"/storage_service/describe_ring/",
-         "operations":[
-            {
-               "method":"GET",
-               "summary":"The TokenRange for a any keyspace",
-               "type":"array",
-               "items":{
-                  "type":"token_range"
-               },
-               "nickname":"describe_any_ring",
-               "produces":[
-                  "application/json"
-               ],
-               "parameters":[
-               ]
-            }
-         ]
-      },
       {
          "path":"/storage_service/describe_ring/{keyspace}",
          "operations":[
@@ -409,6 +414,14 @@
                      "allowMultiple":false,
                      "type":"string",
                      "paramType":"path"
+                  },
+                  {
+                     "name":"table",
+                     "description":"The name of table to fetch information about",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
                   }
                ]
             }
@@ -436,6 +449,14 @@
                      "allowMultiple":false,
                      "type":"string",
                      "paramType":"path"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"Column family name",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
                   }
                ]
             }
@@ -720,11 +741,123 @@
                      "allowMultiple":false,
                      "type":"boolean",
                      "paramType":"query"
+                  },
+                  {
+                     "name":"consider_only_existing_data",
+                     "description":"Set to \"true\" to flush all memtables and force tombstone garbage collection to check only the sstables being compacted (false by default). The memtable, commitlog and other uncompacted sstables will not be checked during tombstone garbage collection.",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
                   }
                ]
             }
          ]
       },
+      {
+          "path":"/storage_service/backup",
+          "operations":[
+              {
+                  "method":"POST",
+                  "summary":"Starts copying SSTables from a specified keyspace to a designated bucket in object storage",
+                  "type":"string",
+                  "nickname":"start_backup",
+                  "produces":[
+                      "application/json"
+                  ],
+                  "parameters":[
+                      {
+                          "name":"endpoint",
+                          "description":"ID of the configured object storage endpoint to copy sstables to",
+                          "required":true,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      },
+                      {
+                          "name":"bucket",
+                          "description":"Name of the bucket to backup sstables to",
+                          "required":true,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      },
+                      {
+                          "name":"keyspace",
+                          "description":"Name of a keyspace to copy sstables from",
+                          "required":true,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      },
+                      {
+                          "name":"snapshot",
+                          "description":"Name of a snapshot to copy sstables from",
+                          "required":false,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      }
+                  ]
+              }
+          ]
+      },
+      {
+          "path":"/storage_service/restore",
+          "operations":[
+              {
+                  "method":"POST",
+                  "summary":"Starts copying SSTables from a designated bucket in object storage to a specified keyspace",
+                  "type":"string",
+                  "nickname":"start_restore",
+                  "produces":[
+                      "application/json"
+                  ],
+                  "parameters":[
+                      {
+                          "name":"endpoint",
+                          "description":"ID of the configured object storage endpoint to copy SSTables from",
+                          "required":true,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      },
+                      {
+                          "name":"bucket",
+                          "description":"Name of the bucket to read SSTables from",
+                          "required":true,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      },
+                      {
+                          "name":"snapshot",
+                          "description":"Name of a snapshot to copy SSTables from",
+                          "required":true,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      },
+                      {
+                          "name":"keyspace",
+                          "description":"Name of a keyspace to copy SSTables to",
+                          "required":true,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      },
+                      {
+                          "name":"table",
+                          "description":"Name of a table to copy SSTables to",
+                          "required":false,
+                          "allowMultiple":false,
+                          "type":"string",
+                          "paramType":"query"
+                      }
+                  ]
+              }
+          ]
+      },
       {
          "path":"/storage_service/keyspace_compaction/{keyspace}",
          "operations":[
@@ -739,7 +872,7 @@
                "parameters":[
                   {
                      "name":"keyspace",
-                     "description":"The keyspace to query about",
+                     "description":"The keyspace to compact",
                      "required":true,
                      "allowMultiple":false,
                      "type":"string",
@@ -760,6 +893,14 @@
                      "allowMultiple":false,
                      "type":"boolean",
                      "paramType":"query"
+                  },
+                  {
+                     "name":"consider_only_existing_data",
+                     "description":"Set to \"true\" to flush all memtables and force tombstone garbage collection to check only the sstables being compacted (false by default). The memtable, commitlog and other uncompacted sstables will not be checked during tombstone garbage collection.",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
                   }
                ]
             }
@@ -779,7 +920,7 @@
                "parameters":[
                   {
                      "name":"keyspace",
-                     "description":"The keyspace to query about",
+                     "description":"The keyspace to cleanup",
                      "required":true,
                      "allowMultiple":false,
                      "type":"string",
@@ -797,6 +938,21 @@
             }
          ]
       },
+      {
+         "path":"/storage_service/cleanup_all",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Trigger a global cleanup",
+               "type":"long",
+               "nickname":"cleanup_all",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[]
+            }
+         ]
+      },
       {
          "path":"/storage_service/keyspace_offstrategy_compaction/{keyspace}",
          "operations":[
@@ -1169,6 +1325,14 @@
                      "allowMultiple":false,
                      "type":"string",
                      "paramType":"query"
+                  },
+                  {
+                     "name":"small_table_optimization",
+                     "description":"If the value is the string 'true' with any capitalization, perform small table optimization. When this option is enabled, user can send the repair request to any of the nodes in the cluster. There is no need to send repair requests to multiple nodes. All token ranges for the table will be repaired automatically.",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
                   }
                ]
             },
@@ -1502,6 +1666,15 @@
                      "type":"string",
                      "enum": [ "all", "user", "non_local_strategy" ],
                      "paramType":"query"
+                  },
+                  {
+                     "name":"replication",
+                     "description":"Filter keyspaces for the replication used: vnodes or tablets (default: all)",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "enum": [ "all", "vnodes", "tablets" ],
+                     "paramType":"query"
                   }
                ]
             }
@@ -1636,33 +1809,11 @@
       {
          "path":"/storage_service/rpc_server",
          "operations":[
-            {
-               "method":"DELETE",
-               "summary":"Allows a user to disable thrift",
-               "type":"void",
-               "nickname":"stop_rpc_server",
-               "produces":[
-                  "application/json"
-               ],
-               "parameters":[
-               ]
-            },
-            {
-               "method":"POST",
-               "summary":"allows a user to reenable thrift",
-               "type":"void",
-               "nickname":"start_rpc_server",
-               "produces":[
-                  "application/json"
-               ],
-               "parameters":[
-               ]
-            },
             {
                "method":"GET",
                "summary":"Determine if thrift is running",
                "type":"boolean",
-               "nickname":"is_rpc_server_running",
+               "nickname":"is_thrift_server_running",
                "produces":[
                   "application/json"
                ],
@@ -1860,6 +2011,14 @@
                      "allowMultiple":false,
                      "type":"string",
                      "paramType":"query"
+                  },
+                  {
+                     "name":"force",
+                     "description":"Enforce the source_dc option, even if it unsafe to use for rebuild",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
                   }
                ]
             }
@@ -2017,7 +2176,7 @@
          "operations":[
             {
                "method":"POST",
-               "summary":"Enables/Disables tracing for the whole system. Only thrift requests can start tracing currently",
+               "summary":"Enables/Disables tracing for the whole system.",
                "type":"void",
                "nickname":"set_trace_probability",
                "produces":[
@@ -2457,6 +2616,254 @@
             }
          ]
       },
+      {
+         "path":"/storage_service/tablets/move",
+         "operations":[
+            {
+               "nickname":"move_tablet",
+               "method":"POST",
+               "summary":"Moves a tablet replica",
+               "type":"void",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"ks",
+                     "description":"Keyspace name",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"table",
+                     "description":"Table name",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"token",
+                     "description":"Token owned by the tablet to move",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"integer",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"src_host",
+                     "description":"Source host id",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"dst_host",
+                     "description":"Destination host id",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"src_shard",
+                     "description":"Source shard number",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"integer",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"dst_shard",
+                     "description":"Destination shard number",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"integer",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"force",
+                     "description":"When set to true, replication strategy constraints can be broken (false by default)",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/storage_service/tablets/add_replica",
+         "operations":[
+            {
+               "nickname":"add_tablet_replica",
+               "method":"POST",
+               "summary":"Adds replica to tablet",
+               "type":"void",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"ks",
+                     "description":"Keyspace name",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"table",
+                     "description":"Table name",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"token",
+                     "description":"Token owned by the tablet to add replica to",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"integer",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"dst_host",
+                     "description":"Destination host id",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"dst_shard",
+                     "description":"Destination shard number",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"integer",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"force",
+                     "description":"When set to true, replication strategy constraints can be broken (false by default)",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/storage_service/tablets/del_replica",
+         "operations":[
+            {
+               "nickname":"del_tablet_replica",
+               "method":"POST",
+               "summary":"Deletes replica from tablet",
+               "type":"void",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"ks",
+                     "description":"Keyspace name",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"table",
+                     "description":"Table name",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"token",
+                     "description":"Token owned by the tablet to delete replica from",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"integer",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"host",
+                     "description":"Host id to remove replica from",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"shard",
+                     "description":"Shard number to remove replica from",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"integer",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"force",
+                     "description":"When set to true, replication strategy constraints can be broken (false by default)",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/storage_service/tablets/balancing",
+         "operations":[
+            {
+               "nickname":"tablet_balancing_enable",
+               "method":"POST",
+               "summary":"Controls tablet load-balancing",
+               "type":"void",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"enabled",
+                     "description":"When set to false, tablet load balancing is disabled",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/storage_service/quiesce_topology",
+         "operations":[
+            {
+               "nickname":"quiesce_topology",
+               "method":"POST",
+               "summary":"Waits until there are no ongoing topology operations. Guarantees that topology operations which started before the call are finished after the call. This doesn't consider requested but not started operations. Such operations may start after the call succeeds.",
+               "type":"void",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+               ]
+            }
+         ]
+      },
       {
          "path":"/storage_service/metrics/total_hints",
          "operations":[
@@ -2558,6 +2965,33 @@
                ]
             }
          ]
+      },
+      {
+         "path":"/storage_service/raft_topology/upgrade",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Trigger the upgrade to topology on raft.",
+               "type":"void",
+               "nickname":"upgrade_to_raft_topology",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+               ]
+            },
+            {
+               "method":"GET",
+               "summary":"Get information about the current upgrade status of topology on raft.",
+               "type":"string",
+               "nickname":"raft_topology_upgrade_status",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+               ]
+            }
+         ]
       }
    ],
    "models":{

api/api-doc/system.json

@@ -179,6 +179,36 @@
                ]
             }
          ]
+      },
+      {
+         "path":"/system/dump_llvm_profile",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Dump llvm profile data (raw profile data) that can later be used for coverage reporting or PGO (no-op if the current binary is not instrumented)",
+               "type":"void",
+               "nickname":"dump_profile",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[]
+            }
+         ]
+      },
+      {
+         "path":"/system/highest_supported_sstable_version",
+         "operations":[
+            {
+               "method":"GET",
+               "summary":"Get highest supported sstable version",
+               "type":"string",
+               "nickname":"get_highest_supported_sstable_version",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[]
+            }
+         ]
       }
    ]
 }

api/api-doc/task_manager.json

@@ -115,7 +115,7 @@
                "parameters":[
                   {
                      "name":"task_id",
-                     "description":"The uuid of a task to abort",
+                     "description":"The uuid of a task to abort; if the task is not abortable, 403 status code is returned",
                      "required":true,
                      "allowMultiple":false,
                      "type":"string",
@@ -144,6 +144,14 @@
                      "allowMultiple":false,
                      "type":"string",
                      "paramType":"path"
+                  },
+                  {
+                     "name":"timeout",
+                     "description":"Timeout for waiting; if times out, 408 status code is returned",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"long",
+                     "paramType":"query"
                   }
                ]
             }
@@ -197,11 +205,60 @@
                      "paramType":"query"
                   }
                ]
+            },
+            {
+               "method":"GET",
+               "summary":"Get current ttl value",
+               "type":"long",
+               "nickname":"get_ttl",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/task_manager/drain/{module}",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Drain finished local tasks",
+               "type":"void",
+               "nickname":"drain_tasks",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"module",
+                     "description":"The module to drain",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  }
+               ]
             }
          ]
       }
    ],
    "models":{
+      "task_identity":{
+         "id": "task_identity",
+         "description":"Id and node of a task",
+         "properties":{
+            "task_id":{
+               "type":"string",
+               "description":"The uuid of a task"
+            },
+            "node":{
+               "type":"string",
+               "description":"Address of a server on which a task is created"
+            }
+         }
+      },
       "task_stats" :{
          "id": "task_stats",
          "description":"A task statistics object",
@@ -224,6 +281,14 @@
                "type":"string",
                "description":"The description of the task"
             },
+            "kind":{
+               "type":"string",
+               "enum":[
+                  "node",
+                  "cluster"
+               ],
+               "description":"The kind of a task"
+            },
             "scope":{
                "type":"string",
                "description":"The scope of the task"
@@ -258,6 +323,14 @@
                "type":"string",
                "description":"The description of the task"
             },
+            "kind":{
+               "type":"string",
+               "enum":[
+                  "node",
+                  "cluster"
+               ],
+               "description":"The kind of a task"
+            },
             "scope":{
                "type":"string",
                "description":"The scope of the task"
@@ -327,9 +400,9 @@
             "children_ids":{
                "type":"array",
                "items":{
-                  "type":"string"
+                  "type":"task_identity"
                },
-               "description":"Task IDs of children of this task"
+               "description":"Task identities of children of this task"
             }
          }
       }

api/api-doc/tasks.json

@@ -0,0 +1,230 @@
+{
+   "apiVersion":"0.0.1",
+   "swaggerVersion":"1.2",
+   "basePath":"{{Protocol}}://{{Host}}",
+   "resourcePath":"/tasks",
+   "produces":[
+      "application/json"
+   ],
+   "apis":[
+      {
+         "path":"/tasks/compaction/keyspace_compaction/{keyspace}",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Forces major compaction of a single keyspace asynchronously, returns uuid which can be used to check progress with task manager",
+               "type":"string",
+               "nickname":"force_keyspace_compaction_async",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"keyspace",
+                     "description":"The keyspace to query about",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"Comma-separated table (column family) names",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"flush_memtables",
+                     "description":"Controls flushing of memtables before compaction (true by default). Set to \"false\" to skip automatic flushing of memtables before compaction, e.g. when tables were flushed explicitly before invoking the compaction api.",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/tasks/compaction/keyspace_cleanup/{keyspace}",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Trigger a cleanup of keys on a single keyspace asynchronously, returns uuid which can be used to check progress with task manager",
+               "type": "string",
+               "nickname":"force_keyspace_cleanup_async",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"keyspace",
+                     "description":"The keyspace to query about",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"Comma-separated table (column family) names",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/tasks/compaction/keyspace_offstrategy_compaction/{keyspace}",
+         "operations":[
+            {
+               "method":"POST",
+               "summary":"Perform offstrategy compaction, if needed, in a single keyspace asynchronously, returns uuid which can be used to check progress with task manager",
+               "type":"string",
+               "nickname":"perform_keyspace_offstrategy_compaction_async",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"keyspace",
+                     "description":"The keyspace to operate on",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"Comma-separated table (column family) names",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/tasks/compaction/keyspace_scrub/{keyspace}",
+         "operations":[
+            {
+               "method":"GET",
+               "summary":"Scrub (deserialize + reserialize at the latest version, resolving corruptions if any) the given keyspace asynchronously, returns uuid which can be used to check progress with task manager. If columnFamilies array is empty, all CFs are scrubbed. Scrubbed CFs will be snapshotted first, if disableSnapshot is false. Scrub has the following modes: Abort (default) - abort scrub if corruption is detected; Skip (same as `skip_corrupted=true`) skip over corrupt data, omitting them from the output; Segregate - segregate data into multiple sstables if needed, such that each sstable contains data with valid order; Validate - read (no rewrite) and validate data, logging any problems found.",
+               "type": "string",
+               "nickname":"scrub_async",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"disable_snapshot",
+                     "description":"When set to true, disable snapshot",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"skip_corrupted",
+                     "description":"When set to true, skip corrupted",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"scrub_mode",
+                     "description":"How to handle corrupt data (overrides 'skip_corrupted'); ",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "enum":[
+                        "ABORT",
+                        "SKIP",
+                        "SEGREGATE",
+                        "VALIDATE"
+                     ],
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"quarantine_mode",
+                     "description":"Controls whether to scrub quarantined sstables (default INCLUDE)",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "enum":[
+                        "INCLUDE",
+                        "EXCLUDE",
+                        "ONLY"
+                     ],
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"keyspace",
+                     "description":"The keyspace to query about",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"Comma-separated table (column family) names",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      },
+      {
+         "path":"/tasks/compaction/keyspace_upgrade_sstables/{keyspace}",
+         "operations":[
+            {
+               "method":"GET",
+               "summary":"Rewrite all sstables to the latest version. Unlike scrub, it doesn't skip bad rows and do not snapshot sstables first asynchronously, returns uuid which can be used to check progress with task manager.",
+               "type": "string",
+               "nickname":"upgrade_sstables_async",
+               "produces":[
+                  "application/json"
+               ],
+               "parameters":[
+                  {
+                     "name":"keyspace",
+                     "description":"The keyspace",
+                     "required":true,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"path"
+                  },
+                  {
+                     "name":"exclude_current_version",
+                     "description":"When set to true exclude current version",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"boolean",
+                     "paramType":"query"
+                  },
+                  {
+                     "name":"cf",
+                     "description":"Comma-separated table (column family) names",
+                     "required":false,
+                     "allowMultiple":false,
+                     "type":"string",
+                     "paramType":"query"
+                  }
+               ]
+            }
+         ]
+      }
+   ]
+}

api/api-doc/utils.json

@@ -75,7 +75,7 @@
                "items":{
                   "type":"double"
                },
-               "description":"One, five and fifteen mintues rates"
+               "description":"One, five and fifteen minutes rates"
             },
             "mean_rate": {
                "type":"double",

api/api.cc

@@ -10,7 +10,9 @@
 #include <seastar/http/file_handler.hh>
 #include <seastar/http/transformers.hh>
 #include <seastar/http/api_docs.hh>
+#include "cql_server_test.hh"
 #include "storage_service.hh"
+#include "token_metadata.hh"
 #include "commitlog.hh"
 #include "gossiper.hh"
 #include "failure_detector.hh"
@@ -31,6 +33,7 @@
 #include "api/config.hh"
 #include "task_manager.hh"
 #include "task_manager_test.hh"
+#include "tasks.hh"
 #include "raft.hh"
 
 logging::logger apilog("api");
@@ -66,6 +69,13 @@ future<> set_server_init(http_context& ctx) {
                 "The system related API");
         rb02->add_definitions_file(r, "metrics");
         set_system(ctx, r);
+        rb->register_function(r, "error_injection",
+            "The error injection API");
+        set_error_injection(ctx, r);
+        rb->register_function(r, "storage_proxy",
+                "The storage proxy API");
+        rb->register_function(r, "storage_service",
+                "The storage service API");
     });
 }
 
@@ -76,6 +86,10 @@ future<> set_server_config(http_context& ctx, const db::config& cfg) {
     });
 }
 
+future<> unset_server_config(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_config(ctx, r); });
+}
+
 static future<> register_api(http_context& ctx, const sstring& api_name,
         const sstring api_desc,
         std::function<void(http_context& ctx, routes& r)> f) {
@@ -95,16 +109,16 @@ future<> unset_transport_controller(http_context& ctx) {
     return ctx.http_server.set_routes([&ctx] (routes& r) { unset_transport_controller(ctx, r); });
 }
 
-future<> set_rpc_controller(http_context& ctx, thrift_controller& ctl) {
-    return ctx.http_server.set_routes([&ctx, &ctl] (routes& r) { set_rpc_controller(ctx, r, ctl); });
+future<> set_thrift_controller(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { set_thrift_controller(ctx, r); });
 }
 
-future<> unset_rpc_controller(http_context& ctx) {
-    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_rpc_controller(ctx, r); });
+future<> unset_thrift_controller(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_thrift_controller(ctx, r); });
 }
 
 future<> set_server_storage_service(http_context& ctx, sharded<service::storage_service>& ss, service::raft_group0_client& group0_client) {
-    return register_api(ctx, "storage_service", "The storage service API", [&ss, &group0_client] (http_context& ctx, routes& r) {
+    return ctx.http_server.set_routes([&ctx, &ss, &group0_client] (routes& r) {
             set_storage_service(ctx, r, ss, group0_client);
         });
 }
@@ -113,6 +127,14 @@ future<> unset_server_storage_service(http_context& ctx) {
     return ctx.http_server.set_routes([&ctx] (routes& r) { unset_storage_service(ctx, r); });
 }
 
+future<> set_load_meter(http_context& ctx, service::load_meter& lm) {
+    return ctx.http_server.set_routes([&ctx, &lm] (routes& r) { set_load_meter(ctx, r, lm); });
+}
+
+future<> unset_load_meter(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_load_meter(ctx, r); });
+}
+
 future<> set_server_sstables_loader(http_context& ctx, sharded<sstables_loader>& sst_loader) {
     return ctx.http_server.set_routes([&ctx, &sst_loader] (routes& r) { set_sstables_loader(ctx, r, sst_loader); });
 }
@@ -156,6 +178,14 @@ future<> unset_server_snapshot(http_context& ctx) {
     return ctx.http_server.set_routes([&ctx] (routes& r) { unset_snapshot(ctx, r); });
 }
 
+future<> set_server_token_metadata(http_context& ctx, sharded<locator::shared_token_metadata>& tm) {
+    return ctx.http_server.set_routes([&ctx, &tm] (routes& r) { set_token_metadata(ctx, r, tm); });
+}
+
+future<> unset_server_token_metadata(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_token_metadata(ctx, r); });
+}
+
 future<> set_server_snitch(http_context& ctx, sharded<locator::snitch_ptr>& snitch) {
     return register_api(ctx, "endpoint_snitch_info", "The endpoint snitch info API", [&snitch] (http_context& ctx, routes& r) {
         set_endpoint_snitch(ctx, r, snitch);
@@ -167,20 +197,31 @@ future<> unset_server_snitch(http_context& ctx) {
 }
 
 future<> set_server_gossip(http_context& ctx, sharded<gms::gossiper>& g) {
-    return register_api(ctx, "gossiper",
+    co_await register_api(ctx, "gossiper",
                 "The gossiper API", [&g] (http_context& ctx, routes& r) {
                     set_gossiper(ctx, r, g.local());
                 });
+    co_await register_api(ctx, "failure_detector",
+                "The failure detector API", [&g] (http_context& ctx, routes& r) {
+                    set_failure_detector(ctx, r, g.local());
+                });
 }
 
-future<> set_server_load_sstable(http_context& ctx, sharded<db::system_keyspace>& sys_ks) {
+future<> unset_server_gossip(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) {
+        unset_gossiper(ctx, r);
+        unset_failure_detector(ctx, r);
+    });
+}
+
+future<> set_server_column_family(http_context& ctx, sharded<db::system_keyspace>& sys_ks) {
     return register_api(ctx, "column_family",
                 "The column family API", [&sys_ks] (http_context& ctx, routes& r) {
                     set_column_family(ctx, r, sys_ks);
                 });
 }
 
-future<> unset_server_load_sstable(http_context& ctx) {
+future<> unset_server_column_family(http_context& ctx) {
     return ctx.http_server.set_routes([&ctx] (routes& r) { unset_column_family(ctx, r); });
 }
 
@@ -195,10 +236,7 @@ future<> unset_server_messaging_service(http_context& ctx) {
 }
 
 future<> set_server_storage_proxy(http_context& ctx, sharded<service::storage_proxy>& proxy) {
-    return register_api(ctx, "storage_proxy",
-                "The storage proxy API", [&proxy] (http_context& ctx, routes& r) {
-                    set_storage_proxy(ctx, r, proxy);
-                });
+    return ctx.http_server.set_routes([&ctx, &proxy] (routes& r) { set_storage_proxy(ctx, r, proxy); });
 }
 
 future<> unset_server_storage_proxy(http_context& ctx) {
@@ -221,6 +259,10 @@ future<> set_server_cache(http_context& ctx) {
             "The cache service API", set_cache_service);
 }
 
+future<> unset_server_cache(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_cache_service(ctx, r); });
+}
+
 future<> set_hinted_handoff(http_context& ctx, sharded<service::storage_proxy>& proxy) {
     return register_api(ctx, "hinted_handoff",
                 "The hinted handoff API", [&proxy] (http_context& ctx, routes& r) {
@@ -232,16 +274,6 @@ future<> unset_hinted_handoff(http_context& ctx) {
     return ctx.http_server.set_routes([&ctx] (routes& r) { unset_hinted_handoff(ctx, r); });
 }
 
-future<> set_server_gossip_settle(http_context& ctx, sharded<gms::gossiper>& g) {
-    auto rb = std::make_shared < api_registry_builder > (ctx.api_doc);
-
-    return ctx.http_server.set_routes([rb, &ctx, &g](routes& r) {
-        rb->register_function(r, "failure_detector",
-                "The failure detector API");
-        set_failure_detector(ctx, r, g.local());
-    });
-}
-
 future<> set_server_compaction_manager(http_context& ctx) {
     auto rb = std::make_shared < api_registry_builder > (ctx.api_doc);
 
@@ -265,36 +297,65 @@ future<> set_server_done(http_context& ctx) {
         rb->register_function(r, "collectd",
                 "The collectd API");
         set_collectd(ctx, r);
-        rb->register_function(r, "error_injection",
-                "The error injection API");
-        set_error_injection(ctx, r);
     });
 }
 
-future<> set_server_task_manager(http_context& ctx, lw_shared_ptr<db::config> cfg) {
+future<> set_server_task_manager(http_context& ctx, sharded<tasks::task_manager>& tm, lw_shared_ptr<db::config> cfg) {
     auto rb = std::make_shared < api_registry_builder > (ctx.api_doc);
 
-    return ctx.http_server.set_routes([rb, &ctx, &cfg = *cfg](routes& r) {
+    return ctx.http_server.set_routes([rb, &ctx, &tm, &cfg = *cfg](routes& r) {
         rb->register_function(r, "task_manager",
                 "The task manager API");
-        set_task_manager(ctx, r, cfg);
+        set_task_manager(ctx, r, tm, cfg);
     });
 }
 
+future<> unset_server_task_manager(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_task_manager(ctx, r); });
+}
+
 #ifndef SCYLLA_BUILD_MODE_RELEASE
 
-future<> set_server_task_manager_test(http_context& ctx) {
+future<> set_server_task_manager_test(http_context& ctx, sharded<tasks::task_manager>& tm) {
     auto rb = std::make_shared < api_registry_builder > (ctx.api_doc);
 
-    return ctx.http_server.set_routes([rb, &ctx](routes& r) mutable {
+    return ctx.http_server.set_routes([rb, &ctx, &tm](routes& r) mutable {
         rb->register_function(r, "task_manager_test",
                 "The task manager test API");
-        set_task_manager_test(ctx, r);
+        set_task_manager_test(ctx, r, tm);
     });
 }
 
+future<> unset_server_task_manager_test(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_task_manager_test(ctx, r); });
+}
+
+future<> set_server_cql_server_test(http_context& ctx, cql_transport::controller& ctl) {
+    return register_api(ctx, "cql_server_test", "The CQL server test API", [&ctl] (http_context& ctx, routes& r) {
+        set_cql_server_test(ctx, r, ctl);
+    });
+}
+
+future<> unset_server_cql_server_test(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_cql_server_test(ctx, r); });
+}
+
 #endif
 
+future<> set_server_tasks_compaction_module(http_context& ctx, sharded<service::storage_service>& ss, sharded<db::snapshot_ctl>& snap_ctl) {
+    auto rb = std::make_shared < api_registry_builder > (ctx.api_doc);
+
+    return ctx.http_server.set_routes([rb, &ctx, &ss, &snap_ctl](routes& r) {
+        rb->register_function(r, "tasks",
+                "The tasks API");
+        set_tasks_compaction_module(ctx, r, ss, snap_ctl);
+    });
+}
+
+future<> unset_server_tasks_compaction_module(http_context& ctx) {
+    return ctx.http_server.set_routes([&ctx] (routes& r) { unset_tasks_compaction_module(ctx, r); });
+}
+
 future<> set_server_raft(http_context& ctx, sharded<service::raft_group_registry>& raft_gr) {
     auto rb = std::make_shared<api_registry_builder>(ctx.api_doc);
     return ctx.http_server.set_routes([rb, &ctx, &raft_gr] (routes& r) {

api/api.hh

@@ -14,11 +14,11 @@
 #include <boost/algorithm/string/split.hpp>
 #include <boost/algorithm/string/classification.hpp>
 #include <boost/units/detail/utility.hpp>
+#include "api/api_init.hh"
 #include "api/api-doc/utils.json.hh"
 #include "utils/histogram.hh"
 #include "utils/estimated_histogram.hh"
 #include <seastar/http/exception.hh>
-#include "api_init.hh"
 #include "seastarx.hh"
 
 namespace api {
@@ -26,7 +26,9 @@ namespace api {
 template<class T>
 std::vector<sstring> container_to_vec(const T& container) {
     std::vector<sstring> res;
-    for (auto i : container) {
+    res.reserve(std::size(container));
+
+    for (const auto& i : container) {
         res.push_back(fmt::to_string(i));
     }
     return res;
@@ -35,27 +37,31 @@ std::vector<sstring> container_to_vec(const T& container) {
 template<class T>
 std::vector<T> map_to_key_value(const std::map<sstring, sstring>& map) {
     std::vector<T> res;
-    for (auto i : map) {
+    res.reserve(map.size());
+
+    for (const auto& [key, value] : map) {
         res.push_back(T());
-        res.back().key = i.first;
-        res.back().value = i.second;
+        res.back().key = key;
+        res.back().value = value;
     }
     return res;
 }
 
 template<class T, class MAP>
 std::vector<T>& map_to_key_value(const MAP& map, std::vector<T>& res) {
-    for (auto i : map) {
+    res.reserve(res.size() + std::size(map));
+
+    for (const auto& [key, value] : map) {
         T val;
-        val.key = fmt::to_string(i.first);
-        val.value = fmt::to_string(i.second);
+        val.key = fmt::to_string(key);
+        val.value = fmt::to_string(value);
         res.push_back(val);
     }
     return res;
 }
 template <typename T, typename S = T>
 T map_sum(T&& dest, const S& src) {
-    for (auto i : src) {
+    for (const auto& i : src) {
         dest[i.first] += i.second;
     }
     return std::move(dest);
@@ -64,6 +70,8 @@ T map_sum(T&& dest, const S& src) {
 template <typename MAP>
 std::vector<sstring> map_keys(const MAP& map) {
     std::vector<sstring> res;
+    res.reserve(std::size(map));
+
     for (const auto& i : map) {
         res.push_back(fmt::to_string(i.first));
     }
@@ -238,7 +246,7 @@ public:
                 value = T{boost::lexical_cast<Base>(param)};
             }
         } catch (boost::bad_lexical_cast&) {
-            throw httpd::bad_param_exception(format("{} ({}): type error - should be {}", name, param, boost::units::detail::demangle(typeid(Base).name())));
+            throw httpd::bad_param_exception(fmt::format("{} ({}): type error - should be {}", name, param, boost::units::detail::demangle(typeid(Base).name())));
         }
     }
 

api/api_init.hh

@@ -33,6 +33,10 @@ namespace streaming {
 class stream_manager;
 }
 
+namespace gms {
+    class inet_address;
+}
+
 namespace locator {
 
 class token_metadata;
@@ -42,7 +46,6 @@ class snitch_ptr;
 } // namespace locator
 
 namespace cql_transport { class controller; }
-class thrift_controller;
 namespace db {
 class snapshot_ctl;
 class config;
@@ -62,6 +65,10 @@ class gossiper;
 
 namespace auth { class service; }
 
+namespace tasks {
+class task_manager;
+}
+
 namespace api {
 
 struct http_context {
@@ -69,20 +76,16 @@ struct http_context {
     sstring api_doc;
     httpd::http_server_control http_server;
     distributed<replica::database>& db;
-    service::load_meter& lmeter;
-    const sharded<locator::shared_token_metadata>& shared_token_metadata;
-    sharded<tasks::task_manager>& tm;
 
-    http_context(distributed<replica::database>& _db,
-            service::load_meter& _lm, const sharded<locator::shared_token_metadata>& _stm, sharded<tasks::task_manager>& _tm)
-            : db(_db), lmeter(_lm), shared_token_metadata(_stm), tm(_tm) {
+    http_context(distributed<replica::database>& _db)
+            : db(_db)
+    {
     }
-
-    const locator::token_metadata& get_token_metadata();
 };
 
 future<> set_server_init(http_context& ctx);
 future<> set_server_config(http_context& ctx, const db::config& cfg);
+future<> unset_server_config(http_context& ctx);
 future<> set_server_snitch(http_context& ctx, sharded<locator::snitch_ptr>& snitch);
 future<> unset_server_snitch(http_context& ctx);
 future<> set_server_storage_service(http_context& ctx, sharded<service::storage_service>& ss, service::raft_group0_client&);
@@ -95,15 +98,18 @@ future<> set_server_repair(http_context& ctx, sharded<repair_service>& repair);
 future<> unset_server_repair(http_context& ctx);
 future<> set_transport_controller(http_context& ctx, cql_transport::controller& ctl);
 future<> unset_transport_controller(http_context& ctx);
-future<> set_rpc_controller(http_context& ctx, thrift_controller& ctl);
-future<> unset_rpc_controller(http_context& ctx);
+future<> set_thrift_controller(http_context& ctx);
+future<> unset_thrift_controller(http_context& ctx);
 future<> set_server_authorization_cache(http_context& ctx, sharded<auth::service> &auth_service);
 future<> unset_server_authorization_cache(http_context& ctx);
 future<> set_server_snapshot(http_context& ctx, sharded<db::snapshot_ctl>& snap_ctl);
 future<> unset_server_snapshot(http_context& ctx);
+future<> set_server_token_metadata(http_context& ctx, sharded<locator::shared_token_metadata>& tm);
+future<> unset_server_token_metadata(http_context& ctx);
 future<> set_server_gossip(http_context& ctx, sharded<gms::gossiper>& g);
-future<> set_server_load_sstable(http_context& ctx, sharded<db::system_keyspace>& sys_ks);
-future<> unset_server_load_sstable(http_context& ctx);
+future<> unset_server_gossip(http_context& ctx);
+future<> set_server_column_family(http_context& ctx, sharded<db::system_keyspace>& sys_ks);
+future<> unset_server_column_family(http_context& ctx);
 future<> set_server_messaging_service(http_context& ctx, sharded<netw::messaging_service>& ms);
 future<> unset_server_messaging_service(http_context& ctx);
 future<> set_server_storage_proxy(http_context& ctx, sharded<service::storage_proxy>& proxy);
@@ -112,13 +118,21 @@ future<> set_server_stream_manager(http_context& ctx, sharded<streaming::stream_
 future<> unset_server_stream_manager(http_context& ctx);
 future<> set_hinted_handoff(http_context& ctx, sharded<service::storage_proxy>& p);
 future<> unset_hinted_handoff(http_context& ctx);
-future<> set_server_gossip_settle(http_context& ctx, sharded<gms::gossiper>& g);
 future<> set_server_cache(http_context& ctx);
+future<> unset_server_cache(http_context& ctx);
 future<> set_server_compaction_manager(http_context& ctx);
 future<> set_server_done(http_context& ctx);
-future<> set_server_task_manager(http_context& ctx, lw_shared_ptr<db::config> cfg);
-future<> set_server_task_manager_test(http_context& ctx);
+future<> set_server_task_manager(http_context& ctx, sharded<tasks::task_manager>& tm, lw_shared_ptr<db::config> cfg);
+future<> unset_server_task_manager(http_context& ctx);
+future<> set_server_task_manager_test(http_context& ctx, sharded<tasks::task_manager>& tm);
+future<> unset_server_task_manager_test(http_context& ctx);
+future<> set_server_tasks_compaction_module(http_context& ctx, sharded<service::storage_service>& ss, sharded<db::snapshot_ctl>& snap_ctl);
+future<> unset_server_tasks_compaction_module(http_context& ctx);
 future<> set_server_raft(http_context&, sharded<service::raft_group_registry>&);
 future<> unset_server_raft(http_context&);
+future<> set_load_meter(http_context& ctx, service::load_meter& lm);
+future<> unset_load_meter(http_context& ctx);
+future<> set_server_cql_server_test(http_context& ctx, cql_transport::controller& ctl);
+future<> unset_server_cql_server_test(http_context& ctx);
 
 }

api/authorization_cache.cc

@@ -9,8 +9,6 @@
 #include "api/api-doc/authorization_cache.json.hh"
 
 #include "api/authorization_cache.hh"
-#include "api/api.hh"
-#include "auth/common.hh"
 #include "auth/service.hh"
 
 namespace api {

api/authorization_cache.hh

@@ -8,11 +8,20 @@
 
 #pragma once
 
-#include "api.hh"
+#include <seastar/core/sharded.hh>
+
+namespace seastar::httpd {
+class routes;
+}
+
+namespace auth {
+class service;
+}
 
 namespace api {
 
-void set_authorization_cache(http_context& ctx, httpd::routes& r, sharded<auth::service> &auth_service);
-void unset_authorization_cache(http_context& ctx, httpd::routes& r);
+struct http_context;
+void set_authorization_cache(http_context& ctx, seastar::httpd::routes& r, seastar::sharded<auth::service> &auth_service);
+void unset_authorization_cache(http_context& ctx, seastar::httpd::routes& r);
 
 }

api/cache_service.cc

@@ -7,6 +7,7 @@
  */
 
 #include "cache_service.hh"
+#include "api/api.hh"
 #include "api/api-doc/cache_service.json.hh"
 #include "column_family.hh"
 
@@ -195,9 +196,9 @@ void set_cache_service(http_context& ctx, routes& r) {
         return make_ready_future<json::json_return_type>(0);
     });
 
-    cs::get_row_capacity.set(r, [&ctx] (std::unique_ptr<http::request> req) {
-        return ctx.db.map_reduce0([](replica::database& db) -> uint64_t {
-            return db.row_cache_tracker().region().occupancy().used_space();
+    cs::get_row_capacity.set(r, [] (std::unique_ptr<http::request> req) {
+        return seastar::map_reduce(smp::all_cpus(), [] (int cpu) {
+            return make_ready_future<uint64_t>(memory::stats().total_memory());
         }, uint64_t(0), std::plus<uint64_t>()).then([](const int64_t& res) {
             return make_ready_future<json::json_return_type>(res);
         });
@@ -240,9 +241,9 @@ void set_cache_service(http_context& ctx, routes& r) {
 
     cs::get_row_size.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         // In origin row size is the weighted size.
-        // We currently do not support weights, so we use num entries instead
+        // We currently do not support weights, so we use raw size in bytes instead
         return ctx.db.map_reduce0([](replica::database& db) -> uint64_t {
-            return db.row_cache_tracker().partitions();
+            return db.row_cache_tracker().region().occupancy().used_space();
         }, uint64_t(0), std::plus<uint64_t>()).then([](const int64_t& res) {
             return make_ready_future<json::json_return_type>(res);
         });
@@ -319,5 +320,50 @@ void set_cache_service(http_context& ctx, routes& r) {
     });
 }
 
+void unset_cache_service(http_context& ctx, routes& r) {
+    cs::get_row_cache_save_period_in_seconds.unset(r);
+    cs::set_row_cache_save_period_in_seconds.unset(r);
+    cs::get_key_cache_save_period_in_seconds.unset(r);
+    cs::set_key_cache_save_period_in_seconds.unset(r);
+    cs::get_counter_cache_save_period_in_seconds.unset(r);
+    cs::set_counter_cache_save_period_in_seconds.unset(r);
+    cs::get_row_cache_keys_to_save.unset(r);
+    cs::set_row_cache_keys_to_save.unset(r);
+    cs::get_key_cache_keys_to_save.unset(r);
+    cs::set_key_cache_keys_to_save.unset(r);
+    cs::get_counter_cache_keys_to_save.unset(r);
+    cs::set_counter_cache_keys_to_save.unset(r);
+    cs::invalidate_key_cache.unset(r);
+    cs::invalidate_counter_cache.unset(r);
+    cs::set_row_cache_capacity_in_mb.unset(r);
+    cs::set_key_cache_capacity_in_mb.unset(r);
+    cs::set_counter_cache_capacity_in_mb.unset(r);
+    cs::save_caches.unset(r);
+    cs::get_key_capacity.unset(r);
+    cs::get_key_hits.unset(r);
+    cs::get_key_requests.unset(r);
+    cs::get_key_hit_rate.unset(r);
+    cs::get_key_hits_moving_avrage.unset(r);
+    cs::get_key_requests_moving_avrage.unset(r);
+    cs::get_key_size.unset(r);
+    cs::get_key_entries.unset(r);
+    cs::get_row_capacity.unset(r);
+    cs::get_row_hits.unset(r);
+    cs::get_row_requests.unset(r);
+    cs::get_row_hit_rate.unset(r);
+    cs::get_row_hits_moving_avrage.unset(r);
+    cs::get_row_requests_moving_avrage.unset(r);
+    cs::get_row_size.unset(r);
+    cs::get_row_entries.unset(r);
+    cs::get_counter_capacity.unset(r);
+    cs::get_counter_hits.unset(r);
+    cs::get_counter_requests.unset(r);
+    cs::get_counter_hit_rate.unset(r);
+    cs::get_counter_hits_moving_avrage.unset(r);
+    cs::get_counter_requests_moving_avrage.unset(r);
+    cs::get_counter_size.unset(r);
+    cs::get_counter_entries.unset(r);
+}
+
 }
 

api/cache_service.hh

@@ -8,10 +8,14 @@
 
 #pragma once
 
-#include "api.hh"
+namespace seastar::httpd {
+class routes;
+}
 
 namespace api {
 
-void set_cache_service(http_context& ctx, httpd::routes& r);
+struct http_context;
+void set_cache_service(http_context& ctx, seastar::httpd::routes& r);
+void unset_cache_service(http_context& ctx, seastar::httpd::routes& r);
 
 }

api/collectd.cc

@@ -10,9 +10,9 @@
 #include "api/api-doc/collectd.json.hh"
 #include <seastar/core/scollectd.hh>
 #include <seastar/core/scollectd_api.hh>
-#include "endian.h"
 #include <boost/range/irange.hpp>
 #include <regex>
+#include "api/api_init.hh"
 
 namespace api {
 

api/collectd.hh

@@ -8,10 +8,13 @@
 
 #pragma once
 
-#include "api.hh"
+namespace seastar::httpd {
+class routes;
+}
 
 namespace api {
 
-void set_collectd(http_context& ctx, httpd::routes& r);
+struct http_context;
+void set_collectd(http_context& ctx, seastar::httpd::routes& r);
 
 }

api/column_family.cc

@@ -6,12 +6,16 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
+#include <fmt/ranges.h>
 #include "column_family.hh"
+#include "api/api.hh"
 #include "api/api-doc/column_family.json.hh"
+#include "api/api-doc/storage_service.json.hh"
 #include <vector>
 #include <seastar/http/exception.hh>
 #include "sstables/sstables.hh"
 #include "sstables/metadata_collector.hh"
+#include "utils/assert.hh"
 #include "utils/estimated_histogram.hh"
 #include <algorithm>
 #include "db/system_keyspace.hh"
@@ -27,6 +31,7 @@ using namespace httpd;
 
 using namespace json;
 namespace cf = httpd::column_family_json;
+namespace ss = httpd::storage_service_json;
 
 std::tuple<sstring, sstring> parse_fully_qualified_cf_name(sstring name) {
     auto pos = name.find("%3A");
@@ -78,6 +83,65 @@ future<json::json_return_type>  get_cf_stats(http_context& ctx,
     }, std::plus<int64_t>());
 }
 
+static future<json::json_return_type> set_tables(http_context& ctx, const sstring& keyspace, std::vector<sstring> tables, std::function<future<>(replica::table&)> set) {
+    if (tables.empty()) {
+        tables = map_keys(ctx.db.local().find_keyspace(keyspace).metadata().get()->cf_meta_data());
+    }
+
+    return do_with(keyspace, std::move(tables), [&ctx, set] (const sstring& keyspace, const std::vector<sstring>& tables) {
+        return ctx.db.invoke_on_all([&keyspace, &tables, set] (replica::database& db) {
+            return parallel_for_each(tables, [&db, &keyspace, set] (const sstring& table) {
+                replica::table& t = db.find_column_family(keyspace, table);
+                return set(t);
+            });
+        });
+    }).then([] {
+        return make_ready_future<json::json_return_type>(json_void());
+    });
+}
+
+class autocompaction_toggle_guard {
+    replica::database& _db;
+public:
+    autocompaction_toggle_guard(replica::database& db) : _db(db) {
+        SCYLLA_ASSERT(this_shard_id() == 0);
+        if (!_db._enable_autocompaction_toggle) {
+            throw std::runtime_error("Autocompaction toggle is busy");
+        }
+        _db._enable_autocompaction_toggle = false;
+    }
+    autocompaction_toggle_guard(const autocompaction_toggle_guard&) = delete;
+    autocompaction_toggle_guard(autocompaction_toggle_guard&&) = default;
+    ~autocompaction_toggle_guard() {
+        SCYLLA_ASSERT(this_shard_id() == 0);
+        _db._enable_autocompaction_toggle = true;
+    }
+};
+
+static future<json::json_return_type> set_tables_autocompaction(http_context& ctx, const sstring &keyspace, std::vector<sstring> tables, bool enabled) {
+    apilog.info("set_tables_autocompaction: enabled={} keyspace={} tables={}", enabled, keyspace, tables);
+
+    return ctx.db.invoke_on(0, [&ctx, keyspace, tables = std::move(tables), enabled] (replica::database& db) {
+        auto g = autocompaction_toggle_guard(db);
+        return set_tables(ctx, keyspace, tables, [enabled] (replica::table& cf) {
+            if (enabled) {
+                cf.enable_auto_compaction();
+            } else {
+                return cf.disable_auto_compaction();
+            }
+            return make_ready_future<>();
+        }).finally([g = std::move(g)] {});
+    });
+}
+
+static future<json::json_return_type> set_tables_tombstone_gc(http_context& ctx, const sstring &keyspace, std::vector<sstring> tables, bool enabled) {
+    apilog.info("set_tables_tombstone_gc: enabled={} keyspace={} tables={}", enabled, keyspace, tables);
+    return set_tables(ctx, keyspace, std::move(tables), [enabled] (replica::table& t) {
+        t.set_tombstone_gc_enabled(enabled);
+        return make_ready_future<>();
+    });
+}
+
 static future<json::json_return_type>  get_cf_stats_count(http_context& ctx, const sstring& name,
         utils::timed_rate_moving_average_summary_and_histogram replica::column_family_stats::*f) {
     return map_reduce_cf(ctx, name, int64_t(0), [f](const replica::column_family& cf) {
@@ -303,10 +367,20 @@ ratio_holder filter_recent_false_positive_as_ratio_holder(const sstables::shared
     return ratio_holder(f + sst->filter_get_recent_true_positive(), f);
 }
 
+uint64_t accumulate_on_active_memtables(replica::table& t, noncopyable_function<uint64_t(replica::memtable& mt)> action) {
+    uint64_t ret = 0;
+    t.for_each_active_memtable([&] (replica::memtable& mt) {
+        ret += action(mt);
+    });
+    return ret;
+}
+
 void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace>& sys_ks) {
     cf::get_column_family_name.set(r, [&ctx] (const_req req){
         std::vector<sstring> res;
-        ctx.db.local().get_tables_metadata().for_each_table_id([&] (const std::pair<sstring, sstring>& kscf, table_id) {
+        const replica::database::tables_metadata& meta = ctx.db.local().get_tables_metadata();
+        res.reserve(meta.size());
+        meta.for_each_table_id([&] (const std::pair<sstring, sstring>& kscf, table_id) {
             res.push_back(kscf.first + ":" + kscf.second);
         });
         return res;
@@ -326,21 +400,23 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
 
     cf::get_column_family_name_keyspace.set(r, [&ctx] (const_req req){
         std::vector<sstring> res;
-        for (auto i = ctx.db.local().get_keyspaces().cbegin(); i!=  ctx.db.local().get_keyspaces().cend(); i++) {
-            res.push_back(i->first);
+        const flat_hash_map<sstring, replica::keyspace>& keyspaces = ctx.db.local().get_keyspaces();
+        res.reserve(keyspaces.size());
+        for (const auto& i : keyspaces) {
+            res.push_back(i.first);
         }
         return res;
     });
 
     cf::get_memtable_columns_count.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         return map_reduce_cf(ctx, req->get_path_param("name"), uint64_t{0}, [](replica::column_family& cf) {
-            return boost::accumulate(cf.active_memtables() | boost::adaptors::transformed(std::mem_fn(&replica::memtable::partition_count)), uint64_t(0));
+            return accumulate_on_active_memtables(cf, std::mem_fn(&replica::memtable::partition_count));
         }, std::plus<>());
     });
 
     cf::get_all_memtable_columns_count.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         return map_reduce_cf(ctx, uint64_t{0}, [](replica::column_family& cf) {
-            return boost::accumulate(cf.active_memtables() | boost::adaptors::transformed(std::mem_fn(&replica::memtable::partition_count)), uint64_t(0));
+            return accumulate_on_active_memtables(cf, std::mem_fn(&replica::memtable::partition_count));
         }, std::plus<>());
     });
 
@@ -354,33 +430,33 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
 
     cf::get_memtable_off_heap_size.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         return map_reduce_cf(ctx, req->get_path_param("name"), int64_t(0), [](replica::column_family& cf) {
-            return boost::accumulate(cf.active_memtables() | boost::adaptors::transformed([] (replica::memtable* active_memtable) {
-                return active_memtable->region().occupancy().total_space();
-            }), uint64_t(0));
+            return accumulate_on_active_memtables(cf, [] (replica::memtable& active_memtable) {
+                return active_memtable.region().occupancy().total_space();
+            });
         }, std::plus<int64_t>());
     });
 
     cf::get_all_memtable_off_heap_size.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         return map_reduce_cf(ctx, int64_t(0), [](replica::column_family& cf) {
-            return boost::accumulate(cf.active_memtables() | boost::adaptors::transformed([] (replica::memtable* active_memtable) {
-                return active_memtable->region().occupancy().total_space();
-            }), uint64_t(0));
+            return accumulate_on_active_memtables(cf, [] (replica::memtable& active_memtable) {
+                return active_memtable.region().occupancy().total_space();
+            });
         }, std::plus<int64_t>());
     });
 
     cf::get_memtable_live_data_size.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         return map_reduce_cf(ctx, req->get_path_param("name"), int64_t(0), [](replica::column_family& cf) {
-            return boost::accumulate(cf.active_memtables() | boost::adaptors::transformed([] (replica::memtable* active_memtable) {
-                return active_memtable->region().occupancy().used_space();
-            }), uint64_t(0));
+            return accumulate_on_active_memtables(cf, [] (replica::memtable& active_memtable) {
+                return active_memtable.region().occupancy().used_space();
+            });
         }, std::plus<int64_t>());
     });
 
     cf::get_all_memtable_live_data_size.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         return map_reduce_cf(ctx, int64_t(0), [](replica::column_family& cf) {
-            return boost::accumulate(cf.active_memtables() | boost::adaptors::transformed([] (replica::memtable* active_memtable) {
-                return active_memtable->region().occupancy().used_space();
-            }), uint64_t(0));
+            return accumulate_on_active_memtables(cf, [] (replica::memtable& active_memtable) {
+                return active_memtable.region().occupancy().used_space();
+            });
         }, std::plus<int64_t>());
     });
 
@@ -418,9 +494,9 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
     cf::get_all_cf_all_memtables_live_data_size.set(r, [&ctx] (std::unique_ptr<http::request> req) {
         warn(unimplemented::cause::INDEXES);
         return map_reduce_cf(ctx, int64_t(0), [](replica::column_family& cf) {
-            return boost::accumulate(cf.active_memtables() | boost::adaptors::transformed([] (replica::memtable* active_memtable) {
-                return active_memtable->region().occupancy().used_space();
-            }), uint64_t(0));
+            return accumulate_on_active_memtables(cf, [] (replica::memtable& active_memtable) {
+                return active_memtable.region().occupancy().used_space();
+            });
         }, std::plus<int64_t>());
     });
 
@@ -759,24 +835,6 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
         return make_ready_future<json::json_return_type>(0);
     });
 
-    cf::get_true_snapshots_size.set(r, [&ctx] (std::unique_ptr<http::request> req) {
-        auto uuid = get_uuid(req->param["name"], ctx.db.local());
-        return ctx.db.local().find_column_family(uuid).get_snapshot_details().then([](
-                const std::unordered_map<sstring, replica::column_family::snapshot_details>& sd) {
-            int64_t res = 0;
-            for (auto i : sd) {
-                res += i.second.total;
-            }
-            return make_ready_future<json::json_return_type>(res);
-        });
-    });
-
-    cf::get_all_true_snapshots_size.set(r, [] (std::unique_ptr<http::request> req) {
-        //TBD
-        unimplemented();
-        return make_ready_future<json::json_return_type>(0);
-    });
-
     cf::get_row_cache_hit_out_of_range.set(r, [] (std::unique_ptr<http::request> req) {
         //TBD
         unimplemented();
@@ -872,26 +930,32 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
 
     cf::enable_auto_compaction.set(r, [&ctx](std::unique_ptr<http::request> req) {
         apilog.info("column_family/enable_auto_compaction: name={}", req->get_path_param("name"));
-        return ctx.db.invoke_on(0, [&ctx, req = std::move(req)] (replica::database& db) {
-            auto g = replica::database::autocompaction_toggle_guard(db);
-            return foreach_column_family(ctx, req->get_path_param("name"), [](replica::column_family &cf) {
-                cf.enable_auto_compaction();
-            }).then([g = std::move(g)] {
-                return make_ready_future<json::json_return_type>(json_void());
-            });
-        });
+        auto [ks, cf] = parse_fully_qualified_cf_name(req->get_path_param("name"));
+        validate_table(ctx, ks, cf);
+        return set_tables_autocompaction(ctx, ks, {std::move(cf)}, true);
     });
 
     cf::disable_auto_compaction.set(r, [&ctx](std::unique_ptr<http::request> req) {
         apilog.info("column_family/disable_auto_compaction: name={}", req->get_path_param("name"));
-        return ctx.db.invoke_on(0, [&ctx, req = std::move(req)] (replica::database& db) {
-            auto g = replica::database::autocompaction_toggle_guard(db);
-            return foreach_column_family(ctx, req->get_path_param("name"), [](replica::column_family &cf) {
-                return cf.disable_auto_compaction();
-            }).then([g = std::move(g)] {
-                return make_ready_future<json::json_return_type>(json_void());
-            });
-        });
+        auto [ks, cf] = parse_fully_qualified_cf_name(req->get_path_param("name"));
+        validate_table(ctx, ks, cf);
+        return set_tables_autocompaction(ctx, ks, {std::move(cf)}, false);
+    });
+
+    ss::enable_auto_compaction.set(r, [&ctx](std::unique_ptr<http::request> req) {
+        auto keyspace = validate_keyspace(ctx, req);
+        auto tables = parse_tables(keyspace, ctx, req->query_parameters, "cf");
+
+        apilog.info("enable_auto_compaction: keyspace={} tables={}", keyspace, tables);
+        return set_tables_autocompaction(ctx, keyspace, tables, true);
+    });
+
+    ss::disable_auto_compaction.set(r, [&ctx](std::unique_ptr<http::request> req) {
+        auto keyspace = validate_keyspace(ctx, req);
+        auto tables = parse_tables(keyspace, ctx, req->query_parameters, "cf");
+
+        apilog.info("disable_auto_compaction: keyspace={} tables={}", keyspace, tables);
+        return set_tables_autocompaction(ctx, keyspace, tables, false);
     });
 
     cf::get_tombstone_gc.set(r, [&ctx] (const_req req) {
@@ -902,20 +966,32 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
 
     cf::enable_tombstone_gc.set(r, [&ctx](std::unique_ptr<http::request> req) {
         apilog.info("column_family/enable_tombstone_gc: name={}", req->get_path_param("name"));
-        return foreach_column_family(ctx, req->get_path_param("name"), [](replica::table& t) {
-            t.set_tombstone_gc_enabled(true);
-        }).then([] {
-            return make_ready_future<json::json_return_type>(json_void());
-        });
+        auto [ks, cf] = parse_fully_qualified_cf_name(req->get_path_param("name"));
+        validate_table(ctx, ks, cf);
+        return set_tables_tombstone_gc(ctx, ks, {std::move(cf)}, true);
     });
 
     cf::disable_tombstone_gc.set(r, [&ctx](std::unique_ptr<http::request> req) {
         apilog.info("column_family/disable_tombstone_gc: name={}", req->get_path_param("name"));
-        return foreach_column_family(ctx, req->get_path_param("name"), [](replica::table& t) {
-            t.set_tombstone_gc_enabled(false);
-        }).then([] {
-            return make_ready_future<json::json_return_type>(json_void());
-        });
+        auto [ks, cf] = parse_fully_qualified_cf_name(req->get_path_param("name"));
+        validate_table(ctx, ks, cf);
+        return set_tables_tombstone_gc(ctx, ks, {std::move(cf)}, false);
+    });
+
+    ss::enable_tombstone_gc.set(r, [&ctx](std::unique_ptr<http::request> req) {
+        auto keyspace = validate_keyspace(ctx, req);
+        auto tables = parse_tables(keyspace, ctx, req->query_parameters, "cf");
+
+        apilog.info("enable_tombstone_gc: keyspace={} tables={}", keyspace, tables);
+        return set_tables_tombstone_gc(ctx, keyspace, tables, true);
+    });
+
+    ss::disable_tombstone_gc.set(r, [&ctx](std::unique_ptr<http::request> req) {
+        auto keyspace = validate_keyspace(ctx, req);
+        auto tables = parse_tables(keyspace, ctx, req->query_parameters, "cf");
+
+        apilog.info("disable_tombstone_gc: keyspace={} tables={}", keyspace, tables);
+        return set_tables_tombstone_gc(ctx, keyspace, tables, false);
     });
 
     cf::get_built_indexes.set(r, [&ctx, &sys_ks](std::unique_ptr<http::request> req) {
@@ -1050,6 +1126,7 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
         auto params = req_params({
             std::pair("name", mandatory::yes),
             std::pair("flush_memtables", mandatory::no),
+            std::pair("consider_only_existing_data", mandatory::no),
             std::pair("split_output", mandatory::no),
         });
         params.process(*req);
@@ -1058,7 +1135,8 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
         }
         auto [ks, cf] = parse_fully_qualified_cf_name(*params.get("name"));
         auto flush = params.get_as<bool>("flush_memtables").value_or(true);
-        apilog.info("column_family/force_major_compaction: name={} flush={}", req->get_path_param("name"), flush);
+        auto consider_only_existing_data = params.get_as<bool>("consider_only_existing_data").value_or(false);
+        apilog.info("column_family/force_major_compaction: name={} flush={} consider_only_existing_data={}", req->get_path_param("name"), flush, consider_only_existing_data);
 
         auto keyspace = validate_keyspace(ctx, ks);
         std::vector<table_info> table_infos = {table_info{
@@ -1067,11 +1145,11 @@ void set_column_family(http_context& ctx, routes& r, sharded<db::system_keyspace
         }};
 
         auto& compaction_module = ctx.db.local().get_compaction_manager().get_task_manager_module();
-        std::optional<major_compaction_task_impl::flush_mode> fmopt;
-        if (!flush) {
-            fmopt = major_compaction_task_impl::flush_mode::skip;
+        std::optional<flush_mode> fmopt;
+        if (!flush && !consider_only_existing_data) {
+            fmopt = flush_mode::skip;
         }
-        auto task = co_await compaction_module.make_and_start_task<major_keyspace_compaction_task_impl>({}, std::move(keyspace), tasks::task_id::create_null_id(), ctx.db, std::move(table_infos), fmopt);
+        auto task = co_await compaction_module.make_and_start_task<major_keyspace_compaction_task_impl>({}, std::move(keyspace), tasks::task_id::create_null_id(), ctx.db, std::move(table_infos), fmopt, consider_only_existing_data);
         co_await task->done();
         co_return json_void();
     });
@@ -1151,8 +1229,6 @@ void unset_column_family(http_context& ctx, routes& r) {
     cf::get_speculative_retries.unset(r);
     cf::get_all_speculative_retries.unset(r);
     cf::get_key_cache_hit_rate.unset(r);
-    cf::get_true_snapshots_size.unset(r);
-    cf::get_all_true_snapshots_size.unset(r);
     cf::get_row_cache_hit_out_of_range.unset(r);
     cf::get_all_row_cache_hit_out_of_range.unset(r);
     cf::get_row_cache_hit.unset(r);
@@ -1169,6 +1245,13 @@ void unset_column_family(http_context& ctx, routes& r) {
     cf::get_auto_compaction.unset(r);
     cf::enable_auto_compaction.unset(r);
     cf::disable_auto_compaction.unset(r);
+    ss::enable_auto_compaction.unset(r);
+    ss::disable_auto_compaction.unset(r);
+    cf::get_tombstone_gc.unset(r);
+    cf::enable_tombstone_gc.unset(r);
+    cf::disable_tombstone_gc.unset(r);
+    ss::enable_tombstone_gc.unset(r);
+    ss::disable_tombstone_gc.unset(r);
     cf::get_built_indexes.unset(r);
     cf::get_compression_metadata_off_heap_memory_used.unset(r);
     cf::get_compression_parameters.unset(r);

api/column_family.hh

@@ -8,11 +8,10 @@
 
 #pragma once
 
-#include "api.hh"
-#include "api/api-doc/column_family.json.hh"
 #include "replica/database.hh"
-#include <seastar/core/future-util.hh>
+#include <seastar/json/json_elements.hh>
 #include <any>
+#include "api/api_init.hh"
 
 namespace db {
 class system_keyspace;

api/commitlog.cc

@@ -9,6 +9,7 @@
 #include "commitlog.hh"
 #include "db/commitlog/commitlog.hh"
 #include "api/api-doc/commitlog.json.hh"
+#include "api/api_init.hh"
 #include "replica/database.hh"
 #include <vector>
 
@@ -16,7 +17,7 @@ namespace api {
 using namespace seastar::httpd;
 
 template<typename T>
-static auto acquire_cl_metric(http_context& ctx, std::function<T (db::commitlog*)> func) {
+static auto acquire_cl_metric(http_context& ctx, std::function<T (const db::commitlog*)> func) {
     typedef T ret_type;
 
     return ctx.db.map_reduce0([func = std::move(func)](replica::database& db) {
@@ -62,6 +63,9 @@ void set_commitlog(http_context& ctx, routes& r) {
     httpd::commitlog_json::get_total_commit_log_size.set(r, [&ctx](std::unique_ptr<request> req) {
         return acquire_cl_metric<uint64_t>(ctx, std::bind(&db::commitlog::get_total_size, std::placeholders::_1));
     });
+    httpd::commitlog_json::get_max_disk_size.set(r, [&ctx](std::unique_ptr<request> req) {
+        return acquire_cl_metric<uint64_t>(ctx, std::bind(&db::commitlog::disk_limit, std::placeholders::_1));
+    });
 }
 
 }

api/commitlog.hh

@@ -8,10 +8,12 @@
 
 #pragma once
 
-#include "api.hh"
+namespace seastar::httpd {
+class routes;
+}
 
 namespace api {
-
-void set_commitlog(http_context& ctx, httpd::routes& r);
+struct http_context;
+void set_commitlog(http_context& ctx, seastar::httpd::routes& r);
 
 }

api/compaction_manager.cc

@@ -11,6 +11,7 @@
 
 #include "compaction_manager.hh"
 #include "compaction/compaction_manager.hh"
+#include "api/api.hh"
 #include "api/api-doc/compaction_manager.json.hh"
 #include "db/system_keyspace.hh"
 #include "column_family.hh"
@@ -51,7 +52,7 @@ void set_compaction_manager(http_context& ctx, routes& r) {
 
             for (const auto& c : cm.get_compactions()) {
                 cm::summary s;
-                s.id = c.compaction_uuid.to_sstring();
+                s.id = fmt::to_string(c.compaction_uuid);
                 s.ks = c.ks_name;
                 s.cf = c.cf_name;
                 s.unit = "keys";
@@ -116,9 +117,9 @@ void set_compaction_manager(http_context& ctx, routes& r) {
             table_names = map_keys(ctx.db.local().find_keyspace(ks_name).metadata().get()->cf_meta_data());
         }
         auto type = req->get_query_param("type");
-        co_await ctx.db.invoke_on_all([&ks_name, &table_names, type] (replica::database& db) {
+        co_await ctx.db.invoke_on_all([&] (replica::database& db) {
             auto& cm = db.get_compaction_manager();
-            return parallel_for_each(table_names, [&db, &cm, &ks_name, type] (sstring& table_name) {
+            return parallel_for_each(table_names, [&] (sstring& table_name) {
                 auto& t = db.find_column_family(ks_name, table_name);
                 return t.parallel_foreach_table_state([&] (compaction::table_state& ts) {
                     return cm.stop_compaction(type, &ts);
@@ -161,7 +162,7 @@ void set_compaction_manager(http_context& ctx, routes& r) {
                 co_await s.write("[");
                 co_await ctx.db.local().get_compaction_manager().get_compaction_history([&s, &first](const db::compaction_history_entry& entry) mutable -> future<> {
                         cm::history h;
-                        h.id = entry.id.to_sstring();
+                        h.id = fmt::to_string(entry.id);
                         h.ks = std::move(entry.ks);
                         h.cf = std::move(entry.cf);
                         h.compacted_at = entry.compacted_at;

api/compaction_manager.hh

@@ -8,10 +8,12 @@
 
 #pragma once
 
-#include "api.hh"
+namespace seastar::httpd {
+class routes;
+}
 
 namespace api {
-
-void set_compaction_manager(http_context& ctx, httpd::routes& r);
+struct http_context;
+void set_compaction_manager(http_context& ctx, seastar::httpd::routes& r);
 
 }

api/config.cc

@@ -6,14 +6,21 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
+#include "api/api.hh"
 #include "api/config.hh"
 #include "api/api-doc/config.json.hh"
+#include "api/api-doc/storage_proxy.json.hh"
+#include "api/api-doc/storage_service.json.hh"
+#include "replica/database.hh"
 #include "db/config.hh"
 #include <sstream>
 #include <boost/algorithm/string/replace.hpp>
+#include <seastar/http/exception.hh>
 
 namespace api {
 using namespace seastar::httpd;
+namespace sp = httpd::storage_proxy_json;
+namespace ss = httpd::storage_service_json;
 
 template<class T>
 json::json_return_type get_json_return_type(const T& val) {
@@ -100,6 +107,112 @@ void set_config(std::shared_ptr < api_registry_builder20 > rb, http_context& ctx
         }
         throw bad_param_exception(sstring("No such config entry: ") + id);
     });
+
+    sp::get_rpc_timeout.set(r, [&cfg](const_req req)  {
+        return cfg.request_timeout_in_ms()/1000.0;
+    });
+
+    sp::set_rpc_timeout.set(r, [](std::unique_ptr<http::request> req)  {
+        //TBD
+        unimplemented();
+        auto enable = req->get_query_param("timeout");
+        return make_ready_future<json::json_return_type>(seastar::json::json_void());
+    });
+
+    sp::get_read_rpc_timeout.set(r, [&cfg](const_req req)  {
+        return cfg.read_request_timeout_in_ms()/1000.0;
+    });
+
+    sp::set_read_rpc_timeout.set(r, [](std::unique_ptr<http::request> req)  {
+        //TBD
+        unimplemented();
+        auto enable = req->get_query_param("timeout");
+        return make_ready_future<json::json_return_type>(seastar::json::json_void());
+    });
+
+    sp::get_write_rpc_timeout.set(r, [&cfg](const_req req)  {
+        return cfg.write_request_timeout_in_ms()/1000.0;
+    });
+
+    sp::set_write_rpc_timeout.set(r, [](std::unique_ptr<http::request> req)  {
+        //TBD
+        unimplemented();
+        auto enable = req->get_query_param("timeout");
+        return make_ready_future<json::json_return_type>(seastar::json::json_void());
+    });
+
+    sp::get_counter_write_rpc_timeout.set(r, [&cfg](const_req req)  {
+        return cfg.counter_write_request_timeout_in_ms()/1000.0;
+    });
+
+    sp::set_counter_write_rpc_timeout.set(r, [](std::unique_ptr<http::request> req)  {
+        //TBD
+        unimplemented();
+        auto enable = req->get_query_param("timeout");
+        return make_ready_future<json::json_return_type>(seastar::json::json_void());
+    });
+
+    sp::get_cas_contention_timeout.set(r, [&cfg](const_req req)  {
+        return cfg.cas_contention_timeout_in_ms()/1000.0;
+    });
+
+    sp::set_cas_contention_timeout.set(r, [](std::unique_ptr<http::request> req)  {
+        //TBD
+        unimplemented();
+        auto enable = req->get_query_param("timeout");
+        return make_ready_future<json::json_return_type>(seastar::json::json_void());
+    });
+
+    sp::get_range_rpc_timeout.set(r, [&cfg](const_req req)  {
+        return cfg.range_request_timeout_in_ms()/1000.0;
+    });
+
+    sp::set_range_rpc_timeout.set(r, [](std::unique_ptr<http::request> req)  {
+        //TBD
+        unimplemented();
+        auto enable = req->get_query_param("timeout");
+        return make_ready_future<json::json_return_type>(seastar::json::json_void());
+    });
+
+    sp::get_truncate_rpc_timeout.set(r, [&cfg](const_req req)  {
+        return cfg.truncate_request_timeout_in_ms()/1000.0;
+    });
+
+    sp::set_truncate_rpc_timeout.set(r, [](std::unique_ptr<http::request> req)  {
+        //TBD
+        unimplemented();
+        auto enable = req->get_query_param("timeout");
+        return make_ready_future<json::json_return_type>(seastar::json::json_void());
+    });
+
+    ss::get_all_data_file_locations.set(r, [&cfg](const_req req) {
+        return container_to_vec(cfg.data_file_directories());
+    });
+
+    ss::get_saved_caches_location.set(r, [&cfg](const_req req) {
+        return cfg.saved_caches_directory();
+    });
+
+}
+
+void unset_config(http_context& ctx, routes& r) {
+    cs::find_config_id.unset(r);
+    sp::get_rpc_timeout.unset(r);
+    sp::set_rpc_timeout.unset(r);
+    sp::get_read_rpc_timeout.unset(r);
+    sp::set_read_rpc_timeout.unset(r);
+    sp::get_write_rpc_timeout.unset(r);
+    sp::set_write_rpc_timeout.unset(r);
+    sp::get_counter_write_rpc_timeout.unset(r);
+    sp::set_counter_write_rpc_timeout.unset(r);
+    sp::get_cas_contention_timeout.unset(r);
+    sp::set_cas_contention_timeout.unset(r);
+    sp::get_range_rpc_timeout.unset(r);
+    sp::set_range_rpc_timeout.unset(r);
+    sp::get_truncate_rpc_timeout.unset(r);
+    sp::set_truncate_rpc_timeout.unset(r);
+    ss::get_all_data_file_locations.unset(r);
+    ss::get_saved_caches_location.unset(r);
 }
 
 }

api/config.hh

@@ -8,10 +8,11 @@
 
 #pragma once
 
-#include "api.hh"
+#include "api/api_init.hh"
 #include <seastar/http/api_docs.hh>
 
 namespace api {
 
 void set_config(std::shared_ptr<httpd::api_registry_builder20> rb, http_context& ctx, httpd::routes& r, const db::config& cfg, bool first = false);
+void unset_config(http_context& ctx, httpd::routes& r);
 }

api/cql_server_test.cc

@@ -0,0 +1,70 @@
+/*
+ * Copyright (C) 2024-present ScyllaDB
+ */
+
+/*
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+#ifndef SCYLLA_BUILD_MODE_RELEASE
+
+#include <seastar/core/coroutine.hh>
+#include <boost/range/algorithm/transform.hpp>
+
+#include "api/api-doc/cql_server_test.json.hh"
+#include "cql_server_test.hh"
+#include "transport/controller.hh"
+#include "transport/server.hh"
+#include "service/qos/qos_common.hh"
+
+namespace api {
+
+namespace cst = httpd::cql_server_test_json;
+using namespace json;
+using namespace seastar::httpd;
+
+struct connection_sl_params : public json::json_base {
+    json::json_element<sstring> _role_name;
+    json::json_element<sstring> _workload_type;
+    json::json_element<sstring> _timeout;
+
+    connection_sl_params(const sstring& role_name, const sstring& workload_type, const sstring& timeout) {
+        _role_name = role_name;
+        _workload_type = workload_type;
+        _timeout = timeout;
+        register_params();
+    }
+
+    connection_sl_params(const connection_sl_params& params)
+        : connection_sl_params(params._role_name(), params._workload_type(), params._timeout()) {}
+
+    void register_params() {
+        add(&_role_name, "role_name");
+        add(&_workload_type, "workload_type");
+        add(&_timeout, "timeout");
+    }    
+};
+
+void set_cql_server_test(http_context& ctx, seastar::httpd::routes& r, cql_transport::controller& ctl) {
+    cst::connections_params.set(r, [&ctl] (std::unique_ptr<http::request> req) -> future<json::json_return_type> {
+        auto sl_params = co_await ctl.get_connections_service_level_params();
+
+        std::vector<connection_sl_params> result;
+        boost::transform(std::move(sl_params), std::back_inserter(result), [] (const cql_transport::connection_service_level_params& params) {
+            auto nanos = std::chrono::duration_cast<std::chrono::nanoseconds>(params.timeout_config.read_timeout).count();
+            return connection_sl_params(
+                    std::move(params.role_name), 
+                    sstring(qos::service_level_options::to_string(params.workload_type)), 
+                    to_string(cql_duration(months_counter{0}, days_counter{0}, nanoseconds_counter{nanos})));
+        });
+        co_return result;
+    });
+}
+
+void unset_cql_server_test(http_context& ctx, seastar::httpd::routes& r) {
+    cst::connections_params.unset(r);
+}
+
+}
+
+#endif

api/cql_server_test.hh

@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2024-present ScyllaDB
+ */
+
+/*
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+#ifndef SCYLLA_BUILD_MODE_RELEASE
+
+#pragma once
+
+namespace cql_transport {
+class controller;
+}
+
+namespace seastar::httpd {
+class routes;
+}
+
+namespace api {
+struct http_context;
+
+void set_cql_server_test(http_context& ctx, seastar::httpd::routes& r, cql_transport::controller& ctl);
+void unset_cql_server_test(http_context& ctx, seastar::httpd::routes& r);
+
+}
+
+#endif

api/endpoint_snitch.cc

@@ -6,45 +6,15 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
-#include "locator/token_metadata.hh"
 #include "locator/snitch_base.hh"
-#include "locator/production_snitch_base.hh"
 #include "endpoint_snitch.hh"
 #include "api/api-doc/endpoint_snitch_info.json.hh"
 #include "api/api-doc/storage_service.json.hh"
-#include "utils/fb_utilities.hh"
 
 namespace api {
 using namespace seastar::httpd;
 
 void set_endpoint_snitch(http_context& ctx, routes& r, sharded<locator::snitch_ptr>& snitch) {
-    static auto host_or_broadcast = [](const_req req) {
-        auto host = req.get_query_param("host");
-        return host.empty() ? gms::inet_address(utils::fb_utilities::get_broadcast_address()) : gms::inet_address(host);
-    };
-
-    httpd::endpoint_snitch_info_json::get_datacenter.set(r, [&ctx](const_req req) {
-        auto& topology = ctx.shared_token_metadata.local().get()->get_topology();
-        auto ep = host_or_broadcast(req);
-        if (!topology.has_endpoint(ep)) {
-            // Cannot return error here, nodetool status can race, request
-            // info about just-left node and not handle it nicely
-            return locator::endpoint_dc_rack::default_location.dc;
-        }
-        return topology.get_datacenter(ep);
-    });
-
-    httpd::endpoint_snitch_info_json::get_rack.set(r, [&ctx](const_req req) {
-        auto& topology = ctx.shared_token_metadata.local().get()->get_topology();
-        auto ep = host_or_broadcast(req);
-        if (!topology.has_endpoint(ep)) {
-            // Cannot return error here, nodetool status can race, request
-            // info about just-left node and not handle it nicely
-            return locator::endpoint_dc_rack::default_location.rack;
-        }
-        return topology.get_rack(ep);
-    });
-
     httpd::endpoint_snitch_info_json::get_snitch_name.set(r, [&snitch] (const_req req) {
         return snitch.local()->get_name();
     });
@@ -60,8 +30,6 @@ void set_endpoint_snitch(http_context& ctx, routes& r, sharded<locator::snitch_p
 }
 
 void unset_endpoint_snitch(http_context& ctx, routes& r) {
-    httpd::endpoint_snitch_info_json::get_datacenter.unset(r);
-    httpd::endpoint_snitch_info_json::get_rack.unset(r);
     httpd::endpoint_snitch_info_json::get_snitch_name.unset(r);
     httpd::storage_service_json::update_snitch.unset(r);
 }

api/endpoint_snitch.hh

@@ -8,7 +8,7 @@
 
 #pragma once
 
-#include "api.hh"
+#include "api/api_init.hh"
 
 namespace locator {
 class snitch_ptr;

api/error_injection.cc

@@ -7,10 +7,8 @@
  */
 
 #include "api/api-doc/error_injection.json.hh"
-#include "api/api.hh"
-
+#include "api/api_init.hh"
 #include <seastar/http/exception.hh>
-#include "log.hh"
 #include "utils/error_injection.hh"
 #include "utils/rjson.hh"
 #include <seastar/core/future-util.hh>
@@ -64,6 +62,32 @@ void set_error_injection(http_context& ctx, routes& r) {
         });
     });
 
+    hf::read_injection.set(r, [](std::unique_ptr<request> req) -> future<json::json_return_type> {
+        const sstring injection = req->get_path_param("injection");
+
+        std::vector<error_injection_json::error_injection_info> error_injection_infos(smp::count, error_injection_json::error_injection_info{});
+
+        co_await smp::invoke_on_all([&] {
+            auto& info = error_injection_infos[this_shard_id()];
+            auto& errinj = utils::get_local_injector();
+            const auto enabled = errinj.is_enabled(injection);
+            info.enabled = enabled;
+            if (!enabled) {
+                return;
+            }
+            std::vector<error_injection_json::mapper> parameters;
+            for (const auto& p : errinj.get_injection_parameters(injection)) {
+                error_injection_json::mapper param;
+                param.key = p.first;
+                param.value = p.second;
+                parameters.push_back(std::move(param));
+            }
+            info.parameters = std::move(parameters);
+        });
+
+        co_return json::json_return_type(error_injection_infos);
+    });
+
     hf::disable_on_all.set(r, [](std::unique_ptr<request> req) {
         auto& errinj = utils::get_local_injector();
         return errinj.disable_on_all().then([] {

api/error_injection.hh

@@ -8,7 +8,7 @@
 
 #pragma once
 
-#include "api.hh"
+#include "api/api_init.hh"
 
 namespace api {
 

api/failure_detector.cc

@@ -7,6 +7,7 @@
  */
 
 #include "failure_detector.hh"
+#include "api/api.hh"
 #include "api/api-doc/failure_detector.json.hh"
 #include "gms/application_state.hh"
 #include "gms/gossiper.hh"
@@ -65,7 +66,7 @@ void set_failure_detector(http_context& ctx, routes& r, gms::gossiper& g) {
         return g.container().invoke_on(0, [] (gms::gossiper& g) {
             std::map<sstring, sstring> nodes_status;
             g.for_each_endpoint_state([&] (const gms::inet_address& node, const gms::endpoint_state&) {
-                nodes_status.emplace(node.to_sstring(), g.is_alive(node) ? "UP" : "DOWN");
+                nodes_status.emplace(fmt::to_string(node), g.is_alive(node) ? "UP" : "DOWN");
             });
             return make_ready_future<json::json_return_type>(map_to_key_value<fd::mapper>(nodes_status));
         });
@@ -98,5 +99,16 @@ void set_failure_detector(http_context& ctx, routes& r, gms::gossiper& g) {
     });
 }
 
+void unset_failure_detector(http_context& ctx, routes& r) {
+    fd::get_all_endpoint_states.unset(r);
+    fd::get_up_endpoint_count.unset(r);
+    fd::get_down_endpoint_count.unset(r);
+    fd::get_phi_convict_threshold.unset(r);
+    fd::get_simple_states.unset(r);
+    fd::set_phi_convict_threshold.unset(r);
+    fd::get_endpoint_state.unset(r);
+    fd::get_endpoint_phi_values.unset(r);
+}
+
 }
 

api/failure_detector.hh

@@ -8,7 +8,7 @@
 
 #pragma once
 
-#include "api.hh"
+#include "api_init.hh"
 
 namespace gms {
 
@@ -19,5 +19,6 @@ class gossiper;
 namespace api {
 
 void set_failure_detector(http_context& ctx, httpd::routes& r, gms::gossiper& g);
+void unset_failure_detector(http_context& ctx, httpd::routes& r);
 
 }

api/gossiper.cc

@@ -12,6 +12,7 @@
 #include "api/api-doc/gossiper.json.hh"
 #include "gms/endpoint_state.hh"
 #include "gms/gossiper.hh"
+#include "api/api.hh"
 
 namespace api {
 using namespace seastar::httpd;
@@ -70,4 +71,14 @@ void set_gossiper(http_context& ctx, routes& r, gms::gossiper& g) {
     });
 }
 
+void unset_gossiper(http_context& ctx, routes& r) {
+    httpd::gossiper_json::get_down_endpoint.unset(r);
+    httpd::gossiper_json::get_live_endpoint.unset(r);
+    httpd::gossiper_json::get_endpoint_downtime.unset(r);
+    httpd::gossiper_json::get_current_generation_number.unset(r);
+    httpd::gossiper_json::get_current_heart_beat_version.unset(r);
+    httpd::gossiper_json::assassinate_endpoint.unset(r);
+    httpd::gossiper_json::force_remove_endpoint.unset(r);
+}
+
 }

api/gossiper.hh

@@ -8,7 +8,7 @@
 
 #pragma once
 
-#include "api.hh"
+#include "api/api_init.hh"
 
 namespace gms {
 
@@ -19,5 +19,6 @@ class gossiper;
 namespace api {
 
 void set_gossiper(http_context& ctx, httpd::routes& r, gms::gossiper& g);
+void unset_gossiper(http_context& ctx, httpd::routes& r);
 
 }

api/hinted_handoff.cc

@@ -6,10 +6,10 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
-#include <algorithm>
 #include <vector>
 
 #include "hinted_handoff.hh"
+#include "api/api.hh"
 #include "api/api-doc/hinted_handoff.json.hh"
 
 #include "gms/inet_address.hh"

api/hinted_handoff.hh

@@ -9,7 +9,7 @@
 #pragma once
 
 #include <seastar/core/sharded.hh>
-#include "api.hh"
+#include "api/api_init.hh"
 
 namespace service { class storage_proxy; }
 

api/lsa.cc

@@ -8,12 +8,10 @@
 
 #include "api/api-doc/lsa.json.hh"
 #include "api/lsa.hh"
-#include "api/api.hh"
 
 #include <seastar/http/exception.hh>
 #include "utils/logalloc.hh"
 #include "log.hh"
-#include "replica/database.hh"
 
 namespace api {
 using namespace seastar::httpd;
@@ -21,9 +19,9 @@ using namespace seastar::httpd;
 static logging::logger alogger("lsa-api");
 
 void set_lsa(http_context& ctx, routes& r) {
-    httpd::lsa_json::lsa_compact.set(r, [&ctx](std::unique_ptr<request> req) {
+    httpd::lsa_json::lsa_compact.set(r, [](std::unique_ptr<request> req) {
         alogger.info("Triggering compaction");
-        return ctx.db.invoke_on_all([] (replica::database&) {
+        return smp::invoke_on_all([] {
             logalloc::shard_tracker().reclaim(std::numeric_limits<size_t>::max());
         }).then([] {
             return json::json_return_type(json::json_void());

api/lsa.hh

@@ -8,7 +8,7 @@
 
 #pragma once
 
-#include "api.hh"
+#include "api/api_init.hh"
 
 namespace api {
 

api/messaging_service.cc

@@ -10,8 +10,8 @@
 #include "message/messaging_service.hh"
 #include <seastar/rpc/rpc_types.hh>
 #include "api/api-doc/messaging_service.json.hh"
-#include <iostream>
-#include <sstream>
+#include "api/api-doc/error_injection.json.hh"
+#include "api/api.hh"
 
 using namespace seastar::httpd;
 using namespace httpd::messaging_service_json;
@@ -19,6 +19,8 @@ using namespace netw;
 
 namespace api {
 
+namespace hf = httpd::error_injection_json;
+
 using shard_info = messaging_service::shard_info;
 using msg_addr = messaging_service::msg_addr;
 
@@ -112,7 +114,7 @@ void set_messaging_service(http_context& ctx, routes& r, sharded<netw::messaging
     }));
 
     get_version.set(r, [&ms](const_req req) {
-        return ms.local().get_raw_version(req.get_query_param("addr"));
+        return ms.local().get_raw_version(gms::inet_address(req.get_query_param("addr")));
     });
 
     get_dropped_messages_by_ver.set(r, [&ms](std::unique_ptr<request> req) {
@@ -142,6 +144,14 @@ void set_messaging_service(http_context& ctx, routes& r, sharded<netw::messaging
             return make_ready_future<json::json_return_type>(res);
         });
     });
+
+    hf::inject_disconnect.set(r, [&ms] (std::unique_ptr<request> req) -> future<json::json_return_type> {
+        auto ip = msg_addr(req->get_path_param("ip"));
+        co_await ms.invoke_on_all([ip] (netw::messaging_service& ms) {
+            ms.remove_rpc_client(ip);
+        });
+        co_return json::json_void();
+    });
 }
 
 void unset_messaging_service(http_context& ctx, routes& r) {
@@ -155,6 +165,7 @@ void unset_messaging_service(http_context& ctx, routes& r) {
     get_respond_completed_messages.unset(r);
     get_version.unset(r);
     get_dropped_messages_by_ver.unset(r);
+    hf::inject_disconnect.unset(r);
 }
 
 }