Prompt
When designing cluster APIs/specs, explicitly partition endpoints into categories by actor and compatibility obligation, and document which categories alternative implementations must implement.
Standard
- Define the compatibility surface (what non-admin clients and core node behavior need). Mark these endpoints as Required.
- Separate reference/admin orchestration (what operators use to create/configure/manage entities). Mark these as Admin/Optional.
- Keep internal control-plane comms (e.g., TD↔FC status propagation) out of the external compatibility surface. Mark these as Internal/Not Required.
- For any advanced controls (e.g., externally imposed shard identity), ensure the default flow remains ergonomic, and treat identity/placement parameters as opt-in options on the required or admin interfaces.
Practical checklist
- For each command/endpoint, label:
{Actor: node|client|admin|internal, Obligation: Required|Optional|Not Required}. - Add a short compatibility statement: “Any alternative implementation that claims drop-in compatibility MUST implement all Required endpoints (optionally subsets), but may ignore Internal/Not Required endpoints.”
- Ensure optional power-user fields (e.g.,
shard_id) are not required for the default path.
Example (shape of the spec, pseudo-code)
Endpoint: HEARTBEAT
Actor: node
Obligation: Required
Purpose: node↔FC liveness, role decisions
Endpoint: TD/FC internal messages (FAILOVER_STATUS, TOPology_RESPONSE)
Actor: internal
Obligation: Not Required
Purpose: FC↔TD propagation; no compatibility guarantee
Endpoint: ADMIN.CREATE_SHARD / SHARD_ID on NODE_JOIN
Actor: admin
Obligation: Optional
Default: shard IDs auto-managed
Power-user: allow specifying shard_id to match external orchestration needs
This prevents “spec creep” where admin/internal endpoints accidentally become de-facto requirements, and it allows alternative implementations to remain compatible without re-creating internal details.