feat(upstream): backend drain lifecycle events #124
Description
Summary
Emit observable events when a backend has been fully drained (removed from config and all active connections have completed), so orchestrators and operators know exactly when it is safe to shut down a backend server.
Motivation
During deployments and scaling events, operators remove backends from the proxy config and wait for existing connections to finish before stopping the server. Currently there is no signal from the proxy indicating "this backend is fully drained, safe to terminate." Operators resort to guessing with timeouts or polling connection counts.
Prior Art
sozu-proxy emits a RemovedBackendHasNoConnections event when a backend transitions through Normal -> Closing -> Closed and reaches zero active connections. This allows orchestrators to react precisely rather than guess. Neither nginx nor HAProxy provides this signal.
Proposed Design
- Track backend lifecycle states:
Active,Draining,Drained - When a backend is removed from config, transition to
Draining(stop sending new connections, let existing ones finish) - When active connections reach zero, transition to
Drainedand emit an event - Expose via:
- Structured log event (tracing)
- Prometheus metric/gauge (
zentinel_backend_state) - Optionally via agent notification or webhook
Use Cases
- Blue/green deployments: safe to stop old backends only after drain confirmation
- Kubernetes: integration with pod lifecycle hooks (preStop waits for drain event)
- Auto-scaling: confirm backend removal before terminating instances