DBIO
view release on metacpan or search on metacpan
# DBIO Connection Credentialing & Replication
How DBIO obtains database credentials and how it routes work across a primary
and read replicas. Exists to keep two historically-independent strands â
credential provision and read/write routing â cleanly separated now that both
live in the same codebase.
## Language
### Credentials vs. topology
**AccessBroker**:
A source of database credentials for exactly one backend identity.
_Avoid_: connection manager, router, pool, DSN provider.
**CredentialSource**:
The contract a backend storage depends on to obtain (and refresh) its connect
info â satisfied by **AccessBroker** subclasses, owned by the consumer (Storage).
_Avoid_: provider, factory, credential service.
**Backend identity**:
One set of credentials (user / password / lease), independent of which host uses it.
_Avoid_: account, login, role.
**Host**:
The location of one database server (dsn / host / port) â topology, never identity.
_Avoid_: node, instance.
**HostBound view**:
An adapter that pairs one **CredentialSource** with one **Host** at connect time,
so a single credential can serve many servers without the broker knowing the host list.
_Avoid_: routing broker, multi-host broker.
### Replication
**Topology**:
The set of backends (one master + zero or more replicants) and which is which â owned by Replicated.
_Avoid_: cluster config, layout.
**Routing**:
Deciding which backend serves a given query (writes â master, reads â balancer) â owned by Replicated.
_Avoid_: load balancing (that is one routing strategy, not the concept).
**Master**:
The sole writer backend; the only backend whose **CredentialSource** gates transaction safety.
_Avoid_: primary-as-credential, leader.
**Replicant**:
A read-only backend in the pool; its **CredentialSource** never gates transactions.
_Avoid_: slave, secondary.
## Relationships
- An **AccessBroker** supplies exactly one **Backend identity**; it never holds a **Host** list.
- **Replicated** owns **Topology** and **Routing**; it assigns each **Host** to a **Backend**.
- A **HostBound view** pairs one **CredentialSource** with one **Host** â this is how one credential serves many servers.
- Only the **Master** backend's **CredentialSource** gates transaction safety; **Replicant** credentials never do.
- A **CredentialSource** seam is real on the source axis (two adapters: `Static`, `Vault`); on the consumer axis it has two real consumers in core â the synchronous `Storage::DBI` (connect/reconnect path) and the async, Future-returning `Storage::A...
## Example dialogue
> **Dev:** "If one Vault role issues a user/password valid on the primary and all replicas, do I hand each replica its own broker?"
> **Owner:** "No â that is one **Backend identity**, so it is one **AccessBroker**. Replicated owns the **Host** list; a **HostBound view** pairs that one credential with each **Host** at connect time. The broker never sees the list."
> **Dev:** "So a broker can point at multiple servers?"
> **Owner:** "A broker never represents multiple **Hosts** â that would be **Topology** in the wrong layer. It represents one credential that Replicated spans across **Hosts**."
## Flagged ambiguities
- **ReadWrite broker** historically bundled a **Backend identity** + a **Host** list + **Routing** (read round-robin) into one object. Resolved: that conflation is the category error this context removes â identity â **AccessBroker**, hosts + **R...
- The `$mode` parameter (`'read'`/`'write'`) on the broker API. Resolved: vestigial under single-identity **CredentialSource**s â deprecated, not load-bearing. Routing decides read vs write, not the broker.
( run in 0.938 second using v1.01-cache-2.11-cpan-f52f0507bed )