Centralize "maintenance mode/on-call owner/traffic-drain target" flags per service; updates require master token, reads stay public.
You need to coordinate operational state across multiple services: maintenance mode flags, current on-call engineer, traffic routing targets, or feature rollout percentages. These need to be readable by all services but updatable only by authorized operators.
Hardcoding these values requires redeployment. Using environment variables means restarting services. You need real-time, centralized control.
Store operational flags in a public-read stash. Services poll the flags without authentication. Only operators with the master token can update them. No database, no config management system, just HTTP.
Set up a central stash for operational flags:
# Create stash for operational flags
curl -X POST https://wrendb.com/api/stash
{
"stash_id": "ops123...",
"master_token": "token-secure456...",
"message": "Save this token securely..."
}
# Initialize flags (requires token)
curl -X POST https://wrendb.com/api/item/ops123.../maintenance-mode \
-d "false"
curl -X POST https://wrendb.com/api/item/ops123.../on-call-engineer \
-d "alice@company.com"
curl -X POST https://wrendb.com/api/item/ops123.../traffic-target \
-d "production-cluster-a"Your services check flags before handling requests:
import requests
import time
from flask import Flask, jsonify
app = Flask(__name__)
STASH_ID = "ops123..."
FLAGS_CACHE = {}
CACHE_TTL = 30 # seconds
LAST_FETCH = 0
def get_flag(flag_name):
"""Get operational flag with caching"""
global LAST_FETCH, FLAGS_CACHE
if time.time() - LAST_FETCH > CACHE_TTL:
try:
# No auth needed - public read
response = requests.get(
f"https://wrendb.com/api/item/{STASH_ID}/{flag_name}",
timeout=2
)
if response.status_code == 200:
FLAGS_CACHE[flag_name] = response.text
LAST_FETCH = time.time()
except Exception:
pass # Use cached value on error
return FLAGS_CACHE.get(flag_name)
@app.route("/api/data")
def handle_request():
# Check maintenance mode
if get_flag("maintenance-mode") == "true":
return jsonify({"error": "Service in maintenance"}), 503
# Normal processing
return jsonify({"status": "ok"})Build a simple CLI tool for operators:
#!/bin/bash
STASH_ID="ops123..."
TOKEN="$OPS_TOKEN" # Set in environment
case "$1" in
maintenance-on)
curl -X PUT "https://wrendb.com/api/item/$STASH_ID/maintenance-mode" \
-H "Authorization: Bearer $TOKEN" \
-d "true"
echo "✅ Maintenance mode enabled"
;;
maintenance-off)
curl -X PUT "https://wrendb.com/api/item/$STASH_ID/maintenance-mode" \
-H "Authorization: Bearer $TOKEN" \
-d "false"
echo "✅ Maintenance mode disabled"
;;
set-oncall)
curl -X PUT "https://wrendb.com/api/item/$STASH_ID/on-call-engineer" \
-H "Authorization: Bearer $TOKEN" \
-d "$2"
echo "✅ On-call set to: $2"
;;
route-traffic)
curl -X PUT "https://wrendb.com/api/item/$STASH_ID/traffic-target" \
-H "Authorization: Bearer $TOKEN" \
-d "$2"
echo "✅ Traffic routed to: $2"
;;
status)
echo "Current operational state:"
echo "Maintenance: $(curl -s https://wrendb.com/api/item/$STASH_ID/maintenance-mode)"
echo "On-call: $(curl -s https://wrendb.com/api/item/$STASH_ID/on-call-engineer)"
echo "Traffic: $(curl -s https://wrendb.com/api/item/$STASH_ID/traffic-target)"
;;
*)
echo "Usage: ops-cli {maintenance-on|maintenance-off|set-oncall|route-traffic|status}"
;;
esac# Enable maintenance mode
./ops-cli.sh maintenance-on
# Update on-call engineer
./ops-cli.sh set-oncall bob@company.com
# Route traffic to different cluster
./ops-cli.sh route-traffic production-cluster-b
# Check current status (no auth needed)
./ops-cli.sh status