Dispatch
Dispatching is a core part of SpiceDB functionality where API requests are broken down into smaller computations and forwarded to ("dispatched") other SpiceDB nodes within the cluster.
Each SpiceDB node maintains an in-memory cache of permissions queries it has resolved in the past; when a new permissions query is encountered by one node, its answer may be present on another node, so SpiceDB will forward the request onward to the other node to check the shared cache.
For more details on how dispatching works, see the Consistent Hash Load Balancing for gRPC (opens in a new tab) article.
Architecture Diagram
The following diagram models requests flowing through the SpiceDB API into the Dispatch and Datastore:
For more information, read our architecture blog post (opens in a new tab).
Configuring Dispatch in Kubernetes
If not using the SpiceDB Operator, the dispatch-upstream-addr should be of the form kubernetes:///spicedb.default:50053 where spicedb.default is the Kubernetes Service in which SpiceDB is accessible.
If you are deploying SpiceDB under Kubernetes, it is recommended to use the SpiceDB Operator, which configures dispatching automatically.
Configuring Dispatch in non-Kubernetes Environments
Non-Kubernetes based dispatching relies upon DNS updates, which means it can become stale if DNS is changing. This is not recommended unless DNS updates are rare.
To enable dispatch, the following flags must be specified:
spicedb serve \
--dispatch-cluster-enabled=true \
--dispatch-upstream-addr=upstream-addr \
...or via environment variables with the SPICEDB_ prefix:
SPICEDB_DISPATCH_CLUSTER_ENABLED=true \
SPICEDB_DISPATCH_UPSTREAM_ADDR=upstream-addr \
spicedb serve ...The upstream-addr should be the DNS address of the load balancer at which all SpiceDB nodes are accessible at the default dispatch port of :50053.