clusterd: Unified Timely runtime for compute and storage

[antiguru]

Summary

EXPERIMENTAL — This PR is a proof of concept. See "Known Limitations" below.

• Add a unified Timely runtime that runs both compute and storage dataflows in a single Timely cluster, sharing worker threads and communication infrastructure
• Enable it by default via --unified-runtime (can be disabled with --unified-runtime=false)
• Compute's existing logging dataflows automatically capture storage Timely/Differential events — no schema changes, no ID collisions

Motivation

Storage has no introspection today — its Timely events are discarded. Forwarding events via mpsc channels doesn't work because both Timely instances allocate IDs starting from 0, making it impossible to disambiguate origins. A unified runtime eliminates this by having a single ID allocator.

Approach

• Refactor compute Worker to expose step methods and make key types pub (CommandReceiver, ResponseSender, ActiveComputeState)
• Move storage's handle_internal_storage_command to StorageState with an explicit &mut TimelyWorker parameter
• New unified.rs module in clusterd: sets up networking once, creates two sets of client channels, runs a merged event loop
• Non-blocking storage reconnection via a channel adapter that buffers commands until InitializationComplete, then delivers reconciliation batches
• Command distribution unchanged: compute uses Exchange-based broadcast, storage uses internal command sequencer
• Controllers connect via separate gRPC connections as before

See doc/developer/design/20260402_unified_timely_runtime.md for the full design.

Known Limitations

Deterministic dataflow ordering. Timely requires that all workers render dataflows in the same deterministic order. In this prototype, compute and storage dataflows are rendered through independent command paths (compute via Exchange-based broadcast, storage via its internal command sequencer), and there is no canonical ordering between them. On multi-worker clusters, this can lead to workers rendering dataflows in different orders, which Timely does not tolerate. Fixing this properly likely requires unifying the command protocols at the protocol level, which is a significantly larger effort. For this reason, this PR should be considered experimental and is not safe for production use with multi-worker replicas.

Test plan

• cargo check passes for mz-clusterd, mz-compute, mz-storage
• Storage dataflows visible in mz_introspection.mz_dataflows
• Storage operators visible in mz_introspection.mz_dataflow_operators
• Full SLT/testdrive suite (pending — experimental)
• Multi-worker correctness (blocked on deterministic ordering)

🤖 Generated with Claude Code

[github-actions]

Thanks for opening this PR! Here are a few tips to help make the review process smooth for everyone.

PR title guidelines

• Use imperative mood: "Fix X" not "Fixed X" or "Fixes X"
• Be specific: "Fix panic in catalog sync when controller restarts" not "Fix bug" or "Update catalog code"
• Prefix with area if helpful: compute: , storage: , adapter: , sql:

Pre-merge checklist

• The PR title is descriptive and will make sense in the git log.
• This PR has adequate test coverage / QA involvement has been duly considered. (trigger-ci for additional test/nightly runs)
• If this PR includes major user-facing behavior changes, I have pinged the relevant PM to schedule a changelog post.
• This PR has an associated up-to-date design doc, is a design doc (template), or is sufficiently small to not require a design.
• If this PR evolves an existing $T ⇔ Proto$T mapping (possibly in a backwards-incompatible way), then it is tagged with a T-proto label.
• If this PR will require changes to cloud orchestration or tests, there is a companion cloud PR to account for those changes that is tagged with the release-blocker label (example).