Make all epoch independent in reputation process. Do not reset any timers
related to reputation. Make it possible to finish iteration after the
unexpected `NewEpoch` event.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Implement `lock` command and add it to `object` section. The command
accepts container argument (string `cid.ID`) and list of locked objects
(string `oid.ID` list). From the provided input `LOCK` object is
constructed and stored using NeoFS API protocol.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `FormatValidator.ValidateContent` to verify payload of `LOCK`
objects. Pass locked objects to `Locker` interface. Require from
`Locker.Lock` to return `apistatus.IrregularObjectLock` error on a
corresponding condition.
Also add error return to `DeleteHandler.DeleteObjects` method. Require
from method to return `apistatus.ObjectLocked` error on a corresponding
condition. Adopt implementations.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is no need to switch between object types since `Type` implements
`fmt.Stringer`.
Replace swich-case in `printHeader` with `%s` format notation function.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make all operations that related to `neofs-api-go` library be placed in `v2`
packages. They parse all v2-versioned structs info `neofs-sdk-go`
abstractions and pass them to the corresponding `acl`/`eacl` packages. `v2`
packages are the only packages that do import `neofs-api-go` library. `eacl`
and `acl` provide public functions that only accepts `sdk` structures.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Remove `Object` and `RawObject` types from `pkg/core/object` package.
Use `Object` type from NeoFS SDK Go library everywhere. Avoid using the
deprecated elements.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
It was broken since `initConfig` was made before every execution of the
command and flags have not been read by cobra yet, so it was impossible to
print config file path if `verbose` flag was set in command line not in
config file.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
After recent changes balance response contains contract precision.
Convert balance response to Fixed8. Use `fixedn.ToString` function to
print the converted value.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Currently have static priority of what key is used irregardless of
whether a flag was provided via CLI or in config. This makes it
impossible to override some of the config settings. While we could try
to check if the key is provided by CLI by binding CLI flag under to
viper under a different name the same problem would occur for config/environment
variables. Fixing all of this with current set of keys is too complicate.
In this commit we revert changes from #610 and use a single flag for all types of keys.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
- Update `neofs-sdk-go`:
v0.0.0-20211230072947-1fe37df88f80 => v0.0.0-20220113123743-7f3162110659
- Add client interface that duplicates SDK's client behaviour and new
`MultiAddressClient` interface that has method that iterates over wrapped
clients.
- Also start using simple client mode that does not require parsing statuses
outside the SDK library.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
For some data compression makes little sense, as it is already compressed.
This commit allows to leave such data unchanged based on `Content-Type`
attribute. Currently exact, prefix and suffix matching are supported.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
It is much more convenient to skip source creation.
Also fix some bugs:
1. `cryptoSource.Int63()` now returns number in [0, 1<<63) as required
by `rand.Source` interface.
2. Replace `cryptoSource.Uint63()` with `cryptoSource.Uint64` to allow
generate uint64 numbers directly (see rand.Source64 docs).
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
In previous implementation ACL server was the 1st (except metric server
in some cases) server in pipeline of Object service servers. This led to
the fact that errors of this handler could not be reduced to status
responses.
Nest object ACL server into signature and response servers to support
common response format.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
The updated version of the `NNS` contract now supports the third `data`
argument that may provide additional information.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
In notary disabled environment, approval of container creation with nice
name attribute takes much more additional GAS than other operations
(due to NNS invocation).
Morph library changes:
* add the ability to specify per-op fees using `StaticClient` options;
* add the ability to customize fee for `Put` operation with named
container in container morph client.
Inner Ring changes:
* add `fee.named_container_register` config value which specifies
additional GAS fee for the approvals of the named container
registrations;
* pass the config value to `WithCustomFeeForNamedPut` option of
container morph client.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
We have `subnet` contract in list, but it isn't currently deployed.
This commit skips missing NNS entries to handle such situation. In
future we may optimize this to be done in 1 round-trip.
As a nice side-effect, dump-hashes for notary-enabled environment works
even if notary is disabled -- it just prints zero hash for proxy
contract.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Only `subnet create` command can generate notary requests.
Remove global `non-notary` flag. Add `notary` flag to `create` cmd.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Cobra commands don't call `PreRun` functions on parent by default. We
need to do it in `subnet` command of admin utility in order to inherit
viper bindings.
Add `inheritPreRun` function which makes sub-commands to call `PreRun`
functions before its own `PreRun`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Use persistent flags on parent command in order to inherit flags in
sub-commands. Turn on notary mode of morph client in `subnet` command of
admin utility for notary environments.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `deployContracts` method to call `nnsRegisterDomain` in order to
register NNS domain for deployed contracts.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `nnsResolveHash` function to return declared error on `token not
found` fault exception. Catch this error in `deployContracts` method,
and switch to deployment if updating contract is missing.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `subnet` command which contains all subnet-related commands. Add
sub-commands:
* `create` for creation;
* `remove` for removal;
* `get` for reading;
* `admin` for admin management;
* `client` for client management.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `subnet` sub-section to `node` section of storage node config. Add
`entries` value which allows to enumerate subnets for entrance. Add
`exit_zero` value which allows to not enter zero subnet.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Define notification events, implement parsers. Add morph client of
Subnet contract. Listen, verify and approve events in Inner Ring app.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Upgrade NeoFS API Go library to version with status returns. Make all API
clients to pull out and return errors from failed statuses. Make signature
service to respond with status if client version supports it.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add hash of the TX that generated notification
to neofs/netmap event structures. Adapt all
neofs/netmap wrapper calls to new structures.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Rounding is done using the suffix boundary (i.e. floating point value
with `gb` suffix will return size which is an integer number of
megabytes).
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Relay storage node doesn't exec local object operations, so it doesn't need
shard configuration.
Add `required` bool parameter to `engineconfig.IterateShards`. Make it to
panic if it is `true`, and immediately return otherwise. Pass `false` if
node is configured as relay in app (it also prevents panic).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to block execution of local object storage operations if
node is put into maintenance mode (resume if the node is taken out of
maintenance mode).
Call `BlockExecution` method if `ControlService.SetNetmapStatus` was called
with `MAINTENANCE` status. Call `ResumeExecution` if it was called with
another status.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Accept `maintenance` netmap status in `control set-status` command and
resolve it to `control.NetmapStatus_MAINTENANCE` value.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
All objects in NeoFS must have owner ID. In previous implementation Object
Delete service handler set owner ID from request session token. If removal
was executed w/o a session, object with tombstone was prepared incorrectly.
In order to fix this node should set its own ID and become an owner of the
tombstone object.
Extend `NetworkInfo` interface required by Object.Delete handler with
`LocalNodeID` method which returns `owner.ID` of the local node. Implement
the method on `networkState` component of storage node application which is
updated on each node state change in NeoFS network map. Set owner returned
by `LocalNodeID` call as tombstone object's owner in Delete handler.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
The client needs of the Reputation service are limited and change not often.
Interface changes of the client library should not affect the operation of
various service packages, if they do not change their requirements for
the provided functionality. To localize the use of the base client and
facilitate further support, an auxiliary package is implemented that will
only be used by the Reputation service.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
The client needs of the CLI application are limited and change not often.
Interface changes of the client library should not affect the operation of
various application packages, if they do not change their requirements for
the provided functionality. To localize the use of the base client and
facilitate further support, an auxiliary package is implemented that will
only be used by the CLI application.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
CLI `util locode info` command does not write operations. Opening a
`locodebolt.DB` instance in RW mode is redundant.
Provide `locodebolt.ReadOnly()` option to `locodebolt.DB` constructor in
order to create READ flock over BoltDB file.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Assume contracts path is tar.gz archive if it is not a directory.
In theory we could support raw tar but it has little value as our
distribution format is tar.gz and this is the primary use-case for this
feature (download and use).
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
In case we have multiple sections with similar structure (e.g. shards)
having defaults in a single place is easier to work with.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
There is no point to pass key storage in parameters because
it can be defined on the service level of application.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
```
> source config/example/node.env
config/example/node.env: строка 14: /dns4/s02.neofs.devenv/tcp/8081: Нет такого файла или каталога
config/example/node.env: строка 16: MSK: команда не найдена
config/example/node.env: строка 35: 028f42cfcb74499d7b15b35d9bff260a1c8d27de4f446a627406a382d8961486d6: команда не найдена
config/example/node.env: строка 48: https://rpc2.morph.fs.neo.org:40341: Нет такого файла или каталога
config/example/node.env: строка 49: wss://rpc2.morph.fs.neo.org:40341/ws: Нет такого файла или каталога
config/example/node.env: строка 53: https://rpc2.n3.nspcc.ru:30341: Нет такого файла или каталога
```
New implementation is still basic, but we don't need to parse any env
file, just have a correct example.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Note that we cannot mark `--rpc-endpoint` flag as required because
it can be taken from config.
Before:
```
Error: can't create N3 client: failed to get network magic: Post "": unsupported protocol scheme ""
```
Now:
```
Error: can't create N3 client: missing endpoint
```
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
```
Error: can't to initialize context: can't read alphabet wallets dir: open : no such file or directory
```
It needs neither contracts nor wallets, just N3 client.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Make the implementation of network info source (Netmap V2 service
dependency) to read MillisecondsPerBlock sidechain parameter and NeoFS
network parameters depending on the client version.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
SN tries to keep 1:3 proportion of GAS and
notary balances respectively. If that proportion
has been messed(means that notary balance is
lower than required) it sends half of its
GAS balance to the notary service.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
After storage engine started to limit number of PUT operations there is no
need to limited worker pool in Object Put service.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `shard_pool_size` config to `storage` section. Set app default to 20.
Pass the value to `WithShardPoolSize` option.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Non-alphabet contract are always deployed from committee
so it makes sense to calculate hashes in one place.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Container contract uses actual NNS interface. This also aleviates some
pain related to update as neofs-adm code itself uses current NNS
version.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Container contract now calls NNS contract to register TLD for nice
names. This must be witnessed by a committee.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Do not log in options constructors. Also failure to
initialize compression module (possibly due to invalid options) is
certainly an error deserving proper treatment.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Implement `list` command for object listing. Support listing of the objects
from write-cache and blobovnicza.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement skeleton of `neofs-lens` app which is going to be used for working
with storage engine's data.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Also delete `ttl` and `xhdr` flags from
`accounting balance` command and refactor
command initialization.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
In previous implementation of reputation client constructor compared network
addresses to check the membership of the network map.
Replace network addresses comparison with public key comparison.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to have the ability to expand the data needed for client
construction.
Replace `network.AddressGroup` parameter of client cache interfaces with
`client.NodeInfo`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation Object PUT used single pool of workers for local
and remote ops, but these ops are heterogeneous.
Use remote/local pool for remote/local operations in PUT service. At first
the pools are configured with the same size.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Contract owners are removed in neofs-contract v0.11.0.
Now side chain committee has rights to update contracts.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Implement `RefillMetabase` method to `shardconfig.Config` type which reads
`refill_metabase` config value. Pass the result to `WithRefillMetabase`
option.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `size_limit` config value to write-cache section. Add `SizeLimit` method
of `writecache.Config` type. Pass its value to `WithMaxCacheSize` option on
app construction.
Reflect config update in examples. Cover new value in unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Bootstrap process involves `addPeer` contract
call => it is necessary to make deposit before
booting up.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Create non-notary container wrapper and
use it in load announcing since it shouldn't
be invoked as notary request.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Storage Node needs to have notary deposit
for successful notary request sending.
Add notary deposit on startup(and wait for
its acceptance). Add notary deposit timer,
its config in `morph` section and env vars
for its tuning.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Prepare all listening structures for notary events:
rename(add prefix/suffix 'notification') all
notification specific handlers/parsers.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Some software components regulate the way of working with placement arrays
when a local node enters it. In the previous implementation, the locality
criterion was the correspondence between the announced network address
(group) and the address with which the node was configured. However, by
design, network addresses are not unique identifiers of storage nodes in the
system.
Change comparisons by network addresses to comparisons by keys in all
packages with the logic described above. Implement `netmap.AnnouncedKeys`
interface on `cfg` type in the storage node application.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Since morph `Client` works in multi-client mode, there is an error case when
we can not get network magic when all endpoints are unavailable.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to work with a set of Neo RPC nodes in order not to depend
on the failure of some nodes while others are active.
Support "multi-client" mode of morph `Client` entity. If instance is not
"multi-client", it works as before. Constructor `New` creates multi-client,
and each method performs iterating over the fixed set of endpoints until
success. Opened client connections are cached (without eviction for now).
Storage (as earlier) and IR (from now) nodes can be configured with multiple
Neo endpoints. As above, `New` creates multi-client instance, so we don't
need initialization changes on app-side.
`Wait` and `GetDesignateHash` methods of `Client` return an error from now
to detect connection errors. `NotaryEnabled` method is removed as unused.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation Container service handlers didn't cache the
results of `Get` / `GetEACL` / `List` operations. As a consequence of this,
high load on the service caused neo-go client's connection errors. To avoid
this there is a need to use cache. Object service already uses `Get` and
`GetEACL` caches.
Implement cache of `List` results. Share already implemented cache of Object
service with the Container one. Provide new instance of read-only container
storage (defined as an interface)to morph executor's constructor on which
container service is based. Write operations remained unchanged.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Storage node should not try to register itself in network in relay mode.
Implement `needBootstrap` method which checks if node need to bootstrap.
Call `bootstrap` method in `bootstrapNode` function only on true return.
Skip re-bootstrap logic in new epoch event handler on false return.
Return an error if `ControlService.SetNetmapStatus` is called on relay
node.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
`reBootstrapEnabled` state var is not used. It is going to be used to decide
whether to bootstrap node or not.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `refill-gas` sub-command to `morph` command which provides the ability
to refill storage node's GAS.
Command performs some actions from `generate-storage-wallet` runner, so
common code is moved to a separate function `refillGas`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
`--container-contract` flag must be used for deployments without NNS.
Our current testnet sidechain is like this, for example.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
`morph dump-containers` will dump all containers from the
contaner contract. JSON format is chosen to allow manual intervention.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Do not init caches for eACL, containers and netmap
if `disable_cache` config options is `true`, use
direct RPC calls instead.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Initial GAS can be provided both in config and as a CLI argument.
Generating wallet with 0 GAS is currently prohibited.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
If `init` is run on a dirty network (i.e. with some stages already
done), no transactions are really sent so clean up logs a bit.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Depending on having notary contract in sidechain get
IR list either from NeoFSAlphabet role either from
netmap contract.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Some users want to specify only wallet section in the SN. It is not
possible if `Key` throws panic on empty value. Instead it should
fallback to wallet section. Panic is suitable if node's key is provided
but invalid.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Add `errf`, `exitOnErr` and `exitOnErrCode` functions
that works with errors and exits with non-zero exit
codes on non-nil errors.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Extended ACL input can have version later than CLI one, and it should not be
downgraded. But the version should be still adequate.
Set `pkg.SDKVersion` on false return of `version.IsValid`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Changes:
* replace `iotuil` elements with the ones from `os` package;
* replace `os.Filemode` with `fs.FileMode`;
* use `signal.NotifyContext` instead of `NewGracefulContext` (removed).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to support multiple network addresses of the storage nodes.
Make `BootstrapAddress` to return `network.AddressGroup` (and rename).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Generalize single gRPC interface of the storage node to a group of
interfaces. Each interface calls the same RPC handler.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation if Control listen endpoint was omitted in config
the gRPC listening endpoint was used instead.
Consider empty address as an option to disable the service.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to support multiple server endpoints for reputation and
container transmission.
Replace `ServerInfo.Address` getter with `ServerInfo.IterateAddresses`
iterator.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make Object Head service to work with `AddressGroup` instead of `Address`
in order to support multiple addresses of the storage node.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make Object Search service to work with `AddressGroup` instead of `Address`
in order to support multiple addresses of the storage node.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make Object Get service to work with `AddressGroup` instead of `Address` in
order to support multiple addresses of the storage node.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make Object Put service to work with `AddressGroup` instead of `Address` in
order to support multiple addresses of the storage node.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `LocalAddressSource.LocalAddress` method to return `AddressGroup`. Make
`IsLocalAddress` function to accept parameter of type `AddressGroup`. Adopt
the application code with temporary `GroupFromAddress` helper.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Change type of the `ClientCache.Get` method's parameter to `AddressGroup`.
Use `GroupFromAddress` to call the method from the wrappers in order to no
change their interface.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add group-address `Client` implementation. Return instances of this
implementation from `ClientCache.Get` method.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is a need to generalize single-address client to group-address client.
To do this, we can re-implement `Client` interface from NeoFS API Go library
and still use it in the application code. There is a problem with method
`Raw` which must return single-address raw client. So as not to make changes
to API library we need to overload Client interface in order to support
`Raw` method in group-address client implementation.
Define `Client` interface in new `pkg/core/client` package. Completely
inherit API `Client` interface. Add `RawForAddress` method to build raw
client for the single node address. Adopt the application code that used Raw
method to work with new `Client`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Obtain key once in every cobra command to
pass it to `getOwnerID` and `initSession`
and do not ask to enter password more than
one time in `put` and `putSG` operations.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Change usage function to `Run`(does not return
err). Log errors with `cmd.PrintErrln`. Change
all `fmt.Print*` to `cmd.Print*`.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
`network.Address` structure in most cases created once and used read-only.
Replace `AddressFromString` function with `Address.FromString` method with
the same purpose and implementation. Make all libraries to work with value.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement `Address.WriteToNodeInfo` method which sets address of `NodeInfo`
structure. Use it in storage node application.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Return tyype is clear from the method's signature and docs, there is no
point in reflecting it in the name.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Panic if internal `manet.DialArgs` call returns error since this is
unexpected according to `AddressFromString` implementation.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Serve `ControlService` instance on configured endpoint (do not serve if not
specified). Read allowed keys from config.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Also use neo-go private key wrapper where possible, as it
already has methods for (un)marshaling.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Config `NodeInfo` should be used for bootstrap. Separete local node info and
netmap one. Return configured `NodeInfo` if structure from netmap is
missing.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In testnet and neofs-dev-env we use timers with these
settings and they are looking good. So it makes sense
to make them default.
Storage node now can't configure bootstrap healthcheck
length and can't disable it. Inner ring default values
now adopt these changes too.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
New config package in storage node does not use
application prefix from misc package. Therefore
inner ring node can define prefix in local scope.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Container commands in NeoFS CLI can use signed session token
to create, delete container and change extended ACL table.
This token should be signed the same way we sign bearer tokens.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
containerSessionToken() actually parses any session token.
We can reuse this function to resign session token when it
takes filepath as an argument, instead of public variable.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
In previous implementation `Config.Sub` method could lead to the violation
of the internal `path` slice because of `append`. This has been observed on
deeply nested subsections.
Fix `Config.Sub` to copy internal slice in order to prevent violations.
Cover problem case in test config files and unit test.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Dedicated type `LoggerSection` turned out to be redundant since it doesn't
do a hidden logic and just uses `config.Config` API.
Remove `LoggerSection` type and implement `Level` which do the same.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation ENV values were read only if config filepath is
specified. From now ENVs are always read to `Config`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In some cases viper doesn't interpret `section.value` as a subsection with
`section` name, but value is value still can be accessed through full
pathname.
Fix `Config.Sub` method implementation in order to always interpret
configuration like described above as a subsection. From now method never
returns nil, therefore an additional check has been removed from the `Value`
method.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Create `logger` sub-package of `config` package. Implement `LoggerSection`
type of logger sub-section. Add `Level` method to read logger level config
value. Default level is `info`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Create `config` package nearby storage node application. Implement `Config`
as a wrapper over `viper.Viper` that provides the minimum functionality
required by the application.
The constructor allows you to read the config from the file. Methods are
provided for reading subsections and values from the config tree. Helper
functions are implemented to cast a value to native Go types.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Container sessions allow to perform some operations on behalf of another
user. There is a need to to attach session tokens to commands.
Add `session` flag to `put`, `delete` and `set-eacl` commands from
`container` section. It should be a path to the JSON-encoded session token.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement function `fatalOnErrDetails` similar to `fatalOnErr` but accepting
string details that are written to log output. Use the function everywhere
in application code without wrapping in an if-else statement.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
In previous implementation wrapper over the Container contract's client
returned the signature of the eACL table in addition to itself. After recent
changes in API Go lib table carries its signature. Thus, it is redundant to
return the table signature separately.
Make `Wrapper.GetEACL` method to return only `eacl.Table` with error.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `Get` method of the wrapper over Container contract's client to
accept binary container ID. Create `Get` function similar to the previous
`Get` variation. Use this function in Container service server in the place
where `Get` method was used.
Additionally implement `AsContainerSource` function which allows
to simply compose container Source interface from the wrapper.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Wrap functions at `pkg/errors` return nil if error argument
was nil. fmt.Errorf always returns error so we need to add
missing error checks to the code.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
When user creates a container using neofs-cli, he can set a pre-defined ACL.
Current keywords are confusing: for example, `public` really means that
everyone can write to the container, while the expectation is just public
visibility. Perform the following renames for a better understanding of the
purpose:
* `readonly` -> `public-read`;
* `public` -> `public-read-write`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Define constants for `public`/`private`/`readonly` keywords of predefined
basic ACL values. Use constants instead of repeating string literals.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
To enable TLS support we can't operate with IP addresses directly.
Certificates are issued with host names so it is required to
pass them into RPC client. DNS resolving should be done by transport
layer and not be a part of node. Therefore `IPAddrString` usage is
removed from code.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Currently main chain's client is unused, therefore, it is not advisable to
require mandatory setting of addresses.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
If default smart contract addresses are valid 20 byte strings, then omitting
the values in configuration will not be tracked at startup.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
From now non-relay node always sends re-bootstrap transaction every 2 epochs
starting from the boot-up epoch.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Application can be shut down often, it is undesirable to send status changes
on a transaction every time. Control API should be used before shutdown for
this purpose.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make work scope and expansion rate the app-side constants since Policer
independently regulates the amount of work performed.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There is no need to use synchronous execution of notification handlers. Also
there is no understanding of how to assess the need to change the size of
the pools.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Calls to contracts by storage nodes do not lead to the accumulation of
multisignatures in the contract memory, so the call cost can always be
accurately calculated in advance without additional fee.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Replace dial timeout of API client connection from `grpc` section to
`apiclient` since this value is semantically decoupled from the transport
protocol.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Although the default values for configurable addresses are empty strings,
explicitly specifying the default values allows you to know about all
possible configurations.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Rename `util/profiler` package to `httputil` and refactor it:
* simplify utility HTTP server;
* make more generic server's parameters in order to remove `viper.Viper`
dependency;
* use single constructor for creating the pprof and prometheus servers;
* replace `enabled` config value with empty-check of the network address.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Establish client connection with main chain node on storage node startup.
Client is configured simlarly to morph client.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Writing application version in each log message seems pretty redundant.
Remove global `app_version` field from Node/IR loggers. Write version, build
time and debug flag once on start.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Writing application name in each log message seems pretty redundant.
Remove no longer used `misc.NodeName` and `misc.InnerRingName` constants.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Replace `viper.Viper` parameter with `Prm` structure. Currently only logging
level can be parameterized through string setter.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Remove setting of `app_name` and `app_version` fields in `NewLogger`
constructor. Set these fields in Node and IR application in already
constructed log and remove them from viper .
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Change logger's encoding to `console`, time encoding to `ISO8601TimeEncoder`
and leave all other options as they are in `zap.NewProductionConfig`.
Remove default values of no longer existing options in node/ir config.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
For N3 Testnet RC2 release inner ring app supports three modes:
- notary enabled in all chains (default),
- notary disabled in all chains,
- notary enabled only in side chain.
All notary related functions are moved to notary.go
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
When notary disabled, inner ring should be able to
configure extra fee for vote collections inside the
contracts. Previously these values were hardcoded,
however we might want to change them depending on
a environment.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
With `mainnet.notary_deposit=false` inner ring will ignore
notary deposit \ awaiting routines in the application start,
so it can run on the environments without notary support.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Includes:
- Delete first `ctx` argument in `Write` method.
- Move intermediate Initial trust struct and method
to `calculator` file.
- Change Alpha to 0.1.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Init all wrappers eigenTrust algorithm needed in
`main` packages. Implement `SendIntermediateResult`
GRPC method of `reputationServer`.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Delete reading `alpha` from env var. Cover
retrieving `alpha` behind interface in
intermediate calculator. Add TODO to decide
if it is necessary to receive that param from
global config or not.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Add consumer storage wrapper that implements
`WriterProvider` interface. Change field naming
in daughters storage package.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Move common remoteProvider code to cmd/reputation/common.
Hide WriterProvider initialization behind interface and
add implementation of that interface to local and
intermediate packages in cmd/reputation directory.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Add implementation of Builder interface for
intermediate trusts. Move all code associated
with managers to `common` directory in `cmd`
and `pkg/services/reputation`
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Control service turns storage node to online and offline modes. We can't
reuse `cfgNetmap.reBootstrapEnabled` because it represents configuration
value while control service manages state in runtime.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Eigen trust block timer ticks to start new round of
eigen trust calculations. Every epoch this timer
recalculates duration and starts again.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Add `addContainerAsyncNotificationHandler`
func that passed handler to container's
worker pool similar to how it is done in
reputation handlers.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Add handler closure over worker pool
in the event package.
Add `addNewEpochAsyncNotificationHandler`
function that uses that closure. Pass
the reputation report handler to worker
pool via using that function.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Add worker pools to Netmap and Container
config structures. Add its initialization
that depends on environmental variables(
sync/async; worker pool size).
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
if `shutdown.offline.enabled` config option set to true, then
send netmap.UpdateState(offline) tx at the shutdown. This config
option is not set by default.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Add `Router` to the reputation server. `Router` is
called on every incoming request and inits `Writer`
that sends `Trust`s to the next route point or
handle(logs in that implementation) them if current
node is the end point of the route.
Rename `onlyKeyRemoteServerInfo` struct for container
to separate it from the same implementation of the
same `ServerInfo` interface for reputation.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Implement dependencies for local trust router
in `main` package. Managers are defined as
next node after the current one in HRW sorted
list of current NetMap.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
Register reputation service server that:
* verifies signatures of the requests and signs the responses;
* attaches response meta header to the responses;
* logs body structures of the requests (only as initial implementation, in
future it will be replaces with local trust storage).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Alias type provide sort function so it is better to use it
everywhere where list of public keys is presented.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
There is a need to track the results of Object interactions with the remote
peers during node's lifetime. Each successful operation should increment the
number of satisfactory interactions with the remote peer, and the failed
ones, on the contrary, decrement. Collected numbers of satisfactory
interactions are going to be used for calculation of the normalized local
trust values according to original EigenTrust algorithm.
Implement wrapper over local trust storage that calls `Update` method on it
with the result of any object operation. The wrapper provides interface of
the remote client constructor. It is used as a `ClientConstructor` component
in Object service server of the app.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement and call `initReputationService` func that constructs local trust
storage and controller, and subscribes the controller on new epoch
notification. Event handler calls `Controller.Report` method to process
collected values.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement simple `WriterProvider` building a `Writer` that writes incoming
data to the log. In the future, this action will be replaced by sending the
value to the manager nodes.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement iterator provider on wrapper over the local trust storage.
Provided iterator passes normalized local trust values according to original
EigenTrust algorithm description. In the borderline case, normalized values
are set as 1/N, N - number of remote nodes in network map.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Replace usage of `cache.ClientCache` type with interface with similar
signature. This will further allow overloading clients without affecting the
logic of dependent packages.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
ttlNetCache should evict records after TTL duration. However if
data is often accessed and there are no LRU eviction (cache used
with small number of keys), then data will not be evicted ever.
This is a invalid behaviour for mutable data such as eACL.
Solution is to not update access time on every get, so the data
will be guarantee evicted after TTL duration.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
On the `Deposit` events add gas balance check.
Make transfer only if the balance is greater
than the `GasTransferThreshold` that is defined
with environmental variable.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
`WithMetrics` can't make nil check without reflection so we
have to explicitly check if metrics enabled outside of
engine constructor.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Because options are not used when client is already in cache
providing them to shared cache is misleading at best.
In the worst case `dial_timeout` is set randomly (because of race
condition) which can lead to one service having `dial_timeout` of
another. Thus we set default client creation options when cache is
created.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Implement LRU cache of eACL tables read from sidechain. Use it as a netmap
storage in neofs-node app. Current cache size is set to 10 (constant).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement TTL cache of eACL tables read from sidechain. Use it as a eACL
storage in neofs-node app. Current cache size is set to 100, TTL is 30s
(constants).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement LRU cache for values read from the network. Implement LRU cache of
containers read from sidechain. Use it as a container storage in neofs-node
app. Current cache size is set to 100, TTL is 30s (constants).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Replace `eacl.Storage` interface implementation from eACL lib to neofs-node
app package. Remove `eacl.WithMorphClient` option in order to abstract eACL
validator from eACL storage implementation.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Exec `StorageEngine.Inhume` operation on redundant copy callback from Object
Policer with `MarkAsGarbage` parameter.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
NeoFS contract can be deployed in sidechain instead of main chain.
Add `without_mainnet` config flag that can switch IR node to work with
sidechain only. By default this flag is unset.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Previously we set default addresses of alphabetic contracts to empty strings
in inner ring application config. Recently number of using alphabetic
contracts became dynamic. In order to not enumerate default address for each
glagolitic letter, they are removed from config defaults.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `drop-objects` sub-command to `control` command that drops objects from
the node via `ControlService.DropObjects` API. Address list argument is
passed in NeoFS API string format of the object address.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Re-compile protobuf definition of Control service. Implement required
messages on DropObjects RPC request and response messages. Implement
`DropObjects` method on Control service server of the node. Use
`StorageEngine.Delete` method as a deleted object handler on server.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `--expires-on` flag to `put` sub-command of `object` command that
indicates object's expiration epoch. Set corresponding object attributes if
flag value is set.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `netinfo` sub-cmd of `netmap` cmd that read recent information about
NeoFS network. Info is read via NeoFS API NetmapService.NetworkInfo RPC.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement `NetworkInfo` calls on full stack of Netmap services. Current
epoch is read from node local state, magic number is read via `MagicNumber`
call of morph client.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
CLI `storagegroup put` cmd collects information about SG members via NeoFS
API ObjectService.Head RPC in order to compose SG structure. Bearer token
attached to the call was not used in communication, which could lead to data
access problems. These changes fix the described problem.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `TOMBSTONE_LIFETIME` configuration value of the node which is measured
in NeoFS epoch and is set to 5 by default.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Consider single word of search filter expression as path to file with
protobuf JSON filters. Decode filters from file and add them to the rest.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `--filters` flag to be repeated. Define new filter expression format:
* `<key> <binary_op> <value>` for binary filters. Supported binary ops: `EQ` (`STRING_EQUAL`), `NE` (`STRING_NOT_EQUAL`).
* `<key> <unary_op>` for unary filters. Supported unary ops: `NOPRESENT` (`NOT_PRESENT`).
Any other string expressions are considered invalid.
Additionally support shorthand flag `-f`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Split the attributes into those that must be explicitly set in the
configuration, and those that, if absent, will be assigned a default value.
Support this logic in `addWellKnownAttributes` function. If no explicit
attribute is set, the application will panic.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `--bearer` flag to storagegroup command similar to object command.
Attach parsed bearer token to all API requests of storagegroup command.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add locode section to util cmd. Add generate command to locode section for
generating the NeoFS location databases. Add info command to locode section
to work with the entries from NeoFS location database.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
At startup, update only node info status. Leave all other
attributes from node configuration, so user can update them.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Construct used space Controller on node's app-side. Call Controller.Start on
StartEstimation event from sidechain. Call Controller.Stop on
StopEstimation event from sidechain.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement processing of AnnounceUsedSpace RPC from NeoFS API v2 method on
the app-side according to the following algorithm (except common steps for
each RPC):
* check if the request sender is presented in container;
* check route of the request (compose from signatures);
* pass the value to Writer returned by WriterProvider.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Define component on app-side that implements RemoteWriterProvider with next
logic:
* if ServerInfo is nil, call internal dead end provider;
* if address in ServerInfo equals to local node's address, do nothing;
* otherwise create API client instance via client cache and return the
wrapper over it.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over StorageEngine on app-side that iterates over the
values returned by ListContainers+ContainerSize method pair. Component will
be used as the source of local metrics.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over netmap and container storages on app-side that builds
placement vectors by next steps:
* read container from storage;
* read network map from storage by epoch number;
* build container nodes according to placement policy;
* build placement vectors with epoch-dependent pivot.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over API client on app-side that passes used space values
to it. Values are buffered on Put call and sent on Close call.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over Container contract's client on app-side that passes
used space values to it. Uses a fixed public key, whose value will be the
key of the local storage node.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There are two notifications:
- start estimation notification produced at the beginning of the
epoch,
- stop estimation notifications should be produced before
basic audit settlement starts.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Classifier looks at list of inner ring nodes and container
nodes from current and previous epoch to classify request.
Sometimes these checks might return error.
Consider there is a request from unknown key and container's
placement policy valid for current epoch and invalid for past
epoch. Classifier tries to find if key belongs to container
node from current epoch -- it is not. Then it tries to find if
key belongs to container node from past epoch and it throws
error, because placement policy is invalid for past epoch.
This is a legit case and classifier should ignore such errors
to provide best effort in matching. The only error classifier
should return is an error when request does not contain
public key to classify it.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Implement NodeState interface required by Netmap service. Make a single
point of updating the state of the node (for both Netmap and Control
services). Protect node info structure from data race.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Call Netmap contract on SetNetmapStatus rpc of Control service (AddPeer
method if new status is ONLINE, UpdatePeerState method otherwise).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Switch health status to:
* STARTING after the initialization of app resources and before bootup;
* READY after bootup and until shutting down;
* SHUTTING_DOWN before exiting the application.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Update node network status via update status by getting the latest network
map and finding the node in it. This step is performed at the start of the
application and upon notification of a new epoch.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement methods required for signatures. Receive network map from netmap
storage, convert it to Control service message and return in response.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement HealthChecker on node app structure. Set health status to ONLINE
after node boot. Set health status to OFFLINE on shutdown.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Application should support several NEO endpoints so it can
switch between different RPC nodes when they fail. Application
iterates over endpoints in random order so the default list of
endpoints distribute workload kinda uniformly.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>