Marina Biryukova
95d847d611
All checks were successful
/ DCO (pull_request) Successful in 4m12s
/ Vulncheck (pull_request) Successful in 4m31s
/ Builds (pull_request) Successful in 2m28s
/ Lint (pull_request) Successful in 2m52s
/ Tests (pull_request) Successful in 2m34s
/ Vulncheck (push) Successful in 1m41s
/ Builds (push) Successful in 2m4s
/ Lint (push) Successful in 6m4s
/ Tests (push) Successful in 5m20s
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
1281 lines
35 KiB
Go
1281 lines
35 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"crypto/x509"
|
|
"encoding/hex"
|
|
"encoding/xml"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"os"
|
|
"os/signal"
|
|
"runtime/debug"
|
|
"strings"
|
|
"sync"
|
|
"syscall"
|
|
"time"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-contract/commonclient"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
|
|
grpctracing "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing/grpc"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/handler"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
|
|
s3middleware "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/resolver"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/tokens"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/frostfsid"
|
|
ffidcontract "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/frostfsid/contract"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/policy"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/policy/contract"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/services"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/logs"
|
|
internalnet "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/net"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/version"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/wallet"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/metrics"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/pkg/service/tree"
|
|
v2container "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
|
|
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
|
|
treepool "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool/tree"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
|
"github.com/go-chi/chi/v5/middleware"
|
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
|
"github.com/panjf2000/ants/v2"
|
|
"github.com/spf13/viper"
|
|
"go.uber.org/zap"
|
|
"golang.org/x/exp/slices"
|
|
"golang.org/x/text/encoding/ianaindex"
|
|
"google.golang.org/grpc"
|
|
)
|
|
|
|
const awsDefaultNamespace = "http://s3.amazonaws.com/doc/2006-03-01/"
|
|
|
|
type (
|
|
// App is the main application structure.
|
|
App struct {
|
|
ctr s3middleware.Center
|
|
log *zap.Logger
|
|
cfg *viper.Viper
|
|
pool *pool.Pool
|
|
treePool *treepool.Pool
|
|
key *keys.PrivateKey
|
|
obj *layer.Layer
|
|
api api.Handler
|
|
cache *layer.Cache
|
|
|
|
frostfsid *frostfsid.FrostFSID
|
|
|
|
policyStorage *policy.Storage
|
|
|
|
servers []Server
|
|
unbindServers []ServerInfo
|
|
mu sync.RWMutex
|
|
|
|
metrics *metrics.AppMetrics
|
|
bucketResolver *resolver.BucketResolver
|
|
services []*Service
|
|
settings *appSettings
|
|
loggerSettings *loggerSettings
|
|
|
|
webDone chan struct{}
|
|
wrkDone chan struct{}
|
|
}
|
|
|
|
loggerSettings struct {
|
|
mu sync.RWMutex
|
|
appMetrics *metrics.AppMetrics
|
|
}
|
|
|
|
appSettings struct {
|
|
logLevel zap.AtomicLevel
|
|
httpLogging s3middleware.LogHTTPConfig
|
|
maxClient maxClientsConfig
|
|
defaultMaxAge int
|
|
reconnectInterval time.Duration
|
|
resolveZoneList []string
|
|
isResolveListAllow bool // True if ResolveZoneList contains allowed zones
|
|
frostfsidValidation bool
|
|
accessbox *cid.ID
|
|
dialerSource *internalnet.DialerSource
|
|
workerPoolSize int
|
|
|
|
mu sync.RWMutex
|
|
namespaces Namespaces
|
|
defaultXMLNS bool
|
|
bypassContentEncodingInChunks bool
|
|
kludgeProfiles map[string]*KludgeParams
|
|
clientCut bool
|
|
maxBufferSizeForPut uint64
|
|
md5Enabled bool
|
|
namespaceHeader string
|
|
defaultNamespaces []string
|
|
policyDenyByDefault bool
|
|
sourceIPHeader string
|
|
retryMaxAttempts int
|
|
domains []string
|
|
vhsEnabled bool
|
|
vhsHeader string
|
|
servernameHeader string
|
|
vhsNamespacesEnabled map[string]bool
|
|
retryMaxBackoff time.Duration
|
|
retryStrategy handler.RetryStrategy
|
|
tombstoneMembersSize int
|
|
tombstoneLifetime uint64
|
|
tlsTerminationHeader string
|
|
}
|
|
|
|
maxClientsConfig struct {
|
|
deadline time.Duration
|
|
count int
|
|
}
|
|
|
|
Logger struct {
|
|
logger *zap.Logger
|
|
lvl zap.AtomicLevel
|
|
}
|
|
)
|
|
|
|
func (s *loggerSettings) DroppedLogsInc() {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
|
|
if s.appMetrics != nil {
|
|
s.appMetrics.Statistic().DroppedLogsInc()
|
|
}
|
|
}
|
|
|
|
func (s *loggerSettings) setMetrics(appMetrics *metrics.AppMetrics) {
|
|
s.mu.Lock()
|
|
defer s.mu.Unlock()
|
|
|
|
s.appMetrics = appMetrics
|
|
}
|
|
|
|
func newApp(ctx context.Context, v *viper.Viper) *App {
|
|
logSettings := &loggerSettings{}
|
|
log := pickLogger(v, logSettings)
|
|
settings := newAppSettings(log, v)
|
|
appCache := layer.NewCache(getCacheOptions(v, log.logger))
|
|
|
|
app := &App{
|
|
log: log.logger,
|
|
cfg: v,
|
|
cache: appCache,
|
|
|
|
webDone: make(chan struct{}, 1),
|
|
wrkDone: make(chan struct{}, 1),
|
|
|
|
settings: settings,
|
|
loggerSettings: logSettings,
|
|
}
|
|
|
|
app.init(ctx)
|
|
|
|
return app
|
|
}
|
|
|
|
func (a *App) init(ctx context.Context) {
|
|
a.initPools(ctx)
|
|
a.initResolver()
|
|
a.initAuthCenter(ctx)
|
|
a.setRuntimeParameters()
|
|
a.initFrostfsID(ctx)
|
|
a.initPolicyStorage(ctx)
|
|
a.initAPI(ctx)
|
|
a.initMetrics()
|
|
a.initServers(ctx)
|
|
a.initTracing(ctx)
|
|
}
|
|
|
|
func (a *App) initAuthCenter(ctx context.Context) {
|
|
if a.cfg.IsSet(cfgContainersAccessBox) {
|
|
cnrID, err := a.resolveContainerID(ctx, cfgContainersAccessBox)
|
|
if err != nil {
|
|
a.log.Fatal(logs.CouldNotFetchAccessBoxContainerInfo, zap.Error(err))
|
|
}
|
|
a.settings.accessbox = &cnrID
|
|
}
|
|
|
|
cfg := tokens.Config{
|
|
FrostFS: frostfs.NewAuthmateFrostFS(frostfs.NewFrostFS(a.pool, a.key), a.log),
|
|
Key: a.key,
|
|
CacheConfig: getAccessBoxCacheConfig(a.cfg, a.log),
|
|
RemovingCheckAfterDurations: fetchRemovingCheckInterval(a.cfg, a.log),
|
|
}
|
|
|
|
a.ctr = auth.New(tokens.New(cfg), a.cfg.GetStringSlice(cfgAllowedAccessKeyIDPrefixes), a.settings)
|
|
}
|
|
|
|
func (a *App) initLayer(ctx context.Context) {
|
|
// prepare random key for anonymous requests
|
|
randomKey, err := keys.NewPrivateKey()
|
|
if err != nil {
|
|
a.log.Fatal(logs.CouldntGenerateRandomKey, zap.Error(err))
|
|
}
|
|
|
|
var gateOwner user.ID
|
|
user.IDFromKey(&gateOwner, a.key.PrivateKey.PublicKey)
|
|
|
|
var corsCnrInfo *data.BucketInfo
|
|
if a.cfg.IsSet(cfgContainersCORS) {
|
|
corsCnrInfo, err = a.fetchContainerInfo(ctx, cfgContainersCORS)
|
|
if err != nil {
|
|
a.log.Fatal(logs.CouldNotFetchCORSContainerInfo, zap.Error(err))
|
|
}
|
|
}
|
|
|
|
var lifecycleCnrInfo *data.BucketInfo
|
|
if a.cfg.IsSet(cfgContainersLifecycle) {
|
|
lifecycleCnrInfo, err = a.fetchContainerInfo(ctx, cfgContainersLifecycle)
|
|
if err != nil {
|
|
a.log.Fatal(logs.CouldNotFetchLifecycleContainerInfo, zap.Error(err))
|
|
}
|
|
}
|
|
|
|
layerCfg := &layer.Config{
|
|
Cache: a.cache,
|
|
AnonKey: layer.AnonymousKey{
|
|
Key: randomKey,
|
|
},
|
|
GateOwner: gateOwner,
|
|
Resolver: a.bucketResolver,
|
|
TreeService: tree.NewTree(services.NewPoolWrapper(a.treePool), a.log),
|
|
Features: a.settings,
|
|
GateKey: a.key,
|
|
CORSCnrInfo: corsCnrInfo,
|
|
LifecycleCnrInfo: lifecycleCnrInfo,
|
|
WorkerPool: a.initWorkerPool(),
|
|
}
|
|
|
|
// prepare object layer
|
|
a.obj = layer.NewLayer(a.log, frostfs.NewFrostFS(a.pool, a.key), layerCfg)
|
|
}
|
|
|
|
func (a *App) initWorkerPool() *ants.Pool {
|
|
workerPool, err := ants.NewPool(a.settings.workerPoolSize)
|
|
if err != nil {
|
|
a.log.Fatal(logs.FailedToCreateWorkerPool, zap.Error(err))
|
|
}
|
|
return workerPool
|
|
}
|
|
|
|
func newAppSettings(log *Logger, v *viper.Viper) *appSettings {
|
|
settings := &appSettings{
|
|
logLevel: log.lvl,
|
|
httpLogging: s3middleware.LogHTTPConfig{},
|
|
maxClient: newMaxClients(v),
|
|
defaultMaxAge: fetchDefaultMaxAge(v, log.logger),
|
|
reconnectInterval: fetchReconnectInterval(v),
|
|
frostfsidValidation: v.GetBool(cfgFrostfsIDValidationEnabled),
|
|
dialerSource: getDialerSource(log.logger, v),
|
|
workerPoolSize: fetchTombstoneWorkerPoolSize(v),
|
|
}
|
|
|
|
settings.resolveZoneList = v.GetStringSlice(cfgResolveBucketAllow)
|
|
settings.isResolveListAllow = len(settings.resolveZoneList) > 0
|
|
if !settings.isResolveListAllow {
|
|
settings.resolveZoneList = v.GetStringSlice(cfgResolveBucketDeny)
|
|
}
|
|
|
|
settings.update(v, log.logger)
|
|
|
|
return settings
|
|
}
|
|
|
|
func (s *appSettings) update(v *viper.Viper, log *zap.Logger) {
|
|
namespaceHeader := v.GetString(cfgResolveNamespaceHeader)
|
|
nsConfig, defaultNamespaces := fetchNamespacesConfig(log, v)
|
|
vhsNamespacesEnabled := s.prepareVHSNamespaces(v, log, defaultNamespaces)
|
|
defaultXMLNS := v.GetBool(cfgKludgeUseDefaultXMLNS)
|
|
bypassContentEncodingInChunks := v.GetBool(cfgKludgeBypassContentEncodingCheckInChunks)
|
|
kludgeProfiles := fetchKludgeProfiles(v)
|
|
clientCut := v.GetBool(cfgClientCut)
|
|
maxBufferSizeForPut := v.GetUint64(cfgBufferMaxSizeForPut)
|
|
md5Enabled := v.GetBool(cfgMD5Enabled)
|
|
policyDenyByDefault := v.GetBool(cfgPolicyDenyByDefault)
|
|
sourceIPHeader := v.GetString(cfgSourceIPHeader)
|
|
retryMaxAttempts := fetchRetryMaxAttempts(v)
|
|
retryMaxBackoff := fetchRetryMaxBackoff(v)
|
|
retryStrategy := fetchRetryStrategy(v)
|
|
domains := fetchDomains(v, log)
|
|
vhsEnabled := v.GetBool(cfgVHSEnabled)
|
|
vhsHeader := v.GetString(cfgVHSHeader)
|
|
servernameHeader := v.GetString(cfgServernameHeader)
|
|
httpLoggingEnabled := v.GetBool(cfgHTTPLoggingEnabled)
|
|
httpLoggingMaxBody := v.GetInt64(cfgHTTPLoggingMaxBody)
|
|
httpLoggingMaxLogSize := v.GetInt(cfgHTTPLoggingMaxLogSize)
|
|
httpLoggingOutputPath := v.GetString(cfgHTTPLoggingDestination)
|
|
httpLoggingUseGzip := v.GetBool(cfgHTTPLoggingGzip)
|
|
tombstoneMembersSize := fetchTombstoneMembersSize(v)
|
|
tombstoneLifetime := fetchTombstoneLifetime(v)
|
|
tlsTerminationHeader := v.GetString(cfgEncryptionTLSTerminationHeader)
|
|
|
|
s.mu.Lock()
|
|
defer s.mu.Unlock()
|
|
|
|
s.httpLogging.Enabled = httpLoggingEnabled
|
|
s.httpLogging.MaxBody = httpLoggingMaxBody
|
|
s.httpLogging.MaxLogSize = httpLoggingMaxLogSize
|
|
s.httpLogging.OutputPath = httpLoggingOutputPath
|
|
s.httpLogging.UseGzip = httpLoggingUseGzip
|
|
s.httpLogging.InitHTTPLogger(log)
|
|
|
|
s.namespaceHeader = namespaceHeader
|
|
s.defaultNamespaces = defaultNamespaces
|
|
s.namespaces = nsConfig.Namespaces
|
|
s.defaultXMLNS = defaultXMLNS
|
|
s.bypassContentEncodingInChunks = bypassContentEncodingInChunks
|
|
s.kludgeProfiles = kludgeProfiles
|
|
s.clientCut = clientCut
|
|
s.maxBufferSizeForPut = maxBufferSizeForPut
|
|
s.md5Enabled = md5Enabled
|
|
s.policyDenyByDefault = policyDenyByDefault
|
|
s.sourceIPHeader = sourceIPHeader
|
|
s.retryMaxAttempts = retryMaxAttempts
|
|
s.retryMaxBackoff = retryMaxBackoff
|
|
s.retryStrategy = retryStrategy
|
|
s.domains = domains
|
|
s.vhsEnabled = vhsEnabled
|
|
s.vhsHeader = vhsHeader
|
|
s.servernameHeader = servernameHeader
|
|
s.vhsNamespacesEnabled = vhsNamespacesEnabled
|
|
s.tombstoneMembersSize = tombstoneMembersSize
|
|
s.tombstoneLifetime = tombstoneLifetime
|
|
s.tlsTerminationHeader = tlsTerminationHeader
|
|
}
|
|
|
|
func (s *appSettings) prepareVHSNamespaces(v *viper.Viper, log *zap.Logger, defaultNamespaces []string) map[string]bool {
|
|
nsMap := fetchVHSNamespaces(v, log)
|
|
vhsNamespaces := make(map[string]bool, len(nsMap))
|
|
for ns, flag := range nsMap {
|
|
if slices.Contains(defaultNamespaces, ns) {
|
|
ns = defaultNamespace
|
|
}
|
|
vhsNamespaces[ns] = flag
|
|
}
|
|
|
|
return vhsNamespaces
|
|
}
|
|
|
|
func (s *appSettings) Domains() []string {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.domains
|
|
}
|
|
|
|
func (s *appSettings) GlobalVHS() bool {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.vhsEnabled
|
|
}
|
|
|
|
func (s *appSettings) VHSHeader() string {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.vhsHeader
|
|
}
|
|
|
|
func (s *appSettings) ServernameHeader() string {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.servernameHeader
|
|
}
|
|
|
|
func (s *appSettings) VHSNamespacesEnabled() map[string]bool {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.vhsNamespacesEnabled
|
|
}
|
|
|
|
func (s *appSettings) BypassContentEncodingInChunks(agent string) bool {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
|
|
profiles := s.kludgeProfiles
|
|
for p := range profiles {
|
|
if strings.Contains(agent, p) {
|
|
return profiles[p].BypassContentEncodingCheckInChunks
|
|
}
|
|
}
|
|
|
|
return s.bypassContentEncodingInChunks
|
|
}
|
|
|
|
func (s *appSettings) ClientCut() bool {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.clientCut
|
|
}
|
|
|
|
func (s *appSettings) BufferMaxSizeForPut() uint64 {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.maxBufferSizeForPut
|
|
}
|
|
|
|
func (s *appSettings) DefaultPlacementPolicy(namespace string) netmap.PlacementPolicy {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.namespaces[namespace].LocationConstraints[defaultConstraintName]
|
|
}
|
|
|
|
func (s *appSettings) PlacementPolicy(namespace, constraint string) (netmap.PlacementPolicy, bool) {
|
|
s.mu.RLock()
|
|
placementPolicy, ok := s.namespaces[namespace].LocationConstraints[constraint]
|
|
s.mu.RUnlock()
|
|
|
|
return placementPolicy, ok
|
|
}
|
|
|
|
func (s *appSettings) CopiesNumbers(namespace, constraint string) ([]uint32, bool) {
|
|
s.mu.RLock()
|
|
copiesNumbers, ok := s.namespaces[namespace].CopiesNumbers[constraint]
|
|
s.mu.RUnlock()
|
|
|
|
return copiesNumbers, ok
|
|
}
|
|
|
|
func (s *appSettings) DefaultCopiesNumbers(namespace string) []uint32 {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.namespaces[namespace].CopiesNumbers[defaultConstraintName]
|
|
}
|
|
|
|
func (s *appSettings) LogHTTPConfig() s3middleware.LogHTTPConfig {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
|
|
return s.httpLogging
|
|
}
|
|
|
|
func (s *appSettings) NewXMLDecoder(r io.Reader, agent string) *xml.Decoder {
|
|
dec := xml.NewDecoder(r)
|
|
dec.CharsetReader = func(charset string, reader io.Reader) (io.Reader, error) {
|
|
enc, err := ianaindex.IANA.Encoding(charset)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("charset %s: %w", charset, err)
|
|
}
|
|
return enc.NewDecoder().Reader(reader), nil
|
|
}
|
|
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
|
|
for p := range s.kludgeProfiles {
|
|
if strings.Contains(agent, p) {
|
|
if s.kludgeProfiles[p].UseDefaultXMLNS {
|
|
dec.DefaultSpace = awsDefaultNamespace
|
|
}
|
|
return dec
|
|
}
|
|
}
|
|
if s.defaultXMLNS {
|
|
dec.DefaultSpace = awsDefaultNamespace
|
|
}
|
|
|
|
return dec
|
|
}
|
|
|
|
func (s *appSettings) DefaultMaxAge() int {
|
|
return s.defaultMaxAge
|
|
}
|
|
|
|
func (s *appSettings) ResolveZoneList() []string {
|
|
return s.resolveZoneList
|
|
}
|
|
|
|
func (s *appSettings) IsResolveListAllow() bool {
|
|
return s.isResolveListAllow
|
|
}
|
|
|
|
func (s *appSettings) MD5Enabled() bool {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.md5Enabled
|
|
}
|
|
|
|
func (s *appSettings) NamespaceHeader() string {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.namespaceHeader
|
|
}
|
|
|
|
func (s *appSettings) FormContainerZone(ns string) string {
|
|
if len(ns) == 0 {
|
|
return v2container.SysAttributeZoneDefault
|
|
}
|
|
|
|
return ns + ".ns"
|
|
}
|
|
|
|
func (s *appSettings) isDefaultNamespace(ns string) bool {
|
|
s.mu.RLock()
|
|
namespaces := s.defaultNamespaces
|
|
s.mu.RUnlock()
|
|
return slices.Contains(namespaces, ns)
|
|
}
|
|
|
|
func (s *appSettings) ResolveNamespaceAlias(namespace string) string {
|
|
if s.isDefaultNamespace(namespace) {
|
|
return defaultNamespace
|
|
}
|
|
|
|
return namespace
|
|
}
|
|
|
|
func (s *appSettings) PolicyDenyByDefault() bool {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.policyDenyByDefault
|
|
}
|
|
|
|
func (s *appSettings) SourceIPHeader() string {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.sourceIPHeader
|
|
}
|
|
|
|
func (s *appSettings) RetryMaxAttempts() int {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.retryMaxAttempts
|
|
}
|
|
|
|
func (s *appSettings) RetryMaxBackoff() time.Duration {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.retryMaxBackoff
|
|
}
|
|
|
|
func (s *appSettings) RetryStrategy() handler.RetryStrategy {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.retryStrategy
|
|
}
|
|
|
|
func (s *appSettings) TLSTerminationHeader() string {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.tlsTerminationHeader
|
|
}
|
|
|
|
func (s *appSettings) AccessBoxContainer() (cid.ID, bool) {
|
|
if s.accessbox != nil {
|
|
return *s.accessbox, true
|
|
}
|
|
|
|
return cid.ID{}, false
|
|
}
|
|
|
|
func (s *appSettings) TombstoneMembersSize() int {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.tombstoneMembersSize
|
|
}
|
|
|
|
func (s *appSettings) TombstoneLifetime() uint64 {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.tombstoneLifetime
|
|
}
|
|
|
|
func (a *App) initAPI(ctx context.Context) {
|
|
a.initLayer(ctx)
|
|
a.initHandler()
|
|
}
|
|
|
|
func (a *App) initMetrics() {
|
|
cfg := metrics.AppMetricsConfig{
|
|
Logger: a.log,
|
|
PoolStatistics: frostfs.NewPoolStatistic(a.pool),
|
|
TreeStatistic: a.treePool,
|
|
Enabled: a.cfg.GetBool(cfgPrometheusEnabled),
|
|
}
|
|
|
|
a.metrics = metrics.NewAppMetrics(cfg)
|
|
a.metrics.State().SetHealth(metrics.HealthStatusStarting)
|
|
a.loggerSettings.setMetrics(a.metrics)
|
|
}
|
|
|
|
func (a *App) initFrostfsID(ctx context.Context) {
|
|
cli, err := ffidcontract.New(ctx, ffidcontract.Config{
|
|
RPCAddress: a.cfg.GetString(cfgRPCEndpoint),
|
|
Contract: a.cfg.GetString(cfgFrostfsIDContract),
|
|
ProxyContract: a.cfg.GetString(cfgProxyContract),
|
|
Key: a.key,
|
|
Waiter: commonclient.WaiterOptions{
|
|
IgnoreAlreadyExistsError: false,
|
|
VerifyExecResults: true,
|
|
},
|
|
})
|
|
if err != nil {
|
|
a.log.Fatal(logs.InitFrostfsIDContractFailed, zap.Error(err))
|
|
}
|
|
|
|
a.frostfsid, err = frostfsid.NewFrostFSID(frostfsid.Config{
|
|
Cache: cache.NewFrostfsIDCache(getFrostfsIDCacheConfig(a.cfg, a.log)),
|
|
FrostFSID: cli,
|
|
Logger: a.log,
|
|
})
|
|
if err != nil {
|
|
a.log.Fatal(logs.InitFrostfsIDContractFailed, zap.Error(err))
|
|
}
|
|
}
|
|
|
|
func (a *App) initPolicyStorage(ctx context.Context) {
|
|
policyContract, err := contract.New(ctx, contract.Config{
|
|
RPCAddress: a.cfg.GetString(cfgRPCEndpoint),
|
|
Contract: a.cfg.GetString(cfgPolicyContract),
|
|
ProxyContract: a.cfg.GetString(cfgProxyContract),
|
|
Key: a.key,
|
|
Waiter: commonclient.WaiterOptions{
|
|
IgnoreAlreadyExistsError: false,
|
|
VerifyExecResults: true,
|
|
},
|
|
})
|
|
if err != nil {
|
|
a.log.Fatal(logs.InitPolicyContractFailed, zap.Error(err))
|
|
}
|
|
|
|
a.policyStorage = policy.NewStorage(policy.StorageConfig{
|
|
Contract: policyContract,
|
|
Cache: cache.NewMorphPolicyCache(getMorphPolicyCacheConfig(a.cfg, a.log)),
|
|
Log: a.log,
|
|
})
|
|
}
|
|
|
|
func (a *App) initResolver() {
|
|
var err error
|
|
a.bucketResolver, err = resolver.NewBucketResolver(a.getResolverOrder(), a.getResolverConfig())
|
|
if err != nil {
|
|
a.log.Fatal(logs.FailedToCreateResolver, zap.Error(err))
|
|
}
|
|
}
|
|
|
|
func (a *App) getResolverConfig() *resolver.Config {
|
|
return &resolver.Config{
|
|
FrostFS: frostfs.NewResolverFrostFS(a.pool),
|
|
RPCAddress: a.cfg.GetString(cfgRPCEndpoint),
|
|
}
|
|
}
|
|
|
|
func (a *App) getResolverOrder() []string {
|
|
order := a.cfg.GetStringSlice(cfgResolveOrder)
|
|
if a.cfg.GetString(cfgRPCEndpoint) == "" {
|
|
order = remove(order, resolver.NNSResolver)
|
|
a.log.Warn(logs.ResolverNNSWontBeUsedSinceRPCEndpointIsntProvided)
|
|
}
|
|
|
|
if len(order) == 0 {
|
|
a.log.Info(logs.ContainerResolverWillBeDisabled)
|
|
}
|
|
|
|
return order
|
|
}
|
|
|
|
func (a *App) initTracing(ctx context.Context) {
|
|
instanceID := ""
|
|
if len(a.servers) > 0 {
|
|
instanceID = a.servers[0].Address()
|
|
}
|
|
cfg := tracing.Config{
|
|
Enabled: a.cfg.GetBool(cfgTracingEnabled),
|
|
Exporter: tracing.Exporter(a.cfg.GetString(cfgTracingExporter)),
|
|
Endpoint: a.cfg.GetString(cfgTracingEndpoint),
|
|
Service: "frostfs-s3-gw",
|
|
InstanceID: instanceID,
|
|
Version: version.Version,
|
|
}
|
|
|
|
if trustedCa := a.cfg.GetString(cfgTracingTrustedCa); trustedCa != "" {
|
|
caBytes, err := os.ReadFile(trustedCa)
|
|
if err != nil {
|
|
a.log.Warn(logs.FailedToInitializeTracing, zap.Error(err))
|
|
return
|
|
}
|
|
certPool := x509.NewCertPool()
|
|
ok := certPool.AppendCertsFromPEM(caBytes)
|
|
if !ok {
|
|
a.log.Warn(logs.FailedToInitializeTracing, zap.String("error", "can't fill cert pool by ca cert"))
|
|
return
|
|
}
|
|
cfg.ServerCaCertPool = certPool
|
|
}
|
|
|
|
attributes, err := fetchTracingAttributes(a.cfg)
|
|
if err != nil {
|
|
a.log.Warn(logs.FailedToInitializeTracing, zap.Error(err))
|
|
return
|
|
}
|
|
cfg.Attributes = attributes
|
|
|
|
updated, err := tracing.Setup(ctx, cfg)
|
|
if err != nil {
|
|
a.log.Warn(logs.FailedToInitializeTracing, zap.Error(err))
|
|
}
|
|
if updated {
|
|
a.log.Info(logs.TracingConfigUpdated)
|
|
}
|
|
}
|
|
|
|
func (a *App) shutdownTracing() {
|
|
const tracingShutdownTimeout = 5 * time.Second
|
|
shdnCtx, cancel := context.WithTimeout(context.Background(), tracingShutdownTimeout)
|
|
defer cancel()
|
|
|
|
if err := tracing.Shutdown(shdnCtx); err != nil {
|
|
a.log.Warn(logs.FailedToShutdownTracing, zap.Error(err))
|
|
}
|
|
}
|
|
|
|
func newMaxClients(cfg *viper.Viper) maxClientsConfig {
|
|
config := maxClientsConfig{}
|
|
|
|
config.count = fetchMaxClientsCount(cfg)
|
|
|
|
config.deadline = fetchMaxClientsDeadline(cfg)
|
|
|
|
return config
|
|
}
|
|
|
|
func getDialerSource(logger *zap.Logger, cfg *viper.Viper) *internalnet.DialerSource {
|
|
source, err := internalnet.NewDialerSource(fetchMultinetConfig(cfg, logger))
|
|
if err != nil {
|
|
logger.Fatal(logs.FailedToLoadMultinetConfig, zap.Error(err))
|
|
}
|
|
return source
|
|
}
|
|
|
|
func (a *App) initPools(ctx context.Context) {
|
|
var prm pool.InitParameters
|
|
var prmTree treepool.InitParameters
|
|
|
|
password := wallet.GetPassword(a.cfg, cfgWalletPassphrase)
|
|
key, err := wallet.GetKeyFromPath(a.cfg.GetString(cfgWalletPath), a.cfg.GetString(cfgWalletAddress), password)
|
|
if err != nil {
|
|
a.log.Fatal(logs.CouldNotLoadFrostFSPrivateKey, zap.Error(err))
|
|
}
|
|
|
|
prm.SetKey(&key.PrivateKey)
|
|
prmTree.SetKey(key)
|
|
a.log.Info(logs.UsingCredentials, zap.String("FrostFS", hex.EncodeToString(key.PublicKey().Bytes())))
|
|
|
|
for _, peer := range fetchPeers(a.log, a.cfg) {
|
|
prm.AddNode(peer)
|
|
prmTree.AddNode(peer)
|
|
}
|
|
|
|
connTimeout := fetchConnectTimeout(a.cfg)
|
|
prm.SetNodeDialTimeout(connTimeout)
|
|
prmTree.SetNodeDialTimeout(connTimeout)
|
|
|
|
streamTimeout := fetchStreamTimeout(a.cfg)
|
|
prm.SetNodeStreamTimeout(streamTimeout)
|
|
prmTree.SetNodeStreamTimeout(streamTimeout)
|
|
|
|
healthCheckTimeout := fetchHealthCheckTimeout(a.cfg)
|
|
prm.SetHealthcheckTimeout(healthCheckTimeout)
|
|
prmTree.SetHealthcheckTimeout(healthCheckTimeout)
|
|
|
|
rebalanceInterval := fetchRebalanceInterval(a.cfg)
|
|
prm.SetClientRebalanceInterval(rebalanceInterval)
|
|
prmTree.SetClientRebalanceInterval(rebalanceInterval)
|
|
|
|
errorThreshold := fetchErrorThreshold(a.cfg)
|
|
prm.SetErrorThreshold(errorThreshold)
|
|
|
|
prm.SetGracefulCloseOnSwitchTimeout(fetchSetGracefulCloseOnSwitchTimeout(a.cfg))
|
|
|
|
prm.SetLogger(a.log)
|
|
prmTree.SetLogger(a.log)
|
|
|
|
prmTree.SetMaxRequestAttempts(a.cfg.GetInt(cfgTreePoolMaxAttempts))
|
|
|
|
interceptors := []grpc.DialOption{
|
|
grpc.WithUnaryInterceptor(grpctracing.NewUnaryClientInteceptor()),
|
|
grpc.WithStreamInterceptor(grpctracing.NewStreamClientInterceptor()),
|
|
grpc.WithContextDialer(a.settings.dialerSource.GrpcContextDialer()),
|
|
}
|
|
prm.SetGRPCDialOptions(interceptors...)
|
|
prmTree.SetGRPCDialOptions(interceptors...)
|
|
|
|
p, err := pool.NewPool(prm)
|
|
if err != nil {
|
|
a.log.Fatal(logs.FailedToCreateConnectionPool, zap.Error(err))
|
|
}
|
|
|
|
if err = p.Dial(ctx); err != nil {
|
|
a.log.Fatal(logs.FailedToDialConnectionPool, zap.Error(err))
|
|
}
|
|
|
|
if a.cfg.GetBool(cfgTreePoolNetmapSupport) {
|
|
prmTree.SetNetMapInfoSource(frostfs.NewSource(frostfs.NewFrostFS(p, key), a.cache))
|
|
}
|
|
|
|
treePool, err := treepool.NewPool(prmTree)
|
|
if err != nil {
|
|
a.log.Fatal(logs.FailedToCreateTreePool, zap.Error(err))
|
|
}
|
|
if err = treePool.Dial(ctx); err != nil {
|
|
a.log.Fatal(logs.FailedToDialTreePool, zap.Error(err))
|
|
}
|
|
|
|
a.treePool = treePool
|
|
a.pool = p
|
|
a.key = key
|
|
}
|
|
|
|
func remove(list []string, element string) []string {
|
|
for i, item := range list {
|
|
if item == element {
|
|
return append(list[:i], list[i+1:]...)
|
|
}
|
|
}
|
|
return list
|
|
}
|
|
|
|
// Wait waits for an application to finish.
|
|
//
|
|
// Pre-logs a message about the launch of the application mentioning its
|
|
// version (version.Version) and its name (frostfs-s3-gw). At the end, it writes
|
|
// about the stop to the log.
|
|
func (a *App) Wait() {
|
|
a.log.Info(logs.ApplicationStarted,
|
|
zap.String("name", "frostfs-s3-gw"),
|
|
zap.String("version", version.Version),
|
|
)
|
|
|
|
a.metrics.State().SetVersion(version.Version)
|
|
a.setHealthStatus()
|
|
|
|
<-a.webDone // wait for web-server to be stopped
|
|
|
|
a.log.Info(logs.ApplicationFinished)
|
|
}
|
|
|
|
func (a *App) setHealthStatus() {
|
|
a.metrics.State().SetHealth(metrics.HealthStatusReady)
|
|
}
|
|
|
|
// Serve runs HTTP server to handle S3 API requests.
|
|
func (a *App) Serve(ctx context.Context) {
|
|
cfg := api.Config{
|
|
Throttle: middleware.ThrottleOpts{
|
|
Limit: a.settings.maxClient.count,
|
|
BacklogTimeout: a.settings.maxClient.deadline,
|
|
},
|
|
Handler: a.api,
|
|
Center: a.ctr,
|
|
Log: a.log,
|
|
Metrics: a.metrics,
|
|
|
|
MiddlewareSettings: a.settings,
|
|
PolicyChecker: a.policyStorage,
|
|
|
|
FrostfsID: a.frostfsid,
|
|
FrostFSIDValidation: a.settings.frostfsidValidation,
|
|
|
|
XMLDecoder: a.settings,
|
|
Tagging: a.obj,
|
|
}
|
|
|
|
chiRouter := api.NewRouter(cfg)
|
|
|
|
// Use mux.Router as http.Handler
|
|
srv := new(http.Server)
|
|
srv.Handler = chiRouter
|
|
srv.ErrorLog = zap.NewStdLog(a.log)
|
|
srv.ReadTimeout = a.cfg.GetDuration(cfgWebReadTimeout)
|
|
srv.ReadHeaderTimeout = a.cfg.GetDuration(cfgWebReadHeaderTimeout)
|
|
srv.WriteTimeout = a.cfg.GetDuration(cfgWebWriteTimeout)
|
|
srv.IdleTimeout = a.cfg.GetDuration(cfgWebIdleTimeout)
|
|
|
|
a.startServices()
|
|
|
|
servs := a.getServers()
|
|
|
|
for i := range servs {
|
|
go func(i int) {
|
|
a.log.Info(logs.StartingServer, zap.String("address", servs[i].Address()))
|
|
|
|
if err := srv.Serve(servs[i].Listener()); err != nil && err != http.ErrServerClosed {
|
|
a.metrics.MarkUnhealthy(servs[i].Address())
|
|
a.log.Fatal(logs.ListenAndServe, zap.Error(err))
|
|
}
|
|
}(i)
|
|
}
|
|
|
|
if len(a.unbindServers) != 0 {
|
|
a.scheduleReconnect(ctx, srv)
|
|
}
|
|
|
|
sigs := make(chan os.Signal, 1)
|
|
signal.Notify(sigs, syscall.SIGHUP)
|
|
|
|
LOOP:
|
|
for {
|
|
select {
|
|
case <-ctx.Done():
|
|
break LOOP
|
|
case <-sigs:
|
|
a.configReload(ctx)
|
|
}
|
|
}
|
|
|
|
ctx, cancel := shutdownContext()
|
|
defer cancel()
|
|
|
|
a.log.Info(logs.StoppingServer, zap.Error(srv.Shutdown(ctx)))
|
|
|
|
a.metrics.Shutdown()
|
|
a.stopServices()
|
|
a.shutdownTracing()
|
|
|
|
close(a.webDone)
|
|
}
|
|
|
|
func shutdownContext() (context.Context, context.CancelFunc) {
|
|
return context.WithTimeout(context.Background(), defaultShutdownTimeout)
|
|
}
|
|
|
|
func (a *App) configReload(ctx context.Context) {
|
|
a.log.Info(logs.SIGHUPConfigReloadStarted)
|
|
|
|
if !a.cfg.IsSet(cmdConfig) && !a.cfg.IsSet(cmdConfigDir) {
|
|
a.log.Warn(logs.FailedToReloadConfigBecauseItsMissed)
|
|
return
|
|
}
|
|
if err := readInConfig(a.cfg); err != nil {
|
|
a.log.Warn(logs.FailedToReloadConfig, zap.Error(err))
|
|
return
|
|
}
|
|
|
|
if err := a.bucketResolver.UpdateResolvers(a.getResolverOrder()); err != nil {
|
|
a.log.Warn(logs.FailedToReloadResolvers, zap.Error(err))
|
|
}
|
|
|
|
if err := a.updateServers(); err != nil {
|
|
a.log.Warn(logs.FailedToReloadServerParameters, zap.Error(err))
|
|
}
|
|
|
|
a.setRuntimeParameters()
|
|
|
|
a.stopServices()
|
|
a.startServices()
|
|
|
|
a.updateSettings()
|
|
|
|
a.metrics.SetEnabled(a.cfg.GetBool(cfgPrometheusEnabled))
|
|
a.initTracing(ctx)
|
|
a.setHealthStatus()
|
|
|
|
a.log.Info(logs.SIGHUPConfigReloadCompleted)
|
|
}
|
|
|
|
func (a *App) updateSettings() {
|
|
if lvl, err := getLogLevel(a.cfg); err != nil {
|
|
a.log.Warn(logs.LogLevelWontBeUpdated, zap.Error(err))
|
|
} else {
|
|
a.settings.logLevel.SetLevel(lvl)
|
|
}
|
|
|
|
if err := a.settings.dialerSource.Update(fetchMultinetConfig(a.cfg, a.log)); err != nil {
|
|
a.log.Warn(logs.MultinetConfigWontBeUpdated, zap.Error(err))
|
|
}
|
|
|
|
a.settings.update(a.cfg, a.log)
|
|
}
|
|
|
|
func (a *App) startServices() {
|
|
a.services = a.services[:0]
|
|
|
|
pprofService := NewPprofService(a.cfg, a.log)
|
|
a.services = append(a.services, pprofService)
|
|
go pprofService.Start()
|
|
|
|
prometheusService := NewPrometheusService(a.cfg, a.log, a.metrics.Handler())
|
|
a.services = append(a.services, prometheusService)
|
|
go prometheusService.Start()
|
|
}
|
|
|
|
func (a *App) initServers(ctx context.Context) {
|
|
serversInfo := fetchServers(a.cfg, a.log)
|
|
|
|
a.servers = make([]Server, 0, len(serversInfo))
|
|
for _, serverInfo := range serversInfo {
|
|
fields := []zap.Field{
|
|
zap.String("address", serverInfo.Address), zap.Bool("tls enabled", serverInfo.TLS.Enabled),
|
|
zap.String("tls cert", serverInfo.TLS.CertFile), zap.String("tls key", serverInfo.TLS.KeyFile),
|
|
}
|
|
srv, err := newServer(ctx, serverInfo)
|
|
if err != nil {
|
|
a.unbindServers = append(a.unbindServers, serverInfo)
|
|
a.metrics.MarkUnhealthy(serverInfo.Address)
|
|
a.log.Warn(logs.FailedToAddServer, append(fields, zap.Error(err))...)
|
|
continue
|
|
}
|
|
a.metrics.MarkHealthy(serverInfo.Address)
|
|
|
|
a.servers = append(a.servers, srv)
|
|
a.log.Info(logs.AddServer, fields...)
|
|
}
|
|
|
|
if len(a.servers) == 0 {
|
|
a.log.Fatal(logs.NoHealthyServers)
|
|
}
|
|
}
|
|
|
|
func (a *App) updateServers() error {
|
|
serversInfo := fetchServers(a.cfg, a.log)
|
|
|
|
a.mu.Lock()
|
|
defer a.mu.Unlock()
|
|
|
|
var found bool
|
|
for _, serverInfo := range serversInfo {
|
|
ser := a.getServer(serverInfo.Address)
|
|
if ser != nil {
|
|
if serverInfo.TLS.Enabled {
|
|
if err := ser.UpdateCert(serverInfo.TLS.CertFile, serverInfo.TLS.KeyFile); err != nil {
|
|
return fmt.Errorf("failed to update tls certs: %w", err)
|
|
}
|
|
found = true
|
|
}
|
|
} else if unbind := a.updateUnbindServerInfo(serverInfo); unbind {
|
|
found = true
|
|
}
|
|
}
|
|
|
|
if !found {
|
|
return fmt.Errorf("invalid servers configuration: no known server found")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (a *App) stopServices() {
|
|
ctx, cancel := shutdownContext()
|
|
defer cancel()
|
|
|
|
for _, svc := range a.services {
|
|
svc.ShutDown(ctx)
|
|
}
|
|
}
|
|
|
|
func getCacheOptions(v *viper.Viper, l *zap.Logger) *layer.CachesConfig {
|
|
cacheCfg := layer.DefaultCachesConfigs(l)
|
|
|
|
cacheCfg.Objects.Lifetime = fetchCacheLifetime(v, l, cfgObjectsCacheLifetime, cacheCfg.Objects.Lifetime)
|
|
cacheCfg.Objects.Size = fetchCacheSize(v, l, cfgObjectsCacheSize, cacheCfg.Objects.Size)
|
|
|
|
cacheCfg.ObjectsList.Lifetime = fetchCacheLifetime(v, l, cfgListObjectsCacheLifetime, cacheCfg.ObjectsList.Lifetime)
|
|
cacheCfg.ObjectsList.Size = fetchCacheSize(v, l, cfgListObjectsCacheSize, cacheCfg.ObjectsList.Size)
|
|
|
|
cacheCfg.SessionList.Lifetime = fetchCacheLifetime(v, l, cfgSessionListCacheLifetime, cacheCfg.SessionList.Lifetime)
|
|
cacheCfg.SessionList.Size = fetchCacheSize(v, l, cfgSessionListCacheSize, cacheCfg.SessionList.Size)
|
|
|
|
cacheCfg.Buckets.Lifetime = fetchCacheLifetime(v, l, cfgBucketsCacheLifetime, cacheCfg.Buckets.Lifetime)
|
|
cacheCfg.Buckets.Size = fetchCacheSize(v, l, cfgBucketsCacheSize, cacheCfg.Buckets.Size)
|
|
|
|
cacheCfg.Names.Lifetime = fetchCacheLifetime(v, l, cfgNamesCacheLifetime, cacheCfg.Names.Lifetime)
|
|
cacheCfg.Names.Size = fetchCacheSize(v, l, cfgNamesCacheSize, cacheCfg.Names.Size)
|
|
|
|
cacheCfg.System.Lifetime = fetchCacheLifetime(v, l, cfgSystemCacheLifetime, cacheCfg.System.Lifetime)
|
|
cacheCfg.System.Size = fetchCacheSize(v, l, cfgSystemCacheSize, cacheCfg.System.Size)
|
|
|
|
cacheCfg.AccessControl.Lifetime = fetchCacheLifetime(v, l, cfgAccessControlCacheLifetime, cacheCfg.AccessControl.Lifetime)
|
|
cacheCfg.AccessControl.Size = fetchCacheSize(v, l, cfgAccessControlCacheSize, cacheCfg.AccessControl.Size)
|
|
|
|
cacheCfg.Network.Lifetime = fetchCacheLifetime(v, l, cfgNetworkCacheLifetime, cacheCfg.Network.Lifetime)
|
|
|
|
cacheCfg.CIDCache = v.GetBool(cfgTreePoolNetmapSupport)
|
|
|
|
return cacheCfg
|
|
}
|
|
|
|
func getAccessBoxCacheConfig(v *viper.Viper, l *zap.Logger) *cache.Config {
|
|
cacheCfg := cache.DefaultAccessBoxConfig(l)
|
|
|
|
cacheCfg.Lifetime = fetchCacheLifetime(v, l, cfgAccessBoxCacheLifetime, cacheCfg.Lifetime)
|
|
cacheCfg.Size = fetchCacheSize(v, l, cfgAccessBoxCacheSize, cacheCfg.Size)
|
|
|
|
return cacheCfg
|
|
}
|
|
|
|
func getMorphPolicyCacheConfig(v *viper.Viper, l *zap.Logger) *cache.Config {
|
|
cacheCfg := cache.DefaultMorphPolicyConfig(l)
|
|
|
|
cacheCfg.Lifetime = fetchCacheLifetime(v, l, cfgMorphPolicyCacheLifetime, cacheCfg.Lifetime)
|
|
cacheCfg.Size = fetchCacheSize(v, l, cfgMorphPolicyCacheSize, cacheCfg.Size)
|
|
|
|
return cacheCfg
|
|
}
|
|
|
|
func getFrostfsIDCacheConfig(v *viper.Viper, l *zap.Logger) *cache.Config {
|
|
cacheCfg := cache.DefaultFrostfsIDConfig(l)
|
|
|
|
cacheCfg.Lifetime = fetchCacheLifetime(v, l, cfgFrostfsIDCacheLifetime, cacheCfg.Lifetime)
|
|
cacheCfg.Size = fetchCacheSize(v, l, cfgFrostfsIDCacheSize, cacheCfg.Size)
|
|
|
|
return cacheCfg
|
|
}
|
|
|
|
func (a *App) initHandler() {
|
|
var err error
|
|
|
|
a.api, err = handler.New(a.log, a.obj, a.settings, a.policyStorage, a.frostfsid)
|
|
if err != nil {
|
|
a.log.Fatal(logs.CouldNotInitializeAPIHandler, zap.Error(err))
|
|
}
|
|
}
|
|
|
|
func (a *App) getServer(address string) Server {
|
|
for i := range a.servers {
|
|
if a.servers[i].Address() == address {
|
|
return a.servers[i]
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (a *App) updateUnbindServerInfo(info ServerInfo) bool {
|
|
for i := range a.unbindServers {
|
|
if a.unbindServers[i].Address == info.Address {
|
|
a.unbindServers[i] = info
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (a *App) getServers() []Server {
|
|
a.mu.RLock()
|
|
defer a.mu.RUnlock()
|
|
return a.servers
|
|
}
|
|
|
|
func (a *App) setRuntimeParameters() {
|
|
if len(os.Getenv("GOMEMLIMIT")) != 0 {
|
|
// default limit < yaml limit < app env limit < GOMEMLIMIT
|
|
a.log.Warn(logs.RuntimeSoftMemoryDefinedWithGOMEMLIMIT)
|
|
return
|
|
}
|
|
|
|
softMemoryLimit := fetchSoftMemoryLimit(a.cfg)
|
|
previous := debug.SetMemoryLimit(softMemoryLimit)
|
|
if softMemoryLimit != previous {
|
|
a.log.Info(logs.RuntimeSoftMemoryLimitUpdated,
|
|
zap.Int64("new_value", softMemoryLimit),
|
|
zap.Int64("old_value", previous))
|
|
}
|
|
}
|
|
|
|
func (a *App) scheduleReconnect(ctx context.Context, srv *http.Server) {
|
|
go func() {
|
|
t := time.NewTicker(a.settings.reconnectInterval)
|
|
defer t.Stop()
|
|
for {
|
|
select {
|
|
case <-t.C:
|
|
if a.tryReconnect(ctx, srv) {
|
|
return
|
|
}
|
|
t.Reset(a.settings.reconnectInterval)
|
|
case <-ctx.Done():
|
|
return
|
|
}
|
|
}
|
|
}()
|
|
}
|
|
|
|
func (a *App) tryReconnect(ctx context.Context, sr *http.Server) bool {
|
|
a.mu.Lock()
|
|
defer a.mu.Unlock()
|
|
|
|
a.log.Info(logs.ServerReconnecting)
|
|
var failedServers []ServerInfo
|
|
|
|
for _, serverInfo := range a.unbindServers {
|
|
fields := []zap.Field{
|
|
zap.String("address", serverInfo.Address), zap.Bool("tls enabled", serverInfo.TLS.Enabled),
|
|
zap.String("tls cert", serverInfo.TLS.CertFile), zap.String("tls key", serverInfo.TLS.KeyFile),
|
|
}
|
|
|
|
srv, err := newServer(ctx, serverInfo)
|
|
if err != nil {
|
|
a.log.Warn(logs.ServerReconnectFailed, zap.Error(err))
|
|
failedServers = append(failedServers, serverInfo)
|
|
a.metrics.MarkUnhealthy(serverInfo.Address)
|
|
continue
|
|
}
|
|
|
|
go func() {
|
|
a.log.Info(logs.StartingServer, zap.String("address", srv.Address()))
|
|
a.metrics.MarkHealthy(serverInfo.Address)
|
|
if err = sr.Serve(srv.Listener()); err != nil && !errors.Is(err, http.ErrServerClosed) {
|
|
a.log.Warn(logs.ListenAndServe, zap.Error(err))
|
|
a.metrics.MarkUnhealthy(serverInfo.Address)
|
|
}
|
|
}()
|
|
|
|
a.servers = append(a.servers, srv)
|
|
a.log.Info(logs.ServerReconnectedSuccessfully, fields...)
|
|
}
|
|
|
|
a.unbindServers = failedServers
|
|
|
|
return len(a.unbindServers) == 0
|
|
}
|
|
|
|
func (a *App) fetchContainerInfo(ctx context.Context, cfgKey string) (info *data.BucketInfo, err error) {
|
|
cnrID, err := a.resolveContainerID(ctx, cfgKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return getContainerInfo(ctx, cnrID, a.pool)
|
|
}
|
|
|
|
func (a *App) resolveContainerID(ctx context.Context, cfgKey string) (cid.ID, error) {
|
|
containerString := a.cfg.GetString(cfgKey)
|
|
|
|
var id cid.ID
|
|
if err := id.DecodeString(containerString); err != nil {
|
|
i := strings.Index(containerString, ".")
|
|
if i < 0 {
|
|
return cid.ID{}, fmt.Errorf("invalid container address: %s", containerString)
|
|
}
|
|
|
|
if id, err = a.bucketResolver.Resolve(ctx, containerString[i+1:], containerString[:i]); err != nil {
|
|
return cid.ID{}, fmt.Errorf("resolve container address %s: %w", containerString, err)
|
|
}
|
|
}
|
|
|
|
return id, nil
|
|
}
|
|
|
|
func getContainerInfo(ctx context.Context, id cid.ID, frostFSPool *pool.Pool) (*data.BucketInfo, error) {
|
|
prm := pool.PrmContainerGet{
|
|
ContainerID: id,
|
|
}
|
|
|
|
res, err := frostFSPool.GetContainer(ctx, prm)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &data.BucketInfo{
|
|
CID: id,
|
|
HomomorphicHashDisabled: container.IsHomomorphicHashingDisabled(res),
|
|
}, nil
|
|
}
|