Current flow is hard to reason about, #1601 is a notorious example of
accidental complexity.
1. Remove multiple nested ifs, use depth=1.
2. Process each status exactly once, hopefully preventing bugs like
#1601.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Consider `REP 1 REP 1` placement (selects/filters are omitted).
The placement is `[1, 2], [1, 0]`. We are the 0-th node.
Node 1 is under maintenance, so we do not replicate object
on the node 2. In the second replication group node 1 is under maintenance,
but current caching logic considers it as "replica holder" and removes
local copy. Voilà, we have DL if the object is missing from the node 1.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
The node can have MAINTENANCE status in the network map, but can also be
ONLINE while responding with MAINTENANCE. These are 2 different code
paths, let's test them separately.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Similar to TrueCloudLab/frostfs-s3-gw#587
this PR introduces a CI pipeline that builds Docker images and pushes them
to our selfhosted registry.
Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
* X-Headers can be found in `origin` field of `MetaHeader` if the request
has been forwarded from non-container node.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Avoid dependency on `morph/client` package because of `InvokeRes`.
Make signature resemble `WaitAny()` method of `waiter.Waiter` from neo-go.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Previously, `ln` was only set once, so search has really worked for
small number of objects.
Fix panic:
```
panic: runtime error: slice bounds out of range [:43690] with capacity 21238
goroutine 6859775 [running]:
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object.(*searchStreamMsgSizeCtrl).Send(0xc001eec8d0, 0xc005734000)
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/transport_splitter.go:173 +0x1f0
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search/v2.(*streamWriter).WriteIDs(0xc000520320, {0xc00eb1a000, 0x4fd9c, 0x7fd6475a9a68?})
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search/v2/streamer.go:28 +0x155
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search.(*uniqueIDWriter).WriteIDs(0xc001386420, {0xc00eb1a000?, 0xc0013ea9c0?, 0x113eef3?})
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search/util.go:62 +0x202
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search.(*execCtx).writeIDList(0xc00011aa38?, {0xc00eb1a000?, 0xc001eec9f0?, 0xc0008f4380?})
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search/exec.go:68 +0x91
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search.(*execCtx).executeLocal(0xc0008f4380, {0x176c538, 0xc001eec9f0})
git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/search/local.go:18 +0x16b
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Separated iteration through container ids from `ContainersOf()`
so that it could be reused.
* When listing containers we used to iterate through the
the whole list of containers twice: first when reading from
a contract, then when sending them. Now we can send batches
of containers when reading from the contract.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
Update this test following recent changes to ensure
that `(*DB).ListWithCursor` skips expired objects.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
Previously, `object head` was used if no range was provided.
This is wrong on multiple levels:
1. We print an error if the checksum is missing in header,
even though taking hash is possible.
2. We silently ignore --salt parameter.
3. `--range` is required for Object.RANGEHASH RPC, custom logic for one
specific usecase has no value.
So we make it required and make CLI command follow more closely
the FrostFS API.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Added new method for listing containers to container service.
It opens stream and sends containers in batches.
* Added TransportSplitter wrapper around ExecutionService to
split container ID list read from contract in parts that are
smaller than grpc max message size. Batch size can be changed
in node configuration file (as in example config file).
* Changed `container list` implementaion in cli: now ListStream
is called by default. Old List is called only if ListStream
is not implemented.
* Changed `internalclient.ListContainersPrm`.`Account` to
`OwnerID` since `client.PrmContainerList`.`Account` was
renamed to `OwnerID` in sdk.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
* Replaced `sort.Slice` with `slices.SortFunc` in
`ListContainersRes.SortedIDList()` as it is a bit faster,
according to 15102e6dfd.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
Use `zap.Error` instead of `zap.String` for logging errors: change all expressions like
`zap.String("error", err.Error())` or `zap.String("err", err.Error())` to `zap.Error(err)`.
Leave similar expressions with other messages unchanged, for example,
`zap.String("last_error", lastErr.Error())` or `zap.String("reason", ctx.Err().Error())`.
This change was made by applying the following patch:
```diff
@@
var err expression
@@
-zap.String("error", err.Error())
+zap.Error(err)
@@
var err expression
@@
-zap.String("err", err.Error())
+zap.Error(err)
```
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
- Fix misplaced `(*DB).Close` (broken after 47dcfa20f3)
- Use `errors.Is` for error checking (broken after fcdbf5e509)
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
Also, make them public, because otherwise `unused` linter complains.
```
pkg/morph/event/utils.go:25:2 unused field `typ` is unused
```
This complain is wrong, though: we _use_ `typ` field because the whole
struct is used as a map key.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
They are decoupled, but it is an error to have a handler without a
corresponding parser. Register them together on the code level and get
rid of unreachable code.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
This codepath hides possible bugs in code.
All initialization function should run before init stage.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Those errors are fired when it is enough chunks retrieved and error group
cancels other requests.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Notaryless environments are not tested at all since a while.
We use neo-go only and it has notary contract enabled.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Pick up changes from TrueCloudLab/frostfs-sdk-go#198.
gopatch:
```
@@
var user expression
@@
-address.StringToUint160(user.EncodeToString())
+user.ScriptHash()
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Since we have errors defined on the shard-level, it looks strage that we
check an error againt the shard-level error `ErrLockObjectRemoval`, but
then return the metabase-level error. Let's return the same shard-level
error instead.
Since we have errors defined on the shard-level
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
Currently, it's allowed to inhume or lock an expired object.
Consider the following scenario:
1) An user inhumes or locks an object
2) The object expires
3) GC hasn't yet deleted the object
4) The node loses the associated tombstone or lock
5) Another node replicates tombstone or lock to the first node
In this case, the second node succeeds, which is the desired behavior.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
It is used once, it is used only internally and it is single-statement.
I see no justification in having it as a separate function.
It introduces confusion, because we also have NewLocalActor().
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
It is used in `helper` package only, besides unit-tests.
Move unit-tests to the same package, where they belong.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
The old code was there before Copy() method was introduced.
It was also supposed to check errors, however, they are already checked
server-side.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
It was unused and we employ better abstractions now.
gopatch:
```
@@
var a, b expression
@@
-a, b, _ := getRPCClient(...)
+a, b := getRPCClient(...)
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
`nns get-records` and `nns tokens` command do not need to sign anything,
so remove useless actor and use invoker directly.
`NewLocalActor()` is only used in `ape` and `nns` packages. `ape`
package seem to use it correctly, only when alphabet wallets are
provided, so no changes there.
Also, remove --alphabet-wallets flag from commands that do not need it.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
It was not possible previously, because GetAllRecords() was not declared
safe in frostfs-contract.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Placement vector may contain fewer nodes count than it required by policy
due to the outage of the one of the node.
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
* Use `cmd/internal/common/ape` parser commands within `ape`
subcommands
* Use flag names from `cmd/internal/common/ape
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Use `cmd/internal/common/ape` parser commands within `generate-ape-override`
subcommand
* Use flag names from `cmd/internal/common/ape`
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Refactor ape-manager subcommands
* Use `cmd/internal/common/ape` parser commands within ape-manager subcommands
* Use flag names from `cmd/internal/common/ape`
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Refactor local override managing subcommands
* Use `cmd/internal/common/ape` parser commands within local
override subcommands
* Use flag names from `cmd/internal/common/ape`
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Introduce common parsing commands to use them in `frostfs-cli`
and `frostfs-adm` APE-related subcommands
* Introduce common flags for these parsing commands
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Both `frostfs-cli` and `frostfs-adm` APE-related subcommands use
`PrintHumanReadableAPEChain` to print a parsed APE-chain. So, it's
more correct to have it in a common package over `frostfs-cli` and
`frostfs-adm` folders.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* `ConvertEACLToAPE` is useful method which couldn't be imported
out of frostfs-node so far as it has been in `internal`
* Since `ConvertEACLToAPE` and related structures and unit-tests
are placed in `pkg/util`
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
DropGraves() is only used to drop gravemarks after a tombstone
removal. Thus, it makes sense to do Inhume() and DropGraves() in one
transaction. It has less overhead and no unexpected problems in case
of sudden power failure.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
- Remove `testNewShard` and `setInitializedShards` because they
violated the default engine workflow. The correct workflow is:
first use `New()`, followed by `Open()`, and then `Init()`. As a
result, adding new logic to `(*StorageEngine).Init` caused several
tests to fail with a panic when attempting to access uninitialized
resources. Now, all engines created with the test utils must be
initialized manually. The new helper method `prepare` can be used
for that purpose.
- Additionally, `setInitializedShards` hardcoded the shard worker
pool size, which prevented it from being configured in tests and
benchmarks. This has been fixed as well.
- Ensure engine initialization is done wherever it was missing.
- Refactor `setShardsNumOpts`, `setShardsNumAdditionalOpts`, and
`setShardsNum`. Make them all depend on `setShardsNumOpts`.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
Move `BenchmarkExists` from `engine_test.go` to `exists_test.go`
for better organization and clarity.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
The slice returned from bucket.Get() is only valid during the tx
lifetime. Cloning it is not necessary everywhere, but better safe than
sorry.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Concurrent Apply can lead to child node applies before parent, so
undo/redo operations will perform. This leads to performance degradation
in case of tree with many sublevels.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
* Register GRPC services for both neo.fs.v2 and frost.fs namespaces
* Use this temporary solution until all nodes are updated
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Previous release was EACL-compatible.
Starting from now all EACL should've been migrated to APE chains.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Update version within go.mod;
* Fix deprecated frostfs-api-go/v2 package and use frostfs-sdk-go/api
instead.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Initially, this test was a check that only the container node can
assemble an EC object. But the implementation of this test was wrong.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Nodes from cache could be changed by traverser, if no objectID specified.
So it is required to return copy of cache's slice.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
As EC put request may be processed only by container node, so sign requests
with current node private to not to perform APE checks.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
`slices.SortFunc` doesn't use reflection and is a bit faster.
I have done some micro-benchmarks for `[]NodeInfo`:
```
$ benchstat -col "/func" out
goos: linux
goarch: amd64
pkg: git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/pilorama
cpu: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
│ sort.Slice │ slices.SortFunc │
│ sec/op │ sec/op vs base │
Sort-8 2.130µ ± 2% 1.253µ ± 2% -41.20% (p=0.000 n=10)
```
Haven't included them, though, as they I don't see them being used a
lot.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
XDG base directory specification defines where various files
should be looked by an application. Hopefully, this makes `frostfs-cli`
more predictable and pleasant to work with. Luckily for us, golang already
has everything we need in the stdlib. This commit also gets rid of
`github.com/mitchellh/go-homedir` dependency.
Close#532
Refs #1455
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
When getting a role in the APE checker for the container services,
an error may be returned if network maps of the previous two epochs
don't have enough nodes to fulfil a container placement policy.
It's a logical error, so we should ignore it.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
* `SignRequestPrivateKey` field should be initialized either within
`newUntrustedTarget` or within `newTrustedTarget`. Otherwise, all
requests are signed by local node key that makes impossible to perform
patch on non-container node.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
go-homedir library incorrectly handles some of the errors
that could occur. It is archived, so no PR, but let's fix it on our
side. The scenario in case: executing command in an empty environment.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
We have several ways to specify the `rpc-endpoint`: with a flag,
with a single config file or multiple files. Before, the `rpc-endpoint`
flag was marked as required. Because `cobra` checked the required flag
presence first, it prevented specifying `rpc-endpoint` with a config file.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
Before, when the target RPC server was unavailable, requests made
by CLI didn't wait for a timeout specified by the `--timeout` option
if the timeout was more than 20 seconds. It's because of the gRPC
default backoff strategy. Adding this option fixes that behavior.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
It could be called for every shard on metabase resync concurrently and
it is possible to get state with initialized client but not initialized
contract hashes.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Consider the following operations ordering:
1. Inhume(with tombstone A) --> add tombstone mark for an object
2. --> new epoch arives
3. --> GCMark is added for a tombstone A, because it is unavailable
4. Put(A) --> return error, because the object already has a GCMark
It is possible, and I have successfully reproduced it with a test on the
shard level. However, the error is related to the specific
_ordering_ of operations with engine. And triggering race-conditions like
this is only possible on a shard level currently, so no tests are
written.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
There might be situation when context canceled earlier than traverser move to another part of the nodes.
To avoid this, need to wait for the result from concurrent put at each traverser iteration.
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
All error counting and hangling logic is present on the engine level.
Currently, we pass engine metrics with shard ID metric to shard, then
export 3 methods to manipulate these metrics.
In this commits all methods are removed and error counter is tracked on
the engine level exlusively.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
- `reportShardErrorBackground()` no longer differs from
`reportShardError()`, reflect this in its name;
- reuse common pieces of code to make it simpler.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
We bind flag that could be specified in config.
This is not a config flag, just a command option.
Also fix TestInitialize failures:
```
Error: Received unexpected error:
number of epochs cannot be less than 1
Test: TestInitialize/16_nodes/force-new-epoch
```
Refs #1372 (945b7c740b)
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Although these fields could be deleted, I annotated them so that all the
metrics used would be defined in one place.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Target container ID is taken from tombstone: cmd/frostfs-node/object.go:507
Also object of type `TOMBSTONE` contains objectID, so tombstone and
tombstoned object must have the same containerID.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
* Remove `relay` field from put streamer as it's no longer used;
* Fix initialization of `Relay` object writer parameter.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
If local EC chunk found, but remote node is off, then `HEAD --raw` request
returns object not found.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
These error messages bubble up to human users - adding more context helps
to find the cause of the issue faster.
Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
* `Patch` can't be applied for non-regular type object (tombstones,
locks etc.)
* Complex object parts can't be patched. So, if an object has EC/Split
header, it won't be patched.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
`gofumpt` always returns an exit code of 0, even when it finds
misformatted files. To make `fumpt` action behave as expected
we need to check if `gofumpt` changed any files.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
Created grpc connection should be established, so perform Healthcheck request
to check connection is ok.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
For `frostfs-cli` it is ok to use grpc-client without blocking,
as `frostfs-cli` will perform RPC call anyway.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
For EC chunks need to return EC parent object ID as
EC chunks don't have own attributes but inherit parent's.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
FSTree file counter used by writecache. As writecache has now only one
storage, so it is required to use real object size to get writecache
size more accurate than `count * max_object_size`.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Add tests for `CreateViper` and `ReloadViper` to ensure that no extra
files, except *.yaml, *.yml, *.json, are loaded from config directory.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
* Tree and object service have the same log for checking APE. So,
this check should be moved to common package.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Do not fail on same latest version to run compact on upgraded metabase.
Use NoSync on compact.
Log every batch on bucket delete stage.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Since `frostfs-cli control shards rebuild` command was added,
there is no need for background rebuild now.
For failover tests used used value 1 to rebuild only schema change.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
If slice is altered in `for` loop, we cannot use range over its
length: it may cause panic if slice gets shorter.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
* Split the logic of write target initialization to different packages;
* Refactor patch and put services: since both service initialize the target
themselves.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Since Go 1.22 a "for" statement with a "range" clause is able
to iterate through integer values from zero to an upper limit.
gopatch script:
@@
var i, e expression
@@
-for i := 0; i <= e - 1; i++ {
+for i := range e {
...
}
@@
var i, e expression
@@
-for i := 0; i <= e; i++ {
+for i := range e + 1 {
...
}
@@
var i, e expression
@@
-for i := 0; i < e; i++ {
+for i := range e {
...
}
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
The `TestGCDropsObjectInhumedFromWritecache` test was flaky because a
running asynchronous rebuild operation prevented GC from deleting the
object. A test-only shard option `WithDisabledRebuild` has been added
to fix this.
Signed-off-by: Aleksey Savchuk <a.savchuk@yadro.com>
exportloopref is deprecated.
gopatch:
```
@@
var index, value identifier
var slice expression
@@
for index, value := range slice {
...
-value := value
...
}
@@
var index, value identifier
var slice expression
@@
for index, value := range slice {
...
-index := index
...
}
@@
var value identifier
var channel expression
@@
for value := range channel {
...
-value := value
...
}
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Fix error with go1.23:
```
Error: build linters: unable to load custom analyzer "truecloudlab-linters": ../linters/bin/external_linters.so, plugin.Open("/repo/frostfs/linters/bin/external_linters"): plugin was built with a different version of package cmp
Failed executing command with error: build linters: unable to load custom analyzer "truecloudlab-linters": ../linters/bin/external_linters.so, plugin.Open("/repo/frostfs/linters/bin/external_linters"): plugin was built with a different version of package cmp
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Benchmark results:
```
goos: linux
goarch: amd64
pkg: git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/pilorama
cpu: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
│ old │ new │
│ sec/op │ sec/op vs base │
ForestSortedIteration/bbolt,root-8 207.2µ ± 6% 173.6µ ± 6% -16.23% (p=0.000 n=10)
ForestSortedIteration/bbolt,leaf-8 3.910µ ± 5% 3.928µ ± 7% ~ (p=0.529 n=10)
geomean 28.46µ 26.11µ -8.27%
```
They are not representative, as the worst case is when we have multiple
items of different lengths. However, `FileName` is usually less than 100
in practice, so the asymptotics is the same.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Renamed parameters `min/max` to avoid conflicts with
predeclared identifiers.
Replaced background context with parent context without
cancellation in closer functions in frostfs-node.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
When node put chunk into EC container, `policer` may remove it as redundant.
This chunk marked as removed. When parent object removed and `gc` start iterating over chunk,
node count removing chunk twice.
Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>
* Also, resolve dependencies and conflicts for object service
by creating stub for `Patch` method.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
The synchronized service reload protocol added in systemd version 253
requires that the service provides a MONOTONIC_USEC field alongside the
RELOADING=1 notification message for synchronization purposes. The value
carried in this field must be the system CLOCK_MONOTONIC timestamp at
the time the notification message was generated as systemd compares it
to other CLOCK_MONOTONIC timestamps taken by pid1.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
This reverts commit 327d364f34.
Reverted due to the problem with reload signal sent by systemd.
`frostfs-ir` service reconfigures correctly and service's
statuses are being reported to systemd. However, since we
replaced `go:linkname` & `nanotime()` with `time.Since()`,
systemd refuses to accept reload signal response from
`frostfs-ir`. To maintain correct behaviour it was decided to
revevrt systemd-related changes until a better solution is
found.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
* Update go.mod;
* This neo-go package version contains fix for the wsclient that
allows to morph event listener refresh the invalidated websocket
connection to neo-go.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Removed `frostfs-cli util locode` subcommand.
Alternative command could be found in
`git.frostfs.info/TrueCloudLab/frostfs-locode-db`.
Signed-off-by: George Bartolomey <george@bh4.ru>
EC parent and split gc marks should be deleted after last EC chunk delete.
Also should delete split info for EC parent and split parent.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
* Methods `Head`, `Get`, `GetRangeHash` should no longer use APE pre-checks
as that leads only to incorrect rule chain processing for requests:
1. Immediate return with `NoRuleFound` may be unexpected as some `Allow`
rule is actually defined but can't be matched yet as it gets no object
attributes;
2. Immdediate return with `Allow` may be incorrect as some `Deny` rule
is actually defined but can't bet matched yet as it gets no object
attirbutes;
3. Pre-check breaks compatibility for converted EACL-tables.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
It is required to save split parent ID too, not only split ID.
Otherwise inhume operation works incorrect: shard with last part may be skipped
and parent object will be available.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
getSvc may change the values of some fields, so Head will affect Delete
or Put. In this case, the change is necessary so that the session token
is stored in the tombstone object (EC assemble calls `ForgetTokens`).
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Now EC objects assembling is performed concurrently.
Also fixed issue with an error in case of getting
EC object via non-container node.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Previously we used pointer, this could have worked,
because most of the time, the netmap is cached.
This didn't work, however, because `lastNm` field was always nil.
Rework the mechanism completely:
1. Use epoch to track netmap versions, as it it simpler and
is unrelated to the TTL of an underlying cache.
2. Fix a bug where the epoch could change while mutex was unlocked.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* We used several utility functions to parse frostfsid client
subject and extended subject. However, following the changes
in TrueCloudLab/frostfs-contract#97, these utility functions
have become public. So there is no more need to have them here.
* There was a mismatch of slice parameter required length between
frostfs-node's and frostfs-contract's utility functions,
`checkStackItem()` solves this problem.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
When AddByPath() is called concurrently on 2 different nodes,
internal path components may be created twice. This violates some
of our assumptions in GetByPath() and, indirectly, in S3 handling of
GetSubTree() results.
Add a test for the correct behaviour, fixes will follow.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Make session token expired at `current_epoch + 1` but
not at `current_epoch` when it's still valid.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Refactor object and tree service - they should instantiate
chain router cheking the bearer token. If there are no bearer
token rules, then defaul chain router is used.
* Fix unit-tests.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Unlike default chain router, `BearerChainFedRouter` performs checks for
overrides defined in the bearer token;
* Add unit-test for the introduced router.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* `getStreamBasicChecker` must define `containerOwner` for backward checks,
otherwise bearer token cannot be validated for the token issuer.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
We used several utility functions to parse frostfsid client
subject and extended subject. However, following the changes
in TrueCloudLab/frostfs-contract#97, these utility functions
have become public. So there is no more need to have them here.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
For REP updating split info is handled explicitly by a high-level PUT logic.
For EC it is trickier, because the address of an object we put is only
distantly related to a split info.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* If EC-parent is a part of Split itself, then save to root bucket
its parent;
* If EC-parent is not a part of Split itself, then save to root bucket
OID of this EC-parent.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Resolve conflicts for apemanager since api-go
contains ape and apemanager packages and SDK only
ape package.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Required to work with neo-go v0.106.0 node
with default hardfork configuration. Without
neo-go client version bump, it throws error.
failed to get network magic: unexpected hardfork: Cockatrice
Signed-off-by: Alex Vanin <a.vanin@yadro.com>
Add usage replacement for `container list -g` and verbose
warning when using `-g` without `--owner`.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
* Introduce grpc server for apemanager service and
its implementation in `pkg/services/apemanager`.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* `ProxyVerificationContractStorage` uses Proxy contract as a cosigner.
* `ProxyVerificationContractStorage` recreates a contract storage for each handler
invocation because of an issue: rpc-actor from morph client may be expired. This
way won't create a bottlenecks because it is expected that this contract storage
implementation will be used not so often.
* Make morph client return `RPCActor` (that is websocket client in fact).
* Make `SwitchRPCGuardedActor` return `RPCActor` as it will be used for
`ProxyVerificationContractStorage`.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* `GetECHeader` is not correct way to determine if an object's got
EC-header: `ECHeader` must be used for that.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
This is the longest test in our suite, try to help CI a bit.
Before:
```
$ go test -run=TestGenerateAlphabet -count=10 .
ok git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/generate 45.400s
```
After:
```
$ go test -run=TestGenerateAlphabet -count=10 .
ok git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/generate 33.267s
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Update go.mod with a new version of policy-engine pacakge.
* Adapt SwitchRPCGuardedActor to ContractStorage interface.
* Fix `frostfs-adm` util.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Do not use linking objects to get placement for complex object.
Linking objects should be stored on all container nodes, also they are not required.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
* `FormFrostfsIDRequestProperties` gets user claim tags and group id and sets them
as ape request properties.
* Make tree, container and object service use the method.
* Fix unit-tests.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
Bootstrap logic depends on the netmap status, which in turn depends on
the node info. Updating them in a single thread makes things more
predictable.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
It is used in "handler" only once, what we really do is set the
variable. And we have another "local" node info in `cfgNodeInfo`, this
one is not really local (node info), more like (local node) info, so use
setContractNodeInfo to distinguish it from the local view on the node
info.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
This is about authentication only and eACL is deprecated, so only
mention `allow_impersonate` flag.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
They are mostly useless unless we need to _debug_ a specific issue.
The amount of logs we produce is too big.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Make `verifyClient` method perform APE check if a container
was created with zero-filled basic ACL.
* Object verbs are used in APE, until tree verbs are introduced.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
DB value is only valid while the tx is alive.
But handler may to run something in other goroutine.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
If blobovnicza contains objects larger than object size parameter
value, then rebuild fails with an error, because there is no such
bucket in database. This commit forces to create bucket on rebuild.
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
metabase.Open() now reports metabase mode metric. shard.UpdateID()
needs to read shard ID from metabase => needs to open metabase.
It caused reporting 'shard undefined' metrics. To avoid reporting
wrong metrics metabase.GetShardID() was added which also opens
metabase and does not report metrics.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
It used to always show CLOSED regardless of actual mode.
Now metric represents actual metabase mode of operations.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
It used to always show CLOSED after setting shard mode
to read-only regardless of actual mode.
Now metric represents actual blobstor mode of operations.
Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>
No big deal, but it is called multiple times in sorting routine, this
easily results in 20 allocations per group traversal.
```
goos: linux
goarch: amd64
pkg: git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network
cpu: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
│ old │ new │
│ sec/op │ sec/op vs base │
AddressTLSEnabled-8 184.6n ± 1% 103.3n ± 6% -44.04% (p=0.000 n=10)
│ old │ new │
│ B/op │ B/op vs base │
AddressTLSEnabled-8 704.0 ± 0% 0.0 ± 0% -100.00% (p=0.000 n=10)
│ old │ new │
│ allocs/op │ allocs/op vs base │
AddressTLSEnabled-8 1.000 ± 0% 0.000 ± 0% -100.00% (p=0.000 n=10)
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Introduce ContainerOwner field in RequestContext.
* Set ContainerOwner in aclv2 middleware.
* Set PropertyKeyContainerOwnerID for object ape request.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Skip APE check if a role is Container.
* Skip APE check if a role is IR and methods are get-like.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
`fmt.Errorf can be replaced with errors.New` and `fmt.Sprintf can be replaced with string addition`
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Found by vulncheck:
Vulnerability #1: GO-2024-2611
Infinite loop in JSON unmarshaling in google.golang.org/protobuf
More info: https://pkg.go.dev/vuln/GO-2024-2611
Module: google.golang.org/protobuf
Found in: google.golang.org/protobuf@v1.32.0
Fixed in: google.golang.org/protobuf@v1.33.0
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
* Inroduce workaround to create actor for contract storage interface
without passing a real alphabet wallet. This is made by creating
a dummy account.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Remove removed flag in service.proto for RemoveChainLocalOverrideResponse.
* Regenerate control API.
* Return error only if RemoveOverride returns non-NotFound code.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* If APE check returns NoRuleFound, then it is taken for request deny.
* Add more unit-test for ape container middleware.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
* Soft APE check means that APE should allow request even
it gets status NoRuleFound for a request. Otherwise,
it is interpreted as Deny.
* Soft APE check is performed if basic ACL mask is not set.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
There may be a race condition between put an object and
flushing the writecache:
1. Put object to the writecache
2. Writecache flushes object to the blobstore and sets blobstore's
storageID
3. Put object to the metabase, set writecache's storageID
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
Nothing is broken now, but will easily become if we change nnsMaxTokens,
thus this change.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Initial prefetch size can be arbitrary an restricted only by VM/RPC
limits. For TraverseIterator() there is an explicit check on the
server-side, though.
Introduced in df055fead5.
Refs #931.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Proxy contract can now be used as an owner of NNS domains, thus we need
it not only to pay for the transaction but also to check domain
ownership. CalledByEntry is not enough, because we may register NNS
domains owned by proxy indirectly from the container contract.
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
Most of the time it exits, e.g. when it is per-container and use on each
object PUT. Bbolt implementation first tries to create bucket and then
returns it if it exists. Create operation uses cursor and thus is not
very lightweight, we can avoid it.
```
goos: linux
goarch: amd64
pkg: git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/metabase
cpu: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
│ old │ new │
│ sec/op │ sec/op vs base │
Put/parallel-8 174.4µ ± 3% 163.3µ ± 3% -6.39% (p=0.000 n=10)
Put/sequential-8 263.3µ ± 2% 259.0µ ± 1% -1.64% (p=0.000 n=10)
geomean 214.3µ 205.6µ -4.05%
│ old │ new │
│ B/op │ B/op vs base │
Put/parallel-8 275.3Ki ± 3% 281.1Ki ± 4% ~ (p=0.063 n=10)
Put/sequential-8 413.0Ki ± 2% 426.6Ki ± 2% +3.29% (p=0.003 n=10)
geomean 337.2Ki 346.3Ki +2.70%
│ old │ new │
│ allocs/op │ allocs/op vs base │
Put/parallel-8 678.0 ± 1% 524.5 ± 2% -22.64% (p=0.000 n=10)
Put/sequential-8 1.329k ± 0% 1.183k ± 0% -10.91% (p=0.000 n=10)
geomean 949.1 787.9 -16.98%
```
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
* Introduce path flag to make add-rule command read and parse
chain from file. File is binary/JSON-encoded chain.
Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
createCmd.Flags().StringP(eaclFlag,"e","","Path to the extended ACL table (mutually exclusive with --impersonate flag)")
createCmd.Flags().StringP(eaclFlag,"e","","Path to the extended ACL table (mutually exclusive with --impersonate and --ape flag)")
createCmd.Flags().StringP(apeFlag,"a","","Path to the JSON-encoded APE override (mutually exclusive with --impersonate and --eacl flag)")
createCmd.Flags().StringP(issuedAtFlag,"i","+0","Epoch to issue token at")
createCmd.Flags().StringP(notValidBeforeFlag,"n","+0","Not valid before epoch")
createCmd.Flags().StringP(commonflags.ExpireAt,"x","","The last active epoch for the token")
@ -49,13 +58,15 @@ func init() {
createCmd.Flags().Bool(jsonFlag,false,"Output token in JSON")
createCmd.Flags().Bool(impersonateFlag,false,"Mark token as impersonate to consider the token signer as the request owner (mutually exclusive with --eacl flag)")