Register reputation service server that:
* verifies signatures of the requests and signs the responses;
* attaches response meta header to the responses;
* logs body structures of the requests (only as initial implementation, in
future it will be replaces with local trust storage).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Alias type provide sort function so it is better to use it
everywhere where list of public keys is presented.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
There is a need to track the results of Object interactions with the remote
peers during node's lifetime. Each successful operation should increment the
number of satisfactory interactions with the remote peer, and the failed
ones, on the contrary, decrement. Collected numbers of satisfactory
interactions are going to be used for calculation of the normalized local
trust values according to original EigenTrust algorithm.
Implement wrapper over local trust storage that calls `Update` method on it
with the result of any object operation. The wrapper provides interface of
the remote client constructor. It is used as a `ClientConstructor` component
in Object service server of the app.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement and call `initReputationService` func that constructs local trust
storage and controller, and subscribes the controller on new epoch
notification. Event handler calls `Controller.Report` method to process
collected values.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement simple `WriterProvider` building a `Writer` that writes incoming
data to the log. In the future, this action will be replaced by sending the
value to the manager nodes.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement iterator provider on wrapper over the local trust storage.
Provided iterator passes normalized local trust values according to original
EigenTrust algorithm description. In the borderline case, normalized values
are set as 1/N, N - number of remote nodes in network map.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Replace usage of `cache.ClientCache` type with interface with similar
signature. This will further allow overloading clients without affecting the
logic of dependent packages.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
ttlNetCache should evict records after TTL duration. However if
data is often accessed and there are no LRU eviction (cache used
with small number of keys), then data will not be evicted ever.
This is a invalid behaviour for mutable data such as eACL.
Solution is to not update access time on every get, so the data
will be guarantee evicted after TTL duration.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
On the `Deposit` events add gas balance check.
Make transfer only if the balance is greater
than the `GasTransferThreshold` that is defined
with environmental variable.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
`WithMetrics` can't make nil check without reflection so we
have to explicitly check if metrics enabled outside of
engine constructor.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Because options are not used when client is already in cache
providing them to shared cache is misleading at best.
In the worst case `dial_timeout` is set randomly (because of race
condition) which can lead to one service having `dial_timeout` of
another. Thus we set default client creation options when cache is
created.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
Implement LRU cache of eACL tables read from sidechain. Use it as a netmap
storage in neofs-node app. Current cache size is set to 10 (constant).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement TTL cache of eACL tables read from sidechain. Use it as a eACL
storage in neofs-node app. Current cache size is set to 100, TTL is 30s
(constants).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement LRU cache for values read from the network. Implement LRU cache of
containers read from sidechain. Use it as a container storage in neofs-node
app. Current cache size is set to 100, TTL is 30s (constants).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Replace `eacl.Storage` interface implementation from eACL lib to neofs-node
app package. Remove `eacl.WithMorphClient` option in order to abstract eACL
validator from eACL storage implementation.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Exec `StorageEngine.Inhume` operation on redundant copy callback from Object
Policer with `MarkAsGarbage` parameter.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
NeoFS contract can be deployed in sidechain instead of main chain.
Add `without_mainnet` config flag that can switch IR node to work with
sidechain only. By default this flag is unset.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Previously we set default addresses of alphabetic contracts to empty strings
in inner ring application config. Recently number of using alphabetic
contracts became dynamic. In order to not enumerate default address for each
glagolitic letter, they are removed from config defaults.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `drop-objects` sub-command to `control` command that drops objects from
the node via `ControlService.DropObjects` API. Address list argument is
passed in NeoFS API string format of the object address.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Re-compile protobuf definition of Control service. Implement required
messages on DropObjects RPC request and response messages. Implement
`DropObjects` method on Control service server of the node. Use
`StorageEngine.Delete` method as a deleted object handler on server.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `--expires-on` flag to `put` sub-command of `object` command that
indicates object's expiration epoch. Set corresponding object attributes if
flag value is set.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `netinfo` sub-cmd of `netmap` cmd that read recent information about
NeoFS network. Info is read via NeoFS API NetmapService.NetworkInfo RPC.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement `NetworkInfo` calls on full stack of Netmap services. Current
epoch is read from node local state, magic number is read via `MagicNumber`
call of morph client.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
CLI `storagegroup put` cmd collects information about SG members via NeoFS
API ObjectService.Head RPC in order to compose SG structure. Bearer token
attached to the call was not used in communication, which could lead to data
access problems. These changes fix the described problem.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `TOMBSTONE_LIFETIME` configuration value of the node which is measured
in NeoFS epoch and is set to 5 by default.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Consider single word of search filter expression as path to file with
protobuf JSON filters. Decode filters from file and add them to the rest.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Make `--filters` flag to be repeated. Define new filter expression format:
* `<key> <binary_op> <value>` for binary filters. Supported binary ops: `EQ` (`STRING_EQUAL`), `NE` (`STRING_NOT_EQUAL`).
* `<key> <unary_op>` for unary filters. Supported unary ops: `NOPRESENT` (`NOT_PRESENT`).
Any other string expressions are considered invalid.
Additionally support shorthand flag `-f`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Split the attributes into those that must be explicitly set in the
configuration, and those that, if absent, will be assigned a default value.
Support this logic in `addWellKnownAttributes` function. If no explicit
attribute is set, the application will panic.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add `--bearer` flag to storagegroup command similar to object command.
Attach parsed bearer token to all API requests of storagegroup command.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Add locode section to util cmd. Add generate command to locode section for
generating the NeoFS location databases. Add info command to locode section
to work with the entries from NeoFS location database.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
At startup, update only node info status. Leave all other
attributes from node configuration, so user can update them.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Construct used space Controller on node's app-side. Call Controller.Start on
StartEstimation event from sidechain. Call Controller.Stop on
StopEstimation event from sidechain.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement processing of AnnounceUsedSpace RPC from NeoFS API v2 method on
the app-side according to the following algorithm (except common steps for
each RPC):
* check if the request sender is presented in container;
* check route of the request (compose from signatures);
* pass the value to Writer returned by WriterProvider.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Define component on app-side that implements RemoteWriterProvider with next
logic:
* if ServerInfo is nil, call internal dead end provider;
* if address in ServerInfo equals to local node's address, do nothing;
* otherwise create API client instance via client cache and return the
wrapper over it.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over StorageEngine on app-side that iterates over the
values returned by ListContainers+ContainerSize method pair. Component will
be used as the source of local metrics.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over netmap and container storages on app-side that builds
placement vectors by next steps:
* read container from storage;
* read network map from storage by epoch number;
* build container nodes according to placement policy;
* build placement vectors with epoch-dependent pivot.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over API client on app-side that passes used space values
to it. Values are buffered on Put call and sent on Close call.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement wrapper over Container contract's client on app-side that passes
used space values to it. Uses a fixed public key, whose value will be the
key of the local storage node.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
There are two notifications:
- start estimation notification produced at the beginning of the
epoch,
- stop estimation notifications should be produced before
basic audit settlement starts.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Classifier looks at list of inner ring nodes and container
nodes from current and previous epoch to classify request.
Sometimes these checks might return error.
Consider there is a request from unknown key and container's
placement policy valid for current epoch and invalid for past
epoch. Classifier tries to find if key belongs to container
node from current epoch -- it is not. Then it tries to find if
key belongs to container node from past epoch and it throws
error, because placement policy is invalid for past epoch.
This is a legit case and classifier should ignore such errors
to provide best effort in matching. The only error classifier
should return is an error when request does not contain
public key to classify it.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Implement NodeState interface required by Netmap service. Make a single
point of updating the state of the node (for both Netmap and Control
services). Protect node info structure from data race.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Call Netmap contract on SetNetmapStatus rpc of Control service (AddPeer
method if new status is ONLINE, UpdatePeerState method otherwise).
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Switch health status to:
* STARTING after the initialization of app resources and before bootup;
* READY after bootup and until shutting down;
* SHUTTING_DOWN before exiting the application.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Update node network status via update status by getting the latest network
map and finding the node in it. This step is performed at the start of the
application and upon notification of a new epoch.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement methods required for signatures. Receive network map from netmap
storage, convert it to Control service message and return in response.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Implement HealthChecker on node app structure. Set health status to ONLINE
after node boot. Set health status to OFFLINE on shutdown.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Application should support several NEO endpoints so it can
switch between different RPC nodes when they fail. Application
iterates over endpoints in random order so the default list of
endpoints distribute workload kinda uniformly.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
As in #72 storage application should behave the same way at remote
RPC node failures. The simplest way is to restart application. Later
we can reinitialize it without downtime.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Support processing of NetmapEpoch and NetmapLookupDepth X-headers when
processing object read operations. Placement for operations
Get/Head/GetRange/GetRangeHash/Search is built for the epoch specified in
NetmapEpoch X-header (by default latest). Also the specified operations are
processed until success is achieved for network maps from the past up to
NetmapLookupDepth value. Behavior for default values (zero or missing) left
unchanged.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Transfer the state of the node to offline when the application is shut down.
Updating the state is done by calling UpdateState method of Netmap contract.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
With the update of the local storage engine, the headers of virtual objects
are directly given. In this regard, the step with obtaining the the right
child header is removed.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
With this argument neofs-ir will be run as an CLI
application that initialize inner ring server, invokes
`vote` method on corresponding alphabet contract and
exits.
User can provide a comma-separated list of validator
public keys.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Replace GetEACL call with GetEACLWithSignature one in polling step of
set-eacl command of container CLI.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Use GetEACLWithSignature client method in get-eacl cmd of container CLI in
order to print eACL table and signature regardless of their correctness. The
ability to check the correctness of the signature will be added later.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
Keyer prints information about private key, public key,
NEO3 Wallet, scripthash. It can generate new private key
or generate multisig address.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Refactored pkg/netmap package provides JSON converters for
NodeInfo and PlacementPolicy structures, that has been used
by client applications.
It also updates Node structure itself so it is a part of
grpc <-> v2 <-> pkg conversion chain.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
With neo-project/neo-modules#358 nodes support RPC to
return used magic number. Therefore client doesn't need
that configuration value any more.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Define networkState structure and implement netmap.State interface on it.
Set epoch number on NewEpoch notification from chain. Provide
WithNetworkState option to Put service constructor.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
With `--owner` argument user can look for balances of other
nodes by knowing their owner ID which is NEO3 compatible
address.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
These buckets can be used to store blobs and metadata.
They will be removed as enhanced blob storage will be
implemented for neofs-node. To setup storage type
use `storage.object.type` and `storage.meta.type` params.
Available options:
- inmemory (default)
- boltdb
- filesystem
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
GRPC has default message limit of 4MiB. Since every transmitted
neofs message has to be signed, then original message should
be split into transfer fit structures before signature service.
This commit introduce transport payload splitter for object
service pipeline. This splitter works with stream response
for methods:
- object.Get
- object.Range
- object.Search
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Default values for capacity and price will be 0, so storage node
won't be present in placement. Add these attributes if they are
not explicitly set up by user config.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
Well-known attributes set up with explicit configuration
values, other attributes set up from chain of attributes.
Chain of attributes is a string, that contains keys-value pairs,
divided by semicolon. Pairs itself divided by slash.
E.g. "StorageType:HDD/RPM:7200"
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
To run storage node at dev-env environment it should have
configurable parameters. To keep `cfg` structures we can
read configuration from env and yml config file with viper
and parse values such as script hashes, fees, keys into
`cfg` structures.
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
In the following release `neofs-cli` will be used to directly manage NeoFS Node.
All required definitions and interfaces are also moving from `neofs-api` to
`neofs-node` repository, so it's more convinient to have `neofs-cli` here.
Signed-off-by: Stanislav Bogatyrev <stanislav@nspcc.ru>
Adds accounting Service implementation that verifiers request signatures and
signs responses from internal Service.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
