diff --git a/Makefile b/Makefile index b0b295637..7617bc68b 100644 --- a/Makefile +++ b/Makefile @@ -66,7 +66,7 @@ protoc: @for f in `find . -type f -name '*.proto' -not -path './vendor/*'`; do \ echo "⇒ Processing $$f "; \ protoc \ - --proto_path=.:./vendor:./vendor/github.com/nspcc-dev/neofs-api-go:/usr/local/include:./pkg/services/private \ + --proto_path=.:./vendor:./vendor/github.com/nspcc-dev/neofs-api-go:/usr/local/include:./pkg/services/control \ --gofast_out=plugins=grpc,paths=source_relative:. $$f; \ done rm -rf vendor diff --git a/cmd/neofs-cli/modules/private.go b/cmd/neofs-cli/modules/control.go similarity index 72% rename from cmd/neofs-cli/modules/private.go rename to cmd/neofs-cli/modules/control.go index 34efd5573..be98e58f9 100644 --- a/cmd/neofs-cli/modules/private.go +++ b/cmd/neofs-cli/modules/control.go @@ -5,13 +5,13 @@ import ( "github.com/nspcc-dev/neofs-api-go/util/signature" "github.com/nspcc-dev/neofs-api-go/v2/client" - "github.com/nspcc-dev/neofs-node/pkg/services/private" - privateSvc "github.com/nspcc-dev/neofs-node/pkg/services/private/server" + "github.com/nspcc-dev/neofs-node/pkg/services/control" + controlSvc "github.com/nspcc-dev/neofs-node/pkg/services/control/server" "github.com/spf13/cobra" ) -var privateCmd = &cobra.Command{ - Use: "private", +var controlCmd = &cobra.Command{ + Use: "control", Short: "Operations with storage node", Long: `Operations with storage node`, } @@ -24,9 +24,9 @@ var healthCheckCmd = &cobra.Command{ } func init() { - rootCmd.AddCommand(privateCmd) + rootCmd.AddCommand(controlCmd) - privateCmd.AddCommand(healthCheckCmd) + controlCmd.AddCommand(healthCheckCmd) } func healthCheck(cmd *cobra.Command, _ []string) error { @@ -35,11 +35,11 @@ func healthCheck(cmd *cobra.Command, _ []string) error { return err } - req := new(private.HealthCheckRequest) + req := new(control.HealthCheckRequest) - req.SetBody(new(private.HealthCheckRequest_Body)) + req.SetBody(new(control.HealthCheckRequest_Body)) - if err := privateSvc.SignMessage(key, req); err != nil { + if err := controlSvc.SignMessage(key, req); err != nil { return err } @@ -60,7 +60,7 @@ func healthCheck(cmd *cobra.Command, _ []string) error { return err } - cli := private.NewPrivateServiceClient(con) + cli := control.NewControlServiceClient(con) resp, err := cli.HealthCheck(context.Background(), req) if err != nil { diff --git a/cmd/neofs-node/config.go b/cmd/neofs-node/config.go index 16f8e99e1..19f5f741a 100644 --- a/cmd/neofs-node/config.go +++ b/cmd/neofs-node/config.go @@ -28,7 +28,7 @@ import ( nmwrapper "github.com/nspcc-dev/neofs-node/pkg/morph/client/netmap/wrapper" "github.com/nspcc-dev/neofs-node/pkg/morph/event" "github.com/nspcc-dev/neofs-node/pkg/network" - "github.com/nspcc-dev/neofs-node/pkg/services/private" + "github.com/nspcc-dev/neofs-node/pkg/services/control" tokenStorage "github.com/nspcc-dev/neofs-node/pkg/services/session/storage" "github.com/nspcc-dev/neofs-node/pkg/services/util/response" "github.com/nspcc-dev/neofs-node/pkg/util/logger" @@ -182,7 +182,7 @@ type cfg struct { respSvc *response.Service - cfgPrivateService cfgPrivateService + cfgControlService cfgControlService healthStatus *atomic.Int32 } @@ -264,7 +264,7 @@ type cfgObjectRoutines struct { get, head, put, search, rng, rngHash *ants.Pool } -type cfgPrivateService struct { +type cfgControlService struct { server *grpc.Server } @@ -342,7 +342,7 @@ func initCfg(path string) *cfg { cfgObject: cfgObject{ pool: initObjectPool(viperCfg), }, - healthStatus: atomic.NewInt32(int32(private.HealthStatus_STATUS_UNDEFINED)), + healthStatus: atomic.NewInt32(int32(control.HealthStatus_STATUS_UNDEFINED)), } initLocalStorage(c) @@ -424,7 +424,7 @@ func defaultConfiguration(v *viper.Viper) { v.SetDefault(cfgObjectRangePoolSize, 10) v.SetDefault(cfgObjectRangeHashPoolSize, 10) - v.SetDefault(cfgPrivateSvcAllowedKeys, []string{}) + v.SetDefault(cfgCtrlSvcAllowedKeys, []string{}) } func (c *cfg) LocalAddress() *network.Address { diff --git a/cmd/neofs-node/control.go b/cmd/neofs-node/control.go new file mode 100644 index 000000000..128f848cf --- /dev/null +++ b/cmd/neofs-node/control.go @@ -0,0 +1,76 @@ +package main + +import ( + "context" + "encoding/hex" + "net" + + crypto "github.com/nspcc-dev/neofs-crypto" + "github.com/nspcc-dev/neofs-node/pkg/services/control" + controlSvc "github.com/nspcc-dev/neofs-node/pkg/services/control/server" + "github.com/pkg/errors" + "google.golang.org/grpc" +) + +const ( + cfgCtrlSvcSection = "control" + + cfgCtrlSvcAllowedKeys = cfgCtrlSvcSection + ".permitted_keys" + + cfgCtrlSvcGRPCSection = cfgCtrlSvcSection + ".grpc" + cfgCtrlGRPCEndpoint = cfgCtrlSvcGRPCSection + ".endpoint" +) + +func initControlService(c *cfg) { + strKeys := c.viper.GetStringSlice(cfgCtrlSvcAllowedKeys) + keys := make([][]byte, 0, len(strKeys)+1) // +1 for node key + + keys = append(keys, crypto.MarshalPublicKey(&c.key.PublicKey)) + + for i := range strKeys { + key, err := hex.DecodeString(strKeys[i]) + fatalOnErr(err) + + if crypto.UnmarshalPublicKey(key) == nil { + fatalOnErr(errors.Errorf("invalid permitted key for Control service %s", strKeys[i])) + } + + keys = append(keys, key) + } + + ctlSvc := controlSvc.New( + controlSvc.WithKey(c.key), + controlSvc.WithAllowedKeys(keys), + controlSvc.WithHealthChecker(c), + ) + + var ( + err error + lis net.Listener + endpoint = c.viper.GetString(cfgCtrlGRPCEndpoint) + ) + + if endpoint == "" || endpoint == c.viper.GetString(cfgListenAddress) { + lis = c.cfgGRPC.listener + c.cfgControlService.server = c.cfgGRPC.server + } else { + lis, err = net.Listen("tcp", endpoint) + fatalOnErr(err) + + c.cfgControlService.server = grpc.NewServer() + } + + control.RegisterControlServiceServer(c.cfgControlService.server, ctlSvc) + + c.workers = append(c.workers, newWorkerFromFunc(func(ctx context.Context) { + fatalOnErr(c.cfgControlService.server.Serve(lis)) + })) +} + +func (c *cfg) setHealthStatus(st control.HealthStatus) { + c.healthStatus.Store(int32(st)) +} + +func (c *cfg) HealthStatus() control.HealthStatus { + return control.HealthStatus(c.healthStatus.Load()) +} diff --git a/cmd/neofs-node/main.go b/cmd/neofs-node/main.go index b75048bbe..e7aa5be8d 100644 --- a/cmd/neofs-node/main.go +++ b/cmd/neofs-node/main.go @@ -5,7 +5,7 @@ import ( "flag" "log" - "github.com/nspcc-dev/neofs-node/pkg/services/private" + "github.com/nspcc-dev/neofs-node/pkg/services/control" "github.com/nspcc-dev/neofs-node/pkg/util/grace" "go.uber.org/zap" ) @@ -42,7 +42,7 @@ func initApp(c *cfg) { initSessionService(c) initObjectService(c) initProfiler(c) - initPrivateService(c) + initControlService(c) fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Open()) fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init()) @@ -56,7 +56,7 @@ func bootUp(c *cfg) { bootstrapNode(c) startWorkers(c) - c.setHealthStatus(private.HealthStatus_ONLINE) + c.setHealthStatus(control.HealthStatus_ONLINE) } func wait(c *cfg) { @@ -75,7 +75,7 @@ func wait(c *cfg) { func shutdown(c *cfg) { c.cfgGRPC.server.GracefulStop() - c.cfgPrivateService.server.GracefulStop() + c.cfgControlService.server.GracefulStop() c.log.Info("gRPC server stopped") diff --git a/cmd/neofs-node/netmap.go b/cmd/neofs-node/netmap.go index 592d68918..ce03f9383 100644 --- a/cmd/neofs-node/netmap.go +++ b/cmd/neofs-node/netmap.go @@ -7,8 +7,8 @@ import ( "github.com/nspcc-dev/neofs-node/pkg/morph/event" netmapEvent "github.com/nspcc-dev/neofs-node/pkg/morph/event/netmap" netmapTransportGRPC "github.com/nspcc-dev/neofs-node/pkg/network/transport/netmap/grpc" + "github.com/nspcc-dev/neofs-node/pkg/services/control" netmapService "github.com/nspcc-dev/neofs-node/pkg/services/netmap" - "github.com/nspcc-dev/neofs-node/pkg/services/private" "github.com/pkg/errors" "go.uber.org/atomic" "go.uber.org/zap" @@ -117,7 +117,7 @@ func addNewEpochNotificationHandler(c *cfg, h event.Handler) { } func goOffline(c *cfg) { - c.setHealthStatus(private.HealthStatus_OFFLINE) + c.setHealthStatus(control.HealthStatus_OFFLINE) err := c.cfgNetmap.wrapper.UpdatePeerState( crypto.MarshalPublicKey(&c.key.PublicKey), diff --git a/cmd/neofs-node/private.go b/cmd/neofs-node/private.go deleted file mode 100644 index 4b647f2ce..000000000 --- a/cmd/neofs-node/private.go +++ /dev/null @@ -1,76 +0,0 @@ -package main - -import ( - "context" - "encoding/hex" - "net" - - crypto "github.com/nspcc-dev/neofs-crypto" - "github.com/nspcc-dev/neofs-node/pkg/services/private" - privateSvc "github.com/nspcc-dev/neofs-node/pkg/services/private/server" - "github.com/pkg/errors" - "google.golang.org/grpc" -) - -const ( - cfgPrivateSvcSection = "private" - - cfgPrivateSvcAllowedKeys = cfgPrivateSvcSection + ".permitted_keys" - - cfgPrivateSvcGRPCSection = cfgPrivateSvcSection + ".grpc" - cfgPrivateGRPCEndpoint = cfgPrivateSvcGRPCSection + ".endpoint" -) - -func initPrivateService(c *cfg) { - strKeys := c.viper.GetStringSlice(cfgPrivateSvcAllowedKeys) - keys := make([][]byte, 0, len(strKeys)+1) // +1 for node key - - keys = append(keys, crypto.MarshalPublicKey(&c.key.PublicKey)) - - for i := range strKeys { - key, err := hex.DecodeString(strKeys[i]) - fatalOnErr(err) - - if crypto.UnmarshalPublicKey(key) == nil { - fatalOnErr(errors.Errorf("invalid permitted key for private service %s", strKeys[i])) - } - - keys = append(keys, key) - } - - privSvc := privateSvc.New( - privateSvc.WithKey(c.key), - privateSvc.WithAllowedKeys(keys), - privateSvc.WithHealthChecker(c), - ) - - var ( - err error - lis net.Listener - endpoint = c.viper.GetString(cfgPrivateGRPCEndpoint) - ) - - if endpoint == "" || endpoint == c.viper.GetString(cfgListenAddress) { - lis = c.cfgGRPC.listener - c.cfgPrivateService.server = c.cfgGRPC.server - } else { - lis, err = net.Listen("tcp", endpoint) - fatalOnErr(err) - - c.cfgPrivateService.server = grpc.NewServer() - } - - private.RegisterPrivateServiceServer(c.cfgPrivateService.server, privSvc) - - c.workers = append(c.workers, newWorkerFromFunc(func(ctx context.Context) { - fatalOnErr(c.cfgPrivateService.server.Serve(lis)) - })) -} - -func (c *cfg) setHealthStatus(st private.HealthStatus) { - c.healthStatus.Store(int32(st)) -} - -func (c *cfg) HealthStatus() private.HealthStatus { - return private.HealthStatus(c.healthStatus.Load()) -} diff --git a/pkg/services/private/server/healthcheck.go b/pkg/services/control/server/healthcheck.go similarity index 68% rename from pkg/services/private/server/healthcheck.go rename to pkg/services/control/server/healthcheck.go index 9d0c266e4..fbafbd0a7 100644 --- a/pkg/services/private/server/healthcheck.go +++ b/pkg/services/control/server/healthcheck.go @@ -1,9 +1,9 @@ -package private +package control import ( "context" - "github.com/nspcc-dev/neofs-node/pkg/services/private" + "github.com/nspcc-dev/neofs-node/pkg/services/control" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -11,16 +11,16 @@ import ( // HealthCheck returns health status of the local node. // // If request is unsigned or signed by disallowed key, permission error returns. -func (s *Server) HealthCheck(_ context.Context, req *private.HealthCheckRequest) (*private.HealthCheckResponse, error) { +func (s *Server) HealthCheck(_ context.Context, req *control.HealthCheckRequest) (*control.HealthCheckResponse, error) { // verify request if err := s.isValidRequest(req); err != nil { return nil, status.Error(codes.PermissionDenied, err.Error()) } // create and fill response - resp := new(private.HealthCheckResponse) + resp := new(control.HealthCheckResponse) - body := new(private.HealthCheckResponse_Body) + body := new(control.HealthCheckResponse_Body) resp.SetBody(body) body.SetStatus(s.healthChecker.HealthStatus()) diff --git a/pkg/services/private/server/server.go b/pkg/services/control/server/server.go similarity index 83% rename from pkg/services/private/server/server.go rename to pkg/services/control/server/server.go index e6263d0d2..97528ebea 100644 --- a/pkg/services/private/server/server.go +++ b/pkg/services/control/server/server.go @@ -1,13 +1,13 @@ -package private +package control import ( "crypto/ecdsa" - "github.com/nspcc-dev/neofs-node/pkg/services/private" + "github.com/nspcc-dev/neofs-node/pkg/services/control" ) // Server is an entity that serves -// Private service on storage node. +// Control service on storage node. type Server struct { *cfg } @@ -18,8 +18,8 @@ type HealthChecker interface { // Must calculate and return current node health status. // // If status can not be calculated for any reason, - // private.HealthStatus_STATUS_UNDEFINED should be returned. - HealthStatus() private.HealthStatus + // control.HealthStatus_STATUS_UNDEFINED should be returned. + HealthStatus() control.HealthStatus } // Option of the Server's constructor. @@ -59,7 +59,7 @@ func WithKey(key *ecdsa.PrivateKey) Option { } // WithAllowedKeys returns option to add list of public -// keys that have rights to use private service. +// keys that have rights to use Control service. func WithAllowedKeys(keys [][]byte) Option { return func(c *cfg) { c.allowedKeys = append(c.allowedKeys, keys...) diff --git a/pkg/services/private/server/sign.go b/pkg/services/control/server/sign.go similarity index 75% rename from pkg/services/private/server/sign.go rename to pkg/services/control/server/sign.go index 56c0ebdd3..e8c715486 100644 --- a/pkg/services/private/server/sign.go +++ b/pkg/services/control/server/sign.go @@ -1,4 +1,4 @@ -package private +package control import ( "bytes" @@ -6,14 +6,14 @@ import ( "errors" "github.com/nspcc-dev/neofs-api-go/util/signature" - "github.com/nspcc-dev/neofs-node/pkg/services/private" + "github.com/nspcc-dev/neofs-node/pkg/services/control" ) -// SignedMessage is an interface of Private service message. +// SignedMessage is an interface of Control service message. type SignedMessage interface { signature.DataSource - GetSignature() *private.Signature - SetSignature(*private.Signature) + GetSignature() *control.Signature + SetSignature(*control.Signature) } var errDisallowedKey = errors.New("key is not in the allowed list") @@ -42,10 +42,10 @@ func (s *Server) isValidRequest(req SignedMessage) error { }) } -// SignMessage signs Private service message with private key. +// SignMessage signs Control service message with private key. func SignMessage(key *ecdsa.PrivateKey, msg SignedMessage) error { return signature.SignDataWithHandler(key, msg, func(key []byte, sig []byte) { - s := new(private.Signature) + s := new(control.Signature) s.SetKey(key) s.SetSign(sig) diff --git a/pkg/services/private/service.go b/pkg/services/control/service.go similarity index 98% rename from pkg/services/private/service.go rename to pkg/services/control/service.go index 0c7555140..874acfe48 100644 --- a/pkg/services/private/service.go +++ b/pkg/services/control/service.go @@ -1,4 +1,4 @@ -package private +package control // SetBody sets health check request body. func (m *HealthCheckRequest) SetBody(v *HealthCheckRequest_Body) { diff --git a/pkg/services/private/service.pb.go b/pkg/services/control/service.pb.go similarity index 92% rename from pkg/services/private/service.pb.go rename to pkg/services/control/service.pb.go index 3c12c3fb7..f5810bea9 100644 Binary files a/pkg/services/private/service.pb.go and b/pkg/services/control/service.pb.go differ diff --git a/pkg/services/private/service.proto b/pkg/services/control/service.proto similarity index 87% rename from pkg/services/private/service.proto rename to pkg/services/control/service.proto index 23a569fac..74e4aa381 100644 --- a/pkg/services/private/service.proto +++ b/pkg/services/control/service.proto @@ -1,13 +1,13 @@ syntax = "proto3"; -package private; +package control; import "types.proto"; -option go_package = "github.com/nspcc-dev/neofs-node/pkg/services/private"; +option go_package = "github.com/nspcc-dev/neofs-node/pkg/services/control"; -// `PrivateService` provides an interface for internal work with the storage node. -service PrivateService { +// `ControlService` provides an interface for internal work with the storage node. +service ControlService { // Performs health check of the storage node. rpc HealthCheck (HealthCheckRequest) returns (HealthCheckResponse); } diff --git a/pkg/services/private/types.go b/pkg/services/control/types.go similarity index 93% rename from pkg/services/private/types.go rename to pkg/services/control/types.go index cc559852b..67f9fda38 100644 --- a/pkg/services/private/types.go +++ b/pkg/services/control/types.go @@ -1,4 +1,4 @@ -package private +package control // SetKey sets public key used for signing. func (m *Signature) SetKey(v []byte) { diff --git a/pkg/services/private/types.pb.go b/pkg/services/control/types.pb.go similarity index 94% rename from pkg/services/private/types.pb.go rename to pkg/services/control/types.pb.go index 373446f17..a8d7e0be8 100644 Binary files a/pkg/services/private/types.pb.go and b/pkg/services/control/types.pb.go differ diff --git a/pkg/services/private/types.proto b/pkg/services/control/types.proto similarity index 94% rename from pkg/services/private/types.proto rename to pkg/services/control/types.proto index f473bb7ce..4b06a3485 100644 --- a/pkg/services/private/types.proto +++ b/pkg/services/control/types.proto @@ -1,8 +1,8 @@ syntax = "proto3"; -package private; +package control; -option go_package = "github.com/nspcc-dev/neofs-node/pkg/services/private"; +option go_package = "github.com/nspcc-dev/neofs-node/pkg/services/control"; // Signature of some message. message Signature {