dkirillov/frostfs-http-gw
1
0
Fork 0
forked from TrueCloudLab/frostfs-http-gw
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: dkirillov:239397f86c0cbb24e0ac4ab6c9003f1f973f323a
Branches Tags
dkirillov:master
dkirillov:poc/hls
dkirillov:poc/vitrual-host
dkirillov:support/v0.25
TrueCloudLab:master
TrueCloudLab:support/v0.30
TrueCloudLab:support/v0.29
TrueCloudLab:support/v0.28
TrueCloudLab:poc/frostfsid
TrueCloudLab:support/v0.27
TrueCloudLab:v0.31.0
TrueCloudLab:v0.31.0-rc.6
TrueCloudLab:v0.31.0-rc.5
TrueCloudLab:v0.31.0-rc.4
TrueCloudLab:v0.31.0-rc.3
TrueCloudLab:v0.30.3
TrueCloudLab:v0.31.0-rc.2
TrueCloudLab:v0.31.0-rc.1
TrueCloudLab:v0.30.2
TrueCloudLab:v0.30.1
TrueCloudLab:v0.30.0
TrueCloudLab:v0.30.0-rc.4
TrueCloudLab:v0.30.0-rc.3
TrueCloudLab:v0.30.0-rc.2
TrueCloudLab:v0.29.0
TrueCloudLab:v0.30.0-rc.1
TrueCloudLab:v0.29.0-rc.2
TrueCloudLab:v0.29.0-rc.1
TrueCloudLab:v0.28.1
TrueCloudLab:v0.28.0
TrueCloudLab:v0.28.0-rc.1
TrueCloudLab:v0.27.0
TrueCloudLab:v0.27.0-rc.2
TrueCloudLab:v0.27.0-rc.1
..
compare: dkirillov:fc86ab3511a153b30b7ff45b15ff5865405786ca
Branches Tags
dkirillov:poc/hls
dkirillov:poc/vitrual-host
dkirillov:master
dkirillov:support/v0.25
TrueCloudLab:master
TrueCloudLab:support/v0.30
TrueCloudLab:support/v0.29
TrueCloudLab:support/v0.28
TrueCloudLab:poc/frostfsid
TrueCloudLab:support/v0.27
TrueCloudLab:v0.31.0
TrueCloudLab:v0.31.0-rc.6
TrueCloudLab:v0.31.0-rc.5
TrueCloudLab:v0.31.0-rc.4
TrueCloudLab:v0.31.0-rc.3
TrueCloudLab:v0.30.3
TrueCloudLab:v0.31.0-rc.2
TrueCloudLab:v0.31.0-rc.1
TrueCloudLab:v0.30.2
TrueCloudLab:v0.30.1
TrueCloudLab:v0.30.0
TrueCloudLab:v0.30.0-rc.4
TrueCloudLab:v0.30.0-rc.3
TrueCloudLab:v0.30.0-rc.2
TrueCloudLab:v0.29.0
TrueCloudLab:v0.30.0-rc.1
TrueCloudLab:v0.29.0-rc.2
TrueCloudLab:v0.29.0-rc.1
TrueCloudLab:v0.28.1
TrueCloudLab:v0.28.0
TrueCloudLab:v0.28.0-rc.1
TrueCloudLab:v0.27.0
TrueCloudLab:v0.27.0-rc.2
TrueCloudLab:v0.27.0-rc.1

No commits in common. "239397f86c0cbb24e0ac4ab6c9003f1f973f323a" and "fc86ab3511a153b30b7ff45b15ff5865405786ca" have entirely different histories.
239397f86c ... fc86ab3511

7 changed files with 94 additions and 174 deletions
Show stats Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -7,7 +7,6 @@ This document outlines major changes between releases.
### Added ### Added
- Support percent-encoding for GET queries (#134) - Support percent-encoding for GET queries (#134)
- Add `trace_id` to logs (#148) - Add `trace_id` to logs (#148)
- Add `cors` config params (#158)
### Changed ### Changed
- Update go version to 1.22 (#132) - Update go version to 1.22 (#132)

165
cmd/http-gw/app.go
View file

@ -6,6 +6,7 @@ import (
"crypto/x509" "crypto/x509"
"errors" "errors"
"fmt" "fmt"
"io"
"net/http" "net/http"
"os" "os"
"os/signal" "os/signal"
@ -88,30 +89,15 @@ type (
appSettings struct { appSettings struct {
reconnectInterval time.Duration reconnectInterval time.Duration
mu sync.RWMutex mu sync.RWMutex
defaultTimestamp bool defaultTimestamp bool
zipCompression bool zipCompression bool
clientCut bool clientCut bool
returnIndexPage bool returnIndexPage bool
indexPageTemplate string indexPageTemplate string
bufferMaxSizeForPut uint64 bufferMaxSizeForPut uint64
namespaceHeader string namespaceHeader string
defaultNamespaces []string defaultNamespaces []string
corsAllowOrigin string
corsAllowMethods []string
corsAllowHeaders []string
corsExposeHeaders []string
corsAllowCredentials bool
corsMaxAge int
}
CORS struct {
AllowOrigin string
AllowMethods []string
AllowHeaders []string
ExposeHeaders []string
AllowCredentials bool
MaxAge int
} }
) )
@ -173,59 +159,23 @@ func newApp(ctx context.Context, opt ...Option) App {
a.initResolver() a.initResolver()
a.initMetrics() a.initMetrics()
a.initTracing(ctx) a.initTracing(ctx)
a.loadIndexPageTemplate()
return a return a
} }
func (a *app) initAppSettings() {
a.settings = &appSettings{
reconnectInterval: fetchReconnectInterval(a.cfg),
}
a.settings.update(a.cfg, a.log)
}
func (s *appSettings) update(v *viper.Viper, l *zap.Logger) {
defaultTimestamp := v.GetBool(cfgUploaderHeaderEnableDefaultTimestamp)
zipCompression := v.GetBool(cfgZipCompression)
returnIndexPage := v.GetBool(cfgIndexPageEnabled)
clientCut := v.GetBool(cfgClientCut)
bufferMaxSizeForPut := v.GetUint64(cfgBufferMaxSizeForPut)
namespaceHeader := v.GetString(cfgResolveNamespaceHeader)
defaultNamespaces := v.GetStringSlice(cfgResolveDefaultNamespaces)
indexPage, indexEnabled := fetchIndexPageTemplate(v, l)
corsAllowOrigin := v.GetString(cfgCORSAllowOrigin)
corsAllowMethods := v.GetStringSlice(cfgCORSAllowMethods)
corsAllowHeaders := v.GetStringSlice(cfgCORSAllowHeaders)
corsExposeHeaders := v.GetStringSlice(cfgCORSExposeHeaders)
corsAllowCredentials := v.GetBool(cfgCORSAllowCredentials)
corsMaxAge := fetchCORSMaxAge(v)
s.mu.Lock()
defer s.mu.Unlock()
s.defaultTimestamp = defaultTimestamp
s.zipCompression = zipCompression
s.returnIndexPage = returnIndexPage
s.clientCut = clientCut
s.bufferMaxSizeForPut = bufferMaxSizeForPut
s.namespaceHeader = namespaceHeader
s.defaultNamespaces = defaultNamespaces
s.returnIndexPage = indexEnabled
s.indexPageTemplate = indexPage
s.corsAllowOrigin = corsAllowOrigin
s.corsAllowMethods = corsAllowMethods
s.corsAllowHeaders = corsAllowHeaders
s.corsExposeHeaders = corsExposeHeaders
s.corsAllowCredentials = corsAllowCredentials
s.corsMaxAge = corsMaxAge
}
func (s *appSettings) DefaultTimestamp() bool { func (s *appSettings) DefaultTimestamp() bool {
s.mu.RLock() s.mu.RLock()
defer s.mu.RUnlock() defer s.mu.RUnlock()
return s.defaultTimestamp return s.defaultTimestamp
} }
func (s *appSettings) setDefaultTimestamp(val bool) {
s.mu.Lock()
s.defaultTimestamp = val
s.mu.Unlock()
}
func (s *appSettings) ZipCompression() bool { func (s *appSettings) ZipCompression() bool {
s.mu.RLock() s.mu.RLock()
defer s.mu.RUnlock() defer s.mu.RUnlock()
@ -247,27 +197,42 @@ func (s *appSettings) IndexPageTemplate() string {
return s.indexPageTemplate return s.indexPageTemplate
} }
func (s *appSettings) CORS() CORS { func (s *appSettings) setZipCompression(val bool) {
s.mu.RLock() s.mu.Lock()
defer s.mu.RUnlock() s.zipCompression = val
s.mu.Unlock()
}
allowMethods := make([]string, len(s.corsAllowMethods)) func (s *appSettings) setReturnIndexPage(val bool) {
copy(allowMethods, s.corsAllowMethods) s.mu.Lock()
s.returnIndexPage = val
s.mu.Unlock()
}
allowHeaders := make([]string, len(s.corsAllowHeaders)) func (s *appSettings) setIndexTemplate(val string) {
copy(allowHeaders, s.corsAllowHeaders) s.mu.Lock()
s.indexPageTemplate = val
s.mu.Unlock()
}
exposeHeaders := make([]string, len(s.corsExposeHeaders)) func (a *app) loadIndexPageTemplate() {
copy(exposeHeaders, s.corsExposeHeaders) if !a.settings.IndexPageEnabled() {
return
return CORS{
AllowOrigin: s.corsAllowOrigin,
AllowMethods: allowMethods,
AllowHeaders: allowHeaders,
ExposeHeaders: exposeHeaders,
AllowCredentials: s.corsAllowCredentials,
MaxAge: s.corsMaxAge,
} }
reader, err := os.Open(a.cfg.GetString(cfgIndexPageTemplatePath))
if err != nil {
a.settings.setIndexTemplate("")
a.log.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
return
}
tmpl, err := io.ReadAll(reader)
if err != nil {
a.settings.setIndexTemplate("")
a.log.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
return
}
a.settings.setIndexTemplate(string(tmpl))
a.log.Info(logs.SetCustomIndexPageTemplate)
} }
func (s *appSettings) ClientCut() bool { func (s *appSettings) ClientCut() bool {
@ -276,12 +241,31 @@ func (s *appSettings) ClientCut() bool {
return s.clientCut return s.clientCut
} }
func (s *appSettings) setClientCut(val bool) {
s.mu.Lock()
s.clientCut = val
s.mu.Unlock()
}
func (s *appSettings) BufferMaxSizeForPut() uint64 { func (s *appSettings) BufferMaxSizeForPut() uint64 {
s.mu.RLock() s.mu.RLock()
defer s.mu.RUnlock() defer s.mu.RUnlock()
return s.bufferMaxSizeForPut return s.bufferMaxSizeForPut
} }
func (s *appSettings) setBufferMaxSizeForPut(val uint64) {
s.mu.Lock()
s.bufferMaxSizeForPut = val
s.mu.Unlock()
}
func (a *app) initAppSettings() {
a.settings = &appSettings{
reconnectInterval: fetchReconnectInterval(a.cfg),
}
a.updateSettings()
}
func (a *app) initResolver() { func (a *app) initResolver() {
var err error var err error
a.resolver, err = resolver.NewContainerResolver(a.getResolverConfig()) a.resolver, err = resolver.NewContainerResolver(a.getResolverConfig())
@ -555,15 +539,26 @@ func (a *app) configReload(ctx context.Context) {
a.stopServices() a.stopServices()
a.startServices() a.startServices()
a.settings.update(a.cfg, a.log) a.updateSettings()
a.metrics.SetEnabled(a.cfg.GetBool(cfgPrometheusEnabled)) a.metrics.SetEnabled(a.cfg.GetBool(cfgPrometheusEnabled))
a.initTracing(ctx) a.initTracing(ctx)
a.loadIndexPageTemplate()
a.setHealthStatus() a.setHealthStatus()
a.log.Info(logs.SIGHUPConfigReloadCompleted) a.log.Info(logs.SIGHUPConfigReloadCompleted)
} }
func (a *app) updateSettings() {
a.settings.setDefaultTimestamp(a.cfg.GetBool(cfgUploaderHeaderEnableDefaultTimestamp))
a.settings.setZipCompression(a.cfg.GetBool(cfgZipCompression))
a.settings.setReturnIndexPage(a.cfg.GetBool(cfgIndexPageEnabled))
a.settings.setClientCut(a.cfg.GetBool(cfgClientCut))
a.settings.setBufferMaxSizeForPut(a.cfg.GetUint64(cfgBufferMaxSizeForPut))
a.settings.setNamespaceHeader(a.cfg.GetString(cfgResolveNamespaceHeader))
a.settings.setDefaultNamespaces(a.cfg.GetStringSlice(cfgResolveDefaultNamespaces))
}
func (a *app) startServices() { func (a *app) startServices() {
pprofConfig := metrics.Config{Enabled: a.cfg.GetBool(cfgPprofEnabled), Address: a.cfg.GetString(cfgPprofAddress)} pprofConfig := metrics.Config{Enabled: a.cfg.GetBool(cfgPprofEnabled), Address: a.cfg.GetString(cfgPprofAddress)}
pprofService := metrics.NewPprofService(a.log, pprofConfig) pprofService := metrics.NewPprofService(a.log, pprofConfig)

4
cmd/http-gw/integration_test.go
View file

@ -102,7 +102,7 @@ func runServer(pathToWallet string) (App, context.CancelFunc) {
v.Set(cfgWalletPath, pathToWallet) v.Set(cfgWalletPath, pathToWallet)
v.Set(cfgWalletPassphrase, "") v.Set(cfgWalletPassphrase, "")
l, lvl := newStdoutLogger(v, zapcore.DebugLevel) l, lvl := newStdoutLogger(zapcore.DebugLevel)
application := newApp(cancelCtx, WithConfig(v), WithLogger(l, lvl)) application := newApp(cancelCtx, WithConfig(v), WithLogger(l, lvl))
go application.Serve() go application.Serve()
@ -525,7 +525,7 @@ func putObject(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID
id, err := clientPool.PutObject(ctx, prm) id, err := clientPool.PutObject(ctx, prm)
require.NoError(t, err) require.NoError(t, err)
return id.ObjectID return id
} }
func makeBearerToken(t *testing.T, key *keys.PrivateKey, ownerID user.ID, version string) string { func makeBearerToken(t *testing.T, key *keys.PrivateKey, ownerID user.ID, version string) string {

57
cmd/http-gw/settings.go
View file

@ -4,7 +4,6 @@ import (
"context" "context"
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"io"
"math" "math"
"os" "os"
"path" "path"
@ -56,8 +55,6 @@ const (
defaultReconnectInterval = time.Minute defaultReconnectInterval = time.Minute
defaultCORSMaxAge = 600 // seconds
cfgServer = "server" cfgServer = "server"
cfgTLSEnabled = "tls.enabled" cfgTLSEnabled = "tls.enabled"
cfgTLSCertFile = "tls.cert_file" cfgTLSCertFile = "tls.cert_file"
@ -143,14 +140,6 @@ const (
cfgResolveNamespaceHeader = "resolve_bucket.namespace_header" cfgResolveNamespaceHeader = "resolve_bucket.namespace_header"
cfgResolveDefaultNamespaces = "resolve_bucket.default_namespaces" cfgResolveDefaultNamespaces = "resolve_bucket.default_namespaces"
// CORS.
cfgCORSAllowOrigin = "cors.allow_origin"
cfgCORSAllowMethods = "cors.allow_methods"
cfgCORSAllowHeaders = "cors.allow_headers"
cfgCORSExposeHeaders = "cors.expose_headers"
cfgCORSAllowCredentials = "cors.allow_credentials"
cfgCORSMaxAge = "cors.max_age"
// Command line args. // Command line args.
cmdHelp = "help" cmdHelp = "help"
cmdVersion = "version" cmdVersion = "version"
@ -516,36 +505,6 @@ func fetchReconnectInterval(cfg *viper.Viper) time.Duration {
return reconnect return reconnect
} }
func fetchIndexPageTemplate(v *viper.Viper, l *zap.Logger) (string, bool) {
if !v.GetBool(cfgIndexPageEnabled) {
return "", false
}
reader, err := os.Open(v.GetString(cfgIndexPageTemplatePath))
if err != nil {
l.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
return "", true
}
tmpl, err := io.ReadAll(reader)
if err != nil {
l.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
return "", true
}
l.Info(logs.SetCustomIndexPageTemplate)
return string(tmpl), true
}
func fetchCORSMaxAge(v *viper.Viper) int {
maxAge := v.GetInt(cfgCORSMaxAge)
if maxAge <= 0 {
maxAge = defaultCORSMaxAge
}
return maxAge
}
func fetchServers(v *viper.Viper, log *zap.Logger) []ServerInfo { func fetchServers(v *viper.Viper, log *zap.Logger) []ServerInfo {
var servers []ServerInfo var servers []ServerInfo
seen := make(map[string]struct{}) seen := make(map[string]struct{})
@ -630,12 +589,18 @@ func getPools(ctx context.Context, logger *zap.Logger, cfg *viper.Viper) (*pool.
prmTree.SetMaxRequestAttempts(cfg.GetInt(cfgTreePoolMaxAttempts)) prmTree.SetMaxRequestAttempts(cfg.GetInt(cfgTreePoolMaxAttempts))
interceptors := []grpc.DialOption{ var apiGRPCDialOpts []grpc.DialOption
grpc.WithUnaryInterceptor(grpctracing.NewUnaryClientInteceptor()), var treeGRPCDialOpts []grpc.DialOption
grpc.WithStreamInterceptor(grpctracing.NewStreamClientInterceptor()), if cfg.GetBool(cfgTracingEnabled) {
interceptors := []grpc.DialOption{
grpc.WithUnaryInterceptor(grpctracing.NewUnaryClientInteceptor()),
grpc.WithStreamInterceptor(grpctracing.NewStreamClientInterceptor()),
}
treeGRPCDialOpts = append(treeGRPCDialOpts, interceptors...)
apiGRPCDialOpts = append(apiGRPCDialOpts, interceptors...)
} }
prm.SetGRPCDialOptions(interceptors...) prm.SetGRPCDialOptions(apiGRPCDialOpts...)
prmTree.SetGRPCDialOptions(interceptors...) prmTree.SetGRPCDialOptions(treeGRPCDialOpts...)
p, err := pool.NewPool(prm) p, err := pool.NewPool(prm)
if err != nil { if err != nil {

7
config/config.env
View file

@ -126,10 +126,3 @@ HTTP_GW_RESOLVE_BUCKET_DEFAULT_NAMESPACES="" "root"
# Max attempt to make successful tree request. # Max attempt to make successful tree request.
# default value is 0 that means the number of attempts equals to number of nodes in pool. # default value is 0 that means the number of attempts equals to number of nodes in pool.
HTTP_GW_FROSTFS_TREE_POOL_MAX_ATTEMPTS=0 HTTP_GW_FROSTFS_TREE_POOL_MAX_ATTEMPTS=0
HTTP_GW_CORS_ALLOW_ORIGIN="*"
HTTP_GW_CORS_ALLOW_METHODS="GET" "POST"
HTTP_GW_CORS_ALLOW_HEADERS="*"
HTTP_GW_CORS_EXPOSE_HEADERS="*"
HTTP_GW_CORS_ALLOW_CREDENTIALS=false
HTTP_GW_CORS_MAX_AGE=600

8
config/config.yaml
View file

@ -138,11 +138,3 @@ cache:
resolve_bucket: resolve_bucket:
namespace_header: X-Frostfs-Namespace namespace_header: X-Frostfs-Namespace
default_namespaces: [ "", "root" ] default_namespaces: [ "", "root" ]
cors:
allow_origin: ""
allow_methods: []
allow_headers: []
expose_headers: []
allow_credentials: false
max_age: 600

26
docs/gate-configuration.md
View file

@ -271,7 +271,7 @@ tracing:
| Parameter | Type | SIGHUP reload | Default value | Description | | Parameter | Type | SIGHUP reload | Default value | Description |
|--------------|----------|---------------|---------------|---------------------------------------------------------------------------------------------------------------------------------| |--------------|----------|---------------|---------------|---------------------------------------------------------------------------------------------------------------------------------|
| `enabled` | `bool` | yes | `false` | Flag to enable the tracing. | | `enabled` | `bool` | no | `false` | Flag to enable the tracing. |
| `exporter` | `string` | yes | | Trace collector type (`stdout` or `otlp_grpc` are supported). | | `exporter` | `string` | yes | | Trace collector type (`stdout` or `otlp_grpc` are supported). |
| `endpoint` | `string` | yes | | Address of collector endpoint for OTLP exporters. | | `endpoint` | `string` | yes | | Address of collector endpoint for OTLP exporters. |
| `trusted_ca` | `string` | yes | | Path to certificate of a certification authority in pem format, that issued the TLS certificate of the telemetry remote server. | | `trusted_ca` | `string` | yes | | Path to certificate of a certification authority in pem format, that issued the TLS certificate of the telemetry remote server. |
@ -363,27 +363,3 @@ index_page:
|-----------------|----------|---------------|---------------|---------------------------------------------------------------------------------| |-----------------|----------|---------------|---------------|---------------------------------------------------------------------------------|
| `enabled` | `bool` | yes | `false` | Flag to enable index_page return if no object with specified S3-name was found. | | `enabled` | `bool` | yes | `false` | Flag to enable index_page return if no object with specified S3-name was found. |
| `template_path` | `string` | yes | `""` | Path to .gotmpl file with html template for index_page. | | `template_path` | `string` | yes | `""` | Path to .gotmpl file with html template for index_page. |
# `cors` section
Parameters for CORS (used in OPTIONS requests and responses in all handlers).
If values are not set, headers will not be included to response.
```yaml
cors:
allow_origin: "*"
allow_methods: ["GET", "HEAD"]
allow_headers: ["Authorization"]
expose_headers: ["*"]
allow_credentials: false
max_age: 600
```
| Parameter | Type | SIGHUP reload | Default value | Description |
|---------------------|------------|---------------|---------------|--------------------------------------------------------|
| `allow_origin` | `string` | yes | | Values for `Access-Control-Allow-Origin` headers. |
| `allow_methods` | `[]string` | yes | | Values for `Access-Control-Allow-Methods` headers. |
| `allow_headers` | `[]string` | yes | | Values for `Access-Control-Allow-Headers` headers. |
| `expose_headers` | `[]string` | yes | | Values for `Access-Control-Expose-Headers` headers. |
| `allow_credentials` | `bool` | yes | `false` | Values for `Access-Control-Allow-Credentials` headers. |
| `max_age` | `int` | yes | `600` | Values for `Access-Control-Max-Age ` headers. |