frostfs-node/pkg/network/transport/state/grpc/service.go

323 lines
8.8 KiB
Go
Raw Normal View History

package state
import (
"context"
"crypto/ecdsa"
"encoding/hex"
"strconv"
"github.com/nspcc-dev/neofs-api-go/bootstrap"
"github.com/nspcc-dev/neofs-api-go/refs"
"github.com/nspcc-dev/neofs-api-go/service"
"github.com/nspcc-dev/neofs-api-go/state"
crypto "github.com/nspcc-dev/neofs-crypto"
2020-07-24 13:54:03 +00:00
contract "github.com/nspcc-dev/neofs-node/pkg/morph/client/netmap/wrapper"
"github.com/nspcc-dev/neofs-node/pkg/network/transport/grpc"
libgrpc "github.com/nspcc-dev/neofs-node/pkg/network/transport/grpc"
"github.com/pkg/errors"
"github.com/prometheus/client_golang/prometheus"
"github.com/spf13/viper"
"go.uber.org/zap"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
)
type (
// Service is an interface of the server of State service.
Service interface {
state.StatusServer
grpc.Service
Healthy() error
}
// HealthChecker is an interface of node healthiness checking tool.
HealthChecker interface {
Name() string
Healthy() bool
}
// Stater is an interface of the node's network state storage with read access.
Stater interface {
NetworkState() *bootstrap.SpreadMap
}
2020-07-24 13:54:03 +00:00
NetMapClient = contract.Wrapper
// Params groups the parameters of State service server's constructor.
Params struct {
Stater Stater
Logger *zap.Logger
Viper *viper.Viper
Checkers []HealthChecker
PrivateKey *ecdsa.PrivateKey
2020-07-24 13:54:03 +00:00
Client *NetMapClient
}
stateService struct {
state Stater
config *viper.Viper
checkers []HealthChecker
private *ecdsa.PrivateKey
owners map[refs.OwnerID]struct{}
2020-07-24 13:54:03 +00:00
netMapClient *NetMapClient
}
// HealthRequest is a type alias of
// HealthRequest from state package of neofs-api-go.
HealthRequest = state.HealthRequest
)
2020-07-24 13:54:03 +00:00
var (
errEmptyViper = errors.New("empty config")
errEmptyLogger = errors.New("empty logger")
errEmptyStater = errors.New("empty stater")
errUnknownChangeState = errors.New("received unknown state")
)
const msgMissingRequestInitiator = "missing request initiator"
2020-07-24 13:54:03 +00:00
var requestVerifyFunc = libgrpc.VerifyRequestWithSignatures
// New is an State service server's constructor.
func New(p Params) (Service, error) {
switch {
case p.Logger == nil:
return nil, errEmptyLogger
case p.Viper == nil:
return nil, errEmptyViper
case p.Stater == nil:
return nil, errEmptyStater
case p.PrivateKey == nil:
return nil, crypto.ErrEmptyPrivateKey
}
svc := &stateService{
config: p.Viper,
state: p.Stater,
private: p.PrivateKey,
owners: fetchOwners(p.Logger, p.Viper),
checkers: make([]HealthChecker, 0, len(p.Checkers)),
2020-07-24 13:54:03 +00:00
netMapClient: p.Client,
}
for i, checker := range p.Checkers {
if checker == nil {
p.Logger.Debug("ignore empty checker",
zap.Int("index", i))
continue
}
p.Logger.Info("register health-checker",
zap.String("name", checker.Name()))
svc.checkers = append(svc.checkers, checker)
}
return svc, nil
}
func fetchOwners(l *zap.Logger, v *viper.Viper) map[refs.OwnerID]struct{} {
// if config.yml used:
items := v.GetStringSlice("node.rpc.owners")
for i := 0; ; i++ {
item := v.GetString("node.rpc.owners." + strconv.Itoa(i))
if item == "" {
l.Info("stat: skip empty owner", zap.Int("idx", i))
break
}
items = append(items, item)
}
result := make(map[refs.OwnerID]struct{}, len(items))
for i := range items {
var owner refs.OwnerID
if data, err := hex.DecodeString(items[i]); err != nil {
l.Warn("stat: skip wrong hex data",
zap.Int("idx", i),
zap.String("key", items[i]),
zap.Error(err))
continue
} else if key := crypto.UnmarshalPublicKey(data); key == nil {
l.Warn("stat: skip wrong key",
zap.Int("idx", i),
zap.String("key", items[i]))
continue
} else if owner, err = refs.NewOwnerID(key); err != nil {
l.Warn("stat: skip wrong key",
zap.Int("idx", i),
zap.String("key", items[i]),
zap.Error(err))
continue
}
result[owner] = struct{}{}
l.Info("rpc owner added", zap.Stringer("owner", owner))
}
return result
}
func nonForwarding(ttl uint32) error {
if ttl != service.NonForwardingTTL {
return status.Error(codes.InvalidArgument, service.ErrInvalidTTL.Error())
}
return nil
}
func requestInitiator(req service.SignKeyPairSource) *ecdsa.PublicKey {
if signKeys := req.GetSignKeyPairs(); len(signKeys) > 0 {
return signKeys[0].GetPublicKey()
}
return nil
}
// ChangeState allows to change current node state of node.
// To permit access, used server config options.
// The request should be signed.
func (s *stateService) ChangeState(ctx context.Context, in *state.ChangeStateRequest) (*state.ChangeStateResponse, error) {
// verify request structure
if err := requestVerifyFunc(in); err != nil {
return nil, status.Error(codes.InvalidArgument, err.Error())
}
// verify change state permission
if key := requestInitiator(in); key == nil {
return nil, status.Error(codes.InvalidArgument, msgMissingRequestInitiator)
} else if owner, err := refs.NewOwnerID(key); err != nil {
return nil, status.Error(codes.InvalidArgument, err.Error())
} else if _, ok := s.owners[owner]; !ok {
return nil, status.Error(codes.PermissionDenied, service.ErrWrongOwner.Error())
}
// convert State field to NodeState
if in.GetState() != state.ChangeStateRequest_Offline {
return nil, status.Error(codes.InvalidArgument, errUnknownChangeState.Error())
}
// set update state parameters
2020-07-24 13:54:03 +00:00
if err := s.netMapClient.UpdatePeerState(
crypto.MarshalPublicKey(&s.private.PublicKey),
2020-07-24 13:54:03 +00:00
contract.StateOffline,
); err != nil {
return nil, status.Error(codes.Aborted, err.Error())
}
return new(state.ChangeStateResponse), nil
}
// DumpConfig request allows dumping settings for the current node.
// To permit access, used server config options.
// The request should be signed.
func (s *stateService) DumpConfig(_ context.Context, req *state.DumpRequest) (*state.DumpResponse, error) {
if err := service.ProcessRequestTTL(req, nonForwarding); err != nil {
return nil, err
} else if err = requestVerifyFunc(req); err != nil {
return nil, status.Error(codes.InvalidArgument, err.Error())
} else if key := requestInitiator(req); key == nil {
return nil, status.Error(codes.InvalidArgument, msgMissingRequestInitiator)
} else if owner, err := refs.NewOwnerID(key); err != nil {
return nil, status.Error(codes.InvalidArgument, err.Error())
} else if _, ok := s.owners[owner]; !ok {
return nil, status.Error(codes.PermissionDenied, service.ErrWrongOwner.Error())
}
return state.EncodeConfig(s.config)
}
// Netmap returns SpreadMap from Stater (IRState / Place-component).
func (s *stateService) Netmap(_ context.Context, req *state.NetmapRequest) (*bootstrap.SpreadMap, error) {
if err := service.ProcessRequestTTL(req); err != nil {
return nil, err
} else if err = requestVerifyFunc(req); err != nil {
return nil, err
}
if s.state != nil {
return s.state.NetworkState(), nil
}
return nil, status.New(codes.Unavailable, "service unavailable").Err()
}
func (s *stateService) healthy() error {
for _, svc := range s.checkers {
if !svc.Healthy() {
return errors.Errorf("service(%s) unhealthy", svc.Name())
}
}
return nil
}
// Healthy returns error as status of service, if nil service healthy.
func (s *stateService) Healthy() error { return s.healthy() }
// Check that all checkers is healthy.
func (s *stateService) HealthCheck(_ context.Context, req *HealthRequest) (*state.HealthResponse, error) {
if err := service.ProcessRequestTTL(req); err != nil {
return nil, err
} else if err = requestVerifyFunc(req); err != nil {
return nil, err
}
var (
err = s.healthy()
resp = &state.HealthResponse{Healthy: true, Status: "OK"}
)
if err != nil {
resp.Healthy = false
resp.Status = err.Error()
}
return resp, nil
}
func (*stateService) Metrics(_ context.Context, req *state.MetricsRequest) (*state.MetricsResponse, error) {
if err := service.ProcessRequestTTL(req); err != nil {
return nil, err
} else if err = requestVerifyFunc(req); err != nil {
return nil, err
}
return state.EncodeMetrics(prometheus.DefaultGatherer)
}
func (s *stateService) DumpVars(_ context.Context, req *state.DumpVarsRequest) (*state.DumpVarsResponse, error) {
if err := service.ProcessRequestTTL(req, nonForwarding); err != nil {
return nil, err
} else if err = requestVerifyFunc(req); err != nil {
return nil, status.Error(codes.InvalidArgument, err.Error())
} else if key := requestInitiator(req); key == nil {
return nil, status.Error(codes.InvalidArgument, msgMissingRequestInitiator)
} else if owner, err := refs.NewOwnerID(key); err != nil {
return nil, status.Error(codes.InvalidArgument, err.Error())
} else if _, ok := s.owners[owner]; !ok {
return nil, status.Error(codes.PermissionDenied, service.ErrWrongOwner.Error())
}
return state.EncodeVariables(), nil
}
// Name of the service.
func (*stateService) Name() string { return "StatusService" }
// Register service on gRPC server.
func (s *stateService) Register(g *grpc.Server) { state.RegisterStatusServer(g, s) }