From f3cac6cc31ae3586cace2436d82656de0497f5c3 Mon Sep 17 00:00:00 2001 From: Leonard Lyubich Date: Wed, 13 Jan 2021 15:51:05 +0300 Subject: [PATCH] [#306] cmd/node: Serve private node service in storage node app Signed-off-by: Leonard Lyubich --- cmd/neofs-node/config.go | 8 +++++ cmd/neofs-node/main.go | 2 ++ cmd/neofs-node/private.go | 67 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 77 insertions(+) create mode 100644 cmd/neofs-node/private.go diff --git a/cmd/neofs-node/config.go b/cmd/neofs-node/config.go index ee496963f..27bdef53d 100644 --- a/cmd/neofs-node/config.go +++ b/cmd/neofs-node/config.go @@ -179,6 +179,8 @@ type cfg struct { workers []worker respSvc *response.Service + + cfgPrivateService cfgPrivateService } type cfgGRPC struct { @@ -258,6 +260,10 @@ type cfgObjectRoutines struct { get, head, put, search, rng, rngHash *ants.Pool } +type cfgPrivateService struct { + server *grpc.Server +} + const ( _ BootstrapType = iota StorageNode @@ -412,6 +418,8 @@ func defaultConfiguration(v *viper.Viper) { v.SetDefault(cfgObjectSearchPoolSize, 10) v.SetDefault(cfgObjectRangePoolSize, 10) v.SetDefault(cfgObjectRangeHashPoolSize, 10) + + v.SetDefault(cfgPrivateSvcAllowedKeys, []string{}) } func (c *cfg) LocalAddress() *network.Address { diff --git a/cmd/neofs-node/main.go b/cmd/neofs-node/main.go index 440fcdee1..394ef514b 100644 --- a/cmd/neofs-node/main.go +++ b/cmd/neofs-node/main.go @@ -41,6 +41,7 @@ func initApp(c *cfg) { initSessionService(c) initObjectService(c) initProfiler(c) + initPrivateService(c) fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Open()) fatalOnErr(c.cfgObject.cfgLocalStorage.localStorage.Init()) @@ -71,6 +72,7 @@ func wait(c *cfg) { func shutdown(c *cfg) { c.cfgGRPC.server.GracefulStop() + c.cfgPrivateService.server.GracefulStop() c.log.Info("gRPC server stopped") diff --git a/cmd/neofs-node/private.go b/cmd/neofs-node/private.go new file mode 100644 index 000000000..5d6ec82da --- /dev/null +++ b/cmd/neofs-node/private.go @@ -0,0 +1,67 @@ +package main + +import ( + "context" + "encoding/hex" + "net" + + crypto "github.com/nspcc-dev/neofs-crypto" + "github.com/nspcc-dev/neofs-node/pkg/services/private" + privateSvc "github.com/nspcc-dev/neofs-node/pkg/services/private/server" + "github.com/pkg/errors" + "google.golang.org/grpc" +) + +const ( + cfgPrivateSvcSection = "private" + + cfgPrivateSvcAllowedKeys = cfgPrivateSvcSection + ".permitted_keys" + + cfgPrivateSvcGRPCSection = cfgPrivateSvcSection + ".grpc" + cfgPrivateGRPCEndpoint = cfgPrivateSvcGRPCSection + ".endpoint" +) + +func initPrivateService(c *cfg) { + strKeys := c.viper.GetStringSlice(cfgPrivateSvcAllowedKeys) + keys := make([][]byte, 0, len(strKeys)+1) // +1 for node key + + keys = append(keys, crypto.MarshalPublicKey(&c.key.PublicKey)) + + for i := range strKeys { + key, err := hex.DecodeString(strKeys[i]) + fatalOnErr(err) + + if crypto.UnmarshalPublicKey(key) == nil { + fatalOnErr(errors.Errorf("invalid permitted key for private service %s", strKeys[i])) + } + + keys = append(keys, key) + } + + privSvc := privateSvc.New( + privateSvc.WithKey(c.key), + privateSvc.WithAllowedKeys(keys), + ) + + var ( + err error + lis net.Listener + endpoint = c.viper.GetString(cfgPrivateGRPCEndpoint) + ) + + if endpoint == "" || endpoint == c.viper.GetString(cfgListenAddress) { + lis = c.cfgGRPC.listener + c.cfgPrivateService.server = c.cfgGRPC.server + } else { + lis, err = net.Listen("tcp", endpoint) + fatalOnErr(err) + + c.cfgPrivateService.server = grpc.NewServer() + } + + private.RegisterPrivateServiceServer(c.cfgPrivateService.server, privSvc) + + c.workers = append(c.workers, newWorkerFromFunc(func(ctx context.Context) { + fatalOnErr(c.cfgPrivateService.server.Serve(lis)) + })) +}