7 "git.curoverse.com/arvados.git/sdk/go/keepclient"
19 // ======================
20 // Configuration settings
22 // TODO(twp): make all of these configurable via command line flags
23 // and/or configuration file settings.
25 // Default TCP address on which to listen for requests.
26 // Initialized by the --listen flag.
27 const DefaultAddr = ":25107"
29 // A Keep "block" is 64MB.
30 const BlockSize = 64 * 1024 * 1024
32 // A Keep volume must have at least MinFreeKilobytes available
33 // in order to permit writes.
34 const MinFreeKilobytes = BlockSize / 1024
36 // ProcMounts /proc/mounts
37 var ProcMounts = "/proc/mounts"
39 // enforcePermissions controls whether permission signatures
40 // should be enforced (affecting GET and DELETE requests).
41 // Initialized by the -enforce-permissions flag.
42 var enforcePermissions bool
44 // blobSignatureTTL is the time duration for which new permission
45 // signatures (returned by PUT requests) will be valid.
46 // Initialized by the -permission-ttl flag.
47 var blobSignatureTTL time.Duration
49 // dataManagerToken represents the API token used by the
50 // Data Manager, and is required on certain privileged operations.
51 // Initialized by the -data-manager-token-file flag.
52 var dataManagerToken string
54 // neverDelete can be used to prevent the DELETE handler from
55 // actually deleting anything.
56 var neverDelete = true
63 type KeepError struct {
69 BadRequestError = &KeepError{400, "Bad Request"}
70 UnauthorizedError = &KeepError{401, "Unauthorized"}
71 CollisionError = &KeepError{500, "Collision"}
72 RequestHashError = &KeepError{422, "Hash mismatch in request"}
73 PermissionError = &KeepError{403, "Forbidden"}
74 DiskHashError = &KeepError{500, "Hash mismatch in stored data"}
75 ExpiredError = &KeepError{401, "Expired permission signature"}
76 NotFoundError = &KeepError{404, "Not Found"}
77 GenericError = &KeepError{500, "Fail"}
78 FullError = &KeepError{503, "Full"}
79 SizeRequiredError = &KeepError{411, "Missing Content-Length"}
80 TooLongError = &KeepError{413, "Block is too large"}
81 MethodDisabledError = &KeepError{405, "Method disabled"}
82 ErrNotImplemented = &KeepError{500, "Unsupported configuration"}
85 func (e *KeepError) Error() string {
89 // ========================
90 // Internal data structures
92 // These global variables are used by multiple parts of the
93 // program. They are good candidates for moving into their own
96 // The Keep VolumeManager maintains a list of available volumes.
97 // Initialized by the --volumes flag (or by FindKeepVolumes).
98 var KeepVM VolumeManager
100 // The pull list manager and trash queue are threadsafe queues which
101 // support atomic update operations. The PullHandler and TrashHandler
102 // store results from Data Manager /pull and /trash requests here.
104 // See the Keep and Data Manager design documents for more details:
105 // https://arvados.org/projects/arvados/wiki/Keep_Design_Doc
106 // https://arvados.org/projects/arvados/wiki/Data_Manager_Design_Doc
109 var trashq *WorkQueue
111 type volumeSet []Volume
120 func (vs *volumeSet) String() string {
121 return fmt.Sprintf("%+v", (*vs)[:])
124 // TODO(twp): continue moving as much code as possible out of main
125 // so it can be effectively tested. Esp. handling and postprocessing
126 // of command line flags (identifying Keep volumes and initializing
127 // permission arguments).
130 log.Println("keepstore starting, pid", os.Getpid())
131 defer log.Println("keepstore exiting, pid", os.Getpid())
134 dataManagerTokenFile string
136 blobSigningKeyFile string
141 &dataManagerTokenFile,
142 "data-manager-token-file",
144 "File with the API token used by the Data Manager. All DELETE "+
145 "requests or GET /index requests must carry this token.")
148 "enforce-permissions",
150 "Enforce permission signatures on requests.")
155 "Listening address, in the form \"host:port\". e.g., 10.0.1.24:8000. Omit the host part to listen on all interfaces.")
160 "If true, nothing will be deleted. "+
161 "Warning: the relevant features in keepstore and data manager have not been extensively tested. "+
162 "You should leave this option alone unless you can afford to lose data.")
165 "permission-key-file",
167 "Synonym for -blob-signing-key-file.")
170 "blob-signing-key-file",
172 "File containing the secret key for generating and verifying "+
173 "blob permission signatures.")
178 "Synonym for -blob-signature-ttl.")
181 "blob-signature-ttl",
182 int(time.Duration(2*7*24*time.Hour).Seconds()),
183 "Lifetime of blob permission signatures. "+
184 "See services/api/config/application.default.yml.")
189 "Serialize read and write operations on the following volumes.")
194 "Do not write, delete, or touch anything on the following volumes.")
199 "Path to write pid file during startup. This file is kept open and locked with LOCK_EX until keepstore exits, so `fuser -k pidfile` is one way to shut down. Exit immediately if there is an error opening, locking, or writing the pid file.")
204 fmt.Sprintf("Maximum RAM to use for data buffers, given in multiples of block size (%d MiB). When this limit is reached, HTTP requests requiring buffers (like GET and PUT) will wait for buffer space to be released.", BlockSize>>20))
209 fmt.Sprintf("Trashed blocks will stay in trash for trash-lifetime interval before they are actually deleted by the system."))
214 log.Fatal("-max-buffers must be greater than zero.")
216 bufs = newBufferPool(maxBuffers, BlockSize)
219 f, err := os.OpenFile(pidfile, os.O_RDWR|os.O_CREATE, 0777)
221 log.Fatalf("open pidfile (%s): %s", pidfile, err)
223 err = syscall.Flock(int(f.Fd()), syscall.LOCK_EX|syscall.LOCK_NB)
225 log.Fatalf("flock pidfile (%s): %s", pidfile, err)
229 log.Fatalf("truncate pidfile (%s): %s", pidfile, err)
231 _, err = fmt.Fprint(f, os.Getpid())
233 log.Fatalf("write pidfile (%s): %s", pidfile, err)
237 log.Fatalf("sync pidfile (%s): %s", pidfile, err)
240 defer os.Remove(pidfile)
243 if len(volumes) == 0 {
244 if (&unixVolumeAdder{&volumes}).Discover() == 0 {
245 log.Fatal("No volumes found.")
249 for _, v := range volumes {
250 log.Printf("Using volume %v (writable=%v)", v, v.Writable())
253 // Initialize data manager token and permission key.
254 // If these tokens are specified but cannot be read,
255 // raise a fatal error.
256 if dataManagerTokenFile != "" {
257 if buf, err := ioutil.ReadFile(dataManagerTokenFile); err == nil {
258 dataManagerToken = strings.TrimSpace(string(buf))
260 log.Fatalf("reading data manager token: %s\n", err)
264 if neverDelete != true {
265 log.Print("never-delete is not set. Warning: the relevant features in keepstore and data manager have not " +
266 "been extensively tested. You should leave this option alone unless you can afford to lose data.")
269 if blobSigningKeyFile != "" {
270 if buf, err := ioutil.ReadFile(blobSigningKeyFile); err == nil {
271 PermissionSecret = bytes.TrimSpace(buf)
273 log.Fatalf("reading permission key: %s\n", err)
277 blobSignatureTTL = time.Duration(permissionTTLSec) * time.Second
279 if PermissionSecret == nil {
280 if enforcePermissions {
281 log.Fatal("-enforce-permissions requires a permission key")
283 log.Println("Running without a PermissionSecret. Block locators " +
284 "returned by this server will not be signed, and will be rejected " +
285 "by a server that enforces permissions.")
286 log.Println("To fix this, use the -blob-signing-key-file flag " +
287 "to specify the file containing the permission key.")
291 // Start a round-robin VolumeManager with the volumes we have found.
292 KeepVM = MakeRRVolumeManager(volumes)
294 // Tell the built-in HTTP server to direct all requests to the REST router.
295 loggingRouter := MakeLoggingRESTRouter()
296 http.HandleFunc("/", func(resp http.ResponseWriter, req *http.Request) {
297 loggingRouter.ServeHTTP(resp, req)
300 // Set up a TCP listener.
301 listener, err := net.Listen("tcp", listen)
306 // Initialize Pull queue and worker
307 keepClient := &keepclient.KeepClient{
310 Client: &http.Client{},
313 // Initialize the pullq and worker
314 pullq = NewWorkQueue()
315 go RunPullWorker(pullq, keepClient)
317 // Initialize the trashq and worker
318 trashq = NewWorkQueue()
319 go RunTrashWorker(trashq)
321 // Shut down the server gracefully (by closing the listener)
322 // if SIGTERM is received.
323 term := make(chan os.Signal, 1)
324 go func(sig <-chan os.Signal) {
326 log.Println("caught signal:", s)
329 signal.Notify(term, syscall.SIGTERM)
330 signal.Notify(term, syscall.SIGINT)
332 log.Println("listening at", listen)
333 srv := &http.Server{Addr: listen}