1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
23 "git.arvados.org/arvados.git/sdk/go/arvados"
24 "github.com/aws/aws-sdk-go-v2/aws"
25 "github.com/aws/aws-sdk-go-v2/aws/awserr"
26 "github.com/aws/aws-sdk-go-v2/aws/defaults"
27 "github.com/aws/aws-sdk-go-v2/aws/ec2metadata"
28 "github.com/aws/aws-sdk-go-v2/aws/ec2rolecreds"
29 "github.com/aws/aws-sdk-go-v2/aws/endpoints"
30 "github.com/aws/aws-sdk-go-v2/service/s3"
31 "github.com/aws/aws-sdk-go-v2/service/s3/s3manager"
32 "github.com/prometheus/client_golang/prometheus"
33 "github.com/sirupsen/logrus"
36 // S3AWSVolume implements Volume using an S3 bucket.
37 type S3AWSVolume struct {
38 arvados.S3VolumeDriverParameters
39 AuthToken string // populated automatically when IAMRole is used
40 AuthExpiration time.Time // populated automatically when IAMRole is used
42 cluster *arvados.Cluster
44 logger logrus.FieldLogger
45 metrics *volumeMetricsVecs
51 // s3bucket wraps s3.bucket and counts I/O and API usage stats. The
52 // wrapped bucket can be replaced atomically with SetBucket in order
53 // to update credentials.
54 type s3AWSbucket struct {
57 stats s3awsbucketStats
61 // chooseS3VolumeDriver distinguishes between the old goamz driver and
62 // aws-sdk-go based on the UseAWSS3v2Driver feature flag
63 func chooseS3VolumeDriver(cluster *arvados.Cluster, volume arvados.Volume, logger logrus.FieldLogger, metrics *volumeMetricsVecs) (Volume, error) {
64 v := &S3Volume{cluster: cluster, volume: volume, metrics: metrics}
65 err := json.Unmarshal(volume.DriverParameters, v)
69 if v.UseAWSS3v2Driver {
70 logger.Debugln("Using AWS S3 v2 driver")
71 return newS3AWSVolume(cluster, volume, logger, metrics)
73 logger.Debugln("Using goamz S3 driver")
74 return newS3Volume(cluster, volume, logger, metrics)
78 PartSize = 5 * 1024 * 1024
83 var s3AWSKeepBlockRegexp = regexp.MustCompile(`^[0-9a-f]{32}$`)
84 var s3AWSZeroTime time.Time
86 func (v *S3AWSVolume) isKeepBlock(s string) (string, bool) {
87 if v.PrefixLength > 0 && len(s) == v.PrefixLength+33 && s[:v.PrefixLength] == s[v.PrefixLength+1:v.PrefixLength*2+1] {
88 s = s[v.PrefixLength+1:]
90 return s, s3AWSKeepBlockRegexp.MatchString(s)
93 // Return the key used for a given loc. If PrefixLength==0 then
94 // key("abcdef0123") is "abcdef0123", if PrefixLength==3 then key is
95 // "abc/abcdef0123", etc.
96 func (v *S3AWSVolume) key(loc string) string {
97 if v.PrefixLength > 0 && v.PrefixLength < len(loc)-1 {
98 return loc[:v.PrefixLength] + "/" + loc
104 func newS3AWSVolume(cluster *arvados.Cluster, volume arvados.Volume, logger logrus.FieldLogger, metrics *volumeMetricsVecs) (Volume, error) {
105 v := &S3AWSVolume{cluster: cluster, volume: volume, metrics: metrics}
106 err := json.Unmarshal(volume.DriverParameters, v)
110 v.logger = logger.WithField("Volume", v.String())
111 return v, v.check("")
114 func (v *S3AWSVolume) translateError(err error) error {
115 if aerr, ok := err.(awserr.Error); ok {
118 return os.ErrNotExist
120 return os.ErrNotExist
124 case *aws.RequestCanceledError:
125 return context.Canceled
131 // safeCopy calls CopyObjectRequest, and checks the response to make
132 // sure the copy succeeded and updated the timestamp on the
133 // destination object
135 // (If something goes wrong during the copy, the error will be
136 // embedded in the 200 OK response)
137 func (v *S3AWSVolume) safeCopy(dst, src string) error {
138 input := &s3.CopyObjectInput{
139 Bucket: aws.String(v.bucket.bucket),
140 ContentType: aws.String("application/octet-stream"),
141 CopySource: aws.String(v.bucket.bucket + "/" + src),
142 Key: aws.String(dst),
145 req := v.bucket.svc.CopyObjectRequest(input)
146 resp, err := req.Send(context.Background())
148 err = v.translateError(err)
149 if os.IsNotExist(err) {
151 } else if err != nil {
152 return fmt.Errorf("PutCopy(%q ← %q): %s", dst, v.bucket.bucket+"/"+src, err)
155 if resp.CopyObjectResult.LastModified == nil {
156 return fmt.Errorf("PutCopy succeeded but did not return a timestamp: %q: %s", resp.CopyObjectResult.LastModified, err)
157 } else if time.Now().Sub(*resp.CopyObjectResult.LastModified) > maxClockSkew {
158 return fmt.Errorf("PutCopy succeeded but returned an old timestamp: %q: %s", resp.CopyObjectResult.LastModified, resp.CopyObjectResult.LastModified)
163 func (v *S3AWSVolume) check(ec2metadataHostname string) error {
165 return errors.New("DriverParameters: Bucket must be provided")
167 if v.IndexPageSize == 0 {
168 v.IndexPageSize = 1000
170 if v.RaceWindow < 0 {
171 return errors.New("DriverParameters: RaceWindow must not be negative")
175 return errors.New("DriverParameters: V2Signature is not supported")
178 defaultResolver := endpoints.NewDefaultResolver()
180 cfg := defaults.Config()
182 if v.Endpoint == "" && v.Region == "" {
183 return fmt.Errorf("AWS region or endpoint must be specified")
184 } else if v.Endpoint != "" || ec2metadataHostname != "" {
185 myCustomResolver := func(service, region string) (aws.Endpoint, error) {
186 if v.Endpoint != "" && service == "s3" {
189 SigningRegion: v.Region,
191 } else if service == "ec2metadata" && ec2metadataHostname != "" {
193 URL: ec2metadataHostname,
197 return defaultResolver.ResolveEndpoint(service, region)
199 cfg.EndpointResolver = aws.EndpointResolverFunc(myCustomResolver)
202 cfg.Region = v.Region
204 // Zero timeouts mean "wait forever", which is a bad
205 // default. Default to long timeouts instead.
206 if v.ConnectTimeout == 0 {
207 v.ConnectTimeout = s3DefaultConnectTimeout
209 if v.ReadTimeout == 0 {
210 v.ReadTimeout = s3DefaultReadTimeout
213 creds := aws.NewChainProvider(
214 []aws.CredentialsProvider{
215 aws.NewStaticCredentialsProvider(v.AccessKeyID, v.SecretAccessKey, v.AuthToken),
216 ec2rolecreds.New(ec2metadata.New(cfg)),
219 cfg.Credentials = creds
221 v.bucket = &s3AWSbucket{
226 // Set up prometheus metrics
227 lbls := prometheus.Labels{"device_id": v.GetDeviceID()}
228 v.bucket.stats.opsCounters, v.bucket.stats.errCounters, v.bucket.stats.ioBytes = v.metrics.getCounterVecsFor(lbls)
233 // String implements fmt.Stringer.
234 func (v *S3AWSVolume) String() string {
235 return fmt.Sprintf("s3-bucket:%+q", v.Bucket)
238 // GetDeviceID returns a globally unique ID for the storage bucket.
239 func (v *S3AWSVolume) GetDeviceID() string {
240 return "s3://" + v.Endpoint + "/" + v.Bucket
243 // Compare the given data with the stored data.
244 func (v *S3AWSVolume) Compare(ctx context.Context, loc string, expect []byte) error {
246 errChan := make(chan error, 1)
248 _, err := v.head("recent/" + key)
255 case err = <-errChan:
258 // Checking for the key itself here would interfere
259 // with future GET requests.
261 // On AWS, if X doesn't exist, a HEAD or GET request
262 // for X causes X's non-existence to be cached. Thus,
263 // if we test for X, then create X and return a
264 // signature to our client, the client might still get
265 // 404 from all keepstores when trying to read it.
267 // To avoid this, we avoid doing HEAD X or GET X until
268 // we know X has been written.
270 // Note that X might exist even though recent/X
271 // doesn't: for example, the response to HEAD recent/X
272 // might itself come from a stale cache. In such
273 // cases, we will return a false negative and
274 // PutHandler might needlessly create another replica
275 // on a different volume. That's not ideal, but it's
276 // better than passing the eventually-consistent
277 // problem on to our clients.
278 return v.translateError(err)
281 input := &s3.GetObjectInput{
282 Bucket: aws.String(v.bucket.bucket),
283 Key: aws.String(key),
286 req := v.bucket.svc.GetObjectRequest(input)
287 result, err := req.Send(ctx)
289 return v.translateError(err)
291 return v.translateError(compareReaderWithBuf(ctx, result.Body, expect, loc[:32]))
294 // EmptyTrash looks for trashed blocks that exceeded BlobTrashLifetime
295 // and deletes them from the volume.
296 func (v *S3AWSVolume) EmptyTrash() {
297 if v.cluster.Collections.BlobDeleteConcurrency < 1 {
301 var bytesInTrash, blocksInTrash, bytesDeleted, blocksDeleted int64
303 // Define "ready to delete" as "...when EmptyTrash started".
306 emptyOneKey := func(trash *s3.Object) {
307 key := strings.TrimPrefix(*trash.Key, "trash/")
308 loc, isblk := v.isKeepBlock(key)
312 atomic.AddInt64(&bytesInTrash, *trash.Size)
313 atomic.AddInt64(&blocksInTrash, 1)
315 trashT := *trash.LastModified
316 recent, err := v.head("recent/" + key)
317 if err != nil && os.IsNotExist(v.translateError(err)) {
318 v.logger.Warnf("EmptyTrash: found trash marker %q but no %q (%s); calling Untrash", *trash.Key, "recent/"+key, err)
321 v.logger.WithError(err).Errorf("EmptyTrash: Untrash(%q) failed", loc)
324 } else if err != nil {
325 v.logger.WithError(err).Warnf("EmptyTrash: HEAD %q failed", "recent/"+key)
328 if trashT.Sub(*recent.LastModified) < v.cluster.Collections.BlobSigningTTL.Duration() {
329 if age := startT.Sub(*recent.LastModified); age >= v.cluster.Collections.BlobSigningTTL.Duration()-time.Duration(v.RaceWindow) {
330 // recent/key is too old to protect
331 // loc from being Trashed again during
332 // the raceWindow that starts if we
333 // delete trash/X now.
335 // Note this means (TrashSweepInterval
336 // < BlobSigningTTL - raceWindow) is
337 // necessary to avoid starvation.
338 v.logger.Infof("EmptyTrash: detected old race for %q, calling fixRace + Touch", loc)
343 _, err := v.head(key)
344 if os.IsNotExist(err) {
345 v.logger.Infof("EmptyTrash: detected recent race for %q, calling fixRace", loc)
348 } else if err != nil {
349 v.logger.WithError(err).Warnf("EmptyTrash: HEAD %q failed", loc)
353 if startT.Sub(trashT) < v.cluster.Collections.BlobTrashLifetime.Duration() {
356 err = v.bucket.Del(*trash.Key)
358 v.logger.WithError(err).Errorf("EmptyTrash: error deleting %q", *trash.Key)
361 atomic.AddInt64(&bytesDeleted, *trash.Size)
362 atomic.AddInt64(&blocksDeleted, 1)
364 _, err = v.head(*trash.Key)
366 v.logger.Warnf("EmptyTrash: HEAD %q succeeded immediately after deleting %q", loc, loc)
369 if !os.IsNotExist(v.translateError(err)) {
370 v.logger.WithError(err).Warnf("EmptyTrash: HEAD %q failed", key)
373 err = v.bucket.Del("recent/" + key)
375 v.logger.WithError(err).Warnf("EmptyTrash: error deleting %q", "recent/"+key)
379 var wg sync.WaitGroup
380 todo := make(chan *s3.Object, v.cluster.Collections.BlobDeleteConcurrency)
381 for i := 0; i < v.cluster.Collections.BlobDeleteConcurrency; i++ {
385 for key := range todo {
391 trashL := s3awsLister{
395 PageSize: v.IndexPageSize,
396 Stats: &v.bucket.stats,
398 for trash := trashL.First(); trash != nil; trash = trashL.Next() {
404 if err := trashL.Error(); err != nil {
405 v.logger.WithError(err).Error("EmptyTrash: lister failed")
407 v.logger.Infof("EmptyTrash: stats for %v: Deleted %v bytes in %v blocks. Remaining in trash: %v bytes in %v blocks.", v.String(), bytesDeleted, blocksDeleted, bytesInTrash-bytesDeleted, blocksInTrash-blocksDeleted)
410 // fixRace(X) is called when "recent/X" exists but "X" doesn't
411 // exist. If the timestamps on "recent/X" and "trash/X" indicate there
412 // was a race between Put and Trash, fixRace recovers from the race by
413 // Untrashing the block.
414 func (v *S3AWSVolume) fixRace(key string) bool {
415 trash, err := v.head("trash/" + key)
417 if !os.IsNotExist(v.translateError(err)) {
418 v.logger.WithError(err).Errorf("fixRace: HEAD %q failed", "trash/"+key)
423 recent, err := v.head("recent/" + key)
425 v.logger.WithError(err).Errorf("fixRace: HEAD %q failed", "recent/"+key)
429 recentTime := *recent.LastModified
430 trashTime := *trash.LastModified
431 ageWhenTrashed := trashTime.Sub(recentTime)
432 if ageWhenTrashed >= v.cluster.Collections.BlobSigningTTL.Duration() {
433 // No evidence of a race: block hasn't been written
434 // since it became eligible for Trash. No fix needed.
438 v.logger.Infof("fixRace: %q: trashed at %s but touched at %s (age when trashed = %s < %s)", key, trashTime, recentTime, ageWhenTrashed, v.cluster.Collections.BlobSigningTTL)
439 v.logger.Infof("fixRace: copying %q to %q to recover from race between Put/Touch and Trash", "recent/"+key, key)
440 err = v.safeCopy(key, "trash/"+key)
442 v.logger.WithError(err).Error("fixRace: copy failed")
448 func (v *S3AWSVolume) head(key string) (result *s3.HeadObjectOutput, err error) {
449 input := &s3.HeadObjectInput{
450 Bucket: aws.String(v.bucket.bucket),
451 Key: aws.String(key),
454 req := v.bucket.svc.HeadObjectRequest(input)
455 res, err := req.Send(context.TODO())
457 v.bucket.stats.TickOps("head")
458 v.bucket.stats.Tick(&v.bucket.stats.Ops, &v.bucket.stats.HeadOps)
459 v.bucket.stats.TickErr(err)
462 return nil, v.translateError(err)
464 result = res.HeadObjectOutput
468 // Get a block: copy the block data into buf, and return the number of
470 func (v *S3AWSVolume) Get(ctx context.Context, loc string, buf []byte) (int, error) {
471 // Do not use getWithPipe here: the BlockReader interface does not pass
472 // through 'buf []byte', and we don't want to allocate two buffers for each
473 // read request. Instead, use a version of ReadBlock that accepts 'buf []byte'
475 return v.ReadBlock(ctx, loc, buf)
478 func (v *S3AWSVolume) ReadBlock(ctx context.Context, loc string, buf []byte) (int, error) {
480 count, err := v.readWorker(ctx, key, buf)
482 v.bucket.stats.TickInBytes(uint64(count))
486 err = v.translateError(err)
487 if !os.IsNotExist(err) {
491 _, err = v.head("recent/" + key)
492 err = v.translateError(err)
494 // If we can't read recent/X, there's no point in
495 // trying fixRace. Give up.
503 count, err = v.readWorker(ctx, key, buf)
505 v.logger.Warnf("reading %s after successful fixRace: %s", loc, err)
506 err = v.translateError(err)
509 v.bucket.stats.TickInBytes(uint64(count))
513 func (v *S3AWSVolume) readWorker(ctx context.Context, key string, buf []byte) (int, error) {
514 awsBuf := aws.NewWriteAtBuffer(buf)
515 downloader := s3manager.NewDownloaderWithClient(v.bucket.svc, func(u *s3manager.Downloader) {
516 u.PartSize = PartSize
517 u.Concurrency = ReadConcurrency
520 v.logger.Debugf("Partsize: %d; Concurrency: %d\n", downloader.PartSize, downloader.Concurrency)
522 count, err := downloader.DownloadWithContext(ctx, awsBuf, &s3.GetObjectInput{
523 Bucket: aws.String(v.bucket.bucket),
524 Key: aws.String(key),
526 v.bucket.stats.TickOps("get")
527 v.bucket.stats.Tick(&v.bucket.stats.Ops, &v.bucket.stats.GetOps)
528 v.bucket.stats.TickErr(err)
530 return 0, v.translateError(err)
534 return int(count), err
537 func (v *S3AWSVolume) writeObject(ctx context.Context, key string, r io.Reader) error {
539 // r == nil leads to a memory violation in func readFillBuf in
540 // aws-sdk-go-v2@v0.23.0/service/s3/s3manager/upload.go
541 r = bytes.NewReader(nil)
544 uploadInput := s3manager.UploadInput{
545 Bucket: aws.String(v.bucket.bucket),
546 Key: aws.String(key),
550 if loc, ok := v.isKeepBlock(key); ok {
551 var contentMD5 string
552 md5, err := hex.DecodeString(loc)
556 contentMD5 = base64.StdEncoding.EncodeToString(md5)
557 uploadInput.ContentMD5 = &contentMD5
560 // Experimentation indicated that using concurrency 5 yields the best
561 // throughput, better than higher concurrency (10 or 13) by ~5%.
562 // Defining u.BufferProvider = s3manager.NewBufferedReadSeekerWriteToPool(64 * 1024 * 1024)
563 // is detrimental to througput (minus ~15%).
564 uploader := s3manager.NewUploaderWithClient(v.bucket.svc, func(u *s3manager.Uploader) {
565 u.PartSize = PartSize
566 u.Concurrency = WriteConcurrency
569 // Unlike the goamz S3 driver, we don't need to precompute ContentSHA256:
570 // the aws-sdk-go v2 SDK uses a ReadSeeker to avoid having to copy the
571 // block, so there is no extra memory use to be concerned about. See
572 // makeSha256Reader in aws/signer/v4/v4.go. In fact, we explicitly disable
573 // calculating the Sha-256 because we don't need it; we already use md5sum
574 // hashes that match the name of the block.
575 _, err := uploader.UploadWithContext(ctx, &uploadInput, s3manager.WithUploaderRequestOptions(func(r *aws.Request) {
576 r.HTTPRequest.Header.Set("X-Amz-Content-Sha256", "UNSIGNED-PAYLOAD")
579 v.bucket.stats.TickOps("put")
580 v.bucket.stats.Tick(&v.bucket.stats.Ops, &v.bucket.stats.PutOps)
581 v.bucket.stats.TickErr(err)
586 // Put writes a block.
587 func (v *S3AWSVolume) Put(ctx context.Context, loc string, block []byte) error {
588 // Do not use putWithPipe here; we want to pass an io.ReadSeeker to the S3
589 // sdk to avoid memory allocation there. See #17339 for more information.
590 return v.translateError(v.WriteBlock(ctx, loc, bytes.NewReader(block)))
593 // WriteBlock implements BlockWriter.
594 func (v *S3AWSVolume) WriteBlock(ctx context.Context, loc string, rdr io.Reader) error {
595 if v.volume.ReadOnly {
596 return MethodDisabledError
599 r := NewCountingReaderAtSeeker(rdr, v.bucket.stats.TickOutBytes)
601 err := v.writeObject(ctx, key, r)
605 return v.writeObject(ctx, "recent/"+key, nil)
608 type s3awsLister struct {
609 Logger logrus.FieldLogger
613 Stats *s3awsbucketStats
614 ContinuationToken string
619 // First fetches the first page and returns the first item. It returns
620 // nil if the response is the empty set or an error occurs.
621 func (lister *s3awsLister) First() *s3.Object {
626 // Next returns the next item, fetching the next page if necessary. It
627 // returns nil if the last available item has already been fetched, or
629 func (lister *s3awsLister) Next() *s3.Object {
630 if len(lister.buf) == 0 && lister.ContinuationToken != "" {
636 // Return the most recent error encountered by First or Next.
637 func (lister *s3awsLister) Error() error {
641 func (lister *s3awsLister) getPage() {
642 lister.Stats.TickOps("list")
643 lister.Stats.Tick(&lister.Stats.Ops, &lister.Stats.ListOps)
645 var input *s3.ListObjectsV2Input
646 if lister.ContinuationToken == "" {
647 input = &s3.ListObjectsV2Input{
648 Bucket: aws.String(lister.Bucket.bucket),
649 MaxKeys: aws.Int64(int64(lister.PageSize)),
650 Prefix: aws.String(lister.Prefix),
653 input = &s3.ListObjectsV2Input{
654 Bucket: aws.String(lister.Bucket.bucket),
655 MaxKeys: aws.Int64(int64(lister.PageSize)),
656 Prefix: aws.String(lister.Prefix),
657 ContinuationToken: &lister.ContinuationToken,
661 req := lister.Bucket.svc.ListObjectsV2Request(input)
662 resp, err := req.Send(context.Background())
664 if aerr, ok := err.(awserr.Error); ok {
672 if *resp.IsTruncated {
673 lister.ContinuationToken = *resp.NextContinuationToken
675 lister.ContinuationToken = ""
677 lister.buf = make([]s3.Object, 0, len(resp.Contents))
678 for _, key := range resp.Contents {
679 if !strings.HasPrefix(*key.Key, lister.Prefix) {
680 lister.Logger.Warnf("s3awsLister: S3 Bucket.List(prefix=%q) returned key %q", lister.Prefix, *key.Key)
683 lister.buf = append(lister.buf, key)
687 func (lister *s3awsLister) pop() (k *s3.Object) {
688 if len(lister.buf) > 0 {
690 lister.buf = lister.buf[1:]
695 // IndexTo writes a complete list of locators with the given prefix
696 // for which Get() can retrieve data.
697 func (v *S3AWSVolume) IndexTo(prefix string, writer io.Writer) error {
698 prefix = v.key(prefix)
699 // Use a merge sort to find matching sets of X and recent/X.
700 dataL := s3awsLister{
704 PageSize: v.IndexPageSize,
705 Stats: &v.bucket.stats,
707 recentL := s3awsLister{
710 Prefix: "recent/" + prefix,
711 PageSize: v.IndexPageSize,
712 Stats: &v.bucket.stats,
714 for data, recent := dataL.First(), recentL.First(); data != nil && dataL.Error() == nil; data = dataL.Next() {
715 if *data.Key >= "g" {
716 // Conveniently, "recent/*" and "trash/*" are
717 // lexically greater than all hex-encoded data
718 // hashes, so stopping here avoids iterating
719 // over all of them needlessly with dataL.
722 loc, isblk := v.isKeepBlock(*data.Key)
727 // stamp is the list entry we should use to report the
728 // last-modified time for this data block: it will be
729 // the recent/X entry if one exists, otherwise the
730 // entry for the data block itself.
733 // Advance to the corresponding recent/X marker, if any
734 for recent != nil && recentL.Error() == nil {
735 if cmp := strings.Compare((*recent.Key)[7:], *data.Key); cmp < 0 {
736 recent = recentL.Next()
740 recent = recentL.Next()
743 // recent/X marker is missing: we'll
744 // use the timestamp on the data
749 if err := recentL.Error(); err != nil {
752 // We truncate sub-second precision here. Otherwise
753 // timestamps will never match the RFC1123-formatted
754 // Last-Modified values parsed by Mtime().
755 fmt.Fprintf(writer, "%s+%d %d\n", loc, *data.Size, stamp.LastModified.Unix()*1000000000)
760 // Mtime returns the stored timestamp for the given locator.
761 func (v *S3AWSVolume) Mtime(loc string) (time.Time, error) {
763 _, err := v.head(key)
765 return s3AWSZeroTime, v.translateError(err)
767 resp, err := v.head("recent/" + key)
768 err = v.translateError(err)
769 if os.IsNotExist(err) {
770 // The data object X exists, but recent/X is missing.
771 err = v.writeObject(context.Background(), "recent/"+key, nil)
773 v.logger.WithError(err).Errorf("error creating %q", "recent/"+key)
774 return s3AWSZeroTime, v.translateError(err)
776 v.logger.Infof("Mtime: created %q to migrate existing block to new storage scheme", "recent/"+key)
777 resp, err = v.head("recent/" + key)
779 v.logger.WithError(err).Errorf("HEAD failed after creating %q", "recent/"+key)
780 return s3AWSZeroTime, v.translateError(err)
782 } else if err != nil {
783 // HEAD recent/X failed for some other reason.
784 return s3AWSZeroTime, err
786 return *resp.LastModified, err
789 // Status returns a *VolumeStatus representing the current in-use
790 // storage capacity and a fake available capacity that doesn't make
791 // the volume seem full or nearly-full.
792 func (v *S3AWSVolume) Status() *VolumeStatus {
793 return &VolumeStatus{
795 BytesFree: BlockSize * 1000,
800 // InternalStats returns bucket I/O and API call counters.
801 func (v *S3AWSVolume) InternalStats() interface{} {
802 return &v.bucket.stats
805 // Touch sets the timestamp for the given locator to the current time.
806 func (v *S3AWSVolume) Touch(loc string) error {
807 if v.volume.ReadOnly {
808 return MethodDisabledError
811 _, err := v.head(key)
812 err = v.translateError(err)
813 if os.IsNotExist(err) && v.fixRace(key) {
814 // The data object got trashed in a race, but fixRace
816 } else if err != nil {
819 err = v.writeObject(context.Background(), "recent/"+key, nil)
820 return v.translateError(err)
823 // checkRaceWindow returns a non-nil error if trash/key is, or might
824 // be, in the race window (i.e., it's not safe to trash key).
825 func (v *S3AWSVolume) checkRaceWindow(key string) error {
826 resp, err := v.head("trash/" + key)
827 err = v.translateError(err)
828 if os.IsNotExist(err) {
829 // OK, trash/X doesn't exist so we're not in the race
832 } else if err != nil {
833 // Error looking up trash/X. We don't know whether
834 // we're in the race window
837 t := resp.LastModified
838 safeWindow := t.Add(v.cluster.Collections.BlobTrashLifetime.Duration()).Sub(time.Now().Add(time.Duration(v.RaceWindow)))
840 // We can't count on "touch trash/X" to prolong
841 // trash/X's lifetime. The new timestamp might not
842 // become visible until now+raceWindow, and EmptyTrash
843 // is allowed to delete trash/X before then.
844 return fmt.Errorf("%s: same block is already in trash, and safe window ended %s ago", key, -safeWindow)
846 // trash/X exists, but it won't be eligible for deletion until
847 // after now+raceWindow, so it's safe to overwrite it.
851 func (b *s3AWSbucket) Del(path string) error {
852 input := &s3.DeleteObjectInput{
853 Bucket: aws.String(b.bucket),
854 Key: aws.String(path),
856 req := b.svc.DeleteObjectRequest(input)
857 _, err := req.Send(context.Background())
858 b.stats.TickOps("delete")
859 b.stats.Tick(&b.stats.Ops, &b.stats.DelOps)
864 // Trash a Keep block.
865 func (v *S3AWSVolume) Trash(loc string) error {
866 if v.volume.ReadOnly {
867 return MethodDisabledError
869 if t, err := v.Mtime(loc); err != nil {
871 } else if time.Since(t) < v.cluster.Collections.BlobSigningTTL.Duration() {
875 if v.cluster.Collections.BlobTrashLifetime == 0 {
877 return ErrS3TrashDisabled
879 return v.translateError(v.bucket.Del(key))
881 err := v.checkRaceWindow(key)
885 err = v.safeCopy("trash/"+key, key)
889 return v.translateError(v.bucket.Del(key))
892 // Untrash moves block from trash back into store
893 func (v *S3AWSVolume) Untrash(loc string) error {
895 err := v.safeCopy(key, "trash/"+key)
899 err = v.writeObject(context.Background(), "recent/"+key, nil)
900 return v.translateError(err)
903 type s3awsbucketStats struct {
913 func (s *s3awsbucketStats) TickErr(err error) {
917 errType := fmt.Sprintf("%T", err)
918 if aerr, ok := err.(awserr.Error); ok {
919 if reqErr, ok := err.(awserr.RequestFailure); ok {
920 // A service error occurred
921 errType = errType + fmt.Sprintf(" %d %s", reqErr.StatusCode(), aerr.Code())
923 errType = errType + fmt.Sprintf(" 000 %s", aerr.Code())
926 s.statsTicker.TickErr(err, errType)