1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
28 "git.arvados.org/arvados.git/lib/config"
29 "git.arvados.org/arvados.git/lib/service"
30 "git.arvados.org/arvados.git/sdk/go/arvados"
31 "git.arvados.org/arvados.git/sdk/go/ctxlog"
32 "git.arvados.org/arvados.git/sdk/go/health"
33 "github.com/fsnotify/fsnotify"
34 "github.com/sirupsen/logrus"
37 type Supervisor struct {
38 SourcePath string // e.g., /home/username/src/arvados
39 SourceVersion string // e.g., acbd1324...
40 ClusterType string // e.g., production
41 ListenHost string // e.g., localhost
42 ControllerAddr string // e.g., 127.0.0.1:8000
43 OwnTemporaryDatabase bool
46 logger logrus.FieldLogger
47 cluster *arvados.Cluster
50 cancel context.CancelFunc
51 done chan struct{} // closed when child procs/services have shut down
52 err error // error that caused shutdown (valid when done is closed)
53 healthChecker *health.Aggregator
54 tasksReady map[string]chan bool
55 waitShutdown sync.WaitGroup
59 environ []string // for child processes
62 func (super *Supervisor) Cluster() *arvados.Cluster { return super.cluster }
64 func (super *Supervisor) Start(ctx context.Context, cfg *arvados.Config, cfgPath string) {
65 super.ctx, super.cancel = context.WithCancel(ctx)
66 super.done = make(chan struct{})
69 defer close(super.done)
71 sigch := make(chan os.Signal)
72 signal.Notify(sigch, syscall.SIGINT, syscall.SIGTERM)
73 defer signal.Stop(sigch)
75 for sig := range sigch {
76 super.logger.WithField("signal", sig).Info("caught signal")
78 super.err = fmt.Errorf("caught signal %s", sig)
84 hupch := make(chan os.Signal)
85 signal.Notify(hupch, syscall.SIGHUP)
86 defer signal.Stop(hupch)
88 for sig := range hupch {
89 super.logger.WithField("signal", sig).Info("caught signal")
91 super.err = errNeedConfigReload
97 if cfgPath != "" && cfgPath != "-" && cfg.AutoReloadConfig {
98 go watchConfig(super.ctx, super.logger, cfgPath, copyConfig(cfg), func() {
100 super.err = errNeedConfigReload
106 err := super.run(cfg)
108 super.logger.WithError(err).Warn("supervisor shut down")
109 if super.err == nil {
116 func (super *Supervisor) Wait() error {
121 func (super *Supervisor) run(cfg *arvados.Config) error {
124 cwd, err := os.Getwd()
128 if !strings.HasPrefix(super.SourcePath, "/") {
129 super.SourcePath = filepath.Join(cwd, super.SourcePath)
131 super.SourcePath, err = filepath.EvalSymlinks(super.SourcePath)
136 super.tempdir, err = ioutil.TempDir("", "arvados-server-boot-")
140 defer os.RemoveAll(super.tempdir)
141 if err := os.Mkdir(filepath.Join(super.tempdir, "bin"), 0755); err != nil {
145 // Fill in any missing config keys, and write the resulting
146 // config in the temp dir for child services to use.
147 err = super.autofillConfig(cfg)
151 conffile, err := os.OpenFile(filepath.Join(super.tempdir, "config.yml"), os.O_CREATE|os.O_WRONLY, 0644)
155 defer conffile.Close()
156 err = json.NewEncoder(conffile).Encode(cfg)
160 err = conffile.Close()
164 super.configfile = conffile.Name()
166 super.environ = os.Environ()
167 super.cleanEnv([]string{"ARVADOS_"})
168 super.setEnv("ARVADOS_CONFIG", super.configfile)
169 super.setEnv("RAILS_ENV", super.ClusterType)
170 super.setEnv("TMPDIR", super.tempdir)
171 super.prependEnv("PATH", super.tempdir+"/bin:/var/lib/arvados/bin:")
173 super.cluster, err = cfg.GetCluster("")
177 // Now that we have the config, replace the bootstrap logger
178 // with a new one according to the logging config.
179 loglevel := super.cluster.SystemLogs.LogLevel
180 if s := os.Getenv("ARVADOS_DEBUG"); s != "" && s != "0" {
183 super.logger = ctxlog.New(super.Stderr, super.cluster.SystemLogs.Format, loglevel).WithFields(logrus.Fields{
187 if super.SourceVersion == "" {
188 // Find current source tree version.
190 err = super.RunProgram(super.ctx, ".", &buf, nil, "git", "diff", "--shortstat")
194 dirty := buf.Len() > 0
196 err = super.RunProgram(super.ctx, ".", &buf, nil, "git", "log", "-n1", "--format=%H")
200 super.SourceVersion = strings.TrimSpace(buf.String())
202 super.SourceVersion += "+uncommitted"
205 return errors.New("specifying a version to run is not yet supported")
208 _, err = super.installGoProgram(super.ctx, "cmd/arvados-server")
212 err = super.setupRubyEnv()
217 tasks := []supervisedTask{
218 createCertificates{},
221 runServiceCommand{name: "controller", svc: super.cluster.Services.Controller, depends: []supervisedTask{seedDatabase{}}},
222 runGoProgram{src: "services/arv-git-httpd", svc: super.cluster.Services.GitHTTP},
223 runGoProgram{src: "services/health", svc: super.cluster.Services.Health},
224 runGoProgram{src: "services/keepproxy", svc: super.cluster.Services.Keepproxy, depends: []supervisedTask{runPassenger{src: "services/api"}}},
225 runGoProgram{src: "services/keepstore", svc: super.cluster.Services.Keepstore},
226 runGoProgram{src: "services/keep-web", svc: super.cluster.Services.WebDAV},
227 runServiceCommand{name: "ws", svc: super.cluster.Services.Websocket, depends: []supervisedTask{seedDatabase{}}},
228 installPassenger{src: "services/api"},
229 runPassenger{src: "services/api", svc: super.cluster.Services.RailsAPI, depends: []supervisedTask{createCertificates{}, seedDatabase{}, installPassenger{src: "services/api"}}},
230 installPassenger{src: "apps/workbench", depends: []supervisedTask{seedDatabase{}}}, // dependency ensures workbench doesn't delay api install/startup
231 runPassenger{src: "apps/workbench", svc: super.cluster.Services.Workbench1, depends: []supervisedTask{installPassenger{src: "apps/workbench"}}},
234 if super.ClusterType != "test" {
235 tasks = append(tasks,
236 runServiceCommand{name: "dispatch-cloud", svc: super.cluster.Services.Controller},
237 runGoProgram{src: "services/keep-balance"},
240 super.tasksReady = map[string]chan bool{}
241 for _, task := range tasks {
242 super.tasksReady[task.String()] = make(chan bool)
244 for _, task := range tasks {
246 fail := func(err error) {
247 if super.ctx.Err() != nil {
251 super.logger.WithField("task", task.String()).WithError(err).Error("task failed")
254 super.logger.WithField("task", task.String()).Info("starting")
255 err := task.Run(super.ctx, fail, super)
260 close(super.tasksReady[task.String()])
263 err = super.wait(super.ctx, tasks...)
267 super.logger.Info("all startup tasks are complete; starting health checks")
268 super.healthChecker = &health.Aggregator{Cluster: super.cluster}
270 super.logger.Info("shutting down")
271 super.waitShutdown.Wait()
272 return super.ctx.Err()
275 func (super *Supervisor) wait(ctx context.Context, tasks ...supervisedTask) error {
276 for _, task := range tasks {
277 ch, ok := super.tasksReady[task.String()]
279 return fmt.Errorf("no such task: %s", task)
281 super.logger.WithField("task", task.String()).Info("waiting")
284 super.logger.WithField("task", task.String()).Info("ready")
286 super.logger.WithField("task", task.String()).Info("task was never ready")
293 func (super *Supervisor) Stop() {
298 func (super *Supervisor) WaitReady() (*arvados.URL, bool) {
299 ticker := time.NewTicker(time.Second)
301 for waiting := "all"; waiting != ""; {
304 case <-super.ctx.Done():
307 if super.healthChecker == nil {
311 resp := super.healthChecker.ClusterHealth()
312 // The overall health check (resp.Health=="OK") might
313 // never pass due to missing components (like
314 // arvados-dispatch-cloud in a test cluster), so
315 // instead we wait for all configured components to
318 for target, check := range resp.Checks {
319 if check.Health != "OK" {
320 waiting += " " + target
324 super.logger.WithField("targets", waiting[1:]).Info("waiting")
327 u := super.cluster.Services.Controller.ExternalURL
331 func (super *Supervisor) prependEnv(key, prepend string) {
332 for i, s := range super.environ {
333 if strings.HasPrefix(s, key+"=") {
334 super.environ[i] = key + "=" + prepend + s[len(key)+1:]
338 super.environ = append(super.environ, key+"="+prepend)
341 func (super *Supervisor) cleanEnv(prefixes []string) {
343 for _, s := range super.environ {
345 for _, p := range prefixes {
346 if strings.HasPrefix(s, p) {
352 cleaned = append(cleaned, s)
355 super.environ = cleaned
358 func (super *Supervisor) setEnv(key, val string) {
359 for i, s := range super.environ {
360 if strings.HasPrefix(s, key+"=") {
361 super.environ[i] = key + "=" + val
365 super.environ = append(super.environ, key+"="+val)
368 // Remove all but the first occurrence of each env var.
369 func dedupEnv(in []string) []string {
370 saw := map[string]bool{}
372 for _, kv := range in {
373 if split := strings.Index(kv, "="); split < 1 {
374 panic("invalid environment var: " + kv)
375 } else if saw[kv[:split]] {
378 saw[kv[:split]] = true
379 out = append(out, kv)
385 func (super *Supervisor) installGoProgram(ctx context.Context, srcpath string) (string, error) {
386 _, basename := filepath.Split(srcpath)
387 bindir := filepath.Join(super.tempdir, "bin")
388 binfile := filepath.Join(bindir, basename)
389 err := super.RunProgram(ctx, filepath.Join(super.SourcePath, srcpath), nil, []string{"GOBIN=" + bindir}, "go", "install", "-ldflags", "-X git.arvados.org/arvados.git/lib/cmd.version="+super.SourceVersion+" -X main.version="+super.SourceVersion)
393 func (super *Supervisor) usingRVM() bool {
394 return os.Getenv("rvm_path") != ""
397 func (super *Supervisor) setupRubyEnv() error {
398 if !super.usingRVM() {
399 // (If rvm is in use, assume the caller has everything
400 // set up as desired)
401 super.cleanEnv([]string{
406 if _, err := os.Stat("/var/lib/arvados/bin/gem"); err == nil {
407 gem = "/var/lib/arvados/bin/gem"
409 cmd := exec.Command(gem, "env", "gempath")
410 cmd.Env = super.environ
411 buf, err := cmd.Output() // /var/lib/arvados/.gem/ruby/2.5.0/bin:...
412 if err != nil || len(buf) == 0 {
413 return fmt.Errorf("gem env gempath: %v", err)
415 gempath := string(bytes.Split(buf, []byte{':'})[0])
416 super.prependEnv("PATH", gempath+"/bin:")
417 super.setEnv("GEM_HOME", gempath)
418 super.setEnv("GEM_PATH", gempath)
420 // Passenger install doesn't work unless $HOME is ~user
421 u, err := user.Current()
425 super.setEnv("HOME", u.HomeDir)
429 func (super *Supervisor) lookPath(prog string) string {
430 for _, val := range super.environ {
431 if strings.HasPrefix(val, "PATH=") {
432 for _, dir := range filepath.SplitList(val[5:]) {
433 path := filepath.Join(dir, prog)
434 if fi, err := os.Stat(path); err == nil && fi.Mode()&0111 != 0 {
443 // RunProgram runs prog with args, using dir as working directory. If ctx is
444 // cancelled while the child is running, RunProgram terminates the child, waits
445 // for it to exit, then returns.
447 // Child's environment will have our env vars, plus any given in env.
449 // Child's stdout will be written to output if non-nil, otherwise the
450 // boot command's stderr.
451 func (super *Supervisor) RunProgram(ctx context.Context, dir string, output io.Writer, env []string, prog string, args ...string) error {
452 cmdline := fmt.Sprintf("%s", append([]string{prog}, args...))
453 super.logger.WithField("command", cmdline).WithField("dir", dir).Info("executing")
456 if logprefix == "setuidgid" && len(args) >= 2 {
459 logprefix = strings.TrimPrefix(logprefix, super.tempdir+"/bin/")
460 if logprefix == "bundle" && len(args) > 2 && args[0] == "exec" {
462 } else if logprefix == "arvados-server" && len(args) > 1 {
465 if !strings.HasPrefix(dir, "/") {
466 logprefix = dir + ": " + logprefix
469 cmd := exec.Command(super.lookPath(prog), args...)
470 stdout, err := cmd.StdoutPipe()
474 stderr, err := cmd.StderrPipe()
478 logwriter := &service.LogPrefixer{Writer: super.Stderr, Prefix: []byte("[" + logprefix + "] ")}
479 var copiers sync.WaitGroup
482 io.Copy(logwriter, stderr)
488 io.Copy(logwriter, stdout)
490 io.Copy(output, stdout)
495 if strings.HasPrefix(dir, "/") {
498 cmd.Dir = filepath.Join(super.SourcePath, dir)
500 env = append([]string(nil), env...)
501 env = append(env, super.environ...)
502 cmd.Env = dedupEnv(env)
505 defer func() { exited = true }()
508 log := ctxlog.FromContext(ctx).WithFields(logrus.Fields{"dir": dir, "cmdline": cmdline})
510 if cmd.Process == nil {
511 log.Debug("waiting for child process to start")
512 time.Sleep(time.Second / 2)
514 log.WithField("PID", cmd.Process.Pid).Debug("sending SIGTERM")
515 cmd.Process.Signal(syscall.SIGTERM)
516 time.Sleep(5 * time.Second)
520 log.WithField("PID", cmd.Process.Pid).Warn("still waiting for child process to exit 5s after SIGTERM")
532 if ctx.Err() != nil {
533 // Return "context canceled", instead of the "killed"
534 // error that was probably caused by the context being
537 } else if err != nil {
538 return fmt.Errorf("%s: error: %v", cmdline, err)
543 func (super *Supervisor) autofillConfig(cfg *arvados.Config) error {
544 cluster, err := cfg.GetCluster("")
548 usedPort := map[string]bool{}
549 nextPort := func(host string) string {
551 port, err := availablePort(host)
558 usedPort[port] = true
562 if cluster.Services.Controller.ExternalURL.Host == "" {
563 h, p, err := net.SplitHostPort(super.ControllerAddr)
573 cluster.Services.Controller.ExternalURL = arvados.URL{Scheme: "https", Host: net.JoinHostPort(h, p), Path: "/"}
575 for _, svc := range []*arvados.Service{
576 &cluster.Services.Controller,
577 &cluster.Services.DispatchCloud,
578 &cluster.Services.GitHTTP,
579 &cluster.Services.Health,
580 &cluster.Services.Keepproxy,
581 &cluster.Services.Keepstore,
582 &cluster.Services.RailsAPI,
583 &cluster.Services.WebDAV,
584 &cluster.Services.WebDAVDownload,
585 &cluster.Services.Websocket,
586 &cluster.Services.Workbench1,
588 if svc == &cluster.Services.DispatchCloud && super.ClusterType == "test" {
591 if svc.ExternalURL.Host == "" {
592 if svc == &cluster.Services.Controller ||
593 svc == &cluster.Services.GitHTTP ||
594 svc == &cluster.Services.Health ||
595 svc == &cluster.Services.Keepproxy ||
596 svc == &cluster.Services.WebDAV ||
597 svc == &cluster.Services.WebDAVDownload ||
598 svc == &cluster.Services.Workbench1 {
599 svc.ExternalURL = arvados.URL{Scheme: "https", Host: fmt.Sprintf("%s:%s", super.ListenHost, nextPort(super.ListenHost)), Path: "/"}
600 } else if svc == &cluster.Services.Websocket {
601 svc.ExternalURL = arvados.URL{Scheme: "wss", Host: fmt.Sprintf("%s:%s", super.ListenHost, nextPort(super.ListenHost)), Path: "/websocket"}
604 if len(svc.InternalURLs) == 0 {
605 svc.InternalURLs = map[arvados.URL]arvados.ServiceInstance{
606 {Scheme: "http", Host: fmt.Sprintf("%s:%s", super.ListenHost, nextPort(super.ListenHost)), Path: "/"}: {},
610 if cluster.SystemRootToken == "" {
611 cluster.SystemRootToken = randomHexString(64)
613 if cluster.ManagementToken == "" {
614 cluster.ManagementToken = randomHexString(64)
616 if cluster.Collections.BlobSigningKey == "" {
617 cluster.Collections.BlobSigningKey = randomHexString(64)
619 if cluster.Users.AnonymousUserToken == "" {
620 cluster.Users.AnonymousUserToken = randomHexString(64)
623 if super.ClusterType != "production" && cluster.Containers.DispatchPrivateKey == "" {
624 buf, err := ioutil.ReadFile(filepath.Join(super.SourcePath, "lib", "dispatchcloud", "test", "sshkey_dispatch"))
628 cluster.Containers.DispatchPrivateKey = string(buf)
630 if super.ClusterType != "production" {
631 cluster.TLS.Insecure = true
633 if super.ClusterType == "test" {
634 // Add a second keepstore process.
635 cluster.Services.Keepstore.InternalURLs[arvados.URL{Scheme: "http", Host: fmt.Sprintf("%s:%s", super.ListenHost, nextPort(super.ListenHost)), Path: "/"}] = arvados.ServiceInstance{}
637 // Create a directory-backed volume for each keepstore
639 cluster.Volumes = map[string]arvados.Volume{}
640 for url := range cluster.Services.Keepstore.InternalURLs {
641 volnum := len(cluster.Volumes)
642 datadir := fmt.Sprintf("%s/keep%d.data", super.tempdir, volnum)
643 if _, err = os.Stat(datadir + "/."); err == nil {
644 } else if !os.IsNotExist(err) {
646 } else if err = os.Mkdir(datadir, 0755); err != nil {
649 cluster.Volumes[fmt.Sprintf(cluster.ClusterID+"-nyw5e-%015d", volnum)] = arvados.Volume{
651 DriverParameters: json.RawMessage(fmt.Sprintf(`{"Root":%q}`, datadir)),
652 AccessViaHosts: map[arvados.URL]arvados.VolumeAccess{
658 if super.OwnTemporaryDatabase {
659 cluster.PostgreSQL.Connection = arvados.PostgreSQLConnection{
660 "client_encoding": "utf8",
662 "port": nextPort(super.ListenHost),
663 "dbname": "arvados_test",
665 "password": "insecure_arvados_test",
669 cfg.Clusters[cluster.ClusterID] = *cluster
673 func addrIsLocal(addr string) (bool, error) {
675 listener, err := net.Listen("tcp", addr)
679 } else if strings.Contains(err.Error(), "cannot assign requested address") {
686 func randomHexString(chars int) string {
687 b := make([]byte, chars/2)
688 _, err := rand.Read(b)
692 return fmt.Sprintf("%x", b)
695 func internalPort(svc arvados.Service) (string, error) {
696 if len(svc.InternalURLs) > 1 {
697 return "", errors.New("internalPort() doesn't work with multiple InternalURLs")
699 for u := range svc.InternalURLs {
700 if _, p, err := net.SplitHostPort(u.Host); err != nil {
704 } else if u.Scheme == "https" {
710 return "", fmt.Errorf("service has no InternalURLs")
713 func externalPort(svc arvados.Service) (string, error) {
714 if _, p, err := net.SplitHostPort(svc.ExternalURL.Host); err != nil {
718 } else if svc.ExternalURL.Scheme == "https" {
725 func availablePort(host string) (string, error) {
726 ln, err := net.Listen("tcp", net.JoinHostPort(host, "0"))
731 _, port, err := net.SplitHostPort(ln.Addr().String())
738 // Try to connect to addr until it works, then close ch. Give up if
740 func waitForConnect(ctx context.Context, addr string) error {
741 dialer := net.Dialer{Timeout: time.Second}
742 for ctx.Err() == nil {
743 conn, err := dialer.DialContext(ctx, "tcp", addr)
745 time.Sleep(time.Second / 10)
754 func copyConfig(cfg *arvados.Config) *arvados.Config {
757 err := json.NewEncoder(pw).Encode(cfg)
763 cfg2 := new(arvados.Config)
764 err := json.NewDecoder(pr).Decode(cfg2)
771 func watchConfig(ctx context.Context, logger logrus.FieldLogger, cfgPath string, prevcfg *arvados.Config, fn func()) {
772 watcher, err := fsnotify.NewWatcher()
774 logger.WithError(err).Error("fsnotify setup failed")
777 defer watcher.Close()
779 err = watcher.Add(cfgPath)
781 logger.WithError(err).Error("fsnotify watcher failed")
789 case err, ok := <-watcher.Errors:
793 logger.WithError(err).Warn("fsnotify watcher reported error")
794 case _, ok := <-watcher.Events:
798 for len(watcher.Events) > 0 {
801 loader := config.NewLoader(&bytes.Buffer{}, &logrus.Logger{Out: ioutil.Discard})
802 loader.Path = cfgPath
803 loader.SkipAPICalls = true
804 cfg, err := loader.Load()
806 logger.WithError(err).Warn("error reloading config file after change detected; ignoring new config for now")
807 } else if reflect.DeepEqual(cfg, prevcfg) {
808 logger.Debug("config file changed but is still DeepEqual to the existing config")
810 logger.Debug("config changed, notifying supervisor")