X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/05666b170533c79800bea1d472c284e23c9ec5e0..5d081c423f314060cefafc7149850ea1dcbe098a:/services/ws/router.go

diff --git a/services/ws/router.go b/services/ws/router.go
index 19f7d1878c..3f3a051d8e 100644
--- a/services/ws/router.go
+++ b/services/ws/router.go
@@ -1,7 +1,10 @@
+// Copyright (C) The Arvados Authors. All rights reserved.
+//
+// SPDX-License-Identifier: AGPL-3.0
+
 package main
 
 import (
-	"database/sql"
 	"encoding/json"
 	"io"
 	"net/http"
@@ -10,6 +13,7 @@ import (
 	"sync/atomic"
 	"time"
 
+	"git.curoverse.com/arvados.git/sdk/go/ctxlog"
 	"github.com/Sirupsen/logrus"
 	"golang.org/x/net/websocket"
 )
@@ -22,61 +26,65 @@ type wsConn interface {
 }
 
 type router struct {
-	Config         *Config
+	Config         *wsConfig
 	eventSource    eventSource
 	newPermChecker func() permChecker
 
+	handler   *handler
 	mux       *http.ServeMux
 	setupOnce sync.Once
 
 	lastReqID  int64
 	lastReqMtx sync.Mutex
 
-	status routerStatus
+	status routerDebugStatus
 }
 
-type routerStatus struct {
-	Connections int64
+type routerDebugStatus struct {
+	ReqsReceived int64
+	ReqsActive   int64
 }
 
-type Statuser interface {
-	Status() interface{}
+type debugStatuser interface {
+	DebugStatus() interface{}
 }
 
-type sessionFactory func(wsConn, chan<- interface{}, *sql.DB, permChecker) (session, error)
-
 func (rtr *router) setup() {
+	rtr.handler = &handler{
+		PingTimeout: rtr.Config.PingTimeout.Duration(),
+		QueueSize:   rtr.Config.ClientEventQueue,
+	}
 	rtr.mux = http.NewServeMux()
-	rtr.mux.Handle("/websocket", rtr.makeServer(NewSessionV0))
-	rtr.mux.Handle("/arvados/v1/events.ws", rtr.makeServer(NewSessionV1))
-	rtr.mux.HandleFunc("/status.json", rtr.serveStatus)
+	rtr.mux.Handle("/websocket", rtr.makeServer(newSessionV0))
+	rtr.mux.Handle("/arvados/v1/events.ws", rtr.makeServer(newSessionV1))
+	rtr.mux.Handle("/debug.json", rtr.jsonHandler(rtr.DebugStatus))
+	rtr.mux.Handle("/status.json", rtr.jsonHandler(rtr.Status))
+
+	health := http.NewServeMux()
+	rtr.mux.Handle("/_health/", rtr.mgmtAuth(health))
+	health.Handle("/_health/ping", rtr.jsonHandler(rtr.HealthFunc(func() error { return nil })))
+	health.Handle("/_health/db", rtr.jsonHandler(rtr.HealthFunc(rtr.eventSource.DBHealth)))
 }
 
 func (rtr *router) makeServer(newSession sessionFactory) *websocket.Server {
-	handler := &handler{
-		PingTimeout: rtr.Config.PingTimeout.Duration(),
-		QueueSize:   rtr.Config.ClientEventQueue,
-		NewSession: func(ws wsConn, sendq chan<- interface{}) (session, error) {
-			return newSession(ws, sendq, rtr.eventSource.DB(), rtr.newPermChecker())
-		},
-	}
 	return &websocket.Server{
 		Handshake: func(c *websocket.Config, r *http.Request) error {
 			return nil
 		},
 		Handler: websocket.Handler(func(ws *websocket.Conn) {
 			t0 := time.Now()
-			sink := rtr.eventSource.NewSink()
 			log := logger(ws.Request().Context())
 			log.Info("connected")
 
-			stats := handler.Handle(ws, sink.Channel())
+			stats := rtr.handler.Handle(ws, rtr.eventSource,
+				func(ws wsConn, sendq chan<- interface{}) (session, error) {
+					return newSession(ws, sendq, rtr.eventSource.DB(), rtr.newPermChecker(), &rtr.Config.Client)
+				})
 
 			log.WithFields(logrus.Fields{
-				"Elapsed": time.Now().Sub(t0).Seconds(),
-				"Stats":   stats,
+				"elapsed": time.Now().Sub(t0).Seconds(),
+				"stats":   stats,
 			}).Info("disconnect")
-			sink.Stop()
 			ws.Close()
 		}),
 	}
@@ -92,39 +100,79 @@ func (rtr *router) newReqID() string {
 	return strconv.FormatInt(id, 36)
 }
 
-func (rtr *router) Status() interface{} {
+func (rtr *router) DebugStatus() interface{} {
 	s := map[string]interface{}{
-		"Router": rtr.status,
+		"HTTP":     rtr.status,
+		"Outgoing": rtr.handler.DebugStatus(),
 	}
-	if es, ok := rtr.eventSource.(Statuser); ok {
-		s["EventSource"] = es.Status()
+	if es, ok := rtr.eventSource.(debugStatuser); ok {
+		s["EventSource"] = es.DebugStatus()
 	}
 	return s
 }
 
-func (rtr *router) serveStatus(resp http.ResponseWriter, req *http.Request) {
-	rtr.setupOnce.Do(rtr.setup)
-	logger := logger(req.Context())
-	logger.Debug("status")
-	enc := json.NewEncoder(resp)
-	err := enc.Encode(rtr.Status())
-	if err != nil {
-		logger.WithError(err).Error("status encode failed")
+var pingResponseOK = map[string]string{"health": "OK"}
+
+func (rtr *router) HealthFunc(f func() error) func() interface{} {
+	return func() interface{} {
+		err := f()
+		if err == nil {
+			return pingResponseOK
+		}
+		return map[string]string{
+			"health": "ERROR",
+			"error":  err.Error(),
+		}
+	}
+}
+
+func (rtr *router) Status() interface{} {
+	return map[string]interface{}{
+		"Clients": atomic.LoadInt64(&rtr.status.ReqsActive),
 	}
 }
 
 func (rtr *router) ServeHTTP(resp http.ResponseWriter, req *http.Request) {
 	rtr.setupOnce.Do(rtr.setup)
-	atomic.AddInt64(&rtr.status.Connections, 1)
-	defer atomic.AddInt64(&rtr.status.Connections, -1)
+	atomic.AddInt64(&rtr.status.ReqsReceived, 1)
+	atomic.AddInt64(&rtr.status.ReqsActive, 1)
+	defer atomic.AddInt64(&rtr.status.ReqsActive, -1)
 
 	logger := logger(req.Context()).
 		WithField("RequestID", rtr.newReqID())
-	ctx := contextWithLogger(req.Context(), logger)
+	ctx := ctxlog.Context(req.Context(), logger)
 	req = req.WithContext(ctx)
 	logger.WithFields(logrus.Fields{
-		"RemoteAddr":      req.RemoteAddr,
-		"X-Forwarded-For": req.Header.Get("X-Forwarded-For"),
+		"remoteAddr":      req.RemoteAddr,
+		"reqForwardedFor": req.Header.Get("X-Forwarded-For"),
 	}).Info("accept request")
 	rtr.mux.ServeHTTP(resp, req)
 }
+
+func (rtr *router) mgmtAuth(h http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if rtr.Config.ManagementToken == "" {
+			http.Error(w, "disabled", http.StatusNotFound)
+		} else if ah := r.Header.Get("Authorization"); ah == "" {
+			http.Error(w, "authorization required", http.StatusUnauthorized)
+		} else if ah != "Bearer "+rtr.Config.ManagementToken {
+			http.Error(w, "authorization error", http.StatusForbidden)
+		} else {
+			h.ServeHTTP(w, r)
+		}
+	})
+}
+
+func (rtr *router) jsonHandler(fn func() interface{}) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		logger := logger(r.Context())
+		w.Header().Set("Content-Type", "application/json")
+		enc := json.NewEncoder(w)
+		err := enc.Encode(fn())
+		if err != nil {
+			msg := "encode failed"
+			logger.WithError(err).Error(msg)
+			http.Error(w, msg, http.StatusInternalServerError)
+		}
+	})
+}