X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/7ae5533a074d80882171b33f7b659c9bcace1bd3..a3bfffe950102b82b6655b91038bba9e6b085f03:/services/ws/router.go diff --git a/services/ws/router.go b/services/ws/router.go index ba8b46bb77..3f3a051d8e 100644 --- a/services/ws/router.go +++ b/services/ws/router.go @@ -1,72 +1,178 @@ +// Copyright (C) The Arvados Authors. All rights reserved. +// +// SPDX-License-Identifier: AGPL-3.0 + package main import ( "encoding/json" - "log" + "io" "net/http" + "strconv" "sync" + "sync/atomic" "time" - "git.curoverse.com/arvados.git/sdk/go/arvados" + "git.curoverse.com/arvados.git/sdk/go/ctxlog" + "github.com/Sirupsen/logrus" "golang.org/x/net/websocket" ) +type wsConn interface { + io.ReadWriter + Request() *http.Request + SetReadDeadline(time.Time) error + SetWriteDeadline(time.Time) error +} + type router struct { - Config *Config + Config *wsConfig + eventSource eventSource + newPermChecker func() permChecker + + handler *handler + mux *http.ServeMux + setupOnce sync.Once + + lastReqID int64 + lastReqMtx sync.Mutex - eventSource eventSource - mux *http.ServeMux - setupOnce sync.Once + status routerDebugStatus } -func (rtr *router) setup() { - rtr.mux = http.NewServeMux() - rtr.mux.Handle("/websocket", rtr.makeServer(NewSessionV0)) - rtr.mux.Handle("/arvados/v1/events.ws", rtr.makeServer(NewSessionV1)) +type routerDebugStatus struct { + ReqsReceived int64 + ReqsActive int64 +} + +type debugStatuser interface { + DebugStatus() interface{} } -func (rtr *router) makeServer(newSession func(wsConn, arvados.Client) (session, error)) *websocket.Server { - handler := &handler{ - Client: rtr.Config.Client, +func (rtr *router) setup() { + rtr.handler = &handler{ PingTimeout: rtr.Config.PingTimeout.Duration(), QueueSize: rtr.Config.ClientEventQueue, - NewSession: newSession, } + rtr.mux = http.NewServeMux() + rtr.mux.Handle("/websocket", rtr.makeServer(newSessionV0)) + rtr.mux.Handle("/arvados/v1/events.ws", rtr.makeServer(newSessionV1)) + rtr.mux.Handle("/debug.json", rtr.jsonHandler(rtr.DebugStatus)) + rtr.mux.Handle("/status.json", rtr.jsonHandler(rtr.Status)) + + health := http.NewServeMux() + rtr.mux.Handle("/_health/", rtr.mgmtAuth(health)) + health.Handle("/_health/ping", rtr.jsonHandler(rtr.HealthFunc(func() error { return nil }))) + health.Handle("/_health/db", rtr.jsonHandler(rtr.HealthFunc(rtr.eventSource.DBHealth))) +} + +func (rtr *router) makeServer(newSession sessionFactory) *websocket.Server { return &websocket.Server{ Handshake: func(c *websocket.Config, r *http.Request) error { return nil }, Handler: websocket.Handler(func(ws *websocket.Conn) { - logj("Type", "connect", - "RemoteAddr", ws.Request().RemoteAddr) t0 := time.Now() + log := logger(ws.Request().Context()) + log.Info("connected") - sink := rtr.eventSource.NewSink() - stats := handler.Handle(ws, sink.Channel()) - - logj("Type", "disconnect", - "RemoteAddr", ws.Request().RemoteAddr, - "Elapsed", time.Now().Sub(t0).Seconds(), - "Stats", stats) + stats := rtr.handler.Handle(ws, rtr.eventSource, + func(ws wsConn, sendq chan<- interface{}) (session, error) { + return newSession(ws, sendq, rtr.eventSource.DB(), rtr.newPermChecker(), &rtr.Config.Client) + }) - sink.Stop() + log.WithFields(logrus.Fields{ + "elapsed": time.Now().Sub(t0).Seconds(), + "stats": stats, + }).Info("disconnect") ws.Close() }), } } +func (rtr *router) newReqID() string { + rtr.lastReqMtx.Lock() + defer rtr.lastReqMtx.Unlock() + id := time.Now().UnixNano() + if id <= rtr.lastReqID { + id = rtr.lastReqID + 1 + } + return strconv.FormatInt(id, 36) +} + +func (rtr *router) DebugStatus() interface{} { + s := map[string]interface{}{ + "HTTP": rtr.status, + "Outgoing": rtr.handler.DebugStatus(), + } + if es, ok := rtr.eventSource.(debugStatuser); ok { + s["EventSource"] = es.DebugStatus() + } + return s +} + +var pingResponseOK = map[string]string{"health": "OK"} + +func (rtr *router) HealthFunc(f func() error) func() interface{} { + return func() interface{} { + err := f() + if err == nil { + return pingResponseOK + } + return map[string]string{ + "health": "ERROR", + "error": err.Error(), + } + } +} + +func (rtr *router) Status() interface{} { + return map[string]interface{}{ + "Clients": atomic.LoadInt64(&rtr.status.ReqsActive), + } +} + func (rtr *router) ServeHTTP(resp http.ResponseWriter, req *http.Request) { rtr.setupOnce.Do(rtr.setup) - logj("Type", "request", - "RemoteAddr", req.RemoteAddr, - "X-Forwarded-For", req.Header.Get("X-Forwarded-For")) + atomic.AddInt64(&rtr.status.ReqsReceived, 1) + atomic.AddInt64(&rtr.status.ReqsActive, 1) + defer atomic.AddInt64(&rtr.status.ReqsActive, -1) + + logger := logger(req.Context()). + WithField("RequestID", rtr.newReqID()) + ctx := ctxlog.Context(req.Context(), logger) + req = req.WithContext(ctx) + logger.WithFields(logrus.Fields{ + "remoteAddr": req.RemoteAddr, + "reqForwardedFor": req.Header.Get("X-Forwarded-For"), + }).Info("accept request") rtr.mux.ServeHTTP(resp, req) } -func reqLog(m map[string]interface{}) { - j, err := json.Marshal(m) - if err != nil { - log.Fatal(err) - } - log.Print(string(j)) +func (rtr *router) mgmtAuth(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if rtr.Config.ManagementToken == "" { + http.Error(w, "disabled", http.StatusNotFound) + } else if ah := r.Header.Get("Authorization"); ah == "" { + http.Error(w, "authorization required", http.StatusUnauthorized) + } else if ah != "Bearer "+rtr.Config.ManagementToken { + http.Error(w, "authorization error", http.StatusForbidden) + } else { + h.ServeHTTP(w, r) + } + }) +} + +func (rtr *router) jsonHandler(fn func() interface{}) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + logger := logger(r.Context()) + w.Header().Set("Content-Type", "application/json") + enc := json.NewEncoder(w) + err := enc.Encode(fn()) + if err != nil { + msg := "encode failed" + logger.WithError(err).Error(msg) + http.Error(w, msg, http.StatusInternalServerError) + } + }) }