X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/8805632994d42c0e3b31fd5ac010d916cac12de1..a1819526b85ce37c7d3ae421c2f5329c1c245c7f:/services/keepstore/handlers.go

diff --git a/services/keepstore/handlers.go b/services/keepstore/handlers.go
index f120f05dc4..3898b55b61 100644
--- a/services/keepstore/handlers.go
+++ b/services/keepstore/handlers.go
@@ -8,7 +8,6 @@ package main
 // StatusHandler   (GET /status.json)
 
 import (
-	"bufio"
 	"bytes"
 	"container/list"
 	"crypto/md5"
@@ -20,9 +19,7 @@ import (
 	"net/http"
 	"os"
 	"regexp"
-	"runtime"
 	"strconv"
-	"strings"
 	"syscall"
 	"time"
 )
@@ -41,35 +38,19 @@ func MakeRESTRouter() *mux.Router {
 
 	rest.HandleFunc(`/{hash:[0-9a-f]{32}}`, PutBlockHandler).Methods("PUT")
 	rest.HandleFunc(`/{hash:[0-9a-f]{32}}`, DeleteHandler).Methods("DELETE")
-
-	// For IndexHandler we support:
-	//   /index           - returns all locators
-	//   /index/{prefix}  - returns all locators that begin with {prefix}
-	//      {prefix} is a string of hexadecimal digits between 0 and 32 digits.
-	//      If {prefix} is the empty string, return an index of all locators
-	//      (so /index and /index/ behave identically)
-	//      A client may supply a full 32-digit locator string, in which
-	//      case the server will return an index with either zero or one
-	//      entries. This usage allows a client to check whether a block is
-	//      present, and its size and upload time, without retrieving the
-	//      entire block.
-	//
+	// List all blocks stored here. Privileged client only.
 	rest.HandleFunc(`/index`, IndexHandler).Methods("GET", "HEAD")
-	rest.HandleFunc(
-		`/index/{prefix:[0-9a-f]{0,32}}`, IndexHandler).Methods("GET", "HEAD")
+	// List blocks stored here whose hash has the given prefix.
+	// Privileged client only.
+	rest.HandleFunc(`/index/{prefix:[0-9a-f]{0,32}}`, IndexHandler).Methods("GET", "HEAD")
+
+	// List volumes: path, device number, bytes used/avail.
 	rest.HandleFunc(`/status.json`, StatusHandler).Methods("GET", "HEAD")
 
-	// The PullHandler and TrashHandler process "PUT /pull" and "PUT
-	// /trash" requests from Data Manager.  These requests instruct
-	// Keep to replicate or delete blocks; see
-	// https://arvados.org/projects/arvados/wiki/Keep_Design_Doc
-	// for more details.
-	//
-	// Each handler parses the JSON list of block management requests
-	// in the message body, and replaces any existing pull queue or
-	// trash queue with their contentes.
-	//
+	// Replace the current pull queue.
 	rest.HandleFunc(`/pull`, PullHandler).Methods("PUT")
+
+	// Replace the current trash queue.
 	rest.HandleFunc(`/trash`, TrashHandler).Methods("PUT")
 
 	// Any request which does not match any of these routes gets
@@ -83,143 +64,77 @@ func BadRequestHandler(w http.ResponseWriter, r *http.Request) {
 	http.Error(w, BadRequestError.Error(), BadRequestError.HTTPCode)
 }
 
-// FindKeepVolumes scans all mounted volumes on the system for Keep
-// volumes, and returns a list of matching paths.
-//
-// A device is assumed to be a Keep volume if it is a normal or tmpfs
-// volume and has a "/keep" directory directly underneath the mount
-// point.
-//
-func FindKeepVolumes() []string {
-	vols := make([]string, 0)
-
-	if f, err := os.Open(PROC_MOUNTS); err != nil {
-		log.Fatalf("opening %s: %s\n", PROC_MOUNTS, err)
-	} else {
-		scanner := bufio.NewScanner(f)
-		for scanner.Scan() {
-			args := strings.Fields(scanner.Text())
-			dev, mount := args[0], args[1]
-			if mount != "/" &&
-				(dev == "tmpfs" || strings.HasPrefix(dev, "/dev/")) {
-				keep := mount + "/keep"
-				if st, err := os.Stat(keep); err == nil && st.IsDir() {
-					vols = append(vols, keep)
-				}
-			}
-		}
-		if err := scanner.Err(); err != nil {
-			log.Fatal(err)
-		}
-	}
-	return vols
-}
-
 func GetBlockHandler(resp http.ResponseWriter, req *http.Request) {
-	hash := mux.Vars(req)["hash"]
-
-	hints := mux.Vars(req)["hints"]
-
-	// Parse the locator string and hints from the request.
-	// TODO(twp): implement a Locator type.
-	var signature, timestamp string
-	if hints != "" {
-		signature_pat, _ := regexp.Compile("^A([[:xdigit:]]+)@([[:xdigit:]]{8})$")
-		for _, hint := range strings.Split(hints, "+") {
-			if match, _ := regexp.MatchString("^[[:digit:]]+$", hint); match {
-				// Server ignores size hints
-			} else if m := signature_pat.FindStringSubmatch(hint); m != nil {
-				signature = m[1]
-				timestamp = m[2]
-			} else if match, _ := regexp.MatchString("^[[:upper:]]", hint); match {
-				// Any unknown hint that starts with an uppercase letter is
-				// presumed to be valid and ignored, to permit forward compatibility.
-			} else {
-				// Unknown format; not a valid locator.
-				http.Error(resp, BadRequestError.Error(), BadRequestError.HTTPCode)
-				return
-			}
-		}
-	}
-
-	// If permission checking is in effect, verify this
-	// request's permission signature.
 	if enforce_permissions {
-		if signature == "" || timestamp == "" {
-			http.Error(resp, PermissionError.Error(), PermissionError.HTTPCode)
+		locator := req.URL.Path[1:] // strip leading slash
+		if err := VerifySignature(locator, GetApiToken(req)); err != nil {
+			http.Error(resp, err.Error(), err.(*KeepError).HTTPCode)
 			return
-		} else if IsExpired(timestamp) {
-			http.Error(resp, ExpiredError.Error(), ExpiredError.HTTPCode)
-			return
-		} else {
-			req_locator := req.URL.Path[1:] // strip leading slash
-			if !VerifySignature(req_locator, GetApiToken(req)) {
-				http.Error(resp, PermissionError.Error(), PermissionError.HTTPCode)
-				return
-			}
 		}
 	}
 
-	block, err := GetBlock(hash, false)
-
-	// Garbage collect after each GET. Fixes #2865.
-	// TODO(twp): review Keep memory usage and see if there's
-	// a better way to do this than blindly garbage collecting
-	// after every block.
-	defer runtime.GC()
-
+	block, err := GetBlock(mux.Vars(req)["hash"], false)
 	if err != nil {
 		// This type assertion is safe because the only errors
 		// GetBlock can return are DiskHashError or NotFoundError.
 		http.Error(resp, err.Error(), err.(*KeepError).HTTPCode)
 		return
 	}
+	defer bufs.Put(block)
 
-	resp.Header().Set("Content-Length", fmt.Sprintf("%d", len(block)))
-
-	_, err = resp.Write(block)
-
-	return
+	resp.Header().Set("Content-Length", strconv.Itoa(len(block)))
+	resp.Header().Set("Content-Type", "application/octet-stream")
+	resp.Write(block)
 }
 
 func PutBlockHandler(resp http.ResponseWriter, req *http.Request) {
-	// Garbage collect after each PUT. Fixes #2865.
-	// See also GetBlockHandler.
-	defer runtime.GC()
-
 	hash := mux.Vars(req)["hash"]
 
-	// Read the block data to be stored.
-	// If the request exceeds BLOCKSIZE bytes, issue a HTTP 500 error.
-	//
+	// Detect as many error conditions as possible before reading
+	// the body: avoid transmitting data that will not end up
+	// being written anyway.
+
+	if req.ContentLength == -1 {
+		http.Error(resp, SizeRequiredError.Error(), SizeRequiredError.HTTPCode)
+		return
+	}
+
 	if req.ContentLength > BLOCKSIZE {
 		http.Error(resp, TooLongError.Error(), TooLongError.HTTPCode)
 		return
 	}
 
-	buf := make([]byte, req.ContentLength)
-	nread, err := io.ReadFull(req.Body, buf)
+	if len(KeepVM.AllWritable()) == 0 {
+		http.Error(resp, FullError.Error(), FullError.HTTPCode)
+		return
+	}
+
+	buf := bufs.Get(int(req.ContentLength))
+	_, err := io.ReadFull(req.Body, buf)
 	if err != nil {
 		http.Error(resp, err.Error(), 500)
-	} else if int64(nread) < req.ContentLength {
-		http.Error(resp, "request truncated", 500)
-	} else {
-		if err := PutBlock(buf, hash); err == nil {
-			// Success; add a size hint, sign the locator if
-			// possible, and return it to the client.
-			return_hash := fmt.Sprintf("%s+%d", hash, len(buf))
-			api_token := GetApiToken(req)
-			if PermissionSecret != nil && api_token != "" {
-				expiry := time.Now().Add(permission_ttl)
-				return_hash = SignLocator(return_hash, api_token, expiry)
-			}
-			resp.Write([]byte(return_hash + "\n"))
-		} else {
-			ke := err.(*KeepError)
-			http.Error(resp, ke.Error(), ke.HTTPCode)
-		}
+		bufs.Put(buf)
+		return
+	}
+
+	err = PutBlock(buf, hash)
+	bufs.Put(buf)
+
+	if err != nil {
+		ke := err.(*KeepError)
+		http.Error(resp, ke.Error(), ke.HTTPCode)
+		return
+	}
+
+	// Success; add a size hint, sign the locator if possible, and
+	// return it to the client.
+	return_hash := fmt.Sprintf("%s+%d", hash, req.ContentLength)
+	api_token := GetApiToken(req)
+	if PermissionSecret != nil && api_token != "" {
+		expiry := time.Now().Add(blob_signature_ttl)
+		return_hash = SignLocator(return_hash, api_token, expiry)
 	}
-	return
+	resp.Write([]byte(return_hash + "\n"))
 }
 
 // IndexHandler
@@ -234,11 +149,21 @@ func IndexHandler(resp http.ResponseWriter, req *http.Request) {
 
 	prefix := mux.Vars(req)["prefix"]
 
-	var index string
-	for _, vol := range KeepVM.Volumes() {
-		index = index + vol.Index(prefix)
+	for _, vol := range KeepVM.AllReadable() {
+		if err := vol.IndexTo(prefix, resp); err != nil {
+			// The only errors returned by IndexTo are
+			// write errors returned by resp.Write(),
+			// which probably means the client has
+			// disconnected and this error will never be
+			// reported to the client -- but it will
+			// appear in our own error log.
+			http.Error(resp, err.Error(), http.StatusInternalServerError)
+			return
+		}
 	}
-	resp.Write([]byte(index))
+	// An empty line at EOF is the only way the client can be
+	// assured the entire index was received.
+	resp.Write([]byte{'\n'})
 }
 
 // StatusHandler
@@ -282,8 +207,8 @@ func StatusHandler(resp http.ResponseWriter, req *http.Request) {
 func GetNodeStatus() *NodeStatus {
 	st := new(NodeStatus)
 
-	st.Volumes = make([]*VolumeStatus, len(KeepVM.Volumes()))
-	for i, vol := range KeepVM.Volumes() {
+	st.Volumes = make([]*VolumeStatus, len(KeepVM.AllReadable()))
+	for i, vol := range KeepVM.AllReadable() {
 		st.Volumes[i] = vol.Status()
 	}
 	return st
@@ -358,14 +283,14 @@ func DeleteHandler(resp http.ResponseWriter, req *http.Request) {
 		return
 	}
 
-	// Delete copies of this block from all available volumes.  Report
-	// how many blocks were successfully and unsuccessfully
-	// deleted.
+	// Delete copies of this block from all available volumes.
+	// Report how many blocks were successfully deleted, and how
+	// many were found on writable volumes but not deleted.
 	var result struct {
 		Deleted int `json:"copies_deleted"`
 		Failed  int `json:"copies_failed"`
 	}
-	for _, vol := range KeepVM.Volumes() {
+	for _, vol := range KeepVM.AllWritable() {
 		if err := vol.Delete(hash); err == nil {
 			result.Deleted++
 		} else if os.IsNotExist(err) {
@@ -445,7 +370,7 @@ func PullHandler(resp http.ResponseWriter, req *http.Request) {
 	var pr []PullRequest
 	r := json.NewDecoder(req.Body)
 	if err := r.Decode(&pr); err != nil {
-		http.Error(resp, BadRequestError.Error(), BadRequestError.HTTPCode)
+		http.Error(resp, err.Error(), BadRequestError.HTTPCode)
 		return
 	}
 
@@ -479,7 +404,7 @@ func TrashHandler(resp http.ResponseWriter, req *http.Request) {
 	var trash []TrashRequest
 	r := json.NewDecoder(req.Body)
 	if err := r.Decode(&trash); err != nil {
-		http.Error(resp, BadRequestError.Error(), BadRequestError.HTTPCode)
+		http.Error(resp, err.Error(), BadRequestError.HTTPCode)
 		return
 	}
 
@@ -528,52 +453,56 @@ func GetBlock(hash string, update_timestamp bool) ([]byte, error) {
 	// Attempt to read the requested hash from a keep volume.
 	error_to_caller := NotFoundError
 
-	for _, vol := range KeepVM.Volumes() {
-		if buf, err := vol.Get(hash); err != nil {
-			// IsNotExist is an expected error and may be ignored.
-			// (If all volumes report IsNotExist, we return a NotFoundError)
-			// All other errors should be logged but we continue trying to
-			// read.
-			switch {
-			case os.IsNotExist(err):
-				continue
-			default:
+	var vols []Volume
+	if update_timestamp {
+		// Pointless to find the block on an unwritable volume
+		// because Touch() will fail -- this is as good as
+		// "not found" for purposes of callers who need to
+		// update_timestamp.
+		vols = KeepVM.AllWritable()
+	} else {
+		vols = KeepVM.AllReadable()
+	}
+
+	for _, vol := range vols {
+		buf, err := vol.Get(hash)
+		if err != nil {
+			// IsNotExist is an expected error and may be
+			// ignored. All other errors are logged. In
+			// any case we continue trying to read other
+			// volumes. If all volumes report IsNotExist,
+			// we return a NotFoundError.
+			if !os.IsNotExist(err) {
 				log.Printf("GetBlock: reading %s: %s\n", hash, err)
 			}
-		} else {
-			// Double check the file checksum.
-			//
-			filehash := fmt.Sprintf("%x", md5.Sum(buf))
-			if filehash != hash {
-				// TODO(twp): this condition probably represents a bad disk and
-				// should raise major alarm bells for an administrator: e.g.
-				// they should be sent directly to an event manager at high
-				// priority or logged as urgent problems.
-				//
-				log.Printf("%s: checksum mismatch for request %s (actual %s)\n",
-					vol, hash, filehash)
-				error_to_caller = DiskHashError
-			} else {
-				// Success!
-				if error_to_caller != NotFoundError {
-					log.Printf("%s: checksum mismatch for request %s but a good copy was found on another volume and returned\n",
-						vol, hash)
-				}
-				// Update the timestamp if the caller requested.
-				// If we could not update the timestamp, continue looking on
-				// other volumes.
-				if update_timestamp {
-					if vol.Touch(hash) != nil {
-						continue
-					}
-				}
-				return buf, nil
+			continue
+		}
+		// Check the file checksum.
+		//
+		filehash := fmt.Sprintf("%x", md5.Sum(buf))
+		if filehash != hash {
+			// TODO: Try harder to tell a sysadmin about
+			// this.
+			log.Printf("%s: checksum mismatch for request %s (actual %s)\n",
+				vol, hash, filehash)
+			error_to_caller = DiskHashError
+			bufs.Put(buf)
+			continue
+		}
+		if error_to_caller == DiskHashError {
+			log.Printf("%s: checksum mismatch for request %s but a good copy was found on another volume and returned",
+				vol, hash)
+		}
+		if update_timestamp {
+			if err := vol.Touch(hash); err != nil {
+				error_to_caller = GenericError
+				log.Printf("%s: Touch %s failed: %s",
+					vol, hash, error_to_caller)
+				bufs.Put(buf)
+				continue
 			}
 		}
-	}
-
-	if error_to_caller != NotFoundError {
-		log.Printf("%s: checksum mismatch, no good copy found\n", hash)
+		return buf, nil
 	}
 	return nil, error_to_caller
 }
@@ -620,6 +549,7 @@ func PutBlock(block []byte, hash string) error {
 	// so there is nothing special to do if err != nil.
 	//
 	if oldblock, err := GetBlock(hash, true); err == nil {
+		defer bufs.Put(oldblock)
 		if bytes.Compare(block, oldblock) == 0 {
 			// The block already exists; return success.
 			return nil
@@ -630,56 +560,61 @@ func PutBlock(block []byte, hash string) error {
 
 	// Choose a Keep volume to write to.
 	// If this volume fails, try all of the volumes in order.
-	vol := KeepVM.Choose()
-	if err := vol.Put(hash, block); err == nil {
-		return nil // success!
-	} else {
-		allFull := true
-		for _, vol := range KeepVM.Volumes() {
-			err := vol.Put(hash, block)
-			if err == nil {
-				return nil // success!
-			}
-			if err != FullError {
-				// The volume is not full but the write did not succeed.
-				// Report the error and continue trying.
-				allFull = false
-				log.Printf("%s: Write(%s): %s\n", vol, hash, err)
-			}
+	if vol := KeepVM.NextWritable(); vol != nil {
+		if err := vol.Put(hash, block); err == nil {
+			return nil // success!
 		}
+	}
 
-		if allFull {
-			log.Printf("all Keep volumes full")
-			return FullError
-		} else {
-			log.Printf("all Keep volumes failed")
-			return GenericError
+	writables := KeepVM.AllWritable()
+	if len(writables) == 0 {
+		log.Print("No writable volumes.")
+		return FullError
+	}
+
+	allFull := true
+	for _, vol := range writables {
+		err := vol.Put(hash, block)
+		if err == nil {
+			return nil // success!
+		}
+		if err != FullError {
+			// The volume is not full but the
+			// write did not succeed.  Report the
+			// error and continue trying.
+			allFull = false
+			log.Printf("%s: Write(%s): %s\n", vol, hash, err)
 		}
 	}
+
+	if allFull {
+		log.Print("All volumes are full.")
+		return FullError
+	} else {
+		// Already logged the non-full errors.
+		return GenericError
+	}
 }
 
+var validLocatorRe = regexp.MustCompile(`^[0-9a-f]{32}$`)
+
 // IsValidLocator
 //     Return true if the specified string is a valid Keep locator.
 //     When Keep is extended to support hash types other than MD5,
 //     this should be updated to cover those as well.
 //
 func IsValidLocator(loc string) bool {
-	match, err := regexp.MatchString(`^[0-9a-f]{32}$`, loc)
-	if err == nil {
-		return match
-	}
-	log.Printf("IsValidLocator: %s\n", err)
-	return false
+	return validLocatorRe.MatchString(loc)
 }
 
+var authRe = regexp.MustCompile(`^OAuth2\s+(.*)`)
+
 // GetApiToken returns the OAuth2 token from the Authorization
 // header of a HTTP request, or an empty string if no matching
 // token is found.
 func GetApiToken(req *http.Request) string {
 	if auth, ok := req.Header["Authorization"]; ok {
-		if pat, err := regexp.Compile(`^OAuth2\s+(.*)`); err != nil {
-			log.Println(err)
-		} else if match := pat.FindStringSubmatch(auth[0]); match != nil {
+		if match := authRe.FindStringSubmatch(auth[0]); match != nil {
 			return match[1]
 		}
 	}