2022-10-16 20:17:24 +00:00
|
|
|
package garage
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"context"
|
|
|
|
"encoding/json"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
2024-11-19 13:12:17 +00:00
|
|
|
"isle/toolkit"
|
2022-10-16 20:17:24 +00:00
|
|
|
"net/http"
|
2024-11-05 21:31:57 +00:00
|
|
|
"net/netip"
|
2022-11-05 14:23:29 +00:00
|
|
|
"time"
|
2022-11-13 15:45:42 +00:00
|
|
|
|
2024-06-22 15:49:56 +00:00
|
|
|
"dev.mediocregopher.com/mediocre-go-lib.git/mctx"
|
|
|
|
"dev.mediocregopher.com/mediocre-go-lib.git/mlog"
|
2022-10-16 20:17:24 +00:00
|
|
|
)
|
|
|
|
|
2024-06-12 08:53:06 +00:00
|
|
|
// BucketID is a unique identifier for a bucket in garage. It is different than
|
|
|
|
// the bucket's alias, since a bucket may have multiple aliases.
|
|
|
|
type BucketID string
|
|
|
|
|
|
|
|
// BucketPermission describes a permission an S3APICredentials may have when
|
|
|
|
// interacting with a bucket.
|
|
|
|
type BucketPermission string
|
|
|
|
|
|
|
|
// Enumeration of BucketPermissions.
|
|
|
|
const (
|
|
|
|
BucketPermissionRead BucketPermission = "read"
|
|
|
|
BucketPermissionWrite BucketPermission = "write"
|
|
|
|
BucketPermissionOwner BucketPermission = "owner"
|
|
|
|
)
|
|
|
|
|
2024-11-05 20:25:04 +00:00
|
|
|
// Bucket defines a bucket which has been created in a cluster
|
|
|
|
type Bucket struct {
|
|
|
|
ID BucketID `json:"id"`
|
|
|
|
GlobalAliases []string `json:"globalAliases"`
|
|
|
|
}
|
|
|
|
|
2024-06-12 08:53:06 +00:00
|
|
|
// AdminClientError gets returned from AdminClient Do methods for non-200
|
2022-10-25 19:15:09 +00:00
|
|
|
// errors.
|
|
|
|
type AdminClientError struct {
|
|
|
|
StatusCode int
|
|
|
|
Body []byte
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e AdminClientError) Error() string {
|
|
|
|
return fmt.Sprintf("%d response from admin: %q", e.StatusCode, e.Body)
|
|
|
|
}
|
|
|
|
|
2022-10-16 20:17:24 +00:00
|
|
|
// AdminClient is a helper type for performing actions against the garage admin
|
|
|
|
// interface.
|
|
|
|
type AdminClient struct {
|
2024-06-12 08:53:06 +00:00
|
|
|
logger *mlog.Logger
|
2024-11-19 13:12:17 +00:00
|
|
|
c toolkit.HTTPClient
|
2022-10-16 20:17:24 +00:00
|
|
|
addr string
|
|
|
|
adminToken string
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewAdminClient initializes and returns an AdminClient which will use the
|
|
|
|
// given address and adminToken for all requests made.
|
2022-11-13 15:45:42 +00:00
|
|
|
//
|
|
|
|
// If Logger is nil then logs will be suppressed.
|
2024-11-19 13:12:17 +00:00
|
|
|
func NewAdminClient(
|
|
|
|
logger *mlog.Logger,
|
|
|
|
addr, adminToken string,
|
|
|
|
) *AdminClient {
|
|
|
|
httpClient := toolkit.NewHTTPClient(logger.WithNamespace("http"))
|
2022-10-16 20:17:24 +00:00
|
|
|
return &AdminClient{
|
2024-11-19 13:12:17 +00:00
|
|
|
logger: logger,
|
|
|
|
c: httpClient,
|
2022-10-16 20:17:24 +00:00
|
|
|
addr: addr,
|
|
|
|
adminToken: adminToken,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-10-07 19:12:47 +00:00
|
|
|
// Close cleans up all resources held by the lient.
|
|
|
|
func (c *AdminClient) Close() error {
|
2024-11-19 13:12:17 +00:00
|
|
|
return c.c.Close()
|
2024-10-07 19:12:47 +00:00
|
|
|
}
|
|
|
|
|
2024-06-12 08:53:06 +00:00
|
|
|
// do performs an HTTP request with the given method (GET, POST) and path, and
|
2022-10-16 20:17:24 +00:00
|
|
|
// using the json marshaling of the given body as the request body (unless body
|
|
|
|
// is nil). It will JSON unmarshal the response into rcv, unless rcv is nil.
|
2024-06-12 08:53:06 +00:00
|
|
|
func (c *AdminClient) do(
|
|
|
|
ctx context.Context, rcv any, method, path string, body any,
|
2022-10-16 20:17:24 +00:00
|
|
|
) error {
|
|
|
|
var bodyR io.Reader
|
|
|
|
|
|
|
|
if body != nil {
|
|
|
|
bodyBuf := new(bytes.Buffer)
|
|
|
|
bodyR = bodyBuf
|
|
|
|
|
|
|
|
if err := json.NewEncoder(bodyBuf).Encode(body); err != nil {
|
|
|
|
return fmt.Errorf("json marshaling body: %w", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
urlStr := fmt.Sprintf("http://%s%s", c.addr, path)
|
|
|
|
|
|
|
|
req, err := http.NewRequestWithContext(ctx, method, urlStr, bodyR)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("initializing request: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
req.Header.Set("Authorization", "Bearer "+c.adminToken)
|
|
|
|
|
|
|
|
res, err := c.c.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("performing http request: %w", err)
|
|
|
|
}
|
|
|
|
defer res.Body.Close()
|
|
|
|
|
2022-11-22 11:51:21 +00:00
|
|
|
if res.StatusCode >= 300 {
|
2022-10-25 19:15:09 +00:00
|
|
|
body, _ := io.ReadAll(res.Body)
|
|
|
|
return AdminClientError{
|
|
|
|
StatusCode: res.StatusCode,
|
|
|
|
Body: body,
|
|
|
|
}
|
2022-10-16 20:17:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if rcv == nil {
|
|
|
|
if _, err := io.Copy(io.Discard, res.Body); err != nil {
|
|
|
|
return fmt.Errorf("discarding response body: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := json.NewDecoder(res.Body).Decode(rcv); err != nil {
|
|
|
|
return fmt.Errorf("decoding json response body: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2022-10-16 20:17:26 +00:00
|
|
|
|
2024-11-05 21:31:57 +00:00
|
|
|
// KnownNode describes the fields of a known node in the cluster, as returned
|
|
|
|
// as part of [ClusterStatus].
|
|
|
|
type KnownNode struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
Role *Role `json:"role"`
|
|
|
|
Addr netip.AddrPort `json:"addr"`
|
|
|
|
IsUp bool `json:"isUp"`
|
|
|
|
LastSeenSecsAgo int `json:"lastSeenSecsAgo"`
|
|
|
|
HostName string `json:"hostname"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// Role descibes a node's role in the garage cluster, i.e. what storage it is
|
|
|
|
// providing.
|
|
|
|
type Role struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
Capacity int `json:"capacity"` // Gb (SI units)
|
|
|
|
Zone string `json:"zone"`
|
|
|
|
Tags []string `json:"tags"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// ClusterLayout describes the layout of the cluster as a whole.
|
|
|
|
type ClusterLayout struct {
|
|
|
|
Version int `json:"version"`
|
|
|
|
Roles []Role `json:"roles"`
|
|
|
|
StagedRoleChanges []Role `json:"stagedRoleChanges"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// ClusterStatus is returned from the Status endpoint, describing the currently
|
|
|
|
// known state of the cluster.
|
|
|
|
type ClusterStatus struct {
|
2025-01-01 11:38:16 +00:00
|
|
|
LayoutVersion int `json:"layoutVersion"`
|
|
|
|
Nodes []KnownNode `json:"nodes"`
|
2024-11-05 21:31:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Status returns the current state of the cluster.
|
|
|
|
func (c *AdminClient) Status(ctx context.Context) (ClusterStatus, error) {
|
|
|
|
// https://garagehq.deuxfleurs.fr/api/garage-admin-v1.html#tag/Nodes/operation/GetNodes
|
|
|
|
var clusterStatus ClusterStatus
|
|
|
|
err := c.do(ctx, &clusterStatus, "GET", "/v1/status", nil)
|
|
|
|
return clusterStatus, err
|
|
|
|
}
|
|
|
|
|
2022-10-16 20:17:26 +00:00
|
|
|
// Wait will block until the instance connected to can see at least
|
2024-10-31 12:13:17 +00:00
|
|
|
// ReplicationFactor other garage instances. If the context is canceled it
|
2022-10-16 20:17:26 +00:00
|
|
|
// will return the context error.
|
2025-01-01 11:38:16 +00:00
|
|
|
func (c *AdminClient) Wait(
|
|
|
|
ctx context.Context, clusterAlreadyInitialized bool,
|
|
|
|
) error {
|
|
|
|
c.logger.Info(ctx, "Waiting for instance to connect to other instances")
|
|
|
|
err := toolkit.UntilTrue(
|
|
|
|
ctx,
|
|
|
|
c.logger,
|
|
|
|
2*time.Second,
|
|
|
|
func() (bool, error) {
|
|
|
|
clusterStatus, err := c.Status(ctx)
|
|
|
|
if ctxErr := ctx.Err(); ctxErr != nil {
|
|
|
|
return false, ctxErr
|
|
|
|
|
|
|
|
} else if err != nil {
|
|
|
|
ctx := mctx.Annotate(ctx, "errMsg", err.Error())
|
|
|
|
c.logger.Info(ctx, "Instance is not online yet")
|
|
|
|
return false, nil
|
2024-11-05 21:31:57 +00:00
|
|
|
}
|
2022-10-16 20:17:26 +00:00
|
|
|
|
2025-01-01 11:38:16 +00:00
|
|
|
var numUp int
|
|
|
|
|
|
|
|
for _, node := range clusterStatus.Nodes {
|
|
|
|
// There seems to be some kind of step between IsUp becoming
|
|
|
|
// true and garage actually loading the full state of a node, so
|
|
|
|
// we check for the HostName as well. We could also use
|
|
|
|
// LastSeenSecsAgo, but that remains null for the node being
|
|
|
|
// queried so it's more annoying to use.
|
|
|
|
if node.IsUp && node.HostName != "" {
|
|
|
|
numUp++
|
|
|
|
}
|
|
|
|
}
|
2022-10-16 20:17:26 +00:00
|
|
|
|
2025-01-01 11:38:16 +00:00
|
|
|
ctx := mctx.Annotate(ctx,
|
|
|
|
"layoutVersion", clusterStatus.LayoutVersion,
|
|
|
|
"numNodes", len(clusterStatus.Nodes),
|
|
|
|
"numUp", numUp,
|
|
|
|
)
|
2022-10-16 20:17:26 +00:00
|
|
|
|
2025-01-01 11:38:16 +00:00
|
|
|
if clusterAlreadyInitialized && clusterStatus.LayoutVersion == 0 {
|
|
|
|
c.logger.Info(ctx, "Cluster layout has not yet propagated")
|
|
|
|
return false, nil
|
2022-10-16 20:17:26 +00:00
|
|
|
}
|
|
|
|
|
2025-01-01 11:38:16 +00:00
|
|
|
if numUp < ReplicationFactor {
|
|
|
|
c.logger.Info(ctx, "Not enough other instances in the cluster are seen as 'up'")
|
|
|
|
return false, nil
|
|
|
|
}
|
2022-11-16 16:25:55 +00:00
|
|
|
|
2025-01-01 11:38:16 +00:00
|
|
|
return true, nil
|
|
|
|
},
|
|
|
|
)
|
2022-11-05 14:23:29 +00:00
|
|
|
|
2025-01-01 11:38:16 +00:00
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("waiting for cluster status: %w", err)
|
2022-10-16 20:17:26 +00:00
|
|
|
}
|
2025-01-01 11:38:16 +00:00
|
|
|
|
|
|
|
return err
|
2022-10-16 20:17:26 +00:00
|
|
|
}
|
2024-06-12 08:53:06 +00:00
|
|
|
|
|
|
|
// CreateS3APICredentials creates an S3APICredentials with the given name. The
|
|
|
|
// credentials must be associated with a bucket via a call to
|
|
|
|
// GrantBucketPermissions in order to be useful.
|
|
|
|
func (c *AdminClient) CreateS3APICredentials(
|
|
|
|
ctx context.Context, name string,
|
|
|
|
) (
|
|
|
|
S3APICredentials, error,
|
|
|
|
) {
|
|
|
|
// https://garagehq.deuxfleurs.fr/api/garage-admin-v1.html#tag/Key/operation/AddKey
|
|
|
|
|
|
|
|
var res struct {
|
|
|
|
ID string `json:"accessKeyId"`
|
|
|
|
Secret string `json:"secretAccessKey"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// first attempt to import the key
|
|
|
|
err := c.do(
|
|
|
|
ctx, &res, "POST", "/v1/key", map[string]string{"name": name},
|
|
|
|
)
|
|
|
|
|
|
|
|
return S3APICredentials{
|
|
|
|
ID: res.ID,
|
|
|
|
Secret: res.Secret,
|
|
|
|
}, err
|
|
|
|
}
|
|
|
|
|
2025-01-01 11:38:16 +00:00
|
|
|
// S3APICredentialsPublic are the publicly available fields of an
|
|
|
|
// S3APICredentials. These are visibile to all nodes in the cluster.
|
|
|
|
type S3APICredentialsPublic struct {
|
|
|
|
ID string
|
|
|
|
Name string
|
|
|
|
}
|
|
|
|
|
|
|
|
// ListS3APICredentials returns all S3APICredentials in the cluster, without
|
|
|
|
// returning their
|
|
|
|
func (c *AdminClient) ListS3APICredentials(
|
|
|
|
ctx context.Context,
|
|
|
|
) (
|
|
|
|
[]S3APICredentialsPublic, error,
|
|
|
|
) {
|
|
|
|
// https://garagehq.deuxfleurs.fr/api/garage-admin-v1.html#tag/Key/operation/ListKeys
|
|
|
|
var res []S3APICredentialsPublic
|
|
|
|
err := c.do(ctx, &res, "GET", "/v1/key?list", nil)
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
|
2024-06-12 08:53:06 +00:00
|
|
|
// CreateBucket creates a bucket with the given global alias, returning its ID.
|
|
|
|
func (c *AdminClient) CreateBucket(
|
|
|
|
ctx context.Context, globalAlias string,
|
|
|
|
) (
|
|
|
|
BucketID, error,
|
|
|
|
) {
|
|
|
|
// https://garagehq.deuxfleurs.fr/api/garage-admin-v1.html#tag/Bucket/operation/PutBucketGlobalAlias
|
|
|
|
|
|
|
|
var res struct {
|
|
|
|
ID string `json:"id"`
|
|
|
|
}
|
|
|
|
|
|
|
|
err := c.do(
|
|
|
|
ctx, &res, "POST", "/v1/bucket", map[string]string{
|
|
|
|
"globalAlias": globalAlias,
|
|
|
|
},
|
|
|
|
)
|
|
|
|
|
|
|
|
return BucketID(res.ID), err
|
|
|
|
}
|
|
|
|
|
2024-11-05 20:25:04 +00:00
|
|
|
// ListBuckets returns all buckets known to this garage node.
|
|
|
|
func (c *AdminClient) ListBuckets(ctx context.Context) ([]Bucket, error) {
|
|
|
|
var res []Bucket
|
|
|
|
err := c.do(ctx, &res, "GET", "/v1/bucket?list", nil)
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
|
2024-06-12 08:53:06 +00:00
|
|
|
// GrantBucketPermissions grants the S3APICredentials with the given ID
|
|
|
|
// permission(s) to interact with the bucket of the given ID.
|
|
|
|
func (c *AdminClient) GrantBucketPermissions(
|
|
|
|
ctx context.Context,
|
|
|
|
bucketID BucketID,
|
|
|
|
credentialsID string,
|
|
|
|
perms ...BucketPermission,
|
|
|
|
) error {
|
|
|
|
permsMap := map[BucketPermission]bool{}
|
|
|
|
for _, perm := range perms {
|
|
|
|
permsMap[perm] = true
|
|
|
|
}
|
|
|
|
|
|
|
|
// https://garagehq.deuxfleurs.fr/api/garage-admin-v1.html#tag/Bucket/operation/AllowBucketKey
|
|
|
|
return c.do(ctx, nil, "POST", "/v1/bucket/allow", map[string]any{
|
|
|
|
"bucketId": bucketID,
|
|
|
|
"accessKeyId": credentialsID,
|
|
|
|
"permissions": permsMap,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2024-10-24 17:52:08 +00:00
|
|
|
// GetLayout returns the currently applied ClusterLayout.
|
|
|
|
func (c *AdminClient) GetLayout(ctx context.Context) (ClusterLayout, error) {
|
|
|
|
// https://garagehq.deuxfleurs.fr/api/garage-admin-v1.html#tag/Layout/operation/GetLayout
|
|
|
|
var res ClusterLayout
|
|
|
|
err := c.do(ctx, &res, "GET", "/v1/layout", nil)
|
|
|
|
return res, err
|
2024-06-12 08:53:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ApplyLayout modifies the layout of the garage cluster. Only layout of the
|
2024-11-08 16:46:44 +00:00
|
|
|
// given roles will be modified/created/removed, other roles are not affected.
|
2024-06-12 08:53:06 +00:00
|
|
|
func (c *AdminClient) ApplyLayout(
|
2024-11-08 16:46:44 +00:00
|
|
|
ctx context.Context, addModifyRoles []Role, removeRoleIDs []string,
|
2024-06-12 08:53:06 +00:00
|
|
|
) error {
|
2024-11-08 16:46:44 +00:00
|
|
|
type removeRole struct {
|
2024-10-31 12:04:19 +00:00
|
|
|
ID string `json:"id"`
|
|
|
|
Remove bool `json:"remove"`
|
|
|
|
}
|
|
|
|
|
2024-11-08 16:46:44 +00:00
|
|
|
roles := make([]any, 0, len(addModifyRoles)+len(removeRoleIDs))
|
|
|
|
for _, p := range addModifyRoles {
|
|
|
|
roles = append(roles, p)
|
2024-10-31 12:04:19 +00:00
|
|
|
}
|
2024-11-08 16:46:44 +00:00
|
|
|
for _, id := range removeRoleIDs {
|
|
|
|
roles = append(roles, removeRole{ID: id, Remove: true})
|
2024-06-12 08:53:06 +00:00
|
|
|
}
|
|
|
|
|
2024-11-05 21:31:57 +00:00
|
|
|
var clusterLayout ClusterLayout
|
2024-11-08 16:46:44 +00:00
|
|
|
err := c.do(ctx, &clusterLayout, "POST", "/v1/layout", roles)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("staging layout changes: %w", err)
|
|
|
|
} else if len(clusterLayout.StagedRoleChanges) == 0 {
|
2024-06-12 08:53:06 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
applyClusterLayout := struct {
|
|
|
|
Version int `json:"version"`
|
|
|
|
}{
|
|
|
|
Version: clusterLayout.Version + 1,
|
|
|
|
}
|
|
|
|
|
2024-11-08 16:46:44 +00:00
|
|
|
err = c.do(ctx, nil, "POST", "/v1/layout/apply", applyClusterLayout)
|
2024-06-12 08:53:06 +00:00
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("applying new layout (new version:%d): %w", applyClusterLayout.Version, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|