Commit graph

74 commits

Author SHA1 Message Date
8bfc16ba7d
Merge branch 'main' into next-0.10 2024-03-28 15:01:05 +01:00
0d3e285d13
[fix-buffering] implement block_ram_buffer_max to avoid excessive RAM usage 2024-03-27 16:22:40 +01:00
0038ca8a78
Merge branch 'main' into next-0.10 2024-03-18 20:19:30 +01:00
1e42808a59
[db-snapshot] implement meta_auto_snapshot_interval 2024-03-15 13:51:31 +01:00
7c86ff6c37
[disable-scrub] implement a disable_scrub configuration option 2024-03-14 17:01:16 +01:00
44454aac01
[rm-sled] Remove the Sled database engine 2024-03-08 14:11:02 +01:00
Yureka
c1769bbe69 ReplicationMode -> ConsistencyMode+ReplicationFactor 2024-03-07 12:45:33 +01:00
b96f84b894
[networking-fixes] add option to bind outgoing RPC sockets (fix #638)
Thanks to yuka for the original patch.
2024-02-19 11:45:44 +01:00
bf283c9924
[fix-secrets-695] config: replace String by PathBuf for *_file 2024-02-12 15:36:43 +01:00
4c5be79b80 Garage v0.8.5
This minor release includes the following improvements and fixes:
 
 New features:
 
 - Configuration: make LMDB's `map_size` configurable and make `block_size` and `sled_cache_capacity` expressable as strings (such as `10M`) (#628, #630)
 
 - Add support for binding to Unix sockets for the S3, K2V, Admin and Web API servers (#640)
 
 - Move the `convert_db` command into the main Garage binary (#645)
 
 - Add support for specifying RPC secret and admin tokens as environment variables (#643)
 
 - Add `allow_world_readable_secrets` option to config file (#663, #685)
 
 Bug fixes:
 
 - Use `statvfs` instead of mount list to determine free space in metadata/data directories (#611, #631)
 
 - Add missing casts to fix 32-bit build (#632)
 
 - Fix error when none of the HTTP servers (S3/K2V/Admin/Web) is started and fix shutdown hang (#613, #633)
 
 - Add missing CORS headers to PostObject response (#609, #656)
 
 - Monitoring: finer histogram boundaries in Prometheus exported metrics (#531, #686)
 
 Other:
 
 - Documentation improvements (#641)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEwhSWp0+ubv79TiqUDkltFQljdr4FAmWmWvsACgkQDkltFQlj
 dr59rRAAiMGQpDUK0QqiCgrp1rcUhvtj3DsQEpT7F14Jo3I7bFDmONZolPbO8YAs
 VE4S4CBQogNH0lMQ6EvJYiBCxDWkxdVibKqDWOYJmUw3bZ6Ypn1eZIF0+Uf1TDI+
 C6CxYbyDQtqvm330K2Du2uOoGiIgm83b6jktK/0FtbAE2GWhtYmQwoelprAGH20i
 baaSfkZbBl8toUscakyhPVVSQ86BcVQ2jqL6Ofu4eQknjMRqCeAIQhMB2ikpiwBz
 hbTZ3x0EfJJqiHocfkTE3B3cPnDKuHDzxPRhLMB/olEpzoxaLJ2+tc0ziQdl06/F
 1c8nHM57L1IaDGKAkpcANnj3yVf3jfPqq9SEUNi+xSIWbvln91RvXU4RIB8hiZqa
 rqAHjDuys++3DoAUr/L4X233MWufVAEYT4B+jaPAv6ys35xhQwPAMJrA0OZEr+hE
 HQMPIG9uMDVjZ2QCgFYgC02kEqvxbsRSVnb0wjI7eoNOk0LKo154eJh1cOGd4Ibs
 yBTiIi1+Y7RCXNxcIHKlj5vMUHPBr2D8DVFj21kfZKUtMQ/8yScoiRC14ZR4J2xF
 IYe3aDm80l3tYgnPRVj4fOGiIPsqnZd4iazYKwj2cifB8tzYfyh5/9fv2aio8K5y
 0GAw4AoTtgg1hLMadbc3om7wy64IRaZzXjv59eYPEotZYdreVpM=
 =RVm8
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEwhSWp0+ubv79TiqUDkltFQljdr4FAmWmZKIACgkQDkltFQlj
 dr6wZRAA1XuOBax/7YsIix3ag0kjnwnGAx8wYaA+Jiojw2yv/+ePL6yGHcKA93lI
 SL8l5G06fTDgpbpfdVbgyRzGT2tmjrXvkygRWf2WMDZ9I+8WxUA2q8aWaEMiNmvd
 0cfzYi14TgX+O0wEbKeeqrXG0473/yThk5U1FNbdJd7rkJ4JzaOTthdk0LJLiEUG
 zQ/YIYx3FVFoVI0rdORb3HKzqYHjMAvpzNhEIeqkrpDEzplQ3jKvY+rYWQL3S9zE
 bHbkZPoT62OpJGMr04/1FUkB+ctsvUrM0CskruaSKWyD2M1xTo/Ug4jh5muVIcdJ
 hJis1/k5rV8JDTIkb6eAxKqfVzI+56yDxofT8rVF4JhvlzvXDLOa0uyDVyA8/6un
 ylWRzs2Mlj6/TbscmPjrdH8v2Lb0zjWxvXe2iYnHHfldWUlYuBtI6FZiG3uNjBCs
 7ns3xr4VOw13RM5auVkEQksIO6lru0kvH18GB3h6Msx67w2JUzl+PaNv8PdRtnmV
 0SfLUl1Nh8yT2h9qG6/3cDE9E1G/mjg8SgljoEe6ahs/BUZmLuTHTyBjf+P22ZbO
 DCITM3CwrV+y/aKnRdLvd6LOWFinUqMS8YvVSVqJh9vo9R+dt33LdBMdWjP4IYHF
 MbACe4FzeG3AXUcHB/mDCm7a2H2BFwzAovFy0SE639PfWBxNue0=
 =gzWq
 -----END PGP SIGNATURE-----

Merge tag 'v0.8.5' into sync-08-09

Garage v0.8.5

This minor release includes the following improvements and fixes:

New features:

- Configuration: make LMDB's `map_size` configurable and make `block_size` and `sled_cache_capacity` expressable as strings (such as `10M`) (#628, #630)

- Add support for binding to Unix sockets for the S3, K2V, Admin and Web API servers (#640)

- Move the `convert_db` command into the main Garage binary (#645)

- Add support for specifying RPC secret and admin tokens as environment variables (#643)

- Add `allow_world_readable_secrets` option to config file (#663, #685)

Bug fixes:

- Use `statvfs` instead of mount list to determine free space in metadata/data directories (#611, #631)

- Add missing casts to fix 32-bit build (#632)

- Fix error when none of the HTTP servers (S3/K2V/Admin/Web) is started and fix shutdown hang (#613, #633)

- Add missing CORS headers to PostObject response (#609, #656)

- Monitoring: finer histogram boundaries in Prometheus exported metrics (#531, #686)

Other:

- Documentation improvements (#641)
2024-01-16 12:12:27 +01:00
7228695ee2
config: refactor secret sourcing 2024-01-15 17:18:46 +01:00
f83fa02193 Add allow_world_readable_secrets option to config file
Sometimes, the secret files permissions checks gets in the way. It's
by no mean complete, it doesn't take the Posix ACLs into account among
other things. Correctly checking the ACLs would be too involving (see
Deuxfleurs/garage#658 (comment))
and would likely still fail in some weird chmod settings.

We're adding a new configuration file key allowing the user to disable
this permission check altogether.

The (already existing) env variable counterpart always take precedence
to this config file option. That's useful in cases where the
configuration file is static and cannot be easily altered.

Fixes Deuxfleurs/garage#658

Co-authored-by: Florian Klink <flokli@flokli.de>
2023-10-26 18:25:13 +02:00
c99cb58d71
util: move reading secret file into seperate helper
this patch moves the logic to read a secret file (and check for correct
permissions) from `secret_from_file` into a new `read_secret_file`
helper.
2023-10-19 03:29:48 +02:00
2e656b541b Merge branch 'main' into next 2023-10-03 18:40:37 +02:00
7353038a64
config: allow using paths for unix domain sockets in various places
this patch updates the config format to also allow paths in bind
addresses for unix domain sockets.

this has been added to all apis except rpc.
2023-09-29 18:38:30 +02:00
51abbb02d8 Merge branch 'main' into next 2023-09-11 20:00:02 +02:00
f8b3883611 config: make block_size and sled_cache_capacity expressable as strings 2023-09-11 18:34:59 +02:00
51b9731a08 make lmdb's map_size configurable (fix #628) 2023-09-11 18:03:44 +02:00
71c0188055 block manager: skeleton for multi-hdd support 2023-09-06 16:35:28 +02:00
90b2d43eb4 Merge branch 'main' into next 2023-06-13 17:14:11 +02:00
e7e164a280 Make fsync an option for meta and data 2023-06-09 16:23:21 +02:00
Roberto Hidalgo
ef8a7add08 set default for [consul-services] api 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
b770504126 simplify code according to feedback 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
6b69404f1a rename mode to consul_http_api 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
fd7dbea5b8 follow feedback, fold into existing feature 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
bd6485565e allow additional ServiceMeta, docs 2023-05-22 08:57:15 -06:00
Roberto Hidalgo
02ba9016ab register consul services against local agent instead of catalog api 2023-05-22 08:57:15 -06:00
19639705e6 Mark sled as deprecated, make lmdb default, and improve sqlite and lmdb defaults 2023-05-17 14:30:53 +02:00
Jonathan Davies
c783194e8b *: apply clippy recommendations. 2023-05-09 20:49:34 +01:00
80e2326998 fixes for pr 499 2023-02-06 12:23:55 +01:00
656b8d42de secrets can be passed directly in config, as file, or as env 2023-02-03 15:27:39 +01:00
d6ea0cbefa Add tests for rpc_secret_file 2023-01-07 14:19:36 +01:00
7b62fe3f0b Error on both rpc_secret and rpc_secret_file 2023-01-07 13:49:03 +01:00
f2106c2733 Implement rpc_secret_file 2023-01-04 18:35:10 +01:00
8bc5caf7aa
Fix issue with 'http(s)://' prefix 2022-10-18 21:17:11 +02:00
002b9fc50c
Add TLS support for Consul discovery + refactoring 2022-10-18 18:38:20 +02:00
56592e1853
RPC performance changes
- configurable ping timeout
- single, much higher, configurable RPC timeout
- no more concurrency semaphore
2022-09-19 20:31:00 +02:00
e46dc2a8ef
Allow for hostnames in bootstrap_peers and rpc_public_addr (fix #353) 2022-09-14 16:09:38 +02:00
8adc654713
Merge branch 'main' into improve-deps 2022-09-07 18:13:27 +02:00
2559f63e9b
Make all HTTP services optionnal 2022-09-07 17:54:16 +02:00
943d76c583
Ability to dynamically set resync tranquility 2022-09-02 15:34:21 +02:00
b44d3fc796 Abstract database behind generic interface and implement alternative drivers (#322)
- [x] Design interface
- [x] Implement Sled backend
  - [x] Re-implement the SledCountedTree hack ~~on Sled backend~~ on all backends (i.e. over the abstraction)
- [x] Convert Garage code to use generic interface
- [x] Proof-read converted Garage code
- [ ] Test everything well
- [x] Implement sqlite backend
- [x] Implement LMDB backend
- [ ] (Implement Persy backend?)
- [ ] (Implement other backends? (like RocksDB, ...))
- [x] Implement backend choice in config file and garage server module
- [x] Add CLI for converting between DB formats
- Exploit the new interface to put more things in transactions
  - [x] `.updated()` trigger on Garage tables

Fix #284

**Bugs**

- [x] When exporting sqlite, trees iterate empty??
- [x] LMDB doesn't work

**Known issues for various back-ends**

- Sled:
  - Eats all my RAM and also all my disk space
  - `.len()` has to traverse the whole table
  - Is actually quite slow on some operations
  - And is actually pretty bad code...
- Sqlite:
  - Requires a lock to be taken on all operations. The lock is also taken when iterating on a table with `.iter()`, and the lock isn't released until the iterator is dropped. This means that we must be VERY carefull to not do anything else inside a `.iter()` loop or else we will have a deadlock! Most such cases have been eliminated from the Garage codebase, but there might still be some that remain. If your Garage-over-Sqlite seems to hang/freeze, this is the reason.
  - (adapter uses a bunch of unsafe code)
- Heed (LMDB):
  - Not suited for 32-bit machines as it has to map the whole DB in memory.
  - (adpater uses a tiny bit of unsafe code)

**My recommendation:** avoid 32-bit machines and use LMDB as much as possible.

**Converting databases** is actually quite easy. For example from Sled to LMDB:

```bash
cd src/db
cargo run --features cli --bin convert -- -i path/to/garage/meta/db -a sled -o path/to/garage/meta/db.lmdb -b lmdb
```

Then, just add this to your `config.toml`:

```toml
db_engine = "lmdb"
```

Co-authored-by: Alex Auvolat <alex@adnab.me>
Reviewed-on: Deuxfleurs/garage#322
Co-authored-by: Alex <alex@adnab.me>
Co-committed-by: Alex <alex@adnab.me>
2022-06-08 10:01:44 +02:00
382e74c798 First version of admin API (#298)
**Spec:**

- [x] Start writing
- [x] Specify all layout endpoints
- [x] Specify all endpoints for operations on keys
- [x] Specify all endpoints for operations on key/bucket permissions
- [x] Specify all endpoints for operations on buckets
- [x] Specify all endpoints for operations on bucket aliases

View rendered spec at <https://git.deuxfleurs.fr/Deuxfleurs/garage/src/branch/admin-api/doc/drafts/admin-api.md>

**Code:**

- [x] Refactor code for admin api to use common api code that was created for K2V

**General endpoints:**

- [x] Metrics
- [x] GetClusterStatus
- [x] ConnectClusterNodes
- [x] GetClusterLayout
- [x] UpdateClusterLayout
- [x] ApplyClusterLayout
- [x] RevertClusterLayout

**Key-related endpoints:**

- [x] ListKeys
- [x] CreateKey
- [x] ImportKey
- [x] GetKeyInfo
- [x] UpdateKey
- [x] DeleteKey

**Bucket-related endpoints:**

- [x] ListBuckets
- [x] CreateBucket
- [x] GetBucketInfo
- [x] DeleteBucket
- [x] PutBucketWebsite
- [x] DeleteBucketWebsite

**Operations on key/bucket permissions:**

- [x] BucketAllowKey
- [x] BucketDenyKey

**Operations on bucket aliases:**

- [x] GlobalAliasBucket
- [x] GlobalUnaliasBucket
- [x] LocalAliasBucket
- [x] LocalUnaliasBucket

**And also:**

- [x] Separate error type for the admin API (this PR includes a quite big refactoring of error handling)
- [x] Add management of website access
- [ ] Check that nothing is missing wrt what can be done using the CLI
- [ ] Improve formatting of the spec
- [x] Make sure everyone is cool with the API design

Fix #231
Fix #295

Co-authored-by: Alex Auvolat <alex@adnab.me>
Reviewed-on: Deuxfleurs/garage#298
Co-authored-by: Alex <alex@adnab.me>
Co-committed-by: Alex <alex@adnab.me>
2022-05-24 12:16:39 +02:00
5768bf3622 First implementation of K2V (#293)
**Specification:**

View spec at [this URL](https://git.deuxfleurs.fr/Deuxfleurs/garage/src/branch/k2v/doc/drafts/k2v-spec.md)

- [x] Specify the structure of K2V triples
- [x] Specify the DVVS format used for causality detection
- [x] Specify the K2V index (just a counter of number of values per partition key)
- [x] Specify single-item endpoints: ReadItem, InsertItem, DeleteItem
- [x] Specify index endpoint: ReadIndex
- [x] Specify multi-item endpoints: InsertBatch, ReadBatch, DeleteBatch
- [x] Move to JSON objects instead of tuples
- [x] Specify endpoints for polling for updates on single values (PollItem)

**Implementation:**

- [x] Table for K2V items, causal contexts
- [x] Indexing mechanism and table for K2V index
- [x] Make API handlers a bit more generic
- [x] K2V API endpoint
- [x] K2V API router
- [x] ReadItem
- [x] InsertItem
- [x] DeleteItem
- [x] PollItem
- [x] ReadIndex
- [x] InsertBatch
- [x] ReadBatch
- [x] DeleteBatch

**Testing:**

- [x] Just a simple Python script that does some requests to check visually that things are going right (does not contain parsing of results or assertions on returned values)
- [x] Actual tests:
  - [x] Adapt testing framework
  - [x] Simple test with InsertItem + ReadItem
  - [x] Test with several Insert/Read/DeleteItem + ReadIndex
  - [x] Test all combinations of return formats for ReadItem
  - [x] Test with ReadBatch, InsertBatch, DeleteBatch
  - [x] Test with PollItem
  - [x] Test error codes
- [ ] Fix most broken stuff
  - [x] test PollItem broken randomly
  - [x] when invalid causality tokens are given, errors should be 4xx not 5xx

**Improvements:**

- [x] Descending range queries
  - [x] Specify
  - [x] Implement
  - [x] Add test
- [x] Batch updates to index counter
- [x] Put K2V behind `k2v` feature flag

Co-authored-by: Alex Auvolat <alex@adnab.me>
Reviewed-on: Deuxfleurs/garage#293
Co-authored-by: Alex <alex@adnab.me>
Co-committed-by: Alex <alex@adnab.me>
2022-05-10 13:16:57 +02:00
e480aaf338
Make background tranquility a configurable parameter 2022-03-23 10:25:19 +01:00
9b2b531f4d
Make admin server optional 2022-03-14 10:54:25 +01:00
dc8d0496cc
Refactoring: rename config files, make modifications less invasive 2022-03-14 10:53:51 +01:00
8c2fb0c066
Add tracing integration with opentelemetry 2022-03-14 10:52:13 +01:00
mricher
e349af13a7
Update dependencies and add admin module with metrics
- Global dependencies updated in Cargo.lock
- New module created in src/admin to host:
  - the (future) admin REST API
  - the metric collection
- add configuration block

No metrics implemented yet
2022-03-14 10:51:12 +01:00
9d44127245
add support for kubernetes service discovery
This commit adds support to discover garage instances running in
kubernetes.

Once enabled by setting `kubernetes_namespace` and
`kubernetes_service_name` garage will create a Custom Resources
`garagenodes.deuxfleurs.fr` with nodes public key as the resource name.
and IP and Port information as spec in the namespace configured by
`kubernetes_namespace`.

For discovering nodes the resources are filtered with the optionally set
`kubernetes_service_name` which sets a label
`garage.deuxfleurs.fr/service` on the resources.

This allows to separate multiple garage deployments in a single
namespace.

the `kubernetes_skip_crd` variable allows to disable the creation of the
CRD by garage itself. The user must deploy this manually.
2022-03-12 13:05:52 +01:00