--- /dev/null
+{-# LANGUAGE BangPatterns #-}
+
+{-| Implementation of the Ganeti confd server functionality.
+
+-}
+
+{-
+
+Copyright (C) 2011 Google Inc.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301, USA.
+
+-}
+
+module Ganeti.Confd.Server
+ ( main
+ ) where
+
+import Control.Concurrent
+import Control.Monad (forever)
+import qualified Data.ByteString as B
+import Data.IORef
+import Data.List
+import qualified Data.Map as M
+import qualified Network.Socket as S
+import System.Posix.Files
+import System.Posix.Types
+import System.Time
+import qualified Text.JSON as J
+import System.INotify
+
+import Ganeti.Daemon
+import Ganeti.HTools.JSON
+import Ganeti.HTools.Types
+import Ganeti.HTools.Utils
+import Ganeti.Objects
+import Ganeti.Confd
+import Ganeti.Config
+import Ganeti.Hash
+import Ganeti.Logging
+import qualified Ganeti.Constants as C
+
+-- * Types and constants definitions
+
+-- | What we store as configuration.
+type CRef = IORef (Result (ConfigData, LinkIpMap))
+
+-- | File stat identifier.
+type FStat = (EpochTime, FileID, FileOffset)
+
+-- | Null 'FStat' value.
+nullFStat :: FStat
+nullFStat = (-1, -1, -1)
+
+-- | A small type alias for readability.
+type StatusAnswer = (ConfdReplyStatus, J.JSValue)
+
+-- | Reload model data type.
+data ReloadModel = ReloadNotify -- ^ We are using notifications
+ | ReloadPoll Int -- ^ We are using polling
+ deriving (Eq, Show)
+
+-- | Server state data type.
+data ServerState = ServerState
+ { reloadModel :: ReloadModel
+ , reloadTime :: Integer
+ , reloadFStat :: FStat
+ }
+
+-- | Maximum no-reload poll rounds before reverting to inotify.
+maxIdlePollRounds :: Int
+maxIdlePollRounds = 2
+
+-- | Reload timeout in microseconds.
+configReloadTimeout :: Int
+configReloadTimeout = C.confdConfigReloadTimeout * 1000000
+
+-- | Ratelimit timeout in microseconds.
+configReloadRatelimit :: Int
+configReloadRatelimit = C.confdConfigReloadRatelimit * 1000000
+
+-- | Initial poll round.
+initialPoll :: ReloadModel
+initialPoll = ReloadPoll 0
+
+-- | Initial server state.
+initialState :: ServerState
+initialState = ServerState initialPoll 0 nullFStat
+
+-- | Reload status data type.
+data ConfigReload = ConfigToDate -- ^ No need to reload
+ | ConfigReloaded -- ^ Configuration reloaded
+ | ConfigIOError -- ^ Error during configuration reload
+
+-- | Unknown entry standard response.
+queryUnknownEntry :: StatusAnswer
+queryUnknownEntry = (ReplyStatusError, J.showJSON ConfdErrorUnknownEntry)
+
+{- not used yet
+-- | Internal error standard response.
+queryInternalError :: StatusAnswer
+queryInternalError = (ReplyStatusError, J.showJSON ConfdErrorInternal)
+-}
+
+-- | Argument error standard response.
+queryArgumentError :: StatusAnswer
+queryArgumentError = (ReplyStatusError, J.showJSON ConfdErrorArgument)
+
+-- | Returns the current time.
+getCurrentTime :: IO Integer
+getCurrentTime = do
+ TOD ctime _ <- getClockTime
+ return ctime
+
+-- * Confd base functionality
+
+-- | Returns the HMAC key.
+getClusterHmac :: IO HashKey
+getClusterHmac = fmap B.unpack $ B.readFile C.confdHmacKey
+
+-- | Computes the node role.
+nodeRole :: ConfigData -> String -> Result ConfdNodeRole
+nodeRole cfg name =
+ let cmaster = clusterMasterNode . configCluster $ cfg
+ mnode = M.lookup name . configNodes $ cfg
+ in case mnode of
+ Nothing -> Bad "Node not found"
+ Just node | cmaster == name -> Ok NodeRoleMaster
+ | nodeDrained node -> Ok NodeRoleDrained
+ | nodeOffline node -> Ok NodeRoleOffline
+ | nodeMasterCandidate node -> Ok NodeRoleCandidate
+ _ -> Ok NodeRoleRegular
+
+-- | Does an instance ip -> instance -> primary node -> primary ip
+-- transformation.
+getNodePipByInstanceIp :: ConfigData
+ -> LinkIpMap
+ -> String
+ -> String
+ -> StatusAnswer
+getNodePipByInstanceIp cfg linkipmap link instip =
+ case M.lookup instip (M.findWithDefault M.empty link linkipmap) of
+ Nothing -> queryUnknownEntry
+ Just instname ->
+ case getInstPrimaryNode cfg instname of
+ Bad _ -> queryUnknownEntry -- either instance or node not found
+ Ok node -> (ReplyStatusOk, J.showJSON (nodePrimaryIp node))
+
+-- | Builds the response to a given query.
+buildResponse :: (ConfigData, LinkIpMap) -> ConfdRequest -> Result StatusAnswer
+buildResponse (cfg, _) (ConfdRequest { confdRqType = ReqPing }) =
+ return (ReplyStatusOk, J.showJSON (configVersion cfg))
+
+buildResponse cdata req@(ConfdRequest { confdRqType = ReqClusterMaster }) =
+ case confdRqQuery req of
+ EmptyQuery -> return (ReplyStatusOk, J.showJSON master_name)
+ PlainQuery _ -> return queryArgumentError
+ DictQuery reqq -> do
+ mnode <- getNode cfg master_name
+ let fvals =map (\field -> case field of
+ ReqFieldName -> master_name
+ ReqFieldIp -> clusterMasterIp cluster
+ ReqFieldMNodePip -> nodePrimaryIp mnode
+ ) (confdReqQFields reqq)
+ return (ReplyStatusOk, J.showJSON fvals)
+ where master_name = clusterMasterNode cluster
+ cluster = configCluster cfg
+ cfg = fst cdata
+
+buildResponse cdata req@(ConfdRequest { confdRqType = ReqNodeRoleByName }) = do
+ node_name <- case confdRqQuery req of
+ PlainQuery str -> return str
+ _ -> fail $ "Invalid query type " ++ show (confdRqQuery req)
+ role <- nodeRole (fst cdata) node_name
+ return (ReplyStatusOk, J.showJSON role)
+
+buildResponse cdata (ConfdRequest { confdRqType = ReqNodePipList }) =
+ -- note: we use foldlWithKey because that's present accross more
+ -- versions of the library
+ return (ReplyStatusOk, J.showJSON $
+ M.foldlWithKey (\accu _ n -> nodePrimaryIp n:accu) []
+ (configNodes (fst cdata)))
+
+buildResponse cdata (ConfdRequest { confdRqType = ReqMcPipList }) =
+ -- note: we use foldlWithKey because that's present accross more
+ -- versions of the library
+ return (ReplyStatusOk, J.showJSON $
+ M.foldlWithKey (\accu _ n -> if nodeMasterCandidate n
+ then nodePrimaryIp n:accu
+ else accu) []
+ (configNodes (fst cdata)))
+
+buildResponse (cfg, linkipmap)
+ req@(ConfdRequest { confdRqType = ReqInstIpsList }) = do
+ link <- case confdRqQuery req of
+ PlainQuery str -> return str
+ EmptyQuery -> return (getDefaultNicLink cfg)
+ _ -> fail "Invalid query type"
+ return (ReplyStatusOk, J.showJSON $ getInstancesIpByLink linkipmap link)
+
+buildResponse cdata (ConfdRequest { confdRqType = ReqNodePipByInstPip
+ , confdRqQuery = DictQuery query}) =
+ let (cfg, linkipmap) = cdata
+ link = maybe (getDefaultNicLink cfg) id (confdReqQLink query)
+ in case confdReqQIp query of
+ Just ip -> return $ getNodePipByInstanceIp cfg linkipmap link ip
+ Nothing -> return (ReplyStatusOk,
+ J.showJSON $
+ map (getNodePipByInstanceIp cfg linkipmap link)
+ (confdReqQIpList query))
+
+buildResponse _ (ConfdRequest { confdRqType = ReqNodePipByInstPip }) =
+ return queryArgumentError
+
+-- | Parses a signed request.
+parseRequest :: HashKey -> String -> Result (String, String, ConfdRequest)
+parseRequest key str = do
+ (SignedMessage hmac msg salt) <- fromJResult "parsing request" $ J.decode str
+ req <- if verifyMac key (Just salt) msg hmac
+ then fromJResult "parsing message" $ J.decode msg
+ else Bad "HMAC verification failed"
+ return (salt, msg, req)
+
+-- | Creates a ConfdReply from a given answer.
+serializeResponse :: Result StatusAnswer -> ConfdReply
+serializeResponse r =
+ let (status, result) = case r of
+ Bad err -> (ReplyStatusError, J.showJSON err)
+ Ok (code, val) -> (code, val)
+ in ConfdReply { confdReplyProtocol = 1
+ , confdReplyStatus = status
+ , confdReplyAnswer = result
+ , confdReplySerial = 0 }
+
+-- | Signs a message with a given key and salt.
+signMessage :: HashKey -> String -> String -> SignedMessage
+signMessage key salt msg =
+ SignedMessage { signedMsgMsg = msg
+ , signedMsgSalt = salt
+ , signedMsgHmac = hmac
+ }
+ where hmac = computeMac key (Just salt) msg
+
+-- * Configuration handling
+
+-- ** Helper functions
+
+-- | Helper function for logging transition into polling mode.
+moveToPolling :: String -> INotify -> FilePath -> CRef -> MVar ServerState
+ -> IO ReloadModel
+moveToPolling msg inotify path cref mstate = do
+ logInfo $ "Moving to polling mode: " ++ msg
+ let inotiaction = addNotifier inotify path cref mstate
+ _ <- forkIO $ onReloadTimer inotiaction path cref mstate
+ return initialPoll
+
+-- | Helper function for logging transition into inotify mode.
+moveToNotify :: IO ReloadModel
+moveToNotify = do
+ logInfo "Moving to inotify mode"
+ return ReloadNotify
+
+-- ** Configuration loading
+
+-- | (Re)loads the configuration.
+updateConfig :: FilePath -> CRef -> IO ()
+updateConfig path r = do
+ newcfg <- loadConfig path
+ let !newdata = case newcfg of
+ Ok !cfg -> Ok (cfg, buildLinkIpInstnameMap cfg)
+ Bad _ -> Bad "Cannot load configuration"
+ writeIORef r newdata
+ case newcfg of
+ Ok cfg -> logInfo ("Loaded new config, serial " ++
+ show (configSerial cfg))
+ Bad msg -> logError $ "Failed to load config: " ++ msg
+ return ()
+
+-- | Wrapper over 'updateConfig' that handles IO errors.
+safeUpdateConfig :: FilePath -> FStat -> CRef -> IO (FStat, ConfigReload)
+safeUpdateConfig path oldfstat cref = do
+ catch (do
+ nt <- needsReload oldfstat path
+ case nt of
+ Nothing -> return (oldfstat, ConfigToDate)
+ Just nt' -> do
+ updateConfig path cref
+ return (nt', ConfigReloaded)
+ ) (\e -> do
+ let msg = "Failure during configuration update: " ++ show e
+ writeIORef cref (Bad msg)
+ return (nullFStat, ConfigIOError)
+ )
+
+-- | Computes the file cache data from a FileStatus structure.
+buildFileStatus :: FileStatus -> FStat
+buildFileStatus ofs =
+ let modt = modificationTime ofs
+ inum = fileID ofs
+ fsize = fileSize ofs
+ in (modt, inum, fsize)
+
+-- | Wrapper over 'buildFileStatus'. This reads the data from the
+-- filesystem and then builds our cache structure.
+getFStat :: FilePath -> IO FStat
+getFStat p = getFileStatus p >>= (return . buildFileStatus)
+
+-- | Check if the file needs reloading
+needsReload :: FStat -> FilePath -> IO (Maybe FStat)
+needsReload oldstat path = do
+ newstat <- getFStat path
+ return $ if newstat /= oldstat
+ then Just newstat
+ else Nothing
+
+-- ** Watcher threads
+
+-- $watcher
+-- We have three threads/functions that can mutate the server state:
+--
+-- 1. the long-interval watcher ('onTimeoutTimer')
+--
+-- 2. the polling watcher ('onReloadTimer')
+--
+-- 3. the inotify event handler ('onInotify')
+--
+-- All of these will mutate the server state under 'modifyMVar' or
+-- 'modifyMVar_', so that server transitions are more or less
+-- atomic. The inotify handler remains active during polling mode, but
+-- checks for polling mode and doesn't do anything in this case (this
+-- check is needed even if we would unregister the event handler due
+-- to how events are serialised).
+
+-- | Long-interval reload watcher.
+--
+-- This is on top of the inotify-based triggered reload.
+onTimeoutTimer :: IO Bool -> FilePath -> CRef -> MVar ServerState -> IO ()
+onTimeoutTimer inotiaction path cref state = do
+ threadDelay configReloadTimeout
+ modifyMVar_ state (onTimeoutInner path cref)
+ _ <- inotiaction
+ onTimeoutTimer inotiaction path cref state
+
+-- | Inner onTimeout handler.
+--
+-- This mutates the server state under a modifyMVar_ call. It never
+-- changes the reload model, just does a safety reload and tried to
+-- re-establish the inotify watcher.
+onTimeoutInner :: FilePath -> CRef -> ServerState -> IO ServerState
+onTimeoutInner path cref state = do
+ (newfstat, _) <- safeUpdateConfig path (reloadFStat state) cref
+ return state { reloadFStat = newfstat }
+
+-- | Short-interval (polling) reload watcher.
+--
+-- This is only active when we're in polling mode; it will
+-- automatically exit when it detects that the state has changed to
+-- notification.
+onReloadTimer :: IO Bool -> FilePath -> CRef -> MVar ServerState -> IO ()
+onReloadTimer inotiaction path cref state = do
+ continue <- modifyMVar state (onReloadInner inotiaction path cref)
+ if continue
+ then do
+ threadDelay configReloadRatelimit
+ onReloadTimer inotiaction path cref state
+ else -- the inotify watch has been re-established, we can exit
+ return ()
+
+-- | Inner onReload handler.
+--
+-- This again mutates the state under a modifyMVar call, and also
+-- returns whether the thread should continue or not.
+onReloadInner :: IO Bool -> FilePath -> CRef -> ServerState
+ -> IO (ServerState, Bool)
+onReloadInner _ _ _ state@(ServerState { reloadModel = ReloadNotify } ) =
+ return (state, False)
+onReloadInner inotiaction path cref
+ state@(ServerState { reloadModel = ReloadPoll pround } ) = do
+ (newfstat, reload) <- safeUpdateConfig path (reloadFStat state) cref
+ let state' = state { reloadFStat = newfstat }
+ -- compute new poll model based on reload data; however, failure to
+ -- re-establish the inotifier means we stay on polling
+ newmode <- case reload of
+ ConfigToDate ->
+ if pround >= maxIdlePollRounds
+ then do -- try to switch to notify
+ result <- inotiaction
+ if result
+ then moveToNotify
+ else return initialPoll
+ else return (ReloadPoll (pround + 1))
+ _ -> return initialPoll
+ let continue = case newmode of
+ ReloadNotify -> False
+ _ -> True
+ return (state' { reloadModel = newmode }, continue)
+
+-- | Setup inotify watcher.
+--
+-- This tries to setup the watch descriptor; in case of any IO errors,
+-- it will return False.
+addNotifier :: INotify -> FilePath -> CRef -> MVar ServerState -> IO Bool
+addNotifier inotify path cref mstate = do
+ catch (addWatch inotify [CloseWrite] path
+ (onInotify inotify path cref mstate) >> return True)
+ (const $ return False)
+
+-- | Inotify event handler.
+onInotify :: INotify -> String -> CRef -> MVar ServerState -> Event -> IO ()
+onInotify inotify path cref mstate Ignored = do
+ logInfo "File lost, trying to re-establish notifier"
+ modifyMVar_ mstate $ \state -> do
+ result <- addNotifier inotify path cref mstate
+ (newfstat, _) <- safeUpdateConfig path (reloadFStat state) cref
+ let state' = state { reloadFStat = newfstat }
+ if result
+ then return state' -- keep notify
+ else do
+ mode <- moveToPolling "cannot re-establish inotify watch" inotify
+ path cref mstate
+ return state' { reloadModel = mode }
+
+onInotify inotify path cref mstate _ = do
+ modifyMVar_ mstate $ \state ->
+ if (reloadModel state == ReloadNotify)
+ then do
+ ctime <- getCurrentTime
+ (newfstat, _) <- safeUpdateConfig path (reloadFStat state) cref
+ let state' = state { reloadFStat = newfstat, reloadTime = ctime }
+ if abs (reloadTime state - ctime) <
+ fromIntegral C.confdConfigReloadRatelimit
+ then do
+ mode <- moveToPolling "too many reloads" inotify path cref mstate
+ return state' { reloadModel = mode }
+ else return state'
+ else return state
+
+-- ** Client input/output handlers
+
+-- | Main loop for a given client.
+responder :: CRef -> S.Socket -> HashKey -> String -> S.SockAddr -> IO ()
+responder cfgref socket hmac msg peer = do
+ ctime <- getCurrentTime
+ case parseMessage hmac msg ctime of
+ Ok (origmsg, rq) -> do
+ logDebug $ "Processing request: " ++ origmsg
+ mcfg <- readIORef cfgref
+ let response = respondInner mcfg hmac rq
+ _ <- S.sendTo socket response peer
+ return ()
+ Bad err -> logInfo $ "Failed to parse incoming message: " ++ err
+ return ()
+
+-- | Mesage parsing. This can either result in a good, valid message,
+-- or fail in the Result monad.
+parseMessage :: HashKey -> String -> Integer
+ -> Result (String, ConfdRequest)
+parseMessage hmac msg curtime = do
+ (salt, origmsg, request) <- parseRequest hmac msg
+ ts <- tryRead "Parsing timestamp" salt::Result Integer
+ if (abs (ts - curtime) > (fromIntegral C.confdMaxClockSkew))
+ then fail "Too old/too new timestamp or clock skew"
+ else return (origmsg, request)
+
+-- | Inner helper function for a given client. This generates the
+-- final encoded message (as a string), ready to be sent out to the
+-- client.
+respondInner :: Result (ConfigData, LinkIpMap) -> HashKey
+ -> ConfdRequest -> String
+respondInner cfg hmac rq =
+ let rsalt = confdRqRsalt rq
+ innermsg = serializeResponse (cfg >>= flip buildResponse rq)
+ innerserialised = J.encodeStrict innermsg
+ outermsg = signMessage hmac rsalt innerserialised
+ outerserialised = confdMagicFourcc ++ J.encodeStrict outermsg
+ in outerserialised
+
+-- | Main listener loop.
+listener :: S.Socket -> HashKey
+ -> (S.Socket -> HashKey -> String -> S.SockAddr -> IO ())
+ -> IO ()
+listener s hmac resp = do
+ (msg, _, peer) <- S.recvFrom s 4096
+ if confdMagicFourcc `isPrefixOf` msg
+ then (forkIO $ resp s hmac (drop 4 msg) peer) >> return ()
+ else logDebug "Invalid magic code!" >> return ()
+ return ()
+
+-- | Main function.
+main :: DaemonOptions -> IO ()
+main opts = do
+ s <- S.socket S.AF_INET S.Datagram S.defaultProtocol
+ let port = maybe C.defaultConfdPort fromIntegral $ optPort opts
+ S.bindSocket s (S.SockAddrInet (fromIntegral port) S.iNADDR_ANY)
+ cref <- newIORef (Bad "Configuration not yet loaded")
+ statemvar <- newMVar initialState
+ hmac <- getClusterHmac
+ -- Inotify setup
+ inotify <- initINotify
+ let inotiaction = addNotifier inotify C.clusterConfFile cref statemvar
+ -- fork the timeout timer
+ _ <- forkIO $ onTimeoutTimer inotiaction C.clusterConfFile cref statemvar
+ -- fork the polling timer
+ _ <- forkIO $ onReloadTimer inotiaction C.clusterConfFile cref statemvar
+ -- and finally enter the responder loop
+ forever $ listener s hmac (responder cref)