-
-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
google cloud storage support #3021
Closed
+231
−2
Closed
Changes from all commits
Commits
Show all changes
2 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<section xmlns="http://docbook.org/ns/docbook" | ||
xmlns:xlink="http://www.w3.org/1999/xlink" | ||
xmlns:xi="http://www.w3.org/2001/XInclude" | ||
version="5.0" | ||
xml:id="ssec-gcs-substituter"> | ||
|
||
<title>Serving a Nix store via Google Cloud Storage</title> | ||
|
||
<para>Nix has built-in support for storing and fetching store paths | ||
from Google Cloud Storage.</para> | ||
<para>For a GCS bucket with the name <literal>example-nix-cache</literal> the URI is <uri>gs://example-nix-cache</uri>.</para> | ||
<para>Nix will use the environment variable <literal>GOOGLE_APPLICATION_CREDENTIALS</literal> to discover the credentials JSON file.</para> | ||
|
||
<example> | ||
<title>Uploading to GCS</title> | ||
<para><command> | ||
GOOGLE_APPLICATION_CREDENTIALS=~/google.json nix copy --to gs://example-nix-cache nixpkgs.hello | ||
</command></para> | ||
</example> | ||
</section> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,194 @@ | ||
#if ENABLE_GCS | ||
|
||
#include "nar-info.hh" | ||
#include "nar-info-disk-cache.hh" | ||
#include "globals.hh" | ||
#include "compression.hh" | ||
#include "binary-cache-store.hh" | ||
|
||
#include <memory> | ||
#include <google/cloud/storage/client.h> | ||
|
||
namespace gcs = google::cloud::storage; | ||
|
||
using namespace std::chrono_literals; | ||
using ::google::cloud::StatusOr; | ||
|
||
namespace nix { | ||
|
||
struct GCSBinaryCacheStore : public BinaryCacheStore | ||
{ | ||
const Setting<std::string> narinfoCompression{this, "", "narinfo-compression", "compression method for .narinfo files"}; | ||
const Setting<std::string> lsCompression{this, "", "ls-compression", "compression method for .ls files"}; | ||
const Setting<std::string> logCompression{this, "", "log-compression", "compression method for log/* files"}; | ||
const Setting<uint64_t> bufferSize{ | ||
this, 5 * 1024 * 1024, "buffer-size", "size (in bytes) of each downloaded chunk"}; | ||
|
||
std::string bucketName; | ||
std::unique_ptr<gcs::Client> client; | ||
|
||
GCSBinaryCacheStore( | ||
const Params & params, const std::string & bucketName) | ||
: BinaryCacheStore(params) | ||
, bucketName(bucketName) | ||
, client(nullptr) | ||
{ | ||
diskCache = getNarInfoDiskCache(); | ||
} | ||
|
||
std::string getUri() override | ||
{ | ||
return "gs://" + bucketName; | ||
} | ||
|
||
void init() override | ||
{ | ||
if (client == nullptr) { | ||
StatusOr<gcs::ClientOptions> options = | ||
gcs::ClientOptions::CreateDefaultClientOptions(); | ||
andir marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
if (!options) { | ||
throw Error("Failed to retrieve GCS credentials"); | ||
} | ||
|
||
client = std::make_unique<gcs::Client>(*options); | ||
} | ||
|
||
if (!diskCache->cacheExists(getUri(), wantMassQuery_, priority)) { | ||
|
||
BinaryCacheStore::init(); | ||
|
||
diskCache->createCache(getUri(), storeDir, wantMassQuery_, priority); | ||
} | ||
} | ||
|
||
bool isValidPathUncached(const Path & storePath) override | ||
{ | ||
try { | ||
queryPathInfo(storePath); | ||
return true; | ||
} catch (InvalidPath & e) { | ||
return false; | ||
} | ||
} | ||
|
||
bool fileExists(const std::string & path) override | ||
{ | ||
const auto res = client->GetObjectMetadata(bucketName, path); | ||
|
||
if (res) { | ||
return true; | ||
} | ||
|
||
const auto status = res.status(); | ||
if (status.code() == ::google::cloud::StatusCode::kNotFound) | ||
return false; | ||
|
||
throw Error(format("GCS error fetching '%s': %s") % path % status.message()); | ||
} | ||
|
||
void uploadFile(const std::string & path, const std::string & data, | ||
const std::string & mimeType, | ||
const std::string & contentEncoding) | ||
{ | ||
const auto size = data.size(); | ||
const auto now1 = std::chrono::steady_clock::now(); | ||
|
||
if (size < bufferSize) { | ||
|
||
const auto metadata = client->InsertObject( | ||
bucketName, path, std::move(data), | ||
gcs::WithObjectMetadata( | ||
gcs::ObjectMetadata() | ||
.set_content_type(mimeType) | ||
.set_content_encoding(contentEncoding) | ||
)); | ||
if (!metadata) { | ||
throw Error(format("GCS error uploading '%s': %s") % path % metadata.status().message()); | ||
} | ||
|
||
} else { | ||
auto stream = client->WriteObject(bucketName, path); | ||
for (size_t n = 0; n < size; n += bufferSize) { | ||
const auto slice = data.substr(n, bufferSize); | ||
stream << slice; | ||
} | ||
stream.Close(); | ||
|
||
const auto metadata = std::move(stream).metadata(); | ||
if (!metadata) { | ||
throw Error(format("GCS error uploading '%s': %s") % path % metadata.status().message()); | ||
} | ||
} | ||
|
||
const auto now2 = std::chrono::steady_clock::now(); | ||
const auto duration = std::chrono::duration_cast<std::chrono::milliseconds>(now2 - now1).count(); | ||
|
||
printInfo(format("uploaded 'gs://%1%/%2%' (%3% bytes) in %4% ms") % bucketName % path % size % duration); | ||
} | ||
|
||
void upsertFile(const std::string & path, const std::string & data, | ||
const std::string & mimeType) override | ||
{ | ||
if (narinfoCompression != "" && hasSuffix(path, ".narinfo")) | ||
uploadFile(path, *compress(narinfoCompression, data), mimeType, narinfoCompression); | ||
else if (lsCompression != "" && hasSuffix(path, ".ls")) | ||
uploadFile(path, *compress(lsCompression, data), mimeType, lsCompression); | ||
else if (logCompression != "" && hasPrefix(path, "log/")) | ||
uploadFile(path, *compress(logCompression, data), mimeType, logCompression); | ||
else | ||
uploadFile(path, data, mimeType, ""); | ||
} | ||
|
||
void getFile(const std::string & path, Sink & sink) override | ||
{ | ||
const auto now1 = std::chrono::steady_clock::now(); | ||
|
||
auto stream = client->ReadObject(bucketName, path); | ||
if (stream.bad()) { | ||
throw NoSuchBinaryCacheFile("file '%s' does not exist in binary cache '%s'", path, getUri()); | ||
} | ||
|
||
std::vector<char> buffer(bufferSize, 0); | ||
|
||
size_t bytes = 0; | ||
|
||
while (stream.good()) { | ||
stream.read(buffer.data(), buffer.size()); | ||
const auto n = stream.gcount(); | ||
if (stream.bad()) { | ||
throw Error(format("error while dowloading '%s' from binary cache '%s': %s") % path % getUri() % stream.status().message()); | ||
} | ||
|
||
sink((unsigned char*)buffer.data(), n); | ||
bytes += n; | ||
} | ||
|
||
const auto now2 = std::chrono::steady_clock::now(); | ||
const auto duration = std::chrono::duration_cast<std::chrono::milliseconds>(now2 - now1).count(); | ||
printTalkative("downloaded 'gs://%s/%s' (%d bytes) in %d ms", | ||
bucketName, path, bytes, duration); | ||
} | ||
|
||
PathSet queryAllValidPaths() override | ||
{ | ||
PathSet paths; | ||
|
||
// FIXME: is this really needed for binary caches? | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This should probably be replied before merging. |
||
return paths; | ||
} | ||
}; | ||
|
||
static RegisterStoreImplementation regStore([]( | ||
const std::string & uri, const Store::Params & params) | ||
-> std::shared_ptr<Store> | ||
{ | ||
if (std::string(uri, 0, 5) != "gs://") return 0; | ||
auto store = std::make_shared<GCSBinaryCacheStore>(params, std::string(uri, 5)); | ||
store->init(); | ||
return store; | ||
}); | ||
|
||
} | ||
|
||
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should probably write we do authentication as documented at https://cloud.google.com/storage/docs/authentication#libauth - which also includes automatic credential management in Google App Engine and Google Cloud engine via their metadata server.
GOOGLE_APPLICATION_CREDENTIALS
is another way to do it, but this reads as if it's the only way to do it. I'd still keep the example withGOOGLE_APPLICATION_CREDENTIALS
however.