Change SetRemoteTarget API to allow editing remote target

more flexibly. - Previously only credentials could be updated with `mc admin bucket remote edit`. Change this to allow updating synchronous replication flag, path, bandwidth and healthcheck Add a flag to allow disabling proxying in active-active replication
minio · Apr 28, 2021 · 9649db1 · 9649db1
1 parent 736d8cb
commit 9649db1
Show file tree

Hide file tree

Showing 4 changed files with 109 additions and 5 deletions.
diff --git a/cmd/admin-bucket-handlers.go b/cmd/admin-bucket-handlers.go
@@ -165,14 +165,44 @@ func (a adminAPIHandlers) SetRemoteTargetHandler(w http.ResponseWriter, r *http.
 	}
 
 	target.SourceBucket = bucket
-	if !update {
+	var ops []madmin.TargetUpdateType
+	if update {
+		ops = madmin.GetTargetUpdateOps(r.URL)
+	} else {
 		target.Arn = globalBucketTargetSys.getRemoteARN(bucket, &target)
 	}
 	if target.Arn == "" {
 		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErrWithErr(ErrAdminConfigBadJSON, err), r.URL)
 		return
 	}
-
+	if update {
+		// overlay the updates on existing target
+		tgt := globalBucketTargetSys.GetRemoteBucketTargetByArn(ctx, bucket, target.Arn)
+		if tgt.Empty() {
+			writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErrWithErr(ErrRemoteTargetNotFoundError, err), r.URL)
+			return
+		}
+		for _, op := range ops {
+			switch op {
+			case madmin.CredentialsUpdateType:
+				tgt.Credentials = target.Credentials
+				tgt.TargetBucket = target.TargetBucket
+				tgt.Secure = target.Secure
+				tgt.Endpoint = target.Endpoint
+			case madmin.SyncUpdateType:
+				tgt.ReplicationSync = target.ReplicationSync
+			case madmin.ProxyUpdateType:
+				tgt.DisableProxy = target.DisableProxy
+			case madmin.PathUpdateType:
+				tgt.Path = target.Path
+			case madmin.BandwidthLimitUpdateType:
+				tgt.BandwidthLimit = target.BandwidthLimit
+			case madmin.HealthCheckDurationUpdateType:
+				tgt.HealthCheckDuration = target.HealthCheckDuration
+			}
+		}
+		target = tgt
+	}
 	if err = globalBucketTargetSys.SetTarget(ctx, bucket, &target, update); err != nil {
 		switch err.(type) {
 		case BucketRemoteConnectionErr:

diff --git a/cmd/bucket-replication.go b/cmd/bucket-replication.go
@@ -1049,7 +1049,10 @@ func proxyHeadToRepTarget(ctx context.Context, bucket, object string, opts Objec
 	if tgt == nil || tgt.isOffline() {
 		return nil, oi, false, fmt.Errorf("target is offline or not configured")
 	}
-
+	// if proxying explicitly disabled on remote target
+	if tgt.disableProxy {
+		return nil, oi, false, nil
+	}
 	gopts := miniogo.GetObjectOptions{
 		VersionID:            opts.VersionID,
 		ServerSideEncryption: opts.ServerSideEncryption,

diff --git a/cmd/bucket-targets.go b/cmd/bucket-targets.go
@@ -204,6 +204,21 @@ func (sys *BucketTargetSys) GetRemoteTargetClient(ctx context.Context, arn strin
 	return sys.arnRemotesMap[arn]
 }
 
+// GetRemoteBucketTargetByArn returns BucketTarget for a ARN
+func (sys *BucketTargetSys) GetRemoteBucketTargetByArn(ctx context.Context, bucket, arn string) madmin.BucketTarget {
+	sys.RLock()
+	defer sys.RUnlock()
+	var tgt madmin.BucketTarget
+	for _, t := range sys.targetsMap[bucket] {
+		if t.Arn == arn {
+			tgt = t.Clone()
+			tgt.Credentials = t.Credentials
+			return tgt
+		}
+	}
+	return tgt
+}
+
 // NewBucketTargetSys - creates new replication system.
 func NewBucketTargetSys() *BucketTargetSys {
 	return &BucketTargetSys{
@@ -315,6 +330,7 @@ func (sys *BucketTargetSys) getRemoteTargetClient(tcfg *madmin.BucketTarget) (*T
 		replicateSync:       tcfg.ReplicationSync,
 		Bucket:              tcfg.TargetBucket,
 		StorageClass:        tcfg.StorageClass,
+		disableProxy:        tcfg.DisableProxy,
 	}
 	go tc.healthCheck()
 	return tc, nil
@@ -393,6 +409,7 @@ type TargetClient struct {
 	Bucket              string // remote bucket target
 	replicateSync       bool
 	StorageClass        string // storage class on remote
+	disableProxy        bool
 }
 
 func (tc *TargetClient) isOffline() bool {

diff --git a/pkg/madmin/remote-target-commands.go b/pkg/madmin/remote-target-commands.go
@@ -99,6 +99,7 @@ type BucketTarget struct {
 	ReplicationSync     bool              `json:"replicationSync"`
 	StorageClass        string            `json:"storageclass,omitempty"`
 	HealthCheckDuration time.Duration     `json:"healthCheckDuration,omitempty"`
+	DisableProxy        bool              `json:"disableProxy"`
 }
 
 // Clone returns shallow clone of BucketTarget without secret key in credentials
@@ -110,14 +111,15 @@ func (t *BucketTarget) Clone() BucketTarget {
 		Credentials:         &auth.Credentials{AccessKey: t.Credentials.AccessKey},
 		Secure:              t.Secure,
 		Path:                t.Path,
-		API:                 t.Path,
+		API:                 t.API,
 		Arn:                 t.Arn,
 		Type:                t.Type,
 		Region:              t.Region,
 		BandwidthLimit:      t.BandwidthLimit,
 		ReplicationSync:     t.ReplicationSync,
 		StorageClass:        t.StorageClass, // target storage class
 		HealthCheckDuration: t.HealthCheckDuration,
+		DisableProxy:        t.DisableProxy,
 	}
 }
 
@@ -235,8 +237,43 @@ func (adm *AdminClient) SetRemoteTarget(ctx context.Context, bucket string, targ
 	return arn, nil
 }
 
+// TargetUpdateType -  type of update on the remote target
+type TargetUpdateType int
+
+const (
+	CredentialsUpdateType TargetUpdateType = 1 + iota
+	SyncUpdateType
+	ProxyUpdateType
+	BandwidthLimitUpdateType
+	HealthCheckDurationUpdateType
+	PathUpdateType
+)
+
+func GetTargetUpdateOps(u *url.URL) []TargetUpdateType {
+	var ops []TargetUpdateType
+	if u.Query().Get("creds") == "true" {
+		ops = append(ops, CredentialsUpdateType)
+	}
+	if u.Query().Get("sync") == "true" {
+		ops = append(ops, SyncUpdateType)
+	}
+	if u.Query().Get("proxy") == "true" {
+		ops = append(ops, ProxyUpdateType)
+	}
+	if u.Query().Get("healthcheck") == "true" {
+		ops = append(ops, HealthCheckDurationUpdateType)
+	}
+	if u.Query().Get("bandwidth") == "true" {
+		ops = append(ops, BandwidthLimitUpdateType)
+	}
+	if u.Query().Get("path") == "true" {
+		ops = append(ops, PathUpdateType)
+	}
+	return ops
+}
+
 // UpdateRemoteTarget updates credentials for a remote bucket target
-func (adm *AdminClient) UpdateRemoteTarget(ctx context.Context, target *BucketTarget) (string, error) {
+func (adm *AdminClient) UpdateRemoteTarget(ctx context.Context, target *BucketTarget, ops []TargetUpdateType) (string, error) {
 	if target == nil {
 		return "", fmt.Errorf("target cannot be nil")
 	}
@@ -252,6 +289,23 @@ func (adm *AdminClient) UpdateRemoteTarget(ctx context.Context, target *BucketTa
 	queryValues.Set("bucket", target.SourceBucket)
 	queryValues.Set("update", "true")
 
+	for _, op := range ops {
+		switch op {
+		case CredentialsUpdateType:
+			queryValues.Set("creds", "true")
+		case SyncUpdateType:
+			queryValues.Set("sync", "true")
+		case ProxyUpdateType:
+			queryValues.Set("proxy", "true")
+		case BandwidthLimitUpdateType:
+			queryValues.Set("bandwidth", "true")
+		case HealthCheckDurationUpdateType:
+			queryValues.Set("healthcheck", "true")
+		case PathUpdateType:
+			queryValues.Set("path", "true")
+		}
+	}
+
 	reqData := requestData{
 		relPath:     adminAPIPrefix + "/set-remote-target",
 		queryValues: queryValues,