From 09f20238aafcbbf5db725ef62f4007fe527684ca Mon Sep 17 00:00:00 2001 From: liaochuntao Date: Fri, 23 Sep 2022 18:38:47 +0800 Subject: [PATCH 01/37] fix issue #629 (#693) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs:优化错误信息描述 * Update zh.toml * fix:修复eureka心跳协议错误码不兼容问题 * fix:修复eureka心跳协议错误码不兼容问题 * unit:添加单元测试 * test:调整测试配置文件位置 * fix:issue #692 * fix:issue #692 * fix:issue #692 * fix:issue #692 --- release/conf/i18n/en.toml | 133 ++++++++++++++++++-------------------- 1 file changed, 64 insertions(+), 69 deletions(-) diff --git a/release/conf/i18n/en.toml b/release/conf/i18n/en.toml index 70b27311c..21420e8e8 100644 --- a/release/conf/i18n/en.toml +++ b/release/conf/i18n/en.toml @@ -102,72 +102,67 @@ 400217 = "exist auth strategy rule" #AuthStrategyRuleExisted 400218 = "some sub-account existed in owner" #SubAccountExisted 400219 = "some config group existed in namespace" #NamespaceExistedConfigGroups -400301 = "not found service" #NotFoundService -400302 = "not found routing" #NotFoundRouting -400303 = "not found instances" #NotFoundInstance -400304 = "not found service alias" #NotFoundServiceAlias -400305 = "not found namespace" #NotFoundNamespace -400306 = "not found the source service link with the alias" #NotFoundSourceService -400307 = "not found rate limit" #NotFoundRateLimit -400308 = "not found circuit breaker" #NotFoundCircuitBreaker -400309 = "not found master config" #NotFoundMasterConfig -400310 = "not found tag config" #NotFoundTagConfig -400311 = "not found tag config or service, or relation already exists" #NotFoundTagConfigOrService -400312 = "not found user" #NotFoundUser -400313 = "not found owner user" #NotFoundOwnerUser -400314 = "not found usergroup" #NotFoundUserGroup -400315 = "not found auth strategy rule" #NotFoundAuthStrategyRule -400401 = "client api is not open" #ClientAPINotOpen -400402 = "not allow requesting business service" #NotAllowBusinessService -400410 = "" #InvalidUserOwners -400411 = "invalid user-id" #InvalidUserID -400412 = "invalid user password" #InvalidUserPassword -400413 = "" #InvalidUserMobile -400414 = "" #InvalidUserEmail -400420 = "invalid usergroup owner attribute" #InvalidUserGroupOwners -400421 = "" #InvalidUserGroupID -400430 = "invalid auth strategy rule owner" #InvalidAuthStrategyOwners -400431 = "invalid auth strategy rule name" #InvalidAuthStrategyName -400432 = "" #InvalidAuthStrategyID -400440 = "invalid principal type" #InvalidPrincipalType -400501 = "not allow service alias updating" #NotAllowAliasUpdate -400502 = "not allow service alias creating instance" #NotAllowAliasCreateInstance -400503 = "not allow service alias creating routing config" #NotAllowAliasCreateRouting -400504 = "only source service can create alias" #NotAllowCreateAliasForAlias -400505 = "not allow service alias creating rate limit" #NotAllowAliasCreateRateLimit -400506 = "not allow service alias binding rule" #NotAllowAliasBindRule -400507 = "not allow different namespace binding rule" #NotAllowDifferentNamespaceBindRule -400508 = "not allow modify default strategy principal" #NotAllowModifyDefaultStrategyPrincipal -400509 = "not allow modify main account default strategy" #NotAllowModifyOwnerDefaultStrategy -400700 = "invalid routing id" #InvalidRoutingID -400701 = "invalid routing policy, only support (RulePolicy,MetadataPolicy)" #InvalidRoutingPolicy -400702 = "invalid routing name" #InvalidRoutingName -400703 = "invalid routing priority, only support [0, 10]" #InvalidRoutingPriority -400801 = "invalid config file group name" #InvalidConfigFileGroupName -400802 = "invalid config file name" #InvalidConfigFileName -400803 = "config file content too long" #InvalidConfigFileContentLength -400804 = "invalid config file format, support json,xml,html,properties,text,yaml" #InvalidConfigFileFormat -400805 = "invalid config file tags, tags should be pair, like key1,value1,key2,value2. and key,value should not blank" #InvalidConfigFileTags -400806 = "invalid watch config file format" #InvalidWatchConfigFileFormat -400807 = "config file not existed" #NotFoundResourceConfigFile -400808 = "invalid config file template name" #InvalidConfigFileTemplateName -401000 = "unauthorized" #Unauthorized -401001 = "access is not approved" #NotAllowedAccess -401002 = "auth token empty" #EmptyAutToken -401003 = "token already disabled" #TokenDisabled -401004 = "token not existed" #TokenNotExisted -403001 = "server limit the ip access" #IPRateLimit -403002 = "server limit the api access" #APIRateLimit -404001 = "not found the host cmdb" #CMDBNotFindHost -409000 = "data is conflict, please try again" #DataConflict -429001 = "your instance has too many requests" #InstanceTooManyRequests -500000 = "execute exception" #ExecuteException -500001 = "store layer exception" #StoreLayerException -500002 = "cmdb plugin exception" #CMDBPluginException -500004 = "parsing routing failed" #ParseRoutingException -500005 = "parse rate limit failed" #ParseRateLimitException -500006 = "parse circuit breaker failed" #ParseCircuitBreakerException -500007 = "heartbeat execute exception" #HeartbeatException -500008 = "instance async regist timeout" #InstanceRegisTimeout -500100 = "token verify exception" #AuthTokenVerifyException -500101 = "operation role exception" #OperationRoleException \ No newline at end of file +400301 = "not found service" #NotFoundService +400302 = "not found routing" #NotFoundRouting +400303 = "not found instances" #NotFoundInstance +400304 = "not found service alias" #NotFoundServiceAlias +400305 = "not found namespace" #NotFoundNamespace +400306 = "not found the source service link with the alias" #NotFoundSourceService +400307 = "not found rate limit" #NotFoundRateLimit +400308 = "not found circuit breaker" #NotFoundCircuitBreaker +400309 = "not found master config" #NotFoundMasterConfig +400310 = "not found tag config" #NotFoundTagConfig +400311 = "not found tag config or service, or relation already exists" #NotFoundTagConfigOrService +400312 = "not found user" #NotFoundUser +400313 = "not found owner user" #NotFoundOwnerUser +400314 = "not found usergroup" #NotFoundUserGroup +400315 = "not found auth strategy rule" #NotFoundAuthStrategyRule +400401 = "client api is not open" #ClientAPINotOpen +400402 = "not allow requesting business service" #NotAllowBusinessService +400410 = "invalid user owners" #InvalidUserOwners +400411 = "invalid user-id" #InvalidUserID +400412 = "invalid user password" #InvalidUserPassword +400413 = "invalid user mobile" #InvalidUserMobile +400414 = "invalid user email" #InvalidUserEmail +400420 = "invalid usergroup owner attribute" #InvalidUserGroupOwners +400421 = "invalid usergroup id" #InvalidUserGroupID +400430 = "invalid auth strategy rule owner" #InvalidAuthStrategyOwners +400431 = "invalid auth strategy rule name" #InvalidAuthStrategyName +400432 = "invalid auth strategy id" #InvalidAuthStrategyID +400440 = "invalid principal type" #InvalidPrincipalType +400501 = "not allow service alias updating" #NotAllowAliasUpdate +400502 = "not allow service alias creating instance" #NotAllowAliasCreateInstance +400503 = "not allow service alias creating routing config" #NotAllowAliasCreateRouting +400504 = "only source service can create alias" #NotAllowCreateAliasForAlias +400505 = "not allow service alias creating rate limit" #NotAllowAliasCreateRateLimit +400506 = "not allow service alias binding rule" #NotAllowAliasBindRule +400507 = "not allow different namespace binding rule" #NotAllowDifferentNamespaceBindRule +400508 = "not allow modify default strategy principal" #NotAllowModifyDefaultStrategyPrincipal +400801 = "invalid config file group name" #InvalidConfigFileGroupName +400802 = "invalid config file name" #InvalidConfigFileName +400803 = "config file content too long" #InvalidConfigFileContentLength +400804 = "invalid config file format, support json,xml,html,properties,text,yaml" #InvalidConfigFileFormat +400805 = "invalid config file tags, tags should be pair, like key1,value1,key2,value2. and key,value should not blank" #InvalidConfigFileTags +400806 = "invalid watch config file format" #InvalidWatchConfigFileFormat +400807 = "config file not existed" #NotFoundResourceConfigFile +400808 = "invalid config file template name" #InvalidConfigFileTemplateName +401000 = "unauthorized" #Unauthorized +401001 = "access is not approved" #NotAllowedAccess +401002 = "auth token empty" #EmptyAutToken +401003 = "token already disabled" #TokenDisabled +401004 = "token not existed" #TokenNotExisted +403001 = "server limit the ip access" #IPRateLimit +403002 = "server limit the api access" #APIRateLimit +404001 = "not found the host cmdb" #CMDBNotFindHost +409000 = "data is conflict, please try again" #DataConflict +429001 = "your instance has too many requests" #InstanceTooManyRequests +500000 = "execute exception" #ExecuteException +500001 = "store layer exception" #StoreLayerException +500002 = "cmdb plugin exception" #CMDBPluginException +500004 = "parsing routing failed" #ParseRoutingException +500005 = "parse rate limit failed" #ParseRateLimitException +500006 = "parse circuit breaker failed" #ParseCircuitBreakerException +500007 = "heartbeat execute exception" #HeartbeatException +500008 = "instance async regist timeout" #InstanceRegisTimeout +500100 = "token verify exception" #AuthTokenVerifyException +500101 = "operation role exception" #OperationRoleException From 704febb9f976d4413c6d5d8ec8661d216d3085c0 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Sun, 25 Sep 2022 16:35:01 +0800 Subject: [PATCH 02/37] docs:add error code desc --- release/conf/i18n/en.toml | 133 ++++++++++++++++++++------------------ 1 file changed, 69 insertions(+), 64 deletions(-) diff --git a/release/conf/i18n/en.toml b/release/conf/i18n/en.toml index 21420e8e8..70b27311c 100644 --- a/release/conf/i18n/en.toml +++ b/release/conf/i18n/en.toml @@ -102,67 +102,72 @@ 400217 = "exist auth strategy rule" #AuthStrategyRuleExisted 400218 = "some sub-account existed in owner" #SubAccountExisted 400219 = "some config group existed in namespace" #NamespaceExistedConfigGroups -400301 = "not found service" #NotFoundService -400302 = "not found routing" #NotFoundRouting -400303 = "not found instances" #NotFoundInstance -400304 = "not found service alias" #NotFoundServiceAlias -400305 = "not found namespace" #NotFoundNamespace -400306 = "not found the source service link with the alias" #NotFoundSourceService -400307 = "not found rate limit" #NotFoundRateLimit -400308 = "not found circuit breaker" #NotFoundCircuitBreaker -400309 = "not found master config" #NotFoundMasterConfig -400310 = "not found tag config" #NotFoundTagConfig -400311 = "not found tag config or service, or relation already exists" #NotFoundTagConfigOrService -400312 = "not found user" #NotFoundUser -400313 = "not found owner user" #NotFoundOwnerUser -400314 = "not found usergroup" #NotFoundUserGroup -400315 = "not found auth strategy rule" #NotFoundAuthStrategyRule -400401 = "client api is not open" #ClientAPINotOpen -400402 = "not allow requesting business service" #NotAllowBusinessService -400410 = "invalid user owners" #InvalidUserOwners -400411 = "invalid user-id" #InvalidUserID -400412 = "invalid user password" #InvalidUserPassword -400413 = "invalid user mobile" #InvalidUserMobile -400414 = "invalid user email" #InvalidUserEmail -400420 = "invalid usergroup owner attribute" #InvalidUserGroupOwners -400421 = "invalid usergroup id" #InvalidUserGroupID -400430 = "invalid auth strategy rule owner" #InvalidAuthStrategyOwners -400431 = "invalid auth strategy rule name" #InvalidAuthStrategyName -400432 = "invalid auth strategy id" #InvalidAuthStrategyID -400440 = "invalid principal type" #InvalidPrincipalType -400501 = "not allow service alias updating" #NotAllowAliasUpdate -400502 = "not allow service alias creating instance" #NotAllowAliasCreateInstance -400503 = "not allow service alias creating routing config" #NotAllowAliasCreateRouting -400504 = "only source service can create alias" #NotAllowCreateAliasForAlias -400505 = "not allow service alias creating rate limit" #NotAllowAliasCreateRateLimit -400506 = "not allow service alias binding rule" #NotAllowAliasBindRule -400507 = "not allow different namespace binding rule" #NotAllowDifferentNamespaceBindRule -400508 = "not allow modify default strategy principal" #NotAllowModifyDefaultStrategyPrincipal -400801 = "invalid config file group name" #InvalidConfigFileGroupName -400802 = "invalid config file name" #InvalidConfigFileName -400803 = "config file content too long" #InvalidConfigFileContentLength -400804 = "invalid config file format, support json,xml,html,properties,text,yaml" #InvalidConfigFileFormat -400805 = "invalid config file tags, tags should be pair, like key1,value1,key2,value2. and key,value should not blank" #InvalidConfigFileTags -400806 = "invalid watch config file format" #InvalidWatchConfigFileFormat -400807 = "config file not existed" #NotFoundResourceConfigFile -400808 = "invalid config file template name" #InvalidConfigFileTemplateName -401000 = "unauthorized" #Unauthorized -401001 = "access is not approved" #NotAllowedAccess -401002 = "auth token empty" #EmptyAutToken -401003 = "token already disabled" #TokenDisabled -401004 = "token not existed" #TokenNotExisted -403001 = "server limit the ip access" #IPRateLimit -403002 = "server limit the api access" #APIRateLimit -404001 = "not found the host cmdb" #CMDBNotFindHost -409000 = "data is conflict, please try again" #DataConflict -429001 = "your instance has too many requests" #InstanceTooManyRequests -500000 = "execute exception" #ExecuteException -500001 = "store layer exception" #StoreLayerException -500002 = "cmdb plugin exception" #CMDBPluginException -500004 = "parsing routing failed" #ParseRoutingException -500005 = "parse rate limit failed" #ParseRateLimitException -500006 = "parse circuit breaker failed" #ParseCircuitBreakerException -500007 = "heartbeat execute exception" #HeartbeatException -500008 = "instance async regist timeout" #InstanceRegisTimeout -500100 = "token verify exception" #AuthTokenVerifyException -500101 = "operation role exception" #OperationRoleException +400301 = "not found service" #NotFoundService +400302 = "not found routing" #NotFoundRouting +400303 = "not found instances" #NotFoundInstance +400304 = "not found service alias" #NotFoundServiceAlias +400305 = "not found namespace" #NotFoundNamespace +400306 = "not found the source service link with the alias" #NotFoundSourceService +400307 = "not found rate limit" #NotFoundRateLimit +400308 = "not found circuit breaker" #NotFoundCircuitBreaker +400309 = "not found master config" #NotFoundMasterConfig +400310 = "not found tag config" #NotFoundTagConfig +400311 = "not found tag config or service, or relation already exists" #NotFoundTagConfigOrService +400312 = "not found user" #NotFoundUser +400313 = "not found owner user" #NotFoundOwnerUser +400314 = "not found usergroup" #NotFoundUserGroup +400315 = "not found auth strategy rule" #NotFoundAuthStrategyRule +400401 = "client api is not open" #ClientAPINotOpen +400402 = "not allow requesting business service" #NotAllowBusinessService +400410 = "" #InvalidUserOwners +400411 = "invalid user-id" #InvalidUserID +400412 = "invalid user password" #InvalidUserPassword +400413 = "" #InvalidUserMobile +400414 = "" #InvalidUserEmail +400420 = "invalid usergroup owner attribute" #InvalidUserGroupOwners +400421 = "" #InvalidUserGroupID +400430 = "invalid auth strategy rule owner" #InvalidAuthStrategyOwners +400431 = "invalid auth strategy rule name" #InvalidAuthStrategyName +400432 = "" #InvalidAuthStrategyID +400440 = "invalid principal type" #InvalidPrincipalType +400501 = "not allow service alias updating" #NotAllowAliasUpdate +400502 = "not allow service alias creating instance" #NotAllowAliasCreateInstance +400503 = "not allow service alias creating routing config" #NotAllowAliasCreateRouting +400504 = "only source service can create alias" #NotAllowCreateAliasForAlias +400505 = "not allow service alias creating rate limit" #NotAllowAliasCreateRateLimit +400506 = "not allow service alias binding rule" #NotAllowAliasBindRule +400507 = "not allow different namespace binding rule" #NotAllowDifferentNamespaceBindRule +400508 = "not allow modify default strategy principal" #NotAllowModifyDefaultStrategyPrincipal +400509 = "not allow modify main account default strategy" #NotAllowModifyOwnerDefaultStrategy +400700 = "invalid routing id" #InvalidRoutingID +400701 = "invalid routing policy, only support (RulePolicy,MetadataPolicy)" #InvalidRoutingPolicy +400702 = "invalid routing name" #InvalidRoutingName +400703 = "invalid routing priority, only support [0, 10]" #InvalidRoutingPriority +400801 = "invalid config file group name" #InvalidConfigFileGroupName +400802 = "invalid config file name" #InvalidConfigFileName +400803 = "config file content too long" #InvalidConfigFileContentLength +400804 = "invalid config file format, support json,xml,html,properties,text,yaml" #InvalidConfigFileFormat +400805 = "invalid config file tags, tags should be pair, like key1,value1,key2,value2. and key,value should not blank" #InvalidConfigFileTags +400806 = "invalid watch config file format" #InvalidWatchConfigFileFormat +400807 = "config file not existed" #NotFoundResourceConfigFile +400808 = "invalid config file template name" #InvalidConfigFileTemplateName +401000 = "unauthorized" #Unauthorized +401001 = "access is not approved" #NotAllowedAccess +401002 = "auth token empty" #EmptyAutToken +401003 = "token already disabled" #TokenDisabled +401004 = "token not existed" #TokenNotExisted +403001 = "server limit the ip access" #IPRateLimit +403002 = "server limit the api access" #APIRateLimit +404001 = "not found the host cmdb" #CMDBNotFindHost +409000 = "data is conflict, please try again" #DataConflict +429001 = "your instance has too many requests" #InstanceTooManyRequests +500000 = "execute exception" #ExecuteException +500001 = "store layer exception" #StoreLayerException +500002 = "cmdb plugin exception" #CMDBPluginException +500004 = "parsing routing failed" #ParseRoutingException +500005 = "parse rate limit failed" #ParseRateLimitException +500006 = "parse circuit breaker failed" #ParseCircuitBreakerException +500007 = "heartbeat execute exception" #HeartbeatException +500008 = "instance async regist timeout" #InstanceRegisTimeout +500100 = "token verify exception" #AuthTokenVerifyException +500101 = "operation role exception" #OperationRoleException \ No newline at end of file From f5569d5df73ff397f5e4f09da93cfa0166824ee3 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 19 Oct 2022 16:00:33 +0800 Subject: [PATCH 03/37] =?UTF-8?q?fix:=E8=B0=83=E6=95=B4license-checker?= =?UTF-8?q?=E7=9A=84=E8=A7=A6=E5=8F=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/golangci-lint.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index af225f81a..204f950cb 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -15,10 +15,6 @@ name: golangci-lint on: - push: - branches: - - main - - release* pull_request: branches: - main From fd23b1b0a68344b82b6fcd07ca67aa6e3694fd98 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 19 Oct 2022 17:08:41 +0800 Subject: [PATCH 04/37] =?UTF-8?q?fix:=E8=B0=83=E6=95=B4license-checker?= =?UTF-8?q?=E7=9A=84=E8=A7=A6=E5=8F=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/golangci-lint.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 204f950cb..af225f81a 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -15,6 +15,10 @@ name: golangci-lint on: + push: + branches: + - main + - release* pull_request: branches: - main From 949a3581e03a1fde68ea020a1b2b2468f750827f Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Tue, 23 May 2023 15:41:22 +0800 Subject: [PATCH 05/37] feat:support rls to push xds client --- apiserver/xdsserverv3/gateway.go | 78 +++++++++++++ auth/defaultauth/group.go | 6 +- auth/defaultauth/strategy.go | 7 +- auth/defaultauth/user.go | 20 ++-- common/model/{maintain.go => admin.go} | 0 common/model/naming.go | 138 ----------------------- common/model/ratelimit.go | 148 +++++++++++++++++++++++++ common/model/routing.go | 20 ++++ service/instance.go | 6 +- store/boltdb/user.go | 18 ++- 10 files changed, 274 insertions(+), 167 deletions(-) rename common/model/{maintain.go => admin.go} (100%) create mode 100644 common/model/ratelimit.go diff --git a/apiserver/xdsserverv3/gateway.go b/apiserver/xdsserverv3/gateway.go index 933c3b858..10ad7dc15 100644 --- a/apiserver/xdsserverv3/gateway.go +++ b/apiserver/xdsserverv3/gateway.go @@ -31,6 +31,7 @@ import ( "github.com/golang/protobuf/ptypes/wrappers" apimodel "github.com/polarismesh/specification/source/go/api/v1/model" "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" + "google.golang.org/protobuf/types/known/anypb" "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" @@ -131,6 +132,15 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r callerService := xdsNode.Metadata[GatewayServiceName] callerNamespace := xdsNode.Metadata[GatewayNamespaceName] + ratelimitGetter := x.RatelimitConfigGetter + if ratelimitGetter == nil { + ratelimitGetter = x.namingServer.Cache().RateLimit().GetRateLimitRules + } + ratelimitRules, _ := ratelimitGetter(model.ServiceKey{ + Namespace: callerNamespace, + Name: callerService, + }) + routerCache := x.namingServer.Cache().RoutingConfig() routerCache.IteratorRouterRule(func(_ string, rule *model.ExtendRouterConfig) { if !rule.Enable { @@ -170,6 +180,9 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r if !findGatewaySource { continue } + + ratelimitActions, localRateLimit := x.makeGatewayRouteLimit(namespace, xdsNode, routeMatch, ratelimitRules) + route := &route.Route{ Match: routeMatch, Action: &route.Route_Route{ @@ -177,8 +190,12 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r ClusterSpecifier: &route.RouteAction_WeightedClusters{ WeightedClusters: buildWeightClustersV2(subRule.GetDestinations()), }, + RateLimits: ratelimitActions, }, }, + TypedPerFilterConfig: map[string]*anypb.Any{ + "envoy.filters.http.local_ratelimit": localRateLimit, + }, } routes = append(routes, route) } @@ -202,6 +219,67 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r return routes } +func (x *XDSServer) makeGatewayRouteLimit(namespace string, xdsNode *XDSClient, + routeMatch *route.RouteMatch, ratelimitRules []*model.RateLimit) ([]*route.RateLimit, *anypb.Any) { + + var ( + prefix *route.RouteMatch_Prefix + regx *route.RouteMatch_SafeRegex + ) + + actions := make([]*route.RateLimit_Action, 0, 4) + + pathSpecifier := routeMatch.PathSpecifier + switch pathSpecifier.(type) { + case *route.RouteMatch_Prefix: + prefix = pathSpecifier.(*route.RouteMatch_Prefix) + case *route.RouteMatch_SafeRegex: + regx = pathSpecifier.(*route.RouteMatch_SafeRegex) + } + + for i := range ratelimitRules { + rule := ratelimitRules[i] + if rule.Disable { + continue + } + + pathMatch := false + switch rule.Proto.GetMethod().GetType() { + case apimodel.MatchString_EXACT: + if prefix != nil && prefix.Prefix == rule.Proto.GetMethod().GetValue().GetValue() { + pathMatch = true + } + case apimodel.MatchString_REGEX: + if regx != nil && regx.SafeRegex.GetRegex() == rule.Proto.GetMethod().GetValue().GetValue() { + pathMatch = true + } + } + + if !pathMatch { + continue + } + + for ai := range rule.Proto.GetArguments() { + argument := rule.Proto.GetArguments()[ai] + argumentKey := model.BuildArgumentKey(argument.Type, argument.Key) + switch argument.Type { + case traffic_manage.MatchArgument_HEADER: + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_RequestHeaders_{ + RequestHeaders: &route.RateLimit_Action_RequestHeaders{ + HeaderName: argumentKey, + DescriptorKey: argumentKey, + SkipIfAbsent: false, + }, + }, + }) + } + } + } + + return nil, nil +} + func buildGatewayRouteMatch(routeMatch *route.RouteMatch, source *traffic_manage.SourceService) { for i := range source.GetArguments() { argument := source.GetArguments()[i] diff --git a/auth/defaultauth/group.go b/auth/defaultauth/group.go index ecdf87030..376410599 100644 --- a/auth/defaultauth/group.go +++ b/auth/defaultauth/group.go @@ -71,7 +71,7 @@ func (svr *server) CreateGroup(ctx context.Context, req *apisecurity.UserGroup) if err != nil { log.Error("get group when create", utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID), zap.Error(err)) - return api.NewGroupResponse(apimodel.Code_StoreLayerException, req) + return api.NewGroupResponse(StoreCode2APICode(err), req) } if group != nil { @@ -168,7 +168,7 @@ func (svr *server) DeleteGroup(ctx context.Context, req *apisecurity.UserGroup) group, err := svr.storage.GetGroup(req.GetId().GetValue()) if err != nil { log.Error("get group from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewGroupResponse(apimodel.Code_StoreLayerException, req) + return api.NewGroupResponse(StoreCode2APICode(err), req) } if group == nil { return api.NewGroupResponse(apimodel.Code_ExecuteSuccess, req) @@ -216,7 +216,7 @@ func (svr *server) GetGroups(ctx context.Context, query map[string]string) *apis total, groups, err := svr.storage.GetGroups(searchFilters, offset, limit) if err != nil { log.Errorf("[Auth][Group] get groups req(%+v) store err: %s", query, err.Error()) - return api.NewAuthBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewAuthBatchQueryResponse(StoreCode2APICode(err)) } resp := api.NewAuthBatchQueryResponse(apimodel.Code_ExecuteSuccess) diff --git a/auth/defaultauth/strategy.go b/auth/defaultauth/strategy.go index 8aa5b9f6f..4e0d41d90 100644 --- a/auth/defaultauth/strategy.go +++ b/auth/defaultauth/strategy.go @@ -221,7 +221,6 @@ func (svr *server) GetStrategies(ctx context.Context, query map[string]string) * } searchFilters = parseStrategySearchArgs(ctx, searchFilters) - offset, limit, err := utils.ParseOffsetAndLimit(searchFilters) if err != nil { @@ -232,7 +231,7 @@ func (svr *server) GetStrategies(ctx context.Context, query map[string]string) * if err != nil { log.Error("[Auth][Strategy] get strategies from store", zap.Any("query", searchFilters), zap.Error(err)) - return api.NewAuthBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewAuthBatchQueryResponse(StoreCode2APICode(err)) } resp := api.NewAuthBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -393,7 +392,7 @@ func (svr *server) GetPrincipalResources(ctx context.Context, query map[string]s if err != nil { log.Error("[Auth][Strategy] get principal link resource", utils.ZapRequestID(requestID), zap.String("principal-id", principalId), zap.Any("principal-role", principalRole), zap.Error(err)) - return api.NewAuthResponse(apimodel.Code_StoreLayerException) + return api.NewAuthResponse(StoreCode2APICode(err)) } resources = append(resources, res...) } @@ -403,7 +402,7 @@ func (svr *server) GetPrincipalResources(ctx context.Context, query map[string]s if err != nil { log.Error("[Auth][Strategy] get principal link resource", utils.ZapRequestID(requestID), zap.String("principal-id", principalId), zap.Any("principal-role", principalRole), zap.Error(err)) - return api.NewAuthResponse(apimodel.Code_StoreLayerException) + return api.NewAuthResponse(StoreCode2APICode(err)) } resources = append(resources, pResources...) diff --git a/auth/defaultauth/user.go b/auth/defaultauth/user.go index 0d391069e..b18a49895 100644 --- a/auth/defaultauth/user.go +++ b/auth/defaultauth/user.go @@ -88,9 +88,9 @@ func (svr *server) CreateUser(ctx context.Context, req *apisecurity.User) *apise if ownerID != "" { owner, err := svr.storage.GetUser(ownerID) if err != nil { - log.Error("[Auth][User] get user by name and owner", utils.ZapRequestID(requestID), - zap.Error(err), zap.String("name", req.GetName().GetValue())) - return api.NewUserResponse(apimodel.Code_StoreLayerException, req) + log.Error("[Auth][User] get owner user", utils.ZapRequestID(requestID), zap.Error(err), + zap.String("owner", ownerID)) + return api.NewUserResponse(StoreCode2APICode(err), req) } if owner.Name == req.Name.GetValue() { @@ -104,8 +104,8 @@ func (svr *server) CreateUser(ctx context.Context, req *apisecurity.User) *apise user, err := svr.storage.GetUserByName(req.Name.GetValue(), ownerID) if err != nil { log.Error("[Auth][User] get user by name and owner", utils.ZapRequestID(requestID), - zap.Error(err), zap.String("name", req.GetName().GetValue())) - return api.NewUserResponse(apimodel.Code_StoreLayerException, req) + zap.Error(err), zap.String("owner", ownerID), zap.String("name", req.GetName().GetValue())) + return api.NewUserResponse(StoreCode2APICode(err), req) } if user != nil { return api.NewUserResponse(apimodel.Code_UserExisted, req) @@ -271,7 +271,9 @@ func (svr *server) DeleteUser(ctx context.Context, req *apisecurity.User) *apise if user.Type == model.OwnerUserRole { count, err := svr.storage.GetSubCount(user) if err != nil { - return api.NewUserResponse(apimodel.Code_StoreLayerException, req) + log.Error("[Auth][User] get user sub-account", zap.String("owner", user.ID), + utils.ZapRequestID(requestID), zap.Error(err)) + return api.NewUserResponse(StoreCode2APICode(err), req) } if count != 0 { log.Error("[Auth][User] delete user but some sub-account existed", zap.String("owner", user.ID)) @@ -333,7 +335,7 @@ func (svr *server) GetUsers(ctx context.Context, query map[string]string) *apise if err != nil { log.Error("[Auth][User] get user from store", zap.Any("req", searchFilters), zap.Error(err)) - return api.NewAuthBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewAuthBatchQueryResponse(StoreCode2APICode(err)) } resp := api.NewAuthBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -393,7 +395,7 @@ func (svr *server) UpdateUserToken(ctx context.Context, req *apisecurity.User) * user, err := svr.storage.GetUser(req.Id.GetValue()) if err != nil { log.Error("[Auth][User] get user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewUserResponse(apimodel.Code_StoreLayerException, req) + return api.NewUserResponse(StoreCode2APICode(err), req) } if user == nil { return api.NewUserResponse(apimodel.Code_NotFoundUser, req) @@ -434,7 +436,7 @@ func (svr *server) ResetUserToken(ctx context.Context, req *apisecurity.User) *a user, err := svr.storage.GetUser(req.Id.GetValue()) if err != nil { log.Error("[Auth][User] get user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewUserResponse(apimodel.Code_StoreLayerException, req) + return api.NewUserResponse(StoreCode2APICode(err), req) } if user == nil { return api.NewUserResponse(apimodel.Code_NotFoundUser, req) diff --git a/common/model/maintain.go b/common/model/admin.go similarity index 100% rename from common/model/maintain.go rename to common/model/admin.go diff --git a/common/model/naming.go b/common/model/naming.go index ea4e1678f..bf7c0240c 100644 --- a/common/model/naming.go +++ b/common/model/naming.go @@ -18,14 +18,12 @@ package model import ( - "encoding/json" "sync" "time" "github.com/golang/protobuf/ptypes/wrappers" apifault "github.com/polarismesh/specification/source/go/api/v1/fault_tolerance" apimodel "github.com/polarismesh/specification/source/go/api/v1/model" - apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" ) // Namespace 命名空间结构体 @@ -168,142 +166,6 @@ func Store2Location(s *LocationStore) *Location { } } -/* - * RoutingConfig 路由配置 - */ -type RoutingConfig struct { - ID string - InBounds string - OutBounds string - Revision string - Valid bool - CreateTime time.Time - ModifyTime time.Time -} - -// ExtendRoutingConfig 路由配置的扩展结构体 -type ExtendRoutingConfig struct { - ServiceName string - NamespaceName string - Config *RoutingConfig -} - -// RateLimit 限流规则 -type RateLimit struct { - Proto *apitraffic.Rule - ID string - ServiceID string - Name string - Method string - // Labels for old compatible, will be removed later - Labels string - Priority uint32 - Rule string - Revision string - Disable bool - Valid bool - CreateTime time.Time - ModifyTime time.Time - EnableTime time.Time -} - -// Labels2Arguments 适配老的标签到新的参数列表 -func (r *RateLimit) Labels2Arguments() (map[string]*apimodel.MatchString, error) { - if len(r.Proto.Arguments) == 0 && len(r.Labels) > 0 { - var labels = make(map[string]*apimodel.MatchString) - if err := json.Unmarshal([]byte(r.Labels), &labels); err != nil { - return nil, err - } - for key, value := range labels { - r.Proto.Arguments = append(r.Proto.Arguments, &apitraffic.MatchArgument{ - Type: apitraffic.MatchArgument_CUSTOM, - Key: key, - Value: value, - }) - } - return labels, nil - } - return nil, nil -} - -const ( - LabelKeyPath = "$path" - LabelKeyMethod = "$method" - LabelKeyHeader = "$header" - LabelKeyQuery = "$query" - LabelKeyCallerService = "$caller_service" - LabelKeyCallerIP = "$caller_ip" -) - -// Arguments2Labels 将参数列表适配成旧的标签模型 -func Arguments2Labels(arguments []*apitraffic.MatchArgument) map[string]*apimodel.MatchString { - if len(arguments) > 0 { - var labels = make(map[string]*apimodel.MatchString) - for _, argument := range arguments { - switch argument.Type { - case apitraffic.MatchArgument_CUSTOM: - labels[argument.Key] = argument.Value - case apitraffic.MatchArgument_METHOD: - labels[LabelKeyMethod] = argument.Value - case apitraffic.MatchArgument_HEADER: - labels[LabelKeyHeader+"."+argument.Key] = argument.Value - case apitraffic.MatchArgument_QUERY: - labels[LabelKeyQuery+"."+argument.Key] = argument.Value - case apitraffic.MatchArgument_CALLER_SERVICE: - labels[LabelKeyCallerService+"."+argument.Key] = argument.Value - case apitraffic.MatchArgument_CALLER_IP: - labels[LabelKeyCallerIP] = argument.Value - default: - continue - } - } - return labels - } - return nil -} - -// AdaptArgumentsAndLabels 对存量标签进行兼容,同时将argument适配成标签 -func (r *RateLimit) AdaptArgumentsAndLabels() error { - // 新的限流规则,需要适配老的SDK使用场景 - labels := Arguments2Labels(r.Proto.GetArguments()) - if len(labels) > 0 { - r.Proto.Labels = labels - } else { - var err error - // 存量限流规则,需要适配成新的规则 - labels, err = r.Labels2Arguments() - if nil != err { - return err - } - r.Proto.Labels = labels - } - return nil -} - -// AdaptLabels 对存量标签进行兼容,对存量labels进行清空 -func (r *RateLimit) AdaptLabels() error { - // 存量限流规则,需要适配成新的规则 - _, err := r.Labels2Arguments() - if nil != err { - return err - } - r.Proto.Labels = nil - return nil -} - -// ExtendRateLimit 包含服务信息的限流规则 -type ExtendRateLimit struct { - ServiceName string - NamespaceName string - RateLimit *RateLimit -} - -// RateLimitRevision 包含最新版本号的限流规则 -type RateLimitRevision struct { - ServiceID string - LastRevision string - ModifyTime time.Time -} // CircuitBreaker 熔断规则 type CircuitBreaker struct { diff --git a/common/model/ratelimit.go b/common/model/ratelimit.go new file mode 100644 index 000000000..a344fe178 --- /dev/null +++ b/common/model/ratelimit.go @@ -0,0 +1,148 @@ +/** + * Tencent is pleased to support the open source community by making Polaris available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * Licensed under the BSD 3-Clause License (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://opensource.org/licenses/BSD-3-Clause + * + * Unless required by applicable law or agreed to in writing, software distributed + * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR + * CONDITIONS OF ANY KIND, either express or implied. See the License for the + * specific language governing permissions and limitations under the License. + */ + +package model + +import ( + "encoding/json" + "time" + + apimodel "github.com/polarismesh/specification/source/go/api/v1/model" + apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" +) + +// RateLimit 限流规则 +type RateLimit struct { + Proto *apitraffic.Rule + ID string + ServiceID string + Name string + Method string + // Labels for old compatible, will be removed later + Labels string + Priority uint32 + Rule string + Revision string + Disable bool + Valid bool + CreateTime time.Time + ModifyTime time.Time + EnableTime time.Time +} + +// Labels2Arguments 适配老的标签到新的参数列表 +func (r *RateLimit) Labels2Arguments() (map[string]*apimodel.MatchString, error) { + if len(r.Proto.Arguments) == 0 && len(r.Labels) > 0 { + var labels = make(map[string]*apimodel.MatchString) + if err := json.Unmarshal([]byte(r.Labels), &labels); err != nil { + return nil, err + } + for key, value := range labels { + r.Proto.Arguments = append(r.Proto.Arguments, &apitraffic.MatchArgument{ + Type: apitraffic.MatchArgument_CUSTOM, + Key: key, + Value: value, + }) + } + return labels, nil + } + return nil, nil +} + +const ( + LabelKeyPath = "$path" + LabelKeyMethod = "$method" + LabelKeyHeader = "$header" + LabelKeyQuery = "$query" + LabelKeyCallerService = "$caller_service" + LabelKeyCallerIP = "$caller_ip" +) + +// Arguments2Labels 将参数列表适配成旧的标签模型 +func Arguments2Labels(arguments []*apitraffic.MatchArgument) map[string]*apimodel.MatchString { + if len(arguments) > 0 { + var labels = make(map[string]*apimodel.MatchString) + for _, argument := range arguments { + key := BuildArgumentKey(argument.Type, argument.Key) + labels[key] = argument.Value + } + return labels + } + return nil +} + +func BuildArgumentKey(argumentType apitraffic.MatchArgument_Type, key string) string { + switch argumentType { + case apitraffic.MatchArgument_HEADER: + return LabelKeyHeader + "." + key + case apitraffic.MatchArgument_QUERY: + return LabelKeyQuery + "." + key + case apitraffic.MatchArgument_CALLER_SERVICE: + return LabelKeyCallerService + "." + key + case apitraffic.MatchArgument_CALLER_IP: + return LabelKeyCallerIP + case apitraffic.MatchArgument_CUSTOM: + return key + case apitraffic.MatchArgument_METHOD: + return LabelKeyMethod + default: + return key + } +} + +// AdaptArgumentsAndLabels 对存量标签进行兼容,同时将argument适配成标签 +func (r *RateLimit) AdaptArgumentsAndLabels() error { + // 新的限流规则,需要适配老的SDK使用场景 + labels := Arguments2Labels(r.Proto.GetArguments()) + if len(labels) > 0 { + r.Proto.Labels = labels + } else { + var err error + // 存量限流规则,需要适配成新的规则 + labels, err = r.Labels2Arguments() + if nil != err { + return err + } + r.Proto.Labels = labels + } + return nil +} + +// AdaptLabels 对存量标签进行兼容,对存量labels进行清空 +func (r *RateLimit) AdaptLabels() error { + // 存量限流规则,需要适配成新的规则 + _, err := r.Labels2Arguments() + if nil != err { + return err + } + r.Proto.Labels = nil + return nil +} + +// ExtendRateLimit 包含服务信息的限流规则 +type ExtendRateLimit struct { + ServiceName string + NamespaceName string + RateLimit *RateLimit +} + +// RateLimitRevision 包含最新版本号的限流规则 +type RateLimitRevision struct { + ServiceID string + LastRevision string + ModifyTime time.Time +} diff --git a/common/model/routing.go b/common/model/routing.go index c4c6e3251..56ebaf724 100644 --- a/common/model/routing.go +++ b/common/model/routing.go @@ -65,6 +65,26 @@ func init() { MetaRoutingTypeUrl = metaAny.GetTypeUrl() } +/* + * RoutingConfig 路由配置 + */ +type RoutingConfig struct { + ID string + InBounds string + OutBounds string + Revision string + Valid bool + CreateTime time.Time + ModifyTime time.Time +} + +// ExtendRoutingConfig 路由配置的扩展结构体 +type ExtendRoutingConfig struct { + ServiceName string + NamespaceName string + Config *RoutingConfig +} + // ExtendRouterConfig 路由信息的扩展 type ExtendRouterConfig struct { *RouterConfig diff --git a/service/instance.go b/service/instance.go index de5ff43fd..cf5e25d60 100644 --- a/service/instance.go +++ b/service/instance.go @@ -888,9 +888,9 @@ func (s *Server) getInstance(service *apiservice.Service, instance *apiservice.I Location: instance.GetLocation(), Metadata: instance.GetMetadata(), LogicSet: instance.GetLogicSet(), - // Ctime: instance.GetCtime(), - Mtime: instance.GetMtime(), - Revision: instance.GetRevision(), + Ctime: instance.GetCtime(), + Mtime: instance.GetMtime(), + Revision: instance.GetRevision(), } s.packCmdb(out) diff --git a/store/boltdb/user.go b/store/boltdb/user.go index f15f6a297..da123b1cf 100644 --- a/store/boltdb/user.go +++ b/store/boltdb/user.go @@ -223,7 +223,7 @@ func (us *userStore) GetUser(id string) (*model.User, error) { // GetUser 获取用户 func (us *userStore) getUser(tx *bolt.Tx, id string) (*model.User, error) { if id == "" { - return nil, store.NewStatusError(store.EmptyParamsErr, "get user missing some params") + return nil, store.NewStatusError(store.EmptyParamsErr, "get user missing id params") } ret := make(map[string]interface{}) @@ -234,10 +234,6 @@ func (us *userStore) getUser(tx *bolt.Tx, id string) (*model.User, error) { if len(ret) == 0 { return nil, nil } - if len(ret) > 1 { - return nil, ErrMultipleUserFound - } - user := ret[id].(*userForStore) if !user.Valid { return nil, nil @@ -249,15 +245,17 @@ func (us *userStore) getUser(tx *bolt.Tx, id string) (*model.User, error) { // GetUserByName 获取用户 func (us *userStore) GetUserByName(name, ownerId string) (*model.User, error) { if name == "" { - return nil, store.NewStatusError(store.EmptyParamsErr, "get user missing some params") + return nil, store.NewStatusError(store.EmptyParamsErr, "get user missing name params") } - - ret, err := us.handler.LoadValuesByFilter(tblUser, []string{UserFieldName, UserFieldOwner}, &userForStore{}, + fields := []string{UserFieldName, UserFieldOwner, UserFieldValid} + ret, err := us.handler.LoadValuesByFilter(tblUser, fields, &userForStore{}, func(m map[string]interface{}) bool { - + valid, ok := m[UserFieldValid].(bool) + if ok && !valid { + return false + } saveName, _ := m[UserFieldName].(string) saveOwner, _ := m[UserFieldOwner].(string) - return saveName == name && saveOwner == ownerId }) if err != nil { From 8165e911576d5bebb2f77fba8bf1de66b02a4b43 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Tue, 23 May 2023 16:35:03 +0800 Subject: [PATCH 06/37] feat:support rls to push xds client --- admin/maintain.go | 3 +- auth/defaultauth/group.go | 19 +- auth/defaultauth/strategy.go | 19 +- auth/defaultauth/user.go | 31 +-- auth/defaultauth/utils.go | 23 -- auth/mock/api_mock.go | 5 +- cache/instance.go | 2 + cache/instance_query.go | 203 ++++++++++++++++++ common/model/naming.go | 1 - .../batch/utils.go => common/store/code.go | 2 +- config/config_file.go | 47 ++-- config/config_file_group.go | 23 +- config/config_file_release.go | 15 +- config/config_file_release_history.go | 5 +- config/config_file_template.go | 7 +- namespace/namespace.go | 25 +-- service/batch/client.go | 5 +- service/batch/instance.go | 15 +- service/circuitbreaker_rule.go | 5 +- service/client_info.go | 3 +- service/faultdetect_config.go | 5 +- service/healthcheck/check.go | 3 +- service/instance.go | 53 ++--- service/ratelimit_config.go | 7 +- service/routing_config_v1.go | 11 +- service/routing_config_v1tov2.go | 15 +- service/routing_config_v2.go | 15 +- service/service.go | 30 +-- service/service_alias.go | 23 +- service/utils.go | 8 +- 30 files changed, 416 insertions(+), 212 deletions(-) create mode 100644 cache/instance_query.go rename service/batch/utils.go => common/store/code.go (99%) diff --git a/admin/maintain.go b/admin/maintain.go index fb35c6038..58bc4ba36 100644 --- a/admin/maintain.go +++ b/admin/maintain.go @@ -31,6 +31,7 @@ import ( connlimit "github.com/polarismesh/polaris/common/conn/limit" commonlog "github.com/polarismesh/polaris/common/log" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/utils" "github.com/polarismesh/polaris/plugin" ) @@ -156,7 +157,7 @@ func (s *Server) CleanInstance(ctx context.Context, req *apiservice.Instance) *a if err := s.storage.CleanInstance(instanceID); err != nil { log.Error("Clean instance", zap.String("err", err.Error()), utils.ZapRequestID(utils.ParseRequestID(ctx))) - return api.NewInstanceResponse(apimodel.Code_StoreLayerException, req) + return api.NewInstanceResponse(commonstore.StoreCode2APICode(err), req) } log.Info("Clean instance", utils.ZapRequestID(utils.ParseRequestID(ctx)), utils.ZapInstanceID(instanceID)) diff --git a/auth/defaultauth/group.go b/auth/defaultauth/group.go index 376410599..7e9d4addb 100644 --- a/auth/defaultauth/group.go +++ b/auth/defaultauth/group.go @@ -31,6 +31,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" authcommon "github.com/polarismesh/polaris/common/auth" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -71,7 +72,7 @@ func (svr *server) CreateGroup(ctx context.Context, req *apisecurity.UserGroup) if err != nil { log.Error("get group when create", utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID), zap.Error(err)) - return api.NewGroupResponse(StoreCode2APICode(err), req) + return api.NewGroupResponse(commonstore.StoreCode2APICode(err), req) } if group != nil { @@ -87,7 +88,7 @@ func (svr *server) CreateGroup(ctx context.Context, req *apisecurity.UserGroup) if err := svr.storage.AddGroup(data); err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("create group", zap.String("name", req.Name.GetValue()), utils.ZapRequestID(requestID), @@ -137,7 +138,7 @@ func (svr *server) UpdateGroup(ctx context.Context, req *apisecurity.ModifyUserG if err := svr.storage.UpdateGroup(modifyReq); err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("update group", zap.String("name", data.Name), utils.ZapRequestID(requestID), @@ -168,7 +169,7 @@ func (svr *server) DeleteGroup(ctx context.Context, req *apisecurity.UserGroup) group, err := svr.storage.GetGroup(req.GetId().GetValue()) if err != nil { log.Error("get group from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewGroupResponse(StoreCode2APICode(err), req) + return api.NewGroupResponse(commonstore.StoreCode2APICode(err), req) } if group == nil { return api.NewGroupResponse(apimodel.Code_ExecuteSuccess, req) @@ -182,7 +183,7 @@ func (svr *server) DeleteGroup(ctx context.Context, req *apisecurity.UserGroup) if err := svr.storage.DeleteGroup(group); err != nil { log.Error("delete group from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("delete group", utils.ZapRequestID(requestID), zap.String("name", req.Name.GetValue())) @@ -216,7 +217,7 @@ func (svr *server) GetGroups(ctx context.Context, query map[string]string) *apis total, groups, err := svr.storage.GetGroups(searchFilters, offset, limit) if err != nil { log.Errorf("[Auth][Group] get groups req(%+v) store err: %s", query, err.Error()) - return api.NewAuthBatchQueryResponse(StoreCode2APICode(err)) + return api.NewAuthBatchQueryResponse(commonstore.StoreCode2APICode(err)) } resp := api.NewAuthBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -338,7 +339,7 @@ func (svr *server) UpdateGroupToken(ctx context.Context, req *apisecurity.UserGr if err := svr.storage.UpdateGroup(modifyReq); err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("update group token", zap.String("id", req.Id.GetValue()), @@ -382,7 +383,7 @@ func (svr *server) ResetGroupToken(ctx context.Context, req *apisecurity.UserGro if err := svr.storage.UpdateGroup(modifyReq); err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("reset group token", zap.String("group-id", req.Id.GetValue()), @@ -399,7 +400,7 @@ func (svr *server) getGroupFromDB(id string) (*model.UserGroupDetail, *apiservic group, err := svr.storage.GetGroup(id) if err != nil { log.Error("get group from store", zap.Error(err)) - return nil, api.NewAuthResponseWithMsg(apimodel.Code_StoreLayerException, err.Error()) + return nil, api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } if group == nil { return nil, api.NewAuthResponse(apimodel.Code_NotFoundUserGroup) diff --git a/auth/defaultauth/strategy.go b/auth/defaultauth/strategy.go index 4e0d41d90..508880755 100644 --- a/auth/defaultauth/strategy.go +++ b/auth/defaultauth/strategy.go @@ -34,6 +34,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" authcommon "github.com/polarismesh/polaris/common/auth" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -76,7 +77,7 @@ func (svr *server) CreateStrategy(ctx context.Context, req *apisecurity.AuthStra if err := svr.storage.AddStrategy(data); err != nil { log.Error("[Auth][Strategy] create strategy into store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponse(StoreCode2APICode(err)) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } log.Info("[Auth][Strategy] create strategy", utils.ZapRequestID(requestID), @@ -110,7 +111,7 @@ func (svr *server) UpdateStrategy(ctx context.Context, req *apisecurity.ModifyAu if err != nil { log.Error("[Auth][Strategy] get strategy from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewModifyAuthStrategyResponse(apimodel.Code_StoreLayerException, req) + return api.NewModifyAuthStrategyResponse(commonstore.StoreCode2APICode(err), req) } if strategy == nil { return api.NewModifyAuthStrategyResponse(apimodel.Code_NotFoundAuthStrategyRule, req) @@ -129,7 +130,7 @@ func (svr *server) UpdateStrategy(ctx context.Context, req *apisecurity.ModifyAu if err := svr.storage.UpdateStrategy(data); err != nil { log.Error("[Auth][Strategy] update strategy into store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("[Auth][Strategy] update strategy into store", utils.ZapRequestID(requestID), @@ -161,7 +162,7 @@ func (svr *server) DeleteStrategy(ctx context.Context, req *apisecurity.AuthStra if err != nil { log.Error("[Auth][Strategy] get strategy from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthStrategyResponse(apimodel.Code_StoreLayerException, req) + return api.NewAuthStrategyResponse(commonstore.StoreCode2APICode(err), req) } if strategy == nil { @@ -180,7 +181,7 @@ func (svr *server) DeleteStrategy(ctx context.Context, req *apisecurity.AuthStra if err := svr.storage.DeleteStrategy(req.GetId().GetValue()); err != nil { log.Error("[Auth][Strategy] delete strategy from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponse(StoreCode2APICode(err)) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } log.Info("[Auth][Strategy] delete strategy from store", utils.ZapRequestID(requestID), @@ -231,7 +232,7 @@ func (svr *server) GetStrategies(ctx context.Context, query map[string]string) * if err != nil { log.Error("[Auth][Strategy] get strategies from store", zap.Any("query", searchFilters), zap.Error(err)) - return api.NewAuthBatchQueryResponse(StoreCode2APICode(err)) + return api.NewAuthBatchQueryResponse(commonstore.StoreCode2APICode(err)) } resp := api.NewAuthBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -313,7 +314,7 @@ func (svr *server) GetStrategy(ctx context.Context, req *apisecurity.AuthStrateg if err != nil { log.Error("[Auth][Strategy] get strategt from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponse(apimodel.Code_StoreLayerException) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } if ret == nil { return api.NewAuthStrategyResponse(apimodel.Code_NotFoundAuthStrategyRule, req) @@ -392,7 +393,7 @@ func (svr *server) GetPrincipalResources(ctx context.Context, query map[string]s if err != nil { log.Error("[Auth][Strategy] get principal link resource", utils.ZapRequestID(requestID), zap.String("principal-id", principalId), zap.Any("principal-role", principalRole), zap.Error(err)) - return api.NewAuthResponse(StoreCode2APICode(err)) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } resources = append(resources, res...) } @@ -402,7 +403,7 @@ func (svr *server) GetPrincipalResources(ctx context.Context, query map[string]s if err != nil { log.Error("[Auth][Strategy] get principal link resource", utils.ZapRequestID(requestID), zap.String("principal-id", principalId), zap.Any("principal-role", principalRole), zap.Error(err)) - return api.NewAuthResponse(StoreCode2APICode(err)) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } resources = append(resources, pResources...) diff --git a/auth/defaultauth/user.go b/auth/defaultauth/user.go index b18a49895..727036b8e 100644 --- a/auth/defaultauth/user.go +++ b/auth/defaultauth/user.go @@ -34,6 +34,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" authcommon "github.com/polarismesh/polaris/common/auth" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -90,7 +91,7 @@ func (svr *server) CreateUser(ctx context.Context, req *apisecurity.User) *apise if err != nil { log.Error("[Auth][User] get owner user", utils.ZapRequestID(requestID), zap.Error(err), zap.String("owner", ownerID)) - return api.NewUserResponse(StoreCode2APICode(err), req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } if owner.Name == req.Name.GetValue() { @@ -105,7 +106,7 @@ func (svr *server) CreateUser(ctx context.Context, req *apisecurity.User) *apise if err != nil { log.Error("[Auth][User] get user by name and owner", utils.ZapRequestID(requestID), zap.Error(err), zap.String("owner", ownerID), zap.String("name", req.GetName().GetValue())) - return api.NewUserResponse(StoreCode2APICode(err), req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } if user != nil { return api.NewUserResponse(apimodel.Code_UserExisted, req) @@ -126,7 +127,7 @@ func (svr *server) createUser(ctx context.Context, req *apisecurity.User) *apise if err := svr.storage.AddUser(data); err != nil { log.Error("[Auth][User] add user into store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponse(StoreCode2APICode(err)) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } log.Info("[Auth][User] create user", utils.ZapRequestID(requestID), @@ -151,7 +152,7 @@ func (svr *server) UpdateUser(ctx context.Context, req *apisecurity.User) *apise if err != nil { log.Error("[Auth][User] get user", utils.ZapRequestID(requestID), zap.String("user-id", req.Id.GetValue()), zap.Error(err)) - return api.NewUserResponse(apimodel.Code_StoreLayerException, req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } if user == nil { return api.NewUserResponse(apimodel.Code_NotFoundUser, req) @@ -175,7 +176,7 @@ func (svr *server) UpdateUser(ctx context.Context, req *apisecurity.User) *apise if err := svr.storage.UpdateUser(data); err != nil { log.Error("[Auth][User] update user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("[Auth][User] update user", utils.ZapRequestID(requestID), @@ -193,7 +194,7 @@ func (svr *server) UpdateUserPassword(ctx context.Context, req *apisecurity.Modi if err != nil { log.Error("[Auth][User] get user", utils.ZapRequestID(requestID), zap.String("user-id", req.Id.GetValue()), zap.Error(err)) - return api.NewAuthResponse(apimodel.Code_StoreLayerException) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } if user == nil { return api.NewAuthResponse(apimodel.Code_NotFoundUser) @@ -221,7 +222,7 @@ func (svr *server) UpdateUserPassword(ctx context.Context, req *apisecurity.Modi if err := svr.storage.UpdateUser(data); err != nil { log.Error("[Auth][User] update user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponse(StoreCode2APICode(err)) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } log.Info("[Auth][User] update user", utils.ZapRequestID(requestID), @@ -252,7 +253,7 @@ func (svr *server) DeleteUser(ctx context.Context, req *apisecurity.User) *apise user, err := svr.storage.GetUser(req.Id.GetValue()) if err != nil { log.Error("[Auth][User] get user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewUserResponse(apimodel.Code_StoreLayerException, req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } if user == nil { return api.NewUserResponse(apimodel.Code_ExecuteSuccess, req) @@ -273,7 +274,7 @@ func (svr *server) DeleteUser(ctx context.Context, req *apisecurity.User) *apise if err != nil { log.Error("[Auth][User] get user sub-account", zap.String("owner", user.ID), utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewUserResponse(StoreCode2APICode(err), req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } if count != 0 { log.Error("[Auth][User] delete user but some sub-account existed", zap.String("owner", user.ID)) @@ -283,7 +284,7 @@ func (svr *server) DeleteUser(ctx context.Context, req *apisecurity.User) *apise if err := svr.storage.DeleteUser(user); err != nil { log.Error("[Auth][User] delete user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponse(StoreCode2APICode(err)) + return api.NewAuthResponse(commonstore.StoreCode2APICode(err)) } log.Info("[Auth][User] delete user", utils.ZapRequestID(requestID), @@ -335,7 +336,7 @@ func (svr *server) GetUsers(ctx context.Context, query map[string]string) *apise if err != nil { log.Error("[Auth][User] get user from store", zap.Any("req", searchFilters), zap.Error(err)) - return api.NewAuthBatchQueryResponse(StoreCode2APICode(err)) + return api.NewAuthBatchQueryResponse(commonstore.StoreCode2APICode(err)) } resp := api.NewAuthBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -395,7 +396,7 @@ func (svr *server) UpdateUserToken(ctx context.Context, req *apisecurity.User) * user, err := svr.storage.GetUser(req.Id.GetValue()) if err != nil { log.Error("[Auth][User] get user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewUserResponse(StoreCode2APICode(err), req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } if user == nil { return api.NewUserResponse(apimodel.Code_NotFoundUser, req) @@ -416,7 +417,7 @@ func (svr *server) UpdateUserToken(ctx context.Context, req *apisecurity.User) * if err := svr.storage.UpdateUser(user); err != nil { log.Error("[Auth][User] update user token into store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewAuthResponseWithMsg(StoreCode2APICode(err), err.Error()) + return api.NewAuthResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } log.Info("[Auth][User] update user token", utils.ZapRequestID(requestID), @@ -436,7 +437,7 @@ func (svr *server) ResetUserToken(ctx context.Context, req *apisecurity.User) *a user, err := svr.storage.GetUser(req.Id.GetValue()) if err != nil { log.Error("[Auth][User] get user from store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewUserResponse(StoreCode2APICode(err), req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } if user == nil { return api.NewUserResponse(apimodel.Code_NotFoundUser, req) @@ -456,7 +457,7 @@ func (svr *server) ResetUserToken(ctx context.Context, req *apisecurity.User) *a if err := svr.storage.UpdateUser(user); err != nil { log.Error("[Auth][User] update user token into store", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewUserResponse(StoreCode2APICode(err), req) + return api.NewUserResponse(commonstore.StoreCode2APICode(err), req) } log.Info("[Auth][User] reset user token", utils.ZapRequestID(requestID), diff --git a/auth/defaultauth/utils.go b/auth/defaultauth/utils.go index 3dd2202e9..6abf99ff4 100644 --- a/auth/defaultauth/utils.go +++ b/auth/defaultauth/utils.go @@ -31,7 +31,6 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" - "github.com/polarismesh/polaris/store" ) var ( @@ -45,33 +44,11 @@ var ( ReadOp = false ) -// storeCodeAPICodeMap 存储层报错与协议层码的映射 -var storeCodeAPICodeMap = map[store.StatusCode]apimodel.Code{ - store.EmptyParamsErr: apimodel.Code_InvalidParameter, - store.OutOfRangeErr: apimodel.Code_InvalidParameter, - store.DataConflictErr: apimodel.Code_DataConflict, - store.NotFoundNamespace: apimodel.Code_NotFoundNamespace, - store.NotFoundService: apimodel.Code_NotFoundService, - store.NotFoundMasterConfig: apimodel.Code_NotFoundMasterConfig, - store.NotFoundTagConfigOrService: apimodel.Code_NotFoundTagConfigOrService, - store.ExistReleasedConfig: apimodel.Code_ExistReleasedConfig, - store.DuplicateEntryErr: apimodel.Code_ExistedResource, -} - var ( regNameStr = regexp.MustCompile("^[\u4E00-\u9FA5A-Za-z0-9_\\-]+$") regEmail = regexp.MustCompile(`^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$`) ) -// StoreCode2APICode store code to api code -func StoreCode2APICode(err error) apimodel.Code { - if apiCode, ok := storeCodeAPICodeMap[store.Code(err)]; ok { - return apiCode - } - - return apimodel.Code_StoreLayerException -} - // checkName 名称检查 func checkName(name *wrappers.StringValue) error { if name == nil { diff --git a/auth/mock/api_mock.go b/auth/mock/api_mock.go index add060e0e..94b66872f 100644 --- a/auth/mock/api_mock.go +++ b/auth/mock/api_mock.go @@ -9,12 +9,13 @@ import ( reflect "reflect" gomock "github.com/golang/mock/gomock" + security "github.com/polarismesh/specification/source/go/api/v1/security" + service_manage "github.com/polarismesh/specification/source/go/api/v1/service_manage" + auth "github.com/polarismesh/polaris/auth" cache "github.com/polarismesh/polaris/cache" model "github.com/polarismesh/polaris/common/model" store "github.com/polarismesh/polaris/store" - security "github.com/polarismesh/specification/source/go/api/v1/security" - service_manage "github.com/polarismesh/specification/source/go/api/v1/service_manage" ) // MockAuthServer is a mock of AuthServer interface. diff --git a/cache/instance.go b/cache/instance.go index e4f89e1f4..7a70a0809 100644 --- a/cache/instance.go +++ b/cache/instance.go @@ -60,6 +60,8 @@ type InstanceCache interface { GetServicePorts(serviceID string) []string // GetInstanceLabels Get the label of all instances under a service GetInstanceLabels(serviceID string) *apiservice.InstanceLabels + // QueryInstances query instance for OSS + QueryInstances(filter, metaFilter map[string]string, offset, limit uint32) (uint32, []*model.Instance, error) } // instanceCache 实例缓存的类 diff --git a/cache/instance_query.go b/cache/instance_query.go new file mode 100644 index 000000000..c647dd39f --- /dev/null +++ b/cache/instance_query.go @@ -0,0 +1,203 @@ +/** + * Tencent is pleased to support the open source community by making Polaris available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * Licensed under the BSD 3-Clause License (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://opensource.org/licenses/BSD-3-Clause + * + * Unless required by applicable law or agreed to in writing, software distributed + * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR + * CONDITIONS OF ANY KIND, either express or implied. See the License for the + * specific language governing permissions and limitations under the License. + */ + +package cache + +import ( + "sort" + "strconv" + + "github.com/polarismesh/polaris/common/model" +) + +/** +var ( + // InstanceFilterAttributes 查询实例支持的过滤字段 + InstanceFilterAttributes = map[string]bool{ + "id": true, // 实例ID + "service": true, // 服务name + "namespace": true, // 服务namespace + "host": true, + "port": true, + "keys": true, + "values": true, + "protocol": true, + "version": true, + "health_status": true, + "healthy": true, // health_status, healthy都有,以healthy为准 + "isolate": true, + "weight": true, + "logic_set": true, + "cmdb_region": true, + "cmdb_zone": true, + "cmdb_idc": true, + "priority": true, + "offset": true, + "limit": true, + } + // InsFilter2toreAttr 查询字段转为存储层的属性值,映射表 + InsFilter2toreAttr = map[string]string{ + "service": "name", + "healthy": "health_status", + } + // NotInsFilterAttr 不属于 instance 表属性的字段 + NotInsFilterAttr = map[string]bool{ + "keys": true, + "values": true, + } +) +*/ + +// forceUpdate 更新配置 +func (ic *instanceCache) forceUpdate() error { + if err := ic.update(); err != nil { + return err + } + return nil +} + +func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, + offset, limit uint32) (uint32, []*model.Instance, error) { + if err := ic.forceUpdate(); err != nil { + return 0, nil, err + } + cacheMgr, _ := GetCacheManager() + var ( + tempInstances = make([]*model.Instance, 0, 32) + ) + + var ( + svcName, hasSvc = filter["service"] + namespace, hasNamespace = filter["namespace"] + id, hasId = filter["id"] + host, hasHost = filter["host"] + protocol, hasProtocol = filter["protocol"] + version, hasVersion = filter["version"] + region, hasRegion = filter["cmdb_region"] + zone, hasZone = filter["cmdb_zone"] + campus, hasIdc = filter["cmdb_idc"] + port, weight uint32 + healthStatus, isolate bool + hasPort, hasWeight, hasHealthStatus, hasIsolate bool + ) + + if portStr, ok := filter["port"]; ok { + if v, err := strconv.ParseUint(portStr, 10, 64); err == nil { + port = uint32(v) + hasPort = true + } + } + if weightStr, ok := filter["weight"]; ok { + if v, err := strconv.ParseUint(weightStr, 10, 64); err == nil { + weight = uint32(v) + hasWeight = true + } + } + if isolateStr, ok := filter["isolate"]; ok { + if v, err := strconv.ParseBool(isolateStr); err == nil { + isolate = v + hasIsolate = true + } + } + if healthStatusStr, ok := filter["health_status"]; ok { + if v, err := strconv.ParseBool(healthStatusStr); err == nil { + healthStatus = v + hasHealthStatus = true + } + } + if healthyStr, ok := filter["healthy"]; ok { + if v, err := strconv.ParseBool(healthyStr); err == nil { + healthStatus = v + hasHealthStatus = true + } + } + + ic.IteratorInstances(func(key string, value *model.Instance) (bool, error) { + svc := cacheMgr.Service().GetServiceByID(value.ServiceID) + if svc == nil { + return true, nil + } + if hasSvc && svc.Name != svcName { + return true, nil + } + if hasNamespace && svc.Namespace != namespace { + return true, nil + } + if hasId && value.Proto.GetId().GetValue() != id { + return true, nil + } + if hasHost && value.Proto.GetHost().GetValue() != host { + return true, nil + } + if hasPort && value.Proto.GetPort().GetValue() != port { + return true, nil + } + if hasIsolate && value.Proto.GetIsolate().GetValue() != isolate { + return true, nil + } + if hasHealthStatus && value.Proto.GetHealthy().GetValue() != healthStatus { + return true, nil + } + if hasWeight && value.Proto.GetWeight().GetValue() != weight { + return true, nil + } + if hasRegion && value.Proto.GetLocation().GetRegion().GetValue() != region { + return true, nil + } + if hasZone && value.Proto.GetLocation().GetZone().GetValue() != zone { + return true, nil + } + if hasIdc && value.Proto.GetLocation().GetCampus().GetValue() != campus { + return true, nil + } + if hasProtocol && value.Proto.GetProtocol().GetValue() != protocol { + return true, nil + } + if hasVersion && value.Proto.GetVersion().GetValue() != version { + return true, nil + } + if len(metaFilter) > 0 { + for k, v := range metaFilter { + insV, ok := value.Proto.GetMetadata()[k] + if !ok || insV != v { + return true, nil + } + } + } + tempInstances = append(tempInstances, value) + return true, nil + }) + + total, ret := ic.doPage(tempInstances, offset, limit) + return total, ret, nil +} + +func (ic *instanceCache) doPage(ins []*model.Instance, offset, limit uint32) (uint32, []*model.Instance) { + total := uint32(len(ins)) + if offset > total { + return total, []*model.Instance{} + } + if offset+limit > total { + return total, ins[offset:] + } + + sort.Slice(ins, func(i, j int) bool { + return ins[i].ModifyTime.After(ins[j].ModifyTime) + }) + + return total, ins[offset : offset+limit] +} diff --git a/common/model/naming.go b/common/model/naming.go index bf7c0240c..9323fa059 100644 --- a/common/model/naming.go +++ b/common/model/naming.go @@ -166,7 +166,6 @@ func Store2Location(s *LocationStore) *Location { } } - // CircuitBreaker 熔断规则 type CircuitBreaker struct { ID string diff --git a/service/batch/utils.go b/common/store/code.go similarity index 99% rename from service/batch/utils.go rename to common/store/code.go index f5fb61579..5b03053d6 100644 --- a/service/batch/utils.go +++ b/common/store/code.go @@ -15,7 +15,7 @@ * specific language governing permissions and limitations under the License. */ -package batch +package store import ( apimodel "github.com/polarismesh/specification/source/go/api/v1/model" diff --git a/config/config_file.go b/config/config_file.go index c9906c8a8..1753fdbe5 100644 --- a/config/config_file.go +++ b/config/config_file.go @@ -36,6 +36,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" utils2 "github.com/polarismesh/polaris/config/utils" @@ -61,7 +62,7 @@ func (s *Server) CreateConfigFile(ctx context.Context, configFile *apiconfig.Con utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, configFile) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), configFile) } if managedFile != nil { return api.NewConfigFileResponse(apimodel.Code_ExistedResource, configFile) @@ -92,7 +93,7 @@ func (s *Server) CreateConfigFile(ctx context.Context, configFile *apiconfig.Con utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, configFile) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), configFile) } // 创建配置文件标签 @@ -178,7 +179,7 @@ func (s *Server) GetConfigFileBaseInfo(ctx context.Context, namespace, group, na utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } if file == nil { @@ -218,7 +219,7 @@ func (s *Server) GetConfigFileRichInfo(ctx context.Context, namespace, group, na configFileBaseInfo, err := s.fillReleaseAndTags(ctx, configFileBaseInfo) if err != nil { - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } if err := s.decryptConfigFile(ctx, configFileBaseInfo); err != nil { @@ -256,7 +257,7 @@ func (s *Server) QueryConfigFilesByGroup(ctx context.Context, namespace, group s utils.ZapGroup(group), zap.Error(err)) - return api.NewConfigFileBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } if len(files) == 0 { @@ -268,7 +269,7 @@ func (s *Server) QueryConfigFilesByGroup(ctx context.Context, namespace, group s baseFile := transferConfigFileStoreModel2APIModel(file) baseFile, err = s.fillReleaseAndTags(ctx, baseFile) if err != nil { - return api.NewConfigFileBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } log.Error("[Config][Service] decrypt config file error.", zap.String("file", file.Name)) fileAPIModels = append(fileAPIModels, baseFile) @@ -316,7 +317,7 @@ func (s *Server) SearchConfigFile(ctx context.Context, namespace, group, name, t utils.ZapGroup(group), zap.String("fileName", name), zap.Error(err)) - return api.NewConfigFileBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } // Rendering configuration files, because only the main key information is obtained from the TAG table @@ -354,7 +355,7 @@ func (s *Server) queryConfigFileWithoutTags(ctx context.Context, namespace, grou utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } if len(files) == 0 { @@ -367,7 +368,7 @@ func (s *Server) queryConfigFileWithoutTags(ctx context.Context, namespace, grou baseFile := transferConfigFileStoreModel2APIModel(file) baseFile, err = s.fillReleaseAndTags(ctx, baseFile) if err != nil { - return api.NewConfigFileBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } fileAPIModels = append(fileAPIModels, baseFile) } @@ -406,7 +407,7 @@ func (s *Server) UpdateConfigFile(ctx context.Context, configFile *apiconfig.Con utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, configFile) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), configFile) } if managedFile == nil { @@ -449,7 +450,7 @@ func (s *Server) UpdateConfigFile(ctx context.Context, configFile *apiconfig.Con utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, configFile) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), configFile) } response, success := s.createOrUpdateConfigFileTags(ctx, configFile, toUpdateFile.ModifyBy) @@ -514,7 +515,7 @@ func (s *Server) DeleteConfigFile( utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } if file == nil { @@ -542,7 +543,7 @@ func (s *Server) DeleteConfigFile( utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } // 3. 删除配置文件关联的 tag @@ -553,7 +554,7 @@ func (s *Server) DeleteConfigFile( utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } if err := tx.Commit(); err != nil { @@ -563,7 +564,7 @@ func (s *Server) DeleteConfigFile( utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } s.RecordHistory(ctx, configFileRecordEntry(ctx, &apiconfig.ConfigFile{ @@ -622,7 +623,7 @@ func (s *Server) ExportConfigFile(ctx context.Context, utils.ZapNamespace(namespace), utils.ZapGroup(group), zap.Error(err)) - return api.NewConfigFileExportResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileExportResponse(commonstore.StoreCode2APICode(err), nil) } configFiles = append(configFiles, files...) } @@ -637,7 +638,7 @@ func (s *Server) ExportConfigFile(ctx context.Context, zap.String("group", groups[0]), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileExportResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileExportResponse(commonstore.StoreCode2APICode(err), nil) } configFiles = append(configFiles, file) } @@ -663,7 +664,7 @@ func (s *Server) ExportConfigFile(ctx context.Context, zap.String("group", file.Group), zap.String("name", file.Name), zap.Error(err)) - return api.NewConfigFileExportResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileExportResponse(commonstore.StoreCode2APICode(err), nil) } // 加密配置创建人可以导出加密密钥 userName := utils.ParseUserName(ctx) @@ -723,7 +724,7 @@ func (s *Server) ImportConfigFile(ctx context.Context, utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileImportResponse(apimodel.Code_StoreLayerException, nil, nil, nil) + return api.NewConfigFileImportResponse(commonstore.StoreCode2APICode(err), nil, nil, nil) } // 如果配置文件存在 if managedFile != nil { @@ -739,7 +740,7 @@ func (s *Server) ImportConfigFile(ctx context.Context, utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileImportResponse(apimodel.Code_StoreLayerException, nil, nil, nil) + return api.NewConfigFileImportResponse(commonstore.StoreCode2APICode(err), nil, nil, nil) } if response, success := s.createOrUpdateConfigFileTags(ctx, configFile, utils.ParseUserName(ctx)); !success { return api.NewConfigFileImportResponse(apimodel.Code(response.Code.GetValue()), nil, nil, nil) @@ -757,7 +758,7 @@ func (s *Server) ImportConfigFile(ctx context.Context, utils.ZapGroup(group), utils.ZapFileName(name), zap.Error(err)) - return api.NewConfigFileImportResponse(apimodel.Code_StoreLayerException, nil, nil, nil) + return api.NewConfigFileImportResponse(commonstore.StoreCode2APICode(err), nil, nil, nil) } if response, success := s.createOrUpdateConfigFileTags(ctx, configFile, utils.ParseUserName(ctx)); !success { return api.NewConfigFileImportResponse(apimodel.Code(response.Code.GetValue()), nil, nil, nil) @@ -771,7 +772,7 @@ func (s *Server) ImportConfigFile(ctx context.Context, log.Error("[Config][Service] commit import config file tx error.", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewConfigFileImportResponse(apimodel.Code_StoreLayerException, nil, nil, nil) + return api.NewConfigFileImportResponse(commonstore.StoreCode2APICode(err), nil, nil, nil) } return api.NewConfigFileImportResponse(apimodel.Code_ExecuteSuccess, @@ -935,7 +936,7 @@ func (s *Server) createOrUpdateConfigFileTags(ctx context.Context, configFile *a utils.ZapGroup(group), zap.String("fileName", name), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, configFile), false + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), configFile), false } return nil, true } diff --git a/config/config_file_group.go b/config/config_file_group.go index b4f43722c..ae80ddd3d 100644 --- a/config/config_file_group.go +++ b/config/config_file_group.go @@ -30,6 +30,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" utils2 "github.com/polarismesh/polaris/config/utils" @@ -68,7 +69,7 @@ func (s *Server) CreateConfigFileGroup( log.Error("[Config][Service] get config file group error.", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewConfigFileGroupResponse(apimodel.Code_StoreLayerException, configFileGroup) + return api.NewConfigFileGroupResponse(commonstore.StoreCode2APICode(err), configFileGroup) } if fileGroup != nil { @@ -85,7 +86,7 @@ func (s *Server) CreateConfigFileGroup( zap.String("namespace", namespace), zap.String("groupName", groupName), zap.Error(err)) - return api.NewConfigFileGroupResponse(apimodel.Code_StoreLayerException, configFileGroup) + return api.NewConfigFileGroupResponse(commonstore.StoreCode2APICode(err), configFileGroup) } log.Info("[Config][Service] create config file group successful.", @@ -123,7 +124,7 @@ func (s *Server) createConfigFileGroupIfAbsent(ctx context.Context, zap.String("groupName", name), zap.Error(err)) - return api.NewConfigFileGroupResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileGroupResponse(commonstore.StoreCode2APICode(err), nil) } if group != nil { @@ -160,7 +161,7 @@ func (s *Server) queryByGroupName(ctx context.Context, namespace, groupName stri zap.String("groupName", groupName), zap.Error(err)) - return api.NewConfigFileGroupBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileGroupBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } if len(groups) == 0 { @@ -169,7 +170,7 @@ func (s *Server) queryByGroupName(ctx context.Context, namespace, groupName stri groupAPIModels, err := s.batchTransfer(ctx, groups) if err != nil { - return api.NewConfigFileGroupBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileGroupBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } return api.NewConfigFileGroupBatchQueryResponse(apimodel.Code_ExecuteSuccess, count, groupAPIModels) @@ -227,14 +228,14 @@ func (s *Server) queryByFileName(ctx context.Context, namespace, groupName, zap.String("namespace", namespaceAndGroup[0]), zap.String("name", namespaceAndGroup[1]), zap.Error(err)) - return api.NewConfigFileGroupBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileGroupBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } configFileGroups = append(configFileGroups, configFileGroup) } groupAPIModels, err := s.batchTransfer(ctx, configFileGroups) if err != nil { - return api.NewConfigFileGroupBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileGroupBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } return api.NewConfigFileGroupBatchQueryResponse(apimodel.Code_ExecuteSuccess, uint32(total), groupAPIModels) @@ -316,7 +317,7 @@ func (s *Server) DeleteConfigFileGroup(ctx context.Context, namespace, name stri zap.String("name", name), zap.Error(err)) - return api.NewConfigFileGroupResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileGroupResponse(commonstore.StoreCode2APICode(err), nil) } if configGroup == nil { return api.NewConfigFileGroupResponse(apimodel.Code_NotFoundResource, nil) @@ -329,7 +330,7 @@ func (s *Server) DeleteConfigFileGroup(ctx context.Context, namespace, name stri zap.String("name", name), zap.Error(err)) - return api.NewConfigFileGroupResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileGroupResponse(commonstore.StoreCode2APICode(err), nil) } if err := s.afterConfigGroupResource(ctx, &apiconfig.ConfigFileGroup{ @@ -368,7 +369,7 @@ func (s *Server) UpdateConfigFileGroup(ctx context.Context, zap.String("name", groupName), zap.Error(err)) - return api.NewConfigFileGroupResponse(apimodel.Code_StoreLayerException, configFileGroup) + return api.NewConfigFileGroupResponse(commonstore.StoreCode2APICode(err), configFileGroup) } if fileGroup == nil { @@ -389,7 +390,7 @@ func (s *Server) UpdateConfigFileGroup(ctx context.Context, zap.String("name", groupName), zap.Error(err)) - return api.NewConfigFileGroupResponse(apimodel.Code_StoreLayerException, configFileGroup) + return api.NewConfigFileGroupResponse(commonstore.StoreCode2APICode(err), configFileGroup) } configFileGroup.Id = utils.NewUInt64Value(fileGroup.Id) diff --git a/config/config_file_release.go b/config/config_file_release.go index 8ad11b532..843e199cf 100644 --- a/config/config_file_release.go +++ b/config/config_file_release.go @@ -29,6 +29,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" utils2 "github.com/polarismesh/polaris/config/utils" @@ -76,7 +77,7 @@ func (s *Server) PublishConfigFile( s.recordReleaseFail(ctx, transferConfigFileReleaseAPIModel2StoreModel(configFileRelease)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } if toPublishFile == nil { @@ -97,7 +98,7 @@ func (s *Server) PublishConfigFile( s.recordReleaseFail(ctx, transferConfigFileReleaseAPIModel2StoreModel(configFileRelease)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } releaseName := configFileRelease.Name.GetValue() @@ -136,7 +137,7 @@ func (s *Server) PublishConfigFile( s.recordReleaseFail(ctx, transferConfigFileReleaseAPIModel2StoreModel(configFileRelease)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } s.RecordHistory(ctx, configFileReleaseRecordEntry(ctx, configFileRelease, createdFileRelease, model.OCreate)) @@ -170,7 +171,7 @@ func (s *Server) PublishConfigFile( s.recordReleaseFail(ctx, transferConfigFileReleaseAPIModel2StoreModel(configFileRelease)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } s.recordReleaseHistory(ctx, updatedFileRelease, utils.ReleaseTypeNormal, utils.ReleaseStatusSuccess) @@ -205,7 +206,7 @@ func (s *Server) GetConfigFileRelease( zap.String("fileName", fileName), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } if fileRelease == nil { @@ -268,7 +269,7 @@ func (s *Server) DeleteConfigFileRelease(ctx context.Context, namespace, zap.String("group", group), zap.String("fileName", fileName), zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } } @@ -290,7 +291,7 @@ func (s *Server) DeleteConfigFileRelease(ctx context.Context, namespace, ModifyBy: deleteBy, }, utils.ReleaseTypeDelete, utils.ReleaseStatusFail) - return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileResponse(commonstore.StoreCode2APICode(err), nil) } data := &model.ConfigFileRelease{ diff --git a/config/config_file_release_history.go b/config/config_file_release_history.go index aea15523a..cbccbdc10 100644 --- a/config/config_file_release_history.go +++ b/config/config_file_release_history.go @@ -27,6 +27,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" utils2 "github.com/polarismesh/polaris/config/utils" @@ -101,7 +102,7 @@ func (s *Server) GetConfigFileReleaseHistory(ctx context.Context, namespace, gro zap.String("group", group), zap.String("fileName", fileName), zap.Error(err)) - return api.NewConfigFileReleaseHistoryBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileReleaseHistoryBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } if len(releaseHistories) == 0 { @@ -153,7 +154,7 @@ func (s *Server) GetConfigFileLatestReleaseHistory(ctx context.Context, namespac zap.String("fileName", fileName), zap.Error(err), ) - return api.NewConfigFileReleaseHistoryResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileReleaseHistoryResponse(commonstore.StoreCode2APICode(err), nil) } apiHistory := transferReleaseHistoryStoreModel2APIModel(history) return api.NewConfigFileReleaseHistoryResponse(apimodel.Code_ExecuteSuccess, apiHistory) diff --git a/config/config_file_template.go b/config/config_file_template.go index 6e76f713f..09db246db 100644 --- a/config/config_file_template.go +++ b/config/config_file_template.go @@ -26,6 +26,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" utils2 "github.com/polarismesh/polaris/config/utils" @@ -60,7 +61,7 @@ func (s *Server) CreateConfigFileTemplate( log.Error("[Config][Service] create config file template error.", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewConfigFileTemplateResponse(apimodel.Code_StoreLayerException, template) + return api.NewConfigFileTemplateResponse(commonstore.StoreCode2APICode(err), template) } return api.NewConfigFileTemplateResponse(apimodel.Code_ExecuteSuccess, @@ -80,7 +81,7 @@ func (s *Server) GetConfigFileTemplate(ctx context.Context, name string) *apicon utils.ZapRequestID(requestID), zap.String("name", name), zap.Error(err)) - return api.NewConfigFileTemplateResponse(apimodel.Code_StoreLayerException, nil) + return api.NewConfigFileTemplateResponse(commonstore.StoreCode2APICode(err), nil) } if template == nil { @@ -101,7 +102,7 @@ func (s *Server) GetAllConfigFileTemplates(ctx context.Context) *apiconfig.Confi utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewConfigFileTemplateBatchQueryResponse(apimodel.Code_StoreLayerException, 0, nil) + return api.NewConfigFileTemplateBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } if len(templates) == 0 { diff --git a/namespace/namespace.go b/namespace/namespace.go index 2275c519c..12be1a6f8 100644 --- a/namespace/namespace.go +++ b/namespace/namespace.go @@ -29,6 +29,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -99,7 +100,7 @@ func (s *Server) CreateNamespace(ctx context.Context, req *apimodel.Namespace) * namespace, err := s.storage.GetNamespace(namespaceName) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } if namespace != nil { return api.NewNamespaceResponse(apimodel.Code_ExistedResource, req) @@ -111,7 +112,7 @@ func (s *Server) CreateNamespace(ctx context.Context, req *apimodel.Namespace) * // 存储层操作 if err := s.storage.AddNamespace(data); err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } msg := fmt.Sprintf("create namespace: name=%s", namespaceName) @@ -168,7 +169,7 @@ func (s *Server) DeleteNamespace(ctx context.Context, req *apimodel.Namespace) * tx, err := s.storage.CreateTransaction() if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } defer func() { _ = tx.Commit() }() @@ -176,7 +177,7 @@ func (s *Server) DeleteNamespace(ctx context.Context, req *apimodel.Namespace) * namespace, err := tx.LockNamespace(req.GetName().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } if namespace == nil { return api.NewNamespaceResponse(apimodel.Code_ExecuteSuccess, req) @@ -193,7 +194,7 @@ func (s *Server) DeleteNamespace(ctx context.Context, req *apimodel.Namespace) * log.Error("get services count with namespace err", utils.ZapRequestID(requestID), zap.String("err", err.Error())) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } if total != 0 { log.Error("the removed namespace has remain services", utils.ZapRequestID(requestID)) @@ -206,7 +207,7 @@ func (s *Server) DeleteNamespace(ctx context.Context, req *apimodel.Namespace) * log.Error("get circuitBreakers count with namespace err", utils.ZapRequestID(requestID), zap.String("err", err.Error())) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } if total != 0 { log.Error("the removed namespace has remain circuitBreakers", utils.ZapRequestID(requestID)) @@ -219,7 +220,7 @@ func (s *Server) DeleteNamespace(ctx context.Context, req *apimodel.Namespace) * log.Error("get config group count with namespace err", utils.ZapRequestID(requestID), zap.String("err", err.Error())) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } if total != 0 { log.Error("the removed namespace has remain config-group", utils.ZapRequestID(requestID)) @@ -229,7 +230,7 @@ func (s *Server) DeleteNamespace(ctx context.Context, req *apimodel.Namespace) * // 存储层操作 if err := tx.DeleteNamespace(namespace.Name); err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } s.caches.Service().CleanNamespace(namespace.Name) @@ -278,7 +279,7 @@ func (s *Server) UpdateNamespace(ctx context.Context, req *apimodel.Namespace) * // 存储层操作 if err := s.storage.UpdateNamespace(namespace); err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } msg := fmt.Sprintf("update namespace: name=%s", namespace.Name) @@ -322,7 +323,7 @@ func (s *Server) UpdateNamespaceToken(ctx context.Context, req *apimodel.Namespa // 存储层操作 if err := s.storage.UpdateNamespaceToken(namespace.Name, token); err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } msg := fmt.Sprintf("update namespace token: name=%s", namespace.Name) @@ -346,7 +347,7 @@ func (s *Server) GetNamespaces(ctx context.Context, query map[string][]string) * namespaces, amount, err := s.storage.GetNamespaces(filter, offset, limit) if err != nil { - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } out := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -453,7 +454,7 @@ func (s *Server) checkNamespaceAuthority( namespace, err := s.storage.GetNamespace(namespaceName) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return nil, api.NewNamespaceResponse(apimodel.Code_StoreLayerException, req) + return nil, api.NewNamespaceResponse(commonstore.StoreCode2APICode(err), req) } if namespace == nil { return nil, api.NewNamespaceResponse(apimodel.Code_NotFoundResource, req) diff --git a/service/batch/client.go b/service/batch/client.go index d187a9f40..4e385184a 100644 --- a/service/batch/client.go +++ b/service/batch/client.go @@ -25,6 +25,7 @@ import ( apimodel "github.com/polarismesh/specification/source/go/api/v1/model" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/store" ) @@ -194,7 +195,7 @@ func (ctrl *ClientCtrl) registerHandler(futures []*ClientFuture) error { clients = append(clients, model.NewClient(entry.request)) } if err := ctrl.storage.BatchAddClients(clients); err != nil { - SendClientReply(futures, StoreCode2APICode(err), err) + SendClientReply(futures, commonstore.StoreCode2APICode(err), err) return err } @@ -220,7 +221,7 @@ func (ctrl *ClientCtrl) deregisterHandler(futures []*ClientFuture) error { clients = append(clients, id) } if err := ctrl.storage.BatchDeleteClients(clients); err != nil { - SendClientReply(futures, StoreCode2APICode(err), err) + SendClientReply(futures, commonstore.StoreCode2APICode(err), err) return err } diff --git a/service/batch/instance.go b/service/batch/instance.go index b6d9016d9..25d2205d7 100644 --- a/service/batch/instance.go +++ b/service/batch/instance.go @@ -31,6 +31,7 @@ import ( "github.com/polarismesh/polaris/cache" api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/utils" "github.com/polarismesh/polaris/store" ) @@ -307,7 +308,7 @@ func (ctrl *InstanceCtrl) registerHandler(futures []*InstanceFuture) error { instances = append(instances, entry.instance) } if err := ctrl.storage.BatchAddInstances(instances); err != nil { - sendReply(remains, apimodel.Code(StoreCode2APICode(err)), err) + sendReply(remains, commonstore.StoreCode2APICode(err), err) return err } @@ -368,17 +369,17 @@ func (ctrl *InstanceCtrl) heartbeatHandler(futures []*InstanceFuture) error { err := ctrl.storage.BatchSetInstanceHealthStatus(idValues, model.StatusBoolToInt(healthy), utils.NewUUID()) if err != nil { log.Errorf("[Batch] batch healthy check instances err: %s", err.Error()) - sendReply(futures, apimodel.Code_StoreLayerException, err) + sendReply(futures, commonstore.StoreCode2APICode(err), err) return err } if err := ctrl.storage.BatchAppendInstanceMetadata(appendMetaReqs); err != nil { log.Errorf("[Batch] batch healthy check instances append metadata err: %s", err.Error()) - sendReply(futures, apimodel.Code_StoreLayerException, err) + sendReply(futures, commonstore.StoreCode2APICode(err), err) return err } if err := ctrl.storage.BatchRemoveInstanceMetadata(removeMetaReqs); err != nil { log.Errorf("[Batch] batch healthy check instances remove metadata err: %s", err.Error()) - sendReply(futures, apimodel.Code_StoreLayerException, err) + sendReply(futures, commonstore.StoreCode2APICode(err), err) return err } } @@ -417,7 +418,7 @@ func (ctrl *InstanceCtrl) deregisterHandler(futures []*InstanceFuture) error { instances, err := ctrl.storage.GetInstancesBrief(ids) if err != nil { log.Errorf("[Batch] get instances service token err: %s", err.Error()) - sendReply(remains, apimodel.Code_StoreLayerException, err) + sendReply(remains, commonstore.StoreCode2APICode(err), err) return err } for _, future := range futures { @@ -444,7 +445,7 @@ func (ctrl *InstanceCtrl) deregisterHandler(futures []*InstanceFuture) error { } if err := ctrl.storage.BatchDeleteInstances(args); err != nil { log.Errorf("[Batch] batch delete instances err: %s", err.Error()) - sendReply(remains, apimodel.Code_StoreLayerException, err) + sendReply(remains, commonstore.StoreCode2APICode(err), err) return err } @@ -467,7 +468,7 @@ func (ctrl *InstanceCtrl) batchRestoreInstanceIsolate(futures map[string]*Instan var err error if id2Isolate, err = ctrl.storage.BatchGetInstanceIsolate(ids); err != nil { log.Errorf("[Batch] check instances existed storage err: %s", err.Error()) - sendReply(futures, apimodel.Code_StoreLayerException, err) + sendReply(futures, commonstore.StoreCode2APICode(err), err) return err } diff --git a/service/circuitbreaker_rule.go b/service/circuitbreaker_rule.go index 24da16808..5a5ac3765 100644 --- a/service/circuitbreaker_rule.go +++ b/service/circuitbreaker_rule.go @@ -31,6 +31,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -326,7 +327,7 @@ func (s *Server) checkCircuitBreakerRuleExists(id, requestID string) *apiservice exists, err := s.storage.HasCircuitBreakerRule(id) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return api.NewResponse(apimodel.Code_StoreLayerException) + return api.NewResponse(commonstore.StoreCode2APICode(err)) } if !exists { return api.NewResponse(apimodel.Code_NotFoundCircuitBreaker) @@ -349,7 +350,7 @@ func (s *Server) GetCircuitBreakerRules(ctx context.Context, query map[string]st total, cbRules, err := s.storage.GetCircuitBreakerRules(query, offset, limit) if err != nil { log.Errorf("get circuitbreaker rules store err: %s", err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } out := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) out.Amount = utils.NewUInt32Value(total) diff --git a/service/client_info.go b/service/client_info.go index f901ff45a..e456cc23f 100644 --- a/service/client_info.go +++ b/service/client_info.go @@ -26,6 +26,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/utils" ) @@ -118,7 +119,7 @@ func (s *Server) GetReportClients(ctx context.Context, query map[string]string) total, services, err := s.caches.Client().GetClientsByFilter(searchFilters, offset, limit) if err != nil { log.Errorf("[Server][Client][Query] req(%+v) store err: %s", query, err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } resp := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) diff --git a/service/faultdetect_config.go b/service/faultdetect_config.go index e7c98b5c5..474afbed3 100644 --- a/service/faultdetect_config.go +++ b/service/faultdetect_config.go @@ -31,6 +31,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -252,7 +253,7 @@ func (s *Server) checkFaultDetectRuleExists(id, requestID string) *apiservice.Re exists, err := s.storage.HasFaultDetectRule(id) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return api.NewResponse(apimodel.Code_StoreLayerException) + return api.NewResponse(commonstore.StoreCode2APICode(err)) } if !exists { return api.NewResponse(apimodel.Code_NotFoundResource) @@ -292,7 +293,7 @@ func (s *Server) GetFaultDetectRules(ctx context.Context, query map[string]strin total, cbRules, err := s.storage.GetFaultDetectRules(query, offset, limit) if err != nil { log.Errorf("get fault detect rules store err: %s", err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } out := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) out.Amount = utils.NewUInt32Value(total) diff --git a/service/healthcheck/check.go b/service/healthcheck/check.go index d2f1199df..8b1aae4f1 100644 --- a/service/healthcheck/check.go +++ b/service/healthcheck/check.go @@ -28,6 +28,7 @@ import ( "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/srand" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/timewheel" "github.com/polarismesh/polaris/common/utils" "github.com/polarismesh/polaris/plugin" @@ -651,7 +652,7 @@ func serialSetInsDbStatus(ins *apiservice.Instance, healthStatus bool, lastBeatT err := server.storage.SetInstanceHealthStatus(id, model.StatusBoolToInt(healthStatus), utils.NewUUID()) if err != nil { log.Errorf("[Health Check][Check]id: %s set db status err:%s", id, err) - return apimodel.Code_StoreLayerException + return commonstore.StoreCode2APICode(err) } return apimodel.Code_ExecuteSuccess } diff --git a/service/instance.go b/service/instance.go index cf5e25d60..c53dd5bf2 100644 --- a/service/instance.go +++ b/service/instance.go @@ -33,6 +33,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/eventhub" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/utils" ) @@ -193,7 +194,7 @@ func (s *Server) serialCreateInstance( if err != nil { log.Error("[Instance] get instance from store", utils.ZapRequestID(rid), utils.ZapPlatformID(pid), zap.Error(err)) - return nil, api.NewInstanceResponse(apimodel.Code_StoreLayerException, req) + return nil, api.NewInstanceResponse(commonstore.StoreCode2APICode(err), req) } // 如果存在,则替换实例的属性数据,但是需要保留用户设置的隔离状态,以免出现关键状态丢失 if instance != nil && ins.Isolate == nil { @@ -263,7 +264,7 @@ func (s *Server) serialDeleteInstance( instance, err := s.storage.GetInstance(ins.GetId().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewInstanceResponse(apimodel.Code_StoreLayerException, req) + return api.NewInstanceResponse(commonstore.StoreCode2APICode(err), req) } if instance == nil { // 实例不存在,则返回成功 @@ -575,7 +576,7 @@ func (s *Server) getInstancesMainByService(ctx context.Context, req *apiservice. service, err := s.storage.GetSourceServiceToken(req.GetService().GetValue(), req.GetNamespace().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return nil, nil, api.NewInstanceResponse(apimodel.Code_StoreLayerException, req) + return nil, nil, api.NewInstanceResponse(commonstore.StoreCode2APICode(err), req) } if service == nil { return nil, nil, api.NewInstanceResponse(apimodel.Code_NotFoundService, req) @@ -585,7 +586,7 @@ func (s *Server) getInstancesMainByService(ctx context.Context, req *apiservice. instances, err := s.storage.GetInstancesMainByService(service.ID, req.GetHost().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return nil, nil, api.NewInstanceResponse(apimodel.Code_StoreLayerException, req) + return nil, nil, api.NewInstanceResponse(commonstore.StoreCode2APICode(err), req) } return instances, service, nil } @@ -754,10 +755,10 @@ func (s *Server) GetInstances(ctx context.Context, query map[string]string) *api return api.NewBatchQueryResponse(apimodel.Code_InvalidParameter) } - total, instances, err := s.storage.GetExpandInstances(filters, metaFilter, offset, limit) + total, instances, err := s.Cache().Instance().QueryInstances(filters, metaFilter, offset, limit) if err != nil { log.Errorf("[Server][Instances][Query] instances store err: %s", err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } out := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -814,7 +815,7 @@ func (s *Server) GetInstancesCount(ctx context.Context) *apiservice.BatchQueryRe count, err := s.storage.GetInstancesCount() if err != nil { log.Errorf("[Server][Instance][Count] storage get err: %s", err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } out := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -839,7 +840,7 @@ func (s *Server) execInstancePreStep(ctx context.Context, req *apiservice.Instan if err != nil { log.Error("[Instance] get instance from store", utils.ZapRequestID(rid), utils.ZapInstanceID(instanceID), zap.Error(err)) - return nil, nil, api.NewInstanceResponse(apimodel.Code_StoreLayerException, req) + return nil, nil, api.NewInstanceResponse(commonstore.StoreCode2APICode(err), req) } if instance == nil { return nil, nil, api.NewInstanceResponse(apimodel.Code_NotFoundInstance, req) @@ -859,7 +860,7 @@ func (s *Server) instanceAuth(ctx context.Context, req *apiservice.Instance, ser service, err := s.storage.GetServiceByID(serviceID) if err != nil { log.Error(err.Error(), utils.ZapRequestID(utils.ParseRequestID(ctx))) - return nil, api.NewInstanceResponse(apimodel.Code_StoreLayerException, req) + return nil, api.NewInstanceResponse(commonstore.StoreCode2APICode(err), req) } if service == nil { return nil, api.NewInstanceResponse(apimodel.Code_NotFoundResource, req) @@ -1001,7 +1002,7 @@ func (s *Server) loadService(namespace string, svcName string) (*model.Service, // 再走数据库查询一遍 svc, err := s.storage.GetService(svcName, namespace) if err != nil { - return nil, api.NewResponseWithMsg(apimodel.Code_StoreLayerException, err.Error()) + return nil, api.NewResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } if svc != nil && svc.IsAlias() { return nil, api.NewResponseWithMsg(apimodel.Code_BadRequest, "service is alias") @@ -1143,22 +1144,22 @@ func preGetInstances(query map[string]string) (map[string]string, map[string]str delete(query, "health_status") } - bool2Str := func(key string) { - val, ok := query[key] - if !ok { - return - } - if val == "true" { - query[key] = "1" - } else if val == "false" { - query[key] = "0" - } - } - - // 处理一下两个bool值的字段 - bool2Str("health_status") - bool2Str("healthy") - bool2Str("isolate") + // bool2Str := func(key string) { + // val, ok := query[key] + // if !ok { + // return + // } + // if val == "true" { + // query[key] = "1" + // } else if val == "false" { + // query[key] = "0" + // } + // } + + // // 处理一下两个bool值的字段 + // bool2Str("health_status") + // bool2Str("healthy") + // bool2Str("isolate") filters := make(map[string]string) for key, value := range query { diff --git a/service/ratelimit_config.go b/service/ratelimit_config.go index 2a17c5635..e048639ca 100644 --- a/service/ratelimit_config.go +++ b/service/ratelimit_config.go @@ -33,6 +33,7 @@ import ( "github.com/polarismesh/polaris/cache" api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -266,7 +267,7 @@ func (s *Server) GetRateLimits(ctx context.Context, query map[string]string) *ap total, extendRateLimits, err := s.Cache().RateLimit().QueryRateLimitRules(*args) if err != nil { log.Errorf("get rate limits store err: %s", err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } out := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -338,7 +339,7 @@ func (s *Server) checkRateLimitValid(ctx context.Context, serviceID string, req service, err := s.storage.GetServiceByID(serviceID) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return nil, api.NewRateLimitResponse(apimodel.Code_StoreLayerException, req) + return nil, api.NewRateLimitResponse(commonstore.StoreCode2APICode(err), req) } return service, nil @@ -412,7 +413,7 @@ func (s *Server) checkRateLimitExisted( rateLimit, err := s.storage.GetRateLimitWithID(id) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID)) - return nil, api.NewRateLimitResponse(apimodel.Code_StoreLayerException, req) + return nil, api.NewRateLimitResponse(commonstore.StoreCode2APICode(err), req) } if rateLimit == nil { return nil, api.NewRateLimitResponse(apimodel.Code_NotFoundRateLimit, req) diff --git a/service/routing_config_v1.go b/service/routing_config_v1.go index d2ff86d7b..7c4826d8c 100644 --- a/service/routing_config_v1.go +++ b/service/routing_config_v1.go @@ -30,6 +30,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" ) @@ -73,7 +74,7 @@ func (s *Server) CreateRoutingConfig(ctx context.Context, req *apitraffic.Routin service, errResp := s.loadService(namespaceName, serviceName) if errResp != nil { log.Error(errResp.GetInfo().GetValue(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return api.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return api.NewRoutingResponse(apimodel.Code(errResp.GetCode().GetValue()), req) } if service == nil { return api.NewRoutingResponse(apimodel.Code_NotFoundService, req) @@ -85,7 +86,7 @@ func (s *Server) CreateRoutingConfig(ctx context.Context, req *apitraffic.Routin routingConfig, err := s.storage.GetRoutingConfigWithService(service.Name, service.Namespace) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return api.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return api.NewRoutingResponse(commonstore.StoreCode2APICode(err), req) } if routingConfig != nil { return api.NewRoutingResponse(apimodel.Code_ExistedResource, req) @@ -167,7 +168,7 @@ func (s *Server) UpdateRoutingConfig(ctx context.Context, req *apitraffic.Routin conf, err := s.storage.GetRoutingConfigWithService(service.Name, service.Namespace) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return api.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return api.NewRoutingResponse(commonstore.StoreCode2APICode(err), req) } if conf == nil { return api.NewRoutingResponse(apimodel.Code_NotFoundRouting, req) @@ -218,7 +219,7 @@ func (s *Server) GetRoutingConfigs(ctx context.Context, query map[string]string) total, routings, err := s.storage.GetRoutingConfigs(filter, offset, limit) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } resp := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -252,7 +253,7 @@ func (s *Server) routingConfigCommonCheck( service, err := s.storage.GetService(serviceName, namespaceName) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return nil, api.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return nil, api.NewRoutingResponse(commonstore.StoreCode2APICode(err), req) } if service == nil { return nil, api.NewRoutingResponse(apimodel.Code_NotFoundService, req) diff --git a/service/routing_config_v1tov2.go b/service/routing_config_v1tov2.go index cb6a452ed..8e34bb4b6 100644 --- a/service/routing_config_v1tov2.go +++ b/service/routing_config_v1tov2.go @@ -27,6 +27,7 @@ import ( apiv1 "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/utils" ) @@ -42,7 +43,7 @@ func (s *Server) createRoutingConfigV1toV2(ctx context.Context, req *apitraffic. if errResp != nil { log.Error("[Service][Routing] get read lock for service", zap.String("service", serviceName), zap.String("namespace", namespaceName), utils.ZapRequestIDByCtx(ctx), zap.Any("err", errResp)) - return apiv1.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return apiv1.NewRoutingResponse(apimodel.Code(errResp.GetCode().GetValue()), req) } if svc == nil { return apiv1.NewRoutingResponse(apimodel.Code_NotFoundService, req) @@ -75,7 +76,7 @@ func (s *Server) updateRoutingConfigV1toV2(ctx context.Context, req *apitraffic. serviceTx, err := s.storage.CreateTransaction() if err != nil { log.Error(err.Error(), utils.ZapRequestIDByCtx(ctx)) - return apiv1.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return apiv1.NewRoutingResponse(commonstore.StoreCode2APICode(err), req) } // Release the lock for the service defer func() { @@ -86,13 +87,13 @@ func (s *Server) updateRoutingConfigV1toV2(ctx context.Context, req *apitraffic. if _, err = serviceTx.LockService(svc.Name, svc.Namespace); err != nil { log.Error("[Service][Routing] get service x-lock", zap.String("service", svc.Name), zap.String("namespace", svc.Namespace), utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return apiv1.NewRoutingResponse(commonstore.StoreCode2APICode(err), req) } conf, err := s.storage.GetRoutingConfigWithService(svc.Name, svc.Namespace) if err != nil { log.Error(err.Error(), utils.ZapRequestIDByCtx(ctx)) - return apiv1.NewRoutingResponse(apimodel.Code_StoreLayerException, req) + return apiv1.NewRoutingResponse(commonstore.StoreCode2APICode(err), req) } if conf == nil { return apiv1.NewRoutingResponse(apimodel.Code_NotFoundRouting, req) @@ -118,7 +119,7 @@ func (s *Server) saveRoutingV1toV2(ctx context.Context, svcId string, if err != nil { log.Error("[Service][Routing] create routing v2 from v1 open tx", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } defer func() { _ = tx.Rollback() @@ -128,7 +129,7 @@ func (s *Server) saveRoutingV1toV2(ctx context.Context, svcId string, if err := s.storage.DeleteRoutingConfigTx(tx, svcId); err != nil { log.Error("[Service][Routing] clean routing v1 from store", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } saveOperation := func(routings []*apitraffic.RouteRule) *apiservice.Response { @@ -156,7 +157,7 @@ func (s *Server) saveRoutingV1toV2(ctx context.Context, svcId string, if err := s.storage.CreateRoutingConfigV2Tx(tx, data); err != nil { log.Error("[Routing][V2] create routing v2 from v1 into store", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } s.RecordHistory(ctx, routingV2RecordEntry(ctx, item, data, model.OCreate)) } diff --git a/service/routing_config_v2.go b/service/routing_config_v2.go index 3c2f2b5d9..ac879bba5 100644 --- a/service/routing_config_v2.go +++ b/service/routing_config_v2.go @@ -32,6 +32,7 @@ import ( "github.com/polarismesh/polaris/cache" apiv1 "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/utils" ) @@ -85,7 +86,7 @@ func (s *Server) createRoutingConfigV2(ctx context.Context, req *apitraffic.Rout if err := s.storage.CreateRoutingConfigV2(conf); err != nil { log.Error("[Routing][V2] create routing config v2 store layer", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } s.RecordHistory(ctx, routingV2RecordEntry(ctx, req, conf, model.OCreate)) @@ -127,7 +128,7 @@ func (s *Server) deleteRoutingConfigV2(ctx context.Context, req *apitraffic.Rout if err := s.storage.DeleteRoutingConfigV2(req.Id); err != nil { log.Error("[Routing][V2] delete routing config v2 store layer", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } s.RecordHistory(ctx, routingV2RecordEntry(ctx, req, &model.RouterConfig{ @@ -175,7 +176,7 @@ func (s *Server) updateRoutingConfigV2(ctx context.Context, req *apitraffic.Rout if err != nil { log.Error("[Routing][V2] get routing config v2 store layer", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } if conf == nil { return apiv1.NewResponse(apimodel.Code_NotFoundRouting) @@ -192,7 +193,7 @@ func (s *Server) updateRoutingConfigV2(ctx context.Context, req *apitraffic.Rout if err := s.storage.UpdateRoutingConfigV2(reqModel); err != nil { log.Error("[Routing][V2] update routing config v2 store layer", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } s.RecordHistory(ctx, routingV2RecordEntry(ctx, req, reqModel, model.OUpdate)) @@ -253,7 +254,7 @@ func (s *Server) enableRoutings(ctx context.Context, req *apitraffic.RouteRule) if err != nil { log.Error("[Routing][V2] get routing config v2 store layer", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } if conf == nil { return apiv1.NewResponse(apimodel.Code_NotFoundRouting) @@ -265,7 +266,7 @@ func (s *Server) enableRoutings(ctx context.Context, req *apitraffic.RouteRule) if err := s.storage.EnableRouting(conf); err != nil { log.Error("[Routing][V2] enable routing config v2 store layer", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } s.RecordHistory(ctx, routingV2RecordEntry(ctx, req, conf, model.OUpdate)) @@ -280,7 +281,7 @@ func (s *Server) transferV1toV2OnModify(ctx context.Context, req *apitraffic.Rou if err != nil { log.Error("[Routing][V2] get routing config v1 store layer", utils.ZapRequestIDByCtx(ctx), zap.Error(err)) - return apiv1.NewResponse(apimodel.Code_StoreLayerException) + return apiv1.NewResponse(commonstore.StoreCode2APICode(err)) } if v1conf != nil { svc, err := s.loadServiceByID(svcId) diff --git a/service/service.go b/service/service.go index 88d349bf4..ed0738442 100644 --- a/service/service.go +++ b/service/service.go @@ -32,9 +32,9 @@ import ( "github.com/polarismesh/polaris/cache" api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" - "github.com/polarismesh/polaris/service/batch" ) const ( @@ -106,7 +106,7 @@ func (s *Server) CreateService(ctx context.Context, req *apiservice.Service) *ap if err != nil { log.Error("[Service] get namespace fail", utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID), zap.Error(err)) - return api.NewServiceResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceResponse(commonstore.StoreCode2APICode(err), req) } if namespace == nil { return api.NewServiceResponse(apimodel.Code_NotFoundNamespace, req) @@ -117,7 +117,7 @@ func (s *Server) CreateService(ctx context.Context, req *apiservice.Service) *ap if err != nil { log.Error("[Service] get service fail", utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID), zap.Error(err)) - return api.NewServiceResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceResponse(commonstore.StoreCode2APICode(err), req) } if service != nil { req.Id = utils.NewStringValue(service.ID) @@ -130,12 +130,12 @@ func (s *Server) CreateService(ctx context.Context, req *apiservice.Service) *ap log.Error("[Service] save service fail", utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID), zap.Error(err)) // 如果在存储层发现资源存在错误,则需要再一次从存储层获取响应的信息,填充响应的 svc_id 信息 - if batch.StoreCode2APICode(err) == apimodel.Code_ExistedResource { + if commonstore.StoreCode2APICode(err) == apimodel.Code_ExistedResource { // 检查是否存在 service, err := s.storage.GetService(serviceName, namespaceName) if err != nil { log.Error("[Service] get service fail", utils.ZapRequestID(requestID), zap.Error(err)) - return api.NewServiceResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceResponse(commonstore.StoreCode2APICode(err), req) } if service != nil { req.Id = utils.NewStringValue(service.ID) @@ -199,7 +199,7 @@ func (s *Server) DeleteService(ctx context.Context, req *apiservice.Service) *ap service, err := s.storage.GetService(serviceName, namespaceName) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return api.NewServiceResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceResponse(commonstore.StoreCode2APICode(err), req) } if service == nil { return api.NewServiceResponse(apimodel.Code_ExecuteSuccess, req) @@ -443,12 +443,12 @@ func (s *Server) GetServices(ctx context.Context, query map[string]string) *apis err = s.caches.Service().Update() if err != nil { log.Errorf("[Server][Service][Query] req(%+v) update store err: %s", query, err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } total, services, err := s.caches.Service().GetServicesByFilter(serviceArgs, instanceArgs, offset, limit) if err != nil { log.Errorf("[Server][Service][Query] req(%+v) store err: %s", query, err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } resp := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -499,7 +499,7 @@ func (s *Server) GetServicesCount(ctx context.Context) *apiservice.BatchQueryRes count, err := s.storage.GetServicesCount() if err != nil { log.Errorf("[Server][Service][Count] get service count storage err: %s", err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } out := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -543,7 +543,7 @@ func (s *Server) GetServiceOwner(ctx context.Context, req []*apiservice.Service) services, err := s.storage.GetServicesBatch(apis2ServicesName(req)) if err != nil { log.Error(err.Error(), utils.ZapRequestID(requestID), utils.ZapPlatformID(platformID)) - return api.NewBatchQueryResponseWithMsg(apimodel.Code_StoreLayerException, err.Error()) + return api.NewBatchQueryResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } resp := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -738,7 +738,7 @@ func (s *Server) isServiceExistedResource(rid, pid string, service *model.Servic total, err := s.getInstancesCountWithService(service.Name, service.Namespace) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return api.NewServiceResponse(apimodel.Code_StoreLayerException, out) + return api.NewServiceResponse(commonstore.StoreCode2APICode(err), out) } if total != 0 { return api.NewServiceResponse(apimodel.Code_ServiceExistedInstances, out) @@ -747,7 +747,7 @@ func (s *Server) isServiceExistedResource(rid, pid string, service *model.Servic total, err = s.getServiceAliasCountWithService(service.Name, service.Namespace) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return api.NewServiceResponse(apimodel.Code_StoreLayerException, out) + return api.NewServiceResponse(commonstore.StoreCode2APICode(err), out) } if total != 0 { return api.NewServiceResponse(apimodel.Code_ServiceExistedAlias, out) @@ -757,7 +757,7 @@ func (s *Server) isServiceExistedResource(rid, pid string, service *model.Servic total, err = s.getRoutingCountWithService(service.ID) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return api.NewServiceResponse(apimodel.Code_StoreLayerException, out) + return api.NewServiceResponse(commonstore.StoreCode2APICode(err), out) } if total != 0 { @@ -779,7 +779,7 @@ func (s *Server) checkServiceAuthority(ctx context.Context, req *apiservice.Serv svc, err := s.storage.GetService(serviceName, namespaceName) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return nil, "", api.NewServiceResponse(apimodel.Code_StoreLayerException, req) + return nil, "", api.NewServiceResponse(commonstore.StoreCode2APICode(err), req) } if svc == nil { return nil, "", api.NewServiceResponse(apimodel.Code_NotFoundResource, req) @@ -788,7 +788,7 @@ func (s *Server) checkServiceAuthority(ctx context.Context, req *apiservice.Serv svc, err = s.storage.GetServiceByID(svc.Reference) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid), utils.ZapPlatformID(pid)) - return nil, "", api.NewServiceResponse(apimodel.Code_StoreLayerException, req) + return nil, "", api.NewServiceResponse(commonstore.StoreCode2APICode(err), req) } if svc == nil { return nil, "", api.NewServiceResponse(apimodel.Code_NotFoundResource, req) diff --git a/service/service_alias.go b/service/service_alias.go index 93a0f8523..6f7bccd1d 100644 --- a/service/service_alias.go +++ b/service/service_alias.go @@ -28,6 +28,7 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/model" + commonstore "github.com/polarismesh/polaris/common/store" commontime "github.com/polarismesh/polaris/common/time" "github.com/polarismesh/polaris/common/utils" "github.com/polarismesh/polaris/store" @@ -56,7 +57,7 @@ func (s *Server) CreateServiceAlias(ctx context.Context, req *apiservice.Service tx, err := s.storage.CreateTransaction() if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } defer func() { _ = tx.Commit() }() @@ -71,7 +72,7 @@ func (s *Server) CreateServiceAlias(ctx context.Context, req *apiservice.Service req.GetAliasNamespace().GetValue()) if getErr != nil { log.Error(getErr.Error(), utils.ZapRequestID(rid)) - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } if oldAlias != nil { return api.NewServiceAliasResponse(apimodel.Code_ExistedResource, req) @@ -85,7 +86,7 @@ func (s *Server) CreateServiceAlias(ctx context.Context, req *apiservice.Service } if err := s.storage.AddService(input); err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } log.Info(fmt.Sprintf("create service alias, service(%s, %s), alias(%s, %s)", @@ -111,7 +112,7 @@ func (s *Server) checkPointServiceAlias( service, err := tx.LockService(req.GetService().GetValue(), req.GetNamespace().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return nil, api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req), true + return nil, api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req), true } if service == nil { return nil, api.NewServiceAliasResponse(apimodel.Code_NotFoundService, req), true @@ -136,7 +137,7 @@ func (s *Server) DeleteServiceAlias(ctx context.Context, req *apiservice.Service req.GetAliasNamespace().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } if alias == nil { return api.NewServiceAliasResponse(apimodel.Code_NotFoundServiceAlias, req) @@ -146,7 +147,7 @@ func (s *Server) DeleteServiceAlias(ctx context.Context, req *apiservice.Service if err := s.storage.DeleteServiceAlias(req.GetAlias().GetValue(), req.GetAliasNamespace().GetValue()); err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } return api.NewServiceAliasResponse(apimodel.Code_ExecuteSuccess, req) @@ -198,7 +199,7 @@ func (s *Server) UpdateServiceAlias(ctx context.Context, req *apiservice.Service alias, err := s.storage.GetService(req.GetAlias().GetValue(), req.GetAliasNamespace().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } if alias == nil { return api.NewServiceAliasResponse(apimodel.Code_NotFoundServiceAlias, req) @@ -208,7 +209,7 @@ func (s *Server) UpdateServiceAlias(ctx context.Context, req *apiservice.Service service, err := s.storage.GetService(req.GetService().GetValue(), req.GetNamespace().GetValue()) if err != nil { log.Error(err.Error(), utils.ZapRequestID(rid)) - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } if service == nil { return api.NewServiceAliasResponse(apimodel.Code_NotFoundService, req) @@ -266,7 +267,7 @@ func (s *Server) GetServiceAliases(ctx context.Context, query map[string]string) total, aliases, err := s.storage.GetServiceAliases(filter, offset, limit) if err != nil { log.Errorf("[Server][Alias] get aliases err: %s", err.Error()) - return api.NewBatchQueryResponse(apimodel.Code_StoreLayerException) + return api.NewBatchQueryResponse(commonstore.StoreCode2APICode(err)) } resp := api.NewBatchQueryResponse(apimodel.Code_ExecuteSuccess) @@ -385,7 +386,7 @@ func (s *Server) updateServiceAliasAttribute(req *apiservice.ServiceAlias, alias // 获取当前指向服务 service, err := s.storage.GetServiceByID(alias.Reference) if err != nil { - return api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req), needUpdate, needUpdateOwner + return api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req), needUpdate, needUpdateOwner } if service.ID != serviceID { @@ -436,7 +437,7 @@ func (s *Server) createServiceAliasModel(req *apiservice.ServiceAlias, svcId str sid, err := s.storage.GenNextL5Sid(layoutID) if err != nil { log.Errorf("[Server] gen next l5 sid err: %s", err.Error()) - return nil, api.NewServiceAliasResponse(apimodel.Code_StoreLayerException, req) + return nil, api.NewServiceAliasResponse(commonstore.StoreCode2APICode(err), req) } out.Name = sid } diff --git a/service/utils.go b/service/utils.go index e6eb1ff2b..59614aac7 100644 --- a/service/utils.go +++ b/service/utils.go @@ -29,8 +29,8 @@ import ( apiservice "github.com/polarismesh/specification/source/go/api/v1/service_manage" api "github.com/polarismesh/polaris/common/api/v1" + commonstore "github.com/polarismesh/polaris/common/store" "github.com/polarismesh/polaris/common/utils" - "github.com/polarismesh/polaris/service/batch" "github.com/polarismesh/polaris/store" ) @@ -175,7 +175,7 @@ func storeError2Response(err error) *apiservice.Response { if err == nil { return nil } - return api.NewResponseWithMsg(batch.StoreCode2APICode(err), err.Error()) + return api.NewResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } // storeError2AnyResponse store code @@ -184,9 +184,9 @@ func storeError2AnyResponse(err error, msg proto.Message) *apiservice.Response { return nil } if nil == msg { - return api.NewResponseWithMsg(batch.StoreCode2APICode(err), err.Error()) + return api.NewResponseWithMsg(commonstore.StoreCode2APICode(err), err.Error()) } - resp := api.NewAnyDataResponse(batch.StoreCode2APICode(err), msg) + resp := api.NewAnyDataResponse(commonstore.StoreCode2APICode(err), msg) resp.Info = &wrappers.StringValue{Value: err.Error()} return resp } From cdc045b915bfc7ff674dfd0ae1d3fd819821a76e Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 24 May 2023 18:56:58 +0800 Subject: [PATCH 07/37] feat:support rls to push xds client --- apiserver/xdsserverv3/gateway.go | 77 ------------------- .../{configurations.go => mtls.go} | 0 apiserver/xdsserverv3/sidecar.go | 4 - bootstrap/config/README.md | 1 - bootstrap/config/config.go | 2 + bootstrap/server.go | 24 ++++++ common/batchjob/config.go | 10 +-- import-format.sh | 2 +- plugin/healthchecker/leader/config.go | 24 +++--- release/conf/polaris-server.yaml | 20 +++-- 10 files changed, 60 insertions(+), 104 deletions(-) rename apiserver/xdsserverv3/{configurations.go => mtls.go} (100%) delete mode 100644 bootstrap/config/README.md diff --git a/apiserver/xdsserverv3/gateway.go b/apiserver/xdsserverv3/gateway.go index 10ad7dc15..80ea3c7fa 100644 --- a/apiserver/xdsserverv3/gateway.go +++ b/apiserver/xdsserverv3/gateway.go @@ -31,7 +31,6 @@ import ( "github.com/golang/protobuf/ptypes/wrappers" apimodel "github.com/polarismesh/specification/source/go/api/v1/model" "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" - "google.golang.org/protobuf/types/known/anypb" "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" @@ -132,15 +131,6 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r callerService := xdsNode.Metadata[GatewayServiceName] callerNamespace := xdsNode.Metadata[GatewayNamespaceName] - ratelimitGetter := x.RatelimitConfigGetter - if ratelimitGetter == nil { - ratelimitGetter = x.namingServer.Cache().RateLimit().GetRateLimitRules - } - ratelimitRules, _ := ratelimitGetter(model.ServiceKey{ - Namespace: callerNamespace, - Name: callerService, - }) - routerCache := x.namingServer.Cache().RoutingConfig() routerCache.IteratorRouterRule(func(_ string, rule *model.ExtendRouterConfig) { if !rule.Enable { @@ -181,8 +171,6 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r continue } - ratelimitActions, localRateLimit := x.makeGatewayRouteLimit(namespace, xdsNode, routeMatch, ratelimitRules) - route := &route.Route{ Match: routeMatch, Action: &route.Route_Route{ @@ -190,12 +178,8 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r ClusterSpecifier: &route.RouteAction_WeightedClusters{ WeightedClusters: buildWeightClustersV2(subRule.GetDestinations()), }, - RateLimits: ratelimitActions, }, }, - TypedPerFilterConfig: map[string]*anypb.Any{ - "envoy.filters.http.local_ratelimit": localRateLimit, - }, } routes = append(routes, route) } @@ -219,67 +203,6 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r return routes } -func (x *XDSServer) makeGatewayRouteLimit(namespace string, xdsNode *XDSClient, - routeMatch *route.RouteMatch, ratelimitRules []*model.RateLimit) ([]*route.RateLimit, *anypb.Any) { - - var ( - prefix *route.RouteMatch_Prefix - regx *route.RouteMatch_SafeRegex - ) - - actions := make([]*route.RateLimit_Action, 0, 4) - - pathSpecifier := routeMatch.PathSpecifier - switch pathSpecifier.(type) { - case *route.RouteMatch_Prefix: - prefix = pathSpecifier.(*route.RouteMatch_Prefix) - case *route.RouteMatch_SafeRegex: - regx = pathSpecifier.(*route.RouteMatch_SafeRegex) - } - - for i := range ratelimitRules { - rule := ratelimitRules[i] - if rule.Disable { - continue - } - - pathMatch := false - switch rule.Proto.GetMethod().GetType() { - case apimodel.MatchString_EXACT: - if prefix != nil && prefix.Prefix == rule.Proto.GetMethod().GetValue().GetValue() { - pathMatch = true - } - case apimodel.MatchString_REGEX: - if regx != nil && regx.SafeRegex.GetRegex() == rule.Proto.GetMethod().GetValue().GetValue() { - pathMatch = true - } - } - - if !pathMatch { - continue - } - - for ai := range rule.Proto.GetArguments() { - argument := rule.Proto.GetArguments()[ai] - argumentKey := model.BuildArgumentKey(argument.Type, argument.Key) - switch argument.Type { - case traffic_manage.MatchArgument_HEADER: - actions = append(actions, &route.RateLimit_Action{ - ActionSpecifier: &route.RateLimit_Action_RequestHeaders_{ - RequestHeaders: &route.RateLimit_Action_RequestHeaders{ - HeaderName: argumentKey, - DescriptorKey: argumentKey, - SkipIfAbsent: false, - }, - }, - }) - } - } - } - - return nil, nil -} - func buildGatewayRouteMatch(routeMatch *route.RouteMatch, source *traffic_manage.SourceService) { for i := range source.GetArguments() { argument := source.GetArguments()[i] diff --git a/apiserver/xdsserverv3/configurations.go b/apiserver/xdsserverv3/mtls.go similarity index 100% rename from apiserver/xdsserverv3/configurations.go rename to apiserver/xdsserverv3/mtls.go diff --git a/apiserver/xdsserverv3/sidecar.go b/apiserver/xdsserverv3/sidecar.go index 6c1e789fb..82284fb6d 100644 --- a/apiserver/xdsserverv3/sidecar.go +++ b/apiserver/xdsserverv3/sidecar.go @@ -249,10 +249,6 @@ func (x *XDSServer) makeSidecarVirtualHosts(services []*ServiceInfo) []types.Res Name: serviceInfo.Name, Domains: generateServiceDomains(serviceInfo), Routes: makeSidecarRoutes(serviceInfo), - // TypedPerFilterConfig: x.makeLocalRateLimit(model.ServiceKey{ - // Namespace: serviceInfo.Namespace, - // Name: serviceInfo.Name, - // }), } hosts = append(hosts, vHost) } diff --git a/bootstrap/config/README.md b/bootstrap/config/README.md deleted file mode 100644 index df71ccd59..000000000 --- a/bootstrap/config/README.md +++ /dev/null @@ -1 +0,0 @@ -# Config Service diff --git a/bootstrap/config/config.go b/bootstrap/config/config.go index 77af4f055..86ea90a3e 100644 --- a/bootstrap/config/config.go +++ b/bootstrap/config/config.go @@ -64,6 +64,8 @@ type Bootstrap struct { type PolarisService struct { EnableRegister bool `yaml:"enable_register"` ProbeAddress string `yaml:"probe_address"` + SelfAddress string `yaml:"self_address"` + NetworkInter string `yaml:"network_inter"` Isolated bool `yaml:"isolated"` HeartbeatInterval int `yaml:"heartbeat_interval"` Services []*Service `yaml:"services"` diff --git a/bootstrap/server.go b/bootstrap/server.go index f8d1a43e5..b21eef04a 100644 --- a/bootstrap/server.go +++ b/bootstrap/server.go @@ -451,6 +451,30 @@ func acquireLocalhost(ctx context.Context, polarisService *boot_config.PolarisSe log.Infof("[Bootstrap] polaris service config not found") return ctx, nil } + if len(polarisService.SelfAddress) != 0 { + utils.LocalHost = polarisService.SelfAddress + return utils.WithLocalhost(ctx, polarisService.SelfAddress), nil + } + if len(polarisService.NetworkInter) != 0 { + netInter, err := net.InterfaceByName(polarisService.NetworkInter) + if err != nil { + log.Errorf("get local host by network_interface: %s err: %s", polarisService.NetworkInter, err.Error()) + return nil, err + } + addrs, err := netInter.Addrs() + if err != nil { + log.Errorf("get local host by network_interface: %s err: %s", polarisService.NetworkInter, err.Error()) + return nil, err + } + for _, addr := range addrs { + if ipnet, ok := addr.(*net.IPNet); ok && !ipnet.IP.IsLoopback() { + if ipnet.IP.To4() != nil { + utils.LocalHost = ipnet.IP.String() + return utils.WithLocalhost(ctx, polarisService.SelfAddress), nil + } + } + } + } localHost, err := getLocalHost(polarisService.ProbeAddress) if err != nil { diff --git a/common/batchjob/config.go b/common/batchjob/config.go index e9dc08f8f..913b94137 100644 --- a/common/batchjob/config.go +++ b/common/batchjob/config.go @@ -25,15 +25,15 @@ import ( // CtrlConfig CtrlConfig . type CtrlConfig struct { // Label 批任务执行器标签 - Label string + Label string `json:"label"` // QueueSize 注册请求队列的长度 - QueueSize uint32 + QueueSize uint32 `json:"queueSize"` // WaitTime 最长多久一次批量操作 - WaitTime time.Duration + WaitTime time.Duration `json:"waitTime"` // MaxBatchCount 每次操作最大的批量数 - MaxBatchCount uint32 + MaxBatchCount uint32 `json:"maxBatchCount"` // Concurrency 任务工作协程数量 - Concurrency uint32 + Concurrency uint32 `json:"concurrency"` // Handler 任务处理函数 Handler func(tasks []Future) } diff --git a/import-format.sh b/import-format.sh index 269ba47f8..4a4086b8c 100644 --- a/import-format.sh +++ b/import-format.sh @@ -46,4 +46,4 @@ cd ../ go fmt ./... find . -name "*.go" -type f | grep -v .pb.go | grep -v test/tools/tools.go | grep -v ./plugin.go | - xargs -I {} ./goimports-reviser -rm-unused -format {} -local github.com/polarismesh/specification -project-name github.com/polarismesh/polaris \ No newline at end of file + xargs -I {} ./goimports-reviser -rm-unused -format {} -local github.com/polarismesh/specification -project-name github.com/polarismesh/polaris diff --git a/plugin/healthchecker/leader/config.go b/plugin/healthchecker/leader/config.go index 967d3cb29..9311368ab 100644 --- a/plugin/healthchecker/leader/config.go +++ b/plugin/healthchecker/leader/config.go @@ -18,24 +18,20 @@ package leader import ( - "encoding/json" "time" + "github.com/mitchellh/mapstructure" + "github.com/polarismesh/polaris/common/batchjob" ) type Config struct { - SoltNum int32 - StreamNum int32 - Batch batchjob.CtrlConfig + SoltNum int32 `json:"soltNum"` + StreamNum int32 `json:"streamNum"` + Batch batchjob.CtrlConfig `json:"batch,omitempty"` } func unmarshal(options map[string]interface{}) (*Config, error) { - contentBytes, err := json.Marshal(options) - if err != nil { - return nil, err - } - config := &Config{ SoltNum: DefaultSoltNum, StreamNum: int32(streamNum), @@ -46,7 +42,15 @@ func unmarshal(options map[string]interface{}) (*Config, error) { Concurrency: 512, }, } - if err := json.Unmarshal(contentBytes, config); err != nil { + decodeConfig := &mapstructure.DecoderConfig{ + DecodeHook: mapstructure.StringToTimeDurationHookFunc(), + Result: config, + } + decoder, err := mapstructure.NewDecoder(decodeConfig) + if err != nil { + return nil, err + } + if err = decoder.Decode(options); err != nil { return nil, err } return config, nil diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index 5cb039d7c..0fecafa97 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -191,7 +191,7 @@ bootstrap: key: sz # Global lock # Register as Arctic Star Service polaris_service: - # probe_address: ##DB_ADDR## + probe_address: 127.0.0.1:3306 enable_register: true isolated: false services: @@ -302,15 +302,15 @@ auth: user: name: defaultUserManager option: - # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 - # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] + # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token + # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: name: defaultStrategyManager option: - # 控制台鉴权能力开关,默认开启 + # Console power switch, open default consoleOpen: true - # 客户端鉴权能力开关, 默认关闭 + # Customer inspection ability switch, default close clientOpen: false namespace: # Whether to allow automatic creation of naming space @@ -362,6 +362,14 @@ healthcheck: checkers: - name: heartbeatMemory # - name: heartbeatLeader + # option: + # soltNum: 128 + # streamNum: 128 # default value is runtime.GOMAXPROCS(0) + # batch: + # queueSize: 16384 + # waitTime: 32ms + # maxBatchCount: 64 + # concurrency: 512 # - name: heartbeatRedis # option: # kvAddr: ##REDIS_ADDR## @@ -451,7 +459,7 @@ store: # maxIdleConns: 50 # connMaxLifetime: 300 # Unit second # txIsolationLevel: 2 #LevelReadCommitted -# 插件配置 +# polaris-server plugin settings plugin: crypto: entries: From 381e419bd2ddb720998766cfa40220cea300e754 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 24 May 2023 23:01:09 +0800 Subject: [PATCH 08/37] feat:support rls to push xds client --- .../kubernetes/02-polaris-server-config.yaml | 63 +++++++++++-------- .../cluster/kubernetes/03-polaris-server.yaml | 3 - 2 files changed, 38 insertions(+), 28 deletions(-) diff --git a/release/cluster/kubernetes/02-polaris-server-config.yaml b/release/cluster/kubernetes/02-polaris-server-config.yaml index 447a73f00..14b3a53e3 100644 --- a/release/cluster/kubernetes/02-polaris-server-config.yaml +++ b/release/cluster/kubernetes/02-polaris-server-config.yaml @@ -308,19 +308,28 @@ data: concurrency: 64 checkers: - name: heartbeatMemory - # - name: heartbeatRedis - # option: - # kvAddr: ##REDIS_ADDR## - # # ACL user from redis v6.0, remove it if ACL is not available - # kvUser: ##REDIS_USER# - # kvPasswd: ##REDIS_PWD## - # poolSize: 200 - # minIdleConns: 30 - # idleTimeout: 120s - # connectTimeout: 200ms - # msgTimeout: 200ms - # concurrency: 200 - # withTLS: false + # - name: heartbeatLeader + # option: + # soltNum: 128 + # streamNum: 128 # default value is runtime.GOMAXPROCS(0) + # batch: + # queueSize: 16384 + # waitTime: 32ms + # maxBatchCount: 64 + # concurrency: 512 + # - name: heartbeatRedis + # option: + # kvAddr: ##REDIS_ADDR## + # # ACL user from redis v6.0, remove it if ACL is not available + # kvUser: ##REDIS_USER# + # kvPasswd: ##REDIS_PWD## + # poolSize: 200 + # minIdleConns: 30 + # idleTimeout: 120s + # connectTimeout: 200ms + # msgTimeout: 200ms + # concurrency: 200 + # withTLS: false # 缓存配置 cache: open: true @@ -352,23 +361,27 @@ data: # Clean up long term unhealthy instance - name: DeleteUnHealthyInstance enable: false - # job exec interval. Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". - interval: 24h option: + # Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". instanceDeleteTimeout: 60m # Delete auto-created service without an instance - name: DeleteEmptyAutoCreatedService enable: false - # job exec interval. Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". - interval: 1h option: + # Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". serviceDeleteTimeout: 30m # Clean soft deleted instances - name: CleanDeletedInstances enable: true - # job exec interval. Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". - interval: 24h - + option: + # Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + # instanceCleanTimeout: 10m + # Clean soft deleted clients + - name: CleanDeletedClients + enable: true + option: + # Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + # clientCleanTimeout: 10m # 存储配置 store: # 单机文件存储插件 @@ -414,28 +427,28 @@ data: ip-limit: # ip级限流,全局 open: true # 系统是否开启ip级限流 global: - open: true + open: false bucket: 300 # 最高峰值 rate: 200 # 平均一个IP每秒的请求数 resource-cache-amount: 1024 # 最大缓存的IP个数 white-list: [127.0.0.1] instance-limit: - open: true + open: false global: bucket: 200 - rate: 100 + rate: false resource-cache-amount: 1024 api-limit: # 接口级限流 open: false # 是否开启接口限流,全局开关,只有为true,才代表系统的限流开启。默认关闭 rules: - name: store-read limit: - open: true # 接口的全局配置,如果在api子项中,不配置,则该接口依据global来做限制 + open: false # 接口的全局配置,如果在api子项中,不配置,则该接口依据global来做限制 bucket: 2000 # 令牌桶最大值 rate: 1000 # 每秒产生的令牌数 - name: store-write limit: - open: true + open: false bucket: 1000 rate: 500 apis: diff --git a/release/cluster/kubernetes/03-polaris-server.yaml b/release/cluster/kubernetes/03-polaris-server.yaml index 09b899137..c64617e0a 100644 --- a/release/cluster/kubernetes/03-polaris-server.yaml +++ b/release/cluster/kubernetes/03-polaris-server.yaml @@ -27,9 +27,6 @@ spec: - port: 15010 name: xds-v3 targetPort: 15010 - - port: 9000 - name: prometheus-sd - targetPort: 9000 selector: app: polaris --- From 84de557f3e1377a93941e4416e35864550b98734 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 24 May 2023 23:03:53 +0800 Subject: [PATCH 09/37] feat:support rls to push xds client --- release/conf/polaris-server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index 0fecafa97..a60180749 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -191,7 +191,7 @@ bootstrap: key: sz # Global lock # Register as Arctic Star Service polaris_service: - probe_address: 127.0.0.1:3306 + # probe_address: ##DB_ADDR## enable_register: true isolated: false services: From 1e40505a2465424209c517a0d0a81ec19ee865f3 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 25 May 2023 10:19:14 +0800 Subject: [PATCH 10/37] feat:support rls to push xds client --- bootstrap/self_checker.go | 39 ++++++++++++++++++++++++++-------- cache/default.go | 2 +- cache/instance.go | 4 +++- cache/instance_query.go | 5 ++--- cache/instance_test.go | 2 +- cache/ratelimit_config_test.go | 2 +- cache/service_test.go | 2 +- 7 files changed, 39 insertions(+), 17 deletions(-) diff --git a/bootstrap/self_checker.go b/bootstrap/self_checker.go index e3a3d3eec..991242868 100644 --- a/bootstrap/self_checker.go +++ b/bootstrap/self_checker.go @@ -26,15 +26,17 @@ import ( api "github.com/polarismesh/polaris/common/api/v1" "github.com/polarismesh/polaris/common/log" + "github.com/polarismesh/polaris/service" "github.com/polarismesh/polaris/service/healthcheck" ) type SelfHeathChecker struct { - instances []*apiservice.Instance - interval int - cancel context.CancelFunc - wg *sync.WaitGroup - hcServer *healthcheck.Server + instances []*apiservice.Instance + interval int + cancel context.CancelFunc + wg *sync.WaitGroup + discoverSvr service.DiscoverServer + hcServer *healthcheck.Server } func NewSelfHeathChecker(instances []*apiservice.Instance, interval int) (*SelfHeathChecker, error) { @@ -42,14 +44,19 @@ func NewSelfHeathChecker(instances []*apiservice.Instance, interval int) (*SelfH if nil != err { return nil, err } + discoverSvr, err := service.GetOriginServer() + if nil != err { + return nil, err + } for _, instance := range instances { log.Infof("scheduled check for instance %s:%d", instance.GetHost().GetValue(), instance.GetPort().GetValue()) } return &SelfHeathChecker{ - instances: instances, - interval: interval, - hcServer: hcServer, + instances: instances, + interval: interval, + discoverSvr: discoverSvr, + hcServer: hcServer, }, nil } @@ -69,7 +76,21 @@ func (s *SelfHeathChecker) Start() { case <-ticker.C: for _, instance := range s.instances { rsp := s.hcServer.Report(context.Background(), instance) - if rsp.GetCode().GetValue() != api.ExecuteSuccess { + + switch rsp.GetCode().GetValue() { + case api.ExecuteSuccess: + continue + case api.NotFoundResource: + // 这里可能实例被错误摘除了,这里重新触发一次重注册流程,确保核心流程不受影响 + log.Infof("[Bootstrap] heartbeat not founf instance for %s:%d, code is %d, try re-register", + instance.GetHost().GetValue(), instance.GetPort().GetValue()) + resp := s.discoverSvr.CreateInstances(genContext(), []*apiservice.Instance{instance}) + if resp.GetCode().GetValue() != api.ExecuteSuccess { + log.Errorf("[Bootstrap] re-register fail for %s:%d, code is %d, info %s", + instance.GetHost().GetValue(), instance.GetPort().GetValue(), + resp.GetCode().GetValue(), resp.GetInfo().GetValue()) + } + default: log.Errorf("[Bootstrap] heartbeat fail for %s:%d, code is %d, info %s", instance.GetHost().GetValue(), instance.GetPort().GetValue(), rsp.GetCode().GetValue(), rsp.GetInfo().GetValue()) diff --git a/cache/default.go b/cache/default.go index 63ccc2725..3189acade 100644 --- a/cache/default.go +++ b/cache/default.go @@ -68,7 +68,7 @@ func newCacheManager(ctx context.Context, cacheOpt *Config, storage store.Store) revisions: map[string]string{}, } - ic := newInstanceCache(storage, mgr.comRevisionCh) + ic := newInstanceCache(mgr, storage, mgr.comRevisionCh) sc := newServiceCache(storage, mgr.comRevisionCh, ic) mgr.caches[CacheService] = sc mgr.caches[CacheInstance] = ic diff --git a/cache/instance.go b/cache/instance.go index 7a70a0809..0d0b6fede 100644 --- a/cache/instance.go +++ b/cache/instance.go @@ -68,6 +68,7 @@ type InstanceCache interface { type instanceCache struct { *baseCache + cacheMgr *CacheManager storage store.Store lastMtimeLogged int64 ids *sync.Map // instanceid -> instance @@ -88,8 +89,9 @@ func init() { } // newInstanceCache 新建一个instanceCache -func newInstanceCache(storage store.Store, ch chan *revisionNotify) *instanceCache { +func newInstanceCache(cacheMgr *CacheManager, storage store.Store, ch chan *revisionNotify) *instanceCache { return &instanceCache{ + cacheMgr: cacheMgr, baseCache: newBaseCache(storage), storage: storage, revisionCh: ch, diff --git a/cache/instance_query.go b/cache/instance_query.go index c647dd39f..6ffb63af7 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -75,7 +75,6 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, if err := ic.forceUpdate(); err != nil { return 0, nil, err } - cacheMgr, _ := GetCacheManager() var ( tempInstances = make([]*model.Instance, 0, 32) ) @@ -126,8 +125,8 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, } } - ic.IteratorInstances(func(key string, value *model.Instance) (bool, error) { - svc := cacheMgr.Service().GetServiceByID(value.ServiceID) + _ = ic.IteratorInstances(func(key string, value *model.Instance) (bool, error) { + svc := ic.cacheMgr.Service().GetServiceByID(value.ServiceID) if svc == nil { return true, nil } diff --git a/cache/instance_test.go b/cache/instance_test.go index 29be39979..e1774ae18 100644 --- a/cache/instance_test.go +++ b/cache/instance_test.go @@ -38,7 +38,7 @@ func newTestInstanceCache(t *testing.T) (*gomock.Controller, *mock.MockStore, *i ctl := gomock.NewController(t) storage := mock.NewMockStore(ctl) - ic := newInstanceCache(storage, make(chan *revisionNotify, 1024)) + ic := newInstanceCache(&CacheManager{}, storage, make(chan *revisionNotify, 1024)) storage.EXPECT().GetUnixSecond(gomock.Any()).AnyTimes().Return(time.Now().Unix(), nil) opt := map[string]interface{}{ "disableBusiness": false, diff --git a/cache/ratelimit_config_test.go b/cache/ratelimit_config_test.go index af57e7881..6267021e2 100644 --- a/cache/ratelimit_config_test.go +++ b/cache/ratelimit_config_test.go @@ -43,7 +43,7 @@ func newTestRateLimitCache(t *testing.T) (*gomock.Controller, *mock.MockStore, * storage := mock.NewMockStore(ctl) storage.EXPECT().GetUnixSecond(gomock.Any()).AnyTimes().Return(time.Now().Unix(), nil) notifier := make(chan *revisionNotify, 1024) - ic := newInstanceCache(storage, notifier) + ic := newInstanceCache(&CacheManager{}, storage, notifier) rlc := newRateLimitCache(storage, newServiceCache(storage, notifier, ic)) var opt map[string]interface{} _ = rlc.initialize(opt) diff --git a/cache/service_test.go b/cache/service_test.go index c463ee7ce..d0045989c 100644 --- a/cache/service_test.go +++ b/cache/service_test.go @@ -44,7 +44,7 @@ func newTestServiceCache(t *testing.T) (*gomock.Controller, *mock.MockStore, *se storage := mock.NewMockStore(ctl) storage.EXPECT().GetUnixSecond(gomock.Any()).AnyTimes().Return(time.Now().Unix(), nil) notifier := make(chan *revisionNotify, 1024) - ic := newInstanceCache(storage, notifier) + ic := newInstanceCache(&CacheManager{}, storage, notifier) sc := newServiceCache(storage, notifier, ic) opt := map[string]interface{}{ "disableBusiness": false, From bd5fa218da3c4be1d03a5016d79f94eb8516550f Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 25 May 2023 17:27:06 +0800 Subject: [PATCH 11/37] feat:support rls to push xds client --- .../workflows/integration-testing-mysql.yml | 4 +- .github/workflows/integration-testing.yml | 4 +- apiserver/xdsserverv3/callback.go | 5 +- cache/instance_query.go | 3 +- cache/service.go | 25 ++++++++ go.mod | 22 +++---- go.sum | 56 ++++++++---------- service/instance.go | 59 ++++++++++++++++++- test/integrate/http/instance.go | 2 +- version | 2 +- 10 files changed, 126 insertions(+), 56 deletions(-) diff --git a/.github/workflows/integration-testing-mysql.yml b/.github/workflows/integration-testing-mysql.yml index 88a564e45..211abb58f 100644 --- a/.github/workflows/integration-testing-mysql.yml +++ b/.github/workflows/integration-testing-mysql.yml @@ -131,11 +131,11 @@ jobs: if [[ "$(uname)" == "Darwin" ]]; then # Mac OS X 操作系统 echo "Run on MacOS" - sed -i '' 's/consoleOpen: true/consoleOpen: false/g' conf/polaris-server.yaml + # sed -i '' 's/consoleOpen: true/consoleOpen: false/g' conf/polaris-server.yaml else # GNU/Linux操作系统 echo "Run on Linux" - sed -i 's/consoleOpen: \(true\|false\)/consoleOpen: false/g' conf/polaris-server.yaml + # sed -i 's/consoleOpen: \(true\|false\)/consoleOpen: false/g' conf/polaris-server.yaml fi chmod +x ./tool/*.sh diff --git a/.github/workflows/integration-testing.yml b/.github/workflows/integration-testing.yml index 9f8008761..e59de9fc8 100644 --- a/.github/workflows/integration-testing.yml +++ b/.github/workflows/integration-testing.yml @@ -88,11 +88,11 @@ jobs: if [[ "$(uname)" == "Darwin" ]]; then # Mac OS X 操作系统 echo "Run on MacOS" - sed -i '' 's/consoleOpen: true/consoleOpen: false/g' conf/polaris-server.yaml + # sed -i '' 's/consoleOpen: true/consoleOpen: false/g' conf/polaris-server.yaml else # GNU/Linux操作系统 echo "Run on Linux" - sed -i 's/consoleOpen: \(true\|false\)/consoleOpen: false/g' conf/polaris-server.yaml + # sed -i 's/consoleOpen: \(true\|false\)/consoleOpen: false/g' conf/polaris-server.yaml fi chmod +x ./tool/*.sh diff --git a/apiserver/xdsserverv3/callback.go b/apiserver/xdsserverv3/callback.go index c5441372d..e346ad3b0 100644 --- a/apiserver/xdsserverv3/callback.go +++ b/apiserver/xdsserverv3/callback.go @@ -20,6 +20,7 @@ package xdsserverv3 import ( "context" + corev3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" discovery "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3" "github.com/gogo/protobuf/jsonpb" @@ -42,7 +43,7 @@ func (cb *Callbacks) OnStreamOpen(_ context.Context, id int64, typ string) error return nil } -func (cb *Callbacks) OnStreamClosed(id int64) { +func (cb *Callbacks) OnStreamClosed(id int64, node *corev3.Node) { if cb.log.DebugEnabled() { cb.log.Debugf("stream %d closed", id) } @@ -56,7 +57,7 @@ func (cb *Callbacks) OnDeltaStreamOpen(_ context.Context, id int64, typ string) return nil } -func (cb *Callbacks) OnDeltaStreamClosed(id int64) { +func (cb *Callbacks) OnDeltaStreamClosed(id int64, node *corev3.Node) { if cb.log.DebugEnabled() { cb.log.Debugf("delta stream %d closed", id) } diff --git a/cache/instance_query.go b/cache/instance_query.go index 6ffb63af7..054efef1e 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -125,8 +125,9 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, } } + svcCache := ic.cacheMgr.Service().(*serviceCache) _ = ic.IteratorInstances(func(key string, value *model.Instance) (bool, error) { - svc := ic.cacheMgr.Service().GetServiceByID(value.ServiceID) + svc := svcCache.GetOrLoadServiceByID(value.ServiceID) if svc == nil { return true, nil } diff --git a/cache/service.go b/cache/service.go index 5f9807301..6eb477338 100644 --- a/cache/service.go +++ b/cache/service.go @@ -236,6 +236,31 @@ func (sc *serviceCache) GetServiceByID(id string) *model.Service { return svc } +// GetOrLoadServiceByID 先从缓存获取服务,如果没有的话,再从存储层获取,并设置到 Cache 中 +func (sc *serviceCache) GetOrLoadServiceByID(id string) *model.Service { + if id == "" { + return nil + } + value, ok := sc.ids.Load(id) + if !ok { + _, _, _ = sc.singleFlight.Do(id, func() (interface{}, error) { + svc, err := sc.storage.GetServiceByID(id) + if err == nil && svc != nil { + sc.ids.Store(svc.ID, svc) + } + return svc, err + }) + + value, ok = sc.ids.Load(id) + if !ok { + return nil + } + } + svc := value.(*model.Service) + sc.fillServicePorts(svc) + return svc +} + // GetServiceByName 根据服务名获取服务数据 func (sc *serviceCache) GetServiceByName(name string, namespace string) *model.Service { if name == "" || namespace == "" { diff --git a/go.mod b/go.mod index d2e3a1d60..e960a961c 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/BurntSushi/toml v1.2.0 github.com/boltdb/bolt v1.3.1 github.com/emicklei/go-restful/v3 v3.9.0 - github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1 + github.com/envoyproxy/go-control-plane v0.11.0 github.com/go-openapi/spec v0.20.7 github.com/go-redis/redis/v8 v8.11.5 github.com/go-sql-driver/mysql v1.6.0 @@ -30,18 +30,17 @@ require ( go.uber.org/automaxprocs v1.4.0 go.uber.org/zap v1.23.0 golang.org/x/crypto v0.1.0 - golang.org/x/net v0.2.0 // indirect + golang.org/x/net v0.4.0 // indirect golang.org/x/sync v0.1.0 - golang.org/x/text v0.4.0 + golang.org/x/text v0.5.0 golang.org/x/time v0.1.1-0.20221020023724-80b9fac54d29 - google.golang.org/grpc v1.51.0 + google.golang.org/grpc v1.52.0 google.golang.org/protobuf v1.28.1 gopkg.in/yaml.v2 v2.4.0 ) require ( github.com/ArthurHlt/go-eureka-client v1.1.0 - github.com/google/go-cmp v0.5.8 // indirect github.com/konsorten/go-windows-terminal-sequences v1.0.3 // indirect github.com/sirupsen/logrus v1.6.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect @@ -50,12 +49,12 @@ require ( // Indirect dependencies group require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/census-instrumentation/opencensus-proto v0.3.0 // indirect + github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect - github.com/cncf/xds/go v0.0.0-20211130200136-a8f946100490 // indirect + github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect - github.com/envoyproxy/protoc-gen-validate v0.6.2 // indirect + github.com/envoyproxy/protoc-gen-validate v0.9.1 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/jsonreference v0.20.0 // indirect github.com/go-openapi/swag v0.19.15 // indirect @@ -69,15 +68,16 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_model v0.2.0 // indirect + github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.32.1 // indirect github.com/prometheus/procfs v0.7.3 // indirect github.com/smartystreets/assertions v1.0.1 // indirect github.com/spf13/pflag v1.0.5 // indirect go.uber.org/goleak v1.1.12 // indirect go.uber.org/multierr v1.8.0 // indirect - golang.org/x/sys v0.2.0 // indirect - google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a // indirect + golang.org/x/sys v0.3.0 // indirect + google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6 // indirect + gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index be3c479e2..71b324a4e 100644 --- a/go.sum +++ b/go.sum @@ -69,8 +69,8 @@ github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqO github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4= github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/census-instrumentation/opencensus-proto v0.3.0 h1:t/LhUZLVitR1Ow2YOnduCsavhwFUklBMoGVYUCqmCqk= -github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g= +github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -81,9 +81,8 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211130200136-a8f946100490 h1:KwaoQzs/WeUxxJqiJsZ4euOly1Az/IgZXXSxlD/UBNk= -github.com/cncf/xds/go v0.0.0-20211130200136-a8f946100490/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc h1:PYXxkRUBGUMa5xgMVMDl62vEklZvKpVaxQeN9ie7Hfk= +github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= @@ -102,11 +101,11 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1 h1:xvqufLtNVwAhN8NMyWklVgxnWohi+wtMGQMhtxexlm0= -github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= +github.com/envoyproxy/go-control-plane v0.11.0 h1:jtLewhRR2vMRNnq2ZZUoCjUlgut+Y0+sDDWPOfwOi1o= +github.com/envoyproxy/go-control-plane v0.11.0/go.mod h1:VnHyVMpzcLvCFt9yUz1UnCwHLhwx1WguiVDV7pTG/tI= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v0.6.2 h1:JiO+kJTpmYGjEodY7O1Zk8oZcNz1+f30UtwtXoFUPzE= -github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws= +github.com/envoyproxy/protoc-gen-validate v0.9.1 h1:PS7VIOgmSVhWUEeZwTe7z7zouA22Cr590PzXKbZHOVY= +github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= @@ -186,9 +185,7 @@ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= @@ -240,7 +237,6 @@ github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= @@ -273,7 +269,6 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -335,8 +330,9 @@ github.com/prometheus/client_golang v1.12.2/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrb github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= +github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= @@ -363,7 +359,6 @@ github.com/smartystreets/assertions v1.0.1 h1:voD4ITNjPL5jjBfgR/r8fPIIBrliWrWHei github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM= github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v1.2.1 h1:+KmjbUw1hriSNMF55oPrkZcb27aECyrj8V2ytv7kWDw= @@ -384,8 +379,8 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= -github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -402,7 +397,6 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= @@ -461,7 +455,6 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -502,9 +495,8 @@ golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLd golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.4.0 h1:Q5QPcMlvfxFTAPV0+07Xz/MpK9NTXu2VDUuy0FeMfaU= +golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -582,10 +574,9 @@ golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -596,8 +587,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM= +golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -730,8 +721,8 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a h1:GH6UPn3ixhWcKDhpnEC55S75cerLPdpp3hrhfKYjZgw= -google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= +google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6 h1:a2S6M0+660BgMNl++4JPlcAO/CjkqYItDEZwkoDQK7c= +google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -752,8 +743,8 @@ google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U= -google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= +google.golang.org/grpc v1.52.0 h1:kd48UiU7EHsV4rnLyOJRuP/Il/UHE7gdDAQ+SZI7nZk= +google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -766,7 +757,6 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= diff --git a/service/instance.go b/service/instance.go index c53dd5bf2..021351a35 100644 --- a/service/instance.go +++ b/service/instance.go @@ -767,15 +767,68 @@ func (s *Server) GetInstances(ctx context.Context, query map[string]string) *api apiInstances := make([]*apiservice.Instance, 0, len(instances)) for _, instance := range instances { - // 数据来源于数据库,不需要拷贝一份,直接填充后返回 - s.packCmdb(instance.Proto) - apiInstances = append(apiInstances, instance.Proto) + svc, _ := s.loadServiceByID(instance.ServiceID) + if svc == nil { + continue + } + protoIns := copyOSSInstance(instance.Proto) + protoIns.Service = wrapperspb.String(svc.Name) + protoIns.Namespace = wrapperspb.String(svc.Namespace) + protoIns.ServiceToken = wrapperspb.String(svc.Token) + s.packCmdb(protoIns) + apiInstances = append(apiInstances, protoIns) } out.Instances = apiInstances return out } +var ( + ignoreReturnOSSInstanceMetadata = map[string]struct{}{ + "version": {}, + "protocol": {}, + "region": {}, + "zone": {}, + "campus": {}, + } +) + +func copyOSSInstance(instance *apiservice.Instance) *apiservice.Instance { + copyIns := &apiservice.Instance{ + Id: instance.Id, + Service: instance.Service, + Namespace: instance.Namespace, + VpcId: instance.VpcId, + Host: instance.Host, + Port: instance.Port, + Protocol: instance.Protocol, + Version: instance.Version, + Priority: instance.Priority, + Weight: instance.Weight, + EnableHealthCheck: instance.EnableHealthCheck, + HealthCheck: instance.HealthCheck, + Healthy: instance.Healthy, + Isolate: instance.Isolate, + Location: instance.Location, + LogicSet: instance.LogicSet, + Ctime: instance.Ctime, + Mtime: instance.Mtime, + Revision: instance.Revision, + ServiceToken: instance.ServiceToken, + } + + copym := map[string]string{} + for k, v := range instance.Metadata { + if _, ok := ignoreReturnOSSInstanceMetadata[k]; ok { + continue + } + copym[k] = v + } + + copyIns.Metadata = copym + return copyIns +} + // GetInstanceLabels 获取实例标签列表 func (s *Server) GetInstanceLabels(ctx context.Context, query map[string]string) *apiservice.Response { var ( diff --git a/test/integrate/http/instance.go b/test/integrate/http/instance.go index f9065787c..dc99f2e57 100644 --- a/test/integrate/http/instance.go +++ b/test/integrate/http/instance.go @@ -199,7 +199,7 @@ func (c *Client) GetInstances(instances []*apiservice.Instance) error { for _, item := range items { if correctItem, ok := collection[item.GetId().GetValue()]; ok { if result := compareInstance(correctItem, item); !result { - return fmt.Errorf("invalid instance %v", item.GetId().GetValue()) + return fmt.Errorf("invalid instance %v %v", correctItem, item) } } else { return fmt.Errorf("instance %v not found", item.GetId().GetValue()) diff --git a/version b/version index 07c3efad8..d4ab59cb3 100644 --- a/version +++ b/version @@ -1 +1 @@ -v1.17.0 +v1.17.2 From d1c08629bd843eb596c7c316f3591a58d7d72ec2 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 25 May 2023 22:17:27 +0800 Subject: [PATCH 12/37] feat:support rls to push xds client --- bootstrap/self_checker.go | 2 +- cache/instance_query.go | 60 +++++++++++---------------------------- 2 files changed, 17 insertions(+), 45 deletions(-) diff --git a/bootstrap/self_checker.go b/bootstrap/self_checker.go index 991242868..d6dfc7aea 100644 --- a/bootstrap/self_checker.go +++ b/bootstrap/self_checker.go @@ -83,7 +83,7 @@ func (s *SelfHeathChecker) Start() { case api.NotFoundResource: // 这里可能实例被错误摘除了,这里重新触发一次重注册流程,确保核心流程不受影响 log.Infof("[Bootstrap] heartbeat not founf instance for %s:%d, code is %d, try re-register", - instance.GetHost().GetValue(), instance.GetPort().GetValue()) + instance.GetHost().GetValue(), instance.GetPort().GetValue(), rsp.GetCode().GetValue()) resp := s.discoverSvr.CreateInstances(genContext(), []*apiservice.Instance{instance}) if resp.GetCode().GetValue() != api.ExecuteSuccess { log.Errorf("[Bootstrap] re-register fail for %s:%d, code is %d, info %s", diff --git a/cache/instance_query.go b/cache/instance_query.go index 054efef1e..767bc7aef 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -20,48 +20,12 @@ package cache import ( "sort" "strconv" + "strings" "github.com/polarismesh/polaris/common/model" + "github.com/polarismesh/polaris/common/utils" ) -/** -var ( - // InstanceFilterAttributes 查询实例支持的过滤字段 - InstanceFilterAttributes = map[string]bool{ - "id": true, // 实例ID - "service": true, // 服务name - "namespace": true, // 服务namespace - "host": true, - "port": true, - "keys": true, - "values": true, - "protocol": true, - "version": true, - "health_status": true, - "healthy": true, // health_status, healthy都有,以healthy为准 - "isolate": true, - "weight": true, - "logic_set": true, - "cmdb_region": true, - "cmdb_zone": true, - "cmdb_idc": true, - "priority": true, - "offset": true, - "limit": true, - } - // InsFilter2toreAttr 查询字段转为存储层的属性值,映射表 - InsFilter2toreAttr = map[string]string{ - "service": "name", - "healthy": "health_status", - } - // NotInsFilterAttr 不属于 instance 表属性的字段 - NotInsFilterAttr = map[string]bool{ - "keys": true, - "values": true, - } -) -*/ - // forceUpdate 更新配置 func (ic *instanceCache) forceUpdate() error { if err := ic.update(); err != nil { @@ -83,7 +47,7 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, svcName, hasSvc = filter["service"] namespace, hasNamespace = filter["namespace"] id, hasId = filter["id"] - host, hasHost = filter["host"] + hosts, hasHost = filter["host"] protocol, hasProtocol = filter["protocol"] version, hasVersion = filter["version"] region, hasRegion = filter["cmdb_region"] @@ -94,6 +58,12 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, hasPort, hasWeight, hasHealthStatus, hasIsolate bool ) + hostMap := map[string]struct{}{} + hostItems := strings.Split(hosts, ",") + for i := range hostItems { + hostMap[strings.TrimSpace(hostItems[i])] = struct{}{} + } + if portStr, ok := filter["port"]; ok { if v, err := strconv.ParseUint(portStr, 10, 64); err == nil { port = uint32(v) @@ -131,17 +101,19 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, if svc == nil { return true, nil } - if hasSvc && svc.Name != svcName { + if hasSvc && !utils.IsWildMatch(svc.Name, svcName) { return true, nil } - if hasNamespace && svc.Namespace != namespace { + if hasNamespace && !utils.IsWildMatch(svc.Namespace, namespace) { return true, nil } - if hasId && value.Proto.GetId().GetValue() != id { + if hasId && !utils.IsWildMatch(value.Proto.GetId().GetValue(), id) { return true, nil } - if hasHost && value.Proto.GetHost().GetValue() != host { - return true, nil + if hasHost { + if _, ok := hostMap[value.Proto.GetHost().GetValue()]; !ok { + return true, nil + } } if hasPort && value.Proto.GetPort().GetValue() != port { return true, nil From 04d3635e1ba1a018ea18eb2d6e761f8c676f328e Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Fri, 26 May 2023 09:19:51 +0800 Subject: [PATCH 13/37] feat:support rls to push xds client --- cache/instance_query.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cache/instance_query.go b/cache/instance_query.go index 767bc7aef..2377abb93 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -44,8 +44,8 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, ) var ( - svcName, hasSvc = filter["service"] - namespace, hasNamespace = filter["namespace"] + searchSvcName, hasSvc = filter["service"] + searchNamespace, hasNamespace = filter["namespace"] id, hasId = filter["id"] hosts, hasHost = filter["host"] protocol, hasProtocol = filter["protocol"] @@ -101,10 +101,10 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, if svc == nil { return true, nil } - if hasSvc && !utils.IsWildMatch(svc.Name, svcName) { + if hasSvc && !utils.IsWildMatch(svc.Name, searchSvcName) { return true, nil } - if hasNamespace && !utils.IsWildMatch(svc.Namespace, namespace) { + if hasNamespace && !utils.IsWildMatch(svc.Namespace, searchNamespace) { return true, nil } if hasId && !utils.IsWildMatch(value.Proto.GetId().GetValue(), id) { From bbd0d8b08c6744eb89eb98401c8ba9f1c42bc5cb Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Fri, 26 May 2023 10:37:27 +0800 Subject: [PATCH 14/37] feat:support rls to push xds client --- auth/auth.go | 33 +++++++++++++++++++++--- auth/defaultauth/auth_checker_test.go | 12 ++++----- auth/defaultauth/default.go | 7 ----- auth/defaultauth/strategy_authability.go | 2 +- auth/defaultauth/strategy_test.go | 4 +-- auth/defaultauth/user_authability.go | 2 +- go.mod | 2 -- go.sum | 4 +-- release/conf/polaris-server.yaml | 4 +-- service/default_test.go | 9 +------ service/service_test.go | 14 +--------- 11 files changed, 46 insertions(+), 47 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index e1c5fdf13..9b360693f 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -28,17 +28,43 @@ import ( "github.com/polarismesh/polaris/store" ) +const ( + // DefaultUserMgnPluginName default user server name + DefaultUserMgnPluginName = "defaultUser" + // DefaultStrategyMgnPluginName default strategy server name + DefaultStrategyMgnPluginName = "defaultStrategy" +) + // Config 鉴权能力的相关配置参数 type Config struct { // Name 原AuthServer名称,已废弃 Name string // Option 原AuthServer的option,已废弃 + // Deprecated Option map[string]interface{} - // User UserOperator的相关配置 - User UserConfig `yaml:"user"` + User *UserConfig `yaml:"user"` // Strategy StrategyOperator的相关配置 - Strategy StrategyConfig `yaml:"strategy"` + Strategy *StrategyConfig `yaml:"strategy"` +} + +func (c *Config) setDefault() { + if c.User == nil { + c.User = &UserConfig{ + Name: DefaultUserMgnPluginName, + Option: map[string]interface{}{ + "": nil, + }, + } + } + if c.Strategy == nil { + c.Strategy = &StrategyConfig{ + Name: DefaultStrategyMgnPluginName, + Option: map[string]interface{}{ + "": nil, + }, + } + } } // UserConfig UserOperator的相关配置 @@ -110,6 +136,7 @@ func GetStrategyServer() (StrategyServer, error) { func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error { var err error once.Do(func() { + authOpt.setDefault() err = initialize(ctx, authOpt, storage, cacheMgn) }) diff --git a/auth/defaultauth/auth_checker_test.go b/auth/defaultauth/auth_checker_test.go index 216de3164..c2c3ad9b6 100644 --- a/auth/defaultauth/auth_checker_test.go +++ b/auth/defaultauth/auth_checker_test.go @@ -85,11 +85,11 @@ func Test_defaultAuthChecker_VerifyCredential(t *testing.T) { checker := &defaultAuthChecker{} checker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{}, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "": nil, @@ -1136,11 +1136,11 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) { reset(true) authChecker := &defaultAuthChecker{} err := authChecker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{"salt": "polarismesh@2021"}, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "consoleOpen": true, @@ -1162,11 +1162,11 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) { reset(true) authChecker := &defaultAuthChecker{} err := authChecker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{"salt": "polarismesh@2021"}, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "consoleOpen": true, diff --git a/auth/defaultauth/default.go b/auth/defaultauth/default.go index 3e13bcd31..ec3a430e8 100644 --- a/auth/defaultauth/default.go +++ b/auth/defaultauth/default.go @@ -21,13 +21,6 @@ import ( "github.com/polarismesh/polaris/auth" ) -const ( - // UserMgnPluginName default user server name - UserMgnPluginName = "defaultUserManager" - // StrategyMgnPluginName default strategy server name - StrategyMgnPluginName = "defaultStrategyManager" -) - func init() { _ = auth.RegisterUserServer(&userAuthAbility{}) _ = auth.RegisterStrategyServer(&strategyAuthAbility{}) diff --git a/auth/defaultauth/strategy_authability.go b/auth/defaultauth/strategy_authability.go index 0d126876b..8e974f2b3 100644 --- a/auth/defaultauth/strategy_authability.go +++ b/auth/defaultauth/strategy_authability.go @@ -60,7 +60,7 @@ func (svr *strategyAuthAbility) Initialize(authOpt *auth.Config, storage store.S // Name of the user operator plugin func (svr *strategyAuthAbility) Name() string { - return "defaultStrategyManager" + return auth.DefaultStrategyMgnPluginName } // CreateStrategy creates a new strategy. diff --git a/auth/defaultauth/strategy_test.go b/auth/defaultauth/strategy_test.go index 0810c624d..554b894f6 100644 --- a/auth/defaultauth/strategy_test.go +++ b/auth/defaultauth/strategy_test.go @@ -103,13 +103,13 @@ func newStrategyTest(t *testing.T) *StrategyTest { checker := &defaultAuthChecker{} checker.Initialize(&auth.Config{ - User: auth.UserConfig{ + User: &auth.UserConfig{ Name: "", Option: map[string]interface{}{ "salt": "polarismesh@2021", }, }, - Strategy: auth.StrategyConfig{ + Strategy: &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ "consoleOpen": true, diff --git a/auth/defaultauth/user_authability.go b/auth/defaultauth/user_authability.go index 0b95b7900..fa02341e6 100644 --- a/auth/defaultauth/user_authability.go +++ b/auth/defaultauth/user_authability.go @@ -65,7 +65,7 @@ func (svr *userAuthAbility) Initialize(authOpt *auth.Config, storage store.Store // Name of the user operator plugin func (svr *userAuthAbility) Name() string { - return "defaultUserManager" + return auth.DefaultUserMgnPluginName } // CreateUsers 创建用户,只能由超级账户 or 主账户调用 diff --git a/go.mod b/go.mod index e960a961c..fef90721f 100644 --- a/go.mod +++ b/go.mod @@ -87,6 +87,4 @@ require ( github.com/polarismesh/specification v1.3.2-alpha.2 ) -require gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect - replace gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.2 diff --git a/go.sum b/go.sum index 71b324a4e..2116b2857 100644 --- a/go.sum +++ b/go.sum @@ -379,8 +379,8 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index a60180749..e1f89a41c 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -300,13 +300,13 @@ auth: # auth's option has migrated to auth.user and auth.strategy # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated. user: - name: defaultUserManager + name: defaultUser option: # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # Console power switch, open default consoleOpen: true diff --git a/service/default_test.go b/service/default_test.go index 7e2c9de02..f5a2a4c45 100644 --- a/service/default_test.go +++ b/service/default_test.go @@ -43,14 +43,7 @@ func Test_Initialize(t *testing.T) { s := mock.NewMockStore(ctrl) _, _, err := auth.TestInitialize(context.Background(), &auth.Config{ - User: auth.UserConfig{ - Name: "defaultUserManager", - Option: map[string]interface{}{}, - }, - Strategy: auth.StrategyConfig{ - Name: "defaultStrategyManager", - Option: map[string]interface{}{}, - }, + Option: map[string]interface{}{}, }, s, nil) assert.NoError(t, err) diff --git a/service/service_test.go b/service/service_test.go index c3474acec..6733352cd 100644 --- a/service/service_test.go +++ b/service/service_test.go @@ -1378,19 +1378,7 @@ func TestConcurrencyCreateSameService(t *testing.T) { }, mockStore) assert.NoError(t, err) - userMgn, strategyMgn, err := auth.TestInitialize(ctx, &auth.Config{ - User: auth.UserConfig{ - Name: "defaultUserManager", - Option: map[string]interface{}{}, - }, - Strategy: auth.StrategyConfig{ - Name: "defaultStrategyManager", - Option: map[string]interface{}{ - "clientOpen": false, - "consoleOpen": false, - }, - }, - }, mockStore, cacheMgr) + userMgn, strategyMgn, err := auth.TestInitialize(ctx, &auth.Config{}, mockStore, cacheMgr) assert.NoError(t, err) nsSvr, err = namespace.TestInitialize(ctx, &namespace.Config{ From b400f15e5828b02d431affd4c8d03569218bd2e2 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Fri, 26 May 2023 12:26:25 +0800 Subject: [PATCH 15/37] feat:support rls to push xds client --- auth/auth.go | 31 +++++++--------- auth/testexport.go | 37 +------------------ config/config_file.go | 8 ++-- config/config_file_template.go | 6 +-- config/config_file_test.go | 11 +++--- config/server.go | 15 +++++++- config/utils/utils.go | 11 ++---- release/conf/polaris-server.yaml | 36 ++++++++++++------ .../docker-compose/server/polaris-server.yaml | 4 +- test/data/auth_test.yaml | 4 +- test/data/auth_test_sqldb.yaml | 4 +- test/data/cluster-polaris-server.yaml | 4 +- test/data/config_test.yaml | 4 +- test/data/config_test_sqldb.yaml | 4 +- test/data/eureka_apiserver_test.yaml | 4 +- test/data/eureka_apiserver_test_sqldb.yaml | 4 +- test/data/polaris-server.yaml | 4 +- test/data/service_test.yaml | 4 +- test/data/service_test_sqldb.yaml | 4 +- 19 files changed, 92 insertions(+), 107 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index 9b360693f..a402548bb 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -136,8 +136,7 @@ func GetStrategyServer() (StrategyServer, error) { func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error { var err error once.Do(func() { - authOpt.setDefault() - err = initialize(ctx, authOpt, storage, cacheMgn) + userMgn, strategyMgn, err = initialize(ctx, authOpt, storage, cacheMgn) }) if err != nil { @@ -149,39 +148,35 @@ func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cache } // initialize 包裹了初始化函数,在 Initialize 的时候会在自动调用,全局初始化一次 -func initialize(_ context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error { +func initialize(_ context.Context, authOpt *Config, storage store.Store, + cacheMgn *cache.CacheManager) (UserServer, StrategyServer, error) { + authOpt.setDefault() name := authOpt.User.Name if name == "" { - return errors.New("UserServer Name is empty") + return nil, nil, errors.New("UserServer Name is empty") } namedUserMgn, ok := userMgnSlots[name] if !ok { - return errors.New("no such name UserServer") + return nil, nil, fmt.Errorf("no such UserServer plugin. name(%s)", name) } - - userMgn = namedUserMgn - - if err := userMgn.Initialize(authOpt, storage, cacheMgn); err != nil { + if err := namedUserMgn.Initialize(authOpt, storage, cacheMgn); err != nil { log.Printf("UserServer do initialize err: %s", err.Error()) - return err + return nil, nil, err } name = authOpt.Strategy.Name if name == "" { - return errors.New("StrategyServer Name is empty") + return nil, nil, errors.New("StrategyServer Name is empty") } namedStrategyMgn, ok := strategyMgnSlots[name] if !ok { - return errors.New("no such name StrategyServer") + return nil, nil, fmt.Errorf("no such StrategyServer plugin. name(%s)", name) } - - strategyMgn = namedStrategyMgn - - if err := strategyMgn.Initialize(authOpt, storage, cacheMgn); err != nil { + if err := namedStrategyMgn.Initialize(authOpt, storage, cacheMgn); err != nil { log.Printf("StrategyServer do initialize err: %s", err.Error()) - return err + return nil, nil, err } - return nil + return namedUserMgn, namedStrategyMgn, nil } diff --git a/auth/testexport.go b/auth/testexport.go index 0367dbcbd..05c4a7ed6 100644 --- a/auth/testexport.go +++ b/auth/testexport.go @@ -19,46 +19,13 @@ package auth import ( "context" - "errors" - "log" "github.com/polarismesh/polaris/cache" "github.com/polarismesh/polaris/store" ) // TestInitialize 包裹了初始化函数,在 Initialize 的时候会在自动调用,全局初始化一次 -func TestInitialize(_ context.Context, authOpt *Config, storage store.Store, +func TestInitialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) (UserServer, StrategyServer, error) { - - name := authOpt.User.Name - if name == "" { - return nil, nil, errors.New("user manager Name is empty") - } - namedUserMgn, ok := userMgnSlots[name] - if !ok { - return nil, nil, errors.New("no such name UserServer") - } - userMgn = namedUserMgn - - name = authOpt.Strategy.Name - if name == "" { - return nil, nil, errors.New("strategy manager Name is empty") - } - namedStrategyMgn, ok := strategyMgnSlots[name] - if !ok { - return nil, nil, errors.New("no such name StrategyServer") - } - strategyMgn = namedStrategyMgn - - finishInit = true - - if err := userMgn.Initialize(authOpt, storage, cacheMgn); err != nil { - log.Printf("user manager do initialize err: %s", err.Error()) - return nil, nil, err - } - if err := strategyMgn.Initialize(authOpt, storage, cacheMgn); err != nil { - log.Printf("user manager do initialize err: %s", err.Error()) - return nil, nil, err - } - return userMgn, strategyMgn, nil + return initialize(ctx, authOpt, storage, cacheMgn) } diff --git a/config/config_file.go b/config/config_file.go index 1753fdbe5..c1a43ee91 100644 --- a/config/config_file.go +++ b/config/config_file.go @@ -134,7 +134,7 @@ func (s *Server) prepareCreateConfigFile(ctx context.Context, configFile.Format = utils.NewStringValue(utils.FileFormatText) } - if checkRsp := checkConfigFileParams(configFile, true); checkRsp != nil { + if checkRsp := s.checkConfigFileParams(configFile, true); checkRsp != nil { return checkRsp } @@ -388,7 +388,7 @@ func (s *Server) queryConfigFileWithoutTags(ctx context.Context, namespace, grou // UpdateConfigFile 更新配置文件 func (s *Server) UpdateConfigFile(ctx context.Context, configFile *apiconfig.ConfigFile) *apiconfig.ConfigResponse { - if checkRsp := checkConfigFileParams(configFile, false); checkRsp != nil { + if checkRsp := s.checkConfigFileParams(configFile, false); checkRsp != nil { return checkRsp } @@ -840,7 +840,7 @@ func compressToZIP(files []*model.ConfigFile, return &buf, nil } -func checkConfigFileParams(configFile *apiconfig.ConfigFile, checkFormat bool) *apiconfig.ConfigResponse { +func (s *Server) checkConfigFileParams(configFile *apiconfig.ConfigFile, checkFormat bool) *apiconfig.ConfigResponse { if configFile == nil { return api.NewConfigFileResponse(apimodel.Code_InvalidParameter, configFile) } @@ -853,7 +853,7 @@ func checkConfigFileParams(configFile *apiconfig.ConfigFile, checkFormat bool) * return api.NewConfigFileResponse(apimodel.Code_InvalidNamespaceName, configFile) } - if err := utils2.CheckContentLength(configFile.Content.GetValue()); err != nil { + if err := utils2.CheckContentLength(configFile.Content.GetValue(), int(s.cfg.ContentMaxLength)); err != nil { return api.NewConfigFileResponse(apimodel.Code_InvalidConfigFileContentLength, configFile) } diff --git a/config/config_file_template.go b/config/config_file_template.go index 09db246db..7045c7aaa 100644 --- a/config/config_file_template.go +++ b/config/config_file_template.go @@ -35,7 +35,7 @@ import ( // CreateConfigFileTemplate create config file template func (s *Server) CreateConfigFileTemplate( ctx context.Context, template *apiconfig.ConfigFileTemplate) *apiconfig.ConfigResponse { - if checkRsp := checkConfigFileTemplateParam(template); checkRsp != nil { + if checkRsp := s.checkConfigFileTemplateParam(template); checkRsp != nil { return checkRsp } @@ -142,11 +142,11 @@ func transferConfigFileTemplateAPIModel2StoreModel(template *apiconfig.ConfigFil } } -func checkConfigFileTemplateParam(template *apiconfig.ConfigFileTemplate) *apiconfig.ConfigResponse { +func (s *Server) checkConfigFileTemplateParam(template *apiconfig.ConfigFileTemplate) *apiconfig.ConfigResponse { if err := utils2.CheckFileName(template.GetName()); err != nil { return api.NewConfigFileTemplateResponse(apimodel.Code_InvalidConfigFileTemplateName, template) } - if err := utils2.CheckContentLength(template.Content.GetValue()); err != nil { + if err := utils2.CheckContentLength(template.Content.GetValue(), int(s.cfg.ContentMaxLength)); err != nil { return api.NewConfigFileTemplateResponse(apimodel.Code_InvalidConfigFileContentLength, template) } if len(template.Content.GetValue()) == 0 { diff --git a/config/config_file_test.go b/config/config_file_test.go index 0b4bdf775..3479f9fd7 100644 --- a/config/config_file_test.go +++ b/config/config_file_test.go @@ -29,16 +29,17 @@ import ( . "github.com/agiledragon/gomonkey/v2" "github.com/golang/mock/gomock" "github.com/golang/protobuf/ptypes/wrappers" - api "github.com/polarismesh/polaris/common/api/v1" - "github.com/polarismesh/polaris/common/model" - "github.com/polarismesh/polaris/common/utils" - "github.com/polarismesh/polaris/plugin/crypto/aes" - storemock "github.com/polarismesh/polaris/store/mock" apiconfig "github.com/polarismesh/specification/source/go/api/v1/config_manage" apimodel "github.com/polarismesh/specification/source/go/api/v1/model" . "github.com/smartystreets/goconvey/convey" "github.com/stretchr/testify/assert" "google.golang.org/protobuf/types/known/wrapperspb" + + api "github.com/polarismesh/polaris/common/api/v1" + "github.com/polarismesh/polaris/common/model" + "github.com/polarismesh/polaris/common/utils" + "github.com/polarismesh/polaris/plugin/crypto/aes" + storemock "github.com/polarismesh/polaris/store/mock" ) var ( diff --git a/config/server.go b/config/server.go index f04daf5d0..0afb8c850 100644 --- a/config/server.go +++ b/config/server.go @@ -48,12 +48,15 @@ var ( // Config 配置中心模块启动参数 type Config struct { - Open bool `yaml:"open"` - Cache map[string]interface{} `yaml:"cache"` + Open bool `yaml:"open"` + ContentMaxLength int64 `yaml:""json:"contentMaxLength"` + Cache map[string]interface{} `yaml:"cache"` } // Server 配置中心核心服务 type Server struct { + cfg *Config + storage store.Store fileCache cache.FileCache caches *cache.CacheManager @@ -90,9 +93,17 @@ func Initialize(ctx context.Context, config Config, s store.Store, cacheMgn *cac return nil } +const ( + fileContentMaxLength = 20000 // 文件内容限制为 2w 个字符 +) + func (s *Server) initialize(ctx context.Context, config Config, ss store.Store, namespaceOperator namespace.NamespaceOperateServer, cacheMgn *cache.CacheManager) error { + s.cfg = &config + if s.cfg.ContentMaxLength <= 0 { + s.cfg.ContentMaxLength = fileContentMaxLength + } s.storage = ss s.namespaceOperator = namespaceOperator s.fileCache = cacheMgn.ConfigFile() diff --git a/config/utils/utils.go b/config/utils/utils.go index 5b785b437..aae2dc90d 100644 --- a/config/utils/utils.go +++ b/config/utils/utils.go @@ -27,6 +27,7 @@ import ( "regexp" "strconv" "strings" + "unicode/utf8" "github.com/golang/protobuf/ptypes/wrappers" apiconfig "github.com/polarismesh/specification/source/go/api/v1/config_manage" @@ -36,10 +37,6 @@ import ( "github.com/polarismesh/polaris/common/utils" ) -const ( - fileContentMaxLength = 20000 // 文件内容限制为 2w 个字符 -) - var ( regSourceName = regexp.MustCompile(`^[\dA-Za-z-.:_]+$`) regFileName = regexp.MustCompile(`^[\dA-Za-z-./:_]+$`) @@ -87,9 +84,9 @@ func CalMd5(content string) string { } // CheckContentLength 校验文件内容长度 -func CheckContentLength(content string) error { - if len(content) > fileContentMaxLength { - return fmt.Errorf("content length too long. max length =%d", fileContentMaxLength) +func CheckContentLength(content string, max int) error { + if utf8.RuneCountInString(content) > max { + return fmt.Errorf("content length too long. max length =%d", max) } return nil diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index e1f89a41c..937fd8282 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -361,32 +361,46 @@ healthcheck: concurrency: 64 checkers: - name: heartbeatMemory - # - name: heartbeatLeader + # - name: heartbeatLeader # Heartbeat examination plugin based on the Leader-Follower mechanism # option: + # # Heartbeat Record MAP number of shards # soltNum: 128 - # streamNum: 128 # default value is runtime.GOMAXPROCS(0) + # # The number of GRPC connections used to process heartbeat forward request processing between leader and follower, default value is runtime.GOMAXPROCS(0) + # streamNum: 128 # batch: + # # Heartbeat forwarding processing task cache queue # queueSize: 16384 + # # The maximum waiting time for task batch # waitTime: 32ms - # maxBatchCount: 64 - # concurrency: 512 - # - name: heartbeatRedis + # # The maximum number of heartbeat forwarding tasks of single -batch tasks + # maxBatchCount: 64 + # # Number of workers + # concurrency: 512 + # - name: heartbeatRedis # Heartbeat examination plugin based on redis implementation # option: + # # Redis connection address, EG: 127.0.0.1:6379 # kvAddr: ##REDIS_ADDR## - # # ACL user from redis v6.0, remove it if ACL is not available + # # ACL user from redis v6.0, remove it if ACL is not available # kvUser: ##REDIS_USER# - # kvPasswd: ##REDIS_PWD## - # poolSize: 200 + # # Redis connection password + # kvPasswd: ##REDIS_PWD## + # # Redis connecting pool + # poolSize: 200 + # # Redis free connection to minimum quantity # minIdleConns: 30 + # # Redis connect to the maximum free time # idleTimeout: 120s + # # Redis connection timeout time # connectTimeout: 200ms - # msgTimeout: 200ms - # concurrency: 200 - # withTLS: false + # msgTimeout: 200ms # redis Single request timeout time + # concurrency: 200 # redis Working Council Pool size + # withTLS: false # Whether to turn on TLS, close the default # Configuration center module start configuration config: # Whether to start the configuration module open: true + # Maximum number of number of file characters + contentMaxLength: 20000 # Cache configuration cache: open: true diff --git a/release/standalone/docker-compose/server/polaris-server.yaml b/release/standalone/docker-compose/server/polaris-server.yaml index 79dc9e537..895d261a9 100644 --- a/release/standalone/docker-compose/server/polaris-server.yaml +++ b/release/standalone/docker-compose/server/polaris-server.yaml @@ -261,13 +261,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/auth_test.yaml b/test/data/auth_test.yaml index b83aa59a6..393ac3cb9 100644 --- a/test/data/auth_test.yaml +++ b/test/data/auth_test.yaml @@ -195,13 +195,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/auth_test_sqldb.yaml b/test/data/auth_test_sqldb.yaml index 7fc96e51f..2a770e2c2 100644 --- a/test/data/auth_test_sqldb.yaml +++ b/test/data/auth_test_sqldb.yaml @@ -195,13 +195,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/cluster-polaris-server.yaml b/test/data/cluster-polaris-server.yaml index ccdaa3e65..12164034e 100644 --- a/test/data/cluster-polaris-server.yaml +++ b/test/data/cluster-polaris-server.yaml @@ -288,13 +288,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/config_test.yaml b/test/data/config_test.yaml index 2927c067a..ab3b04cc0 100644 --- a/test/data/config_test.yaml +++ b/test/data/config_test.yaml @@ -201,13 +201,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/config_test_sqldb.yaml b/test/data/config_test_sqldb.yaml index b10da4438..291408424 100644 --- a/test/data/config_test_sqldb.yaml +++ b/test/data/config_test_sqldb.yaml @@ -210,13 +210,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/eureka_apiserver_test.yaml b/test/data/eureka_apiserver_test.yaml index e0bc0b785..3a6ece761 100644 --- a/test/data/eureka_apiserver_test.yaml +++ b/test/data/eureka_apiserver_test.yaml @@ -195,13 +195,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/eureka_apiserver_test_sqldb.yaml b/test/data/eureka_apiserver_test_sqldb.yaml index 676d275be..31f17c6ff 100644 --- a/test/data/eureka_apiserver_test_sqldb.yaml +++ b/test/data/eureka_apiserver_test_sqldb.yaml @@ -196,13 +196,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/polaris-server.yaml b/test/data/polaris-server.yaml index e678937aa..86ef1616f 100644 --- a/test/data/polaris-server.yaml +++ b/test/data/polaris-server.yaml @@ -288,13 +288,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/service_test.yaml b/test/data/service_test.yaml index 8c88a05f7..f44976aa5 100644 --- a/test/data/service_test.yaml +++ b/test/data/service_test.yaml @@ -198,13 +198,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true diff --git a/test/data/service_test_sqldb.yaml b/test/data/service_test_sqldb.yaml index 05bd9bc62..c4cbb7b2f 100644 --- a/test/data/service_test_sqldb.yaml +++ b/test/data/service_test_sqldb.yaml @@ -195,13 +195,13 @@ auth: # auth的option现已迁移至user及strategy # 在auth.option配置依然有效,但是会收到警告,提醒您尽快迁移配置至user及strategy级别下 user: - name: defaultUserManager + name: defaultUser option: # token 加密的 salt,鉴权解析 token 时需要依靠这个 salt 去解密 token 的信息 # salt 的长度需要满足以下任意一个:len(salt) in [16, 24, 32] salt: polarismesh@2021 strategy: - name: defaultStrategyManager + name: defaultStrategy option: # 控制台鉴权能力开关,默认开启 consoleOpen: true From abe05be64ceb300a1c0cdb23ee5b9a74d6de8d2d Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Fri, 26 May 2023 16:47:24 +0800 Subject: [PATCH 16/37] feat:support rls to push xds client --- auth/auth.go | 16 ++---- auth/defaultauth/auth_checker.go | 2 +- auth/defaultauth/auth_checker_test.go | 80 ++++++++++++++------------- release/conf/polaris-server.yaml | 52 ++++++++--------- 4 files changed, 76 insertions(+), 74 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index a402548bb..d237efbc5 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -48,21 +48,17 @@ type Config struct { Strategy *StrategyConfig `yaml:"strategy"` } -func (c *Config) setDefault() { +func (c *Config) SetDefault() { if c.User == nil { c.User = &UserConfig{ - Name: DefaultUserMgnPluginName, - Option: map[string]interface{}{ - "": nil, - }, + Name: DefaultUserMgnPluginName, + Option: map[string]interface{}{}, } } if c.Strategy == nil { c.Strategy = &StrategyConfig{ - Name: DefaultStrategyMgnPluginName, - Option: map[string]interface{}{ - "": nil, - }, + Name: DefaultStrategyMgnPluginName, + Option: map[string]interface{}{}, } } } @@ -150,7 +146,7 @@ func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cache // initialize 包裹了初始化函数,在 Initialize 的时候会在自动调用,全局初始化一次 func initialize(_ context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) (UserServer, StrategyServer, error) { - authOpt.setDefault() + authOpt.SetDefault() name := authOpt.User.Name if name == "" { return nil, nil, errors.New("UserServer Name is empty") diff --git a/auth/defaultauth/auth_checker.go b/auth/defaultauth/auth_checker.go index 91711d914..02655f618 100644 --- a/auth/defaultauth/auth_checker.go +++ b/auth/defaultauth/auth_checker.go @@ -64,7 +64,7 @@ func (d *defaultAuthChecker) Initialize(options *auth.Config, s store.Store, cac if len(options.Strategy.Option) > 0 || len(options.User.Option) > 0 { // 判断auth.option是否还有值,有则不兼容 if len(options.Option) > 0 { - return errors.New("not allow set auth.option when auth.user.option or auth.strategy.option has set") + log.Warn("auth.user.option or auth.strategy.option has set, auth.option will ignore") } strategyContentBytes, err = json.Marshal(options.Strategy.Option) if err != nil { diff --git a/auth/defaultauth/auth_checker_test.go b/auth/defaultauth/auth_checker_test.go index c2c3ad9b6..95aa71ff1 100644 --- a/auth/defaultauth/auth_checker_test.go +++ b/auth/defaultauth/auth_checker_test.go @@ -1114,15 +1114,16 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) { t.Run("使用未迁移至auth.user.option及auth.strategy.option的配置", func(t *testing.T) { reset(true) authChecker := &defaultAuthChecker{} - err := authChecker.Initialize(&auth.Config{ - Name: "", - Option: map[string]interface{}{ - "consoleOpen": true, - "clientOpen": true, - "salt": "polarismesh@2021", - "strict": false, - }, - }, storage, cacheMgn) + cfg := &auth.Config{} + cfg.SetDefault() + cfg.Name = "" + cfg.Option = map[string]interface{}{ + "consoleOpen": true, + "clientOpen": true, + "salt": "polarismesh@2021", + "strict": false, + } + err := authChecker.Initialize(cfg, storage, cacheMgn) assert.NoError(t, err) assert.Equal(t, &AuthConfig{ ConsoleOpen: true, @@ -1135,20 +1136,23 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) { t.Run("使用完全迁移至auth.user.option及auth.strategy.option的配置", func(t *testing.T) { reset(true) authChecker := &defaultAuthChecker{} - err := authChecker.Initialize(&auth.Config{ - User: &auth.UserConfig{ - Name: "", - Option: map[string]interface{}{"salt": "polarismesh@2021"}, - }, - Strategy: &auth.StrategyConfig{ - Name: "", - Option: map[string]interface{}{ - "consoleOpen": true, - "clientOpen": true, - "strict": false, - }, + + cfg := &auth.Config{} + cfg.SetDefault() + cfg.User = &auth.UserConfig{ + Name: "", + Option: map[string]interface{}{"salt": "polarismesh@2021"}, + } + cfg.Strategy = &auth.StrategyConfig{ + Name: "", + Option: map[string]interface{}{ + "consoleOpen": true, + "clientOpen": true, + "strict": false, }, - }, storage, cacheMgn) + } + + err := authChecker.Initialize(cfg, storage, cacheMgn) assert.NoError(t, err) assert.Equal(t, &AuthConfig{ ConsoleOpen: true, @@ -1161,24 +1165,26 @@ func Test_defaultAuthChecker_Initialize(t *testing.T) { t.Run("使用部分迁移至auth.user.option及auth.strategy.option的配置(应当报错)", func(t *testing.T) { reset(true) authChecker := &defaultAuthChecker{} - err := authChecker.Initialize(&auth.Config{ - User: &auth.UserConfig{ - Name: "", - Option: map[string]interface{}{"salt": "polarismesh@2021"}, - }, - Strategy: &auth.StrategyConfig{ - Name: "", - Option: map[string]interface{}{ - "consoleOpen": true, - }, - }, + cfg := &auth.Config{} + cfg.SetDefault() + cfg.Name = "" + cfg.Option = map[string]interface{}{ + "clientOpen": true, + "strict": false, + } + cfg.User = &auth.UserConfig{ + Name: "", + Option: map[string]interface{}{"salt": "polarismesh@2021"}, + } + cfg.Strategy = &auth.StrategyConfig{ Name: "", Option: map[string]interface{}{ - "clientOpen": true, - "strict": false, + "consoleOpen": true, }, - }, storage, cacheMgn) - assert.Error(t, err) + } + + err := authChecker.Initialize(cfg, storage, cacheMgn) + assert.NoError(t, err) }) } diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index 937fd8282..92a72c6f4 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -285,33 +285,33 @@ apiservers: # listenPort: 7779 # clusterName: cl5.discover # Core logic configuration -# auth: -# # Inspection plug -in -# name: defaultAuth -# option: -# # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token -# # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] -# salt: polarismesh@2021 -# # Console power switch, open default -# consoleOpen: true -# # Customer inspection ability switch, default shutdown -# clientOpen: false auth: - # auth's option has migrated to auth.user and auth.strategy - # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated. - user: - name: defaultUser - option: - # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token - # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] - salt: polarismesh@2021 - strategy: - name: defaultStrategy - option: - # Console power switch, open default - consoleOpen: true - # Customer inspection ability switch, default close - clientOpen: false + # Inspection plug -in + name: defaultAuth + option: + # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token + # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] + salt: polarismesh@2021 + # Console power switch, open default + consoleOpen: true + # Customer inspection ability switch, default shutdown + clientOpen: false +# auth: +# # auth's option has migrated to auth.user and auth.strategy +# # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated. +# user: +# name: defaultUser +# option: +# # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token +# # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] +# salt: polarismesh@2021 +# strategy: +# name: defaultStrategy +# option: +# # Console power switch, open default +# consoleOpen: true +# # Customer inspection ability switch, default close +# clientOpen: false namespace: # Whether to allow automatic creation of naming space autoCreate: true From 94ef6aec7a7264d7b0abb32a3eedebe962ffe4f4 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Fri, 26 May 2023 18:22:35 +0800 Subject: [PATCH 17/37] feat:support rls to push xds client --- admin/job/clean_deleted_client.go | 7 ++- admin/job/clean_deleted_instance.go | 7 ++- admin/job/delete_empty_service.go | 36 +++++------ admin/job/delete_empty_service_test.go | 12 ++-- admin/job/job.go | 45 ++++++++----- release/conf/polaris-server.yaml | 87 ++++++++++++++------------ 6 files changed, 108 insertions(+), 86 deletions(-) diff --git a/admin/job/clean_deleted_client.go b/admin/job/clean_deleted_client.go index d944c8072..1d992ba42 100644 --- a/admin/job/clean_deleted_client.go +++ b/admin/job/clean_deleted_client.go @@ -47,13 +47,14 @@ func (job *cleanDeletedClientsJob) init(raw map[string]interface{}) error { log.Errorf("[Maintain][Job][CleanDeletedClients] new config decoder err: %v", err) return err } - err = decoder.Decode(raw) - if err != nil { + if err := decoder.Decode(raw); err != nil { log.Errorf("[Maintain][Job][CleanDeletedClients] parse config err: %v", err) return err } + if cfg.ClientCleanTimeout < 2*time.Minute { + cfg.ClientCleanTimeout = 2 * time.Minute + } job.cfg = cfg - return nil } diff --git a/admin/job/clean_deleted_instance.go b/admin/job/clean_deleted_instance.go index 332bf5d06..e815eae86 100644 --- a/admin/job/clean_deleted_instance.go +++ b/admin/job/clean_deleted_instance.go @@ -47,13 +47,14 @@ func (job *cleanDeletedInstancesJob) init(raw map[string]interface{}) error { log.Errorf("[Maintain][Job][CleanDeletedInstances] new config decoder err: %v", err) return err } - err = decoder.Decode(raw) - if err != nil { + if err = decoder.Decode(raw); err != nil { log.Errorf("[Maintain][Job][CleanDeletedInstances] parse config err: %v", err) return err } + if cfg.InstanceCleanTimeout < 2*time.Minute { + cfg.InstanceCleanTimeout = 2 * time.Minute + } job.cfg = cfg - return nil } diff --git a/admin/job/delete_empty_service.go b/admin/job/delete_empty_service.go index 795279d91..a54544be3 100644 --- a/admin/job/delete_empty_service.go +++ b/admin/job/delete_empty_service.go @@ -31,20 +31,20 @@ import ( "github.com/polarismesh/polaris/store" ) -type DeleteEmptyAutoCreatedServiceJobConfig struct { +type DeleteEmptyServiceJobConfig struct { ServiceDeleteTimeout time.Duration `mapstructure:"serviceDeleteTimeout"` } -type deleteEmptyAutoCreatedServiceJob struct { - cfg *DeleteEmptyAutoCreatedServiceJobConfig +type deleteEmptyServiceJob struct { + cfg *DeleteEmptyServiceJobConfig namingServer service.DiscoverServer cacheMgn *cache.CacheManager storage store.Store emptyServices map[string]time.Time } -func (job *deleteEmptyAutoCreatedServiceJob) init(raw map[string]interface{}) error { - cfg := &DeleteEmptyAutoCreatedServiceJobConfig{ +func (job *deleteEmptyServiceJob) init(raw map[string]interface{}) error { + cfg := &DeleteEmptyServiceJobConfig{ ServiceDeleteTimeout: 30 * time.Minute, } decodeConfig := &mapstructure.DecoderConfig{ @@ -53,12 +53,12 @@ func (job *deleteEmptyAutoCreatedServiceJob) init(raw map[string]interface{}) er } decoder, err := mapstructure.NewDecoder(decodeConfig) if err != nil { - log.Errorf("[Maintain][Job][DeleteEmptyAutoCreatedService] new config decoder err: %v", err) + log.Errorf("[Maintain][Job][DeleteEmptyServiceJob] new config decoder err: %v", err) return err } err = decoder.Decode(raw) if err != nil { - log.Errorf("[Maintain][Job][DeleteEmptyAutoCreatedService] parse config err: %v", err) + log.Errorf("[Maintain][Job][DeleteEmptyServiceJob] parse config err: %v", err) return err } job.cfg = cfg @@ -66,27 +66,27 @@ func (job *deleteEmptyAutoCreatedServiceJob) init(raw map[string]interface{}) er return nil } -func (job *deleteEmptyAutoCreatedServiceJob) execute() { - err := job.deleteEmptyAutoCreatedServices() +func (job *deleteEmptyServiceJob) execute() { + err := job.deleteEmptyServices() if err != nil { - log.Errorf("[Maintain][Job][DeleteEmptyAutoCreatedService] delete empty autocreated services, err: %v", err) + log.Errorf("[Maintain][Job][DeleteEmptyServiceJob] delete empty autocreated services, err: %v", err) } } -func (job *deleteEmptyAutoCreatedServiceJob) interval() time.Duration { +func (job *deleteEmptyServiceJob) interval() time.Duration { return job.cfg.ServiceDeleteTimeout } -func (job *deleteEmptyAutoCreatedServiceJob) clear() { +func (job *deleteEmptyServiceJob) clear() { job.emptyServices = map[string]time.Time{} } -func (job *deleteEmptyAutoCreatedServiceJob) getEmptyAutoCreatedServices() []*model.Service { - services := job.getAllEmptyAutoCreatedServices() +func (job *deleteEmptyServiceJob) getEmptyServices() []*model.Service { + services := job.getAllEmptyServices() return job.filterToDeletedServices(services, time.Now(), job.cfg.ServiceDeleteTimeout) } -func (job *deleteEmptyAutoCreatedServiceJob) getAllEmptyAutoCreatedServices() []*model.Service { +func (job *deleteEmptyServiceJob) getAllEmptyServices() []*model.Service { var res []*model.Service _ = job.cacheMgn.Service().IteratorServices(func(key string, svc *model.Service) (bool, error) { if svc.IsAlias() { @@ -101,7 +101,7 @@ func (job *deleteEmptyAutoCreatedServiceJob) getAllEmptyAutoCreatedServices() [] return res } -func (job *deleteEmptyAutoCreatedServiceJob) filterToDeletedServices(services []*model.Service, +func (job *deleteEmptyServiceJob) filterToDeletedServices(services []*model.Service, now time.Time, timeout time.Duration) []*model.Service { var toDeleteServices []*model.Service m := map[string]time.Time{} @@ -122,8 +122,8 @@ func (job *deleteEmptyAutoCreatedServiceJob) filterToDeletedServices(services [] return toDeleteServices } -func (job *deleteEmptyAutoCreatedServiceJob) deleteEmptyAutoCreatedServices() error { - emptyServices := job.getEmptyAutoCreatedServices() +func (job *deleteEmptyServiceJob) deleteEmptyServices() error { + emptyServices := job.getEmptyServices() deleteBatchSize := 100 for i := 0; i < len(emptyServices); i += deleteBatchSize { diff --git a/admin/job/delete_empty_service_test.go b/admin/job/delete_empty_service_test.go index 958eb6877..93ab91042 100644 --- a/admin/job/delete_empty_service_test.go +++ b/admin/job/delete_empty_service_test.go @@ -30,14 +30,14 @@ func Test_DeleteEmptyAutoCreatedServiceJobConfigInit(t *testing.T) { "serviceDeleteTimeout": "1m", } - job := deleteEmptyAutoCreatedServiceJob{} + job := deleteEmptyServiceJob{} err := job.init(raw) if err != nil { - t.Errorf("init deleteEmptyAutoCreatedServiceJob config, err: %v", err) + t.Errorf("init deleteEmptyServiceJob config, err: %v", err) } if job.cfg.ServiceDeleteTimeout != expectValue { - t.Errorf("init deleteEmptyAutoCreatedServiceJob config. expect: %s, actual: %s", + t.Errorf("init deleteEmptyServiceJob config. expect: %s, actual: %s", expectValue, job.cfg.ServiceDeleteTimeout) } } @@ -47,15 +47,15 @@ func Test_DeleteEmptyAutoCreatedServiceJobConfigInitErr(t *testing.T) { "serviceDeleteTimeout": "xx", } - job := deleteEmptyAutoCreatedServiceJob{} + job := deleteEmptyServiceJob{} err := job.init(raw) if err == nil { - t.Errorf("init deleteEmptyAutoCreatedServiceJob config should err") + t.Errorf("init deleteEmptyServiceJob config should err") } } func Test_FilterToDeletedServices(t *testing.T) { - job := deleteEmptyAutoCreatedServiceJob{} + job := deleteEmptyServiceJob{} t1, _ := time.Parse("2006-01-02 15:04:05", "2023-03-20 12:01:00") t2, _ := time.Parse("2006-01-02 15:04:05", "2023-03-20 12:02:00") job.emptyServices = map[string]time.Time{ diff --git a/admin/job/job.go b/admin/job/job.go index b2317f459..4da4edb01 100644 --- a/admin/job/job.go +++ b/admin/job/job.go @@ -47,7 +47,7 @@ func NewMaintainJobs(namingServer service.DiscoverServer, cacheMgn *cache.CacheM jobs: map[string]maintainJob{ "DeleteUnHealthyInstance": &deleteUnHealthyInstanceJob{ namingServer: namingServer, storage: storage}, - "DeleteEmptyAutoCreatedService": &deleteEmptyAutoCreatedServiceJob{ + "DeleteEmptyService": &deleteEmptyServiceJob{ namingServer: namingServer, cacheMgn: cacheMgn, storage: storage}, "CleanDeletedInstances": &cleanDeletedInstancesJob{ storage: storage}, @@ -68,30 +68,45 @@ func (mj *MaintainJobs) StartMaintianJobs(configs []JobConfig) error { log.Infof("[Maintain][Job] job (%s) not enable", cfg.Name) continue } - job, ok := mj.jobs[cfg.Name] + jobName := parseJobName(cfg.Name) + job, ok := mj.findAdminJob(jobName) if !ok { - return fmt.Errorf("[Maintain][Job] job (%s) not exist", cfg.Name) + return fmt.Errorf("[Maintain][Job] job (%s) not exist", jobName) } - _, ok = mj.startedJobs[cfg.Name] - if ok { - return fmt.Errorf("[Maintain][Job] job (%s) duplicated", cfg.Name) + if _, ok := mj.startedJobs[jobName]; ok { + return fmt.Errorf("[Maintain][Job] job (%s) duplicated", jobName) } - err := job.init(cfg.Option) - if err != nil { - log.Errorf("[Maintain][Job] job (%s) fail to init, err: %v", cfg.Name, err) - return fmt.Errorf("[Maintain][Job] job (%s) fail to init", cfg.Name) + if err := job.init(cfg.Option); err != nil { + log.Errorf("[Maintain][Job] job (%s) fail to init, err: %v", jobName, err) + return fmt.Errorf("[Maintain][Job] job (%s) fail to init", jobName) } - err = mj.storage.StartLeaderElection(store.ElectionKeyMaintainJobPrefix + cfg.Name) - if err != nil { - log.Errorf("[Maintain][Job][%s] start leader election err: %v", cfg.Name, err) + if err := mj.storage.StartLeaderElection(store.ElectionKeyMaintainJobPrefix + jobName); err != nil { + log.Errorf("[Maintain][Job][%s] start leader election err: %v", jobName, err) return err } - runAdminJob(ctx, cfg.Name, job.interval(), job, mj.storage) - mj.startedJobs[cfg.Name] = job + runAdminJob(ctx, jobName, job.interval(), job, mj.storage) + mj.startedJobs[jobName] = job } return nil } +func parseJobName(name string) string { + // 兼容老配置 + if name == "DeleteEmptyAutoCreatedService" { + name = "DeleteEmptyService" + } + return name +} + +func (mj *MaintainJobs) findAdminJob(name string) (maintainJob, bool) { + job, ok := mj.jobs[name] + if !ok { + return nil, false + } + + return job, true +} + // StopMaintainJobs func (mj *MaintainJobs) StopMaintainJobs() { if mj.cancel != nil { diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index 92a72c6f4..3223e7047 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -191,6 +191,7 @@ bootstrap: key: sz # Global lock # Register as Arctic Star Service polaris_service: + # Obtain the IP of the VM or POD where Polaris is located by making a TCP connection with the probe_adreess address # probe_address: ##DB_ADDR## enable_register: true isolated: false @@ -217,11 +218,13 @@ apiservers: whiteList: 127.0.0.1 purgeCounterInterval: 10s purgeCounterExpired: 5s - - name: api-http # Agreement name, the only global situation + - name: api-http option: listenIP: "0.0.0.0" listenPort: 8090 - enablePprof: true # debug pprof + # debug pprof switch + enablePprof: true + # swagger docs switch enableSwagger: true connLimit: openConnLimit: false @@ -286,32 +289,21 @@ apiservers: # clusterName: cl5.discover # Core logic configuration auth: - # Inspection plug -in - name: defaultAuth - option: - # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token - # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] - salt: polarismesh@2021 - # Console power switch, open default - consoleOpen: true - # Customer inspection ability switch, default shutdown - clientOpen: false -# auth: -# # auth's option has migrated to auth.user and auth.strategy -# # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated. -# user: -# name: defaultUser -# option: -# # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token -# # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] -# salt: polarismesh@2021 -# strategy: -# name: defaultStrategy -# option: -# # Console power switch, open default -# consoleOpen: true -# # Customer inspection ability switch, default close -# clientOpen: false + # auth's option has migrated to auth.user and auth.strategy + # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated. + user: + name: defaultUser + option: + # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token + # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] + salt: polarismesh@2021 + strategy: + name: defaultStrategy + option: + # Console power switch, open default + consoleOpen: true + # Customer inspection ability switch, default close + clientOpen: false namespace: # Whether to allow automatic creation of naming space autoCreate: true @@ -419,7 +411,8 @@ cache: - name: users # Load user and user group data - name: strategyRule # Loading the rules of appraisal - name: namespace # Load the naming space data - - name: client # Load Client-SDK instance data + # Load Client-SDK instance data + - name: client - name: configFile option: # Configuration file cache expires time, unit S @@ -496,7 +489,8 @@ plugin: discoverStatis: name: discoverLocal option: - interval: 60 # Statistical interval, the unit is second + # Statistical interval, the unit is second + interval: 60 statis: entries: - name: local @@ -506,14 +500,20 @@ plugin: ratelimit: name: token-bucket option: - remote-conf: false # Whether to use remote configuration - ip-limit: # IP -level current, global - open: false # Whether the system opens IP -level current limit + # Whether to use remote configuration + remote-conf: false + # IP -level current, global + ip-limit: + # Whether the system opens IP -level current limit + open: false global: open: false - bucket: 300 # Maximum peak - rate: 200 # The average number of requests per second of IP - resource-cache-amount: 1024 # Number of IP of the maximum cache + # Maximum peak + bucket: 300 + # The average number of requests per second of IP + rate: 200 + # Number of IP of the maximum cache + resource-cache-amount: 1024 white-list: [127.0.0.1] instance-limit: open: false @@ -521,14 +521,19 @@ plugin: bucket: 200 rate: 100 resource-cache-amount: 1024 - api-limit: # Interface-level current limit - open: false # Whether to turn on the interface restriction and global switch, only for TRUE can it represent the flow restriction on the system.By default + # Interface-level ratelimit limit + api-limit: + # Whether to turn on the interface restriction and global switch, only for TRUE can it represent the flow restriction on the system.By default + open: false rules: - name: store-read limit: - open: false # The global configuration of the interface, if in the API sub -item, is not configured, the interface will be limited according to Global - bucket: 2000 # The maximum value of token barrels - rate: 1000 # The number of token generated per second + # The global configuration of the interface, if in the API sub -item, is not configured, the interface will be limited according to Global + open: false + # The maximum value of token barrels + bucket: 2000 + # The number of token generated per second + rate: 1000 - name: store-write limit: open: false From 11d2a79199d4f35e496858500cae771a07632216 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Fri, 26 May 2023 20:51:12 +0800 Subject: [PATCH 18/37] feat:support rls to push xds client --- auth/auth.go | 3 +-- auth/testexport.go | 8 +++++++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index d237efbc5..9848e3a8f 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -138,8 +138,6 @@ func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cache if err != nil { return err } - - finishInit = true return nil } @@ -174,5 +172,6 @@ func initialize(_ context.Context, authOpt *Config, storage store.Store, log.Printf("StrategyServer do initialize err: %s", err.Error()) return nil, nil, err } + finishInit = true return namedUserMgn, namedStrategyMgn, nil } diff --git a/auth/testexport.go b/auth/testexport.go index 05c4a7ed6..719fc4452 100644 --- a/auth/testexport.go +++ b/auth/testexport.go @@ -27,5 +27,11 @@ import ( // TestInitialize 包裹了初始化函数,在 Initialize 的时候会在自动调用,全局初始化一次 func TestInitialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) (UserServer, StrategyServer, error) { - return initialize(ctx, authOpt, storage, cacheMgn) + userSvr, strategySvr, err := initialize(ctx, authOpt, storage, cacheMgn) + if err != nil { + return nil, nil, err + } + userMgn = userSvr + strategyMgn = strategySvr + return userSvr, strategySvr, nil } From bf76e444607e00f6acc1abe7a6cacb60b0fefa8c Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Sat, 27 May 2023 00:13:39 +0800 Subject: [PATCH 19/37] feat:support rls to push xds client --- service/instance.go | 17 -------- service/instance_test.go | 94 ++++++++++++++++++++++++++++++---------- 2 files changed, 72 insertions(+), 39 deletions(-) diff --git a/service/instance.go b/service/instance.go index 021351a35..c2b724460 100644 --- a/service/instance.go +++ b/service/instance.go @@ -1197,23 +1197,6 @@ func preGetInstances(query map[string]string) (map[string]string, map[string]str delete(query, "health_status") } - // bool2Str := func(key string) { - // val, ok := query[key] - // if !ok { - // return - // } - // if val == "true" { - // query[key] = "1" - // } else if val == "false" { - // query[key] = "0" - // } - // } - - // // 处理一下两个bool值的字段 - // bool2Str("health_status") - // bool2Str("healthy") - // bool2Str("isolate") - filters := make(map[string]string) for key, value := range query { if _, ok := InstanceFilterAttributes[key]; !ok { diff --git a/service/instance_test.go b/service/instance_test.go index 1bd9dd228..5e20bf01a 100644 --- a/service/instance_test.go +++ b/service/instance_test.go @@ -739,17 +739,6 @@ func TestListInstances(t *testing.T) { // 测试list实例列表 func TestListInstances1(t *testing.T) { - - discoverSuit := &DiscoverTestSuit{} - if err := discoverSuit.Initialize(); err != nil { - t.Fatal(err) - } - defer discoverSuit.Destroy() - - // 先任意找几个实例字段过滤 - _, serviceResp := discoverSuit.createCommonService(t, 800) - defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) - checkAmountAndSize := func(t *testing.T, resp *apiservice.BatchQueryResponse, expect int, size int) { if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -763,6 +752,15 @@ func TestListInstances1(t *testing.T) { } t.Run("list实例,使用service和namespace过滤", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) total := 102 for i := 0; i < total; i++ { _, instanceResp := discoverSuit.createCommonInstance(t, serviceResp, i+2) @@ -780,6 +778,15 @@ func TestListInstances1(t *testing.T) { }) t.Run("list实例,先删除实例,再查询会过滤删除的", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) total := 50 for i := 0; i < total; i++ { _, instanceResp := discoverSuit.createCommonInstance(t, serviceResp, i+2) @@ -798,6 +805,15 @@ func TestListInstances1(t *testing.T) { }) t.Run("true和false测试", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) _, instanceResp := discoverSuit.createCommonInstance(t, serviceResp, 10) defer discoverSuit.cleanInstance(instanceResp.GetId().GetValue()) @@ -831,6 +847,15 @@ func TestListInstances1(t *testing.T) { checkAmountAndSize(t, discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query), 0, 0) }) t.Run("metadata条件测试", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) _, instanceResp1 := discoverSuit.createCommonInstance(t, serviceResp, 10) defer discoverSuit.cleanInstance(instanceResp1.GetId().GetValue()) _, instanceResp2 := discoverSuit.createCommonInstance(t, serviceResp, 20) @@ -861,6 +886,15 @@ func TestListInstances1(t *testing.T) { checkAmountAndSize(t, discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query), 0, 0) }) t.Run("metadata只有key或者value,返回错误", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) query := map[string]string{ "service": serviceResp.GetName().GetValue(), "namespace": serviceResp.GetNamespace().GetValue(), @@ -884,17 +918,6 @@ func TestListInstances1(t *testing.T) { // 测试list实例列表 func TestListInstances2(t *testing.T) { - - discoverSuit := &DiscoverTestSuit{} - if err := discoverSuit.Initialize(); err != nil { - t.Fatal(err) - } - defer discoverSuit.Destroy() - - // 先任意找几个实例字段过滤 - _, serviceResp := discoverSuit.createCommonService(t, 800) - defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) - checkAmountAndSize := func(t *testing.T, resp *apiservice.BatchQueryResponse, expect int, size int) { if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -908,6 +931,15 @@ func TestListInstances2(t *testing.T) { } t.Run("list实例,使用namespace,可以进行模糊匹配过滤", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) _, instanceResp := discoverSuit.createCommonInstance(t, serviceResp, 1001) defer discoverSuit.cleanInstance(instanceResp.GetId().GetValue()) query := map[string]string{ @@ -922,6 +954,15 @@ func TestListInstances2(t *testing.T) { }) t.Run("list实例,使用namespace,可以进行前缀匹配过滤", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) _, instanceResp := discoverSuit.createCommonInstance(t, serviceResp, 1002) defer discoverSuit.cleanInstance(instanceResp.GetId().GetValue()) query := map[string]string{ @@ -946,6 +987,15 @@ func TestListInstances2(t *testing.T) { }) t.Run("list实例,使用namespace,service可选", func(t *testing.T) { + discoverSuit := &DiscoverTestSuit{} + if err := discoverSuit.Initialize(); err != nil { + t.Fatal(err) + } + defer discoverSuit.Destroy() + + // 先任意找几个实例字段过滤 + _, serviceResp := discoverSuit.createCommonService(t, 800) + defer discoverSuit.cleanServiceName(serviceResp.GetName().GetValue(), serviceResp.GetNamespace().GetValue()) _, instanceResp := discoverSuit.createCommonInstance(t, serviceResp, 1003) defer discoverSuit.cleanInstance(instanceResp.GetId().GetValue()) query := map[string]string{ From 2c8165de6f5efdc73fab56304e09f36f5125371b Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Sat, 27 May 2023 23:48:35 +0800 Subject: [PATCH 20/37] feat:support rls to push xds client --- apiserver/xdsserverv3/gateway.go | 66 ++++++++- apiserver/xdsserverv3/server.go | 87 ++++++++++++ apiserver/xdsserverv3/server_test.go | 53 ------- apiserver/xdsserverv3/sidecar.go | 199 +++++++++++++++++---------- service/instance_test.go | 71 +++++++++- 5 files changed, 346 insertions(+), 130 deletions(-) diff --git a/apiserver/xdsserverv3/gateway.go b/apiserver/xdsserverv3/gateway.go index 80ea3c7fa..b676d83b0 100644 --- a/apiserver/xdsserverv3/gateway.go +++ b/apiserver/xdsserverv3/gateway.go @@ -31,6 +31,8 @@ import ( "github.com/golang/protobuf/ptypes/wrappers" apimodel "github.com/polarismesh/specification/source/go/api/v1/model" "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" + apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" + "google.golang.org/protobuf/types/known/anypb" "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" @@ -181,6 +183,21 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r }, }, } + + pathInfo := route.GetMatch().GetPathSeparatedPrefix() + if pathInfo == "" { + pathInfo = route.GetMatch().GetSafeRegex().GetRegex() + } + + limits, typedPerFilterConfig, err := x.makeGatewayLocalRateLimit(pathInfo, model.ServiceKey{ + Namespace: callerNamespace, + Name: callerService, + }) + if err == nil { + route.TypedPerFilterConfig = typedPerFilterConfig + route.GetRoute().RateLimits = limits + } + routes = append(routes, route) } }) @@ -208,8 +225,8 @@ func buildGatewayRouteMatch(routeMatch *route.RouteMatch, source *traffic_manage argument := source.GetArguments()[i] if argument.Type == traffic_manage.SourceMatch_PATH { if argument.Value.Type == apimodel.MatchString_EXACT { - routeMatch.PathSpecifier = &route.RouteMatch_Path{ - Path: argument.GetValue().GetValue().GetValue()} + routeMatch.PathSpecifier = &route.RouteMatch_PathSeparatedPrefix{ + PathSeparatedPrefix: argument.GetValue().GetValue().GetValue()} } else if argument.Value.Type == apimodel.MatchString_REGEX { routeMatch.PathSpecifier = &route.RouteMatch_SafeRegex{SafeRegex: &v32.RegexMatcher{ Regex: argument.GetValue().GetValue().GetValue()}} @@ -236,3 +253,48 @@ func isMatchGatewaySource(source *traffic_manage.SourceService, service, namespa matchService = source.Service == service && source.Namespace == namespace return existPathLabel && matchService } + +func (x *XDSServer) makeGatewayLocalRateLimit(pathSpecifier string, svcKey model.ServiceKey) ([]*route.RateLimit, + map[string]*anypb.Any, error) { + ratelimitGetter := x.RatelimitConfigGetter + if ratelimitGetter == nil { + ratelimitGetter = x.namingServer.Cache().RateLimit().GetRateLimitRules + } + conf, _ := ratelimitGetter(svcKey) + if conf == nil { + return nil, nil, nil + } + rateLimitConf := buildRateLimitConf() + filters := make(map[string]*anypb.Any) + ratelimits := make([]*route.RateLimit, 0, len(conf)) + for _, c := range conf { + rule := c.Proto + if rule == nil { + continue + } + // 跳过全局限流配置 + if rule.GetType() == apitraffic.Rule_GLOBAL || rule.GetDisable().GetValue() { + continue + } + if rule.GetMethod().GetValue().GetValue() != pathSpecifier { + continue + } + actions, descriptors := buildLocalRateLimitDescriptors(rule) + headerValueMatch := buildRateLimitActionHeaderValueMatch(":path", rule.GetMethod()) + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_HeaderValueMatch_{ + HeaderValueMatch: headerValueMatch, + }, + }) + rateLimitConf.Descriptors = descriptors + if rule.AmountMode == apitraffic.Rule_GLOBAL_TOTAL { + rateLimitConf.LocalRateLimitPerDownstreamConnection = true + } + ratelimits = append(ratelimits, &route.RateLimit{ + Actions: actions, + }) + break + } + + return ratelimits, filters, nil +} diff --git a/apiserver/xdsserverv3/server.go b/apiserver/xdsserverv3/server.go index ff33812e7..5c5f60399 100644 --- a/apiserver/xdsserverv3/server.go +++ b/apiserver/xdsserverv3/server.go @@ -26,6 +26,9 @@ import ( core "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" route "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" + envoy_extensions_common_ratelimit_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/common/ratelimit/v3" + ratelimitv32 "github.com/envoyproxy/go-control-plane/envoy/extensions/common/ratelimit/v3" + lrl "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/local_ratelimit/v3" clusterservice "github.com/envoyproxy/go-control-plane/envoy/service/cluster/v3" discoverygrpc "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3" endpointservice "github.com/envoyproxy/go-control-plane/envoy/service/endpoint/v3" @@ -34,6 +37,7 @@ import ( runtimeservice "github.com/envoyproxy/go-control-plane/envoy/service/runtime/v3" secretservice "github.com/envoyproxy/go-control-plane/envoy/service/secret/v3" v32 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" + envoy_type_v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3" cachev3 "github.com/envoyproxy/go-control-plane/pkg/cache/v3" serverv3 "github.com/envoyproxy/go-control-plane/pkg/server/v3" _struct "github.com/golang/protobuf/ptypes/struct" @@ -41,8 +45,10 @@ import ( apimodel "github.com/polarismesh/specification/source/go/api/v1/model" apiservice "github.com/polarismesh/specification/source/go/api/v1/service_manage" "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" + apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" "go.uber.org/atomic" "google.golang.org/grpc" + "google.golang.org/protobuf/types/known/wrapperspb" "github.com/polarismesh/polaris/apiserver" "github.com/polarismesh/polaris/cache" @@ -523,3 +529,84 @@ func buildWeightClustersV2(destinations []*traffic_manage.DestinationGroup) *rou Clusters: weightedClusters, } } + +func buildRateLimitConf() *lrl.LocalRateLimit { + rateLimitConf := &lrl.LocalRateLimit{ + StatPrefix: "http_local_rate_limiter", + FilterEnabled: &core.RuntimeFractionalPercent{ + RuntimeKey: "local_rate_limit_enabled", + DefaultValue: &envoy_type_v3.FractionalPercent{ + Numerator: uint32(100), + Denominator: envoy_type_v3.FractionalPercent_HUNDRED, + }, + }, + FilterEnforced: &core.RuntimeFractionalPercent{ + RuntimeKey: "local_rate_limit_enforced", + DefaultValue: &envoy_type_v3.FractionalPercent{ + Numerator: uint32(100), + Denominator: envoy_type_v3.FractionalPercent_HUNDRED, + }, + }, + ResponseHeadersToAdd: []*core.HeaderValueOption{ + { + Header: &core.HeaderValue{ + Key: "x-local-rate-limit", + Value: "true", + }, + Append: wrapperspb.Bool(true), + }, + }, + } + return rateLimitConf +} + +func buildLocalRateLimitDescriptors(rule *traffic_manage.Rule) ([]*route.RateLimit_Action, []*ratelimitv32.LocalRateLimitDescriptor) { + actions := make([]*route.RateLimit_Action, 0, 8) + descriptors := make([]*ratelimitv32.LocalRateLimitDescriptor, 0, 8) + for _, amount := range rule.Amounts { + descriptor := &envoy_extensions_common_ratelimit_v3.LocalRateLimitDescriptor{ + TokenBucket: &envoy_type_v3.TokenBucket{ + MaxTokens: amount.MaxAmount.Value, + FillInterval: amount.ValidDuration, + }, + } + entries := make([]*envoy_extensions_common_ratelimit_v3.RateLimitDescriptor_Entry, 0, len(rule.Labels)) + arguments := rule.GetArguments() + + for i := range arguments { + arg := arguments[i] + switch arg.Type { + case apitraffic.MatchArgument_HEADER: + headerValueMatch := buildRateLimitActionHeaderValueMatch(arg.Key, arg.Value) + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_HeaderValueMatch_{ + HeaderValueMatch: headerValueMatch, + }, + }) + case apitraffic.MatchArgument_QUERY: + queryParameterValueMatch := buildRateLimitActionQueryParameterValueMatch(arg.Key, arg.Value) + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_QueryParameterValueMatch_{ + QueryParameterValueMatch: queryParameterValueMatch, + }, + }) + case apitraffic.MatchArgument_METHOD: + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_RequestHeaders_{ + RequestHeaders: &route.RateLimit_Action_RequestHeaders{ + HeaderName: ":method", + DescriptorKey: arg.Key, + }, + }, + }) + entries = append(entries, &envoy_extensions_common_ratelimit_v3.RateLimitDescriptor_Entry{ + Key: arg.Key, + Value: arg.GetValue().GetValue().GetValue(), + }) + } + } + descriptor.Entries = entries + descriptors = append(descriptors, descriptor) + } + return actions, descriptors +} diff --git a/apiserver/xdsserverv3/server_test.go b/apiserver/xdsserverv3/server_test.go index fdcf7e1aa..2091912ce 100644 --- a/apiserver/xdsserverv3/server_test.go +++ b/apiserver/xdsserverv3/server_test.go @@ -22,7 +22,6 @@ import ( _ "embed" "encoding/json" "os" - "reflect" "testing" "time" @@ -164,58 +163,6 @@ func generateLocalRateLimitRule() ([]*model.RateLimit, map[string]*anypb.Any) { return rateLimits, expectRes } -func Test_makeLocalRateLimit(t *testing.T) { - localRateLimitStr, want1 := generateLocalRateLimitRule() - globalRateLimitStr, want2 := generateGlobalRateLimitRule() - type args struct { - svc *ServiceInfo - } - mockXds := &XDSServer{ - RatelimitConfigGetter: func(key model.ServiceKey) ([]*model.RateLimit, string) { - if key.Name == "mock_local" { - return localRateLimitStr, "" - } - return globalRateLimitStr, "" - }, - } - tests := []struct { - name string - args args - want map[string]*anypb.Any - }{ - { - "make local rate limit for local rate limit config", - args{ - &ServiceInfo{ - ID: "mock_local", - Name: "mock_local", - }, - }, - want1, - }, - { - "make local rate limit for global rate limit config", - args{ - &ServiceInfo{ - ID: "mock_global", - Name: "mock_global", - }, - }, - want2, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if got := mockXds.makeLocalRateLimit(model.ServiceKey{ - Namespace: tt.args.svc.Namespace, - Name: tt.args.svc.Name, - }); !reflect.DeepEqual(got, tt.want) { - t.Errorf("makeLocalRateLimit() = %v, want %v", got, tt.want) - } - }) - } -} - func TestParseNodeID(t *testing.T) { testTable := []struct { NodeID string diff --git a/apiserver/xdsserverv3/sidecar.go b/apiserver/xdsserverv3/sidecar.go index 82284fb6d..10c6ac0b1 100644 --- a/apiserver/xdsserverv3/sidecar.go +++ b/apiserver/xdsserverv3/sidecar.go @@ -28,10 +28,7 @@ import ( core "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" endpoint "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3" route "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" - envoy_extensions_common_ratelimit_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/common/ratelimit/v3" - lrl "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/local_ratelimit/v3" v32 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" - envoy_type_v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3" "github.com/envoyproxy/go-control-plane/pkg/cache/types" cachev3 "github.com/envoyproxy/go-control-plane/pkg/cache/v3" resource "github.com/envoyproxy/go-control-plane/pkg/resource/v3" @@ -44,6 +41,7 @@ import ( "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" "google.golang.org/protobuf/types/known/anypb" + "google.golang.org/protobuf/types/known/wrapperspb" "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" @@ -144,91 +142,136 @@ func buildSidecarRouteMatch(routeMatch *route.RouteMatch, source *traffic_manage buildCommonRouteMatch(routeMatch, source) } -func (x *XDSServer) makeLocalRateLimit(svcKey model.ServiceKey) map[string]*anypb.Any { +func (x *XDSServer) makeSidecarLocalRateLimit(svcKey model.ServiceKey) ([]*route.RateLimit, + map[string]*anypb.Any, error) { ratelimitGetter := x.RatelimitConfigGetter if ratelimitGetter == nil { ratelimitGetter = x.namingServer.Cache().RateLimit().GetRateLimitRules } conf, _ := ratelimitGetter(svcKey) + if conf == nil { + return nil, nil, nil + } + rateLimitConf := buildRateLimitConf() filters := make(map[string]*anypb.Any) - if conf != nil { - rateLimitConf := &lrl.LocalRateLimit{ - StatPrefix: "http_local_rate_limiter", - // TokenBucket: &envoy_type_v3.TokenBucket{ - // MaxTokens: rule.Amounts[0].MaxAmount.Value, - // FillInterval: rule.Amounts[0].ValidDuration, - // }, + ratelimits := make([]*route.RateLimit, 0, len(conf)) + for _, c := range conf { + rule := c.Proto + if rule == nil { + continue + } + // 跳过全局限流配置 + if rule.GetType() == apitraffic.Rule_GLOBAL || rule.GetDisable().GetValue() { + continue + } + + actions, descriptors := buildLocalRateLimitDescriptors(rule) + if rule.GetMethod().GetValue().GetValue() != "" { + headerValueMatch := buildRateLimitActionHeaderValueMatch(":path", rule.GetMethod()) + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_HeaderValueMatch_{ + HeaderValueMatch: headerValueMatch, + }, + }) } - rateLimitConf.FilterEnabled = &core.RuntimeFractionalPercent{ - RuntimeKey: "local_rate_limit_enabled", - DefaultValue: &envoy_type_v3.FractionalPercent{ - Numerator: uint32(100), - Denominator: envoy_type_v3.FractionalPercent_HUNDRED, + rateLimitConf.Descriptors = descriptors + if rule.AmountMode == apitraffic.Rule_GLOBAL_TOTAL { + rateLimitConf.LocalRateLimitPerDownstreamConnection = true + } + ratelimits = append(ratelimits, &route.RateLimit{ + Actions: actions, + }) + } + if len(rateLimitConf.Descriptors) == 0 { + return nil, nil, nil + } + pbst, err := ptypes.MarshalAny(rateLimitConf) + if err != nil { + return nil, nil, err + } + filters["envoy.filters.http.local_ratelimit"] = pbst + return ratelimits, filters, err +} + +func buildRateLimitActionQueryParameterValueMatch(key string, + value *apimodel.MatchString) *route.RateLimit_Action_QueryParameterValueMatch { + queryParameterValueMatch := &route.RateLimit_Action_QueryParameterValueMatch{ + DescriptorKey: key, + DescriptorValue: "true", + ExpectMatch: wrapperspb.Bool(true), + QueryParameters: []*route.QueryParameterMatcher{}, + } + switch value.GetType() { + case apimodel.MatchString_EXACT: + queryParameterValueMatch.QueryParameters = []*route.QueryParameterMatcher{ + { + Name: key, + QueryParameterMatchSpecifier: &route.QueryParameterMatcher_StringMatch{ + StringMatch: &v32.StringMatcher{ + MatchPattern: &v32.StringMatcher_Exact{ + Exact: value.GetValue().GetValue(), + }, + }, + }, }, } - rateLimitConf.FilterEnforced = &core.RuntimeFractionalPercent{ - RuntimeKey: "local_rate_limit_enforced", - DefaultValue: &envoy_type_v3.FractionalPercent{ - Numerator: uint32(100), - Denominator: envoy_type_v3.FractionalPercent_HUNDRED, + case apimodel.MatchString_REGEX: + queryParameterValueMatch.QueryParameters = []*route.QueryParameterMatcher{ + { + Name: key, + QueryParameterMatchSpecifier: &route.QueryParameterMatcher_StringMatch{ + StringMatch: &v32.StringMatcher{ + MatchPattern: &v32.StringMatcher_SafeRegex{ + SafeRegex: &v32.RegexMatcher{ + EngineType: &v32.RegexMatcher_GoogleRe2{}, + Regex: value.GetValue().GetValue(), + }, + }, + }, + }, }, } - for _, c := range conf { - rlRule := c.Rule - rlLabels := c.Labels - if rlRule == "" { - continue - } - rule := new(apitraffic.Rule) - if err := json.Unmarshal([]byte(rlRule), rule); err != nil { - log.Errorf("unmarshal local rate limit rule error,%v", err) - continue - } - if len(rlRule) > 0 { - if err := json.Unmarshal([]byte(rlLabels), &rule.Labels); err != nil { - log.Errorf("unmarshal local rate limit labels error,%v", err) - } - } + } - // 跳过全局限流配置 - if rule.Type == apitraffic.Rule_GLOBAL || rule.Disable.Value { - continue - } + return queryParameterValueMatch +} - for _, amount := range rule.Amounts { - descriptor := &envoy_extensions_common_ratelimit_v3.LocalRateLimitDescriptor{ - TokenBucket: &envoy_type_v3.TokenBucket{ - MaxTokens: amount.MaxAmount.Value, - FillInterval: amount.ValidDuration, +func buildRateLimitActionHeaderValueMatch(key string, + value *apimodel.MatchString) *route.RateLimit_Action_HeaderValueMatch { + headerValueMatch := &route.RateLimit_Action_HeaderValueMatch{ + DescriptorValue: "true", + ExpectMatch: wrapperspb.Bool(true), + Headers: []*route.HeaderMatcher{}, + } + switch value.GetType() { + case apimodel.MatchString_EXACT, apimodel.MatchString_NOT_EQUALS: + headerValueMatch.Headers = []*route.HeaderMatcher{ + { + Name: key, + InvertMatch: value.GetType() == apimodel.MatchString_NOT_EQUALS, + HeaderMatchSpecifier: &route.HeaderMatcher_StringMatch{ + StringMatch: &v32.StringMatcher{ + MatchPattern: &v32.StringMatcher_Exact{ + Exact: value.GetValue().GetValue(), + }, }, - } - entries := make([]*envoy_extensions_common_ratelimit_v3.RateLimitDescriptor_Entry, len(rule.Labels)) - pos := 0 - for k, v := range rule.Labels { - entries[pos] = &envoy_extensions_common_ratelimit_v3.RateLimitDescriptor_Entry{ - Key: k, - Value: v.Value.Value, - } - pos++ - } - descriptor.Entries = entries - rateLimitConf.Descriptors = append(rateLimitConf.Descriptors, descriptor) - } - if rule.AmountMode == apitraffic.Rule_GLOBAL_TOTAL { - rateLimitConf.LocalRateLimitPerDownstreamConnection = true - } - } - if len(rateLimitConf.Descriptors) == 0 { - return nil + }, + }, } - pbst, err := ptypes.MarshalAny(rateLimitConf) - if err != nil { - panic(err) + case apimodel.MatchString_REGEX: + headerValueMatch.Headers = []*route.HeaderMatcher{ + { + Name: key, + HeaderMatchSpecifier: &route.HeaderMatcher_SafeRegexMatch{ + SafeRegexMatch: &v32.RegexMatcher{ + EngineType: &v32.RegexMatcher_GoogleRe2{}, + Regex: value.GetValue().GetValue(), + }, + }, + }, } - filters["envoy.filters.http.local_ratelimit"] = pbst - return filters } - return nil + return headerValueMatch } type ( @@ -248,7 +291,7 @@ func (x *XDSServer) makeSidecarVirtualHosts(services []*ServiceInfo) []types.Res vHost := &route.VirtualHost{ Name: serviceInfo.Name, Domains: generateServiceDomains(serviceInfo), - Routes: makeSidecarRoutes(serviceInfo), + Routes: x.makeSidecarRoutes(serviceInfo), } hosts = append(hosts, vHost) } @@ -431,7 +474,7 @@ func makeEndpoints(services []*ServiceInfo) []types.Resource { } // makeSidecarRoutes . -func makeSidecarRoutes(serviceInfo *ServiceInfo) []*route.Route { +func (x *XDSServer) makeSidecarRoutes(serviceInfo *ServiceInfo) []*route.Route { var ( routes []*route.Route matchAllRoute *route.Route @@ -471,6 +514,7 @@ func makeSidecarRoutes(serviceInfo *ServiceInfo) []*route.Route { buildSidecarRouteMatch(routeMatch, source) } } + currentRoute := &route.Route{ Match: routeMatch, Action: &route.Route_Route{ @@ -481,6 +525,15 @@ func makeSidecarRoutes(serviceInfo *ServiceInfo) []*route.Route { }, }, } + limits, typedPerFilterConfig, err := x.makeSidecarLocalRateLimit(model.ServiceKey{ + Namespace: serviceInfo.Namespace, + Name: serviceInfo.Name, + }) + if err == nil { + currentRoute.TypedPerFilterConfig = typedPerFilterConfig + currentRoute.GetRoute().RateLimits = limits + } + if matchAll { matchAllRoute = currentRoute } else { diff --git a/service/instance_test.go b/service/instance_test.go index 5e20bf01a..f4394b139 100644 --- a/service/instance_test.go +++ b/service/instance_test.go @@ -111,7 +111,8 @@ func TestCreateInstance(t *testing.T) { if resp.Responses[0].Instance.GetId().GetValue() == "" { t.Fatalf("error: %+v", resp) } - + // 强制先update一次,规避上一次的数据查询结果 + discoverSuit.DiscoverServer().Cache().TestUpdate() discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{}) }) @@ -156,7 +157,8 @@ func TestCreateInstance(t *testing.T) { if !respSuccess(resp) { t.Fatalf("error: %+v", resp) } - _ = discoverSuit.DiscoverServer().Cache().TestUpdate() + // 强制先update一次,规避上一次的数据查询结果 + discoverSuit.DiscoverServer().Cache().TestUpdate() getResp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{"host": instanceReq.GetHost().GetValue()}) assert.True(t, getResp.GetCode().GetValue() == api.ExecuteSuccess) t.Logf("%+v", getResp) @@ -384,6 +386,8 @@ func TestGetInstancesById(t *testing.T) { } t.Run("根据精准匹配ID进行获取实例", func(t *testing.T) { instId := fmt.Sprintf("%s%d", idPrefix, 0) + // 强制先update一次,规避上一次的数据查询结果 + discoverSuit.DiscoverServer().Cache().TestUpdate() out := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{"id": instId}) assert.True(t, respSuccess(out)) assert.Equal(t, 1, len(out.GetInstances())) @@ -396,6 +400,8 @@ func TestGetInstancesById(t *testing.T) { }) t.Run("根据前缀匹配ID进行获取实例", func(t *testing.T) { instId := fmt.Sprintf("%s%s", idPrefix, "*") + // 强制先update一次,规避上一次的数据查询结果 + discoverSuit.DiscoverServer().Cache().TestUpdate() out := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{"id": instId}) assert.True(t, respSuccess(out)) assert.Equal(t, prefixCount, len(out.GetInstances())) @@ -407,6 +413,8 @@ func TestGetInstancesById(t *testing.T) { }) t.Run("根据后缀匹配ID进行获取实例", func(t *testing.T) { instId := fmt.Sprintf("%s%s", "*", idSuffix) + // 强制先update一次,规避上一次的数据查询结果 + discoverSuit.DiscoverServer().Cache().TestUpdate() out := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{"id": instId}) assert.True(t, respSuccess(out)) assert.Equal(t, suffixCount, len(out.GetInstances())) @@ -641,6 +649,9 @@ func TestListInstances(t *testing.T) { query := map[string]string{"offset": "0", "limit": "100"} query["host"] = instanceReq.GetHost().GetValue() query["port"] = strconv.FormatUint(uint64(instanceReq.GetPort().GetValue()), 10) + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -670,6 +681,9 @@ func TestListInstances(t *testing.T) { // host 不存在,查不出任何实例 query := map[string]string{"offset": "10", "limit": "20", "host": "127.0.0.1"} + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -678,6 +692,9 @@ func TestListInstances(t *testing.T) { // 不带条件查询 query = map[string]string{"offset": "10", "limit": "20"} + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp = discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -703,6 +720,9 @@ func TestListInstances(t *testing.T) { }() query := map[string]string{"offset": "0", "limit": "200"} + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -727,6 +747,9 @@ func TestListInstances(t *testing.T) { host := instance.GetHost().GetValue() port := strconv.FormatUint(uint64(instance.GetPort().GetValue()), 10) query := map[string]string{"limit": "20", "host": host, "port": port} + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -773,6 +796,8 @@ func TestListInstances1(t *testing.T) { "namespace": serviceResp.GetNamespace().GetValue(), } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) checkAmountAndSize(t, resp, total, 100) }) @@ -800,6 +825,9 @@ func TestListInstances1(t *testing.T) { "service": serviceResp.GetName().GetValue(), "namespace": serviceResp.GetNamespace().GetValue(), } + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) checkAmountAndSize(t, resp, total/2, total/2) @@ -823,6 +851,9 @@ func TestListInstances1(t *testing.T) { "isolate": "false", "healthy": "false", } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() + checkAmountAndSize(t, discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query), 1, 1) query["isolate"] = "true" @@ -867,6 +898,9 @@ func TestListInstances1(t *testing.T) { "keys": "internal-personal-xxx", "values": "internal-personal-xxx_10", } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() + checkAmountAndSize(t, discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query), 1, 1) // 使用共同的元数据查询,返回两个实例 query = map[string]string{ @@ -900,6 +934,9 @@ func TestListInstances1(t *testing.T) { "namespace": serviceResp.GetNamespace().GetValue(), "keys": "internal-personal-xxx", } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() + resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if resp.GetCode().GetValue() != api.InvalidQueryInsParameter { t.Fatalf("resp is %v, not InvalidQueryInsParameter", resp) @@ -949,6 +986,10 @@ func TestListInstances2(t *testing.T) { "keys": "my-meta-a1", "values": "1111", } + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() + resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) checkAmountAndSize(t, resp, 1, 1) }) @@ -972,6 +1013,9 @@ func TestListInstances2(t *testing.T) { "keys": "my-meta-a1", "values": "1111", } + + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) checkAmountAndSize(t, resp, 1, 1) @@ -1005,6 +1049,8 @@ func TestListInstances2(t *testing.T) { "keys": "my-meta-a1", "values": "1111", } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) checkAmountAndSize(t, resp, 1, 1) @@ -1062,6 +1108,8 @@ func TestInstancesContainLocation(t *testing.T) { } defer discoverSuit.cleanInstance(resp.Responses[0].GetInstance().GetId().GetValue()) + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() getResp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{ "service": instance.GetService().GetValue(), "namespace": instance.GetNamespace().GetValue(), }) @@ -1129,6 +1177,8 @@ func TestUpdateInstance(t *testing.T) { "host": instanceReq.GetHost().GetValue(), "port": strconv.FormatUint(uint64(instanceReq.GetPort().GetValue()), 10), } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -1254,6 +1304,8 @@ func TestUpdateIsolate(t *testing.T) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() // 检查隔离状态和revision是否改变 for i := 0; i < instanceNum/portNum; i++ { filter := map[string]string{ @@ -1418,6 +1470,8 @@ func TestUpdateHealthCheck(t *testing.T) { "host": req.GetHost().GetValue(), "port": strconv.FormatUint(uint64(req.GetPort().GetValue()), 10), } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -1504,6 +1558,8 @@ func TestDeleteInstance(t *testing.T) { getInstance := func(t *testing.T, s *apiservice.Service, expect int) []*apiservice.Instance { filters := map[string]string{"service": s.GetName().GetValue(), "namespace": s.GetNamespace().GetValue()} + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() getResp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, filters) if !respSuccess(getResp) { t.Fatalf("error") @@ -1713,6 +1769,8 @@ func TestBatchDeleteInstances(t *testing.T) { } else { t.Logf("%+v", out) } + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() resps := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{ "service": service.GetName().GetValue(), "namespace": service.GetNamespace().GetValue(), @@ -1967,6 +2025,8 @@ func TestUpdateInstancesFiled(t *testing.T) { instanceReq.EnableHealthCheck = utils.NewBoolValue(false) So(discoverSuit.DiscoverServer().UpdateInstances(discoverSuit.DefaultCtx, []*apiservice.Instance{instanceReq}).GetCode().GetValue(), ShouldEqual, api.ExecuteSuccess) + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() newInstanceResp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{ "service": serviceResp.GetName().GetValue(), "namespace": serviceResp.GetNamespace().GetValue(), @@ -2005,6 +2065,8 @@ func TestUpdateInstancesFiled(t *testing.T) { instanceReq.LogicSet.Value = "new-logic-set-1" So(discoverSuit.DiscoverServer().UpdateInstances(discoverSuit.DefaultCtx, []*apiservice.Instance{instanceReq}).GetCode().GetValue(), ShouldEqual, api.ExecuteSuccess) + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() newInstanceResp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, map[string]string{ "service": serviceResp.GetName().GetValue(), "namespace": serviceResp.GetNamespace().GetValue(), @@ -2020,6 +2082,8 @@ func (d *DiscoverTestSuit) getInstancesWithService(t *testing.T, name string, na "service": name, "namespace": namespace, } + // 强制先update一次,规避上一次的数据查询结果 + _ = d.DiscoverServer().Cache().TestUpdate() resp := d.DiscoverServer().GetInstances(d.DefaultCtx, query) if !respSuccess(resp) { t.Fatalf("error: %s", resp.GetInfo().GetValue()) @@ -2168,6 +2232,9 @@ func TestCheckInstanceParam(t *testing.T) { instanceReq, instanceResp := discoverSuit.createCommonInstance(t, serviceResp, 153) defer discoverSuit.cleanInstance(instanceResp.GetId().GetValue()) + // 强制先update一次,规避上一次的数据查询结果 + _ = discoverSuit.DiscoverServer().Cache().TestUpdate() + t.Run("都不传", func(t *testing.T) { resp := discoverSuit.DiscoverServer().GetInstances(discoverSuit.DefaultCtx, make(map[string]string)) if resp.Code.Value != api.EmptyQueryParameter { From 86a98c32c24d331d5fbb0ea72ba67898ae280d97 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 10:20:49 +0800 Subject: [PATCH 21/37] feat:support rls to push xds client --- apiserver/xdsserverv3/gateway.go | 36 ++-- apiserver/xdsserverv3/listener.go | 21 ++- apiserver/xdsserverv3/server.go | 71 ++++++-- apiserver/xdsserverv3/sidecar.go | 6 +- cache/instance.go | 9 +- cache/instance_query.go | 166 ++++++++++++------ cache/log.go | 7 +- cache/ratelimit_config.go | 2 + common/model/routing.go | 9 + .../helm/templates/config-polaris-server.yaml | 10 +- 10 files changed, 239 insertions(+), 98 deletions(-) diff --git a/apiserver/xdsserverv3/gateway.go b/apiserver/xdsserverv3/gateway.go index b676d83b0..2b532b6ce 100644 --- a/apiserver/xdsserverv3/gateway.go +++ b/apiserver/xdsserverv3/gateway.go @@ -28,6 +28,7 @@ import ( "github.com/envoyproxy/go-control-plane/pkg/cache/types" cachev3 "github.com/envoyproxy/go-control-plane/pkg/cache/v3" resource "github.com/envoyproxy/go-control-plane/pkg/resource/v3" + "github.com/golang/protobuf/ptypes" "github.com/golang/protobuf/ptypes/wrappers" apimodel "github.com/polarismesh/specification/source/go/api/v1/model" "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" @@ -149,6 +150,7 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r matchNamespace bool findGatewaySource bool ) + for _, dest := range subRule.GetDestinations() { if dest.Namespace == namespace && dest.Service != utils.MatchAll { matchNamespace = true @@ -184,7 +186,7 @@ func (x *XDSServer) makeGatewayRoutes(namespace string, xdsNode *XDSClient) []*r }, } - pathInfo := route.GetMatch().GetPathSeparatedPrefix() + pathInfo := route.GetMatch().GetPath() if pathInfo == "" { pathInfo = route.GetMatch().GetSafeRegex().GetRegex() } @@ -225,11 +227,15 @@ func buildGatewayRouteMatch(routeMatch *route.RouteMatch, source *traffic_manage argument := source.GetArguments()[i] if argument.Type == traffic_manage.SourceMatch_PATH { if argument.Value.Type == apimodel.MatchString_EXACT { - routeMatch.PathSpecifier = &route.RouteMatch_PathSeparatedPrefix{ - PathSeparatedPrefix: argument.GetValue().GetValue().GetValue()} + routeMatch.PathSpecifier = &route.RouteMatch_Path{ + Path: argument.GetValue().GetValue().GetValue(), + } } else if argument.Value.Type == apimodel.MatchString_REGEX { - routeMatch.PathSpecifier = &route.RouteMatch_SafeRegex{SafeRegex: &v32.RegexMatcher{ - Regex: argument.GetValue().GetValue().GetValue()}} + routeMatch.PathSpecifier = &route.RouteMatch_SafeRegex{ + SafeRegex: &v32.RegexMatcher{ + Regex: argument.GetValue().GetValue().GetValue(), + }, + } } } } @@ -264,7 +270,7 @@ func (x *XDSServer) makeGatewayLocalRateLimit(pathSpecifier string, svcKey model if conf == nil { return nil, nil, nil } - rateLimitConf := buildRateLimitConf() + rateLimitConf := buildRateLimitConf(fmt.Sprintf("gateway_%s_%s_%s", svcKey.Namespace, svcKey.Name, pathSpecifier)) filters := make(map[string]*anypb.Any) ratelimits := make([]*route.RateLimit, 0, len(conf)) for _, c := range conf { @@ -280,21 +286,19 @@ func (x *XDSServer) makeGatewayLocalRateLimit(pathSpecifier string, svcKey model continue } actions, descriptors := buildLocalRateLimitDescriptors(rule) - headerValueMatch := buildRateLimitActionHeaderValueMatch(":path", rule.GetMethod()) - actions = append(actions, &route.RateLimit_Action{ - ActionSpecifier: &route.RateLimit_Action_HeaderValueMatch_{ - HeaderValueMatch: headerValueMatch, - }, - }) rateLimitConf.Descriptors = descriptors - if rule.AmountMode == apitraffic.Rule_GLOBAL_TOTAL { - rateLimitConf.LocalRateLimitPerDownstreamConnection = true - } ratelimits = append(ratelimits, &route.RateLimit{ Actions: actions, }) break } - + if len(ratelimits) == 0 { + return nil, nil, nil + } + pbst, err := ptypes.MarshalAny(rateLimitConf) + if err != nil { + return nil, nil, err + } + filters["envoy.filters.http.local_ratelimit"] = pbst return ratelimits, filters, nil } diff --git a/apiserver/xdsserverv3/listener.go b/apiserver/xdsserverv3/listener.go index 560d63d3f..678bbc42a 100644 --- a/apiserver/xdsserverv3/listener.go +++ b/apiserver/xdsserverv3/listener.go @@ -20,6 +20,7 @@ package xdsserverv3 import ( core "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" listener "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" + lrl "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/local_ratelimit/v3" hcm "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" tcp "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/tcp_proxy/v3" "github.com/envoyproxy/go-control-plane/pkg/cache/types" @@ -43,11 +44,25 @@ func makeListeners() []types.Resource { RouteConfigName: "polaris-router", }, }, - HttpFilters: []*hcm.HttpFilter{{ - Name: wellknown.Router, - }}, + HttpFilters: []*hcm.HttpFilter{}, } + ratelimit := lrl.LocalRateLimit{ + StatPrefix: "http_local_rate_limiter", + } + limitPb, err := ptypes.MarshalAny(&ratelimit) + if err == nil { + manager.HttpFilters = append(manager.HttpFilters, &hcm.HttpFilter{ + Name: "envoy.filters.http.local_ratelimit", + ConfigType: &hcm.HttpFilter_TypedConfig{ + TypedConfig: limitPb, + }, + }) + } + manager.HttpFilters = append(manager.HttpFilters, &hcm.HttpFilter{ + Name: wellknown.Router, + }) + pbst, err := ptypes.MarshalAny(manager) if err != nil { panic(err) diff --git a/apiserver/xdsserverv3/server.go b/apiserver/xdsserverv3/server.go index 5c5f60399..78dca42b5 100644 --- a/apiserver/xdsserverv3/server.go +++ b/apiserver/xdsserverv3/server.go @@ -20,6 +20,7 @@ package xdsserverv3 import ( "context" "fmt" + "math" "net" "strings" "time" @@ -38,6 +39,7 @@ import ( secretservice "github.com/envoyproxy/go-control-plane/envoy/service/secret/v3" v32 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" envoy_type_v3 "github.com/envoyproxy/go-control-plane/envoy/type/v3" + typev3 "github.com/envoyproxy/go-control-plane/envoy/type/v3" cachev3 "github.com/envoyproxy/go-control-plane/pkg/cache/v3" serverv3 "github.com/envoyproxy/go-control-plane/pkg/server/v3" _struct "github.com/golang/protobuf/ptypes/struct" @@ -48,6 +50,7 @@ import ( apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" "go.uber.org/atomic" "google.golang.org/grpc" + "google.golang.org/protobuf/types/known/durationpb" "google.golang.org/protobuf/types/known/wrapperspb" "github.com/polarismesh/polaris/apiserver" @@ -502,16 +505,23 @@ func buildWeightClustersV2(destinations []*traffic_manage.DestinationGroup) *rou // 使用 destinations 生成 weightedClusters。makeClusters() 也使用这个字段生成对应的 subset for _, destination := range destinations { + if destination.GetWeight() == 0 { + continue + } fields := make(map[string]*_struct.Value) for k, v := range destination.GetLabels() { + if k == utils.MatchAll && v.GetValue().GetValue() == utils.MatchAll { + // 重置 cluster 的匹配规则 + fields = make(map[string]*_struct.Value) + break + } fields[k] = &_struct.Value{ Kind: &_struct.Value_StringValue{ StringValue: v.Value.Value, }, } } - - weightedClusters = append(weightedClusters, &route.WeightedCluster_ClusterWeight{ + cluster := &route.WeightedCluster_ClusterWeight{ Name: destination.Service, Weight: utils.NewUInt32Value(destination.GetWeight()), MetadataMatch: &core.Metadata{ @@ -521,7 +531,11 @@ func buildWeightClustersV2(destinations []*traffic_manage.DestinationGroup) *rou }, }, }, - }) + } + if len(fields) == 0 { + cluster.MetadataMatch = nil + } + weightedClusters = append(weightedClusters, cluster) totalWeight += destination.Weight } return &route.WeightedCluster{ @@ -530,18 +544,25 @@ func buildWeightClustersV2(destinations []*traffic_manage.DestinationGroup) *rou } } -func buildRateLimitConf() *lrl.LocalRateLimit { +func buildRateLimitConf(prefix string) *lrl.LocalRateLimit { rateLimitConf := &lrl.LocalRateLimit{ - StatPrefix: "http_local_rate_limiter", + StatPrefix: prefix, + // 默认全局限流没限制,由于 envoy 这里必须设置一个 TokenBucket,因此这里只能设置一个认为不可能达到的一个 TPS 进行实现不限流 + // TPS = 4294967295/s + TokenBucket: &typev3.TokenBucket{ + MaxTokens: math.MaxUint32, + TokensPerFill: wrapperspb.UInt32(math.MaxUint32), + FillInterval: durationpb.New(time.Second), + }, FilterEnabled: &core.RuntimeFractionalPercent{ - RuntimeKey: "local_rate_limit_enabled", + RuntimeKey: prefix + "_local_rate_limit_enabled", DefaultValue: &envoy_type_v3.FractionalPercent{ Numerator: uint32(100), Denominator: envoy_type_v3.FractionalPercent_HUNDRED, }, }, FilterEnforced: &core.RuntimeFractionalPercent{ - RuntimeKey: "local_rate_limit_enforced", + RuntimeKey: prefix + "_local_rate_limit_enforced", DefaultValue: &envoy_type_v3.FractionalPercent{ Numerator: uint32(100), Denominator: envoy_type_v3.FractionalPercent_HUNDRED, @@ -553,24 +574,38 @@ func buildRateLimitConf() *lrl.LocalRateLimit { Key: "x-local-rate-limit", Value: "true", }, - Append: wrapperspb.Bool(true), + Append: wrapperspb.Bool(false), }, }, + LocalRateLimitPerDownstreamConnection: true, } return rateLimitConf } -func buildLocalRateLimitDescriptors(rule *traffic_manage.Rule) ([]*route.RateLimit_Action, []*ratelimitv32.LocalRateLimitDescriptor) { +func buildLocalRateLimitDescriptors(rule *traffic_manage.Rule) ([]*route.RateLimit_Action, + []*ratelimitv32.LocalRateLimitDescriptor) { actions := make([]*route.RateLimit_Action, 0, 8) descriptors := make([]*ratelimitv32.LocalRateLimitDescriptor, 0, 8) for _, amount := range rule.Amounts { descriptor := &envoy_extensions_common_ratelimit_v3.LocalRateLimitDescriptor{ TokenBucket: &envoy_type_v3.TokenBucket{ - MaxTokens: amount.MaxAmount.Value, - FillInterval: amount.ValidDuration, + MaxTokens: amount.GetMaxAmount().GetValue(), + TokensPerFill: wrapperspb.UInt32(amount.GetMaxAmount().GetValue()), + FillInterval: amount.GetValidDuration(), }, } entries := make([]*envoy_extensions_common_ratelimit_v3.RateLimitDescriptor_Entry, 0, len(rule.Labels)) + if len(rule.GetMethod().GetValue().GetValue()) != 0 { + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_HeaderValueMatch_{ + HeaderValueMatch: buildRateLimitActionHeaderValueMatch(":path", rule.GetMethod()), + }, + }) + entries = append(entries, &ratelimitv32.RateLimitDescriptor_Entry{ + Key: "header_match", + Value: rule.GetMethod().GetValue().GetValue(), + }) + } arguments := rule.GetArguments() for i := range arguments { @@ -583,6 +618,10 @@ func buildLocalRateLimitDescriptors(rule *traffic_manage.Rule) ([]*route.RateLim HeaderValueMatch: headerValueMatch, }, }) + entries = append(entries, &ratelimitv32.RateLimitDescriptor_Entry{ + Key: "header_match", + Value: arg.GetValue().GetValue().GetValue(), + }) case apitraffic.MatchArgument_QUERY: queryParameterValueMatch := buildRateLimitActionQueryParameterValueMatch(arg.Key, arg.Value) actions = append(actions, &route.RateLimit_Action{ @@ -590,6 +629,10 @@ func buildLocalRateLimitDescriptors(rule *traffic_manage.Rule) ([]*route.RateLim QueryParameterValueMatch: queryParameterValueMatch, }, }) + entries = append(entries, &ratelimitv32.RateLimitDescriptor_Entry{ + Key: "query_match", + Value: arg.GetValue().GetValue().GetValue(), + }) case apitraffic.MatchArgument_METHOD: actions = append(actions, &route.RateLimit_Action{ ActionSpecifier: &route.RateLimit_Action_RequestHeaders_{ @@ -603,6 +646,12 @@ func buildLocalRateLimitDescriptors(rule *traffic_manage.Rule) ([]*route.RateLim Key: arg.Key, Value: arg.GetValue().GetValue().GetValue(), }) + case apitraffic.MatchArgument_CALLER_IP: + actions = append(actions, &route.RateLimit_Action{ + ActionSpecifier: &route.RateLimit_Action_RemoteAddress_{ + RemoteAddress: &route.RateLimit_Action_RemoteAddress{}, + }, + }) } } descriptor.Entries = entries diff --git a/apiserver/xdsserverv3/sidecar.go b/apiserver/xdsserverv3/sidecar.go index 10c6ac0b1..f63feefaf 100644 --- a/apiserver/xdsserverv3/sidecar.go +++ b/apiserver/xdsserverv3/sidecar.go @@ -20,6 +20,7 @@ package xdsserverv3 import ( "context" "encoding/json" + "fmt" "strconv" "strings" "time" @@ -152,7 +153,7 @@ func (x *XDSServer) makeSidecarLocalRateLimit(svcKey model.ServiceKey) ([]*route if conf == nil { return nil, nil, nil } - rateLimitConf := buildRateLimitConf() + rateLimitConf := buildRateLimitConf(fmt.Sprintf("sidecar_%s_%s", svcKey.Namespace, svcKey.Name)) filters := make(map[string]*anypb.Any) ratelimits := make([]*route.RateLimit, 0, len(conf)) for _, c := range conf { @@ -239,8 +240,7 @@ func buildRateLimitActionQueryParameterValueMatch(key string, func buildRateLimitActionHeaderValueMatch(key string, value *apimodel.MatchString) *route.RateLimit_Action_HeaderValueMatch { headerValueMatch := &route.RateLimit_Action_HeaderValueMatch{ - DescriptorValue: "true", - ExpectMatch: wrapperspb.Bool(true), + DescriptorValue: value.GetValue().GetValue(), Headers: []*route.HeaderMatcher{}, } switch value.GetType() { diff --git a/cache/instance.go b/cache/instance.go index 0d0b6fede..5ef459cb3 100644 --- a/cache/instance.go +++ b/cache/instance.go @@ -132,8 +132,13 @@ func (ic *instanceCache) initialize(opt map[string]interface{}) error { // update 更新缓存函数 func (ic *instanceCache) update() error { + err, _ := ic.singleUpdate() + return err +} + +func (ic *instanceCache) singleUpdate() (error, bool) { // 多个线程竞争,只有一个线程进行更新 - _, err, _ := ic.singleFlight.Do(ic.name(), func() (interface{}, error) { + _, err, shared := ic.singleFlight.Do(ic.name(), func() (interface{}, error) { defer func() { ic.lastMtimeLogged = logLastMtime(ic.lastMtimeLogged, ic.LastMtime().Unix(), "Instance") ic.checkAll() @@ -141,7 +146,7 @@ func (ic *instanceCache) update() error { }() return nil, ic.doCacheUpdate(ic.name(), ic.realUpdate) }) - return err + return err, shared } func (ic *instanceCache) LastMtime() time.Time { diff --git a/cache/instance_query.go b/cache/instance_query.go index 2377abb93..92fdab5d5 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -18,82 +18,138 @@ package cache import ( + "encoding/json" + "fmt" "sort" "strconv" "strings" "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" + "go.uber.org/zap" ) -// forceUpdate 更新配置 -func (ic *instanceCache) forceUpdate() error { - if err := ic.update(); err != nil { - return err - } - return nil +// InstanceSearchArgs . +type InstanceSearchArgs struct { + SvcName *string + SvcNs *string + InstanceID *string + Hosts map[string]struct{} + Port *uint32 + Protocol *string + Version *string + Region *string + Zone *string + Campus *string + Weight *uint32 + HealthStatus *bool + Isolate *bool + MetaFilter map[string]string } -func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, - offset, limit uint32) (uint32, []*model.Instance, error) { - if err := ic.forceUpdate(); err != nil { - return 0, nil, err +func (args *InstanceSearchArgs) String() string { + data, _ := json.Marshal(args) + return string(data) +} + +func parseInstanceSearchArgs(filter, metaFilter map[string]string) *InstanceSearchArgs { + args := &InstanceSearchArgs{ + MetaFilter: metaFilter, } - var ( - tempInstances = make([]*model.Instance, 0, 32) - ) - var ( - searchSvcName, hasSvc = filter["service"] - searchNamespace, hasNamespace = filter["namespace"] - id, hasId = filter["id"] - hosts, hasHost = filter["host"] - protocol, hasProtocol = filter["protocol"] - version, hasVersion = filter["version"] - region, hasRegion = filter["cmdb_region"] - zone, hasZone = filter["cmdb_zone"] - campus, hasIdc = filter["cmdb_idc"] - port, weight uint32 - healthStatus, isolate bool - hasPort, hasWeight, hasHealthStatus, hasIsolate bool - ) + if searchSvcName, hasSvc := filter["name"]; hasSvc { + args.SvcName = &searchSvcName + } + if searchNamespace, hasNamespace := filter["namespace"]; hasNamespace { + args.SvcNs = &searchNamespace + } + if id, hasId := filter["id"]; hasId { + args.InstanceID = &id + } + if protocol, hasProtocol := filter["protocol"]; hasProtocol { + args.Protocol = &protocol + } + if version, hasVersion := filter["version"]; hasVersion { + args.Version = &version + } + if region, hasRegion := filter["cmdb_region"]; hasRegion { + args.Region = ®ion + } + if campus, hasIdc := filter["cmdb_idc"]; hasIdc { + args.Campus = &campus + } + if zone, hasZone := filter["cmdb_zone"]; hasZone { + args.Zone = &zone + } - hostMap := map[string]struct{}{} - hostItems := strings.Split(hosts, ",") - for i := range hostItems { - hostMap[strings.TrimSpace(hostItems[i])] = struct{}{} + if hosts, hasHosts := filter["host"]; hasHosts { + hostMap := map[string]struct{}{} + hostItems := strings.Split(hosts, ",") + for i := range hostItems { + hostVal := strings.TrimSpace(hostItems[i]) + if len(hostVal) == 0 { + continue + } + hostMap[hostVal] = struct{}{} + } + args.Hosts = hostMap } if portStr, ok := filter["port"]; ok { if v, err := strconv.ParseUint(portStr, 10, 64); err == nil { - port = uint32(v) - hasPort = true + port := uint32(v) + args.Port = &port } } if weightStr, ok := filter["weight"]; ok { if v, err := strconv.ParseUint(weightStr, 10, 64); err == nil { - weight = uint32(v) - hasWeight = true + weight := uint32(v) + args.Weight = &weight } } if isolateStr, ok := filter["isolate"]; ok { if v, err := strconv.ParseBool(isolateStr); err == nil { - isolate = v - hasIsolate = true + isolate := v + args.Isolate = &isolate } } if healthStatusStr, ok := filter["health_status"]; ok { if v, err := strconv.ParseBool(healthStatusStr); err == nil { - healthStatus = v - hasHealthStatus = true + healthStatus := v + args.HealthStatus = &healthStatus } } if healthyStr, ok := filter["healthy"]; ok { if v, err := strconv.ParseBool(healthyStr); err == nil { - healthStatus = v - hasHealthStatus = true + healthStatus := v + args.HealthStatus = &healthStatus } } + return args +} + +// forceQueryUpdate 为了确保读取的数据是最新的,这里需要做一个强制 update 的动作进行数据读取处理 +func (ic *instanceCache) forceQueryUpdate() error { + err, shared := ic.singleUpdate() + // shared == true,表示当前已经有正在 update 执行的任务,这个任务不一定能够读取到最新的数据 + // 为了避免读取到脏数据,在发起一次 singleUpdate + if shared { + naminglog.Debug("[Server][Instances][Query] force query update second") + err, _ = ic.singleUpdate() + } + return err +} + +func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, + offset, limit uint32) (uint32, []*model.Instance, error) { + if err := ic.forceQueryUpdate(); err != nil { + return 0, nil, err + } + var ( + tempInstances = make([]*model.Instance, 0, 32) + args = parseInstanceSearchArgs(filter, metaFilter) + ) + naminglog.Info("[Server][Instances][Query] instances filter parameters", zap.String("args", args.String())) svcCache := ic.cacheMgr.Service().(*serviceCache) _ = ic.IteratorInstances(func(key string, value *model.Instance) (bool, error) { @@ -101,45 +157,45 @@ func (ic *instanceCache) QueryInstances(filter, metaFilter map[string]string, if svc == nil { return true, nil } - if hasSvc && !utils.IsWildMatch(svc.Name, searchSvcName) { + if args.SvcName != nil && !utils.IsWildMatch(svc.Name, *args.SvcName) { return true, nil } - if hasNamespace && !utils.IsWildMatch(svc.Namespace, searchNamespace) { + if args.SvcNs != nil && !utils.IsWildMatch(svc.Namespace, *args.SvcNs) { return true, nil } - if hasId && !utils.IsWildMatch(value.Proto.GetId().GetValue(), id) { + if args.InstanceID != nil && !utils.IsWildMatch(value.Proto.GetId().GetValue(), *args.InstanceID) { return true, nil } - if hasHost { - if _, ok := hostMap[value.Proto.GetHost().GetValue()]; !ok { + if len(args.Hosts) != 0 { + if _, ok := args.Hosts[value.Proto.GetHost().GetValue()]; !ok { return true, nil } } - if hasPort && value.Proto.GetPort().GetValue() != port { + if args.Port != nil && value.Proto.GetPort().GetValue() != *args.Port { return true, nil } - if hasIsolate && value.Proto.GetIsolate().GetValue() != isolate { + if args.Isolate != nil && value.Proto.GetIsolate().GetValue() != *args.Isolate { return true, nil } - if hasHealthStatus && value.Proto.GetHealthy().GetValue() != healthStatus { + if args.HealthStatus != nil && value.Proto.GetHealthy().GetValue() != *args.HealthStatus { return true, nil } - if hasWeight && value.Proto.GetWeight().GetValue() != weight { + if args.Weight != nil && value.Proto.GetWeight().GetValue() != *args.Weight { return true, nil } - if hasRegion && value.Proto.GetLocation().GetRegion().GetValue() != region { + if args.Region != nil && value.Proto.GetLocation().GetRegion().GetValue() != *args.Region { return true, nil } - if hasZone && value.Proto.GetLocation().GetZone().GetValue() != zone { + if args.Zone != nil && value.Proto.GetLocation().GetZone().GetValue() != *args.Zone { return true, nil } - if hasIdc && value.Proto.GetLocation().GetCampus().GetValue() != campus { + if args.Campus != nil && value.Proto.GetLocation().GetCampus().GetValue() != *args.Campus { return true, nil } - if hasProtocol && value.Proto.GetProtocol().GetValue() != protocol { + if args.Protocol != nil && value.Proto.GetProtocol().GetValue() != *args.Protocol { return true, nil } - if hasVersion && value.Proto.GetVersion().GetValue() != version { + if args.Version != nil && value.Proto.GetVersion().GetValue() != *args.Version { return true, nil } if len(metaFilter) > 0 { diff --git a/cache/log.go b/cache/log.go index 87cfb2379..d87ccd5fe 100644 --- a/cache/log.go +++ b/cache/log.go @@ -17,9 +17,10 @@ package cache -import commonLog "github.com/polarismesh/polaris/common/log" +import commonlog "github.com/polarismesh/polaris/common/log" var ( - log = commonLog.GetScopeOrDefaultByName(commonLog.CacheLoggerName) - configLog = commonLog.GetScopeOrDefaultByName(commonLog.ConfigLoggerName) + log = commonlog.GetScopeOrDefaultByName(commonlog.CacheLoggerName) + naminglog = commonlog.GetScopeOrDefaultByName(commonlog.NamingLoggerName) + configLog = commonlog.GetScopeOrDefaultByName(commonlog.ConfigLoggerName) ) diff --git a/cache/ratelimit_config.go b/cache/ratelimit_config.go index 2f4463e0b..b1ade9066 100644 --- a/cache/ratelimit_config.go +++ b/cache/ratelimit_config.go @@ -24,6 +24,7 @@ import ( apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage" "golang.org/x/sync/singleflight" + "google.golang.org/protobuf/types/known/wrapperspb" "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" @@ -129,6 +130,7 @@ func (rlc *rateLimitCache) rateLimitToProto(rateLimit *model.RateLimit) error { if err := json.Unmarshal([]byte(rateLimit.Rule), rateLimit.Proto); err != nil { return err } + rateLimit.Proto.Disable = wrapperspb.Bool(rateLimit.Disable) namespace := rateLimit.Proto.GetNamespace().GetValue() name := rateLimit.Proto.GetService().GetValue() if namespace == "" || name == "" { diff --git a/common/model/routing.go b/common/model/routing.go index 56ebaf724..1fd9e4d97 100644 --- a/common/model/routing.go +++ b/common/model/routing.go @@ -314,6 +314,15 @@ func parseSubRouteRule(ruleRouting *apitraffic.RuleRoutingConfig) { subRule, } } else { + for i := range ruleRouting.Rules { + subRule := ruleRouting.Rules[i] + if len(subRule.Sources) == 0 { + subRule.Sources = ruleRouting.GetSources() + } + if len(subRule.Destinations) == 0 { + subRule.Destinations = ruleRouting.GetDestinations() + } + } // Abandon the value of the old field ruleRouting.Destinations = nil ruleRouting.Sources = nil diff --git a/release/cluster/helm/templates/config-polaris-server.yaml b/release/cluster/helm/templates/config-polaris-server.yaml index 24059982c..f7b6abe3c 100644 --- a/release/cluster/helm/templates/config-polaris-server.yaml +++ b/release/cluster/helm/templates/config-polaris-server.yaml @@ -408,15 +408,15 @@ data: option: remote-conf: false # 是否使用远程配置 ip-limit: # ip级限流,全局 - open: true # 系统是否开启ip级限流 + open: false # 系统是否开启ip级限流 global: - open: true + open: false bucket: 300 # 最高峰值 rate: 200 # 平均一个IP每秒的请求数 resource-cache-amount: 1024 # 最大缓存的IP个数 white-list: [127.0.0.1] instance-limit: - open: true + open: false global: bucket: 200 rate: 100 @@ -426,12 +426,12 @@ data: rules: - name: store-read limit: - open: true # 接口的全局配置,如果在api子项中,不配置,则该接口依据global来做限制 + open: false # 接口的全局配置,如果在api子项中,不配置,则该接口依据global来做限制 bucket: 2000 # 令牌桶最大值 rate: 1000 # 每秒产生的令牌数 - name: store-write limit: - open: true + open: false bucket: 1000 rate: 500 apis: From 149e76f8859d9ec91423640833c1b3a6ee6bbeb3 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 10:21:07 +0800 Subject: [PATCH 22/37] feat:support rls to push xds client --- cache/instance_query.go | 1 - 1 file changed, 1 deletion(-) diff --git a/cache/instance_query.go b/cache/instance_query.go index 92fdab5d5..1c6291648 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -19,7 +19,6 @@ package cache import ( "encoding/json" - "fmt" "sort" "strconv" "strings" From abad7d184c4d3ef3205d1a2e2d7717ee8fc6c918 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 10:31:56 +0800 Subject: [PATCH 23/37] feat:support rls to push xds client --- store/mysql/scripts/polaris_server.sql | 106 +------------------------ 1 file changed, 1 insertion(+), 105 deletions(-) diff --git a/store/mysql/scripts/polaris_server.sql b/store/mysql/scripts/polaris_server.sql index b9c6c60b7..5ea223636 100644 --- a/store/mysql/scripts/polaris_server.sql +++ b/store/mysql/scripts/polaris_server.sql @@ -449,111 +449,7 @@ CREATE TABLE `cl5_module` -- -- Data in the conveyor `cl5_module` -- -insert into cl5_module(module_id, interface_id, range_num) -values (3000001, 1, 0); - --- -------------------------------------------------------- --- --- Table structure `mesh` --- -CREATE TABLE `mesh` -( - `id` varchar(32) NOT NULL COMMENT 'mesh ID', - `name` varchar(128) NOT NULL COMMENT 'mesh name', - `department` varchar(1024) DEFAULT NULL COMMENT 'mesh department', - `business` varchar(128) NOT NULL COMMENT 'mesh service', - `managed` tinyint(4) NOT NULL COMMENT 'Whether to managed', - `istio_version` varchar(64) COMMENT 'ISTIO version', - `data_cluster` varchar(1024) COMMENT 'Data surface cluster', - `revision` varchar(32) NOT NULL COMMENT 'Rule version number', - `comment` varchar(1024) DEFAULT NULL COMMENT 'Rule description', - `token` varchar(32) NOT NULL COMMENT 'Rule Authentication Token', - `owner` varchar(1024) NOT NULL COMMENT 'Rule owner', - `flag` tinyint(4) NOT NULL DEFAULT '0' COMMENT 'Whether the rules are valid, 0 is valid, 1 is invalid, it is deleted', - `ctime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'Create time', - `mtime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'Last updated time', - PRIMARY KEY (`id`), - KEY `name` (`name`), - KEY `mtime` (`mtime`) -) ENGINE = InnoDB; - --- -------------------------------------------------------- --- --- Table structure `mesh_service` --- -CREATE TABLE `mesh_service` -( - `id` varchar(32) NOT NULL COMMENT 'mesh rule ID', - `mesh_id` varchar(32) NOT NULL COMMENT 'mesh name', - `service_id` varchar(32) NOT NULL COMMENT 'Service ID', - `namespace` varchar(64) NOT NULL COMMENT 'Service namespace', - `service` varchar(128) NOT NULL COMMENT 'Service Name', - `mesh_namespace` varchar(64) NOT NULL COMMENT 'Map to the mesh namespace', - `mesh_service` varchar(128) NOT NULL COMMENT 'Mapping to the mesh service name', - `location` varchar(16) NOT NULL COMMENT 'Which location is in the mesh', - `export_to` varchar(1024) NOT NULL COMMENT 'What is the service you can be seen by the namespace', - `revision` varchar(32) NOT NULL COMMENT 'Rule version number', - `flag` tinyint(4) NOT NULL DEFAULT '0' COMMENT 'Whether the rules are valid, 0 is valid, 1 is invalid, it is deleted', - `ctime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'Create time', - `mtime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'Last updated time', - PRIMARY KEY (`id`), - UNIQUE KEY `relation` (`mesh_id`, `mesh_namespace`, `mesh_service`), - KEY `namespace` (`namespace`), - KEY `service` (`service`), - KEY `location` (`location`), - KEY `export_to` (`export_to`), - KEY `mtime` (`mtime`), - KEY `flag` (`flag`) -) ENGINE = InnoDB; - --- -------------------------------------------------------- --- --- Table structure `mesh_service_revision` --- -CREATE TABLE `mesh_service_revision` -( - `mesh_id` varchar(32) NOT NULL COMMENT 'mesh name', - `revision` varchar(32) NOT NULL COMMENT 'Rule version number', - `ctime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'Create time', - `mtime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'Last updated time', - PRIMARY KEY (`mesh_id`), - KEY `mtime` (`mtime`) -) ENGINE = InnoDB; - --- -------------------------------------------------------- --- --- Table structure `mesh_resource` --- -CREATE TABLE `mesh_resource` -( - `id` varchar(32) NOT NULL COMMENT 'mesh rule ID', - `mesh_id` varchar(32) NOT NULL COMMENT 'mesh name', - `name` varchar(64) NOT NULL COMMENT 'Rule name', - `mesh_namespace` varchar(64) NOT NULL COMMENT 'mesh namespace where the rules are located', - `type_url` varchar(96) NOT NULL COMMENT 'Rule type, such as VirtualService', - `revision` varchar(32) NOT NULL COMMENT 'Rule version number', - `body` text COMMENT 'Rule content, JSON format string', - `flag` tinyint(4) NOT NULL DEFAULT '0' COMMENT 'Whether the rules are valid, 0 is valid, 1 is invalid, it is deleted', - `ctime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'Create time', - `mtime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'Last updated time', - PRIMARY KEY (`id`), - UNIQUE KEY `name` (`mesh_id`, `name`, `mesh_namespace`, `type_url`), - KEY `mtime` (`mtime`) -) ENGINE = InnoDB; - --- --- Table structure `mesh_revision` --- -CREATE TABLE `mesh_resource_revision` -( - `mesh_id` varchar(32) NOT NULL COMMENT 'Rules, mesh ID', - `type_url` varchar(96) NOT NULL COMMENT 'Rule type, such as VirtualService', - `revision` varchar(32) NOT NULL COMMENT 'The version number of the rules collection, the overall version number of all rule collections below the same mesh', - `ctime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP comment 'Create time', - `mtime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP comment 'Last updated time', - PRIMARY KEY (`mesh_id`, `type_url`), - KEY `mtime` (`mtime`) -) ENGINE = InnoDB; +insert into cl5_module(module_id, interface_id, range_num) values (3000001, 1, 0); -- -------------------------------------------------------- From 4bf54c3cf655055aaeff3ff6522e2274e068f689 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 11:12:49 +0800 Subject: [PATCH 24/37] feat:support rls to push xds client --- cache/instance_query.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cache/instance_query.go b/cache/instance_query.go index 1c6291648..0a858d667 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -23,9 +23,10 @@ import ( "strconv" "strings" + "go.uber.org/zap" + "github.com/polarismesh/polaris/common/model" "github.com/polarismesh/polaris/common/utils" - "go.uber.org/zap" ) // InstanceSearchArgs . From cea410f412a1b8b116be4c1ea8e51035c7eb6a56 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 12:06:48 +0800 Subject: [PATCH 25/37] feat:support rls to push xds client --- cache/instance_query.go | 1 + 1 file changed, 1 insertion(+) diff --git a/cache/instance_query.go b/cache/instance_query.go index 0a858d667..dd1094239 100644 --- a/cache/instance_query.go +++ b/cache/instance_query.go @@ -48,6 +48,7 @@ type InstanceSearchArgs struct { } func (args *InstanceSearchArgs) String() string { + //nolint: errchkjson data, _ := json.Marshal(args) return string(data) } From ef420f4d00d414d63ba6d35711ab7ac754676572 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 12:43:55 +0800 Subject: [PATCH 26/37] feat:support rls to push xds client --- apiserver/grpcserver/discover/server.go | 1 + apiserver/grpcserver/discover/v1/client_access.go | 2 +- go.mod | 2 +- go.sum | 2 ++ plugin/healthchecker/leader/peer.go | 8 ++++---- plugin/healthchecker/leader/peer_test.go | 2 +- 6 files changed, 10 insertions(+), 7 deletions(-) diff --git a/apiserver/grpcserver/discover/server.go b/apiserver/grpcserver/discover/server.go index 07d350e4c..9cbb9a0fc 100644 --- a/apiserver/grpcserver/discover/server.go +++ b/apiserver/grpcserver/discover/server.go @@ -106,6 +106,7 @@ func (g *GRPCServer) Run(errCh chan error) { if config.Enable { // 注册 v1 版本的 spec discover server apiservice.RegisterPolarisGRPCServer(server, g.v1server) + apiservice.RegisterPolarisHeartbeatGRPCServer(server, g.v1server) openMethod, getErr := apiserver.GetClientOpenMethod(config.Include, g.GetProtocol()) if getErr != nil { return getErr diff --git a/apiserver/grpcserver/discover/v1/client_access.go b/apiserver/grpcserver/discover/v1/client_access.go index 8fcbb80bc..aab3b447c 100644 --- a/apiserver/grpcserver/discover/v1/client_access.go +++ b/apiserver/grpcserver/discover/v1/client_access.go @@ -157,7 +157,7 @@ func (g *DiscoverServer) Heartbeat(ctx context.Context, in *apiservice.Instance) } // BatchHeartbeat 批量上报心跳 -func (g *DiscoverServer) BatchHeartbeat(svr apiservice.PolarisGRPC_BatchHeartbeatServer) error { +func (g *DiscoverServer) BatchHeartbeat(svr apiservice.PolarisHeartbeatGRPC_BatchHeartbeatServer) error { ctx := grpcserver.ConvertContext(svr.Context()) for { diff --git a/go.mod b/go.mod index fef90721f..ab74b504b 100644 --- a/go.mod +++ b/go.mod @@ -84,7 +84,7 @@ require ( require ( github.com/DATA-DOG/go-sqlmock v1.5.0 github.com/agiledragon/gomonkey/v2 v2.10.1 - github.com/polarismesh/specification v1.3.2-alpha.2 + github.com/polarismesh/specification v1.3.2-alpha.4 ) replace gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.2 diff --git a/go.sum b/go.sum index 2116b2857..2d7da0375 100644 --- a/go.sum +++ b/go.sum @@ -320,6 +320,8 @@ github.com/polarismesh/go-restful-openapi/v2 v2.0.0-20220928152401-083908d10219 github.com/polarismesh/go-restful-openapi/v2 v2.0.0-20220928152401-083908d10219/go.mod h1:4WhwBysTom9Eoy0hQ4W69I0FmO+T0EpjEW9/5sgHoUk= github.com/polarismesh/specification v1.3.2-alpha.2 h1:cMghyvCnRVM5ca2kYCGHOgIIxVnokiMvw0720q8a8RA= github.com/polarismesh/specification v1.3.2-alpha.2/go.mod h1:rDvMMtl5qebPmqiBLNa5Ps0XtwkP31ZLirbH4kXA0YU= +github.com/polarismesh/specification v1.3.2-alpha.4 h1:J5Qh1Ef1RKbuuD1UqKr6mfG1gXY4rSLL0DQQph2CJP8= +github.com/polarismesh/specification v1.3.2-alpha.4/go.mod h1:rDvMMtl5qebPmqiBLNa5Ps0XtwkP31ZLirbH4kXA0YU= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= diff --git a/plugin/healthchecker/leader/peer.go b/plugin/healthchecker/leader/peer.go index e1115b188..5ee22635c 100644 --- a/plugin/healthchecker/leader/peer.go +++ b/plugin/healthchecker/leader/peer.go @@ -178,7 +178,7 @@ func (p *RemotePeer) Serve(_ context.Context, checker *LeaderHealthChecker, p.conns = append(p.conns, conn) } for i := 0; i < streamNum; i++ { - client := apiservice.NewPolarisGRPCClient(p.conns[i]) + client := apiservice.NewPolarisHeartbeatGRPCClient(p.conns[i]) puter, err := client.BatchHeartbeat(ctx, grpc.Header(&metadata.MD{ sendResource: []string{utils.LocalHost}, })) @@ -291,9 +291,9 @@ func (p *RemotePeer) DelFunc(req *apiservice.DelHeartbeatsRequest) { } } -func (p *RemotePeer) choseOneClient() apiservice.PolarisGRPCClient { +func (p *RemotePeer) choseOneClient() apiservice.PolarisHeartbeatGRPCClient { index := rand.Intn(len(p.conns)) - return apiservice.NewPolarisGRPCClient(p.conns[index]) + return apiservice.NewPolarisHeartbeatGRPCClient(p.conns[index]) } func (p *RemotePeer) Storage() BeatRecordCache { @@ -341,7 +341,7 @@ type PeerReadTask struct { type beatSender struct { lock sync.RWMutex - sender apiservice.PolarisGRPC_BatchHeartbeatClient + sender apiservice.PolarisHeartbeatGRPC_BatchHeartbeatClient } func (s *beatSender) Send(req *apiservice.HeartbeatsRequest) error { diff --git a/plugin/healthchecker/leader/peer_test.go b/plugin/healthchecker/leader/peer_test.go index c337ba246..bd2d9441b 100644 --- a/plugin/healthchecker/leader/peer_test.go +++ b/plugin/healthchecker/leader/peer_test.go @@ -361,7 +361,7 @@ func (ms *MockPolarisGRPCServer) Heartbeat(context.Context, } // BatchHeartbeat 批量上报心跳 -func (ms *MockPolarisGRPCServer) BatchHeartbeat(svr service_manage.PolarisGRPC_BatchHeartbeatServer) error { +func (ms *MockPolarisGRPCServer) BatchHeartbeat(svr service_manage.PolarisHeartbeatGRPC_BatchHeartbeatServer) error { for { req, err := svr.Recv() if err != nil { From d7ab9316235e1b91bd57d0eabbeb94ee38ce90a7 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 16:49:20 +0800 Subject: [PATCH 27/37] feat:support rls to push xds client --- common/log/config.go | 1 + common/log/options.go | 1 + .../kubernetes/02-polaris-server-config.yaml | 22 +++- release/conf/polaris-server.yaml | 124 +++++++++--------- 4 files changed, 79 insertions(+), 69 deletions(-) diff --git a/common/log/config.go b/common/log/config.go index dc5e02e17..bac86c7de 100644 --- a/common/log/config.go +++ b/common/log/config.go @@ -100,6 +100,7 @@ func prepZap(options *Options) ([]zapcore.Core, zapcore.Core, zapcore.WriteSynce MaxSize: options.RotationMaxSize, MaxBackups: options.RotationMaxBackups, MaxAge: options.RotationMaxAge, + Compress: options.Compress, } rotateSink = zapcore.AddSync(l) } diff --git a/common/log/options.go b/common/log/options.go index b0af306b8..47a6f0a30 100644 --- a/common/log/options.go +++ b/common/log/options.go @@ -128,6 +128,7 @@ type Options struct { // RotationMaxDurationForHour RotationMaxDurationForHour int `yaml:"rotationMaxDurationForHour"` + Compress bool `yaml:"compress"` OutputLevel string `yaml:"outputLevel"` StackTraceLevel string `yaml:"stackTraceLevel"` DisableLogCaller bool `yaml:"disableLogCaller"` diff --git a/release/cluster/kubernetes/02-polaris-server-config.yaml b/release/cluster/kubernetes/02-polaris-server-config.yaml index 14b3a53e3..ba000b624 100644 --- a/release/cluster/kubernetes/02-polaris-server-config.yaml +++ b/release/cluster/kubernetes/02-polaris-server-config.yaml @@ -252,13 +252,23 @@ data: # listenIP: 0.0.0.0 # listenPort: 7779 # clusterName: cl5.discover - # 核心逻辑的配置 + # Core logic configuration auth: - name: defaultAuth - option: - salt: polarismesh@2021 - consoleOpen: true - clientOpen: false + # auth's option has migrated to auth.user and auth.strategy + # it's still available when filling auth.option, but you will receive warning log that auth.option has deprecated. + user: + name: defaultUser + option: + # Token encrypted SALT, you need to rely on this SALT to decrypt the information of the Token when analyzing the Token + # The length of SALT needs to satisfy the following one:len(salt) in [16, 24, 32] + salt: polarismesh@2021 + strategy: + name: defaultStrategy + option: + # Console power switch, open default + consoleOpen: true + # Customer inspection ability switch, default close + clientOpen: false namespace: autoCreate: true naming: diff --git a/release/conf/polaris-server.yaml b/release/conf/polaris-server.yaml index 3223e7047..4277819bf 100644 --- a/release/conf/polaris-server.yaml +++ b/release/conf/polaris-server.yaml @@ -17,17 +17,22 @@ bootstrap: # Global log logger: + # Log scope name config: + # Log file location rotateOutputPath: log/runtime/polaris-config.log + # Special records of error log files at ERROR level errorRotateOutputPath: log/runtime/polaris-config-error.log + # The maximum size of a single log file, 100 default, the unit is MB rotationMaxSize: 100 + # How many log files are saved, default 10 rotationMaxBackups: 10 + # The maximum preservation days of a single log file, default 7 rotationMaxAge: 7 + # Log output level,debug/info/warn/error outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr + # Open the log file compression + # compress: false auth: rotateOutputPath: log/runtime/polaris-auth.log errorRotateOutputPath: log/runtime/polaris-auth-error.log @@ -35,10 +40,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr store: rotateOutputPath: log/runtime/polaris-store.log errorRotateOutputPath: log/runtime/polaris-store-error.log @@ -46,10 +47,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr cache: rotateOutputPath: log/runtime/polaris-cache.log errorRotateOutputPath: log/runtime/polaris-cache-error.log @@ -57,10 +54,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr naming: rotateOutputPath: log/runtime/polaris-naming.log errorRotateOutputPath: log/runtime/polaris-naming-error.log @@ -68,10 +61,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr healthcheck: rotateOutputPath: log/runtime/polaris-healthcheck.log errorRotateOutputPath: log/runtime/polaris-healthcheck-error.log @@ -79,10 +68,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr xdsv3: rotateOutputPath: log/runtime/polaris-xdsv3.log errorRotateOutputPath: log/runtime/polaris-xdsv3-error.log @@ -90,10 +75,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr apiserver: rotateOutputPath: log/runtime/polaris-apiserver.log errorRotateOutputPath: log/runtime/polaris-apiserver-error.log @@ -101,10 +82,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr token-bucket: rotateOutputPath: log/runtime/polaris-ratelimit.log errorRotateOutputPath: log/runtime/polaris-ratelimit-error.log @@ -112,10 +89,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr default: rotateOutputPath: log/runtime/polaris-default.log errorRotateOutputPath: log/runtime/polaris-default-error.log @@ -123,10 +96,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr discoverEventLocal: rotateOutputPath: log/event/polaris-discoverevent.log errorRotateOutputPath: log/event/polaris-discoverevent-error.log @@ -135,10 +104,6 @@ bootstrap: rotationMaxAge: 7 outputLevel: info onlyContent: true - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr discoverLocal: rotateOutputPath: log/statis/polaris-discoverstat.log errorRotateOutputPath: log/statis/polaris-discoverstat-error.log @@ -146,10 +111,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr local: rotateOutputPath: log/statis/polaris-statis.log errorRotateOutputPath: log/statis/polaris-statis-error.log @@ -157,10 +118,6 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr HistoryLogger: rotateOutputPath: log/operation/polaris-history.log errorRotateOutputPath: log/operation/polaris-history-error.log @@ -170,10 +127,6 @@ bootstrap: rotationMaxDurationForHour: 24 outputLevel: info onlyContent: true - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr cmdb: rotateOutputPath: log/runtime/polaris-cmdb.log errorRotateOutputPath: log/runtime/polaris-cmdb-error.log @@ -181,42 +134,60 @@ bootstrap: rotationMaxBackups: 10 rotationMaxAge: 7 outputLevel: info - # outputPaths: - # - stdout - # errorOutputPaths: - # - stderr # Start the server in order startInOrder: - open: true # Whether to open, the default is closed - key: sz # Global lock + # Start the Polaris-Server in order, mainly to avoid data synchronization logic when the server starts the DB to pull the DB out of high load + open: true + # The name of the start lock + key: sz # Register as Arctic Star Service polaris_service: # Obtain the IP of the VM or POD where Polaris is located by making a TCP connection with the probe_adreess address # probe_address: ##DB_ADDR## + # Whether to open the server to register enable_register: true + # Registered North Star Server Examples isolation status isolated: false + # Service information that needs to be registered services: + # service name - name: polaris.checker + # Set the port protocol information that requires registration protocols: - service-grpc # apiserver Configuration apiservers: + # apiserver plugin name - name: service-eureka + # apiserver additional configuration option: + # tcp server listen ip listenIP: "0.0.0.0" + # tcp server listen port listenPort: 8761 + # set the polaris namingspace of the EUREKA service default namespace: default - owner: polaris + # pull data from the cache of the polaris, refresh the data cache in the Eureka protocol refreshInterval: 10 + # eureka incremental instance changes time cache expiration cycle deltaExpireInterval: 60 + # unhealthy instance expiration cycle unhealthyExpireInterval: 180 + # whether to enable an instance ID of polaris to generate logic generateUniqueInstId: false + # TCP connection number limit connLimit: + # Whether to turn on the TCP connection limit function, default FALSE openConnLimit: false + # The number of connections with the most IP maxConnPerHost: 1024 + # Current Listener's maximum number of connections maxConnLimit: 10240 + # Whitening list ip list, English comma separation whiteList: 127.0.0.1 + # Cleaning the cycle of link behavior purgeCounterInterval: 10s + # How long does the unpretentious link clean up purgeCounterExpired: 5s - name: api-http option: @@ -233,18 +204,25 @@ apiservers: whiteList: 127.0.0.1 purgeCounterInterval: 10s purgeCounterExpired: 5s + # Set the type of open API interface api: + # admin OpenAPI interface admin: enable: true + # Console OpenAPI interface console: enable: true + # OpenAPI group that needs to be exposed include: [default] + # client OpenAPI interface client: enable: true include: [discover, register, healthcheck] + # configuration center OpenAPI interface config: enable: true include: [default] + # Polaris is a client communication protocol layer based on the gRPC protocol, which is used for registration discovery and service governance rule delivery - name: service-grpc option: listenIP: "0.0.0.0" @@ -253,11 +231,17 @@ apiservers: openConnLimit: false maxConnPerHost: 128 maxConnLimit: 5120 + # Open the protobuf parsing cache, cache the protobuf serialization results of the same content, and improve the processing of service discovery QPS enableCacheProto: true + # Cache default size sizeCacheProto: 128 + # tls setting tls: + # set cert file path certFile: "" + # set key file path keyFile: "" + # set trusted ca file path trustedCAFile: "" api: client: @@ -312,11 +296,17 @@ naming: batch: register: open: true + # Task queue cache queueSize: 10240 + # The maximum waiting time for the number of mission is not full, and the time is directly forced to launch the BATCH operation waitTime: 32ms + # Number of BATCH maxBatchCount: 128 + # Number of workers in the batch task concurrency: 128 + # Whether to turn on the discarding expiration task is only used for the batch controller of the register type dropExpireTask: true + # The maximum validity period of the task is that the task is not executed when the validity period exceeds the validity period. taskLife: 30s deregister: open: true @@ -338,11 +328,17 @@ naming: concurrency: 64 # Configuration of health check healthcheck: + # Whether to open the health check function module open: true + # The service of the instance of the health inspection task service: polaris.checker + # Time wheel parameters slotNum: 30 + # It is used to adjust the next execution time of instance health check tasks in the time wheel, limit the minimum inspection cycle minCheckInterval: 1s + # It is used to adjust the next execution time of instance health inspection tasks in the time wheel, limit the maximum inspection cycle maxCheckInterval: 30s + # Used to adjust the next execution time of SDK reporting instance health checking tasks in the time wheel clientReportInterval: 120s batch: heartbeat: @@ -351,6 +347,8 @@ healthcheck: waitTime: 32ms maxBatchCount: 32 concurrency: 64 + # Health check plugin list, currently supports heartBeatMemory/heartBeatredis/heartBeatLeader. + # since the three belong to the same type of health check plugin, only one can be enabled to use one checkers: - name: heartbeatMemory # - name: heartbeatLeader # Heartbeat examination plugin based on the Leader-Follower mechanism From 4a840ce3c4a62ce457722dd4a318a13340c9671b Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 18:00:06 +0800 Subject: [PATCH 28/37] feat:support rls to push xds client --- release/cluster/kubernetes/02-polaris-server-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release/cluster/kubernetes/02-polaris-server-config.yaml b/release/cluster/kubernetes/02-polaris-server-config.yaml index ba000b624..4ae111002 100644 --- a/release/cluster/kubernetes/02-polaris-server-config.yaml +++ b/release/cluster/kubernetes/02-polaris-server-config.yaml @@ -446,7 +446,7 @@ data: open: false global: bucket: 200 - rate: false + rate: 100 resource-cache-amount: 1024 api-limit: # 接口级限流 open: false # 是否开启接口限流,全局开关,只有为true,才代表系统的限流开启。默认关闭 From 524670c7549ae42fb48b105176437e73bec1e4ae Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 22:37:50 +0800 Subject: [PATCH 29/37] feat:support rls to push xds client --- common/utils/config_file.go | 6 ++- config/client_config_file.go | 7 +--- config/config_file.go | 71 +++++++++++++++++++++--------------- 3 files changed, 47 insertions(+), 37 deletions(-) diff --git a/common/utils/config_file.go b/common/utils/config_file.go index 40727eb40..d37575e80 100644 --- a/common/utils/config_file.go +++ b/common/utils/config_file.go @@ -52,10 +52,12 @@ const ( ConfigFileImportConflictSkip = "skip" // ConfigFileImportConflictOverwrite 导入配置文件发生冲突覆盖原配置文件 ConfigFileImportConflictOverwrite = "overwrite" + // ConfigFileTagKeyUseEncrypted 配置加密开关标识,value 为 boolean + ConfigFileTagKeyUseEncrypted = "internal-encrypted" // ConfigFileTagKeyDataKey 加密密钥 tag key - ConfigFileTagKeyDataKey = "data_key" + ConfigFileTagKeyDataKey = "internal-datakey" // ConfigFileTagKeyEncryptAlgo 加密算法 tag key - ConfigFileTagKeyEncryptAlgo = "encrypt_algo" + ConfigFileTagKeyEncryptAlgo = "internal-encryptalgo" ) // GenFileId 生成文件 Id diff --git a/config/client_config_file.go b/config/client_config_file.go index 04f1f063a..3fb74e7ec 100644 --- a/config/client_config_file.go +++ b/config/client_config_file.go @@ -52,11 +52,8 @@ func (s *Server) GetConfigFileForClient(ctx context.Context, requestID := utils.ParseRequestID(ctx) - log.Info("[Config][Service] load config file from cache.", - utils.ZapRequestID(requestID), - utils.ZapNamespace(namespace), - utils.ZapGroup(group), - utils.ZapFileName(fileName), + log.Info("[Config][Service] load config file from cache.", utils.ZapRequestID(requestID), + utils.ZapNamespace(namespace), utils.ZapGroup(group), utils.ZapFileName(fileName), zap.String("publicKey", publicKey)) // 从缓存中获取配置内容 diff --git a/config/config_file.go b/config/config_file.go index c1a43ee91..5065bb20d 100644 --- a/config/config_file.go +++ b/config/config_file.go @@ -69,8 +69,8 @@ func (s *Server) CreateConfigFile(ctx context.Context, configFile *apiconfig.Con } // 配置加密 - if configFile.Encrypted.GetValue() && configFile.EncryptAlgo.GetValue() != "" { - if err := s.encryptConfigFile(ctx, configFile, configFile.EncryptAlgo.GetValue(), ""); err != nil { + if configFile.GetEncrypted().GetValue() && configFile.GetEncryptAlgo().GetValue() != "" { + if err := s.encryptConfigFile(ctx, configFile, configFile.GetEncryptAlgo().GetValue(), ""); err != nil { log.Error("[Config][Service] encrypt config file error.", utils.ZapRequestID(requestID), utils.ZapNamespace(namespace), @@ -79,6 +79,9 @@ func (s *Server) CreateConfigFile(ctx context.Context, configFile *apiconfig.Con zap.Error(err)) return api.NewConfigFileResponse(apimodel.Code_EncryptConfigFileException, configFile) } + } else { + // 删除原来的配置加密元数据信息 + s.cleanEncryptConfigFileInfo(ctx, configFile) } fileStoreModel := transferConfigFileAPIModel2StoreModel(configFile) @@ -112,19 +115,6 @@ func (s *Server) CreateConfigFile(ctx context.Context, configFile *apiconfig.Con s.RecordHistory(ctx, configFileRecordEntry(ctx, configFile, model.OCreate)) retConfigFile := transferConfigFileStoreModel2APIModel(createdFile) - - if configFile.Encrypted.GetValue() && configFile.EncryptAlgo.GetValue() != "" { - if err := s.decryptConfigFile(ctx, retConfigFile); err != nil { - log.Error("[Config][Service] decrypt config file error.", - utils.ZapRequestID(requestID), - utils.ZapNamespace(namespace), - utils.ZapGroup(group), - utils.ZapFileName(name), - zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_DecryptConfigFileException, retConfigFile) - } - } - return api.NewConfigFileResponse(apimodel.Code_ExecuteSuccess, retConfigFile) } @@ -188,7 +178,7 @@ func (s *Server) GetConfigFileBaseInfo(ctx context.Context, namespace, group, na retConfigFile := transferConfigFileStoreModel2APIModel(file) if err := s.decryptConfigFile(ctx, retConfigFile); err != nil { - log.Error("[Config][Service] decrypt config file error.", + log.Error("[Config][Service] decrypt config file error in get_file_baseinfo.", utils.ZapRequestIDByCtx(ctx), utils.ZapNamespace(namespace), utils.ZapGroup(group), @@ -223,7 +213,7 @@ func (s *Server) GetConfigFileRichInfo(ctx context.Context, namespace, group, na } if err := s.decryptConfigFile(ctx, configFileBaseInfo); err != nil { - log.Error("[Config][Service] decrypt config file error.", + log.Error("[Config][Service] decrypt config file error in get_file_richinfo.", utils.ZapRequestIDByCtx(ctx), utils.ZapNamespace(namespace), utils.ZapGroup(group), @@ -271,12 +261,11 @@ func (s *Server) QueryConfigFilesByGroup(ctx context.Context, namespace, group s if err != nil { return api.NewConfigFileBatchQueryResponse(commonstore.StoreCode2APICode(err), 0, nil) } - log.Error("[Config][Service] decrypt config file error.", zap.String("file", file.Name)) fileAPIModels = append(fileAPIModels, baseFile) } if err := s.decryptMultiConfigFile(ctx, fileAPIModels); err != nil { - log.Error("[Config][Service] decrypt config file error.", + log.Error("[Config][Service] decrypt config file error in query by group.", utils.ZapRequestIDByCtx(ctx), utils.ZapNamespace(namespace), utils.ZapGroup(group), @@ -332,7 +321,7 @@ func (s *Server) SearchConfigFile(ctx context.Context, namespace, group, name, t } if err := s.decryptMultiConfigFile(ctx, enrichedFiles); err != nil { - log.Error("[Config][Service] decrypt config file error.", + log.Error("[Config][Service] decrypt config file error in search file.", utils.ZapRequestIDByCtx(ctx), utils.ZapNamespace(namespace), utils.ZapGroup(group), @@ -374,7 +363,7 @@ func (s *Server) queryConfigFileWithoutTags(ctx context.Context, namespace, grou } if err := s.decryptMultiConfigFile(ctx, fileAPIModels); err != nil { - log.Error("[Config][Service] decrypt config file error.", + log.Error("[Config][Service] decrypt config file error in queryConfigFileWithoutTags.", utils.ZapRequestIDByCtx(ctx), utils.ZapNamespace(namespace), utils.ZapGroup(group), @@ -470,15 +459,6 @@ func (s *Server) UpdateConfigFile(ctx context.Context, configFile *apiconfig.Con return api.NewConfigFileResponse(apimodel.Code_StoreLayerException, configFile) } - if err := s.decryptConfigFile(ctx, baseFile); err != nil { - log.Error("[Config][Service] decrypt config file error.", - utils.ZapRequestIDByCtx(ctx), - utils.ZapNamespace(namespace), - utils.ZapGroup(group), - zap.Error(err)) - return api.NewConfigFileResponse(apimodel.Code_DecryptConfigFileException, configFile) - } - s.RecordHistory(ctx, configFileRecordEntry(ctx, configFile, model.OUpdate)) return api.NewConfigFileResponse(apimodel.Code_ExecuteSuccess, baseFile) @@ -988,6 +968,17 @@ func (s *Server) fillReleaseAndTags(ctx context.Context, file *apiconfig.ConfigF } file.Tags = tags + file.Encrypted = utils.NewBoolValue(false) + for i := range tags { + tag := tags[i] + if tag.GetKey().GetValue() == utils.ConfigFileTagKeyUseEncrypted && tag.GetValue().GetValue() == "true" { + file.Encrypted = utils.NewBoolValue(true) + } + if tag.GetKey().GetValue() == utils.ConfigFileTagKeyEncryptAlgo { + file.EncryptAlgo = utils.NewStringValue(tag.GetValue().GetValue()) + } + } + return file, nil } @@ -1011,6 +1002,22 @@ func configFileRecordEntry(ctx context.Context, req *apiconfig.ConfigFile, return entry } +// cleanEncryptConfigFileInfo 清理配置加密文件的内容信息 +func (s *Server) cleanEncryptConfigFileInfo(ctx context.Context, configFile *apiconfig.ConfigFile) { + + newTags := make([]*apiconfig.ConfigFileTag, 0, 4) + for i := range configFile.Tags { + tag := configFile.Tags[i] + keyName := tag.GetKey().GetValue() + if keyName == utils.ConfigFileTagKeyDataKey || keyName == utils.ConfigFileTagKeyEncryptAlgo || + keyName == utils.ConfigFileTagKeyUseEncrypted { + continue + } + newTags = append(newTags, tag) + } + configFile.Tags = newTags +} + // encryptConfigFile 加密配置文件 func (s *Server) encryptConfigFile(ctx context.Context, configFile *apiconfig.ConfigFile, algorithm string, dataKey string) error { @@ -1049,6 +1056,10 @@ func (s *Server) encryptConfigFile(ctx context.Context, Key: utils.NewStringValue(utils.ConfigFileTagKeyEncryptAlgo), Value: utils.NewStringValue(algorithm), }, + { + Key: utils.NewStringValue(utils.ConfigFileTagKeyUseEncrypted), + Value: utils.NewStringValue("true"), + }, } configFile.Tags = append(configFile.Tags, tags...) return nil From f9680d9eceb5f9bb4732cda0cb2606a2c389fb12 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 23:31:09 +0800 Subject: [PATCH 30/37] feat:support rls to push xds client --- release/conf/i18n/en.toml | 8 +++----- release/conf/i18n/zh.toml | 6 ++---- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/release/conf/i18n/en.toml b/release/conf/i18n/en.toml index 70b27311c..fc35d2197 100644 --- a/release/conf/i18n/en.toml +++ b/release/conf/i18n/en.toml @@ -156,11 +156,11 @@ 401002 = "auth token empty" #EmptyAutToken 401003 = "token already disabled" #TokenDisabled 401004 = "token not existed" #TokenNotExisted -403001 = "server limit the ip access" #IPRateLimit -403002 = "server limit the api access" #APIRateLimit +403001 = "token verify exception" #AuthTokenVerifyException +403002 = "operation role exception" #OperationRoleException 404001 = "not found the host cmdb" #CMDBNotFindHost 409000 = "data is conflict, please try again" #DataConflict -429001 = "your instance has too many requests" #InstanceTooManyRequests +429001 = "instance has too many requests" #InstanceTooManyRequests 500000 = "execute exception" #ExecuteException 500001 = "store layer exception" #StoreLayerException 500002 = "cmdb plugin exception" #CMDBPluginException @@ -169,5 +169,3 @@ 500006 = "parse circuit breaker failed" #ParseCircuitBreakerException 500007 = "heartbeat execute exception" #HeartbeatException 500008 = "instance async regist timeout" #InstanceRegisTimeout -500100 = "token verify exception" #AuthTokenVerifyException -500101 = "operation role exception" #OperationRoleException \ No newline at end of file diff --git a/release/conf/i18n/zh.toml b/release/conf/i18n/zh.toml index f5dd89593..4bce1122b 100644 --- a/release/conf/i18n/zh.toml +++ b/release/conf/i18n/zh.toml @@ -156,8 +156,8 @@ 401002 = "鉴权token为空" #EmptyAutToken 401003 = "token已被禁用" #TokenDisabled 401004 = "token不存在" #TokenNotExisted -403001 = "ip达到服务端限制" #IPRateLimit -403002 = "api达到服务端限制" #APIRateLimit +403001 = "token验证异常" #AuthTokenVerifyException +403002 = "角色操作异常" #OperationRoleException 404001 = "无法找到主机的cmdb" #CMDBNotFindHost 409000 = "数据有冲突, 请再次重试" #DataConflict 429001 = "你的实例请求过多" #InstanceTooManyRequests @@ -169,5 +169,3 @@ 500006 = "解析熔断规则失败" #ParseCircuitBreakerException 500007 = "心跳异常" #HeartbeatException 500008 = "实例异步注册超时" #InstanceRegisTimeout -500100 = "token验证异常" #AuthTokenVerifyException -500101 = "角色操作异常" #OperationRoleException From 1281efca7b8e1bf0f6a028c1cd909d3389124c98 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Wed, 31 May 2023 23:54:49 +0800 Subject: [PATCH 31/37] feat:support rls to push xds client --- release/standalone/build_standalone.sh | 4 +-- release/standalone/build_standalone_docker.sh | 2 +- release/standalone/darwin/install.sh | 19 ++++++---- release/standalone/linux/install.sh | 35 +++++++++++-------- release/standalone/prometheus-help.sh | 2 +- 5 files changed, 37 insertions(+), 25 deletions(-) diff --git a/release/standalone/build_standalone.sh b/release/standalone/build_standalone.sh index 581563fab..8cf6342b8 100644 --- a/release/standalone/build_standalone.sh +++ b/release/standalone/build_standalone.sh @@ -93,7 +93,7 @@ else if [ ${INNER_GOOS} == "windows" ]; then wget -T10 -t3 https://github.com/prometheus/prometheus/releases/download/v2.28.0/prometheus-2.28.0.${INNER_GOOS}-${INNER_GOARCH}.zip --no-check-certificate - wget -T10 -t3 https://github.com/prometheus/pushgateway/releases/download/v1.4.1/pushgateway-1.4.1.${INNER_GOOS}-${INNER_GOARCH}.zip --no-check-certificate + wget -T10 -t3 https://github.com/prometheus/pushgateway/releases/download/v1.6.0/pushgateway-1.6.0.${INNER_GOOS}-${INNER_GOARCH}.zip --no-check-certificate mv ../${INNER_GOOS}/install.bat ./install.bat mv ../${INNER_GOOS}/install-windows.ps1 ./install-windows.ps1 mv ../${INNER_GOOS}/uninstall.bat ./uninstall.bat @@ -101,7 +101,7 @@ else mv ../port.properties ./port.properties else wget -T10 -t3 https://github.com/prometheus/prometheus/releases/download/v2.28.0/prometheus-2.28.0.${INNER_GOOS}-${INNER_GOARCH}.tar.gz --no-check-certificate - wget -T10 -t3 https://github.com/prometheus/pushgateway/releases/download/v1.4.1/pushgateway-1.4.1.${INNER_GOOS}-${INNER_GOARCH}.tar.gz --no-check-certificate + wget -T10 -t3 https://github.com/prometheus/pushgateway/releases/download/v1.6.0/pushgateway-1.6.0.${INNER_GOOS}-${INNER_GOARCH}.tar.gz --no-check-certificate mv ../${INNER_GOOS}/install.sh ./install.sh mv ../${INNER_GOOS}/uninstall.sh ./uninstall.sh mv ../port.properties ./port.properties diff --git a/release/standalone/build_standalone_docker.sh b/release/standalone/build_standalone_docker.sh index c9b77f0c6..ef67e733f 100644 --- a/release/standalone/build_standalone_docker.sh +++ b/release/standalone/build_standalone_docker.sh @@ -26,7 +26,7 @@ for GOARCH in ${arch_list[@]}; do wget -T10 -t3 ${POLARIS_GIT_PATH}/polaris-limiter/releases/download/${LIMITER_VERSION}/${LIMITER_PKG_NAME} --no-check-certificate wget -T10 -t3 https://github.com/prometheus/prometheus/releases/download/v2.28.0/prometheus-2.28.0.${GOOS}-${GOARCH}.tar.gz --no-check-certificate - wget -T10 -t3 https://github.com/prometheus/pushgateway/releases/download/v1.4.1/pushgateway-1.4.1.${GOOS}-${GOARCH}.tar.gz --no-check-certificate + wget -T10 -t3 https://github.com/prometheus/pushgateway/releases/download/v1.6.0/pushgateway-1.6.0.${GOOS}-${GOARCH}.tar.gz --no-check-certificate platforms+="${GOOS}/${GOARCH}," done diff --git a/release/standalone/darwin/install.sh b/release/standalone/darwin/install.sh index ef72d8946..7ce6371a3 100644 --- a/release/standalone/darwin/install.sh +++ b/release/standalone/darwin/install.sh @@ -230,7 +230,9 @@ function installPrometheus() { echo " - targets: ['localhost:9091']" >>prometheus.yml echo " honor_labels: true" >>prometheus.yml fi - mv prometheus polaris-prometheus + if [ ! -e polaris-prometheus ]; then + mv prometheus polaris-prometheus + fi chmod +x polaris-prometheus # nohup ./polaris-prometheus --web.enable-lifecycle --web.enable-admin-api --web.listen-address=:${prometheus_port} >>prometheus.out 2>&1 & bash prometheus-help.sh start ${prometheus_port} @@ -254,14 +256,17 @@ function installPushGateway() { local target_pgw_pkg=$(find . -name "pushgateway-*.tar.gz") local pgw_dirname=$(basename ${target_pgw_pkg} .tar.gz) - if [ -e ${pgw_dirname} ]; then - echo -e "${pgw_dirname} has exists, now remove it" - rm -rf ${pgw_dirname} + if [ ! -e ${pgw_dirname} ]; then + tar -xf ${target_pgw_pkg} >/dev/null + else + echo -e "pushgateway has been decompressed, skip." fi - tar -xf ${target_pgw_pkg} >/dev/null pushd ${pgw_dirname} - mv pushgateway polaris-pushgateway + if [ ! -e polaris-pushgateway ]; then + mv pushgateway polaris-pushgateway + fi + chmod +x polaris-pushgateway nohup ./polaris-pushgateway --web.enable-lifecycle --web.enable-admin-api --web.listen-address=:${pushgateway_port} >>pgw.out 2>&1 & echo "install polaris-pushgateway success" @@ -299,7 +304,7 @@ function installPolarisLimiter() { # 备份 polaris-limiter.yaml cp polaris-limiter.yaml polaris-limiter.yaml.bak - # 修改 polaris-server grpc 端口信息 + # 修改 polaris-server grpc 端口信息 sed -i "" "s/polaris-server-address: 127.0.0.1:8091/polaris-server-address: 127.0.0.1:${service_grpc_port}/g" polaris-limiter.yaml # 修改监听的 polaris-limiter http 端口信息 sed -i "" "s/port: 8100/port: ${limiter_http_port}/g" polaris-limiter.yaml diff --git a/release/standalone/linux/install.sh b/release/standalone/linux/install.sh index 24e99ce36..781f91fcf 100644 --- a/release/standalone/linux/install.sh +++ b/release/standalone/linux/install.sh @@ -195,14 +195,19 @@ function installPrometheus() { cp prometheus-help.sh ${prometheus_dirname}/ pushd ${prometheus_dirname} - echo " http_sd_configs:" >>prometheus.yml - echo " - url: http://localhost:8090/prometheus/v1/clients" >>prometheus.yml - echo "" >>prometheus.yml - echo " - job_name: 'push-metrics'" >>prometheus.yml - echo " static_configs:" >>prometheus.yml - echo " - targets: ['localhost:9091']" >>prometheus.yml - echo " honor_labels: true" >>prometheus.yml - mv prometheus polaris-prometheus + local push_count=$(cat prometheus.yml | grep "push-metrics" | wc -l) + if [ $push_count -eq 0 ]; then + echo " http_sd_configs:" >>prometheus.yml + echo " - url: http://localhost:8090/prometheus/v1/clients" >>prometheus.yml + echo "" >>prometheus.yml + echo " - job_name: 'push-metrics'" >>prometheus.yml + echo " static_configs:" >>prometheus.yml + echo " - targets: ['localhost:9091']" >>prometheus.yml + echo " honor_labels: true" >>prometheus.yml + fi + if [ ! -e polaris-prometheus ]; then + mv prometheus polaris-prometheus + fi chmod +x polaris-prometheus # nohup ./polaris-prometheus --web.enable-lifecycle --web.enable-admin-api --web.listen-address=:${prometheus_port} >>prometheus.out 2>&1 & bash prometheus-help.sh start ${prometheus_port} @@ -226,14 +231,16 @@ function installPushGateway() { local target_pgw_pkg=$(find . -name "pushgateway-*.tar.gz") local pgw_dirname=$(basename ${target_pgw_pkg} .tar.gz) - if [ -e ${pgw_dirname} ]; then - echo -e "${pgw_dirname} has exists, now remove it" - rm -rf ${pgw_dirname} + if [ ! -e ${pgw_dirname} ]; then + tar -xf ${target_pgw_pkg} >/dev/null + else + echo -e "pushgateway has been decompressed, skip." fi - tar -xf ${target_pgw_pkg} >/dev/null pushd ${pgw_dirname} - mv pushgateway polaris-pushgateway + if [ ! -e "polaris-pushgateway" ]; then + mv pushgateway polaris-pushgateway + fi chmod +x polaris-pushgateway nohup ./polaris-pushgateway --web.enable-lifecycle --web.enable-admin-api --web.listen-address=:${pushgateway_port} >>pgw.out 2>&1 & echo "install polaris-pushgateway success" @@ -268,7 +275,7 @@ function installPolarisLimiter() { # 备份 polaris-limiter.yaml cp polaris-limiter.yaml polaris-limiter.yaml.bak - # 修改 polaris-server grpc 端口信息 + # 修改 polaris-server grpc 端口信息 sed -i "s/polaris-server-address: 127.0.0.1:8091/polaris-server-address: 127.0.0.1:${service_grpc_port}/g" polaris-limiter.yaml # 修改监听的 polaris-limiter http 端口信息 sed -i "s/port: 8100/port: ${limiter_http_port}/g" polaris-limiter.yaml diff --git a/release/standalone/prometheus-help.sh b/release/standalone/prometheus-help.sh index b20033d39..c3c0b8d51 100644 --- a/release/standalone/prometheus-help.sh +++ b/release/standalone/prometheus-help.sh @@ -20,7 +20,7 @@ if [ ${command} == "stop" ]; then pid=$(ps -ef | grep polaris-prometheus | grep -v grep | awk '{print $2}') if [ "${pid}" != "" ]; then echo -e "start to kill polaris-prometheus process ${pid}" - kill ${pid} + kill -9 ${pid} else echo "not found running polaris-prometheus" fi From 96d9fcdea189eb30ffc6b71b673b2cc842c6300a Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 1 Jun 2023 09:24:37 +0800 Subject: [PATCH 32/37] feat:support rls to push xds client --- test/data/xds/gateway.dump.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/data/xds/gateway.dump.yaml b/test/data/xds/gateway.dump.yaml index e67dcd6e8..d16d2a06f 100644 --- a/test/data/xds/gateway.dump.yaml +++ b/test/data/xds/gateway.dump.yaml @@ -73,6 +73,10 @@ listeners: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: + - name: envoy.filters.http.local_ratelimit + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + statPrefix: http_local_rate_limiter - name: envoy.filters.http.router rds: configSource: From c5f3857e7fa23fa29be1c62d31cbac4d587b136e Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 1 Jun 2023 10:55:10 +0800 Subject: [PATCH 33/37] feat:support rls to push xds client --- apiserver/xdsserverv3/mtls.go | 26 ++++++++++++++++++++------ apiserver/xdsserverv3/server_test.go | 6 +++--- test/data/xds/dump.yaml | 4 ++++ test/data/xds/permissive.dump.yaml | 12 ++++++++++++ test/data/xds/strict.dump.yaml | 8 ++++++++ 5 files changed, 47 insertions(+), 9 deletions(-) diff --git a/apiserver/xdsserverv3/mtls.go b/apiserver/xdsserverv3/mtls.go index 5e037ea2b..c7ef69750 100644 --- a/apiserver/xdsserverv3/mtls.go +++ b/apiserver/xdsserverv3/mtls.go @@ -26,6 +26,7 @@ import ( listener "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" route "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" filev3 "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/file/v3" + lrl "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/local_ratelimit/v3" httpinspector "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/http_inspector/v3" tlsinspector "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/tls_inspector/v3" hcm "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" @@ -34,6 +35,7 @@ import ( upstreams_http "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/v3" matcherv3 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" "github.com/envoyproxy/go-control-plane/pkg/wellknown" + "github.com/golang/protobuf/ptypes" "github.com/golang/protobuf/ptypes/duration" "github.com/golang/protobuf/ptypes/wrappers" "google.golang.org/protobuf/proto" @@ -207,13 +209,25 @@ func makeTLSTransportSocket(ctx proto.Message) *core.TransportSocket { } func inboundHCM() *hcm.HttpConnectionManager { + filters := []*hcm.HttpFilter{} + ratelimit := lrl.LocalRateLimit{ + StatPrefix: "http_local_rate_limiter", + } + limitPb, err := ptypes.MarshalAny(&ratelimit) + if err == nil { + filters = append(filters, &hcm.HttpFilter{ + Name: "envoy.filters.http.local_ratelimit", + ConfigType: &hcm.HttpFilter_TypedConfig{ + TypedConfig: limitPb, + }, + }) + } + filters = append(filters, &hcm.HttpFilter{ + Name: wellknown.Router, + }) return &hcm.HttpConnectionManager{ - StatPrefix: "Inbound", - HttpFilters: []*hcm.HttpFilter{ - { - Name: wellknown.Router, - }, - }, + StatPrefix: "Inbound", + HttpFilters: filters, AccessLog: []*accesslog.AccessLog{ { Name: wellknown.FileAccessLog, diff --git a/apiserver/xdsserverv3/server_test.go b/apiserver/xdsserverv3/server_test.go index 2091912ce..f3289e657 100644 --- a/apiserver/xdsserverv3/server_test.go +++ b/apiserver/xdsserverv3/server_test.go @@ -403,15 +403,15 @@ func TestSnapshot(t *testing.T) { snapshot, _ := x.cache.GetSnapshot("default") dumpYaml := dumpSnapShot(snapshot) - assert.Equal(t, noInboundDump, dumpYaml) + assert.Equal(t, string(noInboundDump), string(dumpYaml)) snapshot, _ = x.cache.GetSnapshot("default/permissive") dumpYaml = dumpSnapShot(snapshot) - assert.Equal(t, permissiveDump, dumpYaml) + assert.Equal(t, string(permissiveDump), string(dumpYaml)) snapshot, _ = x.cache.GetSnapshot("default/strict") dumpYaml = dumpSnapShot(snapshot) - assert.Equal(t, strictDump, dumpYaml) + assert.Equal(t, string(strictDump), string(dumpYaml)) snapshot, _ = x.cache.GetSnapshot("gateway~default/9b9f5630-81a1-47cd-a558-036eb616dc71~172.17.1.1") dumpYaml = dumpSnapShot(snapshot) diff --git a/test/data/xds/dump.yaml b/test/data/xds/dump.yaml index 299432c80..5c06097b3 100644 --- a/test/data/xds/dump.yaml +++ b/test/data/xds/dump.yaml @@ -73,6 +73,10 @@ listeners: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: + - name: envoy.filters.http.local_ratelimit + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + statPrefix: http_local_rate_limiter - name: envoy.filters.http.router rds: configSource: diff --git a/test/data/xds/permissive.dump.yaml b/test/data/xds/permissive.dump.yaml index f472b79d9..7011f4fc5 100644 --- a/test/data/xds/permissive.dump.yaml +++ b/test/data/xds/permissive.dump.yaml @@ -136,6 +136,10 @@ listeners: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: + - name: envoy.filters.http.local_ratelimit + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + statPrefix: http_local_rate_limiter - name: envoy.filters.http.router rds: configSource: @@ -161,6 +165,10 @@ listeners: '@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog path: /dev/stdout httpFilters: + - name: envoy.filters.http.local_ratelimit + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + statPrefix: http_local_rate_limiter - name: envoy.filters.http.router httpProtocolOptions: acceptHttp10: true @@ -192,6 +200,10 @@ listeners: '@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog path: /dev/stdout httpFilters: + - name: envoy.filters.http.local_ratelimit + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + statPrefix: http_local_rate_limiter - name: envoy.filters.http.router httpProtocolOptions: acceptHttp10: true diff --git a/test/data/xds/strict.dump.yaml b/test/data/xds/strict.dump.yaml index 363532a87..d0a40d64f 100644 --- a/test/data/xds/strict.dump.yaml +++ b/test/data/xds/strict.dump.yaml @@ -128,6 +128,10 @@ listeners: typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager httpFilters: + - name: envoy.filters.http.local_ratelimit + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + statPrefix: http_local_rate_limiter - name: envoy.filters.http.router rds: configSource: @@ -155,6 +159,10 @@ listeners: '@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog path: /dev/stdout httpFilters: + - name: envoy.filters.http.local_ratelimit + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + statPrefix: http_local_rate_limiter - name: envoy.filters.http.router httpProtocolOptions: acceptHttp10: true From 49b91b10fa2c08308268abd3debf87351564f929 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 1 Jun 2023 11:07:48 +0800 Subject: [PATCH 34/37] feat:support rls to push xds client --- apiserver/xdsserverv3/mtls.go | 8 ++++---- go.sum | 2 -- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/apiserver/xdsserverv3/mtls.go b/apiserver/xdsserverv3/mtls.go index c7ef69750..101012687 100644 --- a/apiserver/xdsserverv3/mtls.go +++ b/apiserver/xdsserverv3/mtls.go @@ -216,10 +216,10 @@ func inboundHCM() *hcm.HttpConnectionManager { limitPb, err := ptypes.MarshalAny(&ratelimit) if err == nil { filters = append(filters, &hcm.HttpFilter{ - Name: "envoy.filters.http.local_ratelimit", - ConfigType: &hcm.HttpFilter_TypedConfig{ - TypedConfig: limitPb, - }, + Name: "envoy.filters.http.local_ratelimit", + ConfigType: &hcm.HttpFilter_TypedConfig{ + TypedConfig: limitPb, + }, }) } filters = append(filters, &hcm.HttpFilter{ diff --git a/go.sum b/go.sum index 2d7da0375..d685a7dc9 100644 --- a/go.sum +++ b/go.sum @@ -318,8 +318,6 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/polarismesh/go-restful-openapi/v2 v2.0.0-20220928152401-083908d10219 h1:XnFyNUWnciM6zgXaz6tm+Egs35rhoD0KGMmKh4gCdi0= github.com/polarismesh/go-restful-openapi/v2 v2.0.0-20220928152401-083908d10219/go.mod h1:4WhwBysTom9Eoy0hQ4W69I0FmO+T0EpjEW9/5sgHoUk= -github.com/polarismesh/specification v1.3.2-alpha.2 h1:cMghyvCnRVM5ca2kYCGHOgIIxVnokiMvw0720q8a8RA= -github.com/polarismesh/specification v1.3.2-alpha.2/go.mod h1:rDvMMtl5qebPmqiBLNa5Ps0XtwkP31ZLirbH4kXA0YU= github.com/polarismesh/specification v1.3.2-alpha.4 h1:J5Qh1Ef1RKbuuD1UqKr6mfG1gXY4rSLL0DQQph2CJP8= github.com/polarismesh/specification v1.3.2-alpha.4/go.mod h1:rDvMMtl5qebPmqiBLNa5Ps0XtwkP31ZLirbH4kXA0YU= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= From 77440d5b619321e5e513f9a143b7e9fdc4a5cecc Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 1 Jun 2023 14:58:04 +0800 Subject: [PATCH 35/37] feat:support rls to push xds client --- config/config_file_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/config_file_test.go b/config/config_file_test.go index 3479f9fd7..7e14187ea 100644 --- a/config/config_file_test.go +++ b/config/config_file_test.go @@ -394,7 +394,7 @@ func TestConfigFileCRUD(t *testing.T) { assert.Equal(t, testNamespace, rsp.ConfigFile.Namespace.GetValue()) assert.Equal(t, testGroup, rsp.ConfigFile.Group.GetValue()) assert.Equal(t, testFile, rsp.ConfigFile.Name.GetValue()) - assert.NotEqual(t, configFile.Content.GetValue(), rsp.ConfigFile.Content.GetValue()) + assert.Equal(t, configFile.Content.GetValue(), rsp.ConfigFile.Content.GetValue()) assert.Equal(t, configFile.Format.GetValue(), rsp.ConfigFile.Format.GetValue()) assert.Equal(t, operator, rsp.ConfigFile.CreateBy.GetValue()) assert.Equal(t, operator, rsp.ConfigFile.ModifyBy.GetValue()) @@ -410,7 +410,7 @@ func TestConfigFileCRUD(t *testing.T) { assert.Equal(t, testNamespace, rsp.ConfigFile.Namespace.GetValue()) assert.Equal(t, testGroup, rsp.ConfigFile.Group.GetValue()) assert.Equal(t, testFile, rsp.ConfigFile.Name.GetValue()) - assert.NotEqual(t, configFile.Content.GetValue(), rsp.ConfigFile.Content.GetValue()) + assert.Equal(t, configFile.Content.GetValue(), rsp.ConfigFile.Content.GetValue()) assert.Equal(t, configFile.Format.GetValue(), rsp.ConfigFile.Format.GetValue()) assert.Equal(t, operator, rsp.ConfigFile.CreateBy.GetValue()) assert.Equal(t, operator, rsp.ConfigFile.ModifyBy.GetValue()) From d78399bf38cb79a7d1e2b3cded16f87cec664521 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 1 Jun 2023 17:06:29 +0800 Subject: [PATCH 36/37] feat:support rls to push xds client --- config/config_file_test.go | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/config/config_file_test.go b/config/config_file_test.go index 7e14187ea..f5ab1cc13 100644 --- a/config/config_file_test.go +++ b/config/config_file_test.go @@ -716,18 +716,6 @@ func TestServer_CreateConfigFile(t *testing.T) { got := testSuit.testService.CreateConfigFile(testSuit.defaultCtx, configFile) So(apimodel.Code_EncryptConfigFileException, ShouldEqual, apimodel.Code(got.GetCode().GetValue())) }) - Convey("解密配置文件-返回error", func() { - crypto := &aes.AESCrypto{} - encryptFunc := ApplyMethod(reflect.TypeOf(crypto), "Decrypt", func(_ *aes.AESCrypto, plaintext string, key []byte) (string, error) { - return "", errors.New("mock encrypt error") - }) - defer encryptFunc.Reset() - - configFile := assembleEncryptConfigFile() - testSuit.defaultCtx = context.WithValue(testSuit.defaultCtx, utils.ContextUserNameKey, configFile.CreateBy.GetValue()) - got := testSuit.testService.CreateConfigFile(testSuit.defaultCtx, configFile) - So(apimodel.Code_DecryptConfigFileException, ShouldEqual, apimodel.Code(got.GetCode().GetValue())) - }) Convey("存储层-查询配置文件-返回error", func() { storage := storemock.NewMockStore(ctrl) From b8699fd5f2c21577092e5e17a4191bd20377aa12 Mon Sep 17 00:00:00 2001 From: chuntaojun Date: Thu, 1 Jun 2023 18:13:06 +0800 Subject: [PATCH 37/37] feat:support rls to push xds client --- plugin/healthchecker/leader/peer_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/plugin/healthchecker/leader/peer_test.go b/plugin/healthchecker/leader/peer_test.go index bd2d9441b..ecbeb2da7 100644 --- a/plugin/healthchecker/leader/peer_test.go +++ b/plugin/healthchecker/leader/peer_test.go @@ -312,6 +312,7 @@ func newMockPolarisGRPCSever(t *testing.T, port uint32) (*MockPolarisGRPCServer, server := grpc.NewServer() service_manage.RegisterPolarisGRPCServer(server, svr) + service_manage.RegisterPolarisHeartbeatGRPCServer(server, svr) t.Cleanup(func() { server.Stop()