212 lines
7.1 KiB
Go
212 lines
7.1 KiB
Go
// Copyright (C) 2019 Storj Labs, Inc.
|
|
// See LICENSE for copying information.
|
|
|
|
package contact
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/zeebo/errs"
|
|
"go.uber.org/zap"
|
|
|
|
"storj.io/common/nodetag"
|
|
"storj.io/common/pb"
|
|
"storj.io/common/rpc"
|
|
"storj.io/common/rpc/quic"
|
|
"storj.io/common/rpc/rpcstatus"
|
|
"storj.io/common/storj"
|
|
"storj.io/storj/satellite/nodeselection"
|
|
"storj.io/storj/satellite/overlay"
|
|
)
|
|
|
|
// Config contains configurable values for contact service.
|
|
type Config struct {
|
|
ExternalAddress string `user:"true" help:"the public address of the node, useful for nodes behind NAT" default:""`
|
|
Timeout time.Duration `help:"timeout for pinging storage nodes" default:"10m0s" testDefault:"1m"`
|
|
AllowPrivateIP bool `help:"allow private IPs in CheckIn and PingMe" testDefault:"true" devDefault:"true" default:"false"`
|
|
|
|
RateLimitInterval time.Duration `help:"the amount of time that should happen between contact attempts usually" releaseDefault:"10m0s" devDefault:"1ns"`
|
|
RateLimitBurst int `help:"the maximum burst size for the contact rate limit token bucket" releaseDefault:"2" devDefault:"1000"`
|
|
RateLimitCacheSize int `help:"the number of nodes or addresses to keep token buckets for" default:"1000"`
|
|
}
|
|
|
|
// Service is the contact service between storage nodes and satellites.
|
|
// It is responsible for updating general node information like address and capacity.
|
|
// It is also responsible for updating peer identity information for verifying signatures from that node.
|
|
//
|
|
// architecture: Service
|
|
type Service struct {
|
|
log *zap.Logger
|
|
|
|
mutex sync.Mutex
|
|
self *overlay.NodeDossier
|
|
|
|
overlay *overlay.Service
|
|
peerIDs overlay.PeerIdentities
|
|
dialer rpc.Dialer
|
|
|
|
timeout time.Duration
|
|
idLimiter *RateLimiter
|
|
allowPrivateIP bool
|
|
|
|
nodeTagAuthority nodetag.Authority
|
|
}
|
|
|
|
// NewService creates a new contact service.
|
|
func NewService(log *zap.Logger, self *overlay.NodeDossier, overlay *overlay.Service, peerIDs overlay.PeerIdentities, dialer rpc.Dialer, authority nodetag.Authority, config Config) *Service {
|
|
return &Service{
|
|
log: log,
|
|
self: self,
|
|
overlay: overlay,
|
|
peerIDs: peerIDs,
|
|
dialer: dialer,
|
|
timeout: config.Timeout,
|
|
idLimiter: NewRateLimiter(config.RateLimitInterval, config.RateLimitBurst, config.RateLimitCacheSize),
|
|
allowPrivateIP: config.AllowPrivateIP,
|
|
nodeTagAuthority: authority,
|
|
}
|
|
}
|
|
|
|
// Local returns the satellite node dossier.
|
|
func (service *Service) Local() overlay.NodeDossier {
|
|
service.mutex.Lock()
|
|
defer service.mutex.Unlock()
|
|
return *service.self
|
|
}
|
|
|
|
// Close closes resources.
|
|
func (service *Service) Close() error { return nil }
|
|
|
|
// PingBack pings the node to test connectivity.
|
|
func (service *Service) PingBack(ctx context.Context, nodeurl storj.NodeURL) (_ bool, _ bool, _ string, err error) {
|
|
defer mon.Task()(&ctx)(&err)
|
|
|
|
if service.timeout > 0 {
|
|
var cancel func()
|
|
ctx, cancel = context.WithTimeout(ctx, service.timeout)
|
|
defer cancel()
|
|
}
|
|
|
|
pingNodeSuccess := true
|
|
var pingErrorMessage string
|
|
var pingNodeSuccessQUIC bool
|
|
|
|
client, err := dialNodeURL(ctx, service.dialer, nodeurl)
|
|
if err != nil {
|
|
// If there is an error from trying to dial and ping the node, return that error as
|
|
// pingErrorMessage and not as the err. We want to use this info to update
|
|
// node contact info and do not want to terminate execution by returning an err
|
|
mon.Event("failed_dial") //mon:locked
|
|
pingNodeSuccess = false
|
|
pingErrorMessage = fmt.Sprintf("failed to dial storage node (ID: %s) at address %s: %q",
|
|
nodeurl.ID, nodeurl.Address, err,
|
|
)
|
|
service.log.Debug("pingBack failed to dial storage node",
|
|
zap.String("pingErrorMessage", pingErrorMessage),
|
|
)
|
|
return pingNodeSuccess, pingNodeSuccessQUIC, pingErrorMessage, nil
|
|
}
|
|
defer func() { err = errs.Combine(err, client.Close()) }()
|
|
|
|
_, err = client.pingNode(ctx, &pb.ContactPingRequest{})
|
|
if err != nil {
|
|
mon.Event("failed_ping_node") //mon:locked
|
|
pingNodeSuccess = false
|
|
pingErrorMessage = fmt.Sprintf("failed to ping storage node, your node indicated error code: %d, %q", rpcstatus.Code(err), err)
|
|
service.log.Debug("pingBack pingNode error",
|
|
zap.Stringer("Node ID", nodeurl.ID),
|
|
zap.String("pingErrorMessage", pingErrorMessage),
|
|
)
|
|
|
|
return pingNodeSuccess, pingNodeSuccessQUIC, pingErrorMessage, nil
|
|
}
|
|
|
|
pingNodeSuccessQUIC = true
|
|
err = service.pingNodeQUIC(ctx, nodeurl)
|
|
if err != nil {
|
|
// udp ping back is optional right now, it shouldn't affect contact service's
|
|
// control flow
|
|
pingNodeSuccessQUIC = false
|
|
pingErrorMessage = err.Error()
|
|
}
|
|
|
|
return pingNodeSuccess, pingNodeSuccessQUIC, pingErrorMessage, nil
|
|
}
|
|
|
|
func (service *Service) pingNodeQUIC(ctx context.Context, nodeurl storj.NodeURL) error {
|
|
udpDialer := service.dialer
|
|
udpDialer.Connector = quic.NewDefaultConnector(nil)
|
|
udpClient, err := dialNodeURL(ctx, udpDialer, nodeurl)
|
|
if err != nil {
|
|
mon.Event("failed_dial_quic")
|
|
return Error.New("failed to dial storage node (ID: %s) at address %s using QUIC: %q", nodeurl.ID.String(), nodeurl.Address, err)
|
|
}
|
|
defer func() {
|
|
_ = udpClient.Close()
|
|
}()
|
|
|
|
_, err = udpClient.pingNode(ctx, &pb.ContactPingRequest{})
|
|
if err != nil {
|
|
mon.Event("failed_ping_node_quic")
|
|
return Error.New("failed to ping storage node using QUIC, your node indicated error code: %d, %q", rpcstatus.Code(err), err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (service *Service) processNodeTags(ctx context.Context, nodeID storj.NodeID, req *pb.SignedNodeTagSets) error {
|
|
if req != nil {
|
|
tags := nodeselection.NodeTags{}
|
|
for _, t := range req.Tags {
|
|
verifiedTags, signerID, err := verifyTags(ctx, service.nodeTagAuthority, nodeID, t)
|
|
if err != nil {
|
|
service.log.Info("Failed to verify tags.", zap.Error(err), zap.Stringer("NodeID", nodeID))
|
|
continue
|
|
}
|
|
|
|
ts := time.Unix(verifiedTags.SignedAt, 0)
|
|
for _, vt := range verifiedTags.Tags {
|
|
tags = append(tags, nodeselection.NodeTag{
|
|
NodeID: nodeID,
|
|
Name: vt.Name,
|
|
Value: vt.Value,
|
|
SignedAt: ts,
|
|
Signer: signerID,
|
|
})
|
|
}
|
|
}
|
|
if len(tags) > 0 {
|
|
err := service.overlay.UpdateNodeTags(ctx, tags)
|
|
if err != nil {
|
|
return Error.Wrap(err)
|
|
}
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func verifyTags(ctx context.Context, authority nodetag.Authority, nodeID storj.NodeID, t *pb.SignedNodeTagSet) (*pb.NodeTagSet, storj.NodeID, error) {
|
|
signerID, err := storj.NodeIDFromBytes(t.SignerNodeId)
|
|
if err != nil {
|
|
return nil, signerID, errs.New("failed to parse signerNodeID from verifiedTags: '%x', %s", t.SignerNodeId, err.Error())
|
|
}
|
|
|
|
verifiedTags, err := authority.Verify(ctx, t)
|
|
if err != nil {
|
|
return nil, signerID, errs.New("received node tags with wrong/unknown signature: '%x', %s", t.Signature, err.Error())
|
|
}
|
|
|
|
signedNodeID, err := storj.NodeIDFromBytes(verifiedTags.NodeId)
|
|
if err != nil {
|
|
return nil, signerID, errs.New("failed to parse nodeID from verifiedTags: '%x', %s", verifiedTags.NodeId, err.Error())
|
|
}
|
|
|
|
if signedNodeID != nodeID {
|
|
return nil, signerID, errs.New("the tag is signed for a different node. Expected NodeID: '%s', Received NodeID: '%s'", nodeID, signedNodeID)
|
|
}
|
|
return verifiedTags, signerID, nil
|
|
}
|