LCOV - code coverage report
Current view: top level - proxy/src/bin - proxy.rs (source / functions) Coverage Total Hit
Test: 20b6afc7b7f34578dcaab2b3acdaecfe91cd8bf1.info Lines: 8.3 % 553 46
Test Date: 2024-11-25 17:48:16 Functions: 13.6 % 132 18

            Line data    Source code
       1              : use std::net::SocketAddr;
       2              : use std::pin::pin;
       3              : use std::sync::Arc;
       4              : 
       5              : use anyhow::bail;
       6              : use aws_config::environment::EnvironmentVariableCredentialsProvider;
       7              : use aws_config::imds::credentials::ImdsCredentialsProvider;
       8              : use aws_config::meta::credentials::CredentialsProviderChain;
       9              : use aws_config::meta::region::RegionProviderChain;
      10              : use aws_config::profile::ProfileFileCredentialsProvider;
      11              : use aws_config::provider_config::ProviderConfig;
      12              : use aws_config::web_identity_token::WebIdentityTokenCredentialsProvider;
      13              : use aws_config::Region;
      14              : use futures::future::Either;
      15              : use proxy::auth::backend::jwt::JwkCache;
      16              : use proxy::auth::backend::{AuthRateLimiter, ConsoleRedirectBackend, MaybeOwned};
      17              : use proxy::cancellation::{CancelMap, CancellationHandler};
      18              : use proxy::config::{
      19              :     self, remote_storage_from_toml, AuthenticationConfig, CacheOptions, HttpConfig,
      20              :     ProjectInfoCacheOptions, ProxyConfig, ProxyProtocolV2,
      21              : };
      22              : use proxy::context::parquet::ParquetUploadArgs;
      23              : use proxy::http::health_server::AppMetrics;
      24              : use proxy::metrics::Metrics;
      25              : use proxy::rate_limiter::{
      26              :     EndpointRateLimiter, LeakyBucketConfig, RateBucketInfo, WakeComputeRateLimiter,
      27              : };
      28              : use proxy::redis::cancellation_publisher::RedisPublisherClient;
      29              : use proxy::redis::connection_with_credentials_provider::ConnectionWithCredentialsProvider;
      30              : use proxy::redis::{elasticache, notifications};
      31              : use proxy::scram::threadpool::ThreadPool;
      32              : use proxy::serverless::cancel_set::CancelSet;
      33              : use proxy::serverless::GlobalConnPoolOptions;
      34              : use proxy::{auth, control_plane, http, serverless, usage_metrics};
      35              : use remote_storage::RemoteStorageConfig;
      36              : use tokio::net::TcpListener;
      37              : use tokio::sync::Mutex;
      38              : use tokio::task::JoinSet;
      39              : use tokio_util::sync::CancellationToken;
      40              : use tracing::{info, warn, Instrument};
      41              : use utils::sentry_init::init_sentry;
      42              : use utils::{project_build_tag, project_git_version};
      43              : 
      44              : project_git_version!(GIT_VERSION);
      45              : project_build_tag!(BUILD_TAG);
      46              : 
      47              : use clap::{Parser, ValueEnum};
      48              : 
      49              : #[global_allocator]
      50              : static GLOBAL: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc;
      51              : 
      52            8 : #[derive(Clone, Debug, ValueEnum)]
      53              : enum AuthBackendType {
      54              :     #[value(name("console"), alias("cplane"))]
      55              :     ControlPlane,
      56              : 
      57              :     #[value(name("link"), alias("control-redirect"))]
      58              :     ConsoleRedirect,
      59              : 
      60              :     #[cfg(feature = "testing")]
      61              :     Postgres,
      62              : }
      63              : 
      64              : /// Neon proxy/router
      65            2 : #[derive(Parser)]
      66              : #[command(version = GIT_VERSION, about)]
      67              : struct ProxyCliArgs {
      68              :     /// Name of the region this proxy is deployed in
      69            1 :     #[clap(long, default_value_t = String::new())]
      70            0 :     region: String,
      71              :     /// listen for incoming client connections on ip:port
      72              :     #[clap(short, long, default_value = "127.0.0.1:4432")]
      73            0 :     proxy: String,
      74            1 :     #[clap(value_enum, long, default_value_t = AuthBackendType::ConsoleRedirect)]
      75            0 :     auth_backend: AuthBackendType,
      76              :     /// listen for management callback connection on ip:port
      77              :     #[clap(short, long, default_value = "127.0.0.1:7000")]
      78            0 :     mgmt: String,
      79              :     /// listen for incoming http connections (metrics, etc) on ip:port
      80              :     #[clap(long, default_value = "127.0.0.1:7001")]
      81            0 :     http: String,
      82              :     /// listen for incoming wss connections on ip:port
      83              :     #[clap(long)]
      84              :     wss: Option<String>,
      85              :     /// redirect unauthenticated users to the given uri in case of console redirect auth
      86              :     #[clap(short, long, default_value = "http://localhost:3000/psql_session/")]
      87            0 :     uri: String,
      88              :     /// cloud API endpoint for authenticating users
      89              :     #[clap(
      90              :         short,
      91              :         long,
      92              :         default_value = "http://localhost:3000/authenticate_proxy_request/"
      93              :     )]
      94            0 :     auth_endpoint: String,
      95              :     /// JWT used to connect to control plane.
      96              :     #[clap(
      97              :         long,
      98              :         value_name = "JWT",
      99              :         default_value = "",
     100              :         env = "NEON_PROXY_TO_CONTROLPLANE_TOKEN"
     101              :     )]
     102            0 :     control_plane_token: Arc<str>,
     103              :     /// if this is not local proxy, this toggles whether we accept jwt or passwords for http
     104            1 :     #[clap(long, default_value_t = false, value_parser = clap::builder::BoolishValueParser::new(), action = clap::ArgAction::Set)]
     105            0 :     is_auth_broker: bool,
     106              :     /// path to TLS key for client postgres connections
     107              :     ///
     108              :     /// tls-key and tls-cert are for backwards compatibility, we can put all certs in one dir
     109              :     #[clap(short = 'k', long, alias = "ssl-key")]
     110              :     tls_key: Option<String>,
     111              :     /// path to TLS cert for client postgres connections
     112              :     ///
     113              :     /// tls-key and tls-cert are for backwards compatibility, we can put all certs in one dir
     114              :     #[clap(short = 'c', long, alias = "ssl-cert")]
     115              :     tls_cert: Option<String>,
     116              :     /// path to directory with TLS certificates for client postgres connections
     117              :     #[clap(long)]
     118              :     certs_dir: Option<String>,
     119              :     /// timeout for the TLS handshake
     120              :     #[clap(long, default_value = "15s", value_parser = humantime::parse_duration)]
     121            0 :     handshake_timeout: tokio::time::Duration,
     122              :     /// http endpoint to receive periodic metric updates
     123              :     #[clap(long)]
     124              :     metric_collection_endpoint: Option<String>,
     125              :     /// how often metrics should be sent to a collection endpoint
     126              :     #[clap(long)]
     127              :     metric_collection_interval: Option<String>,
     128              :     /// cache for `wake_compute` api method (use `size=0` to disable)
     129              :     #[clap(long, default_value = config::CacheOptions::CACHE_DEFAULT_OPTIONS)]
     130            0 :     wake_compute_cache: String,
     131              :     /// lock for `wake_compute` api method. example: "shards=32,permits=4,epoch=10m,timeout=1s". (use `permits=0` to disable).
     132              :     #[clap(long, default_value = config::ConcurrencyLockOptions::DEFAULT_OPTIONS_WAKE_COMPUTE_LOCK)]
     133            0 :     wake_compute_lock: String,
     134              :     /// lock for `connect_compute` api method. example: "shards=32,permits=4,epoch=10m,timeout=1s". (use `permits=0` to disable).
     135              :     #[clap(long, default_value = config::ConcurrencyLockOptions::DEFAULT_OPTIONS_CONNECT_COMPUTE_LOCK)]
     136            0 :     connect_compute_lock: String,
     137              :     /// Allow self-signed certificates for compute nodes (for testing)
     138            1 :     #[clap(long, default_value_t = false, value_parser = clap::builder::BoolishValueParser::new(), action = clap::ArgAction::Set)]
     139            0 :     allow_self_signed_compute: bool,
     140              :     #[clap(flatten)]
     141              :     sql_over_http: SqlOverHttpArgs,
     142              :     /// timeout for scram authentication protocol
     143              :     #[clap(long, default_value = "15s", value_parser = humantime::parse_duration)]
     144            0 :     scram_protocol_timeout: tokio::time::Duration,
     145              :     /// size of the threadpool for password hashing
     146            1 :     #[clap(long, default_value_t = 4)]
     147            0 :     scram_thread_pool_size: u8,
     148              :     /// Endpoint rate limiter max number of requests per second.
     149              :     ///
     150              :     /// Provided in the form `<Requests Per Second>@<Bucket Duration Size>`.
     151              :     /// Can be given multiple times for different bucket sizes.
     152            5 :     #[clap(long, default_values_t = RateBucketInfo::DEFAULT_ENDPOINT_SET)]
     153            1 :     endpoint_rps_limit: Vec<RateBucketInfo>,
     154              :     /// Wake compute rate limiter max number of requests per second.
     155            5 :     #[clap(long, default_values_t = RateBucketInfo::DEFAULT_SET)]
     156            1 :     wake_compute_limit: Vec<RateBucketInfo>,
     157              :     /// Whether the auth rate limiter actually takes effect (for testing)
     158            1 :     #[clap(long, default_value_t = false, value_parser = clap::builder::BoolishValueParser::new(), action = clap::ArgAction::Set)]
     159            0 :     auth_rate_limit_enabled: bool,
     160              :     /// Authentication rate limiter max number of hashes per second.
     161            5 :     #[clap(long, default_values_t = RateBucketInfo::DEFAULT_AUTH_SET)]
     162            1 :     auth_rate_limit: Vec<RateBucketInfo>,
     163              :     /// The IP subnet to use when considering whether two IP addresses are considered the same.
     164            1 :     #[clap(long, default_value_t = 64)]
     165            0 :     auth_rate_limit_ip_subnet: u8,
     166              :     /// Redis rate limiter max number of requests per second.
     167            5 :     #[clap(long, default_values_t = RateBucketInfo::DEFAULT_SET)]
     168            1 :     redis_rps_limit: Vec<RateBucketInfo>,
     169              :     /// cache for `allowed_ips` (use `size=0` to disable)
     170              :     #[clap(long, default_value = config::CacheOptions::CACHE_DEFAULT_OPTIONS)]
     171            0 :     allowed_ips_cache: String,
     172              :     /// cache for `role_secret` (use `size=0` to disable)
     173              :     #[clap(long, default_value = config::CacheOptions::CACHE_DEFAULT_OPTIONS)]
     174            0 :     role_secret_cache: String,
     175              :     /// redis url for notifications (if empty, redis_host:port will be used for both notifications and streaming connections)
     176              :     #[clap(long)]
     177              :     redis_notifications: Option<String>,
     178              :     /// what from the available authentications type to use for the regional redis we have. Supported are "irsa" and "plain".
     179              :     #[clap(long, default_value = "irsa")]
     180            0 :     redis_auth_type: String,
     181              :     /// redis host for streaming connections (might be different from the notifications host)
     182              :     #[clap(long)]
     183              :     redis_host: Option<String>,
     184              :     /// redis port for streaming connections (might be different from the notifications host)
     185              :     #[clap(long)]
     186              :     redis_port: Option<u16>,
     187              :     /// redis cluster name, used in aws elasticache
     188              :     #[clap(long)]
     189              :     redis_cluster_name: Option<String>,
     190              :     /// redis user_id, used in aws elasticache
     191              :     #[clap(long)]
     192              :     redis_user_id: Option<String>,
     193              :     /// aws region to retrieve credentials
     194            1 :     #[clap(long, default_value_t = String::new())]
     195            0 :     aws_region: String,
     196              :     /// cache for `project_info` (use `size=0` to disable)
     197              :     #[clap(long, default_value = config::ProjectInfoCacheOptions::CACHE_DEFAULT_OPTIONS)]
     198            0 :     project_info_cache: String,
     199              :     /// cache for all valid endpoints
     200              :     #[clap(long, default_value = config::EndpointCacheConfig::CACHE_DEFAULT_OPTIONS)]
     201            0 :     endpoint_cache_config: String,
     202              :     #[clap(flatten)]
     203              :     parquet_upload: ParquetUploadArgs,
     204              : 
     205              :     /// interval for backup metric collection
     206              :     #[clap(long, default_value = "10m", value_parser = humantime::parse_duration)]
     207            0 :     metric_backup_collection_interval: std::time::Duration,
     208              :     /// remote storage configuration for backup metric collection
     209              :     /// Encoded as toml (same format as pageservers), eg
     210              :     /// `{bucket_name='the-bucket',bucket_region='us-east-1',prefix_in_bucket='proxy',endpoint='http://minio:9000'}`
     211              :     #[clap(long, value_parser = remote_storage_from_toml)]
     212              :     metric_backup_collection_remote_storage: Option<RemoteStorageConfig>,
     213              :     /// chunk size for backup metric collection
     214              :     /// Size of each event is no more than 400 bytes, so 2**22 is about 200MB before the compression.
     215              :     #[clap(long, default_value = "4194304")]
     216            0 :     metric_backup_collection_chunk_size: usize,
     217              :     /// Whether to retry the connection to the compute node
     218              :     #[clap(long, default_value = config::RetryConfig::CONNECT_TO_COMPUTE_DEFAULT_VALUES)]
     219            0 :     connect_to_compute_retry: String,
     220              :     /// Whether to retry the wake_compute request
     221              :     #[clap(long, default_value = config::RetryConfig::WAKE_COMPUTE_DEFAULT_VALUES)]
     222            0 :     wake_compute_retry: String,
     223              : 
     224              :     /// Configure if this is a private access proxy for the POC: In that case the proxy will ignore the IP allowlist
     225            1 :     #[clap(long, default_value_t = false, value_parser = clap::builder::BoolishValueParser::new(), action = clap::ArgAction::Set)]
     226            0 :     is_private_access_proxy: bool,
     227              : 
     228              :     /// Configure whether all incoming requests have a Proxy Protocol V2 packet.
     229              :     // TODO(conradludgate): switch default to rejected or required once we've updated all deployments
     230            1 :     #[clap(value_enum, long, default_value_t = ProxyProtocolV2::Supported)]
     231            0 :     proxy_protocol_v2: ProxyProtocolV2,
     232              : 
     233              :     /// Time the proxy waits for the webauth session to be confirmed by the control plane.
     234              :     // TODO: rename to `console_redirect_confirmation_timeout`.
     235              :     #[clap(long, default_value = "2m", value_parser = humantime::parse_duration)]
     236            0 :     webauth_confirmation_timeout: std::time::Duration,
     237              : }
     238              : 
     239            2 : #[derive(clap::Args, Clone, Copy, Debug)]
     240              : struct SqlOverHttpArgs {
     241              :     /// timeout for http connection requests
     242              :     #[clap(long, default_value = "15s", value_parser = humantime::parse_duration)]
     243            0 :     sql_over_http_timeout: tokio::time::Duration,
     244              : 
     245              :     /// Whether the SQL over http pool is opt-in
     246            1 :     #[clap(long, default_value_t = true, value_parser = clap::builder::BoolishValueParser::new(), action = clap::ArgAction::Set)]
     247            0 :     sql_over_http_pool_opt_in: bool,
     248              : 
     249              :     /// How many connections to pool for each endpoint. Excess connections are discarded
     250            1 :     #[clap(long, default_value_t = 20)]
     251            0 :     sql_over_http_pool_max_conns_per_endpoint: usize,
     252              : 
     253              :     /// How many connections to pool for each endpoint. Excess connections are discarded
     254            1 :     #[clap(long, default_value_t = 20000)]
     255            0 :     sql_over_http_pool_max_total_conns: usize,
     256              : 
     257              :     /// How long pooled connections should remain idle for before closing
     258              :     #[clap(long, default_value = "5m", value_parser = humantime::parse_duration)]
     259            0 :     sql_over_http_idle_timeout: tokio::time::Duration,
     260              : 
     261              :     /// Duration each shard will wait on average before a GC sweep.
     262              :     /// A longer time will causes sweeps to take longer but will interfere less frequently.
     263              :     #[clap(long, default_value = "10m", value_parser = humantime::parse_duration)]
     264            0 :     sql_over_http_pool_gc_epoch: tokio::time::Duration,
     265              : 
     266              :     /// How many shards should the global pool have. Must be a power of two.
     267              :     /// More shards will introduce less contention for pool operations, but can
     268              :     /// increase memory used by the pool
     269            1 :     #[clap(long, default_value_t = 128)]
     270            0 :     sql_over_http_pool_shards: usize,
     271              : 
     272            1 :     #[clap(long, default_value_t = 10000)]
     273            0 :     sql_over_http_client_conn_threshold: u64,
     274              : 
     275            1 :     #[clap(long, default_value_t = 64)]
     276            0 :     sql_over_http_cancel_set_shards: usize,
     277              : 
     278            1 :     #[clap(long, default_value_t = 10 * 1024 * 1024)] // 10 MiB
     279            0 :     sql_over_http_max_request_size_bytes: usize,
     280              : 
     281            1 :     #[clap(long, default_value_t = 10 * 1024 * 1024)] // 10 MiB
     282            0 :     sql_over_http_max_response_size_bytes: usize,
     283              : }
     284              : 
     285              : #[tokio::main]
     286            0 : async fn main() -> anyhow::Result<()> {
     287            0 :     let _logging_guard = proxy::logging::init().await?;
     288            0 :     let _panic_hook_guard = utils::logging::replace_panic_hook_with_tracing_panic_hook();
     289            0 :     let _sentry_guard = init_sentry(Some(GIT_VERSION.into()), &[]);
     290            0 : 
     291            0 :     // TODO: refactor these to use labels
     292            0 :     info!("Version: {GIT_VERSION}");
     293            0 :     info!("Build_tag: {BUILD_TAG}");
     294            0 :     let neon_metrics = ::metrics::NeonMetrics::new(::metrics::BuildInfo {
     295            0 :         revision: GIT_VERSION,
     296            0 :         build_tag: BUILD_TAG,
     297            0 :     });
     298            0 : 
     299            0 :     let jemalloc = match proxy::jemalloc::MetricRecorder::new() {
     300            0 :         Ok(t) => Some(t),
     301            0 :         Err(e) => {
     302            0 :             tracing::error!(error = ?e, "could not start jemalloc metrics loop");
     303            0 :             None
     304            0 :         }
     305            0 :     };
     306            0 : 
     307            0 :     let args = ProxyCliArgs::parse();
     308            0 :     let config = build_config(&args)?;
     309            0 :     let auth_backend = build_auth_backend(&args)?;
     310            0 : 
     311            0 :     match auth_backend {
     312            0 :         Either::Left(auth_backend) => info!("Authentication backend: {auth_backend}"),
     313            0 :         Either::Right(auth_backend) => info!("Authentication backend: {auth_backend:?}"),
     314            0 :     };
     315            0 :     info!("Using region: {}", args.aws_region);
     316            0 : 
     317            0 :     let region_provider =
     318            0 :         RegionProviderChain::default_provider().or_else(Region::new(args.aws_region.clone()));
     319            0 :     let provider_conf =
     320            0 :         ProviderConfig::without_region().with_region(region_provider.region().await);
     321            0 :     let aws_credentials_provider = {
     322            0 :         // uses "AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"
     323            0 :         CredentialsProviderChain::first_try("env", EnvironmentVariableCredentialsProvider::new())
     324            0 :             // uses "AWS_PROFILE" / `aws sso login --profile <profile>`
     325            0 :             .or_else(
     326            0 :                 "profile-sso",
     327            0 :                 ProfileFileCredentialsProvider::builder()
     328            0 :                     .configure(&provider_conf)
     329            0 :                     .build(),
     330            0 :             )
     331            0 :             // uses "AWS_WEB_IDENTITY_TOKEN_FILE", "AWS_ROLE_ARN", "AWS_ROLE_SESSION_NAME"
     332            0 :             // needed to access remote extensions bucket
     333            0 :             .or_else(
     334            0 :                 "token",
     335            0 :                 WebIdentityTokenCredentialsProvider::builder()
     336            0 :                     .configure(&provider_conf)
     337            0 :                     .build(),
     338            0 :             )
     339            0 :             // uses imds v2
     340            0 :             .or_else("imds", ImdsCredentialsProvider::builder().build())
     341            0 :     };
     342            0 :     let elasticache_credentials_provider = Arc::new(elasticache::CredentialsProvider::new(
     343            0 :         elasticache::AWSIRSAConfig::new(
     344            0 :             args.aws_region.clone(),
     345            0 :             args.redis_cluster_name,
     346            0 :             args.redis_user_id,
     347            0 :         ),
     348            0 :         aws_credentials_provider,
     349            0 :     ));
     350            0 :     let regional_redis_client = match (args.redis_auth_type.as_str(), &args.redis_notifications) {
     351            0 :         ("plain", redis_url) => match redis_url {
     352            0 :             None => {
     353            0 :                 bail!("plain auth requires redis_notifications to be set");
     354            0 :             }
     355            0 :             Some(url) => Some(
     356            0 :                 ConnectionWithCredentialsProvider::new_with_static_credentials(url.to_string()),
     357            0 :             ),
     358            0 :         },
     359            0 :         ("irsa", _) => match (&args.redis_host, args.redis_port) {
     360            0 :             (Some(host), Some(port)) => Some(
     361            0 :                 ConnectionWithCredentialsProvider::new_with_credentials_provider(
     362            0 :                     host.to_string(),
     363            0 :                     port,
     364            0 :                     elasticache_credentials_provider.clone(),
     365            0 :                 ),
     366            0 :             ),
     367            0 :             (None, None) => {
     368            0 :                 warn!("irsa auth requires redis-host and redis-port to be set, continuing without regional_redis_client");
     369            0 :                 None
     370            0 :             }
     371            0 :             _ => {
     372            0 :                 bail!("redis-host and redis-port must be specified together");
     373            0 :             }
     374            0 :         },
     375            0 :         _ => {
     376            0 :             bail!("unknown auth type given");
     377            0 :         }
     378            0 :     };
     379            0 : 
     380            0 :     let redis_notifications_client = if let Some(url) = args.redis_notifications {
     381            0 :         Some(ConnectionWithCredentialsProvider::new_with_static_credentials(url.to_string()))
     382            0 :     } else {
     383            0 :         regional_redis_client.clone()
     384            0 :     };
     385            0 : 
     386            0 :     // Check that we can bind to address before further initialization
     387            0 :     let http_address: SocketAddr = args.http.parse()?;
     388            0 :     info!("Starting http on {http_address}");
     389            0 :     let http_listener = TcpListener::bind(http_address).await?.into_std()?;
     390            0 : 
     391            0 :     let mgmt_address: SocketAddr = args.mgmt.parse()?;
     392            0 :     info!("Starting mgmt on {mgmt_address}");
     393            0 :     let mgmt_listener = TcpListener::bind(mgmt_address).await?;
     394            0 : 
     395            0 :     let proxy_listener = if !args.is_auth_broker {
     396            0 :         let proxy_address: SocketAddr = args.proxy.parse()?;
     397            0 :         info!("Starting proxy on {proxy_address}");
     398            0 : 
     399            0 :         Some(TcpListener::bind(proxy_address).await?)
     400            0 :     } else {
     401            0 :         None
     402            0 :     };
     403            0 : 
     404            0 :     // TODO: rename the argument to something like serverless.
     405            0 :     // It now covers more than just websockets, it also covers SQL over HTTP.
     406            0 :     let serverless_listener = if let Some(serverless_address) = args.wss {
     407            0 :         let serverless_address: SocketAddr = serverless_address.parse()?;
     408            0 :         info!("Starting wss on {serverless_address}");
     409            0 :         Some(TcpListener::bind(serverless_address).await?)
     410            0 :     } else if args.is_auth_broker {
     411            0 :         bail!("wss arg must be present for auth-broker")
     412            0 :     } else {
     413            0 :         None
     414            0 :     };
     415            0 : 
     416            0 :     let cancellation_token = CancellationToken::new();
     417            0 : 
     418            0 :     let cancel_map = CancelMap::default();
     419            0 : 
     420            0 :     let redis_rps_limit = Vec::leak(args.redis_rps_limit.clone());
     421            0 :     RateBucketInfo::validate(redis_rps_limit)?;
     422            0 : 
     423            0 :     let redis_publisher = match &regional_redis_client {
     424            0 :         Some(redis_publisher) => Some(Arc::new(Mutex::new(RedisPublisherClient::new(
     425            0 :             redis_publisher.clone(),
     426            0 :             args.region.clone(),
     427            0 :             redis_rps_limit,
     428            0 :         )?))),
     429            0 :         None => None,
     430            0 :     };
     431            0 : 
     432            0 :     let cancellation_handler = Arc::new(CancellationHandler::<
     433            0 :         Option<Arc<Mutex<RedisPublisherClient>>>,
     434            0 :     >::new(
     435            0 :         cancel_map.clone(),
     436            0 :         redis_publisher,
     437            0 :         proxy::metrics::CancellationSource::FromClient,
     438            0 :     ));
     439            0 : 
     440            0 :     // bit of a hack - find the min rps and max rps supported and turn it into
     441            0 :     // leaky bucket config instead
     442            0 :     let max = args
     443            0 :         .endpoint_rps_limit
     444            0 :         .iter()
     445            0 :         .map(|x| x.rps())
     446            0 :         .max_by(f64::total_cmp)
     447            0 :         .unwrap_or(EndpointRateLimiter::DEFAULT.max);
     448            0 :     let rps = args
     449            0 :         .endpoint_rps_limit
     450            0 :         .iter()
     451            0 :         .map(|x| x.rps())
     452            0 :         .min_by(f64::total_cmp)
     453            0 :         .unwrap_or(EndpointRateLimiter::DEFAULT.rps);
     454            0 :     let endpoint_rate_limiter = Arc::new(EndpointRateLimiter::new_with_shards(
     455            0 :         LeakyBucketConfig { rps, max },
     456            0 :         64,
     457            0 :     ));
     458            0 : 
     459            0 :     // client facing tasks. these will exit on error or on cancellation
     460            0 :     // cancellation returns Ok(())
     461            0 :     let mut client_tasks = JoinSet::new();
     462            0 :     match auth_backend {
     463            0 :         Either::Left(auth_backend) => {
     464            0 :             if let Some(proxy_listener) = proxy_listener {
     465            0 :                 client_tasks.spawn(proxy::proxy::task_main(
     466            0 :                     config,
     467            0 :                     auth_backend,
     468            0 :                     proxy_listener,
     469            0 :                     cancellation_token.clone(),
     470            0 :                     cancellation_handler.clone(),
     471            0 :                     endpoint_rate_limiter.clone(),
     472            0 :                 ));
     473            0 :             }
     474            0 : 
     475            0 :             if let Some(serverless_listener) = serverless_listener {
     476            0 :                 client_tasks.spawn(serverless::task_main(
     477            0 :                     config,
     478            0 :                     auth_backend,
     479            0 :                     serverless_listener,
     480            0 :                     cancellation_token.clone(),
     481            0 :                     cancellation_handler.clone(),
     482            0 :                     endpoint_rate_limiter.clone(),
     483            0 :                 ));
     484            0 :             }
     485            0 :         }
     486            0 :         Either::Right(auth_backend) => {
     487            0 :             if let Some(proxy_listener) = proxy_listener {
     488            0 :                 client_tasks.spawn(proxy::console_redirect_proxy::task_main(
     489            0 :                     config,
     490            0 :                     auth_backend,
     491            0 :                     proxy_listener,
     492            0 :                     cancellation_token.clone(),
     493            0 :                     cancellation_handler.clone(),
     494            0 :                 ));
     495            0 :             }
     496            0 :         }
     497            0 :     }
     498            0 : 
     499            0 :     client_tasks.spawn(proxy::context::parquet::worker(
     500            0 :         cancellation_token.clone(),
     501            0 :         args.parquet_upload,
     502            0 :     ));
     503            0 : 
     504            0 :     // maintenance tasks. these never return unless there's an error
     505            0 :     let mut maintenance_tasks = JoinSet::new();
     506            0 :     maintenance_tasks.spawn(proxy::signals::handle(cancellation_token.clone(), || {}));
     507            0 :     maintenance_tasks.spawn(http::health_server::task_main(
     508            0 :         http_listener,
     509            0 :         AppMetrics {
     510            0 :             jemalloc,
     511            0 :             neon_metrics,
     512            0 :             proxy: proxy::metrics::Metrics::get(),
     513            0 :         },
     514            0 :     ));
     515            0 :     maintenance_tasks.spawn(control_plane::mgmt::task_main(mgmt_listener));
     516            0 : 
     517            0 :     if let Some(metrics_config) = &config.metric_collection {
     518            0 :         // TODO: Add gc regardles of the metric collection being enabled.
     519            0 :         maintenance_tasks.spawn(usage_metrics::task_main(metrics_config));
     520            0 :         client_tasks.spawn(usage_metrics::task_backup(
     521            0 :             &metrics_config.backup_metric_collection_config,
     522            0 :             cancellation_token.clone(),
     523            0 :         ));
     524            0 :     }
     525            0 : 
     526            0 :     if let Either::Left(auth::Backend::ControlPlane(api, _)) = &auth_backend {
     527            0 :         if let proxy::control_plane::client::ControlPlaneClient::Neon(api) = &**api {
     528            0 :             match (redis_notifications_client, regional_redis_client.clone()) {
     529            0 :                 (None, None) => {}
     530            0 :                 (client1, client2) => {
     531            0 :                     let cache = api.caches.project_info.clone();
     532            0 :                     if let Some(client) = client1 {
     533            0 :                         maintenance_tasks.spawn(notifications::task_main(
     534            0 :                             client,
     535            0 :                             cache.clone(),
     536            0 :                             cancel_map.clone(),
     537            0 :                             args.region.clone(),
     538            0 :                         ));
     539            0 :                     }
     540            0 :                     if let Some(client) = client2 {
     541            0 :                         maintenance_tasks.spawn(notifications::task_main(
     542            0 :                             client,
     543            0 :                             cache.clone(),
     544            0 :                             cancel_map.clone(),
     545            0 :                             args.region.clone(),
     546            0 :                         ));
     547            0 :                     }
     548            0 :                     maintenance_tasks.spawn(async move { cache.clone().gc_worker().await });
     549            0 :                 }
     550            0 :             }
     551            0 :             if let Some(regional_redis_client) = regional_redis_client {
     552            0 :                 let cache = api.caches.endpoints_cache.clone();
     553            0 :                 let con = regional_redis_client;
     554            0 :                 let span = tracing::info_span!("endpoints_cache");
     555            0 :                 maintenance_tasks.spawn(
     556            0 :                     async move { cache.do_read(con, cancellation_token.clone()).await }
     557            0 :                         .instrument(span),
     558            0 :                 );
     559            0 :             }
     560            0 :         }
     561            0 :     }
     562            0 : 
     563            0 :     let maintenance = loop {
     564            0 :         // get one complete task
     565            0 :         match futures::future::select(
     566            0 :             pin!(maintenance_tasks.join_next()),
     567            0 :             pin!(client_tasks.join_next()),
     568            0 :         )
     569            0 :         .await
     570            0 :         {
     571            0 :             // exit immediately on maintenance task completion
     572            0 :             Either::Left((Some(res), _)) => break proxy::error::flatten_err(res)?,
     573            0 :             // exit with error immediately if all maintenance tasks have ceased (should be caught by branch above)
     574            0 :             Either::Left((None, _)) => bail!("no maintenance tasks running. invalid state"),
     575            0 :             // exit immediately on client task error
     576            0 :             Either::Right((Some(res), _)) => proxy::error::flatten_err(res)?,
     577            0 :             // exit if all our client tasks have shutdown gracefully
     578            0 :             Either::Right((None, _)) => return Ok(()),
     579            0 :         }
     580            0 :     };
     581            0 : 
     582            0 :     // maintenance tasks return Infallible success values, this is an impossible value
     583            0 :     // so this match statically ensures that there are no possibilities for that value
     584            0 :     match maintenance {}
     585            0 : }
     586              : 
     587              : /// ProxyConfig is created at proxy startup, and lives forever.
     588            0 : fn build_config(args: &ProxyCliArgs) -> anyhow::Result<&'static ProxyConfig> {
     589            0 :     let thread_pool = ThreadPool::new(args.scram_thread_pool_size);
     590            0 :     Metrics::install(thread_pool.metrics.clone());
     591              : 
     592            0 :     let tls_config = match (&args.tls_key, &args.tls_cert) {
     593            0 :         (Some(key_path), Some(cert_path)) => Some(config::configure_tls(
     594            0 :             key_path,
     595            0 :             cert_path,
     596            0 :             args.certs_dir.as_ref(),
     597            0 :         )?),
     598            0 :         (None, None) => None,
     599            0 :         _ => bail!("either both or neither tls-key and tls-cert must be specified"),
     600              :     };
     601              : 
     602            0 :     if args.allow_self_signed_compute {
     603            0 :         warn!("allowing self-signed compute certificates");
     604            0 :     }
     605            0 :     let backup_metric_collection_config = config::MetricBackupCollectionConfig {
     606            0 :         interval: args.metric_backup_collection_interval,
     607            0 :         remote_storage_config: args.metric_backup_collection_remote_storage.clone(),
     608            0 :         chunk_size: args.metric_backup_collection_chunk_size,
     609            0 :     };
     610              : 
     611            0 :     let metric_collection = match (
     612            0 :         &args.metric_collection_endpoint,
     613            0 :         &args.metric_collection_interval,
     614              :     ) {
     615            0 :         (Some(endpoint), Some(interval)) => Some(config::MetricCollectionConfig {
     616            0 :             endpoint: endpoint.parse()?,
     617            0 :             interval: humantime::parse_duration(interval)?,
     618            0 :             backup_metric_collection_config,
     619              :         }),
     620            0 :         (None, None) => None,
     621            0 :         _ => bail!(
     622            0 :             "either both or neither metric-collection-endpoint \
     623            0 :              and metric-collection-interval must be specified"
     624            0 :         ),
     625              :     };
     626              : 
     627              :     let config::ConcurrencyLockOptions {
     628            0 :         shards,
     629            0 :         limiter,
     630            0 :         epoch,
     631            0 :         timeout,
     632            0 :     } = args.connect_compute_lock.parse()?;
     633            0 :     info!(
     634              :         ?limiter,
     635              :         shards,
     636              :         ?epoch,
     637            0 :         "Using NodeLocks (connect_compute)"
     638              :     );
     639            0 :     let connect_compute_locks = control_plane::locks::ApiLocks::new(
     640            0 :         "connect_compute_lock",
     641            0 :         limiter,
     642            0 :         shards,
     643            0 :         timeout,
     644            0 :         epoch,
     645            0 :         &Metrics::get().proxy.connect_compute_lock,
     646            0 :     )?;
     647              : 
     648            0 :     let http_config = HttpConfig {
     649            0 :         accept_websockets: !args.is_auth_broker,
     650            0 :         pool_options: GlobalConnPoolOptions {
     651            0 :             max_conns_per_endpoint: args.sql_over_http.sql_over_http_pool_max_conns_per_endpoint,
     652            0 :             gc_epoch: args.sql_over_http.sql_over_http_pool_gc_epoch,
     653            0 :             pool_shards: args.sql_over_http.sql_over_http_pool_shards,
     654            0 :             idle_timeout: args.sql_over_http.sql_over_http_idle_timeout,
     655            0 :             opt_in: args.sql_over_http.sql_over_http_pool_opt_in,
     656            0 :             max_total_conns: args.sql_over_http.sql_over_http_pool_max_total_conns,
     657            0 :         },
     658            0 :         cancel_set: CancelSet::new(args.sql_over_http.sql_over_http_cancel_set_shards),
     659            0 :         client_conn_threshold: args.sql_over_http.sql_over_http_client_conn_threshold,
     660            0 :         max_request_size_bytes: args.sql_over_http.sql_over_http_max_request_size_bytes,
     661            0 :         max_response_size_bytes: args.sql_over_http.sql_over_http_max_response_size_bytes,
     662            0 :     };
     663            0 :     let authentication_config = AuthenticationConfig {
     664            0 :         jwks_cache: JwkCache::default(),
     665            0 :         thread_pool,
     666            0 :         scram_protocol_timeout: args.scram_protocol_timeout,
     667            0 :         rate_limiter_enabled: args.auth_rate_limit_enabled,
     668            0 :         rate_limiter: AuthRateLimiter::new(args.auth_rate_limit.clone()),
     669            0 :         rate_limit_ip_subnet: args.auth_rate_limit_ip_subnet,
     670            0 :         ip_allowlist_check_enabled: !args.is_private_access_proxy,
     671            0 :         is_auth_broker: args.is_auth_broker,
     672            0 :         accept_jwts: args.is_auth_broker,
     673            0 :         console_redirect_confirmation_timeout: args.webauth_confirmation_timeout,
     674            0 :     };
     675              : 
     676            0 :     let config = ProxyConfig {
     677            0 :         tls_config,
     678            0 :         metric_collection,
     679            0 :         allow_self_signed_compute: args.allow_self_signed_compute,
     680            0 :         http_config,
     681            0 :         authentication_config,
     682            0 :         proxy_protocol_v2: args.proxy_protocol_v2,
     683            0 :         handshake_timeout: args.handshake_timeout,
     684            0 :         region: args.region.clone(),
     685            0 :         wake_compute_retry_config: config::RetryConfig::parse(&args.wake_compute_retry)?,
     686            0 :         connect_compute_locks,
     687            0 :         connect_to_compute_retry_config: config::RetryConfig::parse(
     688            0 :             &args.connect_to_compute_retry,
     689            0 :         )?,
     690              :     };
     691              : 
     692            0 :     let config = Box::leak(Box::new(config));
     693            0 : 
     694            0 :     tokio::spawn(config.connect_compute_locks.garbage_collect_worker());
     695            0 : 
     696            0 :     Ok(config)
     697            0 : }
     698              : 
     699              : /// auth::Backend is created at proxy startup, and lives forever.
     700            0 : fn build_auth_backend(
     701            0 :     args: &ProxyCliArgs,
     702            0 : ) -> anyhow::Result<Either<&'static auth::Backend<'static, ()>, &'static ConsoleRedirectBackend>> {
     703            0 :     match &args.auth_backend {
     704              :         AuthBackendType::ControlPlane => {
     705            0 :             let wake_compute_cache_config: CacheOptions = args.wake_compute_cache.parse()?;
     706            0 :             let project_info_cache_config: ProjectInfoCacheOptions =
     707            0 :                 args.project_info_cache.parse()?;
     708            0 :             let endpoint_cache_config: config::EndpointCacheConfig =
     709            0 :                 args.endpoint_cache_config.parse()?;
     710              : 
     711            0 :             info!("Using NodeInfoCache (wake_compute) with options={wake_compute_cache_config:?}");
     712            0 :             info!(
     713            0 :                 "Using AllowedIpsCache (wake_compute) with options={project_info_cache_config:?}"
     714              :             );
     715            0 :             info!("Using EndpointCacheConfig with options={endpoint_cache_config:?}");
     716            0 :             let caches = Box::leak(Box::new(control_plane::caches::ApiCaches::new(
     717            0 :                 wake_compute_cache_config,
     718            0 :                 project_info_cache_config,
     719            0 :                 endpoint_cache_config,
     720            0 :             )));
     721              : 
     722              :             let config::ConcurrencyLockOptions {
     723            0 :                 shards,
     724            0 :                 limiter,
     725            0 :                 epoch,
     726            0 :                 timeout,
     727            0 :             } = args.wake_compute_lock.parse()?;
     728            0 :             info!(?limiter, shards, ?epoch, "Using NodeLocks (wake_compute)");
     729            0 :             let locks = Box::leak(Box::new(control_plane::locks::ApiLocks::new(
     730            0 :                 "wake_compute_lock",
     731            0 :                 limiter,
     732            0 :                 shards,
     733            0 :                 timeout,
     734            0 :                 epoch,
     735            0 :                 &Metrics::get().wake_compute_lock,
     736            0 :             )?));
     737            0 :             tokio::spawn(locks.garbage_collect_worker());
     738              : 
     739            0 :             let url = args.auth_endpoint.parse()?;
     740            0 :             let endpoint = http::Endpoint::new(url, http::new_client());
     741            0 : 
     742            0 :             let mut wake_compute_rps_limit = args.wake_compute_limit.clone();
     743            0 :             RateBucketInfo::validate(&mut wake_compute_rps_limit)?;
     744            0 :             let wake_compute_endpoint_rate_limiter =
     745            0 :                 Arc::new(WakeComputeRateLimiter::new(wake_compute_rps_limit));
     746            0 :             let api = control_plane::client::neon::NeonControlPlaneClient::new(
     747            0 :                 endpoint,
     748            0 :                 args.control_plane_token.clone(),
     749            0 :                 caches,
     750            0 :                 locks,
     751            0 :                 wake_compute_endpoint_rate_limiter,
     752            0 :             );
     753            0 :             let api = control_plane::client::ControlPlaneClient::Neon(api);
     754            0 :             let auth_backend = auth::Backend::ControlPlane(MaybeOwned::Owned(api), ());
     755            0 : 
     756            0 :             let config = Box::leak(Box::new(auth_backend));
     757            0 : 
     758            0 :             Ok(Either::Left(config))
     759              :         }
     760              : 
     761              :         #[cfg(feature = "testing")]
     762              :         AuthBackendType::Postgres => {
     763            0 :             let url = args.auth_endpoint.parse()?;
     764            0 :             let api = control_plane::client::mock::MockControlPlane::new(
     765            0 :                 url,
     766            0 :                 !args.is_private_access_proxy,
     767            0 :             );
     768            0 :             let api = control_plane::client::ControlPlaneClient::PostgresMock(api);
     769            0 : 
     770            0 :             let auth_backend = auth::Backend::ControlPlane(MaybeOwned::Owned(api), ());
     771            0 : 
     772            0 :             let config = Box::leak(Box::new(auth_backend));
     773            0 : 
     774            0 :             Ok(Either::Left(config))
     775              :         }
     776              : 
     777              :         AuthBackendType::ConsoleRedirect => {
     778            0 :             let url = args.uri.parse()?;
     779            0 :             let backend = ConsoleRedirectBackend::new(url);
     780            0 : 
     781            0 :             let config = Box::leak(Box::new(backend));
     782            0 : 
     783            0 :             Ok(Either::Right(config))
     784              :         }
     785              :     }
     786            0 : }
     787              : 
     788              : #[cfg(test)]
     789              : mod tests {
     790              :     use std::time::Duration;
     791              : 
     792              :     use clap::Parser;
     793              :     use proxy::rate_limiter::RateBucketInfo;
     794              : 
     795              :     #[test]
     796            1 :     fn parse_endpoint_rps_limit() {
     797            1 :         let config = super::ProxyCliArgs::parse_from([
     798            1 :             "proxy",
     799            1 :             "--endpoint-rps-limit",
     800            1 :             "100@1s",
     801            1 :             "--endpoint-rps-limit",
     802            1 :             "20@30s",
     803            1 :         ]);
     804            1 : 
     805            1 :         assert_eq!(
     806            1 :             config.endpoint_rps_limit,
     807            1 :             vec![
     808            1 :                 RateBucketInfo::new(100, Duration::from_secs(1)),
     809            1 :                 RateBucketInfo::new(20, Duration::from_secs(30)),
     810            1 :             ]
     811            1 :         );
     812            1 :     }
     813              : }
        

Generated by: LCOV version 2.1-beta