Line data Source code
1 : //
2 : // Main entry point for the safekeeper executable
3 : //
4 : use std::env::{VarError, var};
5 : use std::fs::{self, File};
6 : use std::io::{ErrorKind, Write};
7 : use std::str::FromStr;
8 : use std::sync::Arc;
9 : use std::time::{Duration, Instant};
10 :
11 : use anyhow::{Context, Result, bail};
12 : use camino::{Utf8Path, Utf8PathBuf};
13 : use clap::{ArgAction, Parser};
14 : use futures::future::BoxFuture;
15 : use futures::stream::FuturesUnordered;
16 : use futures::{FutureExt, StreamExt};
17 : use metrics::set_build_info_metric;
18 : use remote_storage::RemoteStorageConfig;
19 : use reqwest::Certificate;
20 : use safekeeper::defaults::{
21 : DEFAULT_CONTROL_FILE_SAVE_INTERVAL, DEFAULT_EVICTION_MIN_RESIDENT, DEFAULT_HEARTBEAT_TIMEOUT,
22 : DEFAULT_HTTP_LISTEN_ADDR, DEFAULT_MAX_OFFLOADER_LAG_BYTES, DEFAULT_PARTIAL_BACKUP_CONCURRENCY,
23 : DEFAULT_PARTIAL_BACKUP_TIMEOUT, DEFAULT_PG_LISTEN_ADDR, DEFAULT_SSL_CERT_FILE,
24 : DEFAULT_SSL_KEY_FILE,
25 : };
26 : use safekeeper::{
27 : BROKER_RUNTIME, GlobalTimelines, HTTP_RUNTIME, SafeKeeperConf, WAL_SERVICE_RUNTIME, broker,
28 : control_file, http, wal_backup, wal_service,
29 : };
30 : use sd_notify::NotifyState;
31 : use storage_broker::{DEFAULT_ENDPOINT, Uri};
32 : use tokio::runtime::Handle;
33 : use tokio::signal::unix::{SignalKind, signal};
34 : use tokio::task::JoinError;
35 : use tracing::*;
36 : use utils::auth::{JwtAuth, Scope, SwappableJwtAuth};
37 : use utils::id::NodeId;
38 : use utils::logging::{self, LogFormat, SecretString};
39 : use utils::sentry_init::init_sentry;
40 : use utils::{pid_file, project_build_tag, project_git_version, tcp_listener};
41 :
42 : #[global_allocator]
43 : static GLOBAL: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc;
44 :
45 : /// Configure jemalloc to profile heap allocations by sampling stack traces every 2 MB (1 << 21).
46 : /// This adds roughly 3% overhead for allocations on average, which is acceptable considering
47 : /// performance-sensitive code will avoid allocations as far as possible anyway.
48 : #[allow(non_upper_case_globals)]
49 : #[unsafe(export_name = "malloc_conf")]
50 : pub static malloc_conf: &[u8] = b"prof:true,prof_active:true,lg_prof_sample:21\0";
51 :
52 : const PID_FILE_NAME: &str = "safekeeper.pid";
53 : const ID_FILE_NAME: &str = "safekeeper.id";
54 :
55 : project_git_version!(GIT_VERSION);
56 : project_build_tag!(BUILD_TAG);
57 :
58 : const FEATURES: &[&str] = &[
59 : #[cfg(feature = "testing")]
60 : "testing",
61 : ];
62 :
63 0 : fn version() -> String {
64 0 : format!(
65 0 : "{GIT_VERSION} failpoints: {}, features: {:?}",
66 0 : fail::has_failpoints(),
67 0 : FEATURES,
68 0 : )
69 0 : }
70 :
71 : const ABOUT: &str = r#"
72 : A fleet of safekeepers is responsible for reliably storing WAL received from
73 : compute, passing it through consensus (mitigating potential computes brain
74 : split), and serving the hardened part further downstream to pageserver(s).
75 : "#;
76 :
77 : #[derive(Parser)]
78 : #[command(name = "Neon safekeeper", version = GIT_VERSION, about = ABOUT, long_about = None)]
79 : struct Args {
80 : /// Path to the safekeeper data directory.
81 : #[arg(short = 'D', long, default_value = "./")]
82 0 : datadir: Utf8PathBuf,
83 : /// Safekeeper node id.
84 : #[arg(long)]
85 : id: Option<u64>,
86 : /// Initialize safekeeper with given id and exit.
87 : #[arg(long)]
88 0 : init: bool,
89 : /// Listen endpoint for receiving/sending WAL in the form host:port.
90 : #[arg(short, long, default_value = DEFAULT_PG_LISTEN_ADDR)]
91 0 : listen_pg: String,
92 : /// Listen endpoint for receiving/sending WAL in the form host:port allowing
93 : /// only tenant scoped auth tokens. Pointless if auth is disabled.
94 : #[arg(long, default_value = None, verbatim_doc_comment)]
95 : listen_pg_tenant_only: Option<String>,
96 : /// Listen http endpoint for management and metrics in the form host:port.
97 : #[arg(long, default_value = DEFAULT_HTTP_LISTEN_ADDR)]
98 0 : listen_http: String,
99 : /// Listen https endpoint for management and metrics in the form host:port.
100 : #[arg(long, default_value = None)]
101 : listen_https: Option<String>,
102 : /// Advertised endpoint for receiving/sending WAL in the form host:port. If not
103 : /// specified, listen_pg is used to advertise instead.
104 : #[arg(long, default_value = None)]
105 : advertise_pg: Option<String>,
106 : /// Availability zone of the safekeeper.
107 : #[arg(long)]
108 : availability_zone: Option<String>,
109 : /// Do not wait for changes to be written safely to disk. Unsafe.
110 : #[arg(short, long)]
111 0 : no_sync: bool,
112 : /// Dump control file at path specified by this argument and exit.
113 : #[arg(long)]
114 : dump_control_file: Option<Utf8PathBuf>,
115 : /// Broker endpoint for storage nodes coordination in the form
116 : /// http[s]://host:port. In case of https schema TLS is connection is
117 : /// established; plaintext otherwise.
118 : #[arg(long, default_value = DEFAULT_ENDPOINT, verbatim_doc_comment)]
119 0 : broker_endpoint: Uri,
120 : /// Broker keepalive interval.
121 : #[arg(long, value_parser= humantime::parse_duration, default_value = storage_broker::DEFAULT_KEEPALIVE_INTERVAL)]
122 0 : broker_keepalive_interval: Duration,
123 : /// Peer safekeeper is considered dead after not receiving heartbeats from
124 : /// it during this period passed as a human readable duration.
125 : #[arg(long, value_parser= humantime::parse_duration, default_value = DEFAULT_HEARTBEAT_TIMEOUT, verbatim_doc_comment)]
126 0 : heartbeat_timeout: Duration,
127 : /// Enable/disable peer recovery.
128 : #[arg(long, default_value = "false", action=ArgAction::Set)]
129 0 : peer_recovery: bool,
130 : /// Remote storage configuration for WAL backup (offloading to s3) as TOML
131 : /// inline table, e.g.
132 : /// {max_concurrent_syncs = 17, max_sync_errors = 13, bucket_name = "<BUCKETNAME>", bucket_region = "<REGION>", concurrency_limit = 119}
133 : /// Safekeeper offloads WAL to
134 : /// [prefix_in_bucket/]<tenant_id>/<timeline_id>/<segment_file>, mirroring
135 : /// structure on the file system.
136 : #[arg(long, value_parser = parse_remote_storage, verbatim_doc_comment)]
137 : remote_storage: Option<RemoteStorageConfig>,
138 : /// Safekeeper won't be elected for WAL offloading if it is lagging for more than this value in bytes
139 1 : #[arg(long, default_value_t = DEFAULT_MAX_OFFLOADER_LAG_BYTES)]
140 0 : max_offloader_lag: u64,
141 : /// Number of max parallel WAL segments to be offloaded to remote storage.
142 : #[arg(long, default_value = "5")]
143 0 : wal_backup_parallel_jobs: usize,
144 : /// Disable WAL backup to s3. When disabled, safekeeper removes WAL ignoring
145 : /// WAL backup horizon.
146 : #[arg(long)]
147 0 : disable_wal_backup: bool,
148 : /// If given, enables auth on incoming connections to WAL service endpoint
149 : /// (--listen-pg). Value specifies path to a .pem public key used for
150 : /// validations of JWT tokens. Empty string is allowed and means disabling
151 : /// auth.
152 : #[arg(long, verbatim_doc_comment, value_parser = opt_pathbuf_parser)]
153 : pg_auth_public_key_path: Option<Utf8PathBuf>,
154 : /// If given, enables auth on incoming connections to tenant only WAL
155 : /// service endpoint (--listen-pg-tenant-only). Value specifies path to a
156 : /// .pem public key used for validations of JWT tokens. Empty string is
157 : /// allowed and means disabling auth.
158 : #[arg(long, verbatim_doc_comment, value_parser = opt_pathbuf_parser)]
159 : pg_tenant_only_auth_public_key_path: Option<Utf8PathBuf>,
160 : /// If given, enables auth on incoming connections to http management
161 : /// service endpoint (--listen-http). Value specifies path to a .pem public
162 : /// key used for validations of JWT tokens. Empty string is allowed and
163 : /// means disabling auth.
164 : #[arg(long, verbatim_doc_comment, value_parser = opt_pathbuf_parser)]
165 : http_auth_public_key_path: Option<Utf8PathBuf>,
166 : /// Format for logging, either 'plain' or 'json'.
167 : #[arg(long, default_value = "plain")]
168 0 : log_format: String,
169 : /// Run everything in single threaded current thread runtime, might be
170 : /// useful for debugging.
171 : #[arg(long)]
172 0 : current_thread_runtime: bool,
173 : /// Keep horizon for walsenders, i.e. don't remove WAL segments that are
174 : /// still needed for existing replication connection.
175 : #[arg(long)]
176 0 : walsenders_keep_horizon: bool,
177 : /// Controls how long backup will wait until uploading the partial segment.
178 : #[arg(long, value_parser = humantime::parse_duration, default_value = DEFAULT_PARTIAL_BACKUP_TIMEOUT, verbatim_doc_comment)]
179 0 : partial_backup_timeout: Duration,
180 : /// Disable task to push messages to broker every second. Supposed to
181 : /// be used in tests.
182 : #[arg(long)]
183 0 : disable_periodic_broker_push: bool,
184 : /// Enable automatic switching to offloaded state.
185 : #[arg(long)]
186 0 : enable_offload: bool,
187 : /// Delete local WAL files after offloading. When disabled, they will be left on disk.
188 : #[arg(long)]
189 0 : delete_offloaded_wal: bool,
190 : /// Pending updates to control file will be automatically saved after this interval.
191 : #[arg(long, value_parser = humantime::parse_duration, default_value = DEFAULT_CONTROL_FILE_SAVE_INTERVAL)]
192 0 : control_file_save_interval: Duration,
193 : /// Number of allowed concurrent uploads of partial segments to remote storage.
194 : #[arg(long, default_value = DEFAULT_PARTIAL_BACKUP_CONCURRENCY)]
195 0 : partial_backup_concurrency: usize,
196 : /// How long a timeline must be resident before it is eligible for eviction.
197 : /// Usually, timeline eviction has to wait for `partial_backup_timeout` before being eligible for eviction,
198 : /// but if a timeline is un-evicted and then _not_ written to, it would immediately flap to evicting again,
199 : /// if it weren't for `eviction_min_resident` preventing that.
200 : ///
201 : /// Also defines interval for eviction retries.
202 : #[arg(long, value_parser = humantime::parse_duration, default_value = DEFAULT_EVICTION_MIN_RESIDENT)]
203 0 : eviction_min_resident: Duration,
204 : /// Enable fanning out WAL to different shards from the same reader
205 : #[arg(long)]
206 0 : wal_reader_fanout: bool,
207 : /// Only fan out the WAL reader if the absoulte delta between the new requested position
208 : /// and the current position of the reader is smaller than this value.
209 : #[arg(long)]
210 : max_delta_for_fanout: Option<u64>,
211 : /// Path to a file with certificate's private key for https API.
212 : #[arg(long, default_value = DEFAULT_SSL_KEY_FILE)]
213 0 : ssl_key_file: Utf8PathBuf,
214 : /// Path to a file with a X509 certificate for https API.
215 : #[arg(long, default_value = DEFAULT_SSL_CERT_FILE)]
216 0 : ssl_cert_file: Utf8PathBuf,
217 : /// Trusted root CA certificate to use in https APIs.
218 : #[arg(long)]
219 : ssl_ca_file: Option<Utf8PathBuf>,
220 : }
221 :
222 : // Like PathBufValueParser, but allows empty string.
223 0 : fn opt_pathbuf_parser(s: &str) -> Result<Utf8PathBuf, String> {
224 0 : Ok(Utf8PathBuf::from_str(s).unwrap())
225 0 : }
226 :
227 : #[tokio::main(flavor = "current_thread")]
228 0 : async fn main() -> anyhow::Result<()> {
229 0 : // We want to allow multiple occurences of the same arg (taking the last) so
230 0 : // that neon_local could generate command with defaults + overrides without
231 0 : // getting 'argument cannot be used multiple times' error. This seems to be
232 0 : // impossible with pure Derive API, so convert struct to Command, modify it,
233 0 : // parse arguments, and then fill the struct back.
234 0 : let cmd = <Args as clap::CommandFactory>::command()
235 0 : .args_override_self(true)
236 0 : .version(version());
237 0 : let mut matches = cmd.get_matches();
238 0 : let mut args = <Args as clap::FromArgMatches>::from_arg_matches_mut(&mut matches)?;
239 0 :
240 0 : // I failed to modify opt_pathbuf_parser to return Option<PathBuf> in
241 0 : // reasonable time, so turn empty string into option post factum.
242 0 : if let Some(pb) = &args.pg_auth_public_key_path {
243 0 : if pb.as_os_str().is_empty() {
244 0 : args.pg_auth_public_key_path = None;
245 0 : }
246 0 : }
247 0 : if let Some(pb) = &args.pg_tenant_only_auth_public_key_path {
248 0 : if pb.as_os_str().is_empty() {
249 0 : args.pg_tenant_only_auth_public_key_path = None;
250 0 : }
251 0 : }
252 0 : if let Some(pb) = &args.http_auth_public_key_path {
253 0 : if pb.as_os_str().is_empty() {
254 0 : args.http_auth_public_key_path = None;
255 0 : }
256 0 : }
257 0 :
258 0 : if let Some(addr) = args.dump_control_file {
259 0 : let state = control_file::FileStorage::load_control_file(addr)?;
260 0 : let json = serde_json::to_string(&state)?;
261 0 : print!("{json}");
262 0 : return Ok(());
263 0 : }
264 0 :
265 0 : // important to keep the order of:
266 0 : // 1. init logging
267 0 : // 2. tracing panic hook
268 0 : // 3. sentry
269 0 : logging::init(
270 0 : LogFormat::from_config(&args.log_format)?,
271 0 : logging::TracingErrorLayerEnablement::Disabled,
272 0 : logging::Output::Stdout,
273 0 : )?;
274 0 : logging::replace_panic_hook_with_tracing_panic_hook().forget();
275 0 : info!("version: {GIT_VERSION}");
276 0 : info!("buld_tag: {BUILD_TAG}");
277 0 :
278 0 : let args_workdir = &args.datadir;
279 0 : let workdir = args_workdir.canonicalize_utf8().with_context(|| {
280 0 : format!("Failed to get the absolute path for input workdir {args_workdir:?}")
281 0 : })?;
282 0 :
283 0 : // Change into the data directory.
284 0 : std::env::set_current_dir(&workdir)?;
285 0 :
286 0 : // Prevent running multiple safekeepers on the same directory
287 0 : let lock_file_path = workdir.join(PID_FILE_NAME);
288 0 : let lock_file =
289 0 : pid_file::claim_for_current_process(&lock_file_path).context("claim pid file")?;
290 0 : info!("claimed pid file at {lock_file_path:?}");
291 0 : // ensure that the lock file is held even if the main thread of the process is panics
292 0 : // we need to release the lock file only when the current process is gone
293 0 : std::mem::forget(lock_file);
294 0 :
295 0 : // Set or read our ID.
296 0 : let id = set_id(&workdir, args.id.map(NodeId))?;
297 0 : if args.init {
298 0 : return Ok(());
299 0 : }
300 0 :
301 0 : let pg_auth = match args.pg_auth_public_key_path.as_ref() {
302 0 : None => {
303 0 : info!("pg auth is disabled");
304 0 : None
305 0 : }
306 0 : Some(path) => {
307 0 : info!("loading pg auth JWT key from {path}");
308 0 : Some(Arc::new(
309 0 : JwtAuth::from_key_path(path).context("failed to load the auth key")?,
310 0 : ))
311 0 : }
312 0 : };
313 0 : let pg_tenant_only_auth = match args.pg_tenant_only_auth_public_key_path.as_ref() {
314 0 : None => {
315 0 : info!("pg tenant only auth is disabled");
316 0 : None
317 0 : }
318 0 : Some(path) => {
319 0 : info!("loading pg tenant only auth JWT key from {path}");
320 0 : Some(Arc::new(
321 0 : JwtAuth::from_key_path(path).context("failed to load the auth key")?,
322 0 : ))
323 0 : }
324 0 : };
325 0 : let http_auth = match args.http_auth_public_key_path.as_ref() {
326 0 : None => {
327 0 : info!("http auth is disabled");
328 0 : None
329 0 : }
330 0 : Some(path) => {
331 0 : info!("loading http auth JWT key(s) from {path}");
332 0 : let jwt_auth = JwtAuth::from_key_path(path).context("failed to load the auth key")?;
333 0 : Some(Arc::new(SwappableJwtAuth::new(jwt_auth)))
334 0 : }
335 0 : };
336 0 :
337 0 : // Load JWT auth token to connect to other safekeepers for pull_timeline.
338 0 : let sk_auth_token = match var("SAFEKEEPER_AUTH_TOKEN") {
339 0 : Ok(v) => {
340 0 : info!("loaded JWT token for authentication with safekeepers");
341 0 : Some(SecretString::from(v))
342 0 : }
343 0 : Err(VarError::NotPresent) => {
344 0 : info!("no JWT token for authentication with safekeepers detected");
345 0 : None
346 0 : }
347 0 : Err(_) => {
348 0 : warn!("JWT token for authentication with safekeepers is not unicode");
349 0 : None
350 0 : }
351 0 : };
352 0 :
353 0 : let ssl_ca_cert = match args.ssl_ca_file.as_ref() {
354 0 : Some(ssl_ca_file) => {
355 0 : tracing::info!("Using ssl root CA file: {ssl_ca_file:?}");
356 0 : let buf = tokio::fs::read(ssl_ca_file).await?;
357 0 : Some(Certificate::from_pem(&buf)?)
358 0 : }
359 0 : None => None,
360 0 : };
361 0 :
362 0 : let conf = Arc::new(SafeKeeperConf {
363 0 : workdir,
364 0 : my_id: id,
365 0 : listen_pg_addr: args.listen_pg,
366 0 : listen_pg_addr_tenant_only: args.listen_pg_tenant_only,
367 0 : listen_http_addr: args.listen_http,
368 0 : listen_https_addr: args.listen_https,
369 0 : advertise_pg_addr: args.advertise_pg,
370 0 : availability_zone: args.availability_zone,
371 0 : no_sync: args.no_sync,
372 0 : broker_endpoint: args.broker_endpoint,
373 0 : broker_keepalive_interval: args.broker_keepalive_interval,
374 0 : heartbeat_timeout: args.heartbeat_timeout,
375 0 : peer_recovery_enabled: args.peer_recovery,
376 0 : remote_storage: args.remote_storage,
377 0 : max_offloader_lag_bytes: args.max_offloader_lag,
378 0 : wal_backup_enabled: !args.disable_wal_backup,
379 0 : backup_parallel_jobs: args.wal_backup_parallel_jobs,
380 0 : pg_auth,
381 0 : pg_tenant_only_auth,
382 0 : http_auth,
383 0 : sk_auth_token,
384 0 : current_thread_runtime: args.current_thread_runtime,
385 0 : walsenders_keep_horizon: args.walsenders_keep_horizon,
386 0 : partial_backup_timeout: args.partial_backup_timeout,
387 0 : disable_periodic_broker_push: args.disable_periodic_broker_push,
388 0 : enable_offload: args.enable_offload,
389 0 : delete_offloaded_wal: args.delete_offloaded_wal,
390 0 : control_file_save_interval: args.control_file_save_interval,
391 0 : partial_backup_concurrency: args.partial_backup_concurrency,
392 0 : eviction_min_resident: args.eviction_min_resident,
393 0 : wal_reader_fanout: args.wal_reader_fanout,
394 0 : max_delta_for_fanout: args.max_delta_for_fanout,
395 0 : ssl_key_file: args.ssl_key_file,
396 0 : ssl_cert_file: args.ssl_cert_file,
397 0 : ssl_ca_cert,
398 0 : });
399 0 :
400 0 : // initialize sentry if SENTRY_DSN is provided
401 0 : let _sentry_guard = init_sentry(
402 0 : Some(GIT_VERSION.into()),
403 0 : &[("node_id", &conf.my_id.to_string())],
404 0 : );
405 0 : start_safekeeper(conf).await
406 0 : }
407 :
408 : /// Result of joining any of main tasks: upper error means task failed to
409 : /// complete, e.g. panicked, inner is error produced by task itself.
410 : type JoinTaskRes = Result<anyhow::Result<()>, JoinError>;
411 :
412 0 : async fn start_safekeeper(conf: Arc<SafeKeeperConf>) -> Result<()> {
413 0 : // fsync the datadir to make sure we have a consistent state on disk.
414 0 : if !conf.no_sync {
415 0 : let dfd = File::open(&conf.workdir).context("open datadir for syncfs")?;
416 0 : let started = Instant::now();
417 0 : utils::crashsafe::syncfs(dfd)?;
418 0 : let elapsed = started.elapsed();
419 0 : info!(
420 0 : elapsed_ms = elapsed.as_millis(),
421 0 : "syncfs data directory done"
422 : );
423 0 : }
424 :
425 0 : info!("starting safekeeper WAL service on {}", conf.listen_pg_addr);
426 0 : let pg_listener = tcp_listener::bind(conf.listen_pg_addr.clone()).map_err(|e| {
427 0 : error!("failed to bind to address {}: {}", conf.listen_pg_addr, e);
428 0 : e
429 0 : })?;
430 :
431 0 : let pg_listener_tenant_only =
432 0 : if let Some(listen_pg_addr_tenant_only) = &conf.listen_pg_addr_tenant_only {
433 0 : info!(
434 0 : "starting safekeeper tenant scoped WAL service on {}",
435 : listen_pg_addr_tenant_only
436 : );
437 0 : let listener = tcp_listener::bind(listen_pg_addr_tenant_only.clone()).map_err(|e| {
438 0 : error!(
439 0 : "failed to bind to address {}: {}",
440 : listen_pg_addr_tenant_only, e
441 : );
442 0 : e
443 0 : })?;
444 0 : Some(listener)
445 : } else {
446 0 : None
447 : };
448 :
449 0 : info!(
450 0 : "starting safekeeper HTTP service on {}",
451 0 : conf.listen_http_addr
452 : );
453 0 : let http_listener = tcp_listener::bind(conf.listen_http_addr.clone()).map_err(|e| {
454 0 : error!("failed to bind to address {}: {}", conf.listen_http_addr, e);
455 0 : e
456 0 : })?;
457 :
458 0 : let https_listener = match conf.listen_https_addr.as_ref() {
459 0 : Some(listen_https_addr) => {
460 0 : info!("starting safekeeper HTTPS service on {}", listen_https_addr);
461 0 : Some(tcp_listener::bind(listen_https_addr).map_err(|e| {
462 0 : error!("failed to bind to address {}: {}", listen_https_addr, e);
463 0 : e
464 0 : })?)
465 : }
466 0 : None => None,
467 : };
468 :
469 0 : let global_timelines = Arc::new(GlobalTimelines::new(conf.clone()));
470 0 :
471 0 : // Register metrics collector for active timelines. It's important to do this
472 0 : // after daemonizing, otherwise process collector will be upset.
473 0 : let timeline_collector = safekeeper::metrics::TimelineCollector::new(global_timelines.clone());
474 0 : metrics::register_internal(Box::new(timeline_collector))?;
475 :
476 0 : wal_backup::init_remote_storage(&conf).await;
477 :
478 : // Keep handles to main tasks to die if any of them disappears.
479 0 : let mut tasks_handles: FuturesUnordered<BoxFuture<(String, JoinTaskRes)>> =
480 0 : FuturesUnordered::new();
481 0 :
482 0 : // Start wal backup launcher before loading timelines as we'll notify it
483 0 : // through the channel about timelines which need offloading, not draining
484 0 : // the channel would cause deadlock.
485 0 : let current_thread_rt = conf
486 0 : .current_thread_runtime
487 0 : .then(|| Handle::try_current().expect("no runtime in main"));
488 0 :
489 0 : // Load all timelines from disk to memory.
490 0 : global_timelines.init().await?;
491 :
492 : // Run everything in current thread rt, if asked.
493 0 : if conf.current_thread_runtime {
494 0 : info!("running in current thread runtime");
495 0 : }
496 :
497 0 : let wal_service_handle = current_thread_rt
498 0 : .as_ref()
499 0 : .unwrap_or_else(|| WAL_SERVICE_RUNTIME.handle())
500 0 : .spawn(wal_service::task_main(
501 0 : conf.clone(),
502 0 : pg_listener,
503 0 : Scope::SafekeeperData,
504 0 : global_timelines.clone(),
505 0 : ))
506 0 : // wrap with task name for error reporting
507 0 : .map(|res| ("WAL service main".to_owned(), res));
508 0 : tasks_handles.push(Box::pin(wal_service_handle));
509 0 :
510 0 : let global_timelines_ = global_timelines.clone();
511 0 : let timeline_housekeeping_handle = current_thread_rt
512 0 : .as_ref()
513 0 : .unwrap_or_else(|| WAL_SERVICE_RUNTIME.handle())
514 0 : .spawn(async move {
515 : const TOMBSTONE_TTL: Duration = Duration::from_secs(3600 * 24);
516 : loop {
517 0 : tokio::time::sleep(TOMBSTONE_TTL).await;
518 0 : global_timelines_.housekeeping(&TOMBSTONE_TTL);
519 : }
520 0 : })
521 0 : .map(|res| ("Timeline map housekeeping".to_owned(), res));
522 0 : tasks_handles.push(Box::pin(timeline_housekeeping_handle));
523 :
524 0 : if let Some(pg_listener_tenant_only) = pg_listener_tenant_only {
525 0 : let wal_service_handle = current_thread_rt
526 0 : .as_ref()
527 0 : .unwrap_or_else(|| WAL_SERVICE_RUNTIME.handle())
528 0 : .spawn(wal_service::task_main(
529 0 : conf.clone(),
530 0 : pg_listener_tenant_only,
531 0 : Scope::Tenant,
532 0 : global_timelines.clone(),
533 0 : ))
534 0 : // wrap with task name for error reporting
535 0 : .map(|res| ("WAL service tenant only main".to_owned(), res));
536 0 : tasks_handles.push(Box::pin(wal_service_handle));
537 0 : }
538 :
539 0 : let http_handle = current_thread_rt
540 0 : .as_ref()
541 0 : .unwrap_or_else(|| HTTP_RUNTIME.handle())
542 0 : .spawn(http::task_main_http(
543 0 : conf.clone(),
544 0 : http_listener,
545 0 : global_timelines.clone(),
546 0 : ))
547 0 : .map(|res| ("HTTP service main".to_owned(), res));
548 0 : tasks_handles.push(Box::pin(http_handle));
549 :
550 0 : if let Some(https_listener) = https_listener {
551 0 : let https_handle = current_thread_rt
552 0 : .as_ref()
553 0 : .unwrap_or_else(|| HTTP_RUNTIME.handle())
554 0 : .spawn(http::task_main_https(
555 0 : conf.clone(),
556 0 : https_listener,
557 0 : global_timelines.clone(),
558 0 : ))
559 0 : .map(|res| ("HTTPS service main".to_owned(), res));
560 0 : tasks_handles.push(Box::pin(https_handle));
561 0 : }
562 :
563 0 : let broker_task_handle = current_thread_rt
564 0 : .as_ref()
565 0 : .unwrap_or_else(|| BROKER_RUNTIME.handle())
566 0 : .spawn(
567 0 : broker::task_main(conf.clone(), global_timelines.clone())
568 0 : .instrument(info_span!("broker")),
569 : )
570 0 : .map(|res| ("broker main".to_owned(), res));
571 0 : tasks_handles.push(Box::pin(broker_task_handle));
572 0 :
573 0 : set_build_info_metric(GIT_VERSION, BUILD_TAG);
574 :
575 : // TODO: update tokio-stream, convert to real async Stream with
576 : // SignalStream, map it to obtain missing signal name, combine streams into
577 : // single stream we can easily sit on.
578 0 : let mut sigquit_stream = signal(SignalKind::quit())?;
579 0 : let mut sigint_stream = signal(SignalKind::interrupt())?;
580 0 : let mut sigterm_stream = signal(SignalKind::terminate())?;
581 :
582 : // Notify systemd that we are ready. This is important as currently loading
583 : // timelines takes significant time (~30s in busy regions).
584 0 : if let Err(e) = sd_notify::notify(true, &[NotifyState::Ready]) {
585 0 : warn!("systemd notify failed: {:?}", e);
586 0 : }
587 :
588 0 : tokio::select! {
589 0 : Some((task_name, res)) = tasks_handles.next()=> {
590 0 : error!("{} task failed: {:?}, exiting", task_name, res);
591 0 : std::process::exit(1);
592 : }
593 : // On any shutdown signal, log receival and exit. Additionally, handling
594 : // SIGQUIT prevents coredump.
595 0 : _ = sigquit_stream.recv() => info!("received SIGQUIT, terminating"),
596 0 : _ = sigint_stream.recv() => info!("received SIGINT, terminating"),
597 0 : _ = sigterm_stream.recv() => info!("received SIGTERM, terminating")
598 :
599 : };
600 0 : std::process::exit(0);
601 0 : }
602 :
603 : /// Determine safekeeper id.
604 0 : fn set_id(workdir: &Utf8Path, given_id: Option<NodeId>) -> Result<NodeId> {
605 0 : let id_file_path = workdir.join(ID_FILE_NAME);
606 0 :
607 0 : let my_id: NodeId;
608 0 : // If file with ID exists, read it in; otherwise set one passed.
609 0 : match fs::read(&id_file_path) {
610 0 : Ok(id_serialized) => {
611 0 : my_id = NodeId(
612 0 : std::str::from_utf8(&id_serialized)
613 0 : .context("failed to parse safekeeper id")?
614 0 : .parse()
615 0 : .context("failed to parse safekeeper id")?,
616 : );
617 0 : if let Some(given_id) = given_id {
618 0 : if given_id != my_id {
619 0 : bail!(
620 0 : "safekeeper already initialized with id {}, can't set {}",
621 0 : my_id,
622 0 : given_id
623 0 : );
624 0 : }
625 0 : }
626 0 : info!("safekeeper ID {}", my_id);
627 : }
628 0 : Err(error) => match error.kind() {
629 : ErrorKind::NotFound => {
630 0 : my_id = if let Some(given_id) = given_id {
631 0 : given_id
632 : } else {
633 0 : bail!("safekeeper id is not specified");
634 : };
635 0 : let mut f = File::create(&id_file_path)
636 0 : .with_context(|| format!("Failed to create id file at {id_file_path:?}"))?;
637 0 : f.write_all(my_id.to_string().as_bytes())?;
638 0 : f.sync_all()?;
639 0 : info!("initialized safekeeper id {}", my_id);
640 : }
641 : _ => {
642 0 : return Err(error.into());
643 : }
644 : },
645 : }
646 0 : Ok(my_id)
647 0 : }
648 :
649 0 : fn parse_remote_storage(storage_conf: &str) -> anyhow::Result<RemoteStorageConfig> {
650 0 : RemoteStorageConfig::from_toml(&storage_conf.parse()?)
651 0 : }
652 :
653 : #[test]
654 1 : fn verify_cli() {
655 : use clap::CommandFactory;
656 1 : Args::command().debug_assert()
657 1 : }
|
