Documentation ¶
Index ¶
- Variables
- func IgnoreDialFailures(err error) error
- func InsertRecord(log *zap.Logger, txn *badger.Txn, nodeID NodeID, keyHash authdb.KeyHash, ...) error
- type Admin
- func (admin *Admin) DeleteRecord(ctx context.Context, req *pb.DeleteRecordRequest) (_ *pb.DeleteRecordResponse, err error)
- func (admin *Admin) InvalidateRecord(ctx context.Context, req *pb.InvalidateRecordRequest) (_ *pb.InvalidateRecordResponse, err error)
- func (admin *Admin) UnpublishRecord(ctx context.Context, req *pb.UnpublishRecordRequest) (_ *pb.UnpublishRecordResponse, err error)
- type Backup
- type BackupConfig
- type Client
- type Clock
- type Config
- type DB
- func (db *DB) Close() error
- func (db *DB) DeleteUnused(context.Context, time.Duration, int, int) (int64, int64, map[string]int64, error)
- func (db *DB) Get(ctx context.Context, keyHash authdb.KeyHash) (record *authdb.Record, err error)
- func (db *DB) PingDB(ctx context.Context) (err error)
- func (db *DB) Put(ctx context.Context, keyHash authdb.KeyHash, record *authdb.Record) error
- func (db *DB) PutAtTime(ctx context.Context, keyHash authdb.KeyHash, record *authdb.Record, ...) (err error)
- func (db *DB) UnderlyingDB() *badger.DB
- type Node
- func (node *Node) Address() string
- func (node *Node) Close() error
- func (node *Node) DeleteUnused(ctx context.Context, asOfSystemInterval time.Duration, ...) (count, rounds int64, deletesPerHead map[string]int64, err error)
- func (node *Node) Get(ctx context.Context, keyHash authdb.KeyHash) (record *authdb.Record, err error)
- func (node *Node) ID() NodeID
- func (node *Node) Peek(ctx context.Context, req *pb.PeekRequest) (_ *pb.PeekResponse, err error)
- func (node *Node) Ping(ctx context.Context, req *pb.PingRequest) (*pb.PingResponse, error)
- func (node *Node) PingDB(ctx context.Context) error
- func (node *Node) Put(ctx context.Context, keyHash authdb.KeyHash, record *authdb.Record) error
- func (node *Node) PutAtTime(ctx context.Context, keyHash authdb.KeyHash, record *authdb.Record, ...) error
- func (node *Node) Replicate(ctx context.Context, req *pb.ReplicationRequest) (_ *pb.ReplicationResponse, err error)
- func (node *Node) Run(ctx context.Context) error
- func (node *Node) TestingPeers(ctx context.Context) []*Peer
- func (node *Node) TestingSetJoin(addresses []string)
- func (node *Node) UnderlyingDB() *DB
- type NodeID
- type Peer
- type PeerStatus
- type ReplicationLogEntry
- type TLSOptions
Constants ¶
This section is empty.
Variables ¶
var ( // ProtoError is a class of proto errors. ProtoError = errs.Class("proto") // ErrKeyAlreadyExists is an error returned when putting a key that exists. ErrKeyAlreadyExists = Error.New("key already exists") // ErrDBStartedWithDifferentNodeID is returned when a database is started with a different node id. ErrDBStartedWithDifferentNodeID = errs.Class("wrong node id") )
var ( // Error is the default error class for the badgerauth package. Error = errs.Class("badgerauth") // DialError is an error class for dial failures. DialError = errs.Class("dial") )
var BackupError = errs.Class("backup")
BackupError is a class of backup errors.
var ClockError = errs.Class("clock")
ClockError is a class of clock errors.
var NodeIDError = errs.Class("node ID")
NodeIDError is a class of id errors.
var ReplicationLogError = errs.Class("replication log")
ReplicationLogError is a class of replication log errors.
var TLSError = errs.Class("tls")
TLSError is an error class for tls setup problems.
Functions ¶
func IgnoreDialFailures ¶ added in v1.36.0
IgnoreDialFailures returns nil if err contains DialError (and err otherwise).
func InsertRecord ¶ added in v1.29.0
func InsertRecord(log *zap.Logger, txn *badger.Txn, nodeID NodeID, keyHash authdb.KeyHash, record *pb.Record) error
InsertRecord inserts a record, adding a corresponding replication log entry consistent with the record's state.
InsertRecord can be used to insert on any node for any node.
Types ¶
type Admin ¶ added in v1.31.0
type Admin struct {
// contains filtered or unexported fields
}
Admin represents a service that allows managing database records directly.
func (*Admin) DeleteRecord ¶ added in v1.31.0
func (admin *Admin) DeleteRecord(ctx context.Context, req *pb.DeleteRecordRequest) (_ *pb.DeleteRecordResponse, err error)
DeleteRecord deletes a database record.
func (*Admin) InvalidateRecord ¶ added in v1.31.0
func (admin *Admin) InvalidateRecord(ctx context.Context, req *pb.InvalidateRecordRequest) (_ *pb.InvalidateRecordResponse, err error)
InvalidateRecord invalidates a record.
func (*Admin) UnpublishRecord ¶ added in v1.31.0
func (admin *Admin) UnpublishRecord(ctx context.Context, req *pb.UnpublishRecordRequest) (_ *pb.UnpublishRecordResponse, err error)
UnpublishRecord unpublishes a record.
type Backup ¶ added in v1.31.0
type Backup struct { Client Client SyncCycle *sync2.Cycle // contains filtered or unexported fields }
Backup represents a backup job that backs up the database.
type BackupConfig ¶ added in v1.31.0
type BackupConfig struct { Enabled bool `user:"true" help:"enable backups" default:"false"` Endpoint string `user:"true" help:"backup bucket endpoint hostname, e.g. s3.amazonaws.com"` Bucket string `user:"true" help:"bucket name where database backups are stored"` Prefix string `user:"true" help:"database backup object path prefix"` Interval time.Duration `user:"true" help:"how often full backups are run" default:"1h"` AccessKeyID string `user:"true" help:"access key for backup bucket"` SecretAccessKey string `user:"true" help:"secret key for backup bucket"` }
BackupConfig provides options for creating a backup.
type Client ¶ added in v1.31.0
type Client interface {
PutObject(ctx context.Context, bucketName, objectName string, reader io.Reader, objectSize int64, opts minio.PutObjectOptions) (info minio.UploadInfo, err error)
}
Client is the interface for the object store.
type Clock ¶ added in v1.26.0
type Clock uint64
Clock represents logical time on a single DB.
type Config ¶ added in v1.26.0
type Config struct { ID NodeID `user:"true" help:"unique identifier for the node" default:""` FirstStart bool `user:"true" help:"allow start with empty storage" devDefault:"true" releaseDefault:"false"` // Path is where to store data. Empty means in memory. Path string `user:"true" help:"path where to store data" default:""` Address string `user:"true" help:"address that the node listens on" default:":20004"` Join []string `user:"true" help:"comma delimited list of cluster peers" default:""` CertsDir string `user:"true" help:"directory for certificates for mutual authentication"` // ReplicationInterval defines how often to connect and request status from // other nodes. ReplicationInterval time.Duration `user:"true" help:"how often to replicate" default:"30s" devDefault:"5s"` // ReplicationLimit is per node ID limit of replication response entries to // return. ReplicationLimit int `user:"true" help:"maximum entries returned in replication response" default:"1000"` // ConflictBackoff configures retries for conflicting transactions that may // occur when Node's underlying storage engine is under heavy load. ConflictBackoff backoff.ExponentialBackoff // InsecureDisableTLS allows disabling tls for testing. InsecureDisableTLS bool `internal:"true"` Backup BackupConfig }
Config provides options for creating a Node.
Keep this in sync with badgerauthtest.setConfigDefaults.
type DB ¶ added in v1.27.0
type DB struct {
// contains filtered or unexported fields
}
DB represents authentication storage based on BadgerDB. This implements the data-storage layer for a distributed Node.
func (*DB) DeleteUnused ¶ added in v1.27.0
func (db *DB) DeleteUnused(context.Context, time.Duration, int, int) (int64, int64, map[string]int64, error)
DeleteUnused always returns an error because expiring records are deleted by default.
func (*DB) Get ¶ added in v1.27.0
Get retrieves the record from the key/value store. It returns nil if the key does not exist. If the record is invalid, the error contains why.
func (*DB) PingDB ¶ added in v1.29.0
PingDB attempts to do a database roundtrip and returns an error if it can't.
func (*DB) Put ¶ added in v1.27.0
Put is like PutAtTime, but it uses current time to store the record.
func (*DB) PutAtTime ¶ added in v1.27.0
func (db *DB) PutAtTime(ctx context.Context, keyHash authdb.KeyHash, record *authdb.Record, now time.Time) (err error)
PutAtTime stores the record at a specific time. It is an error if the key already exists.
func (*DB) UnderlyingDB ¶ added in v1.27.0
UnderlyingDB returns underlying BadgerDB. This method is most useful in tests.
type Node ¶
Node is distributed auth storage node that wraps DB with machinery to replicate records from and to other nodes.
func (*Node) DeleteUnused ¶
func (node *Node) DeleteUnused( ctx context.Context, asOfSystemInterval time.Duration, selectSize, deleteSize int, ) ( count, rounds int64, deletesPerHead map[string]int64, err error, )
DeleteUnused proxies DB's DeleteUnused.
func (*Node) Get ¶
func (node *Node) Get(ctx context.Context, keyHash authdb.KeyHash) (record *authdb.Record, err error)
Get returns a record from the database. If the record isn't found, we consult peer nodes to see if they have the record. This covers the case of a user putting a record onto one authservice node, but then retrieving it from another before the record has been fully synced.
func (*Node) Peek ¶ added in v1.36.0
func (node *Node) Peek(ctx context.Context, req *pb.PeekRequest) (_ *pb.PeekResponse, err error)
Peek allows fetching a specific record from the node.
func (*Node) Ping ¶
func (node *Node) Ping(ctx context.Context, req *pb.PingRequest) (*pb.PingResponse, error)
Ping allows to fetch information about the node.
func (*Node) PutAtTime ¶
func (node *Node) PutAtTime(ctx context.Context, keyHash authdb.KeyHash, record *authdb.Record, now time.Time) error
PutAtTime proxies DB's PutAtTime.
func (*Node) Replicate ¶ added in v1.28.0
func (node *Node) Replicate(ctx context.Context, req *pb.ReplicationRequest) (_ *pb.ReplicationResponse, err error)
Replicate implements a node's ability to ship its replication log/records to another node. It responds with RPC errors only.
func (*Node) TestingPeers ¶ added in v1.28.0
TestingPeers allows to access the peers for testing.
func (*Node) TestingSetJoin ¶ added in v1.28.0
TestingSetJoin sets peer nodes to join to.
func (*Node) UnderlyingDB ¶ added in v1.28.0
UnderlyingDB returns underlying DB. This method is most useful in tests.
type NodeID ¶ added in v1.26.0
type NodeID [32]byte
NodeID is a unique id for BadgerDB node.
type Peer ¶ added in v1.28.0
type Peer struct {
// contains filtered or unexported fields
}
Peer represents a node peer replication logic.
func (*Peer) Status ¶ added in v1.28.0
func (peer *Peer) Status() PeerStatus
Status returns a snapshot of the peer status.
type PeerStatus ¶ added in v1.28.0
type PeerStatus struct { Address string NodeID NodeID LastUpdated time.Time LastWasUp bool LastError error Clock Clock }
PeerStatus contains last known peer status.
type ReplicationLogEntry ¶ added in v1.27.0
type ReplicationLogEntry struct { ID NodeID Clock Clock KeyHash authdb.KeyHash State pb.Record_State }
ReplicationLogEntry represents replication log entry.
Key layout reference: https://github.com/storj/gateway-mt/blob/3ef75f412a50118d9d910e1b372e126e6ffb7503/docs/blueprints/new-auth-database.md#replication-log-entry
func (ReplicationLogEntry) Bytes ¶ added in v1.27.0
func (e ReplicationLogEntry) Bytes() []byte
Bytes returns a slice of bytes.
func (*ReplicationLogEntry) SetBytes ¶ added in v1.27.0
func (e *ReplicationLogEntry) SetBytes(entry []byte) error
SetBytes parses entry as ReplicationLogEntry and sets entry's value to result.
func (ReplicationLogEntry) ToBadgerEntry ¶ added in v1.27.0
func (e ReplicationLogEntry) ToBadgerEntry() *badger.Entry
ToBadgerEntry constructs new *badger.Entry from e.
type TLSOptions ¶ added in v1.28.0
type TLSOptions struct { // CertsDir defines a folder for loading the certificates. // The filenames follow this convention: // // node.crt, node.key: define certificate and private key // ca.crt: defines certificate authority for other peers. CertsDir string }
TLSOptions contains configuration for tls.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package badgerauthmigration helps move to badgerauth from sqlauth.
|
Package badgerauthmigration helps move to badgerauth from sqlauth. |
Package badgerauthtest is roughly inspired by the design of the storj/satellite/metabase/metabasetest package.
|
Package badgerauthtest is roughly inspired by the design of the storj/satellite/metabase/metabasetest package. |
Package pb includes protobufs for the badgerauth package.
|
Package pb includes protobufs for the badgerauth package. |