Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8098 Commits
37 Branches
296 Tags
161 MiB
Tree: dc59ccd110
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'dc59ccd110'
${ noResults }
seaweedfs/weed/server/volume_server_handlers.go

175 lines
5.2 KiB
Raw Normal View History

refactoring to separate master and volume server, so that these servers can be embedded into other applications
11 years ago
add inflight upload data wait timeout
3 years ago
refactoring to separate master and volume server, so that these servers can be embedded into other applications
11 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
jwt check the base file id fix https://github.com/chrislusf/seaweedfs/issues/867
6 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
add inflight upload data wait timeout
3 years ago
formatting code by: goimports -w=true .
10 years ago
volume: add CORS support
4 years ago
add authorizing fileId write access need to secure upload/update/delete for benchmark/filer/mount need to add secure grpc
6 years ago
directory structure change to work with glide glide has its own requirements. My previous workaround caused me some code checkin errors. Need to fix this.
9 years ago
refactoring to separate master and volume server, so that these servers can be embedded into other applications
11 years ago
Separate read and write volume handlers.
10 years ago
refactoring to separate master and volume server, so that these servers can be embedded into other applications
11 years ago
Add read only public port on volume server Add read only public port on volume server
10 years ago
Separate read and write volume handlers.
10 years ago
adjust printout
4 years ago
volume: add CORS support
4 years ago
refactoring to separate master and volume server, so that these servers can be embedded into other applications
11 years ago
better way to handler switch case
7 years ago
1. adding statistics reporting 2. refactor version to util package
11 years ago
volume: support concurrent download data size limit
3 years ago
Need to exit waiting if request is was canceled
3 years ago
volume: support concurrent download data size limit
3 years ago
fix avoid lock error fix https://github.com/chrislusf/seaweedfs/issues/2247
3 years ago
Add partial content request support.
11 years ago
refactoring to separate master and volume server, so that these servers can be embedded into other applications
11 years ago
1. adding statistics reporting 2. refactor version to util package
11 years ago
Separate read and write volume handlers.
10 years ago
better way to handler switch case
7 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
exclude the replication from the concurrentUploadLimitMB
3 years ago
Revert "adjust conditions" This reverts commit e024586ff11d025ce2dd27822a2b04e01260fb6c.
3 years ago
reduce the scope of inFlightUploadDataLimitCond lock
3 years ago
move vs.concurrentUploadLimit != 0 out of the lock
3 years ago
reduce the scope of inFlightUploadDataLimitCond lock
3 years ago
add inflight upload data wait timeout
3 years ago
reduce the scope of inFlightUploadDataLimitCond lock
3 years ago
add inflight upload data wait timeout
3 years ago
exclude replication from the concurrentUploadLimitMB
3 years ago
reduce the scope of inFlightUploadDataLimitCond lock
3 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
reduce the scope of inFlightUploadDataLimitCond lock
3 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
reduce the scope of inFlightUploadDataLimitCond lock
3 years ago
Revert "adjust conditions" This reverts commit e024586ff11d025ce2dd27822a2b04e01260fb6c.
3 years ago
add condition when inFlightUploadDataLimitCond signal
3 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
1. adding statistics reporting 2. refactor version to util package
11 years ago
Separate read and write volume handlers.
10 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
volume: add CORS support
4 years ago
filer: add CORS support
4 years ago
refactoring to separate master and volume server, so that these servers can be embedded into other applications
11 years ago
refactor: split volume handlers into 3 files
11 years ago
filer, volume: add concurrent upload size limit to avoid OOM add some back pressure when writes are slow
4 years ago
Add read only public port on volume server Add read only public port on volume server
10 years ago
adjust printout
4 years ago
volume: add CORS support
4 years ago
Separate read and write volume handlers.
10 years ago
fix avoid lock error fix https://github.com/chrislusf/seaweedfs/issues/2247
3 years ago
Separate read and write volume handlers.
10 years ago
fix avoid lock error fix https://github.com/chrislusf/seaweedfs/issues/2247
3 years ago
Separate read and write volume handlers.
10 years ago
volume: add CORS support
4 years ago
filer: add CORS support
4 years ago
batch delete on volume servers
11 years ago
add authorizing fileId write access need to secure upload/update/delete for benchmark/filer/mount need to add secure grpc
6 years ago
jwt for read access control
6 years ago
add authorizing fileId write access need to secure upload/update/delete for benchmark/filer/mount need to add secure grpc
6 years ago
jwt for read access control
6 years ago
go fmt
6 years ago
jwt for read access control
6 years ago
add authorizing fileId write access need to secure upload/update/delete for benchmark/filer/mount need to add secure grpc
6 years ago
Refactor: pass in claim type into security.DecodeJwt
3 years ago
add authorizing fileId write access need to secure upload/update/delete for benchmark/filer/mount need to add secure grpc
6 years ago
jwt check the base file id fix https://github.com/chrislusf/seaweedfs/issues/867
6 years ago
add authorizing fileId write access need to secure upload/update/delete for benchmark/filer/mount need to add secure grpc
6 years ago
  1. package weed_server
  3. import (
  4. "fmt"
  5. "net/http"
  6. "strconv"
  7. "strings"
  8. "sync/atomic"
  9. "time"
  11. "github.com/chrislusf/seaweedfs/weed/util"
  13. "github.com/chrislusf/seaweedfs/weed/glog"
  14. "github.com/chrislusf/seaweedfs/weed/security"
  15. "github.com/chrislusf/seaweedfs/weed/stats"
  16. )
  18. /*
  20. If volume server is started with a separated public port, the public port will
  21. be more "secure".
  23. Public port currently only supports reads.
  25. Later writes on public port can have one of the 3
  26. security settings:
  27. 1. not secured
  28. 2. secured by white list
  29. 3. secured by JWT(Json Web Token)
  31. */
  33. func (vs *VolumeServer) privateStoreHandler(w http.ResponseWriter, r *http.Request) {
  34. w.Header().Set("Server", "SeaweedFS Volume "+util.VERSION)
  35. if r.Header.Get("Origin") != "" {
  36. w.Header().Set("Access-Control-Allow-Origin", "*")
  37. w.Header().Set("Access-Control-Allow-Credentials", "true")
  38. }
  39. switch r.Method {
  40. case "GET", "HEAD":
  41. stats.ReadRequest()
  42. vs.inFlightDownloadDataLimitCond.L.Lock()
  43. for vs.concurrentDownloadLimit != 0 && atomic.LoadInt64(&vs.inFlightDownloadDataSize) > vs.concurrentDownloadLimit {
  44. select {
  45. case <-r.Context().Done():
  46. glog.V(4).Infof("request cancelled from %s: %v", r.RemoteAddr, r.Context().Err())
  47. return
  48. default:
  49. glog.V(4).Infof("wait because inflight download data %d > %d", vs.inFlightDownloadDataSize, vs.concurrentDownloadLimit)
  50. vs.inFlightDownloadDataLimitCond.Wait()
  51. }
  52. }
  53. vs.inFlightDownloadDataLimitCond.L.Unlock()
  54. vs.GetOrHeadHandler(w, r)
  55. case "DELETE":
  56. stats.DeleteRequest()
  57. vs.guard.WhiteList(vs.DeleteHandler)(w, r)
  58. case "PUT", "POST":
  60. contentLength := getContentLength(r)
  61. // exclude the replication from the concurrentUploadLimitMB
  62. if r.URL.Query().Get("type") != "replicate" && vs.concurrentUploadLimit != 0 {
  63. startTime := time.Now()
  64. vs.inFlightUploadDataLimitCond.L.Lock()
  65. for vs.inFlightUploadDataSize > vs.concurrentUploadLimit {
  66. //wait timeout check
  67. if startTime.Add(vs.inflightUploadDataTimeout).Before(time.Now()) {
  68. vs.inFlightUploadDataLimitCond.L.Unlock()
  69. err := fmt.Errorf("reject because inflight upload data %d > %d, and wait timeout", vs.inFlightUploadDataSize, vs.concurrentUploadLimit)
  70. glog.V(1).Infof("too many requests: %v", err)
  71. writeJsonError(w, r, http.StatusTooManyRequests, err)
  72. return
  73. }
  74. glog.V(4).Infof("wait because inflight upload data %d > %d", vs.inFlightUploadDataSize, vs.concurrentUploadLimit)
  75. vs.inFlightUploadDataLimitCond.Wait()
  76. }
  77. vs.inFlightUploadDataLimitCond.L.Unlock()
  78. }
  79. atomic.AddInt64(&vs.inFlightUploadDataSize, contentLength)
  80. defer func() {
  81. atomic.AddInt64(&vs.inFlightUploadDataSize, -contentLength)
  82. if vs.concurrentUploadLimit != 0 {
  83. vs.inFlightUploadDataLimitCond.Signal()
  84. }
  85. }()
  87. // processs uploads
  88. stats.WriteRequest()
  89. vs.guard.WhiteList(vs.PostHandler)(w, r)
  91. case "OPTIONS":
  92. stats.ReadRequest()
  93. w.Header().Add("Access-Control-Allow-Methods", "PUT, POST, GET, DELETE, OPTIONS")
  94. w.Header().Add("Access-Control-Allow-Headers", "*")
  95. }
  96. }
  98. func getContentLength(r *http.Request) int64 {
  99. contentLength := r.Header.Get("Content-Length")
  100. if contentLength != "" {
  101. length, err := strconv.ParseInt(contentLength, 10, 64)
  102. if err != nil {
  103. return 0
  104. }
  105. return length
  106. }
  107. return 0
  108. }
  110. func (vs *VolumeServer) publicReadOnlyHandler(w http.ResponseWriter, r *http.Request) {
  111. w.Header().Set("Server", "SeaweedFS Volume "+util.VERSION)
  112. if r.Header.Get("Origin") != "" {
  113. w.Header().Set("Access-Control-Allow-Origin", "*")
  114. w.Header().Set("Access-Control-Allow-Credentials", "true")
  115. }
  116. switch r.Method {
  117. case "GET", "HEAD":
  118. stats.ReadRequest()
  119. vs.inFlightDownloadDataLimitCond.L.Lock()
  120. for vs.concurrentDownloadLimit != 0 && atomic.LoadInt64(&vs.inFlightDownloadDataSize) > vs.concurrentDownloadLimit {
  121. glog.V(4).Infof("wait because inflight download data %d > %d", vs.inFlightDownloadDataSize, vs.concurrentDownloadLimit)
  122. vs.inFlightDownloadDataLimitCond.Wait()
  123. }
  124. vs.inFlightDownloadDataLimitCond.L.Unlock()
  125. vs.GetOrHeadHandler(w, r)
  126. case "OPTIONS":
  127. stats.ReadRequest()
  128. w.Header().Add("Access-Control-Allow-Methods", "GET, OPTIONS")
  129. w.Header().Add("Access-Control-Allow-Headers", "*")
  130. }
  131. }
  133. func (vs *VolumeServer) maybeCheckJwtAuthorization(r *http.Request, vid, fid string, isWrite bool) bool {
  135. var signingKey security.SigningKey
  137. if isWrite {
  138. if len(vs.guard.SigningKey) == 0 {
  139. return true
  140. } else {
  141. signingKey = vs.guard.SigningKey
  142. }
  143. } else {
  144. if len(vs.guard.ReadSigningKey) == 0 {
  145. return true
  146. } else {
  147. signingKey = vs.guard.ReadSigningKey
  148. }
  149. }
  151. tokenStr := security.GetJwt(r)
  152. if tokenStr == "" {
  153. glog.V(1).Infof("missing jwt from %s", r.RemoteAddr)
  154. return false
  155. }
  157. token, err := security.DecodeJwt(signingKey, tokenStr, &security.SeaweedFileIdClaims{})
  158. if err != nil {
  159. glog.V(1).Infof("jwt verification error from %s: %v", r.RemoteAddr, err)
  160. return false
  161. }
  162. if !token.Valid {
  163. glog.V(1).Infof("jwt invalid from %s: %v", r.RemoteAddr, tokenStr)
  164. return false
  165. }
  167. if sc, ok := token.Claims.(*security.SeaweedFileIdClaims); ok {
  168. if sepIndex := strings.LastIndex(fid, "_"); sepIndex > 0 {
  169. fid = fid[:sepIndex]
  170. }
  171. return sc.Fid == vid+","+fid
  172. }
  173. glog.V(1).Infof("unexpected jwt from %s: %v", r.RemoteAddr, tokenStr)
  174. return false
  175. }