2022-06-24 14:52:38 -07:00
|
|
|
use arc_swap::ArcSwap;
|
2022-02-03 16:25:05 -08:00
|
|
|
use async_trait::async_trait;
|
2023-05-28 22:46:13 -04:00
|
|
|
use bb8::{ManageConnection, Pool, PooledConnection, QueueStrategy};
|
2022-02-05 10:02:13 -08:00
|
|
|
use chrono::naive::NaiveDateTime;
|
2022-02-24 08:44:41 -08:00
|
|
|
use log::{debug, error, info, warn};
|
2023-10-25 18:11:57 -04:00
|
|
|
use lru::LruCache;
|
2022-06-24 14:52:38 -07:00
|
|
|
use once_cell::sync::Lazy;
|
2022-02-24 08:44:41 -08:00
|
|
|
use parking_lot::{Mutex, RwLock};
|
2022-08-22 00:15:20 -05:00
|
|
|
use rand::seq::SliceRandom;
|
|
|
|
|
use rand::thread_rng;
|
2023-02-15 15:19:16 -06:00
|
|
|
use regex::Regex;
|
2023-02-21 21:53:10 -06:00
|
|
|
use std::collections::HashMap;
|
2023-05-23 08:44:49 -05:00
|
|
|
use std::fmt::{Display, Formatter};
|
2023-10-25 18:11:57 -04:00
|
|
|
use std::num::NonZeroUsize;
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
use std::sync::atomic::AtomicU64;
|
2023-01-28 15:36:35 -08:00
|
|
|
use std::sync::{
|
|
|
|
|
atomic::{AtomicBool, Ordering},
|
|
|
|
|
Arc,
|
|
|
|
|
};
|
2022-03-10 01:33:29 -08:00
|
|
|
use std::time::Instant;
|
2023-01-28 15:36:35 -08:00
|
|
|
use tokio::sync::Notify;
|
2022-02-03 16:25:05 -08:00
|
|
|
|
2023-05-12 09:50:52 -07:00
|
|
|
use crate::config::{
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
get_config, Address, DefaultShard, General, LoadBalancingMode, Plugins, PoolMode, Role, User,
|
2023-05-12 09:50:52 -07:00
|
|
|
};
|
2022-02-03 16:25:05 -08:00
|
|
|
use crate::errors::Error;
|
2022-07-27 21:47:55 -05:00
|
|
|
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
use crate::auth_passthrough::AuthPassthrough;
|
2023-10-25 18:11:57 -04:00
|
|
|
use crate::messages::Parse;
|
2023-05-12 09:50:52 -07:00
|
|
|
use crate::plugins::prewarmer;
|
2023-08-10 11:18:46 -04:00
|
|
|
use crate::server::{Server, ServerParameters};
|
2022-08-25 06:40:56 -07:00
|
|
|
use crate::sharding::ShardingFunction;
|
2023-05-23 08:44:49 -05:00
|
|
|
use crate::stats::{AddressStats, ClientStats, ServerStats};
|
2022-02-05 10:02:13 -08:00
|
|
|
|
2022-10-01 11:25:59 -06:00
|
|
|
pub type ProcessId = i32;
|
|
|
|
|
pub type SecretKey = i32;
|
|
|
|
|
pub type ServerHost = String;
|
|
|
|
|
pub type ServerPort = u16;
|
|
|
|
|
|
2023-03-06 06:10:59 -06:00
|
|
|
pub type BanList = Arc<RwLock<Vec<HashMap<Address, (BanReason, NaiveDateTime)>>>>;
|
2022-10-01 11:25:59 -06:00
|
|
|
pub type ClientServerMap =
|
|
|
|
|
Arc<Mutex<HashMap<(ProcessId, SecretKey), (ProcessId, SecretKey, ServerHost, ServerPort)>>>;
|
|
|
|
|
pub type PoolMap = HashMap<PoolIdentifier, ConnectionPool>;
|
2022-06-24 14:52:38 -07:00
|
|
|
/// The connection pool, globally available.
|
|
|
|
|
/// This is atomic and safe and read-optimized.
|
|
|
|
|
/// The pool is recreated dynamically when the config is reloaded.
|
2022-07-27 21:47:55 -05:00
|
|
|
pub static POOLS: Lazy<ArcSwap<PoolMap>> = Lazy::new(|| ArcSwap::from_pointee(HashMap::default()));
|
|
|
|
|
|
2023-03-06 06:10:59 -06:00
|
|
|
// Reasons for banning a server.
|
|
|
|
|
#[derive(Debug, PartialEq, Clone)]
|
|
|
|
|
pub enum BanReason {
|
|
|
|
|
FailedHealthCheck,
|
|
|
|
|
MessageSendFailed,
|
|
|
|
|
MessageReceiveFailed,
|
|
|
|
|
FailedCheckout,
|
|
|
|
|
StatementTimeout,
|
|
|
|
|
AdminBan(i64),
|
|
|
|
|
}
|
|
|
|
|
|
2023-10-25 18:11:57 -04:00
|
|
|
pub type PreparedStatementCacheType = Arc<Mutex<PreparedStatementCache>>;
|
|
|
|
|
|
|
|
|
|
// TODO: Add stats the this cache
|
|
|
|
|
// TODO: Add application name to the cache value to help identify which application is using the cache
|
|
|
|
|
// TODO: Create admin command to show which statements are in the cache
|
|
|
|
|
#[derive(Debug)]
|
|
|
|
|
pub struct PreparedStatementCache {
|
|
|
|
|
cache: LruCache<u64, Arc<Parse>>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl PreparedStatementCache {
|
|
|
|
|
pub fn new(mut size: usize) -> Self {
|
|
|
|
|
// Cannot be zeros
|
|
|
|
|
if size == 0 {
|
|
|
|
|
size = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PreparedStatementCache {
|
|
|
|
|
cache: LruCache::new(NonZeroUsize::new(size).unwrap()),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Adds the prepared statement to the cache if it doesn't exist with a new name
|
|
|
|
|
/// if it already exists will give you the existing parse
|
|
|
|
|
///
|
|
|
|
|
/// Pass the hash to this so that we can do the compute before acquiring the lock
|
|
|
|
|
pub fn get_or_insert(&mut self, parse: &Parse, hash: u64) -> Arc<Parse> {
|
|
|
|
|
match self.cache.get(&hash) {
|
|
|
|
|
Some(rewritten_parse) => rewritten_parse.clone(),
|
|
|
|
|
None => {
|
|
|
|
|
let new_parse = Arc::new(parse.clone().rewrite());
|
|
|
|
|
let evicted = self.cache.push(hash, new_parse.clone());
|
|
|
|
|
|
|
|
|
|
if let Some((_, evicted_parse)) = evicted {
|
|
|
|
|
debug!(
|
|
|
|
|
"Evicted prepared statement {} from cache",
|
|
|
|
|
evicted_parse.name
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
new_parse
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Marks the hash as most recently used if it exists
|
|
|
|
|
pub fn promote(&mut self, hash: &u64) {
|
|
|
|
|
self.cache.promote(hash);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-01 11:25:59 -06:00
|
|
|
/// An identifier for a PgCat pool,
|
|
|
|
|
/// a database visible to clients.
|
2023-03-28 17:19:37 +02:00
|
|
|
#[derive(Hash, Debug, Clone, PartialEq, Eq, Default)]
|
2022-10-01 11:25:59 -06:00
|
|
|
pub struct PoolIdentifier {
|
|
|
|
|
// The name of the database clients want to connect to.
|
|
|
|
|
pub db: String,
|
|
|
|
|
|
|
|
|
|
/// The username the client connects with. Each user gets its own pool.
|
|
|
|
|
pub user: String,
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-03 09:13:05 -07:00
|
|
|
static POOL_REAPER_RATE: u64 = 30_000; // 30 seconds by default
|
|
|
|
|
|
2022-10-01 11:25:59 -06:00
|
|
|
impl PoolIdentifier {
|
|
|
|
|
/// Create a new user/pool identifier.
|
|
|
|
|
pub fn new(db: &str, user: &str) -> PoolIdentifier {
|
|
|
|
|
PoolIdentifier {
|
|
|
|
|
db: db.to_string(),
|
|
|
|
|
user: user.to_string(),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-23 08:44:49 -05:00
|
|
|
impl Display for PoolIdentifier {
|
|
|
|
|
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
|
|
|
|
|
write!(f, "{}@{}", self.user, self.db)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-28 15:36:35 -08:00
|
|
|
impl From<&Address> for PoolIdentifier {
|
|
|
|
|
fn from(address: &Address) -> PoolIdentifier {
|
|
|
|
|
PoolIdentifier::new(&address.database, &address.username)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
/// Pool settings.
|
2022-07-27 21:47:55 -05:00
|
|
|
#[derive(Clone, Debug)]
|
|
|
|
|
pub struct PoolSettings {
|
2022-08-25 06:40:56 -07:00
|
|
|
/// Transaction or Session.
|
|
|
|
|
pub pool_mode: PoolMode,
|
|
|
|
|
|
2023-01-17 06:52:18 -06:00
|
|
|
/// Random or LeastOutstandingConnections.
|
|
|
|
|
pub load_balancing_mode: LoadBalancingMode,
|
|
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
// Number of shards.
|
|
|
|
|
pub shards: usize,
|
|
|
|
|
|
|
|
|
|
// Connecting user.
|
2022-07-27 21:47:55 -05:00
|
|
|
pub user: User,
|
2023-05-03 09:13:05 -07:00
|
|
|
pub db: String,
|
2022-08-25 06:40:56 -07:00
|
|
|
|
|
|
|
|
// Default server role to connect to.
|
|
|
|
|
pub default_role: Option<Role>,
|
|
|
|
|
|
|
|
|
|
// Enable/disable query parser.
|
2022-07-27 21:47:55 -05:00
|
|
|
pub query_parser_enabled: bool,
|
2022-08-25 06:40:56 -07:00
|
|
|
|
2023-08-08 16:10:03 -04:00
|
|
|
// Max length of query the parser will parse.
|
|
|
|
|
pub query_parser_max_length: Option<usize>,
|
|
|
|
|
|
|
|
|
|
// Infer role
|
|
|
|
|
pub query_parser_read_write_splitting: bool,
|
|
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
// Read from the primary as well or not.
|
2022-07-27 21:47:55 -05:00
|
|
|
pub primary_reads_enabled: bool,
|
2022-08-25 06:40:56 -07:00
|
|
|
|
|
|
|
|
// Sharding function.
|
|
|
|
|
pub sharding_function: ShardingFunction,
|
2022-10-25 11:47:41 -07:00
|
|
|
|
|
|
|
|
// Sharding key
|
|
|
|
|
pub automatic_sharding_key: Option<String>,
|
2022-11-16 18:51:15 -08:00
|
|
|
|
|
|
|
|
// Health check timeout
|
|
|
|
|
pub healthcheck_timeout: u64,
|
|
|
|
|
|
|
|
|
|
// Health check delay
|
|
|
|
|
pub healthcheck_delay: u64,
|
2023-01-19 20:36:48 -05:00
|
|
|
|
|
|
|
|
// Ban time
|
|
|
|
|
pub ban_time: i64,
|
2023-02-15 15:19:16 -06:00
|
|
|
|
|
|
|
|
// Regex for searching for the sharding key in SQL statements
|
|
|
|
|
pub sharding_key_regex: Option<Regex>,
|
|
|
|
|
|
|
|
|
|
// Regex for searching for the shard id in SQL statements
|
|
|
|
|
pub shard_id_regex: Option<Regex>,
|
|
|
|
|
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
// What to do when no shard is selected in a sharded system
|
|
|
|
|
pub default_shard: DefaultShard,
|
|
|
|
|
|
2023-02-15 15:19:16 -06:00
|
|
|
// Limit how much of each query is searched for a potential shard regex match
|
|
|
|
|
pub regex_search_limit: usize,
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
|
|
|
|
|
// Auth query parameters
|
|
|
|
|
pub auth_query: Option<String>,
|
|
|
|
|
pub auth_query_user: Option<String>,
|
|
|
|
|
pub auth_query_password: Option<String>,
|
2023-05-12 09:50:52 -07:00
|
|
|
|
|
|
|
|
/// Plugins
|
|
|
|
|
pub plugins: Option<Plugins>,
|
2022-07-27 21:47:55 -05:00
|
|
|
}
|
2022-08-25 06:40:56 -07:00
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
impl Default for PoolSettings {
|
|
|
|
|
fn default() -> PoolSettings {
|
|
|
|
|
PoolSettings {
|
2022-08-25 06:40:56 -07:00
|
|
|
pool_mode: PoolMode::Transaction,
|
2023-01-17 06:52:18 -06:00
|
|
|
load_balancing_mode: LoadBalancingMode::Random,
|
2022-08-25 06:40:56 -07:00
|
|
|
shards: 1,
|
2022-07-27 21:47:55 -05:00
|
|
|
user: User::default(),
|
2023-05-03 09:13:05 -07:00
|
|
|
db: String::default(),
|
2022-08-25 06:40:56 -07:00
|
|
|
default_role: None,
|
2022-07-27 21:47:55 -05:00
|
|
|
query_parser_enabled: false,
|
2023-08-08 16:10:03 -04:00
|
|
|
query_parser_max_length: None,
|
|
|
|
|
query_parser_read_write_splitting: false,
|
2022-07-27 21:47:55 -05:00
|
|
|
primary_reads_enabled: true,
|
2022-08-25 06:40:56 -07:00
|
|
|
sharding_function: ShardingFunction::PgBigintHash,
|
2022-10-25 11:47:41 -07:00
|
|
|
automatic_sharding_key: None,
|
2022-11-16 18:51:15 -08:00
|
|
|
healthcheck_delay: General::default_healthcheck_delay(),
|
|
|
|
|
healthcheck_timeout: General::default_healthcheck_timeout(),
|
2023-01-19 20:36:48 -05:00
|
|
|
ban_time: General::default_ban_time(),
|
2023-02-15 15:19:16 -06:00
|
|
|
sharding_key_regex: None,
|
|
|
|
|
shard_id_regex: None,
|
|
|
|
|
regex_search_limit: 1000,
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
default_shard: DefaultShard::Shard(0),
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
auth_query: None,
|
|
|
|
|
auth_query_user: None,
|
|
|
|
|
auth_query_password: None,
|
2023-05-12 09:50:52 -07:00
|
|
|
plugins: None,
|
2022-07-27 21:47:55 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-06-24 14:52:38 -07:00
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
/// The globally accessible connection pool.
|
2022-06-24 14:52:38 -07:00
|
|
|
#[derive(Clone, Debug, Default)]
|
2022-02-05 18:20:53 -08:00
|
|
|
pub struct ConnectionPool {
|
2022-06-24 14:52:38 -07:00
|
|
|
/// The pools handled internally by bb8.
|
2023-10-20 02:49:05 -04:00
|
|
|
databases: Arc<Vec<Vec<Pool<ServerPool>>>>,
|
2022-06-24 14:52:38 -07:00
|
|
|
|
|
|
|
|
/// The addresses (host, port, role) to handle
|
|
|
|
|
/// failover and load balancing deterministically.
|
2023-10-20 02:49:05 -04:00
|
|
|
addresses: Arc<Vec<Vec<Address>>>,
|
2022-06-24 14:52:38 -07:00
|
|
|
|
|
|
|
|
/// List of banned addresses (see above)
|
|
|
|
|
/// that should not be queried.
|
2022-02-05 18:20:53 -08:00
|
|
|
banlist: BanList,
|
2022-06-24 14:52:38 -07:00
|
|
|
|
2023-08-10 11:18:46 -04:00
|
|
|
/// The server information has to be passed to the
|
2022-06-24 14:52:38 -07:00
|
|
|
/// clients on startup. We pre-connect to all shards and replicas
|
2023-08-10 11:18:46 -04:00
|
|
|
/// on pool creation and save the startup parameters here.
|
|
|
|
|
original_server_parameters: Arc<RwLock<ServerParameters>>,
|
2022-07-27 21:47:55 -05:00
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
/// Pool configuration.
|
2023-10-20 02:49:05 -04:00
|
|
|
pub settings: Arc<PoolSettings>,
|
2023-01-28 15:36:35 -08:00
|
|
|
|
|
|
|
|
/// If not validated, we need to double check the pool is available before allowing a client
|
|
|
|
|
/// to use it.
|
|
|
|
|
validated: Arc<AtomicBool>,
|
|
|
|
|
|
2023-02-21 21:53:10 -06:00
|
|
|
/// Hash value for the pool configs. It is used to compare new configs
|
|
|
|
|
/// against current config to decide whether or not we need to recreate
|
|
|
|
|
/// the pool after a RELOAD command
|
|
|
|
|
pub config_hash: u64,
|
|
|
|
|
|
2023-01-28 15:36:35 -08:00
|
|
|
/// If the pool has been paused or not.
|
|
|
|
|
paused: Arc<AtomicBool>,
|
|
|
|
|
paused_waiter: Arc<Notify>,
|
2023-03-28 17:19:37 +02:00
|
|
|
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
/// AuthInfo
|
|
|
|
|
pub auth_hash: Arc<RwLock<Option<String>>>,
|
2023-10-25 18:11:57 -04:00
|
|
|
|
|
|
|
|
/// Cache
|
|
|
|
|
pub prepared_statement_cache: Option<PreparedStatementCacheType>,
|
2022-02-03 16:25:05 -08:00
|
|
|
}
|
|
|
|
|
|
2022-02-05 18:20:53 -08:00
|
|
|
impl ConnectionPool {
|
2022-03-10 01:33:29 -08:00
|
|
|
/// Construct the connection pool from the configuration.
|
2022-06-24 14:52:38 -07:00
|
|
|
pub async fn from_config(client_server_map: ClientServerMap) -> Result<(), Error> {
|
2022-02-19 13:57:35 -08:00
|
|
|
let config = get_config();
|
2022-06-24 14:52:38 -07:00
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
let mut new_pools = HashMap::new();
|
2023-03-10 06:23:51 -06:00
|
|
|
let mut address_id: usize = 0;
|
2022-08-25 06:40:56 -07:00
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
for (pool_name, pool_config) in &config.pools {
|
2023-02-21 21:53:10 -06:00
|
|
|
let new_pool_hash_value = pool_config.hash_value();
|
2022-09-23 11:32:05 -07:00
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
// There is one pool per database/user pair.
|
2022-11-10 02:04:31 +08:00
|
|
|
for user in pool_config.users.values() {
|
2023-02-21 21:53:10 -06:00
|
|
|
let old_pool_ref = get_pool(pool_name, &user.username);
|
2023-03-28 17:19:37 +02:00
|
|
|
let identifier = PoolIdentifier::new(pool_name, &user.username);
|
2023-02-21 21:53:10 -06:00
|
|
|
|
2023-10-10 09:18:21 -07:00
|
|
|
if let Some(pool) = old_pool_ref {
|
|
|
|
|
// If the pool hasn't changed, get existing reference and insert it into the new_pools.
|
|
|
|
|
// We replace all pools at the end, but if the reference is kept, the pool won't get re-created (bb8).
|
|
|
|
|
if pool.config_hash == new_pool_hash_value {
|
|
|
|
|
info!(
|
|
|
|
|
"[pool: {}][user: {}] has not changed",
|
|
|
|
|
pool_name, user.username
|
|
|
|
|
);
|
|
|
|
|
new_pools.insert(identifier.clone(), pool.clone());
|
|
|
|
|
continue;
|
2022-09-23 12:06:07 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-23 11:32:05 -07:00
|
|
|
info!(
|
|
|
|
|
"[pool: {}][user: {}] creating new pool",
|
|
|
|
|
pool_name, user.username
|
|
|
|
|
);
|
|
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
let mut shards = Vec::new();
|
|
|
|
|
let mut addresses = Vec::new();
|
|
|
|
|
let mut banlist = Vec::new();
|
|
|
|
|
let mut shard_ids = pool_config
|
|
|
|
|
.shards
|
|
|
|
|
.clone()
|
|
|
|
|
.into_keys()
|
|
|
|
|
.collect::<Vec<String>>();
|
|
|
|
|
|
|
|
|
|
// Sort by shard number to ensure consistency.
|
|
|
|
|
shard_ids.sort_by_key(|k| k.parse::<i64>().unwrap());
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
let pool_auth_hash: Arc<RwLock<Option<String>>> = Arc::new(RwLock::new(None));
|
2022-07-27 21:47:55 -05:00
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
for shard_idx in &shard_ids {
|
|
|
|
|
let shard = &pool_config.shards[shard_idx];
|
2022-07-27 21:47:55 -05:00
|
|
|
let mut pools = Vec::new();
|
|
|
|
|
let mut servers = Vec::new();
|
|
|
|
|
let mut replica_number = 0;
|
|
|
|
|
|
2023-03-10 06:23:51 -06:00
|
|
|
// Load Mirror settings
|
2022-11-10 02:04:31 +08:00
|
|
|
for (address_index, server) in shard.servers.iter().enumerate() {
|
2023-03-10 06:23:51 -06:00
|
|
|
let mut mirror_addresses = vec![];
|
|
|
|
|
if let Some(mirror_settings_vec) = &shard.mirrors {
|
|
|
|
|
for (mirror_idx, mirror_settings) in
|
|
|
|
|
mirror_settings_vec.iter().enumerate()
|
|
|
|
|
{
|
|
|
|
|
if mirror_settings.mirroring_target_index != address_index {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
mirror_addresses.push(Address {
|
|
|
|
|
id: address_id,
|
|
|
|
|
database: shard.database.clone(),
|
|
|
|
|
host: mirror_settings.host.clone(),
|
|
|
|
|
port: mirror_settings.port,
|
|
|
|
|
role: server.role,
|
|
|
|
|
address_index: mirror_idx,
|
|
|
|
|
replica_number,
|
|
|
|
|
shard: shard_idx.parse::<usize>().unwrap(),
|
|
|
|
|
username: user.username.clone(),
|
|
|
|
|
pool_name: pool_name.clone(),
|
|
|
|
|
mirrors: vec![],
|
2023-03-28 17:19:37 +02:00
|
|
|
stats: Arc::new(AddressStats::default()),
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
error_count: Arc::new(AtomicU64::new(0)),
|
2023-03-10 06:23:51 -06:00
|
|
|
});
|
|
|
|
|
address_id += 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
let address = Address {
|
|
|
|
|
id: address_id,
|
2022-08-17 10:40:47 -05:00
|
|
|
database: shard.database.clone(),
|
2022-09-22 13:07:02 -04:00
|
|
|
host: server.host.clone(),
|
|
|
|
|
port: server.port,
|
|
|
|
|
role: server.role,
|
2022-08-21 22:40:49 -07:00
|
|
|
address_index,
|
|
|
|
|
replica_number,
|
2022-07-27 21:47:55 -05:00
|
|
|
shard: shard_idx.parse::<usize>().unwrap(),
|
2022-08-25 06:40:56 -07:00
|
|
|
username: user.username.clone(),
|
2022-08-21 22:40:49 -07:00
|
|
|
pool_name: pool_name.clone(),
|
2023-03-10 06:23:51 -06:00
|
|
|
mirrors: mirror_addresses,
|
2023-03-28 17:19:37 +02:00
|
|
|
stats: Arc::new(AddressStats::default()),
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
error_count: Arc::new(AtomicU64::new(0)),
|
2022-07-27 21:47:55 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
address_id += 1;
|
|
|
|
|
|
2022-09-22 13:07:02 -04:00
|
|
|
if server.role == Role::Replica {
|
2022-07-27 21:47:55 -05:00
|
|
|
replica_number += 1;
|
|
|
|
|
}
|
|
|
|
|
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
// We assume every server in the pool share user/passwords
|
|
|
|
|
let auth_passthrough = AuthPassthrough::from_pool_config(pool_config);
|
|
|
|
|
|
|
|
|
|
if let Some(apt) = &auth_passthrough {
|
|
|
|
|
match apt.fetch_hash(&address).await {
|
2023-04-26 16:33:26 -07:00
|
|
|
Ok(ok) => {
|
|
|
|
|
if let Some(ref pool_auth_hash_value) = *(pool_auth_hash.read())
|
|
|
|
|
{
|
|
|
|
|
if ok != *pool_auth_hash_value {
|
|
|
|
|
warn!(
|
|
|
|
|
"Hash is not the same across shards \
|
|
|
|
|
of the same pool, client auth will \
|
|
|
|
|
be done using last obtained hash. \
|
|
|
|
|
Server: {}:{}, Database: {}",
|
|
|
|
|
server.host, server.port, shard.database,
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
debug!("Hash obtained for {:?}", address);
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
let mut pool_auth_hash = pool_auth_hash.write();
|
|
|
|
|
*pool_auth_hash = Some(ok.clone());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Err(err) => warn!(
|
|
|
|
|
"Could not obtain password hashes \
|
|
|
|
|
using auth_query config, ignoring. \
|
|
|
|
|
Error: {:?}",
|
|
|
|
|
err,
|
|
|
|
|
),
|
|
|
|
|
}
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
}
|
|
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
let manager = ServerPool::new(
|
|
|
|
|
address.clone(),
|
2022-08-25 06:40:56 -07:00
|
|
|
user.clone(),
|
2022-07-27 21:47:55 -05:00
|
|
|
&shard.database,
|
|
|
|
|
client_server_map.clone(),
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
pool_auth_hash.clone(),
|
2023-05-12 09:50:52 -07:00
|
|
|
match pool_config.plugins {
|
|
|
|
|
Some(ref plugins) => Some(plugins.clone()),
|
|
|
|
|
None => config.plugins.clone(),
|
|
|
|
|
},
|
2023-05-18 10:46:55 -07:00
|
|
|
pool_config.cleanup_server_connections,
|
2023-08-16 14:01:21 -04:00
|
|
|
pool_config.log_client_parameter_status_changes,
|
2023-10-25 18:11:57 -04:00
|
|
|
pool_config.prepared_statements_cache_size,
|
2022-07-27 21:47:55 -05:00
|
|
|
);
|
2022-02-08 09:25:59 -08:00
|
|
|
|
2023-11-06 12:18:52 -08:00
|
|
|
let connect_timeout = match user.connect_timeout {
|
2022-09-28 09:50:14 -04:00
|
|
|
Some(connect_timeout) => connect_timeout,
|
2023-11-06 12:18:52 -08:00
|
|
|
None => match pool_config.connect_timeout {
|
|
|
|
|
Some(connect_timeout) => connect_timeout,
|
|
|
|
|
None => config.general.connect_timeout,
|
|
|
|
|
},
|
2022-09-28 09:50:14 -04:00
|
|
|
};
|
|
|
|
|
|
2023-11-06 12:18:52 -08:00
|
|
|
let idle_timeout = match user.idle_timeout {
|
Allow setting `idle_timeout` for server connections. (#257)
In postgres, you can specify an `idle_session_timeout` which will close
sessions idling for that amount of time. If a session is closed because
of a timeout, PgCat will erroneously mark the server as unhealthy as the next
health check will return an error because the connection was drop, if no
health check is to be executed, it will simply fail trying to send the query
to the server for the same reason, the conn was drop.
Given that bb8 allows configuring an idle_timeout for pools, it would be
nice to allow setting this parameter in the config file, this way you can
set it to something shorter than the server one. Also, server pool will be kept
smaller in moments of less traffic. Actually, currently this value is set as its
default in bb8, which is 10 minutes.
This changes allows setting the parameter using the config file. It can be set both
globally and per pool. When creating the pool, if the pool don't have it defined, global
value is used.
2022-12-16 17:01:00 +01:00
|
|
|
Some(idle_timeout) => idle_timeout,
|
2023-11-06 12:18:52 -08:00
|
|
|
None => match pool_config.idle_timeout {
|
|
|
|
|
Some(idle_timeout) => idle_timeout,
|
|
|
|
|
None => config.general.idle_timeout,
|
|
|
|
|
},
|
Allow setting `idle_timeout` for server connections. (#257)
In postgres, you can specify an `idle_session_timeout` which will close
sessions idling for that amount of time. If a session is closed because
of a timeout, PgCat will erroneously mark the server as unhealthy as the next
health check will return an error because the connection was drop, if no
health check is to be executed, it will simply fail trying to send the query
to the server for the same reason, the conn was drop.
Given that bb8 allows configuring an idle_timeout for pools, it would be
nice to allow setting this parameter in the config file, this way you can
set it to something shorter than the server one. Also, server pool will be kept
smaller in moments of less traffic. Actually, currently this value is set as its
default in bb8, which is 10 minutes.
This changes allows setting the parameter using the config file. It can be set both
globally and per pool. When creating the pool, if the pool don't have it defined, global
value is used.
2022-12-16 17:01:00 +01:00
|
|
|
};
|
|
|
|
|
|
2023-04-26 16:33:26 -07:00
|
|
|
let server_lifetime = match user.server_lifetime {
|
|
|
|
|
Some(server_lifetime) => server_lifetime,
|
|
|
|
|
None => match pool_config.server_lifetime {
|
|
|
|
|
Some(server_lifetime) => server_lifetime,
|
|
|
|
|
None => config.general.server_lifetime,
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
|
2023-10-10 09:18:21 -07:00
|
|
|
let reaper_rate = *[idle_timeout, server_lifetime, POOL_REAPER_RATE]
|
2023-05-03 09:13:05 -07:00
|
|
|
.iter()
|
|
|
|
|
.min()
|
|
|
|
|
.unwrap();
|
|
|
|
|
|
2023-06-09 14:35:20 -04:00
|
|
|
let queue_strategy = match config.general.server_round_robin {
|
|
|
|
|
true => QueueStrategy::Fifo,
|
|
|
|
|
false => QueueStrategy::Lifo,
|
|
|
|
|
};
|
|
|
|
|
|
2023-05-12 09:50:52 -07:00
|
|
|
debug!(
|
|
|
|
|
"[pool: {}][user: {}] Pool reaper rate: {}ms",
|
|
|
|
|
pool_name, user.username, reaper_rate
|
|
|
|
|
);
|
2023-05-03 09:13:05 -07:00
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
let pool = Pool::builder()
|
2022-08-25 06:40:56 -07:00
|
|
|
.max_size(user.pool_size)
|
2023-04-26 16:33:26 -07:00
|
|
|
.min_idle(user.min_pool_size)
|
2022-09-28 09:50:14 -04:00
|
|
|
.connection_timeout(std::time::Duration::from_millis(connect_timeout))
|
Allow setting `idle_timeout` for server connections. (#257)
In postgres, you can specify an `idle_session_timeout` which will close
sessions idling for that amount of time. If a session is closed because
of a timeout, PgCat will erroneously mark the server as unhealthy as the next
health check will return an error because the connection was drop, if no
health check is to be executed, it will simply fail trying to send the query
to the server for the same reason, the conn was drop.
Given that bb8 allows configuring an idle_timeout for pools, it would be
nice to allow setting this parameter in the config file, this way you can
set it to something shorter than the server one. Also, server pool will be kept
smaller in moments of less traffic. Actually, currently this value is set as its
default in bb8, which is 10 minutes.
This changes allows setting the parameter using the config file. It can be set both
globally and per pool. When creating the pool, if the pool don't have it defined, global
value is used.
2022-12-16 17:01:00 +01:00
|
|
|
.idle_timeout(Some(std::time::Duration::from_millis(idle_timeout)))
|
2023-04-26 16:33:26 -07:00
|
|
|
.max_lifetime(Some(std::time::Duration::from_millis(server_lifetime)))
|
2023-05-03 09:13:05 -07:00
|
|
|
.reaper_rate(std::time::Duration::from_millis(reaper_rate))
|
2023-06-09 14:35:20 -04:00
|
|
|
.queue_strategy(queue_strategy)
|
2023-05-12 12:48:37 -07:00
|
|
|
.test_on_check_out(false);
|
|
|
|
|
|
|
|
|
|
let pool = if config.general.validate_config {
|
|
|
|
|
pool.build(manager).await?
|
|
|
|
|
} else {
|
|
|
|
|
pool.build_unchecked(manager)
|
|
|
|
|
};
|
2022-07-27 21:47:55 -05:00
|
|
|
|
|
|
|
|
pools.push(pool);
|
|
|
|
|
servers.push(address);
|
|
|
|
|
}
|
2022-03-04 17:04:27 -08:00
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
shards.push(pools);
|
|
|
|
|
addresses.push(servers);
|
|
|
|
|
banlist.push(HashMap::new());
|
2022-03-01 22:49:43 -08:00
|
|
|
}
|
|
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
assert_eq!(shards.len(), addresses.len());
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
if let Some(ref _auth_hash) = *(pool_auth_hash.clone().read()) {
|
|
|
|
|
info!(
|
|
|
|
|
"Auth hash obtained from query_auth for pool {{ name: {}, user: {} }}",
|
|
|
|
|
pool_name, user.username
|
|
|
|
|
);
|
|
|
|
|
}
|
2022-07-27 21:47:55 -05:00
|
|
|
|
2023-01-28 15:36:35 -08:00
|
|
|
let pool = ConnectionPool {
|
2023-10-20 02:49:05 -04:00
|
|
|
databases: Arc::new(shards),
|
|
|
|
|
addresses: Arc::new(addresses),
|
2022-07-27 21:47:55 -05:00
|
|
|
banlist: Arc::new(RwLock::new(banlist)),
|
2023-02-21 21:53:10 -06:00
|
|
|
config_hash: new_pool_hash_value,
|
2023-08-10 11:18:46 -04:00
|
|
|
original_server_parameters: Arc::new(RwLock::new(ServerParameters::new())),
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
auth_hash: pool_auth_hash,
|
2023-10-20 02:49:05 -04:00
|
|
|
settings: Arc::new(PoolSettings {
|
2023-04-05 15:06:19 -07:00
|
|
|
pool_mode: match user.pool_mode {
|
|
|
|
|
Some(pool_mode) => pool_mode,
|
|
|
|
|
None => pool_config.pool_mode,
|
|
|
|
|
},
|
2023-01-17 06:52:18 -06:00
|
|
|
load_balancing_mode: pool_config.load_balancing_mode,
|
2022-08-25 06:40:56 -07:00
|
|
|
// shards: pool_config.shards.clone(),
|
|
|
|
|
shards: shard_ids.len(),
|
|
|
|
|
user: user.clone(),
|
2023-05-03 09:13:05 -07:00
|
|
|
db: pool_name.clone(),
|
2022-08-25 06:40:56 -07:00
|
|
|
default_role: match pool_config.default_role.as_str() {
|
|
|
|
|
"any" => None,
|
|
|
|
|
"replica" => Some(Role::Replica),
|
|
|
|
|
"primary" => Some(Role::Primary),
|
|
|
|
|
_ => unreachable!(),
|
|
|
|
|
},
|
2022-11-10 02:04:31 +08:00
|
|
|
query_parser_enabled: pool_config.query_parser_enabled,
|
2023-08-08 16:10:03 -04:00
|
|
|
query_parser_max_length: pool_config.query_parser_max_length,
|
|
|
|
|
query_parser_read_write_splitting: pool_config
|
|
|
|
|
.query_parser_read_write_splitting,
|
2022-07-27 21:47:55 -05:00
|
|
|
primary_reads_enabled: pool_config.primary_reads_enabled,
|
2022-09-28 09:50:14 -04:00
|
|
|
sharding_function: pool_config.sharding_function,
|
2022-10-25 11:47:41 -07:00
|
|
|
automatic_sharding_key: pool_config.automatic_sharding_key.clone(),
|
2022-11-16 18:51:15 -08:00
|
|
|
healthcheck_delay: config.general.healthcheck_delay,
|
|
|
|
|
healthcheck_timeout: config.general.healthcheck_timeout,
|
2023-01-19 20:36:48 -05:00
|
|
|
ban_time: config.general.ban_time,
|
2023-02-15 15:19:16 -06:00
|
|
|
sharding_key_regex: pool_config
|
|
|
|
|
.sharding_key_regex
|
|
|
|
|
.clone()
|
|
|
|
|
.map(|regex| Regex::new(regex.as_str()).unwrap()),
|
|
|
|
|
shard_id_regex: pool_config
|
|
|
|
|
.shard_id_regex
|
|
|
|
|
.clone()
|
|
|
|
|
.map(|regex| Regex::new(regex.as_str()).unwrap()),
|
|
|
|
|
regex_search_limit: pool_config.regex_search_limit.unwrap_or(1000),
|
2023-10-10 09:18:21 -07:00
|
|
|
default_shard: pool_config.default_shard,
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
auth_query: pool_config.auth_query.clone(),
|
|
|
|
|
auth_query_user: pool_config.auth_query_user.clone(),
|
|
|
|
|
auth_query_password: pool_config.auth_query_password.clone(),
|
2023-05-12 09:50:52 -07:00
|
|
|
plugins: match pool_config.plugins {
|
|
|
|
|
Some(ref plugins) => Some(plugins.clone()),
|
|
|
|
|
None => config.plugins.clone(),
|
|
|
|
|
},
|
2023-10-20 02:49:05 -04:00
|
|
|
}),
|
2023-01-28 15:36:35 -08:00
|
|
|
validated: Arc::new(AtomicBool::new(false)),
|
|
|
|
|
paused: Arc::new(AtomicBool::new(false)),
|
|
|
|
|
paused_waiter: Arc::new(Notify::new()),
|
2023-10-25 18:11:57 -04:00
|
|
|
prepared_statement_cache: match pool_config.prepared_statements_cache_size {
|
|
|
|
|
0 => None,
|
|
|
|
|
_ => Some(Arc::new(Mutex::new(PreparedStatementCache::new(
|
|
|
|
|
pool_config.prepared_statements_cache_size,
|
|
|
|
|
)))),
|
|
|
|
|
},
|
2022-07-27 21:47:55 -05:00
|
|
|
};
|
2022-06-24 14:52:38 -07:00
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
// Connect to the servers to make sure pool configuration is valid
|
|
|
|
|
// before setting it globally.
|
2023-01-28 15:36:35 -08:00
|
|
|
// Do this async and somewhere else, we don't have to wait here.
|
2023-05-03 17:07:23 -07:00
|
|
|
if config.general.validate_config {
|
2023-10-20 02:49:05 -04:00
|
|
|
let validate_pool = pool.clone();
|
2023-05-03 17:07:23 -07:00
|
|
|
tokio::task::spawn(async move {
|
|
|
|
|
let _ = validate_pool.validate().await;
|
|
|
|
|
});
|
|
|
|
|
}
|
2022-08-25 06:40:56 -07:00
|
|
|
|
|
|
|
|
// There is one pool per database/user pair.
|
2022-11-10 02:04:31 +08:00
|
|
|
new_pools.insert(PoolIdentifier::new(pool_name, &user.username), pool);
|
2022-06-24 14:52:38 -07:00
|
|
|
}
|
2022-07-27 21:47:55 -05:00
|
|
|
}
|
2022-06-24 14:52:38 -07:00
|
|
|
|
2022-07-27 21:47:55 -05:00
|
|
|
POOLS.store(Arc::new(new_pools.clone()));
|
2022-06-24 14:52:38 -07:00
|
|
|
Ok(())
|
2022-02-08 09:25:59 -08:00
|
|
|
}
|
|
|
|
|
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
/// Connect to all shards, grab server information, and possibly
|
|
|
|
|
/// passwords to use in client auth.
|
2022-02-11 22:19:49 -08:00
|
|
|
/// Return server information we will pass to the clients
|
|
|
|
|
/// when they connect.
|
2022-02-12 09:24:24 -08:00
|
|
|
/// This also warms up the pool for clients that connect when
|
|
|
|
|
/// the pooler starts up.
|
2023-10-20 02:49:05 -04:00
|
|
|
pub async fn validate(&self) -> Result<(), Error> {
|
2023-01-28 15:36:35 -08:00
|
|
|
let mut futures = Vec::new();
|
|
|
|
|
let validated = Arc::clone(&self.validated);
|
|
|
|
|
|
2022-02-11 22:19:49 -08:00
|
|
|
for shard in 0..self.shards() {
|
2022-08-25 06:40:56 -07:00
|
|
|
for server in 0..self.servers(shard) {
|
2023-01-28 15:36:35 -08:00
|
|
|
let databases = self.databases.clone();
|
|
|
|
|
let validated = Arc::clone(&validated);
|
2023-08-10 11:18:46 -04:00
|
|
|
let pool_server_parameters = Arc::clone(&self.original_server_parameters);
|
2023-01-28 15:36:35 -08:00
|
|
|
|
|
|
|
|
let task = tokio::task::spawn(async move {
|
|
|
|
|
let connection = match databases[shard][server].get().await {
|
|
|
|
|
Ok(conn) => conn,
|
|
|
|
|
Err(err) => {
|
|
|
|
|
error!("Shard {} down or misconfigured: {:?}", shard, err);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
};
|
2022-02-11 22:19:49 -08:00
|
|
|
|
2023-01-28 15:36:35 -08:00
|
|
|
let proxy = connection;
|
|
|
|
|
let server = &*proxy;
|
2023-08-10 11:18:46 -04:00
|
|
|
let server_parameters: ServerParameters = server.server_parameters();
|
2022-02-26 11:01:52 -08:00
|
|
|
|
2023-08-10 11:18:46 -04:00
|
|
|
let mut guard = pool_server_parameters.write();
|
|
|
|
|
*guard = server_parameters;
|
2023-01-28 15:36:35 -08:00
|
|
|
validated.store(true, Ordering::Relaxed);
|
|
|
|
|
});
|
2022-08-25 06:40:56 -07:00
|
|
|
|
2023-01-28 15:36:35 -08:00
|
|
|
futures.push(task);
|
2022-02-12 09:24:24 -08:00
|
|
|
}
|
2022-02-11 22:19:49 -08:00
|
|
|
}
|
|
|
|
|
|
2023-01-28 15:36:35 -08:00
|
|
|
futures::future::join_all(futures).await;
|
|
|
|
|
|
2022-02-11 22:19:49 -08:00
|
|
|
// TODO: compare server information to make sure
|
|
|
|
|
// all shards are running identical configurations.
|
2023-08-10 11:18:46 -04:00
|
|
|
if !self.validated() {
|
2023-01-28 15:36:35 -08:00
|
|
|
error!("Could not validate connection pool");
|
2022-02-11 22:19:49 -08:00
|
|
|
return Err(Error::AllServersDown);
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-24 14:52:38 -07:00
|
|
|
Ok(())
|
2022-02-11 22:19:49 -08:00
|
|
|
}
|
|
|
|
|
|
2023-01-28 15:36:35 -08:00
|
|
|
/// The pool can be used by clients.
|
|
|
|
|
///
|
|
|
|
|
/// If not, we need to validate it first by connecting to servers.
|
|
|
|
|
/// Call `validate()` to do so.
|
|
|
|
|
pub fn validated(&self) -> bool {
|
|
|
|
|
self.validated.load(Ordering::Relaxed)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Pause the pool, allowing no more queries and make clients wait.
|
|
|
|
|
pub fn pause(&self) {
|
|
|
|
|
self.paused.store(true, Ordering::Relaxed);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Resume the pool, allowing queries and resuming any pending queries.
|
|
|
|
|
pub fn resume(&self) {
|
|
|
|
|
self.paused.store(false, Ordering::Relaxed);
|
|
|
|
|
self.paused_waiter.notify_waiters();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Check if the pool is paused.
|
|
|
|
|
pub fn paused(&self) -> bool {
|
|
|
|
|
self.paused.load(Ordering::Relaxed)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Check if the pool is paused and wait until it's resumed.
|
|
|
|
|
pub async fn wait_paused(&self) -> bool {
|
|
|
|
|
let waiter = self.paused_waiter.notified();
|
|
|
|
|
let paused = self.paused.load(Ordering::Relaxed);
|
|
|
|
|
|
|
|
|
|
if paused {
|
|
|
|
|
waiter.await;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
paused
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-08 09:25:59 -08:00
|
|
|
/// Get a connection from the pool.
|
2022-02-05 18:20:53 -08:00
|
|
|
pub async fn get(
|
2022-08-11 17:42:40 -04:00
|
|
|
&self,
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
shard: Option<usize>, // shard number
|
2023-03-28 17:19:37 +02:00
|
|
|
role: Option<Role>, // primary or replica
|
|
|
|
|
client_stats: &ClientStats, // client id
|
2022-02-05 18:20:53 -08:00
|
|
|
) -> Result<(PooledConnection<'_, ServerPool>, Address), Error> {
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
let effective_shard_id = if self.shards() == 1 {
|
|
|
|
|
// The base, unsharded case
|
|
|
|
|
Some(0)
|
|
|
|
|
} else {
|
|
|
|
|
if !self.valid_shard_id(shard) {
|
|
|
|
|
// None is valid shard ID so it is safe to unwrap here
|
|
|
|
|
return Err(Error::InvalidShardId(shard.unwrap()));
|
|
|
|
|
}
|
|
|
|
|
shard
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
let mut candidates = self
|
|
|
|
|
.addresses
|
2022-08-25 06:40:56 -07:00
|
|
|
.iter()
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
.flatten()
|
2022-08-22 00:15:20 -05:00
|
|
|
.filter(|address| address.role == role)
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
.collect::<Vec<&Address>>();
|
2022-02-10 10:37:49 -08:00
|
|
|
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
// We start with a shuffled list of addresses even if we end up resorting
|
|
|
|
|
// this is meant to avoid hitting instance 0 everytime if the sorting metric
|
|
|
|
|
// ends up being the same for all instances
|
2022-08-22 00:15:20 -05:00
|
|
|
candidates.shuffle(&mut thread_rng());
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
|
|
|
|
|
match effective_shard_id {
|
|
|
|
|
Some(shard_id) => candidates.retain(|address| address.shard == shard_id),
|
|
|
|
|
None => match self.settings.default_shard {
|
|
|
|
|
DefaultShard::Shard(shard_id) => {
|
|
|
|
|
candidates.retain(|address| address.shard == shard_id)
|
|
|
|
|
}
|
|
|
|
|
DefaultShard::Random => (),
|
|
|
|
|
DefaultShard::RandomHealthy => {
|
|
|
|
|
candidates.sort_by(|a, b| {
|
|
|
|
|
b.error_count
|
|
|
|
|
.load(Ordering::Relaxed)
|
|
|
|
|
.partial_cmp(&a.error_count.load(Ordering::Relaxed))
|
|
|
|
|
.unwrap()
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
|
2023-01-17 06:52:18 -06:00
|
|
|
if self.settings.load_balancing_mode == LoadBalancingMode::LeastOutstandingConnections {
|
|
|
|
|
candidates.sort_by(|a, b| {
|
|
|
|
|
self.busy_connection_count(b)
|
|
|
|
|
.partial_cmp(&self.busy_connection_count(a))
|
|
|
|
|
.unwrap()
|
|
|
|
|
});
|
|
|
|
|
}
|
2022-02-18 07:10:18 -08:00
|
|
|
|
2023-05-23 08:44:49 -05:00
|
|
|
// Indicate we're waiting on a server connection from a pool.
|
|
|
|
|
let now = Instant::now();
|
|
|
|
|
client_stats.waiting();
|
|
|
|
|
|
2022-08-22 00:15:20 -05:00
|
|
|
while !candidates.is_empty() {
|
|
|
|
|
// Get the next candidate
|
|
|
|
|
let address = match candidates.pop() {
|
|
|
|
|
Some(address) => address,
|
|
|
|
|
None => break,
|
|
|
|
|
};
|
2022-02-09 21:19:14 -08:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
let mut force_healthcheck = false;
|
|
|
|
|
|
|
|
|
|
if self.is_banned(address) {
|
2023-10-10 09:18:21 -07:00
|
|
|
if self.try_unban(address).await {
|
2023-01-19 20:36:48 -05:00
|
|
|
force_healthcheck = true;
|
|
|
|
|
} else {
|
|
|
|
|
debug!("Address {:?} is banned", address);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2022-02-18 07:10:18 -08:00
|
|
|
}
|
|
|
|
|
|
2022-02-05 19:43:48 -08:00
|
|
|
// Check if we can connect
|
2022-08-21 22:40:49 -07:00
|
|
|
let mut conn = match self.databases[address.shard][address.address_index]
|
2022-08-22 00:15:20 -05:00
|
|
|
.get()
|
|
|
|
|
.await
|
|
|
|
|
{
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
Ok(conn) => {
|
|
|
|
|
address.reset_error_count();
|
|
|
|
|
conn
|
|
|
|
|
}
|
2022-02-05 19:43:48 -08:00
|
|
|
Err(err) => {
|
2023-05-05 08:27:19 -07:00
|
|
|
error!(
|
|
|
|
|
"Connection checkout error for instance {:?}, error: {:?}",
|
|
|
|
|
address, err
|
|
|
|
|
);
|
2023-03-28 17:19:37 +02:00
|
|
|
self.ban(address, BanReason::FailedCheckout, Some(client_stats));
|
|
|
|
|
address.stats.error();
|
|
|
|
|
client_stats.checkout_error();
|
2022-02-05 19:43:48 -08:00
|
|
|
continue;
|
2022-02-05 18:20:53 -08:00
|
|
|
}
|
2022-02-05 19:43:48 -08:00
|
|
|
};
|
|
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
// // Check if this server is alive with a health check.
|
2022-02-05 19:43:48 -08:00
|
|
|
let server = &mut *conn;
|
|
|
|
|
|
2022-08-11 17:42:40 -04:00
|
|
|
// Will return error if timestamp is greater than current system time, which it should never be set to
|
2023-01-19 20:36:48 -05:00
|
|
|
let require_healthcheck = force_healthcheck
|
|
|
|
|
|| server.last_activity().elapsed().unwrap().as_millis()
|
|
|
|
|
> self.settings.healthcheck_delay as u128;
|
2022-08-11 17:42:40 -04:00
|
|
|
|
2022-08-25 06:40:56 -07:00
|
|
|
// Do not issue a health check unless it's been a little while
|
|
|
|
|
// since we last checked the server is ok.
|
|
|
|
|
// Health checks are pretty expensive.
|
2022-08-11 17:42:40 -04:00
|
|
|
if !require_healthcheck {
|
2023-09-21 14:50:18 -07:00
|
|
|
let checkout_time = now.elapsed().as_micros() as u64;
|
Report waiting time only for currently waiting clients (#678)
The pool maxwait metric currently operates differently from Pgbouncer.
The way it operates today is that we keep track of max_wait on each connected client, when SHOW POOLS query is made, we go over the connected clients and we get the max of max_wait times among clients. This means the pool maxwait will never reset, it will always be monotonically increasing until the client with the highest maxwait disconnects.
This PR changes this behavior, by keeping track of the wait_start time on each client, when a client goes into WAITING state, we record the time offset from connect_time. When we either successfully or unsuccessfully checkout a connection from the pool, we reset the wait_start time.
When SHOW POOLS query is made, we go over all connected clients and we only consider clients whose wait_start is non-zero, for clients that have non-zero wait times, we compare them and report the maximum waiting time as maxwait for the pool.
2024-01-18 11:57:28 -06:00
|
|
|
client_stats.checkout_success();
|
2023-03-28 17:19:37 +02:00
|
|
|
server
|
|
|
|
|
.stats()
|
|
|
|
|
.checkout_time(checkout_time, client_stats.application_name());
|
|
|
|
|
server.stats().active(client_stats.application_name());
|
2023-05-23 08:44:49 -05:00
|
|
|
client_stats.active();
|
2022-08-11 17:42:40 -04:00
|
|
|
return Ok((conn, address.clone()));
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
if self
|
2023-03-28 17:19:37 +02:00
|
|
|
.run_health_check(address, server, now, client_stats)
|
2023-01-19 20:36:48 -05:00
|
|
|
.await
|
2022-02-05 19:43:48 -08:00
|
|
|
{
|
2023-09-21 14:50:18 -07:00
|
|
|
let checkout_time = now.elapsed().as_micros() as u64;
|
Report waiting time only for currently waiting clients (#678)
The pool maxwait metric currently operates differently from Pgbouncer.
The way it operates today is that we keep track of max_wait on each connected client, when SHOW POOLS query is made, we go over the connected clients and we get the max of max_wait times among clients. This means the pool maxwait will never reset, it will always be monotonically increasing until the client with the highest maxwait disconnects.
This PR changes this behavior, by keeping track of the wait_start time on each client, when a client goes into WAITING state, we record the time offset from connect_time. When we either successfully or unsuccessfully checkout a connection from the pool, we reset the wait_start time.
When SHOW POOLS query is made, we go over all connected clients and we only consider clients whose wait_start is non-zero, for clients that have non-zero wait times, we compare them and report the maximum waiting time as maxwait for the pool.
2024-01-18 11:57:28 -06:00
|
|
|
client_stats.checkout_success();
|
2023-05-23 08:44:49 -05:00
|
|
|
server
|
|
|
|
|
.stats()
|
|
|
|
|
.checkout_time(checkout_time, client_stats.application_name());
|
|
|
|
|
server.stats().active(client_stats.application_name());
|
|
|
|
|
client_stats.active();
|
2023-01-19 20:36:48 -05:00
|
|
|
return Ok((conn, address.clone()));
|
|
|
|
|
} else {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-09-21 14:50:18 -07:00
|
|
|
|
2024-05-08 12:18:27 -05:00
|
|
|
client_stats.checkout_error();
|
2023-09-21 14:50:18 -07:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
Err(Error::AllServersDown)
|
|
|
|
|
}
|
2022-02-10 08:54:06 -08:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
async fn run_health_check(
|
|
|
|
|
&self,
|
|
|
|
|
address: &Address,
|
|
|
|
|
server: &mut Server,
|
|
|
|
|
start: Instant,
|
2023-03-28 17:19:37 +02:00
|
|
|
client_info: &ClientStats,
|
2023-01-19 20:36:48 -05:00
|
|
|
) -> bool {
|
|
|
|
|
debug!("Running health check on server {:?}", address);
|
|
|
|
|
|
2023-03-28 17:19:37 +02:00
|
|
|
server.stats().tested();
|
2023-01-19 20:36:48 -05:00
|
|
|
|
|
|
|
|
match tokio::time::timeout(
|
|
|
|
|
tokio::time::Duration::from_millis(self.settings.healthcheck_timeout),
|
|
|
|
|
server.query(";"), // Cheap query as it skips the query planner
|
|
|
|
|
)
|
|
|
|
|
.await
|
|
|
|
|
{
|
|
|
|
|
// Check if health check succeeded.
|
|
|
|
|
Ok(res) => match res {
|
|
|
|
|
Ok(_) => {
|
2023-03-28 17:19:37 +02:00
|
|
|
let checkout_time: u64 = start.elapsed().as_micros() as u64;
|
Report waiting time only for currently waiting clients (#678)
The pool maxwait metric currently operates differently from Pgbouncer.
The way it operates today is that we keep track of max_wait on each connected client, when SHOW POOLS query is made, we go over the connected clients and we get the max of max_wait times among clients. This means the pool maxwait will never reset, it will always be monotonically increasing until the client with the highest maxwait disconnects.
This PR changes this behavior, by keeping track of the wait_start time on each client, when a client goes into WAITING state, we record the time offset from connect_time. When we either successfully or unsuccessfully checkout a connection from the pool, we reset the wait_start time.
When SHOW POOLS query is made, we go over all connected clients and we only consider clients whose wait_start is non-zero, for clients that have non-zero wait times, we compare them and report the maximum waiting time as maxwait for the pool.
2024-01-18 11:57:28 -06:00
|
|
|
client_info.checkout_success();
|
2023-03-28 17:19:37 +02:00
|
|
|
server
|
|
|
|
|
.stats()
|
|
|
|
|
.checkout_time(checkout_time, client_info.application_name());
|
|
|
|
|
server.stats().active(client_info.application_name());
|
|
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
return true;
|
|
|
|
|
}
|
2022-03-10 01:33:29 -08:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
// Health check failed.
|
2022-08-22 00:15:20 -05:00
|
|
|
Err(err) => {
|
|
|
|
|
error!(
|
2023-05-05 08:27:19 -07:00
|
|
|
"Failed health check on instance {:?}, error: {:?}",
|
2022-08-22 00:15:20 -05:00
|
|
|
address, err
|
|
|
|
|
);
|
2022-02-05 18:20:53 -08:00
|
|
|
}
|
2023-01-19 20:36:48 -05:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
// Health check timed out.
|
|
|
|
|
Err(err) => {
|
|
|
|
|
error!(
|
2023-05-05 08:27:19 -07:00
|
|
|
"Health check timeout on instance {:?}, error: {:?}",
|
2023-01-19 20:36:48 -05:00
|
|
|
address, err
|
|
|
|
|
);
|
2022-02-05 18:20:53 -08:00
|
|
|
}
|
2022-02-05 10:02:13 -08:00
|
|
|
}
|
2022-08-25 06:40:56 -07:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
// Don't leave a bad connection in the pool.
|
2023-12-04 19:09:41 -05:00
|
|
|
server.mark_bad("failed health check");
|
2023-01-19 20:36:48 -05:00
|
|
|
|
2023-10-10 09:18:21 -07:00
|
|
|
self.ban(address, BanReason::FailedHealthCheck, Some(client_info));
|
|
|
|
|
false
|
2022-02-05 10:02:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-02-05 13:25:03 -08:00
|
|
|
/// Ban an address (i.e. replica). It no longer will serve
|
|
|
|
|
/// traffic for any new transactions. Existing transactions on that replica
|
|
|
|
|
/// will finish successfully or error out to the clients.
|
2023-03-28 17:19:37 +02:00
|
|
|
pub fn ban(&self, address: &Address, reason: BanReason, client_info: Option<&ClientStats>) {
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
// Count the number of errors since the last successful checkout
|
|
|
|
|
// This is used to determine if the shard is down
|
|
|
|
|
match reason {
|
|
|
|
|
BanReason::FailedHealthCheck
|
|
|
|
|
| BanReason::FailedCheckout
|
|
|
|
|
| BanReason::MessageSendFailed
|
|
|
|
|
| BanReason::MessageReceiveFailed => {
|
|
|
|
|
address.increment_error_count();
|
|
|
|
|
}
|
|
|
|
|
_ => (),
|
|
|
|
|
};
|
|
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
// Primary can never be banned
|
|
|
|
|
if address.role == Role::Primary {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2022-08-25 06:40:56 -07:00
|
|
|
|
2023-05-05 08:27:19 -07:00
|
|
|
error!("Banning instance {:?}, reason: {:?}", address, reason);
|
|
|
|
|
|
2022-02-05 10:02:13 -08:00
|
|
|
let now = chrono::offset::Utc::now().naive_utc();
|
2022-02-24 08:44:41 -08:00
|
|
|
let mut guard = self.banlist.write();
|
2023-05-05 08:27:19 -07:00
|
|
|
|
2023-03-28 17:19:37 +02:00
|
|
|
if let Some(client_info) = client_info {
|
|
|
|
|
client_info.ban_error();
|
|
|
|
|
address.stats.error();
|
|
|
|
|
}
|
2023-05-05 08:27:19 -07:00
|
|
|
|
2023-03-06 06:10:59 -06:00
|
|
|
guard[address.shard].insert(address.clone(), (reason, now));
|
2022-02-05 10:02:13 -08:00
|
|
|
}
|
|
|
|
|
|
2022-02-05 13:25:03 -08:00
|
|
|
/// Clear the replica to receive traffic again. Takes effect immediately
|
|
|
|
|
/// for all new transactions.
|
2023-03-06 06:10:59 -06:00
|
|
|
pub fn unban(&self, address: &Address) {
|
2022-02-24 08:44:41 -08:00
|
|
|
let mut guard = self.banlist.write();
|
2022-08-25 06:40:56 -07:00
|
|
|
guard[address.shard].remove(address);
|
2022-02-05 10:02:13 -08:00
|
|
|
}
|
|
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
/// Check if address is banned
|
|
|
|
|
/// true if banned, false otherwise
|
|
|
|
|
pub fn is_banned(&self, address: &Address) -> bool {
|
|
|
|
|
let guard = self.banlist.read();
|
2022-02-09 21:19:14 -08:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
match guard[address.shard].get(address) {
|
|
|
|
|
Some(_) => true,
|
|
|
|
|
None => {
|
|
|
|
|
debug!("{:?} is ok", address);
|
|
|
|
|
false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-02-24 08:44:41 -08:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
/// Determines trying to unban this server was successful
|
|
|
|
|
pub async fn try_unban(&self, address: &Address) -> bool {
|
|
|
|
|
// If somehow primary ends up being banned we should return true here
|
|
|
|
|
if address.role == Role::Primary {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check if all replicas are banned, in that case unban all of them
|
|
|
|
|
let replicas_available = self.addresses[address.shard]
|
|
|
|
|
.iter()
|
|
|
|
|
.filter(|addr| addr.role == Role::Replica)
|
|
|
|
|
.count();
|
|
|
|
|
|
|
|
|
|
debug!("Available targets: {}", replicas_available);
|
2022-02-05 10:02:13 -08:00
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
let read_guard = self.banlist.read();
|
|
|
|
|
let all_replicas_banned = read_guard[address.shard].len() == replicas_available;
|
|
|
|
|
drop(read_guard);
|
|
|
|
|
|
|
|
|
|
if all_replicas_banned {
|
|
|
|
|
let mut write_guard = self.banlist.write();
|
2022-02-20 22:47:08 -08:00
|
|
|
warn!("Unbanning all replicas.");
|
2023-01-19 20:36:48 -05:00
|
|
|
write_guard[address.shard].clear();
|
|
|
|
|
|
|
|
|
|
return true;
|
2022-02-05 10:02:13 -08:00
|
|
|
}
|
|
|
|
|
|
2023-01-19 20:36:48 -05:00
|
|
|
// Check if ban time is expired
|
|
|
|
|
let read_guard = self.banlist.read();
|
|
|
|
|
let exceeded_ban_time = match read_guard[address.shard].get(address) {
|
2023-03-06 06:10:59 -06:00
|
|
|
Some((ban_reason, timestamp)) => {
|
2022-02-05 10:02:13 -08:00
|
|
|
let now = chrono::offset::Utc::now().naive_utc();
|
2023-03-06 06:10:59 -06:00
|
|
|
match ban_reason {
|
|
|
|
|
BanReason::AdminBan(duration) => {
|
|
|
|
|
now.timestamp() - timestamp.timestamp() > *duration
|
|
|
|
|
}
|
|
|
|
|
_ => now.timestamp() - timestamp.timestamp() > self.settings.ban_time,
|
|
|
|
|
}
|
2022-02-24 08:44:41 -08:00
|
|
|
}
|
2023-01-19 20:36:48 -05:00
|
|
|
None => return true,
|
|
|
|
|
};
|
|
|
|
|
drop(read_guard);
|
|
|
|
|
|
|
|
|
|
if exceeded_ban_time {
|
|
|
|
|
warn!("Unbanning {:?}", address);
|
|
|
|
|
let mut write_guard = self.banlist.write();
|
|
|
|
|
write_guard[address.shard].remove(address);
|
|
|
|
|
drop(write_guard);
|
|
|
|
|
|
|
|
|
|
true
|
|
|
|
|
} else {
|
|
|
|
|
debug!("{:?} is banned", address);
|
|
|
|
|
false
|
2022-02-05 10:02:13 -08:00
|
|
|
}
|
|
|
|
|
}
|
2022-02-05 19:43:48 -08:00
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
/// Get the number of configured shards.
|
2022-02-05 19:43:48 -08:00
|
|
|
pub fn shards(&self) -> usize {
|
|
|
|
|
self.databases.len()
|
|
|
|
|
}
|
2022-02-12 09:24:24 -08:00
|
|
|
|
2023-03-06 06:10:59 -06:00
|
|
|
pub fn get_bans(&self) -> Vec<(Address, (BanReason, NaiveDateTime))> {
|
|
|
|
|
let mut bans: Vec<(Address, (BanReason, NaiveDateTime))> = Vec::new();
|
|
|
|
|
let guard = self.banlist.read();
|
|
|
|
|
for banlist in guard.iter() {
|
|
|
|
|
for (address, (reason, timestamp)) in banlist.iter() {
|
2023-10-10 09:18:21 -07:00
|
|
|
bans.push((address.clone(), (reason.clone(), *timestamp)));
|
2023-03-06 06:10:59 -06:00
|
|
|
}
|
|
|
|
|
}
|
2023-10-10 09:18:21 -07:00
|
|
|
bans
|
2023-03-06 06:10:59 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Get the address from the host url
|
|
|
|
|
pub fn get_addresses_from_host(&self, host: &str) -> Vec<Address> {
|
|
|
|
|
let mut addresses = Vec::new();
|
|
|
|
|
for shard in 0..self.shards() {
|
|
|
|
|
for server in 0..self.servers(shard) {
|
|
|
|
|
let address = self.address(shard, server);
|
|
|
|
|
if address.host == host {
|
|
|
|
|
addresses.push(address.clone());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
addresses
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
/// Get the number of servers (primary and replicas)
|
|
|
|
|
/// configured for a shard.
|
2022-02-18 07:10:18 -08:00
|
|
|
pub fn servers(&self, shard: usize) -> usize {
|
2022-02-12 09:24:24 -08:00
|
|
|
self.addresses[shard].len()
|
|
|
|
|
}
|
2022-02-28 17:22:28 -08:00
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
/// Get the total number of servers (databases) we are connected to.
|
2022-03-01 22:49:43 -08:00
|
|
|
pub fn databases(&self) -> usize {
|
|
|
|
|
let mut databases = 0;
|
|
|
|
|
for shard in 0..self.shards() {
|
|
|
|
|
databases += self.servers(shard);
|
|
|
|
|
}
|
|
|
|
|
databases
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
/// Get pool state for a particular shard server as reported by bb8.
|
2022-03-01 08:47:19 -08:00
|
|
|
pub fn pool_state(&self, shard: usize, server: usize) -> bb8::State {
|
2022-02-28 17:22:28 -08:00
|
|
|
self.databases[shard][server].state()
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
/// Get the address information for a shard server.
|
2022-02-28 17:22:28 -08:00
|
|
|
pub fn address(&self, shard: usize, server: usize) -> &Address {
|
|
|
|
|
&self.addresses[shard][server]
|
|
|
|
|
}
|
2022-06-24 14:52:38 -07:00
|
|
|
|
2023-08-10 11:18:46 -04:00
|
|
|
pub fn server_parameters(&self) -> ServerParameters {
|
|
|
|
|
self.original_server_parameters.read().clone()
|
2022-06-24 14:52:38 -07:00
|
|
|
}
|
2023-01-17 06:52:18 -06:00
|
|
|
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
/// Get the number of checked out connection for an address
|
2023-01-17 06:52:18 -06:00
|
|
|
fn busy_connection_count(&self, address: &Address) -> u32 {
|
|
|
|
|
let state = self.pool_state(address.shard, address.address_index);
|
|
|
|
|
let idle = state.idle_connections;
|
|
|
|
|
let provisioned = state.connections;
|
|
|
|
|
|
|
|
|
|
if idle > provisioned {
|
|
|
|
|
// Unlikely but avoids an overflow panic if this ever happens
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
let busy = provisioned - idle;
|
|
|
|
|
debug!("{:?} has {:?} busy connections", address, busy);
|
2023-10-10 09:18:21 -07:00
|
|
|
busy
|
2023-01-17 06:52:18 -06:00
|
|
|
}
|
Allow configuring routing decision when no shard is selected (#578)
The TL;DR for the change is that we allow QueryRouter to set the active shard to None. This signals to the Pool::get method that we have no shard selected. The get method follows a no_shard_specified_behavior config to know how to route the query.
Original PR description
Ruby-pg library makes a startup query to SET client_encoding to ... if Encoding.default_internal value is set (Code). This query is troublesome because we cannot possibly attach a routing comment to it. PgCat, by default, will route that query to the default shard.
Everything is fine until shard 0 has issues, Clients will all be attempting to send this query to shard0 which increases the connection latency significantly for all clients, even those not interested in shard0
This PR introduces no_shard_specified_behavior that defines the behavior in case we have routing-by-comment enabled but we get a query without a comment. The allowed behaviors are
random: Picks a shard at random
random_healthy: Picks a shard at random favoring shards with the least number of recent connection/checkout errors
shard_<number>: e.g. shard_0, shard_4, etc. picks a specific shard, everytime
In order to achieve this, this PR introduces an error_count on the Address Object that tracks the number of errors since the last checkout and uses that metric to sort shards by error count before making a routing decision.
I didn't want to use address stats to avoid introducing a routing dependency on internal stats (We might do that in the future but I prefer to avoid this for the time being.
I also made changes to the test environment to replace Ruby's TOML reader library, It appears to be abandoned and does not support mixed arrays (which we use in the config toml), and it also does not play nicely with single-quoted regular expressions. I opted for using yj which is a CLI tool that can convert from toml to JSON and back. So I refactor the tests to use that library.
2023-09-11 13:47:28 -05:00
|
|
|
|
|
|
|
|
fn valid_shard_id(&self, shard: Option<usize>) -> bool {
|
|
|
|
|
match shard {
|
|
|
|
|
None => true,
|
|
|
|
|
Some(shard) => shard < self.shards(),
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-10-25 18:11:57 -04:00
|
|
|
|
|
|
|
|
/// Register a parse statement to the pool's cache and return the rewritten parse
|
|
|
|
|
///
|
|
|
|
|
/// Do not pass an anonymous parse statement to this function
|
|
|
|
|
pub fn register_parse_to_cache(&self, hash: u64, parse: &Parse) -> Option<Arc<Parse>> {
|
|
|
|
|
// We should only be calling this function if the cache is enabled
|
|
|
|
|
match self.prepared_statement_cache {
|
|
|
|
|
Some(ref prepared_statement_cache) => {
|
|
|
|
|
let mut cache = prepared_statement_cache.lock();
|
|
|
|
|
Some(cache.get_or_insert(parse, hash))
|
|
|
|
|
}
|
|
|
|
|
None => None,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Promote a prepared statement hash in the LRU
|
|
|
|
|
pub fn promote_prepared_statement_hash(&self, hash: &u64) {
|
|
|
|
|
// We should only be calling this function if the cache is enabled
|
|
|
|
|
if let Some(ref prepared_statement_cache) = self.prepared_statement_cache {
|
|
|
|
|
let mut cache = prepared_statement_cache.lock();
|
|
|
|
|
cache.promote(hash);
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-02-05 18:20:53 -08:00
|
|
|
}
|
2022-02-05 10:02:13 -08:00
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
/// Wrapper for the bb8 connection pool.
|
2022-02-05 18:20:53 -08:00
|
|
|
pub struct ServerPool {
|
2023-05-18 10:46:55 -07:00
|
|
|
/// Server address.
|
2022-02-05 18:20:53 -08:00
|
|
|
address: Address,
|
2023-05-18 10:46:55 -07:00
|
|
|
|
|
|
|
|
/// Server Postgres user.
|
2022-02-05 18:20:53 -08:00
|
|
|
user: User,
|
2023-05-18 10:46:55 -07:00
|
|
|
|
|
|
|
|
/// Server database.
|
2022-02-05 18:20:53 -08:00
|
|
|
database: String,
|
2023-05-18 10:46:55 -07:00
|
|
|
|
|
|
|
|
/// Client/server mapping.
|
2022-02-05 18:20:53 -08:00
|
|
|
client_server_map: ClientServerMap,
|
2023-05-18 10:46:55 -07:00
|
|
|
|
|
|
|
|
/// Server auth hash (for auth passthrough).
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
auth_hash: Arc<RwLock<Option<String>>>,
|
2023-05-18 10:46:55 -07:00
|
|
|
|
|
|
|
|
/// Server plugins.
|
2023-05-12 09:50:52 -07:00
|
|
|
plugins: Option<Plugins>,
|
2023-05-18 10:46:55 -07:00
|
|
|
|
|
|
|
|
/// Should we clean up dirty connections before putting them into the pool?
|
|
|
|
|
cleanup_connections: bool,
|
2023-08-16 14:01:21 -04:00
|
|
|
|
|
|
|
|
/// Log client parameter status changes
|
|
|
|
|
log_client_parameter_status_changes: bool,
|
2023-10-25 18:11:57 -04:00
|
|
|
|
|
|
|
|
/// Prepared statement cache size
|
|
|
|
|
prepared_statement_cache_size: usize,
|
2022-02-05 18:20:53 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl ServerPool {
|
2023-10-10 09:18:21 -07:00
|
|
|
#[allow(clippy::too_many_arguments)]
|
2022-02-05 18:20:53 -08:00
|
|
|
pub fn new(
|
|
|
|
|
address: Address,
|
|
|
|
|
user: User,
|
|
|
|
|
database: &str,
|
|
|
|
|
client_server_map: ClientServerMap,
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
auth_hash: Arc<RwLock<Option<String>>>,
|
2023-05-12 09:50:52 -07:00
|
|
|
plugins: Option<Plugins>,
|
2023-05-18 10:46:55 -07:00
|
|
|
cleanup_connections: bool,
|
2023-08-16 14:01:21 -04:00
|
|
|
log_client_parameter_status_changes: bool,
|
2023-10-25 18:11:57 -04:00
|
|
|
prepared_statement_cache_size: usize,
|
2022-02-05 18:20:53 -08:00
|
|
|
) -> ServerPool {
|
|
|
|
|
ServerPool {
|
2022-11-10 02:04:31 +08:00
|
|
|
address,
|
2023-10-10 09:18:21 -07:00
|
|
|
user,
|
2022-02-05 18:20:53 -08:00
|
|
|
database: database.to_string(),
|
2022-11-10 02:04:31 +08:00
|
|
|
client_server_map,
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
auth_hash,
|
2023-05-12 09:50:52 -07:00
|
|
|
plugins,
|
2023-05-18 10:46:55 -07:00
|
|
|
cleanup_connections,
|
2023-08-16 14:01:21 -04:00
|
|
|
log_client_parameter_status_changes,
|
2023-10-25 18:11:57 -04:00
|
|
|
prepared_statement_cache_size,
|
2022-02-05 10:02:13 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-02-05 18:20:53 -08:00
|
|
|
|
|
|
|
|
#[async_trait]
|
|
|
|
|
impl ManageConnection for ServerPool {
|
|
|
|
|
type Connection = Server;
|
|
|
|
|
type Error = Error;
|
|
|
|
|
|
|
|
|
|
/// Attempts to create a new connection.
|
|
|
|
|
async fn connect(&self) -> Result<Self::Connection, Self::Error> {
|
2022-09-01 13:16:22 -05:00
|
|
|
info!("Creating a new server connection {:?}", self.address);
|
2022-02-05 18:20:53 -08:00
|
|
|
|
2023-03-28 17:19:37 +02:00
|
|
|
let stats = Arc::new(ServerStats::new(
|
|
|
|
|
self.address.clone(),
|
|
|
|
|
tokio::time::Instant::now(),
|
|
|
|
|
));
|
|
|
|
|
|
|
|
|
|
stats.register(stats.clone());
|
2022-02-21 17:28:50 -08:00
|
|
|
|
2022-03-10 01:33:29 -08:00
|
|
|
// Connect to the PostgreSQL server.
|
2022-02-21 17:28:50 -08:00
|
|
|
match Server::startup(
|
2022-02-15 08:18:01 -08:00
|
|
|
&self.address,
|
|
|
|
|
&self.user,
|
2022-02-05 18:20:53 -08:00
|
|
|
&self.database,
|
|
|
|
|
self.client_server_map.clone(),
|
2023-03-28 17:19:37 +02:00
|
|
|
stats.clone(),
|
Auth passthrough (auth_query) (#266)
* Add a new exec_simple_query method
This adds a new `exec_simple_query` method so we can make 'out of band'
queries to servers that don't interfere with pools at all.
In order to reuse startup code for making these simple queries,
we need to set the stats (`Reporter`) optional, so using these
simple queries wont interfere with stats.
* Add auth passthough (auth_query)
Adds a feature that allows setting auth passthrough for md5 auth.
It adds 3 new (general and pool) config parameters:
- `auth_query`: An string containing a query that will be executed on boot
to obtain the hash of a given user. This query have to use a placeholder `$1`,
so pgcat can replace it with the user its trying to fetch the hash from.
- `auth_query_user`: The user to use for connecting to the server and executing the
auth_query.
- `auth_query_password`: The password to use for connecting to the server and executing the
auth_query.
The configuration can be done either on the general config (so pools share them) or in a per-pool basis.
The behavior is, at boot time, when validating server connections, a hash is fetched per server
and stored in the pool. When new server connections are created, and no cleartext password is specified,
the obtained hash is used for creating them, if the hash could not be obtained for whatever reason, it retries
it.
When client authentication is tried, it uses cleartext passwords if specified, it not, it checks whether
we have query_auth set up, if so, it tries to use the obtained hash for making client auth. If there is no
hash (we could not obtain one when validating the connection), a new fetch is tried.
Once we have a hash, we authenticate using it against whathever the client has sent us, if there is a failure
we refetch the hash and retry auth (so password changes can be done).
The idea with this 'retrial' mechanism is to make it fault tolerant, so if for whatever reason hash could not be
obtained during connection validation, or the password has change, we can still connect later.
* Add documentation for Auth passthrough
2023-03-30 22:29:23 +02:00
|
|
|
self.auth_hash.clone(),
|
2023-05-18 10:46:55 -07:00
|
|
|
self.cleanup_connections,
|
2023-08-16 14:01:21 -04:00
|
|
|
self.log_client_parameter_status_changes,
|
2023-10-25 18:11:57 -04:00
|
|
|
self.prepared_statement_cache_size,
|
2022-02-05 18:20:53 -08:00
|
|
|
)
|
|
|
|
|
.await
|
2022-02-21 17:28:50 -08:00
|
|
|
{
|
2023-05-12 09:50:52 -07:00
|
|
|
Ok(mut conn) => {
|
|
|
|
|
if let Some(ref plugins) = self.plugins {
|
|
|
|
|
if let Some(ref prewarmer) = plugins.prewarmer {
|
|
|
|
|
let mut prewarmer = prewarmer::Prewarmer {
|
|
|
|
|
enabled: prewarmer.enabled,
|
|
|
|
|
server: &mut conn,
|
|
|
|
|
queries: &prewarmer.queries,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
prewarmer.run().await?;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-28 17:19:37 +02:00
|
|
|
stats.idle();
|
2022-02-21 17:28:50 -08:00
|
|
|
Ok(conn)
|
|
|
|
|
}
|
|
|
|
|
Err(err) => {
|
2023-03-28 17:19:37 +02:00
|
|
|
stats.disconnect();
|
2022-02-21 17:28:50 -08:00
|
|
|
Err(err)
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-02-05 18:20:53 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Determines if the connection is still connected to the database.
|
2022-09-21 16:48:33 -04:00
|
|
|
async fn is_valid(&self, _conn: &mut Self::Connection) -> Result<(), Self::Error> {
|
2022-02-05 18:20:53 -08:00
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Synchronously determine if the connection is no longer usable, if possible.
|
|
|
|
|
fn has_broken(&self, conn: &mut Self::Connection) -> bool {
|
|
|
|
|
conn.is_bad()
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-06-24 14:52:38 -07:00
|
|
|
|
|
|
|
|
/// Get the connection pool
|
2022-10-01 11:25:59 -06:00
|
|
|
pub fn get_pool(db: &str, user: &str) -> Option<ConnectionPool> {
|
2022-11-10 02:04:31 +08:00
|
|
|
(*(*POOLS.load()))
|
|
|
|
|
.get(&PoolIdentifier::new(db, user))
|
|
|
|
|
.cloned()
|
2022-07-27 21:47:55 -05:00
|
|
|
}
|
|
|
|
|
|
2022-09-14 10:20:41 -05:00
|
|
|
/// Get a pointer to all configured pools.
|
2022-10-01 11:25:59 -06:00
|
|
|
pub fn get_all_pools() -> HashMap<PoolIdentifier, ConnectionPool> {
|
2022-11-10 02:04:31 +08:00
|
|
|
(*(*POOLS.load())).clone()
|
2022-09-14 10:20:41 -05:00
|
|
|
}
|