From 558606fad326da3acb2b34767d34808c7d3214dd Mon Sep 17 00:00:00 2001 From: Michael Quigley Date: Mon, 27 Mar 2023 13:51:48 -0400 Subject: [PATCH] add trx to action interfaces; implement limit and relax for share (#276) --- controller/limits/accountLimitAction.go | 3 ++- controller/limits/accountRelaxAction.go | 3 ++- controller/limits/accounttWarningAction.go | 3 ++- controller/limits/agent.go | 18 ++++++------- controller/limits/environmentLimitAction.go | 3 ++- controller/limits/environmentRelaxAction.go | 3 ++- controller/limits/environmentWarningAction.go | 3 ++- controller/limits/model.go | 11 +++++--- controller/limits/shareLimitAction.go | 15 ++++++++++- controller/limits/shareRelaxAction.go | 26 ++++++++++++++++++- controller/limits/shareWarningAction.go | 3 ++- controller/share.go | 3 +++ 12 files changed, 72 insertions(+), 22 deletions(-) diff --git a/controller/limits/accountLimitAction.go b/controller/limits/accountLimitAction.go index 2b3e5d27..38fb4adb 100644 --- a/controller/limits/accountLimitAction.go +++ b/controller/limits/accountLimitAction.go @@ -1,6 +1,7 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" "github.com/sirupsen/logrus" @@ -15,7 +16,7 @@ func newAccountLimitAction(str *store.Store, edge *rest_management_api_client.Zi return &accountLimitAction{str, edge} } -func (a *accountLimitAction) HandleAccount(acct *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *accountLimitAction) HandleAccount(acct *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("limiting '%v'", acct.Email) return nil } diff --git a/controller/limits/accountRelaxAction.go b/controller/limits/accountRelaxAction.go index bac2f4c1..03090537 100644 --- a/controller/limits/accountRelaxAction.go +++ b/controller/limits/accountRelaxAction.go @@ -1,6 +1,7 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" "github.com/sirupsen/logrus" @@ -15,7 +16,7 @@ func newAccountRelaxAction(str *store.Store, edge *rest_management_api_client.Zi return &accountRelaxAction{str, edge} } -func (a *accountRelaxAction) HandleAccount(acct *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *accountRelaxAction) HandleAccount(acct *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("relaxing '%v'", acct.Email) return nil } diff --git a/controller/limits/accounttWarningAction.go b/controller/limits/accounttWarningAction.go index 0223ed17..9a79341d 100644 --- a/controller/limits/accounttWarningAction.go +++ b/controller/limits/accounttWarningAction.go @@ -1,6 +1,7 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" "github.com/sirupsen/logrus" @@ -15,7 +16,7 @@ func newAccountWarningAction(str *store.Store, edge *rest_management_api_client. return &accountWarningAction{str, edge} } -func (a *accountWarningAction) HandleAccount(acct *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *accountWarningAction) HandleAccount(acct *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("warning '%v'", acct.Email) return nil } diff --git a/controller/limits/agent.go b/controller/limits/agent.go index 226adb90..ba22cec3 100644 --- a/controller/limits/agent.go +++ b/controller/limits/agent.go @@ -165,7 +165,7 @@ func (a *Agent) enforce(u *metrics.Usage) error { } // run account limit actions for _, action := range a.acctLimitActions { - if err := action.HandleAccount(acct, rxBytes, txBytes, a.cfg.Bandwidth.PerAccount); err != nil { + if err := action.HandleAccount(acct, rxBytes, txBytes, a.cfg.Bandwidth.PerAccount, trx); err != nil { return err } } @@ -202,7 +202,7 @@ func (a *Agent) enforce(u *metrics.Usage) error { } // run account warning actions for _, action := range a.acctWarningActions { - if err := action.HandleAccount(acct, rxBytes, txBytes, a.cfg.Bandwidth.PerAccount); err != nil { + if err := action.HandleAccount(acct, rxBytes, txBytes, a.cfg.Bandwidth.PerAccount, trx); err != nil { return err } } @@ -241,7 +241,7 @@ func (a *Agent) enforce(u *metrics.Usage) error { } // run environment limit actions for _, action := range a.envLimitActions { - if err := action.HandleEnvironment(env, rxBytes, txBytes, a.cfg.Bandwidth.PerEnvironment); err != nil { + if err := action.HandleEnvironment(env, rxBytes, txBytes, a.cfg.Bandwidth.PerEnvironment, trx); err != nil { return err } } @@ -278,7 +278,7 @@ func (a *Agent) enforce(u *metrics.Usage) error { } // run environment warning actions for _, action := range a.envWarningActions { - if err := action.HandleEnvironment(env, rxBytes, txBytes, a.cfg.Bandwidth.PerEnvironment); err != nil { + if err := action.HandleEnvironment(env, rxBytes, txBytes, a.cfg.Bandwidth.PerEnvironment, trx); err != nil { return err } } @@ -318,7 +318,7 @@ func (a *Agent) enforce(u *metrics.Usage) error { } // run share limit actions for _, action := range a.shrLimitActions { - if err := action.HandleShare(shr, rxBytes, txBytes, a.cfg.Bandwidth.PerShare); err != nil { + if err := action.HandleShare(shr, rxBytes, txBytes, a.cfg.Bandwidth.PerShare, trx); err != nil { return err } } @@ -356,7 +356,7 @@ func (a *Agent) enforce(u *metrics.Usage) error { } // run share warning actions for _, action := range a.shrWarningActions { - if err := action.HandleShare(shr, rxBytes, txBytes, a.cfg.Bandwidth.PerShare); err != nil { + if err := action.HandleShare(shr, rxBytes, txBytes, a.cfg.Bandwidth.PerShare, trx); err != nil { return err } } @@ -401,7 +401,7 @@ func (a *Agent) relax() error { if !enforce && !warning { // run relax actions for share for _, action := range a.shrRelaxActions { - if err := action.HandleShare(shr, rxBytes, txBytes, a.cfg.Bandwidth.PerShare); err != nil { + if err := action.HandleShare(shr, rxBytes, txBytes, a.cfg.Bandwidth.PerShare, trx); err != nil { return err } } @@ -433,7 +433,7 @@ func (a *Agent) relax() error { if !enforce && !warning { // run relax actions for environment for _, action := range a.envRelaxActions { - if err := action.HandleEnvironment(env, rxBytes, txBytes, a.cfg.Bandwidth.PerEnvironment); err != nil { + if err := action.HandleEnvironment(env, rxBytes, txBytes, a.cfg.Bandwidth.PerEnvironment, trx); err != nil { return err } } @@ -465,7 +465,7 @@ func (a *Agent) relax() error { if !enforce && !warning { // run relax actions for account for _, action := range a.acctRelaxActions { - if err := action.HandleAccount(acct, rxBytes, txBytes, a.cfg.Bandwidth.PerAccount); err != nil { + if err := action.HandleAccount(acct, rxBytes, txBytes, a.cfg.Bandwidth.PerAccount, trx); err != nil { return err } } diff --git a/controller/limits/environmentLimitAction.go b/controller/limits/environmentLimitAction.go index c7d32b72..79c78517 100644 --- a/controller/limits/environmentLimitAction.go +++ b/controller/limits/environmentLimitAction.go @@ -1,6 +1,7 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" "github.com/sirupsen/logrus" @@ -15,7 +16,7 @@ func newEnvironmentLimitAction(str *store.Store, edge *rest_management_api_clien return &environmentLimitAction{str, edge} } -func (a *environmentLimitAction) HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *environmentLimitAction) HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("limiting '%v'", e.ZId) return nil } diff --git a/controller/limits/environmentRelaxAction.go b/controller/limits/environmentRelaxAction.go index de4a833c..0721b508 100644 --- a/controller/limits/environmentRelaxAction.go +++ b/controller/limits/environmentRelaxAction.go @@ -1,6 +1,7 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" "github.com/sirupsen/logrus" @@ -15,7 +16,7 @@ func newEnvironmentRelaxAction(str *store.Store, edge *rest_management_api_clien return &environmentRelaxAction{str, edge} } -func (a *environmentRelaxAction) HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *environmentRelaxAction) HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("relaxing '%v'", e.ZId) return nil } diff --git a/controller/limits/environmentWarningAction.go b/controller/limits/environmentWarningAction.go index b6298aa5..2295a45f 100644 --- a/controller/limits/environmentWarningAction.go +++ b/controller/limits/environmentWarningAction.go @@ -1,6 +1,7 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" "github.com/sirupsen/logrus" @@ -15,7 +16,7 @@ func newEnvironmentWarningAction(str *store.Store, edge *rest_management_api_cli return &environmentWarningAction{str, edge} } -func (a *environmentWarningAction) HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *environmentWarningAction) HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("warning '%v'", e.ZId) return nil } diff --git a/controller/limits/model.go b/controller/limits/model.go index b4c1a1ad..c13f8aae 100644 --- a/controller/limits/model.go +++ b/controller/limits/model.go @@ -1,15 +1,18 @@ package limits -import "github.com/openziti/zrok/controller/store" +import ( + "github.com/jmoiron/sqlx" + "github.com/openziti/zrok/controller/store" +) type AccountAction interface { - HandleAccount(a *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error + HandleAccount(a *store.Account, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error } type EnvironmentAction interface { - HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error + HandleEnvironment(e *store.Environment, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error } type ShareAction interface { - HandleShare(s *store.Share, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error + HandleShare(s *store.Share, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error } diff --git a/controller/limits/shareLimitAction.go b/controller/limits/shareLimitAction.go index 61655ef4..4daf2551 100644 --- a/controller/limits/shareLimitAction.go +++ b/controller/limits/shareLimitAction.go @@ -1,8 +1,10 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" + "github.com/openziti/zrok/controller/zrokEdgeSdk" "github.com/sirupsen/logrus" ) @@ -15,7 +17,18 @@ func newShareLimitAction(str *store.Store, edge *rest_management_api_client.Ziti return &shareLimitAction{str, edge} } -func (a *shareLimitAction) HandleShare(s *store.Share, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *shareLimitAction) HandleShare(s *store.Share, _, _ int64, _ *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("limiting '%v'", s.Token) + + env, err := a.str.GetEnvironment(s.EnvironmentId, trx) + if err != nil { + return err + } + + if err := zrokEdgeSdk.DeleteServicePolicyDial(env.ZId, s.Token, a.edge); err != nil { + return err + } + logrus.Infof("removed service dial policy for '%v'", s.Token) + return nil } diff --git a/controller/limits/shareRelaxAction.go b/controller/limits/shareRelaxAction.go index 3c805dc7..a13c1a7a 100644 --- a/controller/limits/shareRelaxAction.go +++ b/controller/limits/shareRelaxAction.go @@ -1,8 +1,11 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" + "github.com/openziti/zrok/controller/zrokEdgeSdk" + "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -15,7 +18,28 @@ func newShareRelaxAction(str *store.Store, edge *rest_management_api_client.Ziti return &shareRelaxAction{str, edge} } -func (a *shareRelaxAction) HandleShare(s *store.Share, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *shareRelaxAction) HandleShare(s *store.Share, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("relaxing '%v'", s.Token) + + if s.ShareMode == "public" { + env, err := a.str.GetEnvironment(s.EnvironmentId, trx) + if err != nil { + return errors.Wrap(err, "error finding environment") + } + + fe, err := a.str.FindFrontendPubliclyNamed(*s.FrontendSelection, trx) + if err != nil { + return errors.Wrapf(err, "error finding frontend name '%v' for '%v'", *s.FrontendSelection, s.Token) + } + + if err := zrokEdgeSdk.CreateServicePolicyDial(env.ZId+"-"+s.ZId+"-dial", s.ZId, []string{fe.ZId}, zrokEdgeSdk.ZrokShareTags(s.Token).SubTags, a.edge); err != nil { + return errors.Wrapf(err, "error creating dial service policy for '%v'", s.Token) + } + logrus.Infof("added dial service policy for '%v'", s.Token) + + } else if s.ShareMode == "private" { + return errors.New("share relax for private share not implemented") + } + return nil } diff --git a/controller/limits/shareWarningAction.go b/controller/limits/shareWarningAction.go index 05085c74..90119879 100644 --- a/controller/limits/shareWarningAction.go +++ b/controller/limits/shareWarningAction.go @@ -1,6 +1,7 @@ package limits import ( + "github.com/jmoiron/sqlx" "github.com/openziti/edge/rest_management_api_client" "github.com/openziti/zrok/controller/store" "github.com/sirupsen/logrus" @@ -15,7 +16,7 @@ func newShareWarningAction(str *store.Store, edge *rest_management_api_client.Zi return &shareWarningAction{str, edge} } -func (a *shareWarningAction) HandleShare(s *store.Share, rxBytes, txBytes int64, limit *BandwidthPerPeriod) error { +func (a *shareWarningAction) HandleShare(s *store.Share, rxBytes, txBytes int64, limit *BandwidthPerPeriod, trx *sqlx.Tx) error { logrus.Infof("warning '%v'", s.Token) return nil } diff --git a/controller/share.go b/controller/share.go index ec2d9936..4b5b5b1b 100644 --- a/controller/share.go +++ b/controller/share.go @@ -115,6 +115,9 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr BackendProxyEndpoint: ¶ms.Body.BackendProxyEndpoint, Reserved: reserved, } + if len(params.Body.FrontendSelection) > 0 { + sshr.FrontendSelection = ¶ms.Body.FrontendSelection[0] + } if len(frontendEndpoints) > 0 { sshr.FrontendEndpoint = &frontendEndpoints[0] } else if sshr.ShareMode == "private" {