Add Consul KV store based on atomic transactions

Author: timvaillancourt

conf/orchestrator-sample.conf.json

@@ -142,5 +142,6 @@
   "GraphitePath": "",
   "GraphiteConvertHostnameDotsToUnderscores": true,
   "ConsulAddress": "",
-  "ConsulAclToken": ""
+  "ConsulAclToken": "",
+  "ConsulKVStoreProvider": "consul"
 }

docs/kv.md

@@ -78,3 +78,15 @@ With `ConsulCrossDataCenterDistribution`, `orchestrator` runs an additional, per
 Once per minute, `orchestrator` leader node queries its configured Consul server for the list of [known datacenters](https://www.consul.io/api/catalog.html#list-datacenters). It then iterates throught those data center clusters, and updates each and every one with the current identities of masters.
 
 This functionality is required in case one has more Consul datacenters than just one-local-consul-per-orchestrator-node. We illustrated above how in a `orchestrator/raft` setup, each node updates its local Consul cluster. However, Consul clusters that are not local to any `orchestrator` node are unaffected by that approach. `ConsulCrossDataCenterDistribution` is the way to include all those other DCs.
+
+#### Consul Transaction support
+
+Atomic [Consul Transaction](https://www.consul.io/api-docs/txn) support is enabled by configuring:
+
+```json
+  "ConsulKVStoreProvider": "consul-txn",
+```
+
+_Note: this feature requires Consul version 0.7 or greater._
+
+This will cause Orchestrator to use a [Consul Transaction](https://www.consul.io/api-docs/txn) when distributing one or more Consul KVs. The use of transactions reduces the number of requests to the Consul server while ensuring updates of several KVs are atomic.

go/config/config.go

@@ -265,6 +265,7 @@ type Configuration struct {
 	ConsulScheme                               string            // Scheme (http or https) for Consul
 	ConsulAclToken                             string            // ACL token used to write to Consul KV
 	ConsulCrossDataCenterDistribution          bool              // should orchestrator automatically auto-deduce all consul DCs and write KVs in all DCs
+	ConsulKVStoreProvider                      string            // Consul KV store provider (consul or consul-txn), default: "consul"
 	ZkAddress                                  string            // UNSUPPERTED YET. Address where (single or multiple) ZooKeeper servers are found, in `srv1[:port1][,srv2[:port2]...]` format. Default port is 2181. Example: srv-a,srv-b:12181,srv-c
 	KVClusterMasterPrefix                      string            // Prefix to use for clusters' masters entries in KV stores (internal, consul, ZK), default: "mysql/master"
 	WebMessage                                 string            // If provided, will be shown on all web pages below the title bar
@@ -432,6 +433,7 @@ func newConfiguration() *Configuration {
 		ConsulScheme:                               "http",
 		ConsulAclToken:                             "",
 		ConsulCrossDataCenterDistribution:          false,
+		ConsulKVStoreProvider:                      "consul",
 		ZkAddress:                                  "",
 		KVClusterMasterPrefix:                      "mysql/master",
 		WebMessage:                                 "",

go/kv/consul.go

@@ -31,6 +31,11 @@ import (
 	"github.com/openark/golib/log"
 )
 
+// getConsulKVCacheKey returns a Consul KV cache key for a given datacenter
+func getConsulKVCacheKey(dc, key string) string {
+	return fmt.Sprintf("%s;%s", dc, key)
+}
+
 // A Consul store based on config's `ConsulAddress`, `ConsulScheme`, and `ConsulKVPrefix`
 type consulStore struct {
 	client                        *consulapi.Client
@@ -135,7 +140,7 @@ func (this *consulStore) DistributePairs(kvPairs [](*KVPair)) (err error) {
 
 			for _, consulPair := range consulPairs {
 				val := string(consulPair.Value)
-				kcCacheKey := fmt.Sprintf("%s;%s", datacenter, consulPair.Key)
+				kcCacheKey := getConsulKVCacheKey(datacenter, consulPair.Key)
 
 				if value, found := this.kvCache.Get(kcCacheKey); found && val == value {
 					skipped++

go/kv/consul_test.go

@@ -0,0 +1,71 @@
+package kv
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"reflect"
+	"sort"
+	"strings"
+	"testing"
+
+	consulapi "github.com/hashicorp/consul/api"
+)
+
+const consulTestDefaultDatacenter = "dc1"
+
+type consulTestServerOp struct {
+	Method       string
+	URL          string
+	Request      interface{}
+	Response     interface{}
+	ResponseCode int
+}
+
+// sortTxnKVOps sort TxnOps by op.KV.Key to resolve random test failures
+func sortTxnKVOps(txnOps []*consulapi.TxnOp) []*consulapi.TxnOp {
+	sort.Slice(txnOps, func(a, b int) bool {
+		return txnOps[a].KV.Key < txnOps[b].KV.Key
+	})
+	return txnOps
+}
+
+func buildConsulTestServer(t *testing.T, testOps []consulTestServerOp) *httptest.Server {
+	handlerFunc := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		requestBytes, _ := ioutil.ReadAll(r.Body)
+		requestBody := strings.TrimSpace(string(requestBytes))
+
+		for _, testOp := range testOps {
+			if r.Method != testOp.Method || r.URL.String() != testOp.URL {
+				continue
+			}
+			if testOp.ResponseCode == 0 {
+				testOp.ResponseCode = http.StatusOK
+			}
+			if strings.HasPrefix(r.URL.String(), "/v1/kv") && testOp.Response != nil {
+				w.WriteHeader(testOp.ResponseCode)
+				json.NewEncoder(w).Encode(testOp.Response)
+				return
+			} else if strings.HasPrefix(r.URL.String(), "/v1/txn") {
+				var txnOps consulapi.TxnOps
+				if err := json.Unmarshal(requestBytes, &txnOps); err != nil {
+					t.Fatalf("Unable to unmarshal json request body: %v", err)
+					continue
+				}
+				testOpRequest := sortTxnKVOps(testOp.Request.(consulapi.TxnOps))
+				if testOp.Response != nil && reflect.DeepEqual(testOpRequest, sortTxnKVOps(txnOps)) {
+					w.WriteHeader(testOp.ResponseCode)
+					json.NewEncoder(w).Encode(testOp.Response)
+					return
+				}
+			}
+		}
+
+		t.Fatalf("No requests matched setup. Got method %s, Path %s, body %s", r.Method, r.URL.String(), requestBody)
+		w.WriteHeader(http.StatusNotFound)
+		_, _ = fmt.Fprintln(w, "")
+	})
+	return httptest.NewServer(handlerFunc)
+}

go/kv/consul_txn.go

@@ -0,0 +1,234 @@
+/*
+   Copyright 2020 Shlomi Noach, GitHub Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package kv
+
+import (
+	"crypto/tls"
+	"fmt"
+	"net/http"
+	"sync"
+	"sync/atomic"
+
+	"github.com/openark/orchestrator/go/config"
+
+	consulapi "github.com/hashicorp/consul/api"
+	"github.com/patrickmn/go-cache"
+
+	"github.com/openark/golib/log"
+)
+
+// A Consul store based on config's `ConsulAddress`, `ConsulScheme`, and `ConsulKVPrefix`
+type consulTxnStore struct {
+	client                        *consulapi.Client
+	kvCache                       *cache.Cache
+	pairsDistributionSuccessMutex sync.Mutex
+	distributionReentry           int64
+}
+
+// NewConsulTxnStore creates a new consul store that uses Consul Transactions to read/write multiple KVPairs.
+// It is possible that the client for this store is nil, which is the case if no consul config is provided
+func NewConsulTxnStore() KVStore {
+	store := &consulTxnStore{
+		kvCache: cache.New(cache.NoExpiration, cache.DefaultExpiration),
+	}
+
+	if config.Config.ConsulAddress != "" {
+		consulConfig := consulapi.DefaultConfig()
+		consulConfig.Address = config.Config.ConsulAddress
+		consulConfig.Scheme = config.Config.ConsulScheme
+		if config.Config.ConsulScheme == "https" {
+			consulConfig.HttpClient = &http.Client{
+				Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}},
+			}
+		}
+		// ConsulAclToken defaults to ""
+		consulConfig.Token = config.Config.ConsulAclToken
+		if client, err := consulapi.NewClient(consulConfig); err != nil {
+			log.Errore(err)
+		} else {
+			store.client = client
+		}
+	}
+	return store
+}
+
+// doWriteTxn performs one or many of write operations using a Consul Transaction and handles any client/server
+// or transaction-level errors. Updates are all-or-nothing - all operations are rolled-back on any txn error
+func (this *consulTxnStore) doWriteTxn(txnOps consulapi.TxnOps, queryOptions *consulapi.QueryOptions) (err error) {
+	ok, resp, _, err := this.client.Txn().Txn(txnOps, queryOptions)
+	if err != nil {
+		return err
+	} else if !ok {
+		// return the first transaction error found
+		for _, txnErr := range resp.Errors {
+			if txnErr.What != "" {
+				return fmt.Errorf("consul txn error: %v", txnErr.What)
+			}
+		}
+	}
+	return err
+}
+
+func (this *consulTxnStore) updateDatacenterKVPairs(wg *sync.WaitGroup, dc string, kvPairs []*consulapi.KVPair) (skipped, existing, written, failed int, err error) {
+	defer wg.Done()
+
+	queryOptions := &consulapi.QueryOptions{Datacenter: dc}
+	kcCacheKeys := make([]string, 0)
+
+	// get the current key-values in a single transaction
+	var getTxnOps consulapi.TxnOps
+	var possibleSetKVPairs []*consulapi.KVPair
+	for _, kvPair := range kvPairs {
+		val := string(kvPair.Value)
+		kcCacheKey := getConsulKVCacheKey(dc, kvPair.Key)
+		kcCacheKeys = append(kcCacheKeys, kcCacheKey)
+		if value, found := this.kvCache.Get(kcCacheKey); found && val == value {
+			skipped++
+			continue
+		}
+		getTxnOps = append(getTxnOps, &consulapi.TxnOp{
+			KV: &consulapi.KVTxnOp{
+				Verb: consulapi.KVGet,
+				Key:  kvPair.Key,
+			},
+		})
+		possibleSetKVPairs = append(possibleSetKVPairs, kvPair)
+	}
+	_, getTxnResp, _, e := this.client.Txn().Txn(getTxnOps, queryOptions)
+	if err != nil {
+		err = e
+	}
+
+	// find key-value pairs that need updating, add pairs that need updating to set transaction
+	var setTxnOps consulapi.TxnOps
+	for _, pair := range possibleSetKVPairs {
+		var kvExists bool
+		for _, result := range getTxnResp.Results {
+			if pair.Key == result.KV.Key && string(pair.Value) == string(result.KV.Value) {
+				existing++
+				kvExists = true
+				this.kvCache.SetDefault(getConsulKVCacheKey(dc, pair.Key), string(pair.Value))
+				break
+			}
+		}
+		if !kvExists {
+			setTxnOps = append(setTxnOps, &consulapi.TxnOp{
+				KV: &consulapi.KVTxnOp{
+					Verb:  consulapi.KVSet,
+					Key:   pair.Key,
+					Value: pair.Value,
+				},
+			})
+		}
+	}
+
+	// update key-value pairs in a single Consul Transaction
+	if len(setTxnOps) > 0 {
+		if e := this.doWriteTxn(setTxnOps, queryOptions); e != nil {
+			log.Errorf("consulTxnStore.DistributePairs(): failed %v", kcCacheKeys)
+			failed = len(setTxnOps)
+			err = e
+		} else {
+			for _, txnOp := range setTxnOps {
+				this.kvCache.SetDefault(getConsulKVCacheKey(dc, txnOp.KV.Key), string(txnOp.KV.Value))
+				written++
+			}
+		}
+	}
+
+	return skipped, existing, written, failed, err
+}
+
+// GetKeyValue returns the value of a Consul KV if it exists
+func (this *consulTxnStore) GetKeyValue(key string) (value string, found bool, err error) {
+	if this.client == nil {
+		return value, found, nil
+	}
+	pair, _, err := this.client.KV().Get(key, nil)
+	if err != nil {
+		return value, found, err
+	}
+	return string(pair.Value), (pair != nil), nil
+}
+
+// PutKeyValue performs a Consul KV put operation for a key/value
+func (this *consulTxnStore) PutKeyValue(key string, value string) (err error) {
+	if this.client == nil {
+		return nil
+	}
+	pair := &consulapi.KVPair{Key: key, Value: []byte(value)}
+	_, err = this.client.KV().Put(pair, nil)
+	return err
+}
+
+// PutKVPairs updates one or more KV pairs in a single, atomic Consul operation.
+// If a single KV pair is provided PutKeyValue is used to update the pair
+func (this *consulTxnStore) PutKVPairs(kvPairs []*KVPair) (err error) {
+	if this.client == nil {
+		return nil
+	}
+	// use .PutKeyValue for single KVPair puts
+	if len(kvPairs) == 1 {
+		return this.PutKeyValue(kvPairs[0].Key, kvPairs[0].Value)
+	}
+	var txnOps consulapi.TxnOps
+	for _, pair := range kvPairs {
+		txnOps = append(txnOps, &consulapi.TxnOp{
+			KV: &consulapi.KVTxnOp{
+				Verb:  consulapi.KVSet,
+				Key:   pair.Key,
+				Value: []byte(pair.Value),
+			},
+		})
+	}
+	return this.doWriteTxn(txnOps, nil)
+}
+
+// DistributePairs updates all known Consul Datacenters with one or more KV pairs
+func (this *consulTxnStore) DistributePairs(kvPairs [](*KVPair)) (err error) {
+	// This function is non re-entrant (it can only be running once at any point in time)
+	if atomic.CompareAndSwapInt64(&this.distributionReentry, 0, 1) {
+		defer atomic.StoreInt64(&this.distributionReentry, 0)
+	} else {
+		return
+	}
+
+	if !config.Config.ConsulCrossDataCenterDistribution {
+		return nil
+	}
+
+	datacenters, err := this.client.Catalog().Datacenters()
+	if err != nil {
+		return err
+	}
+	log.Debugf("consulTxnStore.DistributePairs(): distributing %d pairs to %d datacenters", len(kvPairs), len(datacenters))
+	consulPairs := []*consulapi.KVPair{}
+	for _, kvPair := range kvPairs {
+		consulPairs = append(consulPairs, &consulapi.KVPair{Key: kvPair.Key, Value: []byte(kvPair.Value)})
+	}
+	var wg sync.WaitGroup
+	for _, datacenter := range datacenters {
+		var skipped, existing, written, failed int
+		datacenter := datacenter
+
+		wg.Add(1)
+		skipped, existing, written, failed, err = this.updateDatacenterKVPairs(&wg, datacenter, consulPairs)
+		log.Debugf("consulTxnStore.DistributePairs(): datacenter: %s; skipped: %d, existing: %d, written: %d, failed: %d", datacenter, skipped, existing, written, failed)
+	}
+	wg.Wait()
+	return err
+}