Home Explore Help
Sign In
SMusatov
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Files Wiki
Branch: create-table-snapshot-api-design
Branches Tags
seaweedfs
/
weed
/
s3api
/
s3api_server.go

s3api_server.go 12 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253 
  1. package s3api
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"fmt"
    6. 

  6. 	"github.com/seaweedfs/seaweedfs/weed/filer"
    7. 

  7. 	"github.com/seaweedfs/seaweedfs/weed/pb/s3_pb"
    8. 

  8. 	"net"
    9. 

  9. 	"net/http"
    10. 

  10. 	"strings"
    11. 

  11. 	"time"
    12. 

  12. 

  13. 	"github.com/gorilla/mux"
    14. 

  14. 	"github.com/seaweedfs/seaweedfs/weed/pb"
    15. 

  15. 	. "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
    16. 

  16. 	"github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
    17. 

  17. 	"github.com/seaweedfs/seaweedfs/weed/security"
    18. 

  18. 	"github.com/seaweedfs/seaweedfs/weed/util"
    19. 

  19. 	"google.golang.org/grpc"
    20. 

  20. )
    21. 

  21. 

  22. type S3ApiServerOption struct {
    23. 

  23. 	Filer                     pb.ServerAddress
    24. 

  24. 	Port                      int
    25. 

  25. 	Config                    string
    26. 

  26. 	DomainName                string
    27. 

  27. 	BucketsPath               string
    28. 

  28. 	GrpcDialOption            grpc.DialOption
    29. 

  29. 	AllowEmptyFolder          bool
    30. 

  30. 	AllowDeleteBucketNotEmpty bool
    31. 

  31. 	LocalFilerSocket          string
    32. 

  32. 	DataCenter                string
    33. 

  33. 	FilerGroup                string
    34. 

  34. }
    35. 

  35. 

  36. type S3ApiServer struct {
    37. 

  37. 	s3_pb.UnimplementedSeaweedS3Server
    38. 

  38. 	option         *S3ApiServerOption
    39. 

  39. 	iam            *IdentityAccessManagement
    40. 

  40. 	cb             *CircuitBreaker
    41. 

  41. 	randomClientId int32
    42. 

  42. 	filerGuard     *security.Guard
    43. 

  43. 	client         *http.Client
    44. 

  44. 	bucketRegistry *BucketRegistry
    45. 

  45. }
    46. 

  46. 

  47. func NewS3ApiServer(router *mux.Router, option *S3ApiServerOption) (s3ApiServer *S3ApiServer, err error) {
    48. 

  48. 	v := util.GetViper()
    49. 

  49. 	signingKey := v.GetString("jwt.filer_signing.key")
    50. 

  50. 	v.SetDefault("jwt.filer_signing.expires_after_seconds", 10)
    51. 

  51. 	expiresAfterSec := v.GetInt("jwt.filer_signing.expires_after_seconds")
    52. 

  52. 

  53. 	readSigningKey := v.GetString("jwt.filer_signing.read.key")
    54. 

  54. 	v.SetDefault("jwt.filer_signing.read.expires_after_seconds", 60)
    55. 

  55. 	readExpiresAfterSec := v.GetInt("jwt.filer_signing.read.expires_after_seconds")
    56. 

  56. 

  57. 	s3ApiServer = &S3ApiServer{
    58. 

  58. 		option:         option,
    59. 

  59. 		iam:            NewIdentityAccessManagement(option),
    60. 

  60. 		randomClientId: util.RandomInt32(),
    61. 

  61. 		filerGuard:     security.NewGuard([]string{}, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec),
    62. 

  62. 		cb:             NewCircuitBreaker(option),
    63. 

  63. 	}
    64. 

  64. 	s3ApiServer.bucketRegistry = NewBucketRegistry(s3ApiServer)
    65. 

  65. 	if option.LocalFilerSocket == "" {
    66. 

  66. 		s3ApiServer.client = &http.Client{Transport: &http.Transport{
    67. 

  67. 			MaxIdleConns:        1024,
    68. 

  68. 			MaxIdleConnsPerHost: 1024,
    69. 

  69. 		}}
    70. 

  70. 	} else {
    71. 

  71. 		s3ApiServer.client = &http.Client{
    72. 

  72. 			Transport: &http.Transport{
    73. 

  73. 				DialContext: func(_ context.Context, _, _ string) (net.Conn, error) {
    74. 

  74. 					return net.Dial("unix", option.LocalFilerSocket)
    75. 

  75. 				},
    76. 

  76. 			},
    77. 

  77. 		}
    78. 

  78. 	}
    79. 

  79. 

  80. 	s3ApiServer.registerRouter(router)
    81. 

  81. 

  82. 	go s3ApiServer.subscribeMetaEvents("s3", time.Now().UnixNano(), filer.DirectoryEtcRoot, []string{option.BucketsPath})
    83. 

  83. 	return s3ApiServer, nil
    84. 

  84. }
    85. 

  85. 

  86. func (s3a *S3ApiServer) registerRouter(router *mux.Router) {
    87. 

  87. 	// API Router
    88. 

  88. 	apiRouter := router.PathPrefix("/").Subrouter()
    89. 

  89. 

  90. 	// Readiness Probe
    91. 

  91. 	apiRouter.Methods("GET").Path("/status").HandlerFunc(s3a.StatusHandler)
    92. 

  92. 

  93. 	apiRouter.Methods("OPTIONS").HandlerFunc(
    94. 

  94. 		func(w http.ResponseWriter, r *http.Request) {
    95. 

  95. 			w.Header().Set("Access-Control-Allow-Origin", "*")
    96. 

  96. 			w.Header().Set("Access-Control-Expose-Headers", "*")
    97. 

  97. 			w.Header().Set("Access-Control-Allow-Methods", "*")
    98. 

  98. 			w.Header().Set("Access-Control-Allow-Headers", "*")
    99. 

  99. 			writeSuccessResponseEmpty(w, r)
    100. 

  100. 		})
    101. 

  101. 

  102. 	var routers []*mux.Router
    103. 

  103. 	if s3a.option.DomainName != "" {
    104. 

  104. 		domainNames := strings.Split(s3a.option.DomainName, ",")
    105. 

  105. 		for _, domainName := range domainNames {
    106. 

  106. 			routers = append(routers, apiRouter.Host(
    107. 

  107. 				fmt.Sprintf("%s.%s:%d", "{bucket:.+}", domainName, s3a.option.Port)).Subrouter())
    108. 

  108. 			routers = append(routers, apiRouter.Host(
    109. 

  109. 				fmt.Sprintf("%s.%s", "{bucket:.+}", domainName)).Subrouter())
    110. 

  110. 		}
    111. 

  111. 	}
    112. 

  112. 	routers = append(routers, apiRouter.PathPrefix("/{bucket}").Subrouter())
    113. 

  113. 

  114. 	for _, bucket := range routers {
    115. 

  115. 

  116. 		// each case should follow the next rule:
    117. 

  117. 		// - requesting object with query must precede any other methods
    118. 

  118. 		// - requesting object must precede any methods with buckets
    119. 

  119. 		// - requesting bucket with query must precede raw methods with buckets
    120. 

  120. 		// - requesting bucket must be processed in the end
    121. 

  121. 

  122. 		// objects with query
    123. 

  123. 

  124. 		// CopyObjectPart
    125. 

  125. 		bucket.Methods("PUT").Path("/{object:.+}").HeadersRegexp("X-Amz-Copy-Source", `.*?(\/|%2F).*?`).HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.CopyObjectPartHandler, ACTION_WRITE)), "PUT")).Queries("partNumber", "{partNumber:[0-9]+}", "uploadId", "{uploadId:.*}")
    126. 

  126. 		// PutObjectPart
    127. 

  127. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutObjectPartHandler, ACTION_WRITE)), "PUT")).Queries("partNumber", "{partNumber:[0-9]+}", "uploadId", "{uploadId:.*}")
    128. 

  128. 		// CompleteMultipartUpload
    129. 

  129. 		bucket.Methods("POST").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.CompleteMultipartUploadHandler, ACTION_WRITE)), "POST")).Queries("uploadId", "{uploadId:.*}")
    130. 

  130. 		// NewMultipartUpload
    131. 

  131. 		bucket.Methods("POST").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.NewMultipartUploadHandler, ACTION_WRITE)), "POST")).Queries("uploads", "")
    132. 

  132. 		// AbortMultipartUpload
    133. 

  133. 		bucket.Methods("DELETE").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.AbortMultipartUploadHandler, ACTION_WRITE)), "DELETE")).Queries("uploadId", "{uploadId:.*}")
    134. 

  134. 		// ListObjectParts
    135. 

  135. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.ListObjectPartsHandler, ACTION_READ)), "GET")).Queries("uploadId", "{uploadId:.*}")
    136. 

  136. 		// ListMultipartUploads
    137. 

  137. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.ListMultipartUploadsHandler, ACTION_READ)), "GET")).Queries("uploads", "")
    138. 

  138. 

  139. 		// GetObjectTagging
    140. 

  140. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetObjectTaggingHandler, ACTION_READ)), "GET")).Queries("tagging", "")
    141. 

  141. 		// PutObjectTagging
    142. 

  142. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutObjectTaggingHandler, ACTION_TAGGING)), "PUT")).Queries("tagging", "")
    143. 

  143. 		// DeleteObjectTagging
    144. 

  144. 		bucket.Methods("DELETE").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.DeleteObjectTaggingHandler, ACTION_TAGGING)), "DELETE")).Queries("tagging", "")
    145. 

  145. 

  146. 		// PutObjectACL
    147. 

  147. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutObjectAclHandler, ACTION_WRITE_ACP)), "PUT")).Queries("acl", "")
    148. 

  148. 		// PutObjectRetention
    149. 

  149. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutObjectRetentionHandler, ACTION_WRITE)), "PUT")).Queries("retention", "")
    150. 

  150. 		// PutObjectLegalHold
    151. 

  151. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutObjectLegalHoldHandler, ACTION_WRITE)), "PUT")).Queries("legal-hold", "")
    152. 

  152. 		// PutObjectLockConfiguration
    153. 

  153. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutObjectLockConfigurationHandler, ACTION_WRITE)), "PUT")).Queries("object-lock", "")
    154. 

  154. 

  155. 		// GetObjectACL
    156. 

  156. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetObjectAclHandler, ACTION_READ_ACP)), "GET")).Queries("acl", "")
    157. 

  157. 

  158. 		// objects with query
    159. 

  159. 

  160. 		// raw objects
    161. 

  161. 

  162. 		// HeadObject
    163. 

  163. 		bucket.Methods("HEAD").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.HeadObjectHandler, ACTION_READ)), "GET"))
    164. 

  164. 

  165. 		// GetObject, but directory listing is not supported
    166. 

  166. 		bucket.Methods("GET").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetObjectHandler, ACTION_READ)), "GET"))
    167. 

  167. 

  168. 		// CopyObject
    169. 

  169. 		bucket.Methods("PUT").Path("/{object:.+}").HeadersRegexp("X-Amz-Copy-Source", ".*?(\\/|%2F).*?").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.CopyObjectHandler, ACTION_WRITE)), "COPY"))
    170. 

  170. 		// PutObject
    171. 

  171. 		bucket.Methods("PUT").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutObjectHandler, ACTION_WRITE)), "PUT"))
    172. 

  172. 		// DeleteObject
    173. 

  173. 		bucket.Methods("DELETE").Path("/{object:.+}").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.DeleteObjectHandler, ACTION_WRITE)), "DELETE"))
    174. 

  174. 

  175. 		// raw objects
    176. 

  176. 

  177. 		// buckets with query
    178. 

  178. 

  179. 		// DeleteMultipleObjects
    180. 

  180. 		bucket.Methods("POST").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.DeleteMultipleObjectsHandler, ACTION_WRITE)), "DELETE")).Queries("delete", "")
    181. 

  181. 

  182. 		// GetBucketACL
    183. 

  183. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetBucketAclHandler, ACTION_READ_ACP)), "GET")).Queries("acl", "")
    184. 

  184. 		// PutBucketACL
    185. 

  185. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutBucketAclHandler, ACTION_WRITE_ACP)), "PUT")).Queries("acl", "")
    186. 

  186. 

  187. 		// GetBucketPolicy
    188. 

  188. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetBucketPolicyHandler, ACTION_READ)), "GET")).Queries("policy", "")
    189. 

  189. 		// PutBucketPolicy
    190. 

  190. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutBucketPolicyHandler, ACTION_WRITE)), "PUT")).Queries("policy", "")
    191. 

  191. 		// DeleteBucketPolicy
    192. 

  192. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.DeleteBucketPolicyHandler, ACTION_WRITE)), "DELETE")).Queries("policy", "")
    193. 

  193. 

  194. 		// GetBucketCors
    195. 

  195. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetBucketCorsHandler, ACTION_READ)), "GET")).Queries("cors", "")
    196. 

  196. 		// PutBucketCors
    197. 

  197. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutBucketCorsHandler, ACTION_WRITE)), "PUT")).Queries("cors", "")
    198. 

  198. 		// DeleteBucketCors
    199. 

  199. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.DeleteBucketCorsHandler, ACTION_WRITE)), "DELETE")).Queries("cors", "")
    200. 

  200. 

  201. 		// GetBucketLifecycleConfiguration
    202. 

  202. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetBucketLifecycleConfigurationHandler, ACTION_READ)), "GET")).Queries("lifecycle", "")
    203. 

  203. 		// PutBucketLifecycleConfiguration
    204. 

  204. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PutBucketLifecycleConfigurationHandler, ACTION_WRITE)), "PUT")).Queries("lifecycle", "")
    205. 

  205. 		// DeleteBucketLifecycleConfiguration
    206. 

  206. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.DeleteBucketLifecycleHandler, ACTION_WRITE)), "DELETE")).Queries("lifecycle", "")
    207. 

  207. 

  208. 		// GetBucketLocation
    209. 

  209. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetBucketLocationHandler, ACTION_READ)), "GET")).Queries("location", "")
    210. 

  210. 

  211. 		// GetBucketRequestPayment
    212. 

  212. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.GetBucketRequestPaymentHandler, ACTION_READ)), "GET")).Queries("requestPayment", "")
    213. 

  213. 

  214. 		// ListObjectsV2
    215. 

  215. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.ListObjectsV2Handler, ACTION_LIST)), "LIST")).Queries("list-type", "2")
    216. 

  216. 

  217. 		// buckets with query
    218. 

  218. 		// PutBucketOwnershipControls
    219. 

  219. 		bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.PutBucketOwnershipControls, ACTION_ADMIN), "PUT")).Queries("ownershipControls", "")
    220. 

  220. 

  221. 		//GetBucketOwnershipControls
    222. 

  222. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.GetBucketOwnershipControls, ACTION_READ), "GET")).Queries("ownershipControls", "")
    223. 

  223. 

  224. 		//DeleteBucketOwnershipControls
    225. 

  225. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteBucketOwnershipControls, ACTION_ADMIN), "DELETE")).Queries("ownershipControls", "")
    226. 

  226. 

  227. 		// raw buckets
    228. 

  228. 

  229. 		// PostPolicy
    230. 

  230. 		bucket.Methods("POST").HeadersRegexp("Content-Type", "multipart/form-data*").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.PostPolicyBucketHandler, ACTION_WRITE)), "POST"))
    231. 

  231. 

  232. 		// HeadBucket
    233. 

  233. 		bucket.Methods("HEAD").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.HeadBucketHandler, ACTION_READ)), "GET"))
    234. 

  234. 

  235. 		// PutBucket
    236. 

  236. 		bucket.Methods("PUT").HandlerFunc(track(s3a.PutBucketHandler, "PUT"))
    237. 

  237. 		// DeleteBucket
    238. 

  238. 		bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.DeleteBucketHandler, ACTION_WRITE)), "DELETE"))
    239. 

  239. 

  240. 		// ListObjectsV1 (Legacy)
    241. 

  241. 		bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.cb.Limit(s3a.ListObjectsV1Handler, ACTION_LIST)), "LIST"))
    242. 

  242. 

  243. 		// raw buckets
    244. 

  244. 

  245. 	}
    246. 

  246. 

  247. 	// ListBuckets
    248. 

  248. 	apiRouter.Methods("GET").Path("/").HandlerFunc(track(s3a.ListBucketsHandler, "LIST"))
    249. 

  249. 

  250. 	// NotFound
    251. 

  251. 	apiRouter.NotFoundHandler = http.HandlerFunc(s3err.NotFoundHandler)
    252. 

  252. 

  253. }
    254.