1// Copyright 2016 The etcd Authors 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15package clientv3 16 17import ( 18 "context" 19 "errors" 20 "fmt" 21 "net" 22 "os" 23 "strconv" 24 "strings" 25 "sync" 26 "time" 27 28 "github.com/google/uuid" 29 "go.etcd.io/etcd/clientv3/balancer" 30 "go.etcd.io/etcd/clientv3/balancer/picker" 31 "go.etcd.io/etcd/clientv3/balancer/resolver/endpoint" 32 "go.etcd.io/etcd/clientv3/credentials" 33 "go.etcd.io/etcd/etcdserver/api/v3rpc/rpctypes" 34 "go.etcd.io/etcd/pkg/logutil" 35 "go.uber.org/zap" 36 "google.golang.org/grpc" 37 "google.golang.org/grpc/codes" 38 grpccredentials "google.golang.org/grpc/credentials" 39 "google.golang.org/grpc/keepalive" 40 "google.golang.org/grpc/status" 41) 42 43var ( 44 ErrNoAvailableEndpoints = errors.New("etcdclient: no available endpoints") 45 ErrOldCluster = errors.New("etcdclient: old cluster version") 46 47 roundRobinBalancerName = fmt.Sprintf("etcd-%s", picker.RoundrobinBalanced.String()) 48) 49 50func init() { 51 lg := zap.NewNop() 52 if os.Getenv("ETCD_CLIENT_DEBUG") != "" { 53 lcfg := logutil.DefaultZapLoggerConfig 54 lcfg.Level = zap.NewAtomicLevelAt(zap.DebugLevel) 55 56 var err error 57 lg, err = lcfg.Build() // info level logging 58 if err != nil { 59 panic(err) 60 } 61 } 62 63 // TODO: support custom balancer 64 balancer.RegisterBuilder(balancer.Config{ 65 Policy: picker.RoundrobinBalanced, 66 Name: roundRobinBalancerName, 67 Logger: lg, 68 }) 69} 70 71// Client provides and manages an etcd v3 client session. 72type Client struct { 73 Cluster 74 KV 75 Lease 76 Watcher 77 Auth 78 Maintenance 79 80 conn *grpc.ClientConn 81 82 cfg Config 83 creds grpccredentials.TransportCredentials 84 resolverGroup *endpoint.ResolverGroup 85 mu *sync.RWMutex 86 87 ctx context.Context 88 cancel context.CancelFunc 89 90 // Username is a user name for authentication. 91 Username string 92 // Password is a password for authentication. 93 Password string 94 authTokenBundle credentials.Bundle 95 96 callOpts []grpc.CallOption 97 98 lg *zap.Logger 99} 100 101// New creates a new etcdv3 client from a given configuration. 102func New(cfg Config) (*Client, error) { 103 if len(cfg.Endpoints) == 0 { 104 return nil, ErrNoAvailableEndpoints 105 } 106 107 return newClient(&cfg) 108} 109 110// NewCtxClient creates a client with a context but no underlying grpc 111// connection. This is useful for embedded cases that override the 112// service interface implementations and do not need connection management. 113func NewCtxClient(ctx context.Context) *Client { 114 cctx, cancel := context.WithCancel(ctx) 115 return &Client{ctx: cctx, cancel: cancel} 116} 117 118// NewFromURL creates a new etcdv3 client from a URL. 119func NewFromURL(url string) (*Client, error) { 120 return New(Config{Endpoints: []string{url}}) 121} 122 123// NewFromURLs creates a new etcdv3 client from URLs. 124func NewFromURLs(urls []string) (*Client, error) { 125 return New(Config{Endpoints: urls}) 126} 127 128// Close shuts down the client's etcd connections. 129func (c *Client) Close() error { 130 c.cancel() 131 if c.Watcher != nil { 132 c.Watcher.Close() 133 } 134 if c.Lease != nil { 135 c.Lease.Close() 136 } 137 if c.resolverGroup != nil { 138 c.resolverGroup.Close() 139 } 140 if c.conn != nil { 141 return toErr(c.ctx, c.conn.Close()) 142 } 143 return c.ctx.Err() 144} 145 146// Ctx is a context for "out of band" messages (e.g., for sending 147// "clean up" message when another context is canceled). It is 148// canceled on client Close(). 149func (c *Client) Ctx() context.Context { return c.ctx } 150 151// Endpoints lists the registered endpoints for the client. 152func (c *Client) Endpoints() []string { 153 // copy the slice; protect original endpoints from being changed 154 c.mu.RLock() 155 defer c.mu.RUnlock() 156 eps := make([]string, len(c.cfg.Endpoints)) 157 copy(eps, c.cfg.Endpoints) 158 return eps 159} 160 161// SetEndpoints updates client's endpoints. 162func (c *Client) SetEndpoints(eps ...string) { 163 c.mu.Lock() 164 defer c.mu.Unlock() 165 c.cfg.Endpoints = eps 166 c.resolverGroup.SetEndpoints(eps) 167} 168 169// Sync synchronizes client's endpoints with the known endpoints from the etcd membership. 170func (c *Client) Sync(ctx context.Context) error { 171 mresp, err := c.MemberList(ctx) 172 if err != nil { 173 return err 174 } 175 var eps []string 176 for _, m := range mresp.Members { 177 eps = append(eps, m.ClientURLs...) 178 } 179 c.SetEndpoints(eps...) 180 return nil 181} 182 183func (c *Client) autoSync() { 184 if c.cfg.AutoSyncInterval == time.Duration(0) { 185 return 186 } 187 188 for { 189 select { 190 case <-c.ctx.Done(): 191 return 192 case <-time.After(c.cfg.AutoSyncInterval): 193 ctx, cancel := context.WithTimeout(c.ctx, 5*time.Second) 194 err := c.Sync(ctx) 195 cancel() 196 if err != nil && err != c.ctx.Err() { 197 lg.Lvl(4).Infof("Auto sync endpoints failed: %v", err) 198 } 199 } 200 } 201} 202 203func (c *Client) processCreds(scheme string) (creds grpccredentials.TransportCredentials) { 204 creds = c.creds 205 switch scheme { 206 case "unix": 207 case "http": 208 creds = nil 209 case "https", "unixs": 210 if creds != nil { 211 break 212 } 213 creds = credentials.NewBundle(credentials.Config{}).TransportCredentials() 214 default: 215 creds = nil 216 } 217 return creds 218} 219 220// dialSetupOpts gives the dial opts prior to any authentication. 221func (c *Client) dialSetupOpts(creds grpccredentials.TransportCredentials, dopts ...grpc.DialOption) (opts []grpc.DialOption, err error) { 222 if c.cfg.DialKeepAliveTime > 0 { 223 params := keepalive.ClientParameters{ 224 Time: c.cfg.DialKeepAliveTime, 225 Timeout: c.cfg.DialKeepAliveTimeout, 226 PermitWithoutStream: c.cfg.PermitWithoutStream, 227 } 228 opts = append(opts, grpc.WithKeepaliveParams(params)) 229 } 230 opts = append(opts, dopts...) 231 232 dialer := endpoint.Dialer 233 if creds != nil { 234 opts = append(opts, grpc.WithTransportCredentials(creds)) 235 } else { 236 opts = append(opts, grpc.WithInsecure()) 237 } 238 opts = append(opts, grpc.WithContextDialer(dialer)) 239 240 // Interceptor retry and backoff. 241 // TODO: Replace all of clientv3/retry.go with interceptor based retry, or with 242 // https://github.com/grpc/proposal/blob/master/A6-client-retries.md#retry-policy 243 // once it is available. 244 rrBackoff := withBackoff(c.roundRobinQuorumBackoff(defaultBackoffWaitBetween, defaultBackoffJitterFraction)) 245 opts = append(opts, 246 // Disable stream retry by default since go-grpc-middleware/retry does not support client streams. 247 // Streams that are safe to retry are enabled individually. 248 grpc.WithStreamInterceptor(c.streamClientInterceptor(c.lg, withMax(0), rrBackoff)), 249 grpc.WithUnaryInterceptor(c.unaryClientInterceptor(c.lg, withMax(defaultUnaryMaxRetries), rrBackoff)), 250 ) 251 252 return opts, nil 253} 254 255// Dial connects to a single endpoint using the client's config. 256func (c *Client) Dial(ep string) (*grpc.ClientConn, error) { 257 creds, err := c.directDialCreds(ep) 258 if err != nil { 259 return nil, err 260 } 261 // Use the grpc passthrough resolver to directly dial a single endpoint. 262 // This resolver passes through the 'unix' and 'unixs' endpoints schemes used 263 // by etcd without modification, allowing us to directly dial endpoints and 264 // using the same dial functions that we use for load balancer dialing. 265 return c.dial(fmt.Sprintf("passthrough:///%s", ep), creds) 266} 267 268func (c *Client) getToken(ctx context.Context) error { 269 var err error // return last error in a case of fail 270 271 eps := c.Endpoints() 272 for _, ep := range eps { 273 var auth *authenticator 274 // use dial options without dopts to avoid reusing the client balancer 275 var dOpts []grpc.DialOption 276 _, host, _ := endpoint.ParseEndpoint(ep) 277 target := c.resolverGroup.Target(host) 278 creds := c.dialWithBalancerCreds(ep) 279 dOpts, err = c.dialSetupOpts(creds, c.cfg.DialOptions...) 280 if err != nil { 281 err = fmt.Errorf("failed to configure auth dialer: %v", err) 282 continue 283 } 284 dOpts = append(dOpts, grpc.WithBalancerName(roundRobinBalancerName)) 285 auth, err = newAuthenticator(ctx, target, dOpts, c) 286 if err != nil { 287 continue 288 } 289 defer auth.close() 290 291 var resp *AuthenticateResponse 292 resp, err = auth.authenticate(ctx, c.Username, c.Password) 293 if err != nil { 294 // return err without retrying other endpoints 295 if err == rpctypes.ErrAuthNotEnabled { 296 return err 297 } 298 continue 299 } 300 301 c.authTokenBundle.UpdateAuthToken(resp.Token) 302 return nil 303 } 304 305 return err 306} 307 308// dialWithBalancer dials the client's current load balanced resolver group. The scheme of the host 309// of the provided endpoint determines the scheme used for all endpoints of the client connection. 310func (c *Client) dialWithBalancer(ep string, dopts ...grpc.DialOption) (*grpc.ClientConn, error) { 311 _, host, _ := endpoint.ParseEndpoint(ep) 312 target := c.resolverGroup.Target(host) 313 creds := c.dialWithBalancerCreds(ep) 314 return c.dial(target, creds, dopts...) 315} 316 317// dial configures and dials any grpc balancer target. 318func (c *Client) dial(target string, creds grpccredentials.TransportCredentials, dopts ...grpc.DialOption) (*grpc.ClientConn, error) { 319 opts, err := c.dialSetupOpts(creds, dopts...) 320 if err != nil { 321 return nil, fmt.Errorf("failed to configure dialer: %v", err) 322 } 323 324 if c.Username != "" && c.Password != "" { 325 c.authTokenBundle = credentials.NewBundle(credentials.Config{}) 326 327 ctx, cancel := c.ctx, func() {} 328 if c.cfg.DialTimeout > 0 { 329 ctx, cancel = context.WithTimeout(ctx, c.cfg.DialTimeout) 330 } 331 332 err = c.getToken(ctx) 333 if err != nil { 334 if toErr(ctx, err) != rpctypes.ErrAuthNotEnabled { 335 if err == ctx.Err() && ctx.Err() != c.ctx.Err() { 336 err = context.DeadlineExceeded 337 } 338 cancel() 339 return nil, err 340 } 341 } else { 342 opts = append(opts, grpc.WithPerRPCCredentials(c.authTokenBundle.PerRPCCredentials())) 343 } 344 cancel() 345 } 346 347 opts = append(opts, c.cfg.DialOptions...) 348 349 dctx := c.ctx 350 if c.cfg.DialTimeout > 0 { 351 var cancel context.CancelFunc 352 dctx, cancel = context.WithTimeout(c.ctx, c.cfg.DialTimeout) 353 defer cancel() // TODO: Is this right for cases where grpc.WithBlock() is not set on the dial options? 354 } 355 356 conn, err := grpc.DialContext(dctx, target, opts...) 357 if err != nil { 358 return nil, err 359 } 360 return conn, nil 361} 362 363func (c *Client) directDialCreds(ep string) (grpccredentials.TransportCredentials, error) { 364 _, host, scheme := endpoint.ParseEndpoint(ep) 365 creds := c.creds 366 if len(scheme) != 0 { 367 creds = c.processCreds(scheme) 368 if creds != nil { 369 clone := creds.Clone() 370 // Set the server name must to the endpoint hostname without port since grpc 371 // otherwise attempts to check if x509 cert is valid for the full endpoint 372 // including the scheme and port, which fails. 373 overrideServerName, _, err := net.SplitHostPort(host) 374 if err != nil { 375 // Either the host didn't have a port or the host could not be parsed. Either way, continue with the 376 // original host string. 377 overrideServerName = host 378 } 379 clone.OverrideServerName(overrideServerName) 380 creds = clone 381 } 382 } 383 return creds, nil 384} 385 386func (c *Client) dialWithBalancerCreds(ep string) grpccredentials.TransportCredentials { 387 _, _, scheme := endpoint.ParseEndpoint(ep) 388 creds := c.creds 389 if len(scheme) != 0 { 390 creds = c.processCreds(scheme) 391 } 392 return creds 393} 394 395func newClient(cfg *Config) (*Client, error) { 396 if cfg == nil { 397 cfg = &Config{} 398 } 399 var creds grpccredentials.TransportCredentials 400 if cfg.TLS != nil { 401 creds = credentials.NewBundle(credentials.Config{TLSConfig: cfg.TLS}).TransportCredentials() 402 } 403 404 // use a temporary skeleton client to bootstrap first connection 405 baseCtx := context.TODO() 406 if cfg.Context != nil { 407 baseCtx = cfg.Context 408 } 409 410 ctx, cancel := context.WithCancel(baseCtx) 411 client := &Client{ 412 conn: nil, 413 cfg: *cfg, 414 creds: creds, 415 ctx: ctx, 416 cancel: cancel, 417 mu: new(sync.RWMutex), 418 callOpts: defaultCallOpts, 419 } 420 421 lcfg := logutil.DefaultZapLoggerConfig 422 if cfg.LogConfig != nil { 423 lcfg = *cfg.LogConfig 424 } 425 var err error 426 client.lg, err = lcfg.Build() 427 if err != nil { 428 return nil, err 429 } 430 431 if cfg.Username != "" && cfg.Password != "" { 432 client.Username = cfg.Username 433 client.Password = cfg.Password 434 } 435 if cfg.MaxCallSendMsgSize > 0 || cfg.MaxCallRecvMsgSize > 0 { 436 if cfg.MaxCallRecvMsgSize > 0 && cfg.MaxCallSendMsgSize > cfg.MaxCallRecvMsgSize { 437 return nil, fmt.Errorf("gRPC message recv limit (%d bytes) must be greater than send limit (%d bytes)", cfg.MaxCallRecvMsgSize, cfg.MaxCallSendMsgSize) 438 } 439 callOpts := []grpc.CallOption{ 440 defaultFailFast, 441 defaultMaxCallSendMsgSize, 442 defaultMaxCallRecvMsgSize, 443 } 444 if cfg.MaxCallSendMsgSize > 0 { 445 callOpts[1] = grpc.MaxCallSendMsgSize(cfg.MaxCallSendMsgSize) 446 } 447 if cfg.MaxCallRecvMsgSize > 0 { 448 callOpts[2] = grpc.MaxCallRecvMsgSize(cfg.MaxCallRecvMsgSize) 449 } 450 client.callOpts = callOpts 451 } 452 453 // Prepare a 'endpoint://<unique-client-id>/' resolver for the client and create a endpoint target to pass 454 // to dial so the client knows to use this resolver. 455 client.resolverGroup, err = endpoint.NewResolverGroup(fmt.Sprintf("client-%s", uuid.New().String())) 456 if err != nil { 457 client.cancel() 458 return nil, err 459 } 460 client.resolverGroup.SetEndpoints(cfg.Endpoints) 461 462 if len(cfg.Endpoints) < 1 { 463 return nil, fmt.Errorf("at least one Endpoint must is required in client config") 464 } 465 dialEndpoint := cfg.Endpoints[0] 466 467 // Use a provided endpoint target so that for https:// without any tls config given, then 468 // grpc will assume the certificate server name is the endpoint host. 469 conn, err := client.dialWithBalancer(dialEndpoint, grpc.WithBalancerName(roundRobinBalancerName)) 470 if err != nil { 471 client.cancel() 472 client.resolverGroup.Close() 473 return nil, err 474 } 475 // TODO: With the old grpc balancer interface, we waited until the dial timeout 476 // for the balancer to be ready. Is there an equivalent wait we should do with the new grpc balancer interface? 477 client.conn = conn 478 479 client.Cluster = NewCluster(client) 480 client.KV = NewKV(client) 481 client.Lease = NewLease(client) 482 client.Watcher = NewWatcher(client) 483 client.Auth = NewAuth(client) 484 client.Maintenance = NewMaintenance(client) 485 486 if cfg.RejectOldCluster { 487 if err := client.checkVersion(); err != nil { 488 client.Close() 489 return nil, err 490 } 491 } 492 493 go client.autoSync() 494 return client, nil 495} 496 497// roundRobinQuorumBackoff retries against quorum between each backoff. 498// This is intended for use with a round robin load balancer. 499func (c *Client) roundRobinQuorumBackoff(waitBetween time.Duration, jitterFraction float64) backoffFunc { 500 return func(attempt uint) time.Duration { 501 // after each round robin across quorum, backoff for our wait between duration 502 n := uint(len(c.Endpoints())) 503 quorum := (n/2 + 1) 504 if attempt%quorum == 0 { 505 c.lg.Debug("backoff", zap.Uint("attempt", attempt), zap.Uint("quorum", quorum), zap.Duration("waitBetween", waitBetween), zap.Float64("jitterFraction", jitterFraction)) 506 return jitterUp(waitBetween, jitterFraction) 507 } 508 c.lg.Debug("backoff skipped", zap.Uint("attempt", attempt), zap.Uint("quorum", quorum)) 509 return 0 510 } 511} 512 513func (c *Client) checkVersion() (err error) { 514 var wg sync.WaitGroup 515 516 eps := c.Endpoints() 517 errc := make(chan error, len(eps)) 518 ctx, cancel := context.WithCancel(c.ctx) 519 if c.cfg.DialTimeout > 0 { 520 cancel() 521 ctx, cancel = context.WithTimeout(c.ctx, c.cfg.DialTimeout) 522 } 523 524 wg.Add(len(eps)) 525 for _, ep := range eps { 526 // if cluster is current, any endpoint gives a recent version 527 go func(e string) { 528 defer wg.Done() 529 resp, rerr := c.Status(ctx, e) 530 if rerr != nil { 531 errc <- rerr 532 return 533 } 534 vs := strings.Split(resp.Version, ".") 535 maj, min := 0, 0 536 if len(vs) >= 2 { 537 var serr error 538 if maj, serr = strconv.Atoi(vs[0]); serr != nil { 539 errc <- serr 540 return 541 } 542 if min, serr = strconv.Atoi(vs[1]); serr != nil { 543 errc <- serr 544 return 545 } 546 } 547 if maj < 3 || (maj == 3 && min < 2) { 548 rerr = ErrOldCluster 549 } 550 errc <- rerr 551 }(ep) 552 } 553 // wait for success 554 for range eps { 555 if err = <-errc; err == nil { 556 break 557 } 558 } 559 cancel() 560 wg.Wait() 561 return err 562} 563 564// ActiveConnection returns the current in-use connection 565func (c *Client) ActiveConnection() *grpc.ClientConn { return c.conn } 566 567// isHaltErr returns true if the given error and context indicate no forward 568// progress can be made, even after reconnecting. 569func isHaltErr(ctx context.Context, err error) bool { 570 if ctx != nil && ctx.Err() != nil { 571 return true 572 } 573 if err == nil { 574 return false 575 } 576 ev, _ := status.FromError(err) 577 // Unavailable codes mean the system will be right back. 578 // (e.g., can't connect, lost leader) 579 // Treat Internal codes as if something failed, leaving the 580 // system in an inconsistent state, but retrying could make progress. 581 // (e.g., failed in middle of send, corrupted frame) 582 // TODO: are permanent Internal errors possible from grpc? 583 return ev.Code() != codes.Unavailable && ev.Code() != codes.Internal 584} 585 586// isUnavailableErr returns true if the given error is an unavailable error 587func isUnavailableErr(ctx context.Context, err error) bool { 588 if ctx != nil && ctx.Err() != nil { 589 return false 590 } 591 if err == nil { 592 return false 593 } 594 ev, ok := status.FromError(err) 595 if ok { 596 // Unavailable codes mean the system will be right back. 597 // (e.g., can't connect, lost leader) 598 return ev.Code() == codes.Unavailable 599 } 600 return false 601} 602 603func toErr(ctx context.Context, err error) error { 604 if err == nil { 605 return nil 606 } 607 err = rpctypes.Error(err) 608 if _, ok := err.(rpctypes.EtcdError); ok { 609 return err 610 } 611 if ev, ok := status.FromError(err); ok { 612 code := ev.Code() 613 switch code { 614 case codes.DeadlineExceeded: 615 fallthrough 616 case codes.Canceled: 617 if ctx.Err() != nil { 618 err = ctx.Err() 619 } 620 } 621 } 622 return err 623} 624 625func canceledByCaller(stopCtx context.Context, err error) bool { 626 if stopCtx.Err() == nil || err == nil { 627 return false 628 } 629 630 return err == context.Canceled || err == context.DeadlineExceeded 631} 632 633// IsConnCanceled returns true, if error is from a closed gRPC connection. 634// ref. https://github.com/grpc/grpc-go/pull/1854 635func IsConnCanceled(err error) bool { 636 if err == nil { 637 return false 638 } 639 640 // >= gRPC v1.23.x 641 s, ok := status.FromError(err) 642 if ok { 643 // connection is canceled or server has already closed the connection 644 return s.Code() == codes.Canceled || s.Message() == "transport is closing" 645 } 646 647 // >= gRPC v1.10.x 648 if err == context.Canceled { 649 return true 650 } 651 652 // <= gRPC v1.7.x returns 'errors.New("grpc: the client connection is closing")' 653 return strings.Contains(err.Error(), "grpc: the client connection is closing") 654} 655