Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Tokenserver: Add node assignment logic #1158

Merged
merged 3 commits into from
Nov 5, 2021
Merged

feat: Tokenserver: Add node assignment logic #1158

merged 3 commits into from
Nov 5, 2021

Conversation

ethowitz
Copy link
Contributor

@ethowitz ethowitz commented Oct 5, 2021

Description

Adds the logic used to create users and assign them to the correct nodes.

Testing

I added integration and unit tests that provide comprehensive coverage, but the following cases are the important ones:

  • Users are always allocated to the least-loaded node
  • When a user is allocated to a node, available and current_load are adjusted accordingly
  • When no nodes have capacity, Tokenserver attempts to release capacity on nodes where available is zero but current_load is less than capacity

Issue(s)

Closes #1051

@ethowitz ethowitz requested review from a team and removed request for a team October 5, 2021 18:41
@ethowitz ethowitz force-pushed the feat/866-generation-keys-changed-at-validations-handler branch from 41b4b21 to f8db1c9 Compare October 5, 2021 21:25
@ethowitz ethowitz force-pushed the feat/1051-tokenserver-node-assignment-logic branch from 481e153 to 4353165 Compare October 8, 2021 18:07
@ethowitz ethowitz force-pushed the feat/866-generation-keys-changed-at-validations-handler branch from 4131eca to f9da58a Compare October 11, 2021 16:42
Base automatically changed from feat/866-generation-keys-changed-at-validations-handler to master October 28, 2021 18:36
@ethowitz ethowitz force-pushed the feat/1051-tokenserver-node-assignment-logic branch from 4353165 to 6a8fc24 Compare October 28, 2021 20:18
ethowitz
ethowitz commented Oct 28, 2021
View reviewed changes
src/tokenserver/extractors.rs
@@ -321,12 +325,12 @@ impl FromRequest for KeyId {

let (keys_changed_at_string, encoded_client_state) = x_key_id
.split_once("-")
.ok_or_else(|| TokenserverError::invalid_key_id("Invalid X-KeyID header"))?;
.ok_or_else(|| TokenserverError::invalid_credentials("Unauthorized"))?;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few small changes here to fix failing integration tests

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possible future feature, but we've got a few times where we return the same error, and I doubt that we're logging these. It might be worth returning something like an errno to identify which of these got triggered.

Since we're rolling out a new service and there may be unexpected data, getting a response like that could save us time.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wary of changing the API between the old and new Tokenservers; I don't want to give clients something unexpected. Do you think logging an errno would be sufficient?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, logging would be fine. We don't have to return the data to the caller.

ethowitz
ethowitz commented Oct 28, 2021
View reviewed changes
src/tokenserver/db/models.rs
@@ -242,6 +187,83 @@ impl TokenserverDb {
Ok(result as u64 > 0)
}

/// Gets the least-loaded node that has available slots.
fn get_best_node_sync(&self, params: params::GetBestNode) -> DbResult<results::GetBestNode> {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Corresponds to this database method on the old Tokenserver

ethowitz
ethowitz commented Oct 28, 2021
View reviewed changes
src/tokenserver/db/models.rs
sync_db_method!(replace_users, replace_users_sync, ReplaceUsers);
sync_db_method!(post_user, post_user_sync, PostUser);

/// Creates a new user and assigns them to a node.
fn allocate_user(&self, params: params::AllocateUser) -> DbFuture<'_, results::AllocateUser> {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Corresponds to this database method on the old Tokenserver

ethowitz
ethowitz commented Oct 28, 2021
View reviewed changes
src/tokenserver/db/models.rs

/// Gets the user with the given email and service ID, or if one doesn't exist, allocates a new
/// user.
fn get_or_create_user(
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Corresponds (roughly) to this database method on the old Tokenserver

ethowitz
ethowitz commented Oct 28, 2021
View reviewed changes
src/tokenserver/db/models.rs
@@ -845,6 +1094,684 @@ mod tests {
Ok(())
}

#[tokio::test]
async fn test_node_allocation() -> Result<()> {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Most of these new unit tests are rewrites of these unit tests on the old Tokenserver

@ethowitz ethowitz marked this pull request as ready for review October 28, 2021 20:33
@ethowitz ethowitz requested a review from a team October 28, 2021 20:33
jrconlin
jrconlin reviewed Oct 28, 2021
View reviewed changes
src/db/error.rs Show resolved Hide resolved
tools/integration_tests/tokenserver/test_misc.py
@@ -5,6 +5,8 @@

from tokenserver.test_support import TestCase

MAX_GENERATION = 9223372036854775807
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

heh, interesting choice.

src/tokenserver/handlers.rs Outdated Show resolved Hide resolved
src/tokenserver/extractors.rs
@@ -321,12 +325,12 @@ impl FromRequest for KeyId {

let (keys_changed_at_string, encoded_client_state) = x_key_id
.split_once("-")
.ok_or_else(|| TokenserverError::invalid_key_id("Invalid X-KeyID header"))?;
.ok_or_else(|| TokenserverError::invalid_credentials("Unauthorized"))?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possible future feature, but we've got a few times where we return the same error, and I doubt that we're logging these. It might be worth returning something like an errno to identify which of these got triggered.

Since we're rolling out a new service and there may be unexpected data, getting a response like that could save us time.

@ethowitz ethowitz requested a review from jrconlin November 3, 2021 20:00
@ethowitz ethowitz merged commit db739de into master Nov 5, 2021
@ethowitz ethowitz deleted the feat/1051-tokenserver-node-assignment-logic branch November 5, 2021 13:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jrconlin jrconlin jrconlin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Tokenserver: Add node assignment logic
2 participants
@ethowitz @jrconlin