bd10bdf99a
* build: Bump version to v1.17.3-dev * build: set version to v1.18.0-dev * chore: actors: Allow builtin-actors to return a map of methods (#9342) * Allow builtin-actors to return a map of methods * go mod * Fix tests * Fix tests, check carefully please * Delete lotus-pond (#9352) * feat: add StateNetworkVersion to mpool API * chore: refactor: rename NewestNetworkVersion * feat: actors: Integrate datacap actor into lotus (#9348) * Integrate datacap actor * Implement datacap actor in chain/builtin * feat: support typed errors over RPC * chore: deps: update to go-jsonrpc 0.1.8 * remove duplicate import * fix: itest: check for closed connection * chore: refactor: move retry test to API * address magik supernit * Add ability to only have single partition per msg for partitions with recovery sectors * doc gen * Address comments * Return beneficiary info from miner state Info() * Update builtin-actors to dev/20220922-v9 which includes FIP-0045 changes in progress * Integrate verifreg changes to lotus * Setup datacap actor * Update builtin-actors to dev/20220922-v9-1 * Update datacap actor to query datacap instead of verifreg * update gst * update markets * update actors with hamt fix * update gst * Update datacap to parse tokens * Update bundles * datacap and verifreg actors use ID addresses without protocol byte * update builtin-actors to rc1 * update go-fil-markets * Update bundles to rc2 * Integrate the v9 migration * Add api for getting allocation * Add upgrade epoch for butterfly * Tweak PreSeal struct to be infra-friendly * docsgen * More tweaking of PreSeal for genesis * review fixes * Use fake cid for test * add butterfly artifacts for oct 5 upgrade * check datacaps for v8 verifreg match v9 datacap actor * Remove print statements * Update to go-state-types master * Update to go-state-types v0.9.0-rc1 * review fixes * use go-fil-markets v1.24.0-v17 * Add accessors for allocations and claims maps * fix: missing permissions tag * butterfly * update butterfly artifacts * sealing pipeline: Prepare deal assigning logic for FIP-45 * sealing pipeline: Get allocationId with StateApi * use NoAllocationID instead of nil AllocationId * address review * Add datacap actor to registry.go * Add cli for listing allocations and removing expired allocations * Update to go-state-types master * deps: upgrade go-merkledag to 0.8.0 * shark params * Update cli/filplus.go Co-authored-by: Aayush Rajasekaran <arajasek94@gmail.com> * revert change to verifreg util * docsgen-cli * miss the stuff * Update FFI * Update go-state-types to v0.9.0 * Update builtin-actors to v9.0.0 * add calib upgrade epcoh * update the upgrade envvar * kill shark * Remove fvm splash banner from nv17 upgrade * check invariance for pending deals and allocations * check pending verified deal proposal migrated to allocation * Add check for unsealed CID in precommit sectors * Fix counting of allocations in nv17 migration test * make gen * pass state trees as pointers * Add assertion that migrations with & without cache are the same * compare allocation to verified deal proposal * Fix miner state precommit info * fix migration test tool * add changelog * Update to go-state-types v0.9.1 * Integrate builtin-actors v9.0.1 * chore: ver: bump version for rc3 (#9512) * Bump version to 1.18.0-rc3 * Update CHANGELOG.md * Update CHANGELOG.md Co-authored-by: Aayush Rajasekaran <arajasek94@gmail.com> * Update CHANGELOG.md Co-authored-by: Aayush Rajasekaran <arajasek94@gmail.com> Co-authored-by: Jiaying Wang <42981373+jennijuju@users.noreply.github.com> Co-authored-by: Aayush Rajasekaran <arajasek94@gmail.com> * Migration: Use autobatch bs * Fix autobatch Signed-off-by: Jakub Sztandera <kubuxu@protocol.ai> * Invoker: Use MethodMeta from go-state-types * Add a second premigration for nv17 * Add more shed tools for migration checking * address review * Lotus release v1.18.0-rc4 * fix: ci: fix app-image build on ci (#9527) * Remove old go version first * Add GO_VERSION file * Use GO_VERSION to set / verify go version * mv GO_VERSION GO_VERSION_MIN * Use GO_VERSION_MIN in Makefile check Co-authored-by: Ian Davis <jungziege@gmail.com> * Update to latest go-state-types for migration fixes * go mod tidy * fix: use api.ErrActorNotFound instead of types.ErrActorNotFound * fix: add fields to ForkUpgradeParams * docs: update actors_version_checklist.md * chore: fix lint * update to go state type v0.9.6 with market migration fix (#9545) * update go-state-types to v-0.9.7 * Add invariant checks to migration * fix invariant check: number of entries in datacap actor should include verifreg * Invariant checks: Only include not-activated deals * test: nv17 migration * Address review * add lotus-shed invariance method * Migration cli takes a stateroot cid and a height * make gen * Update to builtin-actors v9.0.2 * Failing test that shows that notaries can remove datacap from the verifreg actor * Test that should pass when the problem is solved * make gen * Review fixes * statemanager call function will return call information even if call errors * update go-state-types * update builtin-actors * bubble up errors properly from ApplyImplicitMessage * bump to rc5 * set new upgrade heights for calibnet * set new upgrade height for butterfly * tweak calibnet upgrade schedule * clarify changelog note about calibnet * butterfly * update calibnet artifacts * Allow setting local bundles for Debug FVM for av 9+ * fix: autobatch: remove potential deadlock when a block is missing Check the _underlying_ blockstore instead of recursing. Also, drop the lock before we do that. * fix imports * build: set shark mainnet epoch (#9640) * chore: build: Lotus release v1.18.0 (#9641) * Lotus release v1.18.0 * add changelog * address review * changelog improvement Co-authored-by: Jennifer Wang <jiayingw703@gmail.com> Co-authored-by: Jiaying Wang <42981373+jennijuju@users.noreply.github.com> Signed-off-by: Jakub Sztandera <kubuxu@protocol.ai> Co-authored-by: Łukasz Magiera <magik6k@gmail.com> Co-authored-by: Łukasz Magiera <magik6k@users.noreply.github.com> Co-authored-by: Aayush <arajasek94@gmail.com> Co-authored-by: Geoff Stuart <geoff.vball@gmail.com> Co-authored-by: Shrenuj Bansal <shrenuj.bansal@protocol.ai> Co-authored-by: simlecode <69969590+simlecode@users.noreply.github.com> Co-authored-by: Rod Vagg <rod@vagg.org> Co-authored-by: Jakub Sztandera <kubuxu@protocol.ai> Co-authored-by: Ian Davis <jungziege@gmail.com> Co-authored-by: zenground0 <ZenGround0@users.noreply.github.com> Co-authored-by: Steven Allen <steven@stebalien.com>
155 lines
3.9 KiB
Go
155 lines
3.9 KiB
Go
package gateway
|
|
|
|
import (
|
|
"context"
|
|
"net"
|
|
"net/http"
|
|
"sync"
|
|
"time"
|
|
|
|
"contrib.go.opencensus.io/exporter/prometheus"
|
|
"github.com/gorilla/mux"
|
|
promclient "github.com/prometheus/client_golang/prometheus"
|
|
"golang.org/x/time/rate"
|
|
|
|
"github.com/filecoin-project/go-jsonrpc"
|
|
|
|
lapi "github.com/filecoin-project/lotus/api"
|
|
"github.com/filecoin-project/lotus/api/v0api"
|
|
"github.com/filecoin-project/lotus/api/v1api"
|
|
"github.com/filecoin-project/lotus/metrics/proxy"
|
|
"github.com/filecoin-project/lotus/node"
|
|
)
|
|
|
|
type perConnLimiterKeyType string
|
|
|
|
const perConnLimiterKey perConnLimiterKeyType = "limiter"
|
|
|
|
// Handler returns a gateway http.Handler, to be mounted as-is on the server.
|
|
func Handler(gwapi lapi.Gateway, api lapi.FullNode, rateLimit int64, connPerMinute int64, opts ...jsonrpc.ServerOption) (http.Handler, error) {
|
|
m := mux.NewRouter()
|
|
|
|
serveRpc := func(path string, hnd interface{}) {
|
|
rpcServer := jsonrpc.NewServer(append(opts, jsonrpc.WithServerErrors(lapi.RPCErrors))...)
|
|
rpcServer.Register("Filecoin", hnd)
|
|
rpcServer.AliasMethod("rpc.discover", "Filecoin.Discover")
|
|
|
|
m.Handle(path, rpcServer)
|
|
}
|
|
|
|
ma := proxy.MetricedGatewayAPI(gwapi)
|
|
|
|
serveRpc("/rpc/v1", ma)
|
|
serveRpc("/rpc/v0", lapi.Wrap(new(v1api.FullNodeStruct), new(v0api.WrapperV1Full), ma))
|
|
|
|
registry := promclient.DefaultRegisterer.(*promclient.Registry)
|
|
exporter, err := prometheus.NewExporter(prometheus.Options{
|
|
Registry: registry,
|
|
Namespace: "lotus_gw",
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
m.Handle("/debug/metrics", exporter)
|
|
m.Handle("/health/livez", node.NewLiveHandler(api))
|
|
m.Handle("/health/readyz", node.NewReadyHandler(api))
|
|
m.PathPrefix("/").Handler(http.DefaultServeMux)
|
|
|
|
/*ah := &auth.Handler{
|
|
Verify: nodeApi.AuthVerify,
|
|
Next: mux.ServeHTTP,
|
|
}*/
|
|
|
|
rlh := NewRateLimiterHandler(m, rateLimit)
|
|
clh := NewConnectionRateLimiterHandler(rlh, connPerMinute)
|
|
return clh, nil
|
|
}
|
|
|
|
func NewRateLimiterHandler(handler http.Handler, rateLimit int64) *RateLimiterHandler {
|
|
limiter := limiterFromRateLimit(rateLimit)
|
|
|
|
return &RateLimiterHandler{
|
|
handler: handler,
|
|
limiter: limiter,
|
|
}
|
|
}
|
|
|
|
// Adds a rate limiter to the request context for per-connection rate limiting
|
|
type RateLimiterHandler struct {
|
|
handler http.Handler
|
|
limiter *rate.Limiter
|
|
}
|
|
|
|
func (h RateLimiterHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
r2 := r.WithContext(context.WithValue(r.Context(), perConnLimiterKey, h.limiter))
|
|
h.handler.ServeHTTP(w, r2)
|
|
}
|
|
|
|
// this blocks new connections if there have already been too many.
|
|
func NewConnectionRateLimiterHandler(handler http.Handler, connPerMinute int64) *ConnectionRateLimiterHandler {
|
|
ipmap := make(map[string]int64)
|
|
return &ConnectionRateLimiterHandler{
|
|
ipmap: ipmap,
|
|
connPerMinute: connPerMinute,
|
|
handler: handler,
|
|
}
|
|
}
|
|
|
|
type ConnectionRateLimiterHandler struct {
|
|
mu sync.Mutex
|
|
ipmap map[string]int64
|
|
connPerMinute int64
|
|
handler http.Handler
|
|
}
|
|
|
|
func (h *ConnectionRateLimiterHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
if h.connPerMinute == 0 {
|
|
h.handler.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
host, _, err := net.SplitHostPort(r.RemoteAddr)
|
|
if err != nil {
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
h.mu.Lock()
|
|
seen, ok := h.ipmap[host]
|
|
if !ok {
|
|
h.ipmap[host] = 1
|
|
h.mu.Unlock()
|
|
h.handler.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
// rate limited
|
|
if seen > h.connPerMinute {
|
|
h.mu.Unlock()
|
|
w.WriteHeader(http.StatusTooManyRequests)
|
|
return
|
|
}
|
|
h.ipmap[host] = seen + 1
|
|
h.mu.Unlock()
|
|
go func() {
|
|
select {
|
|
case <-time.After(time.Minute):
|
|
h.mu.Lock()
|
|
defer h.mu.Unlock()
|
|
h.ipmap[host] = h.ipmap[host] - 1
|
|
if h.ipmap[host] <= 0 {
|
|
delete(h.ipmap, host)
|
|
}
|
|
}
|
|
}()
|
|
h.handler.ServeHTTP(w, r)
|
|
}
|
|
|
|
func limiterFromRateLimit(rateLimit int64) *rate.Limiter {
|
|
var limit rate.Limit
|
|
if rateLimit == 0 {
|
|
limit = rate.Inf
|
|
} else {
|
|
limit = rate.Every(time.Second / time.Duration(rateLimit))
|
|
}
|
|
return rate.NewLimiter(limit, stateRateLimitTokens)
|
|
}
|