// Copyright (c) 2015-2023 MinIO, Inc. // // This file is part of MinIO Object Storage stack // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // This program is distributed in the hope that it will be useful // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . package cmd import ( "context" "crypto/tls" "sync/atomic" "github.com/minio/minio/internal/fips" "github.com/minio/minio/internal/grid" xhttp "github.com/minio/minio/internal/http" "github.com/minio/minio/internal/rest" ) // globalGrid is the global grid manager. var globalGrid atomic.Pointer[grid.Manager] // globalLockGrid is the global lock grid manager. var globalLockGrid atomic.Pointer[grid.Manager] // globalGridStart is a channel that will block startup of grid connections until closed. var globalGridStart = make(chan struct{}) // globalLockGridStart is a channel that will block startup of lock grid connections until closed. var globalLockGridStart = make(chan struct{}) func initGlobalGrid(ctx context.Context, eps EndpointServerPools) error { hosts, local := eps.GridHosts() lookupHost := globalDNSCache.LookupHost g, err := grid.NewManager(ctx, grid.ManagerOptions{ // Pass Dialer for websocket grid, make sure we do not // provide any DriveOPTimeout() function, as that is not // useful over persistent connections. Dialer: grid.ConnectWS( grid.ContextDialer(xhttp.DialContextWithLookupHost(lookupHost, xhttp.NewInternodeDialContext(rest.DefaultTimeout, globalTCPOptions.ForWebsocket()))), newCachedAuthToken(), &tls.Config{ RootCAs: globalRootCAs, CipherSuites: fips.TLSCiphers(), CurvePreferences: fips.TLSCurveIDs(), }), Local: local, Hosts: hosts, AuthToken: validateStorageRequestToken, AuthFn: newCachedAuthToken(), BlockConnect: globalGridStart, // Record incoming and outgoing bytes. Incoming: globalConnStats.incInternodeInputBytes, Outgoing: globalConnStats.incInternodeOutputBytes, TraceTo: globalTrace, RoutePath: grid.RoutePath, }) if err != nil { return err } globalGrid.Store(g) return nil } func initGlobalLockGrid(ctx context.Context, eps EndpointServerPools) error { hosts, local := eps.GridHosts() lookupHost := globalDNSCache.LookupHost g, err := grid.NewManager(ctx, grid.ManagerOptions{ // Pass Dialer for websocket grid, make sure we do not // provide any DriveOPTimeout() function, as that is not // useful over persistent connections. Dialer: grid.ConnectWSWithRoutePath( grid.ContextDialer(xhttp.DialContextWithLookupHost(lookupHost, xhttp.NewInternodeDialContext(rest.DefaultTimeout, globalTCPOptions.ForWebsocket()))), newCachedAuthToken(), &tls.Config{ RootCAs: globalRootCAs, CipherSuites: fips.TLSCiphers(), CurvePreferences: fips.TLSCurveIDs(), }, grid.RouteLockPath), Local: local, Hosts: hosts, AuthToken: validateStorageRequestToken, AuthFn: newCachedAuthToken(), BlockConnect: globalGridStart, // Record incoming and outgoing bytes. Incoming: globalConnStats.incInternodeInputBytes, Outgoing: globalConnStats.incInternodeOutputBytes, TraceTo: globalTrace, RoutePath: grid.RouteLockPath, }) if err != nil { return err } globalLockGrid.Store(g) return nil }