/* Redis Cluster implementation. * * Copyright (c) 2009-2012, Salvatore Sanfilippo * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * * Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of Redis nor the names of its contributors may be used * to endorse or promote products derived from this software without * specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #include "redis.h" #include "endianconv.h" #include #include #include #include void clusterAcceptHandler(aeEventLoop *el, int fd, void *privdata, int mask); void clusterReadHandler(aeEventLoop *el, int fd, void *privdata, int mask); void clusterSendPing(clusterLink *link, int type); void clusterSendFail(char *nodename); void clusterSendFailoverAuthIfNeeded(clusterNode *sender); void clusterUpdateState(void); int clusterNodeGetSlotBit(clusterNode *n, int slot); sds clusterGenNodesDescription(void); clusterNode *clusterLookupNode(char *name); int clusterNodeAddSlave(clusterNode *master, clusterNode *slave); int clusterAddSlot(clusterNode *n, int slot); int clusterDelSlot(int slot); int clusterDelNodeSlots(clusterNode *node); int clusterNodeSetSlotBit(clusterNode *n, int slot); void clusterSetMaster(clusterNode *n); int bitmapTestBit(unsigned char *bitmap, int pos); /* ----------------------------------------------------------------------------- * Initialization * -------------------------------------------------------------------------- */ int clusterLoadConfig(char *filename) { FILE *fp = fopen(filename,"r"); char *line; int maxline, j; if (fp == NULL) return REDIS_ERR; /* Parse the file. Note that single liens of the cluster config file can * be really long as they include all the hash slots of the node. * This means in the worst possible case, half of the Redis slots will be * present in a single line, possibly in importing or migrating state, so * together with the node ID of the sender/receiver. * * To simplify we allocate 1024+REDIS_CLUSTER_SLOTS*128 bytes per line. */ maxline = 1024+REDIS_CLUSTER_SLOTS*128; line = zmalloc(maxline); while(fgets(line,maxline,fp) != NULL) { int argc; sds *argv = sdssplitargs(line,&argc); if (argv == NULL) goto fmterr; clusterNode *n, *master; char *p, *s; /* Create this node if it does not exist */ n = clusterLookupNode(argv[0]); if (!n) { n = createClusterNode(argv[0],0); clusterAddNode(n); } /* Address and port */ if ((p = strchr(argv[1],':')) == NULL) goto fmterr; *p = '\0'; memcpy(n->ip,argv[1],strlen(argv[1])+1); n->port = atoi(p+1); /* Parse flags */ p = s = argv[2]; while(p) { p = strchr(s,','); if (p) *p = '\0'; if (!strcasecmp(s,"myself")) { redisAssert(server.cluster->myself == NULL); server.cluster->myself = n; n->flags |= REDIS_NODE_MYSELF; } else if (!strcasecmp(s,"master")) { n->flags |= REDIS_NODE_MASTER; } else if (!strcasecmp(s,"slave")) { n->flags |= REDIS_NODE_SLAVE; } else if (!strcasecmp(s,"fail?")) { n->flags |= REDIS_NODE_PFAIL; } else if (!strcasecmp(s,"fail")) { n->flags |= REDIS_NODE_FAIL; n->fail_time = time(NULL); } else if (!strcasecmp(s,"handshake")) { n->flags |= REDIS_NODE_HANDSHAKE; } else if (!strcasecmp(s,"noaddr")) { n->flags |= REDIS_NODE_NOADDR; } else if (!strcasecmp(s,"promoted")) { n->flags |= REDIS_NODE_PROMOTED; } else if (!strcasecmp(s,"noflags")) { /* nothing to do */ } else { redisPanic("Unknown flag in redis cluster config file"); } if (p) s = p+1; } /* Get master if any. Set the master and populate master's * slave list. */ if (argv[3][0] != '-') { master = clusterLookupNode(argv[3]); if (!master) { master = createClusterNode(argv[3],0); clusterAddNode(master); } n->slaveof = master; clusterNodeAddSlave(master,n); } /* Set ping sent / pong received timestamps */ if (atoi(argv[4])) n->ping_sent = time(NULL); if (atoi(argv[5])) n->pong_received = time(NULL); /* Populate hash slots served by this instance. */ for (j = 7; j < argc; j++) { int start, stop; if (argv[j][0] == '[') { /* Here we handle migrating / importing slots */ int slot; char direction; clusterNode *cn; p = strchr(argv[j],'-'); redisAssert(p != NULL); *p = '\0'; direction = p[1]; /* Either '>' or '<' */ slot = atoi(argv[j]+1); p += 3; cn = clusterLookupNode(p); if (!cn) { cn = createClusterNode(p,0); clusterAddNode(cn); } if (direction == '>') { server.cluster->migrating_slots_to[slot] = cn; } else { server.cluster->importing_slots_from[slot] = cn; } continue; } else if ((p = strchr(argv[j],'-')) != NULL) { *p = '\0'; start = atoi(argv[j]); stop = atoi(p+1); } else { start = stop = atoi(argv[j]); } while(start <= stop) clusterAddSlot(n, start++); } sdsfreesplitres(argv,argc); } zfree(line); fclose(fp); /* Config sanity check */ redisAssert(server.cluster->myself != NULL); redisLog(REDIS_NOTICE,"Node configuration loaded, I'm %.40s", server.cluster->myself->name); clusterUpdateState(); return REDIS_OK; fmterr: redisLog(REDIS_WARNING,"Unrecoverable error: corrupted cluster config file."); fclose(fp); exit(1); } /* Cluster node configuration is exactly the same as CLUSTER NODES output. * * This function writes the node config and returns 0, on error -1 * is returned. */ int clusterSaveConfig(void) { sds ci = clusterGenNodesDescription(); int fd; if ((fd = open(server.cluster_configfile,O_WRONLY|O_CREAT|O_TRUNC,0644)) == -1) goto err; if (write(fd,ci,sdslen(ci)) != (ssize_t)sdslen(ci)) goto err; close(fd); sdsfree(ci); return 0; err: sdsfree(ci); return -1; } void clusterSaveConfigOrDie(void) { if (clusterSaveConfig() == -1) { redisLog(REDIS_WARNING,"Fatal: can't update cluster config file."); exit(1); } } void clusterInit(void) { int saveconf = 0, j; server.cluster = zmalloc(sizeof(clusterState)); server.cluster->myself = NULL; server.cluster->state = REDIS_CLUSTER_FAIL; server.cluster->size = 1; server.cluster->nodes = dictCreate(&clusterNodesDictType,NULL); server.cluster->failover_auth_time = 0; server.cluster->failover_auth_count = 0; memset(server.cluster->migrating_slots_to,0, sizeof(server.cluster->migrating_slots_to)); memset(server.cluster->importing_slots_from,0, sizeof(server.cluster->importing_slots_from)); memset(server.cluster->slots,0, sizeof(server.cluster->slots)); if (clusterLoadConfig(server.cluster_configfile) == REDIS_ERR) { /* No configuration found. We will just use the random name provided * by the createClusterNode() function. */ server.cluster->myself = createClusterNode(NULL,REDIS_NODE_MYSELF|REDIS_NODE_MASTER); redisLog(REDIS_NOTICE,"No cluster configuration found, I'm %.40s", server.cluster->myself->name); clusterAddNode(server.cluster->myself); saveconf = 1; } if (saveconf) clusterSaveConfigOrDie(); /* We need a listening TCP port for our cluster messaging needs */ server.cfd_count = 0; if (server.bindaddr_count == 0) server.bindaddr[0] = NULL; for (j = 0; j < server.bindaddr_count || j == 0; j++) { server.cfd[j] = anetTcpServer( server.neterr, server.port+REDIS_CLUSTER_PORT_INCR, server.bindaddr[j]); if (server.cfd[j] == -1) { redisLog(REDIS_WARNING, "Opening cluster listening TCP socket %s:%d: %s", server.bindaddr[j] ? server.bindaddr[j] : "*", server.port+REDIS_CLUSTER_PORT_INCR, server.neterr); exit(1); } if (aeCreateFileEvent(server.el, server.cfd[j], AE_READABLE, clusterAcceptHandler, NULL) == AE_ERR) redisPanic("Unrecoverable error creating Redis Cluster file event."); server.cfd_count++; } server.cluster->slots_to_keys = zslCreate(); } /* ----------------------------------------------------------------------------- * CLUSTER communication link * -------------------------------------------------------------------------- */ clusterLink *createClusterLink(clusterNode *node) { clusterLink *link = zmalloc(sizeof(*link)); link->ctime = time(NULL); link->sndbuf = sdsempty(); link->rcvbuf = sdsempty(); link->node = node; link->fd = -1; return link; } /* Free a cluster link, but does not free the associated node of course. * This function will just make sure that the original node associated * with this link will have the 'link' field set to NULL. */ void freeClusterLink(clusterLink *link) { if (link->fd != -1) { aeDeleteFileEvent(server.el, link->fd, AE_WRITABLE); aeDeleteFileEvent(server.el, link->fd, AE_READABLE); } sdsfree(link->sndbuf); sdsfree(link->rcvbuf); if (link->node) link->node->link = NULL; close(link->fd); zfree(link); } void clusterAcceptHandler(aeEventLoop *el, int fd, void *privdata, int mask) { int cport, cfd; char cip[128]; clusterLink *link; REDIS_NOTUSED(el); REDIS_NOTUSED(mask); REDIS_NOTUSED(privdata); cfd = anetTcpAccept(server.neterr, fd, cip, sizeof(cip), &cport); if (cfd == AE_ERR) { redisLog(REDIS_VERBOSE,"Accepting cluster node: %s", server.neterr); return; } redisLog(REDIS_VERBOSE,"Accepted cluster node %s:%d", cip, cport); /* We need to create a temporary node in order to read the incoming * packet in a valid contest. This node will be released once we * read the packet and reply. */ link = createClusterLink(NULL); link->fd = cfd; aeCreateFileEvent(server.el,cfd,AE_READABLE,clusterReadHandler,link); } /* ----------------------------------------------------------------------------- * Key space handling * -------------------------------------------------------------------------- */ /* We have 16384 hash slots. The hash slot of a given key is obtained * as the least significant 14 bits of the crc16 of the key. */ unsigned int keyHashSlot(char *key, int keylen) { return crc16(key,keylen) & 0x3FFF; } /* ----------------------------------------------------------------------------- * CLUSTER node API * -------------------------------------------------------------------------- */ /* Create a new cluster node, with the specified flags. * If "nodename" is NULL this is considered a first handshake and a random * node name is assigned to this node (it will be fixed later when we'll * receive the first pong). * * The node is created and returned to the user, but it is not automatically * added to the nodes hash table. */ clusterNode *createClusterNode(char *nodename, int flags) { clusterNode *node = zmalloc(sizeof(*node)); if (nodename) memcpy(node->name, nodename, REDIS_CLUSTER_NAMELEN); else getRandomHexChars(node->name, REDIS_CLUSTER_NAMELEN); node->flags = flags; memset(node->slots,0,sizeof(node->slots)); node->numslots = 0; node->numslaves = 0; node->slaves = NULL; node->slaveof = NULL; node->ping_sent = node->pong_received = 0; node->fail_time = 0; node->link = NULL; memset(node->ip,0,sizeof(node->ip)); node->port = 0; node->fail_reports = listCreate(); listSetFreeMethod(node->fail_reports,zfree); return node; } /* This function is called every time we get a failure report from a node. * The side effect is to populate the fail_reports list (or to update * the timestamp of an existing report). * * 'failing' is the node that is in failure state according to the * 'sender' node. * * The function returns 0 if it just updates a timestamp of an existing * failure report from the same sender. 1 is returned if a new failure * report is created. */ int clusterNodeAddFailureReport(clusterNode *failing, clusterNode *sender) { list *l = failing->fail_reports; listNode *ln; listIter li; clusterNodeFailReport *fr; /* If a failure report from the same sender already exists, just update * the timestamp. */ listRewind(l,&li); while ((ln = listNext(&li)) != NULL) { fr = ln->value; if (fr->node == sender) { fr->time = time(NULL); return 0; } } /* Otherwise create a new report. */ fr = zmalloc(sizeof(*fr)); fr->node = sender; fr->time = time(NULL); listAddNodeTail(l,fr); return 1; } /* Remove failure reports that are too old, where too old means reasonably * older than the global node timeout. Note that anyway for a node to be * flagged as FAIL we need to have a local PFAIL state that is at least * older than the global node timeout, so we don't just trust the number * of failure reports from other nodes. */ void clusterNodeCleanupFailureReports(clusterNode *node) { list *l = node->fail_reports; listNode *ln; listIter li; clusterNodeFailReport *fr; time_t maxtime = server.cluster_node_timeout * REDIS_CLUSTER_FAIL_REPORT_VALIDITY_MULT; time_t now = time(NULL); listRewind(l,&li); while ((ln = listNext(&li)) != NULL) { fr = ln->value; if (now - fr->time > maxtime) listDelNode(l,ln); } } /* Remove the failing report for 'node' if it was previously considered * failing by 'sender'. This function is called when a node informs us via * gossip that a node is OK from its point of view (no FAIL or PFAIL flags). * * Note that this function is called relatively often as it gets called even * when there are no nodes failing, and is O(N), however when the cluster is * fine the failure reports list is empty so the function runs in constant * time. * * The function returns 1 if the failure report was found and removed. * Otherwise 0 is returned. */ int clusterNodeDelFailureReport(clusterNode *node, clusterNode *sender) { list *l = node->fail_reports; listNode *ln; listIter li; clusterNodeFailReport *fr; /* Search for a failure report from this sender. */ listRewind(l,&li); while ((ln = listNext(&li)) != NULL) { fr = ln->value; if (fr->node == sender) break; } if (!ln) return 0; /* No failure report from this sender. */ /* Remove the failure report. */ listDelNode(l,ln); clusterNodeCleanupFailureReports(node); return 1; } /* Return the number of external nodes that believe 'node' is failing, * not including this node, that may have a PFAIL or FAIL state for this * node as well. */ int clusterNodeFailureReportsCount(clusterNode *node) { clusterNodeCleanupFailureReports(node); return listLength(node->fail_reports); } int clusterNodeRemoveSlave(clusterNode *master, clusterNode *slave) { int j; for (j = 0; j < master->numslaves; j++) { if (master->slaves[j] == slave) { memmove(master->slaves+j,master->slaves+(j+1), (master->numslaves-1)-j); master->numslaves--; return REDIS_OK; } } return REDIS_ERR; } int clusterNodeAddSlave(clusterNode *master, clusterNode *slave) { int j; /* If it's already a slave, don't add it again. */ for (j = 0; j < master->numslaves; j++) if (master->slaves[j] == slave) return REDIS_ERR; master->slaves = zrealloc(master->slaves, sizeof(clusterNode*)*(master->numslaves+1)); master->slaves[master->numslaves] = slave; master->numslaves++; return REDIS_OK; } void clusterNodeResetSlaves(clusterNode *n) { zfree(n->slaves); n->numslaves = 0; } void freeClusterNode(clusterNode *n) { sds nodename; nodename = sdsnewlen(n->name, REDIS_CLUSTER_NAMELEN); redisAssert(dictDelete(server.cluster->nodes,nodename) == DICT_OK); sdsfree(nodename); if (n->slaveof) clusterNodeRemoveSlave(n->slaveof, n); if (n->link) freeClusterLink(n->link); listRelease(n->fail_reports); zfree(n); } /* Add a node to the nodes hash table */ int clusterAddNode(clusterNode *node) { int retval; retval = dictAdd(server.cluster->nodes, sdsnewlen(node->name,REDIS_CLUSTER_NAMELEN), node); return (retval == DICT_OK) ? REDIS_OK : REDIS_ERR; } /* Remove a node from the cluster: * 1) Mark all the nodes handled by it as unassigned. * 2) Remove all the failure reports sent by this node. * 3) Free the node, that will in turn remove it from the hash table * and from the list of slaves of its master, if it is a slave node. */ void clusterDelNode(clusterNode *delnode) { int j; dictIterator *di; dictEntry *de; /* 1) Mark slots as unassigned. */ for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (server.cluster->importing_slots_from[j] == delnode) server.cluster->importing_slots_from[j] = NULL; if (server.cluster->migrating_slots_to[j] == delnode) server.cluster->migrating_slots_to[j] = NULL; if (server.cluster->slots[j] == delnode) clusterDelSlot(j); } /* 2) Remove failure reports. */ di = dictGetIterator(server.cluster->nodes); while((de = dictNext(di)) != NULL) { clusterNode *node = dictGetVal(de); if (node == delnode) continue; clusterNodeDelFailureReport(node,delnode); } dictReleaseIterator(di); /* 3) Free the node, unlinking it from the cluster. */ freeClusterNode(delnode); } /* Node lookup by name */ clusterNode *clusterLookupNode(char *name) { sds s = sdsnewlen(name, REDIS_CLUSTER_NAMELEN); struct dictEntry *de; de = dictFind(server.cluster->nodes,s); sdsfree(s); if (de == NULL) return NULL; return dictGetVal(de); } /* This is only used after the handshake. When we connect a given IP/PORT * as a result of CLUSTER MEET we don't have the node name yet, so we * pick a random one, and will fix it when we receive the PONG request using * this function. */ void clusterRenameNode(clusterNode *node, char *newname) { int retval; sds s = sdsnewlen(node->name, REDIS_CLUSTER_NAMELEN); redisLog(REDIS_DEBUG,"Renaming node %.40s into %.40s", node->name, newname); retval = dictDelete(server.cluster->nodes, s); sdsfree(s); redisAssert(retval == DICT_OK); memcpy(node->name, newname, REDIS_CLUSTER_NAMELEN); clusterAddNode(node); } /* ----------------------------------------------------------------------------- * CLUSTER messages exchange - PING/PONG and gossip * -------------------------------------------------------------------------- */ /* This function checks if a given node should be marked as FAIL. * It happens if the following conditions are met: * * 1) We are a master node. Only master nodes can mark a node as failing. * 2) We received enough failure reports from other nodes via gossip. * Enough means that the majority of the masters believe the node is * down. * 3) We believe this node is in PFAIL state. * * If a failure is detected we also inform the whole cluster about this * event trying to force every other node to set the FAIL flag for the node. */ void markNodeAsFailingIfNeeded(clusterNode *node) { int failures; int needed_quorum = (server.cluster->size / 2) + 1; if (!(server.cluster->myself->flags & REDIS_NODE_MASTER)) return; if (!(node->flags & REDIS_NODE_PFAIL)) return; /* We can reach it. */ if (node->flags & REDIS_NODE_FAIL) return; /* Already FAILing. */ failures = 1 + clusterNodeFailureReportsCount(node); /* +1 is for myself. */ if (failures < needed_quorum) return; redisLog(REDIS_NOTICE, "Marking node %.40s as failing (quorum reached).", node->name); /* Mark the node as failing. */ node->flags &= ~REDIS_NODE_PFAIL; node->flags |= REDIS_NODE_FAIL; node->fail_time = time(NULL); /* Broadcast the failing node name to everybody */ clusterSendFail(node->name); clusterUpdateState(); clusterSaveConfigOrDie(); } /* This function is called only if a node is marked as FAIL, but we are able * to reach it again. It checks if there are the conditions to undo the FAIL * state. */ void clearNodeFailureIfNeeded(clusterNode *node) { int changes = 0; time_t now = time(NULL); redisAssert(node->flags & REDIS_NODE_FAIL); /* For slaves we always clear the FAIL flag if we can contact the * node again. */ if (node->flags & REDIS_NODE_SLAVE) { redisLog(REDIS_NOTICE, "Clear FAIL state for node %.40s: slave is already reachable.", node->name); node->flags &= ~REDIS_NODE_FAIL; changes++; } /* If it is a master and... * 1) The FAIL state is old enough. We use our node timeout multiplicator * plus some additional fixed time. The additional time is useful when * the node timeout is extremely short and the reaction time of * the cluster may be longer, so wait at least a few seconds always. * 2) It is yet serving slots from our point of view (not failed over). * Apparently no one is going to fix these slots, clear the FAIL flag. */ if (node->flags & REDIS_NODE_MASTER && node->numslots > 0 && (now - node->fail_time) > (server.cluster_node_timeout * REDIS_CLUSTER_FAIL_UNDO_TIME_MULT + REDIS_CLUSTER_FAIL_UNDO_TIME_ADD)) { redisLog(REDIS_NOTICE, "Clear FAIL state for node %.40s: is reachable again and nobody is serving its slots after some time.", node->name); node->flags &= ~REDIS_NODE_FAIL; changes++; } /* Update state and save config. */ if (changes) { clusterUpdateState(); clusterSaveConfigOrDie(); } } /* Process the gossip section of PING or PONG packets. * Note that this function assumes that the packet is already sanity-checked * by the caller, not in the content of the gossip section, but in the * length. */ void clusterProcessGossipSection(clusterMsg *hdr, clusterLink *link) { uint16_t count = ntohs(hdr->count); clusterMsgDataGossip *g = (clusterMsgDataGossip*) hdr->data.ping.gossip; clusterNode *sender = link->node ? link->node : clusterLookupNode(hdr->sender); while(count--) { sds ci = sdsempty(); uint16_t flags = ntohs(g->flags); clusterNode *node; if (flags == 0) ci = sdscat(ci,"noflags,"); if (flags & REDIS_NODE_MYSELF) ci = sdscat(ci,"myself,"); if (flags & REDIS_NODE_MASTER) ci = sdscat(ci,"master,"); if (flags & REDIS_NODE_SLAVE) ci = sdscat(ci,"slave,"); if (flags & REDIS_NODE_PFAIL) ci = sdscat(ci,"fail?,"); if (flags & REDIS_NODE_FAIL) ci = sdscat(ci,"fail,"); if (flags & REDIS_NODE_HANDSHAKE) ci = sdscat(ci,"handshake,"); if (flags & REDIS_NODE_NOADDR) ci = sdscat(ci,"noaddr,"); if (flags & REDIS_NODE_PROMOTED) ci = sdscat(ci,"promoted,"); if (ci[sdslen(ci)-1] == ',') ci[sdslen(ci)-1] = ' '; redisLog(REDIS_DEBUG,"GOSSIP %.40s %s:%d %s", g->nodename, g->ip, ntohs(g->port), ci); sdsfree(ci); /* Update our state accordingly to the gossip sections */ node = clusterLookupNode(g->nodename); if (node != NULL) { /* We already know this node. Let's start updating the last * time PONG figure if it is newer than our figure. * Note that it's not a problem if we have a PING already * in progress against this node. */ if (node->pong_received < (signed) ntohl(g->pong_received)) { redisLog(REDIS_DEBUG,"Node pong_received updated by gossip"); node->pong_received = ntohl(g->pong_received); } /* Handle failure reports, only when the sender is a master. */ if (sender && sender->flags & REDIS_NODE_MASTER && node != server.cluster->myself) { if (flags & (REDIS_NODE_FAIL|REDIS_NODE_PFAIL)) { if (clusterNodeAddFailureReport(node,sender)) { redisLog(REDIS_NOTICE, "Node %.40s reported node %.40s as not reachable.", sender->name, node->name); } markNodeAsFailingIfNeeded(node); } else { if (clusterNodeDelFailureReport(node,sender)) { redisLog(REDIS_NOTICE, "Node %.40s reported node %.40s is back online.", sender->name, node->name); } } } } else { /* If it's not in NOADDR state and we don't have it, we * start an handshake process against this IP/PORT pairs. * * Note that we require that the sender of this gossip message * is a well known node in our cluster, otherwise we risk * joining another cluster. */ if (sender && !(flags & REDIS_NODE_NOADDR)) { clusterNode *newnode; redisLog(REDIS_DEBUG,"Adding the new node"); newnode = createClusterNode(NULL,REDIS_NODE_HANDSHAKE); memcpy(newnode->ip,g->ip,sizeof(g->ip)); newnode->port = ntohs(g->port); clusterAddNode(newnode); } } /* Next node */ g++; } } /* IP -> string conversion. 'buf' is supposed to at least be 16 bytes. */ void nodeIp2String(char *buf, clusterLink *link) { struct sockaddr_in sa; socklen_t salen = sizeof(sa); if (getpeername(link->fd, (struct sockaddr*) &sa, &salen) == -1) redisPanic("getpeername() failed."); inet_ntop(sa.sin_family,(void*)&(sa.sin_addr),buf,sizeof(link->node->ip)); } /* Update the node address to the IP address that can be extracted * from link->fd, and at the specified port. * Also disconnect the node link so that we'll connect again to the new * address. * * If the ip/port pair are already correct no operation is performed at * all. * * The function returns 0 if the node address is still the same, * otherwise 1 is returned. */ int nodeUpdateAddressIfNeeded(clusterNode *node, clusterLink *link, int port) { char ip[REDIS_IP_STR_LEN]; /* We don't proceed if the link is the same as the sender link, as this * function is designed to see if the node link is consistent with the * symmetric link that is used to receive PINGs from the node. * * As a side effect this function never frees the passed 'link', so * it is safe to call during packet processing. */ if (link == node->link) return 0; nodeIp2String(ip,link); if (node->port == port && strcmp(ip,node->ip) == 0) return 0; /* IP / port is different, update it. */ memcpy(node->ip,ip,sizeof(ip)); node->port = port; if (node->link) freeClusterLink(node->link); redisLog(REDIS_WARNING,"Address updated for node %.40s, now %s:%d", node->name, node->ip, node->port); return 1; } /* When this function is called, there is a packet to process starting * at node->rcvbuf. Releasing the buffer is up to the caller, so this * function should just handle the higher level stuff of processing the * packet, modifying the cluster state if needed. * * The function returns 1 if the link is still valid after the packet * was processed, otherwise 0 if the link was freed since the packet * processing lead to some inconsistency error (for instance a PONG * received from the wrong sender ID). */ int clusterProcessPacket(clusterLink *link) { clusterMsg *hdr = (clusterMsg*) link->rcvbuf; uint32_t totlen = ntohl(hdr->totlen); uint16_t type = ntohs(hdr->type); uint16_t flags = ntohs(hdr->flags); clusterNode *sender; redisLog(REDIS_DEBUG,"--- Processing packet of type %d, %lu bytes", type, (unsigned long) totlen); /* Perform sanity checks */ if (totlen < 8) return 1; if (totlen > sdslen(link->rcvbuf)) return 1; if (type == CLUSTERMSG_TYPE_PING || type == CLUSTERMSG_TYPE_PONG || type == CLUSTERMSG_TYPE_MEET) { uint16_t count = ntohs(hdr->count); uint32_t explen; /* expected length of this packet */ explen = sizeof(clusterMsg)-sizeof(union clusterMsgData); explen += (sizeof(clusterMsgDataGossip)*count); if (totlen != explen) return 1; } else if (type == CLUSTERMSG_TYPE_FAIL) { uint32_t explen = sizeof(clusterMsg)-sizeof(union clusterMsgData); explen += sizeof(clusterMsgDataFail); if (totlen != explen) return 1; } else if (type == CLUSTERMSG_TYPE_PUBLISH) { uint32_t explen = sizeof(clusterMsg)-sizeof(union clusterMsgData); explen += sizeof(clusterMsgDataPublish) + ntohl(hdr->data.publish.msg.channel_len) + ntohl(hdr->data.publish.msg.message_len); if (totlen != explen) return 1; } else if (type == CLUSTERMSG_TYPE_FAILOVER_AUTH_REQUEST || type == CLUSTERMSG_TYPE_FAILOVER_AUTH_ACK) { uint32_t explen = sizeof(clusterMsg)-sizeof(union clusterMsgData); if (totlen != explen) return 1; } /* Process packets by type. */ sender = clusterLookupNode(hdr->sender); if (type == CLUSTERMSG_TYPE_PING || type == CLUSTERMSG_TYPE_MEET) { int update_config = 0; redisLog(REDIS_DEBUG,"Ping packet received: %p", (void*)link->node); /* Add this node if it is new for us and the msg type is MEET. * In this stage we don't try to add the node with the right * flags, slaveof pointer, and so forth, as this details will be * resolved when we'll receive PONGs from the node. */ if (!sender && type == CLUSTERMSG_TYPE_MEET) { clusterNode *node; node = createClusterNode(NULL,REDIS_NODE_HANDSHAKE); nodeIp2String(node->ip,link); node->port = ntohs(hdr->port); clusterAddNode(node); update_config = 1; } /* Get info from the gossip section */ clusterProcessGossipSection(hdr,link); /* Anyway reply with a PONG */ clusterSendPing(link,CLUSTERMSG_TYPE_PONG); /* Update config if needed */ if (update_config) clusterSaveConfigOrDie(); } /* PING or PONG: process config information. */ if (type == CLUSTERMSG_TYPE_PING || type == CLUSTERMSG_TYPE_PONG) { int update_state = 0; int update_config = 0; redisLog(REDIS_DEBUG,"%s packet received: %p", type == CLUSTERMSG_TYPE_PING ? "ping" : "pong", (void*)link->node); if (link->node) { if (link->node->flags & REDIS_NODE_HANDSHAKE) { /* If we already have this node, try to change the * IP/port of the node with the new one. */ if (sender) { redisLog(REDIS_WARNING, "Handshake error: we already know node %.40s, updating the address if needed.", sender->name); if (nodeUpdateAddressIfNeeded(sender,link,ntohs(hdr->port))) { clusterUpdateState(); clusterSaveConfigOrDie(); } /* Free this node as we alrady have it. This will * cause the link to be freed as well. */ freeClusterNode(link->node); return 0; } /* First thing to do is replacing the random name with the * right node name if this was an handshake stage. */ clusterRenameNode(link->node, hdr->sender); redisLog(REDIS_DEBUG,"Handshake with node %.40s completed.", link->node->name); link->node->flags &= ~REDIS_NODE_HANDSHAKE; link->node->flags |= flags&(REDIS_NODE_MASTER|REDIS_NODE_SLAVE); update_config = 1; } else if (memcmp(link->node->name,hdr->sender, REDIS_CLUSTER_NAMELEN) != 0) { /* If the reply has a non matching node ID we * disconnect this node and set it as not having an associated * address. */ redisLog(REDIS_DEBUG,"PONG contains mismatching sender ID"); link->node->flags |= REDIS_NODE_NOADDR; link->node->ip[0] = '\0'; link->node->port = 0; freeClusterLink(link); update_config = 1; /* FIXME: remove this node if we already have it. * * If we already have it but the IP is different, use * the new one if the old node is in FAIL, PFAIL, or NOADDR * status... */ return 0; } } /* Update the node address if it changed. */ if (sender && type == CLUSTERMSG_TYPE_PING && !(sender->flags & REDIS_NODE_HANDSHAKE) && nodeUpdateAddressIfNeeded(sender,link,ntohs(hdr->port))) { update_state = 1; update_config = 1; } /* Update our info about the node */ if (link->node && type == CLUSTERMSG_TYPE_PONG) { link->node->pong_received = time(NULL); link->node->ping_sent = 0; /* The PFAIL condition can be reversed without external * help if it is momentary (that is, if it does not * turn into a FAIL state). * * The FAIL condition is also reversible under specific * conditions detected by clearNodeFailureIfNeeded(). */ if (link->node->flags & REDIS_NODE_PFAIL) { link->node->flags &= ~REDIS_NODE_PFAIL; update_state = 1; } else if (link->node->flags & REDIS_NODE_FAIL) { clearNodeFailureIfNeeded(link->node); } } /* Update master/slave state */ if (sender) { if (!memcmp(hdr->slaveof,REDIS_NODE_NULL_NAME, sizeof(hdr->slaveof))) { /* Node is a master. */ if (sender->flags & REDIS_NODE_SLAVE) { /* Slave turned into master! */ clusterNode *oldmaster = sender->slaveof; /* Reconfigure node as master. */ if (sender->slaveof) clusterNodeRemoveSlave(sender->slaveof,sender); sender->flags &= ~REDIS_NODE_SLAVE; sender->flags |= REDIS_NODE_MASTER; sender->slaveof = NULL; /* If this node used to be our slave, and now has the * PROMOTED flag set. We'll turn ourself into a slave * of the new master. */ if (flags & REDIS_NODE_PROMOTED && oldmaster == server.cluster->myself) { redisLog(REDIS_WARNING,"One of my slaves took my place. Reconfiguring myself as a replica of %.40s", sender->name); clusterDelNodeSlots(server.cluster->myself); clusterSetMaster(sender); } /* If we are a slave, and this node used to be a slave * of our master, and now has the PROMOTED flag set, we * need to switch our replication setup over it. */ if (flags & REDIS_NODE_PROMOTED && server.cluster->myself->flags & REDIS_NODE_SLAVE && server.cluster->myself->slaveof == oldmaster) { redisLog(REDIS_WARNING,"One of the slaves failed over my master. Reconfiguring myself as a replica of %.40s", sender->name); clusterDelNodeSlots(server.cluster->myself); clusterSetMaster(sender); } /* Update config and state. */ update_state = 1; update_config = 1; } } else { /* Node is a slave. */ clusterNode *master = clusterLookupNode(hdr->slaveof); if (sender->flags & REDIS_NODE_MASTER) { /* Master turned into a slave! Reconfigure the node. */ clusterDelNodeSlots(sender); sender->flags &= ~REDIS_NODE_MASTER; sender->flags |= REDIS_NODE_SLAVE; /* Remove the list of slaves from the node. */ if (sender->numslaves) clusterNodeResetSlaves(sender); /* Update config and state. */ update_state = 1; update_config = 1; } /* Master node changed for this slave? */ if (sender->slaveof != master) { if (sender->slaveof) clusterNodeRemoveSlave(sender->slaveof,sender); clusterNodeAddSlave(master,sender); sender->slaveof = master; } } } /* Update our info about served slots. * Note: this MUST happen after we update the master/slave state * so that REDIS_NODE_MASTER flag will be set. */ if (sender && sender->flags & REDIS_NODE_MASTER) { int changes, j; changes = memcmp(sender->slots,hdr->myslots,sizeof(hdr->myslots)) != 0; if (changes) { for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (bitmapTestBit(hdr->myslots,j)) { /* If this slot was not served, or served by a node * in FAIL state, update the table with the new node * claiming to serve the slot. */ if (server.cluster->slots[j] == sender) continue; if (server.cluster->slots[j] == NULL || server.cluster->slots[j]->flags & REDIS_NODE_FAIL) { clusterDelSlot(j); clusterAddSlot(sender,j); update_state = update_config = 1; } } else { /* This node claims to no longer handling the slot, * however we don't change our config as this is likely * happening because a resharding is in progress, and * it already knows where to redirect clients. */ } } } } /* Get info from the gossip section */ clusterProcessGossipSection(hdr,link); /* Update the cluster state if needed */ if (update_state) clusterUpdateState(); if (update_config) clusterSaveConfigOrDie(); } else if (type == CLUSTERMSG_TYPE_FAIL && sender) { clusterNode *failing; failing = clusterLookupNode(hdr->data.fail.about.nodename); if (failing && !(failing->flags & (REDIS_NODE_FAIL|REDIS_NODE_MYSELF))) { redisLog(REDIS_NOTICE, "FAIL message received from %.40s about %.40s", hdr->sender, hdr->data.fail.about.nodename); failing->flags |= REDIS_NODE_FAIL; failing->fail_time = time(NULL); failing->flags &= ~REDIS_NODE_PFAIL; clusterUpdateState(); clusterSaveConfigOrDie(); } } else if (type == CLUSTERMSG_TYPE_PUBLISH) { robj *channel, *message; uint32_t channel_len, message_len; /* Don't bother creating useless objects if there are no Pub/Sub subscribers. */ if (dictSize(server.pubsub_channels) || listLength(server.pubsub_patterns)) { channel_len = ntohl(hdr->data.publish.msg.channel_len); message_len = ntohl(hdr->data.publish.msg.message_len); channel = createStringObject( (char*)hdr->data.publish.msg.bulk_data,channel_len); message = createStringObject( (char*)hdr->data.publish.msg.bulk_data+channel_len, message_len); pubsubPublishMessage(channel,message); decrRefCount(channel); decrRefCount(message); } } else if (type == CLUSTERMSG_TYPE_FAILOVER_AUTH_REQUEST) { if (!sender) return 1; /* We don't know that node. */ /* If we are not a master, ignore that message at all. */ if (!(server.cluster->myself->flags & REDIS_NODE_MASTER)) return 0; clusterSendFailoverAuthIfNeeded(sender); } else if (type == CLUSTERMSG_TYPE_FAILOVER_AUTH_ACK) { if (!sender) return 1; /* We don't know that node. */ /* If this is a master, increment the number of acknowledges * we received so far. */ if (sender->flags & REDIS_NODE_MASTER) server.cluster->failover_auth_count++; } else { redisLog(REDIS_WARNING,"Received unknown packet type: %d", type); } return 1; } /* This function is called when we detect the link with this node is lost. We set the node as no longer connected. The Cluster Cron will detect this connection and will try to get it connected again. Instead if the node is a temporary node used to accept a query, we completely free the node on error. */ void handleLinkIOError(clusterLink *link) { freeClusterLink(link); } /* Send data. This is handled using a trivial send buffer that gets * consumed by write(). We don't try to optimize this for speed too much * as this is a very low traffic channel. */ void clusterWriteHandler(aeEventLoop *el, int fd, void *privdata, int mask) { clusterLink *link = (clusterLink*) privdata; ssize_t nwritten; REDIS_NOTUSED(el); REDIS_NOTUSED(mask); nwritten = write(fd, link->sndbuf, sdslen(link->sndbuf)); if (nwritten <= 0) { redisLog(REDIS_DEBUG,"I/O error writing to node link: %s", strerror(errno)); handleLinkIOError(link); return; } link->sndbuf = sdsrange(link->sndbuf,nwritten,-1); if (sdslen(link->sndbuf) == 0) aeDeleteFileEvent(server.el, link->fd, AE_WRITABLE); } /* Read data. Try to read the first field of the header first to check the * full length of the packet. When a whole packet is in memory this function * will call the function to process the packet. And so forth. */ void clusterReadHandler(aeEventLoop *el, int fd, void *privdata, int mask) { char buf[4096]; ssize_t nread; clusterMsg *hdr; clusterLink *link = (clusterLink*) privdata; int readlen, rcvbuflen; REDIS_NOTUSED(el); REDIS_NOTUSED(mask); again: rcvbuflen = sdslen(link->rcvbuf); if (rcvbuflen < 4) { /* First, obtain the first four bytes to get the full message * length. */ readlen = 4 - rcvbuflen; } else { /* Finally read the full message. */ hdr = (clusterMsg*) link->rcvbuf; if (rcvbuflen == 4) { /* Perform some sanity check on the message length. */ if (ntohl(hdr->totlen) < CLUSTERMSG_MIN_LEN) { redisLog(REDIS_WARNING, "Bad message length received from Cluster bus."); handleLinkIOError(link); return; } } readlen = ntohl(hdr->totlen) - rcvbuflen; } nread = read(fd,buf,readlen); if (nread == -1 && errno == EAGAIN) return; /* No more data ready. */ if (nread <= 0) { /* I/O error... */ redisLog(REDIS_DEBUG,"I/O error reading from node link: %s", (nread == 0) ? "connection closed" : strerror(errno)); handleLinkIOError(link); return; } else { /* Read data and recast the pointer to the new buffer. */ link->rcvbuf = sdscatlen(link->rcvbuf,buf,nread); hdr = (clusterMsg*) link->rcvbuf; rcvbuflen += nread; } /* Total length obtained? read the payload now instead of burning * cycles waiting for a new event to fire. */ if (rcvbuflen == 4) goto again; /* Whole packet in memory? We can process it. */ if (rcvbuflen == ntohl(hdr->totlen)) { if (clusterProcessPacket(link)) { sdsfree(link->rcvbuf); link->rcvbuf = sdsempty(); rcvbuflen = 0; /* Useless line of code currently... defensive. */ } } } /* Put stuff into the send buffer. */ void clusterSendMessage(clusterLink *link, unsigned char *msg, size_t msglen) { if (sdslen(link->sndbuf) == 0 && msglen != 0) aeCreateFileEvent(server.el,link->fd,AE_WRITABLE, clusterWriteHandler,link); link->sndbuf = sdscatlen(link->sndbuf, msg, msglen); } /* Send a message to all the nodes that are part of the cluster having * a connected link. */ void clusterBroadcastMessage(void *buf, size_t len) { dictIterator *di; dictEntry *de; di = dictGetIterator(server.cluster->nodes); while((de = dictNext(di)) != NULL) { clusterNode *node = dictGetVal(de); if (!node->link) continue; if (node->flags & (REDIS_NODE_MYSELF|REDIS_NODE_HANDSHAKE)) continue; clusterSendMessage(node->link,buf,len); } dictReleaseIterator(di); } /* Build the message header */ void clusterBuildMessageHdr(clusterMsg *hdr, int type) { int totlen = 0; memset(hdr,0,sizeof(*hdr)); hdr->type = htons(type); memcpy(hdr->sender,server.cluster->myself->name,REDIS_CLUSTER_NAMELEN); memcpy(hdr->myslots,server.cluster->myself->slots, sizeof(hdr->myslots)); memset(hdr->slaveof,0,REDIS_CLUSTER_NAMELEN); if (server.cluster->myself->slaveof != NULL) { memcpy(hdr->slaveof,server.cluster->myself->slaveof->name, REDIS_CLUSTER_NAMELEN); } hdr->port = htons(server.port); hdr->flags = htons(server.cluster->myself->flags); hdr->state = server.cluster->state; if (type == CLUSTERMSG_TYPE_FAIL) { totlen = sizeof(clusterMsg)-sizeof(union clusterMsgData); totlen += sizeof(clusterMsgDataFail); } hdr->totlen = htonl(totlen); /* For PING, PONG, and MEET, fixing the totlen field is up to the caller */ } /* Send a PING or PONG packet to the specified node, making sure to add enough * gossip informations. */ void clusterSendPing(clusterLink *link, int type) { unsigned char buf[4096]; clusterMsg *hdr = (clusterMsg*) buf; int gossipcount = 0, totlen; /* freshnodes is the number of nodes we can still use to populate the * gossip section of the ping packet. Basically we start with the nodes * we have in memory minus two (ourself and the node we are sending the * message to). Every time we add a node we decrement the counter, so when * it will drop to <= zero we know there is no more gossip info we can * send. */ int freshnodes = dictSize(server.cluster->nodes)-2; if (link->node && type == CLUSTERMSG_TYPE_PING) link->node->ping_sent = time(NULL); clusterBuildMessageHdr(hdr,type); /* Populate the gossip fields */ while(freshnodes > 0 && gossipcount < 3) { struct dictEntry *de = dictGetRandomKey(server.cluster->nodes); clusterNode *this = dictGetVal(de); clusterMsgDataGossip *gossip; int j; /* In the gossip section don't include: * 1) Myself. * 2) Nodes in HANDSHAKE state. * 3) Nodes with the NOADDR flag set. * 4) Disconnected nodes if they don't have configured slots. */ if (this == server.cluster->myself || this->flags & (REDIS_NODE_HANDSHAKE|REDIS_NODE_NOADDR) || (this->link == NULL && this->numslots == 0)) { freshnodes--; /* otherwise we may loop forever. */ continue; } /* Check if we already added this node */ for (j = 0; j < gossipcount; j++) { if (memcmp(hdr->data.ping.gossip[j].nodename,this->name, REDIS_CLUSTER_NAMELEN) == 0) break; } if (j != gossipcount) continue; /* Add it */ freshnodes--; gossip = &(hdr->data.ping.gossip[gossipcount]); memcpy(gossip->nodename,this->name,REDIS_CLUSTER_NAMELEN); gossip->ping_sent = htonl(this->ping_sent); gossip->pong_received = htonl(this->pong_received); memcpy(gossip->ip,this->ip,sizeof(this->ip)); gossip->port = htons(this->port); gossip->flags = htons(this->flags); gossipcount++; } totlen = sizeof(clusterMsg)-sizeof(union clusterMsgData); totlen += (sizeof(clusterMsgDataGossip)*gossipcount); hdr->count = htons(gossipcount); hdr->totlen = htonl(totlen); clusterSendMessage(link,buf,totlen); } /* Send a PONG packet to every connected node that's not in handshake state. * * In Redis Cluster pings are not just used for failure detection, but also * to carry important configuration informations. So broadcasting a pong is * useful when something changes in the configuration and we want to make * the cluster aware ASAP (for instance after a slave promotion). */ void clusterBroadcastPong(void) { dictIterator *di; dictEntry *de; di = dictGetIterator(server.cluster->nodes); while((de = dictNext(di)) != NULL) { clusterNode *node = dictGetVal(de); if (node->flags & (REDIS_NODE_MYSELF|REDIS_NODE_HANDSHAKE)) continue; clusterSendPing(node->link,CLUSTERMSG_TYPE_PONG); } dictReleaseIterator(di); } /* Send a PUBLISH message. * * If link is NULL, then the message is broadcasted to the whole cluster. */ void clusterSendPublish(clusterLink *link, robj *channel, robj *message) { unsigned char buf[4096], *payload; clusterMsg *hdr = (clusterMsg*) buf; uint32_t totlen; uint32_t channel_len, message_len; channel = getDecodedObject(channel); message = getDecodedObject(message); channel_len = sdslen(channel->ptr); message_len = sdslen(message->ptr); clusterBuildMessageHdr(hdr,CLUSTERMSG_TYPE_PUBLISH); totlen = sizeof(clusterMsg)-sizeof(union clusterMsgData); totlen += sizeof(clusterMsgDataPublish) + channel_len + message_len; hdr->data.publish.msg.channel_len = htonl(channel_len); hdr->data.publish.msg.message_len = htonl(message_len); hdr->totlen = htonl(totlen); /* Try to use the local buffer if possible */ if (totlen < sizeof(buf)) { payload = buf; } else { payload = zmalloc(totlen); hdr = (clusterMsg*) payload; memcpy(payload,hdr,sizeof(*hdr)); } memcpy(hdr->data.publish.msg.bulk_data,channel->ptr,sdslen(channel->ptr)); memcpy(hdr->data.publish.msg.bulk_data+sdslen(channel->ptr), message->ptr,sdslen(message->ptr)); if (link) clusterSendMessage(link,payload,totlen); else clusterBroadcastMessage(payload,totlen); decrRefCount(channel); decrRefCount(message); if (payload != buf) zfree(payload); } /* Send a FAIL message to all the nodes we are able to contact. * The FAIL message is sent when we detect that a node is failing * (REDIS_NODE_PFAIL) and we also receive a gossip confirmation of this: * we switch the node state to REDIS_NODE_FAIL and ask all the other * nodes to do the same ASAP. */ void clusterSendFail(char *nodename) { unsigned char buf[4096]; clusterMsg *hdr = (clusterMsg*) buf; clusterBuildMessageHdr(hdr,CLUSTERMSG_TYPE_FAIL); memcpy(hdr->data.fail.about.nodename,nodename,REDIS_CLUSTER_NAMELEN); clusterBroadcastMessage(buf,ntohl(hdr->totlen)); } /* ----------------------------------------------------------------------------- * CLUSTER Pub/Sub support * * For now we do very little, just propagating PUBLISH messages across the whole * cluster. In the future we'll try to get smarter and avoiding propagating those * messages to hosts without receives for a given channel. * -------------------------------------------------------------------------- */ void clusterPropagatePublish(robj *channel, robj *message) { clusterSendPublish(NULL, channel, message); } /* ----------------------------------------------------------------------------- * SLAVE node specific functions * -------------------------------------------------------------------------- */ /* This function sends a FAILOVE_AUTH_REQUEST message to every node in order to * see if there is the quorum for this slave instance to failover its failing * master. * * Note that we send the failover request to everybody, master and slave nodes, * but only the masters are supposed to reply to our query. */ void clusterRequestFailoverAuth(void) { unsigned char buf[4096]; clusterMsg *hdr = (clusterMsg*) buf; uint32_t totlen; clusterBuildMessageHdr(hdr,CLUSTERMSG_TYPE_FAILOVER_AUTH_REQUEST); totlen = sizeof(clusterMsg)-sizeof(union clusterMsgData); hdr->totlen = htonl(totlen); clusterBroadcastMessage(buf,totlen); } /* Send a FAILOVER_AUTH_ACK message to the specified node. */ void clusterSendFailoverAuth(clusterNode *node) { unsigned char buf[4096]; clusterMsg *hdr = (clusterMsg*) buf; uint32_t totlen; if (!node->link) return; clusterBuildMessageHdr(hdr,CLUSTERMSG_TYPE_FAILOVER_AUTH_ACK); totlen = sizeof(clusterMsg)-sizeof(union clusterMsgData); hdr->totlen = htonl(totlen); clusterSendMessage(node->link,buf,totlen); } /* If we believe 'node' is the "first slave" of it's master, reply with * a FAILOVER_AUTH_GRANTED packet. * * To be a first slave the sender must: * 1) Be a slave. * 2) Its master should be in FAIL state. * 3) Ordering all the slaves IDs for its master by run-id, it should be the * first (the smallest) among the ones not in FAIL / PFAIL state. */ void clusterSendFailoverAuthIfNeeded(clusterNode *node) { char first[REDIS_CLUSTER_NAMELEN]; clusterNode *master = node->slaveof; int j; /* Node is a slave? Its master is down? */ if (!(node->flags & REDIS_NODE_SLAVE) || master == NULL || !(master->flags & REDIS_NODE_FAIL)) return; /* Iterate all the master slaves to check what's the first one. */ memset(first,0xff,sizeof(first)); for (j = 0; j < master->numslaves; j++) { clusterNode *slave = master->slaves[j]; if (slave->flags & (REDIS_NODE_FAIL|REDIS_NODE_PFAIL)) continue; if (memcmp(slave->name,first,sizeof(first)) < 0) { memcpy(first,slave->name,sizeof(first)); } } /* Is 'node' the first slave? */ if (memcmp(node->name,first,sizeof(first)) != 0) return; /* We can send the packet. */ clusterSendFailoverAuth(node); } /* This function is called if we are a slave node and our master serving * a non-zero amount of hash slots is in FAIL state. * * The gaol of this function is: * 1) To check if we are able to perform a failover, is our data updated? * 2) Ask reachable masters the authorization to perform the failover. * 3) Check if there is the majority of masters agreeing we should failover. * 4) Perform the failover informing all the other nodes. */ void clusterHandleSlaveFailover(void) { time_t data_age = server.unixtime - server.repl_down_since; time_t auth_age = server.unixtime - server.cluster->failover_auth_time; int needed_quorum = (server.cluster->size / 2) + 1; int j; /* Check if our data is recent enough. For now we just use a fixed * constant of ten times the node timeout since the cluster should * react much faster to a master down. */ if (data_age > server.cluster_node_timeout * REDIS_CLUSTER_SLAVE_VALIDITY_MULT) return; /* TODO: check if we are the first slave as well? Or just rely on the * master authorization? */ /* Ask masters if we are authorized to perform the failover. If there * is a pending auth request that's too old, reset it. */ if (server.cluster->failover_auth_time == 0 || auth_age > server.cluster_node_timeout * REDIS_CLUSTER_FAILOVER_AUTH_RETRY_MULT) { redisLog(REDIS_WARNING,"Asking masters if I can failover..."); server.cluster->failover_auth_time = time(NULL); server.cluster->failover_auth_count = 0; clusterRequestFailoverAuth(); return; /* Wait for replies. */ } /* Check if we reached the quorum. */ if (server.cluster->failover_auth_count >= needed_quorum) { clusterNode *oldmaster = server.cluster->myself->slaveof; redisLog(REDIS_WARNING, "Masters quorum reached: failing over my (failing) master."); /* We have the quorum, perform all the steps to correctly promote * this slave to a master. * * 1) Turn this node into a master. */ clusterNodeRemoveSlave(server.cluster->myself->slaveof, server.cluster->myself); server.cluster->myself->flags &= ~REDIS_NODE_SLAVE; server.cluster->myself->flags |= REDIS_NODE_MASTER; server.cluster->myself->flags |= REDIS_NODE_PROMOTED; server.cluster->myself->slaveof = NULL; replicationUnsetMaster(); /* 2) Claim all the slots assigned to our master. */ for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (clusterNodeGetSlotBit(oldmaster,j)) { clusterDelSlot(j); clusterAddSlot(server.cluster->myself,j); } } /* 3) Pong all the other nodes so that they can update the state * accordingly and detect that we switched to master role. */ clusterBroadcastPong(); /* 4) Update state and save config. */ clusterUpdateState(); clusterSaveConfigOrDie(); } } /* ----------------------------------------------------------------------------- * CLUSTER cron job * -------------------------------------------------------------------------- */ /* This is executed 1 time every second */ void clusterCron(void) { dictIterator *di; dictEntry *de; int j, update_state = 0; time_t min_pong = 0; clusterNode *min_pong_node = NULL; /* Check if we have disconnected nodes and re-establish the connection. */ di = dictGetIterator(server.cluster->nodes); while((de = dictNext(di)) != NULL) { clusterNode *node = dictGetVal(de); if (node->flags & (REDIS_NODE_MYSELF|REDIS_NODE_NOADDR)) continue; if (node->link == NULL) { int fd; time_t old_ping_sent; clusterLink *link; fd = anetTcpNonBlockConnect(server.neterr, node->ip, node->port+REDIS_CLUSTER_PORT_INCR); if (fd == -1) continue; link = createClusterLink(node); link->fd = fd; node->link = link; aeCreateFileEvent(server.el,link->fd,AE_READABLE,clusterReadHandler,link); /* Queue a PING in the new connection ASAP: this is crucial * to avoid false positives in failure detection. * * If the node is flagged as MEET, we send a MEET message instead * of a PING one, to force the receiver to add us in its node * table. */ old_ping_sent = node->ping_sent; clusterSendPing(link, node->flags & REDIS_NODE_MEET ? CLUSTERMSG_TYPE_MEET : CLUSTERMSG_TYPE_PING); if (old_ping_sent) { /* If there was an active ping before the link was * disconnected, we want to restore the ping time, otherwise * replaced by the clusterSendPing() call. */ node->ping_sent = old_ping_sent; } /* We can clear the flag after the first packet is sent. * If we'll never receive a PONG, we'll never send new packets * to this node. Instead after the PONG is received and we * are no longer in meet/handshake status, we want to send * normal PING packets. */ node->flags &= ~REDIS_NODE_MEET; redisLog(REDIS_DEBUG,"Connecting with Node %.40s at %s:%d", node->name, node->ip, node->port+REDIS_CLUSTER_PORT_INCR); } } dictReleaseIterator(di); /* Ping some random node. Check a few random nodes and ping the one with * the oldest pong_received time */ for (j = 0; j < 5; j++) { de = dictGetRandomKey(server.cluster->nodes); clusterNode *this = dictGetVal(de); /* Don't ping nodes disconnected or with a ping currently active. */ if (this->link == NULL || this->ping_sent != 0) continue; if (this->flags & (REDIS_NODE_MYSELF|REDIS_NODE_HANDSHAKE)) continue; if (min_pong_node == NULL || min_pong > this->pong_received) { min_pong_node = this; min_pong = this->pong_received; } } if (min_pong_node) { redisLog(REDIS_DEBUG,"Pinging node %.40s", min_pong_node->name); clusterSendPing(min_pong_node->link, CLUSTERMSG_TYPE_PING); } /* Iterate nodes to check if we need to flag something as failing */ di = dictGetIterator(server.cluster->nodes); while((de = dictNext(di)) != NULL) { clusterNode *node = dictGetVal(de); time_t now = time(NULL); int delay; if (node->flags & (REDIS_NODE_MYSELF|REDIS_NODE_NOADDR|REDIS_NODE_HANDSHAKE)) continue; /* If we are waiting for the PONG more than half the cluster * timeout, reconnect the link: maybe there is a connection * issue even if the node is alive. */ if (node->link && /* is connected */ time(NULL) - node->link->ctime > server.cluster_node_timeout && /* was not already reconnected */ node->ping_sent && /* we already sent a ping */ node->pong_received < node->ping_sent && /* still waiting pong */ /* and we are waiting for the pong more than timeout/2 */ now - node->ping_sent > server.cluster_node_timeout/2) { /* Disconnect the link, it will be reconnected automatically. */ freeClusterLink(node->link); } /* If we have currently no active ping in this instance, and the * received PONG is older than half the cluster timeout, send * a new ping now, to ensure all the nodes are pinged without * a too big delay. */ if (node->link && node->ping_sent == 0 && (now - node->pong_received) > server.cluster_node_timeout/2) { clusterSendPing(node->link, CLUSTERMSG_TYPE_PING); continue; } /* Check only if we have an active ping for this instance. */ if (node->ping_sent == 0) continue; /* Compute the delay of the PONG. Note that if we already received * the PONG, then node->ping_sent is zero, so can't reach this * code at all. */ delay = now - node->ping_sent; if (delay > server.cluster_node_timeout) { /* Timeout reached. Set the node as possibly failing if it is * not already in this state. */ if (!(node->flags & (REDIS_NODE_PFAIL|REDIS_NODE_FAIL))) { redisLog(REDIS_DEBUG,"*** NODE %.40s possibly failing", node->name); node->flags |= REDIS_NODE_PFAIL; update_state = 1; } } } dictReleaseIterator(di); /* If we are a slave node but the replication is still turned off, * enable it if we know the address of our master and it appears to * be up. */ if (server.cluster->myself->flags & REDIS_NODE_SLAVE && server.masterhost == NULL && server.cluster->myself->slaveof && !(server.cluster->myself->slaveof->flags & REDIS_NODE_NOADDR)) { replicationSetMaster(server.cluster->myself->slaveof->ip, server.cluster->myself->slaveof->port); } /* If we are a slave and our master is down, but is serving slots, * call the function that handles the failover. * This function is called with a small delay in order to let the * FAIL message to propagate after failure detection, this is not * strictly required but makes 99.99% of failovers mechanically * simpler. */ if (server.cluster->myself->flags & REDIS_NODE_SLAVE && server.cluster->myself->slaveof && server.cluster->myself->slaveof->flags & REDIS_NODE_FAIL && (server.unixtime - server.cluster->myself->slaveof->fail_time) > REDIS_CLUSTER_FAILOVER_DELAY && server.cluster->myself->slaveof->numslots != 0) { clusterHandleSlaveFailover(); } if (update_state) clusterUpdateState(); } /* ----------------------------------------------------------------------------- * Slots management * -------------------------------------------------------------------------- */ /* Test bit 'pos' in a generic bitmap. Return 1 if the bit is zet, * otherwise 0. */ int bitmapTestBit(unsigned char *bitmap, int pos) { off_t byte = pos/8; int bit = pos&7; return (bitmap[byte] & (1<slots,slot); bitmapSetBit(n->slots,slot); if (!old) n->numslots++; return old; } /* Clear the slot bit and return the old value. */ int clusterNodeClearSlotBit(clusterNode *n, int slot) { int old = bitmapTestBit(n->slots,slot); bitmapClearBit(n->slots,slot); if (old) n->numslots--; return old; } /* Return the slot bit from the cluster node structure. */ int clusterNodeGetSlotBit(clusterNode *n, int slot) { return bitmapTestBit(n->slots,slot); } /* Add the specified slot to the list of slots that node 'n' will * serve. Return REDIS_OK if the operation ended with success. * If the slot is already assigned to another instance this is considered * an error and REDIS_ERR is returned. */ int clusterAddSlot(clusterNode *n, int slot) { if (server.cluster->slots[slot]) return REDIS_ERR; clusterNodeSetSlotBit(n,slot); server.cluster->slots[slot] = n; return REDIS_OK; } /* Delete the specified slot marking it as unassigned. * Returns REDIS_OK if the slot was assigned, otherwise if the slot was * already unassigned REDIS_ERR is returned. */ int clusterDelSlot(int slot) { clusterNode *n = server.cluster->slots[slot]; if (!n) return REDIS_ERR; redisAssert(clusterNodeClearSlotBit(n,slot) == 1); server.cluster->slots[slot] = NULL; return REDIS_OK; } /* Delete all the slots associated with the specified node. * The number of deleted slots is returned. */ int clusterDelNodeSlots(clusterNode *node) { int deleted = 0, j; for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (clusterNodeGetSlotBit(node,j)) clusterDelSlot(j); deleted++; } return deleted; } /* ----------------------------------------------------------------------------- * Cluster state evaluation function * -------------------------------------------------------------------------- */ void clusterUpdateState(void) { int j, initial_state = server.cluster->state; int unreachable_masters = 0; /* Start assuming the state is OK. We'll turn it into FAIL if there * are the right conditions. */ server.cluster->state = REDIS_CLUSTER_OK; /* Check if all the slots are covered. */ for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (server.cluster->slots[j] == NULL || server.cluster->slots[j]->flags & (REDIS_NODE_FAIL)) { server.cluster->state = REDIS_CLUSTER_FAIL; break; } } /* Compute the cluster size, that is the number of master nodes * serving at least a single slot. * * At the same time count the number of unreachable masters with * at least one node. */ { dictIterator *di; dictEntry *de; server.cluster->size = 0; di = dictGetIterator(server.cluster->nodes); while((de = dictNext(di)) != NULL) { clusterNode *node = dictGetVal(de); if (node->flags & REDIS_NODE_MASTER && node->numslots) { server.cluster->size++; if (node->flags & (REDIS_NODE_FAIL|REDIS_NODE_PFAIL)) unreachable_masters++; } } dictReleaseIterator(di); } /* If we can't reach at least half the masters, change the cluster state * as FAIL, as we are not even able to mark nodes as FAIL in this side * of the netsplit because of lack of majority. */ { int needed_quorum = (server.cluster->size / 2) + 1; if (unreachable_masters >= needed_quorum) server.cluster->state = REDIS_CLUSTER_FAIL; } /* Log a state change */ if (initial_state != server.cluster->state) redisLog(REDIS_WARNING,"Cluster state changed: %s", server.cluster->state == REDIS_CLUSTER_OK ? "ok" : "fail"); } /* This function is called after the node startup in order to verify that data * loaded from disk is in agreement with the cluster configuration: * * 1) If we find keys about hash slots we have no responsibility for, the * following happens: * A) If no other node is in charge according to the current cluster * configuration, we add these slots to our node. * B) If according to our config other nodes are already in charge for * this lots, we set the slots as IMPORTING from our point of view * in order to justify we have those slots, and in order to make * redis-trib aware of the issue, so that it can try to fix it. * 2) If we find data in a DB different than DB0 we return REDIS_ERR to * signal the caller it should quit the server with an error message * or take other actions. * * The function always returns REDIS_OK even if it will try to correct * the error described in "1". However if data is found in DB different * from DB0, REDIS_ERR is returned. * * The function also uses the logging facility in order to warn the user * about desynchronizations between the data we have in memory and the * cluster configuration. */ int verifyClusterConfigWithData(void) { int j; int update_config = 0; /* If this node is a slave, don't perform the check at all as we * completely depend on the replication stream. */ if (server.cluster->myself->flags & REDIS_NODE_SLAVE) return REDIS_OK; /* Make sure we only have keys in DB0. */ for (j = 1; j < server.dbnum; j++) { if (dictSize(server.db[j].dict)) return REDIS_ERR; } /* Check that all the slots we see populated memory have a corresponding * entry in the cluster table. Otherwise fix the table. */ for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (!countKeysInSlot(j)) continue; /* No keys in this slot. */ /* Check if we are assigned to this slot or if we are importing it. * In both cases check the next slot as the configuration makes * sense. */ if (server.cluster->slots[j] == server.cluster->myself || server.cluster->importing_slots_from[j] != NULL) continue; /* If we are here data and cluster config don't agree, and we have * slot 'j' populated even if we are not importing it, nor we are * assigned to this slot. Fix this condition. */ update_config++; /* Case A: slot is unassigned. Take responsability for it. */ if (server.cluster->slots[j] == NULL) { redisLog(REDIS_WARNING, "I've keys about slot %d that is " "unassigned. Taking responsability " "for it.",j); clusterAddSlot(server.cluster->myself,j); } else { redisLog(REDIS_WARNING, "I've keys about slot %d that is " "already assigned to a different node. " "Setting it in importing state.",j); server.cluster->importing_slots_from[j] = server.cluster->slots[j]; } } if (update_config) clusterSaveConfigOrDie(); return REDIS_OK; } /* ----------------------------------------------------------------------------- * SLAVE nodes handling * -------------------------------------------------------------------------- */ /* Set the specified node 'n' as master. Setup the node as a slave if * needed. */ void clusterSetMaster(clusterNode *n) { clusterNode *myself = server.cluster->myself; redisAssert(n != myself); redisAssert(myself->numslots == 0); if (myself->flags & REDIS_NODE_MASTER) { myself->flags &= ~REDIS_NODE_MASTER; myself->flags |= REDIS_NODE_SLAVE; } /* Clear the promoted flag anyway if we are a slave, to ensure it will * be set only when the node turns into a master because of fail over. */ myself->flags &= ~REDIS_NODE_PROMOTED; myself->slaveof = n; replicationSetMaster(n->ip, n->port); } /* ----------------------------------------------------------------------------- * CLUSTER command * -------------------------------------------------------------------------- */ sds clusterGenNodesDescription(void) { sds ci = sdsempty(); dictIterator *di; dictEntry *de; int j, start; di = dictGetIterator(server.cluster->nodes); while((de = dictNext(di)) != NULL) { clusterNode *node = dictGetVal(de); /* Node coordinates */ ci = sdscatprintf(ci,"%.40s %s:%d ", node->name, node->ip, node->port); /* Flags */ if (node->flags == 0) ci = sdscat(ci,"noflags,"); if (node->flags & REDIS_NODE_MYSELF) ci = sdscat(ci,"myself,"); if (node->flags & REDIS_NODE_MASTER) ci = sdscat(ci,"master,"); if (node->flags & REDIS_NODE_SLAVE) ci = sdscat(ci,"slave,"); if (node->flags & REDIS_NODE_PFAIL) ci = sdscat(ci,"fail?,"); if (node->flags & REDIS_NODE_FAIL) ci = sdscat(ci,"fail,"); if (node->flags & REDIS_NODE_HANDSHAKE) ci =sdscat(ci,"handshake,"); if (node->flags & REDIS_NODE_NOADDR) ci = sdscat(ci,"noaddr,"); if (node->flags & REDIS_NODE_PROMOTED) ci = sdscat(ci,"promoted,"); if (ci[sdslen(ci)-1] == ',') ci[sdslen(ci)-1] = ' '; /* Slave of... or just "-" */ if (node->slaveof) ci = sdscatprintf(ci,"%.40s ",node->slaveof->name); else ci = sdscatprintf(ci,"- "); /* Latency from the POV of this node, link status */ ci = sdscatprintf(ci,"%ld %ld %s", (long) node->ping_sent, (long) node->pong_received, (node->link || node->flags & REDIS_NODE_MYSELF) ? "connected" : "disconnected"); /* Slots served by this instance */ start = -1; for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { int bit; if ((bit = clusterNodeGetSlotBit(node,j)) != 0) { if (start == -1) start = j; } if (start != -1 && (!bit || j == REDIS_CLUSTER_SLOTS-1)) { if (j == REDIS_CLUSTER_SLOTS-1) j++; if (start == j-1) { ci = sdscatprintf(ci," %d",start); } else { ci = sdscatprintf(ci," %d-%d",start,j-1); } start = -1; } } /* Just for MYSELF node we also dump info about slots that * we are migrating to other instances or importing from other * instances. */ if (node->flags & REDIS_NODE_MYSELF) { for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (server.cluster->migrating_slots_to[j]) { ci = sdscatprintf(ci," [%d->-%.40s]",j, server.cluster->migrating_slots_to[j]->name); } else if (server.cluster->importing_slots_from[j]) { ci = sdscatprintf(ci," [%d-<-%.40s]",j, server.cluster->importing_slots_from[j]->name); } } } ci = sdscatlen(ci,"\n",1); } dictReleaseIterator(di); return ci; } int getSlotOrReply(redisClient *c, robj *o) { long long slot; if (getLongLongFromObject(o,&slot) != REDIS_OK || slot < 0 || slot > REDIS_CLUSTER_SLOTS) { addReplyError(c,"Invalid or out of range slot"); return -1; } return (int) slot; } void clusterCommand(redisClient *c) { if (server.cluster_enabled == 0) { addReplyError(c,"This instance has cluster support disabled"); return; } if (!strcasecmp(c->argv[1]->ptr,"meet") && c->argc == 4) { /* CLUSTER MEET */ clusterNode *n; struct sockaddr_in sa; long port; /* Perform sanity checks on IP/port */ if (inet_pton(AF_INET,c->argv[0]->ptr,&(sa.sin_addr)) == 0) { addReplyError(c,"Invalid IP address in MEET"); return; } if (getLongFromObjectOrReply(c, c->argv[3], &port, NULL) != REDIS_OK || port < 0 || port > (65535-REDIS_CLUSTER_PORT_INCR)) { addReplyError(c,"Invalid TCP port specified"); return; } /* Finally add the node to the cluster with a random name, this * will get fixed in the first handshake (ping/pong). */ n = createClusterNode(NULL,REDIS_NODE_HANDSHAKE|REDIS_NODE_MEET); inet_ntop(sa.sin_family,(void*)&(sa.sin_addr),n->ip,sizeof(n->ip)); n->port = port; clusterAddNode(n); addReply(c,shared.ok); } else if (!strcasecmp(c->argv[1]->ptr,"nodes") && c->argc == 2) { /* CLUSTER NODES */ robj *o; sds ci = clusterGenNodesDescription(); o = createObject(REDIS_STRING,ci); addReplyBulk(c,o); decrRefCount(o); } else if (!strcasecmp(c->argv[1]->ptr,"flushslots") && c->argc == 2) { /* CLUSTER FLUSHSLOTS */ if (dictSize(server.db[0].dict) != 0) { addReplyError(c,"DB must be empty to perform CLUSTER FLUSHSLOTS."); return; } clusterDelNodeSlots(server.cluster->myself); clusterUpdateState(); clusterSaveConfigOrDie(); addReply(c,shared.ok); } else if ((!strcasecmp(c->argv[1]->ptr,"addslots") || !strcasecmp(c->argv[1]->ptr,"delslots")) && c->argc >= 3) { /* CLUSTER ADDSLOTS [slot] ... */ /* CLUSTER DELSLOTS [slot] ... */ int j, slot; unsigned char *slots = zmalloc(REDIS_CLUSTER_SLOTS); int del = !strcasecmp(c->argv[1]->ptr,"delslots"); memset(slots,0,REDIS_CLUSTER_SLOTS); /* Check that all the arguments are parsable and that all the * slots are not already busy. */ for (j = 2; j < c->argc; j++) { if ((slot = getSlotOrReply(c,c->argv[j])) == -1) { zfree(slots); return; } if (del && server.cluster->slots[slot] == NULL) { addReplyErrorFormat(c,"Slot %d is already unassigned", slot); zfree(slots); return; } else if (!del && server.cluster->slots[slot]) { addReplyErrorFormat(c,"Slot %d is already busy", slot); zfree(slots); return; } if (slots[slot]++ == 1) { addReplyErrorFormat(c,"Slot %d specified multiple times", (int)slot); zfree(slots); return; } } for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { if (slots[j]) { int retval; /* If this slot was set as importing we can clear this * state as now we are the real owner of the slot. */ if (server.cluster->importing_slots_from[j]) server.cluster->importing_slots_from[j] = NULL; retval = del ? clusterDelSlot(j) : clusterAddSlot(server.cluster->myself,j); redisAssertWithInfo(c,NULL,retval == REDIS_OK); } } zfree(slots); clusterUpdateState(); clusterSaveConfigOrDie(); addReply(c,shared.ok); } else if (!strcasecmp(c->argv[1]->ptr,"setslot") && c->argc >= 4) { /* SETSLOT 10 MIGRATING */ /* SETSLOT 10 IMPORTING */ /* SETSLOT 10 STABLE */ /* SETSLOT 10 NODE */ int slot; clusterNode *n; if ((slot = getSlotOrReply(c,c->argv[2])) == -1) return; if (!strcasecmp(c->argv[3]->ptr,"migrating") && c->argc == 5) { if (server.cluster->slots[slot] != server.cluster->myself) { addReplyErrorFormat(c,"I'm not the owner of hash slot %u",slot); return; } if ((n = clusterLookupNode(c->argv[4]->ptr)) == NULL) { addReplyErrorFormat(c,"I don't know about node %s", (char*)c->argv[4]->ptr); return; } server.cluster->migrating_slots_to[slot] = n; } else if (!strcasecmp(c->argv[3]->ptr,"importing") && c->argc == 5) { if (server.cluster->slots[slot] == server.cluster->myself) { addReplyErrorFormat(c, "I'm already the owner of hash slot %u",slot); return; } if ((n = clusterLookupNode(c->argv[4]->ptr)) == NULL) { addReplyErrorFormat(c,"I don't know about node %s", (char*)c->argv[3]->ptr); return; } server.cluster->importing_slots_from[slot] = n; } else if (!strcasecmp(c->argv[3]->ptr,"stable") && c->argc == 4) { /* CLUSTER SETSLOT STABLE */ server.cluster->importing_slots_from[slot] = NULL; server.cluster->migrating_slots_to[slot] = NULL; } else if (!strcasecmp(c->argv[3]->ptr,"node") && c->argc == 5) { /* CLUSTER SETSLOT NODE */ clusterNode *n = clusterLookupNode(c->argv[4]->ptr); if (!n) { addReplyErrorFormat(c,"Unknown node %s", (char*)c->argv[4]->ptr); return; } /* If this hash slot was served by 'myself' before to switch * make sure there are no longer local keys for this hash slot. */ if (server.cluster->slots[slot] == server.cluster->myself && n != server.cluster->myself) { if (countKeysInSlot(slot) != 0) { addReplyErrorFormat(c, "Can't assign hashslot %d to a different node while I still hold keys for this hash slot.", slot); return; } } /* If this node was the slot owner and the slot was marked as * migrating, assigning the slot to another node will clear * the migratig status. */ if (server.cluster->slots[slot] == server.cluster->myself && server.cluster->migrating_slots_to[slot]) server.cluster->migrating_slots_to[slot] = NULL; /* If this node was importing this slot, assigning the slot to * itself also clears the importing status. */ if (n == server.cluster->myself && server.cluster->importing_slots_from[slot]) server.cluster->importing_slots_from[slot] = NULL; clusterDelSlot(slot); clusterAddSlot(n,slot); } else { addReplyError(c,"Invalid CLUSTER SETSLOT action or number of arguments"); return; } clusterUpdateState(); clusterSaveConfigOrDie(); addReply(c,shared.ok); } else if (!strcasecmp(c->argv[1]->ptr,"info") && c->argc == 2) { /* CLUSTER INFO */ char *statestr[] = {"ok","fail","needhelp"}; int slots_assigned = 0, slots_ok = 0, slots_pfail = 0, slots_fail = 0; int j; for (j = 0; j < REDIS_CLUSTER_SLOTS; j++) { clusterNode *n = server.cluster->slots[j]; if (n == NULL) continue; slots_assigned++; if (n->flags & REDIS_NODE_FAIL) { slots_fail++; } else if (n->flags & REDIS_NODE_PFAIL) { slots_pfail++; } else { slots_ok++; } } sds info = sdscatprintf(sdsempty(), "cluster_state:%s\r\n" "cluster_slots_assigned:%d\r\n" "cluster_slots_ok:%d\r\n" "cluster_slots_pfail:%d\r\n" "cluster_slots_fail:%d\r\n" "cluster_known_nodes:%lu\r\n" "cluster_size:%d\r\n" , statestr[server.cluster->state], slots_assigned, slots_ok, slots_pfail, slots_fail, dictSize(server.cluster->nodes), server.cluster->size ); addReplySds(c,sdscatprintf(sdsempty(),"$%lu\r\n", (unsigned long)sdslen(info))); addReplySds(c,info); addReply(c,shared.crlf); } else if (!strcasecmp(c->argv[1]->ptr,"keyslot") && c->argc == 3) { /* CLUSTER KEYSLOT */ sds key = c->argv[2]->ptr; addReplyLongLong(c,keyHashSlot(key,sdslen(key))); } else if (!strcasecmp(c->argv[1]->ptr,"countkeysinslot") && c->argc == 3) { /* CLUSTER COUNTKEYSINSLOT */ long long slot; if (getLongLongFromObjectOrReply(c,c->argv[2],&slot,NULL) != REDIS_OK) return; if (slot < 0 || slot >= REDIS_CLUSTER_SLOTS) { addReplyError(c,"Invalid slot"); return; } addReplyLongLong(c,countKeysInSlot(slot)); } else if (!strcasecmp(c->argv[1]->ptr,"getkeysinslot") && c->argc == 4) { /* CLUSTER GETKEYSINSLOT */ long long maxkeys, slot; unsigned int numkeys, j; robj **keys; if (getLongLongFromObjectOrReply(c,c->argv[2],&slot,NULL) != REDIS_OK) return; if (getLongLongFromObjectOrReply(c,c->argv[3],&maxkeys,NULL) != REDIS_OK) return; if (slot < 0 || slot >= REDIS_CLUSTER_SLOTS || maxkeys < 0) { addReplyError(c,"Invalid slot or number of keys"); return; } keys = zmalloc(sizeof(robj*)*maxkeys); numkeys = getKeysInSlot(slot, keys, maxkeys); addReplyMultiBulkLen(c,numkeys); for (j = 0; j < numkeys; j++) addReplyBulk(c,keys[j]); zfree(keys); } else if (!strcasecmp(c->argv[1]->ptr,"forget") && c->argc == 3) { /* CLUSTER FORGET */ clusterNode *n = clusterLookupNode(c->argv[2]->ptr); if (!n) { addReplyErrorFormat(c,"Unknown node %s", (char*)c->argv[2]->ptr); return; } clusterDelNode(n); clusterUpdateState(); clusterSaveConfigOrDie(); addReply(c,shared.ok); } else if (!strcasecmp(c->argv[1]->ptr,"replicate") && c->argc == 3) { /* CLUSTER REPLICATE */ clusterNode *n = clusterLookupNode(c->argv[2]->ptr); /* Lookup the specified node in our table. */ if (!n) { addReplyErrorFormat(c,"Unknown node %s", (char*)c->argv[2]->ptr); return; } /* I can't replicate myself. */ if (n == server.cluster->myself) { addReplyError(c,"Can't replicate myself"); return; } /* Can't replicate a slave. */ if (n->slaveof != NULL) { addReplyError(c,"I can only replicate a master, not a slave."); return; } /* We should have no assigned slots to accept to replicate some * other node. */ if (server.cluster->myself->numslots != 0 || dictSize(server.db[0].dict) != 0) { addReplyError(c,"To set a master the node must be empty and without assigned slots."); return; } /* Set the master. */ clusterSetMaster(n); clusterUpdateState(); clusterSaveConfigOrDie(); addReply(c,shared.ok); } else { addReplyError(c,"Wrong CLUSTER subcommand or number of arguments"); } } /* ----------------------------------------------------------------------------- * DUMP, RESTORE and MIGRATE commands * -------------------------------------------------------------------------- */ /* Generates a DUMP-format representation of the object 'o', adding it to the * io stream pointed by 'rio'. This function can't fail. */ void createDumpPayload(rio *payload, robj *o) { unsigned char buf[2]; uint64_t crc; /* Serialize the object in a RDB-like format. It consist of an object type * byte followed by the serialized object. This is understood by RESTORE. */ rioInitWithBuffer(payload,sdsempty()); redisAssert(rdbSaveObjectType(payload,o)); redisAssert(rdbSaveObject(payload,o)); /* Write the footer, this is how it looks like: * ----------------+---------------------+---------------+ * ... RDB payload | 2 bytes RDB version | 8 bytes CRC64 | * ----------------+---------------------+---------------+ * RDB version and CRC are both in little endian. */ /* RDB version */ buf[0] = REDIS_RDB_VERSION & 0xff; buf[1] = (REDIS_RDB_VERSION >> 8) & 0xff; payload->io.buffer.ptr = sdscatlen(payload->io.buffer.ptr,buf,2); /* CRC64 */ crc = crc64(0,(unsigned char*)payload->io.buffer.ptr, sdslen(payload->io.buffer.ptr)); memrev64ifbe(&crc); payload->io.buffer.ptr = sdscatlen(payload->io.buffer.ptr,&crc,8); } /* Verify that the RDB version of the dump payload matches the one of this Redis * instance and that the checksum is ok. * If the DUMP payload looks valid REDIS_OK is returned, otherwise REDIS_ERR * is returned. */ int verifyDumpPayload(unsigned char *p, size_t len) { unsigned char *footer; uint16_t rdbver; uint64_t crc; /* At least 2 bytes of RDB version and 8 of CRC64 should be present. */ if (len < 10) return REDIS_ERR; footer = p+(len-10); /* Verify RDB version */ rdbver = (footer[1] << 8) | footer[0]; if (rdbver != REDIS_RDB_VERSION) return REDIS_ERR; /* Verify CRC64 */ crc = crc64(0,p,len-8); memrev64ifbe(&crc); return (memcmp(&crc,footer+2,8) == 0) ? REDIS_OK : REDIS_ERR; } /* DUMP keyname * DUMP is actually not used by Redis Cluster but it is the obvious * complement of RESTORE and can be useful for different applications. */ void dumpCommand(redisClient *c) { robj *o, *dumpobj; rio payload; /* Check if the key is here. */ if ((o = lookupKeyRead(c->db,c->argv[1])) == NULL) { addReply(c,shared.nullbulk); return; } /* Create the DUMP encoded representation. */ createDumpPayload(&payload,o); /* Transfer to the client */ dumpobj = createObject(REDIS_STRING,payload.io.buffer.ptr); addReplyBulk(c,dumpobj); decrRefCount(dumpobj); return; } /* RESTORE key ttl serialized-value [REPLACE] */ void restoreCommand(redisClient *c) { long ttl; rio payload; int j, type, replace = 0; robj *obj; /* Parse additional options */ for (j = 4; j < c->argc; j++) { if (!strcasecmp(c->argv[j]->ptr,"replace")) { replace = 1; } else { addReply(c,shared.syntaxerr); return; } } /* Make sure this key does not already exist here... */ if (!replace && lookupKeyWrite(c->db,c->argv[1]) != NULL) { addReplyError(c,"Target key name is busy."); return; } /* Check if the TTL value makes sense */ if (getLongFromObjectOrReply(c,c->argv[2],&ttl,NULL) != REDIS_OK) { return; } else if (ttl < 0) { addReplyError(c,"Invalid TTL value, must be >= 0"); return; } /* Verify RDB version and data checksum. */ if (verifyDumpPayload(c->argv[3]->ptr,sdslen(c->argv[3]->ptr)) == REDIS_ERR) { addReplyError(c,"DUMP payload version or checksum are wrong"); return; } rioInitWithBuffer(&payload,c->argv[3]->ptr); if (((type = rdbLoadObjectType(&payload)) == -1) || ((obj = rdbLoadObject(type,&payload)) == NULL)) { addReplyError(c,"Bad data format"); return; } /* Remove the old key if needed. */ if (replace) dbDelete(c->db,c->argv[1]); /* Create the key and set the TTL if any */ dbAdd(c->db,c->argv[1],obj); if (ttl) setExpire(c->db,c->argv[1],mstime()+ttl); signalModifiedKey(c->db,c->argv[1]); addReply(c,shared.ok); server.dirty++; } /* MIGRATE socket cache implementation. * * We take a map between host:ip and a TCP socket that we used to connect * to this instance in recent time. * This sockets are closed when the max number we cache is reached, and also * in serverCron() when they are around for more than a few seconds. */ #define MIGRATE_SOCKET_CACHE_ITEMS 64 /* max num of items in the cache. */ #define MIGRATE_SOCKET_CACHE_TTL 10 /* close cached socekts after 10 sec. */ typedef struct migrateCachedSocket { int fd; time_t last_use_time; } migrateCachedSocket; /* Return a TCP scoket connected with the target instance, possibly returning * a cached one. * * This function is responsible of sending errors to the client if a * connection can't be established. In this case -1 is returned. * Otherwise on success the socket is returned, and the caller should not * attempt to free it after usage. * * If the caller detects an error while using the socket, migrateCloseSocket() * should be called so that the connection will be craeted from scratch * the next time. */ int migrateGetSocket(redisClient *c, robj *host, robj *port, long timeout) { int fd; sds name = sdsempty(); migrateCachedSocket *cs; /* Check if we have an already cached socket for this ip:port pair. */ name = sdscatlen(name,host->ptr,sdslen(host->ptr)); name = sdscatlen(name,":",1); name = sdscatlen(name,port->ptr,sdslen(port->ptr)); cs = dictFetchValue(server.migrate_cached_sockets,name); if (cs) { sdsfree(name); cs->last_use_time = server.unixtime; return cs->fd; } /* No cached socket, create one. */ if (dictSize(server.migrate_cached_sockets) == MIGRATE_SOCKET_CACHE_ITEMS) { /* Too many items, drop one at random. */ dictEntry *de = dictGetRandomKey(server.migrate_cached_sockets); cs = dictGetVal(de); close(cs->fd); zfree(cs); dictDelete(server.migrate_cached_sockets,dictGetKey(de)); } /* Create the socket */ fd = anetTcpNonBlockConnect(server.neterr,c->argv[1]->ptr, atoi(c->argv[2]->ptr)); if (fd == -1) { sdsfree(name); addReplyErrorFormat(c,"Can't connect to target node: %s", server.neterr); return -1; } anetEnableTcpNoDelay(server.neterr,fd); /* Check if it connects within the specified timeout. */ if ((aeWait(fd,AE_WRITABLE,timeout) & AE_WRITABLE) == 0) { sdsfree(name); addReplySds(c,sdsnew("-IOERR error or timeout connecting to the client\r\n")); close(fd); return -1; } /* Add to the cache and return it to the caller. */ cs = zmalloc(sizeof(*cs)); cs->fd = fd; cs->last_use_time = server.unixtime; dictAdd(server.migrate_cached_sockets,name,cs); return fd; } /* Free a migrate cached connection. */ void migrateCloseSocket(robj *host, robj *port) { sds name = sdsempty(); migrateCachedSocket *cs; name = sdscatlen(name,host->ptr,sdslen(host->ptr)); name = sdscatlen(name,":",1); name = sdscatlen(name,port->ptr,sdslen(port->ptr)); cs = dictFetchValue(server.migrate_cached_sockets,name); if (!cs) { sdsfree(name); return; } close(cs->fd); zfree(cs); dictDelete(server.migrate_cached_sockets,name); sdsfree(name); } void migrateCloseTimedoutSockets(void) { dictIterator *di = dictGetSafeIterator(server.migrate_cached_sockets); dictEntry *de; while((de = dictNext(di)) != NULL) { migrateCachedSocket *cs = dictGetVal(de); if ((server.unixtime - cs->last_use_time) > MIGRATE_SOCKET_CACHE_TTL) { close(cs->fd); zfree(cs); dictDelete(server.migrate_cached_sockets,dictGetKey(de)); } } dictReleaseIterator(di); } /* MIGRATE host port key dbid timeout [COPY | REPLACE] */ void migrateCommand(redisClient *c) { int fd, copy, replace, j; long timeout; long dbid; long long ttl, expireat; robj *o; rio cmd, payload; int retry_num = 0; try_again: /* Initialization */ copy = 0; replace = 0; ttl = 0; /* Parse additional options */ for (j = 6; j < c->argc; j++) { if (!strcasecmp(c->argv[j]->ptr,"copy")) { copy = 1; } else if (!strcasecmp(c->argv[j]->ptr,"replace")) { replace = 1; } else { addReply(c,shared.syntaxerr); return; } } /* Sanity check */ if (getLongFromObjectOrReply(c,c->argv[5],&timeout,NULL) != REDIS_OK) return; if (getLongFromObjectOrReply(c,c->argv[4],&dbid,NULL) != REDIS_OK) return; if (timeout <= 0) timeout = 1000; /* Check if the key is here. If not we reply with success as there is * nothing to migrate (for instance the key expired in the meantime), but * we include such information in the reply string. */ if ((o = lookupKeyRead(c->db,c->argv[3])) == NULL) { addReplySds(c,sdsnew("+NOKEY\r\n")); return; } /* Connect */ fd = migrateGetSocket(c,c->argv[1],c->argv[2],timeout); if (fd == -1) return; /* error sent to the client by migrateGetSocket() */ /* Create RESTORE payload and generate the protocol to call the command. */ rioInitWithBuffer(&cmd,sdsempty()); redisAssertWithInfo(c,NULL,rioWriteBulkCount(&cmd,'*',2)); redisAssertWithInfo(c,NULL,rioWriteBulkString(&cmd,"SELECT",6)); redisAssertWithInfo(c,NULL,rioWriteBulkLongLong(&cmd,dbid)); expireat = getExpire(c->db,c->argv[3]); if (expireat != -1) { ttl = expireat-mstime(); if (ttl < 1) ttl = 1; } redisAssertWithInfo(c,NULL,rioWriteBulkCount(&cmd,'*',replace ? 5 : 4)); if (server.cluster_enabled) redisAssertWithInfo(c,NULL, rioWriteBulkString(&cmd,"RESTORE-ASKING",14)); else redisAssertWithInfo(c,NULL,rioWriteBulkString(&cmd,"RESTORE",7)); redisAssertWithInfo(c,NULL,c->argv[3]->encoding == REDIS_ENCODING_RAW); redisAssertWithInfo(c,NULL,rioWriteBulkString(&cmd,c->argv[3]->ptr,sdslen(c->argv[3]->ptr))); redisAssertWithInfo(c,NULL,rioWriteBulkLongLong(&cmd,ttl)); /* Emit the payload argument, that is the serialized object using * the DUMP format. */ createDumpPayload(&payload,o); redisAssertWithInfo(c,NULL,rioWriteBulkString(&cmd,payload.io.buffer.ptr, sdslen(payload.io.buffer.ptr))); sdsfree(payload.io.buffer.ptr); /* Add the REPLACE option to the RESTORE command if it was specified * as a MIGRATE option. */ if (replace) redisAssertWithInfo(c,NULL,rioWriteBulkString(&cmd,"REPLACE",7)); /* Transfer the query to the other node in 64K chunks. */ errno = 0; { sds buf = cmd.io.buffer.ptr; size_t pos = 0, towrite; int nwritten = 0; while ((towrite = sdslen(buf)-pos) > 0) { towrite = (towrite > (64*1024) ? (64*1024) : towrite); nwritten = syncWrite(fd,buf+pos,towrite,timeout); if (nwritten != (signed)towrite) goto socket_wr_err; pos += nwritten; } } /* Read back the reply. */ { char buf1[1024]; char buf2[1024]; /* Read the two replies */ if (syncReadLine(fd, buf1, sizeof(buf1), timeout) <= 0) goto socket_rd_err; if (syncReadLine(fd, buf2, sizeof(buf2), timeout) <= 0) goto socket_rd_err; if (buf1[0] == '-' || buf2[0] == '-') { addReplyErrorFormat(c,"Target instance replied with error: %s", (buf1[0] == '-') ? buf1+1 : buf2+1); } else { robj *aux; if (!copy) { /* No COPY option: remove the local key, signal the change. */ dbDelete(c->db,c->argv[3]); signalModifiedKey(c->db,c->argv[3]); } addReply(c,shared.ok); server.dirty++; /* Translate MIGRATE as DEL for replication/AOF. */ aux = createStringObject("DEL",3); rewriteClientCommandVector(c,2,aux,c->argv[3]); decrRefCount(aux); } } sdsfree(cmd.io.buffer.ptr); return; socket_wr_err: sdsfree(cmd.io.buffer.ptr); migrateCloseSocket(c->argv[1],c->argv[2]); if (errno != ETIMEDOUT && retry_num++ == 0) goto try_again; addReplySds(c, sdsnew("-IOERR error or timeout writing to target instance\r\n")); return; socket_rd_err: sdsfree(cmd.io.buffer.ptr); migrateCloseSocket(c->argv[1],c->argv[2]); if (errno != ETIMEDOUT && retry_num++ == 0) goto try_again; addReplySds(c, sdsnew("-IOERR error or timeout reading from target node\r\n")); return; } /* The ASKING command is required after a -ASK redirection. * The client should issue ASKING before to actually send the command to * the target instance. See the Redis Cluster specification for more * information. */ void askingCommand(redisClient *c) { if (server.cluster_enabled == 0) { addReplyError(c,"This instance has cluster support disabled"); return; } c->flags |= REDIS_ASKING; addReply(c,shared.ok); } /* ----------------------------------------------------------------------------- * Cluster functions related to serving / redirecting clients * -------------------------------------------------------------------------- */ /* Return the pointer to the cluster node that is able to serve the command. * For the function to succeed the command should only target a single * key (or the same key multiple times). * * If the returned node should be used only for this request, the *ask * integer is set to '1', otherwise to '0'. This is used in order to * let the caller know if we should reply with -MOVED or with -ASK. * * If the command contains multiple keys, and as a consequence it is not * possible to handle the request in Redis Cluster, NULL is returned. */ clusterNode *getNodeByQuery(redisClient *c, struct redisCommand *cmd, robj **argv, int argc, int *hashslot, int *ask) { clusterNode *n = NULL; robj *firstkey = NULL; multiState *ms, _ms; multiCmd mc; int i, slot = 0; /* We handle all the cases as if they were EXEC commands, so we have * a common code path for everything */ if (cmd->proc == execCommand) { /* If REDIS_MULTI flag is not set EXEC is just going to return an * error. */ if (!(c->flags & REDIS_MULTI)) return server.cluster->myself; ms = &c->mstate; } else { /* In order to have a single codepath create a fake Multi State * structure if the client is not in MULTI/EXEC state, this way * we have a single codepath below. */ ms = &_ms; _ms.commands = &mc; _ms.count = 1; mc.argv = argv; mc.argc = argc; mc.cmd = cmd; } /* Check that all the keys are the same key, and get the slot and * node for this key. */ for (i = 0; i < ms->count; i++) { struct redisCommand *mcmd; robj **margv; int margc, *keyindex, numkeys, j; mcmd = ms->commands[i].cmd; margc = ms->commands[i].argc; margv = ms->commands[i].argv; keyindex = getKeysFromCommand(mcmd,margv,margc,&numkeys, REDIS_GETKEYS_ALL); for (j = 0; j < numkeys; j++) { if (firstkey == NULL) { /* This is the first key we see. Check what is the slot * and node. */ firstkey = margv[keyindex[j]]; slot = keyHashSlot((char*)firstkey->ptr, sdslen(firstkey->ptr)); n = server.cluster->slots[slot]; redisAssertWithInfo(c,firstkey,n != NULL); } else { /* If it is not the first key, make sure it is exactly * the same key as the first we saw. */ if (!equalStringObjects(firstkey,margv[keyindex[j]])) { getKeysFreeResult(keyindex); return NULL; } } } getKeysFreeResult(keyindex); } if (ask) *ask = 0; /* This is the default. Set to 1 if needed later. */ /* No key at all in command? then we can serve the request * without redirections. */ if (n == NULL) return server.cluster->myself; if (hashslot) *hashslot = slot; /* This request is about a slot we are migrating into another instance? * Then we need to check if we have the key. If we have it we can reply. * If instead is a new key, we pass the request to the node that is * receiving the slot. */ if (n == server.cluster->myself && server.cluster->migrating_slots_to[slot] != NULL) { if (lookupKeyRead(&server.db[0],firstkey) == NULL) { if (ask) *ask = 1; return server.cluster->migrating_slots_to[slot]; } } /* Handle the case in which we are receiving this hash slot from * another instance, so we'll accept the query even if in the table * it is assigned to a different node, but only if the client * issued an ASKING command before. */ if (server.cluster->importing_slots_from[slot] != NULL && (c->flags & REDIS_ASKING || cmd->flags & REDIS_CMD_ASKING)) { return server.cluster->myself; } /* It's not a -ASK case. Base case: just return the right node. */ return n; }