object: Separate API for node-to-node replication #280
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,6 +8,7 @@ option csharp_namespace = "Neo.FileStorage.API.Object"; | |
| import "object/types.proto"; | ||
| import "refs/types.proto"; | ||
| import "session/types.proto"; | ||
| import "status/types.proto"; | ||
|
|
||
| // `ObjectService` provides API for manipulating objects. Object operations do | ||
| // not affect the sidechain and are only served by nodes in p2p style. | ||
|
|
@@ -218,6 +219,23 @@ service ObjectService { | |
| // - **TOKEN_EXPIRED** (4097, SECTION_SESSION): \ | ||
| // provided session token has expired. | ||
| rpc GetRangeHash(GetRangeHashRequest) returns (GetRangeHashResponse); | ||
|
|
||
| // Save replica of the object on the NeoFS storage node. Both client and | ||
| // server must authenticate NeoFS storage nodes matching storage policy of | ||
| // the container referenced by the replicated object. Thus, this operation is | ||
| // purely system: regular users should not pay attention to it but use Put. | ||
| // | ||
| // Statuses: | ||
| // - **OK** (0, SECTION_SUCCESS): \ | ||
| // the object has been successfully replicated; | ||
| // - **INTERNAL_SERVER_ERROR** (1024, SECTION_FAILURE_COMMON): \ | ||
| // internal server error described in the text message; | ||
| // - **ACCESS_DENIED** (2048, SECTION_OBJECT): \ | ||
| // the client does not authenticate any NeoFS storage node matching storage | ||
| // policy of the container referenced by the replicated object | ||
| // - **CONTAINER_NOT_FOUND** (3072, SECTION_CONTAINER): \ | ||
| // the container to which the replicated object is associated was not found. | ||
| rpc Replicate(ReplicateRequest) returns (ReplicateResponse); | ||
| } | ||
|
|
||
| // GET object request | ||
|
|
@@ -688,3 +706,19 @@ message GetRangeHashResponse { | |
| // transmission. | ||
| neo.fs.v2.session.ResponseVerificationHeader verify_header = 3; | ||
| } | ||
|
|
||
| // Replicate RPC request | ||
| message ReplicateRequest { | ||
| // Object to be replicated. | ||
| neo.fs.v2.object.Object object = 1; | ||
|
|
||
| // Signature of all other request fields serialized in Protocol Buffers v3 | ||
| // format in ascending order of fields. | ||
| neo.fs.v2.refs.Signature signature = 2; | ||
| } | ||
|
|
||
| // Replicate RPC response | ||
| message ReplicateResponse { | ||
| // Operation execution status with one of the enumerated codes. | ||
| neo.fs.v2.status.Status status = 1; | ||
|
There was a problem hiding this comment. I like the simplicity of it, but this breaks https://github.com/nspcc-dev/neofs-sdk-go/blob/master/client/response.go and associated code around it. Does it affect integration? There was a problem hiding this comment. nope, integration is ok cuz this is purely new functionality. If protocol doesnt require signature (if we keep the current status-only response), then applications must not too the only tricky thing i see is #201 (comment), but there are app-side workarounds the main thing for us is to think carefully about whether we need a signature from the protocol pov. And ofc, when in doubt, it is better to add it and then make it optional, because further additions must be optional for the backward compat sake. But, at the same time, the benefits are questionable while the resource costs are real im leaning more towards the option without a signature as more efficient, but I'm not completely sure yet. Share ur thoughts pls @roman-khimov @carpawell There was a problem hiding this comment. Signatures make some sense for insecure connections or for rerouted messages, but for TLS-enabled 1:1 calls they're irrelevant. And then there is also some benefit in having insecure unsigned option for fast communication over known good channels. So if this inconsistency is not an obstacle, we better go without signatures. Now for the other data like epochs, is it important for us to get it with every reply? I doubt that, but maybe I'm missing something. This data costs nothing to transmit/receive. There was a problem hiding this comment. same thoughts about transport security. Can we spread this to requests also? In proposed changes, replication requests are signed while responses are not
absolutely not. For me, this is redundancy useful for a narrow set of tasks (mostly system ones), which should not be unconditionally transferred. I see the behavior: if client set flag in the request, epoch/smth will be returned, not by default. Although the amount of data like epoch is insignificant, it is still pointless to transfer it when not needed by the client There was a problem hiding this comment. i think a signature absence is acceptable for a system-only RPC response |
||
| } | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i would say it is an incorrect comment now. i see
Status, no enumeration