-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Route key requests to federation senders #15121
Conversation
async def _fetch_keys( | ||
self, keys_to_fetch: List[_FetchKeyRequest] | ||
) -> Dict[str, Dict[str, FetchKeyResult]]: | ||
# For simplicity's sake, pick a random federation sender |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we would want to choose the same federation sender that's talking to that instance? 🤷
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's what I thought, but federation_shard_config
is a ShardedWorkerHandlingConfig
rather than a class RoutableShardedWorkerHandlingConfig
; only the latter defines get_instance
publicly.
Personally I find this all incomprehensible.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My reading of it is that if all workers have the same federation_sender_instances
config, then federation_shard_config
can be upgraded to a RoutableShardedWorkerHandlingConfig
, since all workers will route requests the same way.
@@ -0,0 +1 @@ | |||
Route remote key requests via federation senders. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(As I've left this comment on #15133 and #15134 I should just copy it here...)
I think we also need to update:
docker/configure_workers_and_start.py
so complement uses this- https://github.com/matrix-org/sytest/blob/d1c931af1179848526d323f3955a9f21f81d600f/lib/SyTest/Homeserver/Synapse.pm#L1257 so sytest uses this.
docs/workers.md
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The upgrade notes will need amending too; I think federation senders will need to be declared in the instance_map
.
This will help to break an import cycle
So I can call it from federation senders
37c633b
to
615c55f
Compare
615c55f
to
8f5f5f8
Compare
8f5f5f8
to
4e3d2e8
Compare
This should now be working well enough to start review. I have one outstanding concern. If this change lands as-is, every worker that can possibly need to fetch keys will need an entry for the We could add a config option e.g. a) I am loathe to any new config option. Indeed, that's why I chose to exfiltrate these requests via federation senders rather than add some new complex worker class/role. b) There is likely to be future traffic that we might want to route to the external internet via federation senders only; so we would probably end up adding similar config options to Could use input from the team to make that call: @matrix-org/synapse-core
|
I would favor an option, but it would be nice to make it generic. Something like |
My two cents is that it makes more sense to just do the second option: it means confusion and annoyance in the short term while everyone gets up to speed, rather than the endless confusion and annoyance that results from a continuously expanding and complex-ifying config. |
e3ccb15
to
3452c2a
Compare
There are some unit tests that need fixing up. I would like us to decide how to proceed on this (config option or not) before fixing that up. I'll chase up on Monday. |
I'm in several minds about this. I'm not mad keen about the faff of ensuring that everyone has correctly set up their OTOH, I'm not really that keen with this approach. It feels like we're going to play whack-a-mole with lots of the federation requests, rather than take a more systematic approach. I wonder if we should take this opportunity to go down a "federation proxy" route, either as an external util or as a dedicated config option |
So, what, something like this?
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks alright functionally.
Server admins having to update their config sounds like a lot of faff. The alternative of making it an option isn't great either. It sounded like we're exploring whether we can make a federation proxy as an alternative to this PR, is that right?
instance_map: | ||
- federation_sender1: | ||
- host: localhost | ||
- port: 1001 | ||
- federation_sender2: | ||
- host: localhost | ||
- port: 1002 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
instance_map: | |
- federation_sender1: | |
- host: localhost | |
- port: 1001 | |
- federation_sender2: | |
- host: localhost | |
- port: 1002 | |
instance_map: | |
- federation_sender1: | |
- host: localhost | |
- port: 1001 | |
- federation_sender2: | |
- host: localhost | |
- port: 1002 |
async def _fetch_keys( | ||
self, keys_to_fetch: List[_FetchKeyRequest] | ||
) -> Dict[str, Dict[str, FetchKeyResult]]: | ||
# For simplicity's sake, pick a random federation sender |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My reading of it is that if all workers have the same federation_sender_instances
config, then federation_shard_config
can be upgraded to a RoutableShardedWorkerHandlingConfig
, since all workers will route requests the same way.
We would normally return a group of FetchKeyResponse structs like the | ||
normal code path does, but FetchKeyResponse holds a nacl.signing.VerifyKey | ||
which is not JSON-serialisable. Instead, for each requested key we respond | ||
with a boolean: `true` meaning we fetched this key, and `false` meaning we | ||
didn't. | ||
|
||
The response takes the form: | ||
|
||
200 OK | ||
{ | ||
"fetched_count": 1 | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are these comments still accurate? I can't figure out what the endpoint returns just from the code below, but it doesn't seem to match the comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, I think I had iterated since then and not updated the comment.
That's right. Let me close this. |
Fixes #14805, which says:
(emphasis mine).
I am loathe to add a config option for this; I have chosen to route all key requests via federation senders.