server: rework the layout of HTTP APIs #55947

knz · 2020-10-24T22:07:53Z

This issue is an "epic" that describes what we are aiming for through the 21.1 cycle and beyond.

Summary: in v21.1 we are going to:

sunset the /_admin/v1, and /_status URL prefixes for consumption by end-users. In particular /_status will be eventually removed e.g. in v21.2.
instead, introduce a new /api/v2 URL prefix under which all public services will be available. From then on, all API additions for end-users will go under /api and follow our general API versioning rules. It will be possible for multiple versions to co-exist side-by-side to offer forward and backward compatibility to clients.
The Admin UI will continue to get all the information it needs under /_admin which will not be versioned and will evolve in lock-step with the UI code, for simplicity by CockroachDB developers. There will be no guarantees offered to external users about the behavior of /_admin. We will also migrate anything under /_status and /debug used by the admin UI to live under /_admin.
if a service is useful to both the admin UI and end-users, then it will have two URLs: one under /api and one under /_admin. Only the former will be public and documented.
/debug will continue to be a special "anything goes" so that CockroachDB developers can quickly add or change troubleshooting endpoints there. However, any debug endpoint useful for the admin UI will also have an entry point under /_admin and any debug endpoint with value to end-users will need to be "promoted" under the /api tree.
/health will also continue to be special and will not change URLs nor behavior in this cycle. However, we're going to attempt to pull it out of mandatory TLS, so that non-TLS HTTP clients can check health too. (This is a separate project)

Internal changes

We acknowledge that all our HTTP APIs today are also not used internally by RPC clients inside CockroachDB; and conversely all RPC services are otherwise not used by HTTP clients. Therefore:

we are going to bring all the current server methods for HTTP endpoints under a HTTP server directly.
we are going to disconnect the RPC services from the gRPC-HTTP gateway.

This will greatly reduce the complexity of the server code, and also ensure that our RPC and HTTP authentication mechanisms are clearly separate.

Then at a later phase (see separate issue TBD) connect the SQL layer to the (new) HTTP methods via the new HTTP-over-SQL gateway (new project/component).

Possible strategy (needs to be discussed / refined further)

add a "native" Go http method dispatcher to the server code.
exercise step (1) by seeding the /api/v1 tree with just a few of the APIs we already know are popular and need to be provided:
- list of nodes in cluster
- list of hot ranges
concurrently with steps 1 and 2, adapt the admin UI client code to only query endpoints under /_admin (i.e. bring all uses of /_status under /_admin, and add URL aliases accordingly
concurrently with steps 1-3, initiate a documentation project with docs to explain this transition
fix issue server: introduce versioning and pagination in the HTTP APIs #54022 for the few new APIs in step (2) by creating example pagination and some Go code skeletons that all future API additions can follow / reuse for pagination.
exercise (5) by incrementally adding more complex APIs to check that the pagination is robust. Starting with:
- list of jobs
- list of log entries
concurrently with (3)-(6) work on the new HTTP-over-SQL gateway so that SQL code can also query the public APIs.

Related wiki pages:

API Design guidelines (needs to be made public eventually)
HTTP-over-SQL gateway (needs to be made public eventually)

Related github issues:

server, ui: Merge Admin and Status endpoints server, ui: Merge Admin and Status endpoints #24989
server: introduce versioning and pagination in the HTTP APIs server: introduce versioning and pagination in the HTTP APIs #54022
server: the HotRangesResponse contains raw RangeDescriptors with sensitive data server: the HotRangesResponse contains raw RangeDescriptors with sensitive data #53212

Jira issue: CRDB-3609

The text was updated successfully, but these errors were encountered:

blathers-crl · 2020-10-24T22:07:55Z

Hi @knz, I've guessed the C-ategory of your issue and suitably labeled it. Please re-label if inaccurate.

While you're here, please consider adding an A- label to help keep our repository tidy.

_{🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is otan.}

knz · 2020-10-24T22:10:07Z

@bdarnell this issue reflects what we talked about last week.

@itsbilal as you have expressed interest in this, I'd ask you to review the issue, check whether the overall direction makes sense, and whether you have any improvements to the proposed plan. If it all makes sense, then I'd encourage you to file more fined grained issues that identify the individual steps we'd need to carry out, and for each of them describe the specific direct outcomes we're expecting (so that it's clear when we can close the issue).

knz · 2020-10-24T22:12:53Z

@taroface I encourage you too to look at the "summary" at the top of this issue, as it follows up on the initiatives in the Dev Interfaces team and suggests how we're going to move forward. If you have any suggestions about UX for end-users, we'll take them too.

…oints This change adds the skeleton for a new API tree that lives in `/api/v2/` in the http listener, and currently reimplements a few endpoints that are also implemented in `/_status/`. The new v2 API tree avoids the need to use GRPC Gateway, as well as cookie-based authentication which is less intuitive and idiomatic for REST APIs. Instead, for authentication, it uses a new session header that needs to be set on every request. As many RPC fan-out APIs use statusServer.iterateNodes, this change implements a pagination-aware method, paginatedIterateNodes, that works on a sorted set of node IDs and arranges results in such a way to be able to return the next `limit` results of an arbitary slice after the `next` cursor passed in. An example of how this works in practice is the new `/api/v2/sessions/` endpoint. A dependency on gorilla/mux is added to be able to pattern-match arguments in the URL. This was already an indirect dependency; now it's a direct dependency of cockroach. TODO that are likely to fall over into future PRs: - API Documentation, need to explore using swagger here. - Porting over remaining /_admin/ and /_status/ APIs, incl. SQL based ones Part of cockroachdb#55947. Release note (api change): Adds a new API tree, in /api/v2/*, currently undocumented, that avoids the use of and cookie-based authentication in favour of sessions in headers, and support for pagination.

…point This change adds the skeleton for a new API tree that lives in `/api/v2/` in the http listener, and currently reimplements the `/sessions/` endpoint that is also implemented in `/_status/`. The new v2 API tree avoids the need to use GRPC Gateway, as well as cookie-based authentication which is less intuitive and idiomatic for REST APIs. Instead, for authentication, it uses a new session header that needs to be set on every request. As many RPC fan-out APIs use statusServer.iterateNodes, this change implements a pagination-aware method, paginatedIterateNodes, that works on a sorted set of node IDs and arranges results in such a way to be able to return the next `limit` results of an arbitary slice after the `next` cursor passed in. An example of how this works in practice is the new `/api/v2/sessions/` endpoint. A dependency on gorilla/mux is added to be able to pattern-match arguments in the URL. This was already an indirect dependency; now it's a direct dependency of cockroach. TODO that are likely to fall over into future PRs: - API Documentation, need to explore using swagger here. - Porting over remaining /_admin/ and /_status/ APIs, incl. SQL based ones Part of cockroachdb#55947. Release note (api change): Adds a new API tree, in /api/v2/*, currently undocumented, that avoids the use of and cookie-based authentication in favour of sessions in headers, and support for pagination.

58436: server: add /api/v2/ tree with auth/pagination, port listSessions endpoint r=itsbilal a=itsbilal This change adds the skeleton for a new API tree that lives in `/api/v2/` in the http listener, and currently reimplements the `/sessions/` endpoint that is also implemented in `/_status/`. The new v2 API tree avoids the need to use GRPC Gateway, as well as cookie-based authentication which is less intuitive and idiomatic for REST APIs. Instead, for authentication, it uses a new session header that needs to be set on every request. As many RPC fan-out APIs use statusServer.iterateNodes, this change implements a pagination-aware method, paginatedIterateNodes, that works on a sorted set of node IDs and arranges results in such a way to be able to return the next `limit` results of an arbitary slice after the `next` cursor passed in. An example of how this works in practice is the new `/api/v2/sessions/` endpoint. A dependency on gorilla/mux is added to be able to pattern-match arguments in the URL. This was already an indirect dependency; now it's a direct dependency of cockroach. TODO that are likely to fall over into future PRs: - API Documentation, need to explore using swagger here. - Porting over remaining /_admin/ and /_status/ APIs, incl. SQL based ones Part of #55947. Release note (api change): Adds a new API tree, in /api/v2/*, currently undocumented, that avoids the use of and cookie-based authentication in favour of sessions in headers, and support for pagination. 58906: sql: improve interface for injecting descriptors into internal executor r=lucy-zhang a=lucy-zhang As part of validating new schema elements (unique indexes, constraints) in the schema changer, we inject in-memory descriptors to be used by the internal executor that are never written to disk. This is currently done by creating an entirely new dummy `descs.Collection` and adding the injected descriptors as uncommitted descriptors, and then setting this collection as the `tcModifier` on the internal executor. Then all subsequent queries using the internal executor, which each get their own child `connExecutor` and `descs.Collection`, will have their collection's uncommitted descriptors replaced by the ones in the dummy collection. This commit introduces the concept of a "synthetic descriptor" to refer to these injected descriptors, and slightly improves the interface in two ways: 1. Instead of creating a new `descs.Collection` to hold synthetic descriptors to copy, we now just use a slice of `catalog.Descriptor`s. 2. Synthetic descriptors are now made explicit in the `descs.Collection` and precede uncommitted descriptors when resolving immutable descriptors. Resolving these descriptors mutably is now illegal and will return an assertion error. This commit doesn't change the fact that the synthetic descriptors to be injected into each query/statement's child `descs.Collection` are set on the internal executor itself. This is still not threadsafe. It would make more sense for these descriptors to be scoped at the level of individual queries. Related to #34304. Release note: None 59258: changefeedccl: Freeze table name to the (optionally fully qualified) statement time name r=[miretskiy] a=HonoreDB Previously, Kafka topics and top-level keys were always derived from the table name in changefeeds. If the table name changed, the feed eventually failed, and if the table name was non-unique across databases, collisions were unavoidable. This PR adds a WITH full_table_name option to changefeeds, and honors it by serializing movr.public.drivers as the statement time name and relying on that. There are probably more things that need to change downstream. Release note (sql change): Added "WITH full_table_name" option to create a changefeed on "movr.public.drivers" instead of "drivers". 59281: sql: prevent DROP SCHEMA CASCADE from droping types with references r=ajwerner a=ajwerner Before this patch, a DROP SCHEMA CASCADE could cause database corruption by dropping types which were referenced by other tables. This would lead to bad errors like: ``` ERROR: object already exists: desc 687: type ID 685 in descriptor not found: descriptor not found SQLSTATE: 42710 ``` And doctor errors like: ``` Table 687: ParentID 50, ParentSchemaID 29, Name 't': type ID 685 in descriptor not found: descriptor not found ``` Fixes #59021. Release note (bug fix): Fixed a bug where `DROP SCHEMA ... CASCADE` could result in types which are referenced being dropped. 59591: sql: hook up multi-region DDL to new zone config attributes r=aayushshah15 a=aayushshah15 After the introduction of #57184, we can constrain voting replicas separately from non-voting replicas using the new attributes `num_voters` and `voter_constraints`. This commit connects our multi-region DDL statements to leverage these new attributes. Broadly speaking, - The existing `constraints` and `num_replicas` fields are set at the database level, to be inherited by table/partition level zone configs. - The new attributes: `num_voters` and `voter_constraints` (along with accompanying `lease_preferences` for these voters) are set at the table/partition level. This brings the implementation of these DDL statements inline with the functional specfication. Fixes #57663 Release note: None 59659: sql: fix bug preventing adding FKs referencing hidden columns r=lucy-zhang a=lucy-zhang The validation query for adding foreign keys had a pointless `SELECT *` on the referenced table that caused hidden columns to be omitted, so attempting to add foreign key constraints referencing hidden columns would fail. This PR fixes the query. Fixes #59582. Release note (bug fix): Fixed a bug preventing foreign key constraints referencing hidden columns (e.g., `rowid`) from being added. Co-authored-by: Bilal Akhtar <[email protected]> Co-authored-by: Lucy Zhang <[email protected]> Co-authored-by: Aaron Zinger <[email protected]> Co-authored-by: Andrew Werner <[email protected]> Co-authored-by: Aayush Shah <[email protected]>

60744: sql: drop default value when its dependent sequence is dropped r=the-ericwang35 a=the-ericwang35 Fixes #51889 and #20965. Previously, we did not support `DROP SEQUENCE ... CASCADE`, and we simply disallowed dropping sequences that have usages by tables when a user tries to drop a sequence. However, we did not make this check when doing `DROP DATABASE/SCHEMA ... CASCADE`. As a result, if a sequence is used by a table in a different database/schema, we end up dropping a sequence that the table still relies on, resulting in a corrupted default expression. This patch addresses this issue by implementing `DROP SCHEMA ... CASCADE`, which solves the above issue. When we drop anything that contains/owns a sequence with `CASCADE`, we drop those sequences as if `DROP SCHEMA ... CASCADE` was called on them, which prevents the `DEFAULT` expressions from being corrupted, and also allows users to use `DROP SEQUENCE ... CASCADE. `DROP SEQUENCE ... CASCADE` behaves as in Postgres, wherein any default expressions that rely on the dropped sequences are also dropped. Release note (bug fix): Fixed a bug which could result in corrupted descriptors when dropping a database which contains a sequence that was referenced from another database. Release note (bug fix): Fixed a bug where DROP SEQUENCE CASCADE would not properly remove references to itself from table default expressions. Release note (sql change): Added support for dropping a table which owns a sequence. Release justification: low risk bug fix for existing functionality 60952: server: Migrate nodes, {hot-,}ranges, health endpoints to v2 API r=knz a=itsbilal This change adds API v2 compatible versions of the node list, range info per node, ranges info across nodes, hot ranges, and health endpoints. These endpoints all support API v2 header-based authentication, pagination (if applicable), and only return relevant information in the response payloads. One part of #55947. Release note (api change): Add these new HTTP API endpoints: - `/api/v2/nodes/`: Lists all nodes in the cluster - `/api/v2/nodes/<node_id>/ranges`: Lists all ranges on the specified node - `/api/v2/ranges/hot/`: Lists hot ranges in the cluster - `/api/v2/ranges/<range_id>/`: Describes range in more detail - `/api/v2/health/`: Returns an HTTP 200 response if node is healthy. Release justification: Adds more HTTP API endpoints in parallel that do not touch existing code. Co-authored-by: Eric Wang <[email protected]> Co-authored-by: Bilal Akhtar <[email protected]>

This commit adds go-swagger annotations for API v2 endpoints, so that the swagger spec and by extension docs can be generated as part of `make generate`. Due to a limitation in go-swagger, the only map key type that's supported for swagger models is string, so some maps had to be modified to use that type instead. Part of cockroachdb#55947 , and the docs story around it. Release note (general change): Add docs for api v2 endpoints.

62506: sql: fix insert fast path when columns are not in order r=RaduBerinde a=RaduBerinde The insert fast path assumes that the input columns are in the right order. This is the case in practice in the common case when we provide values for all columns; but it is not the case when we provide a subset of columns. This results in the fast path not being used when it should. The fix is to permute the columns after we build the values matrix. Fixes #62270. Release note: None 62560: *: Build APIv2 spec using go-swagger, annotate endpoints r=knz a=itsbilal This change adds a dependency on `go-swagger/go-swagger`, and uses it as part of `make generate` to regenerate the swagger spec in `docs/generated/swagger/spec.json`, whenever one of the APIv2 files in `pkg/server/` are changed. The spec, once generated, can be served as docs using the command: bin/swagger serve -p 8080 ./docs/generated/swagger/spec.json Also adds related annotations to `pkg/server/api*.go` to populate said spec. Part of #55947 , and the docs story around it. Release note (general change): Add docs for api v2 endpoints. Release note (build change): Adds go-swagger dependency, updates Makefile to call it to rebuild spec in docs/generated/swagger/ which will eventually be used for API docs. 62613: backupccl: run FK schema migration during RESTORE AOST r=postamar a=postamar Part of the 19.x to 20.x upgrade included work on how schema metadata encoded foreign keys to eventually remove the need for them to be attached to indexes, and instead be stored on the table itself. This work included migrating existing schemas to reflect this reorganization and also included 'upgrading' schema metadata as it was RESTORE'd from a backup that may have backed up the old representation. However this on-the-fly upgrade was only applied to some of the copies of the schema stored in the backup, namely the snapshot of 'latest' table descriptors that is kept in backupManifest.Descriptors. A parallel optional structure called DescriptorChanges exists in so-called 'revision_history' backups that has not just the schema as it existed when backed up, but also prior version of it that were revised during the backup window. The schema migraiton upgraded the schema in 'Descriptors' but did not upgrade the prior copies of schema in 'DescriptorChanges'. This meant that if a RESTORE was performed with an AS OF SYSTEM TIME clause, it would search for the correct copy of the schema as of that time, then restore it, and thus would use a copy from DescriptorChanges that had not been migrated, instead of the copy from Descriptors, which the schema migration had processed. Release note (bug fix): Fix a bug where tables that were created by 19.x or older that included foreign key constraits and were backed up with 'revision_history' option would be malformed when restored by a 20.x cluster if that RESTORE used the `AS OF SYSTEM TIME` option. Co-authored-by: Radu Berinde <[email protected]> Co-authored-by: Bilal Akhtar <[email protected]> Co-authored-by: David Taylor <[email protected]>

github-actions · 2023-09-06T11:10:28Z

We have marked this issue as stale because it has been inactive for
18 months. If this issue is still relevant, removing the stale label
or adding a comment will keep it active. Otherwise, we'll close it in
10 days to keep the issue queue tidy. Thank you for your contribution
to CockroachDB!

blathers-crl bot added the C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. label Oct 24, 2020

knz added C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) and removed C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. labels Oct 24, 2020

itsbilal mentioned this issue Jan 4, 2021

server: add /api/v2/ tree with auth/pagination, port listSessions endpoint #58436

Merged

itsbilal self-assigned this Feb 26, 2021

itsbilal mentioned this issue Feb 26, 2021

server: Migrate nodes, {hot-,}ranges, health endpoints to v2 API #60952

Merged

itsbilal mentioned this issue Mar 24, 2021

*: Build APIv2 spec using go-swagger, annotate endpoints #62560

Merged

jlinder added the T-server-and-security DB Server & Security label Jun 16, 2021

knz added A-server-architecture Relates to the internal APIs and src org for server code A-cc-enablement Pertains to current CC production issues or short-term projects labels Jul 29, 2021

github-actions bot added the no-issue-activity label Sep 6, 2023

knz added T-observability-inf and removed T-server-and-security DB Server & Security no-issue-activity labels Sep 6, 2023

knz unassigned itsbilal Sep 6, 2023

blathers-crl bot added the A-observability-inf label Sep 6, 2023

exalate-issue-sync bot added T-observability and removed T-observability-inf labels Mar 21, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

server: rework the layout of HTTP APIs #55947

server: rework the layout of HTTP APIs #55947

knz commented Oct 24, 2020 •

edited by cockroach-jira-scripts

Loading

blathers-crl bot commented Oct 24, 2020

knz commented Oct 24, 2020

knz commented Oct 24, 2020

github-actions bot commented Sep 6, 2023

server: rework the layout of HTTP APIs #55947

server: rework the layout of HTTP APIs #55947

Comments

knz commented Oct 24, 2020 • edited by cockroach-jira-scripts Loading

blathers-crl bot commented Oct 24, 2020

knz commented Oct 24, 2020

knz commented Oct 24, 2020

github-actions bot commented Sep 6, 2023

knz commented Oct 24, 2020 •

edited by cockroach-jira-scripts

Loading