Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

server,pgwire: use a single SQL listener for multiple tenants #92580

Merged
merged 23 commits into from
Jan 9, 2023
Merged

server,pgwire: use a single SQL listener for multiple tenants #92580

merged 23 commits into from
Jan 9, 2023

Conversation

knz
Copy link
Contributor

@knz knz commented Nov 28, 2022
edited
Loading

Parent PRs:

Fixes #84585.
Informs #94310.
Epic: CRDB-14537

This commit implements tenant routing using a single SQL network listener.

The tenant name can be specified:

  • via the client status param options, e.g. options=-ccrdb:tenant=hello
  • via the database name, e.g. crdb:tenant-hello.defaultdb.

Release note (backward-incompatible change): If a SQL database is created with a name that starts with crdb:tenant- (e.g. CREATE DATABASE "crdb:tenant-foo", clients will no longer be able to connect to it directly.

@cockroach-teamcity
Copy link
Member

This change is Reviewable

@knz knz mentioned this pull request Nov 28, 2022
Closed
@knz knz marked this pull request as ready for review November 28, 2022 15:44
@knz knz requested review from a team November 28, 2022 15:44
@knz knz added the A-multitenancy Related to multi-tenancy label Nov 28, 2022
@knz knz requested review from a team, herkolategan and smg260 and removed request for a team November 28, 2022 16:41
@knz knz requested a review from rafiss November 28, 2022 16:59
@knz knz requested review from a team November 28, 2022 17:14
@jaylim-crl
Copy link
Collaborator

The tenant name can be specified:

  • via the client status param options, e.g. options=-ccrdb:tenant=hello
  • via the database name, e.g. crdb:tenant-hello.

If I understand correctly, this only works if we connect to the KV server, right (i.e. based on acceptTenantName)? Since sqlproxy doesn't route requests to KV pods, I'd imagine we can assume that sqlproxy won't have this support?

@knz
Copy link
Contributor Author

knz commented Nov 28, 2022

@jaylim-crl I don't understand your question.

The logic implemented here only exists for shared-process multitenancy, which we've estimated will only be used in Self-hosted / Dedicated.

We may want to have a conversation about whether (and how) sqlproxy will be used with a multitenancy-enabled CC dedicated, but i'm not sure we need to have it now.

@jaylim-crl
Copy link
Collaborator

@jaylim-crl I don't understand your question.

The logic implemented here only exists for shared-process multitenancy, which we've estimated will only be used in Self-hosted / Dedicated.

We may want to have a conversation about whether (and how) sqlproxy will be used with a multitenancy-enabled CC dedicated, but i'm not sure we need to have it now.

I see. Thanks for the clarification; that explains it.

@knz knz mentioned this pull request Nov 28, 2022
Open
@andy-kimball
Copy link
Contributor

andy-kimball commented Nov 29, 2022
edited
Loading

I'm confused about what crdb:tenant-hello means. Isn't the name of the tenant hello in this case? But if that's the name of the tenant, then where is the name of the database? And if hello isn't the name of the tenant, then where is the name of the tenant specified? What's confusing me is this line in a test that's part of the PR:

db2 := serverutils.OpenDBConn(t, sqlAddr, "crdb:tenant-hello", false, s.Stopper())

I'd have expected "crdb:tenant-hello.defaultdb" here. Or maybe the defaultdb is implied if there's no DB specified?

@knz
Copy link
Contributor Author

knz commented Nov 29, 2022

maybe the defaultdb is implied if there's no DB specified?

That is exactly what's happening.

what crdb:tenant-hello means. Isn't the name of the tenant hello in this case?

correct.

knz added 14 commits January 8, 2023 23:17
@knz
pgwire: make handleCancel unaware of conn/buf
54f789e 
Release note: None
@knz
pgwire: split parseClientProvidedSessionParameters
7bd4484 
We need the read/parse of the parameters to be tenant-independent,
so the function cannot contain tenant-specific configuration.

Release note: None
@knz
pgwire: split the pre-conn reserved memory account
c7dd014 
This commit extracts the memory reservation into
a tenant-independent memory pool.

Release note: None
@knz
pgwire: lift the pre-serve logic into a closure
b5a2c43 
This demonstrates that the logic is tenant-independent
and makes it ready to move into the PreServe() function.

Release note: None
@knz
pgwire: move PreServe() to its own method
e589e4b 
Release note: None
@knz
pgwire: move maybeUpgradeToSecureConn to pre_serve.go
7963983 
Release note: None
@knz
pgwire: move readVersion to pre_serve.go
41fe579 
Release note: None
@knz
pgwire: move the parsing logic for client opts to a new file
317b426 
Release note: None
@knz
pgwire: lift the PreServe() call to the server package
7eb7663 
Release note: None
@knz
pgwire: pull the client addr trust logic into PreServe
6f62794 
Release note: None
@knz
server: pull isReady.Set(true) out of startServeSQL
66505e5 
Release note: None
@knz
server: pull pgL out of SQLServer
23ad180 
Release note: None
@knz
server: pull startServeSQL out of SQLServer
7bf6fce 
Release note: None
@knz
server: pull pgPreServer out of SQLServer
e5e3f31 
Release note: None
@knz knz changed the base branch from 20221116-shared-sql-6 to master January 8, 2023 22:56
@knz
server,cli/demo: make the default tenant configurable
05955c8 
This patch introduces the new cluster setting
`server.connector.tenant_name`, which determines which tenant to use
to serve client connections when the client does not specify a tenant.

This defaults to `system`, the name of the system tenant.

Release note: None
@knz
server,pgwire: use a single SQL listener for multiple tenants
a5ca120 
This commit implements tenant routing using a single
SQL network listener.

The tenant name can be specified:

- via the client status param `options`, e.g.
  `options=-ccluster=hello`
- via the database name, e.g. `cluster:hello/mydb`.

Release note (backward-incompatible change): If a SQL database is
created with a name that starts with `cluster:...` (e.g. `CREATE
DATABASE "cluster:foo"`, clients will no longer be able to connect to
it directly via a pre-existing URL connection string. The URL
needs to be modified in this case. For example:

Previously:
```
postgres://servername/cluster:foo
```

Now:
```
postgres://servername/cluster:foo&options=-ccluster=system
```

(What this does: it selects the tenant named `system` and then the
database named `cluster:foo` inside it. When the `-ccluster:system`
option is not specified, `cluster:foo` in the database name position
is interpreted as a request to connect to a tenant named `foo`, which
likely does not exist.)

Connections to databases whose name does not start with
`cluster:` (the most common case) are not affected by this change.
@knz knz requested a review from a team as a code owner January 9, 2023 00:11
@knz
Copy link
Contributor Author

knz commented Jan 9, 2023

TFYRs!

bors r=rafiss

@craig
Copy link
Contributor

craig bot commented Jan 9, 2023

Build succeeded:

@craig craig bot merged commit 27ebfa8 into master Jan 9, 2023
@craig craig bot deleted the 20221116-shared-sql-7 branch January 9, 2023 01:50
This was referenced Jan 9, 2023
Open
Open
Open
Open
@szphie szphie mentioned this pull request Jul 21, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andy-kimball andy-kimball andy-kimball left review comments

@rafiss rafiss rafiss approved these changes

@herkolategan herkolategan Awaiting requested review from herkolategan herkolategan is a code owner automatically assigned from cockroachdb/test-eng

@smg260 smg260 Awaiting requested review from smg260 smg260 is a code owner automatically assigned from cockroachdb/test-eng

@dhartunian dhartunian Awaiting requested review from dhartunian

Assignees
No one assigned
Labels
A-multitenancy Related to multi-tenancy
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

server: explore tenant routing in pg interface (also unix socket) [CRDB-14537 followup]
5 participants
@knz @cockroach-teamcity @jaylim-crl @andy-kimball @rafiss