Add support for secondary azure storage account #13779
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Thanks @dadoonet. I'll review and get back to you shortly. |
dadoonet
force-pushed
the
pr/azure-multi-account
branch
from
69a1cf7
to
edb779c
Compare
|
@craigwi FYI I added a new commit and rebased on master. |
dadoonet
force-pushed
the
pr/azure-multi-account
branch
from
edb779c
to
0057dee
Compare
|
@imotov Do you think you could review this PR? |
|
Thanks @dadoonet; as mentioned in a separate note, I have reviewed this and we are good to go. |
| try { | ||
| if (account != null) { | ||
| logger.trace("creating new Azure storage client using account [{}], key [{}], blob [{}]", account, key, blob); | ||
| String blob = "https://" + azureStorageSettings.getAccount() + ".blob.core.windows.net/"; |
There was a problem hiding this comment.
Since the account settings are supplied by user, I would feels better if we used URI to build this string. This way we will have at least some basic validation of the things that go into this URL.
There was a problem hiding this comment.
Well looking at the code again it sounds like we don't really use that blob string here. We just use it for logger.trace just below...
So I think I should remove that :D
|
Left one minor comment. The snapshot/restore side looks good to me. |
Follow up for elastic#13228. This commit adds support for a secondary storage account: ```yml cloud: azure: storage: my_account1: account: your_azure_storage_account1 key: your_azure_storage_key1 default: true my_account2: account: your_azure_storage_account2 key: your_azure_storage_key2 ``` When creating a repository, you can choose which azure account you want to use for it: ```sh curl -XPUT localhost:9200/_snapshot/my_backup1?pretty -d '{ "type": "azure" }' curl -XPUT localhost:9200/_snapshot/my_backup2?pretty -d '{ "type": "azure", "settings": { "account" : "my_account2", "location_mode": "secondary_only" } }' ``` `location_mode` supports `primary_only` or `secondary_only`. Defaults to `primary_only`. Note that if you set it to `secondary_only`, it will force `read_only` to true.
dadoonet
force-pushed
the
pr/azure-multi-account
branch
from
4a9546b
to
79a4d9c
Compare
|
Merged also in 2.x branch with 04b51d4 |
dadoonet
added a commit
to dadoonet/elasticsearch
that referenced
this pull request
Nov 19, 2015
Bug introduced in elastic#13779: we don't filter anymore credentials because we were filtering `cloud.azure.storage.account` and `cloud.azure.storage.key` but now credentials are like `cloud.azure.storage.XXX.account` and `cloud.azure.storage.XXX.key` where `XXX` can be a storage setting id. Closes elastic#14843.
dadoonet
added a commit
that referenced
this pull request
Nov 19, 2015
Bug introduced in #13779: we don't filter anymore credentials because we were filtering `cloud.azure.storage.account` and `cloud.azure.storage.key` but now credentials are like `cloud.azure.storage.XXX.account` and `cloud.azure.storage.XXX.key` where `XXX` can be a storage setting id. Closes #14843. (cherry picked from commit 149279f)
This was referenced Dec 18, 2015
dadoonet
added a commit
to dadoonet/elasticsearch
that referenced
this pull request
Jan 14, 2016
Using a single azure account is now rejected. This commit fixes this issue and adds a test for it. This regression was introduced with elastic#13779. Hopefully no elasticsearch version has been released since then. Needs to be merged in 2.2, 2.x and master branches.
dadoonet
added a commit
that referenced
this pull request
Jan 14, 2016
Using a single azure account is now rejected. This commit fixes this issue and adds a test for it. This regression was introduced with #13779. Hopefully no elasticsearch version has been released since then. Backport of #15982 in 2.2 branch. (cherry picked from commit ed45ad6) (cherry picked from commit 2fdcd35)
dadoonet
added a commit
to dadoonet/elasticsearch
that referenced
this pull request
Jan 19, 2016
One test we forgot in elastic#14843 and elastic#13779 is the default client selection. Most of the time, users won't define explicitly which client they want to use because they are providing only one connection to Azure storage: ```yml cloud: azure: storage: my_account: account: your_azure_storage_account key: your_azure_storage_key ``` Then using the default client like this: ```sh # This one will use the default account (my_account1) curl -XPUT localhost:9200/_snapshot/my_backup1?pretty -d '{ "type": "azure" }' ``` This commit adds tests to check that the right client is still selected when no client is explicitly set when creating the snapshot.
dadoonet
added a commit
that referenced
this pull request
Jan 19, 2016
One test we forgot in #14843 and #13779 is the default client selection. Most of the time, users won't define explicitly which client they want to use because they are providing only one connection to Azure storage: ```yml cloud: azure: storage: my_account: account: your_azure_storage_account key: your_azure_storage_key ``` Then using the default client like this: ```sh # This one will use the default account (my_account1) curl -XPUT localhost:9200/_snapshot/my_backup1?pretty -d '{ "type": "azure" }' ``` This commit adds tests to check that the right client is still selected when no client is explicitly set when creating the snapshot. Backport of #16088 in 2.2 branch
dadoonet
added a commit
that referenced
this pull request
Jan 19, 2016
One test we forgot in #14843 and #13779 is the default client selection. Most of the time, users won't define explicitly which client they want to use because they are providing only one connection to Azure storage: ```yml cloud: azure: storage: my_account: account: your_azure_storage_account key: your_azure_storage_key ``` Then using the default client like this: ```sh # This one will use the default account (my_account1) curl -XPUT localhost:9200/_snapshot/my_backup1?pretty -d '{ "type": "azure" }' ``` This commit adds tests to check that the right client is still selected when no client is explicitly set when creating the snapshot. Backport of #16088 in 2.x branch
dadoonet
added a commit
to dadoonet/elasticsearch
that referenced
this pull request
Feb 24, 2016
This regression has been introduced in 2.2.0 by elastic#13779 where we removed support for `cloud.azure.storage.account` and replaced by `cloud.azure.storage.my_account.account`. But Azure plugin tries to detect when it starts if all needed settings to use an `azure` repository have been set. If not the case, the plugin does not expose `azure` as an available repository. Sadly, this check has been badly updated in 2.2.0 so it can never find the expected settings to start correctly. This gives the following effect: ```yaml cloud: azure: storage: my_account: account: your_azure_storage_account key: your_azure_storage_key ``` When you try to execute the following API you get Unknown [repository] type [azure]: ```sh [msimos@msi-gs60 elasticsearch-2.2.0]$ curl -XPUT http://localhost:9200/_snapshot/mybackup?pretty -d '{ "type": "azure" }' ``` ```js { "error" : { "root_cause" : [ { "type" : "repository_exception", "reason" : "[mybackup] failed to create repository" } ], "type" : "repository_exception", "reason" : "[mybackup] failed to create repository", "caused_by" : { "type" : "illegal_argument_exception", "reason" : "Unknown [repository] type [azure]" } }, "status" : 500 } ``` ```sh [msimos@msi-gs60 elasticsearch-2.2.0]$ curl -XGE http://localhost:9200/_cat/plugins?v name component version type url node01 cloud-azure 2.2.0 j node01 license 2.2.0 j node01 shield 2.2.0 j ``` In the elasticsearch log file you see this error: ``` [2016-02-19 10:54:47,357][DEBUG][cloud.azure ] [node01] starting azure services [2016-02-19 10:54:47,357][DEBUG][cloud.azure ] [node01] azure repository is not set using [repositories.azure.account] and [cloud.azure.storage.key] properties ``` Closes elastic#16734
dadoonet
added a commit
that referenced
this pull request
Feb 25, 2016
This regression has been introduced in 2.2.0 by #13779 where we removed support for `cloud.azure.storage.account` and replaced by `cloud.azure.storage.my_account.account`. But Azure plugin tries to detect when it starts if all needed settings to use an `azure` repository have been set. If not the case, the plugin does not expose `azure` as an available repository. Sadly, this check has been badly updated in 2.2.0 so it can never find the expected settings to start correctly. This gives the following effect: ```yaml cloud: azure: storage: my_account: account: your_azure_storage_account key: your_azure_storage_key ``` When you try to execute the following API you get Unknown [repository] type [azure]: ```sh [msimos@msi-gs60 elasticsearch-2.2.0]$ curl -XPUT http://localhost:9200/_snapshot/mybackup?pretty -d '{ "type": "azure" }' ``` ```js { "error" : { "root_cause" : [ { "type" : "repository_exception", "reason" : "[mybackup] failed to create repository" } ], "type" : "repository_exception", "reason" : "[mybackup] failed to create repository", "caused_by" : { "type" : "illegal_argument_exception", "reason" : "Unknown [repository] type [azure]" } }, "status" : 500 } ``` ```sh [msimos@msi-gs60 elasticsearch-2.2.0]$ curl -XGE http://localhost:9200/_cat/plugins?v name component version type url node01 cloud-azure 2.2.0 j node01 license 2.2.0 j node01 shield 2.2.0 j ``` In the elasticsearch log file you see this error: ``` [2016-02-19 10:54:47,357][DEBUG][cloud.azure ] [node01] starting azure services [2016-02-19 10:54:47,357][DEBUG][cloud.azure ] [node01] azure repository is not set using [repositories.azure.account] and [cloud.azure.storage.key] properties ``` Closes #16734 (cherry picked from commit 7ffd6aa)
clintongormley
added
:Distributed Coordination/Snapshot/Restore
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In #13228, @craigwi proposed a PR to support multiple storage accounts and secondary endpoints (which are readonly).
As per discussion on the thread I started to revisit the PR.
This PR rebased @craigwi work on master and modify the way you define secondary storage account.
In
elasticsearch.yml:When creating a repository, you can choose which azure account you want to use for it:
@craigwi I ran some manual tests and it seems to work as expected but I'd love if you could confirm that.
Do you think you can build my branch and run a test on your side?
I don't think it's totally ready for a review though (I want at least to squash/reword some of commits).