dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Prevent write operations to database replicas.
[lhc/web/wiklou.git] / includes / libs / rdbms / loadbalancer / ILoadBalancer.php
1 <?php
2 /**
3 * Database load balancing interface
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup Database
22 */
23 namespace Wikimedia\Rdbms;
24
25 use Exception;
26 use InvalidArgumentException;
27
28 /**
29 * Database cluster connection, tracking, load balancing, and transaction manager interface
30 *
31 * A "cluster" is considered to be one master database and zero or more replica databases.
32 * Typically, the replica DBs replicate from the master asynchronously. The first node in the
33 * "servers" configuration array is always considered the "master". However, this class can still
34 * be used when all or some of the "replica" DBs are multi-master peers of the master or even
35 * when all the DBs are non-replicating clones of each other holding read-only data. Thus, the
36 * role of "master" is in some cases merely nominal.
37 *
38 * By default, each DB server uses DBO_DEFAULT for its 'flags' setting, unless explicitly set
39 * otherwise in configuration. DBO_DEFAULT behavior depends on whether 'cliMode' is set:
40 * - In CLI mode, the flag has no effect with regards to LoadBalancer.
41 * - In non-CLI mode, the flag causes implicit transactions to be used; the first query on
42 * a database starts a transaction on that database. The transactions are meant to remain
43 * pending until either commitMasterChanges() or rollbackMasterChanges() is called. The
44 * application must have some point where it calls commitMasterChanges() near the end of
45 * the PHP request.
46 * Every iteration of beginMasterChanges()/commitMasterChanges() is called a "transaction round".
47 * Rounds are useful on the master DB connections because they make single-DB (and by and large
48 * multi-DB) updates in web requests all-or-nothing. Also, transactions on replica DBs are useful
49 * when REPEATABLE-READ or SERIALIZABLE isolation is used because all foriegn keys and constraints
50 * hold across separate queries in the DB transaction since the data appears within a consistent
51 * point-in-time snapshot.
52 *
53 * The typical caller will use LoadBalancer::getConnection( DB_* ) to yield a live database
54 * connection handle. The choice of which DB server to use is based on pre-defined loads for
55 * weighted random selection, adjustments thereof by LoadMonitor, and the amount of replication
56 * lag on each DB server. Lag checks might cause problems in certain setups, so they should be
57 * tuned in the server configuration maps as follows:
58 * - Master + N Replica(s): set 'max lag' to an appropriate threshold for avoiding any database
59 * lagged by this much or more. If all DBs are this lagged, then the load balancer considers
60 * the cluster to be read-only.
61 * - Galera Cluster: Seconds_Behind_Master will be 0, so there probably is nothing to tune.
62 * Note that lag is still possible depending on how wsrep-sync-wait is set server-side.
63 * - Read-only archive clones: set 'is static' in the server configuration maps. This will
64 * treat all such DBs as having 0 lag.
65 * - SQL load balancing proxy: any proxy should handle lag checks on its own, so the 'max lag'
66 * parameter should probably be set to INF in the server configuration maps. This will make
67 * the load balancer ignore whatever it detects as the lag of the logical replica is (which
68 * would probably just randomly bounce around).
69 *
70 * If using a SQL proxy service, it would probably be best to have two proxy hosts for the
71 * load balancer to talk to. One would be the 'host' of the master server entry and another for
72 * the (logical) replica server entry. The proxy could map the load balancer's "replica" DB to
73 * any number of physical replica DBs.
74 *
75 * @since 1.28
76 * @ingroup Database
77 */
78 interface ILoadBalancer {
79 /** @var int Request a replica DB connection */
80 const DB_REPLICA = -1;
81 /** @var int Request a master DB connection */
82 const DB_MASTER = -2;
83
84 /** @var string Domain specifier when no specific database needs to be selected */
85 const DOMAIN_ANY = '';
86
87 /** @var int DB handle should have DBO_TRX disabled and the caller will leave it as such */
88 const CONN_TRX_AUTO = 1;
89
90 /** Disable writing for the given connection. Used internally. Do not use with DB_MASTER! */
91 const CONN_NO_WRITE = 2;
92
93 /**
94 * Construct a manager of IDatabase connection objects
95 *
96 * @param array $params Parameter map with keys:
97 * - servers : Required. Array of server info structures.
98 * - localDomain: A DatabaseDomain or domain ID string.
99 * - loadMonitor : Name of a class used to fetch server lag and load.
100 * - readOnlyReason : Reason the master DB is read-only if so [optional]
101 * - waitTimeout : Maximum time to wait for replicas for consistency [optional]
102 * - maxLag: Avoid replica DB servers with more lag than this [optional]
103 * - srvCache : BagOStuff object for server cache [optional]
104 * - wanCache : WANObjectCache object [optional]
105 * - chronologyProtector: ChronologyProtector object [optional]
106 * - hostname : The name of the current server [optional]
107 * - cliMode: Whether the execution context is a CLI script. [optional]
108 * - profiler : Class name or instance with profileIn()/profileOut() methods. [optional]
109 * - trxProfiler: TransactionProfiler instance. [optional]
110 * - replLogger: PSR-3 logger instance. [optional]
111 * - connLogger: PSR-3 logger instance. [optional]
112 * - queryLogger: PSR-3 logger instance. [optional]
113 * - perfLogger: PSR-3 logger instance. [optional]
114 * - errorLogger : Callback that takes an Exception and logs it. [optional]
115 * @throws InvalidArgumentException
116 */
117 public function __construct( array $params );
118
119 /**
120 * Get the index of the reader connection, which may be a replica DB
121 *
122 * This takes into account load ratios and lag times. It should
123 * always return a consistent index during a given invocation.
124 *
125 * Side effect: opens connections to databases
126 * @param string|bool $group Query group, or false for the generic reader
127 * @param string|bool $domain Domain ID, or false for the current domain
128 * @throws DBError
129 * @return bool|int|string
130 */
131 public function getReaderIndex( $group = false, $domain = false );
132
133 /**
134 * Set the master wait position
135 *
136 * If a DB_REPLICA connection has been opened already, then wait immediately.
137 * Otherwise sets a variable telling it to wait if such a connection is opened.
138 *
139 * This only applies to connections to the generic replica DB for this request.
140 * If a timeout happens when waiting, then getLaggedReplicaMode()/laggedReplicaUsed()
141 * will return true.
142 *
143 * @param DBMasterPos|bool $pos Master position or false
144 */
145 public function waitFor( $pos );
146
147 /**
148 * Set the master wait position and wait for a "generic" replica DB to catch up to it
149 *
150 * This can be used a faster proxy for waitForAll()
151 *
152 * @param DBMasterPos|bool $pos Master position or false
153 * @param int $timeout Max seconds to wait; default is mWaitTimeout
154 * @return bool Success (able to connect and no timeouts reached)
155 */
156 public function waitForOne( $pos, $timeout = null );
157
158 /**
159 * Set the master wait position and wait for ALL replica DBs to catch up to it
160 *
161 * @param DBMasterPos|bool $pos Master position or false
162 * @param int $timeout Max seconds to wait; default is mWaitTimeout
163 * @return bool Success (able to connect and no timeouts reached)
164 */
165 public function waitForAll( $pos, $timeout = null );
166
167 /**
168 * Get any open connection to a given server index, local or foreign
169 *
170 * @param int $i Server index or DB_MASTER/DB_REPLICA
171 * @return Database|bool False if no such connection is open
172 */
173 public function getAnyOpenConnection( $i );
174
175 /**
176 * Get a connection by index
177 *
178 * Avoid using CONN_TRX_AUTO with sqlite (e.g. check getServerType() first)
179 *
180 * @param int $i Server index or DB_MASTER/DB_REPLICA
181 * @param array|string|bool $groups Query group(s), or false for the generic reader
182 * @param string|bool $domain Domain ID, or false for the current domain
183 * @param int $flags Bitfield of CONN_* class constants
184 *
185 * @throws DBError
186 * @return Database
187 */
188 public function getConnection( $i, $groups = [], $domain = false, $flags = 0 );
189
190 /**
191 * Mark a foreign connection as being available for reuse under a different DB domain
192 *
193 * This mechanism is reference-counted, and must be called the same number of times
194 * as getConnection() to work.
195 *
196 * @param IDatabase $conn
197 * @throws InvalidArgumentException
198 */
199 public function reuseConnection( $conn );
200
201 /**
202 * Get a database connection handle reference
203 *
204 * The handle's methods simply wrap those of a Database handle
205 *
206 * Avoid using CONN_TRX_AUTO with sqlite (e.g. check getServerType() first)
207 *
208 * @see ILoadBalancer::getConnection() for parameter information
209 *
210 * @param int $i Server index or DB_MASTER/DB_REPLICA
211 * @param array|string|bool $groups Query group(s), or false for the generic reader
212 * @param string|bool $domain Domain ID, or false for the current domain
213 * @param int $flags Bitfield of CONN_* class constants (e.g. CONN_TRX_AUTO)
214 * @return DBConnRef
215 */
216 public function getConnectionRef( $i, $groups = [], $domain = false, $flags = 0 );
217
218 /**
219 * Get a database connection handle reference without connecting yet
220 *
221 * The handle's methods simply wrap those of a Database handle
222 *
223 * Avoid using CONN_TRX_AUTO with sqlite (e.g. check getServerType() first)
224 *
225 * @see ILoadBalancer::getConnection() for parameter information
226 *
227 * @param int $i Server index or DB_MASTER/DB_REPLICA
228 * @param array|string|bool $groups Query group(s), or false for the generic reader
229 * @param string|bool $domain Domain ID, or false for the current domain
230 * @param int $flags Bitfield of CONN_* class constants (e.g. CONN_TRX_AUTO)
231 * @return DBConnRef
232 */
233 public function getLazyConnectionRef( $i, $groups = [], $domain = false, $flags = 0 );
234
235 /**
236 * Get a maintenance database connection handle reference for migrations and schema changes
237 *
238 * The handle's methods simply wrap those of a Database handle
239 *
240 * Avoid using CONN_TRX_AUTO with sqlite (e.g. check getServerType() first)
241 *
242 * @see ILoadBalancer::getConnection() for parameter information
243 *
244 * @param int $db Server index or DB_MASTER/DB_REPLICA
245 * @param array|string|bool $groups Query group(s), or false for the generic reader
246 * @param string|bool $domain Domain ID, or false for the current domain
247 * @param int $flags Bitfield of CONN_* class constants (e.g. CONN_TRX_AUTO)
248 * @return MaintainableDBConnRef
249 */
250 public function getMaintenanceConnectionRef( $db, $groups = [], $domain = false, $flags = 0 );
251
252 /**
253 * Open a connection to the server given by the specified index
254 *
255 * The index must be an actual index into the array. If a connection to the server is
256 * already open and not considered an "in use" foreign connection, this simply returns it.
257 *
258 * Avoid using CONN_TRX_AUTO with sqlite (e.g. check getServerType() first)
259 *
260 * @note If disable() was called on this LoadBalancer, this method will throw a DBAccessError.
261 *
262 * @param int $i Server index (does not support DB_MASTER/DB_REPLICA)
263 * @param string|bool $domain Domain ID, or false for the current domain
264 * @param int $flags Bitfield of CONN_* class constants (e.g. CONN_TRX_AUTO)
265 * @return Database|bool Returns false on errors
266 * @throws DBAccessError
267 */
268 public function openConnection( $i, $domain = false, $flags = 0 );
269
270 /**
271 * @return int
272 */
273 public function getWriterIndex();
274
275 /**
276 * Returns true if the specified index is a valid server index
277 *
278 * @param int $i
279 * @return bool
280 */
281 public function haveIndex( $i );
282
283 /**
284 * Returns true if the specified index is valid and has non-zero load
285 *
286 * @param int $i
287 * @return bool
288 */
289 public function isNonZeroLoad( $i );
290
291 /**
292 * Get the number of defined servers (not the number of open connections)
293 *
294 * @return int
295 */
296 public function getServerCount();
297
298 /**
299 * Get the host name or IP address of the server with the specified index
300 *
301 * @param int $i
302 * @return string Readable name if available or IP/host otherwise
303 */
304 public function getServerName( $i );
305
306 /**
307 * Get DB type of the server with the specified index
308 *
309 * @param int $i
310 * @return string One of (mysql,postgres,sqlite,...) or "unknown" for bad indexes
311 * @since 1.30
312 */
313 public function getServerType( $i );
314
315 /**
316 * Return the server info structure for a given index, or false if the index is invalid.
317 * @param int $i
318 * @return array|bool
319 *
320 * @deprecated Since 1.30, no alternative
321 */
322 public function getServerInfo( $i );
323
324 /**
325 * Sets the server info structure for the given index. Entry at index $i
326 * is created if it doesn't exist
327 * @param int $i
328 * @param array $serverInfo
329 *
330 * @deprecated Since 1.30, construct new object
331 */
332 public function setServerInfo( $i, array $serverInfo );
333
334 /**
335 * Get the current master position for chronology control purposes
336 * @return DBMasterPos|bool Returns false if not applicable
337 */
338 public function getMasterPos();
339
340 /**
341 * Disable this load balancer. All connections are closed, and any attempt to
342 * open a new connection will result in a DBAccessError.
343 */
344 public function disable();
345
346 /**
347 * Close all open connections
348 */
349 public function closeAll();
350
351 /**
352 * Close a connection
353 *
354 * Using this function makes sure the LoadBalancer knows the connection is closed.
355 * If you use $conn->close() directly, the load balancer won't update its state.
356 *
357 * @param IDatabase $conn
358 */
359 public function closeConnection( IDatabase $conn );
360
361 /**
362 * Commit transactions on all open connections
363 * @param string $fname Caller name
364 * @throws DBExpectedError
365 */
366 public function commitAll( $fname = __METHOD__ );
367
368 /**
369 * Perform all pre-commit callbacks that remain part of the atomic transactions
370 * and disable any post-commit callbacks until runMasterPostTrxCallbacks()
371 *
372 * Use this only for mutli-database commits
373 */
374 public function finalizeMasterChanges();
375
376 /**
377 * Perform all pre-commit checks for things like replication safety
378 *
379 * Use this only for mutli-database commits
380 *
381 * @param array $options Includes:
382 * - maxWriteDuration : max write query duration time in seconds
383 * @throws DBTransactionError
384 */
385 public function approveMasterChanges( array $options );
386
387 /**
388 * Flush any master transaction snapshots and set DBO_TRX (if DBO_DEFAULT is set)
389 *
390 * The DBO_TRX setting will be reverted to the default in each of these methods:
391 * - commitMasterChanges()
392 * - rollbackMasterChanges()
393 * - commitAll()
394 * This allows for custom transaction rounds from any outer transaction scope.
395 *
396 * @param string $fname
397 * @throws DBExpectedError
398 */
399 public function beginMasterChanges( $fname = __METHOD__ );
400
401 /**
402 * Issue COMMIT on all master connections where writes where done
403 * @param string $fname Caller name
404 * @throws DBExpectedError
405 */
406 public function commitMasterChanges( $fname = __METHOD__ );
407
408 /**
409 * Issue all pending post-COMMIT/ROLLBACK callbacks
410 *
411 * Use this only for mutli-database commits
412 *
413 * @param int $type IDatabase::TRIGGER_* constant
414 * @return Exception|null The first exception or null if there were none
415 */
416 public function runMasterPostTrxCallbacks( $type );
417
418 /**
419 * Issue ROLLBACK only on master, only if queries were done on connection
420 * @param string $fname Caller name
421 * @throws DBExpectedError
422 */
423 public function rollbackMasterChanges( $fname = __METHOD__ );
424
425 /**
426 * Suppress all pending post-COMMIT/ROLLBACK callbacks
427 *
428 * Use this only for mutli-database commits
429 *
430 * @return Exception|null The first exception or null if there were none
431 */
432 public function suppressTransactionEndCallbacks();
433
434 /**
435 * Commit all replica DB transactions so as to flush any REPEATABLE-READ or SSI snapshot
436 *
437 * @param string $fname Caller name
438 */
439 public function flushReplicaSnapshots( $fname = __METHOD__ );
440
441 /**
442 * @return bool Whether a master connection is already open
443 */
444 public function hasMasterConnection();
445
446 /**
447 * Determine if there are pending changes in a transaction by this thread
448 * @return bool
449 */
450 public function hasMasterChanges();
451
452 /**
453 * Get the timestamp of the latest write query done by this thread
454 * @return float|bool UNIX timestamp or false
455 */
456 public function lastMasterChangeTimestamp();
457
458 /**
459 * Check if this load balancer object had any recent or still
460 * pending writes issued against it by this PHP thread
461 *
462 * @param float $age How many seconds ago is "recent" [defaults to mWaitTimeout]
463 * @return bool
464 */
465 public function hasOrMadeRecentMasterChanges( $age = null );
466
467 /**
468 * Get the list of callers that have pending master changes
469 *
470 * @return string[] List of method names
471 */
472 public function pendingMasterChangeCallers();
473
474 /**
475 * @note This method will trigger a DB connection if not yet done
476 * @param string|bool $domain Domain ID, or false for the current domain
477 * @return bool Whether the database for generic connections this request is highly "lagged"
478 */
479 public function getLaggedReplicaMode( $domain = false );
480
481 /**
482 * Checks whether the database for generic connections this request was both:
483 * - a) Already choosen due to a prior connection attempt
484 * - b) Considered highly "lagged"
485 *
486 * @note This method will never cause a new DB connection
487 * @return bool
488 */
489 public function laggedReplicaUsed();
490
491 /**
492 * @note This method may trigger a DB connection if not yet done
493 * @param string|bool $domain Domain ID, or false for the current domain
494 * @param IDatabase|null $conn DB master connection; used to avoid loops [optional]
495 * @return string|bool Reason the master is read-only or false if it is not
496 */
497 public function getReadOnlyReason( $domain = false, IDatabase $conn = null );
498
499 /**
500 * Disables/enables lag checks
501 * @param null|bool $mode
502 * @return bool
503 */
504 public function allowLagged( $mode = null );
505
506 /**
507 * @return bool
508 */
509 public function pingAll();
510
511 /**
512 * Call a function with each open connection object
513 * @param callable $callback
514 * @param array $params
515 */
516 public function forEachOpenConnection( $callback, array $params = [] );
517
518 /**
519 * Call a function with each open connection object to a master
520 * @param callable $callback
521 * @param array $params
522 */
523 public function forEachOpenMasterConnection( $callback, array $params = [] );
524
525 /**
526 * Call a function with each open replica DB connection object
527 * @param callable $callback
528 * @param array $params
529 */
530 public function forEachOpenReplicaConnection( $callback, array $params = [] );
531
532 /**
533 * Get the hostname and lag time of the most-lagged replica DB
534 *
535 * This is useful for maintenance scripts that need to throttle their updates.
536 * May attempt to open connections to replica DBs on the default DB. If there is
537 * no lag, the maximum lag will be reported as -1.
538 *
539 * @param bool|string $domain Domain ID, or false for the default database
540 * @return array ( host, max lag, index of max lagged host )
541 */
542 public function getMaxLag( $domain = false );
543
544 /**
545 * Get an estimate of replication lag (in seconds) for each server
546 *
547 * Results are cached for a short time in memcached/process cache
548 *
549 * Values may be "false" if replication is too broken to estimate
550 *
551 * @param string|bool $domain
552 * @return int[] Map of (server index => float|int|bool)
553 */
554 public function getLagTimes( $domain = false );
555
556 /**
557 * Get the lag in seconds for a given connection, or zero if this load
558 * balancer does not have replication enabled.
559 *
560 * This should be used in preference to Database::getLag() in cases where
561 * replication may not be in use, since there is no way to determine if
562 * replication is in use at the connection level without running
563 * potentially restricted queries such as SHOW SLAVE STATUS. Using this
564 * function instead of Database::getLag() avoids a fatal error in this
565 * case on many installations.
566 *
567 * @param IDatabase $conn
568 * @return int|bool Returns false on error
569 */
570 public function safeGetLag( IDatabase $conn );
571
572 /**
573 * Wait for a replica DB to reach a specified master position
574 *
575 * This will connect to the master to get an accurate position if $pos is not given
576 *
577 * @param IDatabase $conn Replica DB
578 * @param DBMasterPos|bool $pos Master position; default: current position
579 * @param int $timeout Timeout in seconds [optional]
580 * @return bool Success
581 */
582 public function safeWaitForMasterPos( IDatabase $conn, $pos = false, $timeout = 10 );
583
584 /**
585 * Set a callback via IDatabase::setTransactionListener() on
586 * all current and future master connections of this load balancer
587 *
588 * @param string $name Callback name
589 * @param callable|null $callback
590 */
591 public function setTransactionListener( $name, callable $callback = null );
592
593 /**
594 * Set a new table prefix for the existing local domain ID for testing
595 *
596 * @param string $prefix
597 */
598 public function setDomainPrefix( $prefix );
599
600 /**
601 * Make certain table names use their own database, schema, and table prefix
602 * when passed into SQL queries pre-escaped and without a qualified database name
603 *
604 * For example, "user" can be converted to "myschema.mydbname.user" for convenience.
605 * Appearances like `user`, somedb.user, somedb.someschema.user will used literally.
606 *
607 * Calling this twice will completely clear any old table aliases. Also, note that
608 * callers are responsible for making sure the schemas and databases actually exist.
609 *
610 * @param array[] $aliases Map of (table => (dbname, schema, prefix) map)
611 */
612 public function setTableAliases( array $aliases );
613 }
Wiklou, le Wiki du Wiklou