Prevent write operations to database replicas.

[lhc/web/wiklou.git] / includes / libs / rdbms / loadbalancer / LoadBalancer.php

diff --git a/includes/libs/rdbms/loadbalancer/LoadBalancer.php b/includes/libs/rdbms/loadbalancer/LoadBalancer.php
index 6bb8945..eb288dd 100644 (file)
--- a/includes/libs/rdbms/loadbalancer/LoadBalancer.php
+++ b/includes/libs/rdbms/loadbalancer/LoadBalancer.php
@@ -18,7 +18,6 @@
  * http://www.gnu.org/copyleft/gpl.html
  *
  * @file
- * @ingroup Database
  */
 namespace Wikimedia\Rdbms;
 
@@ -115,11 +114,13 @@ class LoadBalancer implements ILoadBalancer {
        private $disabled = false;
        /** @var bool */
        private $chronProtInitialized = false;
+       /** @var int */
+       private $maxLag = self::MAX_LAG_DEFAULT;
 
        /** @var int Warn when this many connection are held */
        const CONN_HELD_WARN_THRESHOLD = 10;
 
-       /** @var int Default 'max lag' when unspecified */
+       /** @var int Default 'maxLag' when unspecified */
        const MAX_LAG_DEFAULT = 10;
        /** @var int Seconds to cache master server read-only status */
        const TTL_CACHE_READONLY = 5;
@@ -178,11 +179,16 @@ class LoadBalancer implements ILoadBalancer {
                        $this->readOnlyReason = $params['readOnlyReason'];
                }
 
+               if ( isset( $params['maxLag'] ) ) {
+                       $this->maxLag = $params['maxLag'];
+               }
+
                if ( isset( $params['loadMonitor'] ) ) {
                        $this->loadMonitorConfig = $params['loadMonitor'];
                } else {
                        $this->loadMonitorConfig = [ 'class' => 'LoadMonitorNull' ];
                }
+               $this->loadMonitorConfig += [ 'lagWarnThreshold' => $this->maxLag ];
 
                foreach ( $params['servers'] as $i => $server ) {
                        $this->mLoads[$i] = $server['load'];
@@ -275,7 +281,7 @@ class LoadBalancer implements ILoadBalancer {
                                # How much lag this server nominally is allowed to have
                                $maxServerLag = isset( $this->mServers[$i]['max lag'] )
                                        ? $this->mServers[$i]['max lag']
-                                       : self::MAX_LAG_DEFAULT; // default
+                                       : $this->maxLag; // default
                                # Constrain that futher by $maxLag argument
                                $maxServerLag = min( $maxServerLag, $maxLag );
 
@@ -285,7 +291,7 @@ class LoadBalancer implements ILoadBalancer {
                                                "Server {host} is not replicating?", [ 'host' => $host ] );
                                        unset( $loads[$i] );
                                } elseif ( $lag > $maxServerLag ) {
-                                       $this->replLogger->warning(
+                                       $this->replLogger->info(
                                                "Server {host} has {lag} seconds of lag (>= {maxlag})",
                                                [ 'host' => $host, 'lag' => $lag, 'maxlag' => $maxServerLag ]
                                        );
@@ -639,6 +645,12 @@ class LoadBalancer implements ILoadBalancer {
                $oldConnsOpened = $this->connsOpened; // connections open now
 
                if ( $i == self::DB_MASTER ) {
+                       if ( $flags & self::CONN_NO_WRITE ) {
+                               throw new InvalidArgumentException(
+                                       'Cannot set CONN_NO_WRITE flag on master connection!'
+                               );
+                       }
+
                        $i = $this->getWriterIndex();
                } else {
                        # Try to find an available server in any the query groups (in order)
@@ -649,6 +661,9 @@ class LoadBalancer implements ILoadBalancer {
                                        break;
                                }
                        }
+
+                       // Request no-write connection, even if $i == $this->getWriterIndex().
+                       $flags |= self::CONN_NO_WRITE;
                }
 
                # Operation-based index
@@ -665,6 +680,9 @@ class LoadBalancer implements ILoadBalancer {
                                $this->reportConnectionError();
                                return null; // not reached
                        }
+
+                       // Request no-write connection, even if $i == $this->getWriterIndex().
+                       $flags |= self::CONN_NO_WRITE;
                }
 
                # Now we have an explicit index into the servers array
@@ -785,6 +803,13 @@ class LoadBalancer implements ILoadBalancer {
                // a) those are usually set to implicitly use transaction rounds via DBO_TRX
                // b) those must support the use of explicit transaction rounds via beginMasterChanges()
                $autoCommit = ( ( $flags & self::CONN_TRX_AUTO ) == self::CONN_TRX_AUTO );
+               $noWrite = ( ( $flags & self::CONN_NO_WRITE ) == self::CONN_NO_WRITE );
+
+               if ( $noWrite && $i === $this->getWriterIndex() ) {
+                       // We can't disable writes on the master connection!
+                       // TODO: Wrap the master connection, so write operations fail!
+                       $noWrite = false;
+               }
 
                if ( $domain !== false ) {
                        // Connection is to a foreign domain
@@ -801,6 +826,7 @@ class LoadBalancer implements ILoadBalancer {
                                // Open a new connection
                                $server = $this->mServers[$i];
                                $server['serverIndex'] = $i;
+                               $server['noWrite'] = $noWrite;
                                $server['autoCommitOnly'] = $autoCommit;
                                $conn = $this->reallyOpenConnection( $server, false );
                                $host = $this->getServerName( $i );
@@ -857,6 +883,13 @@ class LoadBalancer implements ILoadBalancer {
                $dbName = $domainInstance->getDatabase();
                $prefix = $domainInstance->getTablePrefix();
                $autoCommit = ( ( $flags & self::CONN_TRX_AUTO ) == self::CONN_TRX_AUTO );
+               $noWrite = ( ( $flags & self::CONN_NO_WRITE ) == self::CONN_NO_WRITE );
+
+               if ( $noWrite && $i === $this->getWriterIndex() ) {
+                       // We can't disable writes on the master connection!
+                       // TODO: Wrap the master connection, so write operations fail!
+                       $noWrite = false;
+               }
 
                if ( $autoCommit ) {
                        $connFreeKey = self::KEY_FOREIGN_FREE_NOROUND;
@@ -904,6 +937,7 @@ class LoadBalancer implements ILoadBalancer {
                        $server['foreignPoolRefCount'] = 0;
                        $server['foreign'] = true;
                        $server['autoCommitOnly'] = $autoCommit;
+                       $server['noWrite'] = $noWrite;
                        $conn = $this->reallyOpenConnection( $server, $dbName );
                        if ( !$conn->isOpen() ) {
                                $this->connLogger->warning( __METHOD__ . ": connection error for $i/$domain" );