view tests/test-ssh-repoerror.t @ 40022:33eb670e2834

wireprotov2: define semantics for content redirects When I implemented the clonebundles feature and deployed it on hg.mozilla.org using Amazon S3 as a content server, server-side CPU and bandwidth usage dropped off a cliff and a ton of server scaling headaches went away pretty much the instant clients with support for clonebundles were rolled out to Firefox CI. An obvious takeaway from that experience was that offloading server load to scalable file servers - potentially backed by a CDN - is a really good idea. Another takeaway was that Mercurial's wire protocol wasn't in a good position to support data offload generally. In wire protocol version 1, there isn't a mechanism in the protocol to say "grab the data from over here instead." For HTTP, we could teach the client to follow HTTP redirects. Or we could invent a media type that encoded redirects inline. But for SSH, we were pretty much out of luck because that protocol wasn't very flexible. Wire protocol version 2 offers the opportunity to do something better. The recent generic server-side content caching layer in the wire protocol version 2 server demonstrated that it is possible to have drop-in caching of responses to command requests. This by itself adds tons of value and already makes the built-in server much more scalable. But I don't want to stop there. The existing server-side caching implementation has a big weakness: it requires the server to send data to the client. This means that the Mercurial server is potentially sending gigabytes of data to thousands of clients. This is problematic because compared to scaling static file servers, scaling dynamic servers is *hard*. A solution to this is to "offload" serving of content to something that isn't the Mercurial server. By offloading content serving, you turn the Mercurial server from a centralized monolithic service to a distributed mostly-indexing service. Assuming high rates of content offload, this should drastically reduce the total work performed by the Mercurial server, both in terms of CPU and data transfer. This will make Mercurial servers vastly easier to scale. This commit defines the semantics for "content redirects" in wire protocol version 2. Essentially: * Servers advertise the set of locations a response could be served from. * When making requests, clients advertise the set of locations they are willing to fetch content from. * Servers can then replace the inline response with one that says "get the response from over here instead." This feature - when fully implemented - will allow extending the server-side caching layer to facilitate such things as integrating your server-side cache with a scalable blob store (such as S3 or a CDN) and offloading most data transfer to that external service. This feature could also be leveraged for load balancing. e.g. requests could come into a central server and then get redirected to an available mirror depending on server availability or locality. There's tons of potential :) Differential Revision: https://phab.mercurial-scm.org/D4774
author Gregory Szorc <gregory.szorc@gmail.com>
date Wed, 26 Sep 2018 18:02:06 -0700
parents 5abc47d4ca6b
children f4893b59230f
line wrap: on
line source

#require unix-permissions no-root

initial setup

  $ cat << EOF >> $HGRCPATH
  > [ui]
  > ssh="$PYTHON" "$TESTDIR/dummyssh"
  > EOF

repository itself is non-readable
---------------------------------

  $ hg init no-read
  $ hg id ssh://user@dummy/no-read
  000000000000
  $ chmod a-rx no-read

  $ hg id ssh://user@dummy/no-read
  remote: abort: Permission denied: '$TESTTMP/no-read/.hg'
  abort: no suitable response from remote hg!
  [255]

special case files are visible, but unreadable
----------------------------------------------

This is "similar" to the test above, but the directory is "traversable". This
seems an unexpected case in real life, but we test it anyway.

  $ hg init other
  $ hg id ssh://user@dummy/other
  000000000000
  $ for item in `find other | sort -r` ; do
  >     chmod a-r $item
  > done

  $ hg id ssh://user@dummy/other
  remote: abort: Permission denied: $TESTTMP/other/.hg/requires
  abort: no suitable response from remote hg!
  [255]

directory toward the repository is read only
--------------------------------------------

  $ mkdir deep
  $ hg init deep/nested

  $ hg id ssh://user@dummy/deep/nested
  000000000000

  $ chmod a-rx deep

  $ hg id ssh://user@dummy/deep/nested
  remote: abort: Permission denied: '$TESTTMP/deep/nested/.hg'
  abort: no suitable response from remote hg!
  [255]

repository has wrong requirement
--------------------------------

  $ hg init repo-future
  $ hg id ssh://user@dummy/repo-future
  000000000000
  $ echo flying-car >> repo-future/.hg/requires
  $ hg id ssh://user@dummy/repo-future
  remote: abort: repository requires features unknown to this Mercurial: flying-car!
  remote: (see https://mercurial-scm.org/wiki/MissingRequirement for more information)
  abort: no suitable response from remote hg!
  [255]