add support for storage stuff in Riak
156 views
Skip to first unread message
David Gwynne
Jun 18, 2012, 3:16:05 AM6/18/12
to simple...@googlegroups.com
I have put the code below into production here and it's working
well.
I am yet to decide how to nicely handle deletion of expired entries,
but I thought I'd sent it out to see if anyone had any feedback.
Index: lib/SimpleSAML/Store.php
===================================================================
--- lib/SimpleSAML/Store.php (revision 3120)
+++ lib/SimpleSAML/Store.php (working copy)
@@ -44,6 +44,9 @@
case 'memcache':
self::$instance = new SimpleSAML_Store_Memcache();
break;
+ case 'riak':
+ self::$instance = new SimpleSAML_Store_Riak();
+ break;
case 'sql':
self::$instance = new SimpleSAML_Store_SQL();
break;
Index: lib/SimpleSAML/Store/Riak.php
===================================================================
--- lib/SimpleSAML/Store/Riak.php (revision 0)
+++ lib/SimpleSAML/Store/Riak.php (working copy)
@@ -0,0 +1,79 @@
+<?php class SimpleSAML_Store_Riak extends SimpleSAML_Store {
+ protected function __construct() {
+ $config = SimpleSAML_Configuration::getInstance();
+
+ $path = $config->getString('store.riak.path', 'riak-php-client/riak.php');
+ $host = $config->getString('store.riak.host', 'localhost');
+ $port = $config->getString('store.riak.port', 8098);
+ $bucket = $config->getString('store.riak.bucket', 'simpleSAMLphp');
+
+ require_once($path);
+ $this->client = new RiakClient($host, $port);
+ $this->bucket = $this->client->bucket($bucket);
+ }
+
+ /**
+ * Retrieve a value from the datastore.
+ *
+ * @param string $type The datatype.
+ * @param string $key The key.
+ * @return mixed|NULL The value.
+ */
+ public function get($type, $key) {
+ assert('is_string($type)');
+ assert('is_string($key)');
+
+ $v = $this->bucket->getBinary("$type.$key");
+ if (!$v->exists()) {
+ return (NULL);
+ }
+
+ $expires = $v->getIndex('Expires', 'int');
+ if (sizeof($expires) && (int)array_shift($expires) <= time()) {
+ $v->delete();
+ return (NULL);
+ }
+
+ return (unserialize($v->getData()));
+ }
+
+
+ /**
+ * Save a value to the datastore.
+ *
+ * @param string $type The datatype.
+ * @param string $key The key.
+ * @param mixed $value The value.
+ * @param int|NULL $expire The expiration time (unix timestamp), or NULL if it never expires.
+ */
+ public function set($type, $key, $value, $expire = NULL) {
+ assert('is_string($type)');
+ assert('is_string($key)');
+ assert('is_null($expire) || (is_int($expire) && $expire > 2592000)');
+
+ $v = $this->bucket->newBinary("$type.$key", serialize($value), 'application/php');
+ if (!is_null($expire)) {
+ $v->addIndex("Expires", "int", $expire);
+ }
+
+ $v->store();
+ }
+
+ /**
+ * Delete a value from the datastore.
+ *
+ * @param string $type The datatype.
+ * @param string $key The key.
+ */
+ public function delete($type, $key) {
+ assert('is_string($type)');
+ assert('is_string($key)');
+
+ $v = $this->bucket->getBinary("$type.$key");
+ if (!$v->exists()) {
+ return;
+ }
+
+ $v->delete();
+ }
+} ?>
Index: config-templates/config.php
===================================================================
--- config-templates/config.php (revision 3120)
+++ config-templates/config.php (working copy)
@@ -499,6 +499,7 @@
*
* - 'phpsession': Limited datastore, which uses the PHP session.
* - 'memcache': Key-value datastore, based on memcache.
+ * - 'riak': Key-value datastore, uses riak-php-client
* - 'sql': SQL datastore, using PDO.
*
* The default datastore is 'phpsession'.
@@ -509,6 +510,15 @@
/*
+ * The RiakStore class uses the following values as defaults:
+ *
+ * 'store.riak.path' => 'riak-php-client/riak.php',
+ * 'store.riak.host' => 'localhost',
+ * 'store.riak.port' => 8098,
+ * 'store.riak.bucket' => 'SimpleSAMLphp,
+ */
+
+ /*
* The DSN the sql datastore should connect to.
*
* See http://www.php.net/manual/en/pdo.drivers.php for the various
well.
I am yet to decide how to nicely handle deletion of expired entries,
but I thought I'd sent it out to see if anyone had any feedback.
Index: lib/SimpleSAML/Store.php
===================================================================
--- lib/SimpleSAML/Store.php (revision 3120)
+++ lib/SimpleSAML/Store.php (working copy)
@@ -44,6 +44,9 @@
case 'memcache':
self::$instance = new SimpleSAML_Store_Memcache();
break;
+ case 'riak':
+ self::$instance = new SimpleSAML_Store_Riak();
+ break;
case 'sql':
self::$instance = new SimpleSAML_Store_SQL();
break;
Index: lib/SimpleSAML/Store/Riak.php
===================================================================
--- lib/SimpleSAML/Store/Riak.php (revision 0)
+++ lib/SimpleSAML/Store/Riak.php (working copy)
@@ -0,0 +1,79 @@
+<?php class SimpleSAML_Store_Riak extends SimpleSAML_Store {
+ protected function __construct() {
+ $config = SimpleSAML_Configuration::getInstance();
+
+ $path = $config->getString('store.riak.path', 'riak-php-client/riak.php');
+ $host = $config->getString('store.riak.host', 'localhost');
+ $port = $config->getString('store.riak.port', 8098);
+ $bucket = $config->getString('store.riak.bucket', 'simpleSAMLphp');
+
+ require_once($path);
+ $this->client = new RiakClient($host, $port);
+ $this->bucket = $this->client->bucket($bucket);
+ }
+
+ /**
+ * Retrieve a value from the datastore.
+ *
+ * @param string $type The datatype.
+ * @param string $key The key.
+ * @return mixed|NULL The value.
+ */
+ public function get($type, $key) {
+ assert('is_string($type)');
+ assert('is_string($key)');
+
+ $v = $this->bucket->getBinary("$type.$key");
+ if (!$v->exists()) {
+ return (NULL);
+ }
+
+ $expires = $v->getIndex('Expires', 'int');
+ if (sizeof($expires) && (int)array_shift($expires) <= time()) {
+ $v->delete();
+ return (NULL);
+ }
+
+ return (unserialize($v->getData()));
+ }
+
+
+ /**
+ * Save a value to the datastore.
+ *
+ * @param string $type The datatype.
+ * @param string $key The key.
+ * @param mixed $value The value.
+ * @param int|NULL $expire The expiration time (unix timestamp), or NULL if it never expires.
+ */
+ public function set($type, $key, $value, $expire = NULL) {
+ assert('is_string($type)');
+ assert('is_string($key)');
+ assert('is_null($expire) || (is_int($expire) && $expire > 2592000)');
+
+ $v = $this->bucket->newBinary("$type.$key", serialize($value), 'application/php');
+ if (!is_null($expire)) {
+ $v->addIndex("Expires", "int", $expire);
+ }
+
+ $v->store();
+ }
+
+ /**
+ * Delete a value from the datastore.
+ *
+ * @param string $type The datatype.
+ * @param string $key The key.
+ */
+ public function delete($type, $key) {
+ assert('is_string($type)');
+ assert('is_string($key)');
+
+ $v = $this->bucket->getBinary("$type.$key");
+ if (!$v->exists()) {
+ return;
+ }
+
+ $v->delete();
+ }
+} ?>
Index: config-templates/config.php
===================================================================
--- config-templates/config.php (revision 3120)
+++ config-templates/config.php (working copy)
@@ -499,6 +499,7 @@
*
* - 'phpsession': Limited datastore, which uses the PHP session.
* - 'memcache': Key-value datastore, based on memcache.
+ * - 'riak': Key-value datastore, uses riak-php-client
* - 'sql': SQL datastore, using PDO.
*
* The default datastore is 'phpsession'.
@@ -509,6 +510,15 @@
/*
+ * The RiakStore class uses the following values as defaults:
+ *
+ * 'store.riak.path' => 'riak-php-client/riak.php',
+ * 'store.riak.host' => 'localhost',
+ * 'store.riak.port' => 8098,
+ * 'store.riak.bucket' => 'SimpleSAMLphp,
+ */
+
+ /*
* The DSN the sql datastore should connect to.
*
* See http://www.php.net/manual/en/pdo.drivers.php for the various
Olav Morken
Jun 27, 2012, 2:51:46 AM6/27/12
to simple...@googlegroups.com
On Mon, Jun 18, 2012 at 17:16:05 +1000, David Gwynne wrote:
> I have put the code below into production here and it's working
> well.
>
> I am yet to decide how to nicely handle deletion of expired entries,
> but I thought I'd sent it out to see if anyone had any feedback.
Hi,
> I have put the code below into production here and it's working
> well.
>
> I am yet to decide how to nicely handle deletion of expired entries,
> but I thought I'd sent it out to see if anyone had any feedback.
sorry about the lack of feedback. I had a look on this patch now, and
I don't see any problems with it. As you mentioned, some solution for
removing expired entries should be added though.
Best regards,
Olav Morken
UNINETT / Feide
David Gwynne
Jun 27, 2012, 5:08:56 AM6/27/12
to simple...@googlegroups.com
yeah. deletes using riak-php-client are expensive because you have to get the object (including the payload) out of riak before you can call its delete subroutine. the 2i lookups are really fast, its always ~1 second even if it returns 50 or 5000 results using the api, but because the deletes are so slow its not feasible to do them randomly and opportunistically like the sql storage backend does. it'll slow down the clients using ssp.
i have the following running out of cron every half hour at the moment:
<?php
require_once('riak-php-client/riak.php');
$client = new RiakClient('_riak', 8098);
$bucket = $client->bucket('simpleSAMLphp');
$result = $bucket->indexSearch('expires', 'int', 1, time() - 30);
if (!openlog("ssp-gc", LOG_PID|LOG_NDELAY, LOG_DAEMON)) {
die("openlog");
};
syslog(LOG_INFO, "deleting " . sizeof($result) . " keys");
closelog();
foreach ($result as $link) {
$link->getBinary()->delete();
}
?>
it works fine, but it is Yet Another Thing someone deploying simplesamlphp on top of riak would have to configure, and worse, if you pick different defaults to what you put in your config/config.php you have to modify the settings in both locations. is there a nice way to pull in ssp config params from something outside ssp?
perhaps it is reasonable to have to set up such a cron job assuming i can solve the config problems?
dlg
> --
> You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
> To post to this group, send email to simple...@googlegroups.com.
> To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
>
i have the following running out of cron every half hour at the moment:
<?php
require_once('riak-php-client/riak.php');
$client = new RiakClient('_riak', 8098);
$bucket = $client->bucket('simpleSAMLphp');
$result = $bucket->indexSearch('expires', 'int', 1, time() - 30);
if (!openlog("ssp-gc", LOG_PID|LOG_NDELAY, LOG_DAEMON)) {
die("openlog");
};
syslog(LOG_INFO, "deleting " . sizeof($result) . " keys");
closelog();
foreach ($result as $link) {
$link->getBinary()->delete();
}
?>
it works fine, but it is Yet Another Thing someone deploying simplesamlphp on top of riak would have to configure, and worse, if you pick different defaults to what you put in your config/config.php you have to modify the settings in both locations. is there a nice way to pull in ssp config params from something outside ssp?
perhaps it is reasonable to have to set up such a cron job assuming i can solve the config problems?
dlg
> You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
> To post to this group, send email to simple...@googlegroups.com.
> To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
>
Olav Morken
Jun 28, 2012, 4:11:37 AM6/28/12
to simple...@googlegroups.com
On Wed, Jun 27, 2012 at 19:08:56 +1000, David Gwynne wrote:
> yeah. deletes using riak-php-client are expensive because you have to get the object (including the payload) out of riak before you can call its delete subroutine. the 2i lookups are really fast, its always ~1 second even if it returns 50 or 5000 results using the api, but because the deletes are so slow its not feasible to do them randomly and opportunistically like the sql storage backend does. it'll slow down the clients using ssp.
>
> i have the following running out of cron every half hour at the moment:
>
> <?php
> require_once('riak-php-client/riak.php');
>
> $client = new RiakClient('_riak', 8098);
> $bucket = $client->bucket('simpleSAMLphp');
>
> $result = $bucket->indexSearch('expires', 'int', 1, time() - 30);
>
> if (!openlog("ssp-gc", LOG_PID|LOG_NDELAY, LOG_DAEMON)) {
> die("openlog");
> };
> syslog(LOG_INFO, "deleting " . sizeof($result) . " keys");
> closelog();
>
> foreach ($result as $link) {
> $link->getBinary()->delete();
> }
> ?>
>
> it works fine, but it is Yet Another Thing someone deploying simplesamlphp on top of riak would have to configure, and worse, if you pick different defaults to what you put in your config/config.php you have to modify the settings in both locations. is there a nice way to pull in ssp config params from something outside ssp?
>
> perhaps it is reasonable to have to set up such a cron job assuming i can solve the config problems?
I think so. Solving the config-problem can be done by asking
> yeah. deletes using riak-php-client are expensive because you have to get the object (including the payload) out of riak before you can call its delete subroutine. the 2i lookups are really fast, its always ~1 second even if it returns 50 or 5000 results using the api, but because the deletes are so slow its not feasible to do them randomly and opportunistically like the sql storage backend does. it'll slow down the clients using ssp.
>
> i have the following running out of cron every half hour at the moment:
>
> <?php
> require_once('riak-php-client/riak.php');
>
> $client = new RiakClient('_riak', 8098);
> $bucket = $client->bucket('simpleSAMLphp');
>
> $result = $bucket->indexSearch('expires', 'int', 1, time() - 30);
>
> if (!openlog("ssp-gc", LOG_PID|LOG_NDELAY, LOG_DAEMON)) {
> die("openlog");
> };
> syslog(LOG_INFO, "deleting " . sizeof($result) . " keys");
> closelog();
>
> foreach ($result as $link) {
> $link->getBinary()->delete();
> }
> ?>
>
> it works fine, but it is Yet Another Thing someone deploying simplesamlphp on top of riak would have to configure, and worse, if you pick different defaults to what you put in your config/config.php you have to modify the settings in both locations. is there a nice way to pull in ssp config params from something outside ssp?
>
> perhaps it is reasonable to have to set up such a cron job assuming i can solve the config problems?
simpleSAMLphp for the config:
$baseDir = dirname(dirname(__FILE__));
require_once($baseDir . '/lib/_autoload.php');
$config = SimpleSAML_Configuration::getInstance();
There is also the cron-module in simpleSAMLphp, which is designed to
run cron-jobs from the web. Maybe that one can be used?
Any chance you could provide a document describing how this should be
configured also? (E.g. requirements for cron-job, anything special
configuration for Riak (DB type?), etc.)
David Gwynne
Jun 28, 2012, 5:25:46 AM6/28/12
to simple...@googlegroups.com
would keeping the names of the config variables (store.riak.host, etc) the same as they are now be ok to configure a module?
> Any chance you could provide a document describing how this should be
> configured also? (E.g. requirements for cron-job, anything special
> configuration for Riak (DB type?), etc.)
i can try doco, but cos i wrote the code i think everything is obvious.
dlg
>
> Best regards,
> Olav Morken
> UNINETT / Feide
>
Olav Morken
Jun 28, 2012, 5:32:34 AM6/28/12
to simple...@googlegroups.com
many other modules. E.g.: module_riak.php
> > Any chance you could provide a document describing how this should be
> > configured also? (E.g. requirements for cron-job, anything special
> > configuration for Riak (DB type?), etc.)
>
> yeah, the cronjob would require the leveldb backend so we can use the secondary indexes feature. i believe that the next version of riak will also support secondary indexes on the memory backend.
>
> i can try doco, but cos i wrote the code i think everything is obvious.
to use Riak for session store. E.g. enable the module, change
configuration, download Riak PHP library, configure Riak, etc.
David Gwynne
Jun 28, 2012, 8:28:13 AM6/28/12
to simple...@googlegroups.com
On Thu, Jun 28, 2012 at 11:32:34AM +0200, Olav Morken wrote:
>
> Either that, or move it into a separate config file, like we have for
> many other modules. E.g.: module_riak.php
i prefer as much config in one place as possible, so i kept them
>
> Either that, or move it into a separate config file, like we have for
> many other modules. E.g.: module_riak.php
in config.php.
> I'd write it as a form of step-by-step instruction for configuring SSP
> to use Riak for session store. E.g. enable the module, change
> configuration, download Riak PHP library, configure Riak, etc.
the cron hook.
the 'riak:Store' bit is working fine instead of the 'riak' option
from my first diff. i have ssp running on two separate boxes as the
same SP by sharing the same riak cluster and bucket. a load balancer
in front of them simply roundrobins requests across them. one of
the servers is still running with the code from my original diff,
and the other with the code below.
dlg
Index: docs/simplesamlphp-riak.php
===================================================================
--- docs/simplesamlphp-riak.php (revision 0)
+++ docs/simplesamlphp-riak.php (working copy)
@@ -0,0 +1,115 @@
+Riak Store module
+=================
+
+<!--
+ This file is written in Markdown syntax.
+ For more information about how to use the Markdown syntax, read here:
+ http://daringfireball.net/projects/markdown/syntax
+-->
+
+ * Version: `$Id$'
+
+<!-- {{TOC}} -->
+
+Introduction
+------------
+
+The riak module implements a Store that can be used as a backend
+for simpleSAMLphp session data like the phpsession, sql, or memcache
+backends.
+
+Preparations
+------------
+
+The obvious first step for using Riak as a backend is to install
+and configure a Riak cluster for SimpleSAMLphp to use. Please refer
+to the Riak documentation for this.
+
+This module requires the use of a Riak backend that supports secondary
+indexes. Refer to the Riak documentation on how to enable an
+appropriate backend for use by this module. Currently the only
+storage backend that supports secondary indexes is leveldb.
+
+Next, you will need to install the Riak PHP Client library, available
+from https://github.com/basho/riak-php-client.
+
+Finally, you need to config SimpleSAMLphp to for the riak Store by
+enabling the following modules:
+
+ 1. cron
+ 2. riak
+
+The cron module allows you to do tasks regularly by setting up a
+cronjob that calls hooks in simpleSAMLphp. This is required by the
+riak module to remove expired entries in the store.
+
+Enabling the riak module allows it to be loaded and used as a storage
+backend.
+
+You also need to copy the `config-templates` files from the cron
+module above into the global `config/` directory.
+
+ $ cd /var/simplesamlphp
+ $ touch modules/cron/enable
+ $ cp modules/cron/config-templates/*.php config/
+ $ touch modules/riak/enable
+
+
+Configuring the cron module
+---------------------------
+
+At `/var/simplesamlphp/config`
+
+ $ vi module_cron.php
+
+edit:
+
+ $config = array (
+ 'key' => 'secret',
+ 'allowed_tags' => array('daily', 'hourly', 'frequent'),
+ 'debug_message' => TRUE,
+ 'sendemail' => TRUE,
+ );
+
+Then: With your browser go to => https://simplesamlphp_machine/simplesaml/module.php/cron/croninfo.php
+
+And copy the cron's sugestion:
+
+ -------------------------------------------------------------------------------------------------------------------
+ Cron is a way to run things regularly on unix systems.
+
+ Here is a suggestion for a crontab file:
+
+ # Run cron [daily]
+ 02 0 * * * curl --silent "https://simplesamlphp_machine/simplesaml/module.php/cron/cron.php?key=secret&tag=daily" > /dev/null 2>&1
+ # Run cron [hourly]
+ 01 * * * * curl --silent "https://simplesamlphp_machine/simplesaml/module.php/cron/cron.php?key=secret&tag=hourly" > /dev/null 2>&1
+ # Run cron [frequent]
+ XXXXXXXXXX curl --silent "https://simplesamlphp_machine/simplesaml/module.php/cron/cron.php?key=secret&tag=frequent" > /dev/null 2>&1
+ Click here to run the cron jobs:
+
+ Run cron [daily]
+ Run cron [hourly]
+ Run cron [frequent]
+ -------------------------------------------------------------------------------------------------------------------
+
+Add to CRON with
+
+ # crontab -e
+
+Configuring the riak module
+---------------------------
+
+The riak module uses the following configuration options specified
+in the main `config/config.php`. The defaults are listed:
+
+ 'store.riak.path' => 'riak-php-client/riak.php',
+ 'store.riak.host' => 'localhost',
+ 'store.riak.port' => 8098,
+ 'store.riak.bucket' => 'SimpleSAMLphp',
+
+Finally, the module can be specified as the Store in `config/config.php`
+with the following setting:
+
+ 'store.type' => 'riak:Store',
+
Index: modules/riak/hooks/hook_cron.php
===================================================================
--- modules/riak/hooks/hook_cron.php (revision 0)
+++ modules/riak/hooks/hook_cron.php (working copy)
@@ -0,0 +1,30 @@
+<?php
+/**
+ * Hook to run a cron job.
+ *
+ * @param array &$croninfo Output
+ */
+function riak_hook_cron(&$croninfo) {
+ assert('is_array($croninfo)');
+ assert('array_key_exists("summary", $croninfo)');
+ assert('array_key_exists("tag", $croninfo)');
+
+ if ($croninfo['tag'] !== 'hourly') return;
+
+ try {
+ $store = new sspmod_riak_Store_Store();
+ $result = $store->$bucket->indexSearch('expires', 'int',
+ 1, time() - 30);
+ foreach ($result as $link) {
+ $link->getBinary()->delete();
+ }
+
+ SimpleSAML_Logger::info(sprintf("deleted %s riak key%s",
+ sizeof($result), sizeof($result) == 1 ? '' : 's'));
+ } catch (Exception $e) {
+ $message = 'riak threw exception: ' . $e->getMessage();
+ SimpleSAML_Logger::warning($message);
+ $croninfo['summary'][] = $message;
+ }
+}
+?>
Index: modules/riak/lib/Store/Store.php
===================================================================
--- modules/riak/lib/Store/Store.php (revision 0)
+++ modules/riak/lib/Store/Store.php (working copy)
@@ -0,0 +1,79 @@
+<?php class sspmod_riak_Store_Store extends SimpleSAML_Store {
* - 'phpsession': Limited datastore, which uses the PHP session.
* - 'memcache': Key-value datastore, based on memcache.
* - 'memcache': Key-value datastore, based on memcache.
* - 'sql': SQL datastore, using PDO.
+ * - 'riak:Store': Key-value datastore, uses riak-php-client
*
* The default datastore is 'phpsession'.
*
@@ -603,7 +604,16 @@
*/
'memcache_store.expires' => 36 * (60*60), // 36 hours.
+ /*
+ * The riak:Store module has the following config options and defaults.
+ *
+ * 'store.riak.path' => 'riak-php-client/riak.php',
+ * 'store.riak.host' => 'localhost',
+ * 'store.riak.port' => 8098,
+ * 'store.riak.bucket' => 'SimpleSAMLphp',
+ * 'store.riak.path' => 'riak-php-client/riak.php',
+ * 'store.riak.host' => 'localhost',
+ * 'store.riak.port' => 8098,
+ */
+
/*
* Should signing of generated metadata be enabled by default.
*
Philip John
Jun 28, 2012, 8:49:24 AM6/28/12
to simple...@googlegroups.com
Similar to this, we've got our own patch that supports storing in Redis (we abandoned Memcached some time ago). We also have our own metadata storage (as we run a multitenant app, so storing metadata in a config array is not feasible).
When creating this I was struck that what could be a very simple extension point required editing core files. Using the reflection API would preclude that, rather than using the switch statement.
Phil.
When creating this I was struck that what could be a very simple extension point required editing core files. Using the reflection API would preclude that, rather than using the switch statement.
Phil.
Olav Morken
Jun 29, 2012, 2:27:21 AM6/29/12
to simple...@googlegroups.com
On Thu, Jun 28, 2012 at 22:28:13 +1000, David Gwynne wrote:
> On Thu, Jun 28, 2012 at 11:32:34AM +0200, Olav Morken wrote:
> >
> > Either that, or move it into a separate config file, like we have for
> > many other modules. E.g.: module_riak.php
>
> i prefer as much config in one place as possible, so i kept them
> in config.php.
Actually, when thinking more about this, I think I am going to insist
> On Thu, Jun 28, 2012 at 11:32:34AM +0200, Olav Morken wrote:
> >
> > Either that, or move it into a separate config file, like we have for
> > many other modules. E.g.: module_riak.php
>
> i prefer as much config in one place as possible, so i kept them
> in config.php.
on having it as a separate configuration file. The reason for this is
that this module is disabled by default, and not really part of the
"core" functionality. If we start adding example configuration for all
such modules in config.php, it will very soon become unwieldy.
> > I'd write it as a form of step-by-step instruction for configuring SSP
> > to use Riak for session store. E.g. enable the module, change
> > configuration, download Riak PHP library, configure Riak, etc.
>
> i gave it a shot, and reworked the code as a proper module to support
> the cron hook.
>
> the 'riak:Store' bit is working fine instead of the 'riak' option
> from my first diff. i have ssp running on two separate boxes as the
> same SP by sharing the same riak cluster and bucket. a load balancer
> in front of them simply roundrobins requests across them. one of
> the servers is still running with the code from my original diff,
> and the other with the code below.
>
> Index: docs/simplesamlphp-riak.php
> ===================================================================
> --- docs/simplesamlphp-riak.php (revision 0)
> +++ docs/simplesamlphp-riak.php (working copy)
The documentation should be in modules/riak/docs. Also, please replace
> ===================================================================
> --- docs/simplesamlphp-riak.php (revision 0)
> +++ docs/simplesamlphp-riak.php (working copy)
the ".php"-filetype with ".txt", since this is not a PHP-script.
Also, you should have a "defualt-disable"-file in your module. Other
than that, this patch looks good.
David Gwynne
Jun 29, 2012, 2:58:07 AM6/29/12
to simple...@googlegroups.com
On Fri, Jun 29, 2012 at 08:27:21AM +0200, Olav Morken wrote:
> On Thu, Jun 28, 2012 at 22:28:13 +1000, David Gwynne wrote:
> > On Thu, Jun 28, 2012 at 11:32:34AM +0200, Olav Morken wrote:
> > >
> > > Either that, or move it into a separate config file, like we have for
> > > many other modules. E.g.: module_riak.php
> >
> > i prefer as much config in one place as possible, so i kept them
> > in config.php.
>
> Actually, when thinking more about this, I think I am going to insist
> on having it as a separate configuration file. The reason for this is
> that this module is disabled by default, and not really part of the
> "core" functionality. If we start adding example configuration for all
> such modules in config.php, it will very soon become unwieldy.
ok.
> On Thu, Jun 28, 2012 at 22:28:13 +1000, David Gwynne wrote:
> > On Thu, Jun 28, 2012 at 11:32:34AM +0200, Olav Morken wrote:
> > >
> > > Either that, or move it into a separate config file, like we have for
> > > many other modules. E.g.: module_riak.php
> >
> > i prefer as much config in one place as possible, so i kept them
> > in config.php.
>
> Actually, when thinking more about this, I think I am going to insist
> on having it as a separate configuration file. The reason for this is
> that this module is disabled by default, and not really part of the
> "core" functionality. If we start adding example configuration for all
> such modules in config.php, it will very soon become unwieldy.
> > > I'd write it as a form of step-by-step instruction for configuring SSP
> > > to use Riak for session store. E.g. enable the module, change
> > > configuration, download Riak PHP library, configure Riak, etc.
> >
> > i gave it a shot, and reworked the code as a proper module to support
> > the cron hook.
> >
> > the 'riak:Store' bit is working fine instead of the 'riak' option
> > from my first diff. i have ssp running on two separate boxes as the
> > same SP by sharing the same riak cluster and bucket. a load balancer
> > in front of them simply roundrobins requests across them. one of
> > the servers is still running with the code from my original diff,
> > and the other with the code below.
> >
> > Index: docs/simplesamlphp-riak.php
> > ===================================================================
> > --- docs/simplesamlphp-riak.php (revision 0)
> > +++ docs/simplesamlphp-riak.php (working copy)
>
> The documentation should be in modules/riak/docs. Also, please replace
> the ".php"-filetype with ".txt", since this is not a PHP-script.
> Also, you should have a "defualt-disable"-file in your module. Other
> than that, this patch looks good.
Index: modules/riak/config-templates/module_riak.php
===================================================================
--- modules/riak/config-templates/module_riak.php (revision 0)
+++ modules/riak/config-templates/module_riak.php (working copy)
@@ -0,0 +1,17 @@
+<?php
+/*
+ * The configuration of the riak Store module
+ *
+ * $Id$
+ */
+
+$config = array (
+ /*
+ * This module has the following config options and defaults.
+ *
+ * 'path' => 'riak-php-client/riak.php',
+ * 'host' => 'localhost',
+ * 'port' => 8098,
+ * 'bucket' => 'SimpleSAMLphp',
+ */
+);
Index: modules/riak/hooks/hook_cron.php
===================================================================
--- modules/riak/hooks/hook_cron.php (revision 0)
+++ modules/riak/hooks/hook_cron.php (working copy)
@@ -0,0 +1,54 @@
===================================================================
--- modules/riak/hooks/hook_cron.php (revision 0)
+++ modules/riak/hooks/hook_cron.php (working copy)
+<?php
+
+/*
+ * Copyright (c) 2012 The University of Queensland
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Written by David Gwynne <d...@uq.edu.au> as part of the IT
+ * Infrastructure Group in the Faculty of Engineering, Architecture
+ * and Information Technology.
+ */
+
+
+/**
+ * Hook to run a cron job.
+ *
+ * @param array &$croninfo Output
+ */
+function riak_hook_cron(&$croninfo) {
+ assert('is_array($croninfo)');
+ assert('array_key_exists("summary", $croninfo)');
+ assert('array_key_exists("tag", $croninfo)');
+
+ if ($croninfo['tag'] !== 'hourly') return;
+
+ try {
+ $store = new sspmod_riak_Store_Store();
+ $result = $store->bucket->indexSearch('expires', 'int',
+ * Hook to run a cron job.
+ *
+ * @param array &$croninfo Output
+ */
+function riak_hook_cron(&$croninfo) {
+ assert('is_array($croninfo)');
+ assert('array_key_exists("summary", $croninfo)');
+ assert('array_key_exists("tag", $croninfo)');
+
+ if ($croninfo['tag'] !== 'hourly') return;
+
+ try {
+ $store = new sspmod_riak_Store_Store();
+ 1, time() - 30);
+ foreach ($result as $link) {
+ $link->getBinary()->delete();
+ }
+
+ SimpleSAML_Logger::info(sprintf("deleted %s riak key%s",
+ sizeof($result), sizeof($result) == 1 ? '' : 's'));
+ } catch (Exception $e) {
+ $message = 'riak threw exception: ' . $e->getMessage();
+ SimpleSAML_Logger::warning($message);
+ $croninfo['summary'][] = $message;
+ }
+}
+?>
Index: modules/riak/default-disable
+ foreach ($result as $link) {
+ $link->getBinary()->delete();
+ }
+
+ SimpleSAML_Logger::info(sprintf("deleted %s riak key%s",
+ sizeof($result), sizeof($result) == 1 ? '' : 's'));
+ } catch (Exception $e) {
+ $message = 'riak threw exception: ' . $e->getMessage();
+ SimpleSAML_Logger::warning($message);
+ $croninfo['summary'][] = $message;
+ }
+}
+?>
===================================================================
Index: modules/riak/lib/Store/Store.php
===================================================================
--- modules/riak/lib/Store/Store.php (revision 0)
+++ modules/riak/lib/Store/Store.php (working copy)
@@ -0,0 +1,103 @@
===================================================================
--- modules/riak/lib/Store/Store.php (revision 0)
+++ modules/riak/lib/Store/Store.php (working copy)
+<?php
+
+/*
+ * Copyright (c) 2012 The University of Queensland
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Written by David Gwynne <d...@uq.edu.au> as part of the IT
+ * Infrastructure Group in the Faculty of Engineering, Architecture
+ * and Information Technology.
+ */
+
+class sspmod_riak_Store_Store extends SimpleSAML_Store {
+ protected function __construct() {
+ $config = SimpleSAML_Configuration::getConfig('module_riak.php');
+
+ $path = $config->getString('path', 'riak-php-client/riak.php');
+ $host = $config->getString('host', 'localhost');
+ $port = $config->getString('port', 8098);
+ $bucket = $config->getString('bucket', 'simpleSAMLphp');
===================================================================
--- modules/riak/docs/simplesamlphp-riak.txt (revision 0)
+++ modules/riak/docs/simplesamlphp-riak.txt (working copy)
@@ -0,0 +1,118 @@
+
+ $config = array(
+ 'path' => 'riak-php-client/riak.php',
+ 'host' => 'localhost',
+ 'port' => 8098,
+ 'bucket' => 'SimpleSAMLphp',
+ );
Olav Morken
Jun 29, 2012, 5:21:35 AM6/29/12
to simple...@googlegroups.com
David Gwynne
Jun 29, 2012, 6:17:38 PM6/29/12
to simple...@googlegroups.com
On 29/06/2012, at 7:21 PM, Olav Morken wrote:
>
> Thanks! I have committed your module in r3128.
i hope its a useful example for other people wanting to use alternative storage backends too.
cheers,
dlg
Reply all
Reply to author
Forward
0 new messages