better balance settings

author: Linus Nordberg <linus@sunet.se> 2020-02-14 12:18:31 +0100
committer: Linus Nordberg <linus@sunet.se> 2020-02-14 12:18:31 +0100
commit: 089ae7c716352ba6690aa701deee8f5aeaa06655 (patch)
tree: 55e758f0413dbac48afcb0035477349e4f7197ac
parent: 920995ca6e2ef7c4993b0196c2556409eade04d1 (diff)
4 files changed, 40 insertions, 32 deletions
diff --git a/p11p-daemon/README.md b/p11p-daemon/README.md
index 31bea54..e822935 100644
--- a/p11p-daemon/README.md
+++ b/p11p-daemon/README.md
@@ -52,15 +52,17 @@ Compile:
 
 ## Configuring p11p-daemon
 
-Edit config/sys.config to define virtual tokens.
+Edit config/sys.config to define virtual tokens and set other
+configuration options.
 
 A PKCS #11 application ("client"), connecting to p11p-daemon performs
 PKCS #11 operations on a virtual token. Each virtual token represents
 one or more physical cryptographic devices with a PKCS #11 interface
 ("tokens").
 
-Each virtual token has a name, FIXME and a list of PKCS #11 modules,
-i.e. shared libraries.
+Each virtual token has a name and a list of PKCS #11 modules,
+i.e. shared libraries. Other configuration settings have resonable
+defaults and are optional.
 
 ### vtoken name
 
@@ -81,6 +83,10 @@ switch will happen. The number of switches that will happen equals
 zero retries, a value of two will result in one retry, and so forth. A
 value of zero disables the failover functionality.
 
+The default failover configuration value equals the number of tokens
+listed in 'modules' minus one, resulting in one attempt being made per
+token.
+
 TBD: Rename 'failover' to 'retries'?
 
 #### balance
@@ -88,16 +94,21 @@ TBD: Rename 'failover' to 'retries'?
 A virtual token will balance client requests over all configured
 tokens in accordance with the configuration parameter 'balance'.
 
-TODO: Update this section.
-... a list of invocation counts.  An
-invocation count is an integer specifying how many times a token
-will be invoked before switching to the next token in the list. The first
-integer in the list corresponds to the first token, the second integer
-to the second token, and so on.
+The 'balance' configuration parameter is a list of invocation counts,
+one per token.  An invocation count is an integer specifying how many
+times a token will be used before switching to the next token in the
+list of tokens ('modules'). The first integer in the list corresponds
+to the first token, the second integer to the second token, and so on.
+
+An invocation count of 0 disables load balancing for a given token,
+meaning that once it has been chosen, it will stick.
 
-The default invocation count is one per token.
-TBD: Make it 10 or something?
+Note that there is no load balancing happening within one client
+session with the p11p-daemon. The invocation count is affected only
+when a client choses a token, which happens at client connect.
 
+The default invocation count is 0 for all tokens, effectively
+disabling load balancing.
 
 ### modules
 
@@ -107,6 +118,8 @@ Each entry in this list has a name, a path to the shared library to
 load and, optionally, an environment to run it in. The environment can
 be used to pass configuration to the module.
 
+TBD: rename to 'tokens'?
+
 
 ## Running p11p-daemon
 
diff --git a/p11p-daemon/src/p11p_client.erl b/p11p-daemon/src/p11p_client.erl
index fd101c5..5fd3ff1 100644
--- a/p11p-daemon/src/p11p_client.erl
+++ b/p11p-daemon/src/p11p_client.erl
@@ -115,10 +115,6 @@ handle_call({request, Request},
 		pass
 	end
     of
-	ack ->
-	    {reply, ack, State};
-	nack ->
-	    {reply, nack, State};
 	pass ->
 	    lager:debug("~p: sending request from ~p to prxoy app ~p", [self(), FromPid, Port]),
 	    D = p11p_rpc:serialise(Request),
@@ -126,13 +122,14 @@ handle_call({request, Request},
 		      0 -> <<?RPC_VERSION:8, D/binary>>;
 		      _ -> D
 		  end,
-	    {ok, _} = do_send(Port, Buf),
-
+	    {ok, _} = send_request(Port, Buf),
 	    {reply,
 	     {ok, size(Buf)},
 	     State#state{replyto = FromPid,
 			 timer = start_timer(State#state.timeout, Port),
-			 send_count = Sent + 1}}
+			 send_count = Sent + 1}};
+	Ret ->
+	    {reply, Ret, State}
     end;
 
 handle_call(Call, _From, State) ->
diff --git a/p11p-daemon/src/p11p_config.erl b/p11p-daemon/src/p11p_config.erl
index c4bfbcd..13723ce 100644
--- a/p11p-daemon/src/p11p_config.erl
+++ b/p11p-daemon/src/p11p_config.erl
@@ -31,7 +31,7 @@
 	  name :: string(),
 	  timeout :: non_neg_integer(),
 	  failover :: non_neg_integer(), % How many failover attempts.
-	  balance :: [non_neg_integer()],
+	  balance :: [integer()],
 	  modules = #{} :: #{string() => p11module()}
 	 }).
 -type token() :: #token{}.
@@ -177,15 +177,16 @@ new_token({Name, Settings}) ->
        name = Name,
        timeout = proplists:get_value(timeout, Settings, 25000),
        failover = proplists:get_value(failover, Settings, maps:size(Modules) - 1),
-       balance = balance(proplists:get_value(balance, Settings, []),
-			 maps:size(Modules)),
+       balance = lists:map(fun(N) -> case N of 0 -> -1; _ -> N end end,
+			   balance(proplists:get_value(balance, Settings, []),
+				   maps:size(Modules))),
        modules = Modules
       }.
 
-balance([], _) ->
-    [];
+balance([], NModules) ->
+    balance([0], NModules - 1);
 balance(List, NModules) ->
-    List ++ [1 || _ <- lists:seq(1, NModules - length(List))].
+    List ++ [0 || _ <- lists:seq(1, NModules - length(List))].
 
 conf_modules(L) ->
     conf_modules(L, #{}).
@@ -230,7 +231,7 @@ tokens_init_test_() ->
 		       {token,"vtoken0",
 			25000,
 			1,
-			[3,1],
+			[3,-1],
 			#{"bogusmod0_0" => 
 			      {p11module,"bogusmod0_0", "/path/to/bogusmod0_0", []},
 			  "bogusmod0_1" => 
@@ -239,13 +240,10 @@ tokens_init_test_() ->
 		       {token,"vtoken1",
 			12000,
 			3,
-			[],
+			[-1],
 			#{"bogusmod1_0" =>
 			      {p11module,"bogusmod1_0", "/path/to/bogusmod1_0", []},
 			  "bogusmod1_1" =>
 			      {p11module,"bogusmod1_1", "/path/to/bogusmod1_1", [{"MYENV", "myenv"}]}}}
 		  },
 		 Conf)] end}.
-%% modules_for_token_test_() ->
-%%     {setup,
-%%      fun() ->
diff --git a/p11p-daemon/src/p11p_manager.erl b/p11p-daemon/src/p11p_manager.erl
index 209d08e..6f9e977 100644
--- a/p11p-daemon/src/p11p_manager.erl
+++ b/p11p-daemon/src/p11p_manager.erl
@@ -85,6 +85,8 @@ handle_call({client_for_token, Server, TokNameIn}, _From,
     lager:debug("all clients: ~p", [ClientsIn]),
     {Clients, BalanceCount} =
 	case VTokenIn#vtoken.balance_count of
+	    -1 ->
+		{ClientsIn, -1};
 	    0 ->
 		lager:debug("~p: balancing: next client", [self()]),
 		Rotated = rotate_clients(ClientsIn),
@@ -92,9 +94,7 @@ handle_call({client_for_token, Server, TokNameIn}, _From,
 		{Rotated, First#client.balance - 1};
 	    N when N > 0 ->
 		lager:debug("~p: balancing: ~B more invocations", [self(), N]),
-		{ClientsIn, N - 1};
-	    -1 ->
-		{ClientsIn, -1}
+		{ClientsIn, N - 1}
 	end,
     Current = hd(Clients),
     case Current#client.pid of
author	Linus Nordberg <linus@sunet.se>	2020-02-14 12:18:31 +0100
committer	Linus Nordberg <linus@sunet.se>	2020-02-14 12:18:31 +0100
commit	089ae7c716352ba6690aa701deee8f5aeaa06655 (patch)
tree	55e758f0413dbac48afcb0035477349e4f7197ac
parent	920995ca6e2ef7c4993b0196c2556409eade04d1 (diff)