license key implementation #31766
license key implementation #31766
Conversation
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
5 times, most recently
from
7823431 to
71a91df
Compare
src/adapter/src/config.rs
Outdated
| @@ -43,6 +43,8 @@ pub struct SystemParameterSyncConfig { | |||
| /// to use when populating the [SynchronizedParameters] | |||
| /// instance in [SystemParameterFrontend::pull]. | |||
| ld_key_map: BTreeMap<String, String>, | |||
| /// max_credit_consumption_rate override from the license key. | |||
| pub max_credit_consumption_rate: Option<f64>, | |||
There was a problem hiding this comment.
Just wondering if we are overloading max_credit_consumption_rate here rather than moving to something like max_memory_consumption_rate . The latter would open the door for max_disk_consumption_rate as well, but it means adding additional validations during ddl planning?
There was a problem hiding this comment.
we probably will need to do this eventually, but that would be a more complicated change that i'd like to leave for the future, to limit the scope here (there's already a lot going on in this pr)
| if !license_key_config.allow_credit_consumption_override { | ||
| for (name, replica) in cluster_replica_sizes.0.iter_mut() { | ||
| let memory_limit = replica.memory_limit.get_or_insert_with(|| { | ||
| warn!("No memory limit found in cluster definition for {name}, defaulting to 4GiB"); |
There was a problem hiding this comment.
This seems odd. Whenever these values are read in we want them to be parsed, for instance, if we added a systemvar to allow defining cluster sizes we'd also need to apply this logic there. It might make sense to this to be a function on ClusterReplicaSizeMap, or have a builder for ClusterReplicaSizeMap that allows somethingl ike a with_default_memory_limit . Alternatively we added memory requests it may not be obvious that we should update this to be the request value rather than 4Gi.
There was a problem hiding this comment.
yeah, i wasn't quite sure what to do here - if a user is using a license key with limited credits/memory usage, we can't allow using clusters that don't have memory limits set, but a lot of our tests currently want to do this. it might be better to just fail here instead of setting a default, and update the tests instead, i'll look into it
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
2 times, most recently
from
90677a1 to
d1cee6a
Compare
| } else if matches!(args.orchestrator, OrchestratorKind::Kubernetes) { | ||
| panic!("--license-key is required when running in Kubernetes"); |
There was a problem hiding this comment.
Any chance we could further match here on the cloud provider to skip this check entirely for the Cloud offering? (Note: I'm not sure what cloud provider self hosted folks get reported as)
Also any reason for a panic instead of returning an error?
There was a problem hiding this comment.
i don't think we want to be able to bypass needing a license key like that? my understanding was we wanted all community edition usage to be restricted. self-hosted users will also be using the aws cloud provider (the same thing our cloud product uses) if they are running in aws
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
from
d1cee6a to
cb4ba28
Compare
|
fixed up the panics and hardcoded constants |
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
from
cb4ba28 to
1632065
Compare
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
6 times, most recently
from
79d765d to
6e671df
Compare
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
8 times, most recently
from
d8cff0a to
3db5e25
Compare
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
5 times, most recently
from
3286322 to
be5770d
Compare
|
okay, this appears to be working now - i still need to do some testing on the cloud side to make sure that things don't break when a release with these changes goes out, but it should be ready for one final review |
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
3 times, most recently
from
9bea33c to
1b753bc
Compare
if no license key is provided, default to a limit of 24 (cloud will use a special license key which disables the check entirely) if we have loaded a max_credit_consumption_rate, don't allow it to be modified by anyone. this should ensure that we can continue managing max_credit_consumption_rate as before in cloud (which will use a specially issued license key which disables these checks) but anyone using the emulator/self-hosted will either have a custom limit loaded from their license key, or a default limit if they don't provide a license key, neither of which can be overridden.
cloudtests are using the deployed docker image but want to run the tests in kubernetes, but the image that we provide won't run in kubernetes without a license key additionally, some of the non-kubernetes tests want to run more than 24G of clusters, so we need to pass through the license key for those too
doy-materialize
force-pushed
the
push-uzwmlvurxytq
branch
from
1b753bc to
a57568b
Compare
doy-materialize
changed the title
|
fairly sure the remaining sqlsmith errors are #32081, so i'm going to ignore those for now |
| @@ -289,6 +290,16 @@ def __init__( | |||
| config["platform"] = platform | |||
|
|
|||
| volumes = [] | |||
|
|
|||
| if image_version is None or image_version >= "v0.140.0-dev": | |||
There was a problem hiding this comment.
Does string comparison work for a Version object?
There was a problem hiding this comment.
Probably not correctly.
There was a problem hiding this comment.
Motivation
https://github.com/MaterializeInc/cloud/issues/10759
this is the first draft of an implementation of license keys (more details can be found at https://www.notion.so/materialize/License-keys-1a713f48d37b80298db2d241b90fcfd5). the basic outline is that environmentd will read the max credit consumption rate from the signed license key as well as a flag to determine whether both the credit consumption rate limit and the credits each cluster replica uses can be overridden by the user. if no license key is provided, the user will be limited to 24G of clusters. in cloud, we'll be able to provide a special license key which disables these checks.
Tips for reviewer
opening this as a draft to see how it works in ci and if there is anything that needs to be fixed in the test suite. also, the public key used for license validation is currently coming from a random kms key in the scratch account, and i'll need to do the real implementation of license key issuing on the cloud side first before we can merge this, in order to get the real pubkey to use.
Checklist
$T ⇔ Proto$Tmapping (possibly in a backwards-incompatible way), then it is tagged with aT-protolabel.