From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id E27B11FF13C for ; Thu, 02 Apr 2026 12:53:19 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 168D01244D; Thu, 2 Apr 2026 12:53:49 +0200 (CEST) From: Christian Ebner To: pbs-devel@lists.proxmox.com Subject: [PATCH proxmox-backup v8 01/17] api: s3: add endpoint to reset s3 request counters Date: Thu, 2 Apr 2026 12:53:17 +0200 Message-ID: <20260402105333.463088-2-c.ebner@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260402105333.463088-1-c.ebner@proxmox.com> References: <20260402105333.463088-1-c.ebner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1775127166854 X-SPAM-LEVEL: Spam detection results: 0 AWL -1.433 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 1 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 1 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 1 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: LMM34SXRFNAFJYA2KC5GKGSZJXKIGUI3 X-Message-ID-Hash: LMM34SXRFNAFJYA2KC5GKGSZJXKIGUI3 X-MailFrom: c.ebner@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox Backup Server development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Allows to manually reset the current counter states via the api, in order to provide the same functionality also via a dedicated cli command. Regular operation will however be to reset the counters via a scheduled task, as introduced subsequently. Signed-off-by: Christian Ebner Reviewed-by: Hannes Laimer Tested-by: Hannes Laimer --- changes since version 7: - no changes src/api2/admin/s3.rs | 71 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 68 insertions(+), 3 deletions(-) diff --git a/src/api2/admin/s3.rs b/src/api2/admin/s3.rs index 1e098b4a1..174e8bfe7 100644 --- a/src/api2/admin/s3.rs +++ b/src/api2/admin/s3.rs @@ -1,13 +1,16 @@ //! S3 bucket operations -use anyhow::{Context, Error}; +use std::path::Path; +use std::sync::atomic::Ordering; + +use anyhow::{bail, Context, Error}; use serde_json::Value; use proxmox_http::Body; use proxmox_router::{list_subdirs_api_method, Permission, Router, RpcEnvironment, SubdirMap}; use proxmox_s3_client::{ S3Client, S3ClientConf, S3ClientOptions, S3ObjectKey, S3RequestCounterConfig, - S3_BUCKET_NAME_SCHEMA, S3_CLIENT_ID_SCHEMA, S3_HTTP_REQUEST_TIMEOUT, + SharedRequestCounters, S3_BUCKET_NAME_SCHEMA, S3_CLIENT_ID_SCHEMA, S3_HTTP_REQUEST_TIMEOUT, }; use proxmox_schema::*; use proxmox_sortable_macro::sortable; @@ -96,8 +99,70 @@ pub async fn check( Ok(Value::Null) } +#[api( + input: { + properties: { + "s3-client-id": { + schema: S3_CLIENT_ID_SCHEMA, + }, + bucket: { + schema: S3_BUCKET_NAME_SCHEMA, + }, + "store-prefix": { + type: String, + description: "Store prefix within bucket for S3 object keys (commonly datastore name)", + optional: true, + }, + }, + }, + access: { + permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false), + }, +)] +/// Reset the S3 request counters for matching endpoint, bucket or datastore (if prefix is given). +pub async fn reset_counters( + s3_client_id: String, + bucket: String, + store_prefix: Option, + _rpcenv: &mut dyn RpcEnvironment, +) -> Result<(), Error> { + let (config, _digest) = pbs_config::s3::config()?; + // only check if the provided endpoint id exists + let _config: S3ClientConf = config + .lookup(S3_CFG_TYPE_ID, &s3_client_id) + .context("config lookup failed")?; + + let request_counter_id = if let Some(store) = &store_prefix { + format!("{s3_client_id}-{bucket}-{store}") + } else { + format!("{s3_client_id}-{bucket}") + }; + + let path = format!("{S3_CLIENT_REQUEST_COUNTER_BASE_PATH}/{request_counter_id}.shmem"); + let path = Path::new(&path); + // Fail early to not create the file when opening shared memory map below. Accept that + // this can race, with a new counter file being created in the mean time, but that is + // not an issue. + if !path.is_file() { + bail!("Cannot find s3 counters file '{path:?}'"); + } + + let user = pbs_config::backup_user()?; + let request_counters = SharedRequestCounters::open_shared_memory_mapped(path, user) + .context("failed to open shared request counters")?; + request_counters.reset(Ordering::Release); + + Ok(()) +} + #[sortable] -const S3_OPERATION_SUBDIRS: SubdirMap = &[("check", &Router::new().put(&API_METHOD_CHECK))]; +const S3_OPERATION_SUBDIRS: SubdirMap = &[ + ("check", &Router::new().put(&API_METHOD_CHECK)), + ( + "reset-counters", + &Router::new().put(&API_METHOD_RESET_COUNTERS), + ), +]; const S3_OPERATION_ROUTER: Router = Router::new() .get(&list_subdirs_api_method!(S3_OPERATION_SUBDIRS)) -- 2.47.3