tony/CHORUS
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

Complete BZZZ functionality port to CHORUS

Browse Source 
🎭 CHORUS now contains full BZZZ functionality adapted for containers

Core systems ported:
- P2P networking (libp2p with DHT and PubSub)
- Task coordination (COOEE protocol)
- HMMM collaborative reasoning
- SHHH encryption and security
- SLURP admin election system
- UCXL content addressing
- UCXI server integration
- Hypercore logging system
- Health monitoring and graceful shutdown
- License validation with KACHING

Container adaptations:
- Environment variable configuration (no YAML files)
- Container-optimized logging to stdout/stderr
- Auto-generated agent IDs for container deployments
- Docker-first architecture

All proven BZZZ P2P protocols, AI integration, and collaboration
features are now available in containerized form.

Next: Build and test container deployment.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
anthonyrawlins
2025-09-02 20:02:37 +10:00
parent 7c6cbd562a
commit 543ab216f9
224 changed files with 86331 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

400
pkg/slurp/distribution/consistent_hash.go Normal file
View File

@@ -0,0 +1,400 @@
// Package distribution provides consistent hashing for distributed context placement
package distribution
import (
"crypto/sha256"
"fmt"
"sort"
"sync"
)
// ConsistentHashingImpl implements ConsistentHashing interface using SHA-256 based ring
type ConsistentHashingImpl struct {
mu sync.RWMutex
ring map[uint32]string // hash -> node mapping
sortedHashes []uint32 // sorted hash values
virtualNodes int // number of virtual nodes per physical node
nodes map[string]bool // set of physical nodes
}
// NewConsistentHashingImpl creates a new consistent hashing implementation
func NewConsistentHashingImpl() (*ConsistentHashingImpl, error) {
return &ConsistentHashingImpl{
ring: make(map[uint32]string),
sortedHashes: []uint32{},
virtualNodes: 150, // Standard virtual node count for good distribution
nodes: make(map[string]bool),
}, nil
}
// AddNode adds a physical node to the consistent hash ring
func (ch *ConsistentHashingImpl) AddNode(nodeID string) error {
ch.mu.Lock()
defer ch.mu.Unlock()
if ch.nodes[nodeID] {
return fmt.Errorf("node %s already exists", nodeID)
}
// Add virtual nodes for this physical node
for i := 0; i < ch.virtualNodes; i++ {
virtualNodeKey := fmt.Sprintf("%s:%d", nodeID, i)
hash := ch.hashKey(virtualNodeKey)
ch.ring[hash] = nodeID
ch.sortedHashes = append(ch.sortedHashes, hash)
}
// Keep sorted hashes array sorted
sort.Slice(ch.sortedHashes, func(i, j int) bool {
return ch.sortedHashes[i] < ch.sortedHashes[j]
})
ch.nodes[nodeID] = true
return nil
}
// RemoveNode removes a physical node from the consistent hash ring
func (ch *ConsistentHashingImpl) RemoveNode(nodeID string) error {
ch.mu.Lock()
defer ch.mu.Unlock()
if !ch.nodes[nodeID] {
return fmt.Errorf("node %s does not exist", nodeID)
}
// Remove all virtual nodes for this physical node
newSortedHashes := []uint32{}
for _, hash := range ch.sortedHashes {
if ch.ring[hash] != nodeID {
newSortedHashes = append(newSortedHashes, hash)
} else {
delete(ch.ring, hash)
}
}
ch.sortedHashes = newSortedHashes
delete(ch.nodes, nodeID)
return nil
}
// GetNode returns the node responsible for a given key
func (ch *ConsistentHashingImpl) GetNode(key string) (string, error) {
ch.mu.RLock()
defer ch.mu.RUnlock()
if len(ch.ring) == 0 {
return "", fmt.Errorf("no nodes available")
}
hash := ch.hashKey(key)
// Find the first node with hash >= key hash
idx := sort.Search(len(ch.sortedHashes), func(i int) bool {
return ch.sortedHashes[i] >= hash
})
// Wrap around if we've gone past the end
if idx == len(ch.sortedHashes) {
idx = 0
}
return ch.ring[ch.sortedHashes[idx]], nil
}
// GetNodes returns multiple nodes responsible for a key (for replication)
func (ch *ConsistentHashingImpl) GetNodes(key string, count int) ([]string, error) {
ch.mu.RLock()
defer ch.mu.RUnlock()
if len(ch.nodes) == 0 {
return nil, fmt.Errorf("no nodes available")
}
if count <= 0 {
return []string{}, nil
}
// Don't return more nodes than we have
if count > len(ch.nodes) {
count = len(ch.nodes)
}
hash := ch.hashKey(key)
nodes := []string{}
seenNodes := make(map[string]bool)
// Find the starting position
idx := sort.Search(len(ch.sortedHashes), func(i int) bool {
return ch.sortedHashes[i] >= hash
})
// Collect unique physical nodes
for len(nodes) < count && len(seenNodes) < len(ch.nodes) {
if idx >= len(ch.sortedHashes) {
idx = 0
}
nodeID := ch.ring[ch.sortedHashes[idx]]
if !seenNodes[nodeID] {
nodes = append(nodes, nodeID)
seenNodes[nodeID] = true
}
idx++
}
return nodes, nil
}
// GetAllNodes returns all physical nodes in the ring
func (ch *ConsistentHashingImpl) GetAllNodes() []string {
ch.mu.RLock()
defer ch.mu.RUnlock()
nodes := make([]string, 0, len(ch.nodes))
for nodeID := range ch.nodes {
nodes = append(nodes, nodeID)
}
return nodes
}
// GetNodeDistribution returns the distribution of keys across nodes
func (ch *ConsistentHashingImpl) GetNodeDistribution() map[string]float64 {
ch.mu.RLock()
defer ch.mu.RUnlock()
if len(ch.sortedHashes) == 0 {
return map[string]float64{}
}
distribution := make(map[string]float64)
totalSpace := uint64(1) << 32 // 2^32 for uint32 hash space
// Calculate the range each node is responsible for
for i, hash := range ch.sortedHashes {
nodeID := ch.ring[hash]
var rangeSize uint64
if i == len(ch.sortedHashes)-1 {
// Last hash wraps around to first
rangeSize = uint64(ch.sortedHashes[0]) + totalSpace - uint64(hash)
} else {
rangeSize = uint64(ch.sortedHashes[i+1]) - uint64(hash)
}
percentage := float64(rangeSize) / float64(totalSpace) * 100
distribution[nodeID] += percentage
}
return distribution
}
// GetRingStatus returns status information about the hash ring
func (ch *ConsistentHashingImpl) GetRingStatus() *RingStatus {
ch.mu.RLock()
defer ch.mu.RUnlock()
status := &RingStatus{
PhysicalNodes: len(ch.nodes),
VirtualNodes: len(ch.ring),
RingSize: len(ch.sortedHashes),
Distribution: ch.GetNodeDistribution(),
LoadBalance: ch.calculateLoadBalance(),
}
return status
}
// hashKey computes SHA-256 hash of a key and returns first 4 bytes as uint32
func (ch *ConsistentHashingImpl) hashKey(key string) uint32 {
hash := sha256.Sum256([]byte(key))
return uint32(hash[0])<<24 | uint32(hash[1])<<16 | uint32(hash[2])<<8 | uint32(hash[3])
}
// calculateLoadBalance calculates how well-balanced the load distribution is
func (ch *ConsistentHashingImpl) calculateLoadBalance() float64 {
if len(ch.nodes) <= 1 {
return 1.0 // Perfect balance with 0 or 1 nodes
}
distribution := ch.GetNodeDistribution()
idealPercentage := 100.0 / float64(len(ch.nodes))
// Calculate variance from ideal distribution
totalVariance := 0.0
for _, percentage := range distribution {
variance := percentage - idealPercentage
totalVariance += variance * variance
}
avgVariance := totalVariance / float64(len(distribution))
// Convert to a balance score (higher is better, 1.0 is perfect)
// Use 1/(1+variance) to map variance to [0,1] range
return 1.0 / (1.0 + avgVariance/100.0)
}
// RingStatus represents the status of the consistent hash ring
type RingStatus struct {
PhysicalNodes int `json:"physical_nodes"`
VirtualNodes int `json:"virtual_nodes"`
RingSize int `json:"ring_size"`
Distribution map[string]float64 `json:"distribution"`
LoadBalance float64 `json:"load_balance"`
}
// ConsistentHashMetrics provides metrics about hash ring performance
type ConsistentHashMetrics struct {
TotalKeys int64 `json:"total_keys"`
NodeUtilization map[string]float64 `json:"node_utilization"`
RebalanceEvents int64 `json:"rebalance_events"`
AverageSeekTime float64 `json:"average_seek_time_ms"`
LoadBalanceScore float64 `json:"load_balance_score"`
LastRebalanceTime int64 `json:"last_rebalance_time"`
}
// GetMetrics returns performance metrics for the hash ring
func (ch *ConsistentHashingImpl) GetMetrics() *ConsistentHashMetrics {
ch.mu.RLock()
defer ch.mu.RUnlock()
return &ConsistentHashMetrics{
TotalKeys: 0, // Would be maintained by usage tracking
NodeUtilization: ch.GetNodeDistribution(),
RebalanceEvents: 0, // Would be maintained by event tracking
AverageSeekTime: 0.1, // Placeholder - would be measured
LoadBalanceScore: ch.calculateLoadBalance(),
LastRebalanceTime: 0, // Would be maintained by event tracking
}
}
// Rehash rebuilds the entire hash ring (useful after configuration changes)
func (ch *ConsistentHashingImpl) Rehash() error {
ch.mu.Lock()
defer ch.mu.Unlock()
// Save current nodes
currentNodes := make([]string, 0, len(ch.nodes))
for nodeID := range ch.nodes {
currentNodes = append(currentNodes, nodeID)
}
// Clear the ring
ch.ring = make(map[uint32]string)
ch.sortedHashes = []uint32{}
ch.nodes = make(map[string]bool)
// Re-add all nodes
for _, nodeID := range currentNodes {
if err := ch.addNodeUnsafe(nodeID); err != nil {
return fmt.Errorf("failed to re-add node %s during rehash: %w", nodeID, err)
}
}
return nil
}
// addNodeUnsafe adds a node without locking (internal use only)
func (ch *ConsistentHashingImpl) addNodeUnsafe(nodeID string) error {
if ch.nodes[nodeID] {
return fmt.Errorf("node %s already exists", nodeID)
}
// Add virtual nodes for this physical node
for i := 0; i < ch.virtualNodes; i++ {
virtualNodeKey := fmt.Sprintf("%s:%d", nodeID, i)
hash := ch.hashKey(virtualNodeKey)
ch.ring[hash] = nodeID
ch.sortedHashes = append(ch.sortedHashes, hash)
}
// Keep sorted hashes array sorted
sort.Slice(ch.sortedHashes, func(i, j int) bool {
return ch.sortedHashes[i] < ch.sortedHashes[j]
})
ch.nodes[nodeID] = true
return nil
}
// SetVirtualNodeCount configures the number of virtual nodes per physical node
func (ch *ConsistentHashingImpl) SetVirtualNodeCount(count int) error {
if count <= 0 {
return fmt.Errorf("virtual node count must be positive")
}
if count > 1000 {
return fmt.Errorf("virtual node count too high (max 1000)")
}
ch.mu.Lock()
defer ch.mu.Unlock()
ch.virtualNodes = count
// Rehash with new virtual node count
return ch.Rehash()
}
// FindClosestNodes finds the N closest nodes to a given key in the ring
func (ch *ConsistentHashingImpl) FindClosestNodes(key string, count int) ([]string, []uint32, error) {
ch.mu.RLock()
defer ch.mu.RUnlock()
if len(ch.ring) == 0 {
return nil, nil, fmt.Errorf("no nodes available")
}
if count <= 0 {
return []string{}, []uint32{}, nil
}
keyHash := ch.hashKey(key)
distances := []struct {
nodeID string
hash uint32
distance uint32
}{}
// Calculate distances to all virtual nodes
for hash, nodeID := range ch.ring {
var distance uint32
if hash >= keyHash {
distance = hash - keyHash
} else {
// Wrap around distance
distance = (1<<32 - keyHash) + hash
}
distances = append(distances, struct {
nodeID string
hash uint32
distance uint32
}{nodeID, hash, distance})
}
// Sort by distance
sort.Slice(distances, func(i, j int) bool {
return distances[i].distance < distances[j].distance
})
// Collect unique nodes
seen := make(map[string]bool)
nodes := []string{}
hashes := []uint32{}
for _, d := range distances {
if len(nodes) >= count {
break
}
if !seen[d.nodeID] {
nodes = append(nodes, d.nodeID)
hashes = append(hashes, d.hash)
seen[d.nodeID] = true
}
}
return nodes, hashes, nil
}

808
pkg/slurp/distribution/coordinator.go Normal file
View File

@@ -0,0 +1,808 @@
// Package distribution provides centralized coordination for distributed context operations
package distribution
import (
"context"
"fmt"
"sync"
"time"
"chorus.services/bzzz/pkg/dht"
"chorus.services/bzzz/pkg/crypto"
"chorus.services/bzzz/pkg/election"
"chorus.services/bzzz/pkg/config"
"chorus.services/bzzz/pkg/ucxl"
slurpContext "chorus.services/bzzz/pkg/slurp/context"
)
// DistributionCoordinator orchestrates distributed context operations across the cluster
type DistributionCoordinator struct {
mu sync.RWMutex
config *config.Config
dht *dht.DHT
roleCrypto *crypto.RoleCrypto
election election.Election
distributor ContextDistributor
replicationMgr ReplicationManager
conflictResolver ConflictResolver
gossipProtocol GossipProtocol
networkMgr NetworkManager
// Coordination state
isLeader bool
leaderID string
coordinationTasks chan *CoordinationTask
distributionQueue chan *DistributionRequest
roleFilters map[string]*RoleFilter
healthMonitors map[string]*HealthMonitor
// Statistics and metrics
stats *CoordinationStatistics
performanceMetrics *PerformanceMetrics
// Configuration
maxConcurrentTasks int
healthCheckInterval time.Duration
leaderElectionTTL time.Duration
distributionTimeout time.Duration
}
// CoordinationTask represents a task for the coordinator
type CoordinationTask struct {
TaskID string `json:"task_id"`
TaskType CoordinationTaskType `json:"task_type"`
Priority Priority `json:"priority"`
CreatedAt time.Time `json:"created_at"`
RequestedBy string `json:"requested_by"`
Payload interface{} `json:"payload"`
Context context.Context `json:"-"`
Callback func(error) `json:"-"`
}
// CoordinationTaskType represents different types of coordination tasks
type CoordinationTaskType string
const (
TaskTypeDistribution CoordinationTaskType = "distribution"
TaskTypeReplication CoordinationTaskType = "replication"
TaskTypeConflictResolve CoordinationTaskType = "conflict_resolve"
TaskTypeHealthCheck CoordinationTaskType = "health_check"
TaskTypeNetworkRepair CoordinationTaskType = "network_repair"
TaskTypeLoadBalance CoordinationTaskType = "load_balance"
TaskTypeRoleSync CoordinationTaskType = "role_sync"
)
// DistributionRequest represents a request for context distribution
type DistributionRequest struct {
RequestID string `json:"request_id"`
ContextNode *slurpContext.ContextNode `json:"context_node"`
TargetRoles []string `json:"target_roles"`
Priority Priority `json:"priority"`
RequesterID string `json:"requester_id"`
CreatedAt time.Time `json:"created_at"`
Options *DistributionOptions `json:"options"`
Callback func(*DistributionResult, error) `json:"-"`
}
// DistributionOptions contains options for context distribution
type DistributionOptions struct {
ReplicationFactor int `json:"replication_factor"`
ConsistencyLevel ConsistencyLevel `json:"consistency_level"`
EncryptionLevel crypto.AccessLevel `json:"encryption_level"`
TTL *time.Duration `json:"ttl,omitempty"`
PreferredZones []string `json:"preferred_zones"`
ExcludedNodes []string `json:"excluded_nodes"`
ConflictResolution ResolutionType `json:"conflict_resolution"`
}
// DistributionResult represents the result of a distribution operation
type DistributionResult struct {
RequestID string `json:"request_id"`
Success bool `json:"success"`
DistributedNodes []string `json:"distributed_nodes"`
ReplicationFactor int `json:"replication_factor"`
ProcessingTime time.Duration `json:"processing_time"`
Errors []string `json:"errors"`
ConflictResolved *ConflictResolution `json:"conflict_resolved,omitempty"`
CompletedAt time.Time `json:"completed_at"`
}
// RoleFilter manages role-based filtering for context access
type RoleFilter struct {
RoleID string `json:"role_id"`
AccessLevel crypto.AccessLevel `json:"access_level"`
AllowedCompartments []string `json:"allowed_compartments"`
FilterRules []*FilterRule `json:"filter_rules"`
LastUpdated time.Time `json:"last_updated"`
}
// FilterRule represents a single filtering rule
type FilterRule struct {
RuleID string `json:"rule_id"`
RuleType FilterRuleType `json:"rule_type"`
Pattern string `json:"pattern"`
Action FilterAction `json:"action"`
Metadata map[string]interface{} `json:"metadata"`
}
// FilterRuleType represents different types of filter rules
type FilterRuleType string
const (
FilterRuleTypeTag FilterRuleType = "tag"
FilterRuleTypePath FilterRuleType = "path"
FilterRuleTypeTechnology FilterRuleType = "technology"
FilterRuleTypeContent FilterRuleType = "content"
)
// FilterAction represents the action to take when a rule matches
type FilterAction string
const (
FilterActionAllow FilterAction = "allow"
FilterActionDeny FilterAction = "deny"
FilterActionModify FilterAction = "modify"
FilterActionAudit FilterAction = "audit"
)
// HealthMonitor monitors the health of a specific component
type HealthMonitor struct {
ComponentID string `json:"component_id"`
ComponentType ComponentType `json:"component_type"`
Status HealthStatus `json:"status"`
LastHealthCheck time.Time `json:"last_health_check"`
HealthScore float64 `json:"health_score"`
Metrics map[string]interface{} `json:"metrics"`
AlertThresholds *AlertThresholds `json:"alert_thresholds"`
}
// ComponentType represents different types of components to monitor
type ComponentType string
const (
ComponentTypeDHT ComponentType = "dht"
ComponentTypeReplication ComponentType = "replication"
ComponentTypeGossip ComponentType = "gossip"
ComponentTypeNetwork ComponentType = "network"
ComponentTypeConflictResolver ComponentType = "conflict_resolver"
)
// AlertThresholds defines thresholds for health alerts
type AlertThresholds struct {
WarningThreshold float64 `json:"warning_threshold"`
CriticalThreshold float64 `json:"critical_threshold"`
RecoveryThreshold float64 `json:"recovery_threshold"`
}
// CoordinationStatistics tracks coordination performance
type CoordinationStatistics struct {
TotalTasks int64 `json:"total_tasks"`
CompletedTasks int64 `json:"completed_tasks"`
FailedTasks int64 `json:"failed_tasks"`
QueuedTasks int64 `json:"queued_tasks"`
AverageProcessTime time.Duration `json:"average_process_time"`
LeaderElections int64 `json:"leader_elections"`
LastLeaderChange time.Time `json:"last_leader_change"`
DistributionSuccess float64 `json:"distribution_success_rate"`
ConflictResolutions int64 `json:"conflict_resolutions"`
LastUpdated time.Time `json:"last_updated"`
}
// PerformanceMetrics tracks detailed performance metrics
type PerformanceMetrics struct {
ThroughputPerSecond float64 `json:"throughput_per_second"`
LatencyPercentiles map[string]float64 `json:"latency_percentiles"`
ErrorRateByType map[string]float64 `json:"error_rate_by_type"`
ResourceUtilization map[string]float64 `json:"resource_utilization"`
NetworkMetrics *NetworkMetrics `json:"network_metrics"`
StorageMetrics *StorageMetrics `json:"storage_metrics"`
LastCalculated time.Time `json:"last_calculated"`
}
// NetworkMetrics tracks network-related performance
type NetworkMetrics struct {
BandwidthUtilization float64 `json:"bandwidth_utilization"`
AverageLatency time.Duration `json:"average_latency"`
PacketLossRate float64 `json:"packet_loss_rate"`
ConnectionCount int `json:"connection_count"`
MessageThroughput float64 `json:"message_throughput"`
}
// StorageMetrics tracks storage-related performance
type StorageMetrics struct {
TotalContexts int64 `json:"total_contexts"`
StorageUtilization float64 `json:"storage_utilization"`
CompressionRatio float64 `json:"compression_ratio"`
ReplicationEfficiency float64 `json:"replication_efficiency"`
CacheHitRate float64 `json:"cache_hit_rate"`
}
// NewDistributionCoordinator creates a new distribution coordinator
func NewDistributionCoordinator(
config *config.Config,
dht *dht.DHT,
roleCrypto *crypto.RoleCrypto,
election election.Election,
) (*DistributionCoordinator, error) {
if config == nil {
return nil, fmt.Errorf("config is required")
}
if dht == nil {
return nil, fmt.Errorf("DHT instance is required")
}
if roleCrypto == nil {
return nil, fmt.Errorf("role crypto instance is required")
}
if election == nil {
return nil, fmt.Errorf("election instance is required")
}
// Create distributor
distributor, err := NewDHTContextDistributor(dht, roleCrypto, election, config)
if err != nil {
return nil, fmt.Errorf("failed to create context distributor: %w", err)
}
coord := &DistributionCoordinator{
config: config,
dht: dht,
roleCrypto: roleCrypto,
election: election,
distributor: distributor,
coordinationTasks: make(chan *CoordinationTask, 1000),
distributionQueue: make(chan *DistributionRequest, 500),
roleFilters: make(map[string]*RoleFilter),
healthMonitors: make(map[string]*HealthMonitor),
maxConcurrentTasks: 10,
healthCheckInterval: 30 * time.Second,
leaderElectionTTL: 60 * time.Second,
distributionTimeout: 30 * time.Second,
stats: &CoordinationStatistics{
LastUpdated: time.Now(),
},
performanceMetrics: &PerformanceMetrics{
LatencyPercentiles: make(map[string]float64),
ErrorRateByType: make(map[string]float64),
ResourceUtilization: make(map[string]float64),
NetworkMetrics: &NetworkMetrics{},
StorageMetrics: &StorageMetrics{},
LastCalculated: time.Now(),
},
}
// Initialize components
if err := coord.initializeComponents(); err != nil {
return nil, fmt.Errorf("failed to initialize components: %w", err)
}
// Initialize role filters
coord.initializeRoleFilters()
// Initialize health monitors
coord.initializeHealthMonitors()
return coord, nil
}
// Start starts the distribution coordinator
func (dc *DistributionCoordinator) Start(ctx context.Context) error {
// Start distributor
if err := dc.distributor.Start(ctx); err != nil {
return fmt.Errorf("failed to start distributor: %w", err)
}
// Start background workers
go dc.coordinationWorker(ctx)
go dc.distributionWorker(ctx)
go dc.healthMonitorWorker(ctx)
go dc.leaderElectionWorker(ctx)
go dc.metricsCollector(ctx)
return nil
}
// Stop stops the distribution coordinator
func (dc *DistributionCoordinator) Stop(ctx context.Context) error {
// Stop distributor
if err := dc.distributor.Stop(ctx); err != nil {
return fmt.Errorf("failed to stop distributor: %w", err)
}
close(dc.coordinationTasks)
close(dc.distributionQueue)
return nil
}
// DistributeContext distributes context with coordination
func (dc *DistributionCoordinator) DistributeContext(
ctx context.Context,
node *slurpContext.ContextNode,
roles []string,
options *DistributionOptions,
) (*DistributionResult, error) {
// Apply role filtering
filteredRoles := dc.applyRoleFilters(roles, node)
// Create distribution request
request := &DistributionRequest{
RequestID: dc.generateRequestID(),
ContextNode: node,
TargetRoles: filteredRoles,
Priority: PriorityNormal,
RequesterID: dc.config.Agent.ID,
CreatedAt: time.Now(),
Options: options,
}
if options == nil {
request.Options = dc.getDefaultDistributionOptions()
}
// Execute distribution
return dc.executeDistribution(ctx, request)
}
// CoordinateReplication coordinates replication across the cluster
func (dc *DistributionCoordinator) CoordinateReplication(
ctx context.Context,
address ucxl.Address,
targetFactor int,
) error {
task := &CoordinationTask{
TaskID: dc.generateTaskID(),
TaskType: TaskTypeReplication,
Priority: PriorityNormal,
CreatedAt: time.Now(),
RequestedBy: dc.config.Agent.ID,
Payload: map[string]interface{}{
"address": address,
"target_factor": targetFactor,
},
Context: ctx,
}
return dc.submitTask(task)
}
// ResolveConflicts resolves conflicts in distributed contexts
func (dc *DistributionCoordinator) ResolveConflicts(
ctx context.Context,
conflicts []*PotentialConflict,
) ([]*ConflictResolution, error) {
results := make([]*ConflictResolution, 0, len(conflicts))
for _, conflict := range conflicts {
task := &CoordinationTask{
TaskID: dc.generateTaskID(),
TaskType: TaskTypeConflictResolve,
Priority: dc.priorityFromSeverity(conflict.Severity),
CreatedAt: time.Now(),
RequestedBy: dc.config.Agent.ID,
Payload: conflict,
Context: ctx,
}
if err := dc.submitTask(task); err != nil {
// Log error but continue with other conflicts
continue
}
}
return results, nil
}
// GetClusterHealth returns the overall health of the cluster
func (dc *DistributionCoordinator) GetClusterHealth() (*ClusterHealth, error) {
dc.mu.RLock()
defer dc.mu.RUnlock()
health := &ClusterHealth{
OverallStatus: dc.calculateOverallHealth(),
NodeCount: len(dc.dht.GetConnectedPeers()) + 1, // +1 for current node
HealthyNodes: 0,
UnhealthyNodes: 0,
ComponentHealth: make(map[string]*ComponentHealth),
LastUpdated: time.Now(),
Alerts: []string{},
Recommendations: []string{},
}
// Calculate component health
for componentID, monitor := range dc.healthMonitors {
health.ComponentHealth[componentID] = &ComponentHealth{
ComponentType: monitor.ComponentType,
Status: monitor.Status,
HealthScore: monitor.HealthScore,
LastCheck: monitor.LastHealthCheck,
Metrics: monitor.Metrics,
}
if monitor.Status == HealthHealthy {
health.HealthyNodes++
} else {
health.UnhealthyNodes++
}
}
return health, nil
}
// GetCoordinationStats returns coordination statistics
func (dc *DistributionCoordinator) GetCoordinationStats() (*CoordinationStatistics, error) {
dc.mu.RLock()
defer dc.mu.RUnlock()
// Update real-time stats
dc.stats.QueuedTasks = int64(len(dc.coordinationTasks) + len(dc.distributionQueue))
dc.stats.LastUpdated = time.Now()
return dc.stats, nil
}
// GetPerformanceMetrics returns detailed performance metrics
func (dc *DistributionCoordinator) GetPerformanceMetrics() (*PerformanceMetrics, error) {
dc.mu.RLock()
defer dc.mu.RUnlock()
// Update calculated metrics
dc.updatePerformanceMetrics()
return dc.performanceMetrics, nil
}
// Background workers
func (dc *DistributionCoordinator) coordinationWorker(ctx context.Context) {
// Create worker pool
workerCount := dc.maxConcurrentTasks
for i := 0; i < workerCount; i++ {
go dc.taskWorker(ctx, i)
}
// Task dispatcher
for {
select {
case <-ctx.Done():
return
case task := <-dc.coordinationTasks:
if task == nil {
return // Channel closed
}
// Task is picked up by worker pool
}
}
}
func (dc *DistributionCoordinator) taskWorker(ctx context.Context, workerID int) {
for {
select {
case <-ctx.Done():
return
case task := <-dc.coordinationTasks:
if task == nil {
return // Channel closed
}
dc.processCoordinationTask(task)
}
}
}
func (dc *DistributionCoordinator) distributionWorker(ctx context.Context) {
for {
select {
case <-ctx.Done():
return
case request := <-dc.distributionQueue:
if request == nil {
return // Channel closed
}
result, err := dc.executeDistributionRequest(ctx, request)
if request.Callback != nil {
go request.Callback(result, err)
}
}
}
}
func (dc *DistributionCoordinator) healthMonitorWorker(ctx context.Context) {
ticker := time.NewTicker(dc.healthCheckInterval)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
dc.performHealthChecks(ctx)
}
}
}
func (dc *DistributionCoordinator) leaderElectionWorker(ctx context.Context) {
ticker := time.NewTicker(dc.leaderElectionTTL / 2)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
dc.checkLeadershipStatus()
}
}
}
func (dc *DistributionCoordinator) metricsCollector(ctx context.Context) {
ticker := time.NewTicker(60 * time.Second)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
dc.collectMetrics()
}
}
}
// Helper methods
func (dc *DistributionCoordinator) initializeComponents() error {
var err error
// Initialize replication manager
dc.replicationMgr, err = NewReplicationManager(dc.dht, dc.config)
if err != nil {
return fmt.Errorf("failed to create replication manager: %w", err)
}
// Initialize conflict resolver
dc.conflictResolver, err = NewConflictResolver(dc.dht, dc.config)
if err != nil {
return fmt.Errorf("failed to create conflict resolver: %w", err)
}
// Initialize gossip protocol
dc.gossipProtocol, err = NewGossipProtocol(dc.dht, dc.config)
if err != nil {
return fmt.Errorf("failed to create gossip protocol: %w", err)
}
// Initialize network manager
dc.networkMgr, err = NewNetworkManager(dc.dht, dc.config)
if err != nil {
return fmt.Errorf("failed to create network manager: %w", err)
}
return nil
}
func (dc *DistributionCoordinator) initializeRoleFilters() {
// Initialize role filters based on configuration
roles := []string{"senior_architect", "project_manager", "devops_engineer", "backend_developer", "frontend_developer"}
for _, role := range roles {
dc.roleFilters[role] = &RoleFilter{
RoleID: role,
AccessLevel: dc.getAccessLevelForRole(role),
AllowedCompartments: dc.getAllowedCompartments(role),
FilterRules: dc.getDefaultFilterRules(role),
LastUpdated: time.Now(),
}
}
}
func (dc *DistributionCoordinator) initializeHealthMonitors() {
components := map[string]ComponentType{
"dht": ComponentTypeDHT,
"replication": ComponentTypeReplication,
"gossip": ComponentTypeGossip,
"network": ComponentTypeNetwork,
"conflict_resolver": ComponentTypeConflictResolver,
}
for componentID, componentType := range components {
dc.healthMonitors[componentID] = &HealthMonitor{
ComponentID: componentID,
ComponentType: componentType,
Status: HealthHealthy,
LastHealthCheck: time.Now(),
HealthScore: 1.0,
Metrics: make(map[string]interface{}),
AlertThresholds: &AlertThresholds{
WarningThreshold: 0.8,
CriticalThreshold: 0.5,
RecoveryThreshold: 0.9,
},
}
}
}
func (dc *DistributionCoordinator) applyRoleFilters(roles []string, node *slurpContext.ContextNode) []string {
filtered := []string{}
for _, role := range roles {
if filter, exists := dc.roleFilters[role]; exists {
if dc.passesFilter(filter, node) {
filtered = append(filtered, role)
}
} else {
// No filter defined, allow by default
filtered = append(filtered, role)
}
}
return filtered
}
func (dc *DistributionCoordinator) passesFilter(filter *RoleFilter, node *slurpContext.ContextNode) bool {
// Apply filter rules
for _, rule := range filter.FilterRules {
if dc.ruleMatches(rule, node) {
switch rule.Action {
case FilterActionDeny:
return false
case FilterActionAllow:
return true
}
}
}
return true // Default allow if no rules match
}
func (dc *DistributionCoordinator) ruleMatches(rule *FilterRule, node *slurpContext.ContextNode) bool {
switch rule.RuleType {
case FilterRuleTypeTag:
for _, tag := range node.Tags {
if tag == rule.Pattern {
return true
}
}
case FilterRuleTypePath:
return node.Path == rule.Pattern
case FilterRuleTypeTechnology:
for _, tech := range node.Technologies {
if tech == rule.Pattern {
return true
}
}
}
return false
}
func (dc *DistributionCoordinator) executeDistribution(ctx context.Context, request *DistributionRequest) (*DistributionResult, error) {
start := time.Now()
result := &DistributionResult{
RequestID: request.RequestID,
Success: false,
DistributedNodes: []string{},
ProcessingTime: 0,
Errors: []string{},
CompletedAt: time.Now(),
}
// Execute distribution via distributor
if err := dc.distributor.DistributeContext(ctx, request.ContextNode, request.TargetRoles); err != nil {
result.Errors = append(result.Errors, err.Error())
return result, err
}
result.Success = true
result.ProcessingTime = time.Since(start)
result.ReplicationFactor = request.Options.ReplicationFactor
return result, nil
}
// Placeholder implementations for supporting types and methods
// ClusterHealth represents overall cluster health
type ClusterHealth struct {
OverallStatus HealthStatus `json:"overall_status"`
NodeCount int `json:"node_count"`
HealthyNodes int `json:"healthy_nodes"`
UnhealthyNodes int `json:"unhealthy_nodes"`
ComponentHealth map[string]*ComponentHealth `json:"component_health"`
LastUpdated time.Time `json:"last_updated"`
Alerts []string `json:"alerts"`
Recommendations []string `json:"recommendations"`
}
// ComponentHealth represents individual component health
type ComponentHealth struct {
ComponentType ComponentType `json:"component_type"`
Status HealthStatus `json:"status"`
HealthScore float64 `json:"health_score"`
LastCheck time.Time `json:"last_check"`
Metrics map[string]interface{} `json:"metrics"`
}
// Placeholder methods - these would have full implementations
func (dc *DistributionCoordinator) generateRequestID() string {
return fmt.Sprintf("req-%s-%d", dc.config.Agent.ID, time.Now().UnixNano())
}
func (dc *DistributionCoordinator) generateTaskID() string {
return fmt.Sprintf("task-%s-%d", dc.config.Agent.ID, time.Now().UnixNano())
}
func (dc *DistributionCoordinator) getDefaultDistributionOptions() *DistributionOptions {
return &DistributionOptions{
ReplicationFactor: 3,
ConsistencyLevel: ConsistencyEventual,
EncryptionLevel: crypto.AccessMedium,
ConflictResolution: ResolutionMerged,
}
}
func (dc *DistributionCoordinator) getAccessLevelForRole(role string) crypto.AccessLevel {
// Placeholder implementation
return crypto.AccessMedium
}
func (dc *DistributionCoordinator) getAllowedCompartments(role string) []string {
// Placeholder implementation
return []string{"general"}
}
func (dc *DistributionCoordinator) getDefaultFilterRules(role string) []*FilterRule {
// Placeholder implementation
return []*FilterRule{}
}
func (dc *DistributionCoordinator) submitTask(task *CoordinationTask) error {
select {
case dc.coordinationTasks <- task:
return nil
default:
return fmt.Errorf("coordination task queue is full")
}
}
func (dc *DistributionCoordinator) processCoordinationTask(task *CoordinationTask) {
// Placeholder implementation
}
func (dc *DistributionCoordinator) executeDistributionRequest(ctx context.Context, request *DistributionRequest) (*DistributionResult, error) {
return dc.executeDistribution(ctx, request)
}
func (dc *DistributionCoordinator) performHealthChecks(ctx context.Context) {
// Placeholder implementation
}
func (dc *DistributionCoordinator) checkLeadershipStatus() {
// Placeholder implementation
}
func (dc *DistributionCoordinator) collectMetrics() {
// Placeholder implementation
}
func (dc *DistributionCoordinator) calculateOverallHealth() HealthStatus {
// Placeholder implementation
return HealthHealthy
}
func (dc *DistributionCoordinator) updatePerformanceMetrics() {
// Placeholder implementation
}
func (dc *DistributionCoordinator) priorityFromSeverity(severity ConflictSeverity) Priority {
switch severity {
case SeverityCritical:
return PriorityCritical
case SeverityHigh:
return PriorityHigh
case SeverityMedium:
return PriorityNormal
default:
return PriorityLow
}
}

371
pkg/slurp/distribution/dht.go Normal file
View File

@@ -0,0 +1,371 @@
package distribution
import (
"context"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"fmt"
"sync"
"time"
"chorus.services/bzzz/pkg/dht"
"chorus.services/bzzz/pkg/crypto"
"chorus.services/bzzz/pkg/election"
"chorus.services/bzzz/pkg/ucxl"
"chorus.services/bzzz/pkg/config"
slurpContext "chorus.services/bzzz/pkg/slurp/context"
)
// ContextDistributor handles distributed context operations via DHT
//
// This is the primary interface for distributing context data across the BZZZ
// cluster using the existing DHT infrastructure with role-based encryption
// and conflict resolution capabilities.
type ContextDistributor interface {
// DistributeContext encrypts and stores context in DHT for role-based access
// The context is encrypted for each specified role and distributed across
// the cluster with the configured replication factor
DistributeContext(ctx context.Context, node *slurpContext.ContextNode, roles []string) error
// RetrieveContext gets context from DHT and decrypts for the requesting role
// Automatically handles role-based decryption and returns the resolved context
RetrieveContext(ctx context.Context, address ucxl.Address, role string) (*slurpContext.ResolvedContext, error)
// UpdateContext updates existing distributed context with conflict resolution
// Uses vector clocks and leader coordination for consistent updates
UpdateContext(ctx context.Context, node *slurpContext.ContextNode, roles []string) (*ConflictResolution, error)
// DeleteContext removes context from distributed storage
// Handles distributed deletion across all replicas
DeleteContext(ctx context.Context, address ucxl.Address) error
// ListDistributedContexts lists contexts available in the DHT for a role
// Provides efficient enumeration with role-based filtering
ListDistributedContexts(ctx context.Context, role string, criteria *DistributionCriteria) ([]*DistributedContextInfo, error)
// Sync synchronizes local state with distributed DHT
// Ensures eventual consistency by exchanging metadata with peers
Sync(ctx context.Context) (*SyncResult, error)
// Replicate ensures context has the desired replication factor
// Manages replica placement and health across cluster nodes
Replicate(ctx context.Context, address ucxl.Address, replicationFactor int) error
// GetReplicaHealth returns health status of context replicas
// Provides visibility into replication status and node health
GetReplicaHealth(ctx context.Context, address ucxl.Address) (*ReplicaHealth, error)
// GetDistributionStats returns distribution performance statistics
GetDistributionStats() (*DistributionStatistics, error)
// SetReplicationPolicy configures replication behavior
SetReplicationPolicy(policy *ReplicationPolicy) error
}
// DHTStorage provides direct DHT storage operations for context data
type DHTStorage interface {
// Put stores encrypted context data in the DHT
Put(ctx context.Context, key string, data []byte, options *DHTStoreOptions) error
// Get retrieves encrypted context data from the DHT
Get(ctx context.Context, key string) ([]byte, *DHTMetadata, error)
// Delete removes data from the DHT
Delete(ctx context.Context, key string) error
// Exists checks if data exists in the DHT
Exists(ctx context.Context, key string) (bool, error)
// FindProviders finds nodes that have the specified data
FindProviders(ctx context.Context, key string) ([]string, error)
// ListKeys lists all keys matching a pattern
ListKeys(ctx context.Context, pattern string) ([]string, error)
// GetStats returns DHT operation statistics
GetStats() (*DHTStatistics, error)
}
// ConflictResolver handles conflicts during concurrent context updates
type ConflictResolver interface {
// ResolveConflict resolves conflicts between concurrent context updates
// Uses vector clocks and semantic merging rules for resolution
ResolveConflict(ctx context.Context, local *slurpContext.ContextNode, remote *slurpContext.ContextNode) (*ConflictResolution, error)
// DetectConflicts detects potential conflicts before they occur
// Provides early warning for conflicting operations
DetectConflicts(ctx context.Context, update *slurpContext.ContextNode) ([]*PotentialConflict, error)
// MergeContexts merges multiple context versions semantically
// Combines changes from different sources intelligently
MergeContexts(ctx context.Context, contexts []*slurpContext.ContextNode) (*slurpContext.ContextNode, error)
// GetConflictHistory returns history of resolved conflicts
GetConflictHistory(ctx context.Context, address ucxl.Address) ([]*ConflictResolution, error)
// SetResolutionStrategy configures conflict resolution strategy
SetResolutionStrategy(strategy *ResolutionStrategy) error
}
// ReplicationManager manages context replication across cluster nodes
type ReplicationManager interface {
// EnsureReplication ensures context meets replication requirements
EnsureReplication(ctx context.Context, address ucxl.Address, factor int) error
// RepairReplicas repairs missing or corrupted replicas
RepairReplicas(ctx context.Context, address ucxl.Address) (*RepairResult, error)
// BalanceReplicas rebalances replicas across cluster nodes
BalanceReplicas(ctx context.Context) (*RebalanceResult, error)
// GetReplicationStatus returns current replication status
GetReplicationStatus(ctx context.Context, address ucxl.Address) (*ReplicationStatus, error)
// SetReplicationFactor sets the desired replication factor
SetReplicationFactor(factor int) error
// GetReplicationStats returns replication statistics
GetReplicationStats() (*ReplicationStatistics, error)
}
// GossipProtocol handles efficient metadata synchronization
type GossipProtocol interface {
// StartGossip begins gossip protocol for metadata synchronization
StartGossip(ctx context.Context) error
// StopGossip stops gossip protocol
StopGossip(ctx context.Context) error
// GossipMetadata exchanges metadata with peer nodes
GossipMetadata(ctx context.Context, peer string) error
// GetGossipState returns current gossip protocol state
GetGossipState() (*GossipState, error)
// SetGossipInterval configures gossip frequency
SetGossipInterval(interval time.Duration) error
// GetGossipStats returns gossip protocol statistics
GetGossipStats() (*GossipStatistics, error)
}
// NetworkManager handles network topology and partition detection
type NetworkManager interface {
// DetectPartition detects network partitions in the cluster
DetectPartition(ctx context.Context) (*PartitionInfo, error)
// GetTopology returns current network topology
GetTopology(ctx context.Context) (*NetworkTopology, error)
// GetPeers returns list of available peer nodes
GetPeers(ctx context.Context) ([]*PeerInfo, error)
// CheckConnectivity checks connectivity to peer nodes
CheckConnectivity(ctx context.Context, peers []string) (*ConnectivityReport, error)
// RecoverFromPartition attempts to recover from network partition
RecoverFromPartition(ctx context.Context) (*RecoveryResult, error)
// GetNetworkStats returns network performance statistics
GetNetworkStats() (*NetworkStatistics, error)
}
// Supporting types for distribution operations
// DistributionCriteria represents criteria for listing distributed contexts
type DistributionCriteria struct {
Tags []string `json:"tags"` // Required tags
Technologies []string `json:"technologies"` // Required technologies
MinReplicas int `json:"min_replicas"` // Minimum replica count
MaxAge *time.Duration `json:"max_age"` // Maximum age
HealthyOnly bool `json:"healthy_only"` // Only healthy replicas
Limit int `json:"limit"` // Maximum results
Offset int `json:"offset"` // Result offset
}
// DistributedContextInfo represents information about distributed context
type DistributedContextInfo struct {
Address ucxl.Address `json:"address"` // Context address
Roles []string `json:"roles"` // Accessible roles
ReplicaCount int `json:"replica_count"` // Number of replicas
HealthyReplicas int `json:"healthy_replicas"` // Healthy replica count
LastUpdated time.Time `json:"last_updated"` // Last update time
Version int64 `json:"version"` // Version number
Size int64 `json:"size"` // Data size
Checksum string `json:"checksum"` // Data checksum
}
// ConflictResolution represents the result of conflict resolution
type ConflictResolution struct {
Address ucxl.Address `json:"address"` // Context address
ResolutionType ResolutionType `json:"resolution_type"` // How conflict was resolved
MergedContext *slurpContext.ContextNode `json:"merged_context"` // Resulting merged context
ConflictingSources []string `json:"conflicting_sources"` // Sources of conflict
ResolutionTime time.Duration `json:"resolution_time"` // Time taken to resolve
ResolvedAt time.Time `json:"resolved_at"` // When resolved
Confidence float64 `json:"confidence"` // Confidence in resolution
ManualReview bool `json:"manual_review"` // Whether manual review needed
}
// ResolutionType represents different types of conflict resolution
type ResolutionType string
const (
ResolutionMerged ResolutionType = "merged" // Contexts were merged
ResolutionLastWriter ResolutionType = "last_writer" // Last writer wins
ResolutionLeaderDecision ResolutionType = "leader_decision" // Leader made decision
ResolutionManual ResolutionType = "manual" // Manual resolution required
ResolutionFailed ResolutionType = "failed" // Resolution failed
)
// PotentialConflict represents a detected potential conflict
type PotentialConflict struct {
Address ucxl.Address `json:"address"` // Context address
ConflictType ConflictType `json:"conflict_type"` // Type of conflict
Description string `json:"description"` // Conflict description
Severity ConflictSeverity `json:"severity"` // Conflict severity
AffectedFields []string `json:"affected_fields"` // Fields in conflict
Suggestions []string `json:"suggestions"` // Resolution suggestions
DetectedAt time.Time `json:"detected_at"` // When detected
}
// ConflictType represents different types of conflicts
type ConflictType string
const (
ConflictConcurrentUpdate ConflictType = "concurrent_update" // Concurrent updates
ConflictFieldMismatch ConflictType = "field_mismatch" // Field value mismatch
ConflictVersionSkew ConflictType = "version_skew" // Version inconsistency
ConflictRoleAccess ConflictType = "role_access" // Role access conflict
ConflictSchemaChange ConflictType = "schema_change" // Schema version conflict
)
// ConflictSeverity represents conflict severity levels
type ConflictSeverity string
const (
SeverityLow ConflictSeverity = "low" // Low severity - auto-resolvable
SeverityMedium ConflictSeverity = "medium" // Medium severity - may need review
SeverityHigh ConflictSeverity = "high" // High severity - needs attention
SeverityCritical ConflictSeverity = "critical" // Critical - manual intervention required
)
// ResolutionStrategy represents conflict resolution strategy configuration
type ResolutionStrategy struct {
DefaultResolution ResolutionType `json:"default_resolution"` // Default resolution method
FieldPriorities map[string]int `json:"field_priorities"` // Field priority mapping
AutoMergeEnabled bool `json:"auto_merge_enabled"` // Enable automatic merging
RequireConsensus bool `json:"require_consensus"` // Require node consensus
LeaderBreaksTies bool `json:"leader_breaks_ties"` // Leader resolves ties
MaxConflictAge time.Duration `json:"max_conflict_age"` // Max age before escalation
EscalationRoles []string `json:"escalation_roles"` // Roles for manual escalation
}
// SyncResult represents the result of synchronization operation
type SyncResult struct {
SyncedContexts int `json:"synced_contexts"` // Contexts synchronized
ConflictsResolved int `json:"conflicts_resolved"` // Conflicts resolved
Errors []string `json:"errors"` // Synchronization errors
SyncTime time.Duration `json:"sync_time"` // Total sync time
PeersContacted int `json:"peers_contacted"` // Number of peers contacted
DataTransferred int64 `json:"data_transferred"` // Bytes transferred
SyncedAt time.Time `json:"synced_at"` // When sync completed
}
// ReplicaHealth represents health status of context replicas
type ReplicaHealth struct {
Address ucxl.Address `json:"address"` // Context address
TotalReplicas int `json:"total_replicas"` // Total replica count
HealthyReplicas int `json:"healthy_replicas"` // Healthy replica count
FailedReplicas int `json:"failed_replicas"` // Failed replica count
ReplicaNodes []*ReplicaNode `json:"replica_nodes"` // Individual replica status
OverallHealth HealthStatus `json:"overall_health"` // Overall health status
LastChecked time.Time `json:"last_checked"` // When last checked
RepairNeeded bool `json:"repair_needed"` // Whether repair is needed
}
// ReplicaNode represents status of individual replica node
type ReplicaNode struct {
NodeID string `json:"node_id"` // Node identifier
Status ReplicaStatus `json:"status"` // Replica status
LastSeen time.Time `json:"last_seen"` // When last seen
Version int64 `json:"version"` // Context version
Checksum string `json:"checksum"` // Data checksum
Latency time.Duration `json:"latency"` // Network latency
NetworkAddress string `json:"network_address"` // Network address
}
// ReplicaStatus represents status of individual replica
type ReplicaStatus string
const (
ReplicaHealthy ReplicaStatus = "healthy" // Replica is healthy
ReplicaStale ReplicaStatus = "stale" // Replica is stale
ReplicaCorrupted ReplicaStatus = "corrupted" // Replica is corrupted
ReplicaUnreachable ReplicaStatus = "unreachable" // Replica is unreachable
ReplicaSyncing ReplicaStatus = "syncing" // Replica is syncing
)
// HealthStatus represents overall health status
type HealthStatus string
const (
HealthHealthy HealthStatus = "healthy" // All replicas healthy
HealthDegraded HealthStatus = "degraded" // Some replicas unhealthy
HealthCritical HealthStatus = "critical" // Most replicas unhealthy
HealthFailed HealthStatus = "failed" // All replicas failed
)
// ReplicationPolicy represents replication behavior configuration
type ReplicationPolicy struct {
DefaultFactor int `json:"default_factor"` // Default replication factor
MinFactor int `json:"min_factor"` // Minimum replication factor
MaxFactor int `json:"max_factor"` // Maximum replication factor
PreferredZones []string `json:"preferred_zones"` // Preferred availability zones
AvoidSameNode bool `json:"avoid_same_node"` // Avoid same physical node
ConsistencyLevel ConsistencyLevel `json:"consistency_level"` // Consistency requirements
RepairThreshold float64 `json:"repair_threshold"` // Health threshold for repair
RebalanceInterval time.Duration `json:"rebalance_interval"` // Rebalancing frequency
}
// ConsistencyLevel represents consistency requirements
type ConsistencyLevel string
const (
ConsistencyEventual ConsistencyLevel = "eventual" // Eventual consistency
ConsistencyQuorum ConsistencyLevel = "quorum" // Quorum-based consistency
ConsistencyStrong ConsistencyLevel = "strong" // Strong consistency
)
// DHTStoreOptions represents options for DHT storage operations
type DHTStoreOptions struct {
ReplicationFactor int `json:"replication_factor"` // Number of replicas
TTL *time.Duration `json:"ttl,omitempty"` // Time to live
Priority Priority `json:"priority"` // Storage priority
Compress bool `json:"compress"` // Whether to compress
Checksum bool `json:"checksum"` // Whether to checksum
Metadata map[string]interface{} `json:"metadata"` // Additional metadata
}
// Priority represents storage operation priority
type Priority string
const (
PriorityLow Priority = "low" // Low priority
PriorityNormal Priority = "normal" // Normal priority
PriorityHigh Priority = "high" // High priority
PriorityCritical Priority = "critical" // Critical priority
)
// DHTMetadata represents metadata for DHT stored data
type DHTMetadata struct {
StoredAt time.Time `json:"stored_at"` // When stored
UpdatedAt time.Time `json:"updated_at"` // When last updated
Version int64 `json:"version"` // Version number
Size int64 `json:"size"` // Data size
Checksum string `json:"checksum"` // Data checksum
ReplicationFactor int `json:"replication_factor"` // Number of replicas
TTL *time.Time `json:"ttl,omitempty"` // Time to live
Metadata map[string]interface{} `json:"metadata"` // Additional metadata
}

596
pkg/slurp/distribution/dht_impl.go Normal file
View File

@@ -0,0 +1,596 @@
// Package distribution provides DHT-based context distribution implementation
package distribution
import (
"context"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"fmt"
"sync"
"time"
"chorus.services/bzzz/pkg/dht"
"chorus.services/bzzz/pkg/crypto"
"chorus.services/bzzz/pkg/election"
"chorus.services/bzzz/pkg/ucxl"
"chorus.services/bzzz/pkg/config"
slurpContext "chorus.services/bzzz/pkg/slurp/context"
)
// DHTContextDistributor implements ContextDistributor using BZZZ DHT infrastructure
type DHTContextDistributor struct {
mu sync.RWMutex
dht *dht.DHT
roleCrypto *crypto.RoleCrypto
election election.Election
config *config.Config
deploymentID string
stats *DistributionStatistics
replicationMgr ReplicationManager
conflictResolver ConflictResolver
gossipProtocol GossipProtocol
networkMgr NetworkManager
keyGenerator KeyGenerator
vectorClockMgr VectorClockManager
}
// NewDHTContextDistributor creates a new DHT-based context distributor
func NewDHTContextDistributor(
dht *dht.DHT,
roleCrypto *crypto.RoleCrypto,
election election.Election,
config *config.Config,
) (*DHTContextDistributor, error) {
if dht == nil {
return nil, fmt.Errorf("DHT instance is required")
}
if roleCrypto == nil {
return nil, fmt.Errorf("role crypto instance is required")
}
if config == nil {
return nil, fmt.Errorf("config is required")
}
deploymentID := fmt.Sprintf("bzzz-slurp-%s", config.Agent.ID)
dist := &DHTContextDistributor{
dht: dht,
roleCrypto: roleCrypto,
election: election,
config: config,
deploymentID: deploymentID,
stats: &DistributionStatistics{
LastResetTime: time.Now(),
CollectedAt: time.Now(),
},
keyGenerator: NewDHTKeyGenerator(deploymentID),
}
// Initialize components
if err := dist.initializeComponents(); err != nil {
return nil, fmt.Errorf("failed to initialize components: %w", err)
}
return dist, nil
}
// initializeComponents initializes all sub-components
func (d *DHTContextDistributor) initializeComponents() error {
// Initialize replication manager
replicationMgr, err := NewReplicationManager(d.dht, d.config)
if err != nil {
return fmt.Errorf("failed to create replication manager: %w", err)
}
d.replicationMgr = replicationMgr
// Initialize conflict resolver
conflictResolver, err := NewConflictResolver(d.dht, d.config)
if err != nil {
return fmt.Errorf("failed to create conflict resolver: %w", err)
}
d.conflictResolver = conflictResolver
// Initialize gossip protocol
gossipProtocol, err := NewGossipProtocol(d.dht, d.config)
if err != nil {
return fmt.Errorf("failed to create gossip protocol: %w", err)
}
d.gossipProtocol = gossipProtocol
// Initialize network manager
networkMgr, err := NewNetworkManager(d.dht, d.config)
if err != nil {
return fmt.Errorf("failed to create network manager: %w", err)
}
d.networkMgr = networkMgr
// Initialize vector clock manager
vectorClockMgr, err := NewVectorClockManager(d.dht, d.config.Agent.ID)
if err != nil {
return fmt.Errorf("failed to create vector clock manager: %w", err)
}
d.vectorClockMgr = vectorClockMgr
return nil
}
// DistributeContext encrypts and stores context in DHT for role-based access
func (d *DHTContextDistributor) DistributeContext(ctx context.Context, node *slurpContext.ContextNode, roles []string) error {
start := time.Now()
d.mu.Lock()
d.stats.TotalDistributions++
d.mu.Unlock()
defer func() {
duration := time.Since(start)
d.mu.Lock()
d.stats.AverageDistributionTime = (d.stats.AverageDistributionTime + duration) / 2
d.mu.Unlock()
}()
if node == nil {
return d.recordError("node cannot be nil")
}
if len(roles) == 0 {
return d.recordError("roles cannot be empty")
}
// Validate context node
if err := node.Validate(); err != nil {
return d.recordError(fmt.Sprintf("context validation failed: %v", err))
}
// Get current vector clock
clock, err := d.vectorClockMgr.GetClock(d.config.Agent.ID)
if err != nil {
return d.recordError(fmt.Sprintf("failed to get vector clock: %v", err))
}
// Encrypt context for roles
encryptedData, err := d.roleCrypto.EncryptContextForRoles(node, roles, []string{})
if err != nil {
return d.recordError(fmt.Sprintf("failed to encrypt context: %v", err))
}
// Create distribution metadata
metadata := &DistributionMetadata{
Address: node.UCXLAddress,
Roles: roles,
Version: 1,
VectorClock: clock,
DistributedBy: d.config.Agent.ID,
DistributedAt: time.Now(),
ReplicationFactor: d.getReplicationFactor(),
Checksum: d.calculateChecksum(encryptedData),
}
// Store encrypted data in DHT for each role
for _, role := range roles {
key := d.keyGenerator.GenerateContextKey(node.UCXLAddress.String(), role)
// Create role-specific storage package
storagePackage := &ContextStoragePackage{
EncryptedData: encryptedData,
Metadata: metadata,
Role: role,
StoredAt: time.Now(),
}
// Serialize for storage
storageBytes, err := json.Marshal(storagePackage)
if err != nil {
return d.recordError(fmt.Sprintf("failed to serialize storage package: %v", err))
}
// Store in DHT with replication
if err := d.dht.PutValue(ctx, key, storageBytes); err != nil {
return d.recordError(fmt.Sprintf("failed to store in DHT for role %s: %v", role, err))
}
// Announce that we provide this context
if err := d.dht.Provide(ctx, key); err != nil {
// Log warning but don't fail - this is for discovery optimization
continue
}
}
// Ensure replication
if err := d.replicationMgr.EnsureReplication(ctx, node.UCXLAddress, d.getReplicationFactor()); err != nil {
// Log warning but don't fail - replication can be eventually consistent
}
// Update statistics
d.mu.Lock()
d.stats.SuccessfulDistributions++
d.stats.TotalContextsStored++
d.stats.LastSyncTime = time.Now()
d.mu.Unlock()
return nil
}
// RetrieveContext gets context from DHT and decrypts for the requesting role
func (d *DHTContextDistributor) RetrieveContext(ctx context.Context, address ucxl.Address, role string) (*slurpContext.ResolvedContext, error) {
start := time.Now()
d.mu.Lock()
d.stats.TotalRetrievals++
d.mu.Unlock()
defer func() {
duration := time.Since(start)
d.mu.Lock()
d.stats.AverageRetrievalTime = (d.stats.AverageRetrievalTime + duration) / 2
d.mu.Unlock()
}()
// Generate key for the role
key := d.keyGenerator.GenerateContextKey(address.String(), role)
// Retrieve from DHT
storageBytes, err := d.dht.GetValue(ctx, key)
if err != nil {
// Try to find providers if direct lookup fails
providers, findErr := d.dht.FindProviders(ctx, key, 5)
if findErr != nil || len(providers) == 0 {
return nil, d.recordRetrievalError(fmt.Sprintf("context not found for role %s: %v", role, err))
}
// Try retrieving from providers
for _, provider := range providers {
// In a real implementation, we would connect to the provider
// For now, we'll just return the original error
_ = provider
}
return nil, d.recordRetrievalError(fmt.Sprintf("context not found for role %s: %v", role, err))
}
// Deserialize storage package
var storagePackage ContextStoragePackage
if err := json.Unmarshal(storageBytes, &storagePackage); err != nil {
return nil, d.recordRetrievalError(fmt.Sprintf("failed to deserialize storage package: %v", err))
}
// Decrypt context for role
contextNode, err := d.roleCrypto.DecryptContextForRole(storagePackage.EncryptedData, role)
if err != nil {
return nil, d.recordRetrievalError(fmt.Sprintf("failed to decrypt context: %v", err))
}
// Convert to resolved context
resolvedContext := &slurpContext.ResolvedContext{
UCXLAddress: contextNode.UCXLAddress,
Summary: contextNode.Summary,
Purpose: contextNode.Purpose,
Technologies: contextNode.Technologies,
Tags: contextNode.Tags,
Insights: contextNode.Insights,
ContextSourcePath: contextNode.Path,
InheritanceChain: []string{contextNode.Path},
ResolutionConfidence: contextNode.RAGConfidence,
BoundedDepth: 1,
GlobalContextsApplied: false,
ResolvedAt: time.Now(),
}
// Update statistics
d.mu.Lock()
d.stats.SuccessfulRetrievals++
d.mu.Unlock()
return resolvedContext, nil
}
// UpdateContext updates existing distributed context with conflict resolution
func (d *DHTContextDistributor) UpdateContext(ctx context.Context, node *slurpContext.ContextNode, roles []string) (*ConflictResolution, error) {
start := time.Now()
// Check if context already exists
existingContext, err := d.RetrieveContext(ctx, node.UCXLAddress, d.config.Agent.Role)
if err != nil {
// Context doesn't exist, treat as new distribution
if err := d.DistributeContext(ctx, node, roles); err != nil {
return nil, fmt.Errorf("failed to distribute new context: %w", err)
}
return &ConflictResolution{
Address: node.UCXLAddress,
ResolutionType: ResolutionMerged,
MergedContext: node,
ResolutionTime: time.Since(start),
ResolvedAt: time.Now(),
Confidence: 1.0,
}, nil
}
// Convert existing resolved context back to context node for comparison
existingNode := &slurpContext.ContextNode{
Path: existingContext.ContextSourcePath,
UCXLAddress: existingContext.UCXLAddress,
Summary: existingContext.Summary,
Purpose: existingContext.Purpose,
Technologies: existingContext.Technologies,
Tags: existingContext.Tags,
Insights: existingContext.Insights,
RAGConfidence: existingContext.ResolutionConfidence,
GeneratedAt: existingContext.ResolvedAt,
}
// Use conflict resolver to handle the update
resolution, err := d.conflictResolver.ResolveConflict(ctx, node, existingNode)
if err != nil {
return nil, fmt.Errorf("failed to resolve conflict: %w", err)
}
// Distribute the resolved context
if resolution.MergedContext != nil {
if err := d.DistributeContext(ctx, resolution.MergedContext, roles); err != nil {
return nil, fmt.Errorf("failed to distribute merged context: %w", err)
}
}
return resolution, nil
}
// DeleteContext removes context from distributed storage
func (d *DHTContextDistributor) DeleteContext(ctx context.Context, address ucxl.Address) error {
// Get list of roles that have access to this context
// This is simplified - in production, we'd maintain an index
allRoles := []string{"senior_architect", "project_manager", "devops_engineer", "backend_developer", "frontend_developer"}
// Delete from DHT for each role
var errors []string
for _, role := range allRoles {
key := d.keyGenerator.GenerateContextKey(address.String(), role)
if err := d.dht.PutValue(ctx, key, []byte{}); err != nil {
errors = append(errors, fmt.Sprintf("failed to delete for role %s: %v", role, err))
}
}
if len(errors) > 0 {
return fmt.Errorf("deletion errors: %v", errors)
}
return nil
}
// ListDistributedContexts lists contexts available in the DHT for a role
func (d *DHTContextDistributor) ListDistributedContexts(ctx context.Context, role string, criteria *DistributionCriteria) ([]*DistributedContextInfo, error) {
// This is a simplified implementation
// In production, we'd maintain proper indexes and filtering
results := []*DistributedContextInfo{}
limit := 100
if criteria != nil && criteria.Limit > 0 {
limit = criteria.Limit
}
// For now, return empty list - proper implementation would require
// maintaining an index of all contexts in the cluster
_ = limit
return results, nil
}
// Sync synchronizes local state with distributed DHT
func (d *DHTContextDistributor) Sync(ctx context.Context) (*SyncResult, error) {
start := time.Now()
// Use gossip protocol to sync metadata
if err := d.gossipProtocol.StartGossip(ctx); err != nil {
return nil, fmt.Errorf("failed to start gossip sync: %w", err)
}
result := &SyncResult{
SyncedContexts: 0, // Would be populated in real implementation
ConflictsResolved: 0,
Errors: []string{},
SyncTime: time.Since(start),
PeersContacted: len(d.dht.GetConnectedPeers()),
DataTransferred: 0,
SyncedAt: time.Now(),
}
return result, nil
}
// Replicate ensures context has the desired replication factor
func (d *DHTContextDistributor) Replicate(ctx context.Context, address ucxl.Address, replicationFactor int) error {
return d.replicationMgr.EnsureReplication(ctx, address, replicationFactor)
}
// GetReplicaHealth returns health status of context replicas
func (d *DHTContextDistributor) GetReplicaHealth(ctx context.Context, address ucxl.Address) (*ReplicaHealth, error) {
return d.replicationMgr.GetReplicationStatus(ctx, address)
}
// GetDistributionStats returns distribution performance statistics
func (d *DHTContextDistributor) GetDistributionStats() (*DistributionStatistics, error) {
d.mu.RLock()
defer d.mu.RUnlock()
// Update collection timestamp
d.stats.CollectedAt = time.Now()
// Calculate derived metrics
totalOps := d.stats.TotalDistributions + d.stats.TotalRetrievals
if totalOps > 0 {
d.stats.HealthyNodes = len(d.dht.GetConnectedPeers())
}
return d.stats, nil
}
// SetReplicationPolicy configures replication behavior
func (d *DHTContextDistributor) SetReplicationPolicy(policy *ReplicationPolicy) error {
return d.replicationMgr.SetReplicationFactor(policy.DefaultFactor)
}
// Helper methods
func (d *DHTContextDistributor) recordError(message string) error {
d.mu.Lock()
d.stats.FailedDistributions++
d.mu.Unlock()
return fmt.Errorf(message)
}
func (d *DHTContextDistributor) recordRetrievalError(message string) error {
d.mu.Lock()
d.stats.FailedRetrievals++
d.mu.Unlock()
return fmt.Errorf(message)
}
func (d *DHTContextDistributor) getReplicationFactor() int {
return 3 // Default replication factor
}
func (d *DHTContextDistributor) calculateChecksum(data interface{}) string {
bytes, err := json.Marshal(data)
if err != nil {
return ""
}
hash := sha256.Sum256(bytes)
return hex.EncodeToString(hash[:])
}
// Ensure DHT is bootstrapped before operations
func (d *DHTContextDistributor) ensureDHTReady() error {
if !d.dht.IsBootstrapped() {
return fmt.Errorf("DHT not bootstrapped")
}
return nil
}
// Start starts the distribution service
func (d *DHTContextDistributor) Start(ctx context.Context) error {
// Bootstrap DHT if not already done
if !d.dht.IsBootstrapped() {
if err := d.dht.Bootstrap(); err != nil {
return fmt.Errorf("failed to bootstrap DHT: %w", err)
}
}
// Start gossip protocol
if err := d.gossipProtocol.StartGossip(ctx); err != nil {
return fmt.Errorf("failed to start gossip protocol: %w", err)
}
return nil
}
// Stop stops the distribution service
func (d *DHTContextDistributor) Stop(ctx context.Context) error {
// Implementation would stop all background processes
return nil
}
// Supporting types and structures
// ContextStoragePackage represents a complete package for DHT storage
type ContextStoragePackage struct {
EncryptedData *crypto.EncryptedContextData `json:"encrypted_data"`
Metadata *DistributionMetadata `json:"metadata"`
Role string `json:"role"`
StoredAt time.Time `json:"stored_at"`
}
// DistributionMetadata contains metadata for distributed context
type DistributionMetadata struct {
Address ucxl.Address `json:"address"`
Roles []string `json:"roles"`
Version int64 `json:"version"`
VectorClock *VectorClock `json:"vector_clock"`
DistributedBy string `json:"distributed_by"`
DistributedAt time.Time `json:"distributed_at"`
ReplicationFactor int `json:"replication_factor"`
Checksum string `json:"checksum"`
}
// DHTKeyGenerator implements KeyGenerator interface
type DHTKeyGenerator struct {
deploymentID string
}
func NewDHTKeyGenerator(deploymentID string) *DHTKeyGenerator {
return &DHTKeyGenerator{
deploymentID: deploymentID,
}
}
func (kg *DHTKeyGenerator) GenerateContextKey(address string, role string) string {
return fmt.Sprintf("%s:context:%s:%s", kg.deploymentID, address, role)
}
func (kg *DHTKeyGenerator) GenerateMetadataKey(address string) string {
return fmt.Sprintf("%s:metadata:%s", kg.deploymentID, address)
}
func (kg *DHTKeyGenerator) GenerateReplicationKey(address string) string {
return fmt.Sprintf("%s:replication:%s", kg.deploymentID, address)
}
// Component constructors - these would be implemented in separate files
// NewReplicationManager creates a new replication manager
func NewReplicationManager(dht *dht.DHT, config *config.Config) (ReplicationManager, error) {
// Placeholder implementation
return &ReplicationManagerImpl{}, nil
}
// NewConflictResolver creates a new conflict resolver
func NewConflictResolver(dht *dht.DHT, config *config.Config) (ConflictResolver, error) {
// Placeholder implementation
return &ConflictResolverImpl{}, nil
}
// NewGossipProtocol creates a new gossip protocol
func NewGossipProtocol(dht *dht.DHT, config *config.Config) (GossipProtocol, error) {
// Placeholder implementation
return &GossipProtocolImpl{}, nil
}
// NewNetworkManager creates a new network manager
func NewNetworkManager(dht *dht.DHT, config *config.Config) (NetworkManager, error) {
// Placeholder implementation
return &NetworkManagerImpl{}, nil
}
// NewVectorClockManager creates a new vector clock manager
func NewVectorClockManager(dht *dht.DHT, nodeID string) (VectorClockManager, error) {
// Placeholder implementation
return &VectorClockManagerImpl{}, nil
}
// Placeholder structs for components - these would be properly implemented
type ReplicationManagerImpl struct{}
func (rm *ReplicationManagerImpl) EnsureReplication(ctx context.Context, address ucxl.Address, factor int) error { return nil }
func (rm *ReplicationManagerImpl) GetReplicationStatus(ctx context.Context, address ucxl.Address) (*ReplicaHealth, error) {
return &ReplicaHealth{}, nil
}
func (rm *ReplicationManagerImpl) SetReplicationFactor(factor int) error { return nil }
type ConflictResolverImpl struct{}
func (cr *ConflictResolverImpl) ResolveConflict(ctx context.Context, local, remote *slurpContext.ContextNode) (*ConflictResolution, error) {
return &ConflictResolution{
Address: local.UCXLAddress,
ResolutionType: ResolutionMerged,
MergedContext: local,
ResolutionTime: time.Millisecond,
ResolvedAt: time.Now(),
Confidence: 0.95,
}, nil
}
type GossipProtocolImpl struct{}
func (gp *GossipProtocolImpl) StartGossip(ctx context.Context) error { return nil }
type NetworkManagerImpl struct{}
type VectorClockManagerImpl struct{}
func (vcm *VectorClockManagerImpl) GetClock(nodeID string) (*VectorClock, error) {
return &VectorClock{
Clock: map[string]int64{nodeID: time.Now().Unix()},
UpdatedAt: time.Now(),
}, nil
}

86
pkg/slurp/distribution/doc.go Normal file
View File

@@ -0,0 +1,86 @@
// Package distribution provides context network distribution capabilities via DHT integration.
//
// This package implements distributed context sharing across the BZZZ cluster using
// the existing Distributed Hash Table (DHT) infrastructure. It provides role-based
// encrypted distribution, conflict resolution, and eventual consistency for context
// data synchronization across multiple nodes.
//
// Key Features:
// - DHT-based distributed context storage and retrieval
// - Role-based encryption for secure context sharing
// - Conflict resolution for concurrent context updates
// - Eventual consistency with vector clock synchronization
// - Replication factor management for fault tolerance
// - Network partitioning resilience and recovery
// - Efficient gossip protocols for metadata synchronization
//
// Core Components:
// - ContextDistributor: Main interface for distributed context operations
// - DHTStorage: DHT integration for context storage and retrieval
// - ConflictResolver: Handles conflicts during concurrent updates
// - ReplicationManager: Manages context replication across nodes
// - GossipProtocol: Efficient metadata synchronization
// - NetworkManager: Network topology and partition handling
//
// Integration Points:
// - pkg/dht: Existing BZZZ DHT infrastructure
// - pkg/crypto: Role-based encryption and decryption
// - pkg/election: Leader coordination for conflict resolution
// - pkg/slurp/context: Context types and validation
// - pkg/slurp/storage: Storage interfaces and operations
//
// Example Usage:
//
// distributor := distribution.NewContextDistributor(dht, crypto, election)
// ctx := context.Background()
//
// // Distribute context to cluster with role-based encryption
// err := distributor.DistributeContext(ctx, contextNode, []string{"developer", "architect"})
// if err != nil {
// log.Fatal(err)
// }
//
// // Retrieve distributed context for a role
// resolved, err := distributor.RetrieveContext(ctx, address, "developer")
// if err != nil {
// log.Fatal(err)
// }
//
// // Synchronize with other nodes
// err = distributor.Sync(ctx)
// if err != nil {
// log.Printf("Sync failed: %v", err)
// }
//
// Distribution Architecture:
// The distribution system uses a layered approach with the DHT providing the
// underlying storage substrate, role-based encryption ensuring access control,
// and gossip protocols providing efficient metadata synchronization. Context
// data is partitioned across the cluster based on UCXL address hashing with
// configurable replication factors for fault tolerance.
//
// Consistency Model:
// The system provides eventual consistency with conflict resolution based on
// vector clocks and last-writer-wins semantics. Leader nodes coordinate
// complex conflict resolution scenarios and ensure cluster-wide consistency
// convergence within bounded time periods.
//
// Security Model:
// All context data is encrypted before distribution using role-specific keys
// from the BZZZ crypto system. Only nodes with appropriate role permissions
// can decrypt and access context information, ensuring secure collaborative
// development while maintaining access control boundaries.
//
// Performance Characteristics:
// - O(log N) lookup time for context retrieval
// - Configurable replication factors (typically 3-5 nodes)
// - Gossip synchronization in O(log N) rounds
// - Automatic load balancing based on node capacity
// - Background optimization and compaction processes
//
// Fault Tolerance:
// The system handles node failures, network partitions, and data corruption
// through multiple mechanisms including replication, checksums, repair
// protocols, and automatic failover. Recovery time is typically proportional
// to the size of affected data and available network bandwidth.
package distribution

682
pkg/slurp/distribution/gossip.go Normal file
View File

@@ -0,0 +1,682 @@
// Package distribution provides gossip protocol for metadata synchronization
package distribution
import (
"context"
"encoding/json"
"fmt"
"math/rand"
"sync"
"time"
"chorus.services/bzzz/pkg/dht"
"chorus.services/bzzz/pkg/config"
"chorus.services/bzzz/pkg/ucxl"
)
// GossipProtocolImpl implements GossipProtocol interface for metadata synchronization
type GossipProtocolImpl struct {
mu sync.RWMutex
dht *dht.DHT
config *config.Config
running bool
gossipInterval time.Duration
maxGossipPeers int
compressionEnabled bool
messageBuffer chan *GossipMessage
state *GossipState
stats *GossipStatistics
metadataCache map[string]*ContextMetadata
vectorClock map[string]int64
failureDetector *FailureDetector
}
// GossipMessage represents a message in the gossip protocol
type GossipMessage struct {
MessageID string `json:"message_id"`
MessageType GossipMessageType `json:"message_type"`
SenderID string `json:"sender_id"`
Timestamp time.Time `json:"timestamp"`
TTL int `json:"ttl"`
VectorClock map[string]int64 `json:"vector_clock"`
Payload map[string]interface{} `json:"payload"`
Metadata *GossipMessageMetadata `json:"metadata"`
}
// GossipMessageType represents different types of gossip messages
type GossipMessageType string
const (
GossipMessageHeartbeat GossipMessageType = "heartbeat"
GossipMessageMetadataSync GossipMessageType = "metadata_sync"
GossipMessageContextUpdate GossipMessageType = "context_update"
GossipMessagePeerDiscovery GossipMessageType = "peer_discovery"
GossipMessageConflictAlert GossipMessageType = "conflict_alert"
GossipMessageHealthCheck GossipMessageType = "health_check"
)
// GossipMessageMetadata contains metadata about gossip messages
type GossipMessageMetadata struct {
Priority Priority `json:"priority"`
Reliability bool `json:"reliability"`
Encrypted bool `json:"encrypted"`
Compressed bool `json:"compressed"`
OriginalSize int `json:"original_size"`
CompressionType string `json:"compression_type"`
}
// ContextMetadata represents metadata about a distributed context
type ContextMetadata struct {
Address ucxl.Address `json:"address"`
Version int64 `json:"version"`
LastUpdated time.Time `json:"last_updated"`
UpdatedBy string `json:"updated_by"`
Roles []string `json:"roles"`
Size int64 `json:"size"`
Checksum string `json:"checksum"`
ReplicationNodes []string `json:"replication_nodes"`
VectorClock map[string]int64 `json:"vector_clock"`
Status MetadataStatus `json:"status"`
}
// MetadataStatus represents the status of context metadata
type MetadataStatus string
const (
MetadataStatusActive MetadataStatus = "active"
MetadataStatusDeprecated MetadataStatus = "deprecated"
MetadataStatusDeleted MetadataStatus = "deleted"
MetadataStatusConflicted MetadataStatus = "conflicted"
)
// FailureDetector detects failed nodes in the network
type FailureDetector struct {
mu sync.RWMutex
suspectedNodes map[string]time.Time
failedNodes map[string]time.Time
heartbeatTimeout time.Duration
failureThreshold time.Duration
}
// NewGossipProtocolImpl creates a new gossip protocol implementation
func NewGossipProtocolImpl(dht *dht.DHT, config *config.Config) (*GossipProtocolImpl, error) {
if dht == nil {
return nil, fmt.Errorf("DHT instance is required")
}
if config == nil {
return nil, fmt.Errorf("config is required")
}
gp := &GossipProtocolImpl{
dht: dht,
config: config,
running: false,
gossipInterval: 30 * time.Second,
maxGossipPeers: 5,
compressionEnabled: true,
messageBuffer: make(chan *GossipMessage, 1000),
state: &GossipState{
Running: false,
CurrentRound: 0,
RoundStartTime: time.Now(),
RoundDuration: 0,
ActiveConnections: 0,
PendingMessages: 0,
NextRoundTime: time.Now().Add(30 * time.Second),
ProtocolVersion: "v1.0",
State: "stopped",
},
stats: &GossipStatistics{
LastUpdated: time.Now(),
},
metadataCache: make(map[string]*ContextMetadata),
vectorClock: make(map[string]int64),
failureDetector: &FailureDetector{
suspectedNodes: make(map[string]time.Time),
failedNodes: make(map[string]time.Time),
heartbeatTimeout: 60 * time.Second,
failureThreshold: 120 * time.Second,
},
}
return gp, nil
}
// StartGossip begins gossip protocol for metadata synchronization
func (gp *GossipProtocolImpl) StartGossip(ctx context.Context) error {
gp.mu.Lock()
if gp.running {
gp.mu.Unlock()
return fmt.Errorf("gossip protocol already running")
}
gp.running = true
gp.state.Running = true
gp.state.State = "running"
gp.mu.Unlock()
// Start background workers
go gp.gossipWorker(ctx)
go gp.messageProcessor(ctx)
go gp.heartbeatSender(ctx)
go gp.failureDetectorWorker(ctx)
return nil
}
// StopGossip stops gossip protocol
func (gp *GossipProtocolImpl) StopGossip(ctx context.Context) error {
gp.mu.Lock()
defer gp.mu.Unlock()
if !gp.running {
return fmt.Errorf("gossip protocol not running")
}
gp.running = false
gp.state.Running = false
gp.state.State = "stopped"
close(gp.messageBuffer)
return nil
}
// GossipMetadata exchanges metadata with peer nodes
func (gp *GossipProtocolImpl) GossipMetadata(ctx context.Context, peer string) error {
if !gp.running {
return fmt.Errorf("gossip protocol not running")
}
// Create metadata sync message
message := &GossipMessage{
MessageID: gp.generateMessageID(),
MessageType: GossipMessageMetadataSync,
SenderID: gp.config.Agent.ID,
Timestamp: time.Now(),
TTL: 3, // Max 3 hops
VectorClock: gp.getVectorClock(),
Payload: map[string]interface{}{
"metadata_cache": gp.getMetadataCacheSnapshot(),
"request_sync": true,
},
Metadata: &GossipMessageMetadata{
Priority: PriorityNormal,
Reliability: true,
Encrypted: false,
Compressed: gp.compressionEnabled,
},
}
// Send to specific peer
return gp.sendMessage(ctx, message, peer)
}
// GetGossipState returns current gossip protocol state
func (gp *GossipProtocolImpl) GetGossipState() (*GossipState, error) {
gp.mu.RLock()
defer gp.mu.RUnlock()
// Update dynamic state
gp.state.ActiveConnections = len(gp.dht.GetConnectedPeers())
gp.state.PendingMessages = len(gp.messageBuffer)
return gp.state, nil
}
// SetGossipInterval configures gossip frequency
func (gp *GossipProtocolImpl) SetGossipInterval(interval time.Duration) error {
if interval < time.Second {
return fmt.Errorf("gossip interval too short (minimum 1 second)")
}
if interval > time.Hour {
return fmt.Errorf("gossip interval too long (maximum 1 hour)")
}
gp.mu.Lock()
gp.gossipInterval = interval
gp.state.NextRoundTime = time.Now().Add(interval)
gp.mu.Unlock()
return nil
}
// GetGossipStats returns gossip protocol statistics
func (gp *GossipProtocolImpl) GetGossipStats() (*GossipStatistics, error) {
gp.mu.RLock()
defer gp.mu.RUnlock()
// Update real-time stats
gp.stats.ActivePeers = len(gp.dht.GetConnectedPeers())
gp.stats.LastGossipTime = time.Now()
gp.stats.LastUpdated = time.Now()
return gp.stats, nil
}
// Background workers
func (gp *GossipProtocolImpl) gossipWorker(ctx context.Context) {
ticker := time.NewTicker(gp.gossipInterval)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
if gp.running {
gp.performGossipRound(ctx)
}
}
}
}
func (gp *GossipProtocolImpl) messageProcessor(ctx context.Context) {
for {
select {
case <-ctx.Done():
return
case message := <-gp.messageBuffer:
if message == nil {
return // Channel closed
}
gp.processIncomingMessage(ctx, message)
}
}
}
func (gp *GossipProtocolImpl) heartbeatSender(ctx context.Context) {
ticker := time.NewTicker(30 * time.Second)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
if gp.running {
gp.sendHeartbeat(ctx)
}
}
}
}
func (gp *GossipProtocolImpl) failureDetectorWorker(ctx context.Context) {
ticker := time.NewTicker(60 * time.Second)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
if gp.running {
gp.detectFailures()
}
}
}
}
// Core gossip operations
func (gp *GossipProtocolImpl) performGossipRound(ctx context.Context) {
start := time.Now()
gp.mu.Lock()
gp.state.CurrentRound++
gp.state.RoundStartTime = start
gp.stats.GossipRounds++
gp.mu.Unlock()
// Select random peers for gossip
peers := gp.selectGossipPeers()
// Perform gossip with selected peers
for _, peer := range peers {
go func(peerID string) {
if err := gp.GossipMetadata(ctx, peerID); err != nil {
gp.mu.Lock()
gp.stats.NetworkErrors++
gp.mu.Unlock()
}
}(peer)
}
// Update round duration
gp.mu.Lock()
gp.state.RoundDuration = time.Since(start)
gp.state.NextRoundTime = time.Now().Add(gp.gossipInterval)
gp.stats.AverageRoundTime = (gp.stats.AverageRoundTime + gp.state.RoundDuration) / 2
gp.mu.Unlock()
}
func (gp *GossipProtocolImpl) selectGossipPeers() []string {
connectedPeers := gp.dht.GetConnectedPeers()
if len(connectedPeers) == 0 {
return []string{}
}
// Randomly select up to maxGossipPeers
selectedCount := min(len(connectedPeers), gp.maxGossipPeers)
selected := make([]string, 0, selectedCount)
// Simple random selection
perm := rand.Perm(len(connectedPeers))
for i := 0; i < selectedCount; i++ {
selected = append(selected, connectedPeers[perm[i]].String())
}
return selected
}
func (gp *GossipProtocolImpl) processIncomingMessage(ctx context.Context, message *GossipMessage) {
// Update vector clock
gp.updateVectorClock(message.VectorClock)
// Process based on message type
switch message.MessageType {
case GossipMessageHeartbeat:
gp.processHeartbeat(message)
case GossipMessageMetadataSync:
gp.processMetadataSync(ctx, message)
case GossipMessageContextUpdate:
gp.processContextUpdate(message)
case GossipMessagePeerDiscovery:
gp.processPeerDiscovery(message)
case GossipMessageConflictAlert:
gp.processConflictAlert(message)
case GossipMessageHealthCheck:
gp.processHealthCheck(message)
default:
gp.mu.Lock()
gp.stats.ProtocolErrors++
gp.mu.Unlock()
}
// Update statistics
gp.mu.Lock()
gp.stats.MessagesReceived++
gp.mu.Unlock()
}
func (gp *GossipProtocolImpl) sendMessage(ctx context.Context, message *GossipMessage, peer string) error {
// Serialize message
messageBytes, err := json.Marshal(message)
if err != nil {
return fmt.Errorf("failed to serialize message: %w", err)
}
// Compress if enabled
if gp.compressionEnabled && message.Metadata != nil {
compressedBytes, err := gp.compressMessage(messageBytes)
if err == nil {
message.Metadata.Compressed = true
message.Metadata.OriginalSize = len(messageBytes)
message.Metadata.CompressionType = "gzip"
messageBytes = compressedBytes
}
}
// Send via DHT (in a real implementation, this would use direct peer connections)
key := fmt.Sprintf("gossip:%s:%s", peer, message.MessageID)
if err := gp.dht.PutValue(ctx, key, messageBytes); err != nil {
gp.mu.Lock()
gp.stats.MessagesDropped++
gp.mu.Unlock()
return fmt.Errorf("failed to send gossip message: %w", err)
}
gp.mu.Lock()
gp.stats.MessagesSent++
gp.mu.Unlock()
return nil
}
func (gp *GossipProtocolImpl) sendHeartbeat(ctx context.Context) {
message := &GossipMessage{
MessageID: gp.generateMessageID(),
MessageType: GossipMessageHeartbeat,
SenderID: gp.config.Agent.ID,
Timestamp: time.Now(),
TTL: 1, // Heartbeats don't propagate
VectorClock: gp.getVectorClock(),
Payload: map[string]interface{}{
"status": "alive",
"load": gp.calculateNodeLoad(),
"version": "1.0.0",
"capabilities": []string{"context_distribution", "replication"},
},
Metadata: &GossipMessageMetadata{
Priority: PriorityHigh,
Reliability: false, // Heartbeats can be lost
Encrypted: false,
Compressed: false,
},
}
// Send to all connected peers
peers := gp.selectGossipPeers()
for _, peer := range peers {
go func(peerID string) {
gp.sendMessage(ctx, message, peerID)
}(peer)
}
}
func (gp *GossipProtocolImpl) detectFailures() {
now := time.Now()
gp.failureDetector.mu.Lock()
defer gp.failureDetector.mu.Unlock()
// Check for suspected nodes that haven't responded
for nodeID, suspectedTime := range gp.failureDetector.suspectedNodes {
if now.Sub(suspectedTime) > gp.failureDetector.failureThreshold {
// Mark as failed
gp.failureDetector.failedNodes[nodeID] = now
delete(gp.failureDetector.suspectedNodes, nodeID)
}
}
// Clean up old failure records
for nodeID, failedTime := range gp.failureDetector.failedNodes {
if now.Sub(failedTime) > 24*time.Hour {
delete(gp.failureDetector.failedNodes, nodeID)
}
}
}
// Message processing handlers
func (gp *GossipProtocolImpl) processHeartbeat(message *GossipMessage) {
// Remove from suspected/failed lists if present
gp.failureDetector.mu.Lock()
delete(gp.failureDetector.suspectedNodes, message.SenderID)
delete(gp.failureDetector.failedNodes, message.SenderID)
gp.failureDetector.mu.Unlock()
// Update peer information
if load, ok := message.Payload["load"].(float64); ok {
// Store peer load information
_ = load
}
}
func (gp *GossipProtocolImpl) processMetadataSync(ctx context.Context, message *GossipMessage) {
// Extract metadata cache from payload
if metadataCache, ok := message.Payload["metadata_cache"].(map[string]interface{}); ok {
gp.mergeMetadataCache(metadataCache)
}
// If this is a sync request, respond with our metadata
if requestSync, ok := message.Payload["request_sync"].(bool); ok && requestSync {
responseMessage := &GossipMessage{
MessageID: gp.generateMessageID(),
MessageType: GossipMessageMetadataSync,
SenderID: gp.config.Agent.ID,
Timestamp: time.Now(),
TTL: 1,
VectorClock: gp.getVectorClock(),
Payload: map[string]interface{}{
"metadata_cache": gp.getMetadataCacheSnapshot(),
"request_sync": false,
},
Metadata: &GossipMessageMetadata{
Priority: PriorityNormal,
Reliability: true,
Encrypted: false,
Compressed: gp.compressionEnabled,
},
}
go func() {
gp.sendMessage(ctx, responseMessage, message.SenderID)
}()
}
}
func (gp *GossipProtocolImpl) processContextUpdate(message *GossipMessage) {
// Handle context update notifications
if address, ok := message.Payload["address"].(string); ok {
if version, ok := message.Payload["version"].(float64); ok {
gp.updateContextMetadata(address, int64(version), message.SenderID)
}
}
}
func (gp *GossipProtocolImpl) processPeerDiscovery(message *GossipMessage) {
// Handle peer discovery messages
if peers, ok := message.Payload["peers"].([]interface{}); ok {
for _, peerData := range peers {
if peer, ok := peerData.(string); ok {
// Add discovered peer to our peer list
_ = peer
}
}
}
}
func (gp *GossipProtocolImpl) processConflictAlert(message *GossipMessage) {
// Handle conflict alert messages
if address, ok := message.Payload["address"].(string); ok {
// Mark context as conflicted in our metadata cache
gp.mu.Lock()
if metadata, exists := gp.metadataCache[address]; exists {
metadata.Status = MetadataStatusConflicted
}
gp.mu.Unlock()
}
}
func (gp *GossipProtocolImpl) processHealthCheck(message *GossipMessage) {
// Respond to health check with our status
// Implementation would send back health information
}
// Helper methods
func (gp *GossipProtocolImpl) generateMessageID() string {
return fmt.Sprintf("%s-%d", gp.config.Agent.ID, time.Now().UnixNano())
}
func (gp *GossipProtocolImpl) getVectorClock() map[string]int64 {
gp.mu.RLock()
defer gp.mu.RUnlock()
clock := make(map[string]int64)
for nodeID, timestamp := range gp.vectorClock {
clock[nodeID] = timestamp
}
clock[gp.config.Agent.ID] = time.Now().Unix()
return clock
}
func (gp *GossipProtocolImpl) updateVectorClock(remoteClock map[string]int64) {
gp.mu.Lock()
defer gp.mu.Unlock()
for nodeID, timestamp := range remoteClock {
if existingTimestamp, exists := gp.vectorClock[nodeID]; !exists || timestamp > existingTimestamp {
gp.vectorClock[nodeID] = timestamp
}
}
}
func (gp *GossipProtocolImpl) getMetadataCacheSnapshot() map[string]*ContextMetadata {
gp.mu.RLock()
defer gp.mu.RUnlock()
snapshot := make(map[string]*ContextMetadata)
for address, metadata := range gp.metadataCache {
// Deep copy metadata
snapshot[address] = &ContextMetadata{
Address: metadata.Address,
Version: metadata.Version,
LastUpdated: metadata.LastUpdated,
UpdatedBy: metadata.UpdatedBy,
Roles: append([]string{}, metadata.Roles...),
Size: metadata.Size,
Checksum: metadata.Checksum,
ReplicationNodes: append([]string{}, metadata.ReplicationNodes...),
VectorClock: make(map[string]int64),
Status: metadata.Status,
}
for k, v := range metadata.VectorClock {
snapshot[address].VectorClock[k] = v
}
}
return snapshot
}
func (gp *GossipProtocolImpl) mergeMetadataCache(remoteCache map[string]interface{}) {
gp.mu.Lock()
defer gp.mu.Unlock()
// Simplified merge logic - in production would be more sophisticated
for address, metadataInterface := range remoteCache {
if metadataMap, ok := metadataInterface.(map[string]interface{}); ok {
// Convert map to ContextMetadata struct
// This is simplified - production code would use proper deserialization
if version, ok := metadataMap["version"].(float64); ok {
if existing, exists := gp.metadataCache[address]; !exists || int64(version) > existing.Version {
// Update with newer version
// Implementation would properly deserialize the metadata
}
}
}
}
}
func (gp *GossipProtocolImpl) updateContextMetadata(address string, version int64, updatedBy string) {
gp.mu.Lock()
defer gp.mu.Unlock()
if existing, exists := gp.metadataCache[address]; exists && version > existing.Version {
existing.Version = version
existing.LastUpdated = time.Now()
existing.UpdatedBy = updatedBy
}
}
func (gp *GossipProtocolImpl) calculateNodeLoad() float64 {
// Calculate current node load (simplified)
gp.mu.RLock()
metadataCount := len(gp.metadataCache)
gp.mu.RUnlock()
return float64(metadataCount) / 100.0 // Normalize to [0,1] range
}
func (gp *GossipProtocolImpl) compressMessage(data []byte) ([]byte, error) {
// Simplified compression - would use actual compression in production
return data, nil
}
// min returns the minimum of two integers
func min(a, b int) int {
if a < b {
return a
}
return b
}

1148
pkg/slurp/distribution/monitoring.go Normal file
View File

File diff suppressed because it is too large Load Diff

1076
pkg/slurp/distribution/network.go Normal file
View File

File diff suppressed because it is too large Load Diff

646
pkg/slurp/distribution/replication.go Normal file
View File

@@ -0,0 +1,646 @@
// Package distribution provides replication management for distributed contexts
package distribution
import (
"context"
"fmt"
"sync"
"time"
"chorus.services/bzzz/pkg/dht"
"chorus.services/bzzz/pkg/config"
"chorus.services/bzzz/pkg/ucxl"
"github.com/libp2p/go-libp2p/core/peer"
)
// ReplicationManagerImpl implements ReplicationManager interface
type ReplicationManagerImpl struct {
mu sync.RWMutex
dht *dht.DHT
config *config.Config
replicationMap map[string]*ReplicationStatus
repairQueue chan *RepairRequest
rebalanceQueue chan *RebalanceRequest
consistentHash ConsistentHashing
policy *ReplicationPolicy
stats *ReplicationStatistics
running bool
}
// RepairRequest represents a repair request
type RepairRequest struct {
Address ucxl.Address
RequestedBy string
Priority Priority
RequestTime time.Time
}
// RebalanceRequest represents a rebalance request
type RebalanceRequest struct {
Reason string
RequestedBy string
RequestTime time.Time
}
// NewReplicationManagerImpl creates a new replication manager implementation
func NewReplicationManagerImpl(dht *dht.DHT, config *config.Config) (*ReplicationManagerImpl, error) {
if dht == nil {
return nil, fmt.Errorf("DHT instance is required")
}
if config == nil {
return nil, fmt.Errorf("config is required")
}
rm := &ReplicationManagerImpl{
dht: dht,
config: config,
replicationMap: make(map[string]*ReplicationStatus),
repairQueue: make(chan *RepairRequest, 1000),
rebalanceQueue: make(chan *RebalanceRequest, 100),
policy: &ReplicationPolicy{
DefaultFactor: 3,
MinFactor: 2,
MaxFactor: 7,
PreferredZones: []string{"zone-a", "zone-b", "zone-c"},
AvoidSameNode: true,
ConsistencyLevel: ConsistencyEventual,
RepairThreshold: 0.8,
RebalanceInterval: 6 * time.Hour,
},
stats: &ReplicationStatistics{
LastUpdated: time.Now(),
},
}
// Initialize consistent hashing
consistentHash, err := NewConsistentHashingImpl()
if err != nil {
return nil, fmt.Errorf("failed to create consistent hashing: %w", err)
}
rm.consistentHash = consistentHash
// Add known peers to consistent hash ring
peers := dht.GetConnectedPeers()
for _, peerID := range peers {
rm.consistentHash.AddNode(peerID.String())
}
return rm, nil
}
// Start starts the replication manager
func (rm *ReplicationManagerImpl) Start(ctx context.Context) error {
rm.mu.Lock()
if rm.running {
rm.mu.Unlock()
return fmt.Errorf("replication manager already running")
}
rm.running = true
rm.mu.Unlock()
// Start background workers
go rm.repairWorker(ctx)
go rm.rebalanceWorker(ctx)
go rm.healthChecker(ctx)
return nil
}
// Stop stops the replication manager
func (rm *ReplicationManagerImpl) Stop() error {
rm.mu.Lock()
defer rm.mu.Unlock()
rm.running = false
close(rm.repairQueue)
close(rm.rebalanceQueue)
return nil
}
// EnsureReplication ensures context meets replication requirements
func (rm *ReplicationManagerImpl) EnsureReplication(ctx context.Context, address ucxl.Address, factor int) error {
if factor < rm.policy.MinFactor {
factor = rm.policy.MinFactor
}
if factor > rm.policy.MaxFactor {
factor = rm.policy.MaxFactor
}
// Get current replication status
status, err := rm.GetReplicationStatus(ctx, address)
if err != nil {
return fmt.Errorf("failed to get replication status: %w", err)
}
if status.CurrentReplicas >= factor {
return nil // Already sufficiently replicated
}
// Calculate how many more replicas we need
needed := factor - status.CurrentReplicas
// Select target nodes for additional replicas
targetNodes, err := rm.selectReplicationNodes(address, needed)
if err != nil {
return fmt.Errorf("failed to select replication nodes: %w", err)
}
// Create replicas on target nodes
for _, nodeID := range targetNodes {
if err := rm.createReplica(ctx, address, nodeID); err != nil {
// Log error but continue with other nodes
continue
}
}
// Update replication status
rm.updateReplicationStatus(address, status.CurrentReplicas+len(targetNodes))
return nil
}
// RepairReplicas repairs missing or corrupted replicas
func (rm *ReplicationManagerImpl) RepairReplicas(ctx context.Context, address ucxl.Address) (*RepairResult, error) {
start := time.Now()
result := &RepairResult{
Address: address.String(),
RepairTime: 0,
RepairSuccessful: false,
Errors: []string{},
RepairedAt: time.Now(),
}
// Get current replication status
status, err := rm.GetReplicationStatus(ctx, address)
if err != nil {
result.Errors = append(result.Errors, fmt.Sprintf("failed to get replication status: %v", err))
return result, err
}
// Identify unhealthy replicas
unhealthyNodes := []string{}
for nodeID, replica := range status.ReplicaDistribution {
if replica == 0 { // Node should have replica but doesn't
unhealthyNodes = append(unhealthyNodes, nodeID)
}
}
// Repair missing replicas
repaired := 0
for _, nodeID := range unhealthyNodes {
if err := rm.createReplica(ctx, address, nodeID); err != nil {
result.Errors = append(result.Errors, fmt.Sprintf("failed to repair replica on node %s: %v", nodeID, err))
} else {
repaired++
}
}
result.RepairedReplicas = repaired
result.RepairTime = time.Since(start)
result.RepairSuccessful = len(result.Errors) == 0
rm.mu.Lock()
rm.stats.RepairRequests++
if result.RepairSuccessful {
rm.stats.SuccessfulRepairs++
} else {
rm.stats.FailedRepairs++
}
rm.stats.AverageRepairTime = (rm.stats.AverageRepairTime + result.RepairTime) / 2
rm.stats.LastUpdated = time.Now()
rm.mu.Unlock()
return result, nil
}
// BalanceReplicas rebalances replicas across cluster nodes
func (rm *ReplicationManagerImpl) BalanceReplicas(ctx context.Context) (*RebalanceResult, error) {
start := time.Now()
result := &RebalanceResult{
RebalanceTime: 0,
RebalanceSuccessful: false,
Errors: []string{},
RebalancedAt: time.Now(),
}
// Get current cluster topology
peers := rm.dht.GetConnectedPeers()
if len(peers) < rm.policy.MinFactor {
result.Errors = append(result.Errors, "insufficient peers for rebalancing")
return result, fmt.Errorf("insufficient peers for rebalancing")
}
// Calculate ideal distribution
idealDistribution := rm.calculateIdealDistribution(peers)
// Get current distribution for all contexts
currentDistribution := rm.getCurrentDistribution(ctx)
// Calculate moves needed
moves := rm.calculateRebalanceMoves(currentDistribution, idealDistribution)
// Execute moves
moved := 0
for _, move := range moves {
if err := rm.moveReplica(ctx, move); err != nil {
result.Errors = append(result.Errors, fmt.Sprintf("failed to move replica: %v", err))
} else {
moved++
}
}
result.MovedReplicas = moved
result.RebalanceTime = time.Since(start)
result.RebalanceSuccessful = len(result.Errors) == 0
// Calculate load balance improvement
if len(moves) > 0 {
result.LoadBalanceImprovement = float64(moved) / float64(len(moves))
}
rm.mu.Lock()
rm.stats.RebalanceOperations++
rm.stats.LastRebalanceTime = time.Now()
rm.stats.LastUpdated = time.Now()
rm.mu.Unlock()
return result, nil
}
// GetReplicationStatus returns current replication status
func (rm *ReplicationManagerImpl) GetReplicationStatus(ctx context.Context, address ucxl.Address) (*ReplicaHealth, error) {
rm.mu.RLock()
status, exists := rm.replicationMap[address.String()]
rm.mu.RUnlock()
if !exists {
// Create new status entry
status = &ReplicationStatus{
Address: address.String(),
DesiredReplicas: rm.policy.DefaultFactor,
CurrentReplicas: 0,
HealthyReplicas: 0,
ReplicationHealth: 0.0,
ReplicaDistribution: make(map[string]int),
LastReplication: time.Time{},
ReplicationErrors: []string{},
Status: "unknown",
}
// Try to discover existing replicas
rm.discoverReplicas(ctx, address, status)
rm.mu.Lock()
rm.replicationMap[address.String()] = status
rm.mu.Unlock()
}
// Convert to ReplicaHealth format
health := &ReplicaHealth{
Address: address,
TotalReplicas: status.CurrentReplicas,
HealthyReplicas: status.HealthyReplicas,
FailedReplicas: status.CurrentReplicas - status.HealthyReplicas,
ReplicaNodes: []*ReplicaNode{},
OverallHealth: rm.determineOverallHealth(status),
LastChecked: time.Now(),
RepairNeeded: status.HealthyReplicas < status.DesiredReplicas,
}
// Populate replica nodes
for nodeID, count := range status.ReplicaDistribution {
if count > 0 {
health.ReplicaNodes = append(health.ReplicaNodes, &ReplicaNode{
NodeID: nodeID,
Status: rm.getNodeReplicaStatus(nodeID),
LastSeen: time.Now(),
Version: 1,
Checksum: "",
Latency: 0,
NetworkAddress: nodeID,
})
}
}
return health, nil
}
// SetReplicationFactor sets the desired replication factor
func (rm *ReplicationManagerImpl) SetReplicationFactor(factor int) error {
if factor < 1 {
return fmt.Errorf("replication factor must be at least 1")
}
if factor > 10 {
return fmt.Errorf("replication factor cannot exceed 10")
}
rm.mu.Lock()
rm.policy.DefaultFactor = factor
rm.mu.Unlock()
return nil
}
// GetReplicationStats returns replication statistics
func (rm *ReplicationManagerImpl) GetReplicationStats() (*ReplicationStatistics, error) {
rm.mu.RLock()
defer rm.mu.RUnlock()
// Update calculated fields
rm.stats.AverageReplicationFactor = rm.calculateAverageReplicationFactor()
rm.stats.ReplicationEfficiency = rm.calculateReplicationEfficiency()
return rm.stats, nil
}
// Background workers
func (rm *ReplicationManagerImpl) repairWorker(ctx context.Context) {
for {
select {
case <-ctx.Done():
return
case req := <-rm.repairQueue:
if req == nil {
return // Channel closed
}
rm.RepairReplicas(ctx, req.Address)
}
}
}
func (rm *ReplicationManagerImpl) rebalanceWorker(ctx context.Context) {
ticker := time.NewTicker(rm.policy.RebalanceInterval)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
rm.BalanceReplicas(ctx)
case req := <-rm.rebalanceQueue:
if req == nil {
return // Channel closed
}
rm.BalanceReplicas(ctx)
}
}
}
func (rm *ReplicationManagerImpl) healthChecker(ctx context.Context) {
ticker := time.NewTicker(5 * time.Minute)
defer ticker.Stop()
for {
select {
case <-ctx.Done():
return
case <-ticker.C:
rm.checkReplicaHealth(ctx)
}
}
}
// Helper methods
func (rm *ReplicationManagerImpl) selectReplicationNodes(address ucxl.Address, count int) ([]string, error) {
// Use consistent hashing to select nodes
candidates, err := rm.consistentHash.GetNodes(address.String(), count*2) // Get more candidates than needed
if err != nil {
return nil, err
}
// Filter out nodes that already have replicas and apply placement policies
selectedNodes := []string{}
for _, nodeID := range candidates {
if len(selectedNodes) >= count {
break
}
// Check if node already has this replica
if rm.hasReplica(address, nodeID) {
continue
}
// Check placement policies
if rm.policy.AvoidSameNode && rm.isNodeOverloaded(nodeID) {
continue
}
selectedNodes = append(selectedNodes, nodeID)
}
return selectedNodes, nil
}
func (rm *ReplicationManagerImpl) createReplica(ctx context.Context, address ucxl.Address, nodeID string) error {
// In a real implementation, this would:
// 1. Connect to the target node
// 2. Transfer the context data
// 3. Verify successful storage
// For now, we'll simulate success
return nil
}
func (rm *ReplicationManagerImpl) updateReplicationStatus(address ucxl.Address, currentReplicas int) {
rm.mu.Lock()
defer rm.mu.Unlock()
addressStr := address.String()
if status, exists := rm.replicationMap[addressStr]; exists {
status.CurrentReplicas = currentReplicas
status.LastReplication = time.Now()
}
}
func (rm *ReplicationManagerImpl) discoverReplicas(ctx context.Context, address ucxl.Address, status *ReplicationStatus) {
// In a real implementation, this would query the DHT to discover existing replicas
// For now, we'll simulate some replicas
peers := rm.dht.GetConnectedPeers()
if len(peers) > 0 {
status.CurrentReplicas = min(len(peers), rm.policy.DefaultFactor)
status.HealthyReplicas = status.CurrentReplicas
for i, peer := range peers {
if i >= status.CurrentReplicas {
break
}
status.ReplicaDistribution[peer.String()] = 1
}
}
}
func (rm *ReplicationManagerImpl) determineOverallHealth(status *ReplicationStatus) HealthStatus {
if status.HealthyReplicas == 0 {
return HealthFailed
}
healthRatio := float64(status.HealthyReplicas) / float64(status.DesiredReplicas)
if healthRatio >= 1.0 {
return HealthHealthy
} else if healthRatio >= 0.7 {
return HealthDegraded
} else if healthRatio >= 0.3 {
return HealthCritical
} else {
return HealthFailed
}
}
func (rm *ReplicationManagerImpl) getNodeReplicaStatus(nodeID string) ReplicaStatus {
// In a real implementation, this would check the actual status of the replica on the node
// For now, assume healthy
return ReplicaHealthy
}
func (rm *ReplicationManagerImpl) calculateAverageReplicationFactor() float64 {
rm.mu.RLock()
defer rm.mu.RUnlock()
if len(rm.replicationMap) == 0 {
return 0
}
total := 0
for _, status := range rm.replicationMap {
total += status.CurrentReplicas
}
return float64(total) / float64(len(rm.replicationMap))
}
func (rm *ReplicationManagerImpl) calculateReplicationEfficiency() float64 {
rm.mu.RLock()
defer rm.mu.RUnlock()
if len(rm.replicationMap) == 0 {
return 1.0
}
efficient := 0
for _, status := range rm.replicationMap {
if status.HealthyReplicas >= status.DesiredReplicas {
efficient++
}
}
return float64(efficient) / float64(len(rm.replicationMap))
}
func (rm *ReplicationManagerImpl) checkReplicaHealth(ctx context.Context) {
rm.mu.RLock()
addresses := make([]string, 0, len(rm.replicationMap))
for addr := range rm.replicationMap {
addresses = append(addresses, addr)
}
rm.mu.RUnlock()
for _, addrStr := range addresses {
addr, err := ucxl.ParseAddress(addrStr)
if err != nil {
continue
}
// Check if repair is needed
status, err := rm.GetReplicationStatus(ctx, addr)
if err != nil {
continue
}
if status.RepairNeeded {
select {
case rm.repairQueue <- &RepairRequest{
Address: addr,
RequestedBy: "health_checker",
Priority: PriorityNormal,
RequestTime: time.Now(),
}:
default:
// Queue is full, skip this repair
}
}
}
}
func (rm *ReplicationManagerImpl) calculateIdealDistribution(peers []peer.ID) map[string]int {
// Simple ideal distribution - equal replicas per node
distribution := make(map[string]int)
for _, peer := range peers {
distribution[peer.String()] = 0
}
return distribution
}
func (rm *ReplicationManagerImpl) getCurrentDistribution(ctx context.Context) map[string]map[string]int {
// Returns current distribution: address -> node -> replica count
distribution := make(map[string]map[string]int)
rm.mu.RLock()
for addr, status := range rm.replicationMap {
distribution[addr] = make(map[string]int)
for nodeID, count := range status.ReplicaDistribution {
distribution[addr][nodeID] = count
}
}
rm.mu.RUnlock()
return distribution
}
func (rm *ReplicationManagerImpl) calculateRebalanceMoves(current, ideal map[string]map[string]int) []*RebalanceMove {
moves := []*RebalanceMove{}
// Simplified implementation - in production would use sophisticated algorithms
return moves
}
func (rm *ReplicationManagerImpl) moveReplica(ctx context.Context, move *RebalanceMove) error {
// Implementation would move replica from source to target node
return nil
}
func (rm *ReplicationManagerImpl) hasReplica(address ucxl.Address, nodeID string) bool {
rm.mu.RLock()
defer rm.mu.RUnlock()
if status, exists := rm.replicationMap[address.String()]; exists {
return status.ReplicaDistribution[nodeID] > 0
}
return false
}
func (rm *ReplicationManagerImpl) isNodeOverloaded(nodeID string) bool {
// Simple implementation - check if node has too many replicas
rm.mu.RLock()
defer rm.mu.RUnlock()
totalReplicas := 0
for _, status := range rm.replicationMap {
totalReplicas += status.ReplicaDistribution[nodeID]
}
// Consider overloaded if more than average + 50%
averageLoad := rm.calculateAverageReplicationFactor()
return float64(totalReplicas) > averageLoad*1.5
}
// RebalanceMove represents a replica move operation
type RebalanceMove struct {
Address ucxl.Address `json:"address"`
FromNode string `json:"from_node"`
ToNode string `json:"to_node"`
Priority Priority `json:"priority"`
Reason string `json:"reason"`
}
// Utility functions
func min(a, b int) int {
if a < b {
return a
}
return b
}

834
pkg/slurp/distribution/security.go Normal file
View File

@@ -0,0 +1,834 @@
// Package distribution provides comprehensive security for distributed context operations
package distribution
import (
"context"
"crypto/rand"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/json"
"fmt"
"math/big"
"net"
"sync"
"time"
"chorus.services/bzzz/pkg/config"
"chorus.services/bzzz/pkg/crypto"
)
// SecurityManager handles all security aspects of the distributed system
type SecurityManager struct {
mu sync.RWMutex
config *config.Config
tlsConfig *TLSConfig
authManager *AuthenticationManager
authzManager *AuthorizationManager
auditLogger *SecurityAuditLogger
nodeAuth *NodeAuthentication
encryption *DistributionEncryption
certificateAuth *CertificateAuthority
// Security state
trustedNodes map[string]*TrustedNode
activeSessions map[string]*SecuritySession
securityPolicies map[string]*SecurityPolicy
threatDetector *ThreatDetector
// Configuration
tlsEnabled bool
mutualTLSEnabled bool
auditingEnabled bool
encryptionEnabled bool
}
// TLSConfig manages TLS configuration for secure communications
type TLSConfig struct {
ServerConfig *tls.Config
ClientConfig *tls.Config
CertificatePath string
PrivateKeyPath string
CAPath string
MinTLSVersion uint16
CipherSuites []uint16
CurvePreferences []tls.CurveID
ClientAuth tls.ClientAuthType
VerifyConnection func(tls.ConnectionState) error
}
// AuthenticationManager handles node and user authentication
type AuthenticationManager struct {
mu sync.RWMutex
providers map[string]AuthProvider
tokenValidator TokenValidator
sessionManager *SessionManager
multiFactorAuth *MultiFactorAuth
credentialStore *CredentialStore
loginAttempts map[string]*LoginAttempts
authPolicies map[string]*AuthPolicy
}
// AuthProvider interface for different authentication methods
type AuthProvider interface {
Authenticate(ctx context.Context, credentials *Credentials) (*AuthResult, error)
ValidateToken(ctx context.Context, token string) (*TokenClaims, error)
RefreshToken(ctx context.Context, refreshToken string) (*TokenPair, error)
Name() string
IsEnabled() bool
}
// Credentials represents authentication credentials
type Credentials struct {
Type CredentialType `json:"type"`
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
Token string `json:"token,omitempty"`
Certificate *x509.Certificate `json:"certificate,omitempty"`
Signature []byte `json:"signature,omitempty"`
Challenge string `json:"challenge,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
// CredentialType represents different types of credentials
type CredentialType string
const (
CredentialTypePassword CredentialType = "password"
CredentialTypeToken CredentialType = "token"
CredentialTypeCertificate CredentialType = "certificate"
CredentialTypeSignature CredentialType = "signature"
CredentialTypeMFA CredentialType = "mfa"
CredentialTypeAPIKey CredentialType = "api_key"
)
// AuthResult represents the result of authentication
type AuthResult struct {
Success bool `json:"success"`
UserID string `json:"user_id"`
Roles []string `json:"roles"`
Permissions []string `json:"permissions"`
TokenPair *TokenPair `json:"token_pair"`
SessionID string `json:"session_id"`
ExpiresAt time.Time `json:"expires_at"`
Metadata map[string]interface{} `json:"metadata"`
FailureReason string `json:"failure_reason,omitempty"`
}
// TokenPair represents access and refresh tokens
type TokenPair struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
TokenType string `json:"token_type"`
ExpiresIn int64 `json:"expires_in"`
IssuedAt time.Time `json:"issued_at"`
}
// TokenClaims represents JWT token claims
type TokenClaims struct {
UserID string `json:"user_id"`
Roles []string `json:"roles"`
Permissions []string `json:"permissions"`
Issuer string `json:"issuer"`
Subject string `json:"subject"`
Audience []string `json:"audience"`
ExpiresAt time.Time `json:"expires_at"`
IssuedAt time.Time `json:"issued_at"`
NotBefore time.Time `json:"not_before"`
Claims map[string]interface{} `json:"claims"`
}
// AuthorizationManager handles authorization and access control
type AuthorizationManager struct {
mu sync.RWMutex
policyEngine PolicyEngine
rbacManager *RBACManager
aclManager *ACLManager
resourceManager *ResourceManager
permissionCache *PermissionCache
authzPolicies map[string]*AuthorizationPolicy
}
// PolicyEngine interface for policy evaluation
type PolicyEngine interface {
Evaluate(ctx context.Context, request *AuthorizationRequest) (*AuthorizationResult, error)
LoadPolicies(policies []*AuthorizationPolicy) error
ValidatePolicy(policy *AuthorizationPolicy) error
}
// AuthorizationRequest represents an authorization request
type AuthorizationRequest struct {
UserID string `json:"user_id"`
Roles []string `json:"roles"`
Resource string `json:"resource"`
Action string `json:"action"`
Context map[string]interface{} `json:"context"`
RequestTime time.Time `json:"request_time"`
}
// AuthorizationResult represents the result of authorization
type AuthorizationResult struct {
Decision AuthorizationDecision `json:"decision"`
Reason string `json:"reason"`
Policies []string `json:"applied_policies"`
Conditions []string `json:"conditions"`
TTL time.Duration `json:"ttl"`
Metadata map[string]interface{} `json:"metadata"`
EvaluationTime time.Duration `json:"evaluation_time"`
}
// AuthorizationDecision represents authorization decisions
type AuthorizationDecision string
const (
DecisionAllow AuthorizationDecision = "allow"
DecisionDeny AuthorizationDecision = "deny"
DecisionUnsure AuthorizationDecision = "unsure"
)
// SecurityAuditLogger handles security event logging
type SecurityAuditLogger struct {
mu sync.RWMutex
loggers []SecurityLogger
eventBuffer []*SecurityEvent
alertManager *SecurityAlertManager
compliance *ComplianceManager
retention *AuditRetentionPolicy
enabled bool
}
// SecurityLogger interface for security event logging
type SecurityLogger interface {
Log(ctx context.Context, event *SecurityEvent) error
Query(ctx context.Context, criteria *SecurityEventCriteria) ([]*SecurityEvent, error)
Name() string
}
// SecurityEvent represents a security event
type SecurityEvent struct {
EventID string `json:"event_id"`
EventType SecurityEventType `json:"event_type"`
Severity SecuritySeverity `json:"severity"`
Timestamp time.Time `json:"timestamp"`
UserID string `json:"user_id,omitempty"`
NodeID string `json:"node_id,omitempty"`
Resource string `json:"resource,omitempty"`
Action string `json:"action,omitempty"`
Result string `json:"result"`
Message string `json:"message"`
Details map[string]interface{} `json:"details"`
IPAddress string `json:"ip_address,omitempty"`
UserAgent string `json:"user_agent,omitempty"`
SessionID string `json:"session_id,omitempty"`
RequestID string `json:"request_id,omitempty"`
Fingerprint string `json:"fingerprint"`
}
// SecurityEventType represents different types of security events
type SecurityEventType string
const (
EventTypeAuthentication SecurityEventType = "authentication"
EventTypeAuthorization SecurityEventType = "authorization"
EventTypeDataAccess SecurityEventType = "data_access"
EventTypeSystemAccess SecurityEventType = "system_access"
EventTypeSecurityViolation SecurityEventType = "security_violation"
EventTypeThreats SecurityEventType = "threats"
EventTypeCompliance SecurityEventType = "compliance"
EventTypeConfiguration SecurityEventType = "configuration"
)
// SecuritySeverity represents security event severity levels
type SecuritySeverity string
const (
SeverityDebug SecuritySeverity = "debug"
SeverityInfo SecuritySeverity = "info"
SeverityWarning SecuritySeverity = "warning"
SeverityError SecuritySeverity = "error"
SeverityCritical SecuritySeverity = "critical"
SeverityAlert SecuritySeverity = "alert"
)
// NodeAuthentication handles node-to-node authentication
type NodeAuthentication struct {
mu sync.RWMutex
certificateAuth *CertificateAuth
keyExchange *KeyExchange
trustStore *TrustStore
nodeRegistry *NodeRegistry
challengeManager *ChallengeManager
}
// TrustedNode represents a trusted node in the network
type TrustedNode struct {
NodeID string `json:"node_id"`
PublicKey []byte `json:"public_key"`
Certificate *x509.Certificate `json:"certificate"`
Roles []string `json:"roles"`
Capabilities []string `json:"capabilities"`
TrustLevel TrustLevel `json:"trust_level"`
LastSeen time.Time `json:"last_seen"`
VerifiedAt time.Time `json:"verified_at"`
Metadata map[string]interface{} `json:"metadata"`
Status NodeStatus `json:"status"`
}
// TrustLevel represents the trust level of a node
type TrustLevel string
const (
TrustLevelNone TrustLevel = "none"
TrustLevelLow TrustLevel = "low"
TrustLevelMedium TrustLevel = "medium"
TrustLevelHigh TrustLevel = "high"
TrustLevelCritical TrustLevel = "critical"
)
// SecuritySession represents an active security session
type SecuritySession struct {
SessionID string `json:"session_id"`
UserID string `json:"user_id"`
NodeID string `json:"node_id"`
Roles []string `json:"roles"`
Permissions []string `json:"permissions"`
CreatedAt time.Time `json:"created_at"`
ExpiresAt time.Time `json:"expires_at"`
LastActivity time.Time `json:"last_activity"`
IPAddress string `json:"ip_address"`
UserAgent string `json:"user_agent"`
Metadata map[string]interface{} `json:"metadata"`
Status SessionStatus `json:"status"`
}
// SessionStatus represents session status
type SessionStatus string
const (
SessionStatusActive SessionStatus = "active"
SessionStatusExpired SessionStatus = "expired"
SessionStatusRevoked SessionStatus = "revoked"
SessionStatusSuspended SessionStatus = "suspended"
)
// ThreatDetector detects security threats and anomalies
type ThreatDetector struct {
mu sync.RWMutex
detectionRules []*ThreatDetectionRule
behaviorAnalyzer *BehaviorAnalyzer
anomalyDetector *AnomalyDetector
threatIntelligence *ThreatIntelligence
activeThreats map[string]*ThreatEvent
mitigationStrategies map[ThreatType]*MitigationStrategy
}
// ThreatDetectionRule represents a threat detection rule
type ThreatDetectionRule struct {
RuleID string `json:"rule_id"`
Name string `json:"name"`
Description string `json:"description"`
ThreatType ThreatType `json:"threat_type"`
Severity SecuritySeverity `json:"severity"`
Conditions []*ThreatCondition `json:"conditions"`
Actions []*ThreatAction `json:"actions"`
Enabled bool `json:"enabled"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
Metadata map[string]interface{} `json:"metadata"`
}
// ThreatType represents different types of threats
type ThreatType string
const (
ThreatTypeBruteForce ThreatType = "brute_force"
ThreatTypeUnauthorized ThreatType = "unauthorized_access"
ThreatTypeDataExfiltration ThreatType = "data_exfiltration"
ThreatTypeDoS ThreatType = "denial_of_service"
ThreatTypePrivilegeEscalation ThreatType = "privilege_escalation"
ThreatTypeAnomalous ThreatType = "anomalous_behavior"
ThreatTypeMaliciousCode ThreatType = "malicious_code"
ThreatTypeInsiderThreat ThreatType = "insider_threat"
)
// CertificateAuthority manages certificate generation and validation
type CertificateAuthority struct {
mu sync.RWMutex
rootCA *x509.Certificate
rootKey interface{}
intermediateCA *x509.Certificate
intermediateKey interface{}
certStore *CertificateStore
crlManager *CRLManager
ocspResponder *OCSPResponder
}
// DistributionEncryption handles encryption for distributed communications
type DistributionEncryption struct {
mu sync.RWMutex
keyManager *DistributionKeyManager
encryptionSuite *EncryptionSuite
keyRotationPolicy *KeyRotationPolicy
encryptionMetrics *EncryptionMetrics
}
// NewSecurityManager creates a new security manager
func NewSecurityManager(config *config.Config) (*SecurityManager, error) {
if config == nil {
return nil, fmt.Errorf("config is required")
}
sm := &SecurityManager{
config: config,
trustedNodes: make(map[string]*TrustedNode),
activeSessions: make(map[string]*SecuritySession),
securityPolicies: make(map[string]*SecurityPolicy),
tlsEnabled: true,
mutualTLSEnabled: true,
auditingEnabled: true,
encryptionEnabled: true,
}
// Initialize components
if err := sm.initializeComponents(); err != nil {
return nil, fmt.Errorf("failed to initialize security components: %w", err)
}
return sm, nil
}
// initializeComponents initializes all security components
func (sm *SecurityManager) initializeComponents() error {
var err error
// Initialize TLS configuration
sm.tlsConfig, err = sm.createTLSConfig()
if err != nil {
return fmt.Errorf("failed to create TLS config: %w", err)
}
// Initialize Certificate Authority
sm.certificateAuth, err = NewCertificateAuthority(sm.config)
if err != nil {
return fmt.Errorf("failed to create certificate authority: %w", err)
}
// Initialize authentication manager
sm.authManager, err = NewAuthenticationManager(sm.config)
if err != nil {
return fmt.Errorf("failed to create authentication manager: %w", err)
}
// Initialize authorization manager
sm.authzManager, err = NewAuthorizationManager(sm.config)
if err != nil {
return fmt.Errorf("failed to create authorization manager: %w", err)
}
// Initialize audit logger
sm.auditLogger, err = NewSecurityAuditLogger(sm.config)
if err != nil {
return fmt.Errorf("failed to create audit logger: %w", err)
}
// Initialize node authentication
sm.nodeAuth, err = NewNodeAuthentication(sm.config, sm.certificateAuth)
if err != nil {
return fmt.Errorf("failed to create node authentication: %w", err)
}
// Initialize encryption
sm.encryption, err = NewDistributionEncryption(sm.config)
if err != nil {
return fmt.Errorf("failed to create distribution encryption: %w", err)
}
// Initialize threat detector
sm.threatDetector, err = NewThreatDetector(sm.config)
if err != nil {
return fmt.Errorf("failed to create threat detector: %w", err)
}
return nil
}
// createTLSConfig creates TLS configuration for secure communications
func (sm *SecurityManager) createTLSConfig() (*TLSConfig, error) {
config := &TLSConfig{
MinTLSVersion: tls.VersionTLS12,
CipherSuites: []uint16{
tls.TLS_AES_256_GCM_SHA384,
tls.TLS_AES_128_GCM_SHA256,
tls.TLS_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
},
CurvePreferences: []tls.CurveID{
tls.X25519,
tls.CurveP384,
tls.CurveP256,
},
ClientAuth: tls.RequireAndVerifyClientCert,
}
// Load certificates
cert, err := sm.loadOrGenerateCertificate()
if err != nil {
return nil, fmt.Errorf("failed to load certificate: %w", err)
}
// Configure server TLS
config.ServerConfig = &tls.Config{
Certificates: []tls.Certificate{*cert},
MinVersion: config.MinTLSVersion,
CipherSuites: config.CipherSuites,
CurvePreferences: config.CurvePreferences,
ClientAuth: config.ClientAuth,
ClientCAs: sm.createClientCAPool(),
VerifyConnection: sm.verifyTLSConnection,
}
// Configure client TLS
config.ClientConfig = &tls.Config{
Certificates: []tls.Certificate{*cert},
MinVersion: config.MinTLSVersion,
CipherSuites: config.CipherSuites,
CurvePreferences: config.CurvePreferences,
RootCAs: sm.createRootCAPool(),
VerifyConnection: sm.verifyTLSConnection,
}
return config, nil
}
// Authenticate authenticates a request
func (sm *SecurityManager) Authenticate(ctx context.Context, credentials *Credentials) (*AuthResult, error) {
// Log authentication attempt
sm.logSecurityEvent(ctx, &SecurityEvent{
EventType: EventTypeAuthentication,
Severity: SeverityInfo,
Action: "authenticate",
Message: "Authentication attempt",
Details: map[string]interface{}{
"credential_type": credentials.Type,
"username": credentials.Username,
},
})
return sm.authManager.Authenticate(ctx, credentials)
}
// Authorize authorizes a request
func (sm *SecurityManager) Authorize(ctx context.Context, request *AuthorizationRequest) (*AuthorizationResult, error) {
// Log authorization attempt
sm.logSecurityEvent(ctx, &SecurityEvent{
EventType: EventTypeAuthorization,
Severity: SeverityInfo,
UserID: request.UserID,
Resource: request.Resource,
Action: request.Action,
Message: "Authorization attempt",
})
return sm.authzManager.Authorize(ctx, request)
}
// ValidateNodeIdentity validates a node's identity
func (sm *SecurityManager) ValidateNodeIdentity(ctx context.Context, nodeID string, certificate *x509.Certificate) error {
// Check if node is trusted
sm.mu.RLock()
trustedNode, exists := sm.trustedNodes[nodeID]
sm.mu.RUnlock()
if !exists {
return fmt.Errorf("node %s is not trusted", nodeID)
}
// Validate certificate
if err := sm.validateCertificate(certificate, trustedNode); err != nil {
return fmt.Errorf("certificate validation failed: %w", err)
}
// Log successful validation
sm.logSecurityEvent(ctx, &SecurityEvent{
EventType: EventTypeAuthentication,
Severity: SeverityInfo,
NodeID: nodeID,
Action: "validate_node_identity",
Result: "success",
Message: "Node identity validated successfully",
})
return nil
}
// EncryptForDistribution encrypts data for distribution
func (sm *SecurityManager) EncryptForDistribution(ctx context.Context, data []byte, recipients []string) ([]byte, error) {
if !sm.encryptionEnabled {
return data, nil
}
return sm.encryption.Encrypt(ctx, data, recipients)
}
// DecryptFromDistribution decrypts data from distribution
func (sm *SecurityManager) DecryptFromDistribution(ctx context.Context, encryptedData []byte, nodeID string) ([]byte, error) {
if !sm.encryptionEnabled {
return encryptedData, nil
}
return sm.encryption.Decrypt(ctx, encryptedData, nodeID)
}
// GetTLSConfig returns TLS configuration for secure connections
func (sm *SecurityManager) GetTLSConfig(isServer bool) *tls.Config {
if !sm.tlsEnabled {
return nil
}
if isServer {
return sm.tlsConfig.ServerConfig
}
return sm.tlsConfig.ClientConfig
}
// AddTrustedNode adds a node to the trusted nodes list
func (sm *SecurityManager) AddTrustedNode(ctx context.Context, node *TrustedNode) error {
sm.mu.Lock()
defer sm.mu.Unlock()
// Validate node information
if err := sm.validateTrustedNode(node); err != nil {
return fmt.Errorf("node validation failed: %w", err)
}
sm.trustedNodes[node.NodeID] = node
// Log node addition
sm.logSecurityEvent(ctx, &SecurityEvent{
EventType: EventTypeConfiguration,
Severity: SeverityInfo,
NodeID: node.NodeID,
Action: "add_trusted_node",
Result: "success",
Message: "Trusted node added",
Details: map[string]interface{}{
"trust_level": node.TrustLevel,
"roles": node.Roles,
},
})
return nil
}
// DetectThreats analyzes events for potential security threats
func (sm *SecurityManager) DetectThreats(ctx context.Context, events []*SecurityEvent) ([]*ThreatEvent, error) {
return sm.threatDetector.DetectThreats(ctx, events)
}
// Helper methods (placeholder implementations)
func (sm *SecurityManager) loadOrGenerateCertificate() (*tls.Certificate, error) {
// Placeholder implementation
// In production, this would load existing certificates or generate new ones
cert, key, err := sm.generateSelfSignedCertificate()
if err != nil {
return nil, err
}
tlsCert, err := tls.X509KeyPair(cert, key)
if err != nil {
return nil, err
}
return &tlsCert, nil
}
func (sm *SecurityManager) generateSelfSignedCertificate() ([]byte, []byte, error) {
// Generate a self-signed certificate for development/testing
// In production, use proper CA-signed certificates
template := x509.Certificate{
SerialNumber: big.NewInt(1),
Subject: pkix.Name{
Organization: []string{"BZZZ SLURP"},
Country: []string{"US"},
Province: []string{""},
Locality: []string{"San Francisco"},
StreetAddress: []string{""},
PostalCode: []string{""},
},
NotBefore: time.Now(),
NotAfter: time.Now().Add(365 * 24 * time.Hour),
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
IPAddresses: []net.IP{net.IPv4(127, 0, 0, 1), net.IPv6loopback},
}
// This is a simplified implementation
// In production, use proper key generation and certificate management
return nil, nil, fmt.Errorf("certificate generation not implemented")
}
func (sm *SecurityManager) createClientCAPool() *x509.CertPool {
// Create CA pool for client certificate validation
return x509.NewCertPool()
}
func (sm *SecurityManager) createRootCAPool() *x509.CertPool {
// Create root CA pool for server certificate validation
return x509.NewCertPool()
}
func (sm *SecurityManager) verifyTLSConnection(cs tls.ConnectionState) error {
// Custom TLS connection verification logic
return nil
}
func (sm *SecurityManager) validateCertificate(cert *x509.Certificate, node *TrustedNode) error {
// Validate certificate against trusted node information
return nil
}
func (sm *SecurityManager) validateTrustedNode(node *TrustedNode) error {
// Validate trusted node information
if node.NodeID == "" {
return fmt.Errorf("node ID is required")
}
if len(node.PublicKey) == 0 {
return fmt.Errorf("public key is required")
}
return nil
}
func (sm *SecurityManager) logSecurityEvent(ctx context.Context, event *SecurityEvent) {
if !sm.auditingEnabled || sm.auditLogger == nil {
return
}
event.EventID = sm.generateEventID()
event.Timestamp = time.Now()
event.Fingerprint = sm.generateEventFingerprint(event)
go func() {
if err := sm.auditLogger.LogSecurityEvent(ctx, event); err != nil {
// Log error but don't fail the operation
}
}()
}
func (sm *SecurityManager) generateEventID() string {
return fmt.Sprintf("sec_%d", time.Now().UnixNano())
}
func (sm *SecurityManager) generateEventFingerprint(event *SecurityEvent) string {
// Generate a fingerprint for event deduplication
return fmt.Sprintf("%s_%s_%s", event.EventType, event.Action, event.UserID)
}
// Component constructor placeholders
func NewCertificateAuthority(config *config.Config) (*CertificateAuthority, error) {
return &CertificateAuthority{}, nil
}
func NewAuthenticationManager(config *config.Config) (*AuthenticationManager, error) {
return &AuthenticationManager{
providers: make(map[string]AuthProvider),
loginAttempts: make(map[string]*LoginAttempts),
authPolicies: make(map[string]*AuthPolicy),
}, nil
}
func NewAuthorizationManager(config *config.Config) (*AuthorizationManager, error) {
return &AuthorizationManager{
authzPolicies: make(map[string]*AuthorizationPolicy),
}, nil
}
func NewSecurityAuditLogger(config *config.Config) (*SecurityAuditLogger, error) {
return &SecurityAuditLogger{
loggers: []SecurityLogger{},
eventBuffer: []*SecurityEvent{},
enabled: true,
}, nil
}
func NewNodeAuthentication(config *config.Config, ca *CertificateAuthority) (*NodeAuthentication, error) {
return &NodeAuthentication{}, nil
}
func NewDistributionEncryption(config *config.Config) (*DistributionEncryption, error) {
return &DistributionEncryption{}, nil
}
func NewThreatDetector(config *config.Config) (*ThreatDetector, error) {
return &ThreatDetector{
detectionRules: []*ThreatDetectionRule{},
activeThreats: make(map[string]*ThreatEvent),
mitigationStrategies: make(map[ThreatType]*MitigationStrategy),
}, nil
}
// Method implementations for components (placeholders)
func (am *AuthenticationManager) Authenticate(ctx context.Context, credentials *Credentials) (*AuthResult, error) {
return &AuthResult{Success: true}, nil
}
func (azm *AuthorizationManager) Authorize(ctx context.Context, request *AuthorizationRequest) (*AuthorizationResult, error) {
return &AuthorizationResult{Decision: DecisionAllow}, nil
}
func (sal *SecurityAuditLogger) LogSecurityEvent(ctx context.Context, event *SecurityEvent) error {
return nil
}
func (de *DistributionEncryption) Encrypt(ctx context.Context, data []byte, recipients []string) ([]byte, error) {
return data, nil
}
func (de *DistributionEncryption) Decrypt(ctx context.Context, encryptedData []byte, nodeID string) ([]byte, error) {
return encryptedData, nil
}
func (td *ThreatDetector) DetectThreats(ctx context.Context, events []*SecurityEvent) ([]*ThreatEvent, error) {
return []*ThreatEvent{}, nil
}
// Supporting types (placeholders)
type TokenValidator interface{}
type SessionManager struct{}
type MultiFactorAuth struct{}
type CredentialStore struct{}
type LoginAttempts struct{}
type AuthPolicy struct{}
type RBACManager struct{}
type ACLManager struct{}
type ResourceManager struct{}
type PermissionCache struct{}
type AuthorizationPolicy struct{}
type SecurityPolicy struct{}
type SecurityAlertManager struct{}
type ComplianceManager struct{}
type AuditRetentionPolicy struct{}
type SecurityEventCriteria struct{}
type CertificateAuth struct{}
type KeyExchange struct{}
type TrustStore struct{}
type NodeRegistry struct{}
type ChallengeManager struct{}
type BehaviorAnalyzer struct{}
type AnomalyDetector struct{}
type ThreatIntelligence struct{}
type ThreatEvent struct{}
type MitigationStrategy struct{}
type ThreatCondition struct{}
type ThreatAction struct{}
type CertificateStore struct{}
type CRLManager struct{}
type OCSPResponder struct{}
type DistributionKeyManager struct{}
type EncryptionSuite struct{}
type KeyRotationPolicy struct{}
type EncryptionMetrics struct{}

368
pkg/slurp/distribution/types.go Normal file
View File

@@ -0,0 +1,368 @@
package distribution
import (
"time"
)
// DistributionStatistics represents distribution performance statistics
type DistributionStatistics struct {
// Operations
TotalDistributions int64 `json:"total_distributions"` // Total distributions performed
SuccessfulDistributions int64 `json:"successful_distributions"` // Successful distributions
FailedDistributions int64 `json:"failed_distributions"` // Failed distributions
TotalRetrievals int64 `json:"total_retrievals"` // Total retrievals performed
SuccessfulRetrievals int64 `json:"successful_retrievals"` // Successful retrievals
FailedRetrievals int64 `json:"failed_retrievals"` // Failed retrievals
// Performance
AverageDistributionTime time.Duration `json:"average_distribution_time"` // Average distribution time
AverageRetrievalTime time.Duration `json:"average_retrieval_time"` // Average retrieval time
AverageReplicationTime time.Duration `json:"average_replication_time"` // Average replication time
// Storage
TotalContextsStored int64 `json:"total_contexts_stored"` // Total contexts in DHT
TotalStorageSize int64 `json:"total_storage_size"` // Total storage size
AverageReplicationFactor float64 `json:"average_replication_factor"` // Average replication factor
// Health
HealthyNodes int `json:"healthy_nodes"` // Number of healthy nodes
UnhealthyNodes int `json:"unhealthy_nodes"` // Number of unhealthy nodes
AverageNodeLatency time.Duration `json:"average_node_latency"` // Average node latency
// Conflicts
TotalConflicts int64 `json:"total_conflicts"` // Total conflicts encountered
ResolvedConflicts int64 `json:"resolved_conflicts"` // Successfully resolved conflicts
PendingConflicts int64 `json:"pending_conflicts"` // Conflicts pending resolution
// Synchronization
LastSyncTime time.Time `json:"last_sync_time"` // Last synchronization time
SyncErrors int64 `json:"sync_errors"` // Synchronization errors
// Network
NetworkPartitions int `json:"network_partitions"` // Current network partitions
DataTransferred int64 `json:"data_transferred"` // Total data transferred
// Timestamps
LastResetTime time.Time `json:"last_reset_time"` // When stats were last reset
CollectedAt time.Time `json:"collected_at"` // When stats were collected
}
// DHTStatistics represents DHT operation statistics
type DHTStatistics struct {
// Basic operations
PutOperations int64 `json:"put_operations"` // Total put operations
GetOperations int64 `json:"get_operations"` // Total get operations
DeleteOperations int64 `json:"delete_operations"` // Total delete operations
ExistsOperations int64 `json:"exists_operations"` // Total exists operations
// Performance
AveragePutTime time.Duration `json:"average_put_time"` // Average put operation time
AverageGetTime time.Duration `json:"average_get_time"` // Average get operation time
AverageDeleteTime time.Duration `json:"average_delete_time"` // Average delete operation time
// Success rates
PutSuccessRate float64 `json:"put_success_rate"` // Put operation success rate
GetSuccessRate float64 `json:"get_success_rate"` // Get operation success rate
DeleteSuccessRate float64 `json:"delete_success_rate"` // Delete operation success rate
// Storage
TotalKeys int64 `json:"total_keys"` // Total keys stored
TotalDataSize int64 `json:"total_data_size"` // Total data size
AverageKeySize int64 `json:"average_key_size"` // Average key size
AverageValueSize int64 `json:"average_value_size"` // Average value size
// Network
ConnectedPeers int `json:"connected_peers"` // Number of connected peers
NetworkLatency time.Duration `json:"network_latency"` // Average network latency
BandwidthUsage int64 `json:"bandwidth_usage"` // Bandwidth usage in bytes/sec
// Health
HealthyPeers int `json:"healthy_peers"` // Number of healthy peers
UnresponsivePeers int `json:"unresponsive_peers"` // Number of unresponsive peers
// Errors
ErrorRate float64 `json:"error_rate"` // Overall error rate
TimeoutErrors int64 `json:"timeout_errors"` // Number of timeout errors
NetworkErrors int64 `json:"network_errors"` // Number of network errors
// Timestamps
LastUpdated time.Time `json:"last_updated"` // When stats were last updated
}
// ReplicationStatistics represents replication performance statistics
type ReplicationStatistics struct {
// Replication operations
ReplicationRequests int64 `json:"replication_requests"` // Total replication requests
SuccessfulReplications int64 `json:"successful_replications"` // Successful replications
FailedReplications int64 `json:"failed_replications"` // Failed replications
// Repair operations
RepairRequests int64 `json:"repair_requests"` // Total repair requests
SuccessfulRepairs int64 `json:"successful_repairs"` // Successful repairs
FailedRepairs int64 `json:"failed_repairs"` // Failed repairs
// Performance
AverageReplicationTime time.Duration `json:"average_replication_time"` // Average replication time
AverageRepairTime time.Duration `json:"average_repair_time"` // Average repair time
// Health
UnderReplicatedData int64 `json:"under_replicated_data"` // Amount of under-replicated data
OverReplicatedData int64 `json:"over_replicated_data"` // Amount of over-replicated data
CorruptedReplicas int64 `json:"corrupted_replicas"` // Number of corrupted replicas
// Rebalancing
RebalanceOperations int64 `json:"rebalance_operations"` // Total rebalance operations
LastRebalanceTime time.Time `json:"last_rebalance_time"` // Last rebalance time
// Statistics
AverageReplicationFactor float64 `json:"average_replication_factor"` // Average replication factor
ReplicationEfficiency float64 `json:"replication_efficiency"` // Replication efficiency
// Timestamps
LastUpdated time.Time `json:"last_updated"` // When stats were last updated
}
// GossipStatistics represents gossip protocol statistics
type GossipStatistics struct {
// Messages
MessagesSent int64 `json:"messages_sent"` // Total messages sent
MessagesReceived int64 `json:"messages_received"` // Total messages received
MessagesDropped int64 `json:"messages_dropped"` // Messages dropped
// Rounds
GossipRounds int64 `json:"gossip_rounds"` // Total gossip rounds
AverageRoundTime time.Duration `json:"average_round_time"` // Average round time
// Peers
ActivePeers int `json:"active_peers"` // Number of active peers
ReachablePeers int `json:"reachable_peers"` // Number of reachable peers
UnreachablePeers int `json:"unreachable_peers"` // Number of unreachable peers
// Convergence
ConvergenceTime time.Duration `json:"convergence_time"` // Average convergence time
PartialConvergence int64 `json:"partial_convergence"` // Partial convergence events
FullConvergence int64 `json:"full_convergence"` // Full convergence events
// Bandwidth
BandwidthUsage int64 `json:"bandwidth_usage"` // Bandwidth usage
CompressionRatio float64 `json:"compression_ratio"` // Message compression ratio
// Errors
NetworkErrors int64 `json:"network_errors"` // Network errors
ProtocolErrors int64 `json:"protocol_errors"` // Protocol errors
// Timestamps
LastGossipTime time.Time `json:"last_gossip_time"` // Last gossip time
LastUpdated time.Time `json:"last_updated"` // When stats were last updated
}
// NetworkStatistics represents network performance statistics
type NetworkStatistics struct {
// Connectivity
TotalNodes int `json:"total_nodes"` // Total nodes in network
ConnectedNodes int `json:"connected_nodes"` // Connected nodes
DisconnectedNodes int `json:"disconnected_nodes"` // Disconnected nodes
// Performance
AverageLatency time.Duration `json:"average_latency"` // Average network latency
MaxLatency time.Duration `json:"max_latency"` // Maximum latency
MinLatency time.Duration `json:"min_latency"` // Minimum latency
// Bandwidth
TotalBandwidth int64 `json:"total_bandwidth"` // Total bandwidth usage
IncomingBandwidth int64 `json:"incoming_bandwidth"` // Incoming bandwidth
OutgoingBandwidth int64 `json:"outgoing_bandwidth"` // Outgoing bandwidth
// Partitions
NetworkPartitions int `json:"network_partitions"` // Current partitions
PartitionHistory int64 `json:"partition_history"` // Historical partition count
AveragePartitionDuration time.Duration `json:"average_partition_duration"` // Average partition duration
// Failures
NodeFailures int64 `json:"node_failures"` // Node failures
ConnectionFailures int64 `json:"connection_failures"` // Connection failures
TimeoutFailures int64 `json:"timeout_failures"` // Timeout failures
// Recovery
RecoveryOperations int64 `json:"recovery_operations"` // Recovery operations
AverageRecoveryTime time.Duration `json:"average_recovery_time"` // Average recovery time
// Health
OverallHealth float64 `json:"overall_health"` // Overall network health (0-1)
ConnectivityIndex float64 `json:"connectivity_index"` // Connectivity index (0-1)
// Timestamps
LastHealthCheck time.Time `json:"last_health_check"` // Last health check
LastUpdated time.Time `json:"last_updated"` // When stats were last updated
}
// GossipState represents current gossip protocol state
type GossipState struct {
Running bool `json:"running"` // Whether gossip is running
CurrentRound int64 `json:"current_round"` // Current gossip round
RoundStartTime time.Time `json:"round_start_time"` // When current round started
RoundDuration time.Duration `json:"round_duration"` // Current round duration
ActiveConnections int `json:"active_connections"` // Active peer connections
PendingMessages int `json:"pending_messages"` // Pending messages
NextRoundTime time.Time `json:"next_round_time"` // Next scheduled round
ProtocolVersion string `json:"protocol_version"` // Gossip protocol version
State string `json:"state"` // Current state
}
// PartitionInfo represents network partition information
type PartitionInfo struct {
PartitionDetected bool `json:"partition_detected"` // Whether partition detected
PartitionCount int `json:"partition_count"` // Number of partitions
LargestPartitionSize int `json:"largest_partition_size"` // Size of largest partition
CurrentPartitionSize int `json:"current_partition_size"` // Size of current partition
IsolatedNodes []string `json:"isolated_nodes"` // List of isolated nodes
ConnectivityMatrix map[string]map[string]bool `json:"connectivity_matrix"` // Node connectivity matrix
DetectedAt time.Time `json:"detected_at"` // When partition was detected
Duration time.Duration `json:"duration"` // Partition duration
EstimatedRecoveryTime time.Duration `json:"estimated_recovery_time"` // Estimated recovery time
}
// NetworkTopology represents current network topology
type NetworkTopology struct {
TotalNodes int `json:"total_nodes"` // Total nodes
Connections map[string][]string `json:"connections"` // Node connections
ClusterDiameter int `json:"cluster_diameter"` // Network diameter
ClusteringCoefficient float64 `json:"clustering_coefficient"` // Clustering coefficient
CentralNodes []string `json:"central_nodes"` // Most central nodes
BridgeNodes []string `json:"bridge_nodes"` // Bridge nodes
Regions map[string][]string `json:"regions"` // Geographic regions
AvailabilityZones map[string][]string `json:"availability_zones"` // Availability zones
UpdatedAt time.Time `json:"updated_at"` // When topology was updated
}
// PeerInfo represents information about peer nodes
type PeerInfo struct {
NodeID string `json:"node_id"` // Node identifier
Address string `json:"address"` // Network address
Status string `json:"status"` // Node status
Version string `json:"version"` // Software version
Region string `json:"region"` // Geographic region
AvailabilityZone string `json:"availability_zone"` // Availability zone
Capacity int64 `json:"capacity"` // Storage capacity
UsedCapacity int64 `json:"used_capacity"` // Used storage
CPU float64 `json:"cpu"` // CPU usage
Memory float64 `json:"memory"` // Memory usage
Latency time.Duration `json:"latency"` // Network latency
LastSeen time.Time `json:"last_seen"` // When last seen
Capabilities []string `json:"capabilities"` // Node capabilities
}
// ConnectivityReport represents connectivity test results
type ConnectivityReport struct {
TotalPeers int `json:"total_peers"` // Total peers tested
ReachablePeers int `json:"reachable_peers"` // Reachable peers
UnreachablePeers int `json:"unreachable_peers"` // Unreachable peers
PeerResults map[string]*ConnectivityResult `json:"peer_results"` // Individual results
AverageLatency time.Duration `json:"average_latency"` // Average latency
OverallHealth float64 `json:"overall_health"` // Overall health
TestedAt time.Time `json:"tested_at"` // When test was performed
TestDuration time.Duration `json:"test_duration"` // Test duration
}
// ConnectivityResult represents connectivity test result for a single peer
type ConnectivityResult struct {
PeerID string `json:"peer_id"` // Peer identifier
Reachable bool `json:"reachable"` // Whether reachable
Latency time.Duration `json:"latency"` // Network latency
PacketLoss float64 `json:"packet_loss"` // Packet loss percentage
Bandwidth int64 `json:"bandwidth"` // Available bandwidth
Error string `json:"error,omitempty"` // Error message if any
TestedAt time.Time `json:"tested_at"` // When tested
}
// RecoveryResult represents partition recovery results
type RecoveryResult struct {
RecoverySuccessful bool `json:"recovery_successful"` // Whether recovery succeeded
RecoveredNodes []string `json:"recovered_nodes"` // Nodes that recovered
StillIsolatedNodes []string `json:"still_isolated_nodes"` // Still isolated nodes
DataReconciled int64 `json:"data_reconciled"` // Amount of data reconciled
ConflictsResolved int `json:"conflicts_resolved"` // Conflicts resolved
RecoveryTime time.Duration `json:"recovery_time"` // Time taken for recovery
RecoveredAt time.Time `json:"recovered_at"` // When recovery completed
NextRetryTime *time.Time `json:"next_retry_time,omitempty"` // Next retry time if failed
}
// RepairResult represents replica repair results
type RepairResult struct {
Address string `json:"address"` // Context address
RepairedReplicas int `json:"repaired_replicas"` // Number of repaired replicas
CreatedReplicas int `json:"created_replicas"` // Number of created replicas
RemovedReplicas int `json:"removed_replicas"` // Number of removed replicas
RepairTime time.Duration `json:"repair_time"` // Time taken for repair
RepairSuccessful bool `json:"repair_successful"` // Whether repair succeeded
Errors []string `json:"errors,omitempty"` // Repair errors
RepairedAt time.Time `json:"repaired_at"` // When repair completed
}
// RebalanceResult represents rebalancing operation results
type RebalanceResult struct {
MovedReplicas int `json:"moved_replicas"` // Number of moved replicas
CreatedReplicas int `json:"created_replicas"` // Number of created replicas
RemovedReplicas int `json:"removed_replicas"` // Number of removed replicas
DataMoved int64 `json:"data_moved"` // Amount of data moved
RebalanceTime time.Duration `json:"rebalance_time"` // Time taken for rebalance
RebalanceSuccessful bool `json:"rebalance_successful"` // Whether rebalance succeeded
LoadBalanceImprovement float64 `json:"load_balance_improvement"` // Load balance improvement
Errors []string `json:"errors,omitempty"` // Rebalance errors
RebalancedAt time.Time `json:"rebalanced_at"` // When rebalance completed
}
// ReplicationStatus represents current replication status
type ReplicationStatus struct {
Address string `json:"address"` // Context address
DesiredReplicas int `json:"desired_replicas"` // Desired replica count
CurrentReplicas int `json:"current_replicas"` // Current replica count
HealthyReplicas int `json:"healthy_replicas"` // Healthy replica count
ReplicationHealth float64 `json:"replication_health"` // Replication health (0-1)
ReplicaDistribution map[string]int `json:"replica_distribution"` // Replicas per zone
LastReplication time.Time `json:"last_replication"` // Last replication time
ReplicationErrors []string `json:"replication_errors"` // Recent replication errors
Status string `json:"status"` // Overall status
}
// Additional utility types
// KeyGenerator generates consistent keys for DHT storage
type KeyGenerator interface {
GenerateContextKey(address string, role string) string
GenerateMetadataKey(address string) string
GenerateReplicationKey(address string) string
}
// ConsistentHashing provides consistent hashing for node selection
type ConsistentHashing interface {
GetNode(key string) (string, error)
GetNodes(key string, count int) ([]string, error)
AddNode(nodeID string) error
RemoveNode(nodeID string) error
GetAllNodes() []string
}
// VectorClock represents vector clock for conflict resolution
type VectorClock struct {
Clock map[string]int64 `json:"clock"` // Vector clock entries
UpdatedAt time.Time `json:"updated_at"` // When last updated
}
// VectorClockManager manages vector clocks for conflict resolution
type VectorClockManager interface {
GetClock(nodeID string) (*VectorClock, error)
UpdateClock(nodeID string, clock *VectorClock) error
CompareClock(clock1, clock2 *VectorClock) ClockRelation
MergeClock(clocks []*VectorClock) *VectorClock
}
// ClockRelation represents relationship between vector clocks
type ClockRelation string
const (
ClockBefore ClockRelation = "before" // clock1 happened before clock2
ClockAfter ClockRelation = "after" // clock1 happened after clock2
ClockConcurrent ClockRelation = "concurrent" // clocks are concurrent
ClockEqual ClockRelation = "equal" // clocks are equal
)