Merge "Simplify code to avoid interpreting "$" characters in string replacement"

[mediawiki.git] / includes / libs / rdbms / loadbalancer / ILoadBalancer.php

<?php
/**
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 */
namespace Wikimedia\Rdbms;

/**
 * This class is a delegate to ILBFactory for a given database cluster
 *
 * ILoadBalancer tracks the database connections and transactions for a given database cluster.
 * A "cluster" is considered to be the set of database servers that manage a given dataset.
 * Within a given cluster, each database server can have one of the following roles:
 *  - sole-primary: the server used by this datacenter for writes from the application
 *  - co-primary: one of several servers used by this datacenter for writes from the application,
 *     relying on asynchronous replication to synchronize their copies of the dataset
 *  - replica: a server used only for reads from the application, relying on asynchronous
 *     replication to apply writes from the primary server or co-primary servers
 *  - static clone: a server that only accepts reads from the application, does not replicate,
 *     and has a copy of the final dataset, which must be static (all the servers reject writes)
 *
 * Single-datacenter database clusters consist of either:
 *   - A sole-primary server and zero or more replica servers
 *   - A set of static clone servers
 *
 * Multi-datacenter database clusters either consist of either:
 *   - A sole-primary server and zero or more replica servers in the "primary datacenter"
 *     (the one datacenter meant to handle requests/jobs that mutate the database), and zero or
 *     more replica servers in each "secondary datacenter" (all the other datacenters)
 *   - A co-primary server and zero or more replica servers within each datacenter
 *   - A set of static clone servers in each datacenter
 *
 * The term "primary" refers to the server used by this datacenter for handling writes,
 * whether it is a sole-primary or co-primary.
 *
 * The "servers" configuration array contains the list of database servers to use for operations
 * originating from the the local datacenter. The first entry must refer to the server to use for
 * write and read-for-write operations (e.g. the "writer server"):
 *   - If there is a primary server, then the first entry must refer to it, even if the primary
 *     server resides in a remote datacenter
 *   - If there are co-primary servers, then the first entry must refer to the one in the local
 *     datacenter
 *   - If the servers are static clones, then the first entry can refer to any of them, since the
 *     concept of a "writer server" is merely nominal
 *
 * On an infrastructure level, circular replication setups can have more than one database server
 * act as a replication "source" within the same datacenter, provided that no more than one of the
 * servers are writable at any time, namely the "writer server". The other source servers will be
 * treated as replicas by the load balancer, but can be quickly promoted to the "writer server" by
 * the site admin as needed.
 *
 * Likewise, Galera Cluster setups still require the choice of a single "writer server" for each
 * datacenter. Limiting the number of servers that initiate transactions helps reduce the rate of
 * aborted transactions due to wsrep conflicts.
 *
 * By default, each DB server uses DBO_DEFAULT for its 'flags' setting, unless explicitly set
 * otherwise in configuration. DBO_DEFAULT behavior depends on whether 'cliMode' is set:
 *   - In CLI mode, the flag has no effect with regards to LoadBalancer.
 *   - In non-CLI mode, the flag causes implicit transactions to be used; the first query on
 *     a database starts a transaction on that database. The transactions are meant to remain
 *     pending until either commitPrimaryChanges() or rollbackPrimaryChanges() is called. The
 *     application must have some point where it calls commitPrimaryChanges() near the end of
 *     the PHP request.
 * Every iteration of beginPrimaryChanges()/commitPrimaryChanges() is called a "transaction round".
 * Rounds are useful on the primary DB connections because they make single-DB (and by and large
 * multi-DB) updates in web requests all-or-nothing. Also, transactions on replica DBs are useful
 * when REPEATABLE-READ or SERIALIZABLE isolation is used because all foreign keys and constraints
 * hold across separate queries in the DB transaction since the data appears within a consistent
 * point-in-time snapshot.
 *
 * The typical caller will use LoadBalancer::getConnection( DB_* ) to yield a database
 * connection handle. The choice of which DB server to use is based on pre-defined loads for
 * weighted random selection, adjustments thereof by LoadMonitor, and the amount of replication
 * lag on each DB server. Lag checks might cause problems in certain setups, so they should be
 * tuned in the server configuration maps as follows:
 *   - Sole-primary + N Replica(s): set 'max lag' to an appropriate threshold for avoiding any
 *      replica database lagged by this much or more. If all replicas are this lagged, then the
 *      load balancer considers the cluster to be read-only.
 *   - Per-datacenter co-primary + N Replica(s): set 'max lag' to an appropriate threshold for
 *      avoiding any replica database lagged by this much or more. If all replicas are this
 *      lagged, then the load balancer considers the cluster to be read-only.
 *   - Read-only archive clones: set 'is static' in the server configuration maps. This will
 *      treat all such DBs as having 0 lag.
 *   - Externally updated dataset clones: set 'is static' in the server configuration maps.
 *      This will treat all such DBs as having 0 lag.
 *   - SQL load balancing proxy: any proxy should handle lag checks on its own, so the 'max lag'
 *      parameter should probably be set to INF in the server configuration maps. This will make
 *      the load balancer ignore whatever it detects as the lag of the logical replica is (which
 *      would probably just randomly bounce around).
 *
 * If using a SQL proxy service, it would probably be best to have two proxy hosts for the load
 * balancer to talk to. One would be the 'host' of the "writer server" entry and another for the
 * (logical) replica server entry. The proxy could map the load balancer's "replica" DB to any
 * number of physical replica DBs.
 *
 * @since 1.28
 * @ingroup Database
 */
interface ILoadBalancer {
        /**
         * Request a replica DB connection. Can't be used as a binary flag with bitwise operators!
         */
        public const DB_REPLICA = -1;
        /**
         * Request a primary, write-enabled DB connection. Can't be used as a binary flag with bitwise
         * operators!
         * @since 1.36
         */
        public const DB_PRIMARY = -2;

        /** Domain specifier when no specific database needs to be selected */
        public const DOMAIN_ANY = '';
        /** The generic query group */
        public const GROUP_GENERIC = '';

        /** Yield a tracked autocommit-mode handle (reuse existing ones) */
        public const CONN_TRX_AUTOCOMMIT = 1;
        /**
         * Yield an untracked, low-timeout, autocommit-mode handle (to gauge server health)
         * @internal
         */
        public const CONN_UNTRACKED_GAUGE = 2;
        /**
         * Yield null on connection failure instead of throwing an exception
         * @internal
         */
        public const CONN_SILENCE_ERRORS = 4;

        /**
         * Get the name of the overall cluster of database servers managing the dataset
         *
         * Note that the cluster might contain servers in multiple datacenters.
         * The load balancer instance only needs to be aware of the local replica servers,
         * along with either the sole-primary server or the local co-primary server.
         *
         * This is useful for identifying a cluster or replicated dataset, even when:
         *  - The primary server is sometimes swapped with another one
         *  - The cluster/dataset is replicated among multiple datacenters, with one "primary"
         *    datacenter having the writable primary server and the other datacenters having a
         *    read-only replica in the "primary" server slot
         *  - The dataset is replicated among multiple datacenters, via circular replication,
         *    with each datacenter having its own "co-primary" server
         *
         * @return string
         * @since 1.36
         */
        public function getClusterName(): string;

        /**
         * Get the local (and default) database domain ID of connection handles
         *
         * @see DatabaseDomain
         * @return string Database domain ID; this specifies DB name, schema, and table prefix
         * @since 1.31
         */
        public function getLocalDomainID(): string;

        /**
         * @param DatabaseDomain|string|false $domain Database domain
         * @return string Value of $domain if it is foreign or the local domain otherwise
         * @since 1.32
         */
        public function resolveDomainID( $domain ): string;

        /**
         * Indicate whether the tables on this domain are only temporary tables for testing
         *
         * In "temporary tables mode", the CONN_TRX_AUTOCOMMIT flag is ignored
         *
         * @param bool $value
         * @param string $domain
         * @return bool Whether "temporary tables mode" was active
         * @since 1.34
         */
        public function setTempTablesOnlyMode( $value, $domain );

        /**
         * Get the specific server index of the reader connection for a given group
         *
         * This takes into account load ratios and lag times. It should return a consistent
         * index during the life time of the load balancer. This initially checks replica DBs
         * for connectivity to avoid returning an unusable server. This means that connections
         * might be attempted by calling this method (usually one at the most but possibly more).
         * Subsequent calls with the same $group will not need to make new connection attempts
         * since the acquired connection for each group is preserved.
         *
         * @param string|false $group Query group or false for the generic group
         * @return int|false Specific server index, or false if no DB handle can be obtained
         */
        public function getReaderIndex( $group = false );

        /**
         * Get a lazy-connecting database handle for a specific or virtual (DB_PRIMARY/DB_REPLICA) server index
         *
         * The server index, $i, can be one of the following:
         *   - DB_REPLICA: a server index will be selected by the load balancer based on read
         *      weight, connectivity, and replication lag. Note that the primary server might be
         *      configured with read weight. If $groups is empty then it means "the generic group",
         *      in which case all servers defined with read weight will be considered. Additional
         *      query groups can be configured, having their own list of server indexes and read
         *      weights. If a query group list is provided in $groups, then each recognized group
         *      will be tried, left-to-right, until server index selection succeeds or all groups
         *      have been tried, in which case the generic group will be tried.
         *   - DB_PRIMARY: the primary server index will be used; the same as ServerInfo::WRITER_INDEX.
         *      The value of $groups should be [] when using this server index.
         *   - Specific server index: a positive integer can be provided to use the server with
         *      that index. An error will be thrown in no such server index is recognized. This
         *      server selection method is usually only useful for internal load balancing logic.
         *      The value of $groups should be [] when using a specific server index.
         *
         * Handle sharing is very useful when callers get DB_PRIMARY handles that are transaction
         * round aware (the default). All such callers will operate within a single transaction as
         * a consequence. The same applies to DB_REPLICA that are samely query grouped (the default)
         * and  transaction round aware (the default).
         *
         * Use CONN_TRX_AUTOCOMMIT to use a separate pool of only autocommit handles. This flag is
         * ignored for databases with ATTR_DB_LEVEL_LOCKING (e.g. sqlite) in order to avoid deadlocks.
         * getServerAttributes() can be used to check this attribute beforehand. Avoid using begin()
         * and commit() on such handles. If handle methods like startAtomic() and endAtomic() must be
         * used on the handles, callers should at least make sure that the atomic sections are closed
         * on failure via try/catch and cancelAtomic().
         *
         * Use CONN_UNTRACKED_GAUGE to get a new, untracked, handle, that uses a low connection timeout, a low
         * read timeout, and autocommit mode. This flag is intended for use only be internal callers.
         *
         * CONN_UNTRACKED_GAUGE and CONN_TRX_AUTOCOMMIT are incompatible.
         *
         * @see ILoadBalancer::getServerAttributes()
         *
         * @param int $i Specific (overrides $groups) or virtual (DB_PRIMARY/DB_REPLICA) server index
         * @param string[]|string $groups Query group(s) in preference order; [] for the default group
         * @param string|false $domain DB domain ID or false for the local domain
         * @param int $flags Bitfield of CONN_* class constants
         * @return IDatabase|false This returns false on failure if CONN_SILENCE_ERRORS is set
         */
        public function getConnection( $i, $groups = [], $domain = false, $flags = 0 );

        /**
         * Get a DB handle for a specific server index
         *
         * This is an internal utility method for methods like LoadBalancer::getConnectionInternal()
         * and DBConnRef to create the underlying connection to a concrete server.
         *
         * The following is the responsibility of the caller:
         *
         * - translate any virtual server indexes (DB_PRIMARY/DB_REPLICA) to a real server index.
         * - enforce read-only mode on primary DB handle if there is high replication lag.
         *
         * @see ILoadBalancer::getConnection()
         *
         * @internal Only for use within ILoadBalancer/ILoadMonitor
         * @param int $i Specific server index
         * @param string $domain Resolved DB domain
         * @param int $flags Bitfield of class CONN_* constants
         * @return IDatabaseForOwner|false This returns false on failure if CONN_SILENCE_ERRORS is set
         * @throws DBError If no DB handle could be obtained and CONN_SILENCE_ERRORS is not set
         */
        public function getServerConnection( $i, $domain, $flags = 0 );

        /**
         * @deprecated since 1.39, use ILoadBalancer::getConnection() instead.
         * @param int $i Specific or virtual (DB_PRIMARY/DB_REPLICA) server index
         * @param string[]|string $groups Query group(s) in preference order; [] for the default group
         * @param string|false $domain DB domain ID or false for the local domain
         * @param int $flags Bitfield of CONN_* class constants (e.g. CONN_TRX_AUTOCOMMIT)
         * @return DBConnRef
         */
        public function getConnectionRef( $i, $groups = [], $domain = false, $flags = 0 ): DBConnRef;

        /**
         * @internal Only to be used by DBConnRef
         * @param int $i Specific (overrides $groups) or virtual (DB_PRIMARY/DB_REPLICA) server index
         * @param string[]|string $groups Query group(s) in preference order; [] for the default group
         * @param string|false $domain DB domain ID or false for the local domain
         * @param int $flags Bitfield of CONN_* class constants (e.g. CONN_TRX_AUTOCOMMIT)
         * @return IDatabase
         */
        public function getConnectionInternal( $i, $groups = [], $domain = false, $flags = 0 ): IDatabase;

        /**
         * Get a DB handle, suitable for migrations and schema changes, for a server index
         *
         * The DBConnRef methods simply proxy an underlying IDatabase object which
         * takes care of the actual connection and query logic.
         *
         * The CONN_TRX_AUTOCOMMIT flag is ignored for databases with ATTR_DB_LEVEL_LOCKING
         * (e.g. sqlite) in order to avoid deadlocks. getServerAttributes()
         * can be used to check such flags beforehand. Avoid the use of begin() or startAtomic()
         * on any CONN_TRX_AUTOCOMMIT connections.
         *
         * @see ILoadBalancer::getConnection() for parameter information
         * @param int $i Specific or virtual (DB_PRIMARY/DB_REPLICA) server index
         * @param string[]|string $groups Query group(s) in preference order; [] for the default group
         * @param string|false $domain DB domain ID or false for the local domain
         * @param int $flags Bitfield of CONN_* class constants (e.g. CONN_TRX_AUTOCOMMIT)
         * @return DBConnRef
         */
        public function getMaintenanceConnectionRef( $i, $groups = [], $domain = false, $flags = 0 ): DBConnRef;

        /**
         * Get the number of servers defined in configuration
         *
         * @return int
         */
        public function getServerCount();

        /**
         * Whether there are any replica servers configured
         *
         * This scans the list of servers defined in configuration, checking for:
         *  - Servers that are listed after the primary and not flagged with "is static";
         *    such servers are assumed to be typical streaming replicas
         *  - Servers that are listed after the primary and flagged with "is static";
         *    such servers are assumed to have a clone of the static dataset (matching the primary)
         *
         * @return bool
         * @since 1.34
         */
        public function hasReplicaServers();

        /**
         * Whether any replica servers use streaming replication from the primary server
         *
         * This scans the list of servers defined in configuration, checking for:
         *  - Servers that are listed after the primary and not flagged with "is static";
         *    such servers are assumed to be typical streaming replicas
         *
         * It is possible for some replicas to be configured with "is static" but not
         * others, though it generally should either be set for all or none of the replicas.
         *
         * If this returns false, this means that there is generally no reason to execute
         * replication wait logic for session consistency and lag reduction.
         *
         * @return bool
         * @since 1.34
         */
        public function hasStreamingReplicaServers();

        /**
         * Get the readable name of the server with the specified index
         *
         * @param int $i Specific server index
         * @return string Readable server name, falling back to the hostname or IP address
         */
        public function getServerName( $i ): string;

        /**
         * Return the server configuration map for the server with the specified index
         *
         * @param int $i Specific server index
         * @return array|false Server configuration map; false if the index is invalid
         * @since 1.31
         */
        public function getServerInfo( $i );

        /**
         * Get the RDBMS type of the server with the specified index (e.g. "mysql", "sqlite")
         *
         * @param int $i Specific server index
         * @return string One of (mysql,postgres,sqlite,...) or "unknown" for bad indexes
         * @since 1.30
         */
        public function getServerType( $i );

        /**
         * Get basic attributes of the server with the specified index without connecting
         *
         * @param int $i Specific server index
         * @return array (Database::ATTRIBUTE_* constant => value) for all such constants
         * @since 1.31
         */
        public function getServerAttributes( $i );

        /**
         * Get the current primary replication position
         *
         * @return DBPrimaryPos|false Returns false if not applicable
         * @throws DBError
         * @since 1.37
         */
        public function getPrimaryPos();

        /**
         * Whether there are pending changes or callbacks in a transaction by this thread
         * @return bool
         * @since 1.37
         */
        public function hasPrimaryChanges();

        /**
         * Determine whether an explicit transaction is active on any open primary
         * connection.
         * @return bool
         * @since 1.39
         */
        public function explicitTrxActive();

        /**
         * Check if this load balancer object had any recent or still
         * pending writes issued against it by this PHP thread
         *
         * @param float|null $age How many seconds ago is "recent" [defaults to mWaitTimeout]
         * @return bool
         * @since 1.37
         */
        public function hasOrMadeRecentPrimaryChanges( $age = null );

        /**
         * @note This method may trigger a DB connection if not yet done
         * @return string|false Reason the primary is read-only or false if it is not
         */
        public function getReadOnlyReason();

        /**
         * @return bool
         */
        public function pingAll();

        /**
         * Get the name and lag time of the most-lagged replica server
         *
         * This is useful for maintenance scripts that need to throttle their updates.
         * May attempt to open connections to replica DBs on the default DB. If there is
         * no lag, the maximum lag will be reported as -1.
         *
         * @return array{0:string,1:float|int|false,2:int} (host, max lag, index of max lagged host)
         */
        public function getMaxLag();

        /**
         * Get an estimate of replication lag (in seconds) for each server
         *
         * Results are cached for a short time in memcached/process cache
         *
         * Values may be "false" if replication is too broken to estimate
         *
         * @return float[]|int[]|false[] Map of (server index => lag) in order of server index
         */
        public function getLagTimes();

        /**
         * Wait for a replica DB to reach a specified primary position
         *
         * If $conn is not a replica server connection, then this will return true.
         * Otherwise, if $pos is not provided, this will connect to the primary server
         * to get an accurate position.
         *
         * @param IDatabase $conn Replica DB
         * @return bool Success
         * @since 1.37
         */
        public function waitForPrimaryPos( IDatabase $conn );

        /**
         * Set a callback via IDatabase::setTransactionListener() on
         * all current and future primary connections of this load balancer
         *
         * @param string $name Callback name
         * @param callable|null $callback
         */
        public function setTransactionListener( $name, ?callable $callback = null );

        /**
         * Make certain table names use their own database, schema, and table prefix
         * when passed into SQL queries pre-escaped and without a qualified database name
         *
         * For example, "user" can be converted to "myschema.mydbname.user" for convenience.
         * Appearances like `user`, somedb.user, somedb.someschema.user will used literally.
         *
         * Calling this twice will completely clear any old table aliases. Also, note that
         * callers are responsible for making sure the schemas and databases actually exist.
         *
         * @param array[] $aliases Map of (table => (dbname, schema, prefix) map)
         */
        public function setTableAliases( array $aliases );

        /**
         * Convert certain database domains to alternative ones.
         *
         * This can be used for backwards compatibility logic.
         *
         * @param DatabaseDomain[]|string[] $aliases Map of (domain alias => domain)
         * @since 1.35
         */
        public function setDomainAliases( array $aliases );
}