SERVER-40535 read signing keys with readConcern level majority

(cherry picked from commit 1d158cabb504fa9dba3ed0f0688cdf14cb7b0cba)
author: Misha Tyulenev <misha@mongodb.com> 2019-06-20 14:20:31 -0400
committer: Misha Tyulenev <misha@mongodb.com> 2019-07-15 15:03:02 -0400
commit: 50b5cbacfcde381000308c75df2971fd324009d4 (patch)
tree: 49a784059e5121d0689435f987bd7e29c1ec9402
parent: 90ac42dc55c3ad0c3b1275dffb25d8f64b685cc4 (diff)
download: mongo-50b5cbacfcde381000308c75df2971fd324009d4.tar.gz
7 files changed, 33 insertions, 13 deletions
diff --git a/src/mongo/db/key_generator.cpp b/src/mongo/db/key_generator.cpp
index 1adb8d3df56..a2c84da9a32 100644
--- a/src/mongo/db/key_generator.cpp
+++ b/src/mongo/db/key_generator.cpp
@@ -82,7 +82,7 @@ Status KeyGenerator::generateNewKeysIfNeeded(OperationContext* opCtx) {
     }
 
     auto currentTime = LogicalClock::get(opCtx)->getClusterTime();
-    auto keyStatus = _client->getNewKeys(opCtx, _purpose, currentTime);
+    auto keyStatus = _client->getNewKeys(opCtx, _purpose, currentTime, false);
 
     if (!keyStatus.isOK()) {
         return keyStatus.getStatus();
diff --git a/src/mongo/db/keys_collection_cache.cpp b/src/mongo/db/keys_collection_cache.cpp
index a37f0ec5096..b74a389cfe3 100644
--- a/src/mongo/db/keys_collection_cache.cpp
+++ b/src/mongo/db/keys_collection_cache.cpp
@@ -56,7 +56,7 @@ StatusWith<KeysCollectionDocument> KeysCollectionCache::refresh(OperationContext
         originalSize = _cache.size();
     }
 
-    auto refreshStatus = _client->getNewKeys(opCtx, _purpose, newerThanThis);
+    auto refreshStatus = _client->getNewKeys(opCtx, _purpose, newerThanThis, true);
 
     if (!refreshStatus.isOK()) {
         return refreshStatus.getStatus();
diff --git a/src/mongo/db/keys_collection_client.h b/src/mongo/db/keys_collection_client.h
index 254d1d98814..e6d94992cc4 100644
--- a/src/mongo/db/keys_collection_client.h
+++ b/src/mongo/db/keys_collection_client.h
@@ -47,10 +47,14 @@ public:
     virtual ~KeysCollectionClient() = default;
 
     /**
-     * Returns keys for the given purpose and with an expiresAt value greater than newerThanThis.
+     * Returns keys for the given purpose and with an expiresAt value greater than newerThanThis,
+     * using readConcern level majority if possible.
      */
     virtual StatusWith<std::vector<KeysCollectionDocument>> getNewKeys(
-        OperationContext* opCtx, StringData purpose, const LogicalTime& newerThanThis) = 0;
+        OperationContext* opCtx,
+        StringData purpose,
+        const LogicalTime& newerThanThis,
+        bool useMajority) = 0;
 
     /**
     * Directly inserts a key document to the storage
diff --git a/src/mongo/db/keys_collection_client_direct.cpp b/src/mongo/db/keys_collection_client_direct.cpp
index 5c95eda6a2e..0eaf90ce7a9 100644
--- a/src/mongo/db/keys_collection_client_direct.cpp
+++ b/src/mongo/db/keys_collection_client_direct.cpp
@@ -75,16 +75,23 @@ bool isRetriableError(ErrorCodes::Error code, Shard::RetryPolicy options) {
 KeysCollectionClientDirect::KeysCollectionClientDirect() : _rsLocalClient() {}
 
 StatusWith<std::vector<KeysCollectionDocument>> KeysCollectionClientDirect::getNewKeys(
-    OperationContext* opCtx, StringData purpose, const LogicalTime& newerThanThis) {
+    OperationContext* opCtx,
+    StringData purpose,
+    const LogicalTime& newerThanThis,
+    bool useMajority) {
 
 
     BSONObjBuilder queryBuilder;
     queryBuilder.append("purpose", purpose);
     queryBuilder.append("expiresAt", BSON("$gt" << newerThanThis.asTimestamp()));
 
+    auto readConcern = serverGlobalParams.enableMajorityReadConcern && useMajority
+        ? repl::ReadConcernLevel::kMajorityReadConcern
+        : repl::ReadConcernLevel::kLocalReadConcern;
+
     auto findStatus = _query(opCtx,
                              ReadPreferenceSetting(ReadPreference::Nearest, TagSet{}),
-                             repl::ReadConcernLevel::kLocalReadConcern,
+                             readConcern,
                              KeysCollectionDocument::ConfigNS,
                              queryBuilder.obj(),
                              BSON("expiresAt" << 1),
diff --git a/src/mongo/db/keys_collection_client_direct.h b/src/mongo/db/keys_collection_client_direct.h
index 6e322c3cdbe..4e88c57a9e1 100644
--- a/src/mongo/db/keys_collection_client_direct.h
+++ b/src/mongo/db/keys_collection_client_direct.h
@@ -47,10 +47,13 @@ class KeysCollectionClientDirect : public KeysCollectionClient {
 public:
     KeysCollectionClientDirect();
     /**
-     * Returns keys for the given purpose and with an expiresAt value greater than newerThanThis.
+     * Returns keys for the given purpose and with an expiresAt value greater than newerThanThis,
+     * using readConcern level majority if possible.
      */
-    StatusWith<std::vector<KeysCollectionDocument>> getNewKeys(
-        OperationContext* opCtx, StringData purpose, const LogicalTime& newerThanThis) override;
+    StatusWith<std::vector<KeysCollectionDocument>> getNewKeys(OperationContext* opCtx,
+                                                               StringData purpose,
+                                                               const LogicalTime& newerThanThis,
+                                                               bool useMajority) override;
 
     /**
     * Directly inserts a key document to the storage
diff --git a/src/mongo/db/keys_collection_client_sharded.cpp b/src/mongo/db/keys_collection_client_sharded.cpp
index b7c3eacd1db..b11f0125ad7 100644
--- a/src/mongo/db/keys_collection_client_sharded.cpp
+++ b/src/mongo/db/keys_collection_client_sharded.cpp
@@ -41,7 +41,10 @@ KeysCollectionClientSharded::KeysCollectionClientSharded(ShardingCatalogClient*
 
 
 StatusWith<std::vector<KeysCollectionDocument>> KeysCollectionClientSharded::getNewKeys(
-    OperationContext* opCtx, StringData purpose, const LogicalTime& newerThanThis) {
+    OperationContext* opCtx,
+    StringData purpose,
+    const LogicalTime& newerThanThis,
+    bool useMajority) {
 
     return _catalogClient->getNewKeys(
         opCtx, purpose, newerThanThis, repl::ReadConcernLevel::kMajorityReadConcern);
diff --git a/src/mongo/db/keys_collection_client_sharded.h b/src/mongo/db/keys_collection_client_sharded.h
index 4a80d607ae0..321ed7976e9 100644
--- a/src/mongo/db/keys_collection_client_sharded.h
+++ b/src/mongo/db/keys_collection_client_sharded.h
@@ -41,10 +41,13 @@ public:
     KeysCollectionClientSharded(ShardingCatalogClient*);
 
     /**
-     * Returns keys for the given purpose and with an expiresAt value greater than newerThanThis.
+     * Returns keys for the given purpose and with an expiresAt value greater than newerThanThis,
+     * using readConcern level majority if possible.
      */
-    StatusWith<std::vector<KeysCollectionDocument>> getNewKeys(
-        OperationContext* opCtx, StringData purpose, const LogicalTime& newerThanThis) override;
+    StatusWith<std::vector<KeysCollectionDocument>> getNewKeys(OperationContext* opCtx,
+                                                               StringData purpose,
+                                                               const LogicalTime& newerThanThis,
+                                                               bool useMajority) override;
 
     /**
     * Directly inserts a key document to the storage
author	Misha Tyulenev <misha@mongodb.com>	2019-06-20 14:20:31 -0400
committer	Misha Tyulenev <misha@mongodb.com>	2019-07-15 15:03:02 -0400
commit	50b5cbacfcde381000308c75df2971fd324009d4 (patch)
tree	49a784059e5121d0689435f987bd7e29c1ec9402
parent	90ac42dc55c3ad0c3b1275dffb25d8f64b685cc4 (diff)
download	mongo-50b5cbacfcde381000308c75df2971fd324009d4.tar.gz