The Perforce Broker (P4Broker) enables you to implement local policies in your Perforce environment by allowing you to restrict the commands that can be executed, or redirect specific commands to alternate (replica) Perforce servers.
The Perforce Broker is a server process that mediates between Perforce client applications and Perforce servers, including proxy servers. For example, Perforce client applications can connect to a proxy server that connects to the broker, which then connects to a Perforce server. Or, Perforce client applications can connect to a broker configured to redirect reporting-related commands to a read-only replica server, while passing other commands through to a master server.
After you have created your configuration file (see Configuring the Broker), start the Perforce Broker from the command line by issuing the the following command:
Alternatively, you can set P4BROKEROPTIONS before launching the broker and use it to specify the broker configuration file (or other flags) to use.
The Perforce Broker reads the specified broker configuration file, and on Unix platforms the
-d flag causes the Perforce Broker to detach itself from the controlling terminal and run in the background.
To configure the Perforce Broker to start automatically, create a startup script that sets P4BROKEROPTIONS runs the appropriate
p4broker command. On Windows systems, you can also
P4BROKEROPTIONS and run the broker as a service. For more information, see "Installing P4Broker on Windows and Unix systems" on the Perforce Knowledge Base:
To encrypt the connection between a Perforce Broker and its end users, your broker must have a valid private key and certificate pair in the directory specified by its
P4SSLDIR environment variable. Certificate and key generation and management for the broker works the same as it does for the Perforce Server. See
Key and certificate management. The users' Perforce applications must be configured to trust the fingerprint of the broker.
To encrypt the connection between a Perforce Broker and a Perforce Server, your broker must be configured so as to trust the fingerprint of the Perforce Server. That is, the user that runs
p4broker (typically a service user) must create a
P4TRUST file (using
p4 trust) that recognizes the fingerprint of the Perforce Server.
You can edit the newly-created p4broker.conf file to specify your requirements.
|
|
|
|
|
|
The default Perforce Server (P4D) to which commands are sent unless overridden by other settings in the configuration file.
|
|
|
|
The address on which the Perforce Broker listens for commands from Perforce client applications.
|
|
|
|
The home directory for the Perforce Broker. Other paths specified in the broker configuration file must be relative to this location.
|
|
|
|
|
|
|
|
|
|
|
|
The name of your Perforce Administrator. This is displayed in certain error messages.
|
|
|
|
An email address at which users can contact their Perforce Administrator.
|
|
|
|
|
|
|
|
In selective mode, redirection is permitted within a session until one command has been executed against the default (target) server. From then on, all commands within that session run against the default server and are not redirected.
In pedantic mode, all requests for redirection are honored.
|
|
|
|
An optional user account by which the broker authenticates itself when communicating with a target server.
|
|
|
|
|
|
|
|
Compress connection between broker and server. Over a slow link such as a WAN, compression can increase performance. If the broker and the server are near to each other (and especially if they reside on the same physical machine), then bandwidth is not an issue, and compression should be disabled to spare CPU cycles.
|
|
Command handlers enable you to specify how the broker responds to different commands issued by different users from within different environments. When users run commands, the Perforce Broker searches for matching command handlers and uses the first match found. If no command handler matches the user's command, the command is forwarded to the target Perforce Server for normal processing.
command: commandpattern
{ # Conditions for the command to meet (optional) # Note that with the exception of 'flags', these are regex patterns. flags = required-flags; args = required-arguments; user = required-user; workspace = required-client-workspace; prog = required-client-program; version = required-version-of-client-program;
# What to do with matching commands (required) action = pass | reject | redirect | filter ;
# How to go about it destination = altserver; # Required for action = redirect execute = /path/to/filter/program; # Required for action = filter message = rejection-message; # Required for action = reject }
|
The commandpattern parameter can include the "
.*" wildcard. For example, a
commandpattern of "
user.*" matches both the "
p4 user" and "
p4 users" commands.
For example, the following command handler prevents user joe from invoking
p4 submit from the
buildonly client workspace.
command: submituser = joe; workspace = buildonly; action = reject; message = "Submit failed: Please do not submit from this workspace."
|
When the action for a command handler is
filter, the Perforce Broker executes the program or script specified by the execute parameter and performs the action returned by the program. Filter programs enable you to enforce policies beyond the capabilities provided by the broker configuration file.
Non-printable characters in command arguments are sent to filter programs as a percent sign followed by a pair of hex characters representing the ASCII code for the non-printable character in question. For example, the tab character is encoded as
%09.
Your filter program must read this data from stdin before performing any additional processing, regardless of whether the script requires the data. If the filter script does not read the data from stdin, "broken pipe" errors can occur, and the broker rejects the user's command.
action: REDIRECTaltserver: (an alternate server name) message: a message for the user (optional)
|
The action keyword is always required and tells the Broker how to respond to the user's request. The available
actions are:
If the filter program returns any response other than something complying with the four message formats above, the user's command is rejected. If errors occur during the execution of your filter script code cause the broker to reject the user's command, the broker returns an error message.
To set up and configure a replica server, see Chapter 10, Perforce Replication. The broker works with both metadata-only replicas and with replicas that have access to both metadata and versioned files.
Alternate servers require users to authenticate themselves when they run commands. For this reason, the Perforce Broker must be used in conjunction with a central authorization server (
P4AUTH) and Perforce Servers at version 2007.2 or later. For more information about setting up a central authorization server, see
Centralized authorization server (P4AUTH).
When used with a central authorization server, a single p4 login request can create a ticket that is valid for the user across all servers in the Perforce Broker's configuration, enabling the user to log in once. The Perforce Broker assumes that a ticket granted by the target server is valid across all alternate servers.
If the target server in the broker configuration file is a central authorization server, the value assigned to the
target parameter must precisely match the setting of
P4AUTH on the alternate server machine(s). Similarly, if an alternate sever defined in the broker configuration file is used as the central authorization server, the value assigned to the
target parameter for the alternate server must match the setting of
P4AUTH on the other server machine(s).
Copyright 1997-2013 Perforce Software.
