From 24ad137b93e708a99f9ba362253a28403f909167 Mon Sep 17 00:00:00 2001 From: Josh Black Date: Thu, 20 Apr 2023 10:11:35 -0700 Subject: [PATCH 1/3] OSS changes for new update-primary API endpoint --- sdk/helper/consts/consts.go | 4 ++++ vault/core.go | 14 ++++++++++---- vault/testing.go | 8 ++++++++ 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/sdk/helper/consts/consts.go b/sdk/helper/consts/consts.go index b51191050748..744d2aa81c72 100644 --- a/sdk/helper/consts/consts.go +++ b/sdk/helper/consts/consts.go @@ -39,4 +39,8 @@ const ( VaultEnableFilePermissionsCheckEnv = "VAULT_ENABLE_FILE_PERMISSIONS_CHECK" VaultDisableUserLockout = "VAULT_DISABLE_USER_LOCKOUT" + + PerformanceReplicationPathTarget = "performance" + + DRReplicationPathParget = "dr" ) diff --git a/vault/core.go b/vault/core.go index ec4452499e9d..2e2213a64d47 100644 --- a/vault/core.go +++ b/vault/core.go @@ -60,6 +60,7 @@ import ( "github.com/hashicorp/vault/vault/cluster" "github.com/hashicorp/vault/vault/eventbus" "github.com/hashicorp/vault/vault/quotas" + "github.com/hashicorp/vault/vault/replication" vaultseal "github.com/hashicorp/vault/vault/seal" "github.com/hashicorp/vault/version" "github.com/patrickmn/go-cache" @@ -519,9 +520,9 @@ type Core struct { // The active set of upstream cluster addresses; stored via the Echo // mechanism, loaded by the balancer - atomicPrimaryClusterAddrs *atomic.Value + atomicPrimaryClusterAddrs *atomic.Pointer[replication.Primaries] - atomicPrimaryFailoverAddrs *atomic.Value + atomicPrimaryFailoverAddrs *atomic.Pointer[replication.Primaries] // replicationState keeps the current replication state cached for quick // lookup; activeNodeReplicationState stores the active value on standbys @@ -704,6 +705,8 @@ type Core struct { // if populated, override the default gRPC min connect timeout (currently 20s in grpc 1.51) grpcMinConnectTimeout time.Duration + + synchronousMerkleClean bool } // c.stateLock needs to be held in read mode before calling this function. @@ -861,6 +864,8 @@ type CoreConfig struct { PendingRemovalMountsAllowed bool ExpirationRevokeRetryBase time.Duration + + SynchronousMerkleClean bool } // GetServiceRegistration returns the config's ServiceRegistration, or nil if it does @@ -990,8 +995,8 @@ func CreateCore(conf *CoreConfig) (*Core, error) { introspectionEnabled: conf.EnableIntrospection, shutdownDoneCh: new(atomic.Value), replicationState: new(uint32), - atomicPrimaryClusterAddrs: new(atomic.Value), - atomicPrimaryFailoverAddrs: new(atomic.Value), + atomicPrimaryClusterAddrs: new(atomic.Pointer[replication.Primaries]), + atomicPrimaryFailoverAddrs: new(atomic.Pointer[replication.Primaries]), localClusterPrivateKey: new(atomic.Value), localClusterCert: new(atomic.Value), localClusterParsedCert: new(atomic.Value), @@ -1027,6 +1032,7 @@ func CreateCore(conf *CoreConfig) (*Core, error) { experiments: conf.Experiments, pendingRemovalMountsAllowed: conf.PendingRemovalMountsAllowed, expirationRevokeRetryBase: conf.ExpirationRevokeRetryBase, + synchronousMerkleClean: conf.SynchronousMerkleClean, } c.standbyStopCh.Store(make(chan struct{})) diff --git a/vault/testing.go b/vault/testing.go index 17d25ef8feda..791a5994a9f3 100644 --- a/vault/testing.go +++ b/vault/testing.go @@ -971,6 +971,10 @@ func (c *TestClusterCore) Seal(t testing.T) { } } +func (c *TestClusterCore) LogicalStorage() logical.Storage { + return c.barrier +} + func (c *TestClusterCore) stop() error { c.Logger().Info("stopping vault test core") @@ -1025,6 +1029,10 @@ func (c *TestClusterCore) TLSConfig() *tls.Config { return c.tlsConfig.Clone() } +func (c *TestClusterCore) ClusterListener() *cluster.Listener { + return c.getClusterListener() +} + func (c *TestCluster) Cleanup() { c.Logger.Info("cleaning up vault cluster") if tl, ok := c.Logger.(*corehelpers.TestLogger); ok { From 69d1dcf610fb1a0e57ff6bffca5eaddf3e0c3dc1 Mon Sep 17 00:00:00 2001 From: Josh Black Date: Thu, 20 Apr 2023 10:50:20 -0700 Subject: [PATCH 2/3] remove ENT specific piece --- vault/core.go | 9 --------- 1 file changed, 9 deletions(-) diff --git a/vault/core.go b/vault/core.go index 2e2213a64d47..8fc5a6ffc673 100644 --- a/vault/core.go +++ b/vault/core.go @@ -60,7 +60,6 @@ import ( "github.com/hashicorp/vault/vault/cluster" "github.com/hashicorp/vault/vault/eventbus" "github.com/hashicorp/vault/vault/quotas" - "github.com/hashicorp/vault/vault/replication" vaultseal "github.com/hashicorp/vault/vault/seal" "github.com/hashicorp/vault/version" "github.com/patrickmn/go-cache" @@ -518,12 +517,6 @@ type Core struct { // CORS Information corsConfig *CORSConfig - // The active set of upstream cluster addresses; stored via the Echo - // mechanism, loaded by the balancer - atomicPrimaryClusterAddrs *atomic.Pointer[replication.Primaries] - - atomicPrimaryFailoverAddrs *atomic.Pointer[replication.Primaries] - // replicationState keeps the current replication state cached for quick // lookup; activeNodeReplicationState stores the active value on standbys replicationState *uint32 @@ -995,8 +988,6 @@ func CreateCore(conf *CoreConfig) (*Core, error) { introspectionEnabled: conf.EnableIntrospection, shutdownDoneCh: new(atomic.Value), replicationState: new(uint32), - atomicPrimaryClusterAddrs: new(atomic.Pointer[replication.Primaries]), - atomicPrimaryFailoverAddrs: new(atomic.Pointer[replication.Primaries]), localClusterPrivateKey: new(atomic.Value), localClusterCert: new(atomic.Value), localClusterParsedCert: new(atomic.Value), From 759dd5ed8c850ae2c8c06bd565a9ef399af4c05d Mon Sep 17 00:00:00 2001 From: Josh Black Date: Thu, 20 Apr 2023 10:54:28 -0700 Subject: [PATCH 3/3] remove another ENT specific field --- vault/core.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/vault/core.go b/vault/core.go index 8fc5a6ffc673..18715ece749c 100644 --- a/vault/core.go +++ b/vault/core.go @@ -698,8 +698,6 @@ type Core struct { // if populated, override the default gRPC min connect timeout (currently 20s in grpc 1.51) grpcMinConnectTimeout time.Duration - - synchronousMerkleClean bool } // c.stateLock needs to be held in read mode before calling this function. @@ -857,8 +855,6 @@ type CoreConfig struct { PendingRemovalMountsAllowed bool ExpirationRevokeRetryBase time.Duration - - SynchronousMerkleClean bool } // GetServiceRegistration returns the config's ServiceRegistration, or nil if it does @@ -1023,7 +1019,6 @@ func CreateCore(conf *CoreConfig) (*Core, error) { experiments: conf.Experiments, pendingRemovalMountsAllowed: conf.PendingRemovalMountsAllowed, expirationRevokeRetryBase: conf.ExpirationRevokeRetryBase, - synchronousMerkleClean: conf.SynchronousMerkleClean, } c.standbyStopCh.Store(make(chan struct{}))