2017-11-30 01:33:57 +00:00
|
|
|
package fsm
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"github.com/hashicorp/go-msgpack/codec"
|
|
|
|
|
"github.com/hashicorp/raft"
|
2021-04-14 20:48:04 +00:00
|
|
|
|
|
|
|
|
"github.com/hashicorp/consul/agent/consul/state"
|
|
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
2017-11-30 01:33:57 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
|
registerPersister(persistOSS)
|
|
|
|
|
|
|
|
|
|
registerRestorer(structs.RegisterRequestType, restoreRegistration)
|
|
|
|
|
registerRestorer(structs.KVSRequestType, restoreKV)
|
|
|
|
|
registerRestorer(structs.TombstoneRequestType, restoreTombstone)
|
|
|
|
|
registerRestorer(structs.SessionRequestType, restoreSession)
|
|
|
|
|
registerRestorer(structs.ACLRequestType, restoreACL)
|
|
|
|
|
registerRestorer(structs.ACLBootstrapRequestType, restoreACLBootstrap)
|
|
|
|
|
registerRestorer(structs.CoordinateBatchUpdateType, restoreCoordinates)
|
|
|
|
|
registerRestorer(structs.PreparedQueryRequestType, restorePreparedQuery)
|
|
|
|
|
registerRestorer(structs.AutopilotRequestType, restoreAutopilot)
|
2020-10-06 18:24:05 +00:00
|
|
|
registerRestorer(structs.IntentionRequestType, restoreLegacyIntention)
|
2018-03-21 18:33:19 +00:00
|
|
|
registerRestorer(structs.ConnectCARequestType, restoreConnectCA)
|
2018-07-11 18:34:49 +00:00
|
|
|
registerRestorer(structs.ConnectCAProviderStateType, restoreConnectCAProviderState)
|
2018-08-16 18:58:50 +00:00
|
|
|
registerRestorer(structs.ConnectCAConfigType, restoreConnectCAConfig)
|
2018-10-19 16:04:07 +00:00
|
|
|
registerRestorer(structs.IndexRequestType, restoreIndex)
|
2018-10-31 20:00:46 +00:00
|
|
|
registerRestorer(structs.ACLTokenSetRequestType, restoreToken)
|
|
|
|
|
registerRestorer(structs.ACLPolicySetRequestType, restorePolicy)
|
2019-03-20 23:13:13 +00:00
|
|
|
registerRestorer(structs.ConfigEntryRequestType, restoreConfigEntry)
|
2019-04-15 20:43:19 +00:00
|
|
|
registerRestorer(structs.ACLRoleSetRequestType, restoreRole)
|
2019-04-26 17:49:28 +00:00
|
|
|
registerRestorer(structs.ACLBindingRuleSetRequestType, restoreBindingRule)
|
|
|
|
|
registerRestorer(structs.ACLAuthMethodSetRequestType, restoreAuthMethod)
|
2020-03-09 20:59:02 +00:00
|
|
|
registerRestorer(structs.FederationStateRequestType, restoreFederationState)
|
2020-10-06 15:08:37 +00:00
|
|
|
registerRestorer(structs.SystemMetadataRequestType, restoreSystemMetadata)
|
2017-11-30 01:33:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func persistOSS(s *snapshot, sink raft.SnapshotSink, encoder *codec.Encoder) error {
|
|
|
|
|
if err := s.persistNodes(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := s.persistSessions(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := s.persistACLs(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := s.persistKVs(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := s.persistTombstones(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := s.persistPreparedQueries(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := s.persistAutopilot(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2020-10-06 18:24:05 +00:00
|
|
|
if err := s.persistLegacyIntentions(sink, encoder); err != nil {
|
2018-03-06 17:31:21 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2018-03-21 18:33:19 +00:00
|
|
|
if err := s.persistConnectCA(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-07-11 18:34:49 +00:00
|
|
|
if err := s.persistConnectCAProviderState(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-08-16 18:58:50 +00:00
|
|
|
if err := s.persistConnectCAConfig(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2019-03-20 23:13:13 +00:00
|
|
|
if err := s.persistConfigEntries(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2020-03-09 20:59:02 +00:00
|
|
|
if err := s.persistFederationStates(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2020-10-06 15:08:37 +00:00
|
|
|
if err := s.persistSystemMetadata(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-10-19 16:04:07 +00:00
|
|
|
if err := s.persistIndex(sink, encoder); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2017-11-30 01:33:57 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistNodes(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
|
|
|
|
|
// Get all the nodes
|
|
|
|
|
nodes, err := s.state.Nodes()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Register each node
|
|
|
|
|
for node := nodes.Next(); node != nil; node = nodes.Next() {
|
|
|
|
|
n := node.(*structs.Node)
|
2021-08-17 18:29:39 +00:00
|
|
|
nodeEntMeta := n.GetEnterpriseMeta()
|
|
|
|
|
|
2017-11-30 01:33:57 +00:00
|
|
|
req := structs.RegisterRequest{
|
2018-10-30 22:52:54 +00:00
|
|
|
ID: n.ID,
|
2017-11-30 01:33:57 +00:00
|
|
|
Node: n.Node,
|
2018-10-30 22:52:54 +00:00
|
|
|
Datacenter: n.Datacenter,
|
2017-11-30 01:33:57 +00:00
|
|
|
Address: n.Address,
|
|
|
|
|
TaggedAddresses: n.TaggedAddresses,
|
2018-10-11 12:22:11 +00:00
|
|
|
NodeMeta: n.Meta,
|
2020-08-11 05:52:36 +00:00
|
|
|
RaftIndex: n.RaftIndex,
|
2021-08-17 18:29:39 +00:00
|
|
|
EnterpriseMeta: *nodeEntMeta,
|
2017-11-30 01:33:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Register the node itself
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.RegisterRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Register each service this node has
|
2021-08-17 18:29:39 +00:00
|
|
|
services, err := s.state.Services(n.Node, nodeEntMeta)
|
2017-11-30 01:33:57 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
for service := services.Next(); service != nil; service = services.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.RegisterRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
req.Service = service.(*structs.ServiceNode).ToNodeService()
|
|
|
|
|
if err := encoder.Encode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Register each check this node has
|
|
|
|
|
req.Service = nil
|
2021-08-17 18:29:39 +00:00
|
|
|
checks, err := s.state.Checks(n.Node, nodeEntMeta)
|
2017-11-30 01:33:57 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
for check := checks.Next(); check != nil; check = checks.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.RegisterRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
req.Check = check.(*structs.HealthCheck)
|
|
|
|
|
if err := encoder.Encode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Save the coordinates separately since they are not part of the
|
|
|
|
|
// register request interface. To avoid copying them out, we turn
|
|
|
|
|
// them into batches with a single coordinate each.
|
|
|
|
|
coords, err := s.state.Coordinates()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-07-23 18:42:23 +00:00
|
|
|
// TODO(partitions)
|
2017-11-30 01:33:57 +00:00
|
|
|
for coord := coords.Next(); coord != nil; coord = coords.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.CoordinateBatchUpdateType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
updates := structs.Coordinates{coord.(*structs.Coordinate)}
|
|
|
|
|
if err := encoder.Encode(&updates); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistSessions(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
sessions, err := s.state.Sessions()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for session := sessions.Next(); session != nil; session = sessions.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.SessionRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(session.(*structs.Session)); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistACLs(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
2018-10-19 16:04:07 +00:00
|
|
|
tokens, err := s.state.ACLTokens()
|
2017-11-30 01:33:57 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-08 17:05:51 +00:00
|
|
|
// Don't check expiration times. Wait for explicit deletions.
|
|
|
|
|
|
2018-10-19 16:04:07 +00:00
|
|
|
for token := tokens.Next(); token != nil; token = tokens.Next() {
|
2018-10-31 20:00:46 +00:00
|
|
|
if _, err := sink.Write([]byte{byte(structs.ACLTokenSetRequestType)}); err != nil {
|
2017-11-30 01:33:57 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2018-10-19 16:04:07 +00:00
|
|
|
if err := encoder.Encode(token.(*structs.ACLToken)); err != nil {
|
2017-11-30 01:33:57 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-19 16:04:07 +00:00
|
|
|
policies, err := s.state.ACLPolicies()
|
2017-11-30 01:33:57 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-10-19 16:04:07 +00:00
|
|
|
|
|
|
|
|
for policy := policies.Next(); policy != nil; policy = policies.Next() {
|
2018-10-31 20:00:46 +00:00
|
|
|
if _, err := sink.Write([]byte{byte(structs.ACLPolicySetRequestType)}); err != nil {
|
2017-11-30 01:33:57 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2018-10-19 16:04:07 +00:00
|
|
|
if err := encoder.Encode(policy.(*structs.ACLPolicy)); err != nil {
|
2017-11-30 01:33:57 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-15 20:43:19 +00:00
|
|
|
roles, err := s.state.ACLRoles()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for role := roles.Next(); role != nil; role = roles.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.ACLRoleSetRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(role.(*structs.ACLRole)); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-26 17:49:28 +00:00
|
|
|
rules, err := s.state.ACLBindingRules()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for rule := rules.Next(); rule != nil; rule = rules.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.ACLBindingRuleSetRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(rule.(*structs.ACLBindingRule)); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
methods, err := s.state.ACLAuthMethods()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-14 20:48:04 +00:00
|
|
|
for method := methods.Next(); method != nil; method = methods.Next() {
|
2019-04-26 17:49:28 +00:00
|
|
|
if _, err := sink.Write([]byte{byte(structs.ACLAuthMethodSetRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(method.(*structs.ACLAuthMethod)); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-30 01:33:57 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistKVs(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
entries, err := s.state.KVs()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for entry := entries.Next(); entry != nil; entry = entries.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.KVSRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(entry.(*structs.DirEntry)); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistTombstones(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
stones, err := s.state.Tombstones()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for stone := stones.Next(); stone != nil; stone = stones.Next() {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.TombstoneRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// For historical reasons, these are serialized in the snapshots
|
|
|
|
|
// as KV entries. We want to keep the snapshot format compatible
|
|
|
|
|
// with pre-0.6 versions for now.
|
|
|
|
|
s := stone.(*state.Tombstone)
|
|
|
|
|
fake := &structs.DirEntry{
|
|
|
|
|
Key: s.Key,
|
|
|
|
|
RaftIndex: structs.RaftIndex{
|
|
|
|
|
ModifyIndex: s.Index,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(fake); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistPreparedQueries(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
queries, err := s.state.PreparedQueries()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, query := range queries {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.PreparedQueryRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(query); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistAutopilot(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
2018-12-06 02:27:20 +00:00
|
|
|
config, err := s.state.Autopilot()
|
2017-11-30 01:33:57 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-12-06 02:27:20 +00:00
|
|
|
// Make sure we don't write a nil config out to a snapshot.
|
|
|
|
|
if config == nil {
|
2017-11-30 01:33:57 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.AutopilotRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-12-06 02:27:20 +00:00
|
|
|
if err := encoder.Encode(config); err != nil {
|
2017-11-30 01:33:57 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-21 18:33:19 +00:00
|
|
|
func (s *snapshot) persistConnectCA(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
roots, err := s.state.CARoots()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, r := range roots {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.ConnectCARequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(r); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-08-16 18:58:50 +00:00
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *snapshot) persistConnectCAConfig(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
config, err := s.state.CAConfig()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-12-06 02:27:20 +00:00
|
|
|
// Make sure we don't write a nil config out to a snapshot.
|
|
|
|
|
if config == nil {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2018-08-16 18:58:50 +00:00
|
|
|
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.ConnectCAConfigType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(config); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-03-21 18:33:19 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-11 18:34:49 +00:00
|
|
|
func (s *snapshot) persistConnectCAProviderState(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
state, err := s.state.CAProviderState()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, r := range state {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.ConnectCAProviderStateType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(r); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 18:24:05 +00:00
|
|
|
func (s *snapshot) persistLegacyIntentions(sink raft.SnapshotSink,
|
2018-03-06 17:31:21 +00:00
|
|
|
encoder *codec.Encoder) error {
|
2020-10-06 18:24:05 +00:00
|
|
|
//nolint:staticcheck
|
|
|
|
|
ixns, err := s.state.LegacyIntentions()
|
2018-03-06 17:31:21 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, ixn := range ixns {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.IntentionRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(ixn); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-20 23:13:13 +00:00
|
|
|
func (s *snapshot) persistConfigEntries(sink raft.SnapshotSink,
|
|
|
|
|
encoder *codec.Encoder) error {
|
|
|
|
|
entries, err := s.state.ConfigEntries()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, entry := range entries {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.ConfigEntryRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2019-04-02 22:42:12 +00:00
|
|
|
// Encode the entry request without an operation since we don't need it for restoring.
|
|
|
|
|
// The request is used for its custom decoding/encoding logic around the ConfigEntry
|
|
|
|
|
// interface.
|
2019-03-28 06:56:35 +00:00
|
|
|
req := &structs.ConfigEntryRequest{
|
|
|
|
|
Entry: entry,
|
2019-03-20 23:13:13 +00:00
|
|
|
}
|
2019-03-28 06:56:35 +00:00
|
|
|
if err := encoder.Encode(req); err != nil {
|
2019-03-20 23:13:13 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-09 20:59:02 +00:00
|
|
|
func (s *snapshot) persistFederationStates(sink raft.SnapshotSink, encoder *codec.Encoder) error {
|
|
|
|
|
fedStates, err := s.state.FederationStates()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, fedState := range fedStates {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.FederationStateRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
// Encode the entry request without an operation since we don't need it for restoring.
|
|
|
|
|
// The request is used for its custom decoding/encoding logic around the ConfigEntry
|
|
|
|
|
// interface.
|
|
|
|
|
req := &structs.FederationStateRequest{
|
|
|
|
|
Op: structs.FederationStateUpsert,
|
|
|
|
|
State: fedState,
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-06 15:08:37 +00:00
|
|
|
func (s *snapshot) persistSystemMetadata(sink raft.SnapshotSink, encoder *codec.Encoder) error {
|
|
|
|
|
entries, err := s.state.SystemMetadataEntries()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, entry := range entries {
|
|
|
|
|
if _, err := sink.Write([]byte{byte(structs.SystemMetadataRequestType)}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := encoder.Encode(entry); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-19 16:04:07 +00:00
|
|
|
func (s *snapshot) persistIndex(sink raft.SnapshotSink, encoder *codec.Encoder) error {
|
|
|
|
|
// Get all the indexes
|
|
|
|
|
iter, err := s.state.Indexes()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for raw := iter.Next(); raw != nil; raw = iter.Next() {
|
|
|
|
|
// Prepare the request struct
|
|
|
|
|
idx := raw.(*state.IndexEntry)
|
|
|
|
|
|
|
|
|
|
// Write out a node registration
|
|
|
|
|
sink.Write([]byte{byte(structs.IndexRequestType)})
|
|
|
|
|
if err := encoder.Encode(idx); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreRegistration(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.RegisterRequest
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.Registration(header.LastIndex, &req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreKV(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.DirEntry
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.KVS(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreTombstone(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.DirEntry
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// For historical reasons, these are serialized in the
|
|
|
|
|
// snapshots as KV entries. We want to keep the snapshot
|
|
|
|
|
// format compatible with pre-0.6 versions for now.
|
|
|
|
|
stone := &state.Tombstone{
|
|
|
|
|
Key: req.Key,
|
|
|
|
|
Index: req.ModifyIndex,
|
|
|
|
|
}
|
|
|
|
|
if err := restore.Tombstone(stone); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreSession(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.Session
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.Session(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreACL(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.ACL
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-10-19 16:04:07 +00:00
|
|
|
|
|
|
|
|
if err := restore.ACLToken(req.Convert()); err != nil {
|
2017-11-30 01:33:57 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-19 16:04:07 +00:00
|
|
|
// DEPRECATED (ACL-Legacy-Compat) - remove once v1 acl compat is removed
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreACLBootstrap(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.ACLBootstrap
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-10-19 16:04:07 +00:00
|
|
|
|
|
|
|
|
// With V2 ACLs whether bootstrapping has been performed is stored in the index table like nomad
|
|
|
|
|
// so this "restores" into that index table.
|
2018-10-19 16:28:36 +00:00
|
|
|
return restore.IndexRestore(&state.IndexEntry{Key: "acl-token-bootstrap", Value: req.ModifyIndex})
|
2017-11-30 01:33:57 +00:00
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreCoordinates(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.Coordinates
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.Coordinates(header.LastIndex, req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restorePreparedQuery(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2017-11-30 01:33:57 +00:00
|
|
|
var req structs.PreparedQuery
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.PreparedQuery(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreAutopilot(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2020-09-25 17:46:38 +00:00
|
|
|
var req structs.AutopilotConfig
|
2017-11-30 01:33:57 +00:00
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.Autopilot(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2018-03-06 17:31:21 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreLegacyIntention(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2018-03-06 17:31:21 +00:00
|
|
|
var req structs.Intention
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2020-10-06 18:24:05 +00:00
|
|
|
//nolint:staticcheck
|
|
|
|
|
if err := restore.LegacyIntention(&req); err != nil {
|
2018-03-06 17:31:21 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2018-03-21 18:33:19 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreConnectCA(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2018-03-21 18:33:19 +00:00
|
|
|
var req structs.CARoot
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.CARoot(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2018-07-11 18:34:49 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreConnectCAProviderState(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2018-07-11 18:34:49 +00:00
|
|
|
var req structs.CAConsulProviderState
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.CAProviderState(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2018-08-16 18:58:50 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreConnectCAConfig(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2018-08-16 18:58:50 +00:00
|
|
|
var req structs.CAConfiguration
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := restore.CAConfig(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2018-10-19 16:04:07 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreIndex(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2018-10-19 16:04:07 +00:00
|
|
|
var req state.IndexEntry
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return restore.IndexRestore(&req)
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreToken(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2018-10-19 16:04:07 +00:00
|
|
|
var req structs.ACLToken
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-11-13 21:35:54 +00:00
|
|
|
|
|
|
|
|
// DEPRECATED (ACL-Legacy-Compat)
|
|
|
|
|
if req.Rules != "" {
|
|
|
|
|
// When we restore a snapshot we may have to correct old HCL in legacy
|
|
|
|
|
// tokens to prevent the in-memory representation from using an older
|
|
|
|
|
// syntax.
|
|
|
|
|
structs.SanitizeLegacyACLToken(&req)
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-08 19:44:06 +00:00
|
|
|
// only set if unset - mitigates a bug where converted legacy tokens could end up without a hash
|
|
|
|
|
req.SetHash(false)
|
|
|
|
|
|
2018-10-19 16:04:07 +00:00
|
|
|
return restore.ACLToken(&req)
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restorePolicy(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2018-10-19 16:04:07 +00:00
|
|
|
var req structs.ACLPolicy
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return restore.ACLPolicy(&req)
|
|
|
|
|
}
|
2019-03-20 23:13:13 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreConfigEntry(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2019-03-28 06:56:35 +00:00
|
|
|
var req structs.ConfigEntryRequest
|
2019-03-20 23:13:13 +00:00
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2019-03-28 06:56:35 +00:00
|
|
|
return restore.ConfigEntry(req.Entry)
|
2019-03-20 23:13:13 +00:00
|
|
|
}
|
2019-04-15 20:43:19 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreRole(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2019-04-15 20:43:19 +00:00
|
|
|
var req structs.ACLRole
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return restore.ACLRole(&req)
|
|
|
|
|
}
|
2019-04-26 17:49:28 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreBindingRule(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2019-04-26 17:49:28 +00:00
|
|
|
var req structs.ACLBindingRule
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return restore.ACLBindingRule(&req)
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreAuthMethod(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2019-04-26 17:49:28 +00:00
|
|
|
var req structs.ACLAuthMethod
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return restore.ACLAuthMethod(&req)
|
|
|
|
|
}
|
2020-03-09 20:59:02 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreFederationState(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2020-03-09 20:59:02 +00:00
|
|
|
var req structs.FederationStateRequest
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return restore.FederationState(req.State)
|
|
|
|
|
}
|
2020-10-06 15:08:37 +00:00
|
|
|
|
2020-10-09 19:57:29 +00:00
|
|
|
func restoreSystemMetadata(header *SnapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
|
2020-10-06 15:08:37 +00:00
|
|
|
var req structs.SystemMetadataEntry
|
|
|
|
|
if err := decoder.Decode(&req); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return restore.SystemMetadataEntry(&req)
|
|
|
|
|
}
|
