2018-09-18 03:03:00 +00:00
|
|
|
package vault
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"net/http"
|
|
|
|
"runtime"
|
|
|
|
"sync/atomic"
|
|
|
|
"time"
|
|
|
|
|
2021-04-12 13:33:21 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/helper/consts"
|
|
|
|
|
2018-09-18 03:03:00 +00:00
|
|
|
"github.com/hashicorp/vault/helper/forwarding"
|
2021-03-03 18:59:50 +00:00
|
|
|
"github.com/hashicorp/vault/physical/raft"
|
2019-02-15 02:14:56 +00:00
|
|
|
"github.com/hashicorp/vault/vault/replication"
|
2018-09-18 03:03:00 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type forwardedRequestRPCServer struct {
|
2021-09-30 01:25:15 +00:00
|
|
|
UnimplementedRequestForwardingServer
|
|
|
|
|
2018-09-18 03:03:00 +00:00
|
|
|
core *Core
|
|
|
|
handler http.Handler
|
|
|
|
perfStandbySlots chan struct{}
|
2019-02-15 02:14:56 +00:00
|
|
|
perfStandbyRepCluster *replication.Cluster
|
2021-03-03 18:59:50 +00:00
|
|
|
raftFollowerStates *raft.FollowerStates
|
2018-09-18 03:03:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *forwardedRequestRPCServer) ForwardRequest(ctx context.Context, freq *forwarding.Request) (*forwarding.Response, error) {
|
|
|
|
// Parse an http.Request out of it
|
|
|
|
req, err := forwarding.ParseForwardedRequest(freq)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// A very dummy response writer that doesn't follow normal semantics, just
|
|
|
|
// lets you write a status code (last written wins) and a body. But it
|
|
|
|
// meets the interface requirements.
|
|
|
|
w := forwarding.NewRPCResponseWriter()
|
|
|
|
|
|
|
|
resp := &forwarding.Response{}
|
|
|
|
|
|
|
|
runRequest := func() {
|
|
|
|
defer func() {
|
|
|
|
// Logic here comes mostly from the Go source code
|
|
|
|
if err := recover(); err != nil {
|
|
|
|
const size = 64 << 10
|
|
|
|
buf := make([]byte, size)
|
|
|
|
buf = buf[:runtime.Stack(buf, false)]
|
2018-10-09 16:43:17 +00:00
|
|
|
s.core.logger.Error("panic serving forwarded request", "path", req.URL.Path, "error", err, "stacktrace", string(buf))
|
2018-09-18 03:03:00 +00:00
|
|
|
}
|
|
|
|
}()
|
|
|
|
s.handler.ServeHTTP(w, req)
|
|
|
|
}
|
|
|
|
runRequest()
|
|
|
|
resp.StatusCode = uint32(w.StatusCode())
|
|
|
|
resp.Body = w.Body().Bytes()
|
|
|
|
|
|
|
|
header := w.Header()
|
|
|
|
if header != nil {
|
|
|
|
resp.HeaderEntries = make(map[string]*forwarding.HeaderEntry, len(header))
|
|
|
|
for k, v := range header {
|
|
|
|
resp.HeaderEntries[k] = &forwarding.HeaderEntry{
|
|
|
|
Values: v,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-02-19 20:03:02 +00:00
|
|
|
// Performance standby nodes will use this value to do wait for WALs to ship
|
2019-07-19 01:10:15 +00:00
|
|
|
// in order to do a best-effort read after write guarantee
|
2019-02-19 20:03:02 +00:00
|
|
|
resp.LastRemoteWal = LastWAL(s.core)
|
2018-09-18 03:03:00 +00:00
|
|
|
|
|
|
|
return resp, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *forwardedRequestRPCServer) Echo(ctx context.Context, in *EchoRequest) (*EchoReply, error) {
|
|
|
|
if in.ClusterAddr != "" {
|
|
|
|
s.core.clusterPeerClusterAddrsCache.Set(in.ClusterAddr, nil, 0)
|
|
|
|
}
|
2019-06-20 19:14:58 +00:00
|
|
|
|
2019-06-27 17:00:03 +00:00
|
|
|
if in.RaftAppliedIndex > 0 && len(in.RaftNodeID) > 0 && s.raftFollowerStates != nil {
|
2021-03-03 18:59:50 +00:00
|
|
|
s.raftFollowerStates.Update(in.RaftNodeID, in.RaftAppliedIndex, in.RaftTerm, in.RaftDesiredSuffrage)
|
2019-06-20 19:14:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
reply := &EchoReply{
|
2018-09-18 03:03:00 +00:00
|
|
|
Message: "pong",
|
|
|
|
ReplicationState: uint32(s.core.ReplicationState()),
|
2019-06-20 19:14:58 +00:00
|
|
|
}
|
|
|
|
|
2020-06-29 22:36:22 +00:00
|
|
|
if raftBackend := s.core.getRaftBackend(); raftBackend != nil {
|
2021-04-12 13:33:21 +00:00
|
|
|
reply.RaftAppliedIndex = raftBackend.AppliedIndex()
|
|
|
|
reply.RaftNodeID = raftBackend.NodeID()
|
2019-06-20 19:14:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return reply, nil
|
2018-09-18 03:03:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type forwardingClient struct {
|
|
|
|
RequestForwardingClient
|
|
|
|
|
|
|
|
core *Core
|
|
|
|
|
|
|
|
echoTicker *time.Ticker
|
|
|
|
echoContext context.Context
|
|
|
|
}
|
|
|
|
|
|
|
|
// NOTE: we also take advantage of gRPC's keepalive bits, but as we send data
|
|
|
|
// with these requests it's useful to keep this as well
|
|
|
|
func (c *forwardingClient) startHeartbeat() {
|
|
|
|
go func() {
|
|
|
|
tick := func() {
|
2019-06-27 17:00:03 +00:00
|
|
|
clusterAddr := c.core.ClusterAddr()
|
2018-09-18 03:03:00 +00:00
|
|
|
|
2019-06-20 19:14:58 +00:00
|
|
|
req := &EchoRequest{
|
2018-09-18 03:03:00 +00:00
|
|
|
Message: "ping",
|
|
|
|
ClusterAddr: clusterAddr,
|
2019-06-20 19:14:58 +00:00
|
|
|
}
|
|
|
|
|
2020-06-29 22:36:22 +00:00
|
|
|
if raftBackend := c.core.getRaftBackend(); raftBackend != nil {
|
2021-04-12 13:33:21 +00:00
|
|
|
req.RaftAppliedIndex = raftBackend.AppliedIndex()
|
|
|
|
req.RaftNodeID = raftBackend.NodeID()
|
|
|
|
req.RaftTerm = raftBackend.Term()
|
|
|
|
req.RaftDesiredSuffrage = raftBackend.DesiredSuffrage()
|
2019-06-20 19:14:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
ctx, cancel := context.WithTimeout(c.echoContext, 2*time.Second)
|
|
|
|
resp, err := c.RequestForwardingClient.Echo(ctx, req)
|
2018-09-18 03:03:00 +00:00
|
|
|
cancel()
|
|
|
|
if err != nil {
|
|
|
|
c.core.logger.Debug("forwarding: error sending echo request to active node", "error", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if resp == nil {
|
|
|
|
c.core.logger.Debug("forwarding: empty echo response from active node")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if resp.Message != "pong" {
|
|
|
|
c.core.logger.Debug("forwarding: unexpected echo response from active node", "message", resp.Message)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
// Store the active node's replication state to display in
|
|
|
|
// sys/health calls
|
|
|
|
atomic.StoreUint32(c.core.activeNodeReplicationState, resp.ReplicationState)
|
|
|
|
}
|
|
|
|
|
|
|
|
tick()
|
|
|
|
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case <-c.echoContext.Done():
|
|
|
|
c.echoTicker.Stop()
|
|
|
|
c.core.logger.Debug("forwarding: stopping heartbeating")
|
|
|
|
atomic.StoreUint32(c.core.activeNodeReplicationState, uint32(consts.ReplicationUnknown))
|
|
|
|
return
|
|
|
|
case <-c.echoTicker.C:
|
|
|
|
tick()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
}
|