2015-03-02 18:48:53 +00:00
|
|
|
package physical
|
|
|
|
|
2015-04-03 23:44:32 +00:00
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"sort"
|
|
|
|
"strings"
|
2015-04-14 18:09:24 +00:00
|
|
|
"time"
|
2015-04-03 23:44:32 +00:00
|
|
|
|
2015-04-14 18:09:24 +00:00
|
|
|
"github.com/armon/go-metrics"
|
2015-04-03 23:44:32 +00:00
|
|
|
"github.com/hashicorp/consul/api"
|
|
|
|
)
|
|
|
|
|
2015-03-02 18:48:53 +00:00
|
|
|
// ConsulBackend is a physical backend that stores data at specific
|
|
|
|
// prefix within Consul. It is used for most production situations as
|
|
|
|
// it allows Vault to run on multiple machines in a highly-available manner.
|
|
|
|
type ConsulBackend struct {
|
2015-04-03 23:44:32 +00:00
|
|
|
path string
|
|
|
|
client *api.Client
|
|
|
|
kv *api.KV
|
2015-03-02 18:48:53 +00:00
|
|
|
}
|
|
|
|
|
2015-03-05 21:47:10 +00:00
|
|
|
// newConsulBackend constructs a Consul backend using the given API client
|
2015-03-02 18:48:53 +00:00
|
|
|
// and the prefix in the KV store.
|
2015-03-05 21:47:10 +00:00
|
|
|
func newConsulBackend(conf map[string]string) (Backend, error) {
|
2015-04-03 23:44:32 +00:00
|
|
|
// Get the path in Consul
|
|
|
|
path, ok := conf["path"]
|
2015-04-04 00:05:18 +00:00
|
|
|
if !ok {
|
|
|
|
path = "vault/"
|
2015-04-03 23:44:32 +00:00
|
|
|
}
|
2015-04-04 00:05:18 +00:00
|
|
|
|
|
|
|
// Ensure path is suffixed but not prefixed
|
2015-04-03 23:44:32 +00:00
|
|
|
if !strings.HasSuffix(path, "/") {
|
|
|
|
path += "/"
|
|
|
|
}
|
2015-04-04 00:05:18 +00:00
|
|
|
if strings.HasPrefix(path, "/") {
|
|
|
|
path = strings.TrimPrefix(path, "/")
|
|
|
|
}
|
2015-04-03 23:44:32 +00:00
|
|
|
|
|
|
|
// Configure the client
|
|
|
|
consulConf := api.DefaultConfig()
|
|
|
|
if addr, ok := conf["address"]; ok {
|
|
|
|
consulConf.Address = addr
|
|
|
|
}
|
|
|
|
if scheme, ok := conf["scheme"]; ok {
|
|
|
|
consulConf.Scheme = scheme
|
|
|
|
}
|
|
|
|
if dc, ok := conf["datacenter"]; ok {
|
|
|
|
consulConf.Datacenter = dc
|
|
|
|
}
|
|
|
|
if token, ok := conf["token"]; ok {
|
|
|
|
consulConf.Token = token
|
|
|
|
}
|
|
|
|
client, err := api.NewClient(consulConf)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("client setup failed: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Setup the backend
|
|
|
|
c := &ConsulBackend{
|
|
|
|
path: path,
|
|
|
|
client: client,
|
|
|
|
kv: client.KV(),
|
|
|
|
}
|
|
|
|
return c, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Put is used to insert or update an entry
|
|
|
|
func (c *ConsulBackend) Put(entry *Entry) error {
|
2015-04-14 18:09:24 +00:00
|
|
|
defer metrics.MeasureSince([]string{"consul", "put"}, time.Now())
|
2015-04-03 23:44:32 +00:00
|
|
|
pair := &api.KVPair{
|
|
|
|
Key: c.path + entry.Key,
|
|
|
|
Value: entry.Value,
|
|
|
|
}
|
|
|
|
_, err := c.kv.Put(pair, nil)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get is used to fetch an entry
|
|
|
|
func (c *ConsulBackend) Get(key string) (*Entry, error) {
|
2015-04-14 18:09:24 +00:00
|
|
|
defer metrics.MeasureSince([]string{"consul", "get"}, time.Now())
|
2015-04-03 23:44:32 +00:00
|
|
|
pair, _, err := c.kv.Get(c.path+key, nil)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if pair == nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
ent := &Entry{
|
|
|
|
Key: key,
|
|
|
|
Value: pair.Value,
|
|
|
|
}
|
|
|
|
return ent, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Delete is used to permanently delete an entry
|
|
|
|
func (c *ConsulBackend) Delete(key string) error {
|
2015-04-14 18:09:24 +00:00
|
|
|
defer metrics.MeasureSince([]string{"consul", "delete"}, time.Now())
|
2015-04-03 23:44:32 +00:00
|
|
|
_, err := c.kv.Delete(c.path+key, nil)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// List is used ot list all the keys under a given
|
|
|
|
// prefix, up to the next prefix.
|
|
|
|
func (c *ConsulBackend) List(prefix string) ([]string, error) {
|
2015-04-14 18:09:24 +00:00
|
|
|
defer metrics.MeasureSince([]string{"consul", "list"}, time.Now())
|
2015-04-03 23:44:32 +00:00
|
|
|
scan := c.path + prefix
|
|
|
|
out, _, err := c.kv.Keys(scan, "/", nil)
|
|
|
|
for idx, val := range out {
|
|
|
|
out[idx] = strings.TrimPrefix(val, scan)
|
|
|
|
}
|
|
|
|
sort.Strings(out)
|
|
|
|
return out, err
|
2015-03-02 18:48:53 +00:00
|
|
|
}
|