2023-03-15 16:00:52 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2015-04-23 18:53:31 +00:00
|
|
|
package http
|
|
|
|
|
|
|
|
import (
|
2018-01-19 06:44:44 +00:00
|
|
|
"context"
|
2015-04-23 18:53:31 +00:00
|
|
|
"encoding/json"
|
2016-08-10 19:22:12 +00:00
|
|
|
"fmt"
|
2015-04-23 18:53:31 +00:00
|
|
|
"net/http"
|
2016-03-11 05:41:25 +00:00
|
|
|
"strconv"
|
2016-02-22 20:40:03 +00:00
|
|
|
"time"
|
2015-04-23 18:53:31 +00:00
|
|
|
|
2021-07-16 00:17:31 +00:00
|
|
|
"github.com/hashicorp/go-secure-stdlib/parseutil"
|
2019-04-12 21:54:35 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/helper/consts"
|
2019-04-13 07:44:06 +00:00
|
|
|
"github.com/hashicorp/vault/vault"
|
2022-12-07 18:29:51 +00:00
|
|
|
"github.com/hashicorp/vault/version"
|
2015-04-23 18:53:31 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func handleSysHealth(core *vault.Core) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
switch r.Method {
|
|
|
|
case "GET":
|
|
|
|
handleSysHealthGet(core, w, r)
|
2016-06-09 15:34:25 +00:00
|
|
|
case "HEAD":
|
|
|
|
handleSysHealthHead(core, w, r)
|
2015-04-23 18:53:31 +00:00
|
|
|
default:
|
|
|
|
respondError(w, http.StatusMethodNotAllowed, nil)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2016-03-11 14:52:31 +00:00
|
|
|
func fetchStatusCode(r *http.Request, field string) (int, bool, bool) {
|
|
|
|
var err error
|
|
|
|
statusCode := http.StatusOK
|
|
|
|
if statusCodeStr, statusCodeOk := r.URL.Query()[field]; statusCodeOk {
|
|
|
|
statusCode, err = strconv.Atoi(statusCodeStr[0])
|
|
|
|
if err != nil || len(statusCodeStr) < 1 {
|
|
|
|
return http.StatusBadRequest, false, false
|
|
|
|
}
|
|
|
|
return statusCode, true, true
|
|
|
|
}
|
|
|
|
return statusCode, false, true
|
|
|
|
}
|
|
|
|
|
2015-04-23 18:53:31 +00:00
|
|
|
func handleSysHealthGet(core *vault.Core, w http.ResponseWriter, r *http.Request) {
|
2016-06-09 15:34:25 +00:00
|
|
|
code, body, err := getSysHealth(core, r)
|
|
|
|
if err != nil {
|
2018-01-20 00:59:58 +00:00
|
|
|
core.Logger().Error("error checking health", "error", err)
|
2019-10-28 23:55:20 +00:00
|
|
|
respondError(w, code, nil)
|
2016-06-09 15:34:25 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if body == nil {
|
|
|
|
respondError(w, code, nil)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-11-02 12:31:50 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2016-06-09 15:34:25 +00:00
|
|
|
w.WriteHeader(code)
|
|
|
|
|
|
|
|
// Generate the response
|
|
|
|
enc := json.NewEncoder(w)
|
|
|
|
enc.Encode(body)
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleSysHealthHead(core *vault.Core, w http.ResponseWriter, r *http.Request) {
|
2019-10-29 00:40:44 +00:00
|
|
|
code, body, _ := getSysHealth(core, r)
|
2016-06-09 15:34:25 +00:00
|
|
|
|
|
|
|
if body != nil {
|
2017-11-02 12:31:50 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2016-06-09 15:34:25 +00:00
|
|
|
}
|
|
|
|
w.WriteHeader(code)
|
|
|
|
}
|
2016-03-11 05:41:25 +00:00
|
|
|
|
2016-06-09 15:34:25 +00:00
|
|
|
func getSysHealth(core *vault.Core, r *http.Request) (int, *HealthResponse, error) {
|
2019-10-28 23:55:20 +00:00
|
|
|
var err error
|
|
|
|
|
2015-07-03 00:49:35 +00:00
|
|
|
// Check if being a standby is allowed for the purpose of a 200 OK
|
2019-10-28 23:55:20 +00:00
|
|
|
standbyOKStr, standbyOK := r.URL.Query()["standbyok"]
|
|
|
|
if standbyOK {
|
|
|
|
standbyOK, err = parseutil.ParseBool(standbyOKStr[0])
|
|
|
|
if err != nil {
|
2021-04-26 17:33:48 +00:00
|
|
|
return http.StatusBadRequest, nil, fmt.Errorf("bad value for standbyok parameter: %w", err)
|
2019-10-28 23:55:20 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
perfStandbyOKStr, perfStandbyOK := r.URL.Query()["perfstandbyok"]
|
|
|
|
if perfStandbyOK {
|
|
|
|
perfStandbyOK, err = parseutil.ParseBool(perfStandbyOKStr[0])
|
|
|
|
if err != nil {
|
2021-04-26 17:33:48 +00:00
|
|
|
return http.StatusBadRequest, nil, fmt.Errorf("bad value for perfstandbyok parameter: %w", err)
|
2019-10-28 23:55:20 +00:00
|
|
|
}
|
|
|
|
}
|
2015-07-03 00:49:35 +00:00
|
|
|
|
2016-08-18 16:10:23 +00:00
|
|
|
uninitCode := http.StatusNotImplemented
|
|
|
|
if code, found, ok := fetchStatusCode(r, "uninitcode"); !ok {
|
|
|
|
return http.StatusBadRequest, nil, nil
|
|
|
|
} else if found {
|
|
|
|
uninitCode = code
|
|
|
|
}
|
|
|
|
|
|
|
|
sealedCode := http.StatusServiceUnavailable
|
2016-03-11 14:52:31 +00:00
|
|
|
if code, found, ok := fetchStatusCode(r, "sealedcode"); !ok {
|
2016-06-09 15:34:25 +00:00
|
|
|
return http.StatusBadRequest, nil, nil
|
2016-03-11 14:52:31 +00:00
|
|
|
} else if found {
|
|
|
|
sealedCode = code
|
2016-03-11 05:41:25 +00:00
|
|
|
}
|
|
|
|
|
2016-03-11 14:52:31 +00:00
|
|
|
standbyCode := http.StatusTooManyRequests // Consul warning code
|
|
|
|
if code, found, ok := fetchStatusCode(r, "standbycode"); !ok {
|
2016-06-09 15:34:25 +00:00
|
|
|
return http.StatusBadRequest, nil, nil
|
2016-03-11 14:52:31 +00:00
|
|
|
} else if found {
|
|
|
|
standbyCode = code
|
|
|
|
}
|
2016-03-11 05:41:25 +00:00
|
|
|
|
2016-03-11 14:52:31 +00:00
|
|
|
activeCode := http.StatusOK
|
|
|
|
if code, found, ok := fetchStatusCode(r, "activecode"); !ok {
|
2016-06-09 15:34:25 +00:00
|
|
|
return http.StatusBadRequest, nil, nil
|
2016-03-11 14:52:31 +00:00
|
|
|
} else if found {
|
|
|
|
activeCode = code
|
2016-03-11 05:41:25 +00:00
|
|
|
}
|
|
|
|
|
2018-01-03 20:07:13 +00:00
|
|
|
drSecondaryCode := 472 // unofficial 4xx status code
|
|
|
|
if code, found, ok := fetchStatusCode(r, "drsecondarycode"); !ok {
|
|
|
|
return http.StatusBadRequest, nil, nil
|
|
|
|
} else if found {
|
|
|
|
drSecondaryCode = code
|
|
|
|
}
|
|
|
|
|
2018-08-27 22:13:41 +00:00
|
|
|
perfStandbyCode := 473 // unofficial 4xx status code
|
|
|
|
if code, found, ok := fetchStatusCode(r, "performancestandbycode"); !ok {
|
|
|
|
return http.StatusBadRequest, nil, nil
|
|
|
|
} else if found {
|
|
|
|
perfStandbyCode = code
|
|
|
|
}
|
|
|
|
|
2018-01-19 06:44:44 +00:00
|
|
|
ctx := context.Background()
|
|
|
|
|
2015-04-23 18:53:31 +00:00
|
|
|
// Check system status
|
2018-07-24 20:57:25 +00:00
|
|
|
sealed := core.Sealed()
|
2020-10-26 22:14:01 +00:00
|
|
|
standby, perfStandby := core.StandbyStates()
|
2018-01-20 00:24:04 +00:00
|
|
|
var replicationState consts.ReplicationState
|
|
|
|
if standby {
|
|
|
|
replicationState = core.ActiveNodeReplicationState()
|
|
|
|
} else {
|
|
|
|
replicationState = core.ReplicationState()
|
|
|
|
}
|
|
|
|
|
2018-01-19 06:44:44 +00:00
|
|
|
init, err := core.Initialized(ctx)
|
2015-04-23 18:53:31 +00:00
|
|
|
if err != nil {
|
2016-06-09 15:34:25 +00:00
|
|
|
return http.StatusInternalServerError, nil, err
|
2015-04-23 18:53:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Determine the status code
|
2016-03-11 05:41:25 +00:00
|
|
|
code := activeCode
|
2015-04-23 18:53:31 +00:00
|
|
|
switch {
|
|
|
|
case !init:
|
2016-08-18 16:10:23 +00:00
|
|
|
code = uninitCode
|
2015-04-23 18:53:31 +00:00
|
|
|
case sealed:
|
2016-03-11 05:41:25 +00:00
|
|
|
code = sealedCode
|
2018-01-18 03:17:47 +00:00
|
|
|
case replicationState.HasState(consts.ReplicationDRSecondary):
|
2018-01-03 20:07:13 +00:00
|
|
|
code = drSecondaryCode
|
2019-08-05 20:44:41 +00:00
|
|
|
case perfStandby:
|
|
|
|
if !perfStandbyOK {
|
|
|
|
code = perfStandbyCode
|
|
|
|
}
|
|
|
|
case standby:
|
|
|
|
if !standbyOK {
|
|
|
|
code = standbyCode
|
|
|
|
}
|
2015-04-23 18:53:31 +00:00
|
|
|
}
|
|
|
|
|
2016-07-26 06:25:33 +00:00
|
|
|
// Fetch the local cluster name and identifier
|
2016-07-26 14:01:35 +00:00
|
|
|
var clusterName, clusterID string
|
2016-07-26 18:05:27 +00:00
|
|
|
if !sealed {
|
2018-01-19 06:44:44 +00:00
|
|
|
cluster, err := core.Cluster(ctx)
|
2016-07-26 18:05:27 +00:00
|
|
|
if err != nil {
|
|
|
|
return http.StatusInternalServerError, nil, err
|
|
|
|
}
|
2016-08-10 19:22:12 +00:00
|
|
|
if cluster == nil {
|
|
|
|
return http.StatusInternalServerError, nil, fmt.Errorf("failed to fetch cluster details")
|
|
|
|
}
|
2016-07-26 19:30:38 +00:00
|
|
|
clusterName = cluster.Name
|
|
|
|
clusterID = cluster.ID
|
2016-07-26 06:25:33 +00:00
|
|
|
}
|
|
|
|
|
2015-04-23 18:53:31 +00:00
|
|
|
// Format the body
|
|
|
|
body := &HealthResponse{
|
2018-01-23 02:44:38 +00:00
|
|
|
Initialized: init,
|
|
|
|
Sealed: sealed,
|
|
|
|
Standby: standby,
|
2018-08-27 22:13:41 +00:00
|
|
|
PerformanceStandby: perfStandby,
|
2018-01-23 02:44:38 +00:00
|
|
|
ReplicationPerformanceMode: replicationState.GetPerformanceString(),
|
|
|
|
ReplicationDRMode: replicationState.GetDRString(),
|
|
|
|
ServerTimeUTC: time.Now().UTC().Unix(),
|
|
|
|
Version: version.GetVersion().VersionNumber(),
|
|
|
|
ClusterName: clusterName,
|
|
|
|
ClusterID: clusterID,
|
2015-04-23 18:53:31 +00:00
|
|
|
}
|
2018-10-16 13:38:44 +00:00
|
|
|
|
2021-05-20 17:32:15 +00:00
|
|
|
licenseState, err := vault.LicenseSummary(core)
|
|
|
|
if err != nil {
|
|
|
|
return http.StatusInternalServerError, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if licenseState != nil {
|
|
|
|
body.License = &HealthResponseLicense{
|
|
|
|
State: licenseState.State,
|
|
|
|
Terminated: licenseState.Terminated,
|
|
|
|
}
|
|
|
|
if !licenseState.ExpiryTime.IsZero() {
|
|
|
|
body.License.ExpiryTime = licenseState.ExpiryTime.Format(time.RFC3339)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-10-16 13:38:44 +00:00
|
|
|
if init && !sealed && !standby {
|
|
|
|
body.LastWAL = vault.LastWAL(core)
|
|
|
|
}
|
|
|
|
|
2016-06-09 15:34:25 +00:00
|
|
|
return code, body, nil
|
2015-04-23 18:53:31 +00:00
|
|
|
}
|
|
|
|
|
2021-05-20 17:32:15 +00:00
|
|
|
type HealthResponseLicense struct {
|
|
|
|
State string `json:"state"`
|
|
|
|
ExpiryTime string `json:"expiry_time"`
|
|
|
|
Terminated bool `json:"terminated"`
|
|
|
|
}
|
|
|
|
|
2015-04-23 18:53:31 +00:00
|
|
|
type HealthResponse struct {
|
2021-05-20 17:32:15 +00:00
|
|
|
Initialized bool `json:"initialized"`
|
|
|
|
Sealed bool `json:"sealed"`
|
|
|
|
Standby bool `json:"standby"`
|
|
|
|
PerformanceStandby bool `json:"performance_standby"`
|
|
|
|
ReplicationPerformanceMode string `json:"replication_performance_mode"`
|
|
|
|
ReplicationDRMode string `json:"replication_dr_mode"`
|
|
|
|
ServerTimeUTC int64 `json:"server_time_utc"`
|
|
|
|
Version string `json:"version"`
|
|
|
|
ClusterName string `json:"cluster_name,omitempty"`
|
|
|
|
ClusterID string `json:"cluster_id,omitempty"`
|
|
|
|
LastWAL uint64 `json:"last_wal,omitempty"`
|
|
|
|
License *HealthResponseLicense `json:"license,omitempty"`
|
2015-04-23 18:53:31 +00:00
|
|
|
}
|