open-vault/http/sys_health.go

243 lines
6.7 KiB
Go
Raw Normal View History

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
2015-04-23 18:53:31 +00:00
package http
import (
"context"
2015-04-23 18:53:31 +00:00
"encoding/json"
2016-08-10 19:22:12 +00:00
"fmt"
2015-04-23 18:53:31 +00:00
"net/http"
"strconv"
"time"
2015-04-23 18:53:31 +00:00
"github.com/hashicorp/go-secure-stdlib/parseutil"
"github.com/hashicorp/vault/sdk/helper/consts"
"github.com/hashicorp/vault/vault"
"github.com/hashicorp/vault/version"
2015-04-23 18:53:31 +00:00
)
func handleSysHealth(core *vault.Core) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "GET":
handleSysHealthGet(core, w, r)
case "HEAD":
handleSysHealthHead(core, w, r)
2015-04-23 18:53:31 +00:00
default:
respondError(w, http.StatusMethodNotAllowed, nil)
}
})
}
func fetchStatusCode(r *http.Request, field string) (int, bool, bool) {
var err error
statusCode := http.StatusOK
if statusCodeStr, statusCodeOk := r.URL.Query()[field]; statusCodeOk {
statusCode, err = strconv.Atoi(statusCodeStr[0])
if err != nil || len(statusCodeStr) < 1 {
return http.StatusBadRequest, false, false
}
return statusCode, true, true
}
return statusCode, false, true
}
2015-04-23 18:53:31 +00:00
func handleSysHealthGet(core *vault.Core, w http.ResponseWriter, r *http.Request) {
code, body, err := getSysHealth(core, r)
if err != nil {
2018-01-20 00:59:58 +00:00
core.Logger().Error("error checking health", "error", err)
respondError(w, code, nil)
return
}
if body == nil {
respondError(w, code, nil)
return
}
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(code)
// Generate the response
enc := json.NewEncoder(w)
enc.Encode(body)
}
func handleSysHealthHead(core *vault.Core, w http.ResponseWriter, r *http.Request) {
2019-10-29 00:40:44 +00:00
code, body, _ := getSysHealth(core, r)
if body != nil {
w.Header().Set("Content-Type", "application/json")
}
w.WriteHeader(code)
}
func getSysHealth(core *vault.Core, r *http.Request) (int, *HealthResponse, error) {
var err error
// Check if being a standby is allowed for the purpose of a 200 OK
standbyOKStr, standbyOK := r.URL.Query()["standbyok"]
if standbyOK {
standbyOK, err = parseutil.ParseBool(standbyOKStr[0])
if err != nil {
return http.StatusBadRequest, nil, fmt.Errorf("bad value for standbyok parameter: %w", err)
}
}
perfStandbyOKStr, perfStandbyOK := r.URL.Query()["perfstandbyok"]
if perfStandbyOK {
perfStandbyOK, err = parseutil.ParseBool(perfStandbyOKStr[0])
if err != nil {
return http.StatusBadRequest, nil, fmt.Errorf("bad value for perfstandbyok parameter: %w", err)
}
}
uninitCode := http.StatusNotImplemented
if code, found, ok := fetchStatusCode(r, "uninitcode"); !ok {
return http.StatusBadRequest, nil, nil
} else if found {
uninitCode = code
}
sealedCode := http.StatusServiceUnavailable
if code, found, ok := fetchStatusCode(r, "sealedcode"); !ok {
return http.StatusBadRequest, nil, nil
} else if found {
sealedCode = code
}
standbyCode := http.StatusTooManyRequests // Consul warning code
if code, found, ok := fetchStatusCode(r, "standbycode"); !ok {
return http.StatusBadRequest, nil, nil
} else if found {
standbyCode = code
}
activeCode := http.StatusOK
if code, found, ok := fetchStatusCode(r, "activecode"); !ok {
return http.StatusBadRequest, nil, nil
} else if found {
activeCode = code
}
drSecondaryCode := 472 // unofficial 4xx status code
if code, found, ok := fetchStatusCode(r, "drsecondarycode"); !ok {
return http.StatusBadRequest, nil, nil
} else if found {
drSecondaryCode = code
}
2018-08-27 22:13:41 +00:00
perfStandbyCode := 473 // unofficial 4xx status code
if code, found, ok := fetchStatusCode(r, "performancestandbycode"); !ok {
return http.StatusBadRequest, nil, nil
} else if found {
perfStandbyCode = code
}
ctx := context.Background()
2015-04-23 18:53:31 +00:00
// Check system status
sealed := core.Sealed()
2020-10-26 22:14:01 +00:00
standby, perfStandby := core.StandbyStates()
var replicationState consts.ReplicationState
if standby {
replicationState = core.ActiveNodeReplicationState()
} else {
replicationState = core.ReplicationState()
}
init, err := core.Initialized(ctx)
2015-04-23 18:53:31 +00:00
if err != nil {
return http.StatusInternalServerError, nil, err
2015-04-23 18:53:31 +00:00
}
// Determine the status code
code := activeCode
2015-04-23 18:53:31 +00:00
switch {
case !init:
code = uninitCode
2015-04-23 18:53:31 +00:00
case sealed:
code = sealedCode
case replicationState.HasState(consts.ReplicationDRSecondary):
code = drSecondaryCode
case perfStandby:
if !perfStandbyOK {
code = perfStandbyCode
}
case standby:
if !standbyOK {
code = standbyCode
}
2015-04-23 18:53:31 +00:00
}
// Fetch the local cluster name and identifier
var clusterName, clusterID string
2016-07-26 18:05:27 +00:00
if !sealed {
cluster, err := core.Cluster(ctx)
2016-07-26 18:05:27 +00:00
if err != nil {
return http.StatusInternalServerError, nil, err
}
2016-08-10 19:22:12 +00:00
if cluster == nil {
return http.StatusInternalServerError, nil, fmt.Errorf("failed to fetch cluster details")
}
clusterName = cluster.Name
clusterID = cluster.ID
}
2015-04-23 18:53:31 +00:00
// Format the body
body := &HealthResponse{
2018-01-23 02:44:38 +00:00
Initialized: init,
Sealed: sealed,
Standby: standby,
2018-08-27 22:13:41 +00:00
PerformanceStandby: perfStandby,
2018-01-23 02:44:38 +00:00
ReplicationPerformanceMode: replicationState.GetPerformanceString(),
ReplicationDRMode: replicationState.GetDRString(),
ServerTimeUTC: time.Now().UTC().Unix(),
Version: version.GetVersion().VersionNumber(),
ClusterName: clusterName,
ClusterID: clusterID,
2015-04-23 18:53:31 +00:00
}
licenseState, err := vault.LicenseSummary(core)
if err != nil {
return http.StatusInternalServerError, nil, err
}
if licenseState != nil {
body.License = &HealthResponseLicense{
State: licenseState.State,
Terminated: licenseState.Terminated,
}
if !licenseState.ExpiryTime.IsZero() {
body.License.ExpiryTime = licenseState.ExpiryTime.Format(time.RFC3339)
}
}
if init && !sealed && !standby {
body.LastWAL = vault.LastWAL(core)
}
return code, body, nil
2015-04-23 18:53:31 +00:00
}
type HealthResponseLicense struct {
State string `json:"state"`
ExpiryTime string `json:"expiry_time"`
Terminated bool `json:"terminated"`
}
2015-04-23 18:53:31 +00:00
type HealthResponse struct {
Initialized bool `json:"initialized"`
Sealed bool `json:"sealed"`
Standby bool `json:"standby"`
PerformanceStandby bool `json:"performance_standby"`
ReplicationPerformanceMode string `json:"replication_performance_mode"`
ReplicationDRMode string `json:"replication_dr_mode"`
ServerTimeUTC int64 `json:"server_time_utc"`
Version string `json:"version"`
ClusterName string `json:"cluster_name,omitempty"`
ClusterID string `json:"cluster_id,omitempty"`
LastWAL uint64 `json:"last_wal,omitempty"`
License *HealthResponseLicense `json:"license,omitempty"`
2015-04-23 18:53:31 +00:00
}