vault: start/stop rollback manager post/pre seal

vault/core.go

@@ -122,6 +122,9 @@ type Core struct {
 	// renewal, expiration and revocation
 	expiration *ExpirationManager
 
+	// rollback manager is used to run rollbacks periodically
+	rollback *RollbackManager
+
 	logger *log.Logger
 }
 
@@ -464,12 +467,18 @@ func (c *Core) postUnseal() error {
 	if err := c.setupExpiration(); err != nil {
 		return err
 	}
+	if err := c.startRollback(); err != nil {
+		return err
+	}
 	return nil
 }
 
 // preSeal is invoked before the barrier is sealed, allowing
 // for any state teardown required.
 func (c *Core) preSeal() error {
+	if err := c.stopRollback(); err != nil {
+		return err
+	}
 	if err := c.stopExpiration(); err != nil {
 		return err
 	}

vault/rollback.go

@@ -39,6 +39,8 @@ func (m *RollbackManager) Start() {
 		return
 	}
 
+	m.Logger.Printf("[INFO] rollback: starting rollback manager")
+
 	var mounts map[string]*uint32
 	tick := time.NewTicker(m.Period)
 	defer tick.Stop()
@@ -48,6 +50,7 @@ func (m *RollbackManager) Start() {
 
 		// If we're quitting, then stop
 		if atomic.LoadUint32(&m.running) != 1 {
+			m.Logger.Printf("[INFO] rollback: stopping rollback manager")
 			return
 		}
 
@@ -101,3 +104,32 @@ func (m *RollbackManager) rollback(path string, state *uint32) {
 			path, err)
 	}
 }
+
+// The methods below are the hooks from core that are called pre/post seal.
+
+func (c *Core) startRollback() error {
+	// Ensure if we had a rollback it was stopped. This should never
+	// be the case but it doesn't hurt to check.
+	if c.rollback != nil {
+		c.rollback.Stop()
+	}
+
+	c.rollback = &RollbackManager{
+		Logger: c.logger,
+		Router: c.router,
+		Mounts: c.mounts,
+		Period: 1 * time.Minute,
+	}
+	go c.rollback.Start()
+
+	return nil
+}
+
+func (c *Core) stopRollback() error {
+	if c.rollback != nil {
+		c.rollback.Stop()
+		c.rollback = nil
+	}
+
+	return nil
+}