mirror of
https://github.com/status-im/consul.git
synced 2025-01-10 13:55:55 +00:00
agent: rename vars in newConsulConfig
'base' is a bit misleading, since it is the return value. Renamed to cfg.
This commit is contained in:
Daniel Nephin
parent
7b5b170a0d
commit
399c77dfb6
317
agent/agent.go
317
agent/agent.go
@ -1269,253 +1269,252 @@ func (a *Agent) reloadWatches(cfg *config.RuntimeConfig) error {
|
|||||||
|
|
||||||
// newConsulConfig translates a RuntimeConfig into a consul.Config.
|
// newConsulConfig translates a RuntimeConfig into a consul.Config.
|
||||||
// TODO: move this function to a different file, maybe config.go
|
// TODO: move this function to a different file, maybe config.go
|
||||||
func newConsulConfig(config *config.RuntimeConfig, logger hclog.Logger) (*consul.Config, error) {
|
func newConsulConfig(runtimeCfg *config.RuntimeConfig, logger hclog.Logger) (*consul.Config, error) {
|
||||||
// Start with the provided config or default config
|
cfg := consul.DefaultConfig()
|
||||||
base := consul.DefaultConfig()
|
|
||||||
|
|
||||||
// This is set when the agent starts up
|
// This is set when the agent starts up
|
||||||
base.NodeID = config.NodeID
|
cfg.NodeID = runtimeCfg.NodeID
|
||||||
|
|
||||||
// Apply dev mode
|
// Apply dev mode
|
||||||
base.DevMode = config.DevMode
|
cfg.DevMode = runtimeCfg.DevMode
|
||||||
|
|
||||||
// Override with our config
|
// Override with our runtimeCfg
|
||||||
// todo(fs): these are now always set in the runtime config so we can simplify this
|
// todo(fs): these are now always set in the runtime runtimeCfg so we can simplify this
|
||||||
// todo(fs): or is there a reason to keep it like that?
|
// todo(fs): or is there a reason to keep it like that?
|
||||||
base.Datacenter = config.Datacenter
|
cfg.Datacenter = runtimeCfg.Datacenter
|
||||||
base.PrimaryDatacenter = config.PrimaryDatacenter
|
cfg.PrimaryDatacenter = runtimeCfg.PrimaryDatacenter
|
||||||
base.DataDir = config.DataDir
|
cfg.DataDir = runtimeCfg.DataDir
|
||||||
base.NodeName = config.NodeName
|
cfg.NodeName = runtimeCfg.NodeName
|
||||||
|
|
||||||
base.CoordinateUpdateBatchSize = config.ConsulCoordinateUpdateBatchSize
|
cfg.CoordinateUpdateBatchSize = runtimeCfg.ConsulCoordinateUpdateBatchSize
|
||||||
base.CoordinateUpdateMaxBatches = config.ConsulCoordinateUpdateMaxBatches
|
cfg.CoordinateUpdateMaxBatches = runtimeCfg.ConsulCoordinateUpdateMaxBatches
|
||||||
base.CoordinateUpdatePeriod = config.ConsulCoordinateUpdatePeriod
|
cfg.CoordinateUpdatePeriod = runtimeCfg.ConsulCoordinateUpdatePeriod
|
||||||
base.CheckOutputMaxSize = config.CheckOutputMaxSize
|
cfg.CheckOutputMaxSize = runtimeCfg.CheckOutputMaxSize
|
||||||
|
|
||||||
base.RaftConfig.HeartbeatTimeout = config.ConsulRaftHeartbeatTimeout
|
cfg.RaftConfig.HeartbeatTimeout = runtimeCfg.ConsulRaftHeartbeatTimeout
|
||||||
base.RaftConfig.LeaderLeaseTimeout = config.ConsulRaftLeaderLeaseTimeout
|
cfg.RaftConfig.LeaderLeaseTimeout = runtimeCfg.ConsulRaftLeaderLeaseTimeout
|
||||||
base.RaftConfig.ElectionTimeout = config.ConsulRaftElectionTimeout
|
cfg.RaftConfig.ElectionTimeout = runtimeCfg.ConsulRaftElectionTimeout
|
||||||
|
|
||||||
base.SerfLANConfig.MemberlistConfig.BindAddr = config.SerfBindAddrLAN.IP.String()
|
cfg.SerfLANConfig.MemberlistConfig.BindAddr = runtimeCfg.SerfBindAddrLAN.IP.String()
|
||||||
base.SerfLANConfig.MemberlistConfig.BindPort = config.SerfBindAddrLAN.Port
|
cfg.SerfLANConfig.MemberlistConfig.BindPort = runtimeCfg.SerfBindAddrLAN.Port
|
||||||
base.SerfLANConfig.MemberlistConfig.CIDRsAllowed = config.SerfAllowedCIDRsLAN
|
cfg.SerfLANConfig.MemberlistConfig.CIDRsAllowed = runtimeCfg.SerfAllowedCIDRsLAN
|
||||||
base.SerfWANConfig.MemberlistConfig.CIDRsAllowed = config.SerfAllowedCIDRsWAN
|
cfg.SerfWANConfig.MemberlistConfig.CIDRsAllowed = runtimeCfg.SerfAllowedCIDRsWAN
|
||||||
base.SerfLANConfig.MemberlistConfig.AdvertiseAddr = config.SerfAdvertiseAddrLAN.IP.String()
|
cfg.SerfLANConfig.MemberlistConfig.AdvertiseAddr = runtimeCfg.SerfAdvertiseAddrLAN.IP.String()
|
||||||
base.SerfLANConfig.MemberlistConfig.AdvertisePort = config.SerfAdvertiseAddrLAN.Port
|
cfg.SerfLANConfig.MemberlistConfig.AdvertisePort = runtimeCfg.SerfAdvertiseAddrLAN.Port
|
||||||
base.SerfLANConfig.MemberlistConfig.GossipVerifyIncoming = config.EncryptVerifyIncoming
|
cfg.SerfLANConfig.MemberlistConfig.GossipVerifyIncoming = runtimeCfg.EncryptVerifyIncoming
|
||||||
base.SerfLANConfig.MemberlistConfig.GossipVerifyOutgoing = config.EncryptVerifyOutgoing
|
cfg.SerfLANConfig.MemberlistConfig.GossipVerifyOutgoing = runtimeCfg.EncryptVerifyOutgoing
|
||||||
base.SerfLANConfig.MemberlistConfig.GossipInterval = config.GossipLANGossipInterval
|
cfg.SerfLANConfig.MemberlistConfig.GossipInterval = runtimeCfg.GossipLANGossipInterval
|
||||||
base.SerfLANConfig.MemberlistConfig.GossipNodes = config.GossipLANGossipNodes
|
cfg.SerfLANConfig.MemberlistConfig.GossipNodes = runtimeCfg.GossipLANGossipNodes
|
||||||
base.SerfLANConfig.MemberlistConfig.ProbeInterval = config.GossipLANProbeInterval
|
cfg.SerfLANConfig.MemberlistConfig.ProbeInterval = runtimeCfg.GossipLANProbeInterval
|
||||||
base.SerfLANConfig.MemberlistConfig.ProbeTimeout = config.GossipLANProbeTimeout
|
cfg.SerfLANConfig.MemberlistConfig.ProbeTimeout = runtimeCfg.GossipLANProbeTimeout
|
||||||
base.SerfLANConfig.MemberlistConfig.SuspicionMult = config.GossipLANSuspicionMult
|
cfg.SerfLANConfig.MemberlistConfig.SuspicionMult = runtimeCfg.GossipLANSuspicionMult
|
||||||
base.SerfLANConfig.MemberlistConfig.RetransmitMult = config.GossipLANRetransmitMult
|
cfg.SerfLANConfig.MemberlistConfig.RetransmitMult = runtimeCfg.GossipLANRetransmitMult
|
||||||
if config.ReconnectTimeoutLAN != 0 {
|
if runtimeCfg.ReconnectTimeoutLAN != 0 {
|
||||||
base.SerfLANConfig.ReconnectTimeout = config.ReconnectTimeoutLAN
|
cfg.SerfLANConfig.ReconnectTimeout = runtimeCfg.ReconnectTimeoutLAN
|
||||||
}
|
}
|
||||||
|
|
||||||
if config.SerfBindAddrWAN != nil {
|
if runtimeCfg.SerfBindAddrWAN != nil {
|
||||||
base.SerfWANConfig.MemberlistConfig.BindAddr = config.SerfBindAddrWAN.IP.String()
|
cfg.SerfWANConfig.MemberlistConfig.BindAddr = runtimeCfg.SerfBindAddrWAN.IP.String()
|
||||||
base.SerfWANConfig.MemberlistConfig.BindPort = config.SerfBindAddrWAN.Port
|
cfg.SerfWANConfig.MemberlistConfig.BindPort = runtimeCfg.SerfBindAddrWAN.Port
|
||||||
base.SerfWANConfig.MemberlistConfig.AdvertiseAddr = config.SerfAdvertiseAddrWAN.IP.String()
|
cfg.SerfWANConfig.MemberlistConfig.AdvertiseAddr = runtimeCfg.SerfAdvertiseAddrWAN.IP.String()
|
||||||
base.SerfWANConfig.MemberlistConfig.AdvertisePort = config.SerfAdvertiseAddrWAN.Port
|
cfg.SerfWANConfig.MemberlistConfig.AdvertisePort = runtimeCfg.SerfAdvertiseAddrWAN.Port
|
||||||
base.SerfWANConfig.MemberlistConfig.GossipVerifyIncoming = config.EncryptVerifyIncoming
|
cfg.SerfWANConfig.MemberlistConfig.GossipVerifyIncoming = runtimeCfg.EncryptVerifyIncoming
|
||||||
base.SerfWANConfig.MemberlistConfig.GossipVerifyOutgoing = config.EncryptVerifyOutgoing
|
cfg.SerfWANConfig.MemberlistConfig.GossipVerifyOutgoing = runtimeCfg.EncryptVerifyOutgoing
|
||||||
base.SerfWANConfig.MemberlistConfig.GossipInterval = config.GossipWANGossipInterval
|
cfg.SerfWANConfig.MemberlistConfig.GossipInterval = runtimeCfg.GossipWANGossipInterval
|
||||||
base.SerfWANConfig.MemberlistConfig.GossipNodes = config.GossipWANGossipNodes
|
cfg.SerfWANConfig.MemberlistConfig.GossipNodes = runtimeCfg.GossipWANGossipNodes
|
||||||
base.SerfWANConfig.MemberlistConfig.ProbeInterval = config.GossipWANProbeInterval
|
cfg.SerfWANConfig.MemberlistConfig.ProbeInterval = runtimeCfg.GossipWANProbeInterval
|
||||||
base.SerfWANConfig.MemberlistConfig.ProbeTimeout = config.GossipWANProbeTimeout
|
cfg.SerfWANConfig.MemberlistConfig.ProbeTimeout = runtimeCfg.GossipWANProbeTimeout
|
||||||
base.SerfWANConfig.MemberlistConfig.SuspicionMult = config.GossipWANSuspicionMult
|
cfg.SerfWANConfig.MemberlistConfig.SuspicionMult = runtimeCfg.GossipWANSuspicionMult
|
||||||
base.SerfWANConfig.MemberlistConfig.RetransmitMult = config.GossipWANRetransmitMult
|
cfg.SerfWANConfig.MemberlistConfig.RetransmitMult = runtimeCfg.GossipWANRetransmitMult
|
||||||
if config.ReconnectTimeoutWAN != 0 {
|
if runtimeCfg.ReconnectTimeoutWAN != 0 {
|
||||||
base.SerfWANConfig.ReconnectTimeout = config.ReconnectTimeoutWAN
|
cfg.SerfWANConfig.ReconnectTimeout = runtimeCfg.ReconnectTimeoutWAN
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// Disable serf WAN federation
|
// Disable serf WAN federation
|
||||||
base.SerfWANConfig = nil
|
cfg.SerfWANConfig = nil
|
||||||
}
|
}
|
||||||
|
|
||||||
base.RPCAddr = config.RPCBindAddr
|
cfg.RPCAddr = runtimeCfg.RPCBindAddr
|
||||||
base.RPCAdvertise = config.RPCAdvertiseAddr
|
cfg.RPCAdvertise = runtimeCfg.RPCAdvertiseAddr
|
||||||
|
|
||||||
base.Segment = config.SegmentName
|
cfg.Segment = runtimeCfg.SegmentName
|
||||||
if len(config.Segments) > 0 {
|
if len(runtimeCfg.Segments) > 0 {
|
||||||
segments, err := segmentConfig(config)
|
segments, err := segmentConfig(runtimeCfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
base.Segments = segments
|
cfg.Segments = segments
|
||||||
}
|
}
|
||||||
if config.Bootstrap {
|
if runtimeCfg.Bootstrap {
|
||||||
base.Bootstrap = true
|
cfg.Bootstrap = true
|
||||||
}
|
}
|
||||||
if config.CheckOutputMaxSize > 0 {
|
if runtimeCfg.CheckOutputMaxSize > 0 {
|
||||||
base.CheckOutputMaxSize = config.CheckOutputMaxSize
|
cfg.CheckOutputMaxSize = runtimeCfg.CheckOutputMaxSize
|
||||||
}
|
}
|
||||||
if config.RejoinAfterLeave {
|
if runtimeCfg.RejoinAfterLeave {
|
||||||
base.RejoinAfterLeave = true
|
cfg.RejoinAfterLeave = true
|
||||||
}
|
}
|
||||||
if config.BootstrapExpect != 0 {
|
if runtimeCfg.BootstrapExpect != 0 {
|
||||||
base.BootstrapExpect = config.BootstrapExpect
|
cfg.BootstrapExpect = runtimeCfg.BootstrapExpect
|
||||||
}
|
}
|
||||||
if config.RPCProtocol > 0 {
|
if runtimeCfg.RPCProtocol > 0 {
|
||||||
base.ProtocolVersion = uint8(config.RPCProtocol)
|
cfg.ProtocolVersion = uint8(runtimeCfg.RPCProtocol)
|
||||||
}
|
}
|
||||||
if config.RaftProtocol != 0 {
|
if runtimeCfg.RaftProtocol != 0 {
|
||||||
base.RaftConfig.ProtocolVersion = raft.ProtocolVersion(config.RaftProtocol)
|
cfg.RaftConfig.ProtocolVersion = raft.ProtocolVersion(runtimeCfg.RaftProtocol)
|
||||||
}
|
}
|
||||||
if config.RaftSnapshotThreshold != 0 {
|
if runtimeCfg.RaftSnapshotThreshold != 0 {
|
||||||
base.RaftConfig.SnapshotThreshold = uint64(config.RaftSnapshotThreshold)
|
cfg.RaftConfig.SnapshotThreshold = uint64(runtimeCfg.RaftSnapshotThreshold)
|
||||||
}
|
}
|
||||||
if config.RaftSnapshotInterval != 0 {
|
if runtimeCfg.RaftSnapshotInterval != 0 {
|
||||||
base.RaftConfig.SnapshotInterval = config.RaftSnapshotInterval
|
cfg.RaftConfig.SnapshotInterval = runtimeCfg.RaftSnapshotInterval
|
||||||
}
|
}
|
||||||
if config.RaftTrailingLogs != 0 {
|
if runtimeCfg.RaftTrailingLogs != 0 {
|
||||||
base.RaftConfig.TrailingLogs = uint64(config.RaftTrailingLogs)
|
cfg.RaftConfig.TrailingLogs = uint64(runtimeCfg.RaftTrailingLogs)
|
||||||
}
|
}
|
||||||
if config.ACLMasterToken != "" {
|
if runtimeCfg.ACLMasterToken != "" {
|
||||||
base.ACLMasterToken = config.ACLMasterToken
|
cfg.ACLMasterToken = runtimeCfg.ACLMasterToken
|
||||||
}
|
}
|
||||||
if config.ACLDatacenter != "" {
|
if runtimeCfg.ACLDatacenter != "" {
|
||||||
base.ACLDatacenter = config.ACLDatacenter
|
cfg.ACLDatacenter = runtimeCfg.ACLDatacenter
|
||||||
}
|
}
|
||||||
if config.ACLTokenTTL != 0 {
|
if runtimeCfg.ACLTokenTTL != 0 {
|
||||||
base.ACLTokenTTL = config.ACLTokenTTL
|
cfg.ACLTokenTTL = runtimeCfg.ACLTokenTTL
|
||||||
}
|
}
|
||||||
if config.ACLPolicyTTL != 0 {
|
if runtimeCfg.ACLPolicyTTL != 0 {
|
||||||
base.ACLPolicyTTL = config.ACLPolicyTTL
|
cfg.ACLPolicyTTL = runtimeCfg.ACLPolicyTTL
|
||||||
}
|
}
|
||||||
if config.ACLRoleTTL != 0 {
|
if runtimeCfg.ACLRoleTTL != 0 {
|
||||||
base.ACLRoleTTL = config.ACLRoleTTL
|
cfg.ACLRoleTTL = runtimeCfg.ACLRoleTTL
|
||||||
}
|
}
|
||||||
if config.ACLDefaultPolicy != "" {
|
if runtimeCfg.ACLDefaultPolicy != "" {
|
||||||
base.ACLDefaultPolicy = config.ACLDefaultPolicy
|
cfg.ACLDefaultPolicy = runtimeCfg.ACLDefaultPolicy
|
||||||
}
|
}
|
||||||
if config.ACLDownPolicy != "" {
|
if runtimeCfg.ACLDownPolicy != "" {
|
||||||
base.ACLDownPolicy = config.ACLDownPolicy
|
cfg.ACLDownPolicy = runtimeCfg.ACLDownPolicy
|
||||||
}
|
}
|
||||||
base.ACLTokenReplication = config.ACLTokenReplication
|
cfg.ACLTokenReplication = runtimeCfg.ACLTokenReplication
|
||||||
base.ACLsEnabled = config.ACLsEnabled
|
cfg.ACLsEnabled = runtimeCfg.ACLsEnabled
|
||||||
if config.ACLEnableKeyListPolicy {
|
if runtimeCfg.ACLEnableKeyListPolicy {
|
||||||
base.ACLEnableKeyListPolicy = config.ACLEnableKeyListPolicy
|
cfg.ACLEnableKeyListPolicy = runtimeCfg.ACLEnableKeyListPolicy
|
||||||
}
|
}
|
||||||
if config.SessionTTLMin != 0 {
|
if runtimeCfg.SessionTTLMin != 0 {
|
||||||
base.SessionTTLMin = config.SessionTTLMin
|
cfg.SessionTTLMin = runtimeCfg.SessionTTLMin
|
||||||
}
|
}
|
||||||
if config.NonVotingServer {
|
if runtimeCfg.NonVotingServer {
|
||||||
base.NonVoter = config.NonVotingServer
|
cfg.NonVoter = runtimeCfg.NonVotingServer
|
||||||
}
|
}
|
||||||
|
|
||||||
// These are fully specified in the agent defaults, so we can simply
|
// These are fully specified in the agent defaults, so we can simply
|
||||||
// copy them over.
|
// copy them over.
|
||||||
base.AutopilotConfig.CleanupDeadServers = config.AutopilotCleanupDeadServers
|
cfg.AutopilotConfig.CleanupDeadServers = runtimeCfg.AutopilotCleanupDeadServers
|
||||||
base.AutopilotConfig.LastContactThreshold = config.AutopilotLastContactThreshold
|
cfg.AutopilotConfig.LastContactThreshold = runtimeCfg.AutopilotLastContactThreshold
|
||||||
base.AutopilotConfig.MaxTrailingLogs = uint64(config.AutopilotMaxTrailingLogs)
|
cfg.AutopilotConfig.MaxTrailingLogs = uint64(runtimeCfg.AutopilotMaxTrailingLogs)
|
||||||
base.AutopilotConfig.MinQuorum = config.AutopilotMinQuorum
|
cfg.AutopilotConfig.MinQuorum = runtimeCfg.AutopilotMinQuorum
|
||||||
base.AutopilotConfig.ServerStabilizationTime = config.AutopilotServerStabilizationTime
|
cfg.AutopilotConfig.ServerStabilizationTime = runtimeCfg.AutopilotServerStabilizationTime
|
||||||
base.AutopilotConfig.RedundancyZoneTag = config.AutopilotRedundancyZoneTag
|
cfg.AutopilotConfig.RedundancyZoneTag = runtimeCfg.AutopilotRedundancyZoneTag
|
||||||
base.AutopilotConfig.DisableUpgradeMigration = config.AutopilotDisableUpgradeMigration
|
cfg.AutopilotConfig.DisableUpgradeMigration = runtimeCfg.AutopilotDisableUpgradeMigration
|
||||||
base.AutopilotConfig.UpgradeVersionTag = config.AutopilotUpgradeVersionTag
|
cfg.AutopilotConfig.UpgradeVersionTag = runtimeCfg.AutopilotUpgradeVersionTag
|
||||||
|
|
||||||
// make sure the advertise address is always set
|
// make sure the advertise address is always set
|
||||||
if base.RPCAdvertise == nil {
|
if cfg.RPCAdvertise == nil {
|
||||||
base.RPCAdvertise = base.RPCAddr
|
cfg.RPCAdvertise = cfg.RPCAddr
|
||||||
}
|
}
|
||||||
|
|
||||||
// Rate limiting for RPC calls.
|
// Rate limiting for RPC calls.
|
||||||
if config.RPCRateLimit > 0 {
|
if runtimeCfg.RPCRateLimit > 0 {
|
||||||
base.RPCRate = config.RPCRateLimit
|
cfg.RPCRate = runtimeCfg.RPCRateLimit
|
||||||
}
|
}
|
||||||
if config.RPCMaxBurst > 0 {
|
if runtimeCfg.RPCMaxBurst > 0 {
|
||||||
base.RPCMaxBurst = config.RPCMaxBurst
|
cfg.RPCMaxBurst = runtimeCfg.RPCMaxBurst
|
||||||
}
|
}
|
||||||
|
|
||||||
// RPC timeouts/limits.
|
// RPC timeouts/limits.
|
||||||
if config.RPCHandshakeTimeout > 0 {
|
if runtimeCfg.RPCHandshakeTimeout > 0 {
|
||||||
base.RPCHandshakeTimeout = config.RPCHandshakeTimeout
|
cfg.RPCHandshakeTimeout = runtimeCfg.RPCHandshakeTimeout
|
||||||
}
|
}
|
||||||
if config.RPCMaxConnsPerClient > 0 {
|
if runtimeCfg.RPCMaxConnsPerClient > 0 {
|
||||||
base.RPCMaxConnsPerClient = config.RPCMaxConnsPerClient
|
cfg.RPCMaxConnsPerClient = runtimeCfg.RPCMaxConnsPerClient
|
||||||
}
|
}
|
||||||
|
|
||||||
// RPC-related performance configs. We allow explicit zero value to disable so
|
// RPC-related performance configs. We allow explicit zero value to disable so
|
||||||
// copy it whatever the value.
|
// copy it whatever the value.
|
||||||
base.RPCHoldTimeout = config.RPCHoldTimeout
|
cfg.RPCHoldTimeout = runtimeCfg.RPCHoldTimeout
|
||||||
|
|
||||||
if config.LeaveDrainTime > 0 {
|
if runtimeCfg.LeaveDrainTime > 0 {
|
||||||
base.LeaveDrainTime = config.LeaveDrainTime
|
cfg.LeaveDrainTime = runtimeCfg.LeaveDrainTime
|
||||||
}
|
}
|
||||||
|
|
||||||
// set the src address for outgoing rpc connections
|
// set the src address for outgoing rpc connections
|
||||||
// Use port 0 so that outgoing connections use a random port.
|
// Use port 0 so that outgoing connections use a random port.
|
||||||
if !ipaddr.IsAny(base.RPCAddr.IP) {
|
if !ipaddr.IsAny(cfg.RPCAddr.IP) {
|
||||||
base.RPCSrcAddr = &net.TCPAddr{IP: base.RPCAddr.IP}
|
cfg.RPCSrcAddr = &net.TCPAddr{IP: cfg.RPCAddr.IP}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Format the build string
|
// Format the build string
|
||||||
revision := config.Revision
|
revision := runtimeCfg.Revision
|
||||||
if len(revision) > 8 {
|
if len(revision) > 8 {
|
||||||
revision = revision[:8]
|
revision = revision[:8]
|
||||||
}
|
}
|
||||||
base.Build = fmt.Sprintf("%s%s:%s", config.Version, config.VersionPrerelease, revision)
|
cfg.Build = fmt.Sprintf("%s%s:%s", runtimeCfg.Version, runtimeCfg.VersionPrerelease, revision)
|
||||||
|
|
||||||
// Copy the TLS configuration
|
// Copy the TLS configuration
|
||||||
base.VerifyIncoming = config.VerifyIncoming || config.VerifyIncomingRPC
|
cfg.VerifyIncoming = runtimeCfg.VerifyIncoming || runtimeCfg.VerifyIncomingRPC
|
||||||
if config.CAPath != "" || config.CAFile != "" {
|
if runtimeCfg.CAPath != "" || runtimeCfg.CAFile != "" {
|
||||||
base.UseTLS = true
|
cfg.UseTLS = true
|
||||||
}
|
}
|
||||||
base.VerifyOutgoing = config.VerifyOutgoing
|
cfg.VerifyOutgoing = runtimeCfg.VerifyOutgoing
|
||||||
base.VerifyServerHostname = config.VerifyServerHostname
|
cfg.VerifyServerHostname = runtimeCfg.VerifyServerHostname
|
||||||
base.CAFile = config.CAFile
|
cfg.CAFile = runtimeCfg.CAFile
|
||||||
base.CAPath = config.CAPath
|
cfg.CAPath = runtimeCfg.CAPath
|
||||||
base.CertFile = config.CertFile
|
cfg.CertFile = runtimeCfg.CertFile
|
||||||
base.KeyFile = config.KeyFile
|
cfg.KeyFile = runtimeCfg.KeyFile
|
||||||
base.ServerName = config.ServerName
|
cfg.ServerName = runtimeCfg.ServerName
|
||||||
base.Domain = config.DNSDomain
|
cfg.Domain = runtimeCfg.DNSDomain
|
||||||
base.TLSMinVersion = config.TLSMinVersion
|
cfg.TLSMinVersion = runtimeCfg.TLSMinVersion
|
||||||
base.TLSCipherSuites = config.TLSCipherSuites
|
cfg.TLSCipherSuites = runtimeCfg.TLSCipherSuites
|
||||||
base.TLSPreferServerCipherSuites = config.TLSPreferServerCipherSuites
|
cfg.TLSPreferServerCipherSuites = runtimeCfg.TLSPreferServerCipherSuites
|
||||||
base.DefaultQueryTime = config.DefaultQueryTime
|
cfg.DefaultQueryTime = runtimeCfg.DefaultQueryTime
|
||||||
base.MaxQueryTime = config.MaxQueryTime
|
cfg.MaxQueryTime = runtimeCfg.MaxQueryTime
|
||||||
|
|
||||||
base.AutoEncryptAllowTLS = config.AutoEncryptAllowTLS
|
cfg.AutoEncryptAllowTLS = runtimeCfg.AutoEncryptAllowTLS
|
||||||
|
|
||||||
// Copy the Connect CA bootstrap config
|
// Copy the Connect CA bootstrap runtimeCfg
|
||||||
if config.ConnectEnabled {
|
if runtimeCfg.ConnectEnabled {
|
||||||
base.ConnectEnabled = true
|
cfg.ConnectEnabled = true
|
||||||
base.ConnectMeshGatewayWANFederationEnabled = config.ConnectMeshGatewayWANFederationEnabled
|
cfg.ConnectMeshGatewayWANFederationEnabled = runtimeCfg.ConnectMeshGatewayWANFederationEnabled
|
||||||
|
|
||||||
ca, err := config.ConnectCAConfiguration()
|
ca, err := runtimeCfg.ConnectCAConfiguration()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
base.CAConfig = ca
|
cfg.CAConfig = ca
|
||||||
}
|
}
|
||||||
|
|
||||||
// copy over auto config settings
|
// copy over auto runtimeCfg settings
|
||||||
base.AutoConfigEnabled = config.AutoConfig.Enabled
|
cfg.AutoConfigEnabled = runtimeCfg.AutoConfig.Enabled
|
||||||
base.AutoConfigIntroToken = config.AutoConfig.IntroToken
|
cfg.AutoConfigIntroToken = runtimeCfg.AutoConfig.IntroToken
|
||||||
base.AutoConfigIntroTokenFile = config.AutoConfig.IntroTokenFile
|
cfg.AutoConfigIntroTokenFile = runtimeCfg.AutoConfig.IntroTokenFile
|
||||||
base.AutoConfigServerAddresses = config.AutoConfig.ServerAddresses
|
cfg.AutoConfigServerAddresses = runtimeCfg.AutoConfig.ServerAddresses
|
||||||
base.AutoConfigDNSSANs = config.AutoConfig.DNSSANs
|
cfg.AutoConfigDNSSANs = runtimeCfg.AutoConfig.DNSSANs
|
||||||
base.AutoConfigIPSANs = config.AutoConfig.IPSANs
|
cfg.AutoConfigIPSANs = runtimeCfg.AutoConfig.IPSANs
|
||||||
base.AutoConfigAuthzEnabled = config.AutoConfig.Authorizer.Enabled
|
cfg.AutoConfigAuthzEnabled = runtimeCfg.AutoConfig.Authorizer.Enabled
|
||||||
base.AutoConfigAuthzAuthMethod = config.AutoConfig.Authorizer.AuthMethod
|
cfg.AutoConfigAuthzAuthMethod = runtimeCfg.AutoConfig.Authorizer.AuthMethod
|
||||||
base.AutoConfigAuthzClaimAssertions = config.AutoConfig.Authorizer.ClaimAssertions
|
cfg.AutoConfigAuthzClaimAssertions = runtimeCfg.AutoConfig.Authorizer.ClaimAssertions
|
||||||
base.AutoConfigAuthzAllowReuse = config.AutoConfig.Authorizer.AllowReuse
|
cfg.AutoConfigAuthzAllowReuse = runtimeCfg.AutoConfig.Authorizer.AllowReuse
|
||||||
|
|
||||||
// This will set up the LAN keyring, as well as the WAN and any segments
|
// This will set up the LAN keyring, as well as the WAN and any segments
|
||||||
// for servers.
|
// for servers.
|
||||||
// TODO: move this closer to where the keyrings will be used.
|
// TODO: move this closer to where the keyrings will be used.
|
||||||
if err := setupKeyrings(base, config, logger); err != nil {
|
if err := setupKeyrings(cfg, runtimeCfg, logger); err != nil {
|
||||||
return nil, fmt.Errorf("Failed to configure keyring: %v", err)
|
return nil, fmt.Errorf("Failed to configure keyring: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
base.ConfigEntryBootstrap = config.ConfigEntryBootstrap
|
cfg.ConfigEntryBootstrap = runtimeCfg.ConfigEntryBootstrap
|
||||||
|
|
||||||
enterpriseConsulConfig(base, config)
|
enterpriseConsulConfig(cfg, runtimeCfg)
|
||||||
return base, nil
|
return cfg, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Setup the serf and memberlist config for any defined network segments.
|
// Setup the serf and memberlist config for any defined network segments.
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user