connect: add provider state to snapshots

This commit is contained in:
Kyle Havlovitz 2018-07-11 11:34:49 -07:00
parent 462ace4867
commit 4e5fb6bc19
No known key found for this signature in database
GPG Key ID: 8A5E6B173056AD6C
3 changed files with 62 additions and 14 deletions

View File

@ -22,6 +22,7 @@ func init() {
registerRestorer(structs.AutopilotRequestType, restoreAutopilot) registerRestorer(structs.AutopilotRequestType, restoreAutopilot)
registerRestorer(structs.IntentionRequestType, restoreIntention) registerRestorer(structs.IntentionRequestType, restoreIntention)
registerRestorer(structs.ConnectCARequestType, restoreConnectCA) registerRestorer(structs.ConnectCARequestType, restoreConnectCA)
registerRestorer(structs.ConnectCAProviderStateType, restoreConnectCAProviderState)
} }
func persistOSS(s *snapshot, sink raft.SnapshotSink, encoder *codec.Encoder) error { func persistOSS(s *snapshot, sink raft.SnapshotSink, encoder *codec.Encoder) error {
@ -52,6 +53,9 @@ func persistOSS(s *snapshot, sink raft.SnapshotSink, encoder *codec.Encoder) err
if err := s.persistConnectCA(sink, encoder); err != nil { if err := s.persistConnectCA(sink, encoder); err != nil {
return err return err
} }
if err := s.persistConnectCAProviderState(sink, encoder); err != nil {
return err
}
return nil return nil
} }
@ -284,6 +288,24 @@ func (s *snapshot) persistConnectCA(sink raft.SnapshotSink,
return nil return nil
} }
func (s *snapshot) persistConnectCAProviderState(sink raft.SnapshotSink,
encoder *codec.Encoder) error {
state, err := s.state.CAProviderState()
if err != nil {
return err
}
for _, r := range state {
if _, err := sink.Write([]byte{byte(structs.ConnectCAProviderStateType)}); err != nil {
return err
}
if err := encoder.Encode(r); err != nil {
return err
}
}
return nil
}
func (s *snapshot) persistIntentions(sink raft.SnapshotSink, func (s *snapshot) persistIntentions(sink raft.SnapshotSink,
encoder *codec.Encoder) error { encoder *codec.Encoder) error {
ixns, err := s.state.Intentions() ixns, err := s.state.Intentions()
@ -430,3 +452,14 @@ func restoreConnectCA(header *snapshotHeader, restore *state.Restore, decoder *c
} }
return nil return nil
} }
func restoreConnectCAProviderState(header *snapshotHeader, restore *state.Restore, decoder *codec.Decoder) error {
var req structs.CAConsulProviderState
if err := decoder.Decode(&req); err != nil {
return err
}
if err := restore.CAProviderState(&req); err != nil {
return err
}
return nil
}

View File

@ -123,6 +123,14 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
assert.Nil(err) assert.Nil(err)
assert.True(ok) assert.True(ok)
ok, err = fsm.state.CASetProviderState(16, &structs.CAConsulProviderState{
ID: "asdf",
PrivateKey: "foo",
RootCert: "bar",
})
assert.Nil(err)
assert.True(ok)
// Snapshot // Snapshot
snap, err := fsm.Snapshot() snap, err := fsm.Snapshot()
if err != nil { if err != nil {
@ -296,6 +304,12 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
assert.Nil(err) assert.Nil(err)
assert.Len(roots, 2) assert.Len(roots, 2)
// Verify provider state is restored.
_, state, err := fsm2.state.CAProviderState("asdf")
assert.Nil(err)
assert.Equal("foo", state.PrivateKey)
assert.Equal("bar", state.RootCert)
// Snapshot // Snapshot
snap, err = fsm2.Snapshot() snap, err = fsm2.Snapshot()
if err != nil { if err != nil {

View File

@ -45,6 +45,7 @@ const (
ACLBootstrapRequestType = 11 // FSM snapshots only. ACLBootstrapRequestType = 11 // FSM snapshots only.
IntentionRequestType = 12 IntentionRequestType = 12
ConnectCARequestType = 13 ConnectCARequestType = 13
ConnectCAProviderStateType = 14
) )
const ( const (