consul: simplify keyring operations

This commit is contained in:
Ryan Uber 2014-10-06 15:14:30 -07:00
parent ee03c6a4b8
commit 648c7cdc8e
3 changed files with 14 additions and 26 deletions

View File

@ -117,10 +117,7 @@ func loadKeyringFile(c *serf.Config) error {
// keyringProcess is used to abstract away the semantic similarities in // keyringProcess is used to abstract away the semantic similarities in
// performing various operations on the encryption keyring. // performing various operations on the encryption keyring.
func (a *Agent) keyringProcess( func (a *Agent) keyringProcess(args *structs.KeyringRequest) (*structs.KeyringResponses, error) {
method string,
args *structs.KeyringRequest) (*structs.KeyringResponses, error) {
// Allow any server to handle the request, since this is // Allow any server to handle the request, since this is
// done over the gossip protocol. // done over the gossip protocol.
args.AllowStale = true args.AllowStale = true
@ -129,7 +126,7 @@ func (a *Agent) keyringProcess(
if a.server == nil { if a.server == nil {
return nil, fmt.Errorf("keyring operations must run against a server node") return nil, fmt.Errorf("keyring operations must run against a server node")
} }
if err := a.RPC(method, args, &reply); err != nil { if err := a.RPC("Internal.KeyringOperation", args, &reply); err != nil {
return &reply, err return &reply, err
} }
@ -140,23 +137,23 @@ func (a *Agent) keyringProcess(
// includes both servers and clients in all DC's. // includes both servers and clients in all DC's.
func (a *Agent) ListKeys() (*structs.KeyringResponses, error) { func (a *Agent) ListKeys() (*structs.KeyringResponses, error) {
args := structs.KeyringRequest{Operation: structs.KeyringList} args := structs.KeyringRequest{Operation: structs.KeyringList}
return a.keyringProcess("Internal.KeyringOperation", &args) return a.keyringProcess(&args)
} }
// InstallKey installs a new gossip encryption key // InstallKey installs a new gossip encryption key
func (a *Agent) InstallKey(key string) (*structs.KeyringResponses, error) { func (a *Agent) InstallKey(key string) (*structs.KeyringResponses, error) {
args := structs.KeyringRequest{Key: key, Operation: structs.KeyringInstall} args := structs.KeyringRequest{Key: key, Operation: structs.KeyringInstall}
return a.keyringProcess("Internal.KeyringOperation", &args) return a.keyringProcess(&args)
} }
// UseKey changes the primary encryption key used to encrypt messages // UseKey changes the primary encryption key used to encrypt messages
func (a *Agent) UseKey(key string) (*structs.KeyringResponses, error) { func (a *Agent) UseKey(key string) (*structs.KeyringResponses, error) {
args := structs.KeyringRequest{Key: key, Operation: structs.KeyringUse} args := structs.KeyringRequest{Key: key, Operation: structs.KeyringUse}
return a.keyringProcess("Internal.KeyringOperation", &args) return a.keyringProcess(&args)
} }
// RemoveKey will remove a gossip encryption key from the keyring // RemoveKey will remove a gossip encryption key from the keyring
func (a *Agent) RemoveKey(key string) (*structs.KeyringResponses, error) { func (a *Agent) RemoveKey(key string) (*structs.KeyringResponses, error) {
args := structs.KeyringRequest{Key: key, Operation: structs.KeyringRemove} args := structs.KeyringRequest{Key: key, Operation: structs.KeyringRemove}
return a.keyringProcess("Internal.KeyringOperation", &args) return a.keyringProcess(&args)
} }

View File

@ -72,10 +72,9 @@ func (m *Internal) KeyringOperation(
reply *structs.KeyringResponses) error { reply *structs.KeyringResponses) error {
m.executeKeyringOp(args, reply, false) m.executeKeyringOp(args, reply, false)
if !args.Forwarded { if !args.Forwarded {
m.executeKeyringOp(args, reply, true)
args.Forwarded = true args.Forwarded = true
m.executeKeyringOp(args, reply, true)
return m.srv.globalRPC("Internal.KeyringOperation", args, reply) return m.srv.globalRPC("Internal.KeyringOperation", args, reply)
} }
@ -92,10 +91,8 @@ func (m *Internal) executeKeyringOp(
var serfResp *serf.KeyResponse var serfResp *serf.KeyResponse
var err error var err error
dc := m.srv.config.Datacenter
var mgr *serf.KeyManager var mgr *serf.KeyManager
if wan { if wan {
mgr = m.srv.KeyManagerWAN() mgr = m.srv.KeyManagerWAN()
} else { } else {
@ -120,7 +117,7 @@ func (m *Internal) executeKeyringOp(
reply.Responses = append(reply.Responses, &structs.KeyringResponse{ reply.Responses = append(reply.Responses, &structs.KeyringResponse{
WAN: wan, WAN: wan,
Datacenter: dc, Datacenter: m.srv.config.Datacenter,
Messages: serfResp.Messages, Messages: serfResp.Messages,
Keys: serfResp.Keys, Keys: serfResp.Keys,
NumNodes: serfResp.NumNodes, NumNodes: serfResp.NumNodes,

View File

@ -229,11 +229,8 @@ func (s *Server) forwardDC(method, dc string, args interface{}, reply interface{
func (s *Server) globalRPC(method string, args interface{}, func (s *Server) globalRPC(method string, args interface{},
reply structs.CompoundResponse) error { reply structs.CompoundResponse) error {
if reply == nil { totalDC := len(s.remoteConsuls)
return fmt.Errorf("nil reply struct") if totalDC == 1 {
}
rlen := len(s.remoteConsuls)
if rlen < 2 {
return nil return nil
} }
@ -253,17 +250,14 @@ func (s *Server) globalRPC(method string, args interface{},
}() }()
} }
done := 0 replies := 0
for { for replies < totalDC {
select { select {
case err := <-errorCh: case err := <-errorCh:
return err return err
case rr := <-respCh: case rr := <-respCh:
reply.Add(rr) reply.Add(rr)
done++ replies++
}
if done == rlen {
break
} }
} }
return nil return nil