auto-config: ensure the feature works properly with partitions (#11699)

This commit is contained in:
R.B. Boyer 2021-12-01 13:32:34 -06:00 committed by GitHub
parent ffca66d5df
commit db91cbf484
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 284 additions and 112 deletions

3
.changelog/11699.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:improvement
auto-config: ensure the feature works properly with partitions
```

View File

@ -5117,6 +5117,9 @@ func TestAutoConfig_Integration(t *testing.T) {
// verify_incoming config on the server would not let it work.
testrpc.WaitForTestAgent(t, client.RPC, "dc1", testrpc.WithToken(TestDefaultMasterToken))
// spot check that we now have an ACL token
require.NotEmpty(t, client.tokens.AgentToken())
// grab the existing cert
cert1 := client.Agent.tlsConfigurator.Cert()
require.NotNil(t, cert1)
@ -5159,9 +5162,6 @@ func TestAutoConfig_Integration(t *testing.T) {
require.NoError(r, err)
require.Equal(r, client.Agent.tlsConfigurator.Cert(), &actual)
})
// spot check that we now have an ACL token
require.NotEmpty(t, client.tokens.AgentToken())
}
func TestAgent_AutoEncrypt(t *testing.T) {
@ -5351,3 +5351,10 @@ func uniqueAddrs(srvs []apiServer) map[string]struct{} {
}
return result
}
func runStep(t *testing.T, name string, fn func(t *testing.T)) {
t.Helper()
if !t.Run(name, fn) {
t.FailNow()
}
}

View File

@ -279,6 +279,7 @@ func (ac *AutoConfig) getInitialConfigurationOnce(ctx context.Context, csr strin
Datacenter: ac.config.Datacenter,
Node: ac.config.NodeName,
Segment: ac.config.SegmentName,
Partition: ac.config.PartitionOrEmpty(),
JWT: token,
CSR: csr,
}

View File

@ -26,9 +26,12 @@ func translateConfig(c *pbconfig.Config) config.Config {
Datacenter: stringPtrOrNil(c.Datacenter),
PrimaryDatacenter: stringPtrOrNil(c.PrimaryDatacenter),
NodeName: stringPtrOrNil(c.NodeName),
// only output the SegmentName in the configuration if its non-empty
// only output the SegmentName in the configuration if it's non-empty
// this will avoid a warning later when parsing the persisted configuration
SegmentName: stringPtrOrNil(c.SegmentName),
// only output the Partition in the configuration if it's non-empty
// this will avoid a warning later when parsing the persisted configuration
Partition: stringPtrOrNil(c.Partition),
}
if a := c.AutoEncrypt; a != nil {

View File

@ -192,11 +192,12 @@ func (ac *AutoConfig) caRootsRequest() structs.DCSpecificRequest {
func (ac *AutoConfig) leafCertRequest() cachetype.ConnectCALeafRequest {
return cachetype.ConnectCALeafRequest{
Datacenter: ac.config.Datacenter,
Agent: ac.config.NodeName,
DNSSAN: ac.getDNSSANs(),
IPSAN: ac.getIPSANs(),
Token: ac.acConfig.Tokens.AgentToken(),
Datacenter: ac.config.Datacenter,
Agent: ac.config.NodeName,
DNSSAN: ac.getDNSSANs(),
IPSAN: ac.getIPSANs(),
Token: ac.acConfig.Tokens.AgentToken(),
EnterpriseMeta: *structs.NodeEnterpriseMetaInPartition(ac.config.PartitionOrEmpty()),
}
}

View File

@ -2374,8 +2374,9 @@ func validateAutoConfigAuthorizer(rt RuntimeConfig) error {
// create a blank identity for use to validate the claim assertions.
blankID := validator.NewIdentity()
varMap := map[string]string{
"node": "fake",
"segment": "fake",
"node": "fake",
"segment": "fake",
"partition": "fake",
}
// validate all the claim assertions

View File

@ -76,6 +76,10 @@ func ParseCertURI(input *url.URL) (CertURI, error) {
}
}
if ap == "" {
ap = "default"
}
return &SpiffeIDService{
Host: input.Host,
Partition: ap,
@ -103,6 +107,10 @@ func ParseCertURI(input *url.URL) (CertURI, error) {
}
}
if ap == "" {
ap = "default"
}
return &SpiffeIDAgent{
Host: input.Host,
Partition: ap,

View File

@ -5,10 +5,13 @@ import (
"github.com/stretchr/testify/require"
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/consul/sdk/testutil"
)
func TestParseCertURIFromString(t *testing.T) {
defaultEntMeta := structs.DefaultEnterpriseMetaInDefaultPartition()
var cases = []struct {
Name string
URI string
@ -26,6 +29,7 @@ func TestParseCertURIFromString(t *testing.T) {
"spiffe://1234.consul/ns/default/dc/dc01/svc/web",
&SpiffeIDService{
Host: "1234.consul",
Partition: defaultEntMeta.PartitionOrDefault(),
Namespace: "default",
Datacenter: "dc01",
Service: "web",
@ -49,6 +53,7 @@ func TestParseCertURIFromString(t *testing.T) {
"spiffe://1234.consul/agent/client/dc/dc1/id/uuid",
&SpiffeIDAgent{
Host: "1234.consul",
Partition: defaultEntMeta.PartitionOrDefault(),
Datacenter: "dc1",
Agent: "uuid",
},
@ -70,6 +75,7 @@ func TestParseCertURIFromString(t *testing.T) {
"spiffe://1234.consul/ns/foo%2Fbar/dc/bar%2Fbaz/svc/baz%2Fqux",
&SpiffeIDService{
Host: "1234.consul",
Partition: defaultEntMeta.PartitionOrDefault(),
Namespace: "foo/bar",
Datacenter: "bar/baz",
Service: "baz/qux",

View File

@ -31,13 +31,16 @@ func (b autoConfigBackend) GetCARoots() (*structs.IndexedCARoots, error) {
// DatacenterJoinAddresses will return all the strings suitable for usage in
// retry join operations to connect to the the LAN or LAN segment gossip pool.
func (b autoConfigBackend) DatacenterJoinAddresses(segment string) ([]string, error) {
func (b autoConfigBackend) DatacenterJoinAddresses(partition, segment string) ([]string, error) {
members, err := b.Server.LANMembers(LANMemberFilter{
Segment: segment,
Partition: "", // TODO(partitions): figure out what goes here
Partition: partition,
})
if err != nil {
return nil, fmt.Errorf("Failed to retrieve members for segment %s - %w", segment, err)
if segment != "" {
return nil, fmt.Errorf("Failed to retrieve members for segment %s: %w", segment, err)
}
return nil, fmt.Errorf("Failed to retrieve members for partition %s: %w", structs.PartitionOrDefault(partition), err)
}
var joinAddrs []string

View File

@ -27,7 +27,7 @@ func TestAutoConfigBackend_DatacenterJoinAddresses(t *testing.T) {
}
backend := autoConfigBackend{Server: nodes.Servers[0]}
actual, err := backend.DatacenterJoinAddresses("")
actual, err := backend.DatacenterJoinAddresses("", "")
require.NoError(t, err)
require.ElementsMatch(t, expected, actual)
}

View File

@ -25,11 +25,16 @@ import (
type AutoConfigOptions struct {
NodeName string
SegmentName string
Partition string
CSR *x509.CertificateRequest
SpiffeID *connect.SpiffeIDAgent
}
func (opts AutoConfigOptions) PartitionOrDefault() string {
return structs.PartitionOrDefault(opts.Partition)
}
type AutoConfigAuthorizer interface {
// Authorizes the request and returns a struct containing the various
// options for how to generate the configuration.
@ -57,8 +62,9 @@ func (a *jwtAuthorizer) Authorize(req *pbautoconf.AutoConfigRequest) (AutoConfig
}
varMap := map[string]string{
"node": req.Node,
"segment": req.Segment,
"node": req.Node,
"segment": req.Segment,
"partition": req.PartitionOrDefault(),
}
for _, raw := range a.claimAssertions {
@ -86,6 +92,7 @@ func (a *jwtAuthorizer) Authorize(req *pbautoconf.AutoConfigRequest) (AutoConfig
opts := AutoConfigOptions{
NodeName: req.Node,
SegmentName: req.Segment,
Partition: req.Partition,
}
if req.CSR != "" {
@ -94,8 +101,12 @@ func (a *jwtAuthorizer) Authorize(req *pbautoconf.AutoConfigRequest) (AutoConfig
return AutoConfigOptions{}, err
}
if id.Agent != req.Node {
return AutoConfigOptions{}, fmt.Errorf("Spiffe ID agent name (%s) of the certificate signing request is not for the correct node (%s)", id.Agent, req.Node)
if id.Agent != req.Node || !structs.EqualPartitions(id.Partition, req.Partition) {
return AutoConfigOptions{},
fmt.Errorf("Spiffe ID agent name (%s) of the certificate signing request is not for the correct node (%s)",
printNodeName(id.Agent, id.Partition),
printNodeName(req.Node, req.Partition),
)
}
opts.CSR = csr
@ -107,7 +118,7 @@ func (a *jwtAuthorizer) Authorize(req *pbautoconf.AutoConfigRequest) (AutoConfig
type AutoConfigBackend interface {
CreateACLToken(template *structs.ACLToken) (*structs.ACLToken, error)
DatacenterJoinAddresses(segment string) ([]string, error)
DatacenterJoinAddresses(partition, segment string) ([]string, error)
ForwardRPC(method string, info structs.RPCInfo, reply interface{}) (bool, error)
GetCARoots() (*structs.IndexedCARoots, error)
SignCertificate(csr *x509.CertificateRequest, id connect.CertURI) (*structs.IssuedCert, error)
@ -200,7 +211,7 @@ func (ac *AutoConfig) updateACLsInConfig(opts AutoConfigOptions, resp *pbautocon
if ac.config.ACLsEnabled {
// set up the token template - the ids and create
template := structs.ACLToken{
Description: fmt.Sprintf("Auto Config Token for Node %q", opts.NodeName),
Description: fmt.Sprintf("Auto Config Token for Node %q", printNodeName(opts.NodeName, opts.Partition)),
Local: true,
NodeIdentities: []*structs.ACLNodeIdentity{
{
@ -208,13 +219,12 @@ func (ac *AutoConfig) updateACLsInConfig(opts AutoConfigOptions, resp *pbautocon
Datacenter: ac.config.Datacenter,
},
},
// TODO(partitions): support auto-config in different partitions
EnterpriseMeta: *structs.DefaultEnterpriseMetaInDefaultPartition(),
EnterpriseMeta: *structs.DefaultEnterpriseMetaInPartition(opts.PartitionOrDefault()),
}
token, err := ac.backend.CreateACLToken(&template)
if err != nil {
return fmt.Errorf("Failed to generate an ACL token for node %q - %w", opts.NodeName, err)
return fmt.Errorf("Failed to generate an ACL token for node %q: %w", printNodeName(opts.NodeName, opts.Partition), err)
}
acl.Tokens = &pbconfig.ACLTokens{Agent: token.SecretID}
@ -227,7 +237,7 @@ func (ac *AutoConfig) updateACLsInConfig(opts AutoConfigOptions, resp *pbautocon
// updateJoinAddressesInConfig determines the correct gossip endpoints that clients should
// be connecting to for joining the cluster based on the segment given in the opts parameter.
func (ac *AutoConfig) updateJoinAddressesInConfig(opts AutoConfigOptions, resp *pbautoconf.AutoConfigResponse) error {
joinAddrs, err := ac.backend.DatacenterJoinAddresses(opts.SegmentName)
joinAddrs, err := ac.backend.DatacenterJoinAddresses(opts.Partition, opts.SegmentName)
if err != nil {
return err
}
@ -299,6 +309,7 @@ func (ac *AutoConfig) baseConfig(opts AutoConfigOptions, resp *pbautoconf.AutoCo
resp.Config.PrimaryDatacenter = ac.config.PrimaryDatacenter
resp.Config.NodeName = opts.NodeName
resp.Config.SegmentName = opts.SegmentName
resp.Config.Partition = opts.Partition
return nil
}
@ -422,3 +433,10 @@ func mapstructureTranslateToProtobuf(in interface{}, out interface{}) error {
return decoder.Decode(in)
}
func printNodeName(nodeName, partition string) string {
if structs.IsDefaultPartition(partition) {
return nodeName
}
return partition + "/" + nodeName
}

View File

@ -38,8 +38,8 @@ func (m *mockAutoConfigBackend) CreateACLToken(template *structs.ACLToken) (*str
return token, ret.Error(1)
}
func (m *mockAutoConfigBackend) DatacenterJoinAddresses(segment string) ([]string, error) {
ret := m.Called(segment)
func (m *mockAutoConfigBackend) DatacenterJoinAddresses(partition, segment string) ([]string, error) {
ret := m.Called(partition, segment)
// this handles converting an untyped nil to a typed nil
addrs, _ := ret.Get(0).([]string)
return addrs, ret.Error(1)
@ -215,6 +215,8 @@ func TestAutoConfigInitialConfiguration(t *testing.T) {
err string
}
defaultEntMeta := structs.DefaultEnterpriseMetaInDefaultPartition()
cases := map[string]testCase{
"wrong-datacenter": {
request: pbautoconf.AutoConfigRequest{
@ -304,6 +306,7 @@ func TestAutoConfigInitialConfiguration(t *testing.T) {
expectedID := connect.SpiffeIDAgent{
Host: roots.TrustDomain,
Agent: "test-node",
Partition: defaultEntMeta.PartitionOrDefault(),
Datacenter: "dc1",
}
@ -836,7 +839,7 @@ func TestAutoConfig_updateACLsInConfig(t *testing.T) {
func TestAutoConfig_updateJoinAddressesInConfig(t *testing.T) {
addrs := []string{"198.18.0.7:8300", "198.18.0.1:8300"}
backend := &mockAutoConfigBackend{}
backend.On("DatacenterJoinAddresses", "").Return(addrs, nil).Once()
backend.On("DatacenterJoinAddresses", "", "").Return(addrs, nil).Once()
ac := AutoConfig{backend: backend}

View File

@ -37,6 +37,8 @@ type AutoConfigRequest struct {
Node string `protobuf:"bytes,2,opt,name=Node,proto3" json:"Node,omitempty"`
// Segment is the network segment that the requester would like to join
Segment string `protobuf:"bytes,4,opt,name=Segment,proto3" json:"Segment,omitempty"`
// Partition is the partition that the requester would like to join
Partition string `protobuf:"bytes,8,opt,name=Partition,proto3" json:"Partition,omitempty"`
// JWT is a signed JSON Web Token used to authorize the request
JWT string `protobuf:"bytes,5,opt,name=JWT,proto3" json:"JWT,omitempty"`
// ConsulToken is a Consul ACL token that the agent requesting the
@ -104,6 +106,13 @@ func (m *AutoConfigRequest) GetSegment() string {
return ""
}
func (m *AutoConfigRequest) GetPartition() string {
if m != nil {
return m.Partition
}
return ""
}
func (m *AutoConfigRequest) GetJWT() string {
if m != nil {
return m.JWT
@ -212,29 +221,30 @@ func init() {
}
var fileDescriptor_ccc5af992e5daf69 = []byte{
// 347 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x92, 0xc1, 0x4a, 0xc3, 0x30,
0x18, 0xc7, 0x8d, 0x9b, 0x9b, 0x4b, 0x41, 0x66, 0x76, 0x09, 0x13, 0xcb, 0xd8, 0x41, 0x86, 0x48,
0x2b, 0x13, 0xaf, 0xc2, 0x8c, 0x1e, 0xf4, 0xe0, 0x21, 0x1b, 0x08, 0x5e, 0xa4, 0xeb, 0xb2, 0xad,
0xb8, 0x25, 0xb5, 0xf9, 0x02, 0x3e, 0x8a, 0x6f, 0xe0, 0xab, 0x78, 0xd4, 0x37, 0x90, 0xf9, 0x22,
0xd2, 0xb4, 0x95, 0x20, 0x9e, 0xfa, 0xef, 0xff, 0xf7, 0xfb, 0xe0, 0x6b, 0x13, 0xdc, 0x4f, 0x33,
0x05, 0x2a, 0x4c, 0xa7, 0x91, 0x01, 0x15, 0x2b, 0x39, 0x0f, 0xf3, 0xf0, 0x98, 0xa7, 0x64, 0x11,
0x58, 0x48, 0x76, 0x2b, 0xd6, 0x3d, 0xa8, 0xec, 0x82, 0x87, 0xae, 0xd6, 0x3d, 0x74, 0xa0, 0x14,
0x31, 0x84, 0xe5, 0xb3, 0xc0, 0xfd, 0x37, 0x84, 0xf7, 0x47, 0x06, 0x14, 0xb3, 0x33, 0x5c, 0x3c,
0x1b, 0xa1, 0x81, 0xf8, 0x18, 0x5f, 0x45, 0x10, 0xc5, 0x42, 0x82, 0xc8, 0x28, 0xea, 0xa1, 0x41,
0x8b, 0x3b, 0x0d, 0x21, 0xb8, 0x7e, 0xa7, 0x66, 0x82, 0x6e, 0x5b, 0x62, 0x33, 0xa1, 0xb8, 0x39,
0x16, 0x8b, 0xb5, 0x90, 0x40, 0xeb, 0xb6, 0xae, 0x5e, 0x49, 0x1b, 0xd7, 0x6e, 0xef, 0x27, 0x74,
0xc7, 0xb6, 0x79, 0x24, 0x3d, 0xec, 0x31, 0x25, 0xb5, 0x59, 0x4d, 0xd4, 0x93, 0x90, 0xb4, 0x61,
0x89, 0x5b, 0xe5, 0x33, 0x6c, 0xcc, 0x69, 0xb3, 0x98, 0x61, 0x63, 0xde, 0xff, 0x44, 0x98, 0xb8,
0x9b, 0xea, 0x54, 0x49, 0x2d, 0xc8, 0x11, 0x6e, 0x14, 0x8d, 0x5d, 0xd3, 0x1b, 0xee, 0x05, 0xe5,
0xe7, 0x97, 0x5e, 0x49, 0xc9, 0x31, 0x6e, 0xb2, 0x11, 0x57, 0x0a, 0xb4, 0xdd, 0xda, 0x1b, 0xb6,
0x83, 0xea, 0x4f, 0x94, 0x3d, 0xaf, 0x04, 0x72, 0x8e, 0x3d, 0x26, 0x32, 0x48, 0xe6, 0x49, 0x1c,
0x81, 0xa0, 0x35, 0xeb, 0x77, 0x7e, 0xfd, 0x1b, 0xad, 0x8d, 0x98, 0xe5, 0x06, 0x77, 0x3d, 0x72,
0x8a, 0x3b, 0xd7, 0x2f, 0x90, 0x45, 0x6c, 0xe4, 0xb4, 0x9a, 0xd6, 0x7b, 0xb5, 0x41, 0x8b, 0xff,
0x87, 0x2e, 0x2f, 0xde, 0x37, 0x3e, 0xfa, 0xd8, 0xf8, 0xe8, 0x6b, 0xe3, 0xa3, 0xd7, 0x6f, 0x7f,
0xeb, 0xe1, 0x64, 0x91, 0xc0, 0xd2, 0x4c, 0x83, 0x58, 0xad, 0xc3, 0x65, 0xa4, 0x97, 0x49, 0xac,
0xb2, 0x34, 0x3f, 0x33, 0x6d, 0x56, 0xe1, 0xdf, 0x5b, 0x31, 0x6d, 0xd8, 0xe6, 0xec, 0x27, 0x00,
0x00, 0xff, 0xff, 0xe2, 0x1d, 0x6e, 0x48, 0x30, 0x02, 0x00, 0x00,
// 361 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x92, 0xcf, 0x4a, 0xc3, 0x40,
0x10, 0xc6, 0x8d, 0xad, 0xfd, 0xb3, 0x01, 0xa9, 0xdb, 0xcb, 0x52, 0x35, 0x94, 0x1e, 0xa4, 0x88,
0x24, 0x52, 0xf1, 0x2a, 0xd4, 0xe8, 0x41, 0x0f, 0x22, 0xdb, 0x82, 0xe0, 0x45, 0xd2, 0x74, 0xdb,
0x06, 0xdb, 0x9d, 0x98, 0x9d, 0x80, 0x8f, 0xe2, 0x0b, 0x09, 0x1e, 0xf5, 0x0d, 0xa4, 0xbe, 0x88,
0x64, 0x93, 0xe8, 0x22, 0x9e, 0xf2, 0xe5, 0xf7, 0xfb, 0xe6, 0x30, 0x93, 0x90, 0x5e, 0x9c, 0x00,
0x82, 0x17, 0x4f, 0x82, 0x14, 0x21, 0x04, 0x39, 0xf3, 0xb2, 0xf0, 0x90, 0xa5, 0x68, 0xee, 0x6a,
0x49, 0x1b, 0xa5, 0xeb, 0xec, 0x96, 0xed, 0xdc, 0x7b, 0x66, 0xad, 0xb3, 0x6f, 0x48, 0x29, 0x42,
0xf4, 0x8a, 0x67, 0xae, 0x7b, 0xaf, 0x16, 0xd9, 0x19, 0xa6, 0x08, 0xbe, 0x9e, 0xe1, 0xe2, 0x29,
0x15, 0x0a, 0xa9, 0x43, 0xc8, 0x45, 0x80, 0x41, 0x28, 0x24, 0x8a, 0x84, 0x59, 0x5d, 0xab, 0xdf,
0xe4, 0x06, 0xa1, 0x94, 0x54, 0x6f, 0x60, 0x2a, 0xd8, 0xa6, 0x36, 0x3a, 0x53, 0x46, 0xea, 0x23,
0x31, 0x5f, 0x09, 0x89, 0xac, 0xaa, 0x71, 0xf9, 0x4a, 0xf7, 0x48, 0xf3, 0x36, 0x48, 0x30, 0xc2,
0x08, 0x24, 0x6b, 0x68, 0xf7, 0x0b, 0x68, 0x8b, 0x54, 0xae, 0xef, 0xc6, 0x6c, 0x4b, 0xf3, 0x2c,
0xd2, 0x2e, 0xb1, 0x7d, 0x90, 0x2a, 0x5d, 0x8e, 0xe1, 0x51, 0x48, 0x56, 0xd3, 0xc6, 0x44, 0xd9,
0x8c, 0x3f, 0xe2, 0xac, 0x9e, 0xcf, 0xf8, 0x23, 0xde, 0xfb, 0xb0, 0x08, 0x35, 0xf7, 0x50, 0x31,
0x48, 0x25, 0xe8, 0x01, 0xa9, 0xe5, 0x44, 0x2f, 0x61, 0x0f, 0xb6, 0xdd, 0xe2, 0x38, 0x45, 0xaf,
0xb0, 0xf4, 0x90, 0xd4, 0xfd, 0x21, 0x07, 0x40, 0xa5, 0x77, 0xb2, 0x07, 0x2d, 0xb7, 0xbc, 0x53,
0xc1, 0x79, 0x59, 0xa0, 0xa7, 0xc4, 0xf6, 0x45, 0x82, 0xd1, 0x2c, 0x0a, 0x03, 0x14, 0xac, 0xa2,
0xfb, 0xed, 0x9f, 0xfe, 0x95, 0x52, 0xa9, 0x98, 0x66, 0x0d, 0x6e, 0xf6, 0xe8, 0x31, 0x69, 0x5f,
0x3e, 0x63, 0x12, 0xf8, 0x43, 0x83, 0x2a, 0x56, 0xed, 0x56, 0xfa, 0x4d, 0xfe, 0x9f, 0x3a, 0x3f,
0x7b, 0x5b, 0x3b, 0xd6, 0xfb, 0xda, 0xb1, 0x3e, 0xd7, 0x8e, 0xf5, 0xf2, 0xe5, 0x6c, 0xdc, 0x1f,
0xcd, 0x23, 0x5c, 0xa4, 0x13, 0x37, 0x84, 0x95, 0xb7, 0x08, 0xd4, 0x22, 0x0a, 0x21, 0x89, 0xb3,
0x2f, 0xaa, 0xd2, 0xa5, 0xf7, 0xf7, 0x9f, 0x99, 0xd4, 0x34, 0x39, 0xf9, 0x0e, 0x00, 0x00, 0xff,
0xff, 0x65, 0x57, 0x2e, 0x30, 0x4e, 0x02, 0x00, 0x00,
}
func (m *AutoConfigRequest) Marshal() (dAtA []byte, err error) {
@ -261,6 +271,13 @@ func (m *AutoConfigRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
i -= len(m.XXX_unrecognized)
copy(dAtA[i:], m.XXX_unrecognized)
}
if len(m.Partition) > 0 {
i -= len(m.Partition)
copy(dAtA[i:], m.Partition)
i = encodeVarintAutoConfig(dAtA, i, uint64(len(m.Partition)))
i--
dAtA[i] = 0x42
}
if len(m.CSR) > 0 {
i -= len(m.CSR)
copy(dAtA[i:], m.CSR)
@ -419,6 +436,10 @@ func (m *AutoConfigRequest) Size() (n int) {
if l > 0 {
n += 1 + l + sovAutoConfig(uint64(l))
}
l = len(m.Partition)
if l > 0 {
n += 1 + l + sovAutoConfig(uint64(l))
}
if m.XXX_unrecognized != nil {
n += len(m.XXX_unrecognized)
}
@ -682,6 +703,38 @@ func (m *AutoConfigRequest) Unmarshal(dAtA []byte) error {
}
m.CSR = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 8:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Partition", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowAutoConfig
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthAutoConfig
}
postIndex := iNdEx + intStringLen
if postIndex < 0 {
return ErrInvalidLengthAutoConfig
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.Partition = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipAutoConfig(dAtA[iNdEx:])

View File

@ -7,7 +7,7 @@ option go_package = "github.com/hashicorp/consul/proto/pbautoconf";
import "proto/pbconfig/config.proto";
import "proto/pbconnect/connect.proto";
// AutoConfigRequest is the data structure to be sent along with the
// AutoConfigRequest is the data structure to be sent along with the
// AutoConfig.InitialConfiguration RPC
message AutoConfigRequest {
// Datacenter is the local datacenter name. This wont actually be set by clients
@ -15,21 +15,24 @@ message AutoConfigRequest {
// the leader. If it ever happens to be set and differs from the local datacenters
// name then an error should be returned.
string Datacenter = 1;
// Node is the node name that the requester would like to assume
// the identity of.
string Node = 2;
// Segment is the network segment that the requester would like to join
string Segment = 4;
// Partition is the partition that the requester would like to join
string Partition = 8;
// JWT is a signed JSON Web Token used to authorize the request
string JWT = 5;
// ConsulToken is a Consul ACL token that the agent requesting the
// configuration already has.
string ConsulToken = 6;
// CSR is a certificate signing request to be used when generating the
// agents TLS certificate
string CSR = 7;
@ -39,13 +42,13 @@ message AutoConfigRequest {
message AutoConfigResponse {
// Config is the partial Consul configuration to inject into the agents own configuration
config.Config Config = 1;
// CARoots is the current list of Connect CA Roots
connect.CARoots CARoots = 2;
// Certificate is the TLS certificate issued for the agent
connect.IssuedCert Certificate = 3;
// ExtraCACertificates holds non-Connect certificates that may be necessary
// to verify TLS connections with the Consul servers
repeated string ExtraCACertificates = 4;
}
}

View File

@ -0,0 +1,8 @@
//go:build !consulent
// +build !consulent
package pbautoconf
func (req *AutoConfigRequest) PartitionOrDefault() string {
return ""
}

View File

@ -27,6 +27,7 @@ type Config struct {
PrimaryDatacenter string `protobuf:"bytes,2,opt,name=PrimaryDatacenter,proto3" json:"PrimaryDatacenter,omitempty"`
NodeName string `protobuf:"bytes,3,opt,name=NodeName,proto3" json:"NodeName,omitempty"`
SegmentName string `protobuf:"bytes,4,opt,name=SegmentName,proto3" json:"SegmentName,omitempty"`
Partition string `protobuf:"bytes,9,opt,name=Partition,proto3" json:"Partition,omitempty"`
ACL *ACL `protobuf:"bytes,5,opt,name=ACL,proto3" json:"ACL,omitempty"`
AutoEncrypt *AutoEncrypt `protobuf:"bytes,6,opt,name=AutoEncrypt,proto3" json:"AutoEncrypt,omitempty"`
Gossip *Gossip `protobuf:"bytes,7,opt,name=Gossip,proto3" json:"Gossip,omitempty"`
@ -97,6 +98,13 @@ func (m *Config) GetSegmentName() string {
return ""
}
func (m *Config) GetPartition() string {
if m != nil {
return m.Partition
}
return ""
}
func (m *Config) GetACL() *ACL {
if m != nil {
return m.ACL
@ -679,58 +687,58 @@ func init() {
func init() { proto.RegisterFile("proto/pbconfig/config.proto", fileDescriptor_aefa824db7b74d77) }
var fileDescriptor_aefa824db7b74d77 = []byte{
// 802 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x74, 0x55, 0xdd, 0x8e, 0x22, 0x45,
0x14, 0xb6, 0xa7, 0x77, 0x7a, 0x86, 0x83, 0x6e, 0x76, 0x6b, 0x57, 0xec, 0xf8, 0x83, 0xa4, 0x63,
0x36, 0xa3, 0x31, 0x83, 0xc1, 0x68, 0xd4, 0x78, 0xc3, 0xc0, 0x46, 0x71, 0x01, 0x49, 0x37, 0xae,
0x89, 0x37, 0xa6, 0x69, 0x0e, 0x50, 0xb1, 0xa9, 0xea, 0x54, 0x17, 0x3b, 0xe1, 0x4d, 0x7c, 0x0d,
0xaf, 0x7d, 0x01, 0x2f, 0x7d, 0x04, 0x1d, 0x5f, 0xc0, 0x47, 0x30, 0xf5, 0xd3, 0x4d, 0xf7, 0x08,
0x57, 0x70, 0xbe, 0xef, 0xab, 0x53, 0xe7, 0xaf, 0x4e, 0xc3, 0x3b, 0x99, 0xe0, 0x92, 0x77, 0xb3,
0x45, 0xc2, 0xd9, 0x8a, 0xae, 0xbb, 0xe6, 0xe7, 0x5a, 0xa3, 0xc4, 0x33, 0x56, 0xf0, 0xdb, 0x19,
0x78, 0x03, 0xfd, 0x97, 0xb4, 0x01, 0x86, 0xb1, 0x8c, 0x13, 0x64, 0x12, 0x85, 0xef, 0x74, 0x9c,
0xab, 0x46, 0x58, 0x41, 0xc8, 0xc7, 0xf0, 0x78, 0x26, 0xe8, 0x36, 0x16, 0xfb, 0x8a, 0xec, 0x4c,
0xcb, 0xfe, 0x4f, 0x90, 0xb7, 0xe1, 0x72, 0xca, 0x97, 0x38, 0x8d, 0xb7, 0xe8, 0xbb, 0x5a, 0x54,
0xda, 0xa4, 0x03, 0xcd, 0x08, 0xd7, 0x5b, 0x64, 0x52, 0xd3, 0x0f, 0x34, 0x5d, 0x85, 0xc8, 0x7b,
0xe0, 0xf6, 0x07, 0x63, 0xff, 0xbc, 0xe3, 0x5c, 0x35, 0x7b, 0xcd, 0x6b, 0x1b, 0x7a, 0x7f, 0x30,
0x0e, 0x15, 0x4e, 0x3e, 0x83, 0x66, 0x7f, 0x27, 0xf9, 0x73, 0x96, 0x88, 0x7d, 0x26, 0x7d, 0x4f,
0xcb, 0x9e, 0x94, 0xb2, 0x03, 0x15, 0x56, 0x75, 0xe4, 0x19, 0x78, 0xdf, 0xf0, 0x3c, 0xa7, 0x99,
0x7f, 0xa1, 0x4f, 0x3c, 0x2c, 0x4e, 0x18, 0x34, 0xb4, 0xac, 0xba, 0x7d, 0x3e, 0x8e, 0xfc, 0xcb,
0xfa, 0xed, 0xf3, 0x71, 0x14, 0x2a, 0x3c, 0x58, 0x15, 0x6e, 0xc8, 0x17, 0x00, 0xd6, 0x37, 0xe5,
0x4c, 0x97, 0xac, 0xd9, 0xf3, 0xeb, 0x4e, 0x0f, 0x7c, 0x58, 0xd1, 0x92, 0x00, 0x5e, 0x0f, 0x51,
0x8a, 0xfd, 0x77, 0x9c, 0xb2, 0x71, 0x7f, 0xea, 0x9f, 0x75, 0xdc, 0xab, 0x46, 0x58, 0xc3, 0x02,
0x09, 0x8f, 0xee, 0xfb, 0x20, 0x8f, 0xc0, 0x7d, 0x81, 0x7b, 0xdb, 0x1d, 0xf5, 0x97, 0x3c, 0x83,
0x87, 0x2f, 0x51, 0xd0, 0xd5, 0x7e, 0xc4, 0x12, 0xbe, 0xa5, 0x6c, 0xad, 0x7b, 0x72, 0x19, 0xde,
0x43, 0x0f, 0xba, 0xef, 0x77, 0x72, 0xcd, 0x95, 0xce, 0xad, 0xea, 0x0a, 0x34, 0xf8, 0xdb, 0xd1,
0xd9, 0x1f, 0xd1, 0x3b, 0xc7, 0xf4, 0xa4, 0x07, 0x4f, 0x0d, 0x12, 0xa1, 0x78, 0x85, 0xe2, 0x5b,
0x9e, 0x4b, 0xa6, 0xba, 0x6a, 0xa2, 0x38, 0xca, 0xa9, 0xec, 0x07, 0x34, 0xdb, 0xa0, 0x88, 0x76,
0x54, 0x62, 0x6e, 0x07, 0xa4, 0x86, 0xa9, 0x71, 0x9c, 0x50, 0xf6, 0x12, 0x45, 0xae, 0x6a, 0x6b,
0x66, 0xa4, 0x82, 0x90, 0xaf, 0xc0, 0x9f, 0x09, 0x5c, 0xa1, 0x30, 0xbe, 0x6b, 0xfe, 0xce, 0xf5,
0xdd, 0x27, 0xf9, 0xe0, 0x77, 0x57, 0xcf, 0x17, 0xf1, 0xe1, 0xe2, 0x39, 0x8b, 0x17, 0x29, 0x2e,
0x6d, 0x72, 0x85, 0x49, 0xde, 0x85, 0xc6, 0x8c, 0xa7, 0x34, 0xd9, 0xcf, 0xe7, 0x63, 0x3b, 0xe4,
0x07, 0x40, 0x9d, 0x0b, 0x79, 0x8a, 0x8a, 0x33, 0xa1, 0x17, 0xa6, 0x1a, 0xfb, 0x39, 0xff, 0x05,
0x99, 0xa2, 0x4c, 0xcc, 0xa5, 0xad, 0x1f, 0x18, 0xbf, 0x65, 0xc6, 0x8d, 0x8e, 0x51, 0x3d, 0xb0,
0x12, 0x21, 0x1f, 0xc0, 0x1b, 0x43, 0x5c, 0xc5, 0xbb, 0x54, 0x5a, 0x89, 0xa7, 0x25, 0x75, 0x90,
0x7c, 0x02, 0x4f, 0x4c, 0x90, 0x2f, 0x70, 0x3f, 0xa6, 0x79, 0xa1, 0xbd, 0xd0, 0xf1, 0x1f, 0xa3,
0xc8, 0x87, 0xe0, 0xe9, 0x18, 0x72, 0x3b, 0xd1, 0x8f, 0x2b, 0xef, 0xc9, 0x10, 0xa1, 0x15, 0x90,
0x2f, 0xa1, 0x35, 0xc4, 0x4c, 0x60, 0x12, 0x4b, 0x5c, 0xfe, 0x3c, 0xa4, 0xb9, 0xae, 0x86, 0x4a,
0xa6, 0xa1, 0x62, 0xb9, 0x39, 0xf3, 0x9d, 0xf0, 0xcd, 0x83, 0xa2, 0x22, 0x20, 0x9f, 0x43, 0xcb,
0x5c, 0xae, 0x5d, 0xcd, 0x54, 0x97, 0x72, 0x89, 0x2c, 0x41, 0x1f, 0x74, 0x68, 0x27, 0x58, 0x95,
0xcf, 0x24, 0x9a, 0x59, 0x4f, 0x37, 0x9c, 0xcb, 0x5c, 0x8a, 0x38, 0xf3, 0x9b, 0x26, 0x9f, 0x23,
0x54, 0xf0, 0xaf, 0x03, 0x8d, 0x32, 0x74, 0xd2, 0x02, 0x6f, 0x12, 0xe7, 0x87, 0x95, 0x65, 0x2d,
0xb5, 0x64, 0x42, 0xcc, 0x52, 0x9a, 0xc4, 0xfa, 0x71, 0x9a, 0x1e, 0x56, 0x21, 0xa5, 0xe8, 0xaf,
0x91, 0x49, 0x7b, 0xdc, 0x74, 0xb2, 0x0a, 0xa9, 0x3e, 0xdb, 0xe2, 0xdb, 0x66, 0x16, 0x26, 0x79,
0x0a, 0xe7, 0x5a, 0x68, 0xdb, 0x68, 0x0c, 0xf2, 0x23, 0xb4, 0x26, 0x31, 0x8b, 0xd7, 0xb8, 0x54,
0x43, 0x47, 0x13, 0x9c, 0x09, 0xfe, 0x8a, 0x2e, 0x51, 0xf8, 0x5e, 0xc7, 0xbd, 0x6a, 0xf6, 0xde,
0xaf, 0x54, 0xfe, 0x9e, 0x42, 0x67, 0x13, 0x9e, 0x38, 0x1e, 0xfc, 0x00, 0x6f, 0x9d, 0x38, 0xa2,
0xa6, 0xaa, 0x9f, 0x24, 0x98, 0xe7, 0x5c, 0x8c, 0x86, 0xc5, 0xda, 0x3e, 0x20, 0x6a, 0x22, 0x23,
0x4c, 0x04, 0xca, 0xd1, 0xd0, 0x16, 0xa1, 0xb4, 0x03, 0x5a, 0xdb, 0xa3, 0x6a, 0xb9, 0xa8, 0xbd,
0x67, 0x9e, 0x82, 0x5e, 0x02, 0x2d, 0xf0, 0x86, 0xd3, 0x28, 0x2a, 0x17, 0x94, 0xb5, 0x54, 0xfa,
0xa3, 0x99, 0x82, 0x5d, 0x0d, 0x1b, 0x43, 0x5d, 0xd5, 0x4f, 0x53, 0x7e, 0xab, 0x9c, 0x3c, 0xd0,
0x4e, 0x4a, 0xfb, 0xe6, 0xeb, 0x3f, 0xee, 0xda, 0xce, 0x9f, 0x77, 0x6d, 0xe7, 0xaf, 0xbb, 0xb6,
0xf3, 0xeb, 0x3f, 0xed, 0xd7, 0x7e, 0xfa, 0x68, 0x4d, 0xe5, 0x66, 0xb7, 0xb8, 0x4e, 0xf8, 0xb6,
0xbb, 0x89, 0xf3, 0x0d, 0x4d, 0xb8, 0xc8, 0xd4, 0x57, 0x2a, 0xdf, 0xa5, 0xdd, 0xfa, 0xb7, 0x6b,
0xe1, 0x69, 0xfb, 0xd3, 0xff, 0x02, 0x00, 0x00, 0xff, 0xff, 0x54, 0x4a, 0x4e, 0xf1, 0xd4, 0x06,
0x00, 0x00,
// 811 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x74, 0x55, 0xdb, 0x8e, 0xe3, 0x44,
0x10, 0xc5, 0xe3, 0x1d, 0xcf, 0xa4, 0x02, 0xab, 0xdd, 0xde, 0x25, 0x58, 0x5c, 0x42, 0x64, 0xa1,
0xd5, 0x80, 0xd0, 0x0c, 0x1a, 0x04, 0x02, 0xc4, 0x4b, 0x26, 0x59, 0x41, 0xd8, 0x24, 0x44, 0x76,
0x58, 0x24, 0x5e, 0x90, 0xe3, 0x54, 0x92, 0x16, 0x4e, 0xb7, 0xd5, 0xee, 0xec, 0x28, 0x7f, 0xc2,
0xbf, 0xf0, 0x03, 0xbc, 0xc1, 0x27, 0xc0, 0xf0, 0x03, 0x7c, 0x02, 0xea, 0x8b, 0x6f, 0x43, 0xf2,
0x94, 0xd4, 0x39, 0xa7, 0xab, 0xab, 0xba, 0x2e, 0x86, 0x77, 0x32, 0xc1, 0x25, 0xbf, 0xca, 0x16,
0x09, 0x67, 0x2b, 0xba, 0xbe, 0x32, 0x3f, 0x97, 0x1a, 0x25, 0x9e, 0xb1, 0x82, 0x3f, 0x4e, 0xc0,
0x1b, 0xe8, 0xbf, 0xa4, 0x0b, 0x30, 0x8c, 0x65, 0x9c, 0x20, 0x93, 0x28, 0x7c, 0xa7, 0xe7, 0x5c,
0xb4, 0xc2, 0x1a, 0x42, 0x3e, 0x86, 0xc7, 0x33, 0x41, 0xb7, 0xb1, 0xd8, 0xd7, 0x64, 0x27, 0x5a,
0xf6, 0x7f, 0x82, 0xbc, 0x0d, 0xe7, 0x53, 0xbe, 0xc4, 0x69, 0xbc, 0x45, 0xdf, 0xd5, 0xa2, 0xd2,
0x26, 0x3d, 0x68, 0x47, 0xb8, 0xde, 0x22, 0x93, 0x9a, 0x7e, 0xa0, 0xe9, 0x3a, 0x44, 0xde, 0x85,
0xd6, 0x2c, 0x16, 0x92, 0x4a, 0xca, 0x99, 0xdf, 0xd2, 0x7c, 0x05, 0x90, 0xf7, 0xc0, 0xed, 0x0f,
0xc6, 0xfe, 0x69, 0xcf, 0xb9, 0x68, 0x5f, 0xb7, 0x2f, 0x6d, 0x62, 0xfd, 0xc1, 0x38, 0x54, 0x38,
0xf9, 0x0c, 0xda, 0xfd, 0x9d, 0xe4, 0xcf, 0x59, 0x22, 0xf6, 0x99, 0xf4, 0x3d, 0x2d, 0x7b, 0x52,
0xca, 0x2a, 0x2a, 0xac, 0xeb, 0xc8, 0x33, 0xf0, 0xbe, 0xe1, 0x79, 0x4e, 0x33, 0xff, 0x4c, 0x9f,
0x78, 0x58, 0x9c, 0x30, 0x68, 0x68, 0x59, 0x75, 0xfb, 0x7c, 0x1c, 0xf9, 0xe7, 0xcd, 0xdb, 0xe7,
0xe3, 0x28, 0x54, 0x78, 0xb0, 0x2a, 0xdc, 0x90, 0x2f, 0x00, 0xac, 0x6f, 0x95, 0x85, 0xa3, 0xf5,
0x7e, 0xd3, 0x69, 0xc5, 0x87, 0x35, 0x2d, 0x09, 0xe0, 0xf5, 0x10, 0xa5, 0xd8, 0x7f, 0xc7, 0x29,
0x1b, 0xf7, 0xa7, 0xfe, 0x49, 0xcf, 0xbd, 0x68, 0x85, 0x0d, 0x2c, 0x90, 0xf0, 0xe8, 0xbe, 0x0f,
0xf2, 0x08, 0xdc, 0x17, 0xb8, 0xb7, 0xb5, 0x53, 0x7f, 0xc9, 0x33, 0x78, 0xf8, 0x12, 0x05, 0x5d,
0xed, 0x47, 0x2c, 0xe1, 0x5b, 0xca, 0xd6, 0xba, 0x62, 0xe7, 0xe1, 0x3d, 0xb4, 0xd2, 0x7d, 0xbf,
0x93, 0x6b, 0xae, 0x74, 0x6e, 0x5d, 0x57, 0xa0, 0xc1, 0xdf, 0x8e, 0xce, 0xfe, 0x80, 0xde, 0x39,
0xa4, 0x27, 0xd7, 0xf0, 0xd4, 0x20, 0x11, 0x8a, 0x57, 0x28, 0xbe, 0xe5, 0xb9, 0x64, 0xaa, 0xe6,
0x26, 0x8a, 0x83, 0x9c, 0xca, 0x7e, 0x40, 0xb3, 0x0d, 0x8a, 0x68, 0x47, 0x25, 0xe6, 0xb6, 0x7d,
0x1a, 0x98, 0x6a, 0xd6, 0x09, 0x65, 0x2f, 0x51, 0xe4, 0xea, 0x6d, 0x4d, 0x07, 0xd5, 0x10, 0xf2,
0x15, 0xf8, 0x33, 0x81, 0x2b, 0x14, 0xc6, 0x77, 0xc3, 0xdf, 0xa9, 0xbe, 0xfb, 0x28, 0x1f, 0xfc,
0xe6, 0xea, 0xfe, 0x22, 0x3e, 0x9c, 0x3d, 0x67, 0xf1, 0x22, 0xc5, 0xa5, 0x4d, 0xae, 0x30, 0x75,
0x7b, 0xf2, 0x94, 0x26, 0xfb, 0xf9, 0x7c, 0x6c, 0x47, 0xa0, 0x02, 0xd4, 0xb9, 0x90, 0xa7, 0xa8,
0x38, 0x13, 0x7a, 0x61, 0xaa, 0xa1, 0x98, 0xf3, 0x5f, 0x90, 0x29, 0xca, 0xc4, 0x5c, 0xda, 0x7a,
0xfc, 0xf8, 0x2d, 0x33, 0x6e, 0x74, 0x8c, 0x6a, 0xfc, 0x4a, 0x84, 0x7c, 0x00, 0x6f, 0x0c, 0x71,
0x15, 0xef, 0x52, 0x69, 0x25, 0x9e, 0x96, 0x34, 0x41, 0xf2, 0x09, 0x3c, 0x31, 0x41, 0xbe, 0xc0,
0xfd, 0x98, 0xe6, 0x85, 0xf6, 0x4c, 0xc7, 0x7f, 0x88, 0x22, 0x1f, 0x82, 0xa7, 0x63, 0xc8, 0x6d,
0x47, 0x3f, 0xae, 0xcd, 0x93, 0x21, 0x42, 0x2b, 0x20, 0x5f, 0x42, 0x67, 0x88, 0x99, 0xc0, 0x24,
0x96, 0xb8, 0xfc, 0x79, 0x48, 0x73, 0xfd, 0x1a, 0x2a, 0x19, 0x3d, 0xa2, 0x37, 0x27, 0xbe, 0x13,
0xbe, 0x59, 0x29, 0x6a, 0x02, 0xf2, 0x39, 0x74, 0xcc, 0xe5, 0xda, 0xd5, 0x4c, 0x55, 0x29, 0x97,
0xc8, 0x12, 0xf4, 0x41, 0x87, 0x76, 0x84, 0x55, 0xf9, 0x4c, 0xa2, 0x99, 0xf5, 0x74, 0xc3, 0xb9,
0xcc, 0xa5, 0x88, 0x33, 0xbf, 0x6d, 0xf2, 0x39, 0x40, 0x05, 0xff, 0x3a, 0xd0, 0x2a, 0x43, 0x27,
0x1d, 0xf0, 0x26, 0x71, 0x5e, 0x2d, 0x34, 0x6b, 0xa9, 0x15, 0x14, 0x62, 0x96, 0xd2, 0x24, 0xd6,
0xc3, 0x69, 0x6a, 0x58, 0x87, 0x94, 0xa2, 0xbf, 0x46, 0x26, 0xed, 0x71, 0x53, 0xc9, 0x3a, 0xa4,
0xea, 0x6c, 0x1f, 0xdf, 0x16, 0xb3, 0x30, 0xc9, 0x53, 0x38, 0xd5, 0x42, 0x5b, 0x46, 0x63, 0x90,
0x1f, 0xa1, 0x33, 0x89, 0x59, 0xbc, 0xc6, 0xa5, 0x6a, 0x3a, 0x9a, 0xe0, 0x4c, 0xf0, 0x57, 0x74,
0x89, 0xc2, 0xf7, 0x7a, 0xee, 0x45, 0xfb, 0xfa, 0xfd, 0xda, 0xcb, 0xdf, 0x53, 0xe8, 0x6c, 0xc2,
0x23, 0xc7, 0x83, 0x1f, 0xe0, 0xad, 0x23, 0x47, 0x54, 0x57, 0xf5, 0x93, 0x04, 0xf3, 0x9c, 0x8b,
0xd1, 0xb0, 0x58, 0xea, 0x15, 0xa2, 0x3a, 0x32, 0xc2, 0x44, 0xa0, 0x1c, 0x0d, 0xed, 0x23, 0x94,
0x76, 0x40, 0x1b, 0x7b, 0x54, 0x2d, 0x17, 0xb5, 0xf7, 0xcc, 0x28, 0xe8, 0x25, 0xd0, 0x01, 0x6f,
0x38, 0x8d, 0xa2, 0x72, 0x41, 0x59, 0x4b, 0xa5, 0x3f, 0x9a, 0x29, 0xd8, 0xd5, 0xb0, 0x31, 0xd4,
0x55, 0xfd, 0x34, 0xe5, 0xb7, 0xca, 0xc9, 0x03, 0xed, 0xa4, 0xb4, 0x6f, 0xbe, 0xfe, 0xfd, 0xae,
0xeb, 0xfc, 0x79, 0xd7, 0x75, 0xfe, 0xba, 0xeb, 0x3a, 0xbf, 0xfe, 0xd3, 0x7d, 0xed, 0xa7, 0x8f,
0xd6, 0x54, 0x6e, 0x76, 0x8b, 0xcb, 0x84, 0x6f, 0xaf, 0x36, 0x71, 0xbe, 0xa1, 0x09, 0x17, 0x99,
0xfa, 0x86, 0xe5, 0xbb, 0xf4, 0xaa, 0xf9, 0x65, 0x5b, 0x78, 0xda, 0xfe, 0xf4, 0xbf, 0x00, 0x00,
0x00, 0xff, 0xff, 0x2f, 0xdd, 0x30, 0x50, 0xf2, 0x06, 0x00, 0x00,
}
func (m *Config) Marshal() (dAtA []byte, err error) {
@ -757,6 +765,13 @@ func (m *Config) MarshalToSizedBuffer(dAtA []byte) (int, error) {
i -= len(m.XXX_unrecognized)
copy(dAtA[i:], m.XXX_unrecognized)
}
if len(m.Partition) > 0 {
i -= len(m.Partition)
copy(dAtA[i:], m.Partition)
i = encodeVarintConfig(dAtA, i, uint64(len(m.Partition)))
i--
dAtA[i] = 0x4a
}
if m.TLS != nil {
{
size, err := m.TLS.MarshalToSizedBuffer(dAtA[:i])
@ -1361,6 +1376,10 @@ func (m *Config) Size() (n int) {
l = m.TLS.Size()
n += 1 + l + sovConfig(uint64(l))
}
l = len(m.Partition)
if l > 0 {
n += 1 + l + sovConfig(uint64(l))
}
if m.XXX_unrecognized != nil {
n += len(m.XXX_unrecognized)
}
@ -1887,6 +1906,38 @@ func (m *Config) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
case 9:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Partition", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowConfig
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthConfig
}
postIndex := iNdEx + intStringLen
if postIndex < 0 {
return ErrInvalidLengthConfig
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.Partition = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipConfig(dAtA[iNdEx:])

View File

@ -9,6 +9,7 @@ message Config {
string PrimaryDatacenter = 2;
string NodeName = 3;
string SegmentName = 4;
string Partition = 9;
ACL ACL = 5;
AutoEncrypt AutoEncrypt = 6;
Gossip Gossip = 7;
@ -69,4 +70,4 @@ message AutoEncrypt {
repeated string DNSSAN = 2;
repeated string IPSAN = 3;
bool AllowTLS = 4;
}
}

View File

@ -1065,6 +1065,8 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
- `segment` <EnterpriseAlert inline /> - The network segment name the client is requesting.
- `partition` <EnterpriseAlert inline /> - The admin partition name the client is requesting.
- `auto_encrypt` This object allows setting options for the `auto_encrypt` feature.
The following sub-keys are available: