Use consul's stale reads by default

This commit is contained in:
Alex 2021-03-09 18:24:30 +01:00
parent b17e3fe3c7
commit dc3fd4df65
4 changed files with 42 additions and 22 deletions

56
main.go
View file

@ -34,24 +34,30 @@ const ATTR_MEMBER = "member"
const ATTR_USERPASSWORD = "userpassword" const ATTR_USERPASSWORD = "userpassword"
type ConfigFile struct { type ConfigFile struct {
Suffix string `json:"suffix"` Suffix string `json:"suffix"`
Bind string `json:"bind"` Bind string `json:"bind"`
BindSecure string `json:"bind_secure"` BindSecure string `json:"bind_secure"`
ConsulHost string `json:"consul_host"` LogLevel string `json:"log_level"`
Acl []string `json:"acl"`
TLSCertFile string `json:"tls_cert_file"` ConsulHost string `json:"consul_host"`
TLSKeyFile string `json:"tls_key_file"` ConsulConsistent bool `json:"consul_force_consistency"`
TLSServerName string `json:"tls_server_name"`
LogLevel string `json:"log_level"` Acl []string `json:"acl"`
TLSCertFile string `json:"tls_cert_file"`
TLSKeyFile string `json:"tls_key_file"`
TLSServerName string `json:"tls_server_name"`
} }
type Config struct { type Config struct {
Suffix string Suffix string
Bind string Bind string
BindSecure string BindSecure string
ConsulHost string
LogLevel log.Level LogLevel log.Level
ConsulHost string
ConsulConsistent bool
Acl ACL Acl ACL
TLSConfig *tls.Config TLSConfig *tls.Config
@ -60,7 +66,9 @@ type Config struct {
type Server struct { type Server struct {
logger *log.Logger logger *log.Logger
config Config config Config
kv *consul.KV
kv *consul.KV
readOpts consul.QueryOptions
} }
type State struct { type State struct {
@ -105,9 +113,12 @@ func readConfig(logger *log.Logger) Config {
Suffix: config_file.Suffix, Suffix: config_file.Suffix,
Bind: config_file.Bind, Bind: config_file.Bind,
BindSecure: config_file.BindSecure, BindSecure: config_file.BindSecure,
ConsulHost: config_file.ConsulHost,
Acl: acl,
LogLevel: log_level, LogLevel: log_level,
ConsulHost: config_file.ConsulHost,
ConsulConsistent: config_file.ConsulConsistent,
Acl: acl,
} }
if config_file.TLSCertFile != "" && config_file.TLSKeyFile != "" && config_file.TLSServerName != "" { if config_file.TLSCertFile != "" && config_file.TLSKeyFile != "" && config_file.TLSServerName != "" {
@ -164,13 +175,22 @@ func main() {
if err != nil { if err != nil {
logger.Fatal(err) logger.Fatal(err)
} }
kv := consul_client.KV() kv := consul_client.KV()
readOpts := consul.QueryOptions{}
if config.ConsulConsistent {
logger.Info("Using consistent reads on Consul database, this may lead to performance degradation. Set \"consul_force_consistency\": false in your config file if you have performance issues.")
readOpts.RequireConsistent = true
} else {
readOpts.AllowStale = true
}
// Create bottin server // Create bottin server
bottin := Server{ bottin := Server{
logger: logger, logger: logger,
config: config, config: config,
kv: kv, kv: kv,
readOpts: readOpts,
} }
err = bottin.init() err = bottin.init()
if err != nil { if err != nil {
@ -384,7 +404,7 @@ func (server *Server) getAttribute(dn string, attr string) ([]string, error) {
return nil, err return nil, err
} }
pairs, _, err := server.kv.List(path+"/attribute=", nil) pairs, _, err := server.kv.List(path+"/attribute=", &server.readOpts)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -409,7 +429,7 @@ func (server *Server) objectExists(dn string) (bool, error) {
return false, err return false, err
} }
data, _, err := server.kv.List(prefix+"/attribute=", nil) data, _, err := server.kv.List(prefix+"/attribute=", &server.readOpts)
if err != nil { if err != nil {
return false, err return false, err
} }

View file

@ -72,7 +72,7 @@ func (server *Server) memberOfResync() error {
return err return err
} }
data, _, err := server.kv.List(basePath, nil) data, _, err := server.kv.List(basePath, &server.readOpts)
if err != nil { if err != nil {
return err return err
} }

View file

@ -109,7 +109,7 @@ func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter,
basePath += "/" basePath += "/"
} }
data, _, err := server.kv.List(basePath, nil) data, _, err := server.kv.List(basePath, &server.readOpts)
if err != nil { if err != nil {
return ldap.LDAPResultOperationsError, err return ldap.LDAPResultOperationsError, err
} }

View file

@ -186,7 +186,7 @@ func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest)
return ldap.LDAPResultInvalidDNSyntax, err return ldap.LDAPResultInvalidDNSyntax, err
} }
items, _, err := server.kv.List(path+"/", nil) items, _, err := server.kv.List(path+"/", &server.readOpts)
if err != nil { if err != nil {
return ldap.LDAPResultOperationsError, err return ldap.LDAPResultOperationsError, err
} }
@ -299,7 +299,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
return ldap.LDAPResultInvalidDNSyntax, err return ldap.LDAPResultInvalidDNSyntax, err
} }
items, _, err := server.kv.List(path+"/attribute=", nil) items, _, err := server.kv.List(path+"/attribute=", &server.readOpts)
if err != nil { if err != nil {
return ldap.LDAPResultOperationsError, err return ldap.LDAPResultOperationsError, err
} }