Use consul's stale reads by default
This commit is contained in:
parent
b17e3fe3c7
commit
dc3fd4df65
4 changed files with 42 additions and 22 deletions
56
main.go
56
main.go
|
@ -34,24 +34,30 @@ const ATTR_MEMBER = "member"
|
||||||
const ATTR_USERPASSWORD = "userpassword"
|
const ATTR_USERPASSWORD = "userpassword"
|
||||||
|
|
||||||
type ConfigFile struct {
|
type ConfigFile struct {
|
||||||
Suffix string `json:"suffix"`
|
Suffix string `json:"suffix"`
|
||||||
Bind string `json:"bind"`
|
Bind string `json:"bind"`
|
||||||
BindSecure string `json:"bind_secure"`
|
BindSecure string `json:"bind_secure"`
|
||||||
ConsulHost string `json:"consul_host"`
|
LogLevel string `json:"log_level"`
|
||||||
Acl []string `json:"acl"`
|
|
||||||
TLSCertFile string `json:"tls_cert_file"`
|
ConsulHost string `json:"consul_host"`
|
||||||
TLSKeyFile string `json:"tls_key_file"`
|
ConsulConsistent bool `json:"consul_force_consistency"`
|
||||||
TLSServerName string `json:"tls_server_name"`
|
|
||||||
LogLevel string `json:"log_level"`
|
Acl []string `json:"acl"`
|
||||||
|
|
||||||
|
TLSCertFile string `json:"tls_cert_file"`
|
||||||
|
TLSKeyFile string `json:"tls_key_file"`
|
||||||
|
TLSServerName string `json:"tls_server_name"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Config struct {
|
type Config struct {
|
||||||
Suffix string
|
Suffix string
|
||||||
Bind string
|
Bind string
|
||||||
BindSecure string
|
BindSecure string
|
||||||
ConsulHost string
|
|
||||||
LogLevel log.Level
|
LogLevel log.Level
|
||||||
|
|
||||||
|
ConsulHost string
|
||||||
|
ConsulConsistent bool
|
||||||
|
|
||||||
Acl ACL
|
Acl ACL
|
||||||
|
|
||||||
TLSConfig *tls.Config
|
TLSConfig *tls.Config
|
||||||
|
@ -60,7 +66,9 @@ type Config struct {
|
||||||
type Server struct {
|
type Server struct {
|
||||||
logger *log.Logger
|
logger *log.Logger
|
||||||
config Config
|
config Config
|
||||||
kv *consul.KV
|
|
||||||
|
kv *consul.KV
|
||||||
|
readOpts consul.QueryOptions
|
||||||
}
|
}
|
||||||
|
|
||||||
type State struct {
|
type State struct {
|
||||||
|
@ -105,9 +113,12 @@ func readConfig(logger *log.Logger) Config {
|
||||||
Suffix: config_file.Suffix,
|
Suffix: config_file.Suffix,
|
||||||
Bind: config_file.Bind,
|
Bind: config_file.Bind,
|
||||||
BindSecure: config_file.BindSecure,
|
BindSecure: config_file.BindSecure,
|
||||||
ConsulHost: config_file.ConsulHost,
|
|
||||||
Acl: acl,
|
|
||||||
LogLevel: log_level,
|
LogLevel: log_level,
|
||||||
|
|
||||||
|
ConsulHost: config_file.ConsulHost,
|
||||||
|
ConsulConsistent: config_file.ConsulConsistent,
|
||||||
|
|
||||||
|
Acl: acl,
|
||||||
}
|
}
|
||||||
|
|
||||||
if config_file.TLSCertFile != "" && config_file.TLSKeyFile != "" && config_file.TLSServerName != "" {
|
if config_file.TLSCertFile != "" && config_file.TLSKeyFile != "" && config_file.TLSServerName != "" {
|
||||||
|
@ -164,13 +175,22 @@ func main() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Fatal(err)
|
logger.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
kv := consul_client.KV()
|
kv := consul_client.KV()
|
||||||
|
readOpts := consul.QueryOptions{}
|
||||||
|
if config.ConsulConsistent {
|
||||||
|
logger.Info("Using consistent reads on Consul database, this may lead to performance degradation. Set \"consul_force_consistency\": false in your config file if you have performance issues.")
|
||||||
|
readOpts.RequireConsistent = true
|
||||||
|
} else {
|
||||||
|
readOpts.AllowStale = true
|
||||||
|
}
|
||||||
|
|
||||||
// Create bottin server
|
// Create bottin server
|
||||||
bottin := Server{
|
bottin := Server{
|
||||||
logger: logger,
|
logger: logger,
|
||||||
config: config,
|
config: config,
|
||||||
kv: kv,
|
kv: kv,
|
||||||
|
readOpts: readOpts,
|
||||||
}
|
}
|
||||||
err = bottin.init()
|
err = bottin.init()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -384,7 +404,7 @@ func (server *Server) getAttribute(dn string, attr string) ([]string, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
pairs, _, err := server.kv.List(path+"/attribute=", nil)
|
pairs, _, err := server.kv.List(path+"/attribute=", &server.readOpts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -409,7 +429,7 @@ func (server *Server) objectExists(dn string) (bool, error) {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
data, _, err := server.kv.List(prefix+"/attribute=", nil)
|
data, _, err := server.kv.List(prefix+"/attribute=", &server.readOpts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -72,7 +72,7 @@ func (server *Server) memberOfResync() error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
data, _, err := server.kv.List(basePath, nil)
|
data, _, err := server.kv.List(basePath, &server.readOpts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
2
read.go
2
read.go
|
@ -109,7 +109,7 @@ func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter,
|
||||||
basePath += "/"
|
basePath += "/"
|
||||||
}
|
}
|
||||||
|
|
||||||
data, _, err := server.kv.List(basePath, nil)
|
data, _, err := server.kv.List(basePath, &server.readOpts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ldap.LDAPResultOperationsError, err
|
return ldap.LDAPResultOperationsError, err
|
||||||
}
|
}
|
||||||
|
|
4
write.go
4
write.go
|
@ -186,7 +186,7 @@ func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest)
|
||||||
return ldap.LDAPResultInvalidDNSyntax, err
|
return ldap.LDAPResultInvalidDNSyntax, err
|
||||||
}
|
}
|
||||||
|
|
||||||
items, _, err := server.kv.List(path+"/", nil)
|
items, _, err := server.kv.List(path+"/", &server.readOpts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ldap.LDAPResultOperationsError, err
|
return ldap.LDAPResultOperationsError, err
|
||||||
}
|
}
|
||||||
|
@ -299,7 +299,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques
|
||||||
return ldap.LDAPResultInvalidDNSyntax, err
|
return ldap.LDAPResultInvalidDNSyntax, err
|
||||||
}
|
}
|
||||||
|
|
||||||
items, _, err := server.kv.List(path+"/attribute=", nil)
|
items, _, err := server.kv.List(path+"/attribute=", &server.readOpts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ldap.LDAPResultOperationsError, err
|
return ldap.LDAPResultOperationsError, err
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue