scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-29 17:52:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

raft: Fix some snapshot restore issues (#9533)

Browse Source 
* raft: Remove double read lock

* Reload TLS keyring after reloading the barrier keys
This commit is contained in:
Brian Kassouf
2020-07-21 10:59:07 -07:00
committed by GitHub
parent f7e0a0fa50
commit 7549070cfa
2 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
physical/raft/raft.go
View File

@@ -956,9 +956,7 @@ func (b *RaftBackend) RestoreSnapshot(ctx context.Context, metadata raft.Snapsho
},
}
b.l.RLock()
err := b.applyLog(ctx, command)
b.l.RUnlock()
// Do a best-effort attempt to let the standbys apply the restoreCallbackOp
// before we continue.

12
vault/raft.go
View File

@@ -632,12 +632,6 @@ func (c *Core) raftSnapshotRestoreCallback(grabLock bool, sealNode bool) func(co
// Purge the cache so we make sure we are operating on fresh data
c.physicalCache.Purge(ctx)
// Refresh the raft TLS keys
if err := c.checkRaftTLSKeyUpgrades(ctx); err != nil {
c.logger.Info("failed to perform TLS key upgrades, sealing", "error", err)
return err
}
// Reload the keyring in case it changed. If this fails it's likely
// we've changed master keys.
err := c.performKeyUpgrades(ctx)
@@ -675,6 +669,12 @@ func (c *Core) raftSnapshotRestoreCallback(grabLock bool, sealNode bool) func(co
}
}
// Refresh the raft TLS keys
if err := c.checkRaftTLSKeyUpgrades(ctx); err != nil {
c.logger.Info("failed to perform TLS key upgrades, sealing", "error", err)
return err
}
return nil
}
}