scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-31 10:37:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Vault 2256: fix lease count quotas causing panics on dr secondaries (#11742)

Browse Source 
* lift relevant changes from ent to oss

* fix silent error bug in quotas
This commit is contained in:
swayne275
2021-06-02 10:12:05 -06:00
committed by GitHub
parent b56a109e4c
commit cefcaccedd
3 changed files with 34 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
vault/core.go
View File

@@ -2724,7 +2724,7 @@ func (c *Core) setupQuotas(ctx context.Context, isPerfStandby bool) error {
return nil return nil
} }
return c.quotaManager.Setup(ctx, c.systemBarrierView, isPerfStandby) return c.quotaManager.Setup(ctx, c.systemBarrierView, isPerfStandby, c.IsDRSecondary())
} }
// ApplyRateLimitQuota checks the request against all the applicable quota rules. // ApplyRateLimitQuota checks the request against all the applicable quota rules.

49
vault/quotas/quotas.go
View File

@@ -771,6 +771,11 @@ func (m *Manager) Invalidate(key string) {
qType := splitKeys[0] qType := splitKeys[0]
name := splitKeys[1] name := splitKeys[1]
if qType == TypeLeaseCount.String() && m.isDRSecondary {
// lease count invalidation not supported on DR Secondary
return
}
// Read quota rule from storage // Read quota rule from storage
quota, err := Load(m.ctx, m.storage, qType, name) quota, err := Load(m.ctx, m.storage, qType, name)
if err != nil { if err != nil {
@@ -844,13 +849,14 @@ func Load(ctx context.Context, storage logical.Storage, qType, name string) (Quo
// Setup loads the quota configuration and all the quota rules into the // Setup loads the quota configuration and all the quota rules into the
// quota manager. // quota manager.
func (m *Manager) Setup(ctx context.Context, storage logical.Storage, isPerfStandby bool) error { func (m *Manager) Setup(ctx context.Context, storage logical.Storage, isPerfStandby, isDRSecondary bool) error {
m.lock.Lock() m.lock.Lock()
defer m.lock.Unlock() defer m.lock.Unlock()
m.storage = storage m.storage = storage
m.ctx = ctx m.ctx = ctx
m.isPerfStandby = isPerfStandby m.isPerfStandby = isPerfStandby
m.isDRSecondary = isDRSecondary
// Load the quota configuration from storage and load it into the quota // Load the quota configuration from storage and load it into the quota
// manager. // manager.
@@ -887,27 +893,36 @@ func (m *Manager) Setup(ctx context.Context, storage logical.Storage, isPerfStan
return err return err
} }
// Load the quota rules for all supported types from storage and load it in
// the quota manager.
for _, qType := range quotaTypes() { for _, qType := range quotaTypes() {
names, err := logical.CollectKeys(ctx, logical.NewStorageView(storage, StoragePrefix+qType+"/")) m.setupQuotaType(ctx, storage, qType)
}
return nil
}
func (m *Manager) setupQuotaType(ctx context.Context, storage logical.Storage, quotaType string) error {
if quotaType == TypeLeaseCount.String() && m.isDRSecondary {
m.logger.Trace("lease count quotas are not processed on DR Secondaries")
return nil
}
names, err := logical.CollectKeys(ctx, logical.NewStorageView(storage, StoragePrefix+quotaType+"/"))
if err != nil {
return err
}
for _, name := range names {
quota, err := Load(ctx, m.storage, quotaType, name)
if err != nil { if err != nil {
return nil return err
} }
for _, name := range names {
quota, err := Load(ctx, m.storage, qType, name)
if err != nil {
return err
}
if quota == nil { if quota == nil {
continue continue
} }
err = m.setQuotaLocked(ctx, qType, quota, true) err = m.setQuotaLocked(ctx, quotaType, quota, true)
if err != nil { if err != nil {
return err return err
}
} }
} }

1
vault/quotas/quotas_util.go
View File

@@ -31,6 +31,7 @@ func (m *Manager) inLeasePathCache(path string) bool {
type entManager struct { type entManager struct {
isPerfStandby bool isPerfStandby bool
isDRSecondary bool
} }
func (*entManager) Reset() error { func (*entManager) Reset() error {