From 00ef4e3281729e3352cad88891e5db7bf4b54b17 Mon Sep 17 00:00:00 2001 From: Daniel Lohse Date: Mon, 28 Oct 2019 17:43:12 +0100 Subject: [PATCH] Allow Raft storage to be configured via env variables (#7745) * Fix unordered imports * Allow Raft node ID to be set via the environment variable `VAULT_RAFT_NODE_ID` * Allow Raft path to be set via the environment variable `VAULT_RAFT_PATH` * Prioritize the environment when fetching the Raft configuration values Values in environment variables should override the config as per the documentation as well as common sense. --- physical/raft/raft.go | 31 ++++++++++++++----- .../docs/configuration/storage/raft.html.md | 2 ++ 2 files changed, 26 insertions(+), 7 deletions(-) diff --git a/physical/raft/raft.go b/physical/raft/raft.go index 015dcb480d..d1fdfcb0de 100644 --- a/physical/raft/raft.go +++ b/physical/raft/raft.go @@ -4,7 +4,6 @@ import ( "context" "errors" "fmt" - "github.com/armon/go-metrics" "io" "io/ioutil" "os" @@ -13,6 +12,7 @@ import ( "sync" "time" + "github.com/armon/go-metrics" "github.com/golang/protobuf/proto" "github.com/hashicorp/errwrap" log "github.com/hashicorp/go-hclog" @@ -29,6 +29,12 @@ import ( "github.com/hashicorp/vault/sdk/physical" ) +// EnvVaultRaftNodeID is used to fetch the Raft node ID from the environment. +const EnvVaultRaftNodeID = "VAULT_RAFT_NODE_ID" + +// EnvVaultRaftPath is used to fetch the path where Raft data is stored from the environment. +const EnvVaultRaftPath = "VAULT_RAFT_PATH" + // Verify RaftBackend satisfies the correct interfaces var _ physical.Backend = (*RaftBackend)(nil) var _ physical.Transactional = (*RaftBackend)(nil) @@ -116,9 +122,13 @@ func NewRaftBackend(conf map[string]string, logger log.Logger) (physical.Backend return nil, fmt.Errorf("failed to create fsm: %v", err) } - path, ok := conf["path"] - if !ok { - return nil, fmt.Errorf("'path' must be set") + path := os.Getenv(EnvVaultRaftPath) + if path == "" { + pathFromConfig, ok := conf["path"] + if !ok { + return nil, fmt.Errorf("'path' must be set") + } + path = pathFromConfig } // Build an all in-memory setup for dev mode, otherwise prepare a full @@ -163,8 +173,15 @@ func NewRaftBackend(conf map[string]string, logger log.Logger) (physical.Backend var localID string { - // Determine the local node ID - localID = conf["node_id"] + // Determine the local node ID from the environment. + if raftNodeID := os.Getenv(EnvVaultRaftNodeID); raftNodeID != "" { + localID = raftNodeID + } + + // If not set in the environment check the configuration file. + if len(localID) == 0 { + localID = conf["node_id"] + } // If not set in the config check the "node-id" file. if len(localID) == 0 { @@ -180,7 +197,7 @@ func NewRaftBackend(conf map[string]string, logger log.Logger) (physical.Backend } } - // If the file didn't exist generate a UUID and persist it to tne + // If all of the above fails generate a UUID and persist it to the // "node-id" file. if len(localID) == 0 { id, err := uuid.GenerateUUID() diff --git a/website/source/docs/configuration/storage/raft.html.md b/website/source/docs/configuration/storage/raft.html.md index 855310455a..3312fb5351 100644 --- a/website/source/docs/configuration/storage/raft.html.md +++ b/website/source/docs/configuration/storage/raft.html.md @@ -44,7 +44,9 @@ cluster_addr = "http://127.0.0.1:8201" - `path` `(string: "")` – The file system path where all the Vault data gets stored. + This value can be overridden by setting the `VAULT_RAFT_PATH` environment variable. - `node_id` `(string: "")` - The identifier for the node in the Raft cluster. + This value can be overridden by setting the `VAULT_RAFT_NODE_ID` environment variable. [raft]: https://raft.github.io/ "The Raft Consensus Algorithm"