From 6583a5543f104a4501ff46bbfb72fe4ea00ce8fc Mon Sep 17 00:00:00 2001 From: Scott Miller Date: Tue, 1 Jun 2021 12:43:51 -0500 Subject: [PATCH] Add ulimit check, and tidy unit test cases (#11678) * Add ulimit check, and tidy unit test cases to avoid needing to have all results and perfect ordering * Make order independent check recursive * Fix unit tests * Try a 5s request timeout --- command/operator_diagnose.go | 3 +++ command/operator_diagnose_test.go | 29 +++++++++++++++++++++++++++++ vault/diagnose/os_unix.go | 26 ++++++++++++++++++++++++++ vault/diagnose/os_windows.go | 11 +++++++++++ 4 files changed, 69 insertions(+) create mode 100644 vault/diagnose/os_unix.go create mode 100644 vault/diagnose/os_windows.go diff --git a/command/operator_diagnose.go b/command/operator_diagnose.go index ee7a360422..4f9619b034 100644 --- a/command/operator_diagnose.go +++ b/command/operator_diagnose.go @@ -210,6 +210,9 @@ func (c *OperatorDiagnoseCommand) offlineDiagnostics(ctx context.Context) error ctx, span := diagnose.StartSpan(ctx, "initialization") defer span.End() + // OS Specific checks + // Check open file count + diagnose.OSChecks(ctx) diagnose.Test(ctx, "disk-usage", diagnose.DiskUsageCheck) server.flagConfigs = c.flagConfigs diff --git a/command/operator_diagnose_test.go b/command/operator_diagnose_test.go index 3139fe28f1..9233bfd287 100644 --- a/command/operator_diagnose_test.go +++ b/command/operator_diagnose_test.go @@ -39,6 +39,31 @@ func TestOperatorDiagnoseCommand_Run(t *testing.T) { "-config", "./server/test-fixtures/config_diagnose_ok.hcl", }, []*diagnose.Result{ + { + Name: "open file limits", + Status: diagnose.OkStatus, + }, + { + Name: "parse-config", + Status: diagnose.OkStatus, + }, + { + Name: "init-listeners", + Status: diagnose.WarningStatus, + Children: []*diagnose.Result{ + { + Name: "create-listeners", + Status: diagnose.OkStatus, + }, + { + Name: "check-listener-tls", + Status: diagnose.WarningStatus, + Warnings: []string{ + "TLS is disabled in a Listener config stanza.", + }, + }, + }, + }, { Name: "storage", Status: diagnose.OkStatus, @@ -314,6 +339,10 @@ func compareResult(exp *diagnose.Result, act *diagnose.Result) error { return fmt.Errorf(strings.Join(errStrings, ",")) } + if len(exp.Children) > 0 { + return compareResults(exp.Children, act.Children) + } + if len(exp.Children) > 0 { return compareResults(exp.Children, act.Children) } diff --git a/vault/diagnose/os_unix.go b/vault/diagnose/os_unix.go new file mode 100644 index 0000000000..578ee8303e --- /dev/null +++ b/vault/diagnose/os_unix.go @@ -0,0 +1,26 @@ +// +build !windows + +package diagnose + +import ( + "context" + "fmt" + "golang.org/x/sys/unix" +) + +func OSChecks(ctx context.Context) { + var limit unix.Rlimit + if err := unix.Getrlimit(unix.RLIMIT_NOFILE, &limit); err != nil { + SpotError(ctx, "open file limits", fmt.Errorf("could not determine open file limit: %w", err)) + } else { + min := limit.Cur + if limit.Max < min { + min = limit.Max + } + if min <= 1024 { + SpotWarn(ctx, "open file limits", fmt.Sprintf("set to %d, which may be insufficient.", min)) + } else { + SpotOk(ctx, "open file limits", fmt.Sprintf("set to %d", min)) + } + } +} diff --git a/vault/diagnose/os_windows.go b/vault/diagnose/os_windows.go new file mode 100644 index 0000000000..3f89feb5ca --- /dev/null +++ b/vault/diagnose/os_windows.go @@ -0,0 +1,11 @@ +// +build windows + +package diagnose + +import ( + "context" +) + +func OSChecks(ctx context.Context) { + // None so far +}