diff options
author | Alex Auvolat <alex@adnab.me> | 2021-03-09 18:24:30 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2021-03-09 18:24:30 +0100 |
commit | dc3fd4df659bb35d7858714a429fc797bf5f1222 (patch) | |
tree | 3fe72366e98994067264b87ece0b53df8bde4d10 | |
parent | b17e3fe3c7636ab00aa7db123e10d5b6a6bc540c (diff) | |
download | bottin-dc3fd4df659bb35d7858714a429fc797bf5f1222.tar.gz bottin-dc3fd4df659bb35d7858714a429fc797bf5f1222.zip |
Use consul's stale reads by default
-rw-r--r-- | main.go | 56 | ||||
-rw-r--r-- | memberof.go | 2 | ||||
-rw-r--r-- | read.go | 2 | ||||
-rw-r--r-- | write.go | 4 |
4 files changed, 42 insertions, 22 deletions
@@ -34,24 +34,30 @@ const ATTR_MEMBER = "member" const ATTR_USERPASSWORD = "userpassword" type ConfigFile struct { - Suffix string `json:"suffix"` - Bind string `json:"bind"` - BindSecure string `json:"bind_secure"` - ConsulHost string `json:"consul_host"` - Acl []string `json:"acl"` - TLSCertFile string `json:"tls_cert_file"` - TLSKeyFile string `json:"tls_key_file"` - TLSServerName string `json:"tls_server_name"` - LogLevel string `json:"log_level"` + Suffix string `json:"suffix"` + Bind string `json:"bind"` + BindSecure string `json:"bind_secure"` + LogLevel string `json:"log_level"` + + ConsulHost string `json:"consul_host"` + ConsulConsistent bool `json:"consul_force_consistency"` + + Acl []string `json:"acl"` + + TLSCertFile string `json:"tls_cert_file"` + TLSKeyFile string `json:"tls_key_file"` + TLSServerName string `json:"tls_server_name"` } type Config struct { Suffix string Bind string BindSecure string - ConsulHost string LogLevel log.Level + ConsulHost string + ConsulConsistent bool + Acl ACL TLSConfig *tls.Config @@ -60,7 +66,9 @@ type Config struct { type Server struct { logger *log.Logger config Config - kv *consul.KV + + kv *consul.KV + readOpts consul.QueryOptions } type State struct { @@ -105,9 +113,12 @@ func readConfig(logger *log.Logger) Config { Suffix: config_file.Suffix, Bind: config_file.Bind, BindSecure: config_file.BindSecure, - ConsulHost: config_file.ConsulHost, - Acl: acl, LogLevel: log_level, + + ConsulHost: config_file.ConsulHost, + ConsulConsistent: config_file.ConsulConsistent, + + Acl: acl, } if config_file.TLSCertFile != "" && config_file.TLSKeyFile != "" && config_file.TLSServerName != "" { @@ -164,13 +175,22 @@ func main() { if err != nil { logger.Fatal(err) } + kv := consul_client.KV() + readOpts := consul.QueryOptions{} + if config.ConsulConsistent { + logger.Info("Using consistent reads on Consul database, this may lead to performance degradation. Set \"consul_force_consistency\": false in your config file if you have performance issues.") + readOpts.RequireConsistent = true + } else { + readOpts.AllowStale = true + } // Create bottin server bottin := Server{ - logger: logger, - config: config, - kv: kv, + logger: logger, + config: config, + kv: kv, + readOpts: readOpts, } err = bottin.init() if err != nil { @@ -384,7 +404,7 @@ func (server *Server) getAttribute(dn string, attr string) ([]string, error) { return nil, err } - pairs, _, err := server.kv.List(path+"/attribute=", nil) + pairs, _, err := server.kv.List(path+"/attribute=", &server.readOpts) if err != nil { return nil, err } @@ -409,7 +429,7 @@ func (server *Server) objectExists(dn string) (bool, error) { return false, err } - data, _, err := server.kv.List(prefix+"/attribute=", nil) + data, _, err := server.kv.List(prefix+"/attribute=", &server.readOpts) if err != nil { return false, err } diff --git a/memberof.go b/memberof.go index e07ed6c..786de4f 100644 --- a/memberof.go +++ b/memberof.go @@ -72,7 +72,7 @@ func (server *Server) memberOfResync() error { return err } - data, _, err := server.kv.List(basePath, nil) + data, _, err := server.kv.List(basePath, &server.readOpts) if err != nil { return err } @@ -109,7 +109,7 @@ func (server *Server) handleSearchInternal(state *State, w ldap.ResponseWriter, basePath += "/" } - data, _, err := server.kv.List(basePath, nil) + data, _, err := server.kv.List(basePath, &server.readOpts) if err != nil { return ldap.LDAPResultOperationsError, err } @@ -186,7 +186,7 @@ func (server *Server) handleDeleteInternal(state *State, r *message.DelRequest) return ldap.LDAPResultInvalidDNSyntax, err } - items, _, err := server.kv.List(path+"/", nil) + items, _, err := server.kv.List(path+"/", &server.readOpts) if err != nil { return ldap.LDAPResultOperationsError, err } @@ -299,7 +299,7 @@ func (server *Server) handleModifyInternal(state *State, r *message.ModifyReques return ldap.LDAPResultInvalidDNSyntax, err } - items, _, err := server.kv.List(path+"/attribute=", nil) + items, _, err := server.kv.List(path+"/attribute=", &server.readOpts) if err != nil { return ldap.LDAPResultOperationsError, err } |