2017-01-19 05:49:01 +01:00
|
|
|
package consul
|
|
|
|
|
|
|
|
import (
|
2017-03-09 08:00:19 +01:00
|
|
|
"bytes"
|
|
|
|
"compress/gzip"
|
2017-01-19 05:49:01 +01:00
|
|
|
"crypto/md5"
|
2017-02-07 16:05:53 +01:00
|
|
|
"encoding/json"
|
|
|
|
"errors"
|
2017-02-15 20:01:18 +01:00
|
|
|
"fmt"
|
2017-05-28 21:16:51 +02:00
|
|
|
"sync"
|
2017-02-07 16:05:53 +01:00
|
|
|
"time"
|
2017-01-19 05:49:01 +01:00
|
|
|
|
|
|
|
consulapi "github.com/hashicorp/consul/api"
|
2017-02-07 16:05:53 +01:00
|
|
|
multierror "github.com/hashicorp/go-multierror"
|
2017-02-07 17:12:02 +01:00
|
|
|
"github.com/hashicorp/terraform/state"
|
2017-01-19 05:49:01 +01:00
|
|
|
"github.com/hashicorp/terraform/state/remote"
|
|
|
|
)
|
|
|
|
|
2017-02-07 16:05:53 +01:00
|
|
|
const (
|
|
|
|
lockSuffix = "/.lock"
|
|
|
|
lockInfoSuffix = "/.lockinfo"
|
|
|
|
)
|
|
|
|
|
2017-01-19 05:49:01 +01:00
|
|
|
// RemoteClient is a remote client that stores data in Consul.
|
|
|
|
type RemoteClient struct {
|
|
|
|
Client *consulapi.Client
|
|
|
|
Path string
|
2017-03-13 08:17:33 +01:00
|
|
|
GZip bool
|
2017-02-07 16:05:53 +01:00
|
|
|
|
2017-05-28 21:16:51 +02:00
|
|
|
mu sync.Mutex
|
|
|
|
|
|
|
|
// The index of the last state we wrote.
|
|
|
|
// If this is > 0, Put will perform a CAS to ensure that the state wasn't
|
|
|
|
// changed during the operation. This is important even with locks, because
|
|
|
|
// if the client loses the lock for some reason, then reacquires it, we
|
|
|
|
// need to make sure that the state was not modified.
|
|
|
|
modifyIndex uint64
|
|
|
|
|
2017-02-07 16:05:53 +01:00
|
|
|
consulLock *consulapi.Lock
|
|
|
|
lockCh <-chan struct{}
|
2017-05-28 21:16:51 +02:00
|
|
|
|
|
|
|
info *state.LockInfo
|
2017-01-19 05:49:01 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *RemoteClient) Get() (*remote.Payload, error) {
|
2017-05-28 21:16:51 +02:00
|
|
|
c.mu.Lock()
|
|
|
|
defer c.mu.Unlock()
|
|
|
|
|
2017-01-19 05:49:01 +01:00
|
|
|
pair, _, err := c.Client.KV().Get(c.Path, nil)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if pair == nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
2017-05-28 21:16:51 +02:00
|
|
|
c.modifyIndex = pair.ModifyIndex
|
|
|
|
|
2017-03-09 08:00:19 +01:00
|
|
|
payload := pair.Value
|
|
|
|
// If the payload starts with 0x1f, it's gzip, not json
|
|
|
|
if len(pair.Value) >= 1 && pair.Value[0] == '\x1f' {
|
|
|
|
if data, err := uncompressState(pair.Value); err == nil {
|
|
|
|
payload = data
|
|
|
|
} else {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-19 05:49:01 +01:00
|
|
|
md5 := md5.Sum(pair.Value)
|
|
|
|
return &remote.Payload{
|
2017-03-09 08:00:19 +01:00
|
|
|
Data: payload,
|
2017-01-19 05:49:01 +01:00
|
|
|
MD5: md5[:],
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *RemoteClient) Put(data []byte) error {
|
2017-05-28 21:16:51 +02:00
|
|
|
c.mu.Lock()
|
|
|
|
defer c.mu.Unlock()
|
|
|
|
|
2017-03-09 08:00:19 +01:00
|
|
|
payload := data
|
2017-03-13 08:17:33 +01:00
|
|
|
if c.GZip {
|
2017-03-09 08:00:19 +01:00
|
|
|
if compressedState, err := compressState(data); err == nil {
|
|
|
|
payload = compressedState
|
|
|
|
} else {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-19 05:49:01 +01:00
|
|
|
kv := c.Client.KV()
|
2017-05-28 21:16:51 +02:00
|
|
|
|
|
|
|
verb := consulapi.KVCAS
|
|
|
|
|
|
|
|
// Assume a 0 index doesn't need a CAS for now, since we are either
|
|
|
|
// creating a new state or purposely overwriting one.
|
|
|
|
if c.modifyIndex == 0 {
|
|
|
|
verb = consulapi.KVSet
|
|
|
|
}
|
|
|
|
|
|
|
|
// KV.Put doesn't return the new index, so we use a single operation
|
|
|
|
// transaction to get the new index with a single request.
|
|
|
|
txOps := consulapi.KVTxnOps{
|
|
|
|
&consulapi.KVTxnOp{
|
|
|
|
Verb: verb,
|
|
|
|
Key: c.Path,
|
|
|
|
Value: payload,
|
|
|
|
Index: c.modifyIndex,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
ok, resp, _, err := kv.Txn(txOps, nil)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// transaction was rolled back
|
|
|
|
if !ok {
|
|
|
|
return fmt.Errorf("consul CAS failed with transaction errors: %v", resp.Errors)
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(resp.Results) != 1 {
|
|
|
|
// this probably shouldn't happen
|
|
|
|
return fmt.Errorf("expected on 1 response value, got: %d", len(resp.Results))
|
|
|
|
}
|
|
|
|
|
|
|
|
c.modifyIndex = resp.Results[0].ModifyIndex
|
|
|
|
|
|
|
|
return nil
|
2017-01-19 05:49:01 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *RemoteClient) Delete() error {
|
2017-05-28 21:16:51 +02:00
|
|
|
c.mu.Lock()
|
|
|
|
defer c.mu.Unlock()
|
|
|
|
|
2017-01-19 05:49:01 +01:00
|
|
|
kv := c.Client.KV()
|
|
|
|
_, err := kv.Delete(c.Path, nil)
|
|
|
|
return err
|
|
|
|
}
|
2017-02-07 16:05:53 +01:00
|
|
|
|
2017-02-15 00:19:47 +01:00
|
|
|
func (c *RemoteClient) putLockInfo(info *state.LockInfo) error {
|
|
|
|
info.Path = c.Path
|
|
|
|
info.Created = time.Now().UTC()
|
2017-02-07 16:05:53 +01:00
|
|
|
|
|
|
|
kv := c.Client.KV()
|
2017-02-15 20:01:18 +01:00
|
|
|
_, err := kv.Put(&consulapi.KVPair{
|
2017-02-07 16:05:53 +01:00
|
|
|
Key: c.Path + lockInfoSuffix,
|
2017-02-15 20:01:18 +01:00
|
|
|
Value: info.Marshal(),
|
2017-02-07 16:05:53 +01:00
|
|
|
}, nil)
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2017-02-07 17:12:02 +01:00
|
|
|
func (c *RemoteClient) getLockInfo() (*state.LockInfo, error) {
|
2017-02-07 16:05:53 +01:00
|
|
|
path := c.Path + lockInfoSuffix
|
|
|
|
pair, _, err := c.Client.KV().Get(path, nil)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if pair == nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
2017-02-07 17:12:02 +01:00
|
|
|
li := &state.LockInfo{}
|
2017-02-07 16:05:53 +01:00
|
|
|
err = json.Unmarshal(pair.Value, li)
|
|
|
|
if err != nil {
|
2017-02-15 20:01:18 +01:00
|
|
|
return nil, fmt.Errorf("error unmarshaling lock info: %s", err)
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return li, nil
|
|
|
|
}
|
|
|
|
|
2017-02-15 00:19:47 +01:00
|
|
|
func (c *RemoteClient) Lock(info *state.LockInfo) (string, error) {
|
2017-05-28 21:16:51 +02:00
|
|
|
c.mu.Lock()
|
|
|
|
defer c.mu.Unlock()
|
|
|
|
|
2017-02-07 16:05:53 +01:00
|
|
|
select {
|
|
|
|
case <-c.lockCh:
|
|
|
|
// We had a lock, but lost it.
|
|
|
|
// Since we typically only call lock once, we shouldn't ever see this.
|
2017-02-15 00:19:47 +01:00
|
|
|
return "", errors.New("lost consul lock")
|
2017-02-07 16:05:53 +01:00
|
|
|
default:
|
|
|
|
if c.lockCh != nil {
|
|
|
|
// we have an active lock already
|
2017-04-06 20:04:50 +02:00
|
|
|
return "", fmt.Errorf("state %q already locked", c.Path)
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-05-28 21:16:51 +02:00
|
|
|
return c.lock(info)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *RemoteClient) lock(info *state.LockInfo) (string, error) {
|
2017-02-07 16:05:53 +01:00
|
|
|
if c.consulLock == nil {
|
|
|
|
opts := &consulapi.LockOptions{
|
|
|
|
Key: c.Path + lockSuffix,
|
2017-04-06 20:04:50 +02:00
|
|
|
// only wait briefly, so terraform has the choice to fail fast or
|
|
|
|
// retry as needed.
|
2017-02-07 16:05:53 +01:00
|
|
|
LockWaitTime: time.Second,
|
|
|
|
LockTryOnce: true,
|
|
|
|
}
|
|
|
|
|
|
|
|
lock, err := c.Client.LockOpts(opts)
|
|
|
|
if err != nil {
|
2017-02-15 18:02:37 +01:00
|
|
|
return "", err
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
c.consulLock = lock
|
|
|
|
}
|
|
|
|
|
2017-02-15 20:01:18 +01:00
|
|
|
lockErr := &state.LockError{}
|
|
|
|
|
2017-02-07 16:05:53 +01:00
|
|
|
lockCh, err := c.consulLock.Lock(make(chan struct{}))
|
|
|
|
if err != nil {
|
2017-02-15 20:01:18 +01:00
|
|
|
lockErr.Err = err
|
|
|
|
return "", lockErr
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if lockCh == nil {
|
|
|
|
lockInfo, e := c.getLockInfo()
|
|
|
|
if e != nil {
|
2017-02-15 20:01:18 +01:00
|
|
|
lockErr.Err = e
|
|
|
|
return "", lockErr
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
2017-02-15 20:01:18 +01:00
|
|
|
|
|
|
|
lockErr.Info = lockInfo
|
|
|
|
return "", lockErr
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
c.lockCh = lockCh
|
|
|
|
|
|
|
|
err = c.putLockInfo(info)
|
|
|
|
if err != nil {
|
2017-02-15 20:01:18 +01:00
|
|
|
if unlockErr := c.Unlock(info.ID); unlockErr != nil {
|
|
|
|
err = multierror.Append(err, unlockErr)
|
|
|
|
}
|
|
|
|
|
2017-02-15 00:19:47 +01:00
|
|
|
return "", err
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
|
|
|
|
2017-02-15 18:02:37 +01:00
|
|
|
return info.ID, nil
|
2017-02-07 16:05:53 +01:00
|
|
|
}
|
|
|
|
|
2017-02-15 00:19:47 +01:00
|
|
|
func (c *RemoteClient) Unlock(id string) error {
|
2017-05-28 21:16:51 +02:00
|
|
|
c.mu.Lock()
|
|
|
|
defer c.mu.Unlock()
|
|
|
|
|
2017-02-15 18:02:37 +01:00
|
|
|
// this doesn't use the lock id, because the lock is tied to the consul client.
|
2017-02-07 16:05:53 +01:00
|
|
|
if c.consulLock == nil || c.lockCh == nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-c.lockCh:
|
|
|
|
return errors.New("consul lock was lost")
|
|
|
|
default:
|
|
|
|
}
|
|
|
|
|
|
|
|
err := c.consulLock.Unlock()
|
|
|
|
c.lockCh = nil
|
|
|
|
|
2017-04-06 20:04:50 +02:00
|
|
|
// This is only cleanup, and will fail if the lock was immediately taken by
|
|
|
|
// another client, so we don't report an error to the user here.
|
|
|
|
c.consulLock.Destroy()
|
|
|
|
|
2017-02-07 16:05:53 +01:00
|
|
|
kv := c.Client.KV()
|
|
|
|
_, delErr := kv.Delete(c.Path+lockInfoSuffix, nil)
|
|
|
|
if delErr != nil {
|
|
|
|
err = multierror.Append(err, delErr)
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
2017-03-09 08:00:19 +01:00
|
|
|
|
|
|
|
func compressState(data []byte) ([]byte, error) {
|
|
|
|
b := new(bytes.Buffer)
|
|
|
|
gz := gzip.NewWriter(b)
|
|
|
|
if _, err := gz.Write(data); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := gz.Flush(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := gz.Close(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return b.Bytes(), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func uncompressState(data []byte) ([]byte, error) {
|
|
|
|
b := new(bytes.Buffer)
|
|
|
|
gz, err := gzip.NewReader(bytes.NewReader(data))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
b.ReadFrom(gz)
|
|
|
|
if err := gz.Close(); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return b.Bytes(), nil
|
|
|
|
}
|