state

package
v1.9.15 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 11, 2022 License: MPL-2.0 Imports: 25 Imported by: 117

Documentation

Index

Constants

View Source
const (
	NoChange uniqueServiceState = 0
	Deleted  uniqueServiceState = 1
	Created  uniqueServiceState = 2
)

Variables

View Source
var (
	// ErrMissingNode is the error returned when trying an operation
	// which requires a node registration but none exists.
	ErrMissingNode = errors.New("Missing node registration")

	// ErrMissingService is the error we return if trying an
	// operation which requires a service but none exists.
	ErrMissingService = errors.New("Missing service registration")

	// ErrMissingSessionID is returned when a session registration
	// is attempted with an empty session ID.
	ErrMissingSessionID = errors.New("Missing session ID")

	// ErrMissingACLTokenSecret is returned when a token set is called on a
	// token with an empty SecretID.
	ErrMissingACLTokenSecret = errors.New("Missing ACL Token SecretID")

	// ErrMissingACLTokenAccessor is returned when a token set is called on a
	// token with an empty AccessorID.
	ErrMissingACLTokenAccessor = errors.New("Missing ACL Token AccessorID")

	// ErrTokenHasNoPrivileges is returned when a token set is called on a
	// token with no policies, roles, or service identities and the caller
	// requires at least one to be set.
	ErrTokenHasNoPrivileges = errors.New("Token has no privileges")

	// ErrMissingACLPolicyID is returned when a policy set is called on a
	// policy with an empty ID.
	ErrMissingACLPolicyID = errors.New("Missing ACL Policy ID")

	// ErrMissingACLPolicyName is returned when a policy set is called on a
	// policy with an empty Name.
	ErrMissingACLPolicyName = errors.New("Missing ACL Policy Name")

	// ErrMissingACLRoleID is returned when a role set is called on
	// a role with an empty ID.
	ErrMissingACLRoleID = errors.New("Missing ACL Role ID")

	// ErrMissingACLRoleName is returned when a role set is called on
	// a role with an empty Name.
	ErrMissingACLRoleName = errors.New("Missing ACL Role Name")

	// ErrMissingACLBindingRuleID is returned when a binding rule set
	// is called on a binding rule with an empty ID.
	ErrMissingACLBindingRuleID = errors.New("Missing ACL Binding Rule ID")

	// ErrMissingACLBindingRuleAuthMethod is returned when a binding rule set
	// is called on a binding rule with an empty AuthMethod.
	ErrMissingACLBindingRuleAuthMethod = errors.New("Missing ACL Binding Rule Auth Method")

	// ErrMissingACLAuthMethodName is returned when an auth method set is
	// called on an auth method with an empty Name.
	ErrMissingACLAuthMethodName = errors.New("Missing ACL Auth Method Name")

	// ErrMissingACLAuthMethodType is returned when an auth method set is
	// called on an auth method with an empty Type.
	ErrMissingACLAuthMethodType = errors.New("Missing ACL Auth Method Type")

	// ErrMissingQueryID is returned when a Query set is called on
	// a Query with an empty ID.
	ErrMissingQueryID = errors.New("Missing Query ID")

	// ErrMissingCARootID is returned when an CARoot set is called
	// with an CARoot with an empty ID.
	ErrMissingCARootID = errors.New("Missing CA Root ID")

	// ErrMissingIntentionID is returned when an Intention set is called
	// with an Intention with an empty ID.
	ErrMissingIntentionID = errors.New("Missing Intention ID")
)
View Source
var ErrLegacyIntentionsAreDisabled = errors.New("Legacy intention modifications are disabled after the config entry migration.")

Functions

func ServiceHealthEventsFromChanges added in v1.9.0

func ServiceHealthEventsFromChanges(tx ReadTxn, changes Changes) ([]stream.Event, error)

ServiceHealthEventsFromChanges returns all the service and Connect health events that should be emitted given a set of changes to the state store.

Types

type ACLTokenSetOptions added in v1.8.7

type ACLTokenSetOptions struct {
	CAS                          bool
	AllowMissingPolicyAndRoleIDs bool
	ProhibitUnprivileged         bool
	Legacy                       bool
	FromReplication              bool
}

type AbortTxn added in v1.9.0

type AbortTxn interface {
	ReadTxn
	Abort()
}

AbortTxn is a ReadTxn that can also be aborted to end the transaction.

type Changes added in v1.9.0

type Changes struct {
	// Index is the latest index at the time these changes were committed.
	Index   uint64
	Changes memdb.Changes
}

Changes wraps a memdb.Changes to include the index at which these changes were made.

type CheckIDIndex added in v1.7.0

type CheckIDIndex struct {
}

func (*CheckIDIndex) FromArgs added in v1.7.0

func (index *CheckIDIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*CheckIDIndex) FromObject added in v1.7.0

func (index *CheckIDIndex) FromObject(obj interface{}) (bool, []byte, error)

func (*CheckIDIndex) PrefixFromArgs added in v1.7.0

func (index *CheckIDIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

type ConfigEntryLinkIndex added in v1.6.0

type ConfigEntryLinkIndex struct {
}

func (*ConfigEntryLinkIndex) FromArgs added in v1.6.0

func (s *ConfigEntryLinkIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*ConfigEntryLinkIndex) FromObject added in v1.6.0

func (s *ConfigEntryLinkIndex) FromObject(obj interface{}) (bool, [][]byte, error)

func (*ConfigEntryLinkIndex) PrefixFromArgs added in v1.6.0

func (s *ConfigEntryLinkIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

type ConfigEntryUsage added in v1.9.11

type ConfigEntryUsage struct {
	ConfigByKind map[string]int
	EnterpriseConfigEntryUsage
}

type Delay

type Delay struct {
	// contains filtered or unexported fields
}

Delay is used to mark certain locks as unacquirable. When a lock is forcefully released (failing health check, destroyed session, etc.), it is subject to the LockDelay imposed by the session. This prevents another session from acquiring the lock for some period of time as a protection against split-brains. This is inspired by the lock-delay in Chubby. Because this relies on wall-time, we cannot assume all peers perceive time as flowing uniformly. This means KVSLock MUST ignore lockDelay, since the lockDelay may have expired on the leader, but not on the follower. Rejecting the lock could result in inconsistencies in the FSMs due to the rate time progresses. Instead, only the opinion of the leader is respected, and the Raft log is never questioned.

func NewDelay

func NewDelay() *Delay

NewDelay returns a new delay manager.

func (*Delay) GetExpiration

func (d *Delay) GetExpiration(key string, entMeta *structs.EnterpriseMeta) time.Time

GetExpiration returns the expiration time of a key lock delay. This must be checked on the leader node, and not in KVSLock due to the variability of clocks.

func (*Delay) SetExpiration

func (d *Delay) SetExpiration(key string, now time.Time, delay time.Duration, entMeta *structs.EnterpriseMeta)

SetExpiration sets the expiration time for the lock delay to the given delay from the given now time.

type EnterpriseConfigEntryUsage added in v1.9.11

type EnterpriseConfigEntryUsage struct{}

type EnterpriseKVUsage added in v1.9.10

type EnterpriseKVUsage struct{}

type EnterpriseServiceUsage added in v1.9.0

type EnterpriseServiceUsage struct{}

type EventPayloadCheckServiceNode added in v1.9.0

type EventPayloadCheckServiceNode struct {
	Op    pbsubscribe.CatalogOp
	Value *structs.CheckServiceNode
	// contains filtered or unexported fields
}

EventPayloadCheckServiceNode is used as the Payload for a stream.Event to indicates changes to a CheckServiceNode for service health.

The stream.Payload methods implemented by EventPayloadCheckServiceNode are do not mutate the payload, making it safe to use in an Event sent to stream.EventPublisher.Publish.

func (EventPayloadCheckServiceNode) HasReadPermission added in v1.9.1

func (e EventPayloadCheckServiceNode) HasReadPermission(authz acl.Authorizer) bool

func (EventPayloadCheckServiceNode) MatchesKey added in v1.9.1

func (e EventPayloadCheckServiceNode) MatchesKey(key, namespace string) bool

type EventPublisher added in v1.9.0

type EventPublisher interface {
	Publish([]stream.Event)
	Run(context.Context)
	Subscribe(*stream.SubscribeRequest) (*stream.Subscription, error)
}

type Graveyard

type Graveyard struct {
	// contains filtered or unexported fields
}

Graveyard manages a set of tombstones.

func NewGraveyard

func NewGraveyard(gc *TombstoneGC) *Graveyard

NewGraveyard returns a new graveyard.

func (*Graveyard) DumpTxn

func (g *Graveyard) DumpTxn(tx ReadTxn) (memdb.ResultIterator, error)

DumpTxn returns all the tombstones.

func (*Graveyard) GetMaxIndexTxn

func (g *Graveyard) GetMaxIndexTxn(tx ReadTxn, prefix string, entMeta *structs.EnterpriseMeta) (uint64, error)

GetMaxIndexTxn returns the highest index tombstone whose key matches the given context, using a prefix match.

func (*Graveyard) InsertTxn

func (g *Graveyard) InsertTxn(tx WriteTxn, key string, idx uint64, entMeta *structs.EnterpriseMeta) error

InsertTxn adds a new tombstone.

func (*Graveyard) ReapTxn

func (g *Graveyard) ReapTxn(tx *txn, idx uint64) error

ReapTxn cleans out all tombstones whose index values are less than or equal to the given idx. This prevents unbounded storage growth of the tombstones.

func (*Graveyard) RestoreTxn

func (g *Graveyard) RestoreTxn(tx *txn, stone *Tombstone) error

RestoreTxn is used when restoring from a snapshot. For general inserts, use InsertTxn.

type IndexConnectService added in v1.2.0

type IndexConnectService struct{}

IndexConnectService indexes a *struct.ServiceNode for querying by services that support Connect to some target service. This will properly index the proxy destination for proxies and the service name for native services.

func (*IndexConnectService) FromArgs added in v1.2.0

func (idx *IndexConnectService) FromArgs(args ...interface{}) ([]byte, error)

func (*IndexConnectService) FromObject added in v1.2.0

func (idx *IndexConnectService) FromObject(obj interface{}) (bool, []byte, error)

type IndexEntry

type IndexEntry struct {
	Key   string
	Value uint64
}

IndexEntry keeps a record of the last index per-table.

type IndexServiceKind added in v1.6.0

type IndexServiceKind struct{}

IndexServiceKind indexes a *struct.ServiceNode for querying by the services kind. We need a custom indexer because of the default kind being the empty string. The StringFieldIndex in memdb seems to treate the empty string as missing and doesn't work correctly when we actually want to index ""

func (*IndexServiceKind) FromArgs added in v1.6.0

func (idx *IndexServiceKind) FromArgs(args ...interface{}) ([]byte, error)

func (*IndexServiceKind) FromObject added in v1.6.0

func (idx *IndexServiceKind) FromObject(obj interface{}) (bool, []byte, error)

type KVUsage added in v1.9.10

type KVUsage struct {
	KVCount int
	EnterpriseKVUsage
}

type PreparedQueryIndex

type PreparedQueryIndex struct {
}

PreparedQueryIndex is a custom memdb indexer used to manage index prepared query templates. None of the built-in indexers do what we need, and our use case is pretty specific so it's better to put the logic here.

func (*PreparedQueryIndex) FromArgs

func (p *PreparedQueryIndex) FromArgs(args ...interface{}) ([]byte, error)

FromArgs is used when querying for an exact match. Since we don't add any suffix we can just call the prefix version.

func (*PreparedQueryIndex) FromObject

func (*PreparedQueryIndex) FromObject(obj interface{}) (bool, []byte, error)

FromObject is used to compute the index key when inserting or updating an object.

func (*PreparedQueryIndex) PrefixFromArgs

func (*PreparedQueryIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

PrefixFromArgs is used when doing a prefix scan for an object.

type ReadDB added in v1.9.0

type ReadDB interface {
	ReadTxn() AbortTxn
}

ReadDB is a DB that provides read-only transactions.

type ReadTxn added in v1.9.0

type ReadTxn interface {
	Get(table, index string, args ...interface{}) (memdb.ResultIterator, error)
	First(table, index string, args ...interface{}) (interface{}, error)
	FirstWatch(table, index string, args ...interface{}) (<-chan struct{}, interface{}, error)
}

ReadTxn is implemented by memdb.Txn to perform read operations.

type Restore

type Restore struct {
	// contains filtered or unexported fields
}

Restore is used to efficiently manage restoring a large amount of data to a state store.

func (*Restore) ACLAuthMethod added in v1.5.0

func (s *Restore) ACLAuthMethod(method *structs.ACLAuthMethod) error

func (*Restore) ACLBindingRule added in v1.5.0

func (s *Restore) ACLBindingRule(rule *structs.ACLBindingRule) error

func (*Restore) ACLPolicy added in v1.4.0

func (s *Restore) ACLPolicy(policy *structs.ACLPolicy) error

func (*Restore) ACLRole added in v1.5.0

func (s *Restore) ACLRole(role *structs.ACLRole) error

func (*Restore) ACLToken added in v1.4.0

func (s *Restore) ACLToken(token *structs.ACLToken) error

ACLToken is used when restoring from a snapshot. For general inserts, use ACL.

func (*Restore) Abort

func (s *Restore) Abort()

Abort abandons the changes made by a restore. This or Commit should always be called.

func (*Restore) Autopilot

func (s *Restore) Autopilot(config *structs.AutopilotConfig) error

Autopilot is used when restoring from a snapshot.

func (*Restore) CAConfig added in v1.2.0

func (s *Restore) CAConfig(config *structs.CAConfiguration) error

CAConfig is used when restoring from a snapshot.

func (*Restore) CAProviderState added in v1.2.0

func (s *Restore) CAProviderState(state *structs.CAConsulProviderState) error

CAProviderState is used when restoring from a snapshot.

func (*Restore) CARoot added in v1.2.0

func (s *Restore) CARoot(r *structs.CARoot) error

CARoots is used when restoring from a snapshot.

func (*Restore) Commit

func (s *Restore) Commit() error

Commit commits the changes made by a restore. This or Abort should always be called.

func (*Restore) ConfigEntry added in v1.5.0

func (s *Restore) ConfigEntry(c structs.ConfigEntry) error

ConfigEntry is used when restoring from a snapshot.

func (*Restore) Coordinates

func (s *Restore) Coordinates(idx uint64, updates structs.Coordinates) error

Coordinates is used when restoring from a snapshot. For general inserts, use CoordinateBatchUpdate. We do less vetting of the updates here because they already got checked on the way in during a batch update.

func (*Restore) FederationState added in v1.8.0

func (s *Restore) FederationState(g *structs.FederationState) error

FederationState is used when restoring from a snapshot.

func (*Restore) IndexRestore added in v1.4.0

func (s *Restore) IndexRestore(idx *IndexEntry) error

IndexRestore is used to restore an index

func (*Restore) KVS

func (s *Restore) KVS(entry *structs.DirEntry) error

KVS is used when restoring from a snapshot. Use KVSSet for general inserts.

func (*Restore) LegacyIntention deprecated added in v1.9.0

func (s *Restore) LegacyIntention(ixn *structs.Intention) error

LegacyIntention is used when restoring from a snapshot.

Deprecated: service-intentions config entries are handled as config entries in the snapshot.

func (*Restore) PreparedQuery

func (s *Restore) PreparedQuery(query *structs.PreparedQuery) error

PreparedQuery is used when restoring from a snapshot. For general inserts, use PreparedQuerySet.

func (*Restore) Registration

func (s *Restore) Registration(idx uint64, req *structs.RegisterRequest) error

Registration is used to make sure a node, service, and check registration is performed within a single transaction to avoid race conditions on state updates.

func (*Restore) Session

func (s *Restore) Session(sess *structs.Session) error

Session is used when restoring from a snapshot. For general inserts, use SessionCreate.

func (*Restore) SystemMetadataEntry added in v1.9.0

func (s *Restore) SystemMetadataEntry(entry *structs.SystemMetadataEntry) error

SystemMetadataEntry is used when restoring from a snapshot.

func (*Restore) Tombstone

func (s *Restore) Tombstone(stone *Tombstone) error

Tombstone is used when restoring from a snapshot. For general inserts, use Graveyard.InsertTxn.

type RolePoliciesIndex added in v1.5.0

type RolePoliciesIndex struct {
}

func (*RolePoliciesIndex) FromArgs added in v1.5.0

func (s *RolePoliciesIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*RolePoliciesIndex) FromObject added in v1.5.0

func (s *RolePoliciesIndex) FromObject(obj interface{}) (bool, [][]byte, error)

func (*RolePoliciesIndex) PrefixFromArgs added in v1.5.0

func (s *RolePoliciesIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

type ServiceIntentionLegacyIDIndex added in v1.9.0

type ServiceIntentionLegacyIDIndex struct {
	// contains filtered or unexported fields
}

func (*ServiceIntentionLegacyIDIndex) FromArgs added in v1.9.0

func (s *ServiceIntentionLegacyIDIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*ServiceIntentionLegacyIDIndex) FromObject added in v1.9.0

func (s *ServiceIntentionLegacyIDIndex) FromObject(obj interface{}) (bool, [][]byte, error)

func (*ServiceIntentionLegacyIDIndex) PrefixFromArgs added in v1.9.0

func (s *ServiceIntentionLegacyIDIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

type ServiceIntentionSourceIndex added in v1.9.0

type ServiceIntentionSourceIndex struct {
}

func (*ServiceIntentionSourceIndex) FromArgs added in v1.9.0

func (s *ServiceIntentionSourceIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*ServiceIntentionSourceIndex) FromObject added in v1.9.0

func (s *ServiceIntentionSourceIndex) FromObject(obj interface{}) (bool, [][]byte, error)

type ServiceNameIndex added in v1.8.0

type ServiceNameIndex struct {
	Field string
}

func (*ServiceNameIndex) FromArgs added in v1.8.0

func (index *ServiceNameIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*ServiceNameIndex) FromObject added in v1.8.0

func (index *ServiceNameIndex) FromObject(obj interface{}) (bool, []byte, error)

func (*ServiceNameIndex) PrefixFromArgs added in v1.8.0

func (index *ServiceNameIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

type ServiceUsage added in v1.9.0

type ServiceUsage struct {
	Services                int
	ServiceInstances        int
	ConnectServiceInstances map[string]int
	EnterpriseServiceUsage
}

ServiceUsage contains all of the usage data related to services

type Snapshot

type Snapshot struct {
	// contains filtered or unexported fields
}

Snapshot is used to provide a point-in-time snapshot. It works by starting a read transaction against the whole state store.

func (*Snapshot) ACLAuthMethods added in v1.5.0

func (s *Snapshot) ACLAuthMethods() (memdb.ResultIterator, error)

ACLAuthMethods is used when saving a snapshot

func (*Snapshot) ACLBindingRules added in v1.5.0

func (s *Snapshot) ACLBindingRules() (memdb.ResultIterator, error)

ACLBindingRules is used when saving a snapshot

func (*Snapshot) ACLPolicies added in v1.4.0

func (s *Snapshot) ACLPolicies() (memdb.ResultIterator, error)

ACLPolicies is used when saving a snapshot

func (*Snapshot) ACLRoles added in v1.5.0

func (s *Snapshot) ACLRoles() (memdb.ResultIterator, error)

ACLRoles is used when saving a snapshot

func (*Snapshot) ACLTokens added in v1.4.0

func (s *Snapshot) ACLTokens() (memdb.ResultIterator, error)

ACLTokens is used when saving a snapshot

func (*Snapshot) Autopilot

func (s *Snapshot) Autopilot() (*structs.AutopilotConfig, error)

Autopilot is used to pull the autopilot config from the snapshot.

func (*Snapshot) CAConfig added in v1.2.0

func (s *Snapshot) CAConfig() (*structs.CAConfiguration, error)

CAConfig is used to pull the CA config from the snapshot.

func (*Snapshot) CAProviderState added in v1.2.0

func (s *Snapshot) CAProviderState() ([]*structs.CAConsulProviderState, error)

CAProviderState is used to pull the built-in provider states from the snapshot.

func (*Snapshot) CARoots added in v1.2.0

func (s *Snapshot) CARoots() (structs.CARoots, error)

CARoots is used to pull all the CA roots for the snapshot.

func (*Snapshot) Checks

func (s *Snapshot) Checks(node string) (memdb.ResultIterator, error)

Checks is used to pull the full list of checks for a given node for use during snapshots.

func (*Snapshot) Close

func (s *Snapshot) Close()

Close performs cleanup of a state snapshot.

func (*Snapshot) ConfigEntries added in v1.5.0

func (s *Snapshot) ConfigEntries() ([]structs.ConfigEntry, error)

ConfigEntries is used to pull all the config entries for the snapshot.

func (*Snapshot) Coordinates

func (s *Snapshot) Coordinates() (memdb.ResultIterator, error)

Coordinates is used to pull all the coordinates from the snapshot.

func (*Snapshot) FederationStates added in v1.8.0

func (s *Snapshot) FederationStates() ([]*structs.FederationState, error)

FederationStates is used to pull all the federation states for the snapshot.

func (*Snapshot) Indexes added in v1.4.0

func (s *Snapshot) Indexes() (memdb.ResultIterator, error)

func (*Snapshot) KVs

func (s *Snapshot) KVs() (memdb.ResultIterator, error)

KVs is used to pull the full list of KVS entries for use during snapshots.

func (*Snapshot) LastIndex

func (s *Snapshot) LastIndex() uint64

LastIndex returns that last index that affects the snapshotted data.

func (*Snapshot) LegacyIntentions deprecated added in v1.9.0

func (s *Snapshot) LegacyIntentions() (structs.Intentions, error)

LegacyIntentions is used to pull all the intentions from the snapshot.

Deprecated: service-intentions config entries are handled as config entries in the snapshot.

func (*Snapshot) Nodes

func (s *Snapshot) Nodes() (memdb.ResultIterator, error)

Nodes is used to pull the full list of nodes for use during snapshots.

func (*Snapshot) PreparedQueries

func (s *Snapshot) PreparedQueries() (structs.PreparedQueries, error)

PreparedQueries is used to pull all the prepared queries from the snapshot.

func (*Snapshot) Services

func (s *Snapshot) Services(node string) (memdb.ResultIterator, error)

Services is used to pull the full list of services for a given node for use during snapshots.

func (*Snapshot) Sessions

func (s *Snapshot) Sessions() (memdb.ResultIterator, error)

Sessions is used to pull the full list of sessions for use during snapshots.

func (*Snapshot) SystemMetadataEntries added in v1.9.0

func (s *Snapshot) SystemMetadataEntries() ([]*structs.SystemMetadataEntry, error)

SystemMetadataEntries used to pull all the system metadata entries for the snapshot.

func (*Snapshot) Tombstones

func (s *Snapshot) Tombstones() (memdb.ResultIterator, error)

Tombstones is used to pull all the tombstones from the graveyard.

type Store

type Store struct {
	// contains filtered or unexported fields
}

Store is where we store all of Consul's state, including records of node registrations, services, checks, key/value pairs and more. The DB is entirely in-memory and is constructed from the Raft log through the FSM.

func NewStateStore

func NewStateStore(gc *TombstoneGC) *Store

NewStateStore creates a new in-memory state storage layer.

func NewStateStoreWithEventPublisher added in v1.9.0

func NewStateStoreWithEventPublisher(gc *TombstoneGC) *Store

func (*Store) ACLAuthMethodBatchDelete added in v1.5.0

func (s *Store) ACLAuthMethodBatchDelete(idx uint64, names []string, entMeta *structs.EnterpriseMeta) error

func (*Store) ACLAuthMethodBatchSet added in v1.5.0

func (s *Store) ACLAuthMethodBatchSet(idx uint64, methods structs.ACLAuthMethods) error

func (*Store) ACLAuthMethodDeleteByName added in v1.5.0

func (s *Store) ACLAuthMethodDeleteByName(idx uint64, name string, entMeta *structs.EnterpriseMeta) error

func (*Store) ACLAuthMethodGetByName added in v1.5.0

func (s *Store) ACLAuthMethodGetByName(ws memdb.WatchSet, name string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLAuthMethod, error)

func (*Store) ACLAuthMethodList added in v1.5.0

func (s *Store) ACLAuthMethodList(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.ACLAuthMethods, error)

func (*Store) ACLAuthMethodSet added in v1.5.0

func (s *Store) ACLAuthMethodSet(idx uint64, method *structs.ACLAuthMethod) error

func (*Store) ACLAuthMethodUpsertValidateEnterprise added in v1.7.0

func (s *Store) ACLAuthMethodUpsertValidateEnterprise(method *structs.ACLAuthMethod, existing *structs.ACLAuthMethod) error

func (*Store) ACLBindingRuleBatchDelete added in v1.5.0

func (s *Store) ACLBindingRuleBatchDelete(idx uint64, bindingRuleIDs []string) error

func (*Store) ACLBindingRuleBatchSet added in v1.5.0

func (s *Store) ACLBindingRuleBatchSet(idx uint64, rules structs.ACLBindingRules) error

func (*Store) ACLBindingRuleDeleteByID added in v1.5.0

func (s *Store) ACLBindingRuleDeleteByID(idx uint64, id string, entMeta *structs.EnterpriseMeta) error

func (*Store) ACLBindingRuleGetByID added in v1.5.0

func (s *Store) ACLBindingRuleGetByID(ws memdb.WatchSet, id string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLBindingRule, error)

func (*Store) ACLBindingRuleList added in v1.5.0

func (s *Store) ACLBindingRuleList(ws memdb.WatchSet, methodName string, entMeta *structs.EnterpriseMeta) (uint64, structs.ACLBindingRules, error)

func (*Store) ACLBindingRuleSet added in v1.5.0

func (s *Store) ACLBindingRuleSet(idx uint64, rule *structs.ACLBindingRule) error

func (*Store) ACLBindingRuleUpsertValidateEnterprise added in v1.7.0

func (s *Store) ACLBindingRuleUpsertValidateEnterprise(rule *structs.ACLBindingRule, existing *structs.ACLBindingRule) error

func (*Store) ACLBootstrap added in v0.9.1

func (s *Store) ACLBootstrap(idx, resetIndex uint64, token *structs.ACLToken, legacy bool) error

ACLBootstrap is used to perform a one-time ACL bootstrap operation on a cluster to get the first management token.

func (*Store) ACLPolicyBatchDelete added in v1.4.0

func (s *Store) ACLPolicyBatchDelete(idx uint64, policyIDs []string) error

func (*Store) ACLPolicyBatchGet added in v1.4.0

func (s *Store) ACLPolicyBatchGet(ws memdb.WatchSet, ids []string) (uint64, structs.ACLPolicies, error)

func (*Store) ACLPolicyBatchSet added in v1.4.0

func (s *Store) ACLPolicyBatchSet(idx uint64, policies structs.ACLPolicies) error

func (*Store) ACLPolicyDeleteByID added in v1.4.0

func (s *Store) ACLPolicyDeleteByID(idx uint64, id string, entMeta *structs.EnterpriseMeta) error

func (*Store) ACLPolicyDeleteByName added in v1.4.0

func (s *Store) ACLPolicyDeleteByName(idx uint64, name string, entMeta *structs.EnterpriseMeta) error

func (*Store) ACLPolicyGetByID added in v1.4.0

func (s *Store) ACLPolicyGetByID(ws memdb.WatchSet, id string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLPolicy, error)

func (*Store) ACLPolicyGetByName added in v1.4.0

func (s *Store) ACLPolicyGetByName(ws memdb.WatchSet, name string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLPolicy, error)

func (*Store) ACLPolicyList added in v1.4.0

func (s *Store) ACLPolicyList(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.ACLPolicies, error)

func (*Store) ACLPolicySet added in v1.4.0

func (s *Store) ACLPolicySet(idx uint64, policy *structs.ACLPolicy) error

func (*Store) ACLPolicyUpsertValidateEnterprise added in v1.7.0

func (s *Store) ACLPolicyUpsertValidateEnterprise(*structs.ACLPolicy, *structs.ACLPolicy) error

func (*Store) ACLRoleBatchDelete added in v1.5.0

func (s *Store) ACLRoleBatchDelete(idx uint64, roleIDs []string) error

func (*Store) ACLRoleBatchGet added in v1.5.0

func (s *Store) ACLRoleBatchGet(ws memdb.WatchSet, ids []string) (uint64, structs.ACLRoles, error)

func (*Store) ACLRoleBatchSet added in v1.5.0

func (s *Store) ACLRoleBatchSet(idx uint64, roles structs.ACLRoles, allowMissingPolicyIDs bool) error

func (*Store) ACLRoleDeleteByID added in v1.5.0

func (s *Store) ACLRoleDeleteByID(idx uint64, id string, entMeta *structs.EnterpriseMeta) error

func (*Store) ACLRoleDeleteByName added in v1.5.0

func (s *Store) ACLRoleDeleteByName(idx uint64, name string, entMeta *structs.EnterpriseMeta) error

func (*Store) ACLRoleGetByID added in v1.5.0

func (s *Store) ACLRoleGetByID(ws memdb.WatchSet, id string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLRole, error)

func (*Store) ACLRoleGetByName added in v1.5.0

func (s *Store) ACLRoleGetByName(ws memdb.WatchSet, name string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLRole, error)

func (*Store) ACLRoleList added in v1.5.0

func (s *Store) ACLRoleList(ws memdb.WatchSet, policy string, entMeta *structs.EnterpriseMeta) (uint64, structs.ACLRoles, error)

func (*Store) ACLRoleSet added in v1.5.0

func (s *Store) ACLRoleSet(idx uint64, role *structs.ACLRole) error

func (*Store) ACLRoleUpsertValidateEnterprise added in v1.7.0

func (s *Store) ACLRoleUpsertValidateEnterprise(role *structs.ACLRole, existing *structs.ACLRole) error

func (*Store) ACLTokenBatchDelete added in v1.4.0

func (s *Store) ACLTokenBatchDelete(idx uint64, tokenIDs []string) error

func (*Store) ACLTokenBatchGet added in v1.4.0

func (s *Store) ACLTokenBatchGet(ws memdb.WatchSet, accessors []string) (uint64, structs.ACLTokens, error)

func (*Store) ACLTokenBatchSet added in v1.4.0

func (s *Store) ACLTokenBatchSet(idx uint64, tokens structs.ACLTokens, opts ACLTokenSetOptions) error

func (*Store) ACLTokenDeleteByAccessor added in v1.4.0

func (s *Store) ACLTokenDeleteByAccessor(idx uint64, accessor string, entMeta *structs.EnterpriseMeta) error

ACLTokenDeleteByAccessor is used to remove an existing ACL from the state store. If the ACL does not exist this is a no-op and no error is returned.

func (*Store) ACLTokenDeleteBySecret added in v1.4.0

func (s *Store) ACLTokenDeleteBySecret(idx uint64, secret string, entMeta *structs.EnterpriseMeta) error

ACLTokenDeleteBySecret is used to remove an existing ACL from the state store. If the ACL does not exist this is a no-op and no error is returned.

func (*Store) ACLTokenGetByAccessor added in v1.4.0

func (s *Store) ACLTokenGetByAccessor(ws memdb.WatchSet, accessor string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLToken, error)

ACLTokenGetByAccessor is used to look up an existing ACL token by its AccessorID.

func (*Store) ACLTokenGetBySecret added in v1.4.0

func (s *Store) ACLTokenGetBySecret(ws memdb.WatchSet, secret string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLToken, error)

ACLTokenGetBySecret is used to look up an existing ACL token by its SecretID.

func (*Store) ACLTokenList added in v1.4.0

func (s *Store) ACLTokenList(ws memdb.WatchSet, local, global bool, policy, role, methodName string, methodMeta, entMeta *structs.EnterpriseMeta) (uint64, structs.ACLTokens, error)

ACLTokenList is used to list out all of the ACLs in the state store.

func (*Store) ACLTokenListExpired added in v1.5.0

func (s *Store) ACLTokenListExpired(local bool, asOf time.Time, max int) (structs.ACLTokens, <-chan struct{}, error)

ACLTokenListExpires lists tokens that are expired as of the provided time. The returned set will be no larger than the max value provided.

func (*Store) ACLTokenListUpgradeable added in v1.4.0

func (s *Store) ACLTokenListUpgradeable(max int) (structs.ACLTokens, <-chan struct{}, error)

func (*Store) ACLTokenMinExpirationTime added in v1.5.0

func (s *Store) ACLTokenMinExpirationTime(local bool) (time.Time, error)

func (*Store) ACLTokenSet added in v1.4.0

func (s *Store) ACLTokenSet(idx uint64, token *structs.ACLToken, legacy bool) error

ACLTokenSet is used to insert an ACL rule into the state store.

func (*Store) ACLTokenUpsertValidateEnterprise added in v1.7.0

func (s *Store) ACLTokenUpsertValidateEnterprise(token *structs.ACLToken, existing *structs.ACLToken) error

func (*Store) Abandon

func (s *Store) Abandon()

Abandon is used to signal that the given state store has been abandoned. Calling this more than one time will panic.

func (*Store) AbandonCh

func (s *Store) AbandonCh() <-chan struct{}

AbandonCh returns a channel you can wait on to know if the state store was abandoned.

func (*Store) AreIntentionsInConfigEntries added in v1.9.0

func (s *Store) AreIntentionsInConfigEntries() (bool, error)

AreIntentionsInConfigEntries determines which table is the canonical store for intentions data.

func (*Store) AutopilotCASConfig

func (s *Store) AutopilotCASConfig(idx, cidx uint64, config *structs.AutopilotConfig) (bool, error)

AutopilotCASConfig is used to try updating the Autopilot configuration with a given Raft index. If the CAS index specified is not equal to the last observed index for the config, then the call is a noop,

func (*Store) AutopilotConfig

func (s *Store) AutopilotConfig() (uint64, *structs.AutopilotConfig, error)

AutopilotConfig is used to get the current Autopilot configuration.

func (*Store) AutopilotSetConfig

func (s *Store) AutopilotSetConfig(idx uint64, config *structs.AutopilotConfig) error

AutopilotSetConfig is used to set the current Autopilot configuration.

func (*Store) CACheckAndSetConfig added in v1.2.0

func (s *Store) CACheckAndSetConfig(idx, cidx uint64, config *structs.CAConfiguration) (bool, error)

CACheckAndSetConfig is used to try updating the CA configuration with a given Raft index. If the CAS index specified is not equal to the last observed index for the config, then the call will return an error,

func (*Store) CAConfig added in v1.2.0

func (s *Store) CAConfig(ws memdb.WatchSet) (uint64, *structs.CAConfiguration, error)

CAConfig is used to get the current CA configuration.

func (*Store) CADeleteProviderState added in v1.2.0

func (s *Store) CADeleteProviderState(idx uint64, id string) error

CADeleteProviderState is used to remove the built-in Consul CA provider state for the given ID.

func (*Store) CAIncrementProviderSerialNumber added in v1.6.3

func (s *Store) CAIncrementProviderSerialNumber(idx uint64) (uint64, error)

func (*Store) CALeafSetIndex added in v1.4.1

func (s *Store) CALeafSetIndex(idx uint64, index uint64) error

func (*Store) CAProviderState added in v1.2.0

func (s *Store) CAProviderState(id string) (uint64, *structs.CAConsulProviderState, error)

CAProviderState is used to get the Consul CA provider state for the given ID.

func (*Store) CARootActive added in v1.2.0

func (s *Store) CARootActive(ws memdb.WatchSet) (uint64, *structs.CARoot, error)

CARootActive returns the currently active CARoot.

func (*Store) CARootSetCAS added in v1.2.0

func (s *Store) CARootSetCAS(idx, cidx uint64, rs []*structs.CARoot) (bool, error)

CARootSetCAS sets the current CA root state using a check-and-set operation. On success, this will replace the previous set of CARoots completely with the given set of roots.

The first boolean result returns whether the transaction succeeded or not.

func (*Store) CARoots added in v1.2.0

func (s *Store) CARoots(ws memdb.WatchSet) (uint64, structs.CARoots, error)

CARoots returns the list of all CA roots.

func (*Store) CARootsAndConfig added in v1.6.0

func (s *Store) CARootsAndConfig(ws memdb.WatchSet) (uint64, structs.CARoots, *structs.CAConfiguration, error)

func (*Store) CASetConfig added in v1.2.0

func (s *Store) CASetConfig(idx uint64, config *structs.CAConfiguration) error

CASetConfig is used to set the current CA configuration.

func (*Store) CASetProviderState added in v1.2.0

func (s *Store) CASetProviderState(idx uint64, state *structs.CAConsulProviderState) (bool, error)

CASetProviderState is used to set the current built-in CA provider state.

func (*Store) CanBootstrapACLToken added in v1.4.0

func (s *Store) CanBootstrapACLToken() (bool, uint64, error)

CanBootstrapACLToken checks if bootstrapping is possible and returns the reset index

func (*Store) CheckConnectServiceNodes added in v1.2.0

func (s *Store) CheckConnectServiceNodes(ws memdb.WatchSet, serviceName string, entMeta *structs.EnterpriseMeta) (uint64, structs.CheckServiceNodes, error)

CheckConnectServiceNodes is used to query all nodes and checks for Connect compatible endpoints for a given service.

func (*Store) CheckIngressServiceNodes added in v1.8.0

func (s *Store) CheckIngressServiceNodes(ws memdb.WatchSet, serviceName string, entMeta *structs.EnterpriseMeta) (uint64, structs.CheckServiceNodes, error)

CheckIngressServiceNodes is used to query all nodes and checks for ingress endpoints for a given service.

func (*Store) CheckServiceNodes

func (s *Store) CheckServiceNodes(ws memdb.WatchSet, serviceName string, entMeta *structs.EnterpriseMeta) (uint64, structs.CheckServiceNodes, error)

CheckServiceNodes is used to query all nodes and checks for a given service.

func (*Store) CheckServiceTagNodes

func (s *Store) CheckServiceTagNodes(ws memdb.WatchSet, serviceName string, tags []string, entMeta *structs.EnterpriseMeta) (uint64, structs.CheckServiceNodes, error)

CheckServiceTagNodes is used to query all nodes and checks for a given service, filtering out services that don't contain the given tag.

func (*Store) ChecksInState

func (s *Store) ChecksInState(ws memdb.WatchSet, state string, entMeta *structs.EnterpriseMeta) (uint64, structs.HealthChecks, error)

ChecksInState is used to query the state store for all checks which are in the provided state.

func (*Store) ChecksInStateByNodeMeta

func (s *Store) ChecksInStateByNodeMeta(ws memdb.WatchSet, state string, filters map[string]string, entMeta *structs.EnterpriseMeta) (uint64, structs.HealthChecks, error)

ChecksInStateByNodeMeta is used to query the state store for all checks which are in the provided state, filtered by the given node metadata values.

func (*Store) CombinedCheckServiceNodes added in v1.9.0

func (s *Store) CombinedCheckServiceNodes(ws memdb.WatchSet, service structs.ServiceName) (uint64, structs.CheckServiceNodes, error)

CombinedCheckServiceNodes is used to query all nodes and checks for both typical and Connect endpoints of a service

func (*Store) ConfigEntries added in v1.5.0

func (s *Store) ConfigEntries(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, []structs.ConfigEntry, error)

ConfigEntries is called to get all config entry objects.

func (*Store) ConfigEntriesByKind added in v1.5.0

func (s *Store) ConfigEntriesByKind(ws memdb.WatchSet, kind string, entMeta *structs.EnterpriseMeta) (uint64, []structs.ConfigEntry, error)

ConfigEntriesByKind is called to get all config entry objects with the given kind. If kind is empty, all config entries will be returned.

func (*Store) ConfigEntry added in v1.5.0

func (s *Store) ConfigEntry(ws memdb.WatchSet, kind, name string, entMeta *structs.EnterpriseMeta) (uint64, structs.ConfigEntry, error)

ConfigEntry is called to get a given config entry.

func (*Store) ConfigEntryUsage added in v1.9.11

func (s *Store) ConfigEntryUsage() (uint64, ConfigEntryUsage, error)

func (*Store) ConnectServiceNodes added in v1.2.0

func (s *Store) ConnectServiceNodes(ws memdb.WatchSet, serviceName string, entMeta *structs.EnterpriseMeta) (uint64, structs.ServiceNodes, error)

ConnectServiceNodes returns the nodes associated with a Connect compatible destination for the given service name. This will include both proxies and native integrations.

func (*Store) Coordinate added in v0.9.3

func (s *Store) Coordinate(node string, ws memdb.WatchSet) (uint64, lib.CoordinateSet, error)

Coordinate returns a map of coordinates for the given node, indexed by network segment.

func (*Store) CoordinateBatchUpdate

func (s *Store) CoordinateBatchUpdate(idx uint64, updates structs.Coordinates) error

CoordinateBatchUpdate processes a batch of coordinate updates and applies them in a single transaction.

func (*Store) Coordinates

func (s *Store) Coordinates(ws memdb.WatchSet) (uint64, structs.Coordinates, error)

Coordinates queries for all nodes with coordinates.

func (*Store) DeleteCheck

func (s *Store) DeleteCheck(idx uint64, node string, checkID types.CheckID, entMeta *structs.EnterpriseMeta) error

DeleteCheck is used to delete a health check registration.

func (*Store) DeleteConfigEntry added in v1.5.0

func (s *Store) DeleteConfigEntry(idx uint64, kind, name string, entMeta *structs.EnterpriseMeta) error

func (*Store) DeleteNode

func (s *Store) DeleteNode(idx uint64, nodeName string) error

DeleteNode is used to delete a given node by its ID.

func (*Store) DeleteService

func (s *Store) DeleteService(idx uint64, nodeName, serviceID string, entMeta *structs.EnterpriseMeta) error

DeleteService is used to delete a given service associated with a node.

func (*Store) DumpGatewayServices added in v1.9.0

func (s *Store) DumpGatewayServices(ws memdb.WatchSet) (uint64, structs.GatewayServices, error)

func (*Store) EnsureCheck

func (s *Store) EnsureCheck(idx uint64, hc *structs.HealthCheck) error

EnsureCheck is used to store a check registration in the db.

func (*Store) EnsureConfigEntry added in v1.5.0

func (s *Store) EnsureConfigEntry(idx uint64, conf structs.ConfigEntry, entMeta *structs.EnterpriseMeta) error

EnsureConfigEntry is called to do an upsert of a given config entry.

func (*Store) EnsureConfigEntryCAS added in v1.5.0

func (s *Store) EnsureConfigEntryCAS(idx, cidx uint64, conf structs.ConfigEntry, entMeta *structs.EnterpriseMeta) (bool, error)

EnsureConfigEntryCAS is called to do a check-and-set upsert of a given config entry.

func (*Store) EnsureNode

func (s *Store) EnsureNode(idx uint64, node *structs.Node) error

EnsureNode is used to upsert node registration or modification.

func (*Store) EnsureRegistration

func (s *Store) EnsureRegistration(idx uint64, req *structs.RegisterRequest) error

EnsureRegistration is used to make sure a node, service, and check registration is performed within a single transaction to avoid race conditions on state updates.

func (*Store) EnsureService

func (s *Store) EnsureService(idx uint64, node string, svc *structs.NodeService) error

EnsureService is called to upsert creation of a given NodeService.

func (*Store) EventPublisher added in v1.9.0

func (s *Store) EventPublisher() EventPublisher

EventPublisher returns the stream.EventPublisher used by the Store to publish events.

func (*Store) FederationStateBatchDelete added in v1.8.0

func (s *Store) FederationStateBatchDelete(idx uint64, datacenters []string) error

func (*Store) FederationStateBatchSet added in v1.8.0

func (s *Store) FederationStateBatchSet(idx uint64, configs structs.FederationStates) error

func (*Store) FederationStateDelete added in v1.8.0

func (s *Store) FederationStateDelete(idx uint64, datacenter string) error

func (*Store) FederationStateGet added in v1.8.0

func (s *Store) FederationStateGet(ws memdb.WatchSet, datacenter string) (uint64, *structs.FederationState, error)

FederationStateGet is called to get a federation state.

func (*Store) FederationStateList added in v1.8.0

func (s *Store) FederationStateList(ws memdb.WatchSet) (uint64, []*structs.FederationState, error)

FederationStateList is called to get all federation state objects.

func (*Store) FederationStateSet added in v1.8.0

func (s *Store) FederationStateSet(idx uint64, config *structs.FederationState) error

FederationStateSet is called to do an upsert of a given federation state.

func (*Store) GatewayServices added in v1.8.0

func (s *Store) GatewayServices(ws memdb.WatchSet, gateway string, entMeta *structs.EnterpriseMeta) (uint64, structs.GatewayServices, error)

GatewayServices is used to query all services associated with a gateway

func (*Store) GetNode

func (s *Store) GetNode(id string) (uint64, *structs.Node, error)

GetNode is used to retrieve a node registration by node name ID.

func (*Store) GetNodeID

func (s *Store) GetNodeID(id types.NodeID) (uint64, *structs.Node, error)

GetNodeID is used to retrieve a node registration by node ID.

func (*Store) IntentionDecision added in v1.9.0

func (s *Store) IntentionDecision(
	srcURI connect.CertURI, dstName, dstNS string, defaultDecision acl.EnforcementDecision,
) (structs.IntentionDecisionSummary, error)

IntentionDecision returns whether a connection should be allowed from a source URI to some destination It returns true or false for the enforcement, and also a boolean for whether

func (*Store) IntentionGet added in v1.2.0

func (s *Store) IntentionGet(ws memdb.WatchSet, id string) (uint64, *structs.ServiceIntentionsConfigEntry, *structs.Intention, error)

IntentionGet returns the given intention by ID.

func (*Store) IntentionGetExact added in v1.9.0

func (s *Store) IntentionGetExact(ws memdb.WatchSet, args *structs.IntentionQueryExact) (uint64, *structs.ServiceIntentionsConfigEntry, *structs.Intention, error)

IntentionGetExact returns the given intention by it's full unique name.

func (*Store) IntentionMatch added in v1.2.0

func (s *Store) IntentionMatch(ws memdb.WatchSet, args *structs.IntentionQueryMatch) (uint64, []structs.Intentions, error)

IntentionMatch returns the list of intentions that match the namespace and name for either a source or destination. This applies the resolution rules so wildcards will match any value.

The returned value is the list of intentions in the same order as the entries in args. The intentions themselves are sorted based on the intention precedence rules. i.e. result[0][0] is the highest precedent rule to match for the first entry.

func (*Store) IntentionMatchOne added in v1.9.0

func (s *Store) IntentionMatchOne(
	ws memdb.WatchSet,
	entry structs.IntentionMatchEntry,
	matchType structs.IntentionMatchType,
) (uint64, structs.Intentions, error)

IntentionMatchOne returns the list of intentions that match the namespace and name for a single source or destination. This applies the resolution rules so wildcards will match any value.

The returned intentions are sorted based on the intention precedence rules. i.e. result[0] is the highest precedent rule to match

func (*Store) IntentionMutation added in v1.9.0

func (s *Store) IntentionMutation(idx uint64, op structs.IntentionOp, mut *structs.IntentionMutation) error

func (*Store) Intentions added in v1.2.0

func (s *Store) Intentions(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.Intentions, bool, error)

Intentions returns the list of all intentions. The boolean response value is true if it came from config entries.

func (*Store) KVSDelete

func (s *Store) KVSDelete(idx uint64, key string, entMeta *structs.EnterpriseMeta) error

KVSDelete is used to perform a shallow delete on a single key in the the state store.

func (*Store) KVSDeleteCAS

func (s *Store) KVSDeleteCAS(idx, cidx uint64, key string, entMeta *structs.EnterpriseMeta) (bool, error)

KVSDeleteCAS is used to try doing a KV delete operation with a given raft index. If the CAS index specified is not equal to the last observed index for the given key, then the call is a noop, otherwise a normal KV delete is invoked.

func (*Store) KVSDeleteTree

func (s *Store) KVSDeleteTree(idx uint64, prefix string, entMeta *structs.EnterpriseMeta) error

KVSDeleteTree is used to do a recursive delete on a key prefix in the state store. If any keys are modified, the last index is set, otherwise this is a no-op.

func (*Store) KVSGet

func (s *Store) KVSGet(ws memdb.WatchSet, key string, entMeta *structs.EnterpriseMeta) (uint64, *structs.DirEntry, error)

KVSGet is used to retrieve a key/value pair from the state store.

func (*Store) KVSList

func (s *Store) KVSList(ws memdb.WatchSet,
	prefix string, entMeta *structs.EnterpriseMeta) (uint64, structs.DirEntries, error)

KVSList is used to list out all keys under a given prefix. If the prefix is left empty, all keys in the KVS will be returned. The returned is the max index of the returned kvs entries or applicable tombstones, or else it's the full table indexes for kvs and tombstones.

func (*Store) KVSLock

func (s *Store) KVSLock(idx uint64, entry *structs.DirEntry) (bool, error)

KVSLock is similar to KVSSet but only performs the set if the lock can be acquired.

func (*Store) KVSLockDelay

func (s *Store) KVSLockDelay(key string, entMeta *structs.EnterpriseMeta) time.Time

KVSLockDelay returns the expiration time for any lock delay associated with the given key.

func (*Store) KVSSet

func (s *Store) KVSSet(idx uint64, entry *structs.DirEntry) error

KVSSet is used to store a key/value pair.

func (*Store) KVSSetCAS

func (s *Store) KVSSetCAS(idx uint64, entry *structs.DirEntry) (bool, error)

KVSSetCAS is used to do a check-and-set operation on a KV entry. The ModifyIndex in the provided entry is used to determine if we should write the entry to the state store or bail. Returns a bool indicating if a write happened and any error.

func (*Store) KVSUnlock

func (s *Store) KVSUnlock(idx uint64, entry *structs.DirEntry) (bool, error)

KVSUnlock is similar to KVSSet but only performs the set if the lock can be unlocked (the key must already exist and be locked).

func (*Store) KVUsage added in v1.9.10

func (s *Store) KVUsage() (uint64, KVUsage, error)

func (*Store) LegacyIntentionDelete deprecated added in v1.9.0

func (s *Store) LegacyIntentionDelete(idx uint64, id string) error

LegacyIntentionDelete deletes the given intention by ID.

Deprecated: Edit service-intentions config entries directly.

func (*Store) LegacyIntentionDeleteAll added in v1.9.0

func (s *Store) LegacyIntentionDeleteAll(idx uint64) error

LegacyIntentionDeleteAll deletes all legacy intentions. This is part of the config entry migration code.

func (*Store) LegacyIntentionSet deprecated added in v1.9.0

func (s *Store) LegacyIntentionSet(idx uint64, ixn *structs.Intention) error

LegacyIntentionSet creates or updates an intention.

Deprecated: Edit service-intentions config entries directly.

func (*Store) LegacyIntentions added in v1.9.0

func (s *Store) LegacyIntentions(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.Intentions, error)

LegacyIntentions is like Intentions() but only returns legacy intentions. This is exposed for migration purposes.

func (*Store) NodeCheck

func (s *Store) NodeCheck(nodeName string, checkID types.CheckID, entMeta *structs.EnterpriseMeta) (uint64, *structs.HealthCheck, error)

NodeCheck is used to retrieve a specific check associated with the given node.

func (*Store) NodeChecks

func (s *Store) NodeChecks(ws memdb.WatchSet, nodeName string, entMeta *structs.EnterpriseMeta) (uint64, structs.HealthChecks, error)

NodeChecks is used to retrieve checks associated with the given node from the state store.

func (*Store) NodeCount added in v1.9.0

func (s *Store) NodeCount() (uint64, int, error)

NodeCount returns the latest seen Raft index, a count of the number of nodes registered, and any errors.

func (*Store) NodeDump

func (s *Store) NodeDump(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.NodeDump, error)

NodeDump is used to generate a dump of all nodes. This call is expensive as it has to query every node, service, and check. The response can also be quite large since there is currently no filtering applied.

func (*Store) NodeInfo

func (s *Store) NodeInfo(ws memdb.WatchSet, node string, entMeta *structs.EnterpriseMeta) (uint64, structs.NodeDump, error)

NodeInfo is used to generate a dump of a single node. The dump includes all services and checks which are registered against the node.

func (*Store) NodeService

func (s *Store) NodeService(nodeName string, serviceID string, entMeta *structs.EnterpriseMeta) (uint64, *structs.NodeService, error)

NodeService is used to retrieve a specific service associated with the given node.

func (*Store) NodeServiceList added in v1.7.0

func (s *Store) NodeServiceList(ws memdb.WatchSet, nodeNameOrID string, entMeta *structs.EnterpriseMeta) (uint64, *structs.NodeServiceList, error)

NodeServices is used to query service registrations by node name or UUID.

func (*Store) NodeServices

func (s *Store) NodeServices(ws memdb.WatchSet, nodeNameOrID string, entMeta *structs.EnterpriseMeta) (uint64, *structs.NodeServices, error)

NodeServices is used to query service registrations by node name or UUID.

func (*Store) NodeSessions

func (s *Store) NodeSessions(ws memdb.WatchSet, nodeID string, entMeta *structs.EnterpriseMeta) (uint64, structs.Sessions, error)

NodeSessions returns a set of active sessions associated with the given node ID. The returned index is the highest index seen from the result set.

func (*Store) Nodes

func (s *Store) Nodes(ws memdb.WatchSet) (uint64, structs.Nodes, error)

Nodes is used to return all of the known nodes.

func (*Store) NodesByMeta

func (s *Store) NodesByMeta(ws memdb.WatchSet, filters map[string]string) (uint64, structs.Nodes, error)

NodesByMeta is used to return all nodes with the given metadata key/value pairs.

func (*Store) PreparedQueryDelete

func (s *Store) PreparedQueryDelete(idx uint64, queryID string) error

PreparedQueryDelete deletes the given query by ID.

func (*Store) PreparedQueryGet

func (s *Store) PreparedQueryGet(ws memdb.WatchSet, queryID string) (uint64, *structs.PreparedQuery, error)

PreparedQueryGet returns the given prepared query by ID.

func (*Store) PreparedQueryList

func (s *Store) PreparedQueryList(ws memdb.WatchSet) (uint64, structs.PreparedQueries, error)

PreparedQueryList returns all the prepared queries.

func (*Store) PreparedQueryResolve

func (s *Store) PreparedQueryResolve(queryIDOrName string, source structs.QuerySource) (uint64, *structs.PreparedQuery, error)

PreparedQueryResolve returns the given prepared query by looking up an ID or Name. If the query was looked up by name and it's a template, then the template will be rendered before it is returned.

func (*Store) PreparedQuerySet

func (s *Store) PreparedQuerySet(idx uint64, query *structs.PreparedQuery) error

PreparedQuerySet is used to create or update a prepared query.

func (*Store) ReadDiscoveryChainConfigEntries added in v1.6.0

func (s *Store) ReadDiscoveryChainConfigEntries(
	ws memdb.WatchSet,
	serviceName string,
	entMeta *structs.EnterpriseMeta,
) (uint64, *structs.DiscoveryChainConfigEntries, error)

ReadDiscoveryChainConfigEntries will query for the full discovery chain for the provided service name. All relevant config entries will be recursively fetched and included in the result.

Once returned, the caller still needs to assemble these into a useful graph structure.

func (*Store) ReapTombstones

func (s *Store) ReapTombstones(idx uint64, index uint64) error

ReapTombstones is used to delete all the tombstones with an index less than or equal to the given index. This is used to prevent unbounded storage growth of the tombstones.

func (*Store) Restore

func (s *Store) Restore() *Restore

Restore is used to efficiently manage restoring a large amount of data into the state store. It works by doing all the restores inside of a single transaction.

func (*Store) ServiceAddressNodes added in v1.2.0

func (s *Store) ServiceAddressNodes(ws memdb.WatchSet, address string, entMeta *structs.EnterpriseMeta) (uint64, structs.ServiceNodes, error)

ServiceAddressNodes returns the nodes associated with a given service, filtering out services that don't match the given serviceAddress

func (*Store) ServiceChecks

func (s *Store) ServiceChecks(ws memdb.WatchSet, serviceName string, entMeta *structs.EnterpriseMeta) (uint64, structs.HealthChecks, error)

ServiceChecks is used to get all checks associated with a given service ID. The query is performed against a service _name_ instead of a service ID.

func (*Store) ServiceChecksByNodeMeta

func (s *Store) ServiceChecksByNodeMeta(ws memdb.WatchSet, serviceName string,
	filters map[string]string, entMeta *structs.EnterpriseMeta) (uint64, structs.HealthChecks, error)

ServiceChecksByNodeMeta is used to get all checks associated with a given service ID, filtered by the given node metadata values. The query is performed against a service _name_ instead of a service ID.

func (*Store) ServiceDiscoveryChain added in v1.9.0

func (s *Store) ServiceDiscoveryChain(
	ws memdb.WatchSet,
	serviceName string,
	entMeta *structs.EnterpriseMeta,
	req discoverychain.CompileRequest,
) (uint64, *structs.CompiledDiscoveryChain, error)

func (*Store) ServiceDump added in v1.5.0

func (s *Store) ServiceDump(ws memdb.WatchSet, kind structs.ServiceKind, useKind bool, entMeta *structs.EnterpriseMeta) (uint64, structs.CheckServiceNodes, error)

func (*Store) ServiceList added in v1.7.0

func (s *Store) ServiceList(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.ServiceList, error)

func (*Store) ServiceNodes

func (s *Store) ServiceNodes(ws memdb.WatchSet, serviceName string, entMeta *structs.EnterpriseMeta) (uint64, structs.ServiceNodes, error)

ServiceNodes returns the nodes associated with a given service name.

func (*Store) ServiceTagNodes

func (s *Store) ServiceTagNodes(ws memdb.WatchSet, service string, tags []string, entMeta *structs.EnterpriseMeta) (uint64, structs.ServiceNodes, error)

ServiceTagNodes returns the nodes associated with a given service, filtering out services that don't contain the given tags.

func (*Store) ServiceTopology added in v1.9.0

func (s *Store) ServiceTopology(
	ws memdb.WatchSet,
	dc, service string,
	kind structs.ServiceKind,
	defaultAllow acl.EnforcementDecision,
	entMeta *structs.EnterpriseMeta,
) (uint64, *structs.ServiceTopology, error)

func (*Store) ServiceUsage added in v1.9.0

func (s *Store) ServiceUsage() (uint64, ServiceUsage, error)

ServiceUsage returns the latest seen Raft index, a compiled set of service usage data, and any errors.

func (*Store) Services

func (s *Store) Services(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.Services, error)

Services returns all services along with a list of associated tags.

func (*Store) ServicesByNodeMeta

func (s *Store) ServicesByNodeMeta(ws memdb.WatchSet, filters map[string]string, entMeta *structs.EnterpriseMeta) (uint64, structs.Services, error)

ServicesByNodeMeta returns all services, filtered by the given node metadata.

func (*Store) SessionCreate

func (s *Store) SessionCreate(idx uint64, sess *structs.Session) error

SessionCreate is used to register a new session in the state store.

func (*Store) SessionDestroy

func (s *Store) SessionDestroy(idx uint64, sessionID string, entMeta *structs.EnterpriseMeta) error

SessionDestroy is used to remove an active session. This will implicitly invalidate the session and invoke the specified session destroy behavior.

func (*Store) SessionGet

func (s *Store) SessionGet(ws memdb.WatchSet,
	sessionID string, entMeta *structs.EnterpriseMeta) (uint64, *structs.Session, error)

SessionGet is used to retrieve an active session from the state store.

func (*Store) SessionList

func (s *Store) SessionList(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta) (uint64, structs.Sessions, error)

SessionList returns a slice containing all of the active sessions.

func (*Store) Snapshot

func (s *Store) Snapshot() *Snapshot

Snapshot is used to create a point-in-time snapshot of the entire db.

func (*Store) SystemMetadataDelete added in v1.9.0

func (s *Store) SystemMetadataDelete(idx uint64, entry *structs.SystemMetadataEntry) error

func (*Store) SystemMetadataGet added in v1.9.0

func (s *Store) SystemMetadataGet(ws memdb.WatchSet, key string) (uint64, *structs.SystemMetadataEntry, error)

SystemMetadataGet is called to get a system metadata.

func (*Store) SystemMetadataList added in v1.9.0

func (s *Store) SystemMetadataList(ws memdb.WatchSet) (uint64, []*structs.SystemMetadataEntry, error)

SystemMetadataList is called to get all system metadata objects.

func (*Store) SystemMetadataSet added in v1.9.0

func (s *Store) SystemMetadataSet(idx uint64, entry *structs.SystemMetadataEntry) error

SystemMetadataSet is called to do an upsert of a set of system metadata entries.

func (*Store) TxnRO

TxnRO runs the given operations inside a single read transaction in the state store. You must verify outside this function that no write operations are present, otherwise you'll get an error from the state store.

func (*Store) TxnRW

func (s *Store) TxnRW(idx uint64, ops structs.TxnOps) (structs.TxnResults, structs.TxnErrors)

TxnRW tries to run the given operations all inside a single transaction. If any of the operations fail, the entire transaction will be rolled back. This is done in a full write transaction on the state store, so reads and writes are possible

func (*Store) ValidateRegisterRequest added in v1.7.0

func (s *Store) ValidateRegisterRequest(_ *structs.RegisterRequest) (*structs.EnterpriseMeta, error)

type TokenExpirationIndex added in v1.5.0

type TokenExpirationIndex struct {
	LocalFilter bool
}

func (*TokenExpirationIndex) FromArgs added in v1.5.0

func (s *TokenExpirationIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*TokenExpirationIndex) FromObject added in v1.5.0

func (s *TokenExpirationIndex) FromObject(obj interface{}) (bool, []byte, error)

type TokenPoliciesIndex added in v1.4.0

type TokenPoliciesIndex struct {
}

func (*TokenPoliciesIndex) FromArgs added in v1.4.0

func (s *TokenPoliciesIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*TokenPoliciesIndex) FromObject added in v1.4.0

func (s *TokenPoliciesIndex) FromObject(obj interface{}) (bool, [][]byte, error)

func (*TokenPoliciesIndex) PrefixFromArgs added in v1.4.0

func (s *TokenPoliciesIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

type TokenRolesIndex added in v1.5.0

type TokenRolesIndex struct {
}

func (*TokenRolesIndex) FromArgs added in v1.5.0

func (s *TokenRolesIndex) FromArgs(args ...interface{}) ([]byte, error)

func (*TokenRolesIndex) FromObject added in v1.5.0

func (s *TokenRolesIndex) FromObject(obj interface{}) (bool, [][]byte, error)

func (*TokenRolesIndex) PrefixFromArgs added in v1.5.0

func (s *TokenRolesIndex) PrefixFromArgs(args ...interface{}) ([]byte, error)

type Tombstone

type Tombstone struct {
	Key   string
	Index uint64

	structs.EnterpriseMeta
}

Tombstone is the internal type used to track tombstones.

type TombstoneGC

type TombstoneGC struct {
	sync.Mutex
	// contains filtered or unexported fields
}

TombstoneGC is used to track creation of tombstones so that they can be garbage collected after their TTL expires. The tombstones allow queries to provide monotonic index values within the TTL window. The GC is used to prevent monotonic growth in storage usage. This is a trade off between the length of the TTL and the storage overhead.

In practice, this is required to fix the issue of delete visibility. When data is deleted from the KV store, the "latest" row can go backwards if the newest row is removed. The tombstones provide a way to ensure time doesn't move backwards within some interval.

func NewTombstoneGC

func NewTombstoneGC(ttl, granularity time.Duration) (*TombstoneGC, error)

NewTombstoneGC is used to construct a new TombstoneGC given a TTL for tombstones and a tracking granularity. Longer TTLs ensure correct behavior for more time, but use more storage. A shorter granularity increases the number of Raft transactions and reduce how far past the TTL we perform GC.

func (*TombstoneGC) ExpireCh

func (t *TombstoneGC) ExpireCh() <-chan uint64

ExpireCh is used to return a channel that streams the next index that should be expired.

func (*TombstoneGC) Hint

func (t *TombstoneGC) Hint(index uint64)

Hint is used to indicate that keys at the given index have been deleted, and that their GC should be scheduled.

func (*TombstoneGC) PendingExpiration

func (t *TombstoneGC) PendingExpiration() bool

PendingExpiration is used to check if any expirations are pending.

func (*TombstoneGC) SetEnabled

func (t *TombstoneGC) SetEnabled(enabled bool)

SetEnabled is used to control if the tombstone GC is enabled. Should only be enabled by the leader node.

type UsageEntry added in v1.9.0

type UsageEntry struct {
	ID    string
	Index uint64
	Count int
}

UsageEntry represents a count of some arbitrary identifier within the state store, along with the last seen index.

type WriteTxn added in v1.9.0

type WriteTxn interface {
	ReadTxn
	Defer(func())
	Delete(table string, obj interface{}) error
	DeleteAll(table, index string, args ...interface{}) (int, error)
	DeletePrefix(table string, index string, prefix string) (bool, error)
	Insert(table string, obj interface{}) error
}

WriteTxn is implemented by memdb.Txn to perform write operations.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL