Documentation ¶
Index ¶
- Constants
- Variables
- type DeprecationStatus
- type HAState
- type PluginRuntimeType
- type PluginType
- type ReplicationState
- func (r *ReplicationState) AddState(flag ReplicationState)
- func (r *ReplicationState) ClearState(flag ReplicationState)
- func (r ReplicationState) GetDRString() string
- func (r ReplicationState) GetPerformanceString() string
- func (r ReplicationState) HasState(flag ReplicationState) bool
- func (r ReplicationState) IsPrimaryState() bool
- func (r ReplicationState) StateStrings() []string
- func (r *ReplicationState) ToggleState(flag ReplicationState)
Constants ¶
const ( // ExpirationRestoreWorkerCount specifies the number of workers to use while // restoring leases into the expiration manager ExpirationRestoreWorkerCount = 64 // NamespaceHeaderName is the header set to specify which namespace the // request is indented for. NamespaceHeaderName = "X-Vault-Namespace" // AuthHeaderName is the name of the header containing the token. AuthHeaderName = "X-Vault-Token" // RequestHeaderName is the name of the header used by the Agent for // SSRF protection. RequestHeaderName = "X-Vault-Request" // WrapTTLHeaderName is the name of the header containing a directive to // wrap the response WrapTTLHeaderName = "X-Vault-Wrap-TTL" // PerformanceReplicationALPN is the negotiated protocol used for // performance replication. PerformanceReplicationALPN = "replication_v1" // DRReplicationALPN is the negotiated protocol used for dr replication. DRReplicationALPN = "replication_dr_v1" PerfStandbyALPN = "perf_standby_v1" RequestForwardingALPN = "req_fw_sb-act_v1" RaftStorageALPN = "raft_storage_v1" // ReplicationResolverALPN is the negotiated protocol used for // resolving replicaiton addresses ReplicationResolverALPN = "replication_resolver_v1" VaultEnableFilePermissionsCheckEnv = "VAULT_ENABLE_FILE_PERMISSIONS_CHECK" VaultDisableUserLockout = "VAULT_DISABLE_USER_LOCKOUT" PerformanceReplicationPathTarget = "performance" DRReplicationPathTarget = "dr" )
const ( Supported = iota Deprecated PendingRemoval Removed Unknown )
These are the states of deprecation for builtin plugins
const ( // N.B. This needs to be excluded from replication despite the name; it's // merely saying that this is cluster information for the replicated // cluster. CoreReplicatedClusterPrefix = "core/cluster/replicated/" CoreReplicatedClusterPrefixDR = "core/cluster/replicated-dr/" CoreReplicatedClusterInfoPath = CoreReplicatedClusterPrefix + "info" CoreReplicatedClusterSecondariesPrefix = CoreReplicatedClusterPrefix + "secondaries/" CoreReplicatedClusterInfoPathDR = CoreReplicatedClusterPrefixDR + "info" CoreReplicatedClusterSecondariesPrefixDR = CoreReplicatedClusterPrefixDR + "secondaries/" // This is an identifier for the current secondary in the replicated paths // manager. It should contain a character that is not allowed in secondary // ids to ensure it doesn't collide. CurrentReplicatedSecondaryIdentifier = ".current" CoreFeatureFlagPath = "core/cluster/feature-flags" )
const ( ServiceTokenPrefix = "hvs." BatchTokenPrefix = "hvb." RecoveryTokenPrefix = "hvr." LegacyServiceTokenPrefix = "s." LegacyBatchTokenPrefix = "b." LegacyRecoveryTokenPrefix = "r." )
const AgentPathCacheClear = "/agent/v1/cache-clear"
AgentPathCacheClear is the path that the agent will use as its cache-clear endpoint.
const AgentPathMetrics = "/agent/v1/metrics"
AgentPathMetrics is the path the agent will use to expose its internal metrics.
const AgentPathQuit = "/agent/v1/quit"
AgentPathQuit is the path that the agent will use to trigger stopping it.
const DefaultMaxBackoff = 5 * time.Minute
DefaultMaxBackoff is the default max backoff time for agent and proxy
const DefaultMinBackoff = 1 * time.Second
DefaultMinBackoff is the default minimum backoff time for agent and proxy
const EnvVaultAllowPendingRemovalMounts = "VAULT_ALLOW_PENDING_REMOVAL_MOUNTS"
EnvVaultAllowPendingRemovalMounts allows Pending Removal builtins to be mounted as if they are Deprecated to facilitate migration to supported builtin plugins.
const ProxyPathCacheClear = "/proxy/v1/cache-clear"
ProxyPathCacheClear is the path that the proxy will use as its cache-clear endpoint.
const ProxyPathMetrics = "/proxy/v1/metrics"
ProxyPathMetrics is the path the proxy will use to expose its internal metrics.
const ProxyPathQuit = "/proxy/v1/quit"
ProxyPathQuit is the path that the proxy will use to trigger stopping it.
Variables ¶
var ( // ErrSealed is returned if an operation is performed on a sealed barrier. // No operation is expected to succeed before unsealing ErrSealed = errors.New("Vault is sealed") // ErrAPILocked is returned if an operation is performed when the API is // locked for the request namespace. ErrAPILocked = errors.New("API access to this namespace has been locked by an administrator") // ErrStandby is returned if an operation is performed on a standby Vault. // No operation is expected to succeed until active. ErrStandby = errors.New("Vault is in standby mode") // ErrPathContainsParentReferences is returned when a path contains parent // references. ErrPathContainsParentReferences = errors.New("path cannot contain parent references") // ErrInvalidWrappingToken is returned when checking for the validity of // a wrapping token that turns out to be invalid. ErrInvalidWrappingToken = errors.New("wrapping token is not valid or does not exist") )
var PluginRuntimeTypes = []PluginRuntimeType{ PluginRuntimeTypeUnsupported, PluginRuntimeTypeContainer, }
var PluginTypes = []PluginType{ PluginTypeUnknown, PluginTypeCredential, PluginTypeDatabase, PluginTypeSecrets, }
Functions ¶
This section is empty.
Types ¶
type DeprecationStatus ¶ added in v0.6.0
type DeprecationStatus uint32
DeprecationStatus represents the current deprecation state for builtins
func (DeprecationStatus) String ¶ added in v0.6.0
func (s DeprecationStatus) String() string
String returns the string representation of a builtin deprecation status
type PluginRuntimeType ¶ added in v0.10.0
type PluginRuntimeType uint32
const ( DefaultContainerPluginOCIRuntime = "runsc" PluginRuntimeTypeUnsupported PluginRuntimeType = iota PluginRuntimeTypeContainer )
This is a list of PluginRuntimeTypes used by Vault.
func ParsePluginRuntimeType ¶ added in v0.10.0
func ParsePluginRuntimeType(PluginRuntimeType string) (PluginRuntimeType, error)
func (PluginRuntimeType) String ¶ added in v0.10.0
func (r PluginRuntimeType) String() string
type PluginType ¶
type PluginType uint32
const ( PluginTypeUnknown PluginType = iota PluginTypeCredential PluginTypeDatabase PluginTypeSecrets )
This is a list of PluginTypes used by Vault. If we need to add any in the future, it would be best to add them to the _end_ of the list below because they resolve to incrementing numbers, which may be saved in state somewhere. Thus if the name for one of those numbers changed because a value were added to the middle, that could cause the wrong plugin types to be read from storage for a given underlying number. Example of the problem here: https://play.golang.org/p/YAaPw5ww3er
func ParsePluginType ¶
func ParsePluginType(pluginType string) (PluginType, error)
func (PluginType) MarshalJSON ¶ added in v0.11.0
func (p PluginType) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaler.
func (PluginType) String ¶
func (p PluginType) String() string
func (*PluginType) UnmarshalJSON ¶ added in v0.11.0
func (p *PluginType) UnmarshalJSON(data []byte) error
UnmarshalJSON implements json.Unmarshaler. It supports unmarshaling either a string or a uint32. All new serialization will be as a string, but we previously serialized as a uint32 so we need to support that for backwards compatibility.
type ReplicationState ¶
type ReplicationState uint32
const ( OldReplicationPrimary ReplicationState OldReplicationSecondary OldReplicationBootstrapping ReplicationUnknown ReplicationState = 0 ReplicationPerformancePrimary ReplicationState = 1 << iota // Note -- iota is 5 here! ReplicationPerformanceSecondary OldSplitReplicationBootstrapping ReplicationDRPrimary ReplicationDRSecondary ReplicationPerformanceBootstrapping ReplicationDRBootstrapping ReplicationPerformanceDisabled ReplicationDRDisabled ReplicationPerformanceStandby )
func (*ReplicationState) AddState ¶
func (r *ReplicationState) AddState(flag ReplicationState)
func (*ReplicationState) ClearState ¶
func (r *ReplicationState) ClearState(flag ReplicationState)
func (ReplicationState) GetDRString ¶
func (r ReplicationState) GetDRString() string
func (ReplicationState) GetPerformanceString ¶
func (r ReplicationState) GetPerformanceString() string
func (ReplicationState) HasState ¶
func (r ReplicationState) HasState(flag ReplicationState) bool
func (ReplicationState) IsPrimaryState ¶ added in v0.2.0
func (r ReplicationState) IsPrimaryState() bool
func (ReplicationState) StateStrings ¶
func (r ReplicationState) StateStrings() []string
func (*ReplicationState) ToggleState ¶
func (r *ReplicationState) ToggleState(flag ReplicationState)