Documentation
¶
Index ¶
- Variables
- func AnyVault(ctx context.Context, servers []runner.Harness, f func(*vaultapi.Client) error) error
- func HarnessToAPI(r runner.Harness) (*vaultapi.Client, error)
- func Initialize(ctx context.Context, cli *vaultapi.Client, seal *Seal) (string, []string, error)
- func Leader(servers []runner.Harness) (string, error)
- func LeadersHealthy(ctx context.Context, servers []runner.Harness) error
- func RaftAutopilotHealthy(ctx context.Context, servers []runner.Harness, token string) error
- func Status(ctx context.Context, cli *vaultapi.Client) (*vaultapi.SealStatusResponse, error)
- func Unseal(ctx context.Context, cli *vaultapi.Client, key string, migrate bool) error
- type Ports
- type Seal
- type VaultConfig
Constants ¶
This section is empty.
Variables ¶
View Source
var PortNames = struct { HTTP string Cluster string }{ "http", "cluster", }
View Source
var ServerScrapeConfig = prometheus.ScrapeConfig{ JobName: "vault", Params: url.Values{"format": []string{"prometheus"}}, MetricsPath: "/v1/sys/metrics", }
Functions ¶
func AnyVault ¶
AnyVault returns nil if f returns a non-nil result for any of the given servers. Errors will be retried with a short constant delay so long as ctx.Err() returns nil.
func Initialize ¶
func RaftAutopilotHealthy ¶
RaftAutopilotHealthy returns nil if any of the servers report Autopilot healthy, or the errors obtained. Autopilot health requests are always forwarded to the leader, and the leader won't report a healthy cluster if any peers fail health checks. Health checks are usually thresholds for replication lag and last-contact.
Types ¶
type Ports ¶
func (Ports) RunnerPorts ¶
type VaultConfig ¶
type VaultConfig struct {
Common runner.Config
// JoinAddrs specifies the addresses of the Vault servers in the cluster.
// If they have a :port suffix, it should be the API address, otherwise
// 8200 is assumed. Only used when joining new Raft nodes to the cluster.
JoinAddrs []string
// ConsulAddr gives the host:port for this node's Consul agent.
// Only needed for Consul storage or service registration.
ConsulAddr string
// ConsulPath gives the Consul KV prefix where Vault will store its data.
// Only needed for Consul storage.
ConsulPath string
// Seal is used for non-Shamir seals, i.e. AutoUnseal.
Seal *Seal
// OldSeal is used in seal migration scenarios. When migrating away from
// a non-Shamir seal, the old seal's config stanza must be kept in the
// config file, with a new disabled="true" keyval. Once migration has
// completed successfully on all nodes, the old seal stanza should be removed.
OldSeal *Seal
RaftPerfMultiplier int
}
VaultConfig describes how to run a single Vault node.
func NewConsulConfig ¶
func NewConsulConfig(consulAddr, consulPath string, tls *pki.TLSConfigPEM) VaultConfig
func NewRaftConfig ¶
func NewRaftConfig(joinAddrs []string, tls *pki.TLSConfigPEM, raftPerfMultiplier int) VaultConfig
func (VaultConfig) Args ¶
func (vc VaultConfig) Args() []string
func (VaultConfig) Config ¶
func (vc VaultConfig) Config() runner.Config
func (VaultConfig) Env ¶
func (vc VaultConfig) Env() []string
func (VaultConfig) Files ¶
func (vc VaultConfig) Files() map[string]string
func (VaultConfig) Name ¶
func (vc VaultConfig) Name() string
func (VaultConfig) WithConfig ¶
func (vc VaultConfig) WithConfig(cfg runner.Config) runner.Command
Source Files
Click to show internal directories.
Click to hide internal directories.