mirror of https://github.com/hashicorp/consul
a932aafc91
During gossip encryption key rotation it would be nice to be able to see if all nodes are using the same key. This PR adds another field to the json response from `GET v1/operator/keyring` which lists the primary keys in use per dc. That way an operator can tell when a key was successfully setup as primary key. Based on https://github.com/hashicorp/serf/pull/611 to add primary key to list keyring output: ```json [ { "WAN": true, "Datacenter": "dc2", "Segment": "", "Keys": { "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 6, "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 6 }, "PrimaryKeys": { "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 6 }, "NumNodes": 6 }, { "WAN": false, "Datacenter": "dc2", "Segment": "", "Keys": { "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 8, "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8 }, "PrimaryKeys": { "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8 }, "NumNodes": 8 }, { "WAN": false, "Datacenter": "dc1", "Segment": "", "Keys": { "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 3, "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8 }, "PrimaryKeys": { "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8 }, "NumNodes": 8 } ] ``` I intentionally did not change the CLI output because I didn't find a good way of displaying this information. There are a couple of options that we could implement later: * add a flag to show the primary keys * add a flag to show json output Fixes #3393. |
||
---|---|---|
.. | ||
watch | ||
.golangci.yml | ||
README.md | ||
acl.go | ||
acl_test.go | ||
agent.go | ||
agent_test.go | ||
api.go | ||
api_test.go | ||
catalog.go | ||
catalog_test.go | ||
config_entry.go | ||
config_entry_discoverychain.go | ||
config_entry_discoverychain_test.go | ||
config_entry_gateways.go | ||
config_entry_gateways_test.go | ||
config_entry_test.go | ||
connect.go | ||
connect_ca.go | ||
connect_ca_test.go | ||
connect_intention.go | ||
connect_intention_test.go | ||
coordinate.go | ||
coordinate_test.go | ||
debug.go | ||
debug_test.go | ||
discovery_chain.go | ||
discovery_chain_test.go | ||
event.go | ||
event_test.go | ||
go.mod | ||
go.sum | ||
health.go | ||
health_test.go | ||
kv.go | ||
kv_test.go | ||
lock.go | ||
lock_test.go | ||
namespace.go | ||
namespace_test.go | ||
operator.go | ||
operator_area.go | ||
operator_autopilot.go | ||
operator_autopilot_test.go | ||
operator_keyring.go | ||
operator_keyring_test.go | ||
operator_license.go | ||
operator_raft.go | ||
operator_raft_test.go | ||
operator_segment.go | ||
oss_test.go | ||
prepared_query.go | ||
prepared_query_test.go | ||
raw.go | ||
semaphore.go | ||
semaphore_test.go | ||
session.go | ||
session_test.go | ||
snapshot.go | ||
snapshot_test.go | ||
status.go | ||
status_test.go | ||
txn.go | ||
txn_test.go |
README.md
Consul API client
This package provides the api
package which attempts to
provide programmatic access to the full Consul API.
Currently, all of the Consul APIs included in version 0.6.0 are supported.
Documentation
The full documentation is available on Godoc
Usage
Below is an example of using the Consul client:
package main
import "github.com/hashicorp/consul/api"
import "fmt"
func main() {
// Get a new client
client, err := api.NewClient(api.DefaultConfig())
if err != nil {
panic(err)
}
// Get a handle to the KV API
kv := client.KV()
// PUT a new KV pair
p := &api.KVPair{Key: "REDIS_MAXCLIENTS", Value: []byte("1000")}
_, err = kv.Put(p, nil)
if err != nil {
panic(err)
}
// Lookup the pair
pair, _, err := kv.Get("REDIS_MAXCLIENTS", nil)
if err != nil {
panic(err)
}
fmt.Printf("KV: %v %s\n", pair.Key, pair.Value)
}
To run this example, start a Consul server:
consul agent -dev
Copy the code above into a file such as main.go
.
Install and run. You'll see a key (REDIS_MAXCLIENTS
) and value (1000
) printed.
$ go get
$ go run main.go
KV: REDIS_MAXCLIENTS 1000
After running the code, you can also view the values in the Consul UI on your local machine at http://localhost:8500/ui/dc1/kv