consul/api
Hans Hasselberg a932aafc91
add primary keys to list keyring (#8522)
During gossip encryption key rotation it would be nice to be able to see if all nodes are using the same key. This PR adds another field to the json response from `GET v1/operator/keyring` which lists the primary keys in use per dc. That way an operator can tell when a key was successfully setup as primary key.

Based on https://github.com/hashicorp/serf/pull/611 to add primary key to list keyring output:

```json
[
  {
    "WAN": true,
    "Datacenter": "dc2",
    "Segment": "",
    "Keys": {
      "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 6,
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 6
    },
    "PrimaryKeys": {
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 6
    },
    "NumNodes": 6
  },
  {
    "WAN": false,
    "Datacenter": "dc2",
    "Segment": "",
    "Keys": {
      "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 8,
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "PrimaryKeys": {
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "NumNodes": 8
  },
  {
    "WAN": false,
    "Datacenter": "dc1",
    "Segment": "",
    "Keys": {
      "0OuM4oC3Os18OblWiBbZUaHA7Hk+tNs/6nhNYtaNduM=": 3,
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "PrimaryKeys": {
      "SINm887hKTzmMWeBNKTJReaTLX3mBEJKriDyt88Ad+g=": 8
    },
    "NumNodes": 8
  }
]
```

I intentionally did not change the CLI output because I didn't find a good way of displaying this information. There are a couple of options that we could implement later:
* add a flag to show the primary keys
* add a flag to show json output

Fixes #3393.
2020-08-18 09:50:24 +02:00
..
watch api: Use a Logger instead of an io.Writer in api.Watch 2020-08-05 13:25:08 -04:00
.golangci.yml
README.md
acl.go Update namespaces subject-verb agreement 2020-06-23 10:57:30 -06:00
acl_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
agent.go api/agent: enable setting SuccessBeforePassing and FailuresBeforeCritical in API (#7949) 2020-06-29 14:52:35 +02:00
agent_test.go testing: Remove all the defer os.Removeall 2020-08-14 19:58:53 -04:00
api.go
api_test.go testing: Remove all the defer os.Removeall 2020-08-14 19:58:53 -04:00
catalog.go Add api mod support for /catalog/gateway-services (#8278) 2020-07-10 13:01:45 -06:00
catalog_test.go Add api mod support for /catalog/gateway-services (#8278) 2020-07-10 13:01:45 -06:00
config_entry.go Add alias struct tags for new decode hook 2020-05-27 16:24:47 -04:00
config_entry_discoverychain.go Add alias struct tags for new decode hook 2020-05-27 16:24:47 -04:00
config_entry_discoverychain_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
config_entry_gateways.go Add alias struct tags for new decode hook 2020-05-27 16:24:47 -04:00
config_entry_gateways_test.go ci: enable SA4006 staticcheck check 2020-06-16 13:10:11 -04:00
config_entry_test.go Merge pull request #8034 from hashicorp/dnephin/add-linter-staticcheck-4 2020-06-17 12:16:02 -04:00
connect.go
connect_ca.go
connect_ca_test.go ci: Add staticcheck and fix most errors 2020-05-28 11:59:58 -04:00
connect_intention.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
connect_intention_test.go connect: various changes to make namespaces for intentions work more like for other subsystems (#8194) 2020-06-26 16:59:15 -05:00
coordinate.go
coordinate_test.go
debug.go
debug_test.go
discovery_chain.go
discovery_chain_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
event.go
event_test.go
go.mod api: bump consul/api to v1.6.0 and consul/sdk to v0.6.0 (#8460) 2020-08-07 17:26:05 -04:00
go.sum gossip: Avoid issue where two unique leave events for the same node could lead to infinite rebroadcast storms (#8343) 2020-07-21 15:48:10 -05:00
health.go Move ingress param to a new endpoint (#8081) 2020-06-10 13:07:15 -05:00
health_test.go Move ingress param to a new endpoint (#8081) 2020-06-10 13:07:15 -05:00
kv.go
kv_test.go ci: Enabled SA2002 staticcheck check 2020-06-05 17:50:11 -04:00
lock.go ci: enable SA4006 staticcheck check 2020-06-16 13:10:11 -04:00
lock_test.go ci: Enabled SA2002 staticcheck check 2020-06-05 17:50:11 -04:00
namespace.go
namespace_test.go Enable gofmt simplify 2020-06-16 13:21:11 -04:00
operator.go
operator_area.go
operator_autopilot.go
operator_autopilot_test.go
operator_keyring.go add primary keys to list keyring (#8522) 2020-08-18 09:50:24 +02:00
operator_keyring_test.go
operator_license.go
operator_raft.go
operator_raft_test.go
operator_segment.go
oss_test.go
prepared_query.go
prepared_query_test.go
raw.go
semaphore.go
semaphore_test.go ci: enable SA4006 staticcheck check 2020-06-16 13:10:11 -04:00
session.go
session_test.go ci: enable SA4006 staticcheck check 2020-06-16 13:10:11 -04:00
snapshot.go
snapshot_test.go
status.go api: restore Leader() and Peers() to avoid breaking function signatures (#8395) 2020-07-29 12:09:15 -04:00
status_test.go api: restore Leader() and Peers() to avoid breaking function signatures (#8395) 2020-07-29 12:09:15 -04:00
txn.go
txn_test.go

README.md

Consul API client

This package provides the api package which attempts to provide programmatic access to the full Consul API.

Currently, all of the Consul APIs included in version 0.6.0 are supported.

Documentation

The full documentation is available on Godoc

Usage

Below is an example of using the Consul client:

package main

import "github.com/hashicorp/consul/api"
import "fmt"

func main() {
	// Get a new client
	client, err := api.NewClient(api.DefaultConfig())
	if err != nil {
		panic(err)
	}

	// Get a handle to the KV API
	kv := client.KV()

	// PUT a new KV pair
	p := &api.KVPair{Key: "REDIS_MAXCLIENTS", Value: []byte("1000")}
	_, err = kv.Put(p, nil)
	if err != nil {
		panic(err)
	}

	// Lookup the pair
	pair, _, err := kv.Get("REDIS_MAXCLIENTS", nil)
	if err != nil {
		panic(err)
	}
	fmt.Printf("KV: %v %s\n", pair.Key, pair.Value)
}

To run this example, start a Consul server:

consul agent -dev

Copy the code above into a file such as main.go.

Install and run. You'll see a key (REDIS_MAXCLIENTS) and value (1000) printed.

$ go get
$ go run main.go
KV: REDIS_MAXCLIENTS 1000

After running the code, you can also view the values in the Consul UI on your local machine at http://localhost:8500/ui/dc1/kv