Aerospike storage backend #10131
Aerospike storage backend #10131
Conversation
|
|
|
@jasonodonnell , @calvn , @catsby , @Valarissa , @vishalnayak , @kalafut could you please review this PR? |
|
@reugn Thanks for the PR! Yes, we'll be reviewing this soon. |
| return nil, err | ||
| } | ||
|
|
||
| return &AerospikeBackend{ |
There was a problem hiding this comment.
Since (per the docs), set/namespace/hostname are all required, should we be validating != "" before successfully returning?
There was a problem hiding this comment.
Looks like set is optional, and both namespace and hostname now have default values so we should be good.
| return err | ||
| } | ||
|
|
||
| writePolicy := aero.NewWritePolicy(0, 0) |
There was a problem hiding this comment.
I comment or docs link that has some details about this would be helpful.
physical/aerospike/aerospike.go
Outdated
|
|
||
| record, err := a.client.Get(nil, aeroKey) | ||
| if err != nil { | ||
| if err.Error() == "Key not found" { |
There was a problem hiding this comment.
Is the compared-to error exported by chance?
physical/aerospike/aerospike.go
Outdated
|
|
||
| return &physical.Entry{ | ||
| Key: key, | ||
| Value: record.Bins[valueBin].([]byte), |
There was a problem hiding this comment.
Considering indexing against valueBin in advance so we can check for the presence of the key and error (otherwise we'll panic on nil)
physical/aerospike/aerospike.go
Outdated
| } | ||
|
|
||
| // Put is used to insert or update an entry. | ||
| func (a *AerospikeBackend) Put(ctx context.Context, entry *physical.Entry) error { |
There was a problem hiding this comment.
s/ctx/_ on these unused ctx parameters
physical/aerospike/aerospike.go
Outdated
| } | ||
| recordKey := res.Record.Bins[keyBin].(string) | ||
| if strings.HasPrefix(recordKey, prefix) { | ||
| trimPrefix := strings.Replace(recordKey, prefix, "", 1) |
There was a problem hiding this comment.
strings.TrimPrefix is a little simpler.
physical/aerospike/aerospike.go
Outdated
| keyList = append(keyList, keys[0]) | ||
| } else { | ||
| withSlash := keys[0] + "/" | ||
| if !listContains(keyList, withSlash) { |
There was a problem hiding this comment.
We have a helper you can use:
vault/sdk/helper/strutil/strutil.go
Line 26 in 8af1f3b
physical/aerospike/aerospike.go
Outdated
| } | ||
|
|
||
| func hash(s string) string { | ||
| h := fnv.New32a() |
There was a problem hiding this comment.
Any reason this was chosen in particular? 32-bits is a fairly small hash size. We'd typically use sha256 to satisfy both irreversibility and collision avoidance.
|
|
||
| # Aerospike Storage Backend | ||
|
|
||
| The Aerospike storage backend is used to persist Vault's data in |
There was a problem hiding this comment.
| The Aerospike storage backend is used to persist Vault's data in | |
| The Aerospike storage backend is used to persist Vault's data in an |
| page_title: Aerospike - Storage Backends - Configuration | ||
| sidebar_title: Aerospike | ||
| description: |- | ||
| The Aerospike storage backend is used to persist Vault's data in Aerospike |
There was a problem hiding this comment.
| The Aerospike storage backend is used to persist Vault's data in Aerospike | |
| The Aerospike storage backend is used to persist Vault's data in an Aerospike |
| @@ -0,0 +1,50 @@ | |||
| --- | |||
There was a problem hiding this comment.
Need to update the JSON to reference this new file as well:
vault/website/data/docs-navigation.js
Line 67 in f66c721
physical/aerospike/aerospike.go
Outdated
| policy.User = conf["username"] | ||
| policy.Password = conf["password"] | ||
|
|
||
| port, err := strconv.Atoi(conf["port"]) |
There was a problem hiding this comment.
If port is not provided, the error returned does not make it obvious that this is the case. Consider checking the value beforehand separately.
strconv.Atoi: parsing "": invalid syntax
physical/aerospike/aerospike_test.go
Outdated
| ContainerName: "aerospikedb", | ||
| ImageTag: "latest", | ||
| Ports: []string{"3000/tcp", "3001/tcp", "3002/tcp", "3003/tcp"}, | ||
| DoNotAutoRemove: true, |
There was a problem hiding this comment.
Is this strictly necessary? This leaves dangling containers on the host, and may result in errors if tests are ran multiple times due to colliding container name.
go.mod
Outdated
| @@ -17,6 +17,7 @@ require ( | |||
| github.com/SAP/go-hdb v0.14.1 | |||
| github.com/Sectorbob/mlab-ns2 v0.0.0-20171030222938-d3aa0c295a8a | |||
| github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d // indirect | |||
| github.com/aerospike/aerospike-client-go v3.1.0+incompatible | |||
There was a problem hiding this comment.
I'm a bit curious as to why this particular pseudo-version was chosen since v3.1.1 is available.
There was a problem hiding this comment.
Interesting, the +incompatible label is actually how go/mod sees the release: https://pkg.go.dev/github.com/aerospike/[email protected]+incompatible?tab=versions
Since v3.1.1+incompatible has been released, we should consider bumping it to that version (unless there's a particular reason not to)
physical/aerospike/aerospike.go
Outdated
|
|
||
| defaultNamespace = "test" | ||
|
|
||
| defaultHost = "127.0.0.1" |
There was a problem hiding this comment.
Nit: Since this is assigned as the default hostname, can we rename this to defaultHostname?
|
|
||
| - `auth_mode` `(string: "INTERNAL")` - Specifies the authentication mode when user/password is defined (INTERNAL/EXTERNAL). | ||
|
|
||
| - `timeout` `(int: 30000)` - Initial host connection timeout duration in milliseconds. |
There was a problem hiding this comment.
Where does the timeout and idle_timeout values come from?
go.mod
Outdated
| @@ -17,6 +17,7 @@ require ( | |||
| github.com/SAP/go-hdb v0.14.1 | |||
| github.com/Sectorbob/mlab-ns2 v0.0.0-20171030222938-d3aa0c295a8a | |||
| github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d // indirect | |||
| github.com/aerospike/aerospike-client-go v3.1.0+incompatible | |||
There was a problem hiding this comment.
Interesting, the +incompatible label is actually how go/mod sees the release: https://pkg.go.dev/github.com/aerospike/[email protected]+incompatible?tab=versions
Since v3.1.1+incompatible has been released, we should consider bumping it to that version (unless there's a particular reason not to)
| return nil, err | ||
| } | ||
|
|
||
| return &AerospikeBackend{ |
There was a problem hiding this comment.
Looks like set is optional, and both namespace and hostname now have default values so we should be good.
reugn
force-pushed
the
aerospike_backend
branch
from
263443e to
e234700
Compare
|
@calvn for some reason, it doesn't pass the |
|
Can you give v3.1.1 another try? The failure seems to be from a non-related test: There also seems to be a conflict with go.sum since your latest push. It's looking ready though! |
reugn
force-pushed
the
aerospike_backend
branch
from
ae3b7a0 to
e234700
Compare
|
Still failed. |
|
Looks like that's a known flaky test. I'm kicking off CI again to see if we can get a passing run. |
|
@reugn can you merge master into this PR to get the latest set of changes and ensure that things are still working? Some of the flakiness and test failures might have already been addressed on master. |
# Conflicts: # go.sum
|
Can you move the docs page to |
This adds support for Aerospike as a (non-HA) storage backend for Vault.