Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Serf keyring operations write to disk in Consul dev mode #2630

Closed
highlyunavailable opened this issue Jan 4, 2017 · 2 comments
Closed

Serf keyring operations write to disk in Consul dev mode #2630

highlyunavailable opened this issue Jan 4, 2017 · 2 comments
Labels
theme/internal-cleanup Used to identify tech debt, testing improvements, code refactoring, and non-impactful optimization type/bug Feature does not function as expected

Comments

@highlyunavailable
Copy link
Contributor

Server version: Consul v0.7.2
Client version: N/A

Operating system and Environment details

Windows 8.1, development done locally

Description of the Issue (and unexpected/desired result)

I ran into the following issue while implementing the /v1/operator/keyring API for my Consul.NET API - it seems that using the serf keyring calls in dev mode writes to the disk, which breaks testing in new and fun ways.

Expected result: Restarting the server in dev mode deletes all encryption keys except that which is specified in the config file.

Actual result: Serf writes installed encryption keys to a local directory which is preserved in dev mode.

Reproduction steps

I'm running Consul as follows: consul.exe agent -dev -config-file test_config.json and test_config.json contains the following:

{
    "log_level": "TRACE",
    "bind_addr": "127.0.0.1",
    "server": true,
    "bootstrap": true,
    "acl_datacenter": "dc1",
    "acl_master_token": "yep",
    "acl_default_policy": "allow",
    "encrypt": "OSvH5y8K4Lc9qaof5YUpwg=="
}

If I start Consul with the command above and in another prompt run consul.exe keyring -list, I get, as expected:

==> Gathering installed encryption keys...
==> Done!

WAN:
  OSvH5y8K4Lc9qaof5YUpwg== [1/1]

dc1 (LAN):
  OSvH5y8K4Lc9qaof5YUpwg== [1/1]

If I add another one, e.g. consul.exe keyring -install 7a9OTTuJHbTdatQ/pRlw2g== I get, as expected:

==> Installing new gossip encryption key...
==> Done!

However, this creates a ./serf directory with local.keyring and remote.keyring in it.

If I restart the server, which, as a reminder is in Dev mode so it doesn't write to disk or keep state, and then do consul.exe keyring -list I get:

==> Gathering installed encryption keys...
==> Done!

WAN:
  OSvH5y8K4Lc9qaof5YUpwg== [1/1]
  7a9OTTuJHbTdatQ/pRlw2g== [1/1]

dc1 (LAN):
  OSvH5y8K4Lc9qaof5YUpwg== [1/1]
  7a9OTTuJHbTdatQ/pRlw2g== [1/1]
@slackpad slackpad added the type/bug Feature does not function as expected label Jan 6, 2017
@slackpad slackpad added this to the 0.7.4 milestone Jan 6, 2017
@mckennajones
Copy link
Contributor

@slackpad Since dev mode is not supposed to write to disk at all, should the keyring -install command even be supported in dev mode?

@slackpad
Copy link
Contributor

slackpad commented Feb 8, 2017

Yeah that should probably just fail outright in dev mode.

@pmalmgren pmalmgren mentioned this issue Mar 2, 2017
Closed
@slackpad slackpad removed this from the Triaged milestone Apr 18, 2017
@slackpad slackpad added theme/operator-usability Replaces UX. Anything related to making things easier for the practitioner theme/internal-cleanup Used to identify tech debt, testing improvements, code refactoring, and non-impactful optimization and removed theme/operator-usability Replaces UX. Anything related to making things easier for the practitioner labels May 25, 2017
This was referenced Jun 13, 2017
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
theme/internal-cleanup Used to identify tech debt, testing improvements, code refactoring, and non-impactful optimization type/bug Feature does not function as expected
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@slackpad @kyhavlov @highlyunavailable @mckennajones