Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VAULT-9883: Agent Reloadable Config #18638

Merged
merged 21 commits into from
Jan 10, 2023
Merged

VAULT-9883: Agent Reloadable Config #18638

merged 21 commits into from
Jan 10, 2023

Conversation

peteski22
Copy link
Contributor

@peteski22 peteski22 commented Jan 9, 2023
edited

This PR allows Vault agent to receive and react to a SIGHUP signal to reload parts of its configuration without requiring a restart.

This should bring some level of parity between Vault server and agent commands, as server already supports processing of SIGHUP.

Initially the two things which can be reloaded are:

  • Log level
  • TLS/certs on listeners

SIGHUP will cause Vault Agent to re-process config file(s) and apply log level from config.
Note: this means that CLI flags and/or environment variables for config values which are reloaded, will be ignored in favour of the configuration file. This is in opposition to the order of precedence usually applied:

cli flag > env var > config file

Resolves: #8216

@peteski22 peteski22 added enhancement core Issues and Pull-Requests specific to Vault Core agent core/config command labels Jan 9, 2023
@peteski22 peteski22 added this to the 1.13.0-rc1 milestone Jan 9, 2023
@peteski22 peteski22 marked this pull request as ready for review January 10, 2023 11:32
ncabatoff
ncabatoff reviewed Jan 10, 2023
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
VioletHynes
VioletHynes reviewed Jan 10, 2023
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
VioletHynes
VioletHynes reviewed Jan 10, 2023
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
VioletHynes
VioletHynes reviewed Jan 10, 2023
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
ncabatoff
ncabatoff reviewed Jan 10, 2023
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
ncabatoff
ncabatoff reviewed Jan 10, 2023
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
ncabatoff
ncabatoff reviewed Jan 10, 2023
View reviewed changes
command/agent.go Outdated Show resolved Hide resolved
@peteski22 peteski22 merged commit 1fca38a into main Jan 10, 2023
@peteski22 peteski22 deleted the VAULT-9883-agent-reloadable-config branch January 10, 2023 17:45
AnPucel pushed a commit that referenced this pull request Jan 14, 2023
@peteski22 @AnPucel
VAULT-9883: Agent Reloadable Config (#18638)
0572f73 
* Update command/agent.go
* Attempt to only reload log level and certs
* Mimicked 'server' test for cert reload in 'agent'

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Left out the `c.config` tweak that meant changes to lots of lines of code within the `Run` function of Agent command. :)
AnPucel pushed a commit that referenced this pull request Feb 3, 2023
@peteski22 @AnPucel
VAULT-9883: Agent Reloadable Config (#18638)
5490c58 
* Update command/agent.go
* Attempt to only reload log level and certs
* Mimicked 'server' test for cert reload in 'agent'

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Left out the `c.config` tweak that meant changes to lots of lines of code within the `Run` function of Agent command. :)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@raskchanky raskchanky raskchanky left review comments

@VioletHynes VioletHynes VioletHynes approved these changes

@ncabatoff ncabatoff ncabatoff left review comments

@tjperry07 tjperry07 Awaiting requested review from tjperry07

Assignees
No one assigned
Labels
agent command core/config core Issues and Pull-Requests specific to Vault Core enhancement
Projects
None yet
Milestone
1.13.0-rc1
Development

Successfully merging this pull request may close these issues.

Vault Agent doesn't honor SIGHUP Signal
4 participants
@peteski22 @raskchanky @VioletHynes @ncabatoff