[GitHub] dneuman64 closed pull request #3065: Add Traffic Vault Utility for listing contents

[GitBox <gi...@apache.org>]

dneuman64 closed pull request #3065: Add Traffic Vault Utility for listing contents
URL: https://github.com/apache/trafficcontrol/pull/3065
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/docs/source/tools/index.rst b/docs/source/tools/index.rst
index b58bbe664..6ef79a819 100644
--- a/docs/source/tools/index.rst
+++ b/docs/source/tools/index.rst
@@ -24,3 +24,5 @@ This is a living list of tools used to interact with, test, and develop for the
 	:maxdepth: 2
 
 	compare
+	traffic_vault_util
+	
diff --git a/docs/source/tools/traffic_vault_util.rst b/docs/source/tools/traffic_vault_util.rst
new file mode 100644
index 000000000..23b1c443d
--- /dev/null
+++ b/docs/source/tools/traffic_vault_util.rst
@@ -0,0 +1,40 @@
+..
+..
+.. Licensed under the Apache License, Version 2.0 (the "License");
+.. you may not use this file except in compliance with the License.
+.. You may obtain a copy of the License at
+..
+..     http://www.apache.org/licenses/LICENSE-2.0
+..
+.. Unless required by applicable law or agreed to in writing, software
+.. distributed under the License is distributed on an "AS IS" BASIS,
+.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+.. See the License for the specific language governing permissions and
+.. limitations under the License.
+..
+
+.. _traffic_vault_util:
+
+******************
+Traffic Vault Util
+******************
+The ``traffic_vault_util`` tool is used to view and modify the contents of a :ref:`Traffic Vault` (i.e. Riak) cluster. The tool contains basic list_* operations to display the buckets, keys and values stored within TV.
+
+``traffic_vault_util`` also has a small converter utility to perform a one-off conversion of key formats within the SSL bucket. This conversion is useful when moving from an older version of Traffic Ops to the current version. In the older version, SSL records were indexed by Delivery Service database ID. Currently, SSL records are indexed by Delivery Service XML ID. 
+
+Usage
+=====
+Usage of ./traffic_vault_util:
+  -dry_run
+    	Do not perform writes
+  -vault_action string
+    	Action: list_buckets|list_keys|list_values|convert_ssl_to_xmlid
+  -vault_ip string
+    	IP/Hostname of Vault
+  -vault_password string
+    	Riak Password
+  -vault_port uint
+    	Protobuffers port of Vault (default 8087)
+  -vault_user string
+    	Riak Username
+
diff --git a/tools/traffic_vault_util.go b/tools/traffic_vault_util.go
new file mode 100644
index 000000000..5f4de30a1
--- /dev/null
+++ b/tools/traffic_vault_util.go
@@ -0,0 +1,276 @@
+package main
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"flag"
+	"fmt"
+	riak "github.com/basho/riak-go-client"
+	"log"
+	"os"
+	"strings"
+)
+
+var vault_ip string
+var vault_port uint
+var vault_user string
+var vault_pass string
+var vault_action string
+var dry_run bool
+
+func connectToRiak(vault_ip string, vault_port uint) *riak.Cluster {
+	tlsConfig := tls.Config{
+		InsecureSkipVerify: true,
+	}
+
+	authOptions := riak.AuthOptions{
+		User:      vault_user,
+		Password:  vault_pass,
+		TlsConfig: &tlsConfig,
+	}
+
+	vaultAddr := fmt.Sprintf("%s:%d", vault_ip, vault_port)
+	nodeOpts := &riak.NodeOptions{
+		RemoteAddress: vaultAddr,
+		AuthOptions:   &authOptions,
+	}
+
+	log.Printf("Connecting to %s", vaultAddr)
+	var node *riak.Node
+	var err error
+	if node, err = riak.NewNode(nodeOpts); err != nil {
+		log.Fatal(err.Error())
+	}
+
+	nodes := []*riak.Node{node}
+	opts := &riak.ClusterOptions{
+		Nodes: nodes,
+	}
+
+	cluster, err := riak.NewCluster(opts)
+	if err != nil {
+		log.Fatal(err.Error())
+	}
+
+	if err := cluster.Start(); err != nil {
+		log.Fatal(err.Error())
+	}
+
+	return cluster
+}
+
+func listBuckets(cluster *riak.Cluster) []string {
+	log.Print("Listing Riak buckets")
+	cmd, err := riak.NewListBucketsCommandBuilder().
+		WithAllowListing().
+		Build()
+	if err != nil {
+		log.Fatal(err.Error())
+	}
+
+	if err := cluster.Execute(cmd); err != nil {
+		log.Fatal(err)
+	}
+
+	lbc := cmd.(*riak.ListBucketsCommand)
+	rsp := lbc.Response
+	return rsp.Buckets
+}
+
+func listKeys(cluster *riak.Cluster, bucket string) []string {
+	cmd, err := riak.NewListKeysCommandBuilder().
+		WithAllowListing().
+		WithBucket(bucket).
+		Build()
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	if err := cluster.Execute(cmd); err != nil {
+		log.Fatal(err)
+	}
+
+	lkc := cmd.(*riak.ListKeysCommand)
+	rsp := lkc.Response
+	return rsp.Keys
+}
+
+func getValue(cluster *riak.Cluster, bucket string, key string) ([]byte, bool) {
+	cmd, err := riak.NewFetchValueCommandBuilder().
+		WithBucket(bucket).
+		WithKey(key).
+		Build()
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	if err := cluster.Execute(cmd); err != nil {
+		log.Fatal(err)
+	}
+
+	fvc := cmd.(*riak.FetchValueCommand)
+	rsp := fvc.Response
+
+	if rsp.IsNotFound {
+		log.Print("ERROR Key not found: ", bucket, ":", key)
+		return nil, false
+	}
+
+	return rsp.Values[0].Value, true
+
+}
+
+type SSLRecord struct {
+	Country string `json:"country"`
+	Cdn     string `json:"cdn"`
+	XmlId   string `json:"deliveryservice"`
+	Org     string `json:"org"`
+}
+
+// Converts Riak keys of form "ds_<id#>-<version>" to new form "<xmlid>-<version>"
+func convertSSLToXmlID(cluster *riak.Cluster) {
+	bucket := "ssl"
+	keys := listKeys(cluster, bucket)
+
+	stagedRecords := make([]riak.Object, 0)
+
+	allFound := true
+	for _, key := range keys {
+		value, found := getValue(cluster, bucket, key)
+		if found {
+			log.Printf("[Read Record] Bucket: %s, Key: %s, Value: %s...", bucket, key, value[0:75])
+			if !strings.HasPrefix(key, "ds") {
+				continue
+			}
+
+			splitKey := strings.Split(key, "-")
+			version := splitKey[len(splitKey)-1]
+
+			sslRecord := SSLRecord{}
+			json.Unmarshal(value, &sslRecord)
+
+			newKey := fmt.Sprintf("%s-%s", sslRecord.XmlId, version)
+
+			newObj := riak.Object{Bucket: bucket,
+				Key:         newKey,
+				ContentType: "application/json",
+				Value:       value}
+
+			stagedRecords = append(stagedRecords, newObj)
+
+		} else {
+			allFound = false
+		}
+	}
+
+	if !allFound {
+		log.Print("Some keys are missing, please correct and retry. Exiting!")
+		os.Exit(1)
+	}
+
+	log.Print("Inserting new renamed records")
+	for _, record := range stagedRecords {
+		cmd, err := riak.NewStoreValueCommandBuilder().
+			WithContent(&record).
+			Build()
+		if err != nil {
+			log.Fatal(err.Error())
+		}
+		log.Printf("[Write Record] Bucket: %s, Key: %s, Value: %s...",
+			record.Bucket, record.Key, string(record.Value)[0:75])
+
+		if dry_run {
+			continue
+		}
+
+		if err := cluster.Execute(cmd); err != nil {
+			log.Fatal(err.Error())
+		}
+	}
+}
+
+func init() {
+	flag.StringVar(&vault_ip, "vault_ip", "", "IP/Hostname of Vault")
+	flag.UintVar(&vault_port, "vault_port", 8087, "Protobuffers port of Vault")
+	flag.StringVar(&vault_user, "vault_user", "", "Riak Username")
+	flag.StringVar(&vault_pass, "vault_password", "", "Riak Password")
+	flag.StringVar(&vault_action, "vault_action", "", "Action: list_buckets|list_keys|list_values|convert_ssl_to_xmlid")
+	flag.BoolVar(&dry_run, "dry_run", false, "Do not perform writes")
+}
+
+func main() {
+	log.Print("Traffic Control Traffic Vault Util")
+	flag.Parse()
+
+	if dry_run {
+		log.Print("---- DRY RUN --- ")
+	}
+
+	if vault_ip == "" {
+		log.Fatal("Must provide Traffic Vault IP or host")
+	}
+
+	cluster := connectToRiak(vault_ip, vault_port)
+	defer func() {
+		if err := cluster.Stop(); err != nil {
+			log.Fatal(err.Error())
+		}
+	}()
+
+	switch vault_action {
+	case "list_buckets":
+		buckets := listBuckets(cluster)
+		log.Print("Buckets: ", buckets)
+
+	case "list_keys":
+		buckets := listBuckets(cluster)
+		for _, bucket := range buckets {
+			keys := listKeys(cluster, bucket)
+			for _, key := range keys {
+				log.Printf("Bucket: %s, Key: %s", bucket, key)
+			}
+		}
+
+	case "list_values":
+		buckets := listBuckets(cluster)
+		for _, bucket := range buckets {
+			keys := listKeys(cluster, bucket)
+			for _, key := range keys {
+				value, found := getValue(cluster, bucket, key)
+				if found {
+					log.Printf("Bucket: %s, Key: %s, Value: %s", bucket, key, string(value))
+				} else {
+					log.Printf("Bucket: %s, Key: %s, NOT FOUND", bucket, key)
+				}
+			}
+		}
+
+	case "convert_ssl_to_xmlid":
+		convertSSLToXmlID(cluster)
+
+	default:
+		log.Print("Unknown vault_action: ", vault_action)
+		log.Print("Allowed actions: list_buckets|list_keys|list_values|convert_ssl_to_xmlid")
+		os.Exit(1)
+
+	}
+}


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services