git2consul icon indicating copy to clipboard operation
git2consul copied to clipboard
verified publisher icon breser

Consider local configuration

Open calvn opened this issue 9 years ago • 4 comments

Currently git2consul pushes it's configuration (if one is passed) to the Consul KV before pulling and using it. However, this doesn't really buy us anything and can potentially introduce race conditions.

One such case is with multiple instances of git2consul running. If git2consul is running as a service on multiple machines (or containers) and has a config-file passed in as well as halt_on_change enabled, it will go into a perpetual restart cycle. Every time the service starts, it will push the config to the KV and trigger halt_on_change on the other running git2consul service(s), which in turn will restart, push the config, and trigger restarts on its sister services.

Another example is with the logger configuration. When git2consul first starts and there is no config seeded yet, the process doesn't use the logging config provided by the user until after it's seeded and read #L79. This means that logging output before config_reader.read()'s callback (e.g. config_reader.read() itself and config_seeder.set()) is done with the default logger configuration.

Moving the config to be read locally removes complexity, eliminates potential race conditions, and makes it clearer what configuration a running git2consul service is using (though this can be addressed in today's version with halt_on_change but introduces other issues).

Dynamic configuration (i.e. updating configuration without re-deploying) can still be done with tools like consul-template. The decision of using the KV for dynamic git2consul configuration was done before such tool became available.

calvn avatar Apr 11 '16 16:04 calvn

+1 on this.. if anything the configuration should be located in the source data (git) vs transient (consul).

skyscooby avatar Apr 17 '16 13:04 skyscooby

is it currently possible to have the config locally and have it not be loaded to the consul KV?

paperpunk avatar Nov 16 '16 04:11 paperpunk

+1, due to ACL I can only write to /prefix/* and as such the default /git2consul/config is not available. (--config-key is supposed to help here, but seems to not work correctly, always returns Config value is not valid JSON: undefined.)

ghost avatar Nov 09 '17 12:11 ghost

my reason for not pushing config to the K/V store: security issue with use of a private repo?

{
  "version": "1.0",
  "repos" : [{
    "name" : "myname",
    "expand_keys" : true,
    "expand_keys_diff" : true,
    "url" : "http://username:[email protected]",
    "ignore_repo_name" : true,
    "ignore_file_extension" : true,
    "include_branch_name" : false,
    "branches" : ["mybranch"],
    "hooks": [{
      "type" : "polling",
      "interval" : "1"
    }]
  }]
}

BobVanB avatar Nov 14 '17 13:11 BobVanB