From 00e4aa8181a0c9765e8b6de51266195e46c8be0f Mon Sep 17 00:00:00 2001
From: Calvin Leung Huang <cleung2010@gmail.com>
Date: Mon, 20 Apr 2020 15:01:01 -0700
Subject: [PATCH 1/5] raft: check for nil on concrete type in SetupCluster

---
 physical/raft/raft.go | 2 +-
 vault/cluster.go      | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/physical/raft/raft.go b/physical/raft/raft.go
index 97d5c4544fb4..89cb258a2014 100644
--- a/physical/raft/raft.go
+++ b/physical/raft/raft.go
@@ -499,7 +499,7 @@ func (b *RaftBackend) SetupCluster(ctx context.Context, opts SetupOpts) error {
 		_, b.raftTransport = raft.NewInmemTransportWithTimeout(raft.ServerAddress(b.localID), time.Second)
 	case opts.TLSKeyring == nil:
 		return errors.New("no keyring provided")
-	case opts.ClusterListener == nil:
+	case opts.ClusterListener == nil || opts.ClusterListener.(*cluster.Listener) == nil:
 		return errors.New("no cluster listener provided")
 	default:
 		// Set the local address and localID in the streaming layer and the raft config.
diff --git a/vault/cluster.go b/vault/cluster.go
index e9bc2bb10eda..c674dda80b07 100644
--- a/vault/cluster.go
+++ b/vault/cluster.go
@@ -344,8 +344,7 @@ func (c *Core) stopClusterListener() {
 	c.logger.Info("stopping cluster listeners")
 
 	clusterListener.Stop()
-	var nilCL *cluster.Listener
-	c.clusterListener.Store(nilCL)
+	c.clusterListener.Store((*cluster.Listener)(nil))
 
 	c.logger.Info("cluster listeners successfully shut down")
 }

From bbe0238e246dff556f7e577b7223eb8ed9d6b5e4 Mon Sep 17 00:00:00 2001
From: Calvin Leung Huang <cleung2010@gmail.com>
Date: Mon, 20 Apr 2020 15:29:38 -0700
Subject: [PATCH 2/5] raft: move check to its own func

---
 physical/raft/raft.go | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/physical/raft/raft.go b/physical/raft/raft.go
index 89cb258a2014..fc0774531433 100644
--- a/physical/raft/raft.go
+++ b/physical/raft/raft.go
@@ -491,15 +491,31 @@ func (b *RaftBackend) SetupCluster(ctx context.Context, opts SetupOpts) error {
 		return err
 	}
 
+	listenerIsNil := func(cl cluster.ClusterHook) bool {
+		switch {
+		case opts.ClusterListener == nil:
+			return true
+		default:
+			// Concrete type checks
+			switch cl.(type) {
+			case *cluster.Listener:
+				if cl.(*cluster.Listener) == nil {
+					return true
+				}
+			}
+		}
+		return false
+	}
+
 	switch {
-	case opts.TLSKeyring == nil && opts.ClusterListener == nil:
+	case opts.TLSKeyring == nil && listenerIsNil(opts.ClusterListener):
 		// If we don't have a provided network we use an in-memory one.
 		// This allows us to bootstrap a node without bringing up a cluster
 		// network. This will be true during bootstrap, tests and dev modes.
 		_, b.raftTransport = raft.NewInmemTransportWithTimeout(raft.ServerAddress(b.localID), time.Second)
 	case opts.TLSKeyring == nil:
 		return errors.New("no keyring provided")
-	case opts.ClusterListener == nil || opts.ClusterListener.(*cluster.Listener) == nil:
+	case listenerIsNil(opts.ClusterListener):
 		return errors.New("no cluster listener provided")
 	default:
 		// Set the local address and localID in the streaming layer and the raft config.

From f7563a8fa1a54aaaea131c3d8af1daec84754131 Mon Sep 17 00:00:00 2001
From: Calvin Leung Huang <cleung2010@gmail.com>
Date: Mon, 20 Apr 2020 15:32:46 -0700
Subject: [PATCH 3/5] raft: func cleanup

---
 physical/raft/raft.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/physical/raft/raft.go b/physical/raft/raft.go
index fc0774531433..75f9fde8ab39 100644
--- a/physical/raft/raft.go
+++ b/physical/raft/raft.go
@@ -499,9 +499,7 @@ func (b *RaftBackend) SetupCluster(ctx context.Context, opts SetupOpts) error {
 			// Concrete type checks
 			switch cl.(type) {
 			case *cluster.Listener:
-				if cl.(*cluster.Listener) == nil {
-					return true
-				}
+				return cl.(*cluster.Listener) == nil
 			}
 		}
 		return false

From c6880a82c2e67b749dc629029c51e3ca565371b0 Mon Sep 17 00:00:00 2001
From: Calvin Leung Huang <cleung2010@gmail.com>
Date: Mon, 20 Apr 2020 16:15:59 -0700
Subject: [PATCH 4/5] raft: disallow disable_clustering = true when raft
 storage is used

---
 command/server.go | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/command/server.go b/command/server.go
index 7a27b3da98db..8494ec5e8c10 100644
--- a/command/server.go
+++ b/command/server.go
@@ -1152,7 +1152,7 @@ func (c *ServerCommand) Run(args []string) int {
 		// TODO: Remove when Raft can server as the ha_storage backend.
 		// See https://github.com/hashicorp/vault/issues/8206
 		if config.HAStorage.Type == "raft" {
-			c.UI.Error("Raft cannot be used as seperate HA storage at this time")
+			c.UI.Error("Raft cannot be used as separate HA storage at this time")
 			return 1
 		}
 		factory, exists := c.PhysicalBackends[config.HAStorage.Type]
@@ -1180,6 +1180,9 @@ func (c *ServerCommand) Run(args []string) int {
 		}
 
 		coreConfig.RedirectAddr = config.HAStorage.RedirectAddr
+
+		// TODO: Check for raft and disableClustering case when Raft on HA
+		//       Storage support is added.
 		disableClustering = config.HAStorage.DisableClustering
 		if !disableClustering {
 			coreConfig.ClusterAddr = config.HAStorage.ClusterAddr
@@ -1188,6 +1191,12 @@ func (c *ServerCommand) Run(args []string) int {
 		if coreConfig.HAPhysical, ok = backend.(physical.HABackend); ok {
 			coreConfig.RedirectAddr = config.Storage.RedirectAddr
 			disableClustering = config.Storage.DisableClustering
+
+			if config.Storage.Type == "raft" && disableClustering {
+				c.UI.Error("Disable clustering cannot be set to true when Raft is the storage type")
+				return 1
+			}
+
 			if !disableClustering {
 				coreConfig.ClusterAddr = config.Storage.ClusterAddr
 			}

From 9296e97b13a085be50df209ef68b073eb2640d25 Mon Sep 17 00:00:00 2001
From: Calvin Leung Huang <cleung2010@gmail.com>
Date: Mon, 20 Apr 2020 16:19:05 -0700
Subject: [PATCH 5/5] docs: update disable_clustering to mention new behavior

---
 website/pages/docs/configuration/index.mdx | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/website/pages/docs/configuration/index.mdx b/website/pages/docs/configuration/index.mdx
index bd04b37e9a3d..58efb8fa6b01 100644
--- a/website/pages/docs/configuration/index.mdx
+++ b/website/pages/docs/configuration/index.mdx
@@ -157,7 +157,8 @@ The following parameters are used on backends that support [high availability][h
 
 - `disable_clustering` `(bool: false)` – Specifies whether clustering features
   such as request forwarding are enabled. Setting this to true on one Vault node
-  will disable these features _only when that node is the active node_.
+  will disable these features _only when that node is the active node_. This
+  parameter cannot be set to `true` if `raft` is the storage type.
 
 ### Vault Enterprise Parameters