Commit Graph

1270 Commits

Author SHA1 Message Date
James Phillips 01b6766099
Adds complete ACL support for agent utility endpoints. 2016-12-14 11:12:55 -08:00
James Phillips ca7a243b70
Adds ACL management support to the agent. 2016-12-14 07:07:41 -08:00
James Phillips 34da7ccd64
Adds a unit test to make sure the status endpoint doesn't ever show anything
with "token" in the name.
2016-12-14 07:07:41 -08:00
James Phillips 8b67991ef7
Adds complete ACL coverage for /v1/session endpoints. 2016-12-12 21:59:22 -08:00
James Phillips bcf1ffad99
Adds complete ACL coverage for /v1/coordinate/nodes and Coordinate.Update RPC. 2016-12-12 14:52:27 -08:00
James Phillips 0139bbb963
Adds support for a new "acl_agent_token" which is used for internal
catalog operations.
2016-12-12 14:52:27 -08:00
James Phillips 0ed6b1bb18
Bans anonymous queries that aren't tied to a session.
This gets us coverage of PQ creation under the existing service
policy or the soon-to-be-added session policy.
2016-12-12 14:52:27 -08:00
James Phillips 66b437ca33
Removes the exception for the "consul" service in the catalog. 2016-12-07 17:58:23 -08:00
Yakau Bubnou e52fd6e0af Concurrent-safe notification mock
This patch provides additional attribute to the notification mock in
order to protect an access to the internal maps from multiple
go-routines. This is required to prevent panic errors caused by
inconsistent map state.
2016-12-07 19:31:44 +03:00
Chris Marchesi 6500d1afaa command/agent: Google Compute Engine host discovery
This commit adds several command-line and config options that facilitate
host discovery through Google Compute Engine (GCE), much like the
recently added EC2 host discovery options. This should assist with
bootstrapping and joining servers within GCE when non-static addresses
are used, such as when using managed instance groups.

Documentation has also been added. It should be noted that if running
from within a GCE instance, the only option that should be necessary is
-retry-join-gce-tag-value.
2016-12-06 17:46:40 -08:00
James Phillips 8ae9e17dff
Adds an opt-in for new ACL policies and features coming in Consul 0.8. 2016-12-06 11:06:14 -08:00
Sean Chittenden 830125a8b3
Run all known addresses through go-sockaddr/template.
The following is now possible:

```
$ consul agent -dev -client="{{GetPrivateIP}}" -bind='{{GetInterfaceIP "en0"}}'
```
2016-12-02 16:35:38 +11:00
Kyle Havlovitz ead30ca62b Fix race issue in monitor endpoint test 2016-12-01 13:40:00 -05:00
James Phillips 681e7d9ebf Merge pull request #2533 from mckennajones/bug2526
Fix for KV put command
2016-11-30 21:46:04 -08:00
James Phillips c07bdb173b Merge pull request #2555 from hashicorp/pr-2497-slackpad
Updates Circonus library and adds support for custom display name and tags.
2016-11-30 21:42:01 -08:00
Kyle Havlovitz bd69c6d871 Add reload/leave http endpoints (#2516) 2016-11-30 13:29:42 -05:00
mckennajones 8b3ab100ef ignore sigpipe signals to fix journalctl issue #2404 2016-11-30 09:42:10 -08:00
mckennajones 6bc1164825 Unit test for kv_put with negative values 2016-11-29 22:29:31 -08:00
Seth Vargo 4179aacf11
Add an API method for determining the best status
Given a list of HealthChecks, this determines the "best" status for the
collective group. This is useful for nodes and services, which may have
multiple checks associated with them.
2016-11-29 18:41:46 -05:00
Kyle Havlovitz 338e36cc5d Add logWriter to agent Create() method 2016-11-28 18:36:26 -05:00
Kyle Havlovitz 124f907063 Add monitor http endpoint 2016-11-28 18:36:26 -05:00
mckennajones 40a8f13cd9 Simple check to differentiate between stdin flag or value that contains
a -
2016-11-27 12:55:14 -08:00
James Phillips dd31e47eef
Updates static assets to pick up #2340 and and #2525. 2016-11-22 17:47:50 -08:00
Kyle Havlovitz 6bd65c668b Combine keyring endpoints into one 2016-11-22 20:10:43 -05:00
Kyle Havlovitz dd3368c19e Add keyring http endpoints 2016-11-22 20:10:43 -05:00
mckennajones 8daa45c5b4 check if data-dir is actually a directory 2016-11-22 13:33:51 -08:00
James Phillips fa680bded7
Defaults to pretty JSON in dev mode. 2016-11-17 22:31:19 -08:00
James Phillips c744792fc4 Merge pull request #2238 from hasyimibhar/master
Remove duplicated environment variables
2016-11-17 16:18:02 -08:00
Benjamin Farley b78cf3de1f Operator docs update 2016-11-16 09:04:37 +00:00
James Phillips 16f8e04bfe
Revert "Updates Circonus metrics library and adds support for display name and tags."
This reverts commit bd490ec937 from #2491.
2016-11-09 16:21:02 -08:00
Kyle Havlovitz 92ce2c9e39 Use uuids in persist temp files to avoid race (#2494) 2016-11-09 15:22:53 -08:00
Kyle Havlovitz b1760b223e Improve logging when deregistering a nonexistent service (#2492)
Log a warning instead of a success message when attempting to deregister a nonexistent service. In Consul 0.8 this can be changed to giving an error outright, but for now we can keep the idempotent delete behavior.
2016-11-09 16:56:54 -05:00
matt maier bd490ec937 Updates Circonus metrics library and adds support for display name and tags.
* Update circonus-gometrics

`vendor circonus-labs/circonus-gometrics`
`vendor circonus-labs/circonus-gometrics/api`
`vendor circonus-labs/circonus-gometrics/checkmgr`
`vendor circonus-labs/circonusllhist`
`vendor hashicorp/go-retryablehttp`

* Update Circonus integration expose Check Display Name and Check Tags configuration options.

* Adds version info to docs for new Circonus options.
2016-11-09 13:26:43 -08:00
matt maier 91a8b43d5a Update Circonus integration expose Check Display Name and Check Tags configuration options. 2016-11-09 15:33:37 -05:00
James Phillips 2f341738a1 Removes stale reference to reap lock which causes a panic. (#2490) 2016-11-09 09:52:07 -08:00
James Phillips bc47511d26
Runs the static asset packaging inside the container; updates assets. 2016-11-08 15:14:08 -08:00
James Phillips 8af20ff1a5
Updates embedded static assets. 2016-11-08 14:22:39 -08:00
Kyle Havlovitz 8e621eb9c8 Set MaxStale default to 10 years and add a stale counter (#2481)
Default MaxStale to 10 years and add a counter at `consul.dns.stale_queries` that tracks when an agent serves a query that's stale by at least 5 seconds. Previously, MaxStale defaulted to 5 seconds and DNS would become unavailable after a short period of time with no leader. This new default allows DNS requests to still be served in the event of a long outage.

Fixes #2460.
2016-11-08 14:45:12 -05:00
Brian Hays 1c01b10c87 Lowercase ACL Datacenter (#2478)
* Lowercase ACL Datacenter

* move lowercasing of ACLDatacenter to command.go and add validation

* Tweaks error message about bad ACL datacenter.
2016-11-07 18:41:23 -08:00
Kyle Havlovitz 83d2f36b54 Merge pull request #2480 from hashicorp/b-atomic-writes
Atomic writes for persisting service/check state
2016-11-07 15:36:35 -05:00
Kyle Havlovitz 7a3e0f8275
Add a note about not calling sync for persistCheckState 2016-11-07 15:24:31 -05:00
Kyle Havlovitz e30b289c6f
Call fsync() for saving check/service state 2016-11-07 13:51:03 -05:00
Kyle Havlovitz e665ec87aa Add WaitForResult to some flaky tests (#2477)
This replaces some hard sleeps with testutil.WaitForResult retry
logic in some recently added tests around TLSSkipVerify in checks.
2016-11-04 21:55:55 -07:00
James Phillips 2d4fd24eaf Moves the snapshot package up one level. (#2472) 2016-11-03 21:36:25 -07:00
James Phillips 925c46f725 Moves logger setup into its own package. (#2471)
* Moves logger setup into its own package.

* Removes a stray regex mark in the test locator.
2016-11-03 21:14:56 -07:00
James Phillips 2d43dcfc0c Finishes move of datacenter into client vs. options. (#2470) 2016-11-03 14:21:02 -07:00
Kyle McCullough 73b281a27c Add setting to skip ssl certificate verification for HTTP checks (#1984)
* http check: add setting to skip ssl certificate verification

* update http check documentation

* fix typo in documentation

* Add TLSSkipVerify to agent api
2016-11-03 13:17:30 -07:00
James Phillips 233a3a101b Supports WAN and LAN Serf Bind Addresses. (#2468)
* * adding cli config and config file support for specifying the serf wan and lan bind addresses
* updating documentation for serf wan and lan options
Fixes #2007

* Cleans up some small things from #2380.

* Uses the bind default for the agent test for Serf WAN and LAN.
2016-11-03 12:58:58 -07:00
James Phillips c06a107638
Removes unnecessary clause in unit test check. 2016-11-03 12:26:48 -07:00
James Phillips 7b98ae921e Adds support for DNS recurse truncation. (#2467)
* Return message from recurse even if truncated

Signed-off-by: Evan Farrar <efarrar@pivotal.io>

* Tweaks unit test.
2016-11-03 12:21:16 -07:00
James Phillips 4b5f9115b5 Adds missing datacenter arg to API client for snapshot commands. (#2466) 2016-11-03 11:01:09 -07:00
Kyle Havlovitz 073798594d Merge pull request #2459 from hashicorp/f-aws-autodiscovery
AWS -retry-join-ec2 option
2016-11-03 13:27:23 -04:00
Kyle Havlovitz 1de39d23d1
Small tweaks to docs and syntax 2016-11-03 13:04:42 -04:00
Kyle Havlovitz 1b204eb88d Disallow -bootstrap-expect flag in dev mode (#2464) 2016-11-03 01:54:43 -04:00
James Phillips e8caf76339
Builds static assets to pick up #2456 (redux).
Built this time using the same container that the dist build uses so
it won't see a difference and fail the build.
2016-11-02 15:54:53 -07:00
Kyle Havlovitz f3efab5f84
Add support for ECS task roles as an auth mechanism 2016-11-02 18:48:15 -04:00
Kyle Havlovitz d4d6e2b482
Move EC2 discovery logic into retryJoin for robustness 2016-11-02 14:35:37 -04:00
Kyle Havlovitz 468bf736b4
Support more forms of EC2 authentication 2016-11-01 21:24:18 -04:00
Kyle Havlovitz 9c75e69f65
Add testing around EC2 discovery config 2016-11-01 18:26:15 -04:00
Kyle Havlovitz 043e6891d6
Fixed up config structure for EC2 discovery 2016-11-01 17:58:51 -04:00
Kyle Havlovitz c908121c72 Merge branch 'master' of github.com:hashicorp/consul into aws_autodiscovery 2016-11-01 11:19:52 -04:00
James Phillips 723f70ed31
Builds static assets to pick up #2456. 2016-10-31 18:20:36 -07:00
Kyle Havlovitz e1f8a41a35 Retry periodically for 60s if syslog setup fails (#2455) 2016-10-31 17:24:00 -07:00
Kyle Havlovitz 606662c502 Add snapshot inspect subcommand (#2451) 2016-10-31 19:37:27 -04:00
Kyle Havlovitz dce6702268 More flaky unit test fixes (#2449)
* More flaky unit test fixes
* Raise some test timeouts that were too low
2016-10-31 09:59:20 -07:00
Kyle Havlovitz 63534aca7e Added tests for lookups on the 'addr.consul' domain 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 84c87325ae Add a service address SRV lookup test for IPv6 2016-10-27 21:04:06 -07:00
Kyle Havlovitz f7ef84812d Fix test cases 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 2a26597769 Give the service address in SRV lookup when it differs from the node's 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 554440ab1d Resolve Consul CNAME records on external services (#2444) 2016-10-26 19:23:51 -07:00
James Phillips c01a3871c9 Adds support for snapshots and restores. (#2396)
* Updates Raft library to get new snapshot/restore API.

* Basic backup and restore working, but need some cleanup.

* Breaks out a snapshot module and adds a SHA256 integrity check.

* Adds snapshot ACL and fills in some missing comments.

* Require a consistent read for snapshots.

* Make sure snapshot works if ACLs aren't enabled.

* Adds a bit of package documentation.

* Returns an empty response from restore to avoid EOF errors.

* Adds API client support for snapshots.

* Makes internal file names match on-disk file snapshots.

* Adds DC and token coverage for snapshot API test.

* Adds missing documentation.

* Adds a unit test for the snapshot client endpoint.

* Moves the connection pool out of the client for easier testing.

* Fixes an incidental issue in the prepared query unit test.

I realized I had two servers in bootstrap mode so this wasn't a good setup.

* Adds a half close to the TCP stream and fixes panic on error.

* Adds client and endpoint tests for snapshots.

* Moves the pool back into the snapshot RPC client.

* Adds a TLS test and fixes half-closes for TLS connections.

* Tweaks some comments.

* Adds a low-level snapshot test.

This is independent of Consul so we can pull this out into a library
later if we want to.

* Cleans up snapshot and archive and completes archive tests.

* Sends a clear error for snapshot operations in dev mode.

Snapshots require the Raft snapshots to be readable, which isn't supported
in dev mode. Send a clear error instead of a deep-down Raft one.

* Adds docs for the snapshot endpoint.

* Adds a stale mode and index feedback for snapshot saves.

This gives folks a way to extract data even if the cluster has no
leader.

* Changes the internal format of a snapshot from zip to tgz.

* Pulls in Raft fix to cancel inflight before a restore.

* Pulls in new Raft restore interface.

* Adds metadata to snapshot saves and a verify function.

* Adds basic save and restore snapshot CLI commands.

* Gets rid of tarball extensions and adds restore message.

* Fixes an incidental bad link in the KV docs.

* Adds documentation for the snapshot CLI commands.

* Scuttle any request body when a snapshot is saved.

* Fixes archive unit test error message check.

* Allows for nil output writers in snapshot RPC handlers.

* Renames hash list Decode to DecodeAndVerify.

* Closes the client connection for snapshot ops.

* Lowers timeout for restore ops.

* Updates Raft vendor to get new Restore signature and integrates with Consul.

* Bounces the leader's internal state when we do a restore.
2016-10-25 19:20:24 -07:00
Kyle Havlovitz e2d9114b34 Agent anti-entropy test fixes 2016-10-25 17:48:11 -07:00
Kyle Havlovitz 3add830b3a Test fixes (#2434)
* Test fixes in health_endpoint_test.go, agent_endpoint_test.go and rtt_test.go
* Don't reuse the same agent config in TestAgent_ReconnectConfigSettings
2016-10-25 13:46:54 -07:00
James Phillips 03ae813bc7 Merge pull request #2389 from hashicorp/jbs-2019
Lower Service tag DNS warning to DEBUG for #2019
2016-10-24 17:05:02 -07:00
James Phillips 95d418d7da
Removes reap config option. 2016-10-06 21:45:18 -07:00
Brian Shumate 74a8fbef06
Lower Service tag DNS warning to DEBUG for #2019 2016-10-05 08:45:01 -04:00
Adam Wolfe Gordon 5ac5a8ccfc agent: Stop reaping child processes (resolves #1988)
The consul docker image now uses dumb-init to reap child processes, so
there's no need to reap them ourselves.
2016-10-04 09:36:41 -06:00
Seth Vargo 1898d071ce
Fix kv put flags 2016-09-26 16:13:39 -07:00
Seth Vargo d0ac899f79
Fix up kv put help output 2016-09-26 16:11:23 -07:00
Seth Vargo f9a7be9315
Remove debugging code 2016-09-26 16:09:35 -07:00
Seth Vargo 39fb70ff67
Fix CAS operations for put 2016-09-26 16:06:56 -07:00
Seth Vargo c7496c5652
Change delete CAS behavior to require ModifyIndex 2016-09-26 16:06:55 -07:00
Seth Vargo 6cdf354270
Fix copy-paste comments 2016-09-26 16:06:54 -07:00
Seth Vargo 297a22383f
Add kv delete command 2016-09-26 16:06:53 -07:00
Seth Vargo 82bddd7f9b
Add kv put command 2016-09-26 16:06:53 -07:00
Seth Vargo c8fdc5c50d
Add kv get 2016-09-26 16:06:53 -07:00
Seth Vargo 87ad6d466c
Add kv command stubs 2016-09-26 16:06:53 -07:00
Seth Vargo 8c30edc54e
Add test function for returning an API client 2016-09-26 16:06:52 -07:00
James Phillips 5f0835fae7
Runs go-fmt (incidental to this PR). 2016-09-23 17:44:14 -07:00
James Phillips 1f5ae4827e
Makes string search for Windows case-insensitive.
Fixes #2356.
2016-09-23 17:43:40 -07:00
James Phillips 216c5c7786 Merge pull request #2353 from hashicorp/b-local-panic
Cleans up state management for remote deletes from local state.
2016-09-22 12:56:08 -07:00
James Phillips c780149b5d
Calls remove on checks and services in the local test. 2016-09-22 11:41:17 -07:00
James Phillips c8ce41f459
Cleans up state management for remote deletes from local state.
Fixes #2125.
2016-09-21 16:52:43 -07:00
James Phillips b0b05f48f3 Merge pull request #2262 from WIZARD-CXY/master
Fixes go race bug in startup log buffering.
2016-09-20 17:24:52 -07:00
Felix f0eb0ba549 return an error if no logOutput is provided
Otherwise the code will panic at a later stage where it is more complicated to figure out what’s actually going on.
2016-09-17 17:46:13 +09:00
James Phillips f686d34483 Merge pull request #2263 from sweeneyb/dnsPort
Add support for dns port as a command line option
2016-09-01 22:16:15 -07:00
James Phillips 4b2eaeda17
Does some go fmt cleanup. 2016-09-01 22:14:19 -07:00
James Phillips d19995c067 Merge pull request #2322 from hashicorp/pr-2321-slackpad
Adds a configurable timeout for DNS recursor client.
2016-09-01 22:11:54 -07:00
James Phillips fce0052a70
Adds a recursor timeout line to the merge test. 2016-09-01 21:53:33 -07:00
James Phillips da34496645
Fixes a typo in a test error message. 2016-09-01 21:52:29 -07:00