Frank Schroeder
bc5dc32c1d
agent: use http.StatusInternalServerError instead of 500
2017-08-23 22:36:23 +02:00
Frank Schroeder
fa121be33f
agent: use http.StatusMethodNotAllowed instead of 405
2017-08-23 22:36:23 +02:00
Frank Schroeder
ad5c1d9e72
agent: use http.StatusNotFound instead of 404
2017-08-23 22:36:23 +02:00
Frank Schroeder
1a557ee9e9
agent: use http.StatusForbidden instead of 403
2017-08-23 22:36:23 +02:00
Frank Schroeder
7e2bc1b411
agent: use http.StatusUnauthorized instead of 401
2017-08-23 22:36:23 +02:00
Frank Schroeder
5d1546b052
agent: use http.StatusBadRequest instead of 400
2017-08-23 22:36:23 +02:00
Frank Schroeder
01eae2e9cf
doc: document cloud auto-joining for retry-join-wan
2017-08-23 21:23:34 +02:00
Frank Schroeder
14ab5c7641
agent: support go-discover retry-join for wan
2017-08-23 21:23:34 +02:00
Frank Schroeder
ad82659eed
vendor: upgrade github.com/hashicorp/go-discover
...
Pull in improved debug logging for AWS
2017-08-23 21:23:34 +02:00
Frank Schroeder
0516deff0c
doc: fix operator keyring delete method
2017-08-23 17:20:10 +02:00
Frank Schröder
a3934c263c
acl: consolidate error handling ( #3401 )
...
The error handling of the ACL code relies on the presence of certain
magic error messages. Since the error values are sent via RPC between
older and newer consul agents we cannot just replace the magic values
with typed errors and switch to type checks since this would break
compatibility with older clients.
Therefore, this patch moves all magic ACL error messages into the acl
package and provides default error values and helper functions which
determine the type of error.
2017-08-23 16:52:48 +02:00
James Phillips
91dfa3d31d
Update CHANGELOG.md
2017-08-21 15:31:40 -07:00
James Phillips
c060635b82
Update CHANGELOG.md
2017-08-21 15:31:24 -07:00
Frank Schroeder
16c58da27d
agent: drop unused code
...
This code from http://github.com/hashicorp/consul/pull/3353 is no longer
required.
2017-08-22 00:02:46 +02:00
Frank Schroeder
bf96857b17
dns: replace nameserver lookup with consistent rpc call
...
This patch replaces the code which determines the list of servers in the
current cluster with an RPC call to get the list of active consul
service instances which only run on servers.
This replaces the previous implementation which was more complex and
relied on serf messages which can provide a different view than the
consistent response from the raft log.
As a side effect it makes the implementation independent of the server
and the agent which means it works consistently across both. Different
behavior for server and agent was the root cause for the bug in
http://github.com/hashicorp/consul/issue/3047 .
Fixes #3407
2017-08-22 00:02:46 +02:00
Frank Schroeder
4052c6d2d2
dns: split node lookup from request handling
2017-08-22 00:02:46 +02:00
Frank Schroeder
d4e3d4344a
dns: refactor label by unrolling loop
2017-08-22 00:02:46 +02:00
Frank Schroeder
70be1ab635
dns: move ttl closer to usage
2017-08-22 00:02:46 +02:00
Preetha Appan
642fcd4611
Update CHANGELOG.md
2017-08-18 11:22:35 -05:00
preetapan
15e0647176
Merge pull request #3395 from Illirgway/patch-1
...
Fix bug with unused (replaced with "") CONSUL_HTTP_AUTH in some places
This fixes #3392
2017-08-18 11:18:24 -05:00
preetapan
2ffca8cac9
Merge pull request #3404 from zevin/master
...
Added configuration instructions for forwarding DNS queries from Unbound
2017-08-18 10:29:39 -05:00
Kevin Bidwell
9cae329c27
Added configuration instructions for forwarding DNS queries from Unbound to consul.
2017-08-18 08:45:43 -06:00
Preetha Appan
c9d5e17410
Update serf to pick up fixes for fsyncing snapshots and panic when coordinates are disabled
2017-08-17 16:35:06 -05:00
Frank Schroeder
ee2cc7aaca
doc: update check example for agent api call
2017-08-16 18:24:28 +02:00
Frank Schröder
e0924704d5
doc: add method and header to agent API docs for HTTP checks ( #3400 )
2017-08-16 18:18:46 +02:00
Preetha Appan
b51645739f
Update CHANGELOG.md
2017-08-16 09:39:10 -05:00
preetapan
3327abdbf4
Merge pull request #3396 from hashicorp/memberlist_deadlock
...
Update memberlist for a deadlock fix
2017-08-15 18:08:40 -05:00
Preetha Appan
0e73777ce2
Update memberlist for a deadlock fix
2017-08-15 18:07:28 -05:00
Illirgway
e0cc1ce679
Fix bug with unused (replaced with "") CONSUL_HTTP_AUTH in some places
...
example: https://github.com/hashicorp/consul/blob/master/watch/plan.go#L26
conf := consulapi.DefaultConfig()
conf.Address = address
conf.Datacenter = p.Datacenter
conf.Token = p.Token # <-- replace Token from DefaultConfig/CONSUL_HTTP_AUTH with ""
client, err := consulapi.NewClient(conf)
how to reproduce bug:
0. consul -> localhost:8500 with more than 0 service checks
1. deny all for anonymous token
2. create appropriate acl <token> for watch checks (agent:read + node:read,service:read)
3. bash:
CONSUL_HTTP_AUTH=<token> consul watch -http-addr=localhost:8500 -type=checks # --> return []
consul watch -http-addr=localhost:8500 -type=checks -token=<token> # -> return { .... right json result .... }
2017-08-16 01:51:18 +03:00
Frank Schröder
546ffc25fc
doc: retry_join is a string array ( #3388 )
2017-08-10 09:58:26 +02:00
wuxin
d6729243eb
fix command/kv_import.go help text ( #3387 )
2017-08-10 09:17:37 +02:00
James Phillips
72c4b9ef5f
Removes partial details in the retry_join config file section. ( #3386 )
2017-08-09 21:27:17 -07:00
Seth Vargo
1258c1fe94
Document the new auto-join in the config and CLI ( #3381 )
...
* Document the new auto-join in the config and CLI
* Mention and example DNS
2017-08-09 21:14:56 -07:00
James Phillips
d3c8855c86
Adds a note about the 429 response code.
2017-08-09 20:10:44 -07:00
James Phillips
191ff2cbf0
Merge pull request #3385 from hashicorp/issue-3376
...
Switches to using a read lock for the agent's RPC dispatcher.
2017-08-09 18:53:06 -07:00
James Phillips
f51d56c80c
Switches to using a read lock for the agent's RPC dispatcher.
...
This prevents RPC calls from getting serialized in this spot.
Fixes #3376
2017-08-09 18:51:55 -07:00
James Phillips
6194dcf36f
Puts tree in 0.9.3 dev mode.
2017-08-09 18:33:57 -07:00
James Phillips
28c2b0c224
Bumps website version to 0.9.2.
2017-08-09 18:02:05 -07:00
James Phillips
75ca2cace0
Release v0.9.2
2017-08-09 17:46:41 -07:00
James Phillips
c7c35331ed
Puts the tree in 0.9.2 release mode.
2017-08-09 17:36:35 -07:00
James Phillips
0e82e08168
Update CHANGELOG.md
2017-08-09 16:19:36 -07:00
Frank Schröder
4b642fed2f
agent: honor deprecated flags for retry-join-{ec2,azure,gce} ( #3384 )
2017-08-09 16:18:30 -07:00
James Phillips
d07946949d
Update CHANGELOG.md
2017-08-09 15:30:52 -07:00
James Phillips
e9bd05b603
Merge pull request #3383 from hashicorp/revert-3340-issue_2637
...
Revert "Return 403 rather than a 404 when acls cause all results to be filter…"
2017-08-09 15:07:10 -07:00
James Phillips
e8a83bb463
Revert "Return 403 rather than a 404 when acls cause all results to be filter…"
2017-08-09 15:06:57 -07:00
James Phillips
6dc829d75f
Merge pull request #3382 from hashicorp/revert-3380-fix_acls
...
Revert "Ensure that we return a permission denied only if the list of keys/en…"
2017-08-09 15:06:34 -07:00
James Phillips
02a87df044
Revert "Ensure that we return a permission denied only if the list of keys/en…"
2017-08-09 15:06:20 -07:00
preetapan
03b363e931
Merge pull request #3380 from hashicorp/fix_acls
...
Ensure that we return a permission denied only if the list of keys/en…
2017-08-09 15:51:10 -05:00
Preetha Appan
42fb49c00b
Added unit test case to kvs_endpointtest
2017-08-09 15:50:22 -05:00
Preetha Appan
3276891142
Ensure that we return a permission denied only if the list of keys/entries prior to filtering by ACL is non empty
2017-08-09 15:32:18 -05:00