Frank Schroeder
1a557ee9e9
agent: use http.StatusForbidden instead of 403
2017-08-23 22:36:23 +02:00
Frank Schroeder
7e2bc1b411
agent: use http.StatusUnauthorized instead of 401
2017-08-23 22:36:23 +02:00
Frank Schroeder
5d1546b052
agent: use http.StatusBadRequest instead of 400
2017-08-23 22:36:23 +02:00
Frank Schroeder
14ab5c7641
agent: support go-discover retry-join for wan
2017-08-23 21:23:34 +02:00
Frank Schröder
a3934c263c
acl: consolidate error handling ( #3401 )
...
The error handling of the ACL code relies on the presence of certain
magic error messages. Since the error values are sent via RPC between
older and newer consul agents we cannot just replace the magic values
with typed errors and switch to type checks since this would break
compatibility with older clients.
Therefore, this patch moves all magic ACL error messages into the acl
package and provides default error values and helper functions which
determine the type of error.
2017-08-23 16:52:48 +02:00
Frank Schroeder
16c58da27d
agent: drop unused code
...
This code from http://github.com/hashicorp/consul/pull/3353 is no longer
required.
2017-08-22 00:02:46 +02:00
Frank Schroeder
bf96857b17
dns: replace nameserver lookup with consistent rpc call
...
This patch replaces the code which determines the list of servers in the
current cluster with an RPC call to get the list of active consul
service instances which only run on servers.
This replaces the previous implementation which was more complex and
relied on serf messages which can provide a different view than the
consistent response from the raft log.
As a side effect it makes the implementation independent of the server
and the agent which means it works consistently across both. Different
behavior for server and agent was the root cause for the bug in
http://github.com/hashicorp/consul/issue/3047 .
Fixes #3407
2017-08-22 00:02:46 +02:00
Frank Schroeder
4052c6d2d2
dns: split node lookup from request handling
2017-08-22 00:02:46 +02:00
Frank Schroeder
d4e3d4344a
dns: refactor label by unrolling loop
2017-08-22 00:02:46 +02:00
Frank Schroeder
70be1ab635
dns: move ttl closer to usage
2017-08-22 00:02:46 +02:00
James Phillips
f51d56c80c
Switches to using a read lock for the agent's RPC dispatcher.
...
This prevents RPC calls from getting serialized in this spot.
Fixes #3376
2017-08-09 18:51:55 -07:00
Frank Schröder
4b642fed2f
agent: honor deprecated flags for retry-join-{ec2,azure,gce} ( #3384 )
2017-08-09 16:18:30 -07:00
James Phillips
e8a83bb463
Revert "Return 403 rather than a 404 when acls cause all results to be filter…"
2017-08-09 15:06:57 -07:00
James Phillips
02a87df044
Revert "Ensure that we return a permission denied only if the list of keys/en…"
2017-08-09 15:06:20 -07:00
Preetha Appan
42fb49c00b
Added unit test case to kvs_endpointtest
2017-08-09 15:50:22 -05:00
Preetha Appan
3276891142
Ensure that we return a permission denied only if the list of keys/entries prior to filtering by ACL is non empty
2017-08-09 15:32:18 -05:00
Frank Schroeder
7cff50a4df
agent: move agent/consul/agent to agent/metadata
2017-08-09 14:36:52 +02:00
Frank Schroeder
c395599cea
agent: move agent/consul/servers to agent/router
2017-08-09 14:36:37 +02:00
Frank Schroeder
1acff3533e
agent: move agent/consul/structs to agent/structs
2017-08-09 14:32:12 +02:00
James Phillips
cb618918b3
Cleans up some go fmt issues.
2017-08-08 21:52:50 -07:00
James Phillips
7442039c2d
Fixes a vet error.
2017-08-08 16:00:18 -07:00
Kyle Havlovitz
cf02e3bc22
Merge pull request #3369 from hashicorp/metrics-enhancements
...
Add support for labels/filters from go-metrics
2017-08-08 13:55:30 -07:00
Kyle Havlovitz
c1c883f441
Add doc links for metrics endpoint
2017-08-08 13:05:38 -07:00
Kyle Havlovitz
0428e9fe9e
Update docs for metrics endpoint
2017-08-08 12:33:30 -07:00
Frank Schroeder
9fa237ddb6
dns: minor cleanups
2017-08-08 13:55:58 +02:00
Kyle Havlovitz
d5634fe2a8
Add support for labels/filters from go-metrics
2017-08-08 01:45:10 -07:00
Preetha Appan
72ae8c8f33
Go back to using <nodename>.node.dc.consul as the name of the ns record being returned.
2017-08-07 16:02:33 -05:00
Frank Schroeder
8a9653bdf8
dns: keep NS names in consul domain
2017-08-07 11:11:55 +02:00
Frank Schroeder
f17bf78bb1
dns: postmaster -> hostmaster
2017-08-07 11:11:55 +02:00
Frank Schroeder
60608b455d
dns: we do not support zone transfers
2017-08-07 11:11:55 +02:00
Frank Schroeder
76b2538915
dns: drop CNAME for primary name server
2017-08-07 11:11:55 +02:00
Preetha Appan
7f34dc08a5
Added test case with IPV6 bind address for NS records, rewrote tests to use verify library and other code review feedback
2017-08-07 11:11:55 +02:00
Preetha Appan
76319f751d
Added back glue records in NS response, expanded unit test. Also reused same function used in node lookup for adding A/AAAA records in the extra section of the NS response
2017-08-07 11:11:55 +02:00
Preetha Appan
f01f17bda3
Don't add A records for NS requests, because the record being returned already resolves correctly. Also fixed all the unit tests, and ignored hostnames that don't meet valid dns hostname criteria
2017-08-07 11:11:55 +02:00
Frank Schroeder
7ea11c2f45
dns: provide correct SOA and NS responses
...
This patch changes the behavior of the DNS server as follows:
* The SOA response contains the SOA record in the Answer section instead
of the Authority section. It also contains NS records in the Authority
and the corresponding A glue records in the Extra section.
In addition, CNAMEs are added to the Extra section to make the
MNAME of the SOA record resolvable.
AAAA glue records are not yet supported.
* The NS response returns up to three random servers from the
consul cluster in the Answer section and the glue A
records in the Extra section.
AAAA glue records are not yet supported.
2017-08-07 11:11:55 +02:00
Preetha Appan
824fc4ee20
Unify regex used to identify invalid dns characters
2017-08-07 11:11:55 +02:00
Preetha Appan
37f75a393e
Use sanitized version of node name of server in NS record, and start with "server" rather than "ns"
2017-08-07 11:11:55 +02:00
Preetha Appan
794d1afe44
Removed a copy pasted irrelevant comment, and other code review feedback
2017-08-07 11:11:54 +02:00
Preetha Appan
f9db387097
Add NS records and A records for each server. Constructs ns host names using the advertise address of the server.
2017-08-07 11:11:54 +02:00
James Phillips
4bee2e49f5
Adds secure introduction for the ACL replication token. ( #3357 )
...
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
Frank Schroeder
9ffeba18ee
agent: fix code for updated go-discover signature
...
Closes #3351
2017-08-03 21:32:11 +02:00
James Phillips
c0a5ad7903
Adds a new /v1/acl/bootstrap API ( #3349 )
2017-08-02 17:05:18 -07:00
Miguel Prokop
6852dec3f2
agent: Fix script quoting on windows ( #1875 )
...
This patch fixes the quoting for executing scripts on windows
and splits the platform dependent code.
Fixes #1875
2017-08-02 17:01:21 +02:00
Frank Schroeder
2fac427cd4
agent: use github.com/hashicorp/go-discover
...
Replace the provider specific node discovery code
with go-discover to support AWS, Azure and GCE.
Fixes #3282
2017-08-01 11:41:43 +02:00
Preetha Appan
4076c0d741
Return nil instead of empty list when returning a PermissionDenied error, updated unit test
2017-07-31 17:23:20 -05:00
Preetha Appan
6336014a86
Return 403 rather than a 404 when acls cause all results to be filtered out. This fixes #2637
2017-07-31 13:50:29 -05:00
preetapan
0f494d8b86
Merge pull request #3332 from hashicorp/issue_3322
...
This fixes #3322
2017-07-28 17:54:30 -05:00
Preetha Appan
2d84cd2330
Tweaked parsing error message to quote properly
2017-07-28 17:52:35 -05:00
James Phillips
10b660d77a
Adds missing autopilot snapshot test and avoids snapshotting nil. ( #3333 )
2017-07-28 15:48:42 -07:00
Preetha Appan
5aeab1463b
Validate unix sockets and ip addresses as needed, more test cases
2017-07-28 17:18:10 -05:00
Preetha Appan
4cec55e8db
Modify ResolveTmplAddrs to parse advertise IPs, added test cases that fail to parse correctly
2017-07-28 15:01:32 -05:00
Preetha Appan
13c118ea51
Removed extra newlines
2017-07-28 10:51:11 -05:00
Preetha Appan
840749db7e
Fix comments, and remove redundant TestConfig init from a couple of unit tests
2017-07-28 10:40:43 -05:00
Frank Schroeder
b19b062194
add tests for go-sockaddr template parsing
2017-07-28 15:40:22 +02:00
Frank Schroeder
ac9602e798
agent: unix sockets are not ip addrs
2017-07-28 14:53:21 +02:00
Frank Schroeder
2fcdb35cbb
config: refactor tmpl resolution fn
2017-07-28 12:20:49 +02:00
Preetha Appan
aa98aeb4b1
Moved handling advertise address to readConfig and out of the agent's constructor, plus unit test fixes
2017-07-27 22:06:31 -05:00
Preetha Appan
25acd1534a
Move go-socketaddr template parsing into config package to make it happen before creating a new agent. Also removed redundant parsetemplate calls from agent.go.
2017-07-27 16:17:35 -05:00
James Phillips
6250cd70f5
Adds option to prepared queries to remove empty tags. ( #3330 )
2017-07-26 22:46:43 -07:00
James Phillips
496b0bcf07
Adds support for agent-side ACL token management via API instead of config files. ( #3324 )
...
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
Preetha Appan
b94617b281
Add extra test case for deleting entire tree with empty prefix
2017-07-26 09:42:07 -05:00
Preetha Appan
4498814843
Don't insert tombstone for empty prefix delete. Other minor unit test fixes
2017-07-25 21:54:11 -05:00
Preetha Appan
fee418d378
Removed redundant comments and unit test
2017-07-25 20:39:33 -05:00
Preetha Appan
b772c477c2
Removed redundant call to reap tombstone from unit test
2017-07-25 19:39:05 -05:00
Preetha Appan
ae443e21d6
Improved unit test per code review
2017-07-25 19:17:40 -05:00
Preetha Appan
36acf8d6a4
Use new DeletePrefixMethod for implementing KVSDeleteTree operation. This makes deletes on sub trees larger than one million nodes about 100 times faster. Added unit tests.
2017-07-25 17:21:18 -05:00
James Phillips
c413a9161e
Removes an unnecessary close.
2017-07-24 21:41:18 -07:00
Preetha Appan
f8b633c69e
Removed redundant logging
2017-07-24 21:07:48 -05:00
Preetha Appan
c26fd66edd
Clean up temporary files on write errors, and ignore any temporary service files on load with a warning. This fixes #3207
2017-07-24 12:42:51 -05:00
James Phillips
1774fdc237
Tweaks the error when scripts are disabled.
...
This will hopefully help people self-serve if they upgrade without accounting
for this.
2017-07-19 22:15:04 -07:00
Kyle Havlovitz
d74390ef86
Fix UpgradeVersionTag field not being passed correctly ( #3304 )
2017-07-19 17:39:48 -07:00
Preetha Appan
1f35aa6ff2
Made unit test for AddCheck error check the actual error string
2017-07-19 11:00:56 -05:00
Preetha Appan
c32e4ebe26
Unit test for failure case of AddCheck
2017-07-19 10:28:52 -05:00
Frank Schroeder
0047b7d3f0
fix spelling in filenames
...
Fixes #3301
2017-07-19 13:16:38 +02:00
Frank Schroeder
83577e0daa
agent: make docker client work on windows
2017-07-19 12:03:59 +02:00
Frank Schroeder
b97ab92d87
build: add missing build tags
2017-07-19 05:17:01 +02:00
preetapan
fb43953894
Merge pull request #3296 from hashicorp/ensure_registration_race
...
Fix race condition between removing a service and adding a check for …
2017-07-18 18:36:47 -05:00
Preetha Appan
e50f0e6722
Clean up any watch monitors associated with a failed AddCheck
2017-07-18 16:54:20 -05:00
Preetha Appan
6a257f242e
Removed unit test, added clarifying comment and returned a friendlier error message similar to the one in agent's AddService method
...
Fixes #3297
2017-07-18 16:15:47 -05:00
Preetha Appan
9f048afe29
Fix race condition between removing a service and adding a check for the same service, which was causing orphaned checks
2017-07-18 16:15:47 -05:00
Kyle Havlovitz
19eae3d14b
Add UpgradeVersionTag to autopilot config
2017-07-18 13:35:41 -07:00
Frank Schroeder
0d9b53730f
agent: stop docker checks on shutdown
2017-07-18 20:59:24 +02:00
Frank Schroeder
60540c2417
agent: stop and remove docker checks
...
Note that there is no test since the correct way to solve (and test)
this is to replace the different maps with a single one or to hide
that functionality behind a separate data structure. This will be
addressed in #3294 .
Fixes #3265
2017-07-18 20:59:24 +02:00
Frank Schroeder
2123700056
agent: replace docker check
...
This patch replaces the Docker client which is used
for health checks with a simplified version tailored
for that purpose.
See #3254
See #3257
Fixes #3270
2017-07-18 20:24:38 +02:00
James Phillips
fff0f9698f
Prevents disabling gossip keyring file from disabling gossip encryption. ( #3278 )
2017-07-17 12:48:45 -07:00
James Phillips
1791d99a10
Adds new config to make script checks opt-in, updates documentation. ( #3284 )
2017-07-17 11:20:35 -07:00
James Phillips
780e68a753
Changes remote exec KV read to call GetTokenForAgent(). ( #3283 )
...
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.
Fixes #3160 .
* Fixes remote exec unit test with ACLs.
* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips
1004d0ec0e
Adds node read privileges to the acl_agent_master_token. ( #3277 )
...
Fixes #3113 .
2017-07-16 20:08:26 -07:00
Frank Schröder
c001722848
azure: tag map can return nil ( #3280 )
...
Fixes #3193
2017-07-16 14:29:43 -07:00
James Phillips
218ac4cb1e
Obfuscates ACL tokens appearing in /v1/acl/<verb>/<token> APIs. ( #3276 )
...
* Obfuscates ACL tokens appearing in /v1/acl APIs.
* Makes test positively identify the desired strings.
* Adds an example and explanation of the regular expression.
2017-07-15 00:07:08 -07:00
James Phillips
872cf9ff95
Changes ACL clone response to 403 if not authorized, or if token doesn't exist. ( #3275 )
...
Fixes #1113
2017-07-14 20:43:30 -07:00
Kyle Havlovitz
78c3a86405
Add TLS setting to router areas
2017-07-14 17:38:08 -07:00
James Phillips
0881e46111
Cleans up version 8 ACLs in the agent and the docs. ( #3248 )
...
* Moves magic check and service constants into shared structs package.
* Removes the "consul" service from local state.
Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.
* Makes coordinate update ACL log message a warning, similar to other AE warnings.
* Adds much more detailed examples for bootstrapping ACLs.
This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234 .
2017-07-13 22:33:47 -07:00
Frank Schroeder
764dabfcf7
agent: fix go vet issue
2017-07-11 07:13:46 -07:00
James Phillips
66edec5dfd
Adds the ability to blacklist specific HTTP endpoints. ( #3252 )
2017-07-10 13:51:25 -07:00
James Phillips
7200b8cda8
UI cleanup follow up from #3245 . ( #3251 )
...
* Removes unnecessary set for model component which will be null.
* Returns a 404 for a missing node, not a 200 with an empty response.
* Updates built-in web assets.
2017-07-10 09:40:00 -07:00
James Phillips
aa11956d63
Changes the default ACL token type to "client" in web UI. ( #3246 )
...
* Changes the default ACL token type to "client".
* Updates built-in web assets.
2017-07-08 17:28:04 -07:00
James Phillips
86b1e64a33
Cleans up web UI and fixes ACL token "stuckness" issue. ( #3245 )
...
* Removes GitHub reference.
* Doesn't display ACL token on the unauthorized page.
* Removes useless fetch for nodes and cleans up comments.
* Provides a path to reset the ACL token when it's invalid.
This included making the settings page global so it's reachable, and adding
some more information about an error on the error page.
* Updates built-in web assets.
2017-07-08 17:16:05 -07:00
Frank Schroeder
1781fd311f
address review comments
2017-07-07 09:22:34 +02:00
Frank Schroeder
e4b40acc7e
agent: remove unused code
2017-07-07 09:22:34 +02:00
Frank Schroeder
8c792ad57d
agent: make TestClient_RPC_ConsulServerPing more robust
2017-07-07 09:22:34 +02:00
Frank Schroeder
4a4b91a2db
agent: fix data races with registerEndpoint
...
Only register a different endpoint after it has been
fully created.
2017-07-07 09:22:34 +02:00
Frank Schroeder
19b937ba80
agent: make Reap test timing less aggressive
2017-07-07 09:22:34 +02:00
James Phillips
a855d31f84
Adds a comment about flood joining.
2017-07-07 09:22:34 +02:00
James Phillips
5b5217528a
Simplifies Serf dynamic port selection code.
...
This isn't racy, it's just a little dirty. The listen will happen and a port
will be selected and injected into the config once the Serf instance is
created, so we don't need the retry loop here.
2017-07-07 09:22:34 +02:00
James Phillips
d8db4bc086
test: Changes WAN/LAN join confirmer to use port number vs. address.
...
This fixes TestServer_JoinSeparateLanAndWanAddresses which sets bogus
advertise addresses as part of the test. Port numbers uniquely identify
members since everything is running on localhost.
2017-07-07 09:22:34 +02:00
Frank Schroeder
d92f70f313
test: make joinLAN/WAN reliable
...
only return if the members can see each other
2017-07-07 09:22:34 +02:00
Frank Schroeder
112bc19cd5
rpc: make TestServer_JoinSeparateLanAndWanAddresses more robust
2017-07-07 09:22:34 +02:00
Frank Schroeder
ffd45f5da5
rpc: make TestClient_SnapshotRPC_TLS more robust
2017-07-07 09:22:34 +02:00
Frank Schroeder
c218fdbc77
agent: make timing sensitive tests more robust
...
* make timing less aggressive
* mark timing tests as non-parallel
2017-07-07 09:22:34 +02:00
Frank Schroeder
b12b914017
agent: fix TestCheckHTTP_TLSSkipVerify_true_pass
...
Make check timing less aggressive and give the test some time
to execute.
2017-07-07 09:22:34 +02:00
Frank Schroeder
7381a05d8d
agent: do not modify agent config after NewAgent
2017-07-07 09:22:34 +02:00
Frank Schroeder
cec9dcfee8
agent: fix pending data races between localState and agent
...
This patch creates a local config structure for the local state
which is independent from the agent but populated from its
configuration. This avoids data races between the agent configuration
which can change during tests and concurrent go routines using the
configuraiton at the same time.
2017-07-07 09:22:34 +02:00
Frank Schroeder
00f6ba298e
dns: fix data race in TestDNS_ServiceLookup_FilterACL
...
The agent config cannot be modified after start.
2017-07-07 09:22:34 +02:00
Frank Schroeder
bcd2301b81
agent: fix data race in TestAgentAntiEntropy_EnableTagOverride
2017-07-07 09:22:34 +02:00
Frank Schroeder
7f7c0ad65e
agent: clone partial consul config
...
The agent configuration for the consul server is a partial configuration
which needs to be cloned to avoid data races.
This is a stop-gap measure before moving the configuration into
a separate package.
2017-07-07 09:22:34 +02:00
Frank Schroeder
727b6444ad
dns: fix data races in DNS compression tests
...
Make the DisableCompression value configurable at runtime
to allow tests to change it without restarting/recreating
the server.
2017-07-07 09:22:34 +02:00
Frank Schroeder
0763788b82
agent: fix data race between consul server and local state
2017-07-07 09:22:34 +02:00
Frank Schroeder
119f6a1ed7
rpc: monkey patch fix for data races for localState
...
The tests that use the localState of the agent access the internal
variables and call methods which are not guarded by locks creating
data races in tests. While the use of internal variables is somewhat
easy to spot the fact that not all methods are thread-safe is a
surprise.
A proper fix requires the localState struct to be moved into its own
package so that tests in the agent can only access the external
interface.
However, the localState is currently dependent on the agent.Config
which would create a circular dependency. Therefore, the Config
struct needs to be moved first for this to happen.
This patch literally monkey patches the use of the lock around the
cases which have data races and marks them with a
// todo(fs): data race comment.
2017-07-07 09:22:34 +02:00
Frank Schroeder
2159d499e3
rpc: try shutting down leader first to avoid hang in TestLeader_LeftServer
2017-07-07 09:22:34 +02:00
Frank Schroeder
f12fac278e
rpc: fix logging and try quicker timing of TestServer_JoinSeparateLanAndWanAddresses
2017-07-07 09:22:34 +02:00
Frank Schroeder
bae4b1d045
rpc: less agressive raft timeouts
...
Allowing more time for raft to consolidate should
drop the number of leader elections.
2017-07-07 09:22:34 +02:00
Frank Schroeder
457b98a099
rpc: run agent/consul tests in parallel
2017-07-07 09:22:34 +02:00
Frank Schroeder
13eeeb720d
rpc: refactor sessionTimers and fix racy tests
...
The sessionTimers map was secured by a lock which wasn't used
properly in the tests. This lead to data races and failing tests
when accessing the length or the members of the map.
This patch adds a separate SessionTimers struct which is safe
for concurrent use and which ecapsulates the behavior of the
sessionTimers map.
2017-07-07 09:22:34 +02:00
Frank Schroeder
05f756853e
rpc: fix TestServer_Leave
...
wait for the leader election.
2017-07-07 09:22:34 +02:00
Frank Schroeder
583959392b
rpc: fix TestSession_Renew
...
make the timing less tight
2017-07-07 09:22:34 +02:00
Frank Schroeder
ff2c29c0be
rpc: fix TestReadyForConsistentRead
...
timing was too tight. Standardized name.
2017-07-07 09:22:34 +02:00
Frank Schroeder
fcab525053
rpc: fix for 'no leader' in TLS tests
...
Ensure both servers know about each other before looking
for a leader.
2017-07-07 09:22:34 +02:00
Frank Schroeder
b2a71fd8b0
rpc: fix TestServer_JoinWAN_Flood
...
The second server in the first data center should not be
in bootstrap mode.
2017-07-07 09:22:34 +02:00
Frank Schroeder
8369b6cb9d
rpc: provide unique node names for server and client
2017-07-07 09:22:34 +02:00
Frank Schroeder
534977239b
rpc: prefix log output with test name
2017-07-07 09:22:34 +02:00
Frank Schroeder
c8ef588d8d
rpc: discover serf wan port before starting serf lan
...
When using dynamic ports for the serf clusters then
the actual bind port of the serf WAN cluster needs to
be discovered before the serf LAN cluster is started
since the serf LAN cluster announces the port of the WAN
cluster.
2017-07-07 09:22:34 +02:00
Frank Schroeder
53eab7e970
rpc: bind rpc test server to port 0
2017-07-07 09:22:34 +02:00
Frank Schroeder
e9e2c599db
rpc: refactor: unify test server setup
2017-07-07 09:22:34 +02:00
Frank Schroeder
c803146550
rpc: fix typos
2017-07-07 09:22:34 +02:00
Frank Schroeder
a0368e3827
agent: refactor: log to stderr during tests
2017-07-07 09:22:34 +02:00
Frank Schroeder
2afafe6911
agent: refactor: use handler for test http tls server
2017-07-07 09:22:34 +02:00
Frank Schroeder
63447a0cf3
agent: refactor: make address translation part of the agent
2017-07-07 09:22:34 +02:00
Preetha Appan
f549c06764
Rename to raftNotifyCh, fix typo
2017-07-06 09:10:36 -05:00
Preetha Appan
f2171a6720
Fixes deadlock between barrier write and leader notify channel read . Fixes #3230
2017-07-05 17:09:18 -05:00
Grégoire Seux
940b1513a6
Correctly forward Host header in healthcheck ( #3203 )
...
Host header must be set explicitely on http requests
Change-Id: I91a32f0fb1ec3fbc713adf0e10869797e91172c7
Signed-off-by: Grégoire Seux <g.seux@criteo.com>
2017-06-29 16:26:08 -07:00
Preetha Appan
07db760d53
Fix missing formatting directive causing go vet to fail
2017-06-27 16:32:38 -05:00
Frank Schroeder
6dd68f7ad7
Revert "agent: add allowStale option for HTTP API ( #3142 )"
...
This reverts commit 1e0fd27a74
.
2017-06-27 07:04:55 +02:00
Frank Schröder
4b51d00458
agent: fix DNS recursor tests ( #3190 )
...
The makeRecursor function was using an unreliable mechanism
to start a server with a random port. This patch changes this
so that the server starts on port 0 to let the kernel pick
a free port.
In addition, to similar functions for starting a test DNS
server were folded into one.
2017-06-25 10:42:37 -07:00
James Phillips
4a3604a3ee
Removes some useless comments.
2017-06-25 10:32:35 -07:00
James Phillips
6977e40077
Fixes watch tracking during reloads and fixes address issue. ( #3189 )
...
This patch fixes watch registration through the config file and a broken log line when the watch registration fails. It also plumbs all the watch loading through a common function and tweaks the
unit test to create the watch before the reload.
2017-06-24 12:52:41 -07:00
James Phillips
380c8b957d
Changes host-based node IDs from opt-out to opt-in. ( #3187 )
2017-06-24 09:36:53 -07:00
James Phillips
42f60b04bb
Revert "discover: move instance discover code into separate package ( #3144 )" ( #3180 )
...
This reverts commit 26bfb2d00a
.
2017-06-23 01:38:55 -07:00
James Phillips
e4b11682bc
Fixes broken HTTP header and method for health checks. ( #3178 )
...
* Fixes broken HTTP header and method for health checks.
* Adds a fuzz utility and test to make sure copy is complete.
2017-06-23 01:15:48 -07:00
wojtkiewicz
1e0fd27a74
agent: add allowStale option for HTTP API ( #3142 )
...
This patch adds an "allowStale" option to the HTTP API
configuration which allows stale reads to provide linear
read scalability.
Fixes #3142
2017-06-22 10:31:13 +02:00
wojtkiewicz
37785028be
agent: add "http_config"
...
This patch adds an "http_config" object to the config file
and moves the "http_api_response_headers" option there.
"http_api_response_headers" is now deprecated in favor of
"http_config.response_headers"
2017-06-22 10:31:11 +02:00
James Phillips
0e695aef94
Fixes checked in web assets and associated build scripts. ( #3173 )
2017-06-21 14:43:07 -07:00
Frank Schröder
26bfb2d00a
discover: move instance discover code into separate package ( #3144 )
...
This patch moves the code that discovers instances from metadata
information to github.com/hashicorp/go-discover with
sub-packages for each provider.
2017-06-21 10:40:38 +02:00
Frank Schröder
31a310f551
agent: notify systemd after JoinLAN ( #2121 )
...
This patch adds support for notifying systemd via the
NOTIFY_SOCKET by sending 'READY=1' to the socket after
a successful JoinLAN.
Fixes #2121
2017-06-21 06:43:55 +02:00
Frank Schroeder
ea5b0f2c7c
agent: fix 'consul leave' shutdown race ( #2880 )
...
When the agent is triggered to shutdown via an external 'consul leave'
command delivered via the HTTP API then the client expects to receive a
response when the agent is down. This creates a race on when to shutdown
the agent itself like the RPC server, the checks and the state and the
external endpoints like DNS and HTTP.
This patch splits the shutdown process into two parts:
* shutdown the agent
* shutdown the endpoints (http and dns)
They can be executed multiple times, concurrently and in any order but
should be executed first agent, then endpoints to provide consistent
behavior across all use cases. Both calls have to be executed for a
proper shutdown.
This could be partially hidden in a single function but would introduce
some magic that happens behind the scenes which one has to know of but
isn't obvious.
Fixes #2880
2017-06-21 05:52:51 +02:00
Frank Schroeder
7abe308c66
agent: drop unused constant
2017-06-21 05:42:39 +02:00
Frank Schroeder
c4fc581e07
agent: make registerEndpoint private
...
This is only used for testing.
2017-06-21 05:42:39 +02:00
Frank Schroeder
2b41f2e3a3
agent: make the RPC endpoint overwrite mechanism more transparent
...
This patch hides the RPC handler overwrite mechanism from the
rest of the code so that it works in all cases and that there
is no cooperation required from the tested code, i.e. we can
drop a.getEndpoint().
2017-06-21 05:42:39 +02:00
Frank Schroeder
e15f9f9d90
agent: rename agent var
2017-06-21 05:42:39 +02:00
Frank Schroeder
c49a15d0f3
agent: move structs into consul/structs pkg
...
* CheckDefinition
* ServiceDefinition
* CheckType
2017-06-21 05:42:39 +02:00
Frank Schroeder
4273fb8444
agent: move NotifyGroup into the agent pkg
2017-06-21 05:42:39 +02:00
Frank Schroeder
82a132da60
agent: move conn pool for muxed connections into separate pkg
2017-06-21 05:42:39 +02:00
Frank Schroeder
80971c8a85
agent: move the SnapshotReplyFn out of the way
...
When splitting up the consul package into server and client
the SnapshotReplyFn needs to be in a separate package to avoid
a circular dependency.
2017-06-21 05:42:39 +02:00
Frank Schroeder
04b9392b00
agent: use the delegate interface for local state
2017-06-21 05:42:39 +02:00
Frank Schroeder
d77d2be13e
agent: rename clientServer interface to delegate
2017-06-21 05:42:39 +02:00
preetapan
0c2a83e1ec
Merge pull request #3154 from hashicorp/issue_2644_redux
...
Fix stale reads on server startup. Consistent reads will now wait for up to config.RPCHoldTimeout for the server to get past its raft log, before returning an error. Servers that are starting up will eventually catch up.
This fixes issue #2644
2017-06-20 19:47:12 -05:00
Preetha Appan
f658231ab9
Minor fixes per code review
2017-06-20 19:43:07 -05:00
Frank Schroeder
b083ce17c7
Revert "agent: fix 'consul leave' shutdown race ( #2880 )"
...
This reverts commit 90c83a32b5
.
2017-06-19 21:34:08 +02:00
Frank Schroeder
90c83a32b5
agent: fix 'consul leave' shutdown race ( #2880 )
...
When the agent is triggered to shutdown via an external 'consul leave'
command delivered via the HTTP API then the client expects to receive a
response when the agent is down. This creates a race on when to shutdown
the agent itself like the RPC server, the checks and the state and the
external endpoints like DNS and HTTP. Ideally, the external endpoints
should be shutdown before the internal state but if the goal is to
respond reliably that the agent is down then this is not possible.
This patch splits the agent shutdown into two parts implemented in a
single method to keep it simple and unambiguos for the caller. The first
stage shuts down the internal state, checks, RPC server, ...
synchronously and then triggers the shutdown of the external endpoints
asychronously. This way the caller is guaranteed that the internal state
services are down when Shutdown returns and there remains enough time to
send a response.
Fixes #2880
2017-06-19 21:24:26 +02:00
Preetha Appan
b3b2e9dcb4
Added unit test to verify consistentRead method behavior
2017-06-16 11:58:12 -05:00
Preetha Appan
44f5086873
Code review feedback, fixed major logic bug
2017-06-16 10:49:54 -05:00
Preetha Appan
72af7b9bc4
Redo bug fix for stale reads on server startup, leveraging RPCHOldtimeout instead of maxQueryTime, plus tests
2017-06-15 22:41:30 -05:00
Kyle Havlovitz
5d99ee80ca
Add an option to disable keyring file ( #3145 )
...
Also disables keyring file in dev mode.
2017-06-15 15:24:04 -07:00
Seth Vargo
a8f1e7ebf9
Add EDNS0 support ( #3131 )
...
This is a refactor of GH-1980. Originally I tried to do a straight
rebase, but the code has changed too much.
2017-06-14 16:22:54 -07:00
Preetha Appan
cf5006c4f4
Fixed static asset build target and checked in new executable for assetfs
2017-06-12 12:57:02 -05:00
Frank Schroeder
1c75cf1af5
pkg refactor
...
command/agent/* -> agent/*
command/consul/* -> agent/consul/*
command/agent/command{,_test}.go -> command/agent{,_test}.go
command/base/command.go -> command/base.go
command/base/* -> command/*
commands.go -> command/commands.go
The script which did the refactor is:
(
cd $GOPATH/src/github.com/hashicorp/consul
git mv command/agent/command.go command/agent.go
git mv command/agent/command_test.go command/agent_test.go
git mv command/agent/flag_slice_value{,_test}.go command/
git mv command/agent .
git mv command/base/command.go command/base.go
git mv command/base/config_util{,_test}.go command/
git mv commands.go command/
git mv consul agent
rmdir command/base/
gsed -i -e 's|package agent|package command|' command/agent{,_test}.go
gsed -i -e 's|package agent|package command|' command/flag_slice_value{,_test}.go
gsed -i -e 's|package base|package command|' command/base.go command/config_util{,_test}.go
gsed -i -e 's|package main|package command|' command/commands.go
gsed -i -e 's|base.Command|BaseCommand|' command/commands.go
gsed -i -e 's|agent.Command|AgentCommand|' command/commands.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/commands.go
gsed -i -e 's|base\.||' command/commands.go
gsed -i -e 's|command\.||' command/commands.go
gsed -i -e 's|command|c|' main.go
gsed -i -e 's|range Commands|range command.Commands|' main.go
gsed -i -e 's|Commands: Commands|Commands: command.Commands|' main.go
gsed -i -e 's|base\.BoolValue|BoolValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.DurationValue|DurationValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.StringValue|StringValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.UintValue|UintValue|' command/operator_autopilot_set.go
gsed -i -e 's|\bCommand\b|BaseCommand|' command/base.go
gsed -i -e 's|BaseCommand Options|Command Options|' command/base.go
gsed -i -e 's|base.Command|BaseCommand|' command/*.go
gsed -i -e 's|c\.Command|c.BaseCommand|g' command/*.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/*_test.go
gsed -i -e 's|base\.||' command/*_test.go
gsed -i -e 's|\bCommand\b|AgentCommand|' command/agent{,_test}.go
gsed -i -e 's|cmd.AgentCommand|cmd.BaseCommand|' command/agent.go
gsed -i -e 's|cli.AgentCommand = new(Command)|cli.Command = new(AgentCommand)|' command/agent_test.go
gsed -i -e 's|exec.AgentCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|exec.BaseCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|NewTestAgent|agent.NewTestAgent|' command/agent_test.go
gsed -i -e 's|= TestConfig|= agent.TestConfig|' command/agent_test.go
gsed -i -e 's|: RetryJoin|: agent.RetryJoin|' command/agent_test.go
gsed -i -e 's|\.\./\.\./|../|' command/config_util_test.go
gsed -i -e 's|\bverifyUniqueListeners|VerifyUniqueListeners|' agent/config{,_test}.go command/agent.go
gsed -i -e 's|\bserfLANKeyring\b|SerfLANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bserfWANKeyring\b|SerfWANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bNewAgent\b|agent.New|g' command/agent{,_test}.go
gsed -i -e 's|\bNewAgent|New|' agent/{acl_test,agent,testagent}.go
gsed -i -e 's|\bAgent\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bBool\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDefaultConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDevConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bMergeConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bReadConfigPaths\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bParseMetaPair\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfLANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfWANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|circonus\.agent|circonus|g' command/agent{,_test}.go
gsed -i -e 's|logger\.agent|logger|g' command/agent{,_test}.go
gsed -i -e 's|metrics\.agent|metrics|g' command/agent{,_test}.go
gsed -i -e 's|// agent.Agent|// agent|' command/agent{,_test}.go
gsed -i -e 's|a\.agent\.Config|a.Config|' command/agent{,_test}.go
gsed -i -e 's|agent\.AppendSliceValue|AppendSliceValue|' command/{configtest,validate}.go
gsed -i -e 's|consul/consul|agent/consul|' GNUmakefile
gsed -i -e 's|\.\./test|../../test|' agent/consul/server_test.go
# fix imports
f=$(grep -rl 'github.com/hashicorp/consul/command/agent' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/command/agent|github.com/hashicorp/consul/agent|' $f
goimports -w $f
f=$(grep -rl 'github.com/hashicorp/consul/consul' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/consul|github.com/hashicorp/consul/agent/consul|' $f
goimports -w $f
goimports -w command/*.go main.go
)
2017-06-10 18:52:45 +02:00