Preetha Appan
824fc4ee20
Unify regex used to identify invalid dns characters
2017-08-07 11:11:55 +02:00
Preetha Appan
37f75a393e
Use sanitized version of node name of server in NS record, and start with "server" rather than "ns"
2017-08-07 11:11:55 +02:00
Preetha Appan
f9db387097
Add NS records and A records for each server. Constructs ns host names using the advertise address of the server.
2017-08-07 11:11:54 +02:00
James Phillips
4bee2e49f5
Adds secure introduction for the ACL replication token. ( #3357 )
...
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
James Phillips
c0a5ad7903
Adds a new /v1/acl/bootstrap API ( #3349 )
2017-08-02 17:05:18 -07:00
Preetha Appan
aa98aeb4b1
Moved handling advertise address to readConfig and out of the agent's constructor, plus unit test fixes
2017-07-27 22:06:31 -05:00
Preetha Appan
25acd1534a
Move go-socketaddr template parsing into config package to make it happen before creating a new agent. Also removed redundant parsetemplate calls from agent.go.
2017-07-27 16:17:35 -05:00
James Phillips
496b0bcf07
Adds support for agent-side ACL token management via API instead of config files. ( #3324 )
...
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
James Phillips
c413a9161e
Removes an unnecessary close.
2017-07-24 21:41:18 -07:00
Preetha Appan
f8b633c69e
Removed redundant logging
2017-07-24 21:07:48 -05:00
Preetha Appan
c26fd66edd
Clean up temporary files on write errors, and ignore any temporary service files on load with a warning. This fixes #3207
2017-07-24 12:42:51 -05:00
James Phillips
1774fdc237
Tweaks the error when scripts are disabled.
...
This will hopefully help people self-serve if they upgrade without accounting
for this.
2017-07-19 22:15:04 -07:00
Frank Schroeder
83577e0daa
agent: make docker client work on windows
2017-07-19 12:03:59 +02:00
preetapan
fb43953894
Merge pull request #3296 from hashicorp/ensure_registration_race
...
Fix race condition between removing a service and adding a check for …
2017-07-18 18:36:47 -05:00
Preetha Appan
e50f0e6722
Clean up any watch monitors associated with a failed AddCheck
2017-07-18 16:54:20 -05:00
Preetha Appan
6a257f242e
Removed unit test, added clarifying comment and returned a friendlier error message similar to the one in agent's AddService method
...
Fixes #3297
2017-07-18 16:15:47 -05:00
Kyle Havlovitz
19eae3d14b
Add UpgradeVersionTag to autopilot config
2017-07-18 13:35:41 -07:00
Frank Schroeder
0d9b53730f
agent: stop docker checks on shutdown
2017-07-18 20:59:24 +02:00
Frank Schroeder
60540c2417
agent: stop and remove docker checks
...
Note that there is no test since the correct way to solve (and test)
this is to replace the different maps with a single one or to hide
that functionality behind a separate data structure. This will be
addressed in #3294 .
Fixes #3265
2017-07-18 20:59:24 +02:00
Frank Schroeder
2123700056
agent: replace docker check
...
This patch replaces the Docker client which is used
for health checks with a simplified version tailored
for that purpose.
See #3254
See #3257
Fixes #3270
2017-07-18 20:24:38 +02:00
James Phillips
fff0f9698f
Prevents disabling gossip keyring file from disabling gossip encryption. ( #3278 )
2017-07-17 12:48:45 -07:00
James Phillips
1791d99a10
Adds new config to make script checks opt-in, updates documentation. ( #3284 )
2017-07-17 11:20:35 -07:00
James Phillips
0881e46111
Cleans up version 8 ACLs in the agent and the docs. ( #3248 )
...
* Moves magic check and service constants into shared structs package.
* Removes the "consul" service from local state.
Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.
* Makes coordinate update ACL log message a warning, similar to other AE warnings.
* Adds much more detailed examples for bootstrapping ACLs.
This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234 .
2017-07-13 22:33:47 -07:00
Frank Schroeder
7381a05d8d
agent: do not modify agent config after NewAgent
2017-07-07 09:22:34 +02:00
Frank Schroeder
7f7c0ad65e
agent: clone partial consul config
...
The agent configuration for the consul server is a partial configuration
which needs to be cloned to avoid data races.
This is a stop-gap measure before moving the configuration into
a separate package.
2017-07-07 09:22:34 +02:00
Frank Schroeder
0763788b82
agent: fix data race between consul server and local state
2017-07-07 09:22:34 +02:00
Preetha Appan
07db760d53
Fix missing formatting directive causing go vet to fail
2017-06-27 16:32:38 -05:00
James Phillips
4a3604a3ee
Removes some useless comments.
2017-06-25 10:32:35 -07:00
James Phillips
6977e40077
Fixes watch tracking during reloads and fixes address issue. ( #3189 )
...
This patch fixes watch registration through the config file and a broken log line when the watch registration fails. It also plumbs all the watch loading through a common function and tweaks the
unit test to create the watch before the reload.
2017-06-24 12:52:41 -07:00
James Phillips
380c8b957d
Changes host-based node IDs from opt-out to opt-in. ( #3187 )
2017-06-24 09:36:53 -07:00
Frank Schröder
31a310f551
agent: notify systemd after JoinLAN ( #2121 )
...
This patch adds support for notifying systemd via the
NOTIFY_SOCKET by sending 'READY=1' to the socket after
a successful JoinLAN.
Fixes #2121
2017-06-21 06:43:55 +02:00
Frank Schroeder
ea5b0f2c7c
agent: fix 'consul leave' shutdown race ( #2880 )
...
When the agent is triggered to shutdown via an external 'consul leave'
command delivered via the HTTP API then the client expects to receive a
response when the agent is down. This creates a race on when to shutdown
the agent itself like the RPC server, the checks and the state and the
external endpoints like DNS and HTTP.
This patch splits the shutdown process into two parts:
* shutdown the agent
* shutdown the endpoints (http and dns)
They can be executed multiple times, concurrently and in any order but
should be executed first agent, then endpoints to provide consistent
behavior across all use cases. Both calls have to be executed for a
proper shutdown.
This could be partially hidden in a single function but would introduce
some magic that happens behind the scenes which one has to know of but
isn't obvious.
Fixes #2880
2017-06-21 05:52:51 +02:00
Frank Schroeder
c4fc581e07
agent: make registerEndpoint private
...
This is only used for testing.
2017-06-21 05:42:39 +02:00
Frank Schroeder
2b41f2e3a3
agent: make the RPC endpoint overwrite mechanism more transparent
...
This patch hides the RPC handler overwrite mechanism from the
rest of the code so that it works in all cases and that there
is no cooperation required from the tested code, i.e. we can
drop a.getEndpoint().
2017-06-21 05:42:39 +02:00
Frank Schroeder
c49a15d0f3
agent: move structs into consul/structs pkg
...
* CheckDefinition
* ServiceDefinition
* CheckType
2017-06-21 05:42:39 +02:00
Frank Schroeder
4273fb8444
agent: move NotifyGroup into the agent pkg
2017-06-21 05:42:39 +02:00
Frank Schroeder
80971c8a85
agent: move the SnapshotReplyFn out of the way
...
When splitting up the consul package into server and client
the SnapshotReplyFn needs to be in a separate package to avoid
a circular dependency.
2017-06-21 05:42:39 +02:00
Frank Schroeder
04b9392b00
agent: use the delegate interface for local state
2017-06-21 05:42:39 +02:00
Frank Schroeder
d77d2be13e
agent: rename clientServer interface to delegate
2017-06-21 05:42:39 +02:00
Frank Schroeder
b083ce17c7
Revert "agent: fix 'consul leave' shutdown race ( #2880 )"
...
This reverts commit 90c83a32b5
.
2017-06-19 21:34:08 +02:00
Frank Schroeder
90c83a32b5
agent: fix 'consul leave' shutdown race ( #2880 )
...
When the agent is triggered to shutdown via an external 'consul leave'
command delivered via the HTTP API then the client expects to receive a
response when the agent is down. This creates a race on when to shutdown
the agent itself like the RPC server, the checks and the state and the
external endpoints like DNS and HTTP. Ideally, the external endpoints
should be shutdown before the internal state but if the goal is to
respond reliably that the agent is down then this is not possible.
This patch splits the agent shutdown into two parts implemented in a
single method to keep it simple and unambiguos for the caller. The first
stage shuts down the internal state, checks, RPC server, ...
synchronously and then triggers the shutdown of the external endpoints
asychronously. This way the caller is guaranteed that the internal state
services are down when Shutdown returns and there remains enough time to
send a response.
Fixes #2880
2017-06-19 21:24:26 +02:00
Kyle Havlovitz
5d99ee80ca
Add an option to disable keyring file ( #3145 )
...
Also disables keyring file in dev mode.
2017-06-15 15:24:04 -07:00
Frank Schroeder
1c75cf1af5
pkg refactor
...
command/agent/* -> agent/*
command/consul/* -> agent/consul/*
command/agent/command{,_test}.go -> command/agent{,_test}.go
command/base/command.go -> command/base.go
command/base/* -> command/*
commands.go -> command/commands.go
The script which did the refactor is:
(
cd $GOPATH/src/github.com/hashicorp/consul
git mv command/agent/command.go command/agent.go
git mv command/agent/command_test.go command/agent_test.go
git mv command/agent/flag_slice_value{,_test}.go command/
git mv command/agent .
git mv command/base/command.go command/base.go
git mv command/base/config_util{,_test}.go command/
git mv commands.go command/
git mv consul agent
rmdir command/base/
gsed -i -e 's|package agent|package command|' command/agent{,_test}.go
gsed -i -e 's|package agent|package command|' command/flag_slice_value{,_test}.go
gsed -i -e 's|package base|package command|' command/base.go command/config_util{,_test}.go
gsed -i -e 's|package main|package command|' command/commands.go
gsed -i -e 's|base.Command|BaseCommand|' command/commands.go
gsed -i -e 's|agent.Command|AgentCommand|' command/commands.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/commands.go
gsed -i -e 's|base\.||' command/commands.go
gsed -i -e 's|command\.||' command/commands.go
gsed -i -e 's|command|c|' main.go
gsed -i -e 's|range Commands|range command.Commands|' main.go
gsed -i -e 's|Commands: Commands|Commands: command.Commands|' main.go
gsed -i -e 's|base\.BoolValue|BoolValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.DurationValue|DurationValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.StringValue|StringValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.UintValue|UintValue|' command/operator_autopilot_set.go
gsed -i -e 's|\bCommand\b|BaseCommand|' command/base.go
gsed -i -e 's|BaseCommand Options|Command Options|' command/base.go
gsed -i -e 's|base.Command|BaseCommand|' command/*.go
gsed -i -e 's|c\.Command|c.BaseCommand|g' command/*.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/*_test.go
gsed -i -e 's|base\.||' command/*_test.go
gsed -i -e 's|\bCommand\b|AgentCommand|' command/agent{,_test}.go
gsed -i -e 's|cmd.AgentCommand|cmd.BaseCommand|' command/agent.go
gsed -i -e 's|cli.AgentCommand = new(Command)|cli.Command = new(AgentCommand)|' command/agent_test.go
gsed -i -e 's|exec.AgentCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|exec.BaseCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|NewTestAgent|agent.NewTestAgent|' command/agent_test.go
gsed -i -e 's|= TestConfig|= agent.TestConfig|' command/agent_test.go
gsed -i -e 's|: RetryJoin|: agent.RetryJoin|' command/agent_test.go
gsed -i -e 's|\.\./\.\./|../|' command/config_util_test.go
gsed -i -e 's|\bverifyUniqueListeners|VerifyUniqueListeners|' agent/config{,_test}.go command/agent.go
gsed -i -e 's|\bserfLANKeyring\b|SerfLANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bserfWANKeyring\b|SerfWANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bNewAgent\b|agent.New|g' command/agent{,_test}.go
gsed -i -e 's|\bNewAgent|New|' agent/{acl_test,agent,testagent}.go
gsed -i -e 's|\bAgent\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bBool\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDefaultConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDevConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bMergeConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bReadConfigPaths\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bParseMetaPair\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfLANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfWANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|circonus\.agent|circonus|g' command/agent{,_test}.go
gsed -i -e 's|logger\.agent|logger|g' command/agent{,_test}.go
gsed -i -e 's|metrics\.agent|metrics|g' command/agent{,_test}.go
gsed -i -e 's|// agent.Agent|// agent|' command/agent{,_test}.go
gsed -i -e 's|a\.agent\.Config|a.Config|' command/agent{,_test}.go
gsed -i -e 's|agent\.AppendSliceValue|AppendSliceValue|' command/{configtest,validate}.go
gsed -i -e 's|consul/consul|agent/consul|' GNUmakefile
gsed -i -e 's|\.\./test|../../test|' agent/consul/server_test.go
# fix imports
f=$(grep -rl 'github.com/hashicorp/consul/command/agent' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/command/agent|github.com/hashicorp/consul/agent|' $f
goimports -w $f
f=$(grep -rl 'github.com/hashicorp/consul/consul' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/consul|github.com/hashicorp/consul/agent/consul|' $f
goimports -w $f
goimports -w command/*.go main.go
)
2017-06-10 18:52:45 +02:00