Commit Graph

1132 Commits

Author SHA1 Message Date
James Phillips bcf1ffad99
Adds complete ACL coverage for /v1/coordinate/nodes and Coordinate.Update RPC. 2016-12-12 14:52:27 -08:00
James Phillips 0139bbb963
Adds support for a new "acl_agent_token" which is used for internal
catalog operations.
2016-12-12 14:52:27 -08:00
James Phillips 0ed6b1bb18
Bans anonymous queries that aren't tied to a session.
This gets us coverage of PQ creation under the existing service
policy or the soon-to-be-added session policy.
2016-12-12 14:52:27 -08:00
James Phillips 66b437ca33
Removes the exception for the "consul" service in the catalog. 2016-12-07 17:58:23 -08:00
Yakau Bubnou e52fd6e0af Concurrent-safe notification mock
This patch provides additional attribute to the notification mock in
order to protect an access to the internal maps from multiple
go-routines. This is required to prevent panic errors caused by
inconsistent map state.
2016-12-07 19:31:44 +03:00
Chris Marchesi 6500d1afaa command/agent: Google Compute Engine host discovery
This commit adds several command-line and config options that facilitate
host discovery through Google Compute Engine (GCE), much like the
recently added EC2 host discovery options. This should assist with
bootstrapping and joining servers within GCE when non-static addresses
are used, such as when using managed instance groups.

Documentation has also been added. It should be noted that if running
from within a GCE instance, the only option that should be necessary is
-retry-join-gce-tag-value.
2016-12-06 17:46:40 -08:00
James Phillips 8ae9e17dff
Adds an opt-in for new ACL policies and features coming in Consul 0.8. 2016-12-06 11:06:14 -08:00
Sean Chittenden 830125a8b3
Run all known addresses through go-sockaddr/template.
The following is now possible:

```
$ consul agent -dev -client="{{GetPrivateIP}}" -bind='{{GetInterfaceIP "en0"}}'
```
2016-12-02 16:35:38 +11:00
Kyle Havlovitz ead30ca62b Fix race issue in monitor endpoint test 2016-12-01 13:40:00 -05:00
James Phillips c07bdb173b Merge pull request #2555 from hashicorp/pr-2497-slackpad
Updates Circonus library and adds support for custom display name and tags.
2016-11-30 21:42:01 -08:00
Kyle Havlovitz bd69c6d871 Add reload/leave http endpoints (#2516) 2016-11-30 13:29:42 -05:00
mckennajones 8b3ab100ef ignore sigpipe signals to fix journalctl issue #2404 2016-11-30 09:42:10 -08:00
Seth Vargo 4179aacf11
Add an API method for determining the best status
Given a list of HealthChecks, this determines the "best" status for the
collective group. This is useful for nodes and services, which may have
multiple checks associated with them.
2016-11-29 18:41:46 -05:00
Kyle Havlovitz 338e36cc5d Add logWriter to agent Create() method 2016-11-28 18:36:26 -05:00
Kyle Havlovitz 124f907063 Add monitor http endpoint 2016-11-28 18:36:26 -05:00
James Phillips dd31e47eef
Updates static assets to pick up #2340 and and #2525. 2016-11-22 17:47:50 -08:00
Kyle Havlovitz 6bd65c668b Combine keyring endpoints into one 2016-11-22 20:10:43 -05:00
Kyle Havlovitz dd3368c19e Add keyring http endpoints 2016-11-22 20:10:43 -05:00
mckennajones 8daa45c5b4 check if data-dir is actually a directory 2016-11-22 13:33:51 -08:00
James Phillips fa680bded7
Defaults to pretty JSON in dev mode. 2016-11-17 22:31:19 -08:00
James Phillips c744792fc4 Merge pull request #2238 from hasyimibhar/master
Remove duplicated environment variables
2016-11-17 16:18:02 -08:00
James Phillips 16f8e04bfe
Revert "Updates Circonus metrics library and adds support for display name and tags."
This reverts commit bd490ec937 from #2491.
2016-11-09 16:21:02 -08:00
Kyle Havlovitz 92ce2c9e39 Use uuids in persist temp files to avoid race (#2494) 2016-11-09 15:22:53 -08:00
Kyle Havlovitz b1760b223e Improve logging when deregistering a nonexistent service (#2492)
Log a warning instead of a success message when attempting to deregister a nonexistent service. In Consul 0.8 this can be changed to giving an error outright, but for now we can keep the idempotent delete behavior.
2016-11-09 16:56:54 -05:00
matt maier bd490ec937 Updates Circonus metrics library and adds support for display name and tags.
* Update circonus-gometrics

`vendor circonus-labs/circonus-gometrics`
`vendor circonus-labs/circonus-gometrics/api`
`vendor circonus-labs/circonus-gometrics/checkmgr`
`vendor circonus-labs/circonusllhist`
`vendor hashicorp/go-retryablehttp`

* Update Circonus integration expose Check Display Name and Check Tags configuration options.

* Adds version info to docs for new Circonus options.
2016-11-09 13:26:43 -08:00
matt maier 91a8b43d5a Update Circonus integration expose Check Display Name and Check Tags configuration options. 2016-11-09 15:33:37 -05:00
James Phillips 2f341738a1 Removes stale reference to reap lock which causes a panic. (#2490) 2016-11-09 09:52:07 -08:00
James Phillips bc47511d26
Runs the static asset packaging inside the container; updates assets. 2016-11-08 15:14:08 -08:00
James Phillips 8af20ff1a5
Updates embedded static assets. 2016-11-08 14:22:39 -08:00
Kyle Havlovitz 8e621eb9c8 Set MaxStale default to 10 years and add a stale counter (#2481)
Default MaxStale to 10 years and add a counter at `consul.dns.stale_queries` that tracks when an agent serves a query that's stale by at least 5 seconds. Previously, MaxStale defaulted to 5 seconds and DNS would become unavailable after a short period of time with no leader. This new default allows DNS requests to still be served in the event of a long outage.

Fixes #2460.
2016-11-08 14:45:12 -05:00
Brian Hays 1c01b10c87 Lowercase ACL Datacenter (#2478)
* Lowercase ACL Datacenter

* move lowercasing of ACLDatacenter to command.go and add validation

* Tweaks error message about bad ACL datacenter.
2016-11-07 18:41:23 -08:00
Kyle Havlovitz 83d2f36b54 Merge pull request #2480 from hashicorp/b-atomic-writes
Atomic writes for persisting service/check state
2016-11-07 15:36:35 -05:00
Kyle Havlovitz 7a3e0f8275
Add a note about not calling sync for persistCheckState 2016-11-07 15:24:31 -05:00
Kyle Havlovitz e30b289c6f
Call fsync() for saving check/service state 2016-11-07 13:51:03 -05:00
Kyle Havlovitz e665ec87aa Add WaitForResult to some flaky tests (#2477)
This replaces some hard sleeps with testutil.WaitForResult retry
logic in some recently added tests around TLSSkipVerify in checks.
2016-11-04 21:55:55 -07:00
James Phillips 925c46f725 Moves logger setup into its own package. (#2471)
* Moves logger setup into its own package.

* Removes a stray regex mark in the test locator.
2016-11-03 21:14:56 -07:00
Kyle McCullough 73b281a27c Add setting to skip ssl certificate verification for HTTP checks (#1984)
* http check: add setting to skip ssl certificate verification

* update http check documentation

* fix typo in documentation

* Add TLSSkipVerify to agent api
2016-11-03 13:17:30 -07:00
James Phillips 233a3a101b Supports WAN and LAN Serf Bind Addresses. (#2468)
* * adding cli config and config file support for specifying the serf wan and lan bind addresses
* updating documentation for serf wan and lan options
Fixes #2007

* Cleans up some small things from #2380.

* Uses the bind default for the agent test for Serf WAN and LAN.
2016-11-03 12:58:58 -07:00
James Phillips c06a107638
Removes unnecessary clause in unit test check. 2016-11-03 12:26:48 -07:00
James Phillips 7b98ae921e Adds support for DNS recurse truncation. (#2467)
* Return message from recurse even if truncated

Signed-off-by: Evan Farrar <efarrar@pivotal.io>

* Tweaks unit test.
2016-11-03 12:21:16 -07:00
Kyle Havlovitz 073798594d Merge pull request #2459 from hashicorp/f-aws-autodiscovery
AWS -retry-join-ec2 option
2016-11-03 13:27:23 -04:00
Kyle Havlovitz 1de39d23d1
Small tweaks to docs and syntax 2016-11-03 13:04:42 -04:00
Kyle Havlovitz 1b204eb88d Disallow -bootstrap-expect flag in dev mode (#2464) 2016-11-03 01:54:43 -04:00
James Phillips e8caf76339
Builds static assets to pick up #2456 (redux).
Built this time using the same container that the dist build uses so
it won't see a difference and fail the build.
2016-11-02 15:54:53 -07:00
Kyle Havlovitz f3efab5f84
Add support for ECS task roles as an auth mechanism 2016-11-02 18:48:15 -04:00
Kyle Havlovitz d4d6e2b482
Move EC2 discovery logic into retryJoin for robustness 2016-11-02 14:35:37 -04:00
Kyle Havlovitz 468bf736b4
Support more forms of EC2 authentication 2016-11-01 21:24:18 -04:00
Kyle Havlovitz 9c75e69f65
Add testing around EC2 discovery config 2016-11-01 18:26:15 -04:00
Kyle Havlovitz 043e6891d6
Fixed up config structure for EC2 discovery 2016-11-01 17:58:51 -04:00
Kyle Havlovitz c908121c72 Merge branch 'master' of github.com:hashicorp/consul into aws_autodiscovery 2016-11-01 11:19:52 -04:00
James Phillips 723f70ed31
Builds static assets to pick up #2456. 2016-10-31 18:20:36 -07:00
Kyle Havlovitz e1f8a41a35 Retry periodically for 60s if syslog setup fails (#2455) 2016-10-31 17:24:00 -07:00
Kyle Havlovitz dce6702268 More flaky unit test fixes (#2449)
* More flaky unit test fixes
* Raise some test timeouts that were too low
2016-10-31 09:59:20 -07:00
Kyle Havlovitz 63534aca7e Added tests for lookups on the 'addr.consul' domain 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 84c87325ae Add a service address SRV lookup test for IPv6 2016-10-27 21:04:06 -07:00
Kyle Havlovitz f7ef84812d Fix test cases 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 2a26597769 Give the service address in SRV lookup when it differs from the node's 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 554440ab1d Resolve Consul CNAME records on external services (#2444) 2016-10-26 19:23:51 -07:00
James Phillips c01a3871c9 Adds support for snapshots and restores. (#2396)
* Updates Raft library to get new snapshot/restore API.

* Basic backup and restore working, but need some cleanup.

* Breaks out a snapshot module and adds a SHA256 integrity check.

* Adds snapshot ACL and fills in some missing comments.

* Require a consistent read for snapshots.

* Make sure snapshot works if ACLs aren't enabled.

* Adds a bit of package documentation.

* Returns an empty response from restore to avoid EOF errors.

* Adds API client support for snapshots.

* Makes internal file names match on-disk file snapshots.

* Adds DC and token coverage for snapshot API test.

* Adds missing documentation.

* Adds a unit test for the snapshot client endpoint.

* Moves the connection pool out of the client for easier testing.

* Fixes an incidental issue in the prepared query unit test.

I realized I had two servers in bootstrap mode so this wasn't a good setup.

* Adds a half close to the TCP stream and fixes panic on error.

* Adds client and endpoint tests for snapshots.

* Moves the pool back into the snapshot RPC client.

* Adds a TLS test and fixes half-closes for TLS connections.

* Tweaks some comments.

* Adds a low-level snapshot test.

This is independent of Consul so we can pull this out into a library
later if we want to.

* Cleans up snapshot and archive and completes archive tests.

* Sends a clear error for snapshot operations in dev mode.

Snapshots require the Raft snapshots to be readable, which isn't supported
in dev mode. Send a clear error instead of a deep-down Raft one.

* Adds docs for the snapshot endpoint.

* Adds a stale mode and index feedback for snapshot saves.

This gives folks a way to extract data even if the cluster has no
leader.

* Changes the internal format of a snapshot from zip to tgz.

* Pulls in Raft fix to cancel inflight before a restore.

* Pulls in new Raft restore interface.

* Adds metadata to snapshot saves and a verify function.

* Adds basic save and restore snapshot CLI commands.

* Gets rid of tarball extensions and adds restore message.

* Fixes an incidental bad link in the KV docs.

* Adds documentation for the snapshot CLI commands.

* Scuttle any request body when a snapshot is saved.

* Fixes archive unit test error message check.

* Allows for nil output writers in snapshot RPC handlers.

* Renames hash list Decode to DecodeAndVerify.

* Closes the client connection for snapshot ops.

* Lowers timeout for restore ops.

* Updates Raft vendor to get new Restore signature and integrates with Consul.

* Bounces the leader's internal state when we do a restore.
2016-10-25 19:20:24 -07:00
Kyle Havlovitz e2d9114b34 Agent anti-entropy test fixes 2016-10-25 17:48:11 -07:00
Kyle Havlovitz 3add830b3a Test fixes (#2434)
* Test fixes in health_endpoint_test.go, agent_endpoint_test.go and rtt_test.go
* Don't reuse the same agent config in TestAgent_ReconnectConfigSettings
2016-10-25 13:46:54 -07:00
James Phillips 03ae813bc7 Merge pull request #2389 from hashicorp/jbs-2019
Lower Service tag DNS warning to DEBUG for #2019
2016-10-24 17:05:02 -07:00
James Phillips 95d418d7da
Removes reap config option. 2016-10-06 21:45:18 -07:00
Brian Shumate 74a8fbef06
Lower Service tag DNS warning to DEBUG for #2019 2016-10-05 08:45:01 -04:00
Adam Wolfe Gordon 5ac5a8ccfc agent: Stop reaping child processes (resolves #1988)
The consul docker image now uses dumb-init to reap child processes, so
there's no need to reap them ourselves.
2016-10-04 09:36:41 -06:00
James Phillips 5f0835fae7
Runs go-fmt (incidental to this PR). 2016-09-23 17:44:14 -07:00
James Phillips 1f5ae4827e
Makes string search for Windows case-insensitive.
Fixes #2356.
2016-09-23 17:43:40 -07:00
James Phillips 216c5c7786 Merge pull request #2353 from hashicorp/b-local-panic
Cleans up state management for remote deletes from local state.
2016-09-22 12:56:08 -07:00
James Phillips c780149b5d
Calls remove on checks and services in the local test. 2016-09-22 11:41:17 -07:00
James Phillips c8ce41f459
Cleans up state management for remote deletes from local state.
Fixes #2125.
2016-09-21 16:52:43 -07:00
James Phillips b0b05f48f3 Merge pull request #2262 from WIZARD-CXY/master
Fixes go race bug in startup log buffering.
2016-09-20 17:24:52 -07:00
Felix f0eb0ba549 return an error if no logOutput is provided
Otherwise the code will panic at a later stage where it is more complicated to figure out what’s actually going on.
2016-09-17 17:46:13 +09:00
James Phillips f686d34483 Merge pull request #2263 from sweeneyb/dnsPort
Add support for dns port as a command line option
2016-09-01 22:16:15 -07:00
James Phillips 4b2eaeda17
Does some go fmt cleanup. 2016-09-01 22:14:19 -07:00
James Phillips d19995c067 Merge pull request #2322 from hashicorp/pr-2321-slackpad
Adds a configurable timeout for DNS recursor client.
2016-09-01 22:11:54 -07:00
James Phillips fce0052a70
Adds a recursor timeout line to the merge test. 2016-09-01 21:53:33 -07:00
James Phillips da34496645
Fixes a typo in a test error message. 2016-09-01 21:52:29 -07:00
Pivotal DX129 fe61650ef0 Merge remote-tracking branch 'upstream/master' 2016-09-01 10:15:32 -04:00
James Phillips 55ef6c54a6
Changes default for `leave_on_terminate` based on server or client mode. 2016-08-31 23:39:11 -07:00
James Phillips ed7356dd5c
Changes default DNS allow_stale to true. 2016-08-30 13:55:19 -07:00
James Phillips 3c9188c38b
Makes the Raft configuration API easier to consume. 2016-08-30 11:30:56 -07:00
James Phillips e5850d8a26
Adds new consul operator endpoint, CLI, and ACL and some basic Raft commands. 2016-08-30 00:02:50 -07:00
Pivotal DX129 f9b6cd636e Fixed code formatting 2016-08-29 17:29:23 -04:00
Pierre Delagrave db8ff0a582 Made the dns recursor timeout test more reliable 2016-08-29 13:23:14 -04:00
Pierre Delagrave d9bd41fc4d Renamed dns config parameter internal_client_timeout for recursor_timeout 2016-08-26 15:22:04 -04:00
Pierre Delagrave 3fe117c24d Merge remote-tracking branch 'pierre/master' 2016-08-26 15:12:38 -04:00
James Phillips d64d53a0de Merge pull request #2303 from hashicorp/f-tunes
Adds performance tuning capability for Raft, detuned defaults, and supplemental docs.
2016-08-25 15:45:49 -07:00
James Phillips 17b70c7efd
Adds a max raft multiplier and tweaks documentation. 2016-08-25 15:36:05 -07:00
James Phillips 2822334bce
Stops scaling the commit timeout. 2016-08-25 15:05:40 -07:00
James Phillips 53c73f0ee5
Redacts the Circonus API token from stats JSON. 2016-08-24 23:27:25 -07:00
James Phillips 57db4bcce6
Adds performance tuning capability for Raft, detuned defaults, and supplemental docs. 2016-08-24 21:58:37 -07:00
Pierre Delagrave c8c4b9d344 Added a configurable timeout to the client making DNS queries to downstream name servers 2016-08-23 16:59:38 -04:00
James Phillips a48463f100
Removed bad error message for health check status. 2016-08-17 17:54:09 -07:00
James Phillips defa2a6180 Merge pull request #2226 from abhinavdahiya/rm-health-unknown
Fixes #1775; Removes 'unknown' state
2016-08-17 17:51:04 -07:00
James Phillips 4c7a0ed3b0
Merge branch 'master' into f-deregister-critical 2016-08-16 12:53:21 -07:00
James Phillips ba60afd5d8
Cleans up based on code review feedback. 2016-08-16 12:52:30 -07:00
James Phillips 9f7a973ace
Adds an `X-Consul-Translate-Addresses` to signal translation is enabled. 2016-08-16 11:31:41 -07:00
James Phillips fbdd021ab9
Adds an "lan" tagged address so we have a way to get them all.
If we didn't have this, then there would be no way to know the LAN
address if address translation was turned on.
2016-08-16 10:49:03 -07:00
James Phillips 4a3d7db24f
Adds ability to deregister a service based on critical check state longer than a timeout. 2016-08-16 01:00:26 -07:00
James Phillips 55e83c9e1c
Tweaks the WAN address translation unit tests. 2016-08-15 15:34:11 -07:00