Commit Graph

2013 Commits

Author SHA1 Message Date
R.B. Boyer 2144bd7fbd acl: tokens can be created with an optional expiration time (#5353) 2019-04-26 14:47:51 -05:00
Matt Keeler 222afeae4c
Move the watch package into the api module (#5664)
* Move the watch package into the api module

It was already just a thin wrapper around the API anyways. The biggest change was to the testing. Instead of using a test agent directly from the agent package it now uses the binary on the PATH just like the other API tests.

The other big changes were to fix up the connect based watch tests so that we didn’t need to pull in the connect package (and therefore all of Consul)
2019-04-26 12:33:01 -04:00
Alvin Huang 8ceca2ace3
Add fmt and vet (#5671)
* add go fmt and vet

* go fmt fixes
2019-04-25 12:26:33 -04:00
Matt Keeler afa1cc98d1
Implement data filtering of some endpoints (#5579)
Fixes: #4222 

# Data Filtering

This PR will implement filtering for the following endpoints:

## Supported HTTP Endpoints

- `/agent/checks`
- `/agent/services`
- `/catalog/nodes`
- `/catalog/service/:service`
- `/catalog/connect/:service`
- `/catalog/node/:node`
- `/health/node/:node`
- `/health/checks/:service`
- `/health/service/:service`
- `/health/connect/:service`
- `/health/state/:state`
- `/internal/ui/nodes`
- `/internal/ui/services`

More can be added going forward and any endpoint which is used to list some data is a good candidate.

## Usage

When using the HTTP API a `filter` query parameter can be used to pass a filter expression to Consul. Filter Expressions take the general form of:

```
<selector> == <value>
<selector> != <value>
<value> in <selector>
<value> not in <selector>
<selector> contains <value>
<selector> not contains <value>
<selector> is empty
<selector> is not empty
not <other expression>
<expression 1> and <expression 2>
<expression 1> or <expression 2>
```

Normal boolean logic and precedence is supported. All of the actual filtering and evaluation logic is coming from the [go-bexpr](https://github.com/hashicorp/go-bexpr) library

## Other changes

Adding the `Internal.ServiceDump` RPC endpoint. This will allow the UI to filter services better.
2019-04-16 12:00:15 -04:00
Matt Keeler f88d1ccc36
Handle rules translation when coming from the JSON compat HCL (#5662)
We were not handling some object keys when they were strings instead of identifiers. Now both are handled.

Fixes #5493
2019-04-15 14:34:36 -04:00
Alvin Huang f45e495e38
Merge pull request #5376 from hashicorp/fix-tests
Fix tests in prep for CircleCI Migration
2019-04-04 17:09:32 -04:00
tristan-weil fe938e6e28 tls: allow to add ip addresses as Subject Alternative Names when creating certificates (#5602) 2019-04-04 14:32:02 +02:00
Jeff Mitchell 4243c3ae42
Move internal/ to sdk/ (#5568)
* Move internal/ to sdk/

* Add a readme to the SDK folder
2019-03-27 08:54:56 -04:00
Jeff Mitchell 47c390025b
Convert to Go Modules (#5517)
* First conversion

* Use serf 0.8.2 tag and associated updated deps

* * Move freeport and testutil into internal/

* Make internal/ its own module

* Update imports

* Add replace statements so API and normal Consul code are
self-referencing for ease of development

* Adapt to newer goe/values

* Bump to new cleanhttp

* Fix ban nonprintable chars test

* Update lock bad args test

The error message when the duration cannot be parsed changed in Go 1.12
(ae0c435877d3aacb9af5e706c40f9dddde5d3e67). This updates that test.

* Update another test as well

* Bump travis

* Bump circleci

* Bump go-discover and godo to get rid of launchpad dep

* Bump dockerfile go version

* fix tar command

* Bump go-cleanhttp
2019-03-26 17:04:58 -04:00
Alvin Huang 8cb8108b1b fix typos 2019-03-06 14:47:33 -05:00
R.B. Boyer f4a3b9d518
fix typos reported by golangci-lint:misspell (#5434) 2019-03-06 11:13:28 -06:00
R.B. Boyer c7067645dd fix a few leap-year related clock math inaccuracies and failing tests 2019-03-01 13:51:49 -06:00
Matt Keeler 118adbb123
ACL Token Persistence and Reloading (#5328)
This PR adds two features which will be useful for operators when ACLs are in use.

1. Tokens set in configuration files are now reloadable.
2. If `acl.enable_token_persistence` is set to `true` in the configuration, tokens set via the `v1/agent/token` endpoint are now persisted to disk and loaded when the agent starts (or during configuration reload)

Note that token persistence is opt-in so our users who do not want tokens on the local disk will see no change.

Some other secondary changes:

* Refactored a bunch of places where the replication token is retrieved from the token store. This token isn't just for replicating ACLs and now it is named accordingly.
* Allowed better paths in the `v1/agent/token/` API. Instead of paths like: `v1/agent/token/acl_replication_token` the path can now be just `v1/agent/token/replication`. The old paths remain to be valid. 
* Added a couple new API functions to set tokens via the new paths. Deprecated the old ones and pointed to the new names. The names are also generally better and don't imply that what you are setting is for ACLs but rather are setting ACL tokens. There is a minor semantic difference there especially for the replication token as again, its no longer used only for ACL token/policy replication. The new functions will detect 404s and fallback to using the older token paths when talking to pre-1.4.3 agents.
* Docs updated to reflect the API additions and to show using the new endpoints.
* Updated the ACL CLI set-agent-tokens command to use the non-deprecated APIs.
2019-02-27 14:28:31 -05:00
Alvin Huang 31af6be26a add serf check to TestLockCommand 2019-02-22 17:34:45 -05:00
Matt Keeler 766d771017
Pass a testing.T into NewTestAgent and TestAgent.Start (#5342)
This way we can avoid unnecessary panics which cause other tests not to run.

This doesn't remove all the possibilities for panics causing other tests not to run, it just fixes the TestAgent
2019-02-14 10:59:14 -05:00
R.B. Boyer adbe8ed370 correct some typos 2019-02-13 13:02:12 -06:00
R.B. Boyer de50bc3295
cli: fix typo in help text for 'consul acl role read' (#5311) 2019-02-04 15:16:15 -06:00
R.B. Boyer 5165874318
incorrect examples for 'consul acl policy' commands (#5303) 2019-02-01 09:16:36 -06:00
Matt Keeler 9715e1a08e
Basic TLS Command Tests (#5259)
* Add tls ca create tests

* Add a basic tls cert create test
2019-01-23 15:48:57 -05:00
Matt Keeler 1f2d1d4f75
Fix typo that prevented using the default ca domain for tls cert creation (#5258) 2019-01-23 13:14:28 -05:00
Hans Hasselberg 174099593a
agent: display messages from serf in cli (#5236)
* display messages from serf in cli
2019-01-22 21:08:50 +01:00
Grégoire Seux 4f62a3b528 Implement /v1/agent/health/service/<service name> endpoint (#3551)
This endpoint aggregates all checks related to <service id> on the agent
and return an appropriate http code + the string describing the worst
check.

This allows to cleanly expose service status to other component, hiding
complexity of multiple checks.
This is especially useful to use consul to feed a load balancer which
would delegate health checking to consul agent.

Exposing this endpoint on the agent is necessary to avoid a hit on
consul servers and avoid decreasing resiliency (this endpoint will work
even if there is no consul leader in the cluster).
2019-01-07 09:39:23 -05:00
Boris Popovschi b4eca8fcd7 Fixed gziping function for debug archive (#5184) 2019-01-03 10:39:58 -05:00
Hans Hasselberg acc458d7a4
Builtin tls helper (#5078)
* command: add tls subcommand
* website: update docs and guide
2018-12-19 09:22:49 +01:00
Jack Pearkes a90c29e60d Doc changes for 1.4 Final (#4870)
* website: add multi-dc enterprise landing page

* website: switch all 1.4.0 alerts/RC warnings

* website: connect product wording

Co-Authored-By: pearkes <jackpearkes@gmail.com>

* website: remove RC notification

* commmand/acl: fix usage docs for ACL tokens

* agent: remove comment, OperatorRead

* website: improve multi-dc docs

Still not happy with this but tried to make it slightly more informative.

* website: put back acl guide warning for 1.4.0

* website: simplify multi-dc page and respond to feedback

* Fix Multi-DC typos on connect index page.

* Improve Multi-DC overview.

A full guide is a WIP and will be added post-release.

* Fixes typo avaiable > available
2018-11-13 13:43:53 +00:00
Paul Banks 37d88cad29
Allow ACL legacy migration via CLI (#4882)
* Adds a flag to `consul acl token update` that allows legacy ACLs to be upgraded via the CLI.

Also fixes a bug where descriptions are deleted if not specified.

* Remove debug
2018-11-05 14:32:09 +00:00
R.B. Boyer 57dd160f40 command/debug: make better use of atomic operations to write out the debug snapshots to disk 2018-11-02 13:13:49 -05:00
R.B. Boyer 9211d2701d
fix comment typos (#4890) 2018-11-02 12:00:39 -05:00
Paul Banks 33ae0149ea
Doc and whitespace fixes for translate-rules command (#4877) 2018-10-31 17:28:04 +00:00
Martin Halder 988ceb697a website: fix minor typo in documentation (#4864) 2018-10-29 01:33:42 -07:00
Matt Keeler a02a6be6b9
Implement CLI token cloning & special ID handling (#4827)
* Implement CLI token cloning & special ID handling

* Update a couple CLI commands to take some alternative options.

* Document the CLI.

* Update the policy list and set-agent-token synopsis
2018-10-24 10:24:29 -04:00
Dhi Aurrahman 649082ab35 connect: Fix comment DYNAMIC_DNS to LOGICAL_DNS (#4799)
LOGICAL_DNS is one of the supported service discovery types [1].

[1] https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/service_discovery#arch-overview-service-discovery-types
2018-10-24 07:02:01 -07:00
Matt Keeler 18b29c45c4
New ACLs (#4791)
This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week.
Description

At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers.

On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though.

    Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though.
    All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management.
    Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are:
        A server running the new system must still support other clients using the legacy system.
        A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system.
        The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode.

So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 12:04:07 -04:00
Jack Pearkes 8c684db488 New command: consul debug (#4754)
* agent/debug: add package for debugging, host info

* api: add v1/agent/host endpoint

* agent: add v1/agent/host endpoint

* command/debug: implementation of static capture

* command/debug: tests and only configured targets

* agent/debug: add basic test for host metrics

* command/debug: add methods for dynamic data capture

* api: add debug/pprof endpoints

* command/debug: add pprof

* command/debug: timing, wg, logs to disk

* vendor: add gopsutil/disk

* command/debug: add a usage section

* website: add docs for consul debug

* agent/host: require operator:read

* api/host: improve docs and no retry timing

* command/debug: fail on extra arguments

* command/debug: fixup file permissions to 0644

* command/debug: remove server flags

* command/debug: improve clarity of usage section

* api/debug: add Trace for profiling, fix profile

* command/debug: capture profile and trace at the same time

* command/debug: add index document

* command/debug: use "clusters" in place of members

* command/debug: remove address in output

* command/debug: improve comment on metrics sleep

* command/debug: clarify usage

* agent: always register pprof handlers and protect

This will allow us to avoid a restart of a target agent
for profiling by always registering the pprof handlers.

Given this is a potentially sensitive path, it is protected
with an operator:read ACL and enable debug being
set to true on the target agent. enable_debug still requires
a restart.

If ACLs are disabled, enable_debug is sufficient.

* command/debug: use trace.out instead of .prof

More in line with golang docs.

* agent: fix comment wording

* agent: wrap table driven tests in t.run()
2018-10-19 08:41:03 -07:00
Aestek 25f04fbd21 [Security] Add finer control over script checks (#4715)
* Add -enable-local-script-checks options

These options allow for a finer control over when script checks are enabled by
giving the option to only allow them when they are declared from the local
file system.

* Add documentation for the new option

* Nitpick doc wording
2018-10-11 13:22:11 +01:00
Paul Banks c9217c958e merge feedback: fix typos; actually use deliverLatest added previously but not plumbed in 2018-10-10 16:55:34 +01:00
Paul Banks f9c0f00abb cli: envoy command default gRPC port (#4768)
* Default gRPC port; Start on some basic tests for argument and ENV handling; Make Exec test less platform-dependent.

* Allow hot-restarts

* Remove debug
2018-10-10 16:55:34 +01:00
R.B. Boyer c310451b2b cli: avoid passing envoy bootstrap configuration as arguments (#4747)
Play a trick with CLOEXEC to pass the envoy bootstrap configuration as
an open file descriptor to the exec'd envoy process. The file only
briefly touches disk before being unlinked.

We convince envoy to read from this open file descriptor by using the
/dev/fd/$FDNUMBER mechanism to read the open file descriptor as a file.

Because the filename no longer has an extension envoy's sniffing logic
falls back on JSON instead of YAML, so the bootstrap configuration must
be generated as JSON instead.
2018-10-10 16:55:34 +01:00
Paul Banks 161482d2cd Fix up tests broken by master merge; add proxy tests to services command (and fix it!); actually run the proxycfg.Manager 2018-10-10 16:55:34 +01:00
Paul Banks dca1303d05 Connect Envoy Command (#4735)
* Plumb xDS server and proxyxfg into the agent startup

* Add `consul connect envoy` command to allow running Envoy as a connect sidecar.

* Add test for help tabs; typos and style fixups from review
2018-10-10 16:55:34 +01:00
Paul Banks 8336b5e6b9 XDS Server Config (#4730)
* Config for the coming XDS server

* Default gRPC to 8502 for -dev mode; Re-merge the command Info output that shows gRPC.
2018-10-10 16:55:34 +01:00
Paul Banks e812f5516a Add -sidecar-for and new /agent/service/:service_id endpoint (#4691)
- A new endpoint `/v1/agent/service/:service_id` which is a generic way to look up the service for a single instance. The primary value here is that it:
   - **supports hash-based blocking** and so;
   - **replaces `/agent/connect/proxy/:proxy_id`** as the mechanism the built-in proxy uses to read its config.
   - It's not proxy specific and so works for any service.
   - It has a temporary shim to call through to the existing endpoint to preserve current managed proxy config defaulting behaviour until that is removed entirely (tested).
 - The built-in proxy now uses the new endpoint exclusively for it's config
 - The built-in proxy now has a `-sidecar-for` flag that allows the service ID of the _target_ service to be specified, on the condition that there is exactly one "sidecar" proxy (that is one that has `Proxy.DestinationServiceID` set) for the service registered.
 - Several fixes for edge cases for SidecarService
 - A fix for `Alias` checks - when running locally they didn't update their state until some external thing updated the target. If the target service has no checks registered as below, then the alias never made it past critical.
2018-10-10 16:55:34 +01:00
Paul Banks b83bbf248c Add Proxy Upstreams to Service Definition (#4639)
* Refactor Service Definition ProxyDestination.

This includes:
 - Refactoring all internal structs used
 - Updated tests for both deprecated and new input for:
   - Agent Services endpoint response
   - Agent Service endpoint response
   - Agent Register endpoint
     - Unmanaged deprecated field
     - Unmanaged new fields
     - Managed deprecated upstreams
     - Managed new
   - Catalog Register
     - Unmanaged deprecated field
     - Unmanaged new fields
     - Managed deprecated upstreams
     - Managed new
   - Catalog Services endpoint response
   - Catalog Node endpoint response
   - Catalog Service endpoint response
 - Updated API tests for all of the above too (both deprecated and new forms of register)

TODO:
 - config package changes for on-disk service definitions
 - proxy config endpoint
 - built-in proxy support for new fields

* Agent proxy config endpoint updated with upstreams

* Config file changes for upstreams.

* Add upstream opaque config and update all tests to ensure it works everywhere.

* Built in proxy working with new Upstreams config

* Command fixes and deprecations

* Fix key translation, upstream type defaults and a spate of other subtele bugs found with ned to end test scripts...

TODO: tests still failing on one case that needs a fix. I think it's key translation for upstreams nested in Managed proxy struct.

* Fix translated keys in API registration.
≈

* Fixes from docs
 - omit some empty undocumented fields in API
 - Bring back ServiceProxyDestination in Catalog responses to not break backwards compat - this was removed assuming it was only used internally.

* Documentation updates for Upstreams in service definition

* Fixes for tests broken by many refactors.

* Enable travis on f-connect branch in this branch too.

* Add consistent Deprecation comments to ProxyDestination uses

* Update version number on deprecation notices, and correct upstream datacenter field with explanation in docs
2018-10-10 16:55:34 +01:00
Paul Banks b06ddc9187 Rename proxy package (re-run of #4550) (#4638)
* Rename agent/proxy package to reflect that it is limited to managed proxy processes

Rationale: we have several other components of the agent that relate to Connect proxies for example the ProxyConfigManager component needed for Envoy work. Those things are pretty separate from the focus of this package so far which is only concerned with managing external proxy processes so it's nota good fit to put code for that in here, yet there is a naming clash if we have other packages related to proxy functionality that are not in the `agent/proxy` package.

Happy to bikeshed the name. I started by calling it `managedproxy` but `managedproxy.Manager` is especially unpleasant. `proxyprocess` seems good in that it's more specific about purpose but less clearly connected with the concept of "managed proxies". The names in use are cleaner though e.g. `proxyprocess.Manager`.

This rename was completed automatically using golang.org/x/tools/cmd/gomvpkg.

Depends on #4541

* Fix missed windows tagged files
2018-10-10 16:55:34 +01:00
Mitchell Hashimoto 69cdab0d84
command/services: just add additional output feedback on success 2018-10-02 12:48:46 -07:00
Mitchell Hashimoto 657682def9
command/services: add test to ensure that dev mode introduces no
services
2018-10-02 12:45:00 -07:00
Mitchell Hashimoto e00c40b4f5
command: register new commands 2018-10-01 09:17:36 -07:00
Mitchell Hashimoto bf83309124
command/services/register: flag-based registration 2018-10-01 09:16:14 -07:00
Mitchell Hashimoto 939708138f
command/services/deregister: tests for flag validation 2018-10-01 08:55:32 -07:00
Mitchell Hashimoto 3425f123ef
command/services/deregister: -id flag for deletion 2018-10-01 08:53:30 -07:00
Mitchell Hashimoto 2f97a618dc
command/services/deregister: basics working from file 2018-10-01 08:39:27 -07:00
Mitchell Hashimoto 4b887d6dda
command/services: move the config helpers to parent package 2018-10-01 08:27:59 -07:00
Mitchell Hashimoto 1e7d038b37
command/services/register: registration from files work 2018-10-01 08:05:57 -07:00
Mitchell Hashimoto 0fbaa18ed3
command/services/register: config mapping tests 2018-09-30 19:17:45 -07:00
Mitchell Hashimoto b315e79cfe
command/services 2018-09-27 23:52:17 -07:00
Benjamin Sago 20645c8459 Exit with error code 1 when failing to list DCs (#4583)
Fixes #4582.
2018-09-12 09:55:02 -07:00
Pierre Souchay 1a906ef34e Fix more unstable tests in agent and command 2018-09-12 14:49:27 +01:00
Pierre Souchay 22500f242e Fix unstable tests in agent, api, and command/watch 2018-09-10 16:58:53 +01:00
Pierre Souchay eddcf228ea Implementation of Weights Data structures (#4468)
* Implementation of Weights Data structures

Adding this datastructure will allow us to resolve the
issues #1088 and #4198

This new structure defaults to values:
```
   { Passing: 1, Warning: 0 }
```

Which means, use weight of 0 for a Service in Warning State
while use Weight 1 for a Healthy Service.
Thus it remains compatible with previous Consul versions.

* Implemented weights for DNS SRV Records

* DNS properly support agents with weight support while server does not (backwards compatibility)

* Use Warning value of Weights of 1 by default

When using DNS interface with only_passing = false, all nodes
with non-Critical healthcheck used to have a weight value of 1.
While having weight.Warning = 0 as default value, this is probably
a bad idea as it breaks ascending compatibility.

Thus, we put a default value of 1 to be consistent with existing behaviour.

* Added documentation for new weight field in service description

* Better documentation about weights as suggested by @banks

* Return weight = 1 for unknown Check states as suggested by @banks

* Fixed typo (of -> or) in error message as requested by @mkeeler

* Fixed unstable unit test TestRetryJoin

* Fixed unstable tests

* Fixed wrong Fatalf format in `testrpc/wait.go`

* Added notes regarding DNS SRV lookup limitations regarding number of instances

* Documentation fixes and clarification regarding SRV records with weights as requested by @banks

* Rephrase docs
2018-09-07 15:30:47 +01:00
Pierre Souchay 92acdaa94c Fixed flaky tests (#4626) 2018-09-04 12:31:51 +01:00
Siva Prasad ca35d04472
Adds a new command line flag -log-file for file based logging. (#4581)
* Added log-file flag to capture Consul logs in a user specified file

* Refactored code.

* Refactored code. Added flags to rotate logs based on bytes and duration

* Added the flags for log file and log rotation on the webpage

* Fixed TestSantize from failing due to the addition of 3 flags

* Introduced changes : mutex, data-dir log writes, rotation logic

* Added test for logfile and updated the default log destination for docs

* Log name now uses UnixNano

* TestLogFile is now uses t.Parallel()

* Removed unnecessary int64Val function

* Updated docs to reflect default log name for log-file

* No longer writes to data-dir and adds .log if the filename has no extension
2018-08-29 16:56:58 -04:00
Pierre Souchay 8e7b8bb524 Fixed unit test TestCatalogListServicesCommand (#4592) 2018-08-27 13:53:46 -04:00
Pierre Souchay af90c88f6a Fixed unstable test TestRTTCommand_LAN in command/rtt (#4585) 2018-08-27 11:37:13 -04:00
Pierre Souchay 3f9d1370b7 Fix unstable test TestRegisterMonitor_heartbeat (#4568) 2018-08-24 13:33:58 -04:00
Shubheksha fc3997f266 replace old fork of text package (#4501) 2018-08-14 12:23:18 -07:00
Freddy 6d43d24edb
Improve reliability of tests with TestAgent (#4525)
- Add WaitForTestAgent to tests flaky due to missing serfHealth registration

- Fix bug in retries calling Fatalf with *testing.T

- Convert TestLockCommand_ChildExitCode to table driven test
2018-08-14 12:08:33 -04:00
Freddy e305443db4
Address flakiness in command/exec tests (#4517)
* Add fn to wait for TestAgent node and check registration

* Add waits for TestAgent and retries before timeouts in exec_test
2018-08-10 15:04:07 -04:00
Pierre Souchay cec5d72396 BUGFIX: Unit test relying on WaitForLeader() did not work due to wrong test (#4472)
- Improve resilience of testrpc.WaitForLeader()

- Add additionall retry to CI

- Increase "go test" timeout to 8m

- Add wait for cluster leader to several tests in the agent package

- Add retry to some tests in the api and command packages
2018-08-06 19:46:09 -04:00
Mitchell Hashimoto effb17098a
Merge pull request #4314 from hashicorp/b-ignore-check
command/connect/proxy: ignore check doesn't exist on -register
2018-07-25 11:26:40 -05:00
Mitchell Hashimoto e39dfc919a
command/connect/proxy: ignore check doesn't exist on -register 2018-06-29 10:58:06 -07:00
Siva 5e04d7f1f1 Merge branch 'master' of github.com:hashicorp/consul into WinService 2018-06-26 16:49:50 -04:00
Paul Banks c6ef6a61c9 Refactor to use embedded struct. 2018-06-25 12:25:39 -07:00
Paul Banks 32f362bad9 StartupTelemetry => InitTelemetry 2018-06-25 12:25:39 -07:00
Paul Banks a7038454fd WIP 2018-06-25 12:25:38 -07:00
Paul Banks ecfda7cda5 Fix unreachable code warning from go vet 2018-06-25 12:24:15 -07:00
Paul Banks d1c67d90bc Fixs a few issues that stopped this working in real life but not caught by tests:
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
 - Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
 - Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
 - Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto caae034f3b command/connect/proxy: can specify prepared query upstream types 2018-06-25 12:24:13 -07:00
Paul Banks cdc7cfaa36 Abandon daemonize for simpler solution (preserving history):
Reverts:
  - bdb274852ae469c89092d6050697c0ff97178465
  - 2c689179c4f61c11f0016214c0fc127a0b813bfe
  - d62e25c4a7ab753914b6baccd66f88ffd10949a3
  - c727ffbcc98e3e0bf41e1a7bdd40169bd2d22191
  - 31b4d18933fd0acbe157e28d03ad59c2abf9a1fb
  - 85c3f8df3eabc00f490cd392213c3b928a85aa44
2018-06-25 12:24:10 -07:00
Paul Banks ba0fb58a72 Make daemoinze an option on test binary without hacks. Misc fixes for racey or broken tests. Still failing on several though. 2018-06-25 12:24:09 -07:00
Paul Banks 2b377dc624 Run daemon processes as a detached child.
This turns out to have a lot more subtelty than we accounted for. The test suite is especially prone to races now we can only poll the child and many extra levels of indirectoin are needed to correctly run daemon process without it becoming a Zombie.

I ran this test suite in a loop with parallel enabled to verify for races (-race doesn't find any as they are logical inter-process ones not actual data races). I made it through ~50 runs before hitting an error due to timing which is much better than before. I want to go back and see if we can do better though. Just getting this up.
2018-06-25 12:24:08 -07:00
Siva 319a0ae2bf Graceful exits added 2018-06-20 14:42:08 -04:00
Kyle Havlovitz 61d7e38148
Clarify CA commands' help text 2018-06-14 09:42:23 -07:00
Kyle Havlovitz 6ca7543ea6
Add CA CLI commands for getting/setting config 2018-06-14 09:42:22 -07:00
Mitchell Hashimoto 7d24ecd700
command/connect/proxy: register monitor tests 2018-06-14 09:42:22 -07:00
Mitchell Hashimoto eb2a6952ba
address comment feedback 2018-06-14 09:42:22 -07:00
Mitchell Hashimoto db10240bea
command/connect/proxy: register monitor and -register flag 2018-06-14 09:42:22 -07:00
Mitchell Hashimoto 1db42050bd
command/connect/proxy: output information when starting similar to agent 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto 55c6d34ea0
command/connect/proxy: detailed help 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto b1d709fc9f
command/connect/proxy: -service-addr required for -listen 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto 83f2509c6f
command/connect/proxy: can set public listener from flags 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto c93ba83310
command/connect/proxy: tests for configuration 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto 42ee214c8a
command/connect/proxy: accept -service and -upstream 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto 8c713e6104
connect/proxy: don't require proxy ID 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto a69e3087b2
command/intention: address comment feedback 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto be82b94f81
command/intention/create: -replace does an atomic change 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto 6a82e78cb4
command/intention/match 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 8ffca97596
command/intention/delete: tests 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 88639b802c
command/intention/check: check tests 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 971b3c06a1
command/intention/get: tests 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 66deffafbb
command/intention/match 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto a083870872
command/intentions/check 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto dba937847f
command/intention/create: -replace flag, jank, we should change to PUT 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 888dc78180
command/intentions/delete 2018-06-14 09:42:19 -07:00
Mitchell Hashimoto 272211e171
command/intention/get: the get command without tests 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 988d7d984a
command/intention/finder: package for finding based on src/dst 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 961e9c1eaf
command/intention/create 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 5d969e3cbb
command/connect/proxy: set ACL token based on proxy token flag 2018-06-14 09:42:14 -07:00
Mitchell Hashimoto 867db89303
command/connect/proxy: set proxy ID from env var if set 2018-06-14 09:42:14 -07:00
Paul Banks 1b197d934a
Don't allow connect watches in agent/cli yet 2018-06-14 09:42:06 -07:00
Paul Banks e8c510332c
Support legacy watch.HandlerFunc type for backward compat reduces impact of change 2018-06-14 09:42:05 -07:00
Paul Banks cd88b2a351
Basic `watch` support for connect proxy config and certificate endpoints.
- Includes some bug fixes for previous `api` work and `agent` that weren't tested
 - Needed somewhat pervasive changes to support hash based blocking - some TODOs left in our watch toolchain that will explicitly fail on hash-based watches.
 - Integration into `connect` is partially done here but still WIP
2018-06-14 09:42:05 -07:00
Paul Banks 10db79c8ae
Rework connect/proxy and command/connect/proxy. End to end demo working again 2018-06-14 09:41:57 -07:00
Paul Banks 69d5efdbbd
Original proxy and connect.Client implementation. Working end to end. 2018-06-14 09:41:56 -07:00
Paul Banks 5f3d20c5cf
Merge pull request #4194 from hashicorp/fix-kv-del-validation
Fix KV del command validation error
2018-06-05 16:58:14 +01:00
Matt Keeler 88a8c5e968
Merge pull request #4156 from hashicorp/enterprise-coexistence
Enterprise/Licensing Cleanup
2018-06-05 10:50:32 -04:00
Paul Banks 378c37fadd
Fix KV del command validation error
This has an explcit unit test already which somehow passes at least some of the time. I suspect it passes because under some conditions the actual KV delete fails and returns non-zero as well as printing the warning which is what is being checked for in the test.

For some reason despite working for quite some time like this, I now have a branch in which this test fails consistently. It may be a timing/env issue where another process running an agent causes the delete to be successful so the command returns a 0 by chance. Either way this is clearly wrong and fixing it stops the test being flaky in my branch.
2018-06-05 13:18:16 +01:00
Kyle Havlovitz 03652a8519
command/agent: don't re-parse the flags on reload 2018-05-31 16:59:51 -07:00
Matt Keeler 2e7a37890c Move data source loading into a command helpers function 2018-05-24 10:34:08 -04:00
Paul Banks 4de68fcb4b
Merge pull request #4016 from pierresouchay/support_for_prometheus
Support for prometheus for metrics endpoint
2018-04-24 16:14:43 +01:00
Matt Keeler 63250c5d43
Merge pull request #4024 from jen20/signal-notify-once
Only call signal.Notify once during agent startup
2018-04-20 12:37:01 -04:00
Kyle Havlovitz af4be34a2a
Update make static-assets goal and run format 2018-04-13 09:57:25 -07:00
James Nugent 96f871862e Only call signal.Notify once during agent startup
Calling twice appears to have no adverse effects, however serves to
confuse as to what the semantics of such code may be! This seems like it
was probably introduced while resolving conflicts during the merge of
the fix for #2404.
2018-04-10 20:44:50 -05:00
Pierre Souchay 93a01b0949 Now use prometheus_retention_time > 0 to enable prometheus support 2018-04-06 14:21:05 +02:00
Pierre Souchay fd98fb1449 Added support exposing metrics in Prometheus format 2018-04-06 09:18:06 +02:00
Matt Keeler 48bd84073a Address PR feedback 2018-04-02 09:23:01 -04:00
Matt Keeler 9f64d4856a Update unit-tests to use requirements instead of manual checks. 2018-03-30 10:55:21 -04:00
Matt Keeler 92ceaaad81 Update case of member in comment 2018-03-29 15:06:48 -04:00
Matt Keeler 4e6f0f9a79 Formatting update 2018-03-29 14:35:49 -04:00
Matt Keeler ada1252480 GH-3996: Add config-format flag to validate subcommand 2018-03-29 14:30:05 -04:00
Guido Iaquinti 8cd11d5888 Add package name to log output 2018-03-21 15:56:14 +00:00
Josh Soref 94835a2715 Spelling (#3958)
* spelling: another

* spelling: autopilot

* spelling: beginning

* spelling: circonus

* spelling: default

* spelling: definition

* spelling: distance

* spelling: encountered

* spelling: enterprise

* spelling: expands

* spelling: exits

* spelling: formatting

* spelling: health

* spelling: hierarchy

* spelling: imposed

* spelling: independence

* spelling: inspect

* spelling: last

* spelling: latest

* spelling: client

* spelling: message

* spelling: minimum

* spelling: notify

* spelling: nonexistent

* spelling: operator

* spelling: payload

* spelling: preceded

* spelling: prepared

* spelling: programmatically

* spelling: required

* spelling: reconcile

* spelling: responses

* spelling: request

* spelling: response

* spelling: results

* spelling: retrieve

* spelling: service

* spelling: significantly

* spelling: specifies

* spelling: supported

* spelling: synchronization

* spelling: synchronous

* spelling: themselves

* spelling: unexpected

* spelling: validations

* spelling: value
2018-03-19 16:56:00 +00:00
Paul Banks de58eb1820
Fixes #3891: agent monitor no longer unresponsive before logs stream.
The root cause is actually that the agent's streaming HTTP API didn't flush until the first log line was found which commonly was pretty soon since the default level is INFO. In cases where there were no logs immediately due to level for instance, the client gets stuck in the HTTP code waiting on a response packet from the server before we enter the loop that checks the shutdown channel from the signal handler.

This fix flushes the initial status immediately on the streaming endpoint which lets the client code get into it's expected state where it's listening for shutdown or log lines.
2018-02-19 21:53:10 +00:00
Kyle Havlovitz d16f103b48
Pull http config flag merge into public method 2018-02-05 15:00:04 -08:00
Veselkov Konstantin 7de57ba4de remove golint warnings 2018-01-28 22:40:13 +04:00
Chad Whitacre 9ff59df34b Fix typo 2018-01-05 15:24:44 -05:00
Kyle Havlovitz a86d11ec0a
Merge pull request #3737 from hashicorp/autopilot-refactor
Move autopilot to a standalone package
2017-12-15 14:09:40 -08:00
James Phillips c676e6b8c8
Adds -base64 support to kv get command.
Fixes #3736
2017-12-14 17:28:04 -08:00
Kyle Havlovitz de28555671
Move autopilot to a standalone package 2017-12-11 16:45:33 -08:00
James Phillips 521e46ce91
Adds a registry mechanism for CLI commands. 2017-11-29 18:36:52 -08:00
Kyle Havlovitz 921d2e1469
Fix a panic in snapshot inspect command 2017-10-30 14:51:08 -07:00
Frank Schroeder 8f145559d8
Decouple the code that executes checks from the agent 2017-10-25 11:18:07 +02:00
Frank Schroeder 9872475167
agent: fix TestRetryJoin 2017-10-24 20:35:37 +02:00
Frank Schroeder 7d3467176b
agent: fix TestRetryJoinFail 2017-10-24 20:35:37 +02:00
Frank Schroeder 96a584dee2
agent: fix TestRetryJoinWanFail 2017-10-24 20:35:36 +02:00
Frank Schroeder b97ab367f4
config: return error on extra command line arguments (#3397)
The `consul agent` command was ignoring extra command line arguments
which can lead to confusion when the user has for example forgotten to
add a dash in front of an argument or is not using an `=` when setting
boolean flags to `true`. `-bootstrap true` is not the same as
`-bootstrap=true`, for example.

Since all command line flags are known and we don't expect unparsed
arguments we can return an error. However, this may make it slightly
more difficult in the future if we ever wanted to have these kinds of
arguments.

Fixes #3397
2017-10-23 08:07:48 +02:00
James Phillips ecee15b466
Updates documentation for consul validate.
This makes it clear that you need to pass the full configuration,
and that the command won't work with config fragments.

Closes #3591
2017-10-19 18:59:05 -07:00
Frank Schroeder 9dec64dd17
commands: add shorter helper vars to keep fmt sane 2017-10-18 02:39:10 +02:00
Frank Schroeder 983e4aa0eb
commands: cleanup init 2017-10-18 02:39:10 +02:00
Frank Schroeder b3292d13fb commands: get HTTP API flags for usage automatically 2017-10-18 00:08:45 +02:00
Frank Schroeder 0cadee99ff commands: drop http server flags from reload command 2017-10-18 00:08:45 +02:00
Frank Schroeder cb96d1f126 commands: drop http server flags from leave command 2017-10-18 00:08:45 +02:00
Frank Schroeder cb95cf2a34 commands: drop http server flags from keyring command 2017-10-18 00:08:45 +02:00
Frank Schroeder 1715cbd5de commands: drop http server flags from force-leave command 2017-10-18 00:08:45 +02:00
Frank Schroeder 1b026de1db commands: run all tests in parallel (again) 2017-10-18 00:08:45 +02:00
Frank Schroeder 56b24d3d4f commands: cleanup help and synopsis.
* move Help and Synopsis to bottom
* make help and synopsis constants
* make sure help output is formatted
2017-10-18 00:08:45 +02:00
Frank Schroeder d54a5ef8d8 commands: do not run cmd tests in parallel
Package level parallelization is sufficient.
2017-10-18 00:08:45 +02:00
Frank Schroeder e5d08cf47d commands: add missing noTabs test 2017-10-18 00:08:45 +02:00
Frank Schroeder 84a82cff3d commands: cleanup test names 2017-10-18 00:08:45 +02:00
Frank Schroeder 5979723446 commands: cleanup catalog list services tests 2017-10-18 00:08:45 +02:00
Frank Schroeder a03738c117 commands: cleanup catalog list nodes tests 2017-10-18 00:08:45 +02:00
Frank Schroeder 2530b9dd83 commands: simplify import names 2017-10-18 00:08:45 +02:00
Frank Schroeder 2bd8b070fb commands: move operator subcommands to subdirs 2017-10-18 00:08:45 +02:00
Frank Schroeder ce1ec000ca commands: move kv subcommands to subdirs 2017-10-18 00:08:45 +02:00
Frank Schroeder e16ef316d4 commands: move catalog subcommands to subdirs 2017-10-18 00:08:45 +02:00
Frank Schroeder 51799e5d23 commands: move snapshot subcommands to subdirs 2017-10-18 00:08:45 +02:00
Frank Schroeder 6bc5716336 commands: simplify commands.go 2017-10-18 00:08:45 +02:00
Frank Schroeder 2850f0f6d0 commands: drop base command and utils 2017-10-18 00:08:45 +02:00
Frank Schroeder 31d5fb7f47 commands: move agent command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 10e0be65a9 commands: move watch command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 8a0195ee99 add token and addr to http flags 2017-10-18 00:08:45 +02:00
Frank Schroeder e2b686b982 commands: move snapshot save command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder fb1f09d447 commands: move snapshot restore command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 3acbc278f0 commands: move version command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 3a02ce9ebc commands: move snapshot inspect command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder c8992cbe28 commands: move snapshot command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 4d6a0b94dd commands: move rtt command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 566359234a commands: move reload command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 4947ba7f3d commands: move operator autopilot set command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder f719d78441 commands: move operator autopilot get command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder bd1b189990 commands: move operator autopilot command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder c50e43a4ea commands: move operator list remove-peer command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 2a824f0575 commands: move operator raft list-peers command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder f10f07b448 commands: move operator raft command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder cc103391b2 commands: move operator command to separate pkg 2017-10-18 00:08:45 +02:00
Preetha Appan 1eec0e757c Move monitor command to its own package 2017-10-18 00:08:45 +02:00
Preetha Appan f389fe7757 Fix import order 2017-10-18 00:08:45 +02:00
Preetha Appan 5b6f0504ae Move members command to its own package 2017-10-18 00:08:45 +02:00
Preetha Appan ba546b0c1d Move maint command to its own package 2017-10-18 00:08:45 +02:00
Preetha Appan ff4d070bdf Move lock command to its own package 2017-10-18 00:08:45 +02:00
Preetha Appan 85bc32f8a0 Fix leave and validate commands to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan 71887d1709 Fix KV CLI subcommands to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan b1d5f99a58 Fix Keyring and keygen commands to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan 85a834d008 Fix join command to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan a049dccd20 Fix up info and forceleave to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan 55a1724b9e s/initFlags/init/g 2017-10-18 00:08:45 +02:00
Preetha Appan 7689e1e5cd Fix exec and event commands to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan a2519fb76f Fix up catalog list services to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan 2ed2c63a26 Fix up list datacenters to build help string in constructor 2017-10-18 00:08:45 +02:00
Preetha Appan 9d52f6ea92 Fix tests by calling initFlags for each test case to reset state. 2017-10-18 00:08:45 +02:00
Preetha Appan 4e31514df8 Better name for usage string and moving constant definition down 2017-10-18 00:08:45 +02:00
Preetha Appan a3863c73d6 Construct the help string in constructor using helper function. 2017-10-18 00:08:45 +02:00
Frank Schroeder 0ec520582d commands: move catalog list services to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 117305eb4f commands: move catalog list nodes command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder bd73c4cecf commands: move catalog list datacenters command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 675e727224 commands: move catalog command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 9a9e5ef82d commands: move leave command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 076361a37d commands: move force-leave command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 631502009d commands: move keyring command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 9e19207918 commands: move kv put command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 3377f46085 commands: move kv get command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder e1785a0e8f commands: move kv import command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder cce364445e commands: move export entry struct to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 585b5b8d4e commands: move kv export command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 5e3371eee1 commands: move kv delete command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 200199a875 commands: move kv command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder aca803ca8d commands: move keygen command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder b1c5ee39a5 commands: move info command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 8a5836368e commands: move rExec helper to bottom 2017-10-18 00:08:45 +02:00
Frank Schroeder 0ada23f92f commands: move exec command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder 85bfd8f339 commands: move event command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder d870c6289b commands: move join command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder e0551b80a6 commands: move validate command to separate pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder cef6a80ae6 commands: move flag handling into flags pkg 2017-10-18 00:08:45 +02:00
Frank Schroeder a49711b8bf config: refactor commands to print help for flags (#3536)
This patch refactors the commands that use the mitchellh/cli library to
populate the command line flag set in both the Run() and the Help()
method. Earlier versions of the mitchellh/cli library relied on the
Run() method to populuate the flagset for generating the usage screen.
This has changed in later versions and was previously solved with a
small monkey patch to the library to restore the old behavior.

However, this makes upgrading the library difficult since the patch has
to be restored every time.

This patch addresses this by moving the command line flags into an
initFlags() method where appropriate and also moving all variables for
the flags from the Run() method into the command itself.

Fixes #3536
2017-10-18 00:08:45 +02:00
Ryan Slade 85e4aea9d1 Replace time.Now().Sub(x) with time.Since(x) 2017-10-17 20:38:24 +02:00
James Phillips 575d70aaa7
Cleans up some drift between the OSS and Enterprise trees. 2017-10-11 15:53:07 -07:00
Frank Schroeder 7bee8e644d
command: show full help text on usage 2017-10-05 18:17:54 +02:00
Frank Schroeder bb13277ca1 command: do not merge flags in-place 2017-10-05 18:08:35 +02:00
Frank Schroeder e769cd22f6 command: simplify duplicate code 2017-10-05 18:08:35 +02:00
Frank Schroeder a364555121 command: drop hidden flags from base command 2017-10-05 18:08:35 +02:00
Frank Schroeder bc78fa576a command: drop unused hidden flags for 'validate' 2017-10-05 18:08:35 +02:00
Frank Schroeder 497d2702bf
command: drop legacy 'operator raft' tests 2017-10-05 17:56:16 +02:00
Frank Schroeder 4d604c5138 command: simplify 'operator raft'
The cli library can handle subcommands. Therefore, most of the code is
no longer necessary.
2017-10-05 17:40:57 +02:00
Frank Schroeder 3a7fb35fb0 command: don't show confusing error on usage output 2017-10-05 17:29:45 +02:00
Frank Schroeder ce0d03c46a command: drop deprecated 'configtest' command
'configtest' has been replaced with 'validate'
2017-10-05 17:22:34 +02:00
Kyle Havlovitz adf29675f3 Merge pull request #3535 from hashicorp/metric-docs
Update metric names and add a legacy config flag
2017-10-04 17:39:16 -07:00
Kyle Havlovitz 198ed6076d Clean up subprocess handling and make shell use optional (#3509)
* Clean up handling of subprocesses and make using a shell optional

* Update docs for subprocess changes

* Fix tests for new subprocess behavior

* More cleanup of subprocesses

* Minor adjustments and cleanup for subprocess logic

* Makes the watch handler reload test use the new path.

* Adds check tests for new args path, and updates existing tests to use new path.

* Adds support for script args in Docker checks.

* Fixes the sanitize unit test.

* Adds panic for unknown watch type, and reverts back to Run().

* Adds shell option back to consul lock command.

* Adds shell option back to consul exec command.

* Adds shell back into consul watch command.

* Refactors signal forwarding and makes Windows-friendly.

* Adds a clarifying comment.

* Changes error wording to a warning.

* Scopes signals to interrupt and kill.

This avoids us trying to send SIGCHILD to the dead process.

* Adds an error for shell=false for consul exec.

* Adds notes about the deprecated script and handler fields.

* De-nests an if statement.
2017-10-04 16:48:00 -07:00
Kyle Havlovitz c728564994
Update metric names and add a legacy config flag 2017-10-04 16:43:27 -07:00
Kyle Havlovitz 787787f904
Split BaseCommand http config into a separate function 2017-09-29 12:26:14 -07:00
Kyle Havlovitz 8b31eef467
Add base command option for hiding generated help for normal args 2017-09-28 18:43:28 -07:00
James Phillips be92c6862d
Returns errors properly from the consul operator raft list-peers command. 2017-09-28 15:37:59 -07:00
Frank Schröder e84c2b2edd Metrics service prefix (#3498)
* metrics: replace statsite_prefix with service_prefix

The metrics prefix isn't statsite specific and is in fact used
for all metrics providers. Since we are deprecating fields
anyway we should fix this one as well.

Fixes #3293

* Updates docs and sorts telemetry section.

* Renames to "metrics_prefix" to disambiguate with Consul services.

* Updates the change log.
2017-09-26 17:49:55 -07:00
Preetha Appan 3c4a108769 Move Raft protocol version for list peers end point to server side, fix unit tests. This fixes #3449 2017-09-26 09:35:39 -05:00
preetapan 73951d8319 Merge pull request #3494 from hashicorp/enforce_json_extension
Enforce json or hcl extension to Consul config files, updated unit tests
2017-09-25 17:30:33 -05:00
James Phillips 45646ac3f4 Bumps default Raft protocol to version 3. (#3477)
* Changes default Raft protocol to 3.

* Changes numPeers() to report only voters.

This should have been there before, but it's more obvious that this
is incorrect now that we default the Raft protocol to 3, which puts
new servers in a read-only state while Autopilot waits for them to
become healthy.

* Fixes TestLeader_RollRaftServer.

* Fixes TestOperator_RaftRemovePeerByAddress.

* Fixes TestServer_*.

Relaxed the check for a given number of voter peers and instead do
a thorough check that all servers see each other in their Raft
configurations.

* Fixes TestACL_*.

These now just check for Raft replication to be set up, and don't
care about the number of voter peers.

* Fixes TestOperator_Raft_ListPeers.

* Fixes TestAutopilot_CleanupDeadServerPeriodic.

* Fixes TestCatalog_ListNodes_ConsistentRead_Fail.

* Fixes TestLeader_ChangeServerID and adjusts the conn pool to throw away
sockets when it sees io.EOF.

* Changes version to 1.0.0 in the options doc.

* Makes metrics test more deterministic with autopilot metrics possible.
2017-09-25 15:27:04 -07:00
Preetha Appan a286ad7533 Enforce json or hcl extension to Consul config files, updated unit tests 2017-09-25 17:17:12 -05:00
Frank Schröder 12216583a1 New config parser, HCL support, multiple bind addrs (#3480)
* new config parser for agent

This patch implements a new config parser for the consul agent which
makes the following changes to the previous implementation:

 * add HCL support
 * all configuration fragments in tests and for default config are
   expressed as HCL fragments
 * HCL fragments can be provided on the command line so that they
   can eventually replace the command line flags.
 * HCL/JSON fragments are parsed into a temporary Config structure
   which can be merged using reflection (all values are pointers).
   The existing merge logic of overwrite for values and append
   for slices has been preserved.
 * A single builder process generates a typed runtime configuration
   for the agent.

The new implementation is more strict and fails in the builder process
if no valid runtime configuration can be generated. Therefore,
additional validations in other parts of the code should be removed.

The builder also pre-computes all required network addresses so that no
address/port magic should be required where the configuration is used
and should therefore be removed.

* Upgrade github.com/hashicorp/hcl to support int64

* improve error messages

* fix directory permission test

* Fix rtt test

* Fix ForceLeave test

* Skip performance test for now until we know what to do

* Update github.com/hashicorp/memberlist to update log prefix

* Make memberlist use the default logger

* improve config error handling

* do not fail on non-existing data-dir

* experiment with non-uniform timeouts to get a handle on stalled leader elections

* Run tests for packages separately to eliminate the spurious port conflicts

* refactor private address detection and unify approach for ipv4 and ipv6.

Fixes #2825

* do not allow unix sockets for DNS

* improve bind and advertise addr error handling

* go through builder using test coverage

* minimal update to the docs

* more coverage tests fixed

* more tests

* fix makefile

* cleanup

* fix port conflicts with external port server 'porter'

* stop test server on error

* do not run api test that change global ENV concurrently with the other tests

* Run remaining api tests concurrently

* no need for retry with the port number service

* monkey patch race condition in go-sockaddr until we understand why that fails

* monkey patch hcl decoder race condidtion until we understand why that fails

* monkey patch spurious errors in strings.EqualFold from here

* add test for hcl decoder race condition. Run with go test -parallel 128

* Increase timeout again

* cleanup

* don't log port allocations by default

* use base command arg parsing to format help output properly

* handle -dc deprecation case in Build

* switch autopilot.max_trailing_logs to int

* remove duplicate test case

* remove unused methods

* remove comments about flag/config value inconsistencies

* switch got and want around since the error message was misleading.

* Removes a stray debug log.

* Removes a stray newline in imports.

* Fixes TestACL_Version8.

* Runs go fmt.

* Adds a default case for unknown address types.

* Reoders and reformats some imports.

* Adds some comments and fixes typos.

* Reorders imports.

* add unix socket support for dns later

* drop all deprecated flags and arguments

* fix wrong field name

* remove stray node-id file

* drop unnecessary patch section in test

* drop duplicate test

* add test for LeaveOnTerm and SkipLeaveOnInt in client mode

* drop "bla" and add clarifying comment for the test

* split up tests to support enterprise/non-enterprise tests

* drop raft multiplier and derive values during build phase

* sanitize runtime config reflectively and add test

* detect invalid config fields

* fix tests with invalid config fields

* use different values for wan sanitiziation test

* drop recursor in favor of recursors

* allow dns_config.udp_answer_limit to be zero

* make sure tests run on machines with multiple ips

* Fix failing tests in a few more places by providing a bind address in the test

* Gets rid of skipped TestAgent_CheckPerformanceSettings and adds case for builder.

* Add porter to server_test.go to make tests there less flaky

* go fmt
2017-09-25 11:40:42 -07:00
James Phillips 00605c0214
Shows the segment name in the keyring API and command output. 2017-09-07 12:17:39 -07:00
James Phillips d12b172a5d
Remaps servers to "<all>" only when listing multiple segments. 2017-09-05 13:50:38 -07:00
James Phillips 1a117ba0a8
Makes the all segments query explict, and the default for `consul members`. 2017-09-05 12:22:20 -07:00