Mitchell Hashimoto
db4c47df27
agent/cache: on error, return from Get immediately, don't block forever
2018-06-14 09:42:02 -07:00
Mitchell Hashimoto
cc2c98f961
agent/cache: lots of comment/doc updates
2018-06-14 09:42:02 -07:00
Mitchell Hashimoto
6c01e402e0
agent: augment /v1/connect/authorize to cache intentions
2018-06-14 09:42:02 -07:00
Mitchell Hashimoto
0f3f3d13ca
agent/cache-types: support intention match queries
2018-06-14 09:42:02 -07:00
Mitchell Hashimoto
e1c1b8812a
agent/cache: return the error as part of Get
2018-06-14 09:42:01 -07:00
Mitchell Hashimoto
00e7ab3cd5
agent/cache: integrate go-metrics so the cache is debuggable
2018-06-14 09:42:01 -07:00
Mitchell Hashimoto
9f3dbf7b2a
agent/structs: DCSpecificRequest sets all the proper fields for
...
CacheInfo
2018-06-14 09:42:01 -07:00
Mitchell Hashimoto
be873d2558
agent/cache-types/ca-leaf: proper result for timeout, race on setting CA
2018-06-14 09:42:01 -07:00
Mitchell Hashimoto
fcb15e15ae
agent/cache: support timeouts for cache reads and empty fetch results
2018-06-14 09:42:01 -07:00
Mitchell Hashimoto
e81942df7a
agent/cache-types: rename to separate root and leaf cache types
2018-06-14 09:42:01 -07:00
Mitchell Hashimoto
8e7c517db1
agent/cache-types: got basic CA leaf caching work, major problems still
2018-06-14 09:42:01 -07:00
Mitchell Hashimoto
917a9e63d5
agent: check cache hit count to verify CA root caching, background update
2018-06-14 09:42:00 -07:00
Mitchell Hashimoto
6902d721d6
agent: initialize the cache and cache the CA roots
2018-06-14 09:42:00 -07:00
Mitchell Hashimoto
c329b4cb34
agent/cache: partition by DC/ACL token
2018-06-14 09:42:00 -07:00
Mitchell Hashimoto
e3c1162881
agent/cache: Reorganize some files, RequestInfo struct, prepare for partitioning
2018-06-14 09:42:00 -07:00
Mitchell Hashimoto
b0db5657c4
agent/cache: ConnectCA roots caching type
2018-06-14 09:42:00 -07:00
Mitchell Hashimoto
975be337a9
agent/cache: blank cache key means to always fetch
2018-06-14 09:42:00 -07:00
Mitchell Hashimoto
1cfb0f1922
agent/cache: initial kind-of working cache
2018-06-14 09:42:00 -07:00
Kyle Havlovitz
33418afd3c
Add cross-signing mechanism to root rotation
2018-06-14 09:42:00 -07:00
Kyle Havlovitz
d83fbfc766
Add the root rotation mechanism to the CA config endpoint
2018-06-14 09:41:59 -07:00
Kyle Havlovitz
f9d92d795e
Have the built in CA store its state in raft
2018-06-14 09:41:59 -07:00
Kyle Havlovitz
30c1973e8b
Fix the testing endpoint's root set op
2018-06-14 09:41:59 -07:00
Kyle Havlovitz
75f62e3117
Update the CA config endpoint to enable GETs
2018-06-14 09:41:59 -07:00
Kyle Havlovitz
ab737ef0f8
Hook the CA RPC endpoint into the provider interface
2018-06-14 09:41:59 -07:00
Kyle Havlovitz
1f6501895f
Add CA bootstrapping on establishing leadership
2018-06-14 09:41:59 -07:00
Kyle Havlovitz
682f105c7c
Add the bootstrap config for the CA
2018-06-14 09:41:59 -07:00
Kyle Havlovitz
9fc33d2a62
Add the CA provider interface and built-in provider
2018-06-14 09:41:58 -07:00
Kyle Havlovitz
1787f88618
Add CA config set to fsm operations
2018-06-14 09:41:58 -07:00
Kyle Havlovitz
6b3416e480
Add the Connect CA config to the state store
2018-06-14 09:41:58 -07:00
Paul Banks
36dbd878c9
Adds `api` client code and tests for new Proxy Config endpoint, registering with proxy and seeing proxy config in /agent/services list.
2018-06-14 09:41:58 -07:00
Paul Banks
730da74369
Fix various test failures and vet warnings.
...
Intention de-duplication in previously merged PR actualy failed some tests that were not caught be me or CI. I ran the test files for state changes but they happened not to trigger this case so I made sure they did first and then fixed. That fixed some upstream intention endpoint tests that I'd not run as part of testing the previous fix.
2018-06-14 09:41:58 -07:00
Paul Banks
1e72ad66f5
Refactor localBlockingQuery to use memdb.WatchSet. Much simpler and correct as a bonus!
2018-06-14 09:41:58 -07:00
Paul Banks
8d09381b96
Super ugly hack to get TeamCity build to work for this PR without adding a vendor that is being added elsewhere and will conflict...
2018-06-14 09:41:58 -07:00
Paul Banks
d73f079d0f
Add X-Consul-ContentHash header; implement removing all proxies; add load/unload test.
2018-06-14 09:41:57 -07:00
Paul Banks
2a69663448
Agent Connect Proxy config endpoint with hash-based blocking
2018-06-14 09:41:57 -07:00
Paul Banks
3e3f0e1f31
HTTP agent registration allows proxy to be defined.
2018-06-14 09:41:57 -07:00
Paul Banks
e6071051cf
Added connect proxy config and local agent state setup on boot.
2018-06-14 09:41:57 -07:00
Paul Banks
88541bba17
Add tests all the way up through the endpoints to ensure duplicate src/destination is supported and so ultimately deny/allow nesting works.
...
Also adds a sanity check test for `api.Agent().ConnectAuthorize()` and a fix for a trivial bug in it.
2018-06-14 09:41:57 -07:00
Paul Banks
ed9f07c361
Allow duplicate source or destination, but enforce uniqueness across all four.
2018-06-14 09:41:57 -07:00
Paul Banks
10db79c8ae
Rework connect/proxy and command/connect/proxy. End to end demo working again
2018-06-14 09:41:57 -07:00
Paul Banks
26e65f6bfd
connect.Service based implementation after review feedback.
2018-06-14 09:41:56 -07:00
Mitchell Hashimoto
95da20ffd7
agent: rename authorize param ClientID to ClientCertURI
2018-06-14 09:41:56 -07:00
Mitchell Hashimoto
6e57233913
agent: add TODO for verification
2018-06-14 09:41:55 -07:00
Mitchell Hashimoto
5a47a53c70
acl: IntentionDefault => IntentionDefaultAllow
2018-06-14 09:41:55 -07:00
Mitchell Hashimoto
ac72a0c5fd
agent: ACL checks for authorize, default behavior
2018-06-14 09:41:55 -07:00
Mitchell Hashimoto
6dc2db94ea
agent/structs: String format for Intention, used for logging
2018-06-14 09:41:55 -07:00
Mitchell Hashimoto
fb7bccc690
agent: bolster commenting for clearer understandability
2018-06-14 09:41:55 -07:00
Mitchell Hashimoto
9a987d6452
agent: default deny on connect authorize endpoint
2018-06-14 09:41:54 -07:00
Mitchell Hashimoto
86a8ce45b9
agent: /v1/agent/connect/authorize is functional, with tests
2018-06-14 09:41:54 -07:00
Mitchell Hashimoto
3ef0b93159
agent/connect: Authorize for CertURI
2018-06-14 09:41:54 -07:00
Mitchell Hashimoto
70d1d5bf06
agent: get rid of method checks since they're done in the http layer
2018-06-14 09:41:54 -07:00
Paul Banks
9309422fd9
Add Connect agent, catalog and health endpoints to api Client
2018-06-14 09:41:54 -07:00
Mitchell Hashimoto
845f7cd8ad
agent/consul/state: ensure exactly one active CA exists when setting
2018-06-14 09:41:54 -07:00
Mitchell Hashimoto
ffe4cdfc15
agent/connect: support any values in the URL
2018-06-14 09:41:54 -07:00
Mitchell Hashimoto
75bf0e1638
agent/connect: support SpiffeIDSigning
2018-06-14 09:41:53 -07:00
Mitchell Hashimoto
17ca8ad083
agent/connect: rename SpiffeID to CertURI
2018-06-14 09:41:53 -07:00
Mitchell Hashimoto
0cbcb07d61
agent/connect: use proper keyusage fields for CA and leaf
2018-06-14 09:41:53 -07:00
Mitchell Hashimoto
73442ada5a
agent/connect: address PR feedback for the CA.go file
2018-06-14 09:41:53 -07:00
Mitchell Hashimoto
d28ee70a56
agent: implement an always-200 authorize endpoint
2018-06-14 09:41:53 -07:00
Mitchell Hashimoto
a54d1af421
agent/consul: encode issued cert serial number as hex encoded
2018-06-14 09:41:53 -07:00
Mitchell Hashimoto
4210003c86
agent/structs: hide some fields from JSON
2018-06-14 09:41:52 -07:00
Mitchell Hashimoto
63d674d07d
agent: /v1/connect/ca/configuration PUT for setting configuration
2018-06-14 09:41:52 -07:00
Mitchell Hashimoto
1c3dbc83ff
agent/consul/fsm,state: snapshot/restore for CA roots
2018-06-14 09:41:52 -07:00
Mitchell Hashimoto
90f423fd02
agent/consul/fsm,state: tests for CA root related changes
2018-06-14 09:41:52 -07:00
Mitchell Hashimoto
1c72639d60
agent/consul: set more fields on the issued cert
2018-06-14 09:41:52 -07:00
Mitchell Hashimoto
c2588262b7
agent: /v1/connect/ca/leaf/:service_id
2018-06-14 09:41:52 -07:00
Mitchell Hashimoto
571d9aa785
agent: CA root HTTP endpoints
2018-06-14 09:41:51 -07:00
Mitchell Hashimoto
e40afd6a73
agent/consul: CAS operations for setting the CA root
2018-06-14 09:41:51 -07:00
Mitchell Hashimoto
578db06600
agent/consul: tests for CA endpoints
2018-06-14 09:41:51 -07:00
Mitchell Hashimoto
891cd22ad9
agent/consul: key the public key of the CSR, verify in test
2018-06-14 09:41:51 -07:00
Mitchell Hashimoto
d768d5e9a7
agent/consul: test for ConnectCA.Sign
2018-06-14 09:41:51 -07:00
Mitchell Hashimoto
f4ec28bfe3
agent/consul: basic sign endpoint not tested yet
2018-06-14 09:41:51 -07:00
Mitchell Hashimoto
548ce190d5
agent/connect: package for agent-related Connect, parse SPIFFE IDs
2018-06-14 09:41:50 -07:00
Mitchell Hashimoto
6d294b6bb4
agent/structs: json omit QueryMeta
2018-06-14 09:41:50 -07:00
Mitchell Hashimoto
e7536e5485
agent: /v1/connect/ca/roots
2018-06-14 09:41:50 -07:00
Mitchell Hashimoto
5a950190f3
agent/consul: RPC endpoints to list roots
2018-06-14 09:41:50 -07:00
Mitchell Hashimoto
130098b7b5
agent/consul/state: CARoot structs and initial state store
2018-06-14 09:41:49 -07:00
Mitchell Hashimoto
4d852e62a3
agent: address PR feedback
2018-06-14 09:41:49 -07:00
Mitchell Hashimoto
22a0eb6c67
agent: commenting some tests
2018-06-14 09:41:49 -07:00
Mitchell Hashimoto
6313bc5615
agent: clarified a number of comments per PR feedback
2018-06-14 09:41:49 -07:00
Mitchell Hashimoto
353953fcd2
agent/consul: Health.ServiceNodes ACL check for Connect
2018-06-14 09:41:49 -07:00
Mitchell Hashimoto
b6c0cb7115
agent/consul: Catalog endpoint ACL requirements for Connect proxies
2018-06-14 09:41:49 -07:00
Mitchell Hashimoto
3b07686648
agent: remove ConnectProxyServiceName
2018-06-14 09:41:49 -07:00
Mitchell Hashimoto
2feef5f7a3
agent/consul: require name for proxies
2018-06-14 09:41:48 -07:00
Mitchell Hashimoto
714026dfb7
agent: validate service entry on register
2018-06-14 09:41:48 -07:00
Mitchell Hashimoto
125fb96ff1
agent/structs: tests for PartialClone and IsSame for proxy fields
2018-06-14 09:41:48 -07:00
Mitchell Hashimoto
9781cb1ace
agent/local: anti-entropy for connect proxy services
2018-06-14 09:41:48 -07:00
Mitchell Hashimoto
44ec8d94d2
agent: clean up connect/non-connect duplication by using shared methods
2018-06-14 09:41:48 -07:00
Mitchell Hashimoto
368137b81b
agent: /v1/health/connect/:service
2018-06-14 09:41:48 -07:00
Mitchell Hashimoto
7d79f9c46f
agent/consul: implement Health.ServiceNodes for Connect, DNS works
2018-06-14 09:41:47 -07:00
Mitchell Hashimoto
406366c45b
agent: working DNS for Connect queries, I think, but have to
...
implement Health endpoints to be sure
2018-06-14 09:41:47 -07:00
Mitchell Hashimoto
fd33b76ec2
agent: /v1/catalog/connect/:service
2018-06-14 09:41:47 -07:00
Mitchell Hashimoto
e01914a025
agent/consul: Catalog.ServiceNodes supports Connect filtering
2018-06-14 09:41:47 -07:00
Mitchell Hashimoto
2062e37270
agent/consul/state: ConnectServiceNodes
2018-06-14 09:41:47 -07:00
Mitchell Hashimoto
7ed26e2c64
agent/consul: enforce ACL on ProxyDestination
2018-06-14 09:41:47 -07:00
Mitchell Hashimoto
0c0c0a58e7
agent/consul: proxy registration and tests
2018-06-14 09:41:46 -07:00
Mitchell Hashimoto
68107e9767
agent: /v1/agent/services test with connect proxies (works w/ no change)
2018-06-14 09:41:46 -07:00
Mitchell Hashimoto
4d4a8443e8
agent: test /v1/catalog/node/:node to list connect proxies
2018-06-14 09:41:46 -07:00
Mitchell Hashimoto
6e257ea51c
agent: /v1/catalog/service/:service works with proxies
2018-06-14 09:41:46 -07:00
Mitchell Hashimoto
63e4a35827
agent/consul/state: convert proxy test to testify/assert
2018-06-14 09:41:46 -07:00
Mitchell Hashimoto
21c6fc623a
agent/consul/state: service registration with proxy works
2018-06-14 09:41:46 -07:00
Mitchell Hashimoto
a621afe72c
agent/consul: convert intention ACLs to testify/assert
2018-06-14 09:41:46 -07:00
Mitchell Hashimoto
9dc8aa0fb3
agent/consul,structs: add tests for ACL filter and prefix for intentions
2018-06-14 09:41:45 -07:00
Mitchell Hashimoto
5ac649af7f
agent/consul: Intention.Match ACLs
2018-06-14 09:41:45 -07:00
Mitchell Hashimoto
4d87601bf4
agent/consul: Intention.Get ACLs
2018-06-14 09:41:45 -07:00
Mitchell Hashimoto
9bbbb73734
agent/consul: Intention.Apply ACL on rename
2018-06-14 09:41:45 -07:00
Mitchell Hashimoto
01b644e213
agent/consul: tests for ACLs on Intention.Apply update/delete
2018-06-14 09:41:45 -07:00
Mitchell Hashimoto
a67ff1c0dc
agent/consul: Basic ACL on Intention.Apply
2018-06-14 09:41:44 -07:00
Mitchell Hashimoto
0719ff6905
agent: convert all intention tests to testify/assert
2018-06-14 09:41:44 -07:00
Mitchell Hashimoto
454ef7d106
agent/consul/fsm,state: snapshot/restore for intentions
2018-06-14 09:41:44 -07:00
Mitchell Hashimoto
80d068aaa4
agent: use UTC time for intention times, move empty list check to
...
agent/consul
2018-06-14 09:41:43 -07:00
Mitchell Hashimoto
370b2599a1
agent/consul/fsm: switch tests to use structs.TestIntention
2018-06-14 09:41:43 -07:00
Mitchell Hashimoto
97e2a73145
agent/consul/state: need to set Meta for intentions for tests
2018-06-14 09:41:43 -07:00
Mitchell Hashimoto
ad42f42a17
agent/consul/state: remove TODO
2018-06-14 09:41:43 -07:00
Mitchell Hashimoto
70858598e4
agent: use testing intention to get valid intentions
2018-06-14 09:41:43 -07:00
Mitchell Hashimoto
ab4ea3efb4
agent/consul: set default intention SourceType, validate it
2018-06-14 09:41:43 -07:00
Mitchell Hashimoto
d92993f75b
agent/structs: Intention validation
2018-06-14 09:41:42 -07:00
Mitchell Hashimoto
82a50245e0
agent/consul: support intention description, meta is non-nil
2018-06-14 09:41:42 -07:00
Mitchell Hashimoto
c12690b837
agent/consul/fsm: add tests for intention requests
2018-06-14 09:41:42 -07:00
Mitchell Hashimoto
a9743f4f15
agent,agent/consul: set default namespaces
2018-06-14 09:41:42 -07:00
Mitchell Hashimoto
10c370c0fb
agent/consul: set CreatedAt, UpdatedAt on intentions
2018-06-14 09:41:42 -07:00
Mitchell Hashimoto
d57a3ca2af
agent: GET /v1/connect/intentions/match
2018-06-14 09:41:42 -07:00
Mitchell Hashimoto
93de03fe8b
agent/consul: RPC endpoint for Intention.Match
2018-06-14 09:41:42 -07:00
Mitchell Hashimoto
f93edadbbe
agent/consul/state: IntentionMatch for performing match resolution
2018-06-14 09:41:41 -07:00
Mitchell Hashimoto
377479c01a
agent/structs: IntentionPrecedenceSorter for sorting based on precedence
2018-06-14 09:41:41 -07:00
Mitchell Hashimoto
dca483b4a2
agent: PUT /v1/connect/intentions/:id
2018-06-14 09:41:41 -07:00
Mitchell Hashimoto
faeb583162
agent: DELETE /v1/connect/intentions/:id
2018-06-14 09:41:41 -07:00
Mitchell Hashimoto
fb02e53536
agent/consul: test that Apply works to delete an intention
2018-06-14 09:41:41 -07:00
Mitchell Hashimoto
4417f37ede
agent/consul/state,fsm: support for deleting intentions
2018-06-14 09:41:41 -07:00
Mitchell Hashimoto
1b44c1befa
agent/consul: creating intention must not have ID set
2018-06-14 09:41:40 -07:00
Mitchell Hashimoto
771b1737e3
agent/consul: support updating intentions
2018-06-14 09:41:40 -07:00
Mitchell Hashimoto
0d96cdc0a5
agent: GET /v1/connect/intentions/:id
2018-06-14 09:41:40 -07:00
Mitchell Hashimoto
274bfdd864
agent: POST /v1/connect/intentions
2018-06-14 09:41:40 -07:00
Mitchell Hashimoto
5a1fb35d6e
agent: GET /v1/connect/intentions endpoint
2018-06-14 09:41:40 -07:00
Mitchell Hashimoto
e8c4156f07
agent/consul: Intention.Get endpoint
2018-06-14 09:41:40 -07:00
Mitchell Hashimoto
9e307e178e
agent/consul: Intention.Apply, FSM methods, very little validation
2018-06-14 09:41:39 -07:00
Mitchell Hashimoto
212a272989
agent/consul: start Intention RPC endpoints, starting with List
2018-06-14 09:41:39 -07:00
Mitchell Hashimoto
9639bfb1be
agent/consul/state: list intentions
2018-06-14 09:41:39 -07:00
Mitchell Hashimoto
cc8a6f7f15
agent/consul/state: initial work on intentions memdb table
2018-06-14 09:41:39 -07:00
Guido Iaquinti
f7fe6c2a87
Attach server.Name label to client.rpc.failed
2018-06-13 14:56:14 +01:00
Guido Iaquinti
3d230dee80
Attach server.ID label to client.rpc.failed
2018-06-13 14:53:44 +01:00
Guido Iaquinti
e85e63c18c
Client: add metric for failed RPC calls to server
2018-06-13 12:35:45 +01:00
Matt Keeler
40e6d9c720
Fixup a weird merge problem
2018-06-11 16:27:39 -04:00
Matt Keeler
0df7cd22aa
Add a Client ReloadConfig test
2018-06-11 16:23:51 -04:00
Matt Keeler
08e26d10b8
Merge branch 'master' of github.com:hashicorp/consul into rpc-limiting
...
# Conflicts:
# agent/agent.go
# agent/consul/client.go
2018-06-11 16:11:36 -04:00
Matt Keeler
65746b2f8f
Apply the limits to the clients rpcLimiter
2018-06-11 15:51:17 -04:00
Matt Keeler
6cc0422408
Add configuration entry to control including TXT records for node meta in DNS responses
...
If set to false, the only way to retrieve TXT records for node meta is to specifically query for TXT records.
2018-06-11 11:49:04 -04:00
Pierre Souchay
c83124a94c
Removed labels from new ACL denied metrics
2018-06-08 11:56:46 +02:00
Pierre Souchay
064f8ad170
Removed consul prefix from metrics as requested by @kyhavlov
2018-06-08 11:51:50 +02:00
Matt Keeler
88a8c5e968
Merge pull request #4156 from hashicorp/enterprise-coexistence
...
Enterprise/Licensing Cleanup
2018-06-05 10:50:32 -04:00
Jack Pearkes
aa1c993806
Merge pull request #4013 from sethvargo/sethvargo/user_agent
...
Add a helper for generating Consul's user-agent string
2018-06-01 09:13:38 -07:00
Matt Keeler
27fe219918
Merge pull request #4131 from pierresouchay/enable_full_dns_compression
...
Enable full dns compression
2018-06-01 10:42:03 -04:00
Matt Keeler
1fbe828c35
Add RunWithConfig and put Run signature back to normal
2018-05-31 20:22:14 -04:00
Matt Keeler
53fbe2b111
Update unit tests to reflect change to func signature
2018-05-31 17:20:16 -04:00
Matt Keeler
8e0e239e42
Allow passing in a config to the watch plan to use when creating the API client
...
This allows watches from consul agent config (rather than consul watch command) to be able to utilize HTTPs
2018-05-31 17:07:36 -04:00
Pierre Souchay
fa37f262eb
Fixed comments for max DNS records returned as requested by @mkeeler
2018-05-31 18:15:52 +02:00
Seth Vargo
accb85a6a9
Use new discover and useragent libs
2018-05-25 15:52:05 -04:00
Matt Keeler
b6e9abe926
Allow for easy enterprise/oss coexistence
...
Uses struct/interface embedding with the embedded structs/interfaces being empty for oss. Also methods on the server/client types are defaulted to do nothing for OSS
2018-05-24 10:36:42 -04:00
Matt Keeler
0d197c32dc
Add BadRequestError handling
2018-05-24 10:34:01 -04:00
Wim
16ce8d9ed2
Add service reverse lookup tests
2018-05-21 22:59:21 +02:00
Wim
d10e6d0292
Do reverse service lookup only if address doesn't match node
2018-05-21 22:27:41 +02:00
Wim
5c04864b28
Add support for reverse lookup of services
2018-05-19 19:39:02 +02:00
Pierre Souchay
bb92420873
Test fix, trying to pass Travis tests
2018-05-16 14:10:35 +02:00
Pierre Souchay
486417a0fc
Ensure to never send messages more than 64k
2018-05-16 12:47:35 +02:00
Pierre Souchay
cfa5986df7
Fixed unit tests and updated limits
2018-05-16 12:11:49 +02:00
Pierre Souchay
6e80b6b127
Re-Enable compression while computing Len(), so we can send more answers
...
This will fix https://github.com/hashicorp/consul/issues/4071
2018-05-16 11:00:51 +02:00
Matt Keeler
cfd09c88c6
Update bindata_assetfs for 1.1
2018-05-11 14:56:05 -04:00
Paul Banks
863ac12811
v1.1.0 UI Build
2018-05-11 17:05:20 +01:00
Paul Banks
ff37194fc0
Go fmt cleanup
2018-05-11 17:05:19 +01:00
Preetha Appan
ca67094619
Change default raft threshold config values and add a section to upgrade notes
2018-05-11 10:45:41 -05:00
Preetha Appan
3ff5fd6ec5
More docs and removed SnapShotInterval from raft timing struct stanza
2018-05-11 10:43:24 -05:00
Preetha Appan
d721da7b67
Also make snapshot interval configurable
2018-05-11 10:43:24 -05:00
Preetha Appan
ad09865562
fix spacing
2018-05-11 10:43:24 -05:00
Preetha Appan
66f31cd25a
Make raft snapshot commit threshold configurable
2018-05-11 10:43:24 -05:00
Kyle Havlovitz
876d251b95
Merge pull request #4108 from hashicorp/vendor-go-discover
...
Update go-discover and add triton provider
2018-05-10 17:29:00 -07:00
Kyle Havlovitz
48560848fc
Move cloud auto-join docs to a separate page and add Triton
2018-05-10 17:15:41 -07:00
Jack Pearkes
291e8b83ae
Merge pull request #4097 from hashicorp/remove-deprecated
...
Remove deprecated check/service fields and metric names
2018-05-10 15:45:49 -07:00
John Cowen
e5eeb0aa7c
UI V2 ( #4086 )
...
* Move settings to use the same service/route API as the rest of the app
* Put some ideas down for unit testing on adapters
* Favour `Model` over `Entity`
* Move away from using `reopen` to using Mixins
* Amend messages, comment/document some usage
* Make sure the returns are consistent in normalizePayload, also
Add some todo's in to remind me to think consider this further at a
later date. For example, is normalizePayload to be a hook or an
overridable method
* Start stripping back the HTML to semantics
* Use a variable rather than chaining
* Remove unused helpers
* Start picking through the new designs, start with listing pages
* First draft HTML for every page
* Making progress on the CSS
* Keep plugging away at the catalog css
* Looking at scrolling
* Wire up filtering
* Sort out filter counting, more or less done a few outstanding
* Start knocking the forms into shape
* Add in codemirror
* Keep moving forwards with the form like layouts
* Start looking at ACL editing page, add footer in
* Pull the filters back in, look at an autoresizer for scroll views
* First draft toggles
* 2nd draft healthcheck icons
* Tweak node healthcheck icons
* Looking at healthcheck detail icons
* Tweak the filter-bar and add selections to the in content tabs
* Add ACL create, pill-like acl type highlight
* Tweaking the main nav some more
* Working on the filter-bar and freetext-filter
* Masonry layout
* Stick with `checks` instead of healthy/unhealthy
* Fix up the filter numbers/counts
* Use the thead for a measure
* First draft tomography back in
* First draft DC dropdown
* Add a temporary create buttong to kv's
* Move KV and ACL to use a create page
* Move tags
* Run through old tests
* Injectable server
* Start adding test attributes
* Add some page objects
* More test attributes and pages
* Acl filter objects
* Add a page.. page object
* Clickable items in lists
* Add rest/spread babel plugin, remove mirage for now
* Add fix for ember-collection
* Keep track of acl filters
* ember-cli-page-object
* ember-test-selectors
* ui: update version of ui compile deps
* Update static assets
* Centralize radiogroup helper
* Rejig KV's and begin to clean it up
* Work around lack of Tags for the moment..
* Some little css tweaks and start to remove possibles
* Working on the dc page and incidentals
1. Sort the datacenter-picker list
2. Add a selected state to the datacenter-picker
3. Make dc an {Name: dc}
4. Add an env helper to get to 'env vars' from within templates
* Click outside stuff for the datacenter-picker, is-active on nav
* Make sure the dropdown CTA can be active
* Bump ember add pluralize helper
* Little try at sass based custom queries
* Rejig tablular collection so it deals with resizing, actions
1. WIP: start building actions dropdowns
2. Move tabular collection to deal with resizing to rule out differences
* First draft actions dropdowns
* Add ports, selectable IP's
* Flash messages, plus general cleanup/consistency
1. Add ember-cli-flash for flash messages
2. Move everything to get() instead of item.get
3. Spotted a few things that weren't consistent
* DOn't go lower than zero
* First draft vertical menu
* Missed a get, tweak dropmenu tick
* Big cleanup
1. this.get(), this.set() > get(), set()
2. assign > {...{}, ...{}}
3. Seperator > separator
* WIP: settings
* Moved things into a ui-v2 folder
* Decide on a way to do the settings page whilst maintaining the url + dc's
* Start some error pages
* Remove base64 polyfill
* Tie in settings, fix atob bug, tweak layout css
* Centralize confirmations into a component
* Allow switching between the old and new UI with the CONSUL_UI_BETA env var
Currently all the assets are packaged into a single AssetFS and a prefix is configured to switch between the two.
* Attempt at some updates to integrate the v2 ui build into the main infrastructure
* Add redirect to index.html for unknown paths
* Allow redictor to /index.html for new ui when using -ui-dir
* Take ACLs to the correct place on save
* First pass breadcrumbs
* Remove datacenter selector on the index page
* Tweak overall layout
* Make buttons 'resets'
* Tweak last DC stuff
* Validations plus kv keyname viewing tweaks
* Pull sessions back in
* Tweak the env vars to be more reusable
* Move isAnon to the view
* No items and disabled acl css
* ACL and KV details
1. Unauthorized page
2. Make sure the ACL is always selected when it needs it
3. Check record deletion with a changeset
* Few more acl tweaks/corrections
* Add no items view to node > services
* Tags for node > services
* Make sure we have tags
* Fix up the labels on the tomography graph
* Add node link (agent) to kv sessions
* Duplicate up `create` for KV 'root creation'
* Safety check for health checks
* Fix up the grids
* Truncate td a's, fix kv columns
* Watch for spaces in KV id's
* Move actions to their own mixins for now at least
* Link reset to settings incase I want to type it in
* Tweak error page
* Cleanup healthcheck icons in service listing
* Centralize errors and make getting back easier
* Nice numbers
* Compact buttons
* Some incidental css cleanups
* Use 'Key / Value' for root
* Tweak tomography layout
* Fix single healthcheck unhealthy resource
* Get loading screen ready
* Fix healthy healthcheck tick
* Everything in header starts white
* First draft loader
* Refactor the entire backend to use proper unique keys, plus..
1. Make unique keys form dc + slug (uid)
2. Fun with errors...
* Tweak header colors
* Add noopener noreferrer to external links
* Add supers to setupController
* Implement cloning, using ember-data...
* Move the more expensive down the switch order
* First draft empty record cleanup..
* Add the cusomt store test
* Temporarily use the htmlSafe prototype to remove the console warning
* Encode hashes in urls
* Go back to using title for errors for now
* Start removing unused bulma
* Lint
* WIP: Start looking at failing tests
* Remove single redirect test
* Finish off error message styling
* Add full ember-data cache invalidation to avoid stale data...
* Add uncolorable warning icons
* More info icon
* Rearrange single service, plus tag printing
* Logo
* No quotes
* Add a simple startup logo
* Tweak healthcheck statuses
* Fix border-color for healthchecks
* Tweak node tabs
* Catch 401 ACL errors and rethrow with the provided error message
* Remove old acl unauth and error routes
* Missed a super
* Make 'All' refer to number of checks, not services
* Remove ember-resizer, add autoprefixer
* Don't show tomography if its not worth it, viewify it more also
* Little model cleanup
* Chevrons
* Find a way to reliably set the class of html from the view
* Consistent html
* Make sure session id's are visible as long as possible
* Fix single service check count
* Add filters and searchs to the query string
* Don't remember the selected tab
* Change text
* Eror tweaking
* Use chevrons on all breadcrumbs even in kv's
* Clean up a file
* Tweak some messaging
* Makesure the footer overlays whats in the page
* Tweak KV errors
* Move json toggle over to the right
* feedback-dialog along with copy buttons
* Better confirmation dialogs
* Add git sha comment
* Same title as old UI
* Allow defaults
* Make sure value is a string
* WIP: Scrolling dropdowns/confirmations
* Add to kv's
* Remove set
* First pass trace
* Better table rows
* Pull over the hashi code editor styles
* Editor tweaks
* Responsive tabs
* Add number formatting to tomography
* Review whats left todo
* Lint
* Add a coordinate ember data triplet
* Bump in a v2.0.0
* Update old tests
* Get coverage working again
* Make sure query keys are also encoded
* Don't test console.error
* Unit test some more utils
* Tweak the size of the tabular collections
* Clean up gitignore
* Fix copy button rollovers
* Get healthcheck 'icon icons' onto the text baseline
* Tweak healthcheck padding and alignment
* Make sure commas kick in in rtt, probably never get to that
* Improve vertical menu
* Tweak dropdown active state to not have a bg
* Tweak paddings
* Search entire string not just 'startsWith'
* Button states
* Most buttons have 1px border
* More button tweaks
* You can only view kv folders
* CSS cleanup reduction
* Form input states and little cleanup
* More CSS reduction
* Sort checks by importance
* Fix click outside on datacenter picker
* Make sure table th's also auto calculate properly
* Make sure `json` isn't remembered in KV editing
* Fix recursive deletion in KV's
* Centralize size
* Catch updateRecord
* Don't double envode
* model > item consistency
* Action loading and ACL tweaks
* Add settings dependencies to acl tests
* Better loading
* utf-8 base64 encode/decode
* Don't hang off a prototype for htmlSafe
* Missing base64 files...
* Get atob/btoa polyfill right
* Shadowy rollovers
* Disabled button styling for primaries
* autofocuses only onload for now
* Fix footer centering
* Beginning of 'notices'
* Remove the isLocked disabling as we are letting you do what the API does
* Don't forget the documentation link for sessions
* Updates are more likely
* Use exported constant
* Dont export redirectFS and a few other PR updates
* Remove the old bootstrap config which was used for the old UI skin
* Use curlies for multiple properties
2018-05-10 19:52:53 +01:00
Paul Banks
92c6fe0b1e
Make it work for WAN join too and add tests
2018-05-10 14:30:24 +01:00
Dominik Lekse
ba9991a145
Added support for sockaddr templates in start-join and retry-join configuration
2018-05-10 14:08:41 +01:00
Kyle Havlovitz
75953273e2
Remove unused retry join structs from config
2018-05-08 16:25:34 -07:00
Kyle Havlovitz
ba3971d2c1
Remove deprecated metric names
2018-05-08 16:23:15 -07:00
Kyle Havlovitz
b73323aa42
Remove the script field from checks in favor of args
2018-05-08 15:31:53 -07:00
Paul Banks
b7fa3358d1
Merge pull request #3970 from pierresouchay/node_health_should_change_service_index
...
[BUGFIX] When a node level check is removed, ensure all services of node are notified
2018-05-08 16:44:50 +01:00
Kyle Havlovitz
cc214d45b6
Remove support for EnableTagOverride in config files
2018-05-07 16:19:13 -07:00
Kyle Havlovitz
6461087c25
Remove support for CheckID field in service check definitions
2018-05-07 16:15:08 -07:00
Dino Lukman
d538b5666c
Fix telemetry default prefix filter
...
If telemetry metrics contain a hostname starting with
'consul', the metrics will be filtered out the same way
as the deprecated metrics.
2018-05-02 16:56:29 +02:00
Jack Pearkes
733c0df0a0
Merge pull request #4021 from fomentia/master
...
Close HTTP response in Agent test (HTTPAPI_MethodNotAllowed_OSS)
2018-04-27 09:28:01 -07:00
Paul Banks
c8db140ff7
Merge pull request #4047 from pierresouchay/added_missing_meta_in_service_definition
...
[BUGFIX] Added Service Meta support in configuration files
2018-04-25 13:08:53 +01:00
Pierre Souchay
303997ff55
Improved unit test (example close to actual value)
2018-04-24 23:15:27 +02:00
Paul Banks
4de68fcb4b
Merge pull request #4016 from pierresouchay/support_for_prometheus
...
Support for prometheus for metrics endpoint
2018-04-24 16:14:43 +01:00
Pierre Souchay
eccc223480
Fixed Meta name for JSON + Added unit tests for HCL/JSON
2018-04-24 16:39:43 +02:00
Pierre Souchay
26388503e0
Removed Nanoseconds cast as requested by @banks
2018-04-24 16:30:10 +02:00
Pierre Souchay
62a68a008d
Removed content negotiation of Prometheus as requested by @banks
2018-04-24 16:28:30 +02:00
Pierre Souchay
c152cb7bdf
Added Missing Service Meta synchronization and field
2018-04-21 17:34:29 +02:00
Pierre Souchay
c715408c87
More Tests cases compression/no compression
2018-04-21 17:18:39 +02:00
Pierre Souchay
076ecf9712
Removed unecessary copy of Extra and index
2018-04-20 22:51:04 +02:00
Pierre Souchay
06a181955d
Use safer stringVal()
2018-04-18 23:18:16 +02:00
Pierre Souchay
9bb15730a6
Added unit test on key length
2018-04-18 23:07:25 +02:00
Pierre Souchay
2f5e67534d
Added unit tests for bad meta values
2018-04-18 22:57:33 +02:00
Pierre Souchay
d2ab3deacf
[BUGFIX] Added Service Meta support in configuration files
...
Fixes https://github.com/hashicorp/consul/issues/4045
Was not added by mistake in https://github.com/hashicorp/consul/pull/3881
2018-04-18 22:18:58 +02:00
Pierre Souchay
65d3a2b26e
Fixed import
2018-04-18 17:09:25 +02:00
Pierre Souchay
f13aa5ba9b
Added labels to improve new metric
2018-04-18 16:51:22 +02:00
Pierre Souchay
89ab642928
Allow renaming nodes when ID is unchanged
2018-04-18 15:39:38 +02:00
Pierre Souchay
36827418b7
Improved unit tests debug info when it fails
2018-04-18 14:18:17 +02:00
Pierre Souchay
728c5308df
Fixed sync of Extra in binarySearch
2018-04-18 14:17:44 +02:00
Pierre Souchay
9243daeb0e
Run new test in parallel
2018-04-17 10:36:12 +02:00
Pierre Souchay
d9a23bb2fa
Track calls blocked by ACLs using metrics
2018-04-17 10:17:16 +02:00
Pierre Souchay
5b4905e11d
More test cases + travis flacky
2018-04-17 09:42:08 +02:00
Pierre Souchay
fadfb95e07
Added Unit tests + fixed boudary limit
2018-04-17 09:31:30 +02:00
Pierre Souchay
c838376dfa
Added comment for function dnsBinaryTruncate
2018-04-17 01:10:52 +02:00
Pierre Souchay
94c0bf978a
Perform a binary search to find optimal size of DNS responses
...
Will fix https://github.com/hashicorp/consul/issues/4036
Instead of removing one by one the entries, find the optimal
size using binary search.
For SRV records, with 5k nodes, duration of DNS lookups is
divided by 4 or more.
2018-04-17 00:50:00 +02:00
Kyle Havlovitz
2a636275ad
Update static assets
2018-04-13 10:05:30 -07:00
Kyle Havlovitz
af4be34a2a
Update make static-assets goal and run format
2018-04-13 09:57:25 -07:00
Matt Keeler
d926679278
Merge pull request #4023 from hashicorp/f-near-ip
...
Add near=_ip support for prepared queries
2018-04-12 12:10:48 -04:00
Matt Keeler
0619efc254
GH-3798: More PR Updates
...
Update docs a little
Update/add tests. Make sure all the various ways of determining the source IP work
Update X-Forwarded-For header parsing. This can be a comma separated list with the first element being the original IP so we now handle csv data there.
Got rid of error return from sourceAddrFromRequest
2018-04-12 10:40:46 -04:00
Matt Keeler
136efeb3be
GH-3798: A couple more PR updates
...
Test HTTP/DNS source IP without header/extra EDNS data.
Add WARN log for when prepared query with near=_ip is executed without specifying the source ip
2018-04-12 10:10:37 -04:00
Matt Keeler
cec8d5145b
GH-3798: A few more PR updates
2018-04-11 20:32:35 -04:00
Matt Keeler
d065d3a6db
GH-3798: Updates for PR
...
Allow DNS peer IP as the source IP.
Break early when the right node was found for executing the preapred query.
Update docs
2018-04-11 17:02:04 -04:00
Matt Keeler
283a7942c4
GH-3798: Wrap DNS request validation in a retry
2018-04-11 16:00:15 -04:00
Jack Pearkes
265359959b
Merge pull request #4015 from hashicorp/ui-service-tags
...
api/ui: return tags on internal UI endpoints
2018-04-11 12:02:19 -07:00
Matt Keeler
5794fa8837
GH-3798: Add DNS near=_ip test
2018-04-11 10:33:48 -04:00
Matt Keeler
de403d6515
GH-3798: Add HTTP prepared query near=_ip test
...
Also fixed an issue where we need to have the X-Forwarded-For header processed before the RemoteAddr. This shouldn’t have any functional difference for prod code but for mocked request objects it allows them to work.
2018-04-10 15:35:54 -04:00
Matt Keeler
45a537def9
GH-3798: Add near=_ip support for prepared queries
2018-04-10 14:50:50 -04:00
Isaac Williams
01f5db46e8
Close HTTP response in Agent test (HTTPAPI_MethodNotAllowed_OSS)
2018-04-10 13:18:46 -04:00
Paul Banks
0d8993e338
Allow ignoring checks by ID when defining a PreparedQuery. Fixes #3727 .
2018-04-10 14:04:16 +01:00
Pierre Souchay
a680c8e91b
Clearer documentation and comments for enabling Prometheus support
2018-04-09 13:16:45 +02:00
Pierre Souchay
27362320e8
Enable compression / automatic Mime-Type detection for Prometheus endpoint
2018-04-09 13:16:03 +02:00
Jared Wasinger
672a2a3577
agent: reload limits upon restart
2018-04-08 14:28:29 -07:00
Jared Wasinger
255492bb2d
add unit tests: limits configuration should be reloadable
2018-04-08 03:57:01 -07:00
Matt Keeler
39c17084b6
Merge pull request #4006 from kjothen/patch-1
...
Update check.go
2018-04-06 12:57:52 -04:00
Pierre Souchay
93a01b0949
Now use prometheus_retention_time > 0 to enable prometheus support
2018-04-06 14:21:05 +02:00
Pierre Souchay
fd98fb1449
Added support exposing metrics in Prometheus format
2018-04-06 09:18:06 +02:00
Jack Pearkes
eb447f51e6
api/ui: return tags on internal UI endpoints
...
This is to allow the UI to display tags in the services index pages
without needing to make additional queries.
2018-04-05 12:28:57 -07:00
Matt Keeler
0d1d03c793
Merge pull request #3752 from yfouquet/issue_3687
...
Add support for compression in http api
2018-04-04 09:06:42 -04:00
Yoann
0f6e05d4c1
Add support for compression in http api
...
The need has been spotted in issue https://github.com/hashicorp/consul/issues/3687 .
Using "NYTimes/gziphandler", the http api responses can now be compressed if required.
The Go API requires compressed response if possible and handle the compressed response.
We here change only the http api (not the UI for instance).
2018-04-03 22:33:13 +02:00
Preetha
2c931c92d4
Merge pull request #3998 from zte-opensource/wip-fix-shutdown
...
minor fix for endpoints shutdown
2018-04-03 12:22:54 -05:00
Kieran Othen
e4b7465193
Update check.go
...
Cosmetic fix to the agent's HTTP check function which always formats the result as "HTTP GET ...", ignoring any non-GET supplied HTTP method such as POST, PUT, etc.
2018-03-31 16:44:35 +01:00
Matt Keeler
27899f9f46
Merge pull request #3948 from pierresouchay/fix_tcp_dns_limit
...
[BUGFIX] do not break when TCP DNS answer exceeds 64k
2018-03-30 16:25:23 -04:00
Preetha
a67d27c756
Adds discovery_max_stale ( #4004 )
...
Adds a new option to allow service discovery endpoints to return stale results if configured at the agent level.
2018-03-30 10:14:44 -05:00
Preetha
1609b2c6b7
Merge pull request #3994 from hashicorp/f-rename-servicemeta
...
Renames agent API layer for service metadata to "meta" for consistency
2018-03-29 14:07:57 -05:00
runsisi
b082c8d3ab
minor fix for endpoints shutdown
...
Signed-off-by: runsisi <runsisi@zte.com.cn>
2018-03-29 21:45:46 +08:00
Matt Keeler
ea6767d8bc
Merge pull request #3990 from hashicorp/b-gh-3854
...
Warn when node name isnt a valid DNS label
2018-03-29 09:04:47 -04:00
Preetha Appan
c7581d68c6
Renames agent API layer for service metadata to "meta" for consistency
2018-03-28 09:04:50 -05:00
Preetha
daa61c5803
Merge pull request #3881 from pierresouchay/service_metadata
...
Feature Request: Support key-value attributes for services
2018-03-27 16:33:57 -05:00
Preetha
3c96d64eaa
Merge pull request #3984 from hashicorp/f-allow-federation-disable
...
Allows disabling WAN federation by setting serf WAN port to -1
2018-03-27 16:05:53 -05:00
Matt Keeler
ebc6f414ac
Formatting update
2018-03-27 16:31:27 -04:00
Pierre Souchay
980189a33f
Added validation of ServiceMeta in Catalog
...
Fixed Error Message when ServiceMeta is not valid
Added Unit test for adding a Service with badly formatted ServiceMeta
2018-03-27 22:22:42 +02:00
Preetha Appan
226cb2e95c
fix typo and remove comment
2018-03-27 14:28:05 -05:00
Matt Keeler
3facce6bfa
GH-3854: Warn when node name isnt a valid DNS label
2018-03-27 15:00:33 -04:00
Preetha Appan
010a459365
Remove unnecessary nil checks
2018-03-27 10:59:42 -05:00
Preetha Appan
6c0bb5a810
Fix test and remove unused method
2018-03-27 09:44:41 -05:00
Preetha Appan
d77ab91123
Allows disabling WAN federation by setting serf WAN port to -1
2018-03-26 14:21:06 -05:00
Pierre Souchay
a9868ae956
Added support for renaming nodes when their IP does not change
2018-03-26 16:44:13 +02:00
Pierre Souchay
18baff80ae
Merge remote-tracking branch 'origin/master' into node_health_should_change_service_index
2018-03-22 13:07:11 +01:00
Pierre Souchay
5fb1b18073
More test cases
2018-03-22 12:41:06 +01:00
Pierre Souchay
39a7b5c20d
Added new test regarding checks index
2018-03-22 12:20:25 +01:00
Pierre Souchay
dd9efb755a
Fixed minor typo in comments
...
Might fix unstable travis build
2018-03-22 10:30:10 +01:00
Guido Iaquinti
8cd11d5888
Add package name to log output
2018-03-21 15:56:14 +00:00
Josh Soref
94835a2715
Spelling ( #3958 )
...
* spelling: another
* spelling: autopilot
* spelling: beginning
* spelling: circonus
* spelling: default
* spelling: definition
* spelling: distance
* spelling: encountered
* spelling: enterprise
* spelling: expands
* spelling: exits
* spelling: formatting
* spelling: health
* spelling: hierarchy
* spelling: imposed
* spelling: independence
* spelling: inspect
* spelling: last
* spelling: latest
* spelling: client
* spelling: message
* spelling: minimum
* spelling: notify
* spelling: nonexistent
* spelling: operator
* spelling: payload
* spelling: preceded
* spelling: prepared
* spelling: programmatically
* spelling: required
* spelling: reconcile
* spelling: responses
* spelling: request
* spelling: response
* spelling: results
* spelling: retrieve
* spelling: service
* spelling: significantly
* spelling: specifies
* spelling: supported
* spelling: synchronization
* spelling: synchronous
* spelling: themselves
* spelling: unexpected
* spelling: validations
* spelling: value
2018-03-19 16:56:00 +00:00
Paul Banks
a8f7681c70
Merge pull request #3962 from canterberry/upgrade/tls-cipher-suites
...
🔒 Update supported TLS cipher suites
2018-03-19 16:44:33 +00:00
Pierre Souchay
b6914617d9
Fixed typo in comments
2018-03-19 17:12:08 +01:00
Pierre Souchay
5e974843f1
Refactoring to have clearer code without weird bool
2018-03-19 16:12:54 +01:00
Pierre Souchay
a44b9e84b1
[BUGFIX] When a node level check is removed, ensure all services of node are notified
...
Bugfix for https://github.com/hashicorp/consul/pull/3899
When a node level check is removed (example: maintenance),
some watchers on services might have to recompute their state.
If those nodes are performing blocking queries, they have to be notified.
While their state was updated when node-level state did change or was added
this was not the case when the check was removed. This fixes it.
2018-03-19 14:14:03 +01:00
Preetha Appan
2eed7766a8
cleanup unit test code a bit
2018-03-16 09:36:57 -05:00
Preetha
c87699abf2
Merge pull request #3885 from eddsteel/support-options-requests
...
Support OPTIONS requests
2018-03-16 09:20:16 -05:00
Devin Canterberry
2187ab1e1c
🎨 Formatting changes only; convert leading space to tabs
2018-03-15 10:30:38 -07:00
Devin Canterberry
7236c95e11
✅ Match expectation of TLSCipherSuites to values of tls_cipher_suites
2018-03-15 10:19:46 -07:00
Devin Canterberry
a61abcd931
🐛 Formatting changes only; add missing trailing commas
2018-03-15 10:19:46 -07:00
Devin Canterberry
c901307a47
🔒 Update supported TLS cipher suites
...
The list of cipher suites included in this commit are consistent with
the values and precedence in the [Golang TLS documentation](https://golang.org/src/crypto/tls/cipher_suites.go ).
> **Note:** Cipher suites with RC4 are still included within the list
> of accepted values for compatibility, but **these cipher suites are
> not safe to use** and should be deprecated with warnings and
> subsequently removed. Support for RC4 ciphers has already been
> removed or disabled by default in many prominent browsers and tools,
> including Golang.
>
> **References:**
>
> * [RC4 on Wikipedia](https://en.wikipedia.org/wiki/RC4 )
> * [Mozilla Security Blog](https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/ )
2018-03-15 10:19:46 -07:00
Pierre Souchay
aebfcb6767
Fixed minor typo (+ travis tests is unstable)
2018-03-09 18:42:13 +01:00
Pierre Souchay
93fa1f6f49
Optimize size for SRV records, should improve performance a bit
...
Stricter Unit tests that checks if truncation was OK.
2018-03-09 18:25:29 +01:00
Preetha
210cfe5ef9
Merge pull request #3940 from pierresouchay/dns_max_size
...
Allow to control the number of A/AAAA Record returned by DNS
2018-03-09 07:35:32 -06:00
Pierre Souchay
d0e45f22df
Fixed wrong format of debug msg in unit test
2018-03-08 00:36:17 +01:00
Pierre Souchay
ce3f47a75d
Performance optimization for services having more than 2k records
2018-03-08 00:26:41 +01:00
Pierre Souchay
7d59249d96
Avoid issue with compression of DNS messages causing overflow
2018-03-07 23:33:41 +01:00
Pierre Souchay
419bf29041
Cleaner Unit tests from suggestions from @preetapan
2018-03-07 18:24:41 +01:00
Pierre Souchay
b77fd5ce9d
64000 max limit to DNS messages since there is overhead
...
Added debug log to give information about truncation.
2018-03-07 16:14:41 +01:00
Pierre Souchay
be39fb20cc
[BUGFIX] do not break when TCP DNS answer exceeds 64k
...
It will avoid having discovery broken when having large number
of instances of a service (works with SRV and A* records).
Fixes https://github.com/hashicorp/consul/issues/3850
2018-03-07 10:08:06 +01:00
Mitchell Hashimoto
8217564c48
agent/consul/fsm: begin using testify/assert
2018-03-06 09:48:15 -08:00
Pierre Souchay
0b7f620dc6
Allow to control the number of A/AAAA Record returned by DNS
...
This allows to have randomized resource records (i.e. each
answer contains only one IP, but the IP changes every request) for
A, AAAA records.
It will fix https://github.com/hashicorp/consul/issues/3355 and
https://github.com/hashicorp/consul/issues/3937
See https://github.com/hashicorp/consul/issues/3937#issuecomment-370610509
for details.
It basically add a new option called `a_record_limit` and will not
return more than a_record_limit when performing A, AAAA or ANY DNS
requests.
The existing `udp_answer_limit` option is still working but should
be considered as deprecated since it works only with DNS clients
not supporting EDNS.
2018-03-06 02:07:42 +01:00
Edd Steel
41b1d45cc7
Re-use defined endpoints for tests
2018-03-03 11:19:18 -08:00
Paul Banks
9a47449c6d
Merge pull request #3899 from pierresouchay/fix_blocking_queries_index
...
Services Indexes modified per service instead of using a global Index
2018-03-02 16:24:43 +00:00
Pierre Souchay
360dc1dd8d
Simplified error handling for maxIndexForService
...
* added unit tests to ensure service index is properly garbage collected
* added Upgrade from Version 1.0.6 to higher section in documentation
2018-03-01 14:09:36 +01:00
Paul Banks
dbaabb1dbc
Fix test running in non-bash shells
2018-02-22 14:06:06 +00:00
Paul Banks
6da6e086ef
Merge pull request #3900 from hashicorp/fix-monitor-sigint-3891
...
Fixes #3891 : agent monitor no longer unresponsive before logs stream.
2018-02-21 21:28:33 +00:00
Preetha Appan
80791d5b21
Remove extra newline
2018-02-21 13:21:47 -06:00
Preetha Appan
907b97b7f2
Unit test that calls revokeLeadership twice to make sure its idempotent
2018-02-21 12:48:53 -06:00
Preetha Appan
f59abcc394
Make sure revokeLeadership is called if establishLeadership errors
2018-02-21 12:33:22 -06:00
Alex Dadgar
18bf9647d5
Test autopilots start/stop idempotency
2018-02-21 10:19:30 -08:00
Alex Dadgar
33c5afdb31
Improve autopilot shutdown to be idempotent
2018-02-20 15:51:59 -08:00
Pierre Souchay
a8d3745104
Fixed comments for function maxIndexForService
2018-02-20 23:57:28 +01:00
Pierre Souchay
09351ba9a6
[Revert] Only update services if tags are different
...
This patch did give some better results, but break watches on
the services of a node.
It is possible to apply the same optimization for nodes than
to services (one index per instance), but it would complicate
further the patch.
Let's do it in another PR.
2018-02-20 23:34:42 +01:00
Pierre Souchay
60454b570a
Only update services if tags are different
2018-02-20 23:08:04 +01:00
Pierre Souchay
a05d38737c
Enable Raft index optimization per service name on health endpoint
...
Had to fix unit test in order to check properly indexes.
2018-02-20 01:35:50 +01:00
Paul Banks
de58eb1820
Fixes #3891 : agent monitor no longer unresponsive before logs stream.
...
The root cause is actually that the agent's streaming HTTP API didn't flush until the first log line was found which commonly was pretty soon since the default level is INFO. In cases where there were no logs immediately due to level for instance, the client gets stuck in the HTTP code waiting on a response packet from the server before we enter the loop that checks the shutdown channel from the signal handler.
This fix flushes the initial status immediately on the streaming endpoint which lets the client code get into it's expected state where it's listening for shutdown or log lines.
2018-02-19 21:53:10 +00:00
Pierre Souchay
4f10fae3c3
Get only first service to test whether we have to cleanup index of a service
2018-02-19 22:44:49 +01:00
Pierre Souchay
bac8fb046f
Fixed comment about raftIndex + use test.Helper()
2018-02-19 19:30:25 +01:00
Pierre Souchay
73127ef407
Services Indexes modified per service instead of using a global Index
...
This patch improves the watches for services on large cluster:
each service has now its own index, such watches on a specific service
are not modified by changes in the global catalog.
It should improve a lot the performance of tools such as consul-template
or libraries performing watches on very large clusters with many
services/watches.
2018-02-19 18:29:22 +01:00
Edd Steel
d0f0d67b4a
Clarify comments
2018-02-17 17:46:11 -08:00
Edd Steel
f770f360e9
Test every endpoint for OPTIONS/MethodNotFound
2018-02-17 17:34:13 -08:00
Edd Steel
c5f0bb3711
Allow endpoints to handle OPTIONS/MethodNotFound themselves
2018-02-17 17:34:03 -08:00
Edd Steel
f5af8b0f03
Initialise `allowedMethods` in init()
2018-02-17 17:31:24 -08:00
Kyle Havlovitz
139b98a427
Fix the coordinate update endpoint not passing the ACL token
2018-02-15 11:58:02 -08:00
Edd Steel
77f19f7505
Support OPTIONS requests
...
- register endpoints with supported methods
- support OPTIONS requests, indicating supported methods
- extract method validation (error 405) from individual endpoints
- on 405 where multiple methods are allowed, create a single Allow
header with comma-separated values, not multiple Allow headers.
2018-02-12 10:15:31 -08:00
Andrei Burd
b608091014
adding human readability for dns requests debug log ( #3751 )
2018-02-11 09:02:28 -06:00
Pierre Souchay
b259b1609c
Merge remote-tracking branch 'origin/master' into service_metadata
2018-02-11 13:20:49 +01:00
Pierre Souchay
9a57dfd68a
Fixed TestSanitize unit test
2018-02-11 12:11:11 +01:00
James Phillips
3724e49ddf
Fixes a panic on TCP-based DNS lookups.
...
This came in via the monkey patch in #3861 .
Fixes #3877
2018-02-08 17:57:41 -08:00
Pierre Souchay
66fdf445e8
Added unit tests for structs and fixed PartialClone()
2018-02-09 01:37:45 +01:00
James Phillips
c2a59f1e6c
Addresses additional state mutations.
...
Did a sweep of 84d6ac2d51
and checked them all.
2018-02-07 07:02:10 -08:00
James Phillips
1c6de1d623
Fixes all the racy output-side updates to tags.
2018-02-06 20:35:55 -08:00
James Phillips
11f6961e47
Adds a more robust unit test for index churn.
2018-02-06 20:35:38 -08:00
Pierre Souchay
80dde5465b
Added support for Service Metadata
2018-02-07 01:54:42 +01:00
James Phillips
d9a6e2a901
Makes server manager shift away from failed servers from Serf events.
...
Because this code was doing pointer equality checks, it would work for
the case of a failed attempted RPC because the objects are from the
manager itself:
https://github.com/hashicorp/consul/blob/v1.0.3/agent/consul/rpc.go#L283-L302
But the pointer check would always fail for events coming in from the
Serf path because the server object is newly-created:
https://github.com/hashicorp/consul/blob/v1.0.3/agent/router/serf_adapter.go#L14-L40
This means that we didn't proactively shift RPC traffic away from a
failed server, we'd have to wait for an RPC to fail, which exposes
the error to the calling client.
By switching over to a name check vs. a pointer check we get the correct
behavior. We added a DEBUG log as well to help observe this behavior during
integrated testing.
Related to #3863 since the fix here needed the same logic duplicated, owing
to the complicated atomic stuff.
/cc @dadgar for a heads up in case this also affects Nomad.
2018-02-05 17:56:00 -08:00
James Phillips
fc155dac19
Adds a before/after test for #3845 .
2018-02-05 16:18:29 -08:00
James Phillips
533f65b7a6
Merge pull request #3845 from 42wim/tagfix
...
Fix service tags not added to health check. Part two
2018-02-05 16:18:00 -08:00
Kyle Havlovitz
f6ecaa4a1c
Add enterprise default config section
2018-02-05 13:33:59 -08:00
James Phillips
e748c63fff
Merge pull request #3855 from hashicorp/pr-3782-slackpad
...
Adds support for gRPC health checks.
2018-02-02 17:57:27 -08:00
James Phillips
5f31c8d8d3
Changes "TLS" to "GRPCUseTLS" since it only applies to GRPC checks.
2018-02-02 17:29:34 -08:00
Wim
ce771f1fb3
Fix service tags not added to health check. Part two
2018-01-29 20:32:44 +01:00
Veselkov Konstantin
5f38e1148a
fix refactoring
2018-01-28 22:53:30 +04:00
Veselkov Konstantin
8e16bd7d77
fix refactoring
2018-01-28 22:48:21 +04:00
Veselkov Konstantin
7de57ba4de
remove golint warnings
2018-01-28 22:40:13 +04:00
James Phillips
9cd602de06
Improves user lookup error message.
...
Closes #3188
Closes #3184
2018-01-26 07:56:44 -08:00
Kyle Havlovitz
144e6e7d31
Remove nonvoter from metadata.Server
2018-01-25 17:08:03 -08:00
James Phillips
64acd0ade0
Gets rid of named return parameters.
...
This wasn't wrong before but we don't generally use this style in
Consul.
2018-01-25 14:29:50 -08:00
James Phillips
b443bd1438
Moves non-stdlib includes into their own section.
2018-01-25 14:26:15 -08:00
Kyle Havlovitz
bfeb09983b
Reset clusterHealth when autopilot starts
2018-01-23 12:52:28 -08:00
Kyle Havlovitz
17805e4634
Move autopilot health loop into leader operations
2018-01-23 11:17:41 -08:00
James Phillips
c190b35b0e
Updates web assets to latest.
2018-01-22 14:46:07 -08:00
Kyle Havlovitz
cde1e7ceb6
Merge pull request #3821 from hashicorp/persist-file-handling
...
Add graceful handling of malformed persisted service/check files.
2018-01-22 12:31:33 -08:00
Kyle Havlovitz
f156b12b22
Merge pull request #3820 from hashicorp/serfwan-port-fix
...
Enforce a valid port for the Serf WAN since it can't be disabled.
2018-01-19 15:40:56 -08:00
James Phillips
93fd6bfeb4
Moves the coordinate fetch after the ACL check.
2018-01-19 15:25:22 -08:00
Kyle Havlovitz
68ae92cb8c
Don't remove the files, just log an error
2018-01-19 14:25:51 -08:00
Kyle Havlovitz
8c5be2dd97
Enforce a valid port for the Serf WAN since it can't be disabled.
...
Fixes #3817
2018-01-19 14:22:23 -08:00
Kyle Havlovitz
4e325a6b8f
Add graceful handling of malformed persisted service/check files.
...
Previously a change was made to make the file writing atomic,
but that wasn't enough to cover something like an OS crash so we
needed something here to handle the situation more gracefully.
Fixes #1221 .
2018-01-19 14:07:36 -08:00
James Hartig
aedab91a66
Resolve symlinks in config directory
...
Docker/Openshift/Kubernetes mount the config file as a symbolic link and
IsDir returns true if the file is a symlink. Before calling IsDir, the
symlink should be resolved to determine if it points at a file or
directory.
Fixes #3753
2018-01-12 15:43:38 -05:00
James Phillips
9509aa6c4b
Adds the NodeID field back to the /v1/agent/self Config block.
...
Fixes #3778
2018-01-10 15:17:54 -08:00
James Phillips
ebcd1787db
Adds more info about how to fix the private IP error.
...
Closes #3790
2018-01-10 09:53:41 -08:00
James Phillips
48cfe6ff5f
Fixes crash where body was optional for PQ endpoint (it is not).
...
Fixes #3791
2018-01-10 09:33:49 -08:00
Dmytro Kostiuchenko
1a10b08e82
Add gRPC health-check #3073
2018-01-04 16:42:30 -05:00
Diptanu Choudhury
294151c1ad
Using labels
2017-12-21 20:30:29 -08:00
Diptanu Choudhury
006eab2394
Added telemetry around Catalog APIs
2017-12-21 16:35:12 -08:00
James Phillips
5b88b8df38
Updates the checked in web assets.
2017-12-20 19:51:04 -08:00
James Phillips
6412d8d9aa
Updates the built-in web assets.
2017-12-20 17:48:51 -08:00
James Phillips
7a46d9c1e3
Wraps HTTP mux to ban all non-printable characters from paths.
2017-12-20 15:47:53 -08:00
James Phillips
2edc11b44c
Updates the built-in web UI assets.
2017-12-20 13:43:52 -08:00
James Phillips
da6a4635b0
Fixes a `go fmt` cleanup.
2017-12-20 13:43:38 -08:00
Kyle Havlovitz
11a0c9cc58
Fix vet error
2017-12-18 18:04:42 -08:00
Kyle Havlovitz
77dc52f430
Move autopilot initializing to oss file
2017-12-18 18:02:44 -08:00
Kyle Havlovitz
039e7f1880
Move autopilot setup to a separate file
2017-12-18 16:55:51 -08:00
Kyle Havlovitz
d08ab9fd19
Make some final tweaks to autopilot package
2017-12-18 12:26:47 -08:00
Kyle Havlovitz
a86d11ec0a
Merge pull request #3737 from hashicorp/autopilot-refactor
...
Move autopilot to a standalone package
2017-12-15 14:09:40 -08:00
James Phillips
06f980061e
Merge pull request #3728 from weiwei04/fix_globalRPC_goroutine_leak
...
fix globalRPC goroutine leak
2017-12-14 17:54:19 -08:00
James Phillips
f491a55e47
Merge pull request #3642 from yfouquet/master
...
[Fix] Service tags not added to health checks
2017-12-14 13:59:39 -08:00
James Phillips
ca3f9024ac
Works around mapstructure behavior to enable sessions with no checks.
...
Fixes #3732
2017-12-14 09:07:56 -08:00
Kyle Havlovitz
324c2ecb53
Expose IsPotentialVoter for advanced autopilot logic
2017-12-13 17:53:51 -08:00
James Phillips
98e837167e
Changes maps to merge vs. overwrite when processing configs.
...
Fixes #3716
2017-12-13 16:06:01 -08:00
Kyle Havlovitz
12bf61c851
Merge branch 'master' into autopilot-refactor
2017-12-13 11:54:32 -08:00
Kyle Havlovitz
d6b266c045
A few last autopilot adjustments
2017-12-13 11:19:17 -08:00
Kyle Havlovitz
2310687c1d
More autopilot reorganizing
2017-12-13 10:57:37 -08:00
James Phillips
46742a5041
Adds TODOs referencing #3744 .
2017-12-13 10:52:06 -08:00
James Phillips
2892f91d0b
Copies the autopilot settings from the runtime config.
...
Fixes #3730
2017-12-13 10:32:05 -08:00
Kyle Havlovitz
b92f895c23
More refactoring to make autopilot consul-agnostic
2017-12-12 17:46:28 -08:00
Yoann Fouquet
986148cfe5
[Fix] Service tags not added to health checks
...
Since commit 9685bdcd0b
, service tags are added to the health checks.
Otherwise, when adding a service, tags are not added to its check.
In updateSyncState, we compare the checks of the local agent with the checks of the catalog.
It appears that the service tags are different (missing in one case), and so the check is synchronized.
That increase the ModifyIndex periodically when nothing changes.
Fixed it by adding serviceTags to the check.
Note that the issue appeared in version 0.8.2.
Looks related to #3259 .
2017-12-12 13:39:37 +01:00
Kyle Havlovitz
de28555671
Move autopilot to a standalone package
2017-12-11 16:45:33 -08:00
James Phillips
d12e81860f
Moves Serf helper into lib to fix import cycle in consul-enterprise.
2017-12-07 16:57:58 -08:00
James Phillips
5065f3d82e
Turns of intent queue warnings and enables dynamic queue sizing.
2017-12-07 16:27:06 -08:00
Wei Wei
cc9648c957
fix globalRPC goroutine leak
...
Signed-off-by: Wei Wei <weiwei.inf@gmail.com>
2017-12-05 11:53:30 +08:00
James Phillips
3e46544085
Creates a registration mechanism for snapshot and restore.
2017-11-29 18:36:53 -08:00
James Phillips
f53f521072
Begins split out of snapshots from the main FSM class.
2017-11-29 18:36:53 -08:00
James Phillips
c8e763667f
Creates a registration mechanism for FSM commands.
2017-11-29 18:36:53 -08:00
James Phillips
78292662d7
Moves the FSM into its own package.
...
This will help make it clearer what happens when we add some registration
plumbing for the different operations and snapshots.
2017-11-29 18:36:53 -08:00
James Phillips
e810697e06
Resolves an FSM snapshot TODO.
...
This adds checks for sink write calls before we continue the refactor, which
will resolve the other TODO comment we deleted as part of this change.
2017-11-29 18:36:53 -08:00
James Phillips
aa61159b74
Creates a registration mechanism for schemas.
...
This also splits out the registration into the table-specific source
files.
2017-11-29 18:36:52 -08:00
James Phillips
93ff33b1be
Creates a registration mechanism for RPC endpoints.
2017-11-29 18:36:52 -08:00
James Phillips
68f100c8df
Creates HTTP endpoint registry.
2017-11-29 18:36:52 -08:00
James Phillips
679775418f
Moves coordinate disabled logic down into endpoints.
...
Similar rationale to the previous change for ACLs.
2017-11-29 18:36:52 -08:00
James Phillips
29367cd5ae
Moves ACL disabled response logic down into endpoints.
...
This lets us make the registration of endpoints less fancy, on the
road to adding a registration mechanism.
2017-11-29 18:36:52 -08:00
James Phillips
44d824a58f
Renames "segments" to "segment" to be consistent with other files.
2017-11-29 18:36:52 -08:00
James Phillips
8bf1f57737
Renames stubs to be more consistent.
2017-11-29 18:36:52 -08:00
James Phillips
8abd2050fa
Sheds monotonic time info so tombstone GC bins work properly.
2017-11-29 10:34:24 -08:00
James Phillips
de57a9ef51
Gives back the lock before writing to the expire channel.
...
The lock isn't needed after we clean up the expire bin, and as seen
in #3700 we can get into a deadlock waiting to place the expire index
into the channel while holding this lock.
Fixes #3700
2017-11-19 16:24:16 -08:00
James Phillips
34c13925d4
Skips files with unknown extensions when not forcing a format.
...
Fixes #3685
2017-11-10 18:06:07 -08:00
James Phillips
1e49c157c5
Adds a snapshot agent stub to the config structure.
...
Fixes #3678
2017-11-10 13:50:45 -08:00
James Phillips
990fbbb86b
Cleans up check logging.
...
There were places where we still didn't have the script vs. args sorted
correctly so changed all the logging to be just based on check IDs and
also made everything uniform.
Also removed some annoying debug logging, and moved some of the large output
logging to TRACE level.
Closes #3602
2017-11-10 12:48:44 -08:00
James Phillips
f19ba41144
Moves the LAN event handler after the router is created.
...
Fixes #3680
2017-11-10 12:26:48 -08:00
James Phillips
17737ee030
Revert "Adds a small sleep to make sure we are in the next GC bucket."
2017-11-08 22:18:37 -08:00
James Phillips
24475048e2
Adds a sleep to make sure we are in the next GC bucket, ups time.
...
Fixes #3670
2017-11-08 22:02:40 -08:00
James Phillips
c57884fffe
Skips the tombstone GC test in Travis for now.
...
Related to #3670
2017-11-08 20:14:20 -08:00
James Phillips
cd935ebe6c
Adds missing os import.
2017-11-08 20:02:22 -08:00
James Phillips
f6b7dcbcf6
Removes bogus getPort() in favor of freeport.
2017-11-08 19:55:50 -08:00
James Phillips
8579225c27
Skips IPv6 test in Travis.
2017-11-08 18:28:45 -08:00
James Phillips
2937656f8e
Adds a longer retry period for the AE deferred output test.
...
There's some justification in the comments about this and a TODO to
improve this later.
Fixes #3668
2017-11-08 18:10:13 -08:00
James Phillips
7b966e2d26
Tightens timing up and reorders GC test to be less flaky.
2017-11-08 15:09:29 -08:00
James Phillips
7c6ab5e783
Doubles the GC timing.
2017-11-08 15:01:11 -08:00
James Phillips
8de7c77482
Opens up test timing a little more.
2017-11-08 14:01:19 -08:00
James Phillips
c46612f691
Shifts off a gran boundary to help make test less flaky.
2017-11-08 13:57:17 -08:00
James Phillips
f31856c1b7
Opens up the tombstone GC test timing.
2017-11-08 13:43:39 -08:00
James Phillips
93f68555d0
Adds enable_agent_tls_for_checks configuration option which allows ( #3661 )
...
HTTP health checks for services requiring 2-way TLS to be checked
using the agent's credentials.
2017-11-07 18:22:09 -08:00
James Phillips
85e678fbdd
Saves the cycled server list after a failed ping when rebalancing. ( #3662 )
...
Fixes #3463
2017-11-07 18:13:23 -08:00
James Phillips
099b143838
Double-books the HTTP metrics w/ and w/o the "consul" prefix.
...
Fixes #3654
2017-11-07 16:32:45 -08:00
James Phillips
4a2cafe525
Adds HTTP/2 support to Consul's HTTPS server. ( #3657 )
...
* Refactors the HTTP listen path to create servers in the same spot.
* Adds HTTP/2 support to Consul's HTTPS server.
* Vendors Go HTTP/2 library and associated deps.
2017-11-07 15:06:59 -08:00
James Phillips
aa199ab6ba
Makes the metrics ACL test call the right endpoint.
...
This also required setting up a proper in-mem sink so we don't get
metrics-related errors.
Fixes #3655
2017-11-06 21:50:04 -08:00
Preetha Appan
b15d8db851
Sets tty in docker client back to true, as a potential fix for docker exec weirdness
2017-11-05 09:44:55 -06:00
Kyle Havlovitz
d3dd2b1402
Move check definition to a sub-struct
2017-11-01 14:54:46 -07:00
Kyle Havlovitz
dbab3cd5f6
Merge branch 'master' into esm-changes
2017-11-01 11:37:48 -07:00
Kyle Havlovitz
c4375d5a47
Merge pull request #3622 from hashicorp/coordinate-node-endpoint
...
agent: add /v1/coordianate/node/:node endpoint
2017-11-01 11:35:50 -07:00
Kyle Havlovitz
021b2849c5
Remove redundant lines from coordinate test
2017-11-01 11:25:33 -07:00
Kyle Havlovitz
b0536a96cc
Fill out the tests around coordinate/node functionality
2017-10-31 15:36:44 -07:00
Frank Schröder
874e350b2f
config: add -config-format option ( #3626 )
...
* config: refactor ReadPath(s) methods without side-effects
Return the sources instead of modifying the state.
* config: clean data dir before every test
* config: add tests for config-file and config-dir
* config: add -config-format option
Starting with Consul 1.0 all config files must have a '.json' or '.hcl'
extension to make it unambigous how the data should be parsed. Some
automation tools generate temporary files by appending a random string
to the generated file which obfuscates the extension and prevents the
file type detection.
This patch adds a -config-format option which can be used to override
the auto-detection behavior by forcing all config files or all files
within a config directory independent of their extension to be
interpreted as of this format.
Fixes #3620
2017-10-31 17:30:01 -05:00
Frank Schröder
a052255f86
vendor: update go-discover ( #3634 )
...
* vendor: update go-discover
Pull in providers:
* Aliyun (Alibaba Cloud)
* Digital Ocean
* OpenStack (os)
* Scaleway
* doc: use ... instead of xxx
* doc: strip trailing whitespace
* doc: add docs for aliyun, digitalocean, os and scaleway
* agent: fix test
2017-10-31 17:03:54 -05:00
Kyle Havlovitz
1e3b0d441b
Factor out registerNodes function
2017-10-31 13:34:49 -07:00
James Phillips
6bf55d16a2
Relaxes Autopilot promotion logic. ( #3623 )
...
* Relaxes Autopilot promotion logic.
When we defaulted the Raft protocol version to 3 in #3477 we made
the numPeers() routine more strict to only count voters (this is
more conservative and more correct). This had the side effect of
breaking rolling updates because it's at odds with the Autopilot
non-voter promotion logic.
That logic used to wait to only promote to maintain an odd quorum
of servers. During a rolling update (add one new server, wait, and
then kill an old server) the dead server cleanup would still count
the old server as a peer, which is conservative and the right thing
to do, and no longer count the non-voter. This would wait to promote,
so you could get into a stalemate. It is safer to promote early than
remove early, so by promoting as soon as possible we have chosen
that as the solution here.
Fixes #3611
* Gets rid of unnecessary extra not-a-voter check.
2017-10-31 15:16:56 -05:00
Frank Schroeder
c72e6bdb37
docker: fix failing test
2017-10-31 09:26:34 +01:00
Frank Schroeder
7c0e5036a8
docker: render errors with %v since they can be nil
2017-10-31 09:19:20 +01:00
Kyle Havlovitz
a1d14019dd
Add tests around coordinate update endpoint
2017-10-26 20:12:54 -07:00
Kyle Havlovitz
2392545adc
Merge branch 'coordinate-node-endpoint' of github.com:hashicorp/consul into esm-changes
2017-10-26 19:20:24 -07:00
Kyle Havlovitz
5589eadcf5
Added Coordinate.Node rpc endpoint and client api method
2017-10-26 19:16:40 -07:00
Frank Schroeder
ca9aac746f
agent: add /v1/coordianate/node/:node endpoint
...
This patch adds a /v1/coordinate/node/:node endpoint to get the network
coordinates for a single node in the network.
Since Consul Enterprise supports network segments it is still possible
to receive mutiple entries for a single node - one per segment.
2017-10-26 14:24:42 +02:00
Frank Schroeder
b4d8c26194
docker: add comment about "connection reset by peer" error
2017-10-26 12:14:19 +02:00
Frank Schroeder
164ec3ec39
docker: stop previous check on replace
2017-10-26 12:03:07 +02:00
Frank Schroeder
e774b46f82
docker: close idle connections on stop
2017-10-26 12:02:39 +02:00
Frank Schroeder
94726ef105
docker: do not alloc a tty since this is not interactive
2017-10-26 11:56:54 +02:00
Frank Schroeder
a1b47d99c1
docker: make sure to log the error when we fall through
2017-10-26 11:56:36 +02:00
Frank Schroeder
51a18c2557
docker: ignore "connection reset by peer"
...
The Docker agent closes the connection during read after we have
read the body. This causes a "connection reset by peer" even though
the command was successful.
We ignore that error here since we got the correct status code
and a response body.
2017-10-26 11:56:08 +02:00
Kyle Havlovitz
ce4e8c46fa
Add deregister critical service field and refactor duration parsing
2017-10-25 19:17:41 -07:00
Kyle Havlovitz
291455f475
Added coordinate update http endpoint
2017-10-25 19:37:30 +02:00
Kyle Havlovitz
d56936e27a
Added remaining HTTP health check fields to structs
2017-10-25 19:37:30 +02:00
Kyle Havlovitz
a7c42a6c2a
Expose SkipNodeUpdate field and some health check info in the http api
2017-10-25 19:37:30 +02:00
Frank Schroeder
d14adc6b4d
fix go vet issue
2017-10-25 19:30:35 +02:00
Frank Schroeder
96fdbd00a6
replace custom unique id with a UUID
2017-10-25 19:30:35 +02:00
Frank Schroeder
8f145559d8
Decouple the code that executes checks from the agent
2017-10-25 11:18:07 +02:00
Frank Schroeder
1cb8b0ffe3
local state: fix go vet issue
2017-10-23 10:56:05 +02:00
Frank Schroeder
7335c34c32
local state: remove stale comment
2017-10-23 10:56:05 +02:00
Frank Schroeder
3d547e30c7
local state: make test more robust
2017-10-23 10:56:05 +02:00
Frank Schroeder
52e73301f6
local state: clone check to avoid side effect
2017-10-23 10:56:05 +02:00
Frank Schroeder
6bc9d66192
local state: use synchronized access to internal maps
2017-10-23 10:56:05 +02:00
Frank Schroeder
cc0499da3d
ae: do not trigger on Resume while holding the lock
2017-10-23 10:56:05 +02:00
Frank Schroeder
92f136de12
ae: add remaining test cases
2017-10-23 10:56:05 +02:00
Frank Schroeder
622ace2829
ae: refactor StateSyncer to state machine for better testing
2017-10-23 10:56:05 +02:00
Frank Schroeder
1212598ae2
ae: add test that we run a full before a partial sync
2017-10-23 10:56:05 +02:00
Frank Schroeder
4431e222fe
ae: make control flow more explicit
2017-10-23 10:56:05 +02:00
Frank Schroeder
3231385089
ae: fix typo in constructor name
2017-10-23 10:56:05 +02:00
Frank Schroeder
51daa96dfe
ae: add test for resume triggering SyncChanges
2017-10-23 10:56:05 +02:00
Frank Schroeder
92088d21e8
ae: add test for ifNotPausedRun
2017-10-23 10:56:05 +02:00
Frank Schroeder
11e172d1e9
ae: make stagger function pluggable for testing
2017-10-23 10:56:05 +02:00
Frank Schroeder
e2452efed8
ae: restore previous pause/resume behavior
2017-10-23 10:56:04 +02:00
Frank Schroeder
aba072bd1d
ae: ensure that syncs are blocked when paused
2017-10-23 10:56:04 +02:00
Frank Schroeder
58d52ac580
local state: rename Add{Check,Service}State to Set{Check,Service}State
2017-10-23 10:56:04 +02:00
Frank Schroeder
e144f51b29
local state: move Metadata methods together
2017-10-23 10:56:04 +02:00
Frank Schroeder
4f9e05f634
local state: update documentation of updateSyncState
2017-10-23 10:56:04 +02:00
Frank Schroeder
41c7b0927e
local state: update comments
2017-10-23 10:56:04 +02:00
Frank Schroeder
de57b16d99
local state: address review comments
...
* move non-blocking notification mechanism into ae.Trigger
* move Pause/Resume into separate type
2017-10-23 10:56:04 +02:00
Frank Schroeder
5c77c59501
local state: refactor TestAgentAntiEntropy_EnableTagOverride
...
Make intent clearer by being more explicit and adding some comments.
Use verify.Values to compare service entries.
2017-10-23 10:56:04 +02:00
Frank Schroeder
524981f367
local state: fix TestAgentAntiEntropy_EnableTagOverride
...
The test had a race condition where it relied on the first service to be
synced to the remote catalog which sometimes failed.
2017-10-23 10:56:04 +02:00
Frank Schroeder
1181aaee6a
local state: rename tests
2017-10-23 10:56:04 +02:00
Frank Schroeder
1602ac56b5
local state: drop retry loops from tests
...
Since the tests are now using synchronous calls for state syncing
we no longer need to use retry loops to wait for the changes to
propagate.
2017-10-23 10:56:04 +02:00
Frank Schroeder
7e3adc4549
agent: skip non-sensical TestCatalogRegister
...
It is not clear what this test is supposed to verify.
2017-10-23 10:56:04 +02:00
Frank Schroeder
71c74e62c7
local state: fix anti-entropy state tests
...
The anti-entropy tests relied on the side-effect of the StartSync()
method to perform a full sync instead of a partial sync. This lead to
multiple anti-entropy go routines being started unnecessary retry loops.
This change changes the behavior to perform synchronous full syncs when
necessary removing the need for all of the time.Sleep and most of the
retry loops.
2017-10-23 10:56:04 +02:00
Frank Schroeder
37b95ef98e
local state: fix test with updated error message
2017-10-23 10:56:04 +02:00
Frank Schroeder
d2cc0e6e8a
local state: fix failing tests
2017-10-23 10:56:03 +02:00
Frank Schroeder
b803bf3091
local state: tests compile
2017-10-23 10:56:03 +02:00
Frank Schroeder
0a9ac9749e
local state: replace multi-map state with structs
...
The state of the service and health check records was spread out over
multiple maps guarded by a single lock. Access to the maps has to happen
in a coordinated effort and the tests often violated this which made
them brittle and racy.
This patch replaces the multiple maps with a single one for both checks
and services to make the code less fragile.
This is also necessary since moving the local state into its own package
creates circular dependencies for the tests. To avoid this the tests can
no longer access internal data structures which they should not be doing
in the first place.
The tests still don't compile but this is a ncessary step in that
direction.
2017-10-23 10:56:03 +02:00
Frank Schroeder
6027a9e2a5
local state: move to separate package
...
This patch moves the local state to a separate package to further
decouple it from the agent code.
The code compiles but the tests do not yet.
2017-10-23 10:56:03 +02:00
Frank Schroeder
c00bbdb5e4
agent: simplify some loops
2017-10-23 10:56:03 +02:00
Frank Schroeder
cbaf97bced
agent: refactor sync loop to linear flow of control
2017-10-23 10:56:03 +02:00
Frank Schroeder
94ef1041a1
agent: cleanup StateSyncer
...
This patch cleans up the state syncer code by renaming fields, adding
helpers and documentation.
2017-10-23 10:56:03 +02:00
Frank Schroeder
29e18c7494
agent: decouple anti-entropy from local state
...
The anti-entropy code manages background synchronizations of the local
state on a regular basis or on demand when either the state has changed
or a new consul server has been added.
This patch moves the anti-entropy code into its own package and
decouples it from the local state code since they are performing
two different functions.
To simplify code-review this revision does not make any optimizations,
renames or refactorings. This will happen in subsequent commits.
2017-10-23 10:56:03 +02:00
Frank Schroeder
2e7ed2fd86
Merge pull request #3585 from hashicorp/document-runtime-config
...
Moving the previous `agent/config.go` documentation to
`agent/config/runtime.go`.
2017-10-23 10:51:22 +02:00
Frank Schroeder
5bfb2808f9
Merge pull request #3598 from hashicorp/issue-3397-error-with-extra-flags
...
The `consul agent` command was ignoring extra command line arguments
which can lead to confusion when the user has for example forgotten to
add a dash in front of an argument or is not using an `=` when setting
boolean flags to `true`. `-bootstrap true` is not the same as
`-bootstrap=true`, for example.
Since all command line flags are known and we don't expect unparsed
arguments we can return an error. However, this may make it slightly
more difficult in the future if we ever wanted to have these kinds of
arguments.
Fixes #3397
2017-10-23 10:47:04 +02:00
Frank Schroeder
81917ee675
Merge pull request #3600 from hashicorp/support-go-sockaddr-for-dns-recursors
...
DNS recursors can be added through go-sockaddr templates. Entries
are deduplicated while the order is maintained.
Originally proposed by @taylorchu
See #2932
2017-10-23 10:45:36 +02:00
Frank Schroeder
e5d5e6429b
Revert "config: add support for go-sockaddr templates for DNS recursors"
...
This reverts commit 72bee6284d
.
2017-10-23 10:08:35 +02:00
Frank Schroeder
0e360cc3b5
Revert "config: do not allow an ANY address as DNS recursor"
...
This reverts commit 1db8d3cb00
.
2017-10-23 10:08:35 +02:00
Frank Schroeder
58b0e153f9
Revert "agent: decouple anti-entropy from local state"
...
This reverts commit a842dc9c2b
.
2017-10-23 10:08:35 +02:00
Frank Schroeder
b4e7d0b974
Revert "agent: cleanup StateSyncer"
...
This reverts commit b7136e100b
.
2017-10-23 10:08:35 +02:00
Frank Schroeder
26a155eb41
Revert "agent: refactor sync loop to linear flow of control"
...
This reverts commit 7a2af206ea
.
2017-10-23 10:08:35 +02:00
Frank Schroeder
91569a7ceb
Revert "agent: simplify some loops"
...
This reverts commit b5dbad910c
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
67a0689f71
Revert "local state: move to separate package"
...
This reverts commit d447e823c6
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
623e07760a
Revert "local state: replace multi-map state with structs"
...
This reverts commit ccbae7da5b
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
9ed4b2d631
Revert "local state: tests compile"
...
This reverts commit 1af52bf7be
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
b3bfeee100
Revert "local state: fix failing tests"
...
This reverts commit 76682da4a0
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
5ae4c52ca6
Revert "local state: fix test with updated error message"
...
This reverts commit e9149f64d9
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
67cdfc038e
Revert "local state: fix anti-entropy state tests"
...
This reverts commit f8e20cd996
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
fca0df59fb
Revert "agent: skip non-sensical TestCatalogRegister"
...
This reverts commit ce1f35373e
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
556bf3f85d
Revert "local state: drop retry loops from tests"
...
This reverts commit 2bdba8ab06
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
a3aa864d5b
Revert "local state: rename tests"
...
This reverts commit ff62eaf063
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
39615cb57b
Revert "local state: fix TestAgentAntiEntropy_EnableTagOverride"
...
This reverts commit 86f7ea6013
.
2017-10-23 10:08:34 +02:00
Frank Schroeder
9fdea75d99
Revert "local state: refactor TestAgentAntiEntropy_EnableTagOverride"
...
This reverts commit c28e23eac8
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
46641e44d9
Revert "local state: address review comments"
...
This reverts commit 1d315075b1
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
abd83f2d28
Revert "local state: update comments"
...
This reverts commit 42188164f8
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
c6e441dd60
Revert "local state: update documentation of updateSyncState"
...
This reverts commit e86521e637
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
648b4da4f8
Revert "local state: move Metadata methods together"
...
This reverts commit 9bc8127728
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
fa45a6a547
Revert "local state: rename Add{Check,Service}State to Set{Check,Service}State"
...
This reverts commit 9280841a80
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
e95d22b9a8
Revert "ae: ensure that syncs are blocked when paused"
...
This reverts commit ffb265dd93
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
23a9ac9d56
Revert "ae: restore previous pause/resume behavior"
...
This reverts commit 126046be23
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
93d03595d1
Revert "ae: make stagger function pluggable for testing"
...
This reverts commit 066ad01c38
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
3d202b59bc
Revert "ae: add test for ifNotPausedRun"
...
This reverts commit f5177ef332
.
2017-10-23 10:08:33 +02:00
Frank Schroeder
e0e96496f1
Revert "ae: add test for resume triggering SyncChanges"
...
This reverts commit cd0262744d
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
cab3b17292
Revert "ae: fix typo in constructor name"
...
This reverts commit e88f49e2cc
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
25ed78c8f7
Revert "ae: make control flow more explicit"
...
This reverts commit b9a8b53d52
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
65166cce8e
Revert "ae: add test that we run a full before a partial sync"
...
This reverts commit 8158cec829
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
e78520c3f9
Revert "ae: refactor StateSyncer to state machine for better testing"
...
This reverts commit 8a45365f68
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
4121cafed7
Revert "ae: add remaining test cases"
...
This reverts commit c32915bb4f
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
f8202f300f
Revert "ae: do not trigger on Resume while holding the lock"
...
This reverts commit bd00814301
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
d6f52d9ed1
Revert "local state: use synchronized access to internal maps"
...
This reverts commit 39a2d8d25e
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
4e862d126d
Revert "local state: clone check to avoid side effect"
...
This reverts commit af1243c725
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
42af4cdc70
Revert "local state: make test more robust"
...
This reverts commit f9267380db
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
4ae8317fbf
Revert "local state: remove stale comment"
...
This reverts commit 35f4acdddc
.
2017-10-23 10:08:32 +02:00
Frank Schroeder
eb0f2036a3
Revert "config: document telemetry options"
...
This reverts commit 7fede4472d
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
63402a3103
Revert "config: document http options"
...
This reverts commit 5f59857448
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
721cb8d561
Revert "config: document dns options"
...
This reverts commit 5e57e9273e
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
f3ed813f03
Revert "config: document autopilot options"
...
This reverts commit 7685ef409c
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
c4662e4806
Revert "config: document acl options"
...
This reverts commit 7396bd31fd
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
807831446a
Revert "config: document config options"
...
This reverts commit a38c69d784
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
29616e969a
Revert "config: document more acl options"
...
This reverts commit 2682ce0b82
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
3667a882ef
Revert "config: document more config options"
...
This reverts commit bf81cdea6e
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
522dce2602
Revert "config: document more config options"
...
This reverts commit 9864609201
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
22f3c7cb0a
Revert "config: document remaining config options"
...
This reverts commit 0ed4561f12
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
0693082d40
Revert "config: address review comments"
...
This reverts commit f6e9ad99ec
.
2017-10-23 10:08:31 +02:00
Frank Schroeder
223fae7d92
Revert "fix go vet issue"
...
This reverts commit 078e50b635
.
2017-10-23 10:00:26 +02:00
Frank Schröder
6aa9372792
Revert "config: rename test struct field to args"
...
This reverts commit f2a291a470
.
2017-10-23 09:58:37 +02:00
Frank Schröder
1073de49db
Revert "config: return error on extra command line arguments ( #3397 )"
...
This reverts commit ce935cef55
.
2017-10-23 09:58:37 +02:00
Frank Schroeder
078e50b635
fix go vet issue
2017-10-23 08:13:52 +02:00
Frank Schroeder
ce935cef55
config: return error on extra command line arguments ( #3397 )
...
The `consul agent` command was ignoring extra command line arguments
which can lead to confusion when the user has for example forgotten to
add a dash in front of an argument or is not using an `=` when setting
boolean flags to `true`. `-bootstrap true` is not the same as
`-bootstrap=true`, for example.
Since all command line flags are known and we don't expect unparsed
arguments we can return an error. However, this may make it slightly
more difficult in the future if we ever wanted to have these kinds of
arguments.
Fixes #3397
2017-10-23 08:08:09 +02:00
Frank Schroeder
f2a291a470
config: rename test struct field to args
2017-10-23 08:08:09 +02:00
Frank Schroeder
b97ab367f4
config: return error on extra command line arguments ( #3397 )
...
The `consul agent` command was ignoring extra command line arguments
which can lead to confusion when the user has for example forgotten to
add a dash in front of an argument or is not using an `=` when setting
boolean flags to `true`. `-bootstrap true` is not the same as
`-bootstrap=true`, for example.
Since all command line flags are known and we don't expect unparsed
arguments we can return an error. However, this may make it slightly
more difficult in the future if we ever wanted to have these kinds of
arguments.
Fixes #3397
2017-10-23 08:07:48 +02:00
Frank Schroeder
1fef7f4b67
config: rename test struct field to args
2017-10-23 08:07:48 +02:00
Frank Schroeder
f6e9ad99ec
config: address review comments
2017-10-23 08:06:26 +02:00
Frank Schroeder
0ed4561f12
config: document remaining config options
2017-10-23 08:06:26 +02:00
Frank Schroeder
9864609201
config: document more config options
2017-10-23 08:06:26 +02:00
Frank Schroeder
bf81cdea6e
config: document more config options
2017-10-23 08:06:26 +02:00
Frank Schroeder
2682ce0b82
config: document more acl options
2017-10-23 08:06:26 +02:00
Frank Schroeder
a38c69d784
config: document config options
2017-10-23 08:06:26 +02:00
Frank Schroeder
7396bd31fd
config: document acl options
2017-10-23 08:06:26 +02:00
Frank Schroeder
7685ef409c
config: document autopilot options
2017-10-23 08:06:26 +02:00
Frank Schroeder
5e57e9273e
config: document dns options
2017-10-23 08:06:26 +02:00
Frank Schroeder
5f59857448
config: document http options
2017-10-23 08:06:26 +02:00
Frank Schroeder
7fede4472d
config: document telemetry options
2017-10-23 08:06:26 +02:00
Frank Schroeder
21a7d399bd
config: address review comments
2017-10-23 08:05:47 +02:00
Frank Schroeder
cf0a571a76
config: document remaining config options
2017-10-23 08:04:03 +02:00
Frank Schroeder
149ab13a13
config: document more config options
2017-10-23 08:04:03 +02:00
Frank Schroeder
a8f709a875
config: document more config options
2017-10-23 08:04:03 +02:00
Frank Schroeder
6c64cf9b5d
config: document more acl options
2017-10-23 08:04:03 +02:00
Frank Schroeder
ffb0f6ec8b
config: document config options
2017-10-23 08:04:03 +02:00
Frank Schroeder
70270d6d98
config: document acl options
2017-10-23 08:04:03 +02:00
Frank Schroeder
7f214b1e1c
config: document autopilot options
2017-10-23 08:04:03 +02:00
Frank Schroeder
cfc891fc25
config: document dns options
2017-10-23 08:04:03 +02:00
Frank Schroeder
d27617c60b
config: document http options
2017-10-23 08:04:03 +02:00