2023-03-28 18:39:22 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2014-01-08 21:52:09 +00:00
|
|
|
package consul
|
|
|
|
|
|
|
|
import (
|
2014-01-08 21:56:34 +00:00
|
|
|
"fmt"
|
2018-10-19 16:04:07 +00:00
|
|
|
"sort"
|
2017-05-05 10:36:35 +00:00
|
|
|
|
2014-04-04 21:55:44 +00:00
|
|
|
"github.com/armon/go-metrics"
|
2021-04-20 18:55:24 +00:00
|
|
|
bexpr "github.com/hashicorp/go-bexpr"
|
2022-05-25 20:20:17 +00:00
|
|
|
"github.com/hashicorp/go-hclog"
|
2021-04-20 18:55:24 +00:00
|
|
|
"github.com/hashicorp/go-memdb"
|
2022-05-25 20:20:17 +00:00
|
|
|
hashstructure_v2 "github.com/mitchellh/hashstructure/v2"
|
2021-04-20 18:55:24 +00:00
|
|
|
|
2019-10-15 20:58:50 +00:00
|
|
|
"github.com/hashicorp/consul/acl"
|
2022-10-10 17:40:27 +00:00
|
|
|
"github.com/hashicorp/consul/agent/configentry"
|
pkg refactor
command/agent/* -> agent/*
command/consul/* -> agent/consul/*
command/agent/command{,_test}.go -> command/agent{,_test}.go
command/base/command.go -> command/base.go
command/base/* -> command/*
commands.go -> command/commands.go
The script which did the refactor is:
(
cd $GOPATH/src/github.com/hashicorp/consul
git mv command/agent/command.go command/agent.go
git mv command/agent/command_test.go command/agent_test.go
git mv command/agent/flag_slice_value{,_test}.go command/
git mv command/agent .
git mv command/base/command.go command/base.go
git mv command/base/config_util{,_test}.go command/
git mv commands.go command/
git mv consul agent
rmdir command/base/
gsed -i -e 's|package agent|package command|' command/agent{,_test}.go
gsed -i -e 's|package agent|package command|' command/flag_slice_value{,_test}.go
gsed -i -e 's|package base|package command|' command/base.go command/config_util{,_test}.go
gsed -i -e 's|package main|package command|' command/commands.go
gsed -i -e 's|base.Command|BaseCommand|' command/commands.go
gsed -i -e 's|agent.Command|AgentCommand|' command/commands.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/commands.go
gsed -i -e 's|base\.||' command/commands.go
gsed -i -e 's|command\.||' command/commands.go
gsed -i -e 's|command|c|' main.go
gsed -i -e 's|range Commands|range command.Commands|' main.go
gsed -i -e 's|Commands: Commands|Commands: command.Commands|' main.go
gsed -i -e 's|base\.BoolValue|BoolValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.DurationValue|DurationValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.StringValue|StringValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.UintValue|UintValue|' command/operator_autopilot_set.go
gsed -i -e 's|\bCommand\b|BaseCommand|' command/base.go
gsed -i -e 's|BaseCommand Options|Command Options|' command/base.go
gsed -i -e 's|base.Command|BaseCommand|' command/*.go
gsed -i -e 's|c\.Command|c.BaseCommand|g' command/*.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/*_test.go
gsed -i -e 's|base\.||' command/*_test.go
gsed -i -e 's|\bCommand\b|AgentCommand|' command/agent{,_test}.go
gsed -i -e 's|cmd.AgentCommand|cmd.BaseCommand|' command/agent.go
gsed -i -e 's|cli.AgentCommand = new(Command)|cli.Command = new(AgentCommand)|' command/agent_test.go
gsed -i -e 's|exec.AgentCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|exec.BaseCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|NewTestAgent|agent.NewTestAgent|' command/agent_test.go
gsed -i -e 's|= TestConfig|= agent.TestConfig|' command/agent_test.go
gsed -i -e 's|: RetryJoin|: agent.RetryJoin|' command/agent_test.go
gsed -i -e 's|\.\./\.\./|../|' command/config_util_test.go
gsed -i -e 's|\bverifyUniqueListeners|VerifyUniqueListeners|' agent/config{,_test}.go command/agent.go
gsed -i -e 's|\bserfLANKeyring\b|SerfLANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bserfWANKeyring\b|SerfWANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bNewAgent\b|agent.New|g' command/agent{,_test}.go
gsed -i -e 's|\bNewAgent|New|' agent/{acl_test,agent,testagent}.go
gsed -i -e 's|\bAgent\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bBool\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDefaultConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDevConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bMergeConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bReadConfigPaths\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bParseMetaPair\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfLANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfWANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|circonus\.agent|circonus|g' command/agent{,_test}.go
gsed -i -e 's|logger\.agent|logger|g' command/agent{,_test}.go
gsed -i -e 's|metrics\.agent|metrics|g' command/agent{,_test}.go
gsed -i -e 's|// agent.Agent|// agent|' command/agent{,_test}.go
gsed -i -e 's|a\.agent\.Config|a.Config|' command/agent{,_test}.go
gsed -i -e 's|agent\.AppendSliceValue|AppendSliceValue|' command/{configtest,validate}.go
gsed -i -e 's|consul/consul|agent/consul|' GNUmakefile
gsed -i -e 's|\.\./test|../../test|' agent/consul/server_test.go
# fix imports
f=$(grep -rl 'github.com/hashicorp/consul/command/agent' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/command/agent|github.com/hashicorp/consul/agent|' $f
goimports -w $f
f=$(grep -rl 'github.com/hashicorp/consul/consul' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/consul|github.com/hashicorp/consul/agent/consul|' $f
goimports -w $f
goimports -w command/*.go main.go
)
2017-06-09 22:28:28 +00:00
|
|
|
"github.com/hashicorp/consul/agent/consul/state"
|
2017-07-06 10:34:00 +00:00
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
2014-01-08 21:52:09 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// Health endpoint is used to query the health information
|
|
|
|
type Health struct {
|
2022-05-25 20:20:17 +00:00
|
|
|
srv *Server
|
|
|
|
logger hclog.Logger
|
2014-01-08 21:52:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ChecksInState is used to get all the checks in a given state
|
|
|
|
func (h *Health) ChecksInState(args *structs.ChecksInStateRequest,
|
2014-02-05 21:30:18 +00:00
|
|
|
reply *structs.IndexedHealthChecks) error {
|
2021-04-20 18:55:24 +00:00
|
|
|
if done, err := h.srv.ForwardRPC("Health.ChecksInState", args, reply); done {
|
2019-12-10 02:26:41 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
filter, err := bexpr.CreateFilter(args.Filter, nil, reply.HealthChecks)
|
|
|
|
if err != nil {
|
2014-01-08 21:52:09 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
_, err = h.srv.ResolveTokenAndDefaultMeta(args.Token, &args.EnterpriseMeta, nil)
|
2019-04-16 16:00:15 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
if err := h.srv.validateEnterpriseRequest(&args.EnterpriseMeta, false); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2017-01-24 07:37:21 +00:00
|
|
|
return h.srv.blockingQuery(
|
2015-10-12 07:42:09 +00:00
|
|
|
&args.QueryOptions,
|
2014-04-21 18:04:52 +00:00
|
|
|
&reply.QueryMeta,
|
2017-04-21 00:46:29 +00:00
|
|
|
func(ws memdb.WatchSet, state *state.Store) error {
|
2017-01-14 01:08:43 +00:00
|
|
|
var index uint64
|
|
|
|
var checks structs.HealthChecks
|
|
|
|
var err error
|
|
|
|
if len(args.NodeMetaFilters) > 0 {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
index, checks, err = state.ChecksInStateByNodeMeta(ws, args.State, args.NodeMetaFilters, &args.EnterpriseMeta, args.PeerName)
|
2017-01-14 01:08:43 +00:00
|
|
|
} else {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
index, checks, err = state.ChecksInState(ws, args.State, &args.EnterpriseMeta, args.PeerName)
|
2017-01-14 01:08:43 +00:00
|
|
|
}
|
2015-10-12 07:42:09 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
reply.Index, reply.HealthChecks = index, checks
|
2019-04-16 16:00:15 +00:00
|
|
|
|
|
|
|
raw, err := filter.Execute(reply.HealthChecks)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
reply.HealthChecks = raw.(structs.HealthChecks)
|
|
|
|
|
2021-12-03 17:31:32 +00:00
|
|
|
// Note: we filter the results with ACLs *after* applying the user-supplied
|
|
|
|
// bexpr filter, to ensure QueryMeta.ResultsFilteredByACLs does not include
|
|
|
|
// results that would be filtered out even if the user did have permission.
|
|
|
|
if err := h.srv.filterACL(args.Token, reply); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2015-07-27 21:41:46 +00:00
|
|
|
return h.srv.sortNodesByDistanceFrom(args.Source, reply.HealthChecks)
|
2014-02-05 21:30:18 +00:00
|
|
|
})
|
2014-01-08 21:52:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// NodeChecks is used to get all the checks for a node
|
|
|
|
func (h *Health) NodeChecks(args *structs.NodeSpecificRequest,
|
2014-02-05 21:30:18 +00:00
|
|
|
reply *structs.IndexedHealthChecks) error {
|
2021-04-20 18:55:24 +00:00
|
|
|
if done, err := h.srv.ForwardRPC("Health.NodeChecks", args, reply); done {
|
2019-12-10 02:26:41 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
filter, err := bexpr.CreateFilter(args.Filter, nil, reply.HealthChecks)
|
|
|
|
if err != nil {
|
2014-01-08 21:52:09 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
_, err = h.srv.ResolveTokenAndDefaultMeta(args.Token, &args.EnterpriseMeta, nil)
|
2019-04-16 16:00:15 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
if err := h.srv.validateEnterpriseRequest(&args.EnterpriseMeta, false); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2017-01-24 07:37:21 +00:00
|
|
|
return h.srv.blockingQuery(
|
2015-10-12 07:42:09 +00:00
|
|
|
&args.QueryOptions,
|
2014-04-21 18:04:52 +00:00
|
|
|
&reply.QueryMeta,
|
2017-04-21 00:46:29 +00:00
|
|
|
func(ws memdb.WatchSet, state *state.Store) error {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
index, checks, err := state.NodeChecks(ws, args.Node, &args.EnterpriseMeta, args.PeerName)
|
2015-10-12 07:42:09 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
reply.Index, reply.HealthChecks = index, checks
|
2019-04-16 16:00:15 +00:00
|
|
|
|
|
|
|
raw, err := filter.Execute(reply.HealthChecks)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
reply.HealthChecks = raw.(structs.HealthChecks)
|
2021-12-03 17:31:32 +00:00
|
|
|
|
|
|
|
// Note: we filter the results with ACLs *after* applying the user-supplied
|
|
|
|
// bexpr filter, to ensure QueryMeta.ResultsFilteredByACLs does not include
|
|
|
|
// results that would be filtered out even if the user did have permission.
|
|
|
|
if err := h.srv.filterACL(args.Token, reply); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-04-16 16:00:15 +00:00
|
|
|
return nil
|
2014-02-05 21:30:18 +00:00
|
|
|
})
|
2014-01-08 21:52:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ServiceChecks is used to get all the checks for a service
|
|
|
|
func (h *Health) ServiceChecks(args *structs.ServiceSpecificRequest,
|
2014-02-05 21:30:18 +00:00
|
|
|
reply *structs.IndexedHealthChecks) error {
|
2019-12-10 02:26:41 +00:00
|
|
|
|
2014-01-08 21:56:34 +00:00
|
|
|
// Reject if tag filtering is on
|
|
|
|
if args.TagFilter {
|
|
|
|
return fmt.Errorf("Tag filtering is not supported")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Potentially forward
|
2021-04-20 18:55:24 +00:00
|
|
|
if done, err := h.srv.ForwardRPC("Health.ServiceChecks", args, reply); done {
|
2014-01-08 21:52:09 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-04-16 16:00:15 +00:00
|
|
|
filter, err := bexpr.CreateFilter(args.Filter, nil, reply.HealthChecks)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
_, err = h.srv.ResolveTokenAndDefaultMeta(args.Token, &args.EnterpriseMeta, nil)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := h.srv.validateEnterpriseRequest(&args.EnterpriseMeta, false); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2017-01-24 07:37:21 +00:00
|
|
|
return h.srv.blockingQuery(
|
2015-10-12 07:42:09 +00:00
|
|
|
&args.QueryOptions,
|
2014-04-21 18:04:52 +00:00
|
|
|
&reply.QueryMeta,
|
2017-04-21 00:46:29 +00:00
|
|
|
func(ws memdb.WatchSet, state *state.Store) error {
|
2017-01-14 01:08:43 +00:00
|
|
|
var index uint64
|
|
|
|
var checks structs.HealthChecks
|
|
|
|
var err error
|
|
|
|
if len(args.NodeMetaFilters) > 0 {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
index, checks, err = state.ServiceChecksByNodeMeta(ws, args.ServiceName, args.NodeMetaFilters, &args.EnterpriseMeta, args.PeerName)
|
2017-01-14 01:08:43 +00:00
|
|
|
} else {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
index, checks, err = state.ServiceChecks(ws, args.ServiceName, &args.EnterpriseMeta, args.PeerName)
|
2017-01-14 01:08:43 +00:00
|
|
|
}
|
2015-10-12 07:42:09 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
reply.Index, reply.HealthChecks = index, checks
|
2019-04-16 16:00:15 +00:00
|
|
|
|
|
|
|
raw, err := filter.Execute(reply.HealthChecks)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
reply.HealthChecks = raw.(structs.HealthChecks)
|
|
|
|
|
2021-12-03 17:31:32 +00:00
|
|
|
// Note: we filter the results with ACLs *after* applying the user-supplied
|
|
|
|
// bexpr filter, to ensure QueryMeta.ResultsFilteredByACLs does not include
|
|
|
|
// results that would be filtered out even if the user did have permission.
|
|
|
|
if err := h.srv.filterACL(args.Token, reply); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2015-07-27 21:41:46 +00:00
|
|
|
return h.srv.sortNodesByDistanceFrom(args.Source, reply.HealthChecks)
|
2014-02-05 21:30:18 +00:00
|
|
|
})
|
2014-01-08 21:52:09 +00:00
|
|
|
}
|
2014-01-08 23:06:13 +00:00
|
|
|
|
|
|
|
// ServiceNodes returns all the nodes registered as part of a service including health info
|
2014-02-05 21:30:18 +00:00
|
|
|
func (h *Health) ServiceNodes(args *structs.ServiceSpecificRequest, reply *structs.IndexedCheckServiceNodes) error {
|
2021-04-20 18:55:24 +00:00
|
|
|
if done, err := h.srv.ForwardRPC("Health.ServiceNodes", args, reply); done {
|
2014-01-08 23:06:13 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Verify the arguments
|
|
|
|
if args.ServiceName == "" {
|
|
|
|
return fmt.Errorf("Must provide service name")
|
|
|
|
}
|
|
|
|
|
2018-03-09 17:32:22 +00:00
|
|
|
// Determine the function we'll call
|
2018-03-22 02:54:44 +00:00
|
|
|
var f func(memdb.WatchSet, *state.Store, *structs.ServiceSpecificRequest) (uint64, structs.CheckServiceNodes, error)
|
2018-03-09 17:32:22 +00:00
|
|
|
switch {
|
|
|
|
case args.Connect:
|
2018-03-22 02:54:44 +00:00
|
|
|
f = h.serviceNodesConnect
|
2018-03-09 17:32:22 +00:00
|
|
|
case args.TagFilter:
|
2018-03-22 02:54:44 +00:00
|
|
|
f = h.serviceNodesTagFilter
|
2020-04-16 21:00:48 +00:00
|
|
|
case args.Ingress:
|
|
|
|
f = h.serviceNodesIngress
|
2018-03-09 17:32:22 +00:00
|
|
|
default:
|
2018-03-22 02:54:44 +00:00
|
|
|
f = h.serviceNodesDefault
|
2018-03-09 17:32:22 +00:00
|
|
|
}
|
|
|
|
|
2023-05-09 21:36:29 +00:00
|
|
|
authzContext := acl.AuthorizerContext{
|
|
|
|
Peer: args.PeerName,
|
|
|
|
}
|
|
|
|
authz, err := h.srv.ResolveTokenAndDefaultMeta(args.Token, &args.EnterpriseMeta, &authzContext)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-18 18:46:53 +00:00
|
|
|
if err := h.srv.validateEnterpriseRequest(&args.EnterpriseMeta, false); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-04-16 16:00:15 +00:00
|
|
|
filter, err := bexpr.CreateFilter(args.Filter, nil, reply.Nodes)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-05-25 20:20:17 +00:00
|
|
|
var (
|
|
|
|
priorMergeHash uint64
|
|
|
|
ranMergeOnce bool
|
|
|
|
)
|
|
|
|
|
2019-04-16 16:00:15 +00:00
|
|
|
err = h.srv.blockingQuery(
|
2015-10-12 07:42:09 +00:00
|
|
|
&args.QueryOptions,
|
2014-04-21 18:04:52 +00:00
|
|
|
&reply.QueryMeta,
|
2017-04-21 00:46:29 +00:00
|
|
|
func(ws memdb.WatchSet, state *state.Store) error {
|
2022-04-27 15:39:45 +00:00
|
|
|
var thisReply structs.IndexedCheckServiceNodes
|
|
|
|
|
2018-03-22 02:54:44 +00:00
|
|
|
index, nodes, err := f(ws, state, args)
|
2015-10-12 07:42:09 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
2014-02-05 21:30:18 +00:00
|
|
|
}
|
2015-07-27 21:41:46 +00:00
|
|
|
|
2023-05-09 17:37:58 +00:00
|
|
|
// If we're doing a connect or ingress query, we need read access to the service
|
|
|
|
// we're trying to find proxies for, so check that.
|
|
|
|
if args.Connect || args.Ingress {
|
|
|
|
// TODO(acl-error-enhancements) Look for ways to percolate this information up to give any feedback to the user.
|
|
|
|
if authz.ServiceRead(args.ServiceName, &authzContext) != acl.Allow {
|
|
|
|
// Return the index here so that the agent cache does not infinitely loop.
|
|
|
|
reply.Index = index
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-05-25 20:20:17 +00:00
|
|
|
resolvedNodes := nodes
|
|
|
|
if args.MergeCentralConfig {
|
|
|
|
for _, node := range resolvedNodes {
|
|
|
|
ns := node.Service
|
|
|
|
if ns.IsSidecarProxy() || ns.IsGateway() {
|
2022-11-09 14:54:57 +00:00
|
|
|
cfgIndex, mergedns, err := configentry.MergeNodeServiceWithCentralConfig(ws, state, ns, h.logger)
|
2022-05-25 20:20:17 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if cfgIndex > index {
|
|
|
|
index = cfgIndex
|
|
|
|
}
|
|
|
|
*node.Service = *mergedns
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Generate a hash of the resolvedNodes driving this response.
|
|
|
|
// Use it to determine if the response is identical to a prior wakeup.
|
|
|
|
newMergeHash, err := hashstructure_v2.Hash(resolvedNodes, hashstructure_v2.FormatV2, nil)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("error hashing reply for spurious wakeup suppression: %w", err)
|
|
|
|
}
|
|
|
|
if ranMergeOnce && priorMergeHash == newMergeHash {
|
|
|
|
// the below assignment is not required as the if condition already validates equality,
|
|
|
|
// but makes it more clear that prior value is being reset to the new hash on each run.
|
|
|
|
priorMergeHash = newMergeHash
|
|
|
|
reply.Index = index
|
|
|
|
// NOTE: the prior response is still alive inside of *reply, which is desirable
|
|
|
|
return errNotChanged
|
|
|
|
} else {
|
|
|
|
priorMergeHash = newMergeHash
|
|
|
|
ranMergeOnce = true
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
thisReply.Index, thisReply.Nodes = index, resolvedNodes
|
2022-04-27 15:39:45 +00:00
|
|
|
|
2017-01-14 01:08:43 +00:00
|
|
|
if len(args.NodeMetaFilters) > 0 {
|
2022-04-27 15:39:45 +00:00
|
|
|
thisReply.Nodes = nodeMetaFilter(args.NodeMetaFilters, thisReply.Nodes)
|
2017-01-14 01:08:43 +00:00
|
|
|
}
|
2019-04-16 16:00:15 +00:00
|
|
|
|
2022-04-27 15:39:45 +00:00
|
|
|
raw, err := filter.Execute(thisReply.Nodes)
|
2019-04-16 16:00:15 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-04-27 15:39:45 +00:00
|
|
|
thisReply.Nodes = raw.(structs.CheckServiceNodes)
|
2019-04-16 16:00:15 +00:00
|
|
|
|
2021-12-03 17:31:32 +00:00
|
|
|
// Note: we filter the results with ACLs *after* applying the user-supplied
|
|
|
|
// bexpr filter, to ensure QueryMeta.ResultsFilteredByACLs does not include
|
|
|
|
// results that would be filtered out even if the user did have permission.
|
2022-04-27 15:39:45 +00:00
|
|
|
if err := h.srv.filterACL(args.Token, &thisReply); err != nil {
|
2021-12-03 17:31:32 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-04-27 15:39:45 +00:00
|
|
|
if err := h.srv.sortNodesByDistanceFrom(args.Source, thisReply.Nodes); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
*reply = thisReply
|
|
|
|
return nil
|
2014-02-05 21:30:18 +00:00
|
|
|
})
|
2014-04-04 21:55:44 +00:00
|
|
|
|
|
|
|
// Provide some metrics
|
|
|
|
if err == nil {
|
2018-03-09 17:32:22 +00:00
|
|
|
// For metrics, we separate Connect-based lookups from non-Connect
|
|
|
|
key := "service"
|
|
|
|
if args.Connect {
|
|
|
|
key = "connect"
|
|
|
|
}
|
2020-04-16 21:00:48 +00:00
|
|
|
if args.Ingress {
|
|
|
|
key = "ingress"
|
|
|
|
}
|
2018-03-09 17:32:22 +00:00
|
|
|
|
|
|
|
metrics.IncrCounterWithLabels([]string{"health", key, "query"}, 1,
|
2017-10-04 23:43:27 +00:00
|
|
|
[]metrics.Label{{Name: "service", Value: args.ServiceName}})
|
2019-01-07 21:30:47 +00:00
|
|
|
// DEPRECATED (singular-service-tag) - remove this when backwards RPC compat
|
|
|
|
// with 1.2.x is not required.
|
2014-04-04 21:55:44 +00:00
|
|
|
if args.ServiceTag != "" {
|
2018-03-09 17:32:22 +00:00
|
|
|
metrics.IncrCounterWithLabels([]string{"health", key, "query-tag"}, 1,
|
2017-10-04 23:43:27 +00:00
|
|
|
[]metrics.Label{{Name: "service", Value: args.ServiceName}, {Name: "tag", Value: args.ServiceTag}})
|
2014-04-04 21:55:44 +00:00
|
|
|
}
|
2018-10-11 11:50:05 +00:00
|
|
|
if len(args.ServiceTags) > 0 {
|
2018-10-19 16:04:07 +00:00
|
|
|
// Sort tags so that the metric is the same even if the request
|
|
|
|
// tags are in a different order
|
|
|
|
sort.Strings(args.ServiceTags)
|
|
|
|
|
2018-10-11 11:50:05 +00:00
|
|
|
labels := []metrics.Label{{Name: "service", Value: args.ServiceName}}
|
|
|
|
for _, tag := range args.ServiceTags {
|
|
|
|
labels = append(labels, metrics.Label{Name: "tag", Value: tag})
|
|
|
|
}
|
|
|
|
metrics.IncrCounterWithLabels([]string{"health", key, "query-tags"}, 1, labels)
|
|
|
|
}
|
2014-04-04 21:55:44 +00:00
|
|
|
if len(reply.Nodes) == 0 {
|
2018-03-09 17:32:22 +00:00
|
|
|
metrics.IncrCounterWithLabels([]string{"health", key, "not-found"}, 1,
|
2017-10-04 23:43:27 +00:00
|
|
|
[]metrics.Label{{Name: "service", Value: args.ServiceName}})
|
2014-04-04 21:55:44 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return err
|
2014-01-08 23:06:13 +00:00
|
|
|
}
|
2018-03-22 02:54:44 +00:00
|
|
|
|
|
|
|
// The serviceNodes* functions below are the various lookup methods that
|
|
|
|
// can be used by the ServiceNodes endpoint.
|
|
|
|
|
|
|
|
func (h *Health) serviceNodesConnect(ws memdb.WatchSet, s *state.Store, args *structs.ServiceSpecificRequest) (uint64, structs.CheckServiceNodes, error) {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
return s.CheckConnectServiceNodes(ws, args.ServiceName, &args.EnterpriseMeta, args.PeerName)
|
2018-03-22 02:54:44 +00:00
|
|
|
}
|
|
|
|
|
2020-04-16 21:00:48 +00:00
|
|
|
func (h *Health) serviceNodesIngress(ws memdb.WatchSet, s *state.Store, args *structs.ServiceSpecificRequest) (uint64, structs.CheckServiceNodes, error) {
|
|
|
|
return s.CheckIngressServiceNodes(ws, args.ServiceName, &args.EnterpriseMeta)
|
|
|
|
}
|
|
|
|
|
2018-03-22 02:54:44 +00:00
|
|
|
func (h *Health) serviceNodesTagFilter(ws memdb.WatchSet, s *state.Store, args *structs.ServiceSpecificRequest) (uint64, structs.CheckServiceNodes, error) {
|
2019-01-07 21:30:47 +00:00
|
|
|
// DEPRECATED (singular-service-tag) - remove this when backwards RPC compat
|
|
|
|
// with 1.2.x is not required.
|
|
|
|
// Agents < v1.3.0 populate the ServiceTag field. In this case,
|
2018-10-11 11:50:05 +00:00
|
|
|
// use ServiceTag instead of the ServiceTags field.
|
|
|
|
if args.ServiceTag != "" {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
return s.CheckServiceTagNodes(ws, args.ServiceName, []string{args.ServiceTag}, &args.EnterpriseMeta, args.PeerName)
|
2018-10-11 11:50:05 +00:00
|
|
|
}
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
return s.CheckServiceTagNodes(ws, args.ServiceName, args.ServiceTags, &args.EnterpriseMeta, args.PeerName)
|
2018-03-22 02:54:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h *Health) serviceNodesDefault(ws memdb.WatchSet, s *state.Store, args *structs.ServiceSpecificRequest) (uint64, structs.CheckServiceNodes, error) {
|
peering: initial sync (#12842)
- Add endpoints related to peering: read, list, generate token, initiate peering
- Update node/service/check table indexing to account for peers
- Foundational changes for pushing service updates to a peer
- Plumb peer name through Health.ServiceNodes path
see: ENT-1765, ENT-1280, ENT-1283, ENT-1283, ENT-1756, ENT-1739, ENT-1750, ENT-1679,
ENT-1709, ENT-1704, ENT-1690, ENT-1689, ENT-1702, ENT-1701, ENT-1683, ENT-1663,
ENT-1650, ENT-1678, ENT-1628, ENT-1658, ENT-1640, ENT-1637, ENT-1597, ENT-1634,
ENT-1613, ENT-1616, ENT-1617, ENT-1591, ENT-1588, ENT-1596, ENT-1572, ENT-1555
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Evan Culver <eculver@hashicorp.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2022-04-21 22:34:40 +00:00
|
|
|
return s.CheckServiceNodes(ws, args.ServiceName, &args.EnterpriseMeta, args.PeerName)
|
2018-03-22 02:54:44 +00:00
|
|
|
}
|