Preetha
8dacb12c79
Merge pull request #3881 from pierresouchay/service_metadata
...
Feature Request: Support key-value attributes for services
2018-03-27 16:33:57 -05:00
Preetha
f91db69d6e
Merge pull request #3984 from hashicorp/f-allow-federation-disable
...
Allows disabling WAN federation by setting serf WAN port to -1
2018-03-27 16:05:53 -05:00
Pierre Souchay
b9ae4e647f
Added validation of ServiceMeta in Catalog
...
Fixed Error Message when ServiceMeta is not valid
Added Unit test for adding a Service with badly formatted ServiceMeta
2018-03-27 22:22:42 +02:00
Preetha Appan
17a011b9bd
fix typo and remove comment
2018-03-27 14:28:05 -05:00
Preetha Appan
6d16afc65c
Remove unnecessary nil checks
2018-03-27 10:59:42 -05:00
Preetha Appan
c21c2da690
Fix test and remove unused method
2018-03-27 09:44:41 -05:00
Preetha Appan
512f9a50fc
Allows disabling WAN federation by setting serf WAN port to -1
2018-03-26 14:21:06 -05:00
Guido Iaquinti
244fc72b05
Add package name to log output
2018-03-21 15:56:14 +00:00
Josh Soref
1dd8c378b9
Spelling ( #3958 )
...
* spelling: another
* spelling: autopilot
* spelling: beginning
* spelling: circonus
* spelling: default
* spelling: definition
* spelling: distance
* spelling: encountered
* spelling: enterprise
* spelling: expands
* spelling: exits
* spelling: formatting
* spelling: health
* spelling: hierarchy
* spelling: imposed
* spelling: independence
* spelling: inspect
* spelling: last
* spelling: latest
* spelling: client
* spelling: message
* spelling: minimum
* spelling: notify
* spelling: nonexistent
* spelling: operator
* spelling: payload
* spelling: preceded
* spelling: prepared
* spelling: programmatically
* spelling: required
* spelling: reconcile
* spelling: responses
* spelling: request
* spelling: response
* spelling: results
* spelling: retrieve
* spelling: service
* spelling: significantly
* spelling: specifies
* spelling: supported
* spelling: synchronization
* spelling: synchronous
* spelling: themselves
* spelling: unexpected
* spelling: validations
* spelling: value
2018-03-19 16:56:00 +00:00
Paul Banks
e2673c76d6
Merge pull request #3962 from canterberry/upgrade/tls-cipher-suites
...
🔒 Update supported TLS cipher suites
2018-03-19 16:44:33 +00:00
Preetha Appan
84bd6dc5d1
cleanup unit test code a bit
2018-03-16 09:36:57 -05:00
Preetha
164fb3f48c
Merge pull request #3885 from eddsteel/support-options-requests
...
Support OPTIONS requests
2018-03-16 09:20:16 -05:00
Devin Canterberry
8a5df6ecc3
🎨 Formatting changes only; convert leading space to tabs
2018-03-15 10:30:38 -07:00
Devin Canterberry
2001b9f35f
✅ Match expectation of TLSCipherSuites to values of tls_cipher_suites
2018-03-15 10:19:46 -07:00
Devin Canterberry
881d20c606
🐛 Formatting changes only; add missing trailing commas
2018-03-15 10:19:46 -07:00
Devin Canterberry
ece32fce53
🔒 Update supported TLS cipher suites
...
The list of cipher suites included in this commit are consistent with
the values and precedence in the [Golang TLS documentation](https://golang.org/src/crypto/tls/cipher_suites.go ).
> **Note:** Cipher suites with RC4 are still included within the list
> of accepted values for compatibility, but **these cipher suites are
> not safe to use** and should be deprecated with warnings and
> subsequently removed. Support for RC4 ciphers has already been
> removed or disabled by default in many prominent browsers and tools,
> including Golang.
>
> **References:**
>
> * [RC4 on Wikipedia](https://en.wikipedia.org/wiki/RC4 )
> * [Mozilla Security Blog](https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/ )
2018-03-15 10:19:46 -07:00
Preetha
401215230c
Merge pull request #3940 from pierresouchay/dns_max_size
...
Allow to control the number of A/AAAA Record returned by DNS
2018-03-09 07:35:32 -06:00
Pierre Souchay
241c7e5f5f
Cleaner Unit tests from suggestions from @preetapan
2018-03-07 18:24:41 +01:00
Mitchell Hashimoto
fbac58280e
agent/consul/fsm: begin using testify/assert
2018-03-06 09:48:15 -08:00
Pierre Souchay
09970479b5
Allow to control the number of A/AAAA Record returned by DNS
...
This allows to have randomized resource records (i.e. each
answer contains only one IP, but the IP changes every request) for
A, AAAA records.
It will fix https://github.com/hashicorp/consul/issues/3355 and
https://github.com/hashicorp/consul/issues/3937
See https://github.com/hashicorp/consul/issues/3937#issuecomment-370610509
for details.
It basically add a new option called `a_record_limit` and will not
return more than a_record_limit when performing A, AAAA or ANY DNS
requests.
The existing `udp_answer_limit` option is still working but should
be considered as deprecated since it works only with DNS clients
not supporting EDNS.
2018-03-06 02:07:42 +01:00
Edd Steel
413cb3d3b5
Re-use defined endpoints for tests
2018-03-03 11:19:18 -08:00
Paul Banks
628dcc9793
Merge pull request #3899 from pierresouchay/fix_blocking_queries_index
...
Services Indexes modified per service instead of using a global Index
2018-03-02 16:24:43 +00:00
Pierre Souchay
85b73f8163
Simplified error handling for maxIndexForService
...
* added unit tests to ensure service index is properly garbage collected
* added Upgrade from Version 1.0.6 to higher section in documentation
2018-03-01 14:09:36 +01:00
Paul Banks
f7ecbce39a
Fix test running in non-bash shells
2018-02-22 14:06:06 +00:00
Paul Banks
0ee77a5e02
Merge pull request #3900 from hashicorp/fix-monitor-sigint-3891
...
Fixes #3891 : agent monitor no longer unresponsive before logs stream.
2018-02-21 21:28:33 +00:00
Preetha Appan
77d35f1829
Remove extra newline
2018-02-21 13:21:47 -06:00
Preetha Appan
573500dc51
Unit test that calls revokeLeadership twice to make sure its idempotent
2018-02-21 12:48:53 -06:00
Preetha Appan
bd270b02ba
Make sure revokeLeadership is called if establishLeadership errors
2018-02-21 12:33:22 -06:00
Alex Dadgar
535842004c
Test autopilots start/stop idempotency
2018-02-21 10:19:30 -08:00
Alex Dadgar
4d99696f02
Improve autopilot shutdown to be idempotent
2018-02-20 15:51:59 -08:00
Pierre Souchay
e6d85cb36a
Fixed comments for function maxIndexForService
2018-02-20 23:57:28 +01:00
Pierre Souchay
b26ea3c230
[Revert] Only update services if tags are different
...
This patch did give some better results, but break watches on
the services of a node.
It is possible to apply the same optimization for nodes than
to services (one index per instance), but it would complicate
further the patch.
Let's do it in another PR.
2018-02-20 23:34:42 +01:00
Pierre Souchay
903e866835
Only update services if tags are different
2018-02-20 23:08:04 +01:00
Pierre Souchay
56d5c0bf22
Enable Raft index optimization per service name on health endpoint
...
Had to fix unit test in order to check properly indexes.
2018-02-20 01:35:50 +01:00
Paul Banks
69ebbf3e79
Fixes #3891 : agent monitor no longer unresponsive before logs stream.
...
The root cause is actually that the agent's streaming HTTP API didn't flush until the first log line was found which commonly was pretty soon since the default level is INFO. In cases where there were no logs immediately due to level for instance, the client gets stuck in the HTTP code waiting on a response packet from the server before we enter the loop that checks the shutdown channel from the signal handler.
This fix flushes the initial status immediately on the streaming endpoint which lets the client code get into it's expected state where it's listening for shutdown or log lines.
2018-02-19 21:53:10 +00:00
Pierre Souchay
ec1b278595
Get only first service to test whether we have to cleanup index of a service
2018-02-19 22:44:49 +01:00
Pierre Souchay
523feb0be4
Fixed comment about raftIndex + use test.Helper()
2018-02-19 19:30:25 +01:00
Pierre Souchay
4c188c1d08
Services Indexes modified per service instead of using a global Index
...
This patch improves the watches for services on large cluster:
each service has now its own index, such watches on a specific service
are not modified by changes in the global catalog.
It should improve a lot the performance of tools such as consul-template
or libraries performing watches on very large clusters with many
services/watches.
2018-02-19 18:29:22 +01:00
Edd Steel
35c2083422
Clarify comments
2018-02-17 17:46:11 -08:00
Edd Steel
61be181f6f
Test every endpoint for OPTIONS/MethodNotFound
2018-02-17 17:34:13 -08:00
Edd Steel
6c33163959
Allow endpoints to handle OPTIONS/MethodNotFound themselves
2018-02-17 17:34:03 -08:00
Edd Steel
4dc9d2ebd7
Initialise `allowedMethods` in init()
2018-02-17 17:31:24 -08:00
Kyle Havlovitz
ea452c6032
Fix the coordinate update endpoint not passing the ACL token
2018-02-15 11:58:02 -08:00
Edd Steel
40eefc9f7d
Support OPTIONS requests
...
- register endpoints with supported methods
- support OPTIONS requests, indicating supported methods
- extract method validation (error 405) from individual endpoints
- on 405 where multiple methods are allowed, create a single Allow
header with comma-separated values, not multiple Allow headers.
2018-02-12 10:15:31 -08:00
Andrei Burd
dbb010c865
adding human readability for dns requests debug log ( #3751 )
2018-02-11 09:02:28 -06:00
Pierre Souchay
824b72cf90
Merge remote-tracking branch 'origin/master' into service_metadata
2018-02-11 13:20:49 +01:00
Pierre Souchay
e99bf584c9
Fixed TestSanitize unit test
2018-02-11 12:11:11 +01:00
James Phillips
37cf6583db
Fixes a panic on TCP-based DNS lookups.
...
This came in via the monkey patch in #3861 .
Fixes #3877
2018-02-08 17:57:41 -08:00
Pierre Souchay
f2df4005fe
Added unit tests for structs and fixed PartialClone()
2018-02-09 01:37:45 +01:00
James Phillips
4f3b4d0e55
Addresses additional state mutations.
...
Did a sweep of 84d6ac2d51
and checked them all.
2018-02-07 07:02:10 -08:00