1ff496d6dd
consul: break acl filtering into a separate struct
2015-06-11 12:08:21 -07:00
404d4d653c
consul: testing health endpoint service acl filtering
2015-06-11 09:39:35 -07:00
1e2751511d
consul: testing catalog endpoint acl filtering
2015-06-10 22:14:58 -07:00
c8629de127
consul: begin testing discovery ACLs
2015-06-10 19:25:58 -07:00
4f9161f485
consul: use anonymous function for acl filtering
2015-06-10 18:43:48 -07:00
b115047919
consul: filter internal endpoints for acls
2015-06-10 18:40:40 -07:00
4f3e661b8c
acl: initial pass at service discovery acls
2015-06-10 18:40:09 -07:00
7b8aae37cb
Bumps protocol version to 3 to get serf version 5.
2015-06-02 17:50:35 -07:00
bdc5983463
Condense switch fallthroughs into expr lists
2015-05-26 21:30:14 -04:00
f91069f9d5
consul: adding StopWatch test
2015-05-14 18:32:19 -07:00
2c9592c5ee
consul: lower default query time and add small stagger
2015-05-14 17:59:43 -07:00
e5c8fce96a
consul: adding randomStagger util method
2015-05-14 17:59:11 -07:00
23a1df1548
consul: proactively clear timers
2015-05-14 17:42:47 -07:00
2bc43844bc
consul: ensure blocking query cleans any lingering state
2015-05-14 17:38:42 -07:00
6f433c9ad8
consul: Adding methods to stop watching for changes
2015-05-14 17:33:02 -07:00
abbf4456f2
consul: adding Clear to NotifyGroup
2015-05-14 17:30:30 -07:00
430100a0c8
Merge pull request #927 from hashicorp/f-tls
...
Add new `verify_server_hostname` to mitigate possibility of MITM
2015-05-11 18:15:16 -07:00
f797130228
Fixing merge conflict
2015-05-11 16:48:10 -07:00
9642384429
consul: support the new TLS wrapper
2015-05-11 15:15:36 -07:00
3bf337a6ac
consul: thread the target DC through the RPC path
2015-05-11 13:09:19 -07:00
a1de4b17c2
consul: use tlsutil.Wrapper instead of tls.Config directly
2015-05-11 13:09:19 -07:00
2ca41b15df
consul: updating for Raft API changes
2015-05-08 11:35:52 -07:00
2d2fc71e0d
consul: more telemetry on RPCs and queries
2015-05-07 17:25:12 -07:00
e474e34528
Merge pull request #909 from hashicorp/f-create
...
Support ACL upsert behavior
2015-05-06 11:22:11 -07:00
9b9c737a82
consul: Adding flag to support future incompatible commands. Future self will thank me.
2015-05-05 19:44:21 -07:00
f86e7d13d5
consul: ACL.Apply allows upserting with custom ID
2015-05-05 19:19:45 -07:00
cbc29d1cde
consul: fixing overly redundant logging
2015-05-05 13:00:47 -07:00
efaed93b91
Merge pull request #816 from pepov/master
...
Support different advertise address for WAN gossip
2015-05-04 15:40:25 -07:00
2bd5bf04bd
Remove 'unknown' as one of the valid states when setting the initial state of a check.
2015-04-13 20:46:01 +00:00
370853d7ff
Allow specifying a status field in the agent/service/register and agent/check/register endpoints.
...
This status must be one of the valid check statuses: 'passing', 'warning', 'critical', 'unknown'.
If the status field is not present or the empty string, the default of 'critical' is used.
2015-04-12 02:00:31 +00:00
8ebee678cc
Merge pull request #857 from hashicorp/f-boltdb
...
Raft uses BoltDB
2015-04-10 18:30:07 -07:00
32f3d17931
consul: do not clear connection cache on RPC errors
2015-04-07 14:17:20 -07:00
8abcf3d541
add test using separate advertise addresses for wan and for lan
2015-03-28 16:08:19 +01:00
c00c4ebaaa
Support SesionTTLMin configuration
...
- Allow setting SessionTTLMin
- Validate on the Server
2015-03-27 05:13:57 -07:00
41aa5aeb09
consul: swap over to raft-boltdb
2015-03-26 20:01:52 -07:00
275d99e1dc
consul: allow returning custom error for merge delegate
2015-02-22 18:24:10 -08:00
53afd77e2d
s/data center/datacenter/g
2015-02-19 17:45:47 -05:00
f3fd072418
Revert "* use defer to avoid tracking lock"
...
This reverts commit a030abdefc54470394a2a44008e02f3b3d0510ec.
This commit causes a connection to be leaked if there is a race with
another concurrent RPC.
2015-02-16 14:04:47 -08:00
70a6cdac6d
consul: clean up TempDirs in FSM tests
2015-01-26 08:34:23 +01:00
7e27d923be
Merge pull request #621 from hashicorp/f-leave
...
Changing interaction between Leave and RemovePeers
2015-01-21 16:28:19 -08:00
27de0adf3b
agent: support multiple checks per service
2015-01-20 21:48:42 -08:00
280a1c9c12
consul: Testing leave as leader and non-leader
2015-01-20 16:30:56 -08:00
a695909a85
consul: Wait for RemovePeer in Leave as a follower
2015-01-20 16:19:54 -08:00
aec0dedd01
consul: remove ourself from raft peer set if we are the leader
2015-01-20 16:19:29 -08:00
ea7a0134c8
consul: Do not remove ourself as raft peer in Serf event handler
2015-01-20 16:13:54 -08:00
133cf457a3
consul: Use new LogCache to improve write throughput
2015-01-14 15:49:58 -08:00
1956c07034
consul: Fixing potential issue with blocking queries for {Session,ACL}.Get
2015-01-13 12:02:30 -08:00
9a43063778
consul: Fixing blocking query returning old result
2015-01-13 11:51:24 -08:00
f3fad2180c
consul: fix server left test
2015-01-09 19:10:17 -08:00
084643abee
consul: improve test reliability for session ttls
2015-01-09 17:18:11 -08:00
2408aa741d
consul: Testing KVSDeleteCAS in FSM
2015-01-08 17:26:12 -08:00
e735c881a0
consul: Test the KVSDeleteCheckAndSet method
2015-01-08 17:24:36 -08:00
d680696afe
consul: Expose the KVSDeleteCAS operation in FSM
2015-01-08 17:08:44 -08:00
781aeb84d5
consul: Implement KVSDeleteCheckAndSet
2015-01-08 17:08:32 -08:00
fbc77b7501
consul: Adding KVSDeleteCAS operation type
2015-01-08 17:08:17 -08:00
2cd89e60ed
consul: Do not override the node address
2015-01-08 10:57:15 -08:00
957fa1f5ec
consul: Fixing merge conflict
2015-01-08 10:42:19 -08:00
2c9dac682a
consul: Remove cruft from KV watching
2015-01-07 18:10:18 -08:00
5b972294f8
consul: Enforce lock-delay with delete behavior
2015-01-07 15:48:27 -08:00
5fe18b5093
Ignore vim swap files
2015-01-07 15:21:01 -08:00
7ecd015fc0
command: check LastIndex is not zero while waiting for leader
2015-01-07 15:18:00 -08:00
a66a765ca9
consul: Adding merge delegate to prevent mixing clusters
2015-01-06 15:48:46 -08:00
e971e8f456
consul: Test WatchKV
2015-01-05 17:08:01 -08:00
b61043de5d
consul: Adding test for KVS.List blocking query
2015-01-05 16:57:48 -08:00
48d97879c8
consul: Remove dead code
2015-01-05 16:42:30 -08:00
0ea4f3d846
consul: Optimize KV watching
2015-01-05 16:41:57 -08:00
7a63f822a3
consul: First pass to reduce KV watch cost
2015-01-05 16:18:27 -08:00
8eaee53661
consul: Adding more useful metrics
2015-01-05 15:13:39 -08:00
5ad16ca00f
consul: Fixing the KVS tests
2015-01-05 15:06:53 -08:00
200b348f69
consul: Disable tombstones as follower
2015-01-05 14:58:59 -08:00
4f6f5ae6f0
consul: Improve log message
2015-01-05 14:43:56 -08:00
bf40a2ac1f
consul: Reverting some index compute logic
2015-01-05 14:43:56 -08:00
7a4b532564
consul: List Keys should handle tombstones
2015-01-05 14:43:56 -08:00
b70dac1a62
consul: Ensure KVS List handles tombstones
2015-01-05 14:43:56 -08:00
a350ec9379
consul: Mesure time for reapTombstones
2015-01-05 14:43:56 -08:00
e2bfaa11a2
consul: Testing leader issue of reap command
2015-01-05 14:43:56 -08:00
b1fefa6d90
consul: Test FSM Reap operations
2015-01-05 14:43:56 -08:00
7736e701ca
consul: Test FSM restore of tombstones
2015-01-05 14:43:56 -08:00
91f8ff41eb
consul: Testing tombstone snapshot
2015-01-05 14:43:55 -08:00
41886c6af5
consul: Testing tombstone reaping
2015-01-05 14:43:55 -08:00
bba573dfbc
consul: Test tombstone creation
2015-01-05 14:43:55 -08:00
f9d322f346
consul: Persist tombstones
2015-01-05 14:43:55 -08:00
9152fae109
consul: First pass at tombstone reaping
2015-01-05 14:43:55 -08:00
0c9cbdb3d1
consul: TombstoneReapRequestType -> TombstoneRequestType
2015-01-05 14:43:55 -08:00
8681d913ba
consul: Generate a raft operation to reap tombstones
2015-01-05 14:43:55 -08:00
02e984e4c4
consul: Adding new request to reap tombstones
2015-01-05 14:43:55 -08:00
9f30ffbf9a
consul: Leader should reset the tombstone GC clock
2015-01-05 14:43:55 -08:00
fb8f7fd929
consul: Adding PendingExpiration
2015-01-05 14:43:55 -08:00
71c2c1468d
consul: Thread Tombstone GC through
2015-01-05 14:43:55 -08:00
ae69cbca7b
consul: Fixing accidental commit of transaction
2015-01-05 14:43:54 -08:00
4da4e322a3
consul: Fixing tombstone creation and hinting of GC
2015-01-05 14:43:54 -08:00
1a9431847b
consul: Adding GetTxnLimit to MDBTable
2015-01-05 14:43:54 -08:00
2724061351
consul: Support reset of tombstone GC
2015-01-05 14:43:54 -08:00
4430f4592d
consul: Adding TombstoneGC to track TTLs
2015-01-05 14:43:54 -08:00
3e2bd0db2c
consul: Rename TombstoneGC to TombstoneTTL
2015-01-05 14:43:54 -08:00
68caf9046c
consul: Create tombstones before key deletes
2015-01-05 14:43:54 -08:00
d5369098ba
consul: Adding TombstoneGC config
2015-01-05 14:43:54 -08:00
e56b3861dc
advertise specific address for a service
...
Enable setting a specific address in a service definition for advertise. If no specific address is given it will fallback to the node address and reassemble the old behaviour.
2015-01-02 21:10:05 +00:00
6b9ace19cf
consul: Collect useful session metrics
2015-01-02 22:46:51 +05:30
d8c65aabee
consul: Minor cleanup
2014-12-12 22:17:41 -08:00
c0d3798154
consul: Test Session.Apply updates session timers
2014-12-12 21:54:29 -08:00
4d0903f781
consul: Adding more tests for session TTLs
2014-12-12 21:42:59 -08:00
5b6ce2ca4a
consul: Setup ACLs and timers after initial barrier
2014-12-12 21:42:24 -08:00
f25566931f
consul: Make sessionTimersLock a plain mutex
2014-12-12 19:17:35 -08:00
9b897d1134
consul: Ignore zero ttl on session
2014-12-12 19:17:04 -08:00
990ad02f83
consul: Minor cleanups
2014-12-12 15:43:34 -08:00
8dbfe7c9a8
Merge pull request #524 from amalaviy/session_ttl
...
Consul Session TTLs
2014-12-12 14:42:25 -08:00
073020f6be
Add invalidateSession test
2014-12-11 06:09:53 -05:00
5a76929ba4
Fixed clearSessionTimer, created invalidateSession, added invalid TTL test
2014-12-11 05:34:31 -05:00
7ece29c3e0
Took out usage of snapshot SessionListTTL
2014-12-10 21:37:06 -05:00
2de09dc2e7
Took out StateSnapshot SessionListTTL also
2014-12-10 20:53:05 -05:00
8369b77204
Clean up code based on feedback from armon
2014-12-10 20:49:06 -05:00
a1afc07f54
Added more tests
2014-12-10 16:43:15 -05:00
c992c18ef0
Added more tests. Also added return of 404 if the session id to renew is not found
2014-12-10 10:02:23 -05:00
b623af776b
Consul Session TTLs
...
The design of the session TTLs is based on the Google Chubby approach
(http://research.google.com/archive/chubby-osdi06.pdf ). The Session
struct has an additional TTL field now. This attaches an implicit
heartbeat based failure detector. Tracking of heartbeats is done by
the current leader and not persisted via the Raft log. The implication
of this is during a leader failover, we do not retain the last
heartbeat times.
Similar to Chubby, the TTL represents a lower-bound. Consul promises
not to terminate a session before the TTL has expired, but is allowed
to extend the expiration past it. This enables us to reset the TTL on
a leader failover. The TTL is also extended when the client does a
heartbeat. Like Chubby, this means a TTL is extended on creation,
heartbeat or failover.
Additionally, because we must account for time requests are in transit
and the relative rates of clocks on the clients and servers, Consul
will take the conservative approach of internally multiplying the TTL
by 2x. This helps to compensate for network latency and clock skew
without violating the contract.
Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-12-07 12:38:22 -05:00
a542df954f
cleanup and simplify
2014-12-06 13:08:35 +01:00
40979b1159
* use defer to avoid tracking lock
...
* simplify control flow
2014-12-06 12:32:18 +01:00
5f4281f98f
consul: Server leave test fix
2014-12-05 11:22:54 -08:00
c6b3cae106
consul: Fix failing globalRPC test
2014-12-05 10:36:37 -08:00
850d5bdc32
typofixes - https://github.com/vlajos/misspell_fixer
2014-12-04 23:25:06 +00:00
402d580863
consul: Check that ACL also allows registration
2014-11-30 21:10:42 -07:00
d74f79b3fa
consul: Enforce service registration ACLs
2014-11-30 21:05:15 -07:00
818fc22c9f
* Fix race condition on read/write of shutdown bool variable of server and connection pool.
...
* In connection pool, there is no guarantee that .reap() cannot execute the same time as .Shutdown() is called. It also did not benefit to eval shutdown when a select is run on the shutdown channel.
* In server, same principle applies to handleConsulConn. Since we also have a shutdown channel, it makes more to use this than to loop on a bool variable.
2014-11-26 10:39:25 +01:00
73504a01e9
cleanup unreachable code
2014-11-25 19:54:30 +01:00
d7e09d57ba
Set empty Behavior setting into SessionKeysRelease and flag error for unrecognized values
2014-11-20 19:16:07 -05:00
3aabda02b3
Clean up tests, use switch to default session.Behavior value if unspecified, unrecognized
2014-11-20 14:29:18 -05:00
aa0cecd04e
Ephemeral Nodes for via Session behavior settings.
...
Added a "delete" behavior for session invalidation, in addition to
the default "release" behavior. On session invalidation, the sessions
Behavior field is checked and if it is set to "delete", all nodes owned
by the session are deleted. If it is "release", then just the locks
are released as default.
2014-11-20 11:34:45 -05:00
4cd89a9113
Rebase against upstream
2014-11-19 16:45:49 -08:00
3b2ab70c4d
consul: clean up comments, fix globalRPC tests
2014-11-19 16:37:40 -08:00
4a8249db00
consul: fix obscure bug when launching goroutines from for loop
2014-11-19 16:37:40 -08:00
2661bbfa27
consul: more tests, remove unused KeyManager() method
2014-11-19 16:37:40 -08:00
fcacee723b
consul: simplify keyring operations
2014-11-19 16:36:19 -08:00
66ad81ef13
consul: add test for internal keyring rpc endpoint
2014-11-19 16:36:19 -08:00
344b63b9db
consul: simplify keyring operations
2014-11-19 16:36:19 -08:00
b3f251de9c
command/keyring: clean up tests
2014-11-19 16:36:18 -08:00
d02afd42fb
agent: -encrypt appends to keyring if one exists
2014-11-19 16:36:01 -08:00
295f876923
command/agent: fix up gossip encryption indicator
2014-11-19 16:35:37 -08:00
7f85c708dc
agent: squash some more common keyring semantics
2014-11-19 16:34:18 -08:00
4e8f53fa5d
consul: detach executeKeyringOp() from *Internal
2014-11-19 16:34:18 -08:00
db0084ccd0
consul: use keyring operation type to cut out duplicated logic
2014-11-19 16:34:18 -08:00
057c22db10
consul: generalize multi-DC RPC call broadcasts
2014-11-19 16:34:18 -08:00
001a579d47
command/keyring: cleanup
2014-11-19 16:34:18 -08:00
cb795199d1
consul: test rpc errors returned from remote datacenters
2014-11-19 16:34:18 -08:00
a1943afddc
consul: make forwarding to multiple datacenters parallel
2014-11-19 16:34:18 -08:00
d7edc1c51c
consul: break rpc forwarding and response ingestion out of internal endpoints
2014-11-19 16:34:18 -08:00
1ec111bbfc
consul: kill unused struct fields
2014-11-19 16:34:17 -08:00
f6b5fc8c08
consul: cross-dc key rotation works
2014-11-19 16:34:17 -08:00
f9b5b15a6b
consul: use a function for ingesting responses
2014-11-19 16:34:17 -08:00
71e9715c54
consul: restructuring
2014-11-19 16:34:17 -08:00
a551a6e4a0
consul: refactor keyring, repeat RPC calls to all DC's
2014-11-19 16:34:17 -08:00
Ryan Uber