d5369098ba
consul: Adding TombstoneGC config
2015-01-05 14:43:54 -08:00
e56b3861dc
advertise specific address for a service
...
Enable setting a specific address in a service definition for advertise. If no specific address is given it will fallback to the node address and reassemble the old behaviour.
2015-01-02 21:10:05 +00:00
6b9ace19cf
consul: Collect useful session metrics
2015-01-02 22:46:51 +05:30
d8c65aabee
consul: Minor cleanup
2014-12-12 22:17:41 -08:00
c0d3798154
consul: Test Session.Apply updates session timers
2014-12-12 21:54:29 -08:00
4d0903f781
consul: Adding more tests for session TTLs
2014-12-12 21:42:59 -08:00
5b6ce2ca4a
consul: Setup ACLs and timers after initial barrier
2014-12-12 21:42:24 -08:00
f25566931f
consul: Make sessionTimersLock a plain mutex
2014-12-12 19:17:35 -08:00
9b897d1134
consul: Ignore zero ttl on session
2014-12-12 19:17:04 -08:00
990ad02f83
consul: Minor cleanups
2014-12-12 15:43:34 -08:00
8dbfe7c9a8
Merge pull request #524 from amalaviy/session_ttl
...
Consul Session TTLs
2014-12-12 14:42:25 -08:00
073020f6be
Add invalidateSession test
2014-12-11 06:09:53 -05:00
5a76929ba4
Fixed clearSessionTimer, created invalidateSession, added invalid TTL test
2014-12-11 05:34:31 -05:00
7ece29c3e0
Took out usage of snapshot SessionListTTL
2014-12-10 21:37:06 -05:00
2de09dc2e7
Took out StateSnapshot SessionListTTL also
2014-12-10 20:53:05 -05:00
8369b77204
Clean up code based on feedback from armon
2014-12-10 20:49:06 -05:00
a1afc07f54
Added more tests
2014-12-10 16:43:15 -05:00
c992c18ef0
Added more tests. Also added return of 404 if the session id to renew is not found
2014-12-10 10:02:23 -05:00
b623af776b
Consul Session TTLs
...
The design of the session TTLs is based on the Google Chubby approach
(http://research.google.com/archive/chubby-osdi06.pdf ). The Session
struct has an additional TTL field now. This attaches an implicit
heartbeat based failure detector. Tracking of heartbeats is done by
the current leader and not persisted via the Raft log. The implication
of this is during a leader failover, we do not retain the last
heartbeat times.
Similar to Chubby, the TTL represents a lower-bound. Consul promises
not to terminate a session before the TTL has expired, but is allowed
to extend the expiration past it. This enables us to reset the TTL on
a leader failover. The TTL is also extended when the client does a
heartbeat. Like Chubby, this means a TTL is extended on creation,
heartbeat or failover.
Additionally, because we must account for time requests are in transit
and the relative rates of clocks on the clients and servers, Consul
will take the conservative approach of internally multiplying the TTL
by 2x. This helps to compensate for network latency and clock skew
without violating the contract.
Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-12-07 12:38:22 -05:00
a542df954f
cleanup and simplify
2014-12-06 13:08:35 +01:00
40979b1159
* use defer to avoid tracking lock
...
* simplify control flow
2014-12-06 12:32:18 +01:00
5f4281f98f
consul: Server leave test fix
2014-12-05 11:22:54 -08:00
c6b3cae106
consul: Fix failing globalRPC test
2014-12-05 10:36:37 -08:00
850d5bdc32
typofixes - https://github.com/vlajos/misspell_fixer
2014-12-04 23:25:06 +00:00
402d580863
consul: Check that ACL also allows registration
2014-11-30 21:10:42 -07:00
d74f79b3fa
consul: Enforce service registration ACLs
2014-11-30 21:05:15 -07:00
818fc22c9f
* Fix race condition on read/write of shutdown bool variable of server and connection pool.
...
* In connection pool, there is no guarantee that .reap() cannot execute the same time as .Shutdown() is called. It also did not benefit to eval shutdown when a select is run on the shutdown channel.
* In server, same principle applies to handleConsulConn. Since we also have a shutdown channel, it makes more to use this than to loop on a bool variable.
2014-11-26 10:39:25 +01:00
73504a01e9
cleanup unreachable code
2014-11-25 19:54:30 +01:00
d7e09d57ba
Set empty Behavior setting into SessionKeysRelease and flag error for unrecognized values
2014-11-20 19:16:07 -05:00
3aabda02b3
Clean up tests, use switch to default session.Behavior value if unspecified, unrecognized
2014-11-20 14:29:18 -05:00
aa0cecd04e
Ephemeral Nodes for via Session behavior settings.
...
Added a "delete" behavior for session invalidation, in addition to
the default "release" behavior. On session invalidation, the sessions
Behavior field is checked and if it is set to "delete", all nodes owned
by the session are deleted. If it is "release", then just the locks
are released as default.
2014-11-20 11:34:45 -05:00
4cd89a9113
Rebase against upstream
2014-11-19 16:45:49 -08:00
3b2ab70c4d
consul: clean up comments, fix globalRPC tests
2014-11-19 16:37:40 -08:00
4a8249db00
consul: fix obscure bug when launching goroutines from for loop
2014-11-19 16:37:40 -08:00
2661bbfa27
consul: more tests, remove unused KeyManager() method
2014-11-19 16:37:40 -08:00
fcacee723b
consul: simplify keyring operations
2014-11-19 16:36:19 -08:00
66ad81ef13
consul: add test for internal keyring rpc endpoint
2014-11-19 16:36:19 -08:00
344b63b9db
consul: simplify keyring operations
2014-11-19 16:36:19 -08:00
b3f251de9c
command/keyring: clean up tests
2014-11-19 16:36:18 -08:00
d02afd42fb
agent: -encrypt appends to keyring if one exists
2014-11-19 16:36:01 -08:00
295f876923
command/agent: fix up gossip encryption indicator
2014-11-19 16:35:37 -08:00
7f85c708dc
agent: squash some more common keyring semantics
2014-11-19 16:34:18 -08:00
4e8f53fa5d
consul: detach executeKeyringOp() from *Internal
2014-11-19 16:34:18 -08:00
db0084ccd0
consul: use keyring operation type to cut out duplicated logic
2014-11-19 16:34:18 -08:00
057c22db10
consul: generalize multi-DC RPC call broadcasts
2014-11-19 16:34:18 -08:00
001a579d47
command/keyring: cleanup
2014-11-19 16:34:18 -08:00
cb795199d1
consul: test rpc errors returned from remote datacenters
2014-11-19 16:34:18 -08:00
a1943afddc
consul: make forwarding to multiple datacenters parallel
2014-11-19 16:34:18 -08:00
d7edc1c51c
consul: break rpc forwarding and response ingestion out of internal endpoints
2014-11-19 16:34:18 -08:00
1ec111bbfc
consul: kill unused struct fields
2014-11-19 16:34:17 -08:00
f6b5fc8c08
consul: cross-dc key rotation works
2014-11-19 16:34:17 -08:00
f9b5b15a6b
consul: use a function for ingesting responses
2014-11-19 16:34:17 -08:00
71e9715c54
consul: restructuring
2014-11-19 16:34:17 -08:00
a551a6e4a0
consul: refactor keyring, repeat RPC calls to all DC's
2014-11-19 16:34:17 -08:00
2e92e19760
agent: refactor keyring loader
2014-11-19 16:31:06 -08:00
43a60f1424
command: basic rpc works for keys command
2014-11-19 16:30:21 -08:00
96376212ff
consul: use rpc layer only for key management functions, add rpc commands
2014-11-19 16:30:21 -08:00
8a4ed84711
consul: first pass at keyring integration
2014-11-19 16:30:20 -08:00
dd41c69389
Merge pull request #478 from amalaviy/https
...
Added HTTPS support via a new HTTPS Port configuration option
2014-11-19 11:17:10 -08:00
bd1e03428c
consul: Increase maximum number of parallel readers
2014-11-18 18:46:43 -08:00
2bd0e8c745
consul.Config() helper to generate the tlsutil.Config{} struct, 30 second keepalive, use keepalive for HTTP and HTTPS
2014-11-18 17:56:48 -05:00
b4424a1a50
Moved TLS Config stuff to tlsutil package
2014-11-18 11:03:36 -05:00
0540605110
consul: Fixing key list index calculation
2014-11-12 17:55:45 -08:00
0222ed9eb9
Fix missing arguments
2014-11-01 22:56:48 +01:00
af90aa8026
Gofmt
2014-10-20 10:21:31 -07:00
3f36515544
Switching to the pinned version of msgpack
2014-10-17 18:26:19 -07:00
34713fe970
Encode/Decode test
2014-10-17 18:23:13 -07:00
b04dc46c72
consul: Improving test reliability
2014-10-17 17:40:14 -07:00
a1d2f9a3da
Merge pull request #401 from hashicorp/f-healthcheck
...
Default services to "critical" state instead of "unknown"
2014-10-15 16:50:38 -07:00
e571d532b2
consul: Fixing FSM path tests
2014-10-15 15:03:58 -07:00
0ea385579a
consul: Ensure FSM stores data in the data dir
2014-10-15 14:57:59 -07:00
5571da4661
consul: FSM stores state in a given path only
2014-10-15 14:56:12 -07:00
0d1559764d
consul: Allow providing a path for the state store
2014-10-15 14:55:04 -07:00
cc0f80a4aa
consul/structs: keep HealthUnknown around for backward compatibility
2014-10-15 11:35:22 -07:00
88b53702f1
consul: Reduce mmap size on 32bit
2014-10-15 11:32:40 -07:00
ec63686416
consul: kill remaining use of HealthUnknown
2014-10-15 10:14:46 -07:00
a8a5905d21
consul: less aggressive deadlock timer. Fixes #389
2014-10-14 12:00:25 -07:00
5c46544e7e
consul: Improve variable name
2014-10-14 11:04:43 -07:00
e33b6683aa
consul: Reap left members ignoring state. Fixes #371
2014-10-14 11:02:26 -07:00
8afbab60cb
consul: Log why invalidation happened. Fixes #390
2014-10-14 10:54:57 -07:00
b6c5d77cf8
consul: Fixing graceful leave of current leader. Fixes #360 .
2014-10-13 22:14:43 -07:00
e51f9da84b
consul: Deprecate ACLForceSet
2014-10-09 12:28:07 -07:00
1177a9bf11
consul: Fix non-deterministic ACL IDs
2014-10-09 12:23:32 -07:00
a80478594a
consul: Fix non-deterministic session IDs
2014-10-09 11:54:47 -07:00
daa32dd6f8
consul: don't close a nil connection
2014-10-02 10:26:25 -07:00
99d39db982
agent: First pass at multi-DC support
2014-08-28 15:00:49 -07:00
9eddff083a
consul: Testing user events
2014-08-26 19:26:55 -07:00
1227e77f6d
consul: Adding user event name tests
2014-08-26 19:20:02 -07:00
3a1d686444
consul: Adding user event handler for callbacks
2014-08-26 19:04:07 -07:00
b1cf52db01
consul: expose UserEvent from Serf
2014-08-26 18:50:03 -07:00
ce98b0abbd
consul: Deny delete anonymous or update of root policies
2014-08-22 14:55:09 -07:00
597cd12e97
consul: Ensure node/service/check registration is in a single txn
2014-08-22 12:38:33 -07:00
54ed1ec834
consul: fixing a unit test
2014-08-22 12:34:31 -07:00
a078e4d6f4
consul: Refactor txn handling in state store
2014-08-22 12:27:12 -07:00
1f845c995a
consul: Ensure authoritative cache is purged after update
2014-08-18 15:46:59 -07:00
6492f06a3e
consul: Provide ETag to avoid expensive policy fetch
2014-08-18 15:46:59 -07:00
7473bd2fc9
consul: ACL enforcement for KV updates
2014-08-18 15:46:24 -07:00
ea015710e9
consul: ACL enforcement for key reads
2014-08-18 15:46:24 -07:00
7299ef1a82
consul: Filter keys, refactor to interface
2014-08-18 15:46:24 -07:00
d38fd8eb1d
consul: Helpers to filter on ACL rules
2014-08-18 15:46:24 -07:00
Armon Dadgar