Commit Graph

1398 Commits

Author SHA1 Message Date
Frank Schroeder 3ea54c48a8 Move verifyUniqueListeners to command/agent/config.go 2017-05-04 01:41:47 +02:00
Frank Schroeder a0b98948d8 Cleanup agent config 2017-05-04 01:41:47 +02:00
James Phillips a3e1e8e7e5
Updates static assets to pick up #2712. 2017-05-02 10:52:06 -07:00
Kyle Havlovitz b5ed2ba536 Add separate option for verifying incoming HTTPS traffic (#2974)
* Add separate option for verifying incoming HTTPS traffic
2017-04-28 16:15:55 -07:00
Frank Schroeder 1973e66c07 api: Return empty list instead of nil 2017-04-28 15:00:08 -07:00
Frank Schroeder 2bf668b658 api: Add ServiceTags to Health state endpoint (#153)
This patch adds the ServiceTags to the /v1/health/state/<state>
endpoint.

Fixes #153
2017-04-28 15:00:08 -07:00
Frank Schroeder 7f64689828 Faster dev server startup
This patch reduces the timeouts for the development
server so that it starts up almost instantly.
2017-04-28 14:43:44 -07:00
Frank Schroeder 5bbef3b47e Revert "test: Run command/agent tests in parallel"
This reverts commit 17be40a73310e1a0d2461b175f6214381ac41039.
2017-04-27 14:39:04 -07:00
Frank Schroeder 9305c706e0 test: Do not run RetryJoin tests in parallel
I am suspecting port conflicts with the agents
that are started. This needs further investigation.
2017-04-27 14:39:04 -07:00
Frank Schroeder 9a2063bf6f test: Speedup session renew tests 2017-04-27 10:34:30 -07:00
Frank Schroeder 9db74f5a0e test: Speedup Retry*Join tests 2017-04-27 10:34:30 -07:00
Frank Schroeder 58e0b5cb70 test: Run command/agent tests in parallel 2017-04-27 10:34:30 -07:00
Kyle Havlovitz 42cf797ad9 Add TLS cipher suite options and CA path support (#2963)
This patch adds options to configure the available
TLS cipher suites and adds support for a path
for multiple CA certificates.

Fixes #2959
2017-04-27 01:29:39 -07:00
James Phillips 47640538d4
Updates compiled static assets. 2017-04-25 13:54:03 -07:00
Frank Schroeder 9e2332f6a1 golint: Fix existing comments
This needs more work.
2017-04-25 09:26:13 -07:00
Frank Schroeder 9de4555c0c golint: Untangle if blocks with return in else 2017-04-25 09:26:13 -07:00
Frank Schroeder f50d6871f9 golint: No stutter 2017-04-25 09:26:13 -07:00
Frank Schroeder 8c7bb7b65a golint: Rename fields and structs 2017-04-25 09:26:13 -07:00
Frank Schroeder f4a56d8a44 golint: Replace a += 1 with a++ 2017-04-25 09:26:13 -07:00
Frank Schroeder c7f367af56 golint: Consistent receiver name
Ensure the receiver name is consistent
2017-04-25 09:26:13 -07:00
Frank Schroeder ebdb73d8f2 golint: Drop the unused value from range
for i, _ := range foo -> for i := range foo
2017-04-25 09:26:13 -07:00
Frank Schroeder 9f8f258d4d Remove duplicate constants
This patch removes duplicate internal copies of constants in the structs
package which are also defined in the api package. The api.KVOp type
with all its values for the TXN endpoint and the api.HealthXXX constants
are now used throughout the codebase.

This resulted in some circular dependencies in the testutil package
which have been resolved by copying code and constants and moving the
WaitForLeader function into a separate testrpc package.
2017-04-20 09:54:49 -07:00
Frank Schroeder 58c3b1ff38 Use fmt.Fprint/Fprintf/Fprintln
Used the following rewrite rules:

gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)'  *.go
gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go
gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
2017-04-20 09:02:59 -07:00
mckennajones 1695506b1d
Added check to see if ui and ui-dir flags are both specified 2017-04-17 17:25:57 -07:00
James Phillips 1129827f91 Merge pull request #2842 from vaLski/supress_sigpipe_logging
Supress signal logging on SIGPIPE. Should address #2768
2017-04-13 16:52:29 -07:00
James Phillips 1f40dc83e3
Updates static assets to pick up #2899. 2017-04-13 14:40:16 -07:00
James Phillips 20bf47d2b4
Adds a new -disable-host-node-id option to help when testing with containers.
Fixes #2877.
2017-04-12 22:07:18 -07:00
Alex Dadgar 13f026dec4 Hash host ID so its stable and well distributed
This PR takes the host ID and runs it through a hash so that it is well
distributed. This makes it so that machines that report similar host IDs
are easily distinguished.

Instances of similar IDs occur on EC2 where the ID is prefixed and on
motherboards created in the same batch.
2017-04-10 11:57:24 -07:00
James Phillips c7f7e969d7 Merge pull request #2854 from hashicorp/remote-exec
Changes `disable_remote_exec` default to true so remote exec is opt-in.
2017-03-30 10:29:09 -07:00
Kyle Havlovitz a2058d23ef
Add CLI/API endpoints for removing peer by ID 2017-03-30 10:13:32 -07:00
James Phillips ac90110396
Changes `disable_remote_exec` default to true so remote exec is opt-in. 2017-03-30 09:43:32 -07:00
James Phillips 4259ecd8bc
Disables agent-level enforcement on Consul agents unless acl_datacenter is set. 2017-03-29 12:24:42 -07:00
vaLentin chernoZemski 8aee2b805a Supress signal logging on SIGPIPE. Should address #2768
When consul-template is communicating with consul and the job is done, consul thread receives SIGPIPE.

This cause the logs to be filled "Caught signal: broken pipe" and they does not bring any usefull info with them.

Skipping those.
2017-03-29 09:46:58 +03:00
James Phillips 424d70ba5d
Cleans up a stray mark and fixes unit tests.
Ended up removing the leader_test.go server address change test as part
of this. The join was failing becase we were using a new node name with
the new logic here, but realized this was hitting some of the memberlist
conflict logic and not working as we expected. We need some additional
work to fully support address changes, so removed the test for now.
2017-03-27 01:28:54 -07:00
James Phillips dce84379b7
Fixes up some broken unit tests. 2017-03-24 17:35:07 -07:00
James Phillips f2211d2489
Keeps the service and check tokens around for deregistration.
We fixed a few related issues while we were in here. We now only let
services register checks with a matching token, and we also close out
service and check delete operations if the catalog deregister claims
it doesn't know about the ID of the service or check being deleted.
2017-03-24 17:15:20 -07:00
James Phillips c553e1d93a
Changes verson 8 ACLs to opt-out. 2017-03-24 12:12:24 -07:00
Seth Vargo 2efa3bdff8
Use new APIs 2017-03-23 18:48:13 -04:00
Seth Vargo 78bd562f41
Re-add RPC parsing
This makes the upgrade path a bit nicer, since people will likely have
older configurations. This prints out a warning instead of just failing
if the old rpc addr or ports definition is in the config.
2017-03-23 17:10:14 -04:00
James Phillips ab2b615265
Renames some operator unit tests. 2017-03-22 19:26:43 -07:00
Kyle Havlovitz 37ea20cb44
Add advanced autopilot features 2017-03-22 15:25:16 -07:00
James Phillips 36a0abe10f Merge pull request #2801 from hashicorp/spoken-hub-oss
Adds support for WAN soft fail and join flooding.
2017-03-20 16:24:07 -07:00
James Phillips 964a5e2b28
Updates to latest built-in static assets. 2017-03-20 10:18:47 -07:00
James Phillips 28f8aa5559
Removes remoteConsuls in favor of the new router.
This has the next wave of RTT integration with the router and also
factors some common RTT-related helpers out to lib. While we were
in here we also got rid of the coordinate disable config so we don't
need to deal with the complexity in the router (there was never a
user-visible way to disable coordinates).
2017-03-16 16:42:19 -07:00
Kyle Havlovitz 006c6b93b3 Merge pull request #2802 from hashicorp/f-autopilot-improvements
Fix an issue with changing server ID when re-joining
2017-03-15 20:26:16 -07:00
Kyle Havlovitz bc0494e396
Reorganized cluster health check loop and logic 2017-03-15 18:27:17 -07:00
Kyle Havlovitz c40279e012
Fix an issue with changing server IDs and add a few UX enhancements around autopilot features 2017-03-15 16:09:55 -07:00
James Phillips 9b43b31900
Forces user-supplied node IDs to lower case for consistency. 2017-03-13 19:51:56 -07:00
Kyle Havlovitz 8130f9b1c1
Cleaned up and reorganized some autopilot-related code 2017-03-09 18:21:40 -08:00
Kyle Havlovitz a7de1e2a3b
Move RaftStats to Status endpoint 2017-03-07 13:58:06 -08:00
Kyle Havlovitz 0606133b75
Merge branch 'master' into f-autopilot-2 2017-03-06 16:02:19 -08:00
Kyle Havlovitz 8bcab6c6d7
Add autopilot server health tracking
This adds two goroutines to perform autopilot tasks on the leader - one
to monitor the health of servers and another to periodically clean up
dead servers with a limit on removal count. Also adds a new http endpoint,
`/v1/operator/autopilot/health`, for querying this information through an
operator RPC endpoint.
2017-03-06 16:00:10 -08:00
Sean Chittenden c6feba6ab7 Revert "Change `ClientAddr` to default to `BindAddr` when not present." 2017-03-06 13:32:43 -08:00
Sean Chittenden e1ced1de30
Change `ClientAddr` to default to `BindAddr` when not present.
With this change, it is now possible to only specify the `-bind` or
`bind_addr` attributes and get a functioning consul agent.
2017-03-04 20:52:52 -08:00
James Phillips aba567273e Merge pull request #2690 from zeroae/f-simple-rfc2782
RFC 2782 support with optional .service tag
2017-03-02 14:49:36 -08:00
Kyle Havlovitz 44f0b08db7 Merge pull request #2771 from hashicorp/f-autopilot
Autopilot dead server cleanup, config, and raft version compatibility
2017-02-28 15:04:16 -08:00
Kyle Havlovitz 77785778bf Merge pull request #2774 from hashicorp/f-cli-deprecation-docs
Add CLI RPC deprecation section to docs
2017-02-28 14:59:48 -08:00
Kyle Havlovitz 23c492a74e
Rename DeadServerCleanup and make wording adjustments 2017-02-28 14:45:21 -08:00
Kyle Havlovitz 3b67c50c1d
Remove the RPC client interface and update docs 2017-02-28 13:41:09 -08:00
Sean Chittenden 63402c6eaa
Follow the lead in 6fc901a8f3 and set the default `DisplayName` to `Consul` 2017-02-26 12:26:14 -08:00
Kyle Havlovitz 953baed324
Convert agent command to use base.Command 2017-02-24 18:11:05 -08:00
Kyle Havlovitz c9ddee1a79
Add CAS capability to autopilot config endpoint 2017-02-24 13:08:49 -08:00
Kyle Havlovitz 56e22a719f
Add state store table and endpoints for autopilot 2017-02-23 20:32:13 -08:00
Kyle Havlovitz ae9fce0ae0
Move raft_protocol out of autopilot config 2017-02-23 13:08:40 -08:00
Kyle Havlovitz f9588b8d7f
Add raft version 2/3 compatibility 2017-02-22 12:53:32 -08:00
Jeff Mitchell 15314c96d0 Update TestHTTPServer_UnixSocket with DialContext 2017-02-10 21:29:42 -05:00
Kyle Havlovitz 35d99a81ac
Update docs and give better error for unknown client scheme 2017-02-10 19:55:54 -05:00
Kyle Havlovitz bdb58adb80
Allow internal watches to use https and unix sockets 2017-02-10 18:38:39 -05:00
Kyle Havlovitz d3b24d2d12
Convert keyring command to use base.Command 2017-02-08 18:25:47 -05:00
Kyle Havlovitz 4fc3bd3abf
Added -relay-factor param to keyring operations 2017-02-01 21:53:29 -05:00
Kyle Havlovitz f48cd78bc5 Merge pull request #2699 from hashicorp/f-tls-min-version
Add TLSMinVersion to config options
2017-02-01 16:31:53 -05:00
Kyle Havlovitz 086975ac0a
Add TLSMinVersion to config options 2017-02-01 16:20:33 -05:00
Sean Chittenden 9e2557c53c
Re-cherry-pick 71d807f607589f2eb4fea4e83e3876d122c8afc0 and e2320d69b6b155d8223758415aabafc60a0e9d3b. 2017-02-01 10:27:04 -08:00
James Phillips 691aec917e
Fixes issue with missing CNAME for services with non-IP addresses set in SRV responses. 2017-01-31 20:57:50 -08:00
Patrick Sodré 5b68178dc1 Simple RFC 2782 support with optional .service tag
Add support for SRV queries of names matching:
_<service>._<protocol>.[.service][.datacenter]<.domain>
2017-01-30 19:46:02 -05:00
James Phillips 682d65b4bc
Redacts AWS join credientials from /v1/agent/self output. 2017-01-25 21:01:07 -08:00
James Phillips 09dd23e14a
Updates a comment to point to new blockingQuery function. 2017-01-25 09:58:22 -08:00
James Phillips 6e58d7b80d
Pulls in latest static asset updates. 2017-01-25 09:57:56 -08:00
Kyle Havlovitz a09b6ea8b4
Fix test import 2017-01-23 21:34:01 -05:00
Kyle Havlovitz cc271aa436
Merge branch 'master' into f-prepared-query-nodemeta 2017-01-23 20:17:48 -05:00
Kyle Havlovitz 3cd054e81f
Add tests for node meta in prepared queries and update docs 2017-01-23 19:17:30 -05:00
James Phillips 55cd1d975c
Adds catalog support for node IDs. 2017-01-18 14:26:42 -08:00
James Phillips e73d3c2312
Adds a test to make sure we get the same ID on the second run. 2017-01-18 09:52:34 -08:00
James Phillips 96bff003b7
Adds basic support for node IDs. 2017-01-17 22:47:59 -08:00
James Phillips 17c4754eac Merge pull request #2639 from tanuck/master
Standardize the case of all check log messages
2017-01-17 09:07:45 -08:00
James Phillips 05ce6766aa Merge pull request #2578 from ybubnov/concurrent-safe-notification-mock
Concurrent-safe notification mock
2017-01-17 09:01:43 -08:00
Kyle Havlovitz e37f25dc02
Add node metadata filtering to remaining health/catalog endpoints 2017-01-13 20:08:43 -05:00
Kyle Havlovitz ebd37af4ef
Style tweaks and vendor.json cleanup 2017-01-12 16:49:44 -05:00
Kyle Havlovitz 2139dbb029
Merge branch 'master' into f-gce-discovery 2017-01-11 22:57:07 -05:00
Kyle Havlovitz 84b157eade
Condense gce discovery logging a bit 2017-01-11 22:37:22 -05:00
Kyle Havlovitz 821735d175 Merge pull request #2643 from hashicorp/f-node-metadata
Node metadata
2017-01-11 20:29:24 -05:00
Kyle Havlovitz 51a1834667
Add -node-meta to agent command line options 2017-01-11 16:09:04 -05:00
Kyle Havlovitz d77890a011
Validate metadata config earlier and handle multiple filters 2017-01-11 15:12:03 -05:00
Andrew Glen-Young c78c07d9cb Pedantic typo fix 2017-01-10 15:44:32 -05:00
Kyle Havlovitz 6b5cf20b1c
Fix formatting 2017-01-09 13:49:33 -08:00
Kyle Havlovitz aee766baba
Add meta key validations and more tests 2017-01-09 11:21:49 -08:00
Kyle Havlovitz b25f4c7d35
Add tests for node metadata functionality 2017-01-05 17:21:56 -08:00
Kyle Havlovitz 2a423c6e2c
Add support for setting node metadata fields 2017-01-05 14:10:26 -08:00
James Tancock 5b526f0847 Standardize the case of all check log messages 2017-01-05 08:34:20 +00:00
Kyle Havlovitz 5d03ab53f3
Don't error if the given data-dir doesn't exist 2016-12-15 12:55:21 -05:00
James Phillips 5a6521c385
Adds exception for data-dir check in -dev mode.
This was changed in #2529.
2016-12-14 22:11:16 -08:00
James Phillips a0032d5c39
Updates web assets to match latest. 2016-12-14 21:08:17 -08:00
James Phillips b617e54ff0 Merge pull request #2594 from hashicorp/acl-complete
Adds complete ACL support for /v1/agent endpoints.
2016-12-14 20:49:00 -08:00
James Phillips 7ee097c1ba
Adds complete ACL support for listing events. 2016-12-14 19:42:37 -08:00
James Phillips ae83cc96f9
Adds remaining unit tests for agent ACL vet and filter functions. 2016-12-14 19:28:09 -08:00
James Phillips 51d1742025
Fixes a race in the monitor endpoint test that would cause panics. 2016-12-14 18:13:30 -08:00
Kyle Havlovitz 9f81d70d31 Merge pull request #2529 from mckennajones/bug/1838
Give a better error message when data-dir is not a directory
2016-12-14 20:21:10 -05:00
Kyle Havlovitz 78455621a1 Handle error from stat on data-dir and shorten error message 2016-12-14 20:06:00 -05:00
James Phillips a57ddae900
Adds a leader wait when testing with ACLs. 2016-12-14 16:18:17 -08:00
James Phillips b7ebe0b384
Adds complete ACL coverage for non-utility agent endpoints.
This is a checkpoint - we need to complete some unit tests for agent/acl.go.
2016-12-14 14:53:40 -08:00
Kyle Havlovitz 80a8055d5a Merge pull request #2553 from mckennajones/bug/ignoresigpipe
Ignore sigpipe signals
2016-12-14 15:36:26 -05:00
Kyle Havlovitz 398f4a04ef
Add a notice about deprecation of atlas features 2016-12-14 15:13:51 -05:00
James Phillips 48603b4764
Adds complete ACL support for agent utility endpoints. 2016-12-14 11:12:55 -08:00
James Phillips 927aa3789a
Adds ACL management support to the agent. 2016-12-14 07:07:41 -08:00
James Phillips dd82c8529d
Adds a unit test to make sure the status endpoint doesn't ever show anything
with "token" in the name.
2016-12-14 07:07:41 -08:00
James Phillips 535d6b21b4
Adds complete ACL coverage for /v1/session endpoints. 2016-12-12 21:59:22 -08:00
James Phillips 8db53b4ac2
Adds complete ACL coverage for /v1/coordinate/nodes and Coordinate.Update RPC. 2016-12-12 14:52:27 -08:00
James Phillips 67f1fe8d0b
Adds support for a new "acl_agent_token" which is used for internal
catalog operations.
2016-12-12 14:52:27 -08:00
James Phillips 99a5ae2737
Bans anonymous queries that aren't tied to a session.
This gets us coverage of PQ creation under the existing service
policy or the soon-to-be-added session policy.
2016-12-12 14:52:27 -08:00
James Phillips 2b19a5340c
Removes the exception for the "consul" service in the catalog. 2016-12-07 17:58:23 -08:00
Yakau Bubnou 5c210fb25d Concurrent-safe notification mock
This patch provides additional attribute to the notification mock in
order to protect an access to the internal maps from multiple
go-routines. This is required to prevent panic errors caused by
inconsistent map state.
2016-12-07 19:31:44 +03:00
Chris Marchesi 1b4e26d005 command/agent: Google Compute Engine host discovery
This commit adds several command-line and config options that facilitate
host discovery through Google Compute Engine (GCE), much like the
recently added EC2 host discovery options. This should assist with
bootstrapping and joining servers within GCE when non-static addresses
are used, such as when using managed instance groups.

Documentation has also been added. It should be noted that if running
from within a GCE instance, the only option that should be necessary is
-retry-join-gce-tag-value.
2016-12-06 17:46:40 -08:00
James Phillips eb07e77c1c
Adds an opt-in for new ACL policies and features coming in Consul 0.8. 2016-12-06 11:06:14 -08:00
Sean Chittenden 1ca285221a
Run all known addresses through go-sockaddr/template.
The following is now possible:

```
$ consul agent -dev -client="{{GetPrivateIP}}" -bind='{{GetInterfaceIP "en0"}}'
```
2016-12-02 16:35:38 +11:00
Kyle Havlovitz 3649c18ef0 Fix race issue in monitor endpoint test 2016-12-01 13:40:00 -05:00
James Phillips bd5adea5ba Merge pull request #2555 from hashicorp/pr-2497-slackpad
Updates Circonus library and adds support for custom display name and tags.
2016-11-30 21:42:01 -08:00
Kyle Havlovitz dd05afb32e Add reload/leave http endpoints (#2516) 2016-11-30 13:29:42 -05:00
mckennajones 33d97a9b9a ignore sigpipe signals to fix journalctl issue #2404 2016-11-30 09:42:10 -08:00
Seth Vargo 1c55429a38
Add an API method for determining the best status
Given a list of HealthChecks, this determines the "best" status for the
collective group. This is useful for nodes and services, which may have
multiple checks associated with them.
2016-11-29 18:41:46 -05:00
Kyle Havlovitz ccab51b07c Add logWriter to agent Create() method 2016-11-28 18:36:26 -05:00
Kyle Havlovitz d91854f3b0 Add monitor http endpoint 2016-11-28 18:36:26 -05:00
James Phillips 147d6deea5
Updates static assets to pick up #2340 and and #2525. 2016-11-22 17:47:50 -08:00
Kyle Havlovitz 79f339b5dc Combine keyring endpoints into one 2016-11-22 20:10:43 -05:00
Kyle Havlovitz 2d37a07476 Add keyring http endpoints 2016-11-22 20:10:43 -05:00
mckennajones 6a49edf128 check if data-dir is actually a directory 2016-11-22 13:33:51 -08:00
James Phillips cf5134e4f0
Defaults to pretty JSON in dev mode. 2016-11-17 22:31:19 -08:00
James Phillips b672fea37b Merge pull request #2238 from hasyimibhar/master
Remove duplicated environment variables
2016-11-17 16:18:02 -08:00
James Phillips 60d0c66be0
Revert "Updates Circonus metrics library and adds support for display name and tags."
This reverts commit bd490ec937a5859ba43b07d9103b3cb8f037e9e5 from #2491.
2016-11-09 16:21:02 -08:00
Kyle Havlovitz 9b6847d13f Use uuids in persist temp files to avoid race (#2494) 2016-11-09 15:22:53 -08:00
Kyle Havlovitz b170282d0f Improve logging when deregistering a nonexistent service (#2492)
Log a warning instead of a success message when attempting to deregister a nonexistent service. In Consul 0.8 this can be changed to giving an error outright, but for now we can keep the idempotent delete behavior.
2016-11-09 16:56:54 -05:00
matt maier c7f98fe988 Updates Circonus metrics library and adds support for display name and tags.
* Update circonus-gometrics

`vendor circonus-labs/circonus-gometrics`
`vendor circonus-labs/circonus-gometrics/api`
`vendor circonus-labs/circonus-gometrics/checkmgr`
`vendor circonus-labs/circonusllhist`
`vendor hashicorp/go-retryablehttp`

* Update Circonus integration expose Check Display Name and Check Tags configuration options.

* Adds version info to docs for new Circonus options.
2016-11-09 13:26:43 -08:00
matt maier 62fe94b3d6 Update Circonus integration expose Check Display Name and Check Tags configuration options. 2016-11-09 15:33:37 -05:00
James Phillips 739f91ad6a Removes stale reference to reap lock which causes a panic. (#2490) 2016-11-09 09:52:07 -08:00
James Phillips e01fde4007
Runs the static asset packaging inside the container; updates assets. 2016-11-08 15:14:08 -08:00
James Phillips 45def3e9ac
Updates embedded static assets. 2016-11-08 14:22:39 -08:00
Kyle Havlovitz 1ffdf04bd7 Set MaxStale default to 10 years and add a stale counter (#2481)
Default MaxStale to 10 years and add a counter at `consul.dns.stale_queries` that tracks when an agent serves a query that's stale by at least 5 seconds. Previously, MaxStale defaulted to 5 seconds and DNS would become unavailable after a short period of time with no leader. This new default allows DNS requests to still be served in the event of a long outage.

Fixes #2460.
2016-11-08 14:45:12 -05:00
Brian Hays 9384c3a797 Lowercase ACL Datacenter (#2478)
* Lowercase ACL Datacenter

* move lowercasing of ACLDatacenter to command.go and add validation

* Tweaks error message about bad ACL datacenter.
2016-11-07 18:41:23 -08:00
Kyle Havlovitz d71cdf9dc2 Merge pull request #2480 from hashicorp/b-atomic-writes
Atomic writes for persisting service/check state
2016-11-07 15:36:35 -05:00
Kyle Havlovitz 06fac8a918
Add a note about not calling sync for persistCheckState 2016-11-07 15:24:31 -05:00
Kyle Havlovitz 6b6601093c
Call fsync() for saving check/service state 2016-11-07 13:51:03 -05:00
Kyle Havlovitz 5a3996af61 Add WaitForResult to some flaky tests (#2477)
This replaces some hard sleeps with testutil.WaitForResult retry
logic in some recently added tests around TLSSkipVerify in checks.
2016-11-04 21:55:55 -07:00
James Phillips ea95e8f40d Moves logger setup into its own package. (#2471)
* Moves logger setup into its own package.

* Removes a stray regex mark in the test locator.
2016-11-03 21:14:56 -07:00
Kyle McCullough 697ea0f8eb Add setting to skip ssl certificate verification for HTTP checks (#1984)
* http check: add setting to skip ssl certificate verification

* update http check documentation

* fix typo in documentation

* Add TLSSkipVerify to agent api
2016-11-03 13:17:30 -07:00
James Phillips 18926728d4 Supports WAN and LAN Serf Bind Addresses. (#2468)
* * adding cli config and config file support for specifying the serf wan and lan bind addresses
* updating documentation for serf wan and lan options
Fixes #2007

* Cleans up some small things from #2380.

* Uses the bind default for the agent test for Serf WAN and LAN.
2016-11-03 12:58:58 -07:00
James Phillips 1d35ff27ef
Removes unnecessary clause in unit test check. 2016-11-03 12:26:48 -07:00
James Phillips 42de8f9800 Adds support for DNS recurse truncation. (#2467)
* Return message from recurse even if truncated

Signed-off-by: Evan Farrar <efarrar@pivotal.io>

* Tweaks unit test.
2016-11-03 12:21:16 -07:00
Kyle Havlovitz a8215f4e2f Merge pull request #2459 from hashicorp/f-aws-autodiscovery
AWS -retry-join-ec2 option
2016-11-03 13:27:23 -04:00
Kyle Havlovitz 1e2ca107c2
Small tweaks to docs and syntax 2016-11-03 13:04:42 -04:00
Kyle Havlovitz 169cae2203 Disallow -bootstrap-expect flag in dev mode (#2464) 2016-11-03 01:54:43 -04:00
James Phillips 03f623f89b
Builds static assets to pick up #2456 (redux).
Built this time using the same container that the dist build uses so
it won't see a difference and fail the build.
2016-11-02 15:54:53 -07:00
Kyle Havlovitz a3af480c42
Add support for ECS task roles as an auth mechanism 2016-11-02 18:48:15 -04:00
Kyle Havlovitz b9aa912e4c
Move EC2 discovery logic into retryJoin for robustness 2016-11-02 14:35:37 -04:00
Kyle Havlovitz f212329cc6
Support more forms of EC2 authentication 2016-11-01 21:24:18 -04:00
Kyle Havlovitz d615141c16
Add testing around EC2 discovery config 2016-11-01 18:26:15 -04:00
Kyle Havlovitz 0499784b94
Fixed up config structure for EC2 discovery 2016-11-01 17:58:51 -04:00
Kyle Havlovitz 9aa0261c1c Merge branch 'master' of github.com:hashicorp/consul into aws_autodiscovery 2016-11-01 11:19:52 -04:00
James Phillips 9768b2ea2f
Builds static assets to pick up #2456. 2016-10-31 18:20:36 -07:00
Kyle Havlovitz 10c5f11315 Retry periodically for 60s if syslog setup fails (#2455) 2016-10-31 17:24:00 -07:00
Kyle Havlovitz d5ee327fea More flaky unit test fixes (#2449)
* More flaky unit test fixes
* Raise some test timeouts that were too low
2016-10-31 09:59:20 -07:00
Kyle Havlovitz efb8f84922 Added tests for lookups on the 'addr.consul' domain 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 9069deb792 Add a service address SRV lookup test for IPv6 2016-10-27 21:04:06 -07:00
Kyle Havlovitz 5888b4f7bf Fix test cases 2016-10-27 21:04:06 -07:00
Kyle Havlovitz b72bccc1c4 Give the service address in SRV lookup when it differs from the node's 2016-10-27 21:04:06 -07:00
Kyle Havlovitz de308e75e1 Resolve Consul CNAME records on external services (#2444) 2016-10-26 19:23:51 -07:00
James Phillips bc29610124 Adds support for snapshots and restores. (#2396)
* Updates Raft library to get new snapshot/restore API.

* Basic backup and restore working, but need some cleanup.

* Breaks out a snapshot module and adds a SHA256 integrity check.

* Adds snapshot ACL and fills in some missing comments.

* Require a consistent read for snapshots.

* Make sure snapshot works if ACLs aren't enabled.

* Adds a bit of package documentation.

* Returns an empty response from restore to avoid EOF errors.

* Adds API client support for snapshots.

* Makes internal file names match on-disk file snapshots.

* Adds DC and token coverage for snapshot API test.

* Adds missing documentation.

* Adds a unit test for the snapshot client endpoint.

* Moves the connection pool out of the client for easier testing.

* Fixes an incidental issue in the prepared query unit test.

I realized I had two servers in bootstrap mode so this wasn't a good setup.

* Adds a half close to the TCP stream and fixes panic on error.

* Adds client and endpoint tests for snapshots.

* Moves the pool back into the snapshot RPC client.

* Adds a TLS test and fixes half-closes for TLS connections.

* Tweaks some comments.

* Adds a low-level snapshot test.

This is independent of Consul so we can pull this out into a library
later if we want to.

* Cleans up snapshot and archive and completes archive tests.

* Sends a clear error for snapshot operations in dev mode.

Snapshots require the Raft snapshots to be readable, which isn't supported
in dev mode. Send a clear error instead of a deep-down Raft one.

* Adds docs for the snapshot endpoint.

* Adds a stale mode and index feedback for snapshot saves.

This gives folks a way to extract data even if the cluster has no
leader.

* Changes the internal format of a snapshot from zip to tgz.

* Pulls in Raft fix to cancel inflight before a restore.

* Pulls in new Raft restore interface.

* Adds metadata to snapshot saves and a verify function.

* Adds basic save and restore snapshot CLI commands.

* Gets rid of tarball extensions and adds restore message.

* Fixes an incidental bad link in the KV docs.

* Adds documentation for the snapshot CLI commands.

* Scuttle any request body when a snapshot is saved.

* Fixes archive unit test error message check.

* Allows for nil output writers in snapshot RPC handlers.

* Renames hash list Decode to DecodeAndVerify.

* Closes the client connection for snapshot ops.

* Lowers timeout for restore ops.

* Updates Raft vendor to get new Restore signature and integrates with Consul.

* Bounces the leader's internal state when we do a restore.
2016-10-25 19:20:24 -07:00
Kyle Havlovitz 107f4ff878 Agent anti-entropy test fixes 2016-10-25 17:48:11 -07:00
Kyle Havlovitz 61311cff80 Test fixes (#2434)
* Test fixes in health_endpoint_test.go, agent_endpoint_test.go and rtt_test.go
* Don't reuse the same agent config in TestAgent_ReconnectConfigSettings
2016-10-25 13:46:54 -07:00
James Phillips dace771f06 Merge pull request #2389 from hashicorp/jbs-2019
Lower Service tag DNS warning to DEBUG for #2019
2016-10-24 17:05:02 -07:00
James Phillips 377ce12e53
Removes reap config option. 2016-10-06 21:45:18 -07:00
Brian Shumate 36e1a194c2
Lower Service tag DNS warning to DEBUG for #2019 2016-10-05 08:45:01 -04:00
Adam Wolfe Gordon ae5bd0f2cc agent: Stop reaping child processes (resolves #1988)
The consul docker image now uses dumb-init to reap child processes, so
there's no need to reap them ourselves.
2016-10-04 09:36:41 -06:00
James Phillips 5eb4c94bde
Runs go-fmt (incidental to this PR). 2016-09-23 17:44:14 -07:00
James Phillips 36db92932a
Makes string search for Windows case-insensitive.
Fixes #2356.
2016-09-23 17:43:40 -07:00
James Phillips a477481ad3 Merge pull request #2353 from hashicorp/b-local-panic
Cleans up state management for remote deletes from local state.
2016-09-22 12:56:08 -07:00
James Phillips 6f1050a181
Calls remove on checks and services in the local test. 2016-09-22 11:41:17 -07:00
James Phillips 434233a131
Cleans up state management for remote deletes from local state.
Fixes #2125.
2016-09-21 16:52:43 -07:00
James Phillips 41b0115ee6 Merge pull request #2262 from WIZARD-CXY/master
Fixes go race bug in startup log buffering.
2016-09-20 17:24:52 -07:00
Felix f9e001cb6e return an error if no logOutput is provided
Otherwise the code will panic at a later stage where it is more complicated to figure out what’s actually going on.
2016-09-17 17:46:13 +09:00
James Phillips aed72ccc60 Merge pull request #2263 from sweeneyb/dnsPort
Add support for dns port as a command line option
2016-09-01 22:16:15 -07:00
James Phillips 4819cf3a52
Does some go fmt cleanup. 2016-09-01 22:14:19 -07:00
James Phillips 1924eccf71 Merge pull request #2322 from hashicorp/pr-2321-slackpad
Adds a configurable timeout for DNS recursor client.
2016-09-01 22:11:54 -07:00
James Phillips 314bd1363c
Adds a recursor timeout line to the merge test. 2016-09-01 21:53:33 -07:00
James Phillips 3f3bb444fa
Fixes a typo in a test error message. 2016-09-01 21:52:29 -07:00
Pivotal DX129 2682410059 Merge remote-tracking branch 'upstream/master' 2016-09-01 10:15:32 -04:00
James Phillips d419a0ae0d
Changes default for `leave_on_terminate` based on server or client mode. 2016-08-31 23:39:11 -07:00
James Phillips 3304352272
Changes default DNS allow_stale to true. 2016-08-30 13:55:19 -07:00
James Phillips 6be1e07fec
Makes the Raft configuration API easier to consume. 2016-08-30 11:30:56 -07:00
James Phillips 1b7a16b7d3
Adds new consul operator endpoint, CLI, and ACL and some basic Raft commands. 2016-08-30 00:02:50 -07:00
Pivotal DX129 6acb742c08 Fixed code formatting 2016-08-29 17:29:23 -04:00
Pierre Delagrave b97500234d Made the dns recursor timeout test more reliable 2016-08-29 13:23:14 -04:00
Pierre Delagrave 3d5c2609e7 Renamed dns config parameter internal_client_timeout for recursor_timeout 2016-08-26 15:22:04 -04:00
Pierre Delagrave 0895e48106 Merge remote-tracking branch 'pierre/master' 2016-08-26 15:12:38 -04:00
James Phillips 5df4fffd09 Merge pull request #2303 from hashicorp/f-tunes
Adds performance tuning capability for Raft, detuned defaults, and supplemental docs.
2016-08-25 15:45:49 -07:00
James Phillips 2f4c237cff
Adds a max raft multiplier and tweaks documentation. 2016-08-25 15:36:05 -07:00
James Phillips 5df36fbd82
Stops scaling the commit timeout. 2016-08-25 15:05:40 -07:00
James Phillips 40f3470696
Redacts the Circonus API token from stats JSON. 2016-08-24 23:27:25 -07:00
James Phillips b339b0d2fc
Adds performance tuning capability for Raft, detuned defaults, and supplemental docs. 2016-08-24 21:58:37 -07:00
Pierre Delagrave 17b6a18c37 Added a configurable timeout to the client making DNS queries to downstream name servers 2016-08-23 16:59:38 -04:00
James Phillips 2aeaf35c41
Removed bad error message for health check status. 2016-08-17 17:54:09 -07:00
James Phillips 0bdbdf1ba8 Merge pull request #2226 from abhinavdahiya/rm-health-unknown
Fixes #1775; Removes 'unknown' state
2016-08-17 17:51:04 -07:00
James Phillips db9a72dde1
Merge branch 'master' into f-deregister-critical 2016-08-16 12:53:21 -07:00
James Phillips 607595f99e
Cleans up based on code review feedback. 2016-08-16 12:52:30 -07:00
James Phillips bc333335be
Adds an `X-Consul-Translate-Addresses` to signal translation is enabled. 2016-08-16 11:31:41 -07:00
James Phillips 817d7e93e4
Adds an "lan" tagged address so we have a way to get them all.
If we didn't have this, then there would be no way to know the LAN
address if address translation was turned on.
2016-08-16 10:49:03 -07:00
James Phillips b4f981c837
Adds ability to deregister a service based on critical check state longer than a timeout. 2016-08-16 01:00:26 -07:00
James Phillips 12e6db464b
Tweaks the WAN address translation unit tests. 2016-08-15 15:34:11 -07:00
James Phillips c066c2e70a
Factors translate out into a separate file and makes safe for in-memory RPCs. 2016-08-15 15:05:02 -07:00
Xingyu Chen 07d141570c Update gated_writer.go 2016-08-14 16:36:21 +08:00
David van Geest 360e196c93
Translate Address to tagged WAN address in HTTP API when appropriate. 2016-08-12 18:25:36 -07:00
James Phillips 8e8f840169
Updates built-in UI static assets to latest. 2016-08-12 18:01:59 -07:00
James Phillips 4915790bdc
Runs `go fmt`. 2016-08-12 17:26:23 -07:00
James Phillips 6c4a8d8383
Tweaks DNS prepared query failover unit test. 2016-08-12 17:16:08 -07:00
Max Timchenko 90f49354d6
Corrects two issues with DNS prepared query failover
When DNS prepared query fails over to another datacenter and the datacenter
returns some nodes, the DNS result does not translate WAN addresses even when
translation is enabled for SRV and A queries, and returns the wrong datacenter
(the one that failed over) for SRV queries.
2016-08-12 17:06:43 -07:00
James Phillips a379078e3e Merge pull request #2267 from hashicorp/b-srv-trim
Fixes bug when trimming DNS SRV records.
2016-08-12 14:57:20 -07:00
James Phillips a666dc44b3
Passes the index by reference so we can control the allocation. 2016-08-12 14:51:50 -07:00
James Phillips de95fe8638
Makes name compares case-insensitive. 2016-08-12 12:16:21 -07:00
R.B. Boyer 291a468c87
Validate gossip encryption key before made persistent in local.keyring 2016-08-12 11:42:45 -07:00
James Phillips 45e2879eb5
Avoids allocations and function calls if no extra data is present. 2016-08-12 10:29:57 -07:00
James Phillips e05c77b9bf
Renames "seen" to "resolved". 2016-08-11 22:01:57 -07:00
James Phillips 6c22c48326
Fixes the DNS SRV trim bug. 2016-08-11 21:46:14 -07:00
James Phillips 086a5af5ff
Finishes up DNS compression by adding opt-out, tests, and documentation. Fixes trim routine. 2016-08-11 16:27:08 -07:00
epipho f31f1c04e9
Fix panic where r.Compress would be set before checking for errors. 2016-08-11 16:27:08 -07:00
epipho 6d17b4eb67
Compress all DNS responses to prevent them from going over the 512 byte
limit from RFC 1035
2016-08-11 16:27:08 -07:00
sweeneyb e8117ba622 Add support for dns port as a command line option 2016-08-10 04:05:56 +00:00
chenxingyu 53009f2466 fix go race bug 2016-08-10 10:44:20 +08:00
James Phillips b566c094bb
Updates bindata after vendor update. 2016-08-09 19:03:10 -07:00
James Phillips f00e49112a
Installs a wrapper around HTTP endpoints that generate metrics. 2016-08-09 15:41:15 -07:00
James Phillips 3585b5a4cb Merge pull request #2237 from hashicorp/f-acl-replication
Adds ACL replication.
2016-08-09 11:42:16 -07:00
James Phillips 2acb287690
Fixes JS exception when there are no coordinates present. 2016-08-08 17:38:22 -07:00
James Phillips 4a931ae12e
Adds an ACL replication status endpoint. 2016-08-04 23:30:16 -07:00
James Phillips c4ae68010b
Hides the acl_replication_token from JSON output, like in /v1/agent/self. 2016-08-03 21:24:09 -07:00
James Phillips 9cece515c0
Adds basic ACL replication plumbing. 2016-08-03 21:24:04 -07:00
Cameron Davison 40d1c279dd
atomic write service state and checks files, fixes #1221 2016-08-03 10:34:12 -05:00
Hasyimi Bahrudin b2ad8114fe Remove redundant hardcoded environment variables
The following hardcoded environment variables are removed:

* CONSUL_RPC_ADDR
* CONSUL_HTTP_ADDR
2016-08-03 14:40:26 +08:00
Abhinav Dahiya 9dc52449e3 Fixes #1775; Removes 'unknown' state
Signed-off-by: Abhinav Dahiya <abhinavdtu2012@gmail.com>
2016-07-30 19:33:14 +05:30
James Phillips 5d83d507b4 Adds consul info data into /v1/agent/self endpoint. 2016-07-20 15:12:26 -07:00
James Phillips 4a7b55c8cb Fixes startup version print to show the human version. 2016-07-20 08:09:05 -07:00
James Phillips 9816c995bd Adds version info back into the config.
In #2191 I accedentally broke SCADA by not populating the agent's version
information into the config structure. This adds it back, and makes the
distinction between the raw parts we send to APIs and the human form of
the version that we display.
2016-07-19 18:38:15 -07:00
James Phillips 51fbad91fd Merge pull request #2193 from hashicorp/pr-2188-slackpad
Adds Circonus support for telemetry metrics.
2016-07-19 17:15:29 -07:00
James Phillips ca5f42d61d Tweaks the docs a bit. 2016-07-19 15:54:52 -07:00