William Tisäter
75e631ee94
Add helper for lowercase list of strings
2014-07-23 23:42:21 +02:00
Armon Dadgar
bf26a9160f
consul: Defer serf handler until initialized. Fixes #254 .
2014-07-22 09:36:58 -04:00
Armon Dadgar
020802f7a5
Merge pull request #233 from nelhage/tls-no-subjname
...
Restore the 0.2 TLS verification behavior.
2014-07-01 13:41:00 -07:00
Nelson Elhage
627b2e455f
Add some basic smoke tests for wrapTLSclient.
...
Check the success case, and check that we reject a self-signed
certificate.
2014-06-29 18:11:32 -07:00
Nelson Elhage
0a2476b20e
Restore the 0.2 TLS verification behavior.
...
Namely, don't check the DNS names in TLS certificates when connecting to
other servers.
As of golang 1.3, crypto/tls no longer natively supports doing partial
verification (verifying the cert issuer but not the hostname), so we
have to disable verification entirely and then do the issuer
verification ourselves. Fortunately, crypto/x509 makes this relatively
straightforward.
If the "server_name" configuration option is passed, we preserve the
existing behavior of checking that server name everywhere.
No option is provided to retain the current behavior of checking the
remote certificate against the local node name, since that behavior
seems clearly buggy and unintentional, and I have difficulty imagining
it is actually being used anywhere. It would be relatively
straightforward to restore if desired, however.
2014-06-28 13:32:42 -07:00
Armon Dadgar
80b86c9ee9
Rename Expect to BootstrapExpect. Fixes #223 .
2014-06-19 17:08:55 -07:00
Armon Dadgar
406d19f483
consul: Minor cleanups
2014-06-18 16:15:28 -07:00
Robert Xu
fff6546c75
Minor cleanup to logic and testsuite.
...
Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-18 18:47:05 -04:00
Robert Xu
a2fea2ce55
Utilise new raft.SetPeers() method, move expect logic to leader.go.
...
This way, we don't use EnableSingleMode, nor cause chaos adding peers.
Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-18 12:03:30 -04:00
Robert Xu
31c392813c
Add expect bootstrap '-expect=n' mode.
...
This allows for us to automatically bootstrap a cluster of nodes after
'n' number of server nodes join. All servers must have the same 'n' set, or
they will fail to join the cluster; all servers will not join the peer set
until they hit 'n' server nodes.
If the raft commit index is not empty, '-expect=n' does nothing because it
thinks you've already bootstrapped.
Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-16 17:40:33 -04:00
Armon Dadgar
91373968a8
Adding server_name configuration for TLS
2014-06-13 11:10:27 -07:00
Robert B Gordon
987c078957
Seems like we should actually check the reference count.
2014-06-13 11:25:01 -05:00
Armon Dadgar
ea054b8847
consul: Start RPC before Raft, wait to accept connecitons
2014-06-11 10:17:58 -07:00
Armon Dadgar
1812eedad9
consul: start RPC after fully initialized. Fixes #160
2014-06-11 09:46:44 -07:00
Armon Dadgar
2e18774c02
consul: Avoid network for server RPC. Fixes #148 .
2014-06-10 19:12:36 -07:00
Armon Dadgar
cae158b310
consul: Provide output for serfHealth check. Fixes #176 .
2014-06-09 16:07:22 -07:00
Armon Dadgar
9e925bf458
consul: Adding support for optional session name
2014-06-09 11:42:28 -07:00
Armon Dadgar
06cd40d1e7
consul: fixing use of nil log output. Fixes #203
2014-06-09 11:16:53 -07:00
Armon Dadgar
c656bbfbcf
Rename shared msgpack handle
2014-06-08 14:02:42 -07:00
Andrew M Bursavich
d209517d50
reuse codec.MsgpackHandle
2014-06-07 01:13:38 -07:00
Armon Dadgar
b5bd20634a
consul: Gossip the build using Serf
2014-06-06 15:36:40 -07:00
Armon Dadgar
d0d85b461c
consul: Sort datacenter list. Fixes #198
2014-06-06 14:12:40 -07:00
William Tisäter
7b4c7f3f63
Log peers when TestLeader_LeftServer
fail
2014-05-30 21:18:37 +02:00
William Tisäter
2c13f8a03e
Re-configure LeaderLeaseTimeout
to pass validation
2014-05-30 20:57:39 +02:00
Armon Dadgar
890d4d771f
consul: Ensure clients also implement LocalMember
2014-05-29 11:21:56 -07:00
Armon Dadgar
f9766541e1
Merge pull request #173 from hashicorp/f-agent-self
...
Add `/v1/agent/self` and return local agent config
2014-05-29 11:18:19 -07:00
Armon Dadgar
09a988e8d4
consul: Conn pool clean, spare existing streams
2014-05-28 16:55:39 -07:00
Armon Dadgar
319ab05b8c
consul: Provide logger to yamux
2014-05-28 16:32:25 -07:00
Armon Dadgar
6b2fe4869b
consul: Suppress messages about closed connections
2014-05-28 16:32:25 -07:00
Armon Dadgar
d4a62e7c0d
consul: ensure connections are properly closed
2014-05-28 16:32:24 -07:00
Armon Dadgar
74452a5ae0
consul: Add new protocol version for yamux
2014-05-28 16:32:24 -07:00
Armon Dadgar
313f79913e
consul: Pass protocol version for leader forwarding
2014-05-28 16:32:24 -07:00
Armon Dadgar
345efd74e4
consul: remove explicit leave, use reconciliation
2014-05-28 16:32:24 -07:00
Armon Dadgar
d857c63f41
consul: Server processes local Serf join
2014-05-28 16:32:24 -07:00
Armon Dadgar
bf25792e2f
consul: Fix client server reaping
2014-05-28 16:32:24 -07:00
Armon Dadgar
589105eee4
consul: Store the protocol version for a server
2014-05-28 16:32:24 -07:00
Armon Dadgar
c8831db91c
consul: Adding Addr to serverParts
2014-05-28 16:32:24 -07:00
Armon Dadgar
a79c3d2103
consul: Pool client connections, support for yamux connections
2014-05-28 16:32:24 -07:00
Armon Dadgar
8e636ef340
consul: Support for incoming Yamux connections
2014-05-28 16:32:24 -07:00
Armon Dadgar
c98736b8ae
Merge pull request #174 from nelhage/multi-ca-cert
...
Allow multiple PEM-encoded certificates in the ca_file.
2014-05-27 10:47:41 -07:00
William Tisäter
a028c3ae93
Add /v1/agent/self
and return local agent config
2014-05-27 01:15:33 +02:00
William Tisäter
95e7752721
Wait for joining member in TestClient_JoinLAN
2014-05-27 00:55:20 +02:00
William Tisäter
405dfd99c1
Fix tests on Go 1.3 and greater
...
Go 1.3 and greater require ServerName or InsecureSkipVerify to be set.
https://codereview.appspot.com/67010043/
2014-05-27 00:47:47 +02:00
William Tisäter
0ddc86bbcc
Revert "Remove WaitForResult
from two failing tests"
...
This reverts commit f0842409cde194ce2102ff2baf3de821cb6ac9d5.
2014-05-26 23:49:23 +02:00
William Tisäter
93e89b8148
Remove TODO comments
2014-05-26 23:44:46 +02:00
William Tisäter
f990e9fcb2
Remove WaitForResult
from two failing tests
2014-05-26 23:44:37 +02:00
Nelson Elhage
7d4824ade7
Allow multiple PEM-encoded certificates in the ca_file.
...
fixes #167
2014-05-26 10:58:57 -07:00
Armon Dadgar
5c90e9b43e
consul: Suppress error if connection is closed
2014-05-23 16:28:55 -07:00
Armon Dadgar
d42474a7cb
Support wildcard for check lookup. Fixes #152
2014-05-21 12:45:12 -07:00
Armon Dadgar
5fa10c912e
Support rejoin after leave. Fixes #110 .
2014-05-21 12:32:24 -07:00