Commit Graph

1193 Commits

Author SHA1 Message Date
James Phillips 04dffd7c46 Adds a check for in-band error returns in the coordinate RaftApply. 2015-11-15 16:50:46 -08:00
James Phillips 5b0697fc67 Changes batch update failure to a WARN since it's nbd. 2015-10-29 09:26:24 -07:00
James Phillips eb4bfa3411 Prevents agents from considering Raft information when doing sync checks. 2015-10-28 14:32:00 -07:00
James Phillips 7c44a9b6c9 Fixes a bad error message. 2015-10-28 12:40:47 -07:00
James Phillips 5449096bc2 Adds a check for the minimum version as well. 2015-10-27 15:56:36 -07:00
James Phillips 1c678effde Sets the ignore flag on coordinate update Raft log entries. 2015-10-27 14:44:34 -07:00
James Phillips c1305a08ea Makes the version upshift code look at the correct version field. 2015-10-27 14:44:34 -07:00
James Phillips b91e2d3a97 Completes rebase of network coordinates to new memdb. 2015-10-23 15:23:01 -07:00
James Phillips 132e1d813b Fixes configs now that Serf always caches coordinates. 2015-10-23 15:23:01 -07:00
James Phillips aea2194ce3 Makes the default protocol 2 and lets 3 interoperate with 2. 2015-10-23 15:23:01 -07:00
James Phillips 7dd88f7de6 Zeroes out the height when testing exact distances. 2015-10-23 15:23:01 -07:00
James Phillips 7d5e29f6c6 Cleans up after latest rebase. 2015-10-23 15:23:01 -07:00
James Phillips a74bdcba49 Moves sorting up into coordinate endpoint HTTP handlers. 2015-10-23 15:23:01 -07:00
James Phillips a2bcef00a0 Adds endpoints for raw network coordinates. 2015-10-23 15:23:01 -07:00
James Phillips e900fef95a Fixes bad name for DC forwarding of Coordinate.Get. 2015-10-23 15:23:01 -07:00
James Phillips ee1cf1e13b Adds distance sorting to health endpoint. Cleans up unit tests. 2015-10-23 15:23:01 -07:00
James Phillips 019f656f39 Switches to the median over all DC nodes with known coordinates. 2015-10-23 15:23:01 -07:00
James Phillips 5609b2e889 Adds explicit check for empty node in source parameter. 2015-10-23 15:23:01 -07:00
James Phillips 5d75ce7852 Moves disable checks down into the sort routine. 2015-10-23 15:23:01 -07:00
James Phillips 59b710894d Adds tests for HTTP interface. Removes a stray mark. 2015-10-23 15:23:01 -07:00
James Phillips 033e8e6625 Adds sort of DCs in catalog queries based on RTT. Cleans up.
* Makes the catalog endpoint respect disabling coordinates for all
  RTT-sorting query types.
2015-10-23 15:23:01 -07:00
James Phillips b63909cf67 Adds coordinate sorting support to catalog queries for nodes and service nodes. 2015-10-23 15:23:01 -07:00
James Phillips 9ba9a708f6 Scales coordinate sends to hit a fixed aggregate rate across the cluster. 2015-10-23 15:23:01 -07:00
James Phillips d8b8a3719f Simplifies the batching function and adds some comments. 2015-10-23 15:23:01 -07:00
James Phillips a93a1a68b6 Adds snapshot save and restore of coordinates. 2015-10-23 15:23:01 -07:00
James Phillips f71c79c53f Does some small cleanups based on PR feedback.
* Holds coordinate updates in map and gets rid of the update channel.
* Cleans up config variables a bit.
2015-10-23 15:23:01 -07:00
James Phillips 1222772452 Hardens Consul from bad coordinates from other nodes. 2015-10-23 15:23:01 -07:00
James Phillips e02ae7b6b4 Takes the node name out of the coordinate get call. 2015-10-23 15:23:01 -07:00
James Phillips acb0dce829 Moves batching down into the state store and changes it to fail-fast.
* A batch of updates is done all in a single transaction.
* We no longer need to get an update to kick things, there's a periodic flush.
* If incoming updates overwhelm the configured flush rate they will be dumped with an error.
2015-10-23 15:23:01 -07:00
James Phillips b6c31bdf2f Flips the sense of the coordinate enable option. 2015-10-23 15:23:01 -07:00
James Phillips 9c069c5031 Removes one more WAN leftover. 2015-10-23 15:23:01 -07:00
James Phillips edb9a119e2 Does a clean up pass on the Consul side. 2015-10-23 15:23:01 -07:00
James Phillips ac4185b888 Merges config changes after rebase. 2015-10-23 15:23:01 -07:00
Derek Chiang b805215237 Address comments 2015-10-23 15:23:01 -07:00
Derek Chiang 7d70d8b1d7 Add test for the GetWAN endpoint 2015-10-23 15:23:01 -07:00
Derek Chiang e03a9d4c38 Add an endpoint for getting WAN coordinates 2015-10-23 15:23:01 -07:00
Derek Chiang 213f5a15e6 Fix tests 2015-10-23 15:23:01 -07:00
Derek Chiang eb599a1745 Address comments 2015-10-23 15:23:01 -07:00
Derek Chiang 66d5a129bf Add state store tests 2015-10-23 15:23:01 -07:00
Derek Chiang 88550714ca Add more tests 2015-10-23 15:23:01 -07:00
Derek Chiang 139c9240ea Address comments 2015-10-23 15:23:01 -07:00
Derek Chiang 23c08aeeb4 Use IndexedCoordinate instead 2015-10-23 15:23:01 -07:00
Derek Chiang 979c0c6c9e Improve a test 2015-10-23 15:23:01 -07:00
Derek Chiang b2cff43bb5 Complete logic for sending coordinates 2015-10-23 15:23:01 -07:00
Derek Chiang 019da1dae4 Fix tests 2015-10-23 15:23:01 -07:00
Derek Chiang 66b210afcb Some fixes 2015-10-23 15:23:01 -07:00
Derek Chiang def0a2f5ab Change GET API a little bit 2015-10-23 15:23:01 -07:00
Derek Chiang b5bbe2bcfa Adding tests and stuff 2015-10-23 15:23:01 -07:00
Derek Chiang e54c8f2ea0 Start adding stuff 2015-10-23 15:23:01 -07:00
James Phillips aae298a179 Cleans up a little whitespace with go fmt. 2015-10-20 18:41:05 -07:00
James Phillips 54535d45d7 Gets rid of error prefixing in leader.go. 2015-10-20 13:37:11 -07:00
James Phillips eb93d1d9ad Puts all restore operations into a single transaction and optimizes watches. 2015-10-19 23:06:59 -07:00
James Phillips 96c5c9de2b Gets rid of unique constraint on sessions index in session_checks. 2015-10-19 17:41:50 -07:00
James Phillips 3e93055cef Switches sessions over to UUIDFieldIndex. 2015-10-19 17:09:02 -07:00
James Phillips d905804514 Adds a special case for fill KVS listings to avoid a tombstone scan. 2015-10-19 16:22:27 -07:00
James Phillips 22a46f7bf5 Makes the iterator naming more consistent. 2015-10-19 15:51:11 -07:00
James Phillips 9a2fdff4c4 Converts sessions and ACLs over to iterators. 2015-10-19 14:56:22 -07:00
James Phillips d459d94b3f Converts KVS snapshot over to iterator. 2015-10-19 14:07:57 -07:00
James Phillips 498c4a989a Converts nodes, services, checks to iterators duing dumps; fixes tag drift bug.
Realized that the conversions ServiceNode <-> NodeService were incomplete in a
few places so centralized those and added some tests.
2015-10-19 13:55:35 -07:00
James Phillips 8ee52e9850 Gets rid of non-idomatic "state_store" alias in FSM. 2015-10-16 14:07:48 -07:00
James Phillips adef4894df Ports a couple of new RPC calls to the updated codec mechanism. 2015-10-15 15:09:13 -07:00
James Phillips 268255dcbe Runs go fmt after latest changes. 2015-10-15 14:59:09 -07:00
James Phillips e982f976eb Adds unit tests for new structs clone functions. 2015-10-15 14:59:09 -07:00
James Phillips 46be9fa2cf Adds benchmarks back in to the state store. 2015-10-15 14:59:09 -07:00
James Phillips 6db1a8624d Removes a todo that's no longer needed. 2015-10-15 14:59:09 -07:00
James Phillips 82f275d126 Adds unit tests for the graveyard. 2015-10-15 14:59:09 -07:00
James Phillips e285af5d1c Does some go fmt after latest round of changes. 2015-10-15 14:59:09 -07:00
James Phillips 409fd57e4a Adds a delay test. 2015-10-15 14:59:09 -07:00
James Phillips 73ad5f0695 Adds watch unit tests and does some related watch cleanup. 2015-10-15 14:59:09 -07:00
James Phillips 9fce4aaf35 Adds tests for GC. 2015-10-15 14:59:09 -07:00
James Phillips ca220c9717 Adds clone for service nodes so we don't twiddle the database's object. 2015-10-15 14:59:09 -07:00
James Phillips 25d7746f38 Fixes remaining non-KV index calclulations and adds a general getWatchTables thing. 2015-10-15 14:59:09 -07:00
James Phillips 32e2439f93 Fixes index management for KVS. 2015-10-15 14:59:09 -07:00
James Phillips 37da1faaf2 Makes session invalidate loops use a separate slice to protect the iterator. 2015-10-15 14:59:09 -07:00
James Phillips 8504646900 Makes all delete loops use a separate slice to protect the iterator. 2015-10-15 14:59:09 -07:00
James Phillips 768f6fd8db Cleans up some go vet warnings. 2015-10-15 14:59:09 -07:00
James Phillips 495b276e44 Gets rid of todo that we discussed is ok. 2015-10-15 14:59:09 -07:00
James Phillips 3fedffbffb Gets rid of the transitional "New" suffix on state store and RPC. 2015-10-15 14:59:09 -07:00
James Phillips 263c7e3fd3 Deletes the old state store and all its accoutrements. 2015-10-15 14:59:09 -07:00
James Phillips 3f07f0685f Nukes old state store's connection to FSM and RPC. 2015-10-15 14:59:09 -07:00
James Phillips 450886246d Integrates session TTL tests with new state store. 2015-10-15 14:59:09 -07:00
James Phillips a15c24f771 Integrates new state store into internal endpoint. 2015-10-15 14:59:09 -07:00
James Phillips 76bdeadefb Abstracts the table names away from the RPC call sites. 2015-10-15 14:59:09 -07:00
James Phillips 7a8e5b2866 Integrates new state store into session endpoint; returns table index always. 2015-10-15 14:59:09 -07:00
James Phillips 1463e6100a Integrates new state store into leader and catalog/health endpoints. 2015-10-15 14:59:09 -07:00
James Phillips 6203c1e585 Integrates KVS endopint with new state store (changes KVSList to match old behavior). 2015-10-15 14:59:09 -07:00
James Phillips 837d8994b4 Cuts FSM unit tests over to new state store. 2015-10-15 14:59:09 -07:00
James Phillips 92e48b87bf Adds twiddling of the real state store in snapshot tests. 2015-10-15 14:59:09 -07:00
James Phillips 87ff8d031c Ports over session invalidation tests (and fixes some bugs). 2015-10-15 14:59:09 -07:00
James Phillips 8072138c9a Adds a note about updating sessions after they are created. 2015-10-15 14:59:09 -07:00
James Phillips a09571133c Beefs up node and service watch tests for multi-table triggers. 2015-10-15 14:59:09 -07:00
James Phillips ae21a33aca Adds session snapshot/restore and basic watch tests (and fixes some bugs). 2015-10-15 14:59:09 -07:00
James Phillips 1725063067 Adds tombstone tests and gets rid of unused logger. 2015-10-15 14:59:09 -07:00
James Phillips 391c04de90 Makes sure we don't create a full table watch for tombstones. 2015-10-15 14:59:09 -07:00
James Phillips 4be951571e Adds snapshot/restore and watch tests for KVS. 2015-10-15 14:59:09 -07:00
James Phillips 9bfe2c32f6 Allows lock holder to re-lock and set a KV, adds tests for corner cases around sessions. 2015-10-15 14:59:09 -07:00
James Phillips 1088145060 Adds kvs lock/unlock tests. 2015-10-15 14:59:09 -07:00
James Phillips 2c0ba7e44b Adds snap and watch tests for nodes, services, and checks. 2015-10-15 14:59:09 -07:00
James Phillips f7fca62dcd Adds node snap and watch tests as well as a general watch test. 2015-10-15 14:59:09 -07:00
James Phillips e25fb6c5ed De-generalizes graveyard since that ended up as a YAGNI (only useful for KV). 2015-10-15 14:59:09 -07:00
James Phillips e7de7a2b8c Cleans up unit tests for consistency. 2015-10-15 14:59:09 -07:00
James Phillips 1bf432d5af Adds ensure registration unit test (and fixes bugs). 2015-10-15 14:59:09 -07:00
James Phillips e5773635e7 Adds reap tombstone test (and fixes bugs). 2015-10-15 14:59:09 -07:00
James Phillips 8a39581ae0 Adds ACL snapshot/restore test. 2015-10-15 14:59:09 -07:00
James Phillips 2dae65a6ec Adds a watch tester helper that helps cut the cruft. 2015-10-15 14:59:09 -07:00
James Phillips 04b365495d Completes state store for KV, sessions, tombstones, and nodes/services/checks (needs tests and integration). 2015-10-15 14:59:09 -07:00
James Phillips edae626f36 Integrates new state store for ACLs. 2015-10-15 14:59:09 -07:00
James Phillips cbcd977a39 Gets new structs changes to compile, adds some corner case handling and extra unit tests. 2015-10-15 14:59:09 -07:00
Ryan Uber 4cf5f6223e consul/state: list acls 2015-10-15 14:59:09 -07:00
Ryan Uber 69b0ee0e5a consul/state: implement acl delete 2015-10-15 14:59:09 -07:00
Ryan Uber 6e7c3e3579 consul/state: basic acl set/get/delete 2015-10-15 14:59:09 -07:00
Ryan Uber e30c3cdea8 consul/state: basic session destroy works 2015-10-15 14:59:09 -07:00
Ryan Uber 747527fef5 consul/state: more tests 2015-10-15 14:59:09 -07:00
Ryan Uber d0e349b190 consul/state: refactor some tests 2015-10-15 14:59:09 -07:00
Ryan Uber d5f3648846 consul/state: session lookup by node id works 2015-10-15 14:59:09 -07:00
Ryan Uber 82fa9347e1 consul/state: add session list method 2015-10-15 14:59:09 -07:00
Ryan Uber 0d0b3c91ef consul/state: adding session registration 2015-10-15 14:59:09 -07:00
Ryan Uber a613f65e41 consul/state: adding tree delete for kvs store 2015-10-15 14:59:09 -07:00
Ryan Uber 66a211a70e consul/state: list keys from the kv with a prefix/separator 2015-10-15 14:59:09 -07:00
Ryan Uber 0171c2ba3d consul/state: fix for maxIndex and better tests 2015-10-15 14:59:09 -07:00
Ryan Uber b0ae1c0967 consul/state: add CAS method for kv set 2015-10-15 14:59:09 -07:00
Ryan Uber dc997beef3 consul/state: initial pass at CAS delete operation for kvs 2015-10-15 14:59:09 -07:00
Ryan Uber 57c36c274b consul/state: adding KVSList for listing a given prefix 2015-10-15 14:59:09 -07:00
Ryan Uber 9b4f8cd800 consul/state: adding shallow delete for kvs store 2015-10-15 14:59:09 -07:00
Ryan Uber b2dc11fed4 consul/state: basic k/v operations 2015-10-15 14:59:09 -07:00
Ryan Uber a511e8a42d consul/state: adding node dump methods 2015-10-15 14:59:09 -07:00
Ryan Uber 0df0b1674e consul/state: testing service registration update 2015-10-15 14:59:09 -07:00
Ryan Uber c3cd5051ba consul/state: fetch node/check sets by service ID 2015-10-15 14:59:09 -07:00
Ryan Uber d88ef90479 consul/state: filter checks by state 2015-10-15 14:59:09 -07:00
Ryan Uber 2249bec117 consul/state: support check lookups by service name 2015-10-15 14:59:09 -07:00
Ryan Uber 9fe029abc3 consul/state: return highest index for queries with compound results 2015-10-15 14:59:09 -07:00
Ryan Uber e6a9db17d7 consul/state: cleanup 2015-10-15 14:59:09 -07:00
Ryan Uber e114b5040f consul/state: better tests for index table updates 2015-10-15 14:59:09 -07:00
Ryan Uber c3ad758e0e consul/state: test helpers 2015-10-15 14:59:09 -07:00
Ryan Uber 5d63160bb6 consul/state: node checks are removed with their associated nodes 2015-10-15 14:59:09 -07:00
Ryan Uber 329c88d8b7 consul/state: services are removed with their associated nodes 2015-10-15 14:59:09 -07:00
Ryan Uber 5bb69db6b3 consul/state: remove checks during service deregistration 2015-10-15 14:59:09 -07:00
Ryan Uber db1bcdc863 consul/state: add check deletion method 2015-10-15 14:59:09 -07:00
Ryan Uber ee8a1dc5d2 consul/state: set index if we have an existing health check 2015-10-15 14:59:09 -07:00
Ryan Uber d6380e31cc consul/state: negative tests 2015-10-15 14:59:09 -07:00
Ryan Uber f9e8ca252c consul/state: basic health check retrieval works 2015-10-15 14:59:09 -07:00
Ryan Uber b6af94a8ff consul/state: persisting health checks works 2015-10-15 14:59:09 -07:00
Ryan Uber 0a000f63a3 consul/state: test for index modification during deletes 2015-10-15 14:59:09 -07:00
Ryan Uber 8ae69b6878 consul/state: add service delete functions 2015-10-15 14:59:09 -07:00
Ryan Uber 5a8d8b0362 consul/state: working on node deletion 2015-10-15 14:59:09 -07:00
Ryan Uber 766c367ef4 consul/state: add function for returning all nodes 2015-10-15 14:59:09 -07:00
Ryan Uber 8fea5f8dc5 consul/state: track highest index when querying services 2015-10-15 14:59:09 -07:00
Ryan Uber 08553f0fef consul/state: querying node services works 2015-10-15 14:59:09 -07:00
Ryan Uber 859ffe14e1 consul/state: read transactions don't block writes 2015-10-15 14:59:09 -07:00
Ryan Uber a5d5577cdd consul/state: more tests for EnsureNode/GetNode 2015-10-15 14:59:09 -07:00
Ryan Uber f0dd8b2923 consul/state: working on service registration storage 2015-10-15 14:59:09 -07:00
Ryan Uber 011e7584b4 consul/state: node registration and retrieval works 2015-10-15 14:59:09 -07:00
Ryan Uber 6778c8d3ff consul/state: start tests for schema 2015-10-15 14:59:09 -07:00
Ryan Uber f30437bade consul/state: round out schema 2015-10-15 14:59:09 -07:00
Ryan Uber f253c39cb1 consul/state: starting on new state store 2015-10-15 14:59:09 -07:00
Ryan Uber ae7cdfaf8d consul: comment msgpack handle 2015-10-15 14:57:29 -07:00
Ryan Uber cc7aa44459 consul: revert session endpoint test 2015-10-15 12:31:48 -07:00
Ryan Uber 33741f9156 consul: initial pass at refactoring RPC using net-rpc-msgpackrpc 2015-10-13 22:15:23 -07:00
Dale Wijnand c5168e1263 Fix a bunch of typos. 2015-09-15 13:22:08 +01:00
James Phillips b25797a808 Merge pull request #1187 from sfncook/enable_tag_drift_03
Enable tag drift 03
2015-09-11 15:35:32 -07:00
Anthony Scalisi 8d733b7fca remove various typos 2015-09-11 12:29:54 -07:00
Shawn Cook 99be758411 Rename EnableTagOverride and update formatting 2015-09-11 08:35:29 -07:00
Shawn Cook 2f04917261 Merge remote-tracking branch 'hashicorp/master' into enable_tag_drift_03 2015-09-10 14:55:30 -07:00
William Tisäter 4ce2af3bd4 Bind to loopback only as last resort 2015-09-02 12:24:44 +02:00
William Tisäter 1013f2f494 Don't try to bind on address from inactive interface 2015-09-02 12:24:36 +02:00
William Tisäter 4267814e5b Treat 127.0.0.0/8 and 169.254.0.0/16 as private network 2015-09-02 12:24:14 +02:00
James Phillips c0127e9932 Bumps protocol version back down as we've made memberlist smarter. 2015-08-31 11:16:34 -07:00
Shawn Cook d4ec6aa630 Update tests - NodeService init needs bool 2015-08-20 09:09:26 -07:00
Shawn Cook f6814c89ed EnableTagDrift in NodeService struct 2015-08-18 10:34:55 -07:00
Mac Browning 04eb37ffb6 consul: refactor GetPrivateIP for testability 2015-08-15 17:44:32 -04:00
James Phillips 8df55b6964 Changes to an unbuffered channel, since we just close it. 2015-08-13 11:38:02 -07:00
James Phillips 1c6414e806 Cleans up locking and factors markForUse into a Conn method. 2015-08-13 10:01:05 -07:00
James Phillips 18711b40b8 Gets rid of follow up attempts if the lead thread can't connect. 2015-08-12 20:14:48 -07:00
James Phillips 7d9db86b03 Adds missing ref count for the race condition case. 2015-08-12 19:26:01 -07:00
James Phillips 0efc49b510 Fixes #1165 by having threads wait for any outstanding connect to finish. 2015-08-12 18:48:15 -07:00
Ryan Uber 36bddeca25 consul: filter services by ACL when using ChecksInState. 2015-07-27 16:57:56 -07:00
Ryan Uber 6d38027689 Merge pull request #1090 from hashicorp/f-keyring-acl
Keyring ACLs
2015-07-24 10:23:18 -07:00
Armon Dadgar f1a83a8954 Merge pull request #1119 from trumant/multiple_private_IPs
Fixes #1099 by raising an error when we multiple private IPs are found
2015-07-22 17:32:00 -07:00
Travis Truman e18a93ed54 Fixes #1099 by raising an error when we multiple private IPs are found 2015-07-16 22:25:02 -04:00
Ryan Uber 6d27334ee1 consul: fixes for events and related tests 2015-07-14 11:38:26 -07:00
Ryan Uber 4ef6545583 acl: initial pass at keyring ACLs 2015-07-06 18:28:09 -06:00
Armon Dadgar fd2bead478 consul: fixing test using wrong FSM 2015-07-06 14:33:58 -06:00
Ryan Uber 503fa1eed1 Merge pull request #1046 from hashicorp/f-event-acl
Event ACLs
2015-07-02 07:02:07 -07:00
Ryan Uber d2eac37579 agent: remove unnecessary EventFire function 2015-07-02 06:56:27 -07:00
Tiru Srikantha f1932e5e46 Add RFC 6598 private IP range
Fixes #1031 by adding 100.64.0.0/10 as a private IP range.
2015-06-19 12:20:30 -07:00
Ryan Uber e6923a4832 consul: always fire events from server nodes 2015-06-18 18:13:29 -07:00
Ryan Uber 6e9adae494 consul: use acl cache struct in server 2015-06-18 18:13:29 -07:00
Ryan Uber e04a23801e consul: split ACL cache into a reusable struct 2015-06-18 18:13:29 -07:00
Ryan Uber d84fa3c98d consul: check ACLs when firing events 2015-06-18 18:13:29 -07:00
Ryan Uber d600fad4e7 consul: fast path a typed nil during ACL filtering 2015-06-12 16:46:15 -07:00
Ryan Uber 2b1a19a906 consul: fail badly if an unsupported type is passed to the ACL filter 2015-06-11 17:06:35 -07:00
Ryan Uber 593b4b3dd6 consul: fix log message 2015-06-11 15:00:26 -07:00
Ryan Uber 63a2737cac consul: testing acl filters in isolation 2015-06-11 14:14:43 -07:00
Ryan Uber e413b0e7c7 consul: better tests for acl filtering 2015-06-11 13:23:49 -07:00
Ryan Uber 5aeb8202d6 consul: testing internal endpoint acl filtering 2015-06-11 13:05:33 -07:00
Ryan Uber aa87f2b73c consul: rename function to avoid collision and clean up 2015-06-11 13:04:47 -07:00
Ryan Uber 1ff496d6dd consul: break acl filtering into a separate struct 2015-06-11 12:08:21 -07:00
Ryan Uber 404d4d653c consul: testing health endpoint service acl filtering 2015-06-11 09:39:35 -07:00
Ryan Uber 1e2751511d consul: testing catalog endpoint acl filtering 2015-06-10 22:14:58 -07:00
Ryan Uber c8629de127 consul: begin testing discovery ACLs 2015-06-10 19:25:58 -07:00
Ryan Uber 4f9161f485 consul: use anonymous function for acl filtering 2015-06-10 18:43:48 -07:00
Ryan Uber b115047919 consul: filter internal endpoints for acls 2015-06-10 18:40:40 -07:00
Ryan Uber 4f3e661b8c acl: initial pass at service discovery acls 2015-06-10 18:40:09 -07:00
James Phillips 7b8aae37cb Bumps protocol version to 3 to get serf version 5. 2015-06-02 17:50:35 -07:00
Sam Boyer bdc5983463 Condense switch fallthroughs into expr lists 2015-05-26 21:30:14 -04:00
Armon Dadgar f91069f9d5 consul: adding StopWatch test 2015-05-14 18:32:19 -07:00
Armon Dadgar 2c9592c5ee consul: lower default query time and add small stagger 2015-05-14 17:59:43 -07:00
Armon Dadgar e5c8fce96a consul: adding randomStagger util method 2015-05-14 17:59:11 -07:00
Armon Dadgar 23a1df1548 consul: proactively clear timers 2015-05-14 17:42:47 -07:00
Armon Dadgar 2bc43844bc consul: ensure blocking query cleans any lingering state 2015-05-14 17:38:42 -07:00
Armon Dadgar 6f433c9ad8 consul: Adding methods to stop watching for changes 2015-05-14 17:33:02 -07:00
Armon Dadgar abbf4456f2 consul: adding Clear to NotifyGroup 2015-05-14 17:30:30 -07:00
Armon Dadgar 430100a0c8 Merge pull request #927 from hashicorp/f-tls
Add new `verify_server_hostname` to mitigate possibility of MITM
2015-05-11 18:15:16 -07:00
Armon Dadgar f797130228 Fixing merge conflict 2015-05-11 16:48:10 -07:00
Armon Dadgar 9642384429 consul: support the new TLS wrapper 2015-05-11 15:15:36 -07:00
Armon Dadgar 3bf337a6ac consul: thread the target DC through the RPC path 2015-05-11 13:09:19 -07:00
Armon Dadgar a1de4b17c2 consul: use tlsutil.Wrapper instead of tls.Config directly 2015-05-11 13:09:19 -07:00
Armon Dadgar 2ca41b15df consul: updating for Raft API changes 2015-05-08 11:35:52 -07:00
Armon Dadgar 2d2fc71e0d consul: more telemetry on RPCs and queries 2015-05-07 17:25:12 -07:00
Armon Dadgar e474e34528 Merge pull request #909 from hashicorp/f-create
Support ACL upsert behavior
2015-05-06 11:22:11 -07:00
Armon Dadgar 9b9c737a82 consul: Adding flag to support future incompatible commands. Future self will thank me. 2015-05-05 19:44:21 -07:00
Armon Dadgar f86e7d13d5 consul: ACL.Apply allows upserting with custom ID 2015-05-05 19:19:45 -07:00
Armon Dadgar cbc29d1cde consul: fixing overly redundant logging 2015-05-05 13:00:47 -07:00
Armon Dadgar efaed93b91 Merge pull request #816 from pepov/master
Support different advertise address for WAN gossip
2015-05-04 15:40:25 -07:00
Ryan Mills 2bd5bf04bd Remove 'unknown' as one of the valid states when setting the initial state of a check. 2015-04-13 20:46:01 +00:00
Ryan Mills 370853d7ff Allow specifying a status field in the agent/service/register and agent/check/register endpoints.
This status must be one of the valid check statuses: 'passing', 'warning', 'critical', 'unknown'.
If the status field is not present or the empty string, the default of 'critical' is used.
2015-04-12 02:00:31 +00:00
Ryan Uber 8ebee678cc Merge pull request #857 from hashicorp/f-boltdb
Raft uses BoltDB
2015-04-10 18:30:07 -07:00
Armon Dadgar 32f3d17931 consul: do not clear connection cache on RPC errors 2015-04-07 14:17:20 -07:00
pepov 8abcf3d541 add test using separate advertise addresses for wan and for lan 2015-03-28 16:08:19 +01:00
Michael Fraenkel c00c4ebaaa Support SesionTTLMin configuration
- Allow setting SessionTTLMin
- Validate on the Server
2015-03-27 05:13:57 -07:00
Ryan Uber 41aa5aeb09 consul: swap over to raft-boltdb 2015-03-26 20:01:52 -07:00
Ryan Uber 275d99e1dc consul: allow returning custom error for merge delegate 2015-02-22 18:24:10 -08:00
Ryan Breen 53afd77e2d s/data center/datacenter/g 2015-02-19 17:45:47 -05:00
Armon Dadgar f3fd072418 Revert "* use defer to avoid tracking lock"
This reverts commit a030abdefc54470394a2a44008e02f3b3d0510ec.
This commit causes a connection to be leaked if there is a race with
another concurrent RPC.
2015-02-16 14:04:47 -08:00
Emil Hessman 70a6cdac6d consul: clean up TempDirs in FSM tests 2015-01-26 08:34:23 +01:00
Armon Dadgar 7e27d923be Merge pull request #621 from hashicorp/f-leave
Changing interaction between Leave and RemovePeers
2015-01-21 16:28:19 -08:00
Ryan Uber 27de0adf3b agent: support multiple checks per service 2015-01-20 21:48:42 -08:00
Armon Dadgar 280a1c9c12 consul: Testing leave as leader and non-leader 2015-01-20 16:30:56 -08:00
Armon Dadgar a695909a85 consul: Wait for RemovePeer in Leave as a follower 2015-01-20 16:19:54 -08:00
Armon Dadgar aec0dedd01 consul: remove ourself from raft peer set if we are the leader 2015-01-20 16:19:29 -08:00
Armon Dadgar ea7a0134c8 consul: Do not remove ourself as raft peer in Serf event handler 2015-01-20 16:13:54 -08:00
Armon Dadgar 133cf457a3 consul: Use new LogCache to improve write throughput 2015-01-14 15:49:58 -08:00
Armon Dadgar 1956c07034 consul: Fixing potential issue with blocking queries for {Session,ACL}.Get 2015-01-13 12:02:30 -08:00
Armon Dadgar 9a43063778 consul: Fixing blocking query returning old result 2015-01-13 11:51:24 -08:00
Ryan Uber f3fad2180c consul: fix server left test 2015-01-09 19:10:17 -08:00
Ryan Uber 084643abee consul: improve test reliability for session ttls 2015-01-09 17:18:11 -08:00
Armon Dadgar 2408aa741d consul: Testing KVSDeleteCAS in FSM 2015-01-08 17:26:12 -08:00
Armon Dadgar e735c881a0 consul: Test the KVSDeleteCheckAndSet method 2015-01-08 17:24:36 -08:00
Armon Dadgar d680696afe consul: Expose the KVSDeleteCAS operation in FSM 2015-01-08 17:08:44 -08:00
Armon Dadgar 781aeb84d5 consul: Implement KVSDeleteCheckAndSet 2015-01-08 17:08:32 -08:00
Armon Dadgar fbc77b7501 consul: Adding KVSDeleteCAS operation type 2015-01-08 17:08:17 -08:00
Armon Dadgar 2cd89e60ed consul: Do not override the node address 2015-01-08 10:57:15 -08:00
Armon Dadgar 957fa1f5ec consul: Fixing merge conflict 2015-01-08 10:42:19 -08:00
Armon Dadgar 2c9dac682a consul: Remove cruft from KV watching 2015-01-07 18:10:18 -08:00
Armon Dadgar 5b972294f8 consul: Enforce lock-delay with delete behavior 2015-01-07 15:48:27 -08:00
Ryan Uber 5fe18b5093 Ignore vim swap files 2015-01-07 15:21:01 -08:00
Ryan Uber 7ecd015fc0 command: check LastIndex is not zero while waiting for leader 2015-01-07 15:18:00 -08:00
Armon Dadgar a66a765ca9 consul: Adding merge delegate to prevent mixing clusters 2015-01-06 15:48:46 -08:00
Armon Dadgar e971e8f456 consul: Test WatchKV 2015-01-05 17:08:01 -08:00
Armon Dadgar b61043de5d consul: Adding test for KVS.List blocking query 2015-01-05 16:57:48 -08:00
Armon Dadgar 48d97879c8 consul: Remove dead code 2015-01-05 16:42:30 -08:00
Armon Dadgar 0ea4f3d846 consul: Optimize KV watching 2015-01-05 16:41:57 -08:00
Armon Dadgar 7a63f822a3 consul: First pass to reduce KV watch cost 2015-01-05 16:18:27 -08:00
Armon Dadgar 8eaee53661 consul: Adding more useful metrics 2015-01-05 15:13:39 -08:00
Armon Dadgar 5ad16ca00f consul: Fixing the KVS tests 2015-01-05 15:06:53 -08:00
Armon Dadgar 200b348f69 consul: Disable tombstones as follower 2015-01-05 14:58:59 -08:00
Armon Dadgar 4f6f5ae6f0 consul: Improve log message 2015-01-05 14:43:56 -08:00
Armon Dadgar bf40a2ac1f consul: Reverting some index compute logic 2015-01-05 14:43:56 -08:00
Armon Dadgar 7a4b532564 consul: List Keys should handle tombstones 2015-01-05 14:43:56 -08:00
Armon Dadgar b70dac1a62 consul: Ensure KVS List handles tombstones 2015-01-05 14:43:56 -08:00
Armon Dadgar a350ec9379 consul: Mesure time for reapTombstones 2015-01-05 14:43:56 -08:00
Armon Dadgar e2bfaa11a2 consul: Testing leader issue of reap command 2015-01-05 14:43:56 -08:00
Armon Dadgar b1fefa6d90 consul: Test FSM Reap operations 2015-01-05 14:43:56 -08:00
Armon Dadgar 7736e701ca consul: Test FSM restore of tombstones 2015-01-05 14:43:56 -08:00
Armon Dadgar 91f8ff41eb consul: Testing tombstone snapshot 2015-01-05 14:43:55 -08:00
Armon Dadgar 41886c6af5 consul: Testing tombstone reaping 2015-01-05 14:43:55 -08:00
Armon Dadgar bba573dfbc consul: Test tombstone creation 2015-01-05 14:43:55 -08:00
Armon Dadgar f9d322f346 consul: Persist tombstones 2015-01-05 14:43:55 -08:00
Armon Dadgar 9152fae109 consul: First pass at tombstone reaping 2015-01-05 14:43:55 -08:00
Armon Dadgar 0c9cbdb3d1 consul: TombstoneReapRequestType -> TombstoneRequestType 2015-01-05 14:43:55 -08:00
Armon Dadgar 8681d913ba consul: Generate a raft operation to reap tombstones 2015-01-05 14:43:55 -08:00
Armon Dadgar 02e984e4c4 consul: Adding new request to reap tombstones 2015-01-05 14:43:55 -08:00
Armon Dadgar 9f30ffbf9a consul: Leader should reset the tombstone GC clock 2015-01-05 14:43:55 -08:00
Armon Dadgar fb8f7fd929 consul: Adding PendingExpiration 2015-01-05 14:43:55 -08:00
Armon Dadgar 71c2c1468d consul: Thread Tombstone GC through 2015-01-05 14:43:55 -08:00
Armon Dadgar ae69cbca7b consul: Fixing accidental commit of transaction 2015-01-05 14:43:54 -08:00
Armon Dadgar 4da4e322a3 consul: Fixing tombstone creation and hinting of GC 2015-01-05 14:43:54 -08:00
Armon Dadgar 1a9431847b consul: Adding GetTxnLimit to MDBTable 2015-01-05 14:43:54 -08:00
Armon Dadgar 2724061351 consul: Support reset of tombstone GC 2015-01-05 14:43:54 -08:00
Armon Dadgar 4430f4592d consul: Adding TombstoneGC to track TTLs 2015-01-05 14:43:54 -08:00
Armon Dadgar 3e2bd0db2c consul: Rename TombstoneGC to TombstoneTTL 2015-01-05 14:43:54 -08:00
Armon Dadgar 68caf9046c consul: Create tombstones before key deletes 2015-01-05 14:43:54 -08:00
Armon Dadgar d5369098ba consul: Adding TombstoneGC config 2015-01-05 14:43:54 -08:00
Daniel Malon e56b3861dc advertise specific address for a service
Enable setting a specific address in a service definition for advertise. If no specific address is given it will fallback to the node address and reassemble the old behaviour.
2015-01-02 21:10:05 +00:00
Armon Dadgar 6b9ace19cf consul: Collect useful session metrics 2015-01-02 22:46:51 +05:30
Armon Dadgar d8c65aabee consul: Minor cleanup 2014-12-12 22:17:41 -08:00
Armon Dadgar c0d3798154 consul: Test Session.Apply updates session timers 2014-12-12 21:54:29 -08:00
Armon Dadgar 4d0903f781 consul: Adding more tests for session TTLs 2014-12-12 21:42:59 -08:00
Armon Dadgar 5b6ce2ca4a consul: Setup ACLs and timers after initial barrier 2014-12-12 21:42:24 -08:00
Armon Dadgar f25566931f consul: Make sessionTimersLock a plain mutex 2014-12-12 19:17:35 -08:00
Armon Dadgar 9b897d1134 consul: Ignore zero ttl on session 2014-12-12 19:17:04 -08:00
Armon Dadgar 990ad02f83 consul: Minor cleanups 2014-12-12 15:43:34 -08:00
Armon Dadgar 8dbfe7c9a8 Merge pull request #524 from amalaviy/session_ttl
Consul Session TTLs
2014-12-12 14:42:25 -08:00
Atin Malaviya 073020f6be Add invalidateSession test 2014-12-11 06:09:53 -05:00
Atin Malaviya 5a76929ba4 Fixed clearSessionTimer, created invalidateSession, added invalid TTL test 2014-12-11 05:34:31 -05:00
Atin Malaviya 7ece29c3e0 Took out usage of snapshot SessionListTTL 2014-12-10 21:37:06 -05:00
Atin Malaviya 2de09dc2e7 Took out StateSnapshot SessionListTTL also 2014-12-10 20:53:05 -05:00
Atin Malaviya 8369b77204 Clean up code based on feedback from armon 2014-12-10 20:49:06 -05:00
Atin Malaviya a1afc07f54 Added more tests 2014-12-10 16:43:15 -05:00
Atin Malaviya c992c18ef0 Added more tests. Also added return of 404 if the session id to renew is not found 2014-12-10 10:02:23 -05:00
Atin Malaviya b623af776b Consul Session TTLs
The design of the session TTLs is based on the Google Chubby approach
(http://research.google.com/archive/chubby-osdi06.pdf). The Session
struct has an additional TTL field now. This attaches an implicit
heartbeat based failure detector. Tracking of heartbeats is done by
the current leader and not persisted via the Raft log. The implication
of this is during a leader failover, we do not retain the last
heartbeat times.

Similar to Chubby, the TTL represents a lower-bound. Consul promises
not to terminate a session before the TTL has expired, but is allowed
to extend the expiration past it. This enables us to reset the TTL on
a leader failover. The TTL is also extended when the client does a
heartbeat. Like Chubby, this means a TTL is extended on creation,
heartbeat or failover.

Additionally, because we must account for time requests are in transit
and the relative rates of clocks on the clients and servers, Consul
will take the conservative approach of internally multiplying the TTL
by 2x. This helps to compensate for network latency and clock skew
without violating the contract.

Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-12-07 12:38:22 -05:00
Ali Abbas a542df954f cleanup and simplify 2014-12-06 13:08:35 +01:00
Ali Abbas 40979b1159 * use defer to avoid tracking lock
* simplify control flow
2014-12-06 12:32:18 +01:00
Chavez 5f4281f98f consul: Server leave test fix 2014-12-05 11:22:54 -08:00
Chavez c6b3cae106 consul: Fix failing globalRPC test 2014-12-05 10:36:37 -08:00
Veres Lajos 850d5bdc32 typofixes - https://github.com/vlajos/misspell_fixer 2014-12-04 23:25:06 +00:00
Armon Dadgar 402d580863 consul: Check that ACL also allows registration 2014-11-30 21:10:42 -07:00
Armon Dadgar d74f79b3fa consul: Enforce service registration ACLs 2014-11-30 21:05:15 -07:00
Ali Abbas 818fc22c9f * Fix race condition on read/write of shutdown bool variable of server and connection pool.
* In connection pool, there is no guarantee that .reap() cannot execute the same time as .Shutdown() is called. It also did not benefit to eval shutdown when a select is run on the shutdown channel.
* In server, same principle applies to handleConsulConn. Since we also have a shutdown channel, it makes more to use this than to loop on a bool variable.
2014-11-26 10:39:25 +01:00
Ali Abbas 73504a01e9 cleanup unreachable code 2014-11-25 19:54:30 +01:00
Atin Malaviya d7e09d57ba Set empty Behavior setting into SessionKeysRelease and flag error for unrecognized values 2014-11-20 19:16:07 -05:00
Atin Malaviya 3aabda02b3 Clean up tests, use switch to default session.Behavior value if unspecified, unrecognized 2014-11-20 14:29:18 -05:00
Atin Malaviya aa0cecd04e Ephemeral Nodes for via Session behavior settings.
Added a "delete" behavior for session invalidation, in addition to
the default "release" behavior. On session invalidation, the sessions
Behavior field is checked and if it is set to "delete", all nodes owned
by the session are deleted. If it is "release", then just the locks
are released as default.
2014-11-20 11:34:45 -05:00
Ryan Uber 4cd89a9113 Rebase against upstream 2014-11-19 16:45:49 -08:00
Ryan Uber 3b2ab70c4d consul: clean up comments, fix globalRPC tests 2014-11-19 16:37:40 -08:00
Ryan Uber 4a8249db00 consul: fix obscure bug when launching goroutines from for loop 2014-11-19 16:37:40 -08:00
Ryan Uber 2661bbfa27 consul: more tests, remove unused KeyManager() method 2014-11-19 16:37:40 -08:00
Ryan Uber fcacee723b consul: simplify keyring operations 2014-11-19 16:36:19 -08:00
Ryan Uber 66ad81ef13 consul: add test for internal keyring rpc endpoint 2014-11-19 16:36:19 -08:00
Ryan Uber 344b63b9db consul: simplify keyring operations 2014-11-19 16:36:19 -08:00
Ryan Uber b3f251de9c command/keyring: clean up tests 2014-11-19 16:36:18 -08:00
Ryan Uber d02afd42fb agent: -encrypt appends to keyring if one exists 2014-11-19 16:36:01 -08:00
Ryan Uber 295f876923 command/agent: fix up gossip encryption indicator 2014-11-19 16:35:37 -08:00
Ryan Uber 7f85c708dc agent: squash some more common keyring semantics 2014-11-19 16:34:18 -08:00
Ryan Uber 4e8f53fa5d consul: detach executeKeyringOp() from *Internal 2014-11-19 16:34:18 -08:00
Ryan Uber db0084ccd0 consul: use keyring operation type to cut out duplicated logic 2014-11-19 16:34:18 -08:00
Ryan Uber 057c22db10 consul: generalize multi-DC RPC call broadcasts 2014-11-19 16:34:18 -08:00
Ryan Uber 001a579d47 command/keyring: cleanup 2014-11-19 16:34:18 -08:00
Ryan Uber cb795199d1 consul: test rpc errors returned from remote datacenters 2014-11-19 16:34:18 -08:00
Ryan Uber a1943afddc consul: make forwarding to multiple datacenters parallel 2014-11-19 16:34:18 -08:00
Ryan Uber d7edc1c51c consul: break rpc forwarding and response ingestion out of internal endpoints 2014-11-19 16:34:18 -08:00
Ryan Uber 1ec111bbfc consul: kill unused struct fields 2014-11-19 16:34:17 -08:00
Ryan Uber f6b5fc8c08 consul: cross-dc key rotation works 2014-11-19 16:34:17 -08:00
Ryan Uber f9b5b15a6b consul: use a function for ingesting responses 2014-11-19 16:34:17 -08:00
Ryan Uber 71e9715c54 consul: restructuring 2014-11-19 16:34:17 -08:00
Ryan Uber a551a6e4a0 consul: refactor keyring, repeat RPC calls to all DC's 2014-11-19 16:34:17 -08:00
Ryan Uber 2e92e19760 agent: refactor keyring loader 2014-11-19 16:31:06 -08:00
Ryan Uber 43a60f1424 command: basic rpc works for keys command 2014-11-19 16:30:21 -08:00
Ryan Uber 96376212ff consul: use rpc layer only for key management functions, add rpc commands 2014-11-19 16:30:21 -08:00
Ryan Uber 8a4ed84711 consul: first pass at keyring integration 2014-11-19 16:30:20 -08:00
Armon Dadgar dd41c69389 Merge pull request #478 from amalaviy/https
Added HTTPS support via a new HTTPS Port configuration option
2014-11-19 11:17:10 -08:00
Armon Dadgar bd1e03428c consul: Increase maximum number of parallel readers 2014-11-18 18:46:43 -08:00
Atin Malaviya 2bd0e8c745 consul.Config() helper to generate the tlsutil.Config{} struct, 30 second keepalive, use keepalive for HTTP and HTTPS 2014-11-18 17:56:48 -05:00
Atin Malaviya b4424a1a50 Moved TLS Config stuff to tlsutil package 2014-11-18 11:03:36 -05:00
Armon Dadgar 0540605110 consul: Fixing key list index calculation 2014-11-12 17:55:45 -08:00
Emil Hessman 0222ed9eb9 Fix missing arguments 2014-11-01 22:56:48 +01:00
Armon Dadgar af90aa8026 Gofmt 2014-10-20 10:21:31 -07:00
Armon Dadgar 3f36515544 Switching to the pinned version of msgpack 2014-10-17 18:26:19 -07:00
Armon Dadgar 34713fe970 Encode/Decode test 2014-10-17 18:23:13 -07:00
Armon Dadgar b04dc46c72 consul: Improving test reliability 2014-10-17 17:40:14 -07:00
Armon Dadgar a1d2f9a3da Merge pull request #401 from hashicorp/f-healthcheck
Default services to "critical" state instead of "unknown"
2014-10-15 16:50:38 -07:00
Armon Dadgar e571d532b2 consul: Fixing FSM path tests 2014-10-15 15:03:58 -07:00
Armon Dadgar 0ea385579a consul: Ensure FSM stores data in the data dir 2014-10-15 14:57:59 -07:00
Armon Dadgar 5571da4661 consul: FSM stores state in a given path only 2014-10-15 14:56:12 -07:00
Armon Dadgar 0d1559764d consul: Allow providing a path for the state store 2014-10-15 14:55:04 -07:00
Ryan Uber cc0f80a4aa consul/structs: keep HealthUnknown around for backward compatibility 2014-10-15 11:35:22 -07:00
Armon Dadgar 88b53702f1 consul: Reduce mmap size on 32bit 2014-10-15 11:32:40 -07:00
Ryan Uber ec63686416 consul: kill remaining use of HealthUnknown 2014-10-15 10:14:46 -07:00
Armon Dadgar a8a5905d21 consul: less aggressive deadlock timer. Fixes #389 2014-10-14 12:00:25 -07:00
Armon Dadgar 5c46544e7e consul: Improve variable name 2014-10-14 11:04:43 -07:00
Armon Dadgar e33b6683aa consul: Reap left members ignoring state. Fixes #371 2014-10-14 11:02:26 -07:00
Armon Dadgar 8afbab60cb consul: Log why invalidation happened. Fixes #390 2014-10-14 10:54:57 -07:00
Armon Dadgar b6c5d77cf8 consul: Fixing graceful leave of current leader. Fixes #360. 2014-10-13 22:14:43 -07:00
Armon Dadgar e51f9da84b consul: Deprecate ACLForceSet 2014-10-09 12:28:07 -07:00
Armon Dadgar 1177a9bf11 consul: Fix non-deterministic ACL IDs 2014-10-09 12:23:32 -07:00
Armon Dadgar a80478594a consul: Fix non-deterministic session IDs 2014-10-09 11:54:47 -07:00
Armon Dadgar daa32dd6f8 consul: don't close a nil connection 2014-10-02 10:26:25 -07:00
Armon Dadgar 99d39db982 agent: First pass at multi-DC support 2014-08-28 15:00:49 -07:00
Armon Dadgar 9eddff083a consul: Testing user events 2014-08-26 19:26:55 -07:00
Armon Dadgar 1227e77f6d consul: Adding user event name tests 2014-08-26 19:20:02 -07:00
Armon Dadgar 3a1d686444 consul: Adding user event handler for callbacks 2014-08-26 19:04:07 -07:00
Armon Dadgar b1cf52db01 consul: expose UserEvent from Serf 2014-08-26 18:50:03 -07:00
Armon Dadgar ce98b0abbd consul: Deny delete anonymous or update of root policies 2014-08-22 14:55:09 -07:00
Armon Dadgar 597cd12e97 consul: Ensure node/service/check registration is in a single txn 2014-08-22 12:38:33 -07:00
Armon Dadgar 54ed1ec834 consul: fixing a unit test 2014-08-22 12:34:31 -07:00
Armon Dadgar a078e4d6f4 consul: Refactor txn handling in state store 2014-08-22 12:27:12 -07:00
Armon Dadgar 1f845c995a consul: Ensure authoritative cache is purged after update 2014-08-18 15:46:59 -07:00
Armon Dadgar 6492f06a3e consul: Provide ETag to avoid expensive policy fetch 2014-08-18 15:46:59 -07:00
Armon Dadgar 7473bd2fc9 consul: ACL enforcement for KV updates 2014-08-18 15:46:24 -07:00
Armon Dadgar ea015710e9 consul: ACL enforcement for key reads 2014-08-18 15:46:24 -07:00
Armon Dadgar 7299ef1a82 consul: Filter keys, refactor to interface 2014-08-18 15:46:24 -07:00
Armon Dadgar d38fd8eb1d consul: Helpers to filter on ACL rules 2014-08-18 15:46:24 -07:00
Armon Dadgar 17ee7f5057 consul: Starting token enforcement 2014-08-18 15:46:23 -07:00
Armon Dadgar 5561148c8e consul: Prevent resolution of root policy 2014-08-18 15:46:23 -07:00
Armon Dadgar 8c5bb94c74 consul: Resolve parent ACLs 2014-08-18 15:46:23 -07:00
Armon Dadgar 8153537e86 consul: Support management tokens 2014-08-18 15:46:23 -07:00
Armon Dadgar 9e16caa497 consul: Adding some metrics for ACL usage 2014-08-18 15:46:23 -07:00
Armon Dadgar 5da5df716d consul: Create anonymous and master tokens 2014-08-18 15:46:22 -07:00
Armon Dadgar bbde4beefd consul: Testing down policies and multi-DC 2014-08-18 15:46:22 -07:00
Armon Dadgar 846cc66e6d consul: Testing ACL resolution 2014-08-18 15:46:22 -07:00
Armon Dadgar 61b80e912c consul: Use Etag for policy caching 2014-08-18 15:46:22 -07:00
Armon Dadgar db8f896c58 consul: Support conditional policy fetch 2014-08-18 15:46:22 -07:00
Armon Dadgar edcd69019c consul: Verify compilation of rules 2014-08-18 15:46:22 -07:00
Armon Dadgar 9a4778b7d3 consul: Enable ACL lookup 2014-08-18 15:46:22 -07:00
Armon Dadgar bd124a8da3 consul: Pulling in ACLs 2014-08-18 15:46:21 -07:00
Armon Dadgar 6f7bf36ee9 agent: ACL endpoint tests 2014-08-18 15:46:21 -07:00
Armon Dadgar bdf9516f96 consul: ACL Endpoint tests 2014-08-18 15:46:21 -07:00
Armon Dadgar ea31f37dd6 consul: Adding ACL endpoint 2014-08-18 15:46:21 -07:00
Armon Dadgar b41e36868e consul: register the ACL queries 2014-08-18 15:46:21 -07:00
Armon Dadgar 8a3a0faacf consul: FSM support for ACLsg 2014-08-18 15:46:21 -07:00
Armon Dadgar 101d7da90a consul: Adding ACLs to the state store 2014-08-18 15:46:21 -07:00
Armon Dadgar da52fda65f consul: ACL structs 2014-08-18 15:46:21 -07:00
Armon Dadgar ca6a8aef55 agent: Adding ACL master token 2014-08-18 15:46:20 -07:00
Armon Dadgar ebae394863 consul: ACL setting passthrough 2014-08-18 15:46:20 -07:00
William Tisäter 90816cca98 Run `go fmt` 2014-07-24 01:09:55 +02:00
William Tisäter 78a69b61a3 Don't override `ServiceTags` 2014-07-23 23:42:22 +02:00
William Tisäter 31037338a3 Change order of fixtures 2014-07-23 23:42:22 +02:00
William Tisäter 9dc67edf7f Make service tag filter case-insensitive 2014-07-23 23:42:22 +02:00
William Tisäter 2727c158a6 Make service index case-insensitive 2014-07-23 23:42:22 +02:00
William Tisäter ff93acda28 Lowercase index key and lookup value if flag is set 2014-07-23 23:42:22 +02:00
William Tisäter f7263e8e7a Add case-insensitive flag to `MDBIndex` 2014-07-23 23:42:21 +02:00
William Tisäter 75e631ee94 Add helper for lowercase list of strings 2014-07-23 23:42:21 +02:00
Armon Dadgar bf26a9160f consul: Defer serf handler until initialized. Fixes #254. 2014-07-22 09:36:58 -04:00
Armon Dadgar 020802f7a5 Merge pull request #233 from nelhage/tls-no-subjname
Restore the 0.2 TLS verification behavior.
2014-07-01 13:41:00 -07:00
Nelson Elhage 627b2e455f Add some basic smoke tests for wrapTLSclient.
Check the success case, and check that we reject a self-signed
certificate.
2014-06-29 18:11:32 -07:00
Nelson Elhage 0a2476b20e Restore the 0.2 TLS verification behavior.
Namely, don't check the DNS names in TLS certificates when connecting to
other servers.

As of golang 1.3, crypto/tls no longer natively supports doing partial
verification (verifying the cert issuer but not the hostname), so we
have to disable verification entirely and then do the issuer
verification ourselves. Fortunately, crypto/x509 makes this relatively
straightforward.

If the "server_name" configuration option is passed, we preserve the
existing behavior of checking that server name everywhere.

No option is provided to retain the current behavior of checking the
remote certificate against the local node name, since that behavior
seems clearly buggy and unintentional, and I have difficulty imagining
it is actually being used anywhere. It would be relatively
straightforward to restore if desired, however.
2014-06-28 13:32:42 -07:00
Armon Dadgar 80b86c9ee9 Rename Expect to BootstrapExpect. Fixes #223. 2014-06-19 17:08:55 -07:00
Armon Dadgar 406d19f483 consul: Minor cleanups 2014-06-18 16:15:28 -07:00
Robert Xu fff6546c75 Minor cleanup to logic and testsuite.
Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-18 18:47:05 -04:00
Robert Xu a2fea2ce55 Utilise new raft.SetPeers() method, move expect logic to leader.go.
This way, we don't use EnableSingleMode, nor cause chaos adding peers.

Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-18 12:03:30 -04:00
Robert Xu 31c392813c Add expect bootstrap '-expect=n' mode.
This allows for us to automatically bootstrap a cluster of nodes after
'n' number of server nodes join. All servers must have the same 'n' set, or
they will fail to join the cluster; all servers will not join the peer set
until they hit 'n' server nodes.

If the raft commit index is not empty, '-expect=n' does nothing because it
thinks you've already bootstrapped.

Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-16 17:40:33 -04:00
Armon Dadgar 91373968a8 Adding server_name configuration for TLS 2014-06-13 11:10:27 -07:00
Robert B Gordon 987c078957 Seems like we should actually check the reference count. 2014-06-13 11:25:01 -05:00
Armon Dadgar ea054b8847 consul: Start RPC before Raft, wait to accept connecitons 2014-06-11 10:17:58 -07:00
Armon Dadgar 1812eedad9 consul: start RPC after fully initialized. Fixes #160 2014-06-11 09:46:44 -07:00
Armon Dadgar 2e18774c02 consul: Avoid network for server RPC. Fixes #148. 2014-06-10 19:12:36 -07:00
Armon Dadgar cae158b310 consul: Provide output for serfHealth check. Fixes #176. 2014-06-09 16:07:22 -07:00
Armon Dadgar 9e925bf458 consul: Adding support for optional session name 2014-06-09 11:42:28 -07:00
Armon Dadgar 06cd40d1e7 consul: fixing use of nil log output. Fixes #203 2014-06-09 11:16:53 -07:00
Armon Dadgar c656bbfbcf Rename shared msgpack handle 2014-06-08 14:02:42 -07:00
Andrew M Bursavich d209517d50 reuse codec.MsgpackHandle 2014-06-07 01:13:38 -07:00
Armon Dadgar b5bd20634a consul: Gossip the build using Serf 2014-06-06 15:36:40 -07:00
Armon Dadgar d0d85b461c consul: Sort datacenter list. Fixes #198 2014-06-06 14:12:40 -07:00
William Tisäter 7b4c7f3f63 Log peers when `TestLeader_LeftServer` fail 2014-05-30 21:18:37 +02:00
William Tisäter 2c13f8a03e Re-configure `LeaderLeaseTimeout` to pass validation 2014-05-30 20:57:39 +02:00
Armon Dadgar 890d4d771f consul: Ensure clients also implement LocalMember 2014-05-29 11:21:56 -07:00
Armon Dadgar f9766541e1 Merge pull request #173 from hashicorp/f-agent-self
Add `/v1/agent/self` and return local agent config
2014-05-29 11:18:19 -07:00
Armon Dadgar 09a988e8d4 consul: Conn pool clean, spare existing streams 2014-05-28 16:55:39 -07:00
Armon Dadgar 319ab05b8c consul: Provide logger to yamux 2014-05-28 16:32:25 -07:00
Armon Dadgar 6b2fe4869b consul: Suppress messages about closed connections 2014-05-28 16:32:25 -07:00