James Phillips
04dffd7c46
Adds a check for in-band error returns in the coordinate RaftApply.
2015-11-15 16:50:46 -08:00
James Phillips
5b0697fc67
Changes batch update failure to a WARN since it's nbd.
2015-10-29 09:26:24 -07:00
James Phillips
eb4bfa3411
Prevents agents from considering Raft information when doing sync checks.
2015-10-28 14:32:00 -07:00
James Phillips
7c44a9b6c9
Fixes a bad error message.
2015-10-28 12:40:47 -07:00
James Phillips
5449096bc2
Adds a check for the minimum version as well.
2015-10-27 15:56:36 -07:00
James Phillips
1c678effde
Sets the ignore flag on coordinate update Raft log entries.
2015-10-27 14:44:34 -07:00
James Phillips
c1305a08ea
Makes the version upshift code look at the correct version field.
2015-10-27 14:44:34 -07:00
James Phillips
b91e2d3a97
Completes rebase of network coordinates to new memdb.
2015-10-23 15:23:01 -07:00
James Phillips
132e1d813b
Fixes configs now that Serf always caches coordinates.
2015-10-23 15:23:01 -07:00
James Phillips
aea2194ce3
Makes the default protocol 2 and lets 3 interoperate with 2.
2015-10-23 15:23:01 -07:00
James Phillips
7dd88f7de6
Zeroes out the height when testing exact distances.
2015-10-23 15:23:01 -07:00
James Phillips
7d5e29f6c6
Cleans up after latest rebase.
2015-10-23 15:23:01 -07:00
James Phillips
a74bdcba49
Moves sorting up into coordinate endpoint HTTP handlers.
2015-10-23 15:23:01 -07:00
James Phillips
a2bcef00a0
Adds endpoints for raw network coordinates.
2015-10-23 15:23:01 -07:00
James Phillips
e900fef95a
Fixes bad name for DC forwarding of Coordinate.Get.
2015-10-23 15:23:01 -07:00
James Phillips
ee1cf1e13b
Adds distance sorting to health endpoint. Cleans up unit tests.
2015-10-23 15:23:01 -07:00
James Phillips
019f656f39
Switches to the median over all DC nodes with known coordinates.
2015-10-23 15:23:01 -07:00
James Phillips
5609b2e889
Adds explicit check for empty node in source parameter.
2015-10-23 15:23:01 -07:00
James Phillips
5d75ce7852
Moves disable checks down into the sort routine.
2015-10-23 15:23:01 -07:00
James Phillips
59b710894d
Adds tests for HTTP interface. Removes a stray mark.
2015-10-23 15:23:01 -07:00
James Phillips
033e8e6625
Adds sort of DCs in catalog queries based on RTT. Cleans up.
...
* Makes the catalog endpoint respect disabling coordinates for all
RTT-sorting query types.
2015-10-23 15:23:01 -07:00
James Phillips
b63909cf67
Adds coordinate sorting support to catalog queries for nodes and service nodes.
2015-10-23 15:23:01 -07:00
James Phillips
9ba9a708f6
Scales coordinate sends to hit a fixed aggregate rate across the cluster.
2015-10-23 15:23:01 -07:00
James Phillips
d8b8a3719f
Simplifies the batching function and adds some comments.
2015-10-23 15:23:01 -07:00
James Phillips
a93a1a68b6
Adds snapshot save and restore of coordinates.
2015-10-23 15:23:01 -07:00
James Phillips
f71c79c53f
Does some small cleanups based on PR feedback.
...
* Holds coordinate updates in map and gets rid of the update channel.
* Cleans up config variables a bit.
2015-10-23 15:23:01 -07:00
James Phillips
1222772452
Hardens Consul from bad coordinates from other nodes.
2015-10-23 15:23:01 -07:00
James Phillips
e02ae7b6b4
Takes the node name out of the coordinate get call.
2015-10-23 15:23:01 -07:00
James Phillips
acb0dce829
Moves batching down into the state store and changes it to fail-fast.
...
* A batch of updates is done all in a single transaction.
* We no longer need to get an update to kick things, there's a periodic flush.
* If incoming updates overwhelm the configured flush rate they will be dumped with an error.
2015-10-23 15:23:01 -07:00
James Phillips
b6c31bdf2f
Flips the sense of the coordinate enable option.
2015-10-23 15:23:01 -07:00
James Phillips
9c069c5031
Removes one more WAN leftover.
2015-10-23 15:23:01 -07:00
James Phillips
edb9a119e2
Does a clean up pass on the Consul side.
2015-10-23 15:23:01 -07:00
James Phillips
ac4185b888
Merges config changes after rebase.
2015-10-23 15:23:01 -07:00
Derek Chiang
b805215237
Address comments
2015-10-23 15:23:01 -07:00
Derek Chiang
7d70d8b1d7
Add test for the GetWAN endpoint
2015-10-23 15:23:01 -07:00
Derek Chiang
e03a9d4c38
Add an endpoint for getting WAN coordinates
2015-10-23 15:23:01 -07:00
Derek Chiang
213f5a15e6
Fix tests
2015-10-23 15:23:01 -07:00
Derek Chiang
eb599a1745
Address comments
2015-10-23 15:23:01 -07:00
Derek Chiang
66d5a129bf
Add state store tests
2015-10-23 15:23:01 -07:00
Derek Chiang
88550714ca
Add more tests
2015-10-23 15:23:01 -07:00
Derek Chiang
139c9240ea
Address comments
2015-10-23 15:23:01 -07:00
Derek Chiang
23c08aeeb4
Use IndexedCoordinate instead
2015-10-23 15:23:01 -07:00
Derek Chiang
979c0c6c9e
Improve a test
2015-10-23 15:23:01 -07:00
Derek Chiang
b2cff43bb5
Complete logic for sending coordinates
2015-10-23 15:23:01 -07:00
Derek Chiang
019da1dae4
Fix tests
2015-10-23 15:23:01 -07:00
Derek Chiang
66b210afcb
Some fixes
2015-10-23 15:23:01 -07:00
Derek Chiang
def0a2f5ab
Change GET API a little bit
2015-10-23 15:23:01 -07:00
Derek Chiang
b5bbe2bcfa
Adding tests and stuff
2015-10-23 15:23:01 -07:00
Derek Chiang
e54c8f2ea0
Start adding stuff
2015-10-23 15:23:01 -07:00
James Phillips
aae298a179
Cleans up a little whitespace with go fmt.
2015-10-20 18:41:05 -07:00
James Phillips
54535d45d7
Gets rid of error prefixing in leader.go.
2015-10-20 13:37:11 -07:00
James Phillips
eb93d1d9ad
Puts all restore operations into a single transaction and optimizes watches.
2015-10-19 23:06:59 -07:00
James Phillips
96c5c9de2b
Gets rid of unique constraint on sessions index in session_checks.
2015-10-19 17:41:50 -07:00
James Phillips
3e93055cef
Switches sessions over to UUIDFieldIndex.
2015-10-19 17:09:02 -07:00
James Phillips
d905804514
Adds a special case for fill KVS listings to avoid a tombstone scan.
2015-10-19 16:22:27 -07:00
James Phillips
22a46f7bf5
Makes the iterator naming more consistent.
2015-10-19 15:51:11 -07:00
James Phillips
9a2fdff4c4
Converts sessions and ACLs over to iterators.
2015-10-19 14:56:22 -07:00
James Phillips
d459d94b3f
Converts KVS snapshot over to iterator.
2015-10-19 14:07:57 -07:00
James Phillips
498c4a989a
Converts nodes, services, checks to iterators duing dumps; fixes tag drift bug.
...
Realized that the conversions ServiceNode <-> NodeService were incomplete in a
few places so centralized those and added some tests.
2015-10-19 13:55:35 -07:00
James Phillips
8ee52e9850
Gets rid of non-idomatic "state_store" alias in FSM.
2015-10-16 14:07:48 -07:00
James Phillips
adef4894df
Ports a couple of new RPC calls to the updated codec mechanism.
2015-10-15 15:09:13 -07:00
James Phillips
268255dcbe
Runs go fmt after latest changes.
2015-10-15 14:59:09 -07:00
James Phillips
e982f976eb
Adds unit tests for new structs clone functions.
2015-10-15 14:59:09 -07:00
James Phillips
46be9fa2cf
Adds benchmarks back in to the state store.
2015-10-15 14:59:09 -07:00
James Phillips
6db1a8624d
Removes a todo that's no longer needed.
2015-10-15 14:59:09 -07:00
James Phillips
82f275d126
Adds unit tests for the graveyard.
2015-10-15 14:59:09 -07:00
James Phillips
e285af5d1c
Does some go fmt after latest round of changes.
2015-10-15 14:59:09 -07:00
James Phillips
409fd57e4a
Adds a delay test.
2015-10-15 14:59:09 -07:00
James Phillips
73ad5f0695
Adds watch unit tests and does some related watch cleanup.
2015-10-15 14:59:09 -07:00
James Phillips
9fce4aaf35
Adds tests for GC.
2015-10-15 14:59:09 -07:00
James Phillips
ca220c9717
Adds clone for service nodes so we don't twiddle the database's object.
2015-10-15 14:59:09 -07:00
James Phillips
25d7746f38
Fixes remaining non-KV index calclulations and adds a general getWatchTables thing.
2015-10-15 14:59:09 -07:00
James Phillips
32e2439f93
Fixes index management for KVS.
2015-10-15 14:59:09 -07:00
James Phillips
37da1faaf2
Makes session invalidate loops use a separate slice to protect the iterator.
2015-10-15 14:59:09 -07:00
James Phillips
8504646900
Makes all delete loops use a separate slice to protect the iterator.
2015-10-15 14:59:09 -07:00
James Phillips
768f6fd8db
Cleans up some go vet warnings.
2015-10-15 14:59:09 -07:00
James Phillips
495b276e44
Gets rid of todo that we discussed is ok.
2015-10-15 14:59:09 -07:00
James Phillips
3fedffbffb
Gets rid of the transitional "New" suffix on state store and RPC.
2015-10-15 14:59:09 -07:00
James Phillips
263c7e3fd3
Deletes the old state store and all its accoutrements.
2015-10-15 14:59:09 -07:00
James Phillips
3f07f0685f
Nukes old state store's connection to FSM and RPC.
2015-10-15 14:59:09 -07:00
James Phillips
450886246d
Integrates session TTL tests with new state store.
2015-10-15 14:59:09 -07:00
James Phillips
a15c24f771
Integrates new state store into internal endpoint.
2015-10-15 14:59:09 -07:00
James Phillips
76bdeadefb
Abstracts the table names away from the RPC call sites.
2015-10-15 14:59:09 -07:00
James Phillips
7a8e5b2866
Integrates new state store into session endpoint; returns table index always.
2015-10-15 14:59:09 -07:00
James Phillips
1463e6100a
Integrates new state store into leader and catalog/health endpoints.
2015-10-15 14:59:09 -07:00
James Phillips
6203c1e585
Integrates KVS endopint with new state store (changes KVSList to match old behavior).
2015-10-15 14:59:09 -07:00
James Phillips
837d8994b4
Cuts FSM unit tests over to new state store.
2015-10-15 14:59:09 -07:00
James Phillips
92e48b87bf
Adds twiddling of the real state store in snapshot tests.
2015-10-15 14:59:09 -07:00
James Phillips
87ff8d031c
Ports over session invalidation tests (and fixes some bugs).
2015-10-15 14:59:09 -07:00
James Phillips
8072138c9a
Adds a note about updating sessions after they are created.
2015-10-15 14:59:09 -07:00
James Phillips
a09571133c
Beefs up node and service watch tests for multi-table triggers.
2015-10-15 14:59:09 -07:00
James Phillips
ae21a33aca
Adds session snapshot/restore and basic watch tests (and fixes some bugs).
2015-10-15 14:59:09 -07:00
James Phillips
1725063067
Adds tombstone tests and gets rid of unused logger.
2015-10-15 14:59:09 -07:00
James Phillips
391c04de90
Makes sure we don't create a full table watch for tombstones.
2015-10-15 14:59:09 -07:00
James Phillips
4be951571e
Adds snapshot/restore and watch tests for KVS.
2015-10-15 14:59:09 -07:00
James Phillips
9bfe2c32f6
Allows lock holder to re-lock and set a KV, adds tests for corner cases around sessions.
2015-10-15 14:59:09 -07:00
James Phillips
1088145060
Adds kvs lock/unlock tests.
2015-10-15 14:59:09 -07:00
James Phillips
2c0ba7e44b
Adds snap and watch tests for nodes, services, and checks.
2015-10-15 14:59:09 -07:00
James Phillips
f7fca62dcd
Adds node snap and watch tests as well as a general watch test.
2015-10-15 14:59:09 -07:00
James Phillips
e25fb6c5ed
De-generalizes graveyard since that ended up as a YAGNI (only useful for KV).
2015-10-15 14:59:09 -07:00
James Phillips
e7de7a2b8c
Cleans up unit tests for consistency.
2015-10-15 14:59:09 -07:00
James Phillips
1bf432d5af
Adds ensure registration unit test (and fixes bugs).
2015-10-15 14:59:09 -07:00
James Phillips
e5773635e7
Adds reap tombstone test (and fixes bugs).
2015-10-15 14:59:09 -07:00
James Phillips
8a39581ae0
Adds ACL snapshot/restore test.
2015-10-15 14:59:09 -07:00
James Phillips
2dae65a6ec
Adds a watch tester helper that helps cut the cruft.
2015-10-15 14:59:09 -07:00
James Phillips
04b365495d
Completes state store for KV, sessions, tombstones, and nodes/services/checks (needs tests and integration).
2015-10-15 14:59:09 -07:00
James Phillips
edae626f36
Integrates new state store for ACLs.
2015-10-15 14:59:09 -07:00
James Phillips
cbcd977a39
Gets new structs changes to compile, adds some corner case handling and extra unit tests.
2015-10-15 14:59:09 -07:00
Ryan Uber
4cf5f6223e
consul/state: list acls
2015-10-15 14:59:09 -07:00
Ryan Uber
69b0ee0e5a
consul/state: implement acl delete
2015-10-15 14:59:09 -07:00
Ryan Uber
6e7c3e3579
consul/state: basic acl set/get/delete
2015-10-15 14:59:09 -07:00
Ryan Uber
e30c3cdea8
consul/state: basic session destroy works
2015-10-15 14:59:09 -07:00
Ryan Uber
747527fef5
consul/state: more tests
2015-10-15 14:59:09 -07:00
Ryan Uber
d0e349b190
consul/state: refactor some tests
2015-10-15 14:59:09 -07:00
Ryan Uber
d5f3648846
consul/state: session lookup by node id works
2015-10-15 14:59:09 -07:00
Ryan Uber
82fa9347e1
consul/state: add session list method
2015-10-15 14:59:09 -07:00
Ryan Uber
0d0b3c91ef
consul/state: adding session registration
2015-10-15 14:59:09 -07:00
Ryan Uber
a613f65e41
consul/state: adding tree delete for kvs store
2015-10-15 14:59:09 -07:00
Ryan Uber
66a211a70e
consul/state: list keys from the kv with a prefix/separator
2015-10-15 14:59:09 -07:00
Ryan Uber
0171c2ba3d
consul/state: fix for maxIndex and better tests
2015-10-15 14:59:09 -07:00
Ryan Uber
b0ae1c0967
consul/state: add CAS method for kv set
2015-10-15 14:59:09 -07:00
Ryan Uber
dc997beef3
consul/state: initial pass at CAS delete operation for kvs
2015-10-15 14:59:09 -07:00
Ryan Uber
57c36c274b
consul/state: adding KVSList for listing a given prefix
2015-10-15 14:59:09 -07:00
Ryan Uber
9b4f8cd800
consul/state: adding shallow delete for kvs store
2015-10-15 14:59:09 -07:00
Ryan Uber
b2dc11fed4
consul/state: basic k/v operations
2015-10-15 14:59:09 -07:00
Ryan Uber
a511e8a42d
consul/state: adding node dump methods
2015-10-15 14:59:09 -07:00
Ryan Uber
0df0b1674e
consul/state: testing service registration update
2015-10-15 14:59:09 -07:00
Ryan Uber
c3cd5051ba
consul/state: fetch node/check sets by service ID
2015-10-15 14:59:09 -07:00
Ryan Uber
d88ef90479
consul/state: filter checks by state
2015-10-15 14:59:09 -07:00
Ryan Uber
2249bec117
consul/state: support check lookups by service name
2015-10-15 14:59:09 -07:00
Ryan Uber
9fe029abc3
consul/state: return highest index for queries with compound results
2015-10-15 14:59:09 -07:00
Ryan Uber
e6a9db17d7
consul/state: cleanup
2015-10-15 14:59:09 -07:00
Ryan Uber
e114b5040f
consul/state: better tests for index table updates
2015-10-15 14:59:09 -07:00
Ryan Uber
c3ad758e0e
consul/state: test helpers
2015-10-15 14:59:09 -07:00
Ryan Uber
5d63160bb6
consul/state: node checks are removed with their associated nodes
2015-10-15 14:59:09 -07:00
Ryan Uber
329c88d8b7
consul/state: services are removed with their associated nodes
2015-10-15 14:59:09 -07:00
Ryan Uber
5bb69db6b3
consul/state: remove checks during service deregistration
2015-10-15 14:59:09 -07:00
Ryan Uber
db1bcdc863
consul/state: add check deletion method
2015-10-15 14:59:09 -07:00
Ryan Uber
ee8a1dc5d2
consul/state: set index if we have an existing health check
2015-10-15 14:59:09 -07:00
Ryan Uber
d6380e31cc
consul/state: negative tests
2015-10-15 14:59:09 -07:00
Ryan Uber
f9e8ca252c
consul/state: basic health check retrieval works
2015-10-15 14:59:09 -07:00
Ryan Uber
b6af94a8ff
consul/state: persisting health checks works
2015-10-15 14:59:09 -07:00
Ryan Uber
0a000f63a3
consul/state: test for index modification during deletes
2015-10-15 14:59:09 -07:00
Ryan Uber
8ae69b6878
consul/state: add service delete functions
2015-10-15 14:59:09 -07:00
Ryan Uber
5a8d8b0362
consul/state: working on node deletion
2015-10-15 14:59:09 -07:00
Ryan Uber
766c367ef4
consul/state: add function for returning all nodes
2015-10-15 14:59:09 -07:00
Ryan Uber
8fea5f8dc5
consul/state: track highest index when querying services
2015-10-15 14:59:09 -07:00
Ryan Uber
08553f0fef
consul/state: querying node services works
2015-10-15 14:59:09 -07:00
Ryan Uber
859ffe14e1
consul/state: read transactions don't block writes
2015-10-15 14:59:09 -07:00
Ryan Uber
a5d5577cdd
consul/state: more tests for EnsureNode/GetNode
2015-10-15 14:59:09 -07:00
Ryan Uber
f0dd8b2923
consul/state: working on service registration storage
2015-10-15 14:59:09 -07:00
Ryan Uber
011e7584b4
consul/state: node registration and retrieval works
2015-10-15 14:59:09 -07:00
Ryan Uber
6778c8d3ff
consul/state: start tests for schema
2015-10-15 14:59:09 -07:00
Ryan Uber
f30437bade
consul/state: round out schema
2015-10-15 14:59:09 -07:00
Ryan Uber
f253c39cb1
consul/state: starting on new state store
2015-10-15 14:59:09 -07:00
Ryan Uber
ae7cdfaf8d
consul: comment msgpack handle
2015-10-15 14:57:29 -07:00
Ryan Uber
cc7aa44459
consul: revert session endpoint test
2015-10-15 12:31:48 -07:00
Ryan Uber
33741f9156
consul: initial pass at refactoring RPC using net-rpc-msgpackrpc
2015-10-13 22:15:23 -07:00
Dale Wijnand
c5168e1263
Fix a bunch of typos.
2015-09-15 13:22:08 +01:00
James Phillips
b25797a808
Merge pull request #1187 from sfncook/enable_tag_drift_03
...
Enable tag drift 03
2015-09-11 15:35:32 -07:00
Anthony Scalisi
8d733b7fca
remove various typos
2015-09-11 12:29:54 -07:00
Shawn Cook
99be758411
Rename EnableTagOverride and update formatting
2015-09-11 08:35:29 -07:00
Shawn Cook
2f04917261
Merge remote-tracking branch 'hashicorp/master' into enable_tag_drift_03
2015-09-10 14:55:30 -07:00
William Tisäter
4ce2af3bd4
Bind to loopback only as last resort
2015-09-02 12:24:44 +02:00
William Tisäter
1013f2f494
Don't try to bind on address from inactive interface
2015-09-02 12:24:36 +02:00
William Tisäter
4267814e5b
Treat 127.0.0.0/8 and 169.254.0.0/16 as private network
2015-09-02 12:24:14 +02:00
James Phillips
c0127e9932
Bumps protocol version back down as we've made memberlist smarter.
2015-08-31 11:16:34 -07:00
Shawn Cook
d4ec6aa630
Update tests - NodeService init needs bool
2015-08-20 09:09:26 -07:00
Shawn Cook
f6814c89ed
EnableTagDrift in NodeService struct
2015-08-18 10:34:55 -07:00
Mac Browning
04eb37ffb6
consul: refactor GetPrivateIP for testability
2015-08-15 17:44:32 -04:00
James Phillips
8df55b6964
Changes to an unbuffered channel, since we just close it.
2015-08-13 11:38:02 -07:00
James Phillips
1c6414e806
Cleans up locking and factors markForUse into a Conn method.
2015-08-13 10:01:05 -07:00
James Phillips
18711b40b8
Gets rid of follow up attempts if the lead thread can't connect.
2015-08-12 20:14:48 -07:00
James Phillips
7d9db86b03
Adds missing ref count for the race condition case.
2015-08-12 19:26:01 -07:00
James Phillips
0efc49b510
Fixes #1165 by having threads wait for any outstanding connect to finish.
2015-08-12 18:48:15 -07:00
Ryan Uber
36bddeca25
consul: filter services by ACL when using ChecksInState.
2015-07-27 16:57:56 -07:00
Ryan Uber
6d38027689
Merge pull request #1090 from hashicorp/f-keyring-acl
...
Keyring ACLs
2015-07-24 10:23:18 -07:00
Armon Dadgar
f1a83a8954
Merge pull request #1119 from trumant/multiple_private_IPs
...
Fixes #1099 by raising an error when we multiple private IPs are found
2015-07-22 17:32:00 -07:00
Travis Truman
e18a93ed54
Fixes #1099 by raising an error when we multiple private IPs are found
2015-07-16 22:25:02 -04:00
Ryan Uber
6d27334ee1
consul: fixes for events and related tests
2015-07-14 11:38:26 -07:00
Ryan Uber
4ef6545583
acl: initial pass at keyring ACLs
2015-07-06 18:28:09 -06:00
Armon Dadgar
fd2bead478
consul: fixing test using wrong FSM
2015-07-06 14:33:58 -06:00
Ryan Uber
503fa1eed1
Merge pull request #1046 from hashicorp/f-event-acl
...
Event ACLs
2015-07-02 07:02:07 -07:00
Ryan Uber
d2eac37579
agent: remove unnecessary EventFire function
2015-07-02 06:56:27 -07:00
Tiru Srikantha
f1932e5e46
Add RFC 6598 private IP range
...
Fixes #1031 by adding 100.64.0.0/10 as a private IP range.
2015-06-19 12:20:30 -07:00
Ryan Uber
e6923a4832
consul: always fire events from server nodes
2015-06-18 18:13:29 -07:00
Ryan Uber
6e9adae494
consul: use acl cache struct in server
2015-06-18 18:13:29 -07:00
Ryan Uber
e04a23801e
consul: split ACL cache into a reusable struct
2015-06-18 18:13:29 -07:00
Ryan Uber
d84fa3c98d
consul: check ACLs when firing events
2015-06-18 18:13:29 -07:00
Ryan Uber
d600fad4e7
consul: fast path a typed nil during ACL filtering
2015-06-12 16:46:15 -07:00
Ryan Uber
2b1a19a906
consul: fail badly if an unsupported type is passed to the ACL filter
2015-06-11 17:06:35 -07:00
Ryan Uber
593b4b3dd6
consul: fix log message
2015-06-11 15:00:26 -07:00
Ryan Uber
63a2737cac
consul: testing acl filters in isolation
2015-06-11 14:14:43 -07:00
Ryan Uber
e413b0e7c7
consul: better tests for acl filtering
2015-06-11 13:23:49 -07:00
Ryan Uber
5aeb8202d6
consul: testing internal endpoint acl filtering
2015-06-11 13:05:33 -07:00
Ryan Uber
aa87f2b73c
consul: rename function to avoid collision and clean up
2015-06-11 13:04:47 -07:00
Ryan Uber
1ff496d6dd
consul: break acl filtering into a separate struct
2015-06-11 12:08:21 -07:00
Ryan Uber
404d4d653c
consul: testing health endpoint service acl filtering
2015-06-11 09:39:35 -07:00
Ryan Uber
1e2751511d
consul: testing catalog endpoint acl filtering
2015-06-10 22:14:58 -07:00
Ryan Uber
c8629de127
consul: begin testing discovery ACLs
2015-06-10 19:25:58 -07:00
Ryan Uber
4f9161f485
consul: use anonymous function for acl filtering
2015-06-10 18:43:48 -07:00
Ryan Uber
b115047919
consul: filter internal endpoints for acls
2015-06-10 18:40:40 -07:00
Ryan Uber
4f3e661b8c
acl: initial pass at service discovery acls
2015-06-10 18:40:09 -07:00
James Phillips
7b8aae37cb
Bumps protocol version to 3 to get serf version 5.
2015-06-02 17:50:35 -07:00
Sam Boyer
bdc5983463
Condense switch fallthroughs into expr lists
2015-05-26 21:30:14 -04:00
Armon Dadgar
f91069f9d5
consul: adding StopWatch test
2015-05-14 18:32:19 -07:00
Armon Dadgar
2c9592c5ee
consul: lower default query time and add small stagger
2015-05-14 17:59:43 -07:00
Armon Dadgar
e5c8fce96a
consul: adding randomStagger util method
2015-05-14 17:59:11 -07:00
Armon Dadgar
23a1df1548
consul: proactively clear timers
2015-05-14 17:42:47 -07:00
Armon Dadgar
2bc43844bc
consul: ensure blocking query cleans any lingering state
2015-05-14 17:38:42 -07:00
Armon Dadgar
6f433c9ad8
consul: Adding methods to stop watching for changes
2015-05-14 17:33:02 -07:00
Armon Dadgar
abbf4456f2
consul: adding Clear to NotifyGroup
2015-05-14 17:30:30 -07:00
Armon Dadgar
430100a0c8
Merge pull request #927 from hashicorp/f-tls
...
Add new `verify_server_hostname` to mitigate possibility of MITM
2015-05-11 18:15:16 -07:00
Armon Dadgar
f797130228
Fixing merge conflict
2015-05-11 16:48:10 -07:00
Armon Dadgar
9642384429
consul: support the new TLS wrapper
2015-05-11 15:15:36 -07:00
Armon Dadgar
3bf337a6ac
consul: thread the target DC through the RPC path
2015-05-11 13:09:19 -07:00
Armon Dadgar
a1de4b17c2
consul: use tlsutil.Wrapper instead of tls.Config directly
2015-05-11 13:09:19 -07:00
Armon Dadgar
2ca41b15df
consul: updating for Raft API changes
2015-05-08 11:35:52 -07:00
Armon Dadgar
2d2fc71e0d
consul: more telemetry on RPCs and queries
2015-05-07 17:25:12 -07:00
Armon Dadgar
e474e34528
Merge pull request #909 from hashicorp/f-create
...
Support ACL upsert behavior
2015-05-06 11:22:11 -07:00
Armon Dadgar
9b9c737a82
consul: Adding flag to support future incompatible commands. Future self will thank me.
2015-05-05 19:44:21 -07:00
Armon Dadgar
f86e7d13d5
consul: ACL.Apply allows upserting with custom ID
2015-05-05 19:19:45 -07:00
Armon Dadgar
cbc29d1cde
consul: fixing overly redundant logging
2015-05-05 13:00:47 -07:00
Armon Dadgar
efaed93b91
Merge pull request #816 from pepov/master
...
Support different advertise address for WAN gossip
2015-05-04 15:40:25 -07:00
Ryan Mills
2bd5bf04bd
Remove 'unknown' as one of the valid states when setting the initial state of a check.
2015-04-13 20:46:01 +00:00
Ryan Mills
370853d7ff
Allow specifying a status field in the agent/service/register and agent/check/register endpoints.
...
This status must be one of the valid check statuses: 'passing', 'warning', 'critical', 'unknown'.
If the status field is not present or the empty string, the default of 'critical' is used.
2015-04-12 02:00:31 +00:00
Ryan Uber
8ebee678cc
Merge pull request #857 from hashicorp/f-boltdb
...
Raft uses BoltDB
2015-04-10 18:30:07 -07:00
Armon Dadgar
32f3d17931
consul: do not clear connection cache on RPC errors
2015-04-07 14:17:20 -07:00
pepov
8abcf3d541
add test using separate advertise addresses for wan and for lan
2015-03-28 16:08:19 +01:00
Michael Fraenkel
c00c4ebaaa
Support SesionTTLMin configuration
...
- Allow setting SessionTTLMin
- Validate on the Server
2015-03-27 05:13:57 -07:00
Ryan Uber
41aa5aeb09
consul: swap over to raft-boltdb
2015-03-26 20:01:52 -07:00
Ryan Uber
275d99e1dc
consul: allow returning custom error for merge delegate
2015-02-22 18:24:10 -08:00
Ryan Breen
53afd77e2d
s/data center/datacenter/g
2015-02-19 17:45:47 -05:00
Armon Dadgar
f3fd072418
Revert "* use defer to avoid tracking lock"
...
This reverts commit a030abdefc54470394a2a44008e02f3b3d0510ec.
This commit causes a connection to be leaked if there is a race with
another concurrent RPC.
2015-02-16 14:04:47 -08:00
Emil Hessman
70a6cdac6d
consul: clean up TempDirs in FSM tests
2015-01-26 08:34:23 +01:00
Armon Dadgar
7e27d923be
Merge pull request #621 from hashicorp/f-leave
...
Changing interaction between Leave and RemovePeers
2015-01-21 16:28:19 -08:00
Ryan Uber
27de0adf3b
agent: support multiple checks per service
2015-01-20 21:48:42 -08:00
Armon Dadgar
280a1c9c12
consul: Testing leave as leader and non-leader
2015-01-20 16:30:56 -08:00
Armon Dadgar
a695909a85
consul: Wait for RemovePeer in Leave as a follower
2015-01-20 16:19:54 -08:00
Armon Dadgar
aec0dedd01
consul: remove ourself from raft peer set if we are the leader
2015-01-20 16:19:29 -08:00
Armon Dadgar
ea7a0134c8
consul: Do not remove ourself as raft peer in Serf event handler
2015-01-20 16:13:54 -08:00
Armon Dadgar
133cf457a3
consul: Use new LogCache to improve write throughput
2015-01-14 15:49:58 -08:00
Armon Dadgar
1956c07034
consul: Fixing potential issue with blocking queries for {Session,ACL}.Get
2015-01-13 12:02:30 -08:00
Armon Dadgar
9a43063778
consul: Fixing blocking query returning old result
2015-01-13 11:51:24 -08:00
Ryan Uber
f3fad2180c
consul: fix server left test
2015-01-09 19:10:17 -08:00
Ryan Uber
084643abee
consul: improve test reliability for session ttls
2015-01-09 17:18:11 -08:00
Armon Dadgar
2408aa741d
consul: Testing KVSDeleteCAS in FSM
2015-01-08 17:26:12 -08:00
Armon Dadgar
e735c881a0
consul: Test the KVSDeleteCheckAndSet method
2015-01-08 17:24:36 -08:00
Armon Dadgar
d680696afe
consul: Expose the KVSDeleteCAS operation in FSM
2015-01-08 17:08:44 -08:00
Armon Dadgar
781aeb84d5
consul: Implement KVSDeleteCheckAndSet
2015-01-08 17:08:32 -08:00
Armon Dadgar
fbc77b7501
consul: Adding KVSDeleteCAS operation type
2015-01-08 17:08:17 -08:00
Armon Dadgar
2cd89e60ed
consul: Do not override the node address
2015-01-08 10:57:15 -08:00
Armon Dadgar
957fa1f5ec
consul: Fixing merge conflict
2015-01-08 10:42:19 -08:00
Armon Dadgar
2c9dac682a
consul: Remove cruft from KV watching
2015-01-07 18:10:18 -08:00
Armon Dadgar
5b972294f8
consul: Enforce lock-delay with delete behavior
2015-01-07 15:48:27 -08:00
Ryan Uber
5fe18b5093
Ignore vim swap files
2015-01-07 15:21:01 -08:00
Ryan Uber
7ecd015fc0
command: check LastIndex is not zero while waiting for leader
2015-01-07 15:18:00 -08:00
Armon Dadgar
a66a765ca9
consul: Adding merge delegate to prevent mixing clusters
2015-01-06 15:48:46 -08:00
Armon Dadgar
e971e8f456
consul: Test WatchKV
2015-01-05 17:08:01 -08:00
Armon Dadgar
b61043de5d
consul: Adding test for KVS.List blocking query
2015-01-05 16:57:48 -08:00
Armon Dadgar
48d97879c8
consul: Remove dead code
2015-01-05 16:42:30 -08:00
Armon Dadgar
0ea4f3d846
consul: Optimize KV watching
2015-01-05 16:41:57 -08:00
Armon Dadgar
7a63f822a3
consul: First pass to reduce KV watch cost
2015-01-05 16:18:27 -08:00
Armon Dadgar
8eaee53661
consul: Adding more useful metrics
2015-01-05 15:13:39 -08:00
Armon Dadgar
5ad16ca00f
consul: Fixing the KVS tests
2015-01-05 15:06:53 -08:00
Armon Dadgar
200b348f69
consul: Disable tombstones as follower
2015-01-05 14:58:59 -08:00
Armon Dadgar
4f6f5ae6f0
consul: Improve log message
2015-01-05 14:43:56 -08:00
Armon Dadgar
bf40a2ac1f
consul: Reverting some index compute logic
2015-01-05 14:43:56 -08:00
Armon Dadgar
7a4b532564
consul: List Keys should handle tombstones
2015-01-05 14:43:56 -08:00
Armon Dadgar
b70dac1a62
consul: Ensure KVS List handles tombstones
2015-01-05 14:43:56 -08:00
Armon Dadgar
a350ec9379
consul: Mesure time for reapTombstones
2015-01-05 14:43:56 -08:00
Armon Dadgar
e2bfaa11a2
consul: Testing leader issue of reap command
2015-01-05 14:43:56 -08:00
Armon Dadgar
b1fefa6d90
consul: Test FSM Reap operations
2015-01-05 14:43:56 -08:00
Armon Dadgar
7736e701ca
consul: Test FSM restore of tombstones
2015-01-05 14:43:56 -08:00
Armon Dadgar
91f8ff41eb
consul: Testing tombstone snapshot
2015-01-05 14:43:55 -08:00
Armon Dadgar
41886c6af5
consul: Testing tombstone reaping
2015-01-05 14:43:55 -08:00
Armon Dadgar
bba573dfbc
consul: Test tombstone creation
2015-01-05 14:43:55 -08:00
Armon Dadgar
f9d322f346
consul: Persist tombstones
2015-01-05 14:43:55 -08:00
Armon Dadgar
9152fae109
consul: First pass at tombstone reaping
2015-01-05 14:43:55 -08:00
Armon Dadgar
0c9cbdb3d1
consul: TombstoneReapRequestType -> TombstoneRequestType
2015-01-05 14:43:55 -08:00
Armon Dadgar
8681d913ba
consul: Generate a raft operation to reap tombstones
2015-01-05 14:43:55 -08:00
Armon Dadgar
02e984e4c4
consul: Adding new request to reap tombstones
2015-01-05 14:43:55 -08:00
Armon Dadgar
9f30ffbf9a
consul: Leader should reset the tombstone GC clock
2015-01-05 14:43:55 -08:00
Armon Dadgar
fb8f7fd929
consul: Adding PendingExpiration
2015-01-05 14:43:55 -08:00
Armon Dadgar
71c2c1468d
consul: Thread Tombstone GC through
2015-01-05 14:43:55 -08:00
Armon Dadgar
ae69cbca7b
consul: Fixing accidental commit of transaction
2015-01-05 14:43:54 -08:00
Armon Dadgar
4da4e322a3
consul: Fixing tombstone creation and hinting of GC
2015-01-05 14:43:54 -08:00
Armon Dadgar
1a9431847b
consul: Adding GetTxnLimit to MDBTable
2015-01-05 14:43:54 -08:00
Armon Dadgar
2724061351
consul: Support reset of tombstone GC
2015-01-05 14:43:54 -08:00
Armon Dadgar
4430f4592d
consul: Adding TombstoneGC to track TTLs
2015-01-05 14:43:54 -08:00
Armon Dadgar
3e2bd0db2c
consul: Rename TombstoneGC to TombstoneTTL
2015-01-05 14:43:54 -08:00
Armon Dadgar
68caf9046c
consul: Create tombstones before key deletes
2015-01-05 14:43:54 -08:00
Armon Dadgar
d5369098ba
consul: Adding TombstoneGC config
2015-01-05 14:43:54 -08:00
Daniel Malon
e56b3861dc
advertise specific address for a service
...
Enable setting a specific address in a service definition for advertise. If no specific address is given it will fallback to the node address and reassemble the old behaviour.
2015-01-02 21:10:05 +00:00
Armon Dadgar
6b9ace19cf
consul: Collect useful session metrics
2015-01-02 22:46:51 +05:30
Armon Dadgar
d8c65aabee
consul: Minor cleanup
2014-12-12 22:17:41 -08:00
Armon Dadgar
c0d3798154
consul: Test Session.Apply updates session timers
2014-12-12 21:54:29 -08:00
Armon Dadgar
4d0903f781
consul: Adding more tests for session TTLs
2014-12-12 21:42:59 -08:00
Armon Dadgar
5b6ce2ca4a
consul: Setup ACLs and timers after initial barrier
2014-12-12 21:42:24 -08:00
Armon Dadgar
f25566931f
consul: Make sessionTimersLock a plain mutex
2014-12-12 19:17:35 -08:00
Armon Dadgar
9b897d1134
consul: Ignore zero ttl on session
2014-12-12 19:17:04 -08:00
Armon Dadgar
990ad02f83
consul: Minor cleanups
2014-12-12 15:43:34 -08:00
Armon Dadgar
8dbfe7c9a8
Merge pull request #524 from amalaviy/session_ttl
...
Consul Session TTLs
2014-12-12 14:42:25 -08:00
Atin Malaviya
073020f6be
Add invalidateSession test
2014-12-11 06:09:53 -05:00
Atin Malaviya
5a76929ba4
Fixed clearSessionTimer, created invalidateSession, added invalid TTL test
2014-12-11 05:34:31 -05:00
Atin Malaviya
7ece29c3e0
Took out usage of snapshot SessionListTTL
2014-12-10 21:37:06 -05:00
Atin Malaviya
2de09dc2e7
Took out StateSnapshot SessionListTTL also
2014-12-10 20:53:05 -05:00
Atin Malaviya
8369b77204
Clean up code based on feedback from armon
2014-12-10 20:49:06 -05:00
Atin Malaviya
a1afc07f54
Added more tests
2014-12-10 16:43:15 -05:00
Atin Malaviya
c992c18ef0
Added more tests. Also added return of 404 if the session id to renew is not found
2014-12-10 10:02:23 -05:00
Atin Malaviya
b623af776b
Consul Session TTLs
...
The design of the session TTLs is based on the Google Chubby approach
(http://research.google.com/archive/chubby-osdi06.pdf ). The Session
struct has an additional TTL field now. This attaches an implicit
heartbeat based failure detector. Tracking of heartbeats is done by
the current leader and not persisted via the Raft log. The implication
of this is during a leader failover, we do not retain the last
heartbeat times.
Similar to Chubby, the TTL represents a lower-bound. Consul promises
not to terminate a session before the TTL has expired, but is allowed
to extend the expiration past it. This enables us to reset the TTL on
a leader failover. The TTL is also extended when the client does a
heartbeat. Like Chubby, this means a TTL is extended on creation,
heartbeat or failover.
Additionally, because we must account for time requests are in transit
and the relative rates of clocks on the clients and servers, Consul
will take the conservative approach of internally multiplying the TTL
by 2x. This helps to compensate for network latency and clock skew
without violating the contract.
Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-12-07 12:38:22 -05:00
Ali Abbas
a542df954f
cleanup and simplify
2014-12-06 13:08:35 +01:00
Ali Abbas
40979b1159
* use defer to avoid tracking lock
...
* simplify control flow
2014-12-06 12:32:18 +01:00
Chavez
5f4281f98f
consul: Server leave test fix
2014-12-05 11:22:54 -08:00
Chavez
c6b3cae106
consul: Fix failing globalRPC test
2014-12-05 10:36:37 -08:00
Veres Lajos
850d5bdc32
typofixes - https://github.com/vlajos/misspell_fixer
2014-12-04 23:25:06 +00:00
Armon Dadgar
402d580863
consul: Check that ACL also allows registration
2014-11-30 21:10:42 -07:00
Armon Dadgar
d74f79b3fa
consul: Enforce service registration ACLs
2014-11-30 21:05:15 -07:00
Ali Abbas
818fc22c9f
* Fix race condition on read/write of shutdown bool variable of server and connection pool.
...
* In connection pool, there is no guarantee that .reap() cannot execute the same time as .Shutdown() is called. It also did not benefit to eval shutdown when a select is run on the shutdown channel.
* In server, same principle applies to handleConsulConn. Since we also have a shutdown channel, it makes more to use this than to loop on a bool variable.
2014-11-26 10:39:25 +01:00
Ali Abbas
73504a01e9
cleanup unreachable code
2014-11-25 19:54:30 +01:00
Atin Malaviya
d7e09d57ba
Set empty Behavior setting into SessionKeysRelease and flag error for unrecognized values
2014-11-20 19:16:07 -05:00
Atin Malaviya
3aabda02b3
Clean up tests, use switch to default session.Behavior value if unspecified, unrecognized
2014-11-20 14:29:18 -05:00
Atin Malaviya
aa0cecd04e
Ephemeral Nodes for via Session behavior settings.
...
Added a "delete" behavior for session invalidation, in addition to
the default "release" behavior. On session invalidation, the sessions
Behavior field is checked and if it is set to "delete", all nodes owned
by the session are deleted. If it is "release", then just the locks
are released as default.
2014-11-20 11:34:45 -05:00
Ryan Uber
4cd89a9113
Rebase against upstream
2014-11-19 16:45:49 -08:00
Ryan Uber
3b2ab70c4d
consul: clean up comments, fix globalRPC tests
2014-11-19 16:37:40 -08:00
Ryan Uber
4a8249db00
consul: fix obscure bug when launching goroutines from for loop
2014-11-19 16:37:40 -08:00
Ryan Uber
2661bbfa27
consul: more tests, remove unused KeyManager() method
2014-11-19 16:37:40 -08:00
Ryan Uber
fcacee723b
consul: simplify keyring operations
2014-11-19 16:36:19 -08:00
Ryan Uber
66ad81ef13
consul: add test for internal keyring rpc endpoint
2014-11-19 16:36:19 -08:00
Ryan Uber
344b63b9db
consul: simplify keyring operations
2014-11-19 16:36:19 -08:00
Ryan Uber
b3f251de9c
command/keyring: clean up tests
2014-11-19 16:36:18 -08:00
Ryan Uber
d02afd42fb
agent: -encrypt appends to keyring if one exists
2014-11-19 16:36:01 -08:00
Ryan Uber
295f876923
command/agent: fix up gossip encryption indicator
2014-11-19 16:35:37 -08:00
Ryan Uber
7f85c708dc
agent: squash some more common keyring semantics
2014-11-19 16:34:18 -08:00
Ryan Uber
4e8f53fa5d
consul: detach executeKeyringOp() from *Internal
2014-11-19 16:34:18 -08:00
Ryan Uber
db0084ccd0
consul: use keyring operation type to cut out duplicated logic
2014-11-19 16:34:18 -08:00
Ryan Uber
057c22db10
consul: generalize multi-DC RPC call broadcasts
2014-11-19 16:34:18 -08:00
Ryan Uber
001a579d47
command/keyring: cleanup
2014-11-19 16:34:18 -08:00
Ryan Uber
cb795199d1
consul: test rpc errors returned from remote datacenters
2014-11-19 16:34:18 -08:00
Ryan Uber
a1943afddc
consul: make forwarding to multiple datacenters parallel
2014-11-19 16:34:18 -08:00
Ryan Uber
d7edc1c51c
consul: break rpc forwarding and response ingestion out of internal endpoints
2014-11-19 16:34:18 -08:00
Ryan Uber
1ec111bbfc
consul: kill unused struct fields
2014-11-19 16:34:17 -08:00
Ryan Uber
f6b5fc8c08
consul: cross-dc key rotation works
2014-11-19 16:34:17 -08:00
Ryan Uber
f9b5b15a6b
consul: use a function for ingesting responses
2014-11-19 16:34:17 -08:00
Ryan Uber
71e9715c54
consul: restructuring
2014-11-19 16:34:17 -08:00
Ryan Uber
a551a6e4a0
consul: refactor keyring, repeat RPC calls to all DC's
2014-11-19 16:34:17 -08:00
Ryan Uber
2e92e19760
agent: refactor keyring loader
2014-11-19 16:31:06 -08:00
Ryan Uber
43a60f1424
command: basic rpc works for keys command
2014-11-19 16:30:21 -08:00
Ryan Uber
96376212ff
consul: use rpc layer only for key management functions, add rpc commands
2014-11-19 16:30:21 -08:00
Ryan Uber
8a4ed84711
consul: first pass at keyring integration
2014-11-19 16:30:20 -08:00
Armon Dadgar
dd41c69389
Merge pull request #478 from amalaviy/https
...
Added HTTPS support via a new HTTPS Port configuration option
2014-11-19 11:17:10 -08:00
Armon Dadgar
bd1e03428c
consul: Increase maximum number of parallel readers
2014-11-18 18:46:43 -08:00
Atin Malaviya
2bd0e8c745
consul.Config() helper to generate the tlsutil.Config{} struct, 30 second keepalive, use keepalive for HTTP and HTTPS
2014-11-18 17:56:48 -05:00
Atin Malaviya
b4424a1a50
Moved TLS Config stuff to tlsutil package
2014-11-18 11:03:36 -05:00
Armon Dadgar
0540605110
consul: Fixing key list index calculation
2014-11-12 17:55:45 -08:00
Emil Hessman
0222ed9eb9
Fix missing arguments
2014-11-01 22:56:48 +01:00
Armon Dadgar
af90aa8026
Gofmt
2014-10-20 10:21:31 -07:00
Armon Dadgar
3f36515544
Switching to the pinned version of msgpack
2014-10-17 18:26:19 -07:00
Armon Dadgar
34713fe970
Encode/Decode test
2014-10-17 18:23:13 -07:00
Armon Dadgar
b04dc46c72
consul: Improving test reliability
2014-10-17 17:40:14 -07:00
Armon Dadgar
a1d2f9a3da
Merge pull request #401 from hashicorp/f-healthcheck
...
Default services to "critical" state instead of "unknown"
2014-10-15 16:50:38 -07:00
Armon Dadgar
e571d532b2
consul: Fixing FSM path tests
2014-10-15 15:03:58 -07:00
Armon Dadgar
0ea385579a
consul: Ensure FSM stores data in the data dir
2014-10-15 14:57:59 -07:00
Armon Dadgar
5571da4661
consul: FSM stores state in a given path only
2014-10-15 14:56:12 -07:00
Armon Dadgar
0d1559764d
consul: Allow providing a path for the state store
2014-10-15 14:55:04 -07:00
Ryan Uber
cc0f80a4aa
consul/structs: keep HealthUnknown around for backward compatibility
2014-10-15 11:35:22 -07:00
Armon Dadgar
88b53702f1
consul: Reduce mmap size on 32bit
2014-10-15 11:32:40 -07:00
Ryan Uber
ec63686416
consul: kill remaining use of HealthUnknown
2014-10-15 10:14:46 -07:00
Armon Dadgar
a8a5905d21
consul: less aggressive deadlock timer. Fixes #389
2014-10-14 12:00:25 -07:00
Armon Dadgar
5c46544e7e
consul: Improve variable name
2014-10-14 11:04:43 -07:00
Armon Dadgar
e33b6683aa
consul: Reap left members ignoring state. Fixes #371
2014-10-14 11:02:26 -07:00
Armon Dadgar
8afbab60cb
consul: Log why invalidation happened. Fixes #390
2014-10-14 10:54:57 -07:00
Armon Dadgar
b6c5d77cf8
consul: Fixing graceful leave of current leader. Fixes #360 .
2014-10-13 22:14:43 -07:00
Armon Dadgar
e51f9da84b
consul: Deprecate ACLForceSet
2014-10-09 12:28:07 -07:00
Armon Dadgar
1177a9bf11
consul: Fix non-deterministic ACL IDs
2014-10-09 12:23:32 -07:00
Armon Dadgar
a80478594a
consul: Fix non-deterministic session IDs
2014-10-09 11:54:47 -07:00
Armon Dadgar
daa32dd6f8
consul: don't close a nil connection
2014-10-02 10:26:25 -07:00
Armon Dadgar
99d39db982
agent: First pass at multi-DC support
2014-08-28 15:00:49 -07:00
Armon Dadgar
9eddff083a
consul: Testing user events
2014-08-26 19:26:55 -07:00
Armon Dadgar
1227e77f6d
consul: Adding user event name tests
2014-08-26 19:20:02 -07:00
Armon Dadgar
3a1d686444
consul: Adding user event handler for callbacks
2014-08-26 19:04:07 -07:00
Armon Dadgar
b1cf52db01
consul: expose UserEvent from Serf
2014-08-26 18:50:03 -07:00
Armon Dadgar
ce98b0abbd
consul: Deny delete anonymous or update of root policies
2014-08-22 14:55:09 -07:00
Armon Dadgar
597cd12e97
consul: Ensure node/service/check registration is in a single txn
2014-08-22 12:38:33 -07:00
Armon Dadgar
54ed1ec834
consul: fixing a unit test
2014-08-22 12:34:31 -07:00
Armon Dadgar
a078e4d6f4
consul: Refactor txn handling in state store
2014-08-22 12:27:12 -07:00
Armon Dadgar
1f845c995a
consul: Ensure authoritative cache is purged after update
2014-08-18 15:46:59 -07:00
Armon Dadgar
6492f06a3e
consul: Provide ETag to avoid expensive policy fetch
2014-08-18 15:46:59 -07:00
Armon Dadgar
7473bd2fc9
consul: ACL enforcement for KV updates
2014-08-18 15:46:24 -07:00
Armon Dadgar
ea015710e9
consul: ACL enforcement for key reads
2014-08-18 15:46:24 -07:00
Armon Dadgar
7299ef1a82
consul: Filter keys, refactor to interface
2014-08-18 15:46:24 -07:00
Armon Dadgar
d38fd8eb1d
consul: Helpers to filter on ACL rules
2014-08-18 15:46:24 -07:00
Armon Dadgar
17ee7f5057
consul: Starting token enforcement
2014-08-18 15:46:23 -07:00
Armon Dadgar
5561148c8e
consul: Prevent resolution of root policy
2014-08-18 15:46:23 -07:00
Armon Dadgar
8c5bb94c74
consul: Resolve parent ACLs
2014-08-18 15:46:23 -07:00
Armon Dadgar
8153537e86
consul: Support management tokens
2014-08-18 15:46:23 -07:00
Armon Dadgar
9e16caa497
consul: Adding some metrics for ACL usage
2014-08-18 15:46:23 -07:00
Armon Dadgar
5da5df716d
consul: Create anonymous and master tokens
2014-08-18 15:46:22 -07:00
Armon Dadgar
bbde4beefd
consul: Testing down policies and multi-DC
2014-08-18 15:46:22 -07:00
Armon Dadgar
846cc66e6d
consul: Testing ACL resolution
2014-08-18 15:46:22 -07:00
Armon Dadgar
61b80e912c
consul: Use Etag for policy caching
2014-08-18 15:46:22 -07:00
Armon Dadgar
db8f896c58
consul: Support conditional policy fetch
2014-08-18 15:46:22 -07:00
Armon Dadgar
edcd69019c
consul: Verify compilation of rules
2014-08-18 15:46:22 -07:00
Armon Dadgar
9a4778b7d3
consul: Enable ACL lookup
2014-08-18 15:46:22 -07:00
Armon Dadgar
bd124a8da3
consul: Pulling in ACLs
2014-08-18 15:46:21 -07:00
Armon Dadgar
6f7bf36ee9
agent: ACL endpoint tests
2014-08-18 15:46:21 -07:00
Armon Dadgar
bdf9516f96
consul: ACL Endpoint tests
2014-08-18 15:46:21 -07:00
Armon Dadgar
ea31f37dd6
consul: Adding ACL endpoint
2014-08-18 15:46:21 -07:00
Armon Dadgar
b41e36868e
consul: register the ACL queries
2014-08-18 15:46:21 -07:00
Armon Dadgar
8a3a0faacf
consul: FSM support for ACLsg
2014-08-18 15:46:21 -07:00
Armon Dadgar
101d7da90a
consul: Adding ACLs to the state store
2014-08-18 15:46:21 -07:00
Armon Dadgar
da52fda65f
consul: ACL structs
2014-08-18 15:46:21 -07:00
Armon Dadgar
ca6a8aef55
agent: Adding ACL master token
2014-08-18 15:46:20 -07:00
Armon Dadgar
ebae394863
consul: ACL setting passthrough
2014-08-18 15:46:20 -07:00
William Tisäter
90816cca98
Run `go fmt`
2014-07-24 01:09:55 +02:00
William Tisäter
78a69b61a3
Don't override `ServiceTags`
2014-07-23 23:42:22 +02:00
William Tisäter
31037338a3
Change order of fixtures
2014-07-23 23:42:22 +02:00
William Tisäter
9dc67edf7f
Make service tag filter case-insensitive
2014-07-23 23:42:22 +02:00
William Tisäter
2727c158a6
Make service index case-insensitive
2014-07-23 23:42:22 +02:00
William Tisäter
ff93acda28
Lowercase index key and lookup value if flag is set
2014-07-23 23:42:22 +02:00
William Tisäter
f7263e8e7a
Add case-insensitive flag to `MDBIndex`
2014-07-23 23:42:21 +02:00
William Tisäter
75e631ee94
Add helper for lowercase list of strings
2014-07-23 23:42:21 +02:00
Armon Dadgar
bf26a9160f
consul: Defer serf handler until initialized. Fixes #254 .
2014-07-22 09:36:58 -04:00
Armon Dadgar
020802f7a5
Merge pull request #233 from nelhage/tls-no-subjname
...
Restore the 0.2 TLS verification behavior.
2014-07-01 13:41:00 -07:00
Nelson Elhage
627b2e455f
Add some basic smoke tests for wrapTLSclient.
...
Check the success case, and check that we reject a self-signed
certificate.
2014-06-29 18:11:32 -07:00
Nelson Elhage
0a2476b20e
Restore the 0.2 TLS verification behavior.
...
Namely, don't check the DNS names in TLS certificates when connecting to
other servers.
As of golang 1.3, crypto/tls no longer natively supports doing partial
verification (verifying the cert issuer but not the hostname), so we
have to disable verification entirely and then do the issuer
verification ourselves. Fortunately, crypto/x509 makes this relatively
straightforward.
If the "server_name" configuration option is passed, we preserve the
existing behavior of checking that server name everywhere.
No option is provided to retain the current behavior of checking the
remote certificate against the local node name, since that behavior
seems clearly buggy and unintentional, and I have difficulty imagining
it is actually being used anywhere. It would be relatively
straightforward to restore if desired, however.
2014-06-28 13:32:42 -07:00
Armon Dadgar
80b86c9ee9
Rename Expect to BootstrapExpect. Fixes #223 .
2014-06-19 17:08:55 -07:00
Armon Dadgar
406d19f483
consul: Minor cleanups
2014-06-18 16:15:28 -07:00
Robert Xu
fff6546c75
Minor cleanup to logic and testsuite.
...
Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-18 18:47:05 -04:00
Robert Xu
a2fea2ce55
Utilise new raft.SetPeers() method, move expect logic to leader.go.
...
This way, we don't use EnableSingleMode, nor cause chaos adding peers.
Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-18 12:03:30 -04:00
Robert Xu
31c392813c
Add expect bootstrap '-expect=n' mode.
...
This allows for us to automatically bootstrap a cluster of nodes after
'n' number of server nodes join. All servers must have the same 'n' set, or
they will fail to join the cluster; all servers will not join the peer set
until they hit 'n' server nodes.
If the raft commit index is not empty, '-expect=n' does nothing because it
thinks you've already bootstrapped.
Signed-off-by: Robert Xu <robxu9@gmail.com>
2014-06-16 17:40:33 -04:00
Armon Dadgar
91373968a8
Adding server_name configuration for TLS
2014-06-13 11:10:27 -07:00
Robert B Gordon
987c078957
Seems like we should actually check the reference count.
2014-06-13 11:25:01 -05:00
Armon Dadgar
ea054b8847
consul: Start RPC before Raft, wait to accept connecitons
2014-06-11 10:17:58 -07:00
Armon Dadgar
1812eedad9
consul: start RPC after fully initialized. Fixes #160
2014-06-11 09:46:44 -07:00
Armon Dadgar
2e18774c02
consul: Avoid network for server RPC. Fixes #148 .
2014-06-10 19:12:36 -07:00
Armon Dadgar
cae158b310
consul: Provide output for serfHealth check. Fixes #176 .
2014-06-09 16:07:22 -07:00
Armon Dadgar
9e925bf458
consul: Adding support for optional session name
2014-06-09 11:42:28 -07:00
Armon Dadgar
06cd40d1e7
consul: fixing use of nil log output. Fixes #203
2014-06-09 11:16:53 -07:00
Armon Dadgar
c656bbfbcf
Rename shared msgpack handle
2014-06-08 14:02:42 -07:00
Andrew M Bursavich
d209517d50
reuse codec.MsgpackHandle
2014-06-07 01:13:38 -07:00
Armon Dadgar
b5bd20634a
consul: Gossip the build using Serf
2014-06-06 15:36:40 -07:00
Armon Dadgar
d0d85b461c
consul: Sort datacenter list. Fixes #198
2014-06-06 14:12:40 -07:00
William Tisäter
7b4c7f3f63
Log peers when `TestLeader_LeftServer` fail
2014-05-30 21:18:37 +02:00
William Tisäter
2c13f8a03e
Re-configure `LeaderLeaseTimeout` to pass validation
2014-05-30 20:57:39 +02:00
Armon Dadgar
890d4d771f
consul: Ensure clients also implement LocalMember
2014-05-29 11:21:56 -07:00
Armon Dadgar
f9766541e1
Merge pull request #173 from hashicorp/f-agent-self
...
Add `/v1/agent/self` and return local agent config
2014-05-29 11:18:19 -07:00
Armon Dadgar
09a988e8d4
consul: Conn pool clean, spare existing streams
2014-05-28 16:55:39 -07:00
Armon Dadgar
319ab05b8c
consul: Provide logger to yamux
2014-05-28 16:32:25 -07:00
Armon Dadgar
6b2fe4869b
consul: Suppress messages about closed connections
2014-05-28 16:32:25 -07:00