42cf797ad9
Add TLS cipher suite options and CA path support ( #2963 )
...
This patch adds options to configure the available
TLS cipher suites and adds support for a path
for multiple CA certificates.
Fixes #2959
2017-04-27 01:29:39 -07:00
37ea20cb44
Add advanced autopilot features
2017-03-22 15:25:16 -07:00
91a861337b
Adds LAN -> WAN join flooding.
2017-03-16 16:42:19 -07:00
28f8aa5559
Removes remoteConsuls in favor of the new router.
...
This has the next wave of RTT integration with the router and also
factors some common RTT-related helpers out to lib. While we were
in here we also got rid of the coordinate disable config so we don't
need to deal with the complexity in the router (there was never a
user-visible way to disable coordinates).
2017-03-16 16:42:19 -07:00
8130f9b1c1
Cleaned up and reorganized some autopilot-related code
2017-03-09 18:21:40 -08:00
8bcab6c6d7
Add autopilot server health tracking
...
This adds two goroutines to perform autopilot tasks on the leader - one
to monitor the health of servers and another to periodically clean up
dead servers with a limit on removal count. Also adds a new http endpoint,
`/v1/operator/autopilot/health`, for querying this information through an
operator RPC endpoint.
2017-03-06 16:00:10 -08:00
23c492a74e
Rename DeadServerCleanup and make wording adjustments
2017-02-28 14:45:21 -08:00
56e22a719f
Add state store table and endpoints for autopilot
2017-02-23 20:32:13 -08:00
ae9fce0ae0
Move raft_protocol out of autopilot config
2017-02-23 13:08:40 -08:00
f9588b8d7f
Add raft version 2/3 compatibility
2017-02-22 12:53:32 -08:00
2c9001a389
Add configurable cleanup of dead servers when a new server joins
2017-02-17 10:49:16 -08:00
086975ac0a
Add TLSMinVersion to config options
2017-02-01 16:20:33 -05:00
96bff003b7
Adds basic support for node IDs.
2017-01-17 22:47:59 -08:00
71a775d986
Merge pull request #2592 from hashicorp/acl-complete-node-session
...
Adds complete ACL coverage for nodes and sessions.
2016-12-13 13:55:07 -08:00
402f30d52e
Merge pull request #2591 from hashicorp/snapshot-interval
...
Change raft snapshot interval to 5 seconds
2016-12-12 19:15:10 -05:00
67f1fe8d0b
Adds support for a new "acl_agent_token" which is used for internal
...
catalog operations.
2016-12-12 14:52:27 -08:00
3ae8bedd6d
Change raft snapshot interval to 5 seconds
2016-12-12 13:31:42 -05:00
2b19a5340c
Removes the exception for the "consul" service in the catalog.
2016-12-07 17:58:23 -08:00
2f4c237cff
Adds a max raft multiplier and tweaks documentation.
2016-08-25 15:36:05 -07:00
5df36fbd82
Stops scaling the commit timeout.
2016-08-25 15:05:40 -07:00
f65ef936cb
Increases RPC hold timeout for new default timing.
...
Rather than scale this we just bump it up a bit. It'll be on the edge in
the lower-performance default mode, and will have plenty of margin in the
high-performance mode. This seems like a reasonable compromise to keep the
logic here simple vs. scaling, and seems inline with the expectations of
the different modes of operation.
2016-08-24 23:35:28 -07:00
b339b0d2fc
Adds performance tuning capability for Raft, detuned defaults, and supplemental docs.
2016-08-24 21:58:37 -07:00
ff6d42389c
Merge pull request #2222 from hashicorp/f-raft-v2
...
Integrates Consul with "stage one" of HashiCorp Raft library v2.
2016-08-09 16:04:48 -07:00
44c468995f
Touches up Raft integration after latest changes.
2016-08-08 19:19:18 -07:00
6c8e8271e2
Integrates Consul with new version of Raft library.
2016-08-08 19:19:17 -07:00
9cece515c0
Adds basic ACL replication plumbing.
2016-08-03 21:24:04 -07:00
191876f87e
consul: Add RPCHoldTimeout as tunable hold period
2016-07-10 13:23:43 -04:00
ce4cf8a542
consul: dev mode works
2015-12-26 20:19:36 -05:00
132e1d813b
Fixes configs now that Serf always caches coordinates.
2015-10-23 15:23:01 -07:00
aea2194ce3
Makes the default protocol 2 and lets 3 interoperate with 2.
2015-10-23 15:23:01 -07:00
033e8e6625
Adds sort of DCs in catalog queries based on RTT. Cleans up.
...
* Makes the catalog endpoint respect disabling coordinates for all
RTT-sorting query types.
2015-10-23 15:23:01 -07:00
b63909cf67
Adds coordinate sorting support to catalog queries for nodes and service nodes.
2015-10-23 15:23:01 -07:00
9ba9a708f6
Scales coordinate sends to hit a fixed aggregate rate across the cluster.
2015-10-23 15:23:01 -07:00
d8b8a3719f
Simplifies the batching function and adds some comments.
2015-10-23 15:23:01 -07:00
f71c79c53f
Does some small cleanups based on PR feedback.
...
* Holds coordinate updates in map and gets rid of the update channel.
* Cleans up config variables a bit.
2015-10-23 15:23:01 -07:00
acb0dce829
Moves batching down into the state store and changes it to fail-fast.
...
* A batch of updates is done all in a single transaction.
* We no longer need to get an update to kick things, there's a periodic flush.
* If incoming updates overwhelm the configured flush rate they will be dumped with an error.
2015-10-23 15:23:01 -07:00
b6c31bdf2f
Flips the sense of the coordinate enable option.
2015-10-23 15:23:01 -07:00
edb9a119e2
Does a clean up pass on the Consul side.
2015-10-23 15:23:01 -07:00
ac4185b888
Merges config changes after rebase.
2015-10-23 15:23:01 -07:00
213f5a15e6
Fix tests
2015-10-23 15:23:01 -07:00
eb599a1745
Address comments
2015-10-23 15:23:01 -07:00
c5168e1263
Fix a bunch of typos.
2015-09-15 13:22:08 +01:00
c0127e9932
Bumps protocol version back down as we've made memberlist smarter.
2015-08-31 11:16:34 -07:00
7b8aae37cb
Bumps protocol version to 3 to get serf version 5.
2015-06-02 17:50:35 -07:00
9642384429
consul: support the new TLS wrapper
2015-05-11 15:15:36 -07:00
c00c4ebaaa
Support SesionTTLMin configuration
...
- Allow setting SessionTTLMin
- Validate on the Server
2015-03-27 05:13:57 -07:00
3e2bd0db2c
consul: Rename TombstoneGC to TombstoneTTL
2015-01-05 14:43:54 -08:00
d5369098ba
consul: Adding TombstoneGC config
2015-01-05 14:43:54 -08:00
2bd0e8c745
consul.Config() helper to generate the tlsutil.Config{} struct, 30 second keepalive, use keepalive for HTTP and HTTPS
2014-11-18 17:56:48 -05:00
b4424a1a50
Moved TLS Config stuff to tlsutil package
2014-11-18 11:03:36 -05:00
Kyle Havlovitz