Frank Schroeder
2e586be5aa
agent: use http.StatusUnauthorized instead of 401
2017-08-23 22:36:23 +02:00
Frank Schroeder
923f8e2364
agent: use http.StatusBadRequest instead of 400
2017-08-23 22:36:23 +02:00
Frank Schroeder
a32eab5923
agent: support go-discover retry-join for wan
2017-08-23 21:23:34 +02:00
Frank Schröder
44e6b8122d
acl: consolidate error handling ( #3401 )
...
The error handling of the ACL code relies on the presence of certain
magic error messages. Since the error values are sent via RPC between
older and newer consul agents we cannot just replace the magic values
with typed errors and switch to type checks since this would break
compatibility with older clients.
Therefore, this patch moves all magic ACL error messages into the acl
package and provides default error values and helper functions which
determine the type of error.
2017-08-23 16:52:48 +02:00
Frank Schroeder
d9e2a51887
agent: drop unused code
...
This code from http://github.com/hashicorp/consul/pull/3353 is no longer
required.
2017-08-22 00:02:46 +02:00
Frank Schroeder
4bfcf7b613
dns: replace nameserver lookup with consistent rpc call
...
This patch replaces the code which determines the list of servers in the
current cluster with an RPC call to get the list of active consul
service instances which only run on servers.
This replaces the previous implementation which was more complex and
relied on serf messages which can provide a different view than the
consistent response from the raft log.
As a side effect it makes the implementation independent of the server
and the agent which means it works consistently across both. Different
behavior for server and agent was the root cause for the bug in
http://github.com/hashicorp/consul/issue/3047 .
Fixes #3407
2017-08-22 00:02:46 +02:00
Frank Schroeder
8e1f9b9b68
dns: split node lookup from request handling
2017-08-22 00:02:46 +02:00
Frank Schroeder
db8ad8922e
dns: refactor label by unrolling loop
2017-08-22 00:02:46 +02:00
Frank Schroeder
c35206db07
dns: move ttl closer to usage
2017-08-22 00:02:46 +02:00
James Phillips
738ac55d96
Switches to using a read lock for the agent's RPC dispatcher.
...
This prevents RPC calls from getting serialized in this spot.
Fixes #3376
2017-08-09 18:51:55 -07:00
Frank Schröder
32d4eecc1a
agent: honor deprecated flags for retry-join-{ec2,azure,gce} ( #3384 )
2017-08-09 16:18:30 -07:00
James Phillips
3518e27a76
Revert "Return 403 rather than a 404 when acls cause all results to be filter…"
2017-08-09 15:06:57 -07:00
James Phillips
91205b2cd6
Revert "Ensure that we return a permission denied only if the list of keys/en…"
2017-08-09 15:06:20 -07:00
Preetha Appan
121326161e
Added unit test case to kvs_endpointtest
2017-08-09 15:50:22 -05:00
Preetha Appan
d06002dc62
Ensure that we return a permission denied only if the list of keys/entries prior to filtering by ACL is non empty
2017-08-09 15:32:18 -05:00
Frank Schroeder
c38dcf2d17
agent: move agent/consul/agent to agent/metadata
2017-08-09 14:36:52 +02:00
Frank Schroeder
85bdb77d90
agent: move agent/consul/servers to agent/router
2017-08-09 14:36:37 +02:00
Frank Schroeder
1d0bbfed9c
agent: move agent/consul/structs to agent/structs
2017-08-09 14:32:12 +02:00
James Phillips
a600f681d6
Cleans up some go fmt issues.
2017-08-08 21:52:50 -07:00
James Phillips
7b4d3d5576
Fixes a vet error.
2017-08-08 16:00:18 -07:00
Kyle Havlovitz
8c2e422074
Merge pull request #3369 from hashicorp/metrics-enhancements
...
Add support for labels/filters from go-metrics
2017-08-08 13:55:30 -07:00
Kyle Havlovitz
160395d3c7
Add doc links for metrics endpoint
2017-08-08 13:05:38 -07:00
Kyle Havlovitz
308d7b785d
Update docs for metrics endpoint
2017-08-08 12:33:30 -07:00
Frank Schroeder
0f4986dcc7
dns: minor cleanups
2017-08-08 13:55:58 +02:00
Kyle Havlovitz
975ded2714
Add support for labels/filters from go-metrics
2017-08-08 01:45:10 -07:00
Preetha Appan
2df084968c
Go back to using <nodename>.node.dc.consul as the name of the ns record being returned.
2017-08-07 16:02:33 -05:00
Frank Schroeder
b571cb8097
dns: keep NS names in consul domain
2017-08-07 11:11:55 +02:00
Frank Schroeder
7b39af2b2d
dns: postmaster -> hostmaster
2017-08-07 11:11:55 +02:00
Frank Schroeder
98de22e13e
dns: we do not support zone transfers
2017-08-07 11:11:55 +02:00
Frank Schroeder
e1bcbc6832
dns: drop CNAME for primary name server
2017-08-07 11:11:55 +02:00
Preetha Appan
393a0eae93
Added test case with IPV6 bind address for NS records, rewrote tests to use verify library and other code review feedback
2017-08-07 11:11:55 +02:00
Preetha Appan
52075bda1c
Added back glue records in NS response, expanded unit test. Also reused same function used in node lookup for adding A/AAAA records in the extra section of the NS response
2017-08-07 11:11:55 +02:00
Preetha Appan
c7c4100503
Don't add A records for NS requests, because the record being returned already resolves correctly. Also fixed all the unit tests, and ignored hostnames that don't meet valid dns hostname criteria
2017-08-07 11:11:55 +02:00
Frank Schroeder
450d8a69b5
dns: provide correct SOA and NS responses
...
This patch changes the behavior of the DNS server as follows:
* The SOA response contains the SOA record in the Answer section instead
of the Authority section. It also contains NS records in the Authority
and the corresponding A glue records in the Extra section.
In addition, CNAMEs are added to the Extra section to make the
MNAME of the SOA record resolvable.
AAAA glue records are not yet supported.
* The NS response returns up to three random servers from the
consul cluster in the Answer section and the glue A
records in the Extra section.
AAAA glue records are not yet supported.
2017-08-07 11:11:55 +02:00
Preetha Appan
bff45ee1da
Unify regex used to identify invalid dns characters
2017-08-07 11:11:55 +02:00
Preetha Appan
6bac9355fd
Use sanitized version of node name of server in NS record, and start with "server" rather than "ns"
2017-08-07 11:11:55 +02:00
Preetha Appan
7e9d683ab1
Removed a copy pasted irrelevant comment, and other code review feedback
2017-08-07 11:11:54 +02:00
Preetha Appan
c38906daad
Add NS records and A records for each server. Constructs ns host names using the advertise address of the server.
2017-08-07 11:11:54 +02:00
James Phillips
803ed9a245
Adds secure introduction for the ACL replication token. ( #3357 )
...
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
Frank Schroeder
1cb602e085
agent: fix code for updated go-discover signature
...
Closes #3351
2017-08-03 21:32:11 +02:00
James Phillips
c31b56a03e
Adds a new /v1/acl/bootstrap API ( #3349 )
2017-08-02 17:05:18 -07:00
Miguel Prokop
ea6d610dee
agent: Fix script quoting on windows ( #1875 )
...
This patch fixes the quoting for executing scripts on windows
and splits the platform dependent code.
Fixes #1875
2017-08-02 17:01:21 +02:00
Frank Schroeder
68e8f3d0f7
agent: use github.com/hashicorp/go-discover
...
Replace the provider specific node discovery code
with go-discover to support AWS, Azure and GCE.
Fixes #3282
2017-08-01 11:41:43 +02:00
Preetha Appan
307049e17f
Return nil instead of empty list when returning a PermissionDenied error, updated unit test
2017-07-31 17:23:20 -05:00
Preetha Appan
da29b74d03
Return 403 rather than a 404 when acls cause all results to be filtered out. This fixes #2637
2017-07-31 13:50:29 -05:00
preetapan
677949b14d
Merge pull request #3332 from hashicorp/issue_3322
...
This fixes #3322
2017-07-28 17:54:30 -05:00
Preetha Appan
3b12545844
Tweaked parsing error message to quote properly
2017-07-28 17:52:35 -05:00
James Phillips
8f1f762ddd
Adds missing autopilot snapshot test and avoids snapshotting nil. ( #3333 )
2017-07-28 15:48:42 -07:00
Preetha Appan
86b9e3c5f3
Validate unix sockets and ip addresses as needed, more test cases
2017-07-28 17:18:10 -05:00
Preetha Appan
ac068de336
Modify ResolveTmplAddrs to parse advertise IPs, added test cases that fail to parse correctly
2017-07-28 15:01:32 -05:00
Preetha Appan
4b82d09df0
Removed extra newlines
2017-07-28 10:51:11 -05:00
Preetha Appan
7b99f7ca08
Fix comments, and remove redundant TestConfig init from a couple of unit tests
2017-07-28 10:40:43 -05:00
Frank Schroeder
f27202b608
add tests for go-sockaddr template parsing
2017-07-28 15:40:22 +02:00
Frank Schroeder
5ee498cbc5
agent: unix sockets are not ip addrs
2017-07-28 14:53:21 +02:00
Frank Schroeder
0b13a38d90
config: refactor tmpl resolution fn
2017-07-28 12:20:49 +02:00
Preetha Appan
28016190e0
Moved handling advertise address to readConfig and out of the agent's constructor, plus unit test fixes
2017-07-27 22:06:31 -05:00
Preetha Appan
398c1e450c
Move go-socketaddr template parsing into config package to make it happen before creating a new agent. Also removed redundant parsetemplate calls from agent.go.
2017-07-27 16:17:35 -05:00
James Phillips
6b51744ddf
Adds option to prepared queries to remove empty tags. ( #3330 )
2017-07-26 22:46:43 -07:00
James Phillips
6e794ea1b3
Adds support for agent-side ACL token management via API instead of config files. ( #3324 )
...
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
Preetha Appan
4692b1478e
Add extra test case for deleting entire tree with empty prefix
2017-07-26 09:42:07 -05:00
Preetha Appan
74ba4c3c6b
Don't insert tombstone for empty prefix delete. Other minor unit test fixes
2017-07-25 21:54:11 -05:00
Preetha Appan
a6b7e66e9a
Removed redundant comments and unit test
2017-07-25 20:39:33 -05:00
Preetha Appan
1503d63595
Removed redundant call to reap tombstone from unit test
2017-07-25 19:39:05 -05:00
Preetha Appan
996302c085
Improved unit test per code review
2017-07-25 19:17:40 -05:00
Preetha Appan
f4cccf44e3
Use new DeletePrefixMethod for implementing KVSDeleteTree operation. This makes deletes on sub trees larger than one million nodes about 100 times faster. Added unit tests.
2017-07-25 17:21:18 -05:00
James Phillips
cf7b1aaf04
Removes an unnecessary close.
2017-07-24 21:41:18 -07:00
Preetha Appan
213af3650f
Removed redundant logging
2017-07-24 21:07:48 -05:00
Preetha Appan
c08ff6c8ae
Clean up temporary files on write errors, and ignore any temporary service files on load with a warning. This fixes #3207
2017-07-24 12:42:51 -05:00
James Phillips
a0867b5d49
Tweaks the error when scripts are disabled.
...
This will hopefully help people self-serve if they upgrade without accounting
for this.
2017-07-19 22:15:04 -07:00
Kyle Havlovitz
c74d7558a5
Fix UpgradeVersionTag field not being passed correctly ( #3304 )
2017-07-19 17:39:48 -07:00
Preetha Appan
9116186b4c
Made unit test for AddCheck error check the actual error string
2017-07-19 11:00:56 -05:00
Preetha Appan
f790c7279a
Unit test for failure case of AddCheck
2017-07-19 10:28:52 -05:00
Frank Schroeder
e6e711a401
fix spelling in filenames
...
Fixes #3301
2017-07-19 13:16:38 +02:00
Frank Schroeder
6d0bd1faaf
agent: make docker client work on windows
2017-07-19 12:03:59 +02:00
Frank Schroeder
e195d592be
build: add missing build tags
2017-07-19 05:17:01 +02:00
preetapan
efae3cccc0
Merge pull request #3296 from hashicorp/ensure_registration_race
...
Fix race condition between removing a service and adding a check for …
2017-07-18 18:36:47 -05:00
Preetha Appan
db1d477592
Clean up any watch monitors associated with a failed AddCheck
2017-07-18 16:54:20 -05:00
Preetha Appan
4b8958b35b
Removed unit test, added clarifying comment and returned a friendlier error message similar to the one in agent's AddService method
...
Fixes #3297
2017-07-18 16:15:47 -05:00
Preetha Appan
530e87eab0
Fix race condition between removing a service and adding a check for the same service, which was causing orphaned checks
2017-07-18 16:15:47 -05:00
Kyle Havlovitz
1ffd2ec05b
Add UpgradeVersionTag to autopilot config
2017-07-18 13:35:41 -07:00
Frank Schroeder
8bcbb7b827
agent: stop docker checks on shutdown
2017-07-18 20:59:24 +02:00
Frank Schroeder
c8ae94b688
agent: stop and remove docker checks
...
Note that there is no test since the correct way to solve (and test)
this is to replace the different maps with a single one or to hide
that functionality behind a separate data structure. This will be
addressed in #3294 .
Fixes #3265
2017-07-18 20:59:24 +02:00
Frank Schroeder
b4e5c0647b
agent: replace docker check
...
This patch replaces the Docker client which is used
for health checks with a simplified version tailored
for that purpose.
See #3254
See #3257
Fixes #3270
2017-07-18 20:24:38 +02:00
James Phillips
42472e8bb5
Prevents disabling gossip keyring file from disabling gossip encryption. ( #3278 )
2017-07-17 12:48:45 -07:00
James Phillips
788dd255a1
Adds new config to make script checks opt-in, updates documentation. ( #3284 )
2017-07-17 11:20:35 -07:00
James Phillips
838591c916
Changes remote exec KV read to call GetTokenForAgent(). ( #3283 )
...
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.
Fixes #3160 .
* Fixes remote exec unit test with ACLs.
* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips
5876b81896
Adds node read privileges to the acl_agent_master_token. ( #3277 )
...
Fixes #3113 .
2017-07-16 20:08:26 -07:00
Frank Schröder
de97fb0670
azure: tag map can return nil ( #3280 )
...
Fixes #3193
2017-07-16 14:29:43 -07:00
James Phillips
ac7c48c3ea
Obfuscates ACL tokens appearing in /v1/acl/<verb>/<token> APIs. ( #3276 )
...
* Obfuscates ACL tokens appearing in /v1/acl APIs.
* Makes test positively identify the desired strings.
* Adds an example and explanation of the regular expression.
2017-07-15 00:07:08 -07:00
James Phillips
759be97635
Changes ACL clone response to 403 if not authorized, or if token doesn't exist. ( #3275 )
...
Fixes #1113
2017-07-14 20:43:30 -07:00
Kyle Havlovitz
d985dbc36b
Add TLS setting to router areas
2017-07-14 17:38:08 -07:00
James Phillips
8572931afe
Cleans up version 8 ACLs in the agent and the docs. ( #3248 )
...
* Moves magic check and service constants into shared structs package.
* Removes the "consul" service from local state.
Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.
* Makes coordinate update ACL log message a warning, similar to other AE warnings.
* Adds much more detailed examples for bootstrapping ACLs.
This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234 .
2017-07-13 22:33:47 -07:00
Frank Schroeder
3fcf1bc9e2
agent: fix go vet issue
2017-07-11 07:13:46 -07:00
James Phillips
68991da95f
Adds the ability to blacklist specific HTTP endpoints. ( #3252 )
2017-07-10 13:51:25 -07:00
James Phillips
219fb6dd70
UI cleanup follow up from #3245 . ( #3251 )
...
* Removes unnecessary set for model component which will be null.
* Returns a 404 for a missing node, not a 200 with an empty response.
* Updates built-in web assets.
2017-07-10 09:40:00 -07:00
James Phillips
c849458d9b
Changes the default ACL token type to "client" in web UI. ( #3246 )
...
* Changes the default ACL token type to "client".
* Updates built-in web assets.
2017-07-08 17:28:04 -07:00
James Phillips
0a17a8284f
Cleans up web UI and fixes ACL token "stuckness" issue. ( #3245 )
...
* Removes GitHub reference.
* Doesn't display ACL token on the unauthorized page.
* Removes useless fetch for nodes and cleans up comments.
* Provides a path to reset the ACL token when it's invalid.
This included making the settings page global so it's reachable, and adding
some more information about an error on the error page.
* Updates built-in web assets.
2017-07-08 17:16:05 -07:00
Frank Schroeder
75cd1828b8
address review comments
2017-07-07 09:22:34 +02:00
Frank Schroeder
33588d8fdd
agent: remove unused code
2017-07-07 09:22:34 +02:00
Frank Schroeder
37202cc751
agent: make TestClient_RPC_ConsulServerPing more robust
2017-07-07 09:22:34 +02:00
Frank Schroeder
bbf715fdaf
agent: fix data races with registerEndpoint
...
Only register a different endpoint after it has been
fully created.
2017-07-07 09:22:34 +02:00
Frank Schroeder
cfe3437c0c
agent: make Reap test timing less aggressive
2017-07-07 09:22:34 +02:00
James Phillips
7b54e325df
Adds a comment about flood joining.
2017-07-07 09:22:34 +02:00
James Phillips
247f4a7e41
Simplifies Serf dynamic port selection code.
...
This isn't racy, it's just a little dirty. The listen will happen and a port
will be selected and injected into the config once the Serf instance is
created, so we don't need the retry loop here.
2017-07-07 09:22:34 +02:00
James Phillips
e2935e7509
test: Changes WAN/LAN join confirmer to use port number vs. address.
...
This fixes TestServer_JoinSeparateLanAndWanAddresses which sets bogus
advertise addresses as part of the test. Port numbers uniquely identify
members since everything is running on localhost.
2017-07-07 09:22:34 +02:00
Frank Schroeder
98dc634f17
test: make joinLAN/WAN reliable
...
only return if the members can see each other
2017-07-07 09:22:34 +02:00
Frank Schroeder
74d3c4d896
rpc: make TestServer_JoinSeparateLanAndWanAddresses more robust
2017-07-07 09:22:34 +02:00
Frank Schroeder
ae59198e38
rpc: make TestClient_SnapshotRPC_TLS more robust
2017-07-07 09:22:34 +02:00
Frank Schroeder
f4af0b6ab6
agent: make timing sensitive tests more robust
...
* make timing less aggressive
* mark timing tests as non-parallel
2017-07-07 09:22:34 +02:00
Frank Schroeder
37a7e52dd9
agent: fix TestCheckHTTP_TLSSkipVerify_true_pass
...
Make check timing less aggressive and give the test some time
to execute.
2017-07-07 09:22:34 +02:00
Frank Schroeder
46221d2b56
agent: do not modify agent config after NewAgent
2017-07-07 09:22:34 +02:00
Frank Schroeder
217d34f66d
agent: fix pending data races between localState and agent
...
This patch creates a local config structure for the local state
which is independent from the agent but populated from its
configuration. This avoids data races between the agent configuration
which can change during tests and concurrent go routines using the
configuraiton at the same time.
2017-07-07 09:22:34 +02:00
Frank Schroeder
6715a7a0c2
dns: fix data race in TestDNS_ServiceLookup_FilterACL
...
The agent config cannot be modified after start.
2017-07-07 09:22:34 +02:00
Frank Schroeder
62b695fb17
agent: fix data race in TestAgentAntiEntropy_EnableTagOverride
2017-07-07 09:22:34 +02:00
Frank Schroeder
188ea638d5
agent: clone partial consul config
...
The agent configuration for the consul server is a partial configuration
which needs to be cloned to avoid data races.
This is a stop-gap measure before moving the configuration into
a separate package.
2017-07-07 09:22:34 +02:00
Frank Schroeder
53e409758b
dns: fix data races in DNS compression tests
...
Make the DisableCompression value configurable at runtime
to allow tests to change it without restarting/recreating
the server.
2017-07-07 09:22:34 +02:00
Frank Schroeder
24d8bdfb02
agent: fix data race between consul server and local state
2017-07-07 09:22:34 +02:00
Frank Schroeder
0ed76615d3
rpc: monkey patch fix for data races for localState
...
The tests that use the localState of the agent access the internal
variables and call methods which are not guarded by locks creating
data races in tests. While the use of internal variables is somewhat
easy to spot the fact that not all methods are thread-safe is a
surprise.
A proper fix requires the localState struct to be moved into its own
package so that tests in the agent can only access the external
interface.
However, the localState is currently dependent on the agent.Config
which would create a circular dependency. Therefore, the Config
struct needs to be moved first for this to happen.
This patch literally monkey patches the use of the lock around the
cases which have data races and marks them with a
// todo(fs): data race comment.
2017-07-07 09:22:34 +02:00
Frank Schroeder
96c03ce73b
rpc: try shutting down leader first to avoid hang in TestLeader_LeftServer
2017-07-07 09:22:34 +02:00
Frank Schroeder
2eb2941e8c
rpc: fix logging and try quicker timing of TestServer_JoinSeparateLanAndWanAddresses
2017-07-07 09:22:34 +02:00
Frank Schroeder
98510f898c
rpc: less agressive raft timeouts
...
Allowing more time for raft to consolidate should
drop the number of leader elections.
2017-07-07 09:22:34 +02:00
Frank Schroeder
50c81a9397
rpc: run agent/consul tests in parallel
2017-07-07 09:22:34 +02:00
Frank Schroeder
b3189a566a
rpc: refactor sessionTimers and fix racy tests
...
The sessionTimers map was secured by a lock which wasn't used
properly in the tests. This lead to data races and failing tests
when accessing the length or the members of the map.
This patch adds a separate SessionTimers struct which is safe
for concurrent use and which ecapsulates the behavior of the
sessionTimers map.
2017-07-07 09:22:34 +02:00
Frank Schroeder
06ad8e96be
rpc: fix TestServer_Leave
...
wait for the leader election.
2017-07-07 09:22:34 +02:00
Frank Schroeder
4a073aec1c
rpc: fix TestSession_Renew
...
make the timing less tight
2017-07-07 09:22:34 +02:00
Frank Schroeder
77ff9f680f
rpc: fix TestReadyForConsistentRead
...
timing was too tight. Standardized name.
2017-07-07 09:22:34 +02:00
Frank Schroeder
e3252f921a
rpc: fix for 'no leader' in TLS tests
...
Ensure both servers know about each other before looking
for a leader.
2017-07-07 09:22:34 +02:00
Frank Schroeder
2497b8416b
rpc: fix TestServer_JoinWAN_Flood
...
The second server in the first data center should not be
in bootstrap mode.
2017-07-07 09:22:34 +02:00
Frank Schroeder
7af30dd7d7
rpc: provide unique node names for server and client
2017-07-07 09:22:34 +02:00
Frank Schroeder
457910b191
rpc: prefix log output with test name
2017-07-07 09:22:34 +02:00
Frank Schroeder
c33f7ecbe2
rpc: discover serf wan port before starting serf lan
...
When using dynamic ports for the serf clusters then
the actual bind port of the serf WAN cluster needs to
be discovered before the serf LAN cluster is started
since the serf LAN cluster announces the port of the WAN
cluster.
2017-07-07 09:22:34 +02:00
Frank Schroeder
84c90cbd07
rpc: bind rpc test server to port 0
2017-07-07 09:22:34 +02:00
Frank Schroeder
7f5957ee93
rpc: refactor: unify test server setup
2017-07-07 09:22:34 +02:00
Frank Schroeder
325637b6be
rpc: fix typos
2017-07-07 09:22:34 +02:00
Frank Schroeder
85aa360843
agent: refactor: log to stderr during tests
2017-07-07 09:22:34 +02:00
Frank Schroeder
865a825116
agent: refactor: use handler for test http tls server
2017-07-07 09:22:34 +02:00
Frank Schroeder
21a0e94aea
agent: refactor: make address translation part of the agent
2017-07-07 09:22:34 +02:00
Preetha Appan
ae656575ea
Rename to raftNotifyCh, fix typo
2017-07-06 09:10:36 -05:00
Preetha Appan
777504ff0e
Fixes deadlock between barrier write and leader notify channel read . Fixes #3230
2017-07-05 17:09:18 -05:00
Grégoire Seux
2e7c202ca2
Correctly forward Host header in healthcheck ( #3203 )
...
Host header must be set explicitely on http requests
Change-Id: I91a32f0fb1ec3fbc713adf0e10869797e91172c7
Signed-off-by: Grégoire Seux <g.seux@criteo.com>
2017-06-29 16:26:08 -07:00
Preetha Appan
c872a05922
Fix missing formatting directive causing go vet to fail
2017-06-27 16:32:38 -05:00
Frank Schroeder
913748bcc4
Revert "agent: add allowStale option for HTTP API ( #3142 )"
...
This reverts commit 1e0fd27a74f5b18775ce91a84310430de35a4a80.
2017-06-27 07:04:55 +02:00
Frank Schröder
5500eb95eb
agent: fix DNS recursor tests ( #3190 )
...
The makeRecursor function was using an unreliable mechanism
to start a server with a random port. This patch changes this
so that the server starts on port 0 to let the kernel pick
a free port.
In addition, to similar functions for starting a test DNS
server were folded into one.
2017-06-25 10:42:37 -07:00
James Phillips
fb640d1ffe
Removes some useless comments.
2017-06-25 10:32:35 -07:00
James Phillips
4b85d33ef1
Fixes watch tracking during reloads and fixes address issue. ( #3189 )
...
This patch fixes watch registration through the config file and a broken log line when the watch registration fails. It also plumbs all the watch loading through a common function and tweaks the
unit test to create the watch before the reload.
2017-06-24 12:52:41 -07:00
James Phillips
2184136284
Changes host-based node IDs from opt-out to opt-in. ( #3187 )
2017-06-24 09:36:53 -07:00
James Phillips
59621dbccc
Revert "discover: move instance discover code into separate package ( #3144 )" ( #3180 )
...
This reverts commit 26bfb2d00a30bf30ebdd85ba2e1e19f37355853f.
2017-06-23 01:38:55 -07:00
James Phillips
728971afdb
Fixes broken HTTP header and method for health checks. ( #3178 )
...
* Fixes broken HTTP header and method for health checks.
* Adds a fuzz utility and test to make sure copy is complete.
2017-06-23 01:15:48 -07:00
wojtkiewicz
f320bb9083
agent: add allowStale option for HTTP API ( #3142 )
...
This patch adds an "allowStale" option to the HTTP API
configuration which allows stale reads to provide linear
read scalability.
Fixes #3142
2017-06-22 10:31:13 +02:00
wojtkiewicz
26c8697a40
agent: add "http_config"
...
This patch adds an "http_config" object to the config file
and moves the "http_api_response_headers" option there.
"http_api_response_headers" is now deprecated in favor of
"http_config.response_headers"
2017-06-22 10:31:11 +02:00
James Phillips
d2251018d9
Fixes checked in web assets and associated build scripts. ( #3173 )
2017-06-21 14:43:07 -07:00
Frank Schröder
4bdff5fff4
discover: move instance discover code into separate package ( #3144 )
...
This patch moves the code that discovers instances from metadata
information to github.com/hashicorp/go-discover with
sub-packages for each provider.
2017-06-21 10:40:38 +02:00
Frank Schröder
04b636d1f4
agent: notify systemd after JoinLAN ( #2121 )
...
This patch adds support for notifying systemd via the
NOTIFY_SOCKET by sending 'READY=1' to the socket after
a successful JoinLAN.
Fixes #2121
2017-06-21 06:43:55 +02:00
Frank Schroeder
f8e52c897e
agent: fix 'consul leave' shutdown race ( #2880 )
...
When the agent is triggered to shutdown via an external 'consul leave'
command delivered via the HTTP API then the client expects to receive a
response when the agent is down. This creates a race on when to shutdown
the agent itself like the RPC server, the checks and the state and the
external endpoints like DNS and HTTP.
This patch splits the shutdown process into two parts:
* shutdown the agent
* shutdown the endpoints (http and dns)
They can be executed multiple times, concurrently and in any order but
should be executed first agent, then endpoints to provide consistent
behavior across all use cases. Both calls have to be executed for a
proper shutdown.
This could be partially hidden in a single function but would introduce
some magic that happens behind the scenes which one has to know of but
isn't obvious.
Fixes #2880
2017-06-21 05:52:51 +02:00
Frank Schroeder
75f3add1f3
agent: drop unused constant
2017-06-21 05:42:39 +02:00
Frank Schroeder
a1dec8a46f
agent: make registerEndpoint private
...
This is only used for testing.
2017-06-21 05:42:39 +02:00
Frank Schroeder
d3ab99244b
agent: make the RPC endpoint overwrite mechanism more transparent
...
This patch hides the RPC handler overwrite mechanism from the
rest of the code so that it works in all cases and that there
is no cooperation required from the tested code, i.e. we can
drop a.getEndpoint().
2017-06-21 05:42:39 +02:00
Frank Schroeder
27adc31672
agent: rename agent var
2017-06-21 05:42:39 +02:00
Frank Schroeder
3e20a2ba81
agent: move structs into consul/structs pkg
...
* CheckDefinition
* ServiceDefinition
* CheckType
2017-06-21 05:42:39 +02:00
Frank Schroeder
db78252019
agent: move NotifyGroup into the agent pkg
2017-06-21 05:42:39 +02:00
Frank Schroeder
2c47bc5d5b
agent: move conn pool for muxed connections into separate pkg
2017-06-21 05:42:39 +02:00
Frank Schroeder
e930b55f71
agent: move the SnapshotReplyFn out of the way
...
When splitting up the consul package into server and client
the SnapshotReplyFn needs to be in a separate package to avoid
a circular dependency.
2017-06-21 05:42:39 +02:00
Frank Schroeder
b805a79078
agent: use the delegate interface for local state
2017-06-21 05:42:39 +02:00
Frank Schroeder
586b345767
agent: rename clientServer interface to delegate
2017-06-21 05:42:39 +02:00
preetapan
9e527836be
Merge pull request #3154 from hashicorp/issue_2644_redux
...
Fix stale reads on server startup. Consistent reads will now wait for up to config.RPCHoldTimeout for the server to get past its raft log, before returning an error. Servers that are starting up will eventually catch up.
This fixes issue #2644
2017-06-20 19:47:12 -05:00
Preetha Appan
bb559d8e6e
Minor fixes per code review
2017-06-20 19:43:07 -05:00
Frank Schroeder
280611d407
Revert "agent: fix 'consul leave' shutdown race ( #2880 )"
...
This reverts commit 90c83a32b586c7d4add8d8ca0096025ecb886a77.
2017-06-19 21:34:08 +02:00
Frank Schroeder
226a5d3db4
agent: fix 'consul leave' shutdown race ( #2880 )
...
When the agent is triggered to shutdown via an external 'consul leave'
command delivered via the HTTP API then the client expects to receive a
response when the agent is down. This creates a race on when to shutdown
the agent itself like the RPC server, the checks and the state and the
external endpoints like DNS and HTTP. Ideally, the external endpoints
should be shutdown before the internal state but if the goal is to
respond reliably that the agent is down then this is not possible.
This patch splits the agent shutdown into two parts implemented in a
single method to keep it simple and unambiguos for the caller. The first
stage shuts down the internal state, checks, RPC server, ...
synchronously and then triggers the shutdown of the external endpoints
asychronously. This way the caller is guaranteed that the internal state
services are down when Shutdown returns and there remains enough time to
send a response.
Fixes #2880
2017-06-19 21:24:26 +02:00
Preetha Appan
f535a298f3
Added unit test to verify consistentRead method behavior
2017-06-16 11:58:12 -05:00
Preetha Appan
f616a8dd06
Code review feedback, fixed major logic bug
2017-06-16 10:49:54 -05:00
Preetha Appan
42d3a3f3db
Redo bug fix for stale reads on server startup, leveraging RPCHOldtimeout instead of maxQueryTime, plus tests
2017-06-15 22:41:30 -05:00
Kyle Havlovitz
5e45aec642
Add an option to disable keyring file ( #3145 )
...
Also disables keyring file in dev mode.
2017-06-15 15:24:04 -07:00
Seth Vargo
10c450c78d
Add EDNS0 support ( #3131 )
...
This is a refactor of GH-1980. Originally I tried to do a straight
rebase, but the code has changed too much.
2017-06-14 16:22:54 -07:00
Preetha Appan
ea1f301661
Fixed static asset build target and checked in new executable for assetfs
2017-06-12 12:57:02 -05:00
Frank Schroeder
cd837b0b18
pkg refactor
...
command/agent/* -> agent/*
command/consul/* -> agent/consul/*
command/agent/command{,_test}.go -> command/agent{,_test}.go
command/base/command.go -> command/base.go
command/base/* -> command/*
commands.go -> command/commands.go
The script which did the refactor is:
(
cd $GOPATH/src/github.com/hashicorp/consul
git mv command/agent/command.go command/agent.go
git mv command/agent/command_test.go command/agent_test.go
git mv command/agent/flag_slice_value{,_test}.go command/
git mv command/agent .
git mv command/base/command.go command/base.go
git mv command/base/config_util{,_test}.go command/
git mv commands.go command/
git mv consul agent
rmdir command/base/
gsed -i -e 's|package agent|package command|' command/agent{,_test}.go
gsed -i -e 's|package agent|package command|' command/flag_slice_value{,_test}.go
gsed -i -e 's|package base|package command|' command/base.go command/config_util{,_test}.go
gsed -i -e 's|package main|package command|' command/commands.go
gsed -i -e 's|base.Command|BaseCommand|' command/commands.go
gsed -i -e 's|agent.Command|AgentCommand|' command/commands.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/commands.go
gsed -i -e 's|base\.||' command/commands.go
gsed -i -e 's|command\.||' command/commands.go
gsed -i -e 's|command|c|' main.go
gsed -i -e 's|range Commands|range command.Commands|' main.go
gsed -i -e 's|Commands: Commands|Commands: command.Commands|' main.go
gsed -i -e 's|base\.BoolValue|BoolValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.DurationValue|DurationValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.StringValue|StringValue|' command/operator_autopilot_set.go
gsed -i -e 's|base\.UintValue|UintValue|' command/operator_autopilot_set.go
gsed -i -e 's|\bCommand\b|BaseCommand|' command/base.go
gsed -i -e 's|BaseCommand Options|Command Options|' command/base.go
gsed -i -e 's|base.Command|BaseCommand|' command/*.go
gsed -i -e 's|c\.Command|c.BaseCommand|g' command/*.go
gsed -i -e 's|\tCommand:|\tBaseCommand:|' command/*_test.go
gsed -i -e 's|base\.||' command/*_test.go
gsed -i -e 's|\bCommand\b|AgentCommand|' command/agent{,_test}.go
gsed -i -e 's|cmd.AgentCommand|cmd.BaseCommand|' command/agent.go
gsed -i -e 's|cli.AgentCommand = new(Command)|cli.Command = new(AgentCommand)|' command/agent_test.go
gsed -i -e 's|exec.AgentCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|exec.BaseCommand|exec.Command|' command/agent_test.go
gsed -i -e 's|NewTestAgent|agent.NewTestAgent|' command/agent_test.go
gsed -i -e 's|= TestConfig|= agent.TestConfig|' command/agent_test.go
gsed -i -e 's|: RetryJoin|: agent.RetryJoin|' command/agent_test.go
gsed -i -e 's|\.\./\.\./|../|' command/config_util_test.go
gsed -i -e 's|\bverifyUniqueListeners|VerifyUniqueListeners|' agent/config{,_test}.go command/agent.go
gsed -i -e 's|\bserfLANKeyring\b|SerfLANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bserfWANKeyring\b|SerfWANKeyring|g' agent/{agent,keyring,testagent}.go command/agent.go
gsed -i -e 's|\bNewAgent\b|agent.New|g' command/agent{,_test}.go
gsed -i -e 's|\bNewAgent|New|' agent/{acl_test,agent,testagent}.go
gsed -i -e 's|\bAgent\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bBool\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDefaultConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bDevConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bMergeConfig\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bReadConfigPaths\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bParseMetaPair\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfLANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|\bSerfWANKeyring\b|agent.&|g' command/agent{,_test}.go
gsed -i -e 's|circonus\.agent|circonus|g' command/agent{,_test}.go
gsed -i -e 's|logger\.agent|logger|g' command/agent{,_test}.go
gsed -i -e 's|metrics\.agent|metrics|g' command/agent{,_test}.go
gsed -i -e 's|// agent.Agent|// agent|' command/agent{,_test}.go
gsed -i -e 's|a\.agent\.Config|a.Config|' command/agent{,_test}.go
gsed -i -e 's|agent\.AppendSliceValue|AppendSliceValue|' command/{configtest,validate}.go
gsed -i -e 's|consul/consul|agent/consul|' GNUmakefile
gsed -i -e 's|\.\./test|../../test|' agent/consul/server_test.go
# fix imports
f=$(grep -rl 'github.com/hashicorp/consul/command/agent' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/command/agent|github.com/hashicorp/consul/agent|' $f
goimports -w $f
f=$(grep -rl 'github.com/hashicorp/consul/consul' * | grep '\.go')
gsed -i -e 's|github.com/hashicorp/consul/consul|github.com/hashicorp/consul/agent/consul|' $f
goimports -w $f
goimports -w command/*.go main.go
)
2017-06-10 18:52:45 +02:00