Commit graph

141 commits

Author SHA1 Message Date
James Phillips b209c2afe2 Adds an RPC endpoint injection method for testing. 2015-11-15 17:06:00 -08:00
James Phillips 09034a84bd Adds prefix "prepared" to everything prepared query-related. 2015-11-15 17:06:00 -08:00
James Phillips 2183565d83 Adds basic structure for prepared queries (needs tests). 2015-11-15 17:06:00 -08:00
James Phillips 132e1d813b Fixes configs now that Serf always caches coordinates. 2015-10-23 15:23:01 -07:00
James Phillips aea2194ce3 Makes the default protocol 2 and lets 3 interoperate with 2. 2015-10-23 15:23:01 -07:00
James Phillips f71c79c53f Does some small cleanups based on PR feedback.
* Holds coordinate updates in map and gets rid of the update channel.
* Cleans up config variables a bit.
2015-10-23 15:23:01 -07:00
James Phillips b6c31bdf2f Flips the sense of the coordinate enable option. 2015-10-23 15:23:01 -07:00
James Phillips edb9a119e2 Does a clean up pass on the Consul side. 2015-10-23 15:23:01 -07:00
Derek Chiang b805215237 Address comments 2015-10-23 15:23:01 -07:00
Derek Chiang 213f5a15e6 Fix tests 2015-10-23 15:23:01 -07:00
Derek Chiang eb599a1745 Address comments 2015-10-23 15:23:01 -07:00
Derek Chiang b2cff43bb5 Complete logic for sending coordinates 2015-10-23 15:23:01 -07:00
Derek Chiang b5bbe2bcfa Adding tests and stuff 2015-10-23 15:23:01 -07:00
Derek Chiang e54c8f2ea0 Start adding stuff 2015-10-23 15:23:01 -07:00
James Phillips 3f07f0685f Nukes old state store's connection to FSM and RPC. 2015-10-15 14:59:09 -07:00
James Phillips 1463e6100a Integrates new state store into leader and catalog/health endpoints. 2015-10-15 14:59:09 -07:00
Dale Wijnand c5168e1263 Fix a bunch of typos. 2015-09-15 13:22:08 +01:00
Anthony Scalisi 8d733b7fca remove various typos 2015-09-11 12:29:54 -07:00
James Phillips c0127e9932 Bumps protocol version back down as we've made memberlist smarter. 2015-08-31 11:16:34 -07:00
Ryan Uber d2eac37579 agent: remove unnecessary EventFire function 2015-07-02 06:56:27 -07:00
Ryan Uber 6e9adae494 consul: use acl cache struct in server 2015-06-18 18:13:29 -07:00
James Phillips 7b8aae37cb Bumps protocol version to 3 to get serf version 5. 2015-06-02 17:50:35 -07:00
Armon Dadgar 9642384429 consul: support the new TLS wrapper 2015-05-11 15:15:36 -07:00
Armon Dadgar a1de4b17c2 consul: use tlsutil.Wrapper instead of tls.Config directly 2015-05-11 13:09:19 -07:00
Ryan Uber 41aa5aeb09 consul: swap over to raft-boltdb 2015-03-26 20:01:52 -07:00
Ryan Uber 275d99e1dc consul: allow returning custom error for merge delegate 2015-02-22 18:24:10 -08:00
Ryan Breen 53afd77e2d s/data center/datacenter/g 2015-02-19 17:45:47 -05:00
Armon Dadgar a695909a85 consul: Wait for RemovePeer in Leave as a follower 2015-01-20 16:19:54 -08:00
Armon Dadgar aec0dedd01 consul: remove ourself from raft peer set if we are the leader 2015-01-20 16:19:29 -08:00
Armon Dadgar 133cf457a3 consul: Use new LogCache to improve write throughput 2015-01-14 15:49:58 -08:00
Armon Dadgar a66a765ca9 consul: Adding merge delegate to prevent mixing clusters 2015-01-06 15:48:46 -08:00
Armon Dadgar 71c2c1468d consul: Thread Tombstone GC through 2015-01-05 14:43:55 -08:00
Armon Dadgar 6b9ace19cf consul: Collect useful session metrics 2015-01-02 22:46:51 +05:30
Armon Dadgar f25566931f consul: Make sessionTimersLock a plain mutex 2014-12-12 19:17:35 -08:00
Atin Malaviya b623af776b Consul Session TTLs
The design of the session TTLs is based on the Google Chubby approach
(http://research.google.com/archive/chubby-osdi06.pdf). The Session
struct has an additional TTL field now. This attaches an implicit
heartbeat based failure detector. Tracking of heartbeats is done by
the current leader and not persisted via the Raft log. The implication
of this is during a leader failover, we do not retain the last
heartbeat times.

Similar to Chubby, the TTL represents a lower-bound. Consul promises
not to terminate a session before the TTL has expired, but is allowed
to extend the expiration past it. This enables us to reset the TTL on
a leader failover. The TTL is also extended when the client does a
heartbeat. Like Chubby, this means a TTL is extended on creation,
heartbeat or failover.

Additionally, because we must account for time requests are in transit
and the relative rates of clocks on the clients and servers, Consul
will take the conservative approach of internally multiplying the TTL
by 2x. This helps to compensate for network latency and clock skew
without violating the contract.

Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-12-07 12:38:22 -05:00
Ryan Uber 295f876923 command/agent: fix up gossip encryption indicator 2014-11-19 16:35:37 -08:00
Ryan Uber 96376212ff consul: use rpc layer only for key management functions, add rpc commands 2014-11-19 16:30:21 -08:00
Atin Malaviya 2bd0e8c745 consul.Config() helper to generate the tlsutil.Config{} struct, 30 second keepalive, use keepalive for HTTP and HTTPS 2014-11-18 17:56:48 -05:00
Atin Malaviya b4424a1a50 Moved TLS Config stuff to tlsutil package 2014-11-18 11:03:36 -05:00
Armon Dadgar 0ea385579a consul: Ensure FSM stores data in the data dir 2014-10-15 14:57:59 -07:00
Armon Dadgar 88b53702f1 consul: Reduce mmap size on 32bit 2014-10-15 11:32:40 -07:00
Armon Dadgar b1cf52db01 consul: expose UserEvent from Serf 2014-08-26 18:50:03 -07:00
Armon Dadgar 8153537e86 consul: Support management tokens 2014-08-18 15:46:23 -07:00
Armon Dadgar 61b80e912c consul: Use Etag for policy caching 2014-08-18 15:46:22 -07:00
Armon Dadgar bd124a8da3 consul: Pulling in ACLs 2014-08-18 15:46:21 -07:00
Armon Dadgar ea31f37dd6 consul: Adding ACL endpoint 2014-08-18 15:46:21 -07:00
Armon Dadgar ebae394863 consul: ACL setting passthrough 2014-08-18 15:46:20 -07:00
Armon Dadgar bf26a9160f consul: Defer serf handler until initialized. Fixes #254. 2014-07-22 09:36:58 -04:00
Armon Dadgar 020802f7a5 Merge pull request #233 from nelhage/tls-no-subjname
Restore the 0.2 TLS verification behavior.
2014-07-01 13:41:00 -07:00
Nelson Elhage 0a2476b20e Restore the 0.2 TLS verification behavior.
Namely, don't check the DNS names in TLS certificates when connecting to
other servers.

As of golang 1.3, crypto/tls no longer natively supports doing partial
verification (verifying the cert issuer but not the hostname), so we
have to disable verification entirely and then do the issuer
verification ourselves. Fortunately, crypto/x509 makes this relatively
straightforward.

If the "server_name" configuration option is passed, we preserve the
existing behavior of checking that server name everywhere.

No option is provided to retain the current behavior of checking the
remote certificate against the local node name, since that behavior
seems clearly buggy and unintentional, and I have difficulty imagining
it is actually being used anywhere. It would be relatively
straightforward to restore if desired, however.
2014-06-28 13:32:42 -07:00