Commit Graph

545 Commits

Author SHA1 Message Date
Paul Banks 217137b775
Fixes #4421: General solution to stop blocking queries with index 0 (#4437)
* Fix theoretical cache collision bug if/when we use more cache types with same result type

* Generalized fix for blocking query handling when state store methods return zero index

* Refactor test retry to only affect CI

* Undo make file merge

* Add hint to error message returned to end-user requests if Connect is not enabled when they try to request cert

* Explicit error for Roots endpoint if connect is disabled

* Fix tests that were asserting old behaviour
2018-07-25 20:26:27 +01:00
Kyle Havlovitz 45ec8849f3
connect/ca: add configurable leaf cert TTL 2018-07-16 13:33:37 -07:00
Matt Keeler 0a365b1a4f
Merge pull request #4374 from hashicorp/feature/proxy-env-vars
Setup managed proxy environment with API client env vars
2018-07-12 09:13:54 -04:00
Matt Keeler c70d25eaea Add some tests for GenerateEnv 2018-07-12 07:43:51 -04:00
Matt Keeler 1e5e9fd8cd PR Updates
Proxy now doesn’t need to know anything about the api as we pass env vars to it instead of the api config.
2018-07-11 09:44:54 -04:00
Matt Keeler 358e6c8f6a Pass around an API Config object and convert to env vars for the managed proxy 2018-07-10 12:13:51 -04:00
Hamish ebda1e8fda Fix lock and semaphore timeouts 2018-07-06 10:55:25 +01:00
Mitchell Hashimoto 03b683f702
agent: 400 error on invalid UUID format, api handles errors properly 2018-06-27 07:40:06 +02:00
Kyle Havlovitz d436463d75 revert go changes to hide rotation config 2018-06-25 12:26:18 -07:00
Kyle Havlovitz 837f23441d connect/ca: hide the RotationPeriod config field since it isn't used yet 2018-06-25 12:26:18 -07:00
Kyle Havlovitz cea94d0bcf connect/ca: update Consul provider to use new cross-sign CSR method 2018-06-25 12:25:41 -07:00
Paul Banks 21fb98ad5a Fix test broken by final telemetry PR change! 2018-06-25 12:25:40 -07:00
Paul Banks ba6e909ed7 Misc test fixes 2018-06-25 12:25:39 -07:00
Paul Banks 530d4acc57 Misc rebase and test fixes 2018-06-25 12:25:38 -07:00
Paul Banks 3d51c2aeac Get agent cache tests passing without global hit count (which is racy).
Few other fixes in here just to get a clean run locally - they are all also fixed in other PRs but shouldn't conflict.

This should be robust to timing between goroutines now.
2018-06-25 12:25:37 -07:00
Paul Banks d6b13463ed Fix misc test failures (some from other PRs) 2018-06-25 12:25:13 -07:00
Kyle Havlovitz 549dc22944 connect: fix two CA tests that were broken in a previous PR (#60) 2018-06-25 12:25:10 -07:00
Paul Banks 6c77f7883e Misc comment cleanups 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 7e796fd07b api: update intention struct for precedence 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 36adf98cc4 api: change Connect to a query option 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 5bc17838f3 api: support ExecuteConnect 2018-06-25 12:24:12 -07:00
Mitchell Hashimoto 62512adb84 api: support native connect 2018-06-25 12:24:10 -07:00
Paul Banks 1e5a2561b6 Make tests pass and clean proxy persistence. No detached child changes yet.
This is a good state for persistence stuff to re-start the detached child work that got mixed up last time.
2018-06-25 12:24:10 -07:00
Paul Banks 3bac52480e Abandon daemonize for simpler solution (preserving history):
Reverts:
  - bdb274852ae469c89092d6050697c0ff97178465
  - 2c689179c4f61c11f0016214c0fc127a0b813bfe
  - d62e25c4a7ab753914b6baccd66f88ffd10949a3
  - c727ffbcc98e3e0bf41e1a7bdd40169bd2d22191
  - 31b4d18933fd0acbe157e28d03ad59c2abf9a1fb
  - 85c3f8df3eabc00f490cd392213c3b928a85aa44
2018-06-25 12:24:10 -07:00
Paul Banks e1aca748c4 Make daemoinze an option on test binary without hacks. Misc fixes for racey or broken tests. Still failing on several though. 2018-06-25 12:24:09 -07:00
Kyle Havlovitz 1a1090aebf
Add client api support for CA config endpoints 2018-06-14 09:42:22 -07:00
Mitchell Hashimoto a316ba7f39
api: IntentionUpdate API 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto efa82278e2
api: IntentionDelete + tests 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto aead9cd422
command/intention/get: the get command without tests 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto 77d0360de1
command/intention/finder: package for finding based on src/dst 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto a1a7eaa876
command/intention/create 2018-06-14 09:42:18 -07:00
Mitchell Hashimoto bf99a7f54a
api: IntentionCheck 2018-06-14 09:42:18 -07:00
Paul Banks cac32ba071
More test cleanup 2018-06-14 09:42:16 -07:00
Paul Banks 834ed1d25f
Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes. 2018-06-14 09:42:16 -07:00
Mitchell Hashimoto 536f31571b
agent: change connect command paths to be slices, not strings
This matches other executable configuration and allows us to cleanly
separate executable from arguments without trying to emulate shell
parsing.
2018-06-14 09:42:08 -07:00
Paul Banks 02ab461dae
TLS watching integrated into Service with some basic tests.
There are also a lot of small bug fixes found when testing lots of things end-to-end for the first time and some cleanup now it's integrated with real CA code.
2018-06-14 09:42:07 -07:00
Paul Banks 6f566f750e
Basic `watch` support for connect proxy config and certificate endpoints.
- Includes some bug fixes for previous `api` work and `agent` that weren't tested
 - Needed somewhat pervasive changes to support hash based blocking - some TODOs left in our watch toolchain that will explicitly fail on hash-based watches.
 - Integration into `connect` is partially done here but still WIP
2018-06-14 09:42:05 -07:00
Paul Banks a90f69faa4
Adds `api` client code and tests for new Proxy Config endpoint, registering with proxy and seeing proxy config in /agent/services list. 2018-06-14 09:41:58 -07:00
Paul Banks 280382c25f
Add tests all the way up through the endpoints to ensure duplicate src/destination is supported and so ultimately deny/allow nesting works.
Also adds a sanity check test for `api.Agent().ConnectAuthorize()` and a fix for a trivial bug in it.
2018-06-14 09:41:57 -07:00
Mitchell Hashimoto 26f254fac0
api: rename Authorize field to ClientCertURI 2018-06-14 09:41:56 -07:00
Mitchell Hashimoto 9de861d722
api: fix up some comments and rename IssuedCert to LeafCert 2018-06-14 09:41:56 -07:00
Mitchell Hashimoto c0894f0f50
api: IntentionMatch 2018-06-14 09:41:56 -07:00
Mitchell Hashimoto 9c33068394
api: starting intention endpoints, reorganize files slightly 2018-06-14 09:41:55 -07:00
Mitchell Hashimoto b5b301aa2a
api: endpoints for working with CA roots, agent authorize, etc. 2018-06-14 09:41:55 -07:00
Paul Banks 3efe3f8aff
require -> assert until rebase 2018-06-14 09:41:54 -07:00
Paul Banks 894ee3c5b0
Add Connect agent, catalog and health endpoints to api Client 2018-06-14 09:41:54 -07:00
Kyle Havlovitz a480434517
Remove the script field from checks in favor of args 2018-05-08 15:31:53 -07:00
Pierre Souchay ee47eb7d7d Added Missing Service Meta synchronization and field 2018-04-21 17:34:29 +02:00
Paul Banks 2ed0d2afcd
Allow ignoring checks by ID when defining a PreparedQuery. Fixes #3727. 2018-04-10 14:04:16 +01:00
Preetha Appan d9d9944179
Renames agent API layer for service metadata to "meta" for consistency 2018-03-28 09:04:50 -05:00
Preetha 8dacb12c79
Merge pull request #3881 from pierresouchay/service_metadata
Feature Request: Support key-value attributes for services
2018-03-27 16:33:57 -05:00
Josh Soref 1dd8c378b9 Spelling (#3958)
* spelling: another

* spelling: autopilot

* spelling: beginning

* spelling: circonus

* spelling: default

* spelling: definition

* spelling: distance

* spelling: encountered

* spelling: enterprise

* spelling: expands

* spelling: exits

* spelling: formatting

* spelling: health

* spelling: hierarchy

* spelling: imposed

* spelling: independence

* spelling: inspect

* spelling: last

* spelling: latest

* spelling: client

* spelling: message

* spelling: minimum

* spelling: notify

* spelling: nonexistent

* spelling: operator

* spelling: payload

* spelling: preceded

* spelling: prepared

* spelling: programmatically

* spelling: required

* spelling: reconcile

* spelling: responses

* spelling: request

* spelling: response

* spelling: results

* spelling: retrieve

* spelling: service

* spelling: significantly

* spelling: specifies

* spelling: supported

* spelling: synchronization

* spelling: synchronous

* spelling: themselves

* spelling: unexpected

* spelling: validations

* spelling: value
2018-03-19 16:56:00 +00:00
Anubhav Mishra 1891d9a0a6
fix typo 2018-02-18 23:13:57 -08:00
Pierre Souchay 824b72cf90 Merge remote-tracking branch 'origin/master' into service_metadata 2018-02-11 13:20:49 +01:00
Kyle Havlovitz 7100161f64
Add gRPC fields to client api and agent check endpoint docs 2018-02-09 16:02:27 -08:00
Pierre Souchay 3acc5b58d4 Added support for Service Metadata 2018-02-07 01:54:42 +01:00
Veselkov Konstantin 05666113a4 remove golint warnings 2018-01-28 22:40:13 +04:00
James Hartig 1f3b110b65 Added CheckID and Name to AgentServiceCheck struct 2018-01-08 15:59:55 -05:00
James Phillips b09b846caa
Tightens up the API test verification. 2017-12-14 09:07:57 -08:00
James Phillips 47cd775b3d
Works around mapstructure behavior to enable sessions with no checks.
Fixes #3732
2017-12-14 09:07:56 -08:00
James Phillips 66ca49962e
Opens up the timing on the metrics test so it's less flaky. 2017-11-10 13:03:31 -08:00
James Phillips 532cafe0af
Adds enable_agent_tls_for_checks configuration option which allows (#3661)
HTTP health checks for services requiring 2-way TLS to be checked
using the agent's credentials.
2017-11-07 18:22:09 -08:00
James Phillips 8709f65afd
Adds HTTP/2 support to Consul's HTTPS server. (#3657)
* Refactors the HTTP listen path to create servers in the same spot.

* Adds HTTP/2 support to Consul's HTTPS server.

* Vendors Go HTTP/2 library and associated deps.
2017-11-07 15:06:59 -08:00
James Phillips ec795849ea
Fetches metrics in the retry loop so there's some hope.
Fixes #3656
2017-11-06 21:43:39 -08:00
Kyle Havlovitz 49a010555f
Update AgentCheck struct in api 2017-11-01 15:30:29 -07:00
Kyle Havlovitz 068ca11eb8
Move check definition to a sub-struct 2017-11-01 14:54:46 -07:00
Kyle Havlovitz bc3ba5f873
Merge branch 'master' into esm-changes 2017-11-01 11:37:48 -07:00
Kyle Havlovitz 3542d7fcb6
Remove redundant lines from coordinate test 2017-11-01 11:25:33 -07:00
Kyle Havlovitz 9909b661ac
Fill out the tests around coordinate/node functionality 2017-10-31 15:36:44 -07:00
Kyle Havlovitz 2c7f7799bb
Add tests around coordinate update endpoint 2017-10-26 20:12:54 -07:00
Kyle Havlovitz 496dd7ab5b
Merge branch 'coordinate-node-endpoint' of github.com:hashicorp/consul into esm-changes 2017-10-26 19:20:24 -07:00
Kyle Havlovitz f80e70271d
Added Coordinate.Node rpc endpoint and client api method 2017-10-26 19:16:40 -07:00
Kyle Havlovitz 16908be034
Add deregister critical service field and refactor duration parsing 2017-10-25 19:17:41 -07:00
James Phillips a73ed8c79a
Adds retry to API metrics test (flaky test). 2017-10-25 10:46:02 -07:00
Kyle Havlovitz ab3dac2379
Added coordinate update http endpoint 2017-10-25 19:37:30 +02:00
Kyle Havlovitz 7d82ece118
Added remaining HTTP health check fields to structs 2017-10-25 19:37:30 +02:00
Kyle Havlovitz 84a07ea113
Expose SkipNodeUpdate field and some health check info in the http api 2017-10-25 19:37:30 +02:00
Ryan Slade 7d698c0a10 Simplify string(buf.Bytes()) to buf.String() (#3590) 2017-10-18 13:26:09 -07:00
James Phillips 3d52f42715 Fixes API client for ScriptArgs and updates documentation. (#3589)
* Updates the API client to support the current `ScriptArgs` parameter
for checks.

* Updates docs for checks to explain the `ScriptArgs` parameter issue.

* Adds mappings for "args" and "script-args" to give th API parity
with config.

* Adds checks on return codes.

* Removes debug logging that shows empty when args are used.
2017-10-18 11:28:39 -07:00
Ryan Slade 6f05ea91a3 Replace time.Now().Sub(x) with time.Since(x) 2017-10-17 20:38:24 +02:00
James Phillips e9670761f9
Cleans up some drift between the OSS and Enterprise trees. 2017-10-11 15:53:07 -07:00
James Bardin 3ff612d625 retry locks on network errors (#3553)
* retry locks on network errors

When communicating with a local agent and watching a lock, a dropped
connection between the agent and server will show up as a server error
and immediately be retried. However if the client is connected to a
remote server, a dropped connection immediately aborts the lock.

* Updates comment about it being unsafe for writes.
2017-10-11 07:42:10 -07:00
Artiom Diomin 66338228dd Fix example code formatting in godoc 2017-10-11 14:52:22 +02:00
Frank Schröder b2c4dc4360 Provide stable config for agent/self (#3532)
* config: provide stable config for /v1/agent/self (#3530)

This patch adds a stable subset of the previous Config struct to the
agent/self response. The actual runtime configuration is moved into
DebugConfig and will be documented to change.

Fixes #3530

* config: fix tests

* doc: update api documentation for /v1/agent/self
2017-10-04 10:43:17 -07:00
Frank Schröder cda0eacff1 Recursive sanitize (#3505)
* vendor: add github.com/sergi/go-diff/diffmatchpatch for diff'ing test output

* config: refactor Sanitize to recursively clean runtime config and format complex fields

* Removes an extra int cast.

* Adds a top-level check test case for sanitization.
2017-09-27 11:47:40 -07:00
Preetha Appan 318d0232f7 Move Raft protocol version for list peers end point to server side, fix unit tests. This fixes #3449 2017-09-26 09:35:39 -05:00
Preetha Appan c4002c80de Fix import order 2017-09-25 18:06:49 -05:00
preetapan 4ced57c1f8 Merge pull request #3494 from hashicorp/enforce_json_extension
Enforce json or hcl extension to Consul config files, updated unit tests
2017-09-25 17:30:33 -05:00
James Phillips fcaa889116 Bumps default Raft protocol to version 3. (#3477)
* Changes default Raft protocol to 3.

* Changes numPeers() to report only voters.

This should have been there before, but it's more obvious that this
is incorrect now that we default the Raft protocol to 3, which puts
new servers in a read-only state while Autopilot waits for them to
become healthy.

* Fixes TestLeader_RollRaftServer.

* Fixes TestOperator_RaftRemovePeerByAddress.

* Fixes TestServer_*.

Relaxed the check for a given number of voter peers and instead do
a thorough check that all servers see each other in their Raft
configurations.

* Fixes TestACL_*.

These now just check for Raft replication to be set up, and don't
care about the number of voter peers.

* Fixes TestOperator_Raft_ListPeers.

* Fixes TestAutopilot_CleanupDeadServerPeriodic.

* Fixes TestCatalog_ListNodes_ConsistentRead_Fail.

* Fixes TestLeader_ChangeServerID and adjusts the conn pool to throw away
sockets when it sees io.EOF.

* Changes version to 1.0.0 in the options doc.

* Makes metrics test more deterministic with autopilot metrics possible.
2017-09-25 15:27:04 -07:00
Preetha Appan 8ec782620d Fix one more unit test that created a config file 2017-09-25 17:26:49 -05:00
Frank Schröder 69a088ca85 New config parser, HCL support, multiple bind addrs (#3480)
* new config parser for agent

This patch implements a new config parser for the consul agent which
makes the following changes to the previous implementation:

 * add HCL support
 * all configuration fragments in tests and for default config are
   expressed as HCL fragments
 * HCL fragments can be provided on the command line so that they
   can eventually replace the command line flags.
 * HCL/JSON fragments are parsed into a temporary Config structure
   which can be merged using reflection (all values are pointers).
   The existing merge logic of overwrite for values and append
   for slices has been preserved.
 * A single builder process generates a typed runtime configuration
   for the agent.

The new implementation is more strict and fails in the builder process
if no valid runtime configuration can be generated. Therefore,
additional validations in other parts of the code should be removed.

The builder also pre-computes all required network addresses so that no
address/port magic should be required where the configuration is used
and should therefore be removed.

* Upgrade github.com/hashicorp/hcl to support int64

* improve error messages

* fix directory permission test

* Fix rtt test

* Fix ForceLeave test

* Skip performance test for now until we know what to do

* Update github.com/hashicorp/memberlist to update log prefix

* Make memberlist use the default logger

* improve config error handling

* do not fail on non-existing data-dir

* experiment with non-uniform timeouts to get a handle on stalled leader elections

* Run tests for packages separately to eliminate the spurious port conflicts

* refactor private address detection and unify approach for ipv4 and ipv6.

Fixes #2825

* do not allow unix sockets for DNS

* improve bind and advertise addr error handling

* go through builder using test coverage

* minimal update to the docs

* more coverage tests fixed

* more tests

* fix makefile

* cleanup

* fix port conflicts with external port server 'porter'

* stop test server on error

* do not run api test that change global ENV concurrently with the other tests

* Run remaining api tests concurrently

* no need for retry with the port number service

* monkey patch race condition in go-sockaddr until we understand why that fails

* monkey patch hcl decoder race condidtion until we understand why that fails

* monkey patch spurious errors in strings.EqualFold from here

* add test for hcl decoder race condition. Run with go test -parallel 128

* Increase timeout again

* cleanup

* don't log port allocations by default

* use base command arg parsing to format help output properly

* handle -dc deprecation case in Build

* switch autopilot.max_trailing_logs to int

* remove duplicate test case

* remove unused methods

* remove comments about flag/config value inconsistencies

* switch got and want around since the error message was misleading.

* Removes a stray debug log.

* Removes a stray newline in imports.

* Fixes TestACL_Version8.

* Runs go fmt.

* Adds a default case for unknown address types.

* Reoders and reformats some imports.

* Adds some comments and fixes typos.

* Reorders imports.

* add unix socket support for dns later

* drop all deprecated flags and arguments

* fix wrong field name

* remove stray node-id file

* drop unnecessary patch section in test

* drop duplicate test

* add test for LeaveOnTerm and SkipLeaveOnInt in client mode

* drop "bla" and add clarifying comment for the test

* split up tests to support enterprise/non-enterprise tests

* drop raft multiplier and derive values during build phase

* sanitize runtime config reflectively and add test

* detect invalid config fields

* fix tests with invalid config fields

* use different values for wan sanitiziation test

* drop recursor in favor of recursors

* allow dns_config.udp_answer_limit to be zero

* make sure tests run on machines with multiple ips

* Fix failing tests in a few more places by providing a bind address in the test

* Gets rid of skipped TestAgent_CheckPerformanceSettings and adds case for builder.

* Add porter to server_test.go to make tests there less flaky

* go fmt
2017-09-25 11:40:42 -07:00
James Phillips 02a3f3f27b
Shows the segment name in the keyring API and command output. 2017-09-07 12:17:39 -07:00
James Phillips c629773b40
Makes the all segments query explict, and the default for `consul members`. 2017-09-05 12:22:20 -07:00
Kyle Havlovitz 777cf7b017
Change segment list endpoint in docs/client api 2017-09-01 12:40:07 -07:00
Kyle Havlovitz 5cc4b32a5d
Organize segments for a cleaner split between enterprise and OSS 2017-08-31 17:39:46 -07:00
Kyle Havlovitz d9fc2b3d75
Update coord display in ui to account for segments 2017-08-30 11:58:29 -07:00
Kyle Havlovitz 107d7f6c5a
Add rpc_listener option to segment config 2017-08-30 11:58:29 -07:00
James Phillips 6a6eadd8c7
Adds open source side of network segments (feature is Enterprise-only). 2017-08-30 11:58:29 -07:00
Illirgway 46915108e7 Fix bug with unused (replaced with "") CONSUL_HTTP_AUTH in some places
example: https://github.com/hashicorp/consul/blob/master/watch/plan.go#L26

	conf := consulapi.DefaultConfig()
	conf.Address = address
	conf.Datacenter = p.Datacenter
	conf.Token = p.Token                             # <-- replace Token from DefaultConfig/CONSUL_HTTP_AUTH with ""
	client, err := consulapi.NewClient(conf)

how to reproduce bug:
0. consul -> localhost:8500 with more than 0 service checks
1. deny all for anonymous token
2. create appropriate acl <token> for watch checks (agent:read + node:read,service:read)
3. bash:
CONSUL_HTTP_AUTH=<token> consul watch -http-addr=localhost:8500 -type=checks # --> return []
consul watch -http-addr=localhost:8500 -type=checks -token=<token> # -> return { .... right json result .... }
2017-08-16 01:51:18 +03:00
James Phillips a2bb506cea
Adds a guard to make sure that empty log lines don't close consul monitor.
Fixes #3253.
2017-08-08 16:05:29 -07:00
Kyle Havlovitz 879651a4ea
Update api structs for metrics endpoint 2017-08-08 12:33:59 -07:00
Kyle Havlovitz 975ded2714
Add support for labels/filters from go-metrics 2017-08-08 01:45:10 -07:00
James Phillips 803ed9a245 Adds secure introduction for the ACL replication token. (#3357)
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
James Phillips c31b56a03e Adds a new /v1/acl/bootstrap API (#3349) 2017-08-02 17:05:18 -07:00
James Phillips 6e794ea1b3 Adds support for agent-side ACL token management via API instead of config files. (#3324)
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
Kyle Havlovitz 1ffd2ec05b
Add UpgradeVersionTag to autopilot config 2017-07-18 13:35:41 -07:00
James Phillips 788dd255a1 Adds new config to make script checks opt-in, updates documentation. (#3284) 2017-07-17 11:20:35 -07:00
James Phillips f5188dfe8c Expands and rework context support in the API client. (#3273) 2017-07-14 17:30:08 -07:00
James Bardin 96ae8c1231 accept recv-only channels for cancellations (#3271)
Cancellation channels are often derived from a Context, which
returns a directional `<-chan struct{}` from Done(). In order to use
this with parts of of the consul API, one is required to create a new
channel and dispatch a separate goroutine to watch for context
cancellation and close the new channel.

Changing the signature for the methods that take cancellation channels
will allow easier integration with existing uses of Context. Since the
cancellation pattern only reads from these channels, there should be no
backwards incompatibility with existing codebases, and most of the
methods already accept only the correct type.
2017-07-14 16:31:44 -07:00
Frank Schroeder 88efbb0cc1 api: fix TestAPI_CatalogNodes test 2017-07-07 09:22:34 +02:00
Frank Schroeder 9a99069aad agent: fix failing test from localState decoupling
Would be nice to know what changed though.
2017-07-07 09:22:34 +02:00
Frank Schroeder 6a1ab1a2e0 api: refactor: unify naming of API tests 2017-07-07 09:22:34 +02:00
Frank Schroeder 97b7578ccd api: refactor: prefix all API tests with API_ 2017-07-07 09:22:34 +02:00
Preetha Appan 82bf05c888 Fix socket file handle leaks from old blocking queries upon consul reload. This fixes issue #3018 2017-06-26 15:52:03 -05:00
Frank Schröder e206ab5cb6 agent: support custom header and method for http checks (#3106)
This patch adds support for custom headers and
method for HTTP checks.

Fixes #2474
Fixes #2657
Fixes #3106
2017-06-07 01:11:56 +02:00
James Phillips 6239c4aa50 Merge pull request #3077 from jwasinger/issue-2850
Prevent Session.Destroy from leaving open TCP connections
2017-06-02 21:43:55 -07:00
Jared Wasinger 7d006ba4ed Prevent Session.Destroy from leaving open TCP connections 2017-05-25 20:51:27 -07:00
Kyle Havlovitz 6092d2c2cc
Don't overwrite Transport's TLS config if it's been set 2017-05-24 13:45:19 -07:00
Kyle Havlovitz 32068f7025 Remove superfluous default HttpClient check in NewClient 2017-05-24 11:40:21 -07:00
Frank Schroeder 995c8d7086 test: make test less flaky 2017-05-12 22:12:47 +02:00
Frank Schroeder eedf0f3ac5 test: add helper for ioutil.TempDir/TempFile
This creates a simplified helper for temporary directories and files.
All path names are prefixed with the name of the current test.
All files and directories are stored either in /tmp/consul-test
or /tmp if the former could not be created.

Using the system temp dir breaks some tests on macOS where the unix
socket path becomes too long.
2017-05-12 22:12:47 +02:00
Frank Schroeder 15590a8446 test: include test name in temp file/dir
This helps identifying hanging tests by looking
at the process list.
2017-05-12 22:12:47 +02:00
James Phillips bccf493262
Fixes vet errors. 2017-05-09 06:48:52 -07:00
James Phillips 7007c89870
retry: Removes the description parameter. 2017-05-05 17:07:03 +02:00
Frank Schroeder 9435cadeee
test: Refactor WaitForResult tests with retry
Refactor tests that use testutil.WaitForResult to use retry.

Since this requires refactoring the test functions in general this patch
also shows the use of the github.com/pascaldekloe/goe/verify library
which provides a good mechanism for comparing nested data structures.
Instead of just converting the tests from testutil.WaitForResult to
retry the tests that performing a nested comparison of data structures
are converted to the verify library at the same time.
2017-05-05 17:07:02 +02:00
Kyle Havlovitz b5ed2ba536 Add separate option for verifying incoming HTTPS traffic (#2974)
* Add separate option for verifying incoming HTTPS traffic
2017-04-28 16:15:55 -07:00
Frank Schroeder 2bf668b658 api: Add ServiceTags to Health state endpoint (#153)
This patch adds the ServiceTags to the /v1/health/state/<state>
endpoint.

Fixes #153
2017-04-28 15:00:08 -07:00
James Phillips dfef029641 Merge pull request #2947 from bogdanov1609/added_ACLReplication
API: Add ACLReplication
2017-04-25 16:50:52 -07:00
James Phillips 742362fad1 Tweaks ACL replication struct name. 2017-04-25 16:32:09 -07:00
James Phillips a59f503c13 Tweaks ACL replication status struct name. 2017-04-25 16:31:20 -07:00
Frank Schroeder 9de4555c0c golint: Untangle if blocks with return in else 2017-04-25 09:26:13 -07:00
Ivan Bogdanov 822cf7ec20 API: Add ACLReplication 2017-04-25 00:39:50 +03:00
Frank Schröder 5f0a967507 Issue #2905: Add check-not-exists to TXN endpoint
This patch adds support for asserting that a given
key does not exist in the KV store.

Fixes #2905
2017-04-20 17:50:52 -07:00
Kyle Havlovitz bd9b0b34b2 Make the API client's httpClient more pluggable (#2926) 2017-04-18 16:39:23 -07:00
Frank Schröder 892fa89399 Add datacenter to catalog node API (#2917)
This patch stores the datacenter of a node in memdb
and exposes it via the API in all places where a Node
structure is returned.

 * /catalog/nodes
 * /catalog/node/:node
 * /catalog/service/:service
 * /health/service/:service
 * /query/:uuid/execute
2017-04-18 05:02:24 -07:00
Kyle Havlovitz cdd8b5b880
Add tls client options to api/cli 2017-04-14 13:37:29 -07:00
Brian Shumate 9d87883c85
API: Add struct fields, fixes #2882
- Add CreateIndex and ModifyIndex to AgentService
- Add CreateIndex and ModifyIndex to Node
2017-04-13 11:36:19 -04:00
James Phillips 76fdd5f392
Moves operator sub-functions into their own files. 2017-03-30 12:35:50 -07:00
Kyle Havlovitz a2058d23ef
Add CLI/API endpoints for removing peer by ID 2017-03-30 10:13:32 -07:00
Seth Vargo 2efa3bdff8
Use new APIs 2017-03-23 18:48:13 -04:00
Kyle Havlovitz 37ea20cb44
Add advanced autopilot features 2017-03-22 15:25:16 -07:00
James Phillips 77fa58bd23
Tweaks the agent leave test to patch an occasional local failure. 2017-03-22 09:56:53 -07:00
James Phillips ab1b643630
Adds missing area API. 2017-03-21 23:11:15 -07:00
James Phillips d68bd9cca0
Cleans up based on review feedback. 2017-03-20 16:23:40 -07:00
James Phillips 74dddf6695
Tweaks the join response to be more useful. 2017-03-16 21:01:03 -07:00
James Phillips 2d659a2c4d
Adds public API for the network area endpoints. 2017-03-16 16:42:19 -07:00
James Phillips 82b6fbd844
Adds router into RPC paths with work in progress on coordinates. 2017-03-16 16:42:18 -07:00
Kyle Havlovitz bc0494e396
Reorganized cluster health check loop and logic 2017-03-15 18:27:17 -07:00
Kyle Havlovitz c40279e012
Fix an issue with changing server IDs and add a few UX enhancements around autopilot features 2017-03-15 16:09:55 -07:00
Kyle Havlovitz 8130f9b1c1
Cleaned up and reorganized some autopilot-related code 2017-03-09 18:21:40 -08:00
Kyle Havlovitz 8bcab6c6d7
Add autopilot server health tracking
This adds two goroutines to perform autopilot tasks on the leader - one
to monitor the health of servers and another to periodically clean up
dead servers with a limit on removal count. Also adds a new http endpoint,
`/v1/operator/autopilot/health`, for querying this information through an
operator RPC endpoint.
2017-03-06 16:00:10 -08:00
Kyle Havlovitz 23c492a74e
Rename DeadServerCleanup and make wording adjustments 2017-02-28 14:45:21 -08:00
Kyle Havlovitz 6168911200
Added operator autopilot subcommands 2017-02-24 15:54:49 -08:00
Kyle Havlovitz c9ddee1a79
Add CAS capability to autopilot config endpoint 2017-02-24 13:08:49 -08:00
Kyle Havlovitz 7d514a7ef6
Add docs and api client methods for autopilot config 2017-02-23 21:00:15 -08:00
Jeff Mitchell 726590367f Update unix dial functions to use DialContext with new go-cleanhttp 2017-02-10 21:11:21 -05:00
Kyle Havlovitz 35d99a81ac
Update docs and give better error for unknown client scheme 2017-02-10 19:55:54 -05:00
Kyle Havlovitz 91e960832f
Allow prefixing -http-addr with http/https schemes 2017-02-10 18:25:46 -05:00
Kyle Havlovitz a64c5e69a3
Cleanup and formatting adjustments 2017-02-09 20:49:17 -05:00
Kyle Havlovitz d3b24d2d12
Convert keyring command to use base.Command 2017-02-08 18:25:47 -05:00
James Phillips aef0a68201
Lets the leave unit test proceed even after an EOF. 2017-01-26 22:22:18 -08:00
Kyle Havlovitz cc271aa436
Merge branch 'master' into f-prepared-query-nodemeta 2017-01-23 20:17:48 -05:00
Kyle Havlovitz 3cd054e81f
Add tests for node meta in prepared queries and update docs 2017-01-23 19:17:30 -05:00
James Phillips 55cd1d975c
Adds catalog support for node IDs. 2017-01-18 14:26:42 -08:00
James Phillips 96bff003b7
Adds basic support for node IDs. 2017-01-17 22:47:59 -08:00
Kyle Havlovitz e37f25dc02
Add node metadata filtering to remaining health/catalog endpoints 2017-01-13 20:08:43 -05:00
Kyle Havlovitz 2d03978139
Fix formatting 2017-01-11 20:44:22 -05:00
Kyle Havlovitz 15f008b3e3
Update client api and docs for node metadata 2017-01-11 19:28:58 -05:00
James Phillips 99a5ae2737
Bans anonymous queries that aren't tied to a session.
This gets us coverage of PQ creation under the existing service
policy or the soon-to-be-added session policy.
2016-12-12 14:52:27 -08:00
James Phillips 08c648f976 Merge pull request #2531 from alicebob/txntypes
fix KVOp types
2016-12-01 07:41:10 -08:00
Kyle Havlovitz dd05afb32e Add reload/leave http endpoints (#2516) 2016-11-30 13:29:42 -05:00
Seth Vargo 9f652c2690
Return the correct type 2016-11-29 21:17:00 -05:00
Seth Vargo 90f80056dd Merge pull request #2544 from hashicorp/sethvargo/best_status
Add an API method for determining the best status
2016-11-29 19:07:52 -05:00
James Phillips d97eb758c6 Merge pull request #2530 from coffeehc/master
adapt to server's checker field TLSSkipVerify type
2016-11-29 16:00:21 -08:00
Seth Vargo 2542c92b59
Do not log 2016-11-29 18:55:34 -05:00
Seth Vargo 1c55429a38
Add an API method for determining the best status
Given a list of HealthChecks, this determines the "best" status for the
collective group. This is useful for nodes and services, which may have
multiple checks associated with them.
2016-11-29 18:41:46 -05:00
Kyle Havlovitz 475408633a Add QueryOptions to api package's monitor 2016-11-28 18:36:26 -05:00
Kyle Havlovitz d91854f3b0 Add monitor http endpoint 2016-11-28 18:36:26 -05:00
Harmen f31f5f5962 fix KVOp types 2016-11-24 20:43:41 +01:00
James Phillips 7dc41b1c1f
Runs `go fmt`. 2016-11-22 17:49:48 -08:00
Kyle Havlovitz 66dea6951a Fix keyring doc method wording 2016-11-22 20:10:43 -05:00
Kyle Havlovitz 79f339b5dc Combine keyring endpoints into one 2016-11-22 20:10:43 -05:00
Kyle Havlovitz 2d37a07476 Add keyring http endpoints 2016-11-22 20:10:43 -05:00
coffee 1187daa15b adapt to server's checker field TLSSkipVerify type 2016-11-21 18:02:38 +08:00
James Phillips 5a643c6e3f Merge pull request #2366 from aksentyev/master
api client: CatalogService added fields CreateIndex, ModifyIndex
2016-11-17 16:38:39 -08:00
James Phillips b17907f06a Moves index fields to the bottom of the structure. 2016-11-17 16:38:30 -08:00
James Phillips fde94fb537
Adds notes field to API.
Closes #2336.
2016-11-17 16:33:50 -08:00
James Phillips b672fea37b Merge pull request #2238 from hasyimibhar/master
Remove duplicated environment variables
2016-11-17 16:18:02 -08:00
Kyle Havlovitz 07eeef6f1f Trim leading slash on key to avoid redirect (golang/go#4800) (#2476) 2016-11-04 21:55:10 -07:00
Kyle McCullough 697ea0f8eb Add setting to skip ssl certificate verification for HTTP checks (#1984)
* http check: add setting to skip ssl certificate verification

* update http check documentation

* fix typo in documentation

* Add TLSSkipVerify to agent api
2016-11-03 13:17:30 -07:00
Mike Cowgill ace3b46432 Delete prepared query using WriteOptions (#2417) 2016-11-03 15:54:07 -04:00
Kyle Havlovitz d5ee327fea More flaky unit test fixes (#2449)
* More flaky unit test fixes
* Raise some test timeouts that were too low
2016-10-31 09:59:20 -07:00
James Phillips bc29610124 Adds support for snapshots and restores. (#2396)
* Updates Raft library to get new snapshot/restore API.

* Basic backup and restore working, but need some cleanup.

* Breaks out a snapshot module and adds a SHA256 integrity check.

* Adds snapshot ACL and fills in some missing comments.

* Require a consistent read for snapshots.

* Make sure snapshot works if ACLs aren't enabled.

* Adds a bit of package documentation.

* Returns an empty response from restore to avoid EOF errors.

* Adds API client support for snapshots.

* Makes internal file names match on-disk file snapshots.

* Adds DC and token coverage for snapshot API test.

* Adds missing documentation.

* Adds a unit test for the snapshot client endpoint.

* Moves the connection pool out of the client for easier testing.

* Fixes an incidental issue in the prepared query unit test.

I realized I had two servers in bootstrap mode so this wasn't a good setup.

* Adds a half close to the TCP stream and fixes panic on error.

* Adds client and endpoint tests for snapshots.

* Moves the pool back into the snapshot RPC client.

* Adds a TLS test and fixes half-closes for TLS connections.

* Tweaks some comments.

* Adds a low-level snapshot test.

This is independent of Consul so we can pull this out into a library
later if we want to.

* Cleans up snapshot and archive and completes archive tests.

* Sends a clear error for snapshot operations in dev mode.

Snapshots require the Raft snapshots to be readable, which isn't supported
in dev mode. Send a clear error instead of a deep-down Raft one.

* Adds docs for the snapshot endpoint.

* Adds a stale mode and index feedback for snapshot saves.

This gives folks a way to extract data even if the cluster has no
leader.

* Changes the internal format of a snapshot from zip to tgz.

* Pulls in Raft fix to cancel inflight before a restore.

* Pulls in new Raft restore interface.

* Adds metadata to snapshot saves and a verify function.

* Adds basic save and restore snapshot CLI commands.

* Gets rid of tarball extensions and adds restore message.

* Fixes an incidental bad link in the KV docs.

* Adds documentation for the snapshot CLI commands.

* Scuttle any request body when a snapshot is saved.

* Fixes archive unit test error message check.

* Allows for nil output writers in snapshot RPC handlers.

* Renames hash list Decode to DecodeAndVerify.

* Closes the client connection for snapshot ops.

* Lowers timeout for restore ops.

* Updates Raft vendor to get new Restore signature and integrates with Consul.

* Bounces the leader's internal state when we do a restore.
2016-10-25 19:20:24 -07:00
Kyle Havlovitz 114ee0755a Fix race condition in TestClient_WatchList and TestClient_WatchGet 2016-10-25 17:48:11 -07:00
James Phillips 14c90e9aa6 Merge pull request #2382 from zaunerc/master
Add info about return values for function Get().
2016-10-20 09:40:58 -07:00
James Phillips 0f35f08b6a Adds comment about SessionOpts. 2016-10-05 17:53:27 -07:00
James Phillips dc60027e6d Merge pull request #2372 from HotelsDotCom/flexible-lock-sessions
More flexible Session configuration when using api.Lock
2016-10-05 17:52:12 -07:00
Christoph Zauner 79287ef280 Add info about return values for function Get(). 2016-10-03 08:24:04 +00:00
Maxim Ivanov d45b0cc68c More flexible Session configuration when using api.Lock 2016-09-29 14:07:54 +01:00
aksentyev 8d69db7a89 CreateIndex, ModifyIndex added for CatalogService 2016-09-28 00:40:25 +03:00
Seth Vargo b8d055dcad
Fix typo 2016-09-26 16:06:56 -07:00
Seth Vargo 7843f284e0
Rename session name to session ID 2016-09-26 16:06:55 -07:00
Seth Vargo 81a28ffd38
Update ModifyIndex comment 2016-09-26 16:06:55 -07:00
Seth Vargo 50424694fc
Add documentation to KVPair
Based on discussions with @slackpad, some of the values in the KVPair are
ReadOnly. This commit updates the docs to reflect that.
2016-09-26 16:06:52 -07:00
James Phillips 5e4db081f7
Removes Raft types from public API interface.
This will cause a lot of breakage because we've currently vendored a
branch of the Raft library.
2016-08-30 14:59:16 -07:00
James Phillips 6be1e07fec
Makes the Raft configuration API easier to consume. 2016-08-30 11:30:56 -07:00
James Phillips 209f003b12
Fixes a stale comment. 2016-08-30 00:10:46 -07:00
James Phillips 1b7a16b7d3
Adds new consul operator endpoint, CLI, and ACL and some basic Raft commands. 2016-08-30 00:02:50 -07:00
James Phillips 0bdbdf1ba8 Merge pull request #2226 from abhinavdahiya/rm-health-unknown
Fixes #1775; Removes 'unknown' state
2016-08-17 17:51:04 -07:00
James Phillips db9a72dde1
Merge branch 'master' into f-deregister-critical 2016-08-16 12:53:21 -07:00
James Phillips bc333335be
Adds an `X-Consul-Translate-Addresses` to signal translation is enabled. 2016-08-16 11:31:41 -07:00
James Phillips 742fcf7a24
Adds missing TaggedAddress structures to API client. 2016-08-16 10:30:30 -07:00
James Phillips f517f9ed0d
Fixes a typo and adds an admonition about only being in Consul 0.7+. 2016-08-16 09:27:20 -07:00
James Phillips b4f981c837
Adds ability to deregister a service based on critical check state longer than a timeout. 2016-08-16 01:00:26 -07:00
Hasyimi Bahrudin 818d2f1d64 Add api environment variables as constants for consistency 2016-08-03 14:40:31 +08:00
Hasyimi Bahrudin b2ad8114fe Remove redundant hardcoded environment variables
The following hardcoded environment variables are removed:

* CONSUL_RPC_ADDR
* CONSUL_HTTP_ADDR
2016-08-03 14:40:26 +08:00
Jeff Mitchell c878aba90c Use header to send Consul token rather than query param. 2016-08-02 16:54:59 -04:00
Abhinav Dahiya 9dc52449e3 Fixes #1775; Removes 'unknown' state
Signed-off-by: Abhinav Dahiya <abhinavdtu2012@gmail.com>
2016-07-30 19:33:14 +05:30
Ryan Uber 6deb17d069 api: add query templates 2016-07-02 16:05:41 -07:00
Ryan Uber d768de2ed4 api: add Near parameter to PQ's 2016-07-01 16:41:46 -07:00
James Phillips a11f32a1da Adds a get-tree verb to KV transaction operations. 2016-05-13 16:57:39 -07:00
James Phillips 2649a6336e Adds a read-only optimized path for transactions. 2016-05-13 00:34:05 -07:00
James Phillips 88b1c7d054 Makes get fail a transaction if the key doesn't exist. 2016-05-11 14:18:31 -07:00
James Phillips 3d35acaa90 De-nests the KV output structure (removes DirEnt member). 2016-05-11 13:48:03 -07:00
James Phillips 04a13ec3d7 Switches to "KV" instead of "KV" for the KV operations. 2016-05-11 10:58:27 -07:00
James Phillips dc662f7e35 Refactors TxnRequest/TxnResponse into a form that will allow non-KV ops.
This isn't needed/used yet, but it's a good hook to get in there so we
can add more atomic operations in the future. The Go API hides this detail
so that feels like a KV-specific API. The implications on the REST API are
pretty minimal.
2016-05-11 01:39:10 -07:00
James Phillips d980cbcd9d Moves txn code into a new endpoint, not specific to KV. 2016-05-10 21:58:02 -07:00
James Phillips c1db39fe85 Adds type for API ops and an example transaction. 2016-05-10 13:36:48 -07:00
James Phillips 471160d8f0 Performs basic plumbing of KVS transactions through all the layers. 2016-05-09 22:15:49 -07:00
Sean Chittenden 0f45d1b76d Correct a small typo 2016-04-23 20:18:19 -07:00
Sean Chittenden 5bc4a2c2ab consul/ uses structs.Health*, the api uses api.Health* 2016-04-23 16:06:58 -07:00
Sean Chittenden 65f9017c63 Update Check API to use constants
Use constants where appropriate to advocate their use.  Also add a deprecation notice re: `updateTTL`.
2016-04-23 16:01:59 -07:00
James Phillips 98140b4cf0 Merge pull request #1876 from hashicorp/f-tls-helper
Adds TLS config helper to API client.
2016-03-24 11:34:24 -07:00
James Phillips c64f9c13d9 Improves the comment for the Address field. 2016-03-24 11:33:44 -07:00
Diptanu Choudhury ad085de7b7 Added some constants in the api for check health statuses 2016-03-24 11:26:07 -07:00
James Phillips 512cb6ebf7 Adds TLS config helper to API client. 2016-03-24 11:24:18 -07:00
James Phillips 1cf1664392 Switches default for API client to pooled connections. 2016-03-10 12:29:50 -08:00
James Phillips a126240a12 Adds support for new PUT API for checks. 2016-03-04 15:18:25 -08:00
James Phillips 551a4fc031 Adds support for EnableTagOverride to the API client. 2016-02-16 11:45:29 -08:00
Seth Vargo dc9131a732 Use HTTPS + www. where appropriate 2016-01-13 17:44:01 -05:00
James Phillips dd4610e917 Factors server error checking into a new function. 2016-01-06 11:35:16 -08:00
James Phillips cab27440e1 Makes the API behave better with small wait values. 2016-01-06 11:05:11 -08:00
James Phillips 6dd0835319 Makes the timeout behavior more intuitive.
Previously, it would try once "up to" the timeout, but in practice it would
just fall through. This modifies the behavior to block until the timeout has
been reached.
2016-01-06 09:40:20 -08:00
James Phillips 169825ed90 Adds the ability for semaphore monitors to ride out brief periods of 500 errors. 2016-01-05 18:22:36 -08:00
James Phillips 3348cf4c0b Adds "try" support to locks and semaphores. 2016-01-05 18:22:36 -08:00
James Phillips 09478b68ed Builds the insecure SSL transport off the clean default transport. 2015-12-17 12:15:18 -08:00
Jeff Mitchell e363c023d7 Revert "Adds client and transport pooling in the API so we don't leak connections." 2015-12-17 10:56:50 -05:00
James Phillips 79aabd0b9e Makes the insecure transport work like the default one. 2015-12-17 06:48:18 -08:00
James Phillips c981bdef8c Adds client and transport pooling in the API so we don't leak connections. 2015-12-16 22:27:07 -08:00
James Phillips 48f9210761 Adds a unit test for lock monitor retries. 2015-11-30 20:16:40 -08:00