588bca2207
* Adding check-legacy-links-format workflow * Adding test-link-rewrites workflow * Updating docs-content-check-legacy-links-format hash * Migrating links to new format Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com>
423 lines
14 KiB
Plaintext
423 lines
14 KiB
Plaintext
---
|
|
layout: api
|
|
page_title: Session - HTTP API
|
|
description: 'The /session endpoints create, destroy, and query sessions in Consul.'
|
|
---
|
|
|
|
# Session HTTP Endpoint
|
|
|
|
The `/session` endpoints create, destroy, and query sessions in Consul.
|
|
|
|
## Create Session
|
|
|
|
This endpoint initializes a new session. Sessions must be associated with a
|
|
node and may be associated with any number of checks.
|
|
|
|
| Method | Path | Produces |
|
|
| ------ | ----------------- | ------------------ |
|
|
| `PUT` | `/session/create` | `application/json` |
|
|
|
|
The table below shows this endpoint's support for
|
|
[blocking queries](/consul/api-docs/features/blocking),
|
|
[consistency modes](/consul/api-docs/features/consistency),
|
|
[agent caching](/consul/api-docs/features/caching), and
|
|
[required ACLs](/consul/api-docs/api-structure#authentication).
|
|
|
|
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
|
| ---------------- | ----------------- | ------------- | --------------- |
|
|
| `NO` | `none` | `none` | `session:write` |
|
|
|
|
### Query Parameters
|
|
|
|
<!-- What's the relationship to ServiceChecks[].Namespace (if any)? -->
|
|
- `ns` `(string: "")` <EnterpriseAlert inline /> - Specifies the namespace to query.
|
|
You can also [specify the namespace through other methods](#methods-to-specify-namespace).
|
|
|
|
- `dc` `(string: "")` - Specifies the datacenter to query. This will default to
|
|
the datacenter of the agent being queried. This is specified as part of the
|
|
URL as a query parameter. Using this parameter across datacenters is not recommended.
|
|
|
|
### JSON Request Body Schema
|
|
|
|
- `LockDelay` `(string: "15s")` - Specifies the duration for the lock delay. This
|
|
must be greater than `0`.
|
|
|
|
- `Node` `(string: "<agent>")` - Specifies the name of the node.
|
|
This field must refer to a node that is already registered.
|
|
|
|
- `Name` `(string: "")` - Specifies a human-readable name for the session.
|
|
|
|
- `Checks` `(array<string>: nil)` - Specifies a list of node health
|
|
check IDs (commonly `CheckID` in API responses). It is highly recommended that,
|
|
if you override this list, you include the default `serfHealth`.
|
|
Deprecated in Consul 1.7.0 and replaced by `NodeChecks`. This field will be
|
|
omitted from the API response in Consul 1.7+ if `serfHealth` is the only defined check.
|
|
|
|
- `NodeChecks` `(array<string>: nil)` - Specifies a list of node health
|
|
check IDs (commonly `CheckID` in API responses). It is highly recommended that,
|
|
if you override this list, you include the default `serfHealth`. Added in
|
|
Consul 1.7.0.
|
|
|
|
- `ServiceChecks` `(array<ServiceCheck>: nil)` - Specifies a list of service
|
|
checks. Added in Consul 1.7.0. A service check has the following fields:
|
|
|
|
- `ID` `(string: <required>)` - The ID of the service check to monitor
|
|
(commonly `CheckID` in API responses).
|
|
|
|
- `Namespace` `(string: "")` <EnterpriseAlert inline /> - Specifies the
|
|
namespace in which to resolve the service check ID.
|
|
|
|
- `Behavior` `(string: "release")` - Controls the behavior to take when a
|
|
session is invalidated. Valid values are:
|
|
|
|
- `release` - causes any locks that are held to be released
|
|
- `delete` - causes any locks that are held to be deleted
|
|
|
|
- `TTL` `(string: "")` - Specifies the duration of a session (between 10s and
|
|
86400s). If provided, the session is invalidated if it is not renewed before
|
|
the TTL expires. The lowest practical TTL should be used to keep the number of
|
|
managed sessions low. When locks are forcibly expired, such as when following
|
|
the [leader election pattern](/consul/tutorials/developer-configuration/application-leader-elections) in an application,
|
|
sessions may not be reaped for up to double this TTL, so long TTL
|
|
values (> 1 hour) should be avoided. Valid time units include "s", "m" and "h".
|
|
|
|
### Sample Payload
|
|
|
|
```json
|
|
{
|
|
"LockDelay": "15s",
|
|
"Name": "my-service-lock",
|
|
"Node": "foobar",
|
|
"Checks": ["a", "b", "c"],
|
|
"Behavior": "release",
|
|
"TTL": "30s"
|
|
}
|
|
```
|
|
|
|
### Sample Request
|
|
|
|
```shell-session
|
|
$ curl \
|
|
--request PUT \
|
|
--data @payload.json \
|
|
http://127.0.0.1:8500/v1/session/create
|
|
```
|
|
|
|
### Sample Response
|
|
|
|
```json
|
|
{
|
|
"ID": "adf4238a-882b-9ddc-4a9d-5b6758e4159e"
|
|
}
|
|
```
|
|
|
|
- `ID` - the ID of the created session
|
|
|
|
## Delete Session
|
|
|
|
This endpoint destroys the session with the given name. If the session UUID is
|
|
malformed, an error is returned. If the session UUID does not exist or already
|
|
expired, a 200 is still returned (the operation is idempotent).
|
|
|
|
| Method | Path | Produces |
|
|
| :----- | :----------------------- | ------------------ |
|
|
| `PUT` | `/session/destroy/:uuid` | `application/json` |
|
|
|
|
Even though the Content-Type is `application/json`, the response is
|
|
either a literal `true` or `false`, indicating of whether the destroy was
|
|
successful.
|
|
|
|
The table below shows this endpoint's support for
|
|
[blocking queries](/consul/api-docs/features/blocking),
|
|
[consistency modes](/consul/api-docs/features/consistency),
|
|
[agent caching](/consul/api-docs/features/caching), and
|
|
[required ACLs](/consul/api-docs/api-structure#authentication).
|
|
|
|
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
|
| ---------------- | ----------------- | ------------- | --------------- |
|
|
| `NO` | `none` | `none` | `session:write` |
|
|
|
|
### Path Parameters
|
|
|
|
- `uuid` `(string: <required>)` - Specifies the UUID of the session to destroy.
|
|
This is required and is specified as part of the URL path.
|
|
|
|
### Query Parameters
|
|
|
|
- `dc` `(string: "")` - Specifies the datacenter to query. This will default to
|
|
the datacenter of the agent being queried.
|
|
Using this parameter across datacenters is not recommended.
|
|
|
|
- `ns` `(string: "")` <EnterpriseAlert inline /> - Specifies the namespace to query.
|
|
You can also [specify the namespace through other methods](#methods-to-specify-namespace).
|
|
|
|
### Sample Request
|
|
|
|
```shell-session
|
|
$ curl \
|
|
--request PUT \
|
|
http://127.0.0.1:8500/v1/session/destroy/adf4238a-882b-9ddc-4a9d-5b6758e4159e
|
|
```
|
|
|
|
### Sample Response
|
|
|
|
```json
|
|
true
|
|
```
|
|
|
|
## Read Session
|
|
|
|
This endpoint returns the requested session information.
|
|
|
|
| Method | Path | Produces |
|
|
| :----- | :-------------------- | ------------------ |
|
|
| `GET` | `/session/info/:uuid` | `application/json` |
|
|
|
|
The table below shows this endpoint's support for
|
|
[blocking queries](/consul/api-docs/features/blocking),
|
|
[consistency modes](/consul/api-docs/features/consistency),
|
|
[agent caching](/consul/api-docs/features/caching), and
|
|
[required ACLs](/consul/api-docs/api-structure#authentication).
|
|
|
|
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
|
| ---------------- | ----------------- | ------------- | -------------- |
|
|
| `YES` | `all` | `none` | `session:read` |
|
|
|
|
### Path Parameters
|
|
|
|
- `uuid` `(string: <required>)` - Specifies the UUID of the session to read.
|
|
|
|
### Query Parameters
|
|
|
|
- `dc` `(string: "")` - Specifies the datacenter to query.
|
|
This defaults to the datacenter of the agent being queried.
|
|
Using this parameter across datacenters is not recommended.
|
|
|
|
- `ns` `(string: "")` <EnterpriseAlert inline /> - Specifies the namespace to query.
|
|
You can also [specify the namespace through other methods](#methods-to-specify-namespace).
|
|
|
|
### Sample Request
|
|
|
|
```shell-session
|
|
$ curl \
|
|
http://127.0.0.1:8500/v1/session/info/adf4238a-882b-9ddc-4a9d-5b6758e4159e
|
|
```
|
|
|
|
### Sample Response
|
|
|
|
```json
|
|
[
|
|
{
|
|
"ID": "adf4238a-882b-9ddc-4a9d-5b6758e4159e",
|
|
"Name": "test-session",
|
|
"Node": "raja-laptop-02",
|
|
"LockDelay": 15000000000,
|
|
"Behavior": "release",
|
|
"TTL": "30s",
|
|
"NodeChecks": [
|
|
"serfHealth"
|
|
],
|
|
"ServiceChecks": null,
|
|
"CreateIndex": 1086449,
|
|
"ModifyIndex": 1086449
|
|
}
|
|
]
|
|
```
|
|
|
|
If the session does not exist, an empty JSON list `[]` is returned.
|
|
|
|
## List Sessions for Node
|
|
|
|
This endpoint returns the active sessions for a given node.
|
|
|
|
@include 'http_api_results_filtered_by_acls.mdx'
|
|
|
|
| Method | Path | Produces |
|
|
| :----- | :-------------------- | ------------------ |
|
|
| `GET` | `/session/node/:node` | `application/json` |
|
|
|
|
The table below shows this endpoint's support for
|
|
[blocking queries](/consul/api-docs/features/blocking),
|
|
[consistency modes](/consul/api-docs/features/consistency),
|
|
[agent caching](/consul/api-docs/features/caching), and
|
|
[required ACLs](/consul/api-docs/api-structure#authentication).
|
|
|
|
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
|
| ---------------- | ----------------- | ------------- | -------------- |
|
|
| `YES` | `all` | `none` | `session:read` |
|
|
|
|
### Path Parameters
|
|
|
|
- `node` `(string: <required>)` - Specifies the name or ID of the node to query.
|
|
|
|
### Query Parameters
|
|
|
|
- `dc` `(string: "")` - Specifies the datacenter to query. This will default to
|
|
the datacenter of the agent being queried.
|
|
Using this parameter across datacenters is not recommended.
|
|
|
|
- `ns` `(string: "")` <EnterpriseAlert inline /> - Specifies the namespace to query.
|
|
You can also [specify the namespace through other methods](#methods-to-specify-namespace).
|
|
|
|
The namespace may be specified as '\*' and then results will be returned for all namespaces.
|
|
|
|
### Sample Request
|
|
|
|
```shell-session
|
|
$ curl \
|
|
http://127.0.0.1:8500/v1/session/node/node-abcd1234
|
|
```
|
|
|
|
### Sample Response
|
|
|
|
```json
|
|
[
|
|
{
|
|
"ID": "adf4238a-882b-9ddc-4a9d-5b6758e4159e",
|
|
"Name": "test-session",
|
|
"Node": "node-abcd1234",
|
|
"LockDelay": 15000000000,
|
|
"Behavior": "release",
|
|
"TTL": "30s",
|
|
"NodeChecks": [
|
|
"serfHealth"
|
|
],
|
|
"ServiceChecks": null,
|
|
"CreateIndex": 1086449,
|
|
"ModifyIndex": 1086449
|
|
}
|
|
]
|
|
```
|
|
|
|
## List Sessions
|
|
|
|
This endpoint returns the list of active sessions.
|
|
|
|
@include 'http_api_results_filtered_by_acls.mdx'
|
|
|
|
| Method | Path | Produces |
|
|
| :----- | :-------------- | ------------------ |
|
|
| `GET` | `/session/list` | `application/json` |
|
|
|
|
The table below shows this endpoint's support for
|
|
[blocking queries](/consul/api-docs/features/blocking),
|
|
[consistency modes](/consul/api-docs/features/consistency),
|
|
[agent caching](/consul/api-docs/features/caching), and
|
|
[required ACLs](/consul/api-docs/api-structure#authentication).
|
|
|
|
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
|
| ---------------- | ----------------- | ------------- | -------------- |
|
|
| `YES` | `all` | `none` | `session:read` |
|
|
|
|
### Query Parameters
|
|
|
|
- `dc` `(string: "")` - Specifies the datacenter to query. This will default to
|
|
the datacenter of the agent being queried.
|
|
Using this parameter across datacenters is not recommended.
|
|
|
|
- `ns` `(string: "")` <EnterpriseAlert inline /> - Specifies the namespace to query.
|
|
You can also [specify the namespace through other methods](#methods-to-specify-namespace).
|
|
|
|
The namespace may be specified as '\*' and then results will be returned for all namespaces.
|
|
|
|
### Sample Request
|
|
|
|
```shell-session
|
|
$ curl \
|
|
http://127.0.0.1:8500/v1/session/list
|
|
```
|
|
|
|
### Sample Response
|
|
|
|
```json
|
|
[
|
|
{
|
|
"ID": "adf4238a-882b-9ddc-4a9d-5b6758e4159e",
|
|
"Name": "test-session",
|
|
"Node": "raja-laptop-02",
|
|
"LockDelay": 15000000000,
|
|
"Behavior": "release",
|
|
"TTL": "30s",
|
|
"NodeChecks": [
|
|
"serfHealth"
|
|
],
|
|
"ServiceChecks": null,
|
|
"CreateIndex": 1086449,
|
|
"ModifyIndex": 1086449
|
|
}
|
|
]
|
|
```
|
|
|
|
## Renew Session
|
|
|
|
This endpoint renews the given session. This is used with sessions that have a
|
|
TTL, and it extends the expiration by the TTL.
|
|
|
|
| Method | Path | Produces |
|
|
| :----- | :--------------------- | ------------------ |
|
|
| `PUT` | `/session/renew/:uuid` | `application/json` |
|
|
|
|
The table below shows this endpoint's support for
|
|
[blocking queries](/consul/api-docs/features/blocking),
|
|
[consistency modes](/consul/api-docs/features/consistency),
|
|
[agent caching](/consul/api-docs/features/caching), and
|
|
[required ACLs](/consul/api-docs/api-structure#authentication).
|
|
|
|
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
|
| ---------------- | ----------------- | ------------- | --------------- |
|
|
| `NO` | `none` | `none` | `session:write` |
|
|
|
|
### Path Parameters
|
|
|
|
- `uuid` `(string: <required>)` - Specifies the UUID of the session to renew.
|
|
|
|
### Query Parameters
|
|
|
|
- `dc` `(string: "")` - Specifies the datacenter to query. This will default to
|
|
the datacenter of the agent being queried.
|
|
Using this parameter across datacenters is not recommended.
|
|
|
|
- `ns` `(string: "")` <EnterpriseAlert inline /> - Specifies the namespace to query.
|
|
You can also [specify the namespace through other methods](#methods-to-specify-namespace).
|
|
|
|
### Sample Request
|
|
|
|
```shell-session
|
|
$ curl \
|
|
--request PUT \
|
|
http://127.0.0.1:8500/v1/session/renew/adf4238a-882b-9ddc-4a9d-5b6758e4159e
|
|
```
|
|
|
|
### Sample Response
|
|
|
|
```json
|
|
[
|
|
{
|
|
"ID": "adf4238a-882b-9ddc-4a9d-5b6758e4159e",
|
|
"Name": "test-session",
|
|
"Node": "raja-laptop-02",
|
|
"LockDelay": 15000000000,
|
|
"Behavior": "release",
|
|
"TTL": "30s",
|
|
"NodeChecks": [
|
|
"serfHealth"
|
|
],
|
|
"ServiceChecks": null,
|
|
"CreateIndex": 1086449,
|
|
"ModifyIndex": 1086449
|
|
}
|
|
]
|
|
```
|
|
|
|
-> **Note:** Consul may return a TTL value higher than the one specified during session creation. This indicates the server is under high load and is requesting clients renew less often.
|
|
|
|
## Methods to Specify Namespace <EnterpriseAlert inline />
|
|
|
|
Session endpoints
|
|
support several methods for specifying the namespace of session resources
|
|
with the following order of precedence:
|
|
1. `ns` query parameter
|
|
1. `X-Consul-Namespace` request header
|
|
1. Namespace is inherited from the namespace of the request's ACL token (if any)
|
|
1. The `default` namespace
|