69b522f3ea
Add new Consul API client MonitorRetries option
2015-12-01 00:08:14 -05:00
4a1a02a123
Merge pull request #780 from vicki-c/master
...
Port to new etcd client with TLS support
2015-11-18 10:33:09 -05:00
eb464ed79d
rejecting etcd addresses without url scheme
2015-11-17 15:18:50 -08:00
4a3bcc2adc
adding check in etcd backend to validate machine urls
2015-11-16 14:35:04 -08:00
dfe284af43
adding PermitPool to etcd backend
2015-11-15 22:38:21 -08:00
a21c8fab26
porting to new etcd client
2015-11-15 22:12:06 -08:00
8a594a7f61
Allow s3 bucket to come from config vars
2015-11-06 14:05:29 +01:00
141a71974a
Correct typo in comment
2015-11-06 00:41:14 -08:00
171bd84330
Add support for etcd over TLS
2015-11-06 00:41:14 -08:00
08dbc70c9f
Switch etcd default port to 2379, in line with 2.x.
...
Fixes #753
2015-11-05 09:47:50 -05:00
9fff3a350d
Don't use the semaphore library as it's racy; instead use a simple
...
buffered channel. Passes all tests, including inmem, which uses it.
2015-11-04 12:27:13 -05:00
4ad533a5ba
Add a line to the documentation to describe the new feature
2015-11-04 15:36:24 +01:00
c65b63d152
Add an option to configure the S3 endpoint
...
This enables the use of other (AWS S3 compatible) S3 endpoints.
2015-11-04 15:04:36 +01:00
7f44a1b812
Add configuration parameter for max parallel connections to Consul
2015-11-03 15:26:07 -05:00
1b83eefd97
Address review feedback
2015-11-03 14:48:05 -05:00
bf2e553785
Add a PermitPool to physical and consul/inmem
...
The permit pool controls the number of outstanding operations that can
be queued for Consul (and inmem, for testing purposes). This prevents
possible situations where Vault launches thousands of concurrent
connections to Consul if e.g. a huge number of leases need to be
expired.
Fixes #677
2015-11-03 11:49:20 -05:00
658bc0634a
Fix breaking API changes
2015-10-30 18:22:48 -04:00
cba4e82682
Don't use http.DefaultClient
...
This strips out http.DefaultClient everywhere I could immediately find
it. Too many things use it and then modify it in incompatible ways.
Fixes #700 , I believe.
2015-10-15 17:54:00 -04:00
5e8b3a28e4
Rename error return var
2015-09-15 11:18:43 +03:00
42d3f90e37
Further cleanup, use named return vals
2015-09-14 13:30:15 +03:00
7f384b2312
Cleanup defer func
2015-09-11 16:30:12 +03:00
2652db825a
Use defer to close the channel in case of error
2015-09-11 16:17:23 +03:00
f8ec771cec
Renew the semaphore key periodically
...
The semaphore key is used to determine whether we are the leader or not and is set to expire after TTL of 15 seconds. There was no logic implemented to renew the key before it expired, which caused the leader to step down and change every 15 seconds. A periodic timer is now added to update the key every 5 seconds to renew the TTL of the key.
2015-09-09 19:33:07 +03:00
9f2f79cdf4
Fix tests with AWS changes.
2015-08-18 19:22:17 -07:00
4c84080732
physical/s3: update for new AWS API
2015-08-17 12:19:55 -07:00
83ce6f2e70
Use varbinary instead of varchar for mysql, fixes #512
2015-08-11 15:03:10 -04:00
fc9de56736
Update vault code to match latest aws-sdk-go APIs
2015-08-06 11:37:08 -05:00
f58f46c243
Merge pull request #439 from geckoboard/feature-tls-mysql
...
Using SSL to encrypt connections to MYSQL
2015-08-05 14:52:43 -07:00
2a1dfdab4e
Naming cleanup
2015-07-29 20:19:21 +00:00
a5ad818d8e
only use NewCertPool if there is a ca cert otherwise use host's certificates
2015-07-28 15:31:30 +03:00
280fec2913
fix potential insecure skip verification bug
2015-07-28 15:15:31 +03:00
7b743f12fe
fix identification to go formatting
2015-07-28 15:06:56 +03:00
4146be770c
refactor code
2015-07-28 14:55:33 +03:00
9a51ca341b
Granting S3 backend temporary access
2015-07-18 16:48:23 +10:00
f16a09dc48
Add tls.Config if sslca is provided
2015-07-17 22:33:06 +00:00
26937498f6
physical/zk: Fixing node representation. Fixes #416
2015-07-13 19:33:23 +10:00
bfc0442750
physical/zk: remove recursive delete behavior, still broken
2015-07-13 19:05:17 +10:00
29a5eb35f9
physical: ensure backend does NOT do recursive delete
2015-07-13 18:59:40 +10:00
49b84db4a9
Fix zookeeper break.
...
Fixes #393 .
2015-07-04 16:03:02 -07:00
28ddff305c
physical/mysql: cleanup and documentation
2015-06-18 14:31:00 -07:00
53748c8c63
Fixed a failing test and drop table after running tests
2015-06-13 08:24:27 +05:45
5fe59f4b8d
Fixing List command behaviour
2015-06-12 23:16:46 +05:45
0bf52546af
Added the test as per suggestion
2015-06-12 15:32:45 +05:45
30cef9fe77
Changes done as per feedback
2015-06-12 13:24:41 +05:45
ace36da4ce
Physical MySQL backend implementation - First Cut
2015-06-09 01:37:25 +05:45
a02f62ee77
AWS moved from labs to official
2015-06-03 15:02:49 -04:00
e2957ef463
etcd HA physical backend: added documention + style updates
2015-06-02 18:00:06 -04:00
8c78cdddb1
etcd HA physical backend: stopchannel style, held state remote-only, lock value stored in semaphore key
2015-06-02 13:18:55 -04:00
baaa9bd10c
etcd HA + tests
2015-06-01 18:29:54 -04:00
9b79d43370
Merge pull request #252 from kenbreeman/physical_zookeeper_ha
...
Physical zookeeper ha
2015-06-01 13:03:27 +02:00
c72dd5a38c
Cleaned up error handling and HA lock monitoring for zookeeper physical backend based on PR feedback.
2015-05-28 00:39:12 -04:00
e4e4253d65
added etcd as a non-HA storage backend, updated documentation
2015-05-26 13:38:25 -04:00
f6292eb441
Cleaned up zookeeper_ha locking, added tests and cleanup.
2015-05-26 00:12:16 -04:00
efb455e5e8
Improvements based on PR feedback: removed empty detectAddress function, moved anonymous functions to named ones, added localLock mutex around i.held
2015-05-25 22:14:00 -04:00
13d47c11ab
Merge branch 'master' into physical_zookeeper_ha
2015-05-25 21:01:59 -04:00
bb866b0140
AWS changed their error interface; fix compile breakage.
2015-05-21 16:15:21 -04:00
fa50ca026a
Restore backwards compatibility for zookeeper physical backend. Vault already prevents locks and data from overlapping internally.
2015-05-20 23:15:31 -04:00
a26882ebd4
Merge branch 'master' into physical_zookeeper_ha
...
Conflicts:
physical/zookeeper.go
2015-05-20 22:59:37 -04:00
ae74837e55
Implement HA lock loss detection for zookeeper physical backend
2015-05-20 22:54:35 -04:00
1851434407
physical/s3: skip unit test if missing ENV vars
2015-05-20 17:42:41 -07:00
6726fcf7bc
Removed erroneous mutex and tests. Delete operates on a single key now
2015-05-20 19:53:35 -04:00
53979d6f30
Physical S3 backend implementation
2015-05-20 10:59:03 -04:00
3a6a060b2e
recursive zk delete
2015-05-12 11:50:32 -05:00
f3f6466730
fixes #189 ; zk version conflict
...
* multiple Puts to the same node causes zk errors
2015-05-12 09:12:00 -05:00
f6de41c31d
Rough implementation of Zookeeper HA physical backend. Contains breaking changes to 'path' config. Has unresolved TODO's.
2015-05-12 00:37:08 -04:00
47cfc85079
physical/consul: Fixing read of leader when standby. Fixes #178
2015-05-11 10:54:29 -07:00
3d3d725fc5
pysical: minor doc error in consul
...
ot -> to
2015-05-08 23:37:16 -07:00
ad3cfa206b
physical/consul: Fixing path for locks
2015-05-08 15:34:29 -07:00
0af92bdd2c
physical/zk: Style changes and more error checking
2015-05-06 11:08:26 -07:00
985600a986
fixing default zookeeper port
2015-05-06 08:57:24 -05:00
2869efd6fb
be optimistic on zk paths operations
...
* zk requires paths to be set or the client returns an error
* catch these errors instead of creating the full path
2015-05-05 21:23:24 -05:00
8a4c2eb691
cleanup zk HA leftover docs
2015-05-05 17:22:43 -05:00
9793986357
properly default zk address to localhost
2015-05-05 17:20:38 -05:00
f10d993fb5
limit round trips on zk delete
2015-05-05 17:14:41 -05:00
7d16da4174
fixing comment; bad copy-paste-edit
2015-05-05 16:56:49 -05:00
966204d73f
initial implementation of non-ha zookeeper
2015-05-05 16:49:18 -05:00
5dad76d5a1
physical/consul: Support address detection using the agent
2015-05-02 15:34:39 -07:00
06f3e498f0
physical: Adding optional interface for addr detection
2015-05-02 15:34:29 -07:00
1d7f78d3f3
physical/file: open for writing
2015-04-29 11:31:59 -07:00
3b53334d87
Sensible permissions on creating a file
...
Open a file, create it if it doesn't exist, and for gods sake don't leave it 0666.
2015-04-29 13:27:44 -05:00
e9621cdfe3
physical: more sorting to make tests deterministic
2015-04-28 19:01:01 -07:00
68b3dd1a4b
physical: sort strings in test
2015-04-28 18:51:21 -07:00
16d1c1f284
Fix comment typo
...
It's time to get my first vault commit in! :D
2015-04-22 16:59:16 -05:00
a2c22f6b3c
physical: fix negative cache issue for core keys
2015-04-15 13:48:49 -07:00
b28dac7cb2
physical: Support association of value with lock
2015-04-14 16:36:53 -07:00
5150091a6b
physical: Adding inmem HA for testing
2015-04-14 12:04:15 -07:00
cd6db0a637
physical: First pass at HABackend
2015-04-14 11:49:46 -07:00
9aec9fe577
physical: Add profiling to Consul backend
2015-04-14 11:09:24 -07:00
6f7e5faf31
physical: rename cache
2015-04-14 11:03:18 -07:00
30dcb99ba3
physical: Adding simple LRU write-through cache
2015-04-14 11:00:51 -07:00
4bc10930b3
physical: Default consul path to vault/
2015-04-03 17:05:18 -07:00
1d839d033c
physical: Adding Consul backend
2015-04-03 16:44:32 -07:00
1e36ef252d
physical: finish super naive file backend
...
This thing is SUPER slow and has some dumb edge cases. It is only really
meant for development at this point and is commented as such. We won't
document it publicly unless we make it good.
2015-03-15 20:15:27 -07:00
39b42bb862
physical: fix failing test
2015-03-12 14:30:31 -07:00
455291671e
physical: Expose the Inmem implementation
2015-03-05 13:57:30 -08:00
001bf70c68
physical: Factory constructor style for backends
2015-03-05 13:47:10 -08:00
4060860194
physical: Adding interface, in-mem implementation, and skeleton for Consul/File
2015-03-02 10:48:53 -08:00
Jeff Mitchell