github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10624 Commits
1703 Branches
457 Tags
697 MiB
Tree: deb91f3d3c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'deb91f3d3c'
${ noResults }
consul/agent/session_endpoint.go

206 lines
5.9 KiB
Raw Normal View History Unescape

agent: First pass at session endpoints
11 years ago
package agent
import (
"fmt"
"net/http"
"strings"
agent: Adding support for specifying LockDelay, defaults to 15 seconds.
11 years ago
"time"
consul: Ignore zero ttl on session
10 years ago
agent: move agent/consul/structs to agent/structs
7 years ago
"github.com/hashicorp/consul/agent/structs"
Chase casting types.CheckID to a string into the state_store. It turns out the indexer can only use strings as arguments when creating a query. Cast `types.CheckID` to a `string` before calling into `memdb`. Ideally the indexer would be smart enough to do this at compile-time, but I need to look into how to do this without reflection and the runtime package. For the time being statically cast `types.CheckID` to a `string` at the call sites.
9 years ago
"github.com/hashicorp/consul/types"
agent: Adding support for specifying LockDelay, defaults to 15 seconds.
11 years ago
)
agent: Session endpoint tests
11 years ago
// sessionCreateResponse is used to wrap the session ID
type sessionCreateResponse struct {
ID string
}
agent: First pass at session endpoints
11 years ago
// SessionCreate is used to create a new session
func (s *HTTPServer) SessionCreate(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
Works around mapstructure behavior to enable sessions with no checks. Fixes #3732
7 years ago
// Default the session to our node + serf check + release session
// invalidate behavior.
agent: First pass at session endpoints
11 years ago
args := structs.SessionRequest{
Op: structs.SessionCreate,
Session: structs.Session{
agent: Adding support for specifying LockDelay, defaults to 15 seconds.
11 years ago
Node: s.agent.config.NodeName,
Cleans up version 8 ACLs in the agent and the docs. (#3248) * Moves magic check and service constants into shared structs package. * Removes the "consul" service from local state. Since this service is added by the leader, it doesn't really make sense to also keep it in local state (which requires special ACLs to configure), and requires a bunch of special cases in the local state logic. This requires fewer special cases and makes ACL bootstrapping cleaner. * Makes coordinate update ACL log message a warning, similar to other AE warnings. * Adds much more detailed examples for bootstrapping ACLs. This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234.
7 years ago
Checks: []types.CheckID{structs.SerfCheckID},
agent: Adding support for specifying LockDelay, defaults to 15 seconds.
11 years ago
LockDelay: 15 * time.Second,
Ephemeral Nodes for via Session behavior settings. Added a "delete" behavior for session invalidation, in addition to the default "release" behavior. On session invalidation, the sessions Behavior field is checked and if it is set to "delete", all nodes owned by the session are deleted. If it is "release", then just the locks are released as default.
10 years ago
Behavior: structs.SessionKeysRelease,
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
10 years ago
TTL: "",
agent: First pass at session endpoints
11 years ago
},
}
s.parseDC(req, &args.Datacenter)
Adds complete ACL coverage for /v1/session endpoints.
8 years ago
s.parseToken(req, &args.Token)
OSS Modifications necessary for sessions namespacing
5 years ago
s.parseEntMeta(req, &args.Session.EnterpriseMeta)
agent: First pass at session endpoints
11 years ago
// Handle optional request body
if req.ContentLength > 0 {
Use encoding/json as JSON decoder instead of mapstructure (#6680) Fixes #6147
5 years ago
if err := decodeBody(req.Body, &args.Session); err != nil {
agent: drop status code comments
7 years ago
resp.WriteHeader(http.StatusBadRequest)
Use fmt.Fprint/Fprintf/Fprintln Used the following rewrite rules: gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
8 years ago
fmt.Fprintf(resp, "Request decode failed: %v", err)
agent: First pass at session endpoints
11 years ago
return nil, nil
}
}
// Create the session, get the ID
var out string
if err := s.agent.RPC("Session.Apply", &args, &out); err != nil {
return nil, err
}
// Format the response as a JSON object
agent: Session endpoint tests
11 years ago
return sessionCreateResponse{out}, nil
agent: First pass at session endpoints
11 years ago
}
Works around mapstructure behavior to enable sessions with no checks. Fixes #3732
7 years ago
// FixupChecks is used to handle parsing the JSON body to default-add the Serf
// health check if they didn't specify any checks, but to allow an empty list
// to take out the Serf health check. This behavior broke when mapstructure was
// updated after 0.9.3, likely because we have a type wrapper around the string.
func FixupChecks(raw interface{}, s *structs.Session) error {
rawMap, ok := raw.(map[string]interface{})
if !ok {
return nil
}
for k := range rawMap {
if strings.ToLower(k) == "checks" {
// If they supplied a checks key in the JSON, then
// remove the default entries and respect whatever they
// specified.
s.Checks = nil
return nil
}
}
return nil
}
agent: First pass at session endpoints
11 years ago
// SessionDestroy is used to destroy an existing session
func (s *HTTPServer) SessionDestroy(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
args := structs.SessionRequest{
Op: structs.SessionDestroy,
}
s.parseDC(req, &args.Datacenter)
Adds complete ACL coverage for /v1/session endpoints.
8 years ago
s.parseToken(req, &args.Token)
OSS Modifications necessary for sessions namespacing
5 years ago
s.parseEntMeta(req, &args.Session.EnterpriseMeta)
agent: First pass at session endpoints
11 years ago
// Pull out the session id
args.Session.ID = strings.TrimPrefix(req.URL.Path, "/v1/session/destroy/")
if args.Session.ID == "" {
agent: drop status code comments
7 years ago
resp.WriteHeader(http.StatusBadRequest)
Use fmt.Fprint/Fprintf/Fprintln Used the following rewrite rules: gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
8 years ago
fmt.Fprint(resp, "Missing session")
agent: First pass at session endpoints
11 years ago
return nil, nil
}
var out string
if err := s.agent.RPC("Session.Apply", &args, &out); err != nil {
return nil, err
}
return true, nil
}
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
10 years ago
// SessionRenew is used to renew the TTL on an existing TTL session
func (s *HTTPServer) SessionRenew(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
args := structs.SessionSpecificRequest{}
if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done {
return nil, nil
}
OSS Modifications necessary for sessions namespacing
5 years ago
s.parseEntMeta(req, &args.EnterpriseMeta)
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
10 years ago
// Pull out the session id
OSS Modifications necessary for sessions namespacing
5 years ago
args.SessionID = strings.TrimPrefix(req.URL.Path, "/v1/session/renew/")
if args.SessionID == "" {
agent: drop status code comments
7 years ago
resp.WriteHeader(http.StatusBadRequest)
Use fmt.Fprint/Fprintf/Fprintln Used the following rewrite rules: gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
8 years ago
fmt.Fprint(resp, "Missing session")
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
10 years ago
return nil, nil
}
var out structs.IndexedSessions
if err := s.agent.RPC("Session.Renew", &args, &out); err != nil {
return nil, err
Added more tests. Also added return of 404 if the session id to renew is not found
10 years ago
} else if out.Sessions == nil {
agent: drop status code comments
7 years ago
resp.WriteHeader(http.StatusNotFound)
OSS Modifications necessary for sessions namespacing
5 years ago
fmt.Fprintf(resp, "Session id '%s' not found", args.SessionID)
Added more tests. Also added return of 404 if the session id to renew is not found
10 years ago
return nil, nil
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
10 years ago
}
Added more tests. Also added return of 404 if the session id to renew is not found
10 years ago
Consul Session TTLs The design of the session TTLs is based on the Google Chubby approach (http://research.google.com/archive/chubby-osdi06.pdf). The Session struct has an additional TTL field now. This attaches an implicit heartbeat based failure detector. Tracking of heartbeats is done by the current leader and not persisted via the Raft log. The implication of this is during a leader failover, we do not retain the last heartbeat times. Similar to Chubby, the TTL represents a lower-bound. Consul promises not to terminate a session before the TTL has expired, but is allowed to extend the expiration past it. This enables us to reset the TTL on a leader failover. The TTL is also extended when the client does a heartbeat. Like Chubby, this means a TTL is extended on creation, heartbeat or failover. Additionally, because we must account for time requests are in transit and the relative rates of clocks on the clients and servers, Consul will take the conservative approach of internally multiplying the TTL by 2x. This helps to compensate for network latency and clock skew without violating the contract. Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
10 years ago
return out.Sessions, nil
}
agent: First pass at session endpoints
11 years ago
// SessionGet is used to get info for a particular session
func (s *HTTPServer) SessionGet(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
args := structs.SessionSpecificRequest{}
if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done {
return nil, nil
}
OSS Modifications necessary for sessions namespacing
5 years ago
s.parseEntMeta(req, &args.EnterpriseMeta)
agent: First pass at session endpoints
11 years ago
// Pull out the session id
OSS Modifications necessary for sessions namespacing
5 years ago
args.SessionID = strings.TrimPrefix(req.URL.Path, "/v1/session/info/")
if args.SessionID == "" {
agent: drop status code comments
7 years ago
resp.WriteHeader(http.StatusBadRequest)
Use fmt.Fprint/Fprintf/Fprintln Used the following rewrite rules: gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
8 years ago
fmt.Fprint(resp, "Missing session")
agent: First pass at session endpoints
11 years ago
return nil, nil
}
var out structs.IndexedSessions
defer setMeta(resp, &out.QueryMeta)
if err := s.agent.RPC("Session.Get", &args, &out); err != nil {
return nil, err
}
Fixes nil slices from HTTP endpoints. These would manifest in the HTTP output as Javascript nulls instead of empty lists, so we had unintentionally changed the interface while porting to the new state store. We added code to each HTTP endpoint to convert nil slices to empty ones so they JSON-ify properly, and we added tests to catch this in the future.
9 years ago
// Use empty list instead of nil
if out.Sessions == nil {
out.Sessions = make(structs.Sessions, 0)
}
agent: First pass at session endpoints
11 years ago
return out.Sessions, nil
}
// SessionList is used to list all the sessions
func (s *HTTPServer) SessionList(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
OSS Modifications necessary for sessions namespacing
5 years ago
args := structs.SessionSpecificRequest{}
agent: First pass at session endpoints
11 years ago
if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done {
return nil, nil
}
OSS Modifications necessary for sessions namespacing
5 years ago
s.parseEntMeta(req, &args.EnterpriseMeta)
agent: First pass at session endpoints
11 years ago
var out structs.IndexedSessions
defer setMeta(resp, &out.QueryMeta)
if err := s.agent.RPC("Session.List", &args, &out); err != nil {
return nil, err
}
Fixes nil slices from HTTP endpoints. These would manifest in the HTTP output as Javascript nulls instead of empty lists, so we had unintentionally changed the interface while porting to the new state store. We added code to each HTTP endpoint to convert nil slices to empty ones so they JSON-ify properly, and we added tests to catch this in the future.
9 years ago
// Use empty list instead of nil
if out.Sessions == nil {
out.Sessions = make(structs.Sessions, 0)
}
agent: First pass at session endpoints
11 years ago
return out.Sessions, nil
}
// SessionsForNode returns all the nodes belonging to a node
func (s *HTTPServer) SessionsForNode(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
args := structs.NodeSpecificRequest{}
if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done {
return nil, nil
}
OSS Modifications necessary for sessions namespacing
5 years ago
s.parseEntMeta(req, &args.EnterpriseMeta)
agent: First pass at session endpoints
11 years ago
// Pull out the node name
args.Node = strings.TrimPrefix(req.URL.Path, "/v1/session/node/")
if args.Node == "" {
agent: drop status code comments
7 years ago
resp.WriteHeader(http.StatusBadRequest)
Use fmt.Fprint/Fprintf/Fprintln Used the following rewrite rules: gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c, d))) -> fmt.Fprintf(resp, a, b, c, d)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b, c))) -> fmt.Fprintf(resp, a, b, c)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a, b))) -> fmt.Fprintf(resp, a, b)' *.go gofmt -w -r 'resp.Write([]byte(fmt.Sprintf(a))) -> fmt.Fprint(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a + "\n")) -> fmt.Fprintln(resp, a)' *.go gofmt -w -r 'resp.Write([]byte(a)) -> fmt.Fprint(resp, a)' *.go
8 years ago
fmt.Fprint(resp, "Missing node name")
agent: First pass at session endpoints
11 years ago
return nil, nil
}
var out structs.IndexedSessions
defer setMeta(resp, &out.QueryMeta)
if err := s.agent.RPC("Session.NodeSessions", &args, &out); err != nil {
return nil, err
}
Fixes nil slices from HTTP endpoints. These would manifest in the HTTP output as Javascript nulls instead of empty lists, so we had unintentionally changed the interface while porting to the new state store. We added code to each HTTP endpoint to convert nil slices to empty ones so they JSON-ify properly, and we added tests to catch this in the future.
9 years ago
// Use empty list instead of nil
if out.Sessions == nil {
out.Sessions = make(structs.Sessions, 0)
}
agent: First pass at session endpoints
11 years ago
return out.Sessions, nil
}