Commit Graph

1347 Commits (e61484c07929a342cb2efaf0fce13494e96c1da7)

Author SHA1 Message Date
Matt Shean fe4107019e add Timeout field to CheckMonitor 2016-04-20 11:41:30 -07:00
Ryan Uber 8cc16b8238 agent: limit HTTP check output to 4k 2016-04-14 14:28:07 -07:00
James Phillips 8c8b146f77 Merge pull request #1884 from mtchavez/1541-data-dir-perms
command: Data directory permission error message
2016-04-12 22:06:49 -07:00
James Phillips f541acb0ec Makes a detached copy of the tags when doing the override. 2016-04-11 14:53:18 -07:00
James Phillips a885f1bdff Tweaks comment about side effects. 2016-04-11 08:58:17 -07:00
James Phillips eedeba682b Makes reap time configurable for LAN and WAN. 2016-04-11 00:38:25 -07:00
James Phillips 529b24adbf Merge pull request #1934 from hashicorp/b-check-output
Syncs a check's output with the catalog when output rate limiting isn't in effect.
2016-04-11 00:37:50 -07:00
James Phillips 244174d2c0 Uses the HealthCheck Clone() method in local_test.go. 2016-04-11 00:20:24 -07:00
James Phillips ed86e5cc72 Adds a clone method to HealthCheck and uses that in local.go. 2016-04-11 00:05:39 -07:00
James Phillips cfe0651208 Syncs a check's output with the catalog when output rate limiting isn't in effect. 2016-04-10 21:20:39 -07:00
Alex Myasoedov 49cc50b0d3 #1878 Set default bind address to 127.0.0.1 in development mode 2016-04-07 21:25:33 +03:00
James Phillips d386019be1 Removes a bogus warning for Windows. 2016-04-05 18:04:23 -07:00
James Phillips 6a3b2b0618 Updates static assets to pull in #1702. 2016-04-04 12:21:23 -07:00
Sean Chittenden 829478793b Clean up verifyUniqueListners
The first pass over this was a hackjob in the sense that it was not elegant.  Fixed.

Pointed out by: subcionscious in the middle of the night
2016-04-04 11:03:49 -07:00
Chavez 416c578f7a Retry http server connecting in agent/http_test 2016-04-01 19:17:38 -07:00
Chavez 31c9829751 Test agent RPC client connection retries 2016-04-01 19:17:38 -07:00
Chavez f201b4b565 command: Data directory permission error message
* Check for invalid data directory permissions
* Display appropriate permissions error message
* Add command test for bad data directory permissions
2016-04-01 19:17:38 -07:00
Sean Chittenden 45bd128f12 Rely exclusively on error to signal failure
Pointed out by: slackpad
2016-04-01 10:34:45 -07:00
Sean Chittenden 7a814fce63 Print a helpful message re: duplicate addresses
IP sockets provide nice endpoints where the kernel will fail to bind and will error out saying socket already in use.  UNIX sockets, however, don't enjoy this nice property when cleaning up stale sockets on listen.  Given the number of addresses in Consul, provide operators with a helpful message that indicates the source of the reused address.

Before this fix, it was possible for the HTTP socket to unlink the RPC socket, leading to confusing blocked behavior when running commands like `consul info`.

```
% cat tmp.config.json
{
    "addresses": {
	"http": "unix:///tmp/.consul.sock",
	"rpc": "unix:///tmp/.consul.sock"
    },
    "unix_sockets": {
	"mode": "0700"
    }
}
% consul agent -config-file tmp.config.json -advertise=127.0.0.1 -data-dir=/tmp/
==> All listening endpoints must be unique: HTTP address already configured for RPC
Exit 1
```
2016-04-01 10:20:45 -07:00
Sean Chittenden 5994c9efbf skip_leave_on_int's default changes based on agent mode
`skip_leave_on_int`'s behavior now changes based on whether or not the agent is acting as a client or server.

Fixes: 1687
2016-03-31 17:45:14 -07:00
Sean Chittenden ec9b9be736 Guard against a node name containing pure whitespace for real 2016-03-31 15:10:19 -07:00
Sean Chittenden ff529ffa40 Guard against a node name containing pure whitespace 2016-03-31 15:02:58 -07:00
Sean Chittenden 583abab552 Node names are not allowed to be empty 2016-03-31 14:47:55 -07:00
Sean Chittenden 53380f8e92 Change tests to accept an "at least this many" answers semantic
The size of answers vary based on the target platform.  Accomodate this variance.
2016-03-30 11:48:32 -07:00
Sean Chittenden 7a7063c072 Fix tests
I'm not sure how I thought this passed last night, it was obviously wrong.
2016-03-30 10:16:05 -07:00
Sean Chittenden 19721f5c3d Editorialize the comment re: UDPAnswerLimit
Prodded by: slackpad & fusiondog
2016-03-30 01:15:40 -07:00
Sean Chittenden 5ba7e74bb8 Use table-driven test for response limits
Much more exhaustive testing and shows where the limits are of the 512B limitation (quering by ID is less space efficient than querying by just a prepared query or service).
2016-03-30 01:05:49 -07:00
Sean Chittenden 0cb965f901 Remove duplicate paste-o
Pointed out by: slackpad
2016-03-29 23:31:31 -07:00
Sean Chittenden ce88cde7b0 Test services and PQT limits 2016-03-29 23:08:58 -07:00
Sean Chittenden e1e441fdee Improve the use of constants across DNS tests 2016-03-29 23:08:40 -07:00
Sean Chittenden c2d4354563 Use a non-default config value 2016-03-29 23:06:31 -07:00
Sean Chittenden 1dd4234683 Test missing config inputs
Alpha sort where appropriate to make it easier to keep in sync in the future.
2016-03-29 23:06:17 -07:00
Sean Chittenden 69696a9c1b Correctly detect that an answer has been truncated 2016-03-29 19:52:31 -07:00
Sean Chittenden efe940e7c4 Remove dead and incorrect code
This functionality is handled further upstream in `trimUDPAnswers()`
2016-03-29 19:38:26 -07:00
Sean Chittenden c5c8daf07a Trim UDP responses per configuration 2016-03-29 19:27:21 -07:00
Sean Chittenden 9fb64ab114 Allow adjusting the number of DNS records in a response...
Based on work done by @fusiondog in #1583, extend the concept to use an integer instead of a boolean.

Fixes: #1583 && #1481
2016-03-29 19:23:56 -07:00
Patrick Feliciano 74623c372a Adding singleton option to DNS for getaddrinfo bug. 2016-03-29 19:23:07 -07:00
Sean Chittenden a92cda7bcd Fix whitespace alignment in a comment 2016-03-23 16:00:39 -07:00
James Phillips 77eb95ddd8 Merge pull request #1861 from hashicorp/b-flaky-test
Widens coordinate update sleeps in unit tests.
2016-03-21 18:24:05 -07:00
James Phillips cd7b3d4b49 Widens coordinate update sleeps in unit tests. 2016-03-21 18:23:11 -07:00
Hrishikesh Barua 9f9aa5084b Added help text for -dev option #1804 2016-03-21 17:27:57 +05:30
Wim b5d45322b4 Allow [::] as a bind address (binds to first public IPv6 address) 2016-03-18 23:59:44 +01:00
Miquel Sabaté Solà 4567963d8e command: deprecated the -dc flag in the agent CLI
The `-dc` flag from the agent CLI command has been deprecated in favor of
`-datacenter`. This is done this way because:

- Other CLI commands used `-datacenter`. See: event, exec and watch.
- The agent configuration file uses `datacenter`.

Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
2016-03-18 15:44:35 +01:00
James Phillips 6e2c106006 Merge pull request #1819 from hashicorp/f-check-accept
Adds default set of accept headers for HTTP checks.
2016-03-09 21:12:25 -08:00
James Phillips 4cb16808f4 Adds default set of accept headers for HTTP checks. 2016-03-09 21:11:20 -08:00
James Phillips 5c80647e34 Tweaks algorithm so it's safe with an empty list and adds a PQ test. 2016-03-08 23:09:09 -08:00
Igor Dubinskiy 3a25860270 Make sure UDP DNS responses aren't larger than allowed 2016-03-07 16:41:17 -08:00
James Phillips 98784c6416 Updates to latest compiled ui assets. 2016-03-07 13:49:08 -08:00
James Phillips eb7004f2b8 Renames "debug" endpoint and structures to "explain". 2016-03-07 10:45:39 -08:00
James Phillips d7288e3a5e Adds a prepared query debug endpoint. 2016-03-07 10:45:39 -08:00
James Phillips f46fa33278 Tweaks formatting of inline output messages. 2016-03-02 19:47:00 -08:00
James Phillips 70575002d9 Retains the last output when a TTL check times out. 2016-03-02 17:58:01 -08:00
James Phillips 7ebad899da Adds a new PUT-based TTL check update endpoint. 2016-03-02 17:54:01 -08:00
Stefan Engstrom 525cb0abc1 add accept header */* for agent check 2016-02-19 10:31:00 -06:00
James Phillips 052140f8a7 Merge pull request #1703 from alistanis/fix-issue-#1661
fixes issue #1661 and adds supporting test
2016-02-16 20:13:36 -08:00
James Phillips e79dd7c8de Fixes redirect from / to /ui when internal UI is enabled. 2016-02-12 16:11:32 -08:00
Chris Cooper 2c6f873ecd add missing test 2016-02-09 10:49:41 -05:00
Chris Cooper fe0e3aaaa0 fixes issue #1661 and adds supporting test 2016-02-09 10:35:39 -05:00
James Phillips 56cbabff63 Adds a sanity check to the local node info compare. 2016-02-07 15:07:23 -08:00
James Phillips d2cc2801fa Merge pull request #1698 from hashicorp/pr-1547-slackpad
Implements WAN address translation.
2016-02-07 14:26:04 -08:00
James Phillips 607728ddca Adds a test to make sure we get the local address within the DC. 2016-02-07 14:16:15 -08:00
James Phillips 524aaae9b7 Increases wait to account for random stagger. 2016-02-07 13:56:45 -08:00
James Phillips 6790930c4e Factors address translation into a single function. 2016-02-07 13:39:37 -08:00
James Phillips 4be2ab1a75 Moves tagged wan address to be managed by anti-entropy, not serf. 2016-02-07 13:12:42 -08:00
James Phillips b59599742d Adds a test to make sure the local sync doesn't clobber tagged addresses. 2016-02-07 11:26:19 -08:00
James Phillips c60a526fde Sets up config for more address tags down the road, renames struct members. 2016-02-07 10:37:34 -08:00
Evan Gilman de8fd561d0 Use a map for additional node addresses 2016-02-06 23:01:45 -08:00
Evan Gilman 2f26771bb1 Add tests for consul WAN translation 2016-02-06 23:01:45 -08:00
Evan Gilman 146f719a66 Explicitly set advertise address in agent tests
Otherwise, the tests will fail when run on a machine with multiple
private addresses
2016-02-06 23:01:45 -08:00
Evan Gilman a3240d28ba Consider WAN addresses during Node and SRV record lookup 2016-02-06 23:01:45 -08:00
Evan Gilman 496cf5ae73 Implement `translate_wan_addrs` config option
This knob tells consul whether it should prefer the WAN address (if set)
when making service lookups in remote datacenters. This enables
reachability for remote services which are behind a NAT.
2016-02-06 23:01:45 -08:00
Evan Gilman 8fa2a60208 Rectify value of `AdvertiseAddrWan` when set elsewhere
`AdvertiseAddrs` has been introduced as a configuration option, which
duplicates a few other options, namely `AdvertiseAddrWan`. We need to
use this value elsewhere, so rather than doing a precedence check every
time we need to access it, rectify the value of `AdvertiseAddrWan` to
match
2016-02-06 23:01:45 -08:00
James Phillips ed8a71efd7 Store WanAddress during Service/Check sync 2016-02-06 23:01:45 -08:00
James Phillips 507c83bdbd Merge pull request #1690 from alistanis/use-http-package-statuses
refactors http server error codes
2016-02-06 22:38:48 -08:00
James Phillips d60be51f01 Merge pull request #1284 from nbrownus/telemetry
Option to disable hostnames from telemetry
2016-02-06 22:00:14 -08:00
James Phillips 7bc2ba4c18 Merge pull request #1654 from ryanslade/invalid-check-message
Updated invalid check error message.
2016-02-05 17:21:29 -08:00
Chris Cooper 5a07e89bb9 Merge branch 'master' of https://github.com/alistanis/consul into use-http-package-statuses 2016-02-05 17:30:43 -05:00
Chris Cooper e2065e10c0 add comment codes 2016-02-05 17:06:42 -05:00
Chris Cooper 00dd9d6b78 refactors http server error codes to use the http statuses defined in the http package instead of literals 2016-02-05 16:51:31 -05:00
Sean Chittenden 8deec17f73 Use panic instead of returning a sentinel UUID values in unit tests 2016-02-01 16:42:04 -08:00
Sean Chittenden 7af6a94edb Factor out duplicate functions into a lib package
Consolidate code duplication and tests into a single lib package.  Most of these functions were from various **/util.go functions that couldn't be imported due to cyclic imports.  The consul/lib package is intended to be a terminal node in an import DAG and a place to stash various consul-only helper functions.  Pulled in hashicorp/go-uuid instead of consolidating UUID access.
2016-01-29 16:57:45 -08:00
Nate Brown 43a4f3fe02 Option to disable hostnames from telemetry 2016-01-29 13:44:48 -08:00
Ryan Slade dd98602bd7 Updated invalid check error message.
Added some of the newer reasons this error could have occured.
2016-01-28 11:02:00 +02:00
James Phillips f24a044755 Fixes the static asset generator for new pkg path, updates assets. 2016-01-15 10:21:42 -08:00
Seth Vargo cae0ff354a Use HTTPS + www. where appropriate 2016-01-13 17:44:01 -05:00
James Phillips 71e3901a65 Merge pull request #1592 from hashicorp/b-reap
Adds support for the reap lock.
2016-01-13 09:37:54 -08:00
James Phillips 343838f12b Adds support for the reap lock. 2016-01-12 21:10:25 -08:00
Matt McCoy 9cbed7f89e Add consul agent help for advertise-wan 2016-01-11 14:27:54 -05:00
James Phillips c1fe9092ed Merge pull request #1550 from hashicorp/f-devmode
Add a `-dev` mode for easy prototyping
2016-01-05 10:01:41 -08:00
Philippe M. Chiasson a2eddcab38 remove address splitting 2016-01-05 11:49:40 -05:00
Philippe M. Chiasson 21345a8a7f Move logged client IP to the end of the log message 2015-12-30 15:39:34 -05:00
Philippe M. Chiasson 34c36d9205 Merge branch 'master' of http://github.com/hashicorp/consul into issue/1447/http-access-logs 2015-12-30 15:38:30 -05:00
Ryan Uber 9002bfa37d agent: enable ui for dev mode 2015-12-26 20:39:42 -05:00
Ryan Uber afafae53fd consul: dev mode works 2015-12-26 20:19:36 -05:00
Ryan Uber 87c1283b73 agent: update assetfs output 2015-12-24 22:21:34 -05:00
Ryan Uber 3cf6a173a5 agent: static UI is configurable 2015-12-24 22:21:34 -05:00
Ryan Uber 2d7ced22b3 agent: initial web assets 2015-12-24 22:21:34 -05:00
Ryan Uber c3e7c98da2 agent: compile web assets into consul binary 2015-12-24 22:21:34 -05:00
Philippe M. Chiasson 9553ac0ca8 Merge branch 'master' of http://github.com/hashicorp/consul into issue/1447/http-access-logs 2015-12-22 14:55:18 -05:00
James Phillips d61661a98f Adds a Bool helper function. 2015-12-22 10:43:32 -08:00
James Phillips e80d1a58fb Moves logger down where it's used for reaping. 2015-12-22 10:29:55 -08:00
James Phillips 0b1c346990 Changes sense of option to "reap" and uses nil for "not set". 2015-12-22 10:28:10 -08:00
James Phillips 2b257c922e Adds child process reaping when Consul is running as PID 1. 2015-12-21 21:47:35 -08:00
James Phillips 651f255b9b Converts the DNS metric to a gauge which gives us a count and a time. 2015-12-21 18:25:09 -08:00
James Phillips a4dc11167f Adds telemetry on number of DNS queries served, per-agent. 2015-12-21 17:01:28 -08:00
WangFenjin 29c0516d58 Fix typo 2015-12-08 17:45:01 +08:00
James Phillips a61d89d0e6 Removes the GOMAXPROCS warnings which are obsolete for Go 1.5+. 2015-11-25 17:59:16 -08:00
Philippe M. Chiasson 65512cae73 Add client ip to http access logs
Fixes #1447
2015-11-24 15:06:33 -05:00
James Phillips 95c708f65e Adds Docker checks support to client API.
Also changed `DockerContainerId` to `DockerContainerID`, and updated the agent
API docs to reflect their support for Docker checks.
2015-11-18 07:40:02 -08:00
James Phillips 049da2cef2 Breaks up huge HTTP endpoint functions. 2015-11-17 09:16:04 -08:00
James Phillips cd6be4a88d Avoids taking the length again when parsing DNS queries. 2015-11-17 08:40:47 -08:00
James Phillips e1ce1a34b0 Moves conversion of nil slices up to HTTP layer for prepared queries. 2015-11-15 17:06:00 -08:00
James Phillips 4715c04c98 Adds a test to make sure a stale retry terminates. 2015-11-15 17:06:00 -08:00
James Phillips 67fd4fa78d Returns a 404 from a get or execute of a nonexistent query. 2015-11-15 17:06:00 -08:00
James Phillips e9480ecb02 Plumbs the service name back and uses agent-specific TTL settings as a fallback. 2015-11-15 17:06:00 -08:00
James Phillips 81b43135f9 Adds unit tests for prepared queries and DNS, using existing tests for equivalence. 2015-11-15 17:06:00 -08:00
James Phillips 4a0a60af55 Adds DNS support for prepared queries (needs tests). 2015-11-15 17:06:00 -08:00
James Phillips 5e7523ea4b Adds a slightly more flexible mock system so we can test DNS. 2015-11-15 17:06:00 -08:00
James Phillips da20e6668b Adds a note about obfuscating query name/ID from the logs. 2015-11-15 17:06:00 -08:00
James Phillips 57be55103c Adds an HTTP endpoint for prepared queries. 2015-11-15 17:06:00 -08:00
James Phillips 989619cb6b Moves DNS over to new shuffle and filter functions. 2015-11-15 17:06:00 -08:00
James Phillips c248b0017a Fixes nil slices from HTTP endpoints.
These would manifest in the HTTP output as Javascript nulls instead of
empty lists, so we had unintentionally changed the interface while
porting to the new state store. We added code to each HTTP endpoint to
convert nil slices to empty ones so they JSON-ify properly, and we added
tests to catch this in the future.
2015-11-14 21:05:37 -08:00
James Phillips 8defe75387 Merge pull request #1293 from talwai/master
Add options to send telemetry to DogStatsD
2015-11-13 09:51:50 -08:00
talwai f6f2e19c6c Kill unused import in command.go 2015-11-13 11:14:15 -05:00
James Phillips 98731f7272 Fixes unit test fail due to expected truncated message. 2015-11-12 18:16:44 -08:00
talwai bc12c5e711 Add DogStatsd configuration 2015-11-11 14:30:36 -05:00
James Phillips 3d1702969f Fixes a go vet finding. 2015-10-29 12:47:20 -07:00
James Phillips d06fc28a0a Prevents agents from considering Raft information when doing sync checks. 2015-10-28 14:32:00 -07:00
James Phillips c0bd639662 Makes the version upshift code look at the correct version field. 2015-10-27 14:44:34 -07:00
Diptanu Choudhury ab7ab8e58e Merge pull request #1343 from hashicorp/f-docker-check
Docker Support for Consul Health Checks
2015-10-26 21:00:48 -07:00
Diptanu Choudhury 3d68d06ac7 Forcing the Env variable to empty while testing the default shell logic 2015-10-26 20:35:13 -07:00
Diptanu Choudhury 2fdcf1ae28 Added a test for selecting shell from env 2015-10-26 20:21:50 -07:00
Diptanu Choudhury 471442e9a4 Making an explicit check to test whether a check is of type Monitor 2015-10-26 19:52:32 -07:00
Diptanu Choudhury 1e240b5c59 Fixed the tests 2015-10-26 18:20:02 -07:00
Diptanu Choudhury f0c783d1a8 Added a test to check if we are properly truncating docker exec outputs 2015-10-26 18:06:55 -07:00
Diptanu Choudhury 582786523a Added a test for exit code 1 with docker exec 2015-10-26 16:58:09 -07:00
Diptanu Choudhury 9efbd1affa Fixed the Fake Docker client to simulate Exec start failures 2015-10-26 16:54:51 -07:00
Diptanu Choudhury 423f7fbcac Not adding the docker check if we couldn't create the client 2015-10-26 16:45:12 -07:00
Diptanu Choudhury f5f5ed0c79 Making sure the script is not empty if it's a docker check 2015-10-26 16:27:48 -07:00
Diptanu Choudhury b4af7f44af Updated the comment for CheckType 2015-10-26 15:28:13 -07:00
Diptanu Choudhury 4c1818eb61 Collect and truncate the output from docker exec 2015-10-26 15:19:35 -07:00
Diptanu Choudhury 5f8f531d2a Defaulting to Monitor check 2015-10-26 15:02:23 -07:00
Diptanu Choudhury 809e9f5284 Extracted the logic of figuring out the shell and fixing the logic to find out if the check is a Docker check 2015-10-26 15:00:34 -07:00
Diptanu Choudhury 31cdf4fe64 Added some tests for docker check 2015-10-26 12:59:40 -07:00
James Phillips f6b589d768 Merge pull request #1296 from hashicorp/f-fast-sync
agent: remove an N^2 check. See #1265
2015-10-26 11:37:52 -07:00
Diptanu Choudhury 40f72a8323 Marking the state of a service as critical if the Docker Daemon doesn't respond while running checks 2015-10-26 11:16:11 -07:00
Diptanu Choudhury d695012e40 Adding a debug log to indicate the exit code of failed check 2015-10-26 10:35:51 -07:00
Diptanu Choudhury 83db728133 Registering the Exec with Docker Daemon everytime the check is invoked 2015-10-26 10:23:57 -07:00
Diptanu Choudhury 71ede8addb Implemented Docker health checks 2015-10-26 10:23:57 -07:00
James Phillips 088603949c Runs go fmt (sorts new go-cleanhttp imports). 2015-10-23 17:14:35 -07:00
James Phillips ecd3a1d1d2 Completes rebase of network coordinates to new memdb. 2015-10-23 15:23:01 -07:00
James Phillips 660da92152 Makes the default protocol 2 and lets 3 interoperate with 2. 2015-10-23 15:23:01 -07:00
James Phillips e21b450f69 Runs go fmt after latest rebase. 2015-10-23 15:23:01 -07:00
James Phillips e8322ffe00 Adds a test for the `DisableCoordinate` config. 2015-10-23 15:23:01 -07:00
James Phillips f9da231a1c Adds coordinate of agent to self endpoint. 2015-10-23 15:23:01 -07:00
James Phillips 6289764ea2 Moves sorting up into coordinate endpoint HTTP handlers. 2015-10-23 15:23:01 -07:00
James Phillips d45fc23abf Installs a friendly handler for coordinate endpoints when coordinates are disabled. 2015-10-23 15:23:01 -07:00
James Phillips ce0e9759f8 Fixes config merge fn for disabling coordinates and adds it to JSON. 2015-10-23 15:23:01 -07:00
James Phillips 33e3505aea Adds endpoints for raw network coordinates. 2015-10-23 15:23:01 -07:00
James Phillips 9c9195746f Changes ?near=self to a safer ?near=_agent, which is also clearer about what it does. 2015-10-23 15:23:01 -07:00
James Phillips 9caa5b3653 Adds distance sorting to health endpoint. Cleans up unit tests. 2015-10-23 15:23:01 -07:00
James Phillips e47eea3f3a Adds a magic "self" node name to distance queries. 2015-10-23 15:23:01 -07:00
James Phillips 54ef97b268 Adds tests for HTTP interface. Removes a stray mark. 2015-10-23 15:23:01 -07:00
James Phillips 89c7203f31 Adds coordinate sorting support to catalog queries for nodes and service nodes. 2015-10-23 15:23:01 -07:00
James Phillips d734697820 Turns down the coordinate sync rate a bit more. 2015-10-23 15:23:01 -07:00
James Phillips ad65d953f6 Scales coordinate sends to hit a fixed aggregate rate across the cluster. 2015-10-23 15:23:01 -07:00
James Phillips 66a3d29743 Simplifies the batching function and adds some comments. 2015-10-23 15:23:01 -07:00
James Phillips 5f754c4a87 Does some small cleanups based on PR feedback.
* Holds coordinate updates in map and gets rid of the update channel.
* Cleans up config variables a bit.
2015-10-23 15:23:01 -07:00
James Phillips 7e6d52109b Hardens Consul from bad coordinates from other nodes. 2015-10-23 15:23:01 -07:00
James Phillips d12aa2ffab Moves batching down into the state store and changes it to fail-fast.
* A batch of updates is done all in a single transaction.
* We no longer need to get an update to kick things, there's a periodic flush.
* If incoming updates overwhelm the configured flush rate they will be dumped with an error.
2015-10-23 15:23:01 -07:00
James Phillips b9d5fb0f90 Flips the sense of the coordinate enable option. 2015-10-23 15:23:01 -07:00
James Phillips 92567841d6 Removes one more WAN leftover. 2015-10-23 15:23:01 -07:00
James Phillips 86b112fe31 Does a clean up pass on the Consul side. 2015-10-23 15:23:01 -07:00
James Phillips 01d2452ea3 Merges config changes after rebase. 2015-10-23 15:23:01 -07:00
Derek Chiang f144d17b1c Address comments 2015-10-23 15:23:01 -07:00
Derek Chiang ab9262c656 Add a test case 2015-10-23 15:23:01 -07:00
Derek Chiang bf5cb7522f Use IndexedCoordinate instead 2015-10-23 15:23:01 -07:00
Derek Chiang a1854a7614 Some fixes 2015-10-23 15:23:01 -07:00
Derek Chiang a338e5efe8 Fix a comment 2015-10-23 15:23:01 -07:00
Derek Chiang 98d87b5dd5 Complete logic for sending coordinates 2015-10-23 15:23:01 -07:00
Derek Chiang 9113b26286 Some fixes 2015-10-23 15:23:01 -07:00
Derek Chiang a9ea503c69 Adding tests and stuff 2015-10-23 15:23:01 -07:00
Armon Dadgar 6a350d5d19 Merge pull request #1318 from daveadams/f-http-header-token
Allow specifying Consul token in an HTTP request header
2015-10-22 13:33:47 -07:00
Jeff Mitchell 1e3840b044 Update cleanhttp repo location 2015-10-22 14:14:22 -04:00
Jeff Mitchell 9a5fd5424a Use cleanhttp to get rid of DefaultTransport 2015-10-22 10:47:50 -04:00
David Adams b7bcb2a414 Add HTTP request header X-Consul-Token
Add support for an X-Consul-Token HTTP request header to specify the
token with which this request should be fulfilled. The header would have
precedence over the responding Agent's default token, but would have
lower precedence than a token specified in the query string.
2015-10-19 11:26:01 -05:00
James Phillips 4ee43e90b7 Deletes the old state store and all its accoutrements. 2015-10-15 14:59:09 -07:00
James Phillips 0c90bdc61a Knocks out the Raft indexes before doing compare. 2015-10-15 14:59:09 -07:00
James Phillips d57431e300 Gets new structs changes to compile, adds some corner case handling and extra unit tests. 2015-10-15 14:59:09 -07:00
Ryan Uber d6af59cded Merge pull request #1309 from hashicorp/f-remove-migrate
Removes consul-migrate for 0.6
2015-10-15 14:50:19 -07:00
Jeff Mitchell f49fc095ef Don't use http.DefaultClient
Two of the changes are in tests; the one of consequence is in the API.
As explained in #1308 this can cause conflicts with downstream programs.

Fixes #1308.
2015-10-15 17:49:35 -04:00
Ryan Uber de287e3efb agent: consolidates data dir checker 2015-10-15 14:21:35 -07:00
Ryan Uber 10b971df21 agent: test mdb dir protection 2015-10-15 14:15:41 -07:00
Ryan Uber d901fa6389 agent: remove migrator, refuse to start if mdb dir found 2015-10-15 14:15:08 -07:00
Armon Dadgar d137a5fa82 agent: remove an N^2 check. See #1265 2015-10-12 20:30:11 -07:00
Michael Puncel a98d25b541 Add http method to log output 2015-10-02 18:33:06 -07:00
James Phillips 0b05dbeb21 Merge pull request #1235 from wuub/master
fix conflict between handleReload and antiEntropy critical sections
2015-09-17 07:28:39 -07:00
Wojciech Bederski c4537ed26f panic when unbalanced localState.Resume() is detected 2015-09-17 11:32:08 +02:00
Dale Wijnand 5a28ebcaa3 Fix a bunch of typos. 2015-09-15 13:22:08 +01:00
James Phillips 2f9ebdb135 Merge pull request #1187 from sfncook/enable_tag_drift_03
Enable tag drift 03
2015-09-11 15:35:32 -07:00
Anthony Scalisi 10e028d599 remove various typos 2015-09-11 12:29:54 -07:00
Wojciech Bederski b014c0f91b make Pause()/Resume()/isPaused() behave more like a semaphore
see: https://github.com/hashicorp/consul/issues/1173 #1173

Reasoning: somewhere during consul development Pause()/Resume() and
PauseSync()/ResumeSync() were added to protect larger changes to
agent's localState.  A few of the places that it tries to protect are:

- (a *Agent) AddService(...)      # part of the method
- (c *Command) handleReload(...)  # almost the whole method
- (l *localState) antiEntropy(...)# isPaused() prevents syncChanges()

The main problem is, that in the middle of handleReload(...)'s
critical section it indirectly (loadServices()) calls  AddService(...).
AddService() in turn calls Pause() to protect itself against
syncChanges(). At the end of AddService() a defered call to Resume() is
made.

With the current implementation, this releases
isPaused() "lock" in the middle of handleReload() allowing antiEntropy
to kick in while configuration reload is still in progress.
Specifically almost all services and probably all check are unloaded
when syncChanges() is allowed to run.

This in turn can causes massive service/check de-/re-registration,
and since checks are by default registered in the critical state,
a majority of services on a node can be marked as failing.
It's made worse with automation, often calling `consul reload` in close
proximity on many nodes in the cluster.

This change basically turns Pause()/Resume() into P()/V() of
a garden-variety semaphore. Allowing Pause() to be called multiple times,
and releasing isPaused() only after all matching/defered Resumes() are
called as well.

TODO/NOTE: as with many semaphore implementations, it might be reasonable
to panic() if l.paused ever becomes negative.
2015-09-11 18:28:06 +02:00
Wojciech Bederski 24bc17eaa1 failing test showing that nested Pause()/Resume() release too early
see: #1173 / https://github.com/hashicorp/consul/issues/1173
2015-09-11 17:52:57 +02:00
Shawn Cook 66fd8fb2a0 Rename EnableTagOverride and update formatting 2015-09-11 08:35:29 -07:00
Shawn Cook d7ce0b3c6b Remove debug lines 2015-09-11 08:32:59 -07:00
Shawn Cook 0b3faf6e4a Merge remote-tracking branch 'hashicorp/master' into enable_tag_drift_03 2015-09-10 14:55:30 -07:00
Shawn Cook 35f276f25d Add test cases TestAgentAntiEntropy_EnableTagDrift 2015-09-10 14:08:16 -07:00
Ryan Uber 1908c16f53 Merge pull request #1230 from hashicorp/f-maintfix
Respect tokens in maintenance mode
2015-09-10 12:30:07 -07:00
Ryan Uber 039938a7e0 agent: testing node/service maintenance using tokens 2015-09-10 12:08:08 -07:00
Ryan Uber 125d7fd4ee agent: thread tokens through for maintenance mode 2015-09-10 11:43:59 -07:00
Wim 0bc4d9322e Allow AAAA queries for nodeLookup 2015-09-08 16:54:36 +02:00
Wim 2701bb5cc2 No NXDOMAIN when the answer is empty 2015-09-02 16:12:22 +02:00
Ryan Breen 80d26f9156 Merge pull request #1167 from railsguru/master
Add -http-port option to change the HTTP API port
2015-09-02 01:15:55 -04:00
Armon Dadgar 52a8a95af9 agent: Always enable the UI endpoints 2015-09-01 18:28:32 -07:00
Wim 4a1dc90cba Limit the DNS responses after getting the NodeRecords 2015-09-01 23:23:05 +02:00
Ryan Breen f41b79eff2 Merge pull request #1195 from 42wim/fix-rfc2308-part2
Return SOA/NXDOMAIN when the answer is empty
2015-09-01 17:08:31 -04:00
Wim 369982270d Return SOA/not found when the answer is empty 2015-09-01 22:28:12 +02:00
Ryan Uber 11e4cfd72b agent: reload SCADA client if endpoint changes 2015-08-27 13:29:07 -07:00
Ryan Uber c468acf222 command: atlas endpoint can be passed 2015-08-27 11:11:05 -07:00
Ryan Uber 1cc2429364 agent: atlas_endpoint is configurable 2015-08-27 11:08:01 -07:00
Ryan Uber 5ad8bfbd41 agent: log a message when making a new scada connection 2015-08-25 21:03:16 -07:00
Ryan Uber 4b715a7d2c agent: don't reload scada client if there is no config change 2015-08-25 20:43:57 -07:00
Ryan Uber ed70720d55 agent: testing scada client creation in command 2015-08-25 20:22:22 -07:00
Ryan Uber 52a7206ff3 agent: test scada HTTP server creation 2015-08-25 18:51:04 -07:00
Ryan Uber eb8974160f agent: clean up scada connection manager 2015-08-25 18:27:07 -07:00
Ryan Uber 87c1e4fcd3 agent: document the scada http creation func 2015-08-25 17:19:11 -07:00
Ryan Uber 2e6ccded2c agent: scada client and HTTP server are tracked separately 2015-08-25 16:59:53 -07:00
Andy Lo-A-Foe 85321301e1 Remove duplicate code 2015-08-20 20:46:20 +02:00
Andy Lo-A-Foe 3e046d3efc Use Ports.HTTP directly 2015-08-20 20:27:20 +02:00
Andy Lo-A-Foe 4e2c3373bc Add documentation for http-port option 2015-08-20 20:19:35 +02:00
Shawn Cook 96785edd9a Add EnableTagDrift logic to command/agent/local.go 2015-08-18 14:03:48 -07:00
Shawn Cook a0f8c0a2a0 Remove from command/agent/config_test.go 2015-08-18 10:42:25 -07:00
Shawn Cook 6a835939b8 EnableTagDrift in NodeService struct 2015-08-18 10:34:55 -07:00
Ryan Uber 05216d3cc4 agent: log network address of DNS clients 2015-08-11 10:33:27 -07:00
Andy Lo-A-Foe 7b5da2a240 Add -http-port option to change the HTTP API port
This is useful when pushing consul to PaaS like
Cloud Foundry making the HTTP API easily routable.
2015-08-11 14:14:21 +02:00
Ryan Breen 018fd69aa2 Merge pull request #1143 from hashicorp/GH-1142
Check NXDOMAIN after filtering nodes
2015-07-29 18:56:08 -04:00
Ryan Breen 0a7dc85076 Test for GH-1142. 2015-07-29 18:21:16 -04:00
Armon Dadgar 0363d4b54b Merge pull request #1137 from 42wim/fix-1124
Recurse when PTR answer is empty
2015-07-29 14:39:04 -07:00
Ryan Breen 42648438a0 Check NXDOMAIN after filtering nodes
Move the check for NXDOMAIN below the service health filter.
2015-07-29 17:16:48 -04:00
Ryan Uber 93c9c87f7a Merge pull request #1141 from hashicorp/f-travis
Try moving to newer Travis-CI infrastructure
2015-07-28 10:42:56 -07:00
Ryan Uber 40f3e3fae7 travis-ci: skip syslog tests for container-based travis infra 2015-07-28 09:58:43 -07:00
Wim 5647a37ffe Recurse when PTR answer is empty 2015-07-27 23:22:36 +02:00
Armon Dadgar 4a9b91f2a2 Merge pull request #1130 from pdf/check_socket
Add Socket check type
2015-07-27 14:21:24 -07:00
Ryan Uber a6317f2fb2 Merge pull request #1090 from hashicorp/f-keyring-acl
Keyring ACLs
2015-07-24 10:23:18 -07:00
Peter Fern b023904298 Add TCP check type
Adds the ability to simply check whether a TCP socket accepts
connections to determine if it is healthy.  This is a light-weight -
though less comprehensive than scripting - method of checking network
service health.

The check parameter `tcp` should be set to the `address:port`
combination for the service to be tested.  Supports both IPv6 and IPv4,
in the case of a hostname that resolves to both, connections will be
attempted via both protocol versions, with the first successful
connection returning a successful check result.

Example check:

```json
{
  "check": {
    "id": "ssh",
    "name": "SSH (TCP)",
    "tcp": "example.com:22",
    "interval": "10s"
  }
}
```
2015-07-24 14:06:05 +10:00
Ryan Uber 7aa8539c10 agent: disable ACLs for RPC client tests 2015-07-23 17:09:33 -07:00
Ryan Uber 1bbdf3b03b agent: vet fixes 2015-07-14 11:42:51 -07:00
Ryan Uber 5682b715c4 Merge pull request #995 from 42wim/rfc2308-soa-ttl
Send SOA with negative responses (RFC2308)
2015-07-13 08:49:25 -07:00
Ryan Uber 79ac4f3512 agent: testing keyring ACLs 2015-07-07 15:14:06 -06:00
Ryan Uber 5c65bc7df2 agent: write-level keyring ACLs work 2015-07-07 10:36:51 -06:00
Ryan Uber bffc0861cc agent: read-level keyring ACLs work 2015-07-07 10:30:34 -06:00
Ryan Uber e37b5ecb69 Merge pull request #1046 from hashicorp/f-event-acl
Event ACLs
2015-07-02 07:02:07 -07:00
Ryan Uber d0348d1291 Merge pull request #1004 from i0rek/advertise_addrs
Add advertise_addrs.
2015-06-23 12:32:07 -07:00
Hans Hasselberg 267e0caf81 Implement advertise_addrs for SerfLan, SerfWan and RPC.
Fixes #550.
This will make it possible to configure the advertised adresses for
SerfLan, SerfWan and RPC. It will enable multiple consul clients on a
single host which is very useful in a container environment.

This option might override advertise_addr and advertise_addr_wan
depending on the configuration.

It will be configureable with advertise_addrs. Example:

{
  "advertise_addrs": {
    "serf_lan": "10.0.120.91:4424",
    "serf_wan": "201.20.10.61:4423",
    "rpc": "10.20.10.61:4424"
  }
}
2015-06-23 21:23:45 +02:00
Ryan Uber 5bde81bcdc agent: avoid masking errors when ACLs deny a request 2015-06-18 18:13:29 -07:00
Ryan Uber beb27fb3ef agent: testing user event endpoint ACLs 2015-06-18 18:13:29 -07:00
Ryan Uber 6e084f6897 consul: always fire events from server nodes 2015-06-18 18:13:29 -07:00
Ryan Uber 6f309c355f agent: enforce event policy during event fire 2015-06-18 18:13:29 -07:00
Wim 3b1bcaea98 Send SOA with negative responses 2015-06-14 00:03:44 +02:00
Ryan Uber 8ffa0ea8b7 Merge pull request #1028 from sebastianmarkow/master
Remove unreachable error handling in AgentRPC.listen()
2015-06-12 22:28:10 -07:00
Ryan Uber f7f7c4695e agent: testing dns when acls are in use 2015-06-12 16:01:57 -07:00
Ryan Uber fb3938d88e agent: dns uses the configured token during queries 2015-06-12 16:01:57 -07:00
Sebastian Klatt 6ef6e43418
consul: Remove unreachable error handling 2015-06-12 20:21:32 +02:00
Ryan Uber 1b4167699f agent: don't replace empty tokens in the logs, fixes #1020 2015-06-12 00:11:37 -07:00
Ryan Uber f5f7e401d5 agent: fix failing test 2015-06-11 15:13:10 -07:00
Ryan Uber 69921808ee agent: use persist/load/purge convention for function names 2015-06-08 09:35:10 -07:00
Ryan Uber 2d1b873e4b agent: test check state restoration from AddCheck 2015-06-05 17:33:34 -07:00
Ryan Uber 1636a35289 agent: check state is purged if expired 2015-06-05 16:59:41 -07:00
Ryan Uber 2ee8fa8e15 agent: purge check state when checks are deregistered 2015-06-05 16:57:14 -07:00
Ryan Uber 7e6e861394 agent: testing state persistence, recovery, and expiration 2015-06-05 16:45:05 -07:00
Ryan Uber 7597d3d798 agent: first stab at persisting check state 2015-06-05 16:17:07 -07:00
Ryan Uber ebe57a1f65 agent: refactor loadChecks/loadServices, fixes a few minor bugs 2015-06-04 14:33:30 -07:00
Ryan Uber 5226e29a69 agent: don't replace config on SIGHUP if parsing fails 2015-05-30 22:50:24 -07:00
Emil Hessman 3bfc6dfe49 command/agent: skip unix file permissions test on windows 2015-05-29 21:12:45 +02:00
Ryan Uber 78a80f3a57 agent: flush progress info to console during migrations 2015-05-19 18:47:44 -07:00
Anton Lindström ce93fdd76b Set the User Agent for HTTP health checks 2015-05-18 19:12:10 +02:00
Ryan Uber 2b98ebca78 agent: log a message when data migrations start 2015-05-12 12:58:44 -07:00
Ryan Uber 72ee584df3 Fix tests after merge 2015-05-11 18:53:09 -07:00
Armon Dadgar ebf961ef8b Merge pull request #927 from hashicorp/f-tls
Add new `verify_server_hostname` to mitigate possibility of MITM
2015-05-11 18:15:16 -07:00
Armon Dadgar 8d86290ebf Fixing merge conflict 2015-05-11 16:48:10 -07:00
Armon Dadgar a485eb8447 agent: copy config into consul config 2015-05-11 15:16:13 -07:00
Armon Dadgar 59d5992355 agent: Adding new VerifyHostname config 2015-05-11 15:13:58 -07:00
Cameron Ruatta 9271d94532 Adding documentation about specifying multiple configuration directories 2015-05-11 10:19:04 -07:00
Ryan Uber 3ed0146e44 agent: use service ID field to determine associated health checks during deregister 2015-05-07 15:30:01 -07:00
Ryan Uber 204c11ec01 agent: restore check status when re-registering (updating) services 2015-05-06 12:28:42 -07:00
Armon Dadgar f3a8f907fb Merge pull request #909 from hashicorp/f-create
Support ACL upsert behavior
2015-05-06 11:22:11 -07:00
Ryan Uber 8ef01236e1 agent: allow persisted services to be updated on disk 2015-05-05 22:36:45 -07:00
Ryan Uber 739d1fdf03 Merge pull request #891 from hashicorp/f-token
ACL tokens for service/check registration
2015-05-05 22:17:31 -07:00
Armon Dadgar 532c06ac43 agent: Support ACL upserting 2015-05-05 19:25:10 -07:00
Armon Dadgar 27a820d611 agent: Adding test for DNS enable_truncate 2015-05-05 14:14:41 -07:00
Armon Dadgar ea577fbf70 command/agent: Lowercase DC. Fixes #761 2015-05-05 13:56:37 -07:00
Ryan Uber 2b62f2f172 agent: use an additional parameter for passing tokens 2015-05-04 17:48:05 -07:00
Armon Dadgar a86f31517b Merge pull request #816 from pepov/master
Support different advertise address for WAN gossip
2015-05-04 15:40:25 -07:00
Armon Dadgar b381cca304 Merge pull request #902 from hashicorp/f-stats-prefix
Allow configuring the stats prefix
2015-05-04 15:19:47 -07:00
Armon Dadgar 0dc58140f3 Merge pull request #862 from hashicorp/f-recurse-cname
Return all CNAME's during service DNS resolution
2015-05-04 15:19:13 -07:00
Ryan Uber 72524e911d agent: allow configuring the stats prefix 2015-05-03 16:46:20 -07:00
Ryan Uber 35f5a65fb7 agent: more tests 2015-04-28 13:06:02 -07:00
Ryan Uber 18356328c4 agent: restore tokens for services and checks in config 2015-04-28 12:44:46 -07:00
Ryan Uber 663a86f9b9 agent: backwards compat for persisted services from pre-0.5.1 2015-04-28 12:18:41 -07:00
Ryan Uber 442933650e agent: safer read methods for tokens 2015-04-28 11:53:53 -07:00
Ryan Uber 1557f7f19c agent: test coverage loading service/check tokens from persisted files 2015-04-27 22:46:01 -07:00
Ryan Uber 1264f7edf3 agent: fix deadlock reading tokens from state 2015-04-27 22:26:03 -07:00
Ryan Uber bebb5d9641 agent: add service/check token methods to reduce invasiveness 2015-04-27 22:01:01 -07:00
Ryan Uber 92add18e1e agent: persist tokens from API registrations 2015-04-27 19:01:02 -07:00
Ryan Uber bfb27d18cd agent: initial pass threading through tokens for services/checks 2015-04-27 18:33:46 -07:00
artushin cc07734d6e remove config 2015-04-24 09:51:40 -05:00
artushin 7b4720a957 use existing randomStagger 2015-04-23 17:08:17 -05:00
artushin fc0331ddfc add CheckUpdateStagger to MergeConfig 2015-04-23 16:56:20 -05:00
artushin 8decf5d394 adding check_update_stagger 2015-04-23 16:27:42 -05:00
Ryan Uber c9fd3eb469 agent: re-work DNS tests to not rely on the external network 2015-04-14 12:52:26 -07:00
Ryan Uber 116f8b9131 agent: pass through CNAME types for service resolution 2015-04-14 12:52:26 -07:00
Ryan Uber 6f0b1a3b46 agent: Add test for CNAME recursion 2015-04-14 12:52:26 -07:00
Ryan Uber 507917748a agent: parse raw query URL to avoid closing the request body early 2015-04-13 17:31:53 -07:00
Ryan Uber ee5659858a agent: hide tokens from logs and monitor 2015-04-12 11:17:31 -07:00
Ryan Mills 275af975e8 Allow specifying a status field in the agent/service/register and agent/check/register endpoints.
This status must be one of the valid check statuses: 'passing', 'warning', 'critical', 'unknown'.
If the status field is not present or the empty string, the default of 'critical' is used.
2015-04-12 02:00:31 +00:00
Ryan Uber 9c85ea0c47 agent: Don't attempt migration on new server 2015-04-10 19:41:09 -07:00
Ryan Uber 6cc0eefa76 Merge pull request #857 from hashicorp/f-boltdb
Raft uses BoltDB
2015-04-10 18:30:07 -07:00
Ryan Uber 60a6da213f agent: handle nil node services in anti-entropy 2015-04-10 11:15:31 -07:00
Ryan Uber ac0f66a91e command: automatically migrate raft data on start 2015-04-09 23:00:20 -07:00
Ryan Uber 7e170b047e agent: fix anti-entropy check sync 2015-04-09 10:40:05 -07:00
Ryan Uber f417279761 agent: test anti-entropy sync 2015-04-08 12:36:53 -07:00
Ryan Uber a60f4adf95 agent: anti-entropy sync services/checks if they don't exist in the catalog 2015-04-08 12:21:01 -07:00
Ryan Uber deec3bef9e agent: fix dns test 2015-04-01 10:58:05 -07:00
Matt Good 062e4f94c0 Remove unnecessary DNS test entry
By using the startup callbacks, the DNS test entry is not needed to check that
the server is alive.
2015-03-31 16:50:44 -07:00
Matt Good 65ada1a62d Use DNS server startup callbacks
Simplify waiting for the DNS server to start with the newer "NotifyStartedFunc"
callback.
2015-03-31 16:48:48 -07:00
pepov ebaee31874 add and test -advertise-wan cli flag 2015-03-28 16:08:19 +01:00
pepov a1f6647a2c add AdvertiseAddrWan to TestMergeConfig and use different values for Addr values in b than in a 2015-03-28 16:08:19 +01:00
pepov bac3ae9494 Add configuration option to specify a separate address for advertising on the wan 2015-03-28 16:08:19 +01:00
Michael Fraenkel 8c26836783 Support SesionTTLMin configuration
- Allow setting SessionTTLMin
- Validate on the Server
2015-03-27 05:13:57 -07:00
Johannes 'fish' Ziemke f935a8a506 Add -domain command line flag to agent
This makes it possible to configure the domain on the command line
additionally to the config file.
2015-03-20 16:05:41 +01:00
Ryan Uber 952ec284a4 agent: disable HTTP keepalives for checks 2015-03-15 13:30:50 -07:00
Ryan Uber 04a2faed22 agent: warn and purge checks which cannot be restored from agent state 2015-03-11 16:13:31 -07:00
Ryan Uber bd14b90861 Merge pull request #723 from hashicorp/f-agent-block
Block until service/check sync is attempted from /v1/agent API's
2015-02-23 10:56:41 -08:00
Ryan Uber 84f04ff4c9 command: clarify -recursor agent arg 2015-02-23 09:33:45 -08:00
Mohammad Zolfaghari f067ad873b Support multiple recursor flag 2015-02-21 10:15:52 +03:30
Ryan Uber 6ce6d2d806 agent: write API's on /v1/agent block for anti-entropy 2015-02-20 19:43:33 -08:00
Ryan Uber 4193525931 agent: Better warning for keyring with -encrypt option. Fixes #718. 2015-02-19 18:51:42 -08:00
Ryan Breen b78eb40ef4 s/data center/datacenter/g 2015-02-19 17:45:47 -05:00
Armon Dadgar cd3cd4d3b8 agent: Cleanup a comment 2015-02-18 16:54:44 -08:00
Armon Dadgar 0101ee38eb agent: Fixing blocking queries on internal endpoints 2015-02-18 15:15:02 -08:00
Armon Dadgar 847eaadc56 agent: Enable UI endpoints for SCADA 2015-02-18 15:15:02 -08:00
Armon Dadgar 62c3d49d64 agent: Do not expose AtlasToken or AtlasACLToken 2015-02-18 15:15:02 -08:00
Armon Dadgar ea42b04593 agent: Updating for new client API 2015-02-18 15:15:02 -08:00
Armon Dadgar ad3016100c agent: Test ACL token resolution 2015-02-18 15:12:15 -08:00
Armon Dadgar 8fb642d332 agent: Adding SCADA tests 2015-02-18 15:12:15 -08:00
Armon Dadgar c495a5434d agent: Use AtlasACLToken 2015-02-18 15:12:15 -08:00
Armon Dadgar 8d184a241f agent: Rename AtlasCluster to AtlasInfrastructure 2015-02-18 15:12:15 -08:00
Armon Dadgar b9cdb94f19 agent: Fixing setup of SCADA HTTP listener 2015-02-18 15:12:15 -08:00
Armon Dadgar 6a640604dd agent: Fixing panic on shutdown 2015-02-18 15:12:15 -08:00
Armon Dadgar e99f9dd070 agent: Provide auto-join metadata to SCADA 2015-02-18 15:12:14 -08:00
Armon Dadgar 85a47ba584 agent: Adding atlas_join configuration 2015-02-18 15:12:14 -08:00
Armon Dadgar 32aaee5185 agent: SCADA HTTP integration 2015-02-18 15:12:14 -08:00
Armon Dadgar 456645f2fb agent: SCADA HTTP listener 2015-02-18 15:12:14 -08:00
Armon Dadgar 55597dc38f agent: Starting SCADA integration 2015-02-18 15:12:14 -08:00
Armon Dadgar ebfd35898b agent: Adding Atlas CLI flags 2015-02-18 15:12:14 -08:00
Armon Dadgar b4929c090a agent: Adding new Atlas configs 2015-02-18 15:12:14 -08:00
Armon Dadgar b319c41bd9 agent: Snapshot and restore health state on reload. Fixes #693 2015-02-17 12:00:04 -08:00
artushin 2ae843d51c oops. DefaultTransport being used. 2015-02-12 10:11:22 -06:00
artushin 5ec92971ac close idle connections after stopping http checks to service 2015-02-11 18:29:51 -06:00
Ryan Uber 103e9e7fc1 agent: clarify the valid characters for dns 2015-02-09 09:59:27 -08:00
Ryan Uber 722b255816 agent: warn on service tags with invalid chars 2015-02-09 09:30:06 -08:00
Ryan Uber 5e801c905d agent: Warn on dns-incompatible characters during service registration. Fixes #683. 2015-02-09 09:23:17 -08:00
lalyos 190f15458f fixing version numbers RCs should be labeled x.x.x-rcx
see conversation with ryanuber: https://github.com/hashicorp/go-checkpoint/issues/2#issuecomment-73199209
2015-02-09 08:17:30 +01:00
Ryan Uber 84f8c70a79 agent: fix test case examples 2015-02-05 23:29:04 -08:00
Ryan Uber 45097f9f3d Merge pull request #654 from arnaudbriche/http-check-timeout
Configurable CheckHTTP timeout
2015-02-05 23:03:39 -08:00
arnaud briche bbb5f4696a - add tests for CheckHTTP with new timeout parameter && CheckType.Timeout parsing 2015-02-02 15:30:44 +07:00
arnaud briche 7f91782478 - add proper parsing of CheckType.Timeout from string 2015-02-02 15:29:42 +07:00
Ryan Uber 3c85d7e231 agent: http checks work inside of service definitions 2015-01-29 12:11:42 -08:00
Ryan Uber 544299efa5 agent: pass locally configured token during remote exec 2015-01-29 10:42:46 -08:00
arnaud briche e87afe341b - add Timeout field to CheckType and CheckHTTP to make http request timeout configurable by the client 2015-01-29 13:37:48 +07:00
Ryan Uber 58eba95b98 agent: test service/check deletion with empty ID 2015-01-27 21:47:59 -08:00
foostan 2df98c1824 Validation ServiceID/CheckID when deleting in deleteService() in local.go 2015-01-27 18:11:57 +09:00
foostan 9316596e25 Add tests to remove service/check without an ID 2015-01-27 18:10:56 +09:00
foostan 401bc71cb2 Validate ServiceID/CheckID when deregistering. 2015-01-27 01:06:57 +09:00
Ryan Uber 8b0fe52be2 agent/http: fix service registration with nil checks value 2015-01-23 18:50:51 -08:00
Ryan Uber b5e8111485 agent/http: clean up socket setup 2015-01-23 17:57:04 -08:00
Ryan Uber eda2171bbe agent: make check tests more reliable 2015-01-23 16:07:20 -08:00
Ryan Uber b69b780408 agent: error from KVS endpoint if incompatible flags are passed. Fixes #432 2015-01-23 12:48:39 -08:00
Ryan Uber 67190e6f68 agent: more lenient dns response test 2015-01-22 15:31:12 -08:00
Armon Dadgar e1a5d537d4 Merge pull request #625 from hashicorp/f-maintcmd
New "maint" command
2015-01-22 11:56:49 -08:00
Ryan Uber 44f3c20e50 command/maint: clean up 2015-01-22 11:14:28 -08:00
Ryan Uber 09fd2a7e94 command/maint: display active maintenance when no args are passed 2015-01-22 10:26:17 -08:00
Armon Dadgar cf04d6ae31 Merge pull request #622 from hashicorp/f-sockets
Unix domain sockets
2015-01-21 16:30:03 -08:00
Ryan Uber 124e7bfa7e agent: use const for default maintenance reason strings 2015-01-21 14:53:52 -08:00
Ryan Uber 5aa69827f8 agent: fix test 2015-01-21 14:12:18 -08:00
Ryan Uber 61d17e65f5 agent: prevent duplicate error messages for maintenance api 2015-01-21 13:28:26 -08:00
Ryan Uber f00b5b542e agent: support passing ?reason= for custom notes field values on maintenance checks 2015-01-21 12:21:57 -08:00
Ryan Uber b6a0f2baae agent: fix maintenance check ID 2015-01-21 11:03:42 -08:00
Ryan Uber d9a3e673b0 agent: change node maintenance endpoint 2015-01-21 10:57:44 -08:00
Ryan Uber 9c69dc05fb agent: use strconv.ParseBool for parsing maintenance enable flag 2015-01-21 09:53:31 -08:00
Ryan Uber 46d5dcfc17 agent: comments for new anti-entropy functionality 2015-01-20 21:48:46 -08:00
Ryan Uber a4039aaa4d agent: simplify anti-entropy of services with multiple checks, add tests 2015-01-20 21:48:46 -08:00
Ryan Uber 0c31e5851c agent: only send service with check sync if it is out of sync 2015-01-20 21:48:46 -08:00
Ryan Uber 949ddefbc8 agent: refactor syncChecks 2015-01-20 21:48:46 -08:00
Ryan Uber 2a7211cd5d agent: support adding multiple checks during service registration from the API 2015-01-20 21:48:45 -08:00
Ryan Uber 674be58e55 agent: support multiple checks per service 2015-01-20 21:48:42 -08:00
Ryan Uber c958824bb6 agent: use squash mapstructure tag to properly decode embedded structs 2015-01-20 21:10:58 -08:00
Ryan Uber b1dae530d4 agent: use interface for file permissions 2015-01-20 18:53:18 -08:00
Ryan Uber 782b0ddd88 agent: test permissions are set on rpc socket 2015-01-20 16:57:00 -08:00
Ryan Uber 99d4e7831e agent: fix tests 2015-01-20 16:50:21 -08:00
Ryan Uber a6c877c7ee agent: re-add support for user name in socket perms 2015-01-20 16:21:23 -08:00
Ryan Uber 145c56b47d agent: test Unix domain socket permission settings 2015-01-20 14:32:15 -08:00
Ryan Uber 450d05575d agent: adjusting tests for new behavior of sockets 2015-01-20 14:13:36 -08:00
Ryan Uber 21dd95d9af agent: beginning socket user/group/mode support as discussed in #612 2015-01-20 13:44:27 -08:00
Ryan Uber 2530e5ff05 agent: test agent rpc unix socket create failure 2015-01-19 09:56:59 -08:00
Ryan Uber ba96535cfc Merge pull request #610 from dave-tucker/bug/609
Don't forget to Shutdown the DNS Server!
2015-01-16 16:46:37 -08:00
Dave Tucker 18b5ab3539 Don't forget to Shutdown the DNS Server!
Fixes #609

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
2015-01-17 00:30:53 +00:00
Ryan Uber ba2d0fa7e3 agent: maintenance logging + unique service check IDs 2015-01-16 15:38:13 -08:00
Ryan Uber 8cf4e9889e agent: test node maintenance mode 2015-01-16 15:38:13 -08:00
Ryan Uber 7748c62d09 agent: node maintenance mode works 2015-01-16 15:38:13 -08:00
Ryan Uber 9ee1e6e858 agent: maintenance mode api's are idempotent 2015-01-16 15:37:52 -08:00
Ryan Uber 8819d71f99 agent: maintenance mode is persistent 2015-01-16 15:37:52 -08:00
Ryan Uber 35c10a902f agent: test http endpoints for maintenance mode 2015-01-16 15:37:51 -08:00
Ryan Uber 3fbb2be6c0 agent: test agent service maintenance mode 2015-01-16 15:37:51 -08:00
Ryan Uber 2973cd9131 agent: first pass at service maintenance mode 2015-01-16 15:37:51 -08:00
Ryan Uber f01bb5cf3b agent: error if binding to existing socket file 2015-01-16 12:39:15 -08:00
Ryan Uber 56c3e488a9 agent: test socket file overwrite 2015-01-16 10:37:13 -08:00
Ryan Uber 4c3ec248a5 agent: fixing up tests 2015-01-16 09:58:37 -08:00
Ryan Uber bf48651c58 agent: only ignore errors on IsNotExist() 2015-01-16 09:14:52 -08:00
Ryan Uber 4675cdf01c agent: beginning refactor 2015-01-16 00:45:03 -08:00
Jeff Mitchell 9fcea08dbb Ensure a socket is created for permissions adjustment tests and fix some
items pointed out in the code review

This code is copyright 2014 Akamai Technologies, Inc. <opensource@akamai.com>
2015-01-15 14:33:44 +00:00
Jeff Mitchell 32d2c6b848 Add a Unix socket RPC test. I modified some code in the testing library to not make assumptions about the listening socket; all RPC tests still pass. Still to do: Unix socket HTTP test.
This code is copyright 2014 Akamai Technologies, Inc. <opensource@akamai.com>
2015-01-14 19:31:21 +00:00
Jeff Mitchell 0cc009c480 Remove unnecessary ClientListenerAddr function. Rework config test functions to be cleaner. Start of runtime tests.
This code is copyright 2014 Akamai Technologies, Inc. <opensource@akamai.com>
2015-01-14 19:31:21 +00:00
Jeff Mitchell 8362e3e9eb Tests for populateUnixSocket. Still need to write tests for the other major function, and basic socket listening tests.
This code is copyright 2014 Akamai Technologies, Inc. <opensource@akamai.com>
2015-01-14 19:31:21 +00:00
Jeff Mitchell 11a3ce0bdd RPC and HTTP interfaces fully generically-sockified so Unix is supported.
Client works for RPC; will honor CONSUL_RPC_ADDR. HTTP works via consul/api;
honors CONSUL_HTTP_ADDR.

The format of a Unix socket in configuration data is:
"unix://[/path/to/socket];[username or uid];[gid];[mode]"

Obviously, the user must have appropriate permissions to create the socket
file in the given path and assign the requested uid/gid. Also note that Go does
not support gid lookups from group name, so gid must be numeric. See
https://codereview.appspot.com/101310044

When connecting from the client, the format is just the first part of the
above line:
"unix://[/path/to/socket]"

This code is copyright 2014 Akamai Technologies, Inc. <opensource@akamai.com>
2015-01-14 19:31:21 +00:00
Armon Dadgar 96c7ce120e command/agent: Minor cleanups 2015-01-13 12:18:18 -08:00
Armon Dadgar 713d30c73e Merge pull request #592 from nicholascapo/check-http
command/agent: Add simple HTTP check type
2015-01-13 12:11:50 -08:00
Armon Dadgar aedaf7a7c8 Merge pull request #595 from ebroder/dns-only-passing
Add "only_passing" option to DNS config
2015-01-13 12:07:22 -08:00
Evan Broder a0228a64e2 Add more thorough testing for only_passing behavior 2015-01-13 14:59:24 +01:00
Nicholas Capo 641476a822 command/agent: Add tests for HTTP Check 2015-01-13 00:09:42 +00:00
Ryan Uber b2fbaea18c agent: make dns randomization test more reliable 2015-01-12 16:05:41 -08:00
Nicholas Capo 98eb935392 command/agent: HTTP Check: Create httpClient in Start()
For long (>10s) interval checks the http timeout is 10s, otherwise thetimeout is the interval. This means that a check *should* return
before the next check begins.
2015-01-13 00:01:15 +00:00
Nicholas Capo bcb983edbe command/agent: HTTP Check: Include response in check status 2015-01-12 22:35:28 +00:00
Nicholas Capo 50853265dd command/agent: Stop HTTP checks when the check is removed 2015-01-12 22:34:39 +00:00
Nicholas Capo 6a2d763d5c command/agent: HTTP check: Any 2xx is OK, 429 is WARNING 2015-01-12 21:58:57 +00:00
Evan Broder ee6d59d4dd Add "only_passing" option to DNS config
This excludes nodes from DNS results if their healthchecks are in any
non-passing state, not just if they're critical.
2015-01-10 13:17:11 +01:00
Ryan Uber 5bf1abf7ef agent: fix local_test.go 2015-01-09 16:44:12 -08:00
Ryan Uber c2188440b2 agent: wrap deferred anti-entropy sync test in WaitForResult 2015-01-09 16:42:44 -08:00
Nicholas Capo fb5ba8d97d command/agent: Add simple HTTP check type
These checks make an `HTTP GET` request every Interval to the specified URL.
The status of the service depends on the HTTP Response Code.
`200` is passing, `503` is warning and anything else is failing.
2015-01-09 16:43:24 -06:00
Armon Dadgar d05ed7baa6 agent: Testing the KV DELETE with cas 2015-01-08 17:31:32 -08:00
Armon Dadgar 3e0f77682a agent: Support the ?cas parameter to KV DELETE 2015-01-08 17:08:58 -08:00
Armon Dadgar 9f4955151a agent: Testing anti-entropy with service address 2015-01-08 12:02:04 -08:00
Armon Dadgar 77a3bfd606 agent: Adding test for DNS lookup with service address 2015-01-08 11:58:32 -08:00
Armon Dadgar 419447d9f7 agent: Fix de-duplication of SRV with service address 2015-01-08 10:47:41 -08:00
Armon Dadgar 23b9c96169 consul: Fixing merge conflict 2015-01-08 10:42:19 -08:00
Armon Dadgar f2e1065246 agent: Testing reverse lookup with custom TLD 2015-01-08 10:24:49 -08:00
dankennedy 63af8d08e1 replaced consul domain with configured domain. Fixes #582 2015-01-08 10:16:05 +00:00
Ryan Uber a24f6e3d4d agent: test service and check unloading 2015-01-07 22:32:14 -08:00
Ryan Uber 51fe9f32ff agent: consolidate service loading code, better logging 2015-01-07 22:01:43 -08:00
Ryan Uber cfde9313de agent: separate service and check loading/unloading concerns 2015-01-07 22:01:20 -08:00
Ryan Uber 0b9f2b0954 agent: persist service/check data using hashed service/check IDs (fixes #573) 2015-01-07 19:11:21 -08:00
Ryan Uber db3c502dcc Merge pull request #576 from hashicorp/f-verify-config
agent: reject config with invalid options
2015-01-05 14:51:28 -08:00
Daniel Malon bd65cbb7d7 use the service specific address in SRV response 2015-01-05 22:48:30 +00:00
Ryan Uber 42ace3a6b5 agent: use mapstructure's Metadata.Unused to detect extraneous config 2015-01-05 14:41:19 -08:00
Ryan Uber b8740b62da agent: reject config with invalid options 2015-01-05 12:30:03 -08:00
Armon Dadgar f86d7c3a09 Merge pull request #558 from ceh/http-api-response-headers
add ability to specify response headers on the HTTP API
2015-01-05 11:36:08 -08:00
Daniel Malon 051ac8eb0b advertise specific address for a service
Enable setting a specific address in a service definition for advertise. If no specific address is given it will fallback to the node address and reassemble the old behaviour.
2015-01-02 21:10:05 +00:00
Thordur Bjornsson a12ffef8b6 Test both ?pretty both bare and with value. 2015-01-02 09:15:41 +01:00
Thordur Bjornsson 1435818792 handle ?pretty similarly to ?stale, ?consistent etc. 2015-01-02 08:00:08 +01:00
Ryan Uber e9615c50e6 agent: test pretty printed json 2015-01-01 14:27:10 -08:00
Emil Hessman cb764c35e5 add ability to specify response headers on the HTTP API
Add an config object that allows adding HTTP header response fields to every
HTTP API response.

Each specified header is added to every response from all HTTP API endpoints.
Each individual endpoint may overwrite the specified header, which makes sure
that Consul headers such as 'X-Consul-Index' is enforced by the API.
2014-12-28 19:17:08 +01:00
Ryan Breen f2bd641402 Clean up log line and reduce test time. 2014-12-18 09:00:51 -05:00
Ryan Breen d82ef7bb8c Test that staggered checks run within the defined interval. 2014-12-17 22:39:11 -05:00
Ryan Breen 2e58f54a26 Well, that sure is cleaner. 2014-12-17 22:24:41 -05:00
Ryan Breen 60dacecb39 Add a randomized start before running CheckMonitors. 2014-12-17 21:44:12 -05:00
Armon Dadgar a5a9f051cd consul: Ignore zero ttl on session 2014-12-12 19:17:04 -08:00
Armon Dadgar 29afa881f4 Merge pull request #524 from amalaviy/session_ttl
Consul Session TTLs
2014-12-12 14:42:25 -08:00
Atin Malaviya ac54010027 Fixed clearSessionTimer, created invalidateSession, added invalid TTL test 2014-12-11 05:34:31 -05:00
Atin Malaviya 60915629f6 Took out usage of snapshot SessionListTTL 2014-12-10 21:37:06 -05:00
Atin Malaviya 0f9723e6f8 Remove hardcoded wait time in session TTL tests 2014-12-10 21:04:09 -05:00
Atin Malaviya 5229f3b44d Clean up code based on feedback from armon 2014-12-10 20:49:06 -05:00
Atin Malaviya 624c465e2b Added more tests. Also added return of 404 if the session id to renew is not found 2014-12-10 10:02:23 -05:00
Atin Malaviya 4732c36d88 Consul Session TTLs
The design of the session TTLs is based on the Google Chubby approach
(http://research.google.com/archive/chubby-osdi06.pdf). The Session
struct has an additional TTL field now. This attaches an implicit
heartbeat based failure detector. Tracking of heartbeats is done by
the current leader and not persisted via the Raft log. The implication
of this is during a leader failover, we do not retain the last
heartbeat times.

Similar to Chubby, the TTL represents a lower-bound. Consul promises
not to terminate a session before the TTL has expired, but is allowed
to extend the expiration past it. This enables us to reset the TTL on
a leader failover. The TTL is also extended when the client does a
heartbeat. Like Chubby, this means a TTL is extended on creation,
heartbeat or failover.

Additionally, because we must account for time requests are in transit
and the relative rates of clocks on the clients and servers, Consul
will take the conservative approach of internally multiplying the TTL
by 2x. This helps to compensate for network latency and clock skew
without violating the contract.

Reference: https://docs.google.com/document/d/1Y5-pahLkUaA7Kz4SBU_mehKiyt9yaaUGcBTMZR7lToY/edit?usp=sharing
2014-12-07 12:38:22 -05:00
Ali Abbas d73e1cae85 since dns.TXT is an external dependency, it is safer to add keys to the fields to avoid some potential ordering issues if changes in this field occur with upstream 2014-12-06 13:13:35 +01:00
Chavez de0d2d7b78 agent: agent test fixes 2014-12-05 10:36:44 -08:00
Veres Lajos 3b1068387a typofixes - https://github.com/vlajos/misspell_fixer 2014-12-04 23:25:06 +00:00
Armon Dadgar 5887242db2 agent: Handle service ACLs when doing anti-entropy 2014-12-01 11:43:01 -08:00
Ryan Uber 81d4e5cfd4 agent: fixup all check definitions from json config 2014-11-30 18:27:37 -08:00
Ryan Uber dd4fadfc9e agent: persist CheckType with health checks 2014-11-29 12:54:37 -08:00
Ryan Uber b7587cac42 agent: allow config reload to modify checks/services persistence
This change consolidates loading services and checks from both config
and persisted state into methods on the agent. As part of this, we
introduce optional persistence when calling RemoveCheck/RemoveService.

Fixes a bug where config reloads would kill persisted services/checks.
Also fixes an edge case:

1. A service or check is registered via the HTTP API
2. A new service or check definition with the same ID is added to config
3. Config is reloaded

The desired behavior (which this implements) is:

1. All services and checks deregistered in memory
2. All services and checks in config are registered first
3. All persisted checks are restored using the same logic as the agent
   start sequence, which prioritizes config over persisted, and removes
   any persistence files if new config counterparts are present.
2014-11-26 12:46:42 -08:00
Ali Abbas a4656f1ecf fix Sprintf formatting 2014-11-25 20:06:33 +01:00
Ali Abbas e395420af6 cleanup unreachable code 2014-11-25 19:54:30 +01:00
Ryan Uber 9f9087badb agent: prefer config over persisted services/checks (#497) 2014-11-24 19:40:53 -08:00
Armon Dadgar f74d3dbd92 Merge pull request #497 from hashicorp/f-persist
Persist locally registered services and checks
2014-11-24 11:14:08 -08:00
Armon Dadgar 50e21b071c agent: Adding TODO for future optimization 2014-11-24 11:09:04 -08:00
Ryan Uber 2ebe85414f agent: pass error through when writing state files 2014-11-24 01:58:39 -08:00
Ryan Uber 79ba25b94d agent: default restored checks to critical status 2014-11-24 01:15:18 -08:00
Ryan Uber 46a5272a8a agent: first pass at local service and check persistence 2014-11-24 01:10:27 -08:00
lalyos 8f04401648 agent: implementing reverse dns lookup for ipv4 and ipv6 2014-11-23 09:16:37 +01:00
Armon Dadgar f57efbc778 Merge pull request #487 from amalaviy/ephemeral_keys
Ephemeral Nodes for via Session behavior settings.
2014-11-21 10:11:52 -08:00
Ryan Uber dbd420fc4b agent: make event buffer test non-sequential 2014-11-20 21:56:50 -08:00
Ryan Uber da96fb5499 agent: Test event order preservation for watches 2014-11-20 20:35:52 -08:00
Ryan Uber 96619b7f88 agent: Preserve ordering of event buffer. Fixes #479 2014-11-20 19:51:08 -08:00
Atin Malaviya 6ef03a806c Clean up tests, use switch to default session.Behavior value if unspecified, unrecognized 2014-11-20 14:29:18 -05:00
Atin Malaviya 47241fc1c8 Ephemeral Nodes for via Session behavior settings.
Added a "delete" behavior for session invalidation, in addition to
the default "release" behavior. On session invalidation, the sessions
Behavior field is checked and if it is set to "delete", all nodes owned
by the session are deleted. If it is "release", then just the locks
are released as default.
2014-11-20 11:34:45 -05:00
Ryan Uber 28bd9810a7 agent: remove unused config variable 2014-11-19 23:18:12 -08:00
Ryan Uber c283754381 Rebase against upstream 2014-11-19 16:45:49 -08:00
Ryan Uber bc0eb4c16d agent: fix gossip encryption detection 2014-11-19 16:37:40 -08:00
Ryan Uber 8a652c6ffa agent: fix loading keyring on agent start 2014-11-19 16:37:40 -08:00
Ryan Uber ab5fbe4094 agent: ignore -encrypt if provided when keyring exists 2014-11-19 16:37:40 -08:00