Commit Graph

3888 Commits

Author SHA1 Message Date
Jean Flach 872d4895f0 Fix flapping endianness and events
fixes 
2017-11-07 11:13:17 +01:00
Michael Friedrich 260c6d7438 Node setup: ticket parameter is now optional
refs 
2017-11-03 14:10:45 +01:00
Michael 86cdc5bc53 Include default global zones during node wizard/setup
This changes the GenerateNodeMasterIcingaConfig and GenerateNodeIcingaConfig
functions inside the nodeutillity class to the effect, that the default global
zones global-templates and director-global will be written to the generated
zones.conf that is created during the node wizard/setup.

refs 

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-10-31 12:07:12 +01:00
Jean Flach 9ba5b4f4b7 Merge pull request from Icinga/fix/flapping-old-4982
Re-implement flapping

fixes 
2017-10-24 16:58:59 +02:00
Jean Flach a21ffd6fe4 Fix flapping
Re-implement flapping following the 'old way' of just observing the last
20 stage changes.

refs 
2017-10-24 15:54:05 +02:00
Gunnar Beutner 2bbb5366fd Merge pull request from Icinga/fix/api-staging-3668
WIP: Ensure that the REST API config package/stage creation is atomic
2017-10-24 12:51:09 +02:00
Noah Hilverling 3e8f78e2cc Process: Fix fork error handling
refs 
2017-10-23 11:01:42 +02:00
Noah Hilverling 7930ae5094 Process: Remove log message from child process 2017-10-23 11:01:16 +02:00
Gunnar Beutner f2d437e96c Implement support for migrating certificates to /var/lib/icinga2/certs
This commit includes documentation too.

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-10-20 14:06:02 +02:00
Jean Flach aad96d6b09 Improve error message for unknow functions
refs 
2017-10-18 11:25:38 +02:00
Michael Friedrich 9d68ae9f1f Merge pull request from Icinga/fix/config-validation-fails-on-windows-with-unprivileged-account-5515
Add windows process elevation and log message if user does not have privileges to read/write files
2017-10-13 16:31:12 +02:00
Fabian Röhl 82794474e6 Add pdv unit to influxdbwriter if not empty + doc
refs 
2017-10-13 14:54:00 +02:00
Michael Friedrich 0b1ce7111c Merge pull request from Al2Klimov/bugfix/failure-to-kill-check-command-after-exceeding-timeout-is-not-reported-4981
Report failure to kill check command after exceeding timeout
2017-10-13 13:57:26 +02:00
Michael Friedrich 77ecdbd85c Merge pull request from Icinga/fix/api-crash-race-condition
Fix possible race condition in ApiListener locking
2017-10-12 13:40:59 +02:00
Michael Friedrich 87979fd0a1 Merge pull request from Icinga/fix/influxdb-unnecessary-string-casts
Fix unnecessary String() casts in InfluxdbWriter
2017-10-12 13:22:43 +02:00
Michael Friedrich 9a04a99400 Merge pull request from Icinga/feature/cn-check-for-san
Add subjectAltName extension for all non-CA certificates
2017-10-10 17:50:01 +02:00
Michael Friedrich ff570ad060 Merge pull request from Icinga/fix/db-ido-comments-downtimes-constraint-on-legacy-id-change
Fix unique constraint matching for UPDATE downtime/comment runtime tables in DB IDO
2017-10-10 17:47:47 +02:00
Michael Friedrich 06403c1147 Merge pull request from Icinga/fix/match-with-empty-array
Fix match(), regex(), cidr_match() behaviour with MatchAll and empty arrays
2017-10-10 17:46:51 +02:00
Michael Friedrich a521f49803 Fix debug builds on Apple Clang 9.0.0 (macOS High Sierra) 2017-10-02 13:49:42 +02:00
Michael Friedrich b9cfd4d2e9 Fix unnecessary String() casts in InfluxdbWriter
fixes 
2017-09-29 16:33:08 +02:00
Michael Friedrich 6061d56a7c Fix unique constraint matching for UPDATE downtime/comment runtime tables in DB IDO
fixes 
fixes 
2017-09-29 16:12:38 +02:00
Michael Friedrich c0a3de64fb Fix match(), regex(), cidr_match() behaviour with MatchAll and empty arrays
fixes 
2017-09-29 14:45:15 +02:00
Gunnar Beutner 92727d13c7 Fix a build warning
refs 
2017-09-25 12:15:59 +02:00
Michael Friedrich 953d840cc1 Fix certificate paths for installers
refs 
2017-09-22 15:00:45 +02:00
Michael Friedrich 11c41cd747 Drop unused code from NodeUtility class
refs 
2017-09-22 14:05:08 +02:00
Michael Friedrich 68cae91378 Remove bottom-up cluster messages
refs 
2017-09-22 14:04:53 +02:00
Michael Friedrich 601c10b997 Remove bottom-up CLI commands
refs 
2017-09-22 14:04:43 +02:00
Noah Hilverling aab50f669c Add process elevation & log message if user does not have enough privileges
refs 
2017-09-22 10:25:17 +02:00
Jean Flach 79166a31d4 Revert "Add Log Warning in case active-stage is empty"
This reverts commit 287f72b0a0.
2017-09-21 13:54:29 +02:00
Jean Flach 287f72b0a0 Add Log Warning in case active-stage is empty
Maybe Critical instead? Throwing an exception seems unnecessary.

refs 
2017-09-20 17:57:14 +02:00
Michael Friedrich 74d13345dc Merge pull request from Icinga/feature/custom-syslog-facility-option-on-sysloglogger-object-3964
SyslogLogger: Implement option to set syslog facility
2017-09-20 17:25:58 +02:00
Jean Flach ef5013b903 Use locks in api config staging
refs 
2017-09-20 16:45:09 +02:00
ryanohnemus 1cb39994a5 API: Add optional reload parameter to config stage upload
You can now specify a boolean `reload` attribute that
will allow you to skip the icinga2 reload after config
validation. By default this is set to true.

The response text has been updated to show if icinga2
will reload or if it was requested to be skipped.

fixes 
2017-09-20 14:16:55 +02:00
Noah Hilverling ea24af6590 SyslogLogger: Implement option to set syslog facility
fixes 
2017-09-20 14:09:51 +02:00
Michael Friedrich 7bdeeeadcf Silence log level for configuration file updates
This only helps with debugging the configuration sync, but seems
to be highlighted quite often in default configurations (where
the timestamp is equal).

refs 
2017-09-20 13:30:02 +02:00
Noah Hilverling 94fe1b2292 HttpServerConnection: Implement CORS support
fixes 
2017-09-20 13:18:29 +02:00
Jean Flach 1b54772b85 Fix where clauses for downtime/comment DB IDO queries using a non-matching legacy id before
fixes  
2017-09-20 12:13:14 +02:00
Jean Flach 4df1125114 Fix Windows build error
fixes 
2017-09-18 17:47:08 +02:00
Michael Friedrich 9948bee51c Fix API crash with race condition on locks
This was split from  and .

More patches from  are pending.

refs 
refs 
refs 

refs 
refs 
refs 
refs 
refs 
2017-09-18 15:25:29 +02:00
Gunnar Beutner 5179faceab Implement new script functions: path_exists, glob and glob_recursive 2017-09-18 13:59:03 +02:00
Gunnar Beutner 80421e4619 Build fix for OpenSSL < 1.0.2
refs 
2017-09-12 13:09:16 +02:00
Michael Friedrich 578dcbe861 Add some more verbose logging details
refs 
2017-09-12 12:52:50 +02:00
Michael Friedrich 501ade374c Remove debug logging, fix ticket path, enhance logging
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 043106242d Remove API stubs for now
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 88e57f7fd4 Implement support for cleaning up certificate requests
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 0a85977831 Node Wizard: Tell the user to put ca.crt if no connection to parent is selected
This also fixes the choice tree for connection-less questions
and prevents empty tickets being stored on disk.

refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 2fec16952d Remove unused code
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner f43516a097 Implement the --verbose option for "node wizard"
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich e424017c15 Refactor the node wizard/setup CLI commands
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 181b91b759 Enhance logging for certificate requests
Examples:
https://github.com/Icinga/icinga2/issues/5450#issuecomment-327479874

This also adds code comments where applicable.

refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich ce88e89cc0 Fix wrong cert path for CLI commands
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner a7fe6467ba Improve log messages for the 'pki save-cert' command
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 8040bda2e1 Change directory layout to /var/lib/icinga2/{ca,certs,certificate_requests}
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 88b4a54e6b Fix ticket hash calculation for indirectly connected clients
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner c02742925e Refactor PkiUtility class
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 1e7860f2b1 Implement ApiListener::Get*Dir() functions
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 6a533796e5 Update output format for the new CLI commands
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 774936bfe8 Implement support for pki::UpdateCertificate messages
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 623208d617 Implement support for forwarding certificate requests
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 03f5ccd252 Implement support for cleaning up expired API callbacks
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner cc43dc734b Refuse to sign certificate if it already has the correct chain and doesn’t expire soon
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 440f848c7c Improve error handling for JSON-RPC calls
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner a8cc0a601b Add missing _unlink() calls for Windows
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner cb49ac1264 Delete ticket file once we have a signed certificate
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 4cfbf6eb17 Disconnect all clients when we update our own certificate
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 439251532e Implement support for saving client tickets
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 192502f9e5 Implement support for reloading SSL certificates without a restart
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 0ec07bce51 Implement support for updating client certificates
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner cdff792c11 Make the ticket optional in 'icinga2 node wizard'
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 8d05fc99c9 Improve message formatting for the 'icinga2 node wizard' command
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner a4684d1bfd Implement support for sending pki::RequestCertificate messages in the cluster
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner b08f5477dc Change PKI path from /etc/icinga2/pki to /var/lib/icinga2/pki
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner abdd4b307b Implement the 'ca list' and 'ca sign' CLI commands
refs 
2017-09-12 12:52:49 +02:00
Gunnar Beutner 510e2d622a Implement support for ticket-less certificate requests
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 1d75a15d8e ElasticWriter: Implement support for TLS connections (HTTP proxy)
This commit also enhances the log messages.

refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 95fbd75df8 ElasticWriter: Add basic auth support for Elasticsearch behind an HTTP proxy
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 344b047ea0 Move Base64 class into libbase
refs 
2017-09-12 12:52:49 +02:00
Michael Friedrich 386b9de042 Drop obsolete code
refs 
2017-09-12 12:52:49 +02:00
Jean Flach e19d3f57c7 Add ElasticWriter
fixes 
2017-09-12 12:52:49 +02:00
Michael Friedrich 9e17ff874b Logs: Change config sync update to highlight an information, not an error
fixes 
2017-09-12 12:52:49 +02:00
Gunnar Beutner b316de8aea Implement additional logging for the JsonRpc class 2017-09-12 12:52:49 +02:00
Jean Flach de51966f52 Don't sent scheme and hostname in request 2017-09-06 16:01:02 +02:00
Gunnar Beutner 10691db5b1 Implement support for ECC certificates 2017-09-06 12:29:30 +02:00
Gunnar Beutner 3385122bc3 Add subjectAltName extension for all non-CA certificates 2017-09-06 12:25:36 +02:00
Federico Cuello a6b4bd48e2 Fix parameter order for Acknowledge{,Svc,Host}Problem in API actions/external commands
It was preventing email notifications with default settings, as `persistent` defaults to false and therefore `notify` was not set.

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-09-05 08:50:22 +02:00
Michael Friedrich 261bd93c0b Implement get_services(host {name,object}) and add host object support for get_service()
This includes some debug console examples too which involve advanced
map() and filter examples for better readability.

refs 
2017-08-28 19:54:26 +02:00
Michael ac0fdd7144 Change more loglines for checkables so checkable is quoted
refs 
2017-08-24 13:35:55 +02:00
Thomas Widhalm de9a097a97 Change loglines for checkables so checkable is quoted 2017-08-23 19:11:46 +02:00
Michael Friedrich e88b97079c API: Add execution_{start,end} attribute to 'process-check-result' action
fixes 
2017-08-21 17:20:56 +02:00
Michael Friedrich 445ee949da Merge pull request from Icinga/feature/enhance-client-connect-logging
Enhance client connect/sync logging and include bytes/zone in logs
2017-08-21 11:36:52 +02:00
Michael Friedrich 778c742b75 Merge pull request from Icinga/fix/cluster-fifo-optimize
Change FIFO::Optimize() frequency for large messages
2017-08-21 11:36:32 +02:00
Michael Friedrich 873a553a4f Enhance client connect/sync logging and include bytes/zone in logs
refs 
2017-08-21 11:31:24 +02:00
Michael Friedrich 732a5849d5 Change FIFO::Optimize() frequency for large messages
refs 
2017-08-21 11:24:39 +02:00
Michael Friedrich d075665d1b Merge pull request from Icinga/feature/remove-deprecated-graphite-legacy-mode
Graphite: Remove deprecated legacy schema mode
2017-08-17 20:06:47 +02:00
Michael Friedrich cb94b218a6 Merge pull request from spjmurray/fix/influxdb_timeouts_5460_5469
Fix TLS Race Connecting to InfluxDB
2017-08-17 18:25:17 +02:00
Michael Friedrich 52dcce972f Livestatus: Fix crash with empty stats columns
refs 
refs 
2017-08-16 15:28:15 +02:00
Michael Friedrich a43ae941b6 Merge pull request from Icinga/fix/api-object-query-type-error
API: Fix requested attrs/joins/meta type errors in object query response
2017-08-15 12:52:33 +02:00
Simon Murray abc3652b00 Fix TLS Race Connecting to InfluxDB
Rather than leaving stale connections about we tried to poll for data coming in
from InfluxDB and timeout if it didn't repond in a timely manner.  This introduced
a race where the timeout triggers, a context switch occurs where data is actually
available and the TlsStream spins trying to asynchronously notify that data is
available, but which never gets read.  Not only does this use up 100% of a core,
but it also slowly starves the system of handler threads at which point metrics
stop being delivered.

This basically removes the poll and timeout, any TLS socket erros should be
detected by TCP keep-alives.

Fixes  
2017-08-14 16:20:49 +01:00
Gunnar Beutner 6bc79b6b37 Merge pull request from Icinga/fix/livestatus-stats-groups
Fix grouping for Livestatus queries with 'Stats'
2017-08-14 16:19:18 +02:00
Gunnar Beutner 5402c1d610 Fix grouping for Livestatus queries with 'Stats'
refs 
2017-08-14 15:30:06 +02:00
Noah Hilverling 5b9337e130 Process: Fix JSON parsing error on process helper crash 2017-08-14 08:27:04 +02:00
Stefar77 6b66e332fb API: Fix requested attrs/joins/meta type errors in object query response
fixes 

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-08-11 16:23:29 +02:00
Gunnar Beutner 4d943c7f5c Implement additional functions for printing values with LLDB/GDB 2017-08-10 08:26:22 +02:00
Michael Friedrich eb5e299c4b Graphite: Remove deprecated legacy schema mode
This commit includes some code cleanup too.

fixes 
2017-08-09 18:52:35 +02:00
Michael Friedrich f6691b4936 Fix config validation for DB IDO categories 'DbCatEverything'
refs 
2017-08-09 16:31:03 +02:00
Michael Friedrich 3201d92fbd DB IDO: Fix host's unreachable state in history tables
fixes 
2017-08-07 11:10:02 +02:00
Michael I 3e54e34147 Update featurelistcommand.cpp
refs 
2017-07-25 13:35:20 +02:00
Gunnar Beutner c8b4fee843 Make rlimits configurable by adding three variables: RLimitFiles, RLimitProcesses and RLimitStack
refs 
2017-06-23 12:42:12 +02:00
Michael Friedrich 6397fedc3d Remove experimental redis feature before 2.7 release 2017-06-20 11:52:24 +02:00
Michael Friedrich 6ab5839f2f Merge pull request from Icinga/fix/wheezy-livestatus-dbl_max
livestatus/minaggregator: Buildfix for Debian wheezy
2017-06-19 17:27:11 +02:00
Markus Frosch e8681658b6 livestatus/minaggregator: Buildfix for Debian wheezy 2017-06-19 08:42:56 +02:00
mcktr 53908b7080 Fixed missing closing bracket in CLI command pki new-cert. 2017-06-18 15:13:16 +02:00
Michael Friedrich 67bd6d1813 Merge pull request from gitmopp/patch-1
Fix for stats min operator

fixes 
2017-06-16 21:02:17 +02:00
Michael Friedrich 6036ec20f5 Build fix for Debian Wheezy
fixes 
2017-06-16 16:57:05 +02:00
Michael Friedrich c6b375dcbd Merge pull request from Icinga/feature/check_nscp-4721
Add NSCP API check plugin for NSClient++ HTTP API
2017-06-13 21:56:58 +02:00
Jean Flach 39c24e9ec9 Add check_nscp_api plugin for NSClient++ API checks
refs 
2017-06-13 21:17:16 +02:00
Gunnar Beutner f9feb41877 Implement support for handling exceptions in user scripts 2017-06-13 14:03:41 +02:00
Michael Friedrich 2a4359d7e8 Windows build fix for InfluxdbWriter
refs 
fixes 
2017-06-07 14:16:15 +02:00
Michael Friedrich 89ac5b2fff GelfWriter: Add 'check_command' to CHECK RESULT/* NOTIFICATION/STATE CHANGE messages
This allows for much more easy filtering in Graylog web
similar to Graphite or InfluxDB and their template dashboards.
2017-06-06 20:23:26 +02:00
Michael Friedrich 41a400f552 Merge pull request from Icinga/feature/graphite-stats
GraphiteWriter: Add 'connected' to stats; fix reconnect exceptions
2017-06-06 20:13:33 +02:00
Michael Friedrich f42b820007 GraphiteWriter: Add 'connected' to stats; fix reconnect exceptions 2017-06-06 19:50:37 +02:00
Michael Friedrich f10815efa2 GelfWriter: Use async work queue and add feature metric stats
fixes 
2017-06-06 19:48:23 +02:00
gitmopp 65ed89c48d Fix for stats min operator
Fix for bug 
2017-06-01 19:30:04 +02:00
Gunnar Beutner 7ca485f63c Improve validation for attributes which must not be 'null' 2017-05-30 14:47:28 +02:00
Gunnar Beutner c9039e1850 Merge pull request from Icinga/fix/openssl-0.9.8-subjectaltname
Build fix for OpenSSL 0.9.8 and stack_st_X509_EXTENSION

fixes 
2017-05-29 09:45:34 +02:00
Gunnar Beutner 1fd2695e02 Fix compiler warnings
refs 
2017-05-29 09:13:19 +02:00
mcktr 9e1016dd4f Fix missing apostrophe in notification log
refs 
2017-05-26 17:58:04 +02:00
Michael Friedrich dab2522acc InfluxDB: Optimize work queue event handling
refs 
2017-05-26 17:11:13 +02:00
Michael Friedrich d0dcb8a658 ApiListener: Handle zero JSON-RPC WQs gracefully for stats
refs 
refs 
2017-05-26 17:02:36 +02:00
Michael Friedrich 28395b32f0 GraphiteWriter: Use a workqueue for event processing
This also adds reconnect handling and exceptions.

refs 
refs 
refs 
2017-05-26 15:18:14 +02:00
Michael Friedrich 79c45ea811 Build fix for OpenSSL 0.9.8 and stack_st_X509_EXTENSION 2017-05-26 13:16:20 +02:00
Michael Friedrich 647d82094f InfluxDB: Remove obsolete logger, now implemented in WorkQueue class
refs 
refs 
2017-05-24 17:01:46 +02:00
Michael Friedrich 3a5d4f3c8d DB IDO: Remove obsolete logger, now implemented in WorkQueue class
refs 
refs 
2017-05-24 16:52:15 +02:00
Michael Friedrich d366a63510 Add API & Cluster stats to /v1/status & icinga check performance metrics
refs 
2017-05-24 16:21:05 +02:00
Michael Friedrich b7358334fc Add feature stats to 'icinga' check as performance data metrics 2017-05-23 17:28:54 +02:00
Michael Friedrich 456cfdc636 Implement WorkQueue metric stats and periodic logging
refs 
2017-05-23 16:00:21 +02:00
Michael Friedrich 52d986d02b Revert "Add LogstashWriter feature"
This reverts commit f5a971f5b0.

refs 
2017-05-23 12:05:01 +02:00
Michael Friedrich 4c7660190f Revert "Review LogstashWriter feature implementation"
This reverts commit bd5ff814f2.

refs 
2017-05-23 12:04:08 +02:00
Gunnar Beutner fa874e659b Build fix for I2_LEAK_DEBUG 2017-05-22 11:42:47 +02:00
Gunnar Beutner 7130e5e387 Merge pull request from Icinga/feature/array-match
Implement new array match functionality

fixes  
fixes 
2017-05-16 14:22:35 +02:00
Gunnar Beutner 958d3982c5 Add 'mode' argument for match, regex and cidr_match 2017-05-16 13:22:10 +02:00
Michael Friedrich 79dcb789c2 Move PerfdataValue() class into base library
This is required for libremote and ApiListener stats in 
2017-05-15 16:32:29 +02:00
Gunnar Beutner dc9f129060 Implement the Array#any and Array#all protoype functions 2017-05-15 15:59:44 +02:00
Gunnar Beutner 1b77f4b336 Implement the Dictionary#values prototype function 2017-05-15 15:54:48 +02:00
Michael Friedrich 37f7c7a294 Merge pull request from Icinga/fix/graylog-perfdata
Fix performance data processing in GelfWriter feature

fixes 
2017-05-15 14:08:39 +02:00
Michael Friedrich 2338db5f6a Fix performance data processing in GelfWriter feature
Includes fixes for possible crashes on empty check results.

fixes 
2017-05-15 13:46:43 +02:00
Gunnar Beutner 7e3b664140 Add missing ->GetName() calls
fixes 
2017-05-15 11:11:08 +02:00
Michael Friedrich f282126bb4 Don't allow acknowledgement expire timestamps in the past
fixes 
2017-05-15 10:23:21 +02:00
Alexander A. Klimov 8bf3ab0285 Produce an unknown check result if we failed to kill the process
refs 
2017-05-12 15:25:22 +02:00
Michael Friedrich 3753f53a67 Fix cluster crash w/ config sync
refs 
2017-05-12 10:48:11 +02:00