tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,653 Commits 347 Branches 117 Tags 199 MiB
Commit Graph

4628 Commits

Author SHA1 Message Date
Alexander A. Klimov 2e5af2922b /v1/events: terminate on disconnect 2019-04-03 09:59:45 +02:00
Alexander A. Klimov 4c5ee0dbbf EventQueue#WaitForEvent(): re-add timeout 2019-04-03 09:53:45 +02:00
Michael Friedrich c6eaee611c
Merge pull request #7074 from Icinga/feature/cli-run-as-icinga-not-root 
Impersonate as Icinga user, not root
 2019-04-03 09:52:08 +02:00
Alexander A. Klimov 28d46052b0 HttpServerConnection#StartStreaming(): auto-detect disconnection 2019-04-03 09:50:52 +02:00
Michael Friedrich c2f180395a
Merge pull request #7000 from Icinga/bugfix/goto-loop 
Don't abuse goto for building simple loops
 2019-04-03 09:46:17 +02:00
Alexander A. Klimov c284cf0b68 HttpServerConnection: encapsulate streaming start indicator 2019-04-02 17:37:29 +02:00
Michael Friedrich 7ca8c3ec2f Impersonate as Icinga user, not root 
This requires write permissions for

- etc/features-*
- etc/*.conf
- var/{lib,cache}/icinga2/*

Typically permissions are handled by prepare-dirs,
or the respective CLI commands are run as root either way.

fixes #4947
 2019-04-02 17:05:48 +02:00
Alexander A. Klimov 09a2e04f4b EventQueue#WaitForEvent(): don't lock I/O thread while locking mutex 2019-04-02 14:38:06 +02:00
Alexander A. Klimov cfd0d86b9b Use C++11 atomics for our intrusive pointers 2019-04-02 13:54:30 +02:00
Alexander A. Klimov 00d859234e Use new I/O engine in PkiUtility::FetchCert() and PkiUtility::RequestCertificate() 2019-04-01 17:18:00 +02:00
Alexander A. Klimov 6e7932f157 Add non-async overloads for JsonRpc::ReadMessage() and JsonRpc::SendMessage() 2019-04-01 17:11:10 +02:00
Alexander A. Klimov f4a78380e9 Add non-async overloads for NetString::ReadStringFromStream() and NetString::WriteStringToStream() 2019-04-01 17:11:10 +02:00
Alexander A. Klimov d1e87bdc45 Connect(): add non-async overload 2019-04-01 17:11:09 +02:00
Alexander A. Klimov f2d9d91e83 Introduce UnbufferedAsioTlsStream#GetPeerCertificate() 2019-04-01 17:11:09 +02:00
Michael Friedrich 5c2aaf6380 Improve error logging on connection failure (cluster) 2019-04-01 16:13:37 +02:00
Alexander A. Klimov 64b2ac4b30 ApiListener: drop unused thread pool 2019-04-01 15:06:17 +02:00
Alexander A. Klimov 3a6caa2800 Respect Accept:application/json where possible 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 24c9542b5b HttpServerConnection: fix side effect of HTTP parser's default body limit 2019-04-01 13:31:16 +02:00
Alexander A. Klimov d428bdf384 Add missing includes 2019-04-01 13:31:16 +02:00
Alexander A. Klimov bf23e5392b UnbufferedAsioTlsStream: don't rely on *this in decltype()s for methods' return types 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 7ec1e638a8 Turn shortcut UnbufferedAsioTlsStream::Parent into a base class 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 5b2c1f023d Rename preventGc to keepAlive 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 5208448b76 Restore the previous performance of replaying logs 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 79e95d2355 Introduce JsonRpcConnection#SendMessageInternal() 2019-04-01 13:31:16 +02:00
Alexander A. Klimov e6d78bf361 Move some TCP/TLS logic out of ApiListener 
... for re-using it
 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 79220ee647 io-engine.hpp: fix missing namespace 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 8b3efe5759 Introduce AsioConditionVariable 2019-04-01 13:31:16 +02:00
Alexander A. Klimov d3392d1579 Rename AsioTlsStreamHack to UnbufferedAsioTlsStream 2019-04-01 13:31:16 +02:00
Alexander A. Klimov e129c561d5 HttpServerConnection: don't disconnect during sending response 2019-04-01 13:31:16 +02:00
Alexander A. Klimov b384f859c9 Make IoEngine::m_CpuBoundSemaphore signed 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 326bf66255 ApiListener: use setsockopt(), not tcp::acceptor#set_option() 2019-04-01 13:31:16 +02:00
Alexander A. Klimov b5fddaf3ce ApiListener: log why bind(2) failed 2019-04-01 13:31:16 +02:00
Alexander A. Klimov e26774c7f8 IoEngine: adjust I/O threads 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 19625e62ef ApiListener: fix self-made security hole 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 87b0c452db HttpServerConnection: re-add automatic disconnect 2019-04-01 13:31:16 +02:00
Alexander A. Klimov f029fd4884 Re-add HttpServerConnection#Disconnect() 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 16913cb977 JsonRpcConnection: add missing CpuBoundWork 2019-04-01 13:31:16 +02:00
Alexander A. Klimov a451327b81 JsonRpcConnection: re-add num_json_rpc_work_queue_item_rate 2019-04-01 13:31:16 +02:00
Alexander A. Klimov a54bd9d5c4 JsonRpcConnection: re-add automatic disconnect 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 7aae8bd265 JsonRpcConnection: re-add heartbeats 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 84b411501b Re-add JsonRpcConnection#Disconnect() 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 2d16b02520 ApiListener#NewClientHandlerInternal(): shut down TLS stream 2019-04-01 13:30:42 +02:00
Alexander A. Klimov c46157d552 ApiListener: fix self-made security hole 2019-04-01 11:40:14 +02:00
Alexander A. Klimov f9fff54da2 ApiListener: don't require a valid certificate for the TLS handshake to complete 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 6c86c127f1 Port JsonRpcConnection to Boost ASIO 2019-04-01 11:40:14 +02:00
Alexander A. Klimov c76947e8b9 JsonRpc::ReadMessage(): add Boost ASIO overload 2019-04-01 11:40:14 +02:00
Alexander A. Klimov b26808414c NetString::ReadStringFromStream(): add Boost ASIO overload 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 48b5824e37 ApiListener: send icinga::Hello message 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 49ac7777e0 JsonRpc::SendMessage(): add Boost ASIO overload 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 43658de529 NetString::WriteStringToStream(): add Boost ASIO overload 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 832365195d ApiListener: connect(2) via Boost ASIO 2019-04-01 11:40:14 +02:00
Alexander A. Klimov e9a64abd09 ApiListener#ListenerCoroutineProc(): catch more edge cases 2019-04-01 11:40:14 +02:00
Alexander A. Klimov a6813ec786 ApiListener: restore previous bind(2) behavior 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 282f8fd173 IoEngine: explicitly join I/O threads 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 493a97f4f3 EnsureAcceptHeader(): fix wrong condition 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 8c5d629d35 /v1/events: don't truncate any events 2019-04-01 11:40:14 +02:00
Alexander A. Klimov ac72ca4ae6 Don't warn that Boost.Coroutine v1 is deprecated 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 7681ec10a4 /v1/events: don't lock I/O thread 2019-04-01 11:40:14 +02:00
Alexander A. Klimov d7b465ce74 Implement IoBoundWorkSlot 2019-04-01 11:40:14 +02:00
Alexander A. Klimov fd239ba3fe Adjust /v1/events, too 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 1941c1da28 Adjust all HTTP handlers (ex. /v1/events) 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 9ae1d732af HttpServerConnection: actually handle requests 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 7fe0431ada HttpServerConnection: verify requests via Boost ASIO + Beast 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 04a9879acc Add HttpUtility::SendJsonError() overload for Boost/Beast 2019-04-01 11:40:14 +02:00
Alexander A. Klimov fc22cbaf09 Add HttpUtility::SendJsonBody() overload for Boost/Beast 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 2d7714802d Allow CpuBoundWork to be done before end of scope 2019-04-01 11:40:14 +02:00
Alexander A. Klimov e21956e26e ApiListener: detect protocol 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 539855bac1 ApiListener: verify peer 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 720c53ab77 ApiListener: perform TLS handshake 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 2615967e7f Make ApiListener#m_SSLContext a Boost ASIO SSL context 2019-04-01 11:40:14 +02:00
Alexander A. Klimov e4f3422b3a ApiListener: listen(2) via Boost ASIO 2019-04-01 11:40:14 +02:00
Alexander A. Klimov c547e9a863 Implement basic I/O engine 2019-04-01 11:40:14 +02:00
Alexander A. Klimov 7c7c5e28f5 Implement LazyInit<T> 2019-04-01 11:40:14 +02:00
Michael Friedrich 2913291a17 ido Check: Add last failover timestamp to output when HA enabled IDO is running 2019-04-01 09:31:03 +02:00
Michael Friedrich 4a26a48778 Code Quality: Move authority.cpp into the ApiListener class scope 2019-04-01 08:51:18 +02:00
Michael Friedrich 149f640fd8 Improve DB IDO HA failover behaviour 
- Decrease Object Authority updates to 10s (was 30s)
- Decrease failover timeout to 30s (was 60s)
- Decrease cold startup (after (re)start) with no OA updates to 30s (was 60s)
- Immediately connect on Resume()
- Fix query priority which got broken with #6970
- Add more logging when a failover is in progress

```
[2019-03-29 16:13:53 +0100] information/IdoMysqlConnection: Last update by endpoint 'master1' was 8.33246s ago (< failover timeout of 30s). Retrying.

[2019-03-29 16:14:23 +0100] information/IdoMysqlConnection: Last update by endpoint 'master1' was 38.3288s ago. Taking over 'ido-mysql' in HA zone 'master'.
```

- Add more logging for reconnect and disconnect handling
- Add 'last_failover' attribute to IDO*Connection objects

refs #6970
 2019-04-01 08:50:00 +02:00
Michael Friedrich c2bf4cca9f Disable feature HA by default (InfluxDB, Graphite, Gelf, Elasticsearch, OpenTSDB, Perfdata) 2019-03-27 15:29:47 +01:00
Michael Friedrich 93030709f5 Implement previous_state_change 2019-03-27 11:43:14 +01:00
Michael Friedrich 06eacd13ab Also apply buffer flush fix for Elasticsearch feature 2019-03-27 11:35:41 +01:00
Michael Friedrich cb3729bc6a InfluxDB: Flush only if there's data in the buffer 
Regression from 2.10.4
 2019-03-27 11:26:00 +01:00
Michael Friedrich 27a41804fc Elasticsearch: Change Content-Type header to 'application/x-ndjson' for bulk streams 
fixes #6609
 2019-03-20 10:13:38 +01:00
Michael Friedrich 424929e66a Improve logging of OpenTsdbWriter 2019-03-19 09:39:14 +01:00
Michael Friedrich acf62d487e Improve logging of GelfWriter 2019-03-19 09:39:14 +01:00
Michael Friedrich 783a4c832c Improve logging of ElasticsearchWriter 2019-03-19 09:39:14 +01:00
Michael Friedrich aa93c382e1 Improve logging of InfluxdbWriter 2019-03-19 09:39:14 +01:00
Michael Friedrich 82dcb3965b Improve logging of GraphiteWriter 2019-03-19 09:39:09 +01:00
Michael Friedrich 9f91ab98b8
Merge pull request #7027 from Icinga/feature/es-improve-error-handling 
Elasticsearch: Improve error handling/logging
 2019-03-19 08:35:16 +01:00
Michael Friedrich 6ace8001d8
Merge pull request #7019 from Icinga/feature/new-json-library 
Replace YAJL with nlohmann::json
 2019-03-18 17:26:57 +01:00
Michael Friedrich 816a935b3d Elasticsearch: Improve error handling/logging 
- Missing content-type
- Wrong content-type shouldn't hide the error message
- Error message should include more details (request URL, etc.)
 2019-03-18 16:41:01 +01:00
Alexander A. Klimov b2e2b587da ElasticsearchWriter: don't leak sockets 
refs #7018
 2019-03-18 15:09:07 +01:00
Alexander A. Klimov 0cf10c6306 Make buildable with VS 2017 2019-03-18 15:07:57 +01:00
Alexander A. Klimov 2a05b46431 Auto-sanitize data before en-/decoding JSON 2019-03-18 15:07:57 +01:00
Alexander A. Klimov 9daca0b216 Get rid of YAJL 2019-03-18 15:07:57 +01:00
Alexander A. Klimov 5882594b43 JsonEncode(): use nlohmann::json 2019-03-18 15:07:57 +01:00
Alexander A. Klimov 1b0367b740 JsonDecode(): use nlohmann::json::sax_parse() 2019-03-18 15:07:57 +01:00
Michael Friedrich 724b34c6f2 Integrate nlohmann_json into CMake 
Better integration into base/json.cpp

Signed-off-by: Alexander A. Klimov <alexander.klimov@icinga.com>
 2019-03-18 15:07:50 +01:00
Michael Friedrich 2de8bac588
Merge pull request #6990 from Icinga/bugfix/influxdbwriter-oom-6989 
InfluxdbWriter: don't leak sockets
 2019-03-18 14:38:04 +01:00
Michael Friedrich ea80d93efc
Merge pull request #7014 from Icinga/feature/utf8cpp 
Utility::ValidateUTF8(): use UTF8-CPP
 2019-03-18 10:57:03 +01:00
Michael Friedrich 804c00ece5
Merge pull request #6999 from Icinga/bugfix/compiler-warnings 
Suppress or fix compiler warnings
 2019-03-18 08:44:30 +01:00
Alexander A. Klimov a72f4db5c9 Utility::ValidateUTF8(): use UTF8-CPP 2019-03-15 13:34:20 +01:00