tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,599 Commits 347 Branches 119 Tags 186 MiB
Commit Graph

5151 Commits

Author SHA1 Message Date
Alexander A. Klimov 4eee9572ab RedisWriter: identify config objects by SHA1(PackObject([Environment, __name])) 2019-11-02 14:00:23 +01:00
Michael Friedrich fae5b88e48 Add all stats similar to /v1/status 2019-11-02 14:00:23 +01:00
Michael Friedrich d7f6d7994b Move stats into a separate file 2019-11-02 14:00:23 +01:00
Alexander A. Klimov 3229982bee RedisWriter: compute name_checksum as expected 2019-11-02 14:00:23 +01:00
Alexander A. Klimov f05a5eecc2 Centralize identifier computation 2019-11-02 14:00:23 +01:00
Alexander A. Klimov a5aef627f8 RedisWriter: use __name as object key 2019-11-02 14:00:23 +01:00
Alexander A. Klimov 3ea3b2ba27 RedisWriter: checksum package, source_location and templates separately in metadata_checksum 2019-11-02 14:00:23 +01:00
Alexander A. Klimov e980485e23 RedisWriter: Explicitly checksum Zone#endpoints 2019-11-02 14:00:23 +01:00
Alexander A. Klimov dcdf6b8a44 RedisWriter: Exclude explicitly checksummed properties from properties_checksum 2019-11-02 14:00:23 +01:00
Alexander A. Klimov dc73db01b8 RedisWriter: use one checksum algo for everything 2019-11-02 14:00:23 +01:00
Alexander A. Klimov b32b81d957 RedisWriter: Pack objects consistently for hashing 2019-11-02 14:00:23 +01:00
Michael Friedrich 60a5a14aa2 Checksums 2019-11-02 14:00:23 +01:00
Michael Friedrich 79f06a90d4 WIP 2019-11-02 14:00:23 +01:00
Michael Friedrich 782486ce9c Ensure that arrays are sorted for checksum calculation 2019-11-02 14:00:23 +01:00
Michael Friedrich 26a2095426 Implement config object check sums, shot one 2019-11-02 14:00:23 +01:00
Michael Friedrich 8c38c7eddc Ensure that type names are lower cases for Redis lookups 2019-11-02 14:00:23 +01:00
Michael Friedrich 33a00e4b5a Move UpdateObjectAttrs into the objects scope 2019-11-02 14:00:23 +01:00
Michael Friedrich f715d479e7 Rename source file 2019-11-02 14:00:23 +01:00
Michael Friedrich ddf2aea065 Compile redis into the icinga2 binary; apply more C++11 code changes 2019-11-02 14:00:23 +01:00
Michael Friedrich 61edfcb68d Apply code style 2019-11-02 14:00:23 +01:00
Jean Flach 5eab856673 Publish events to one enpoint 2019-11-02 14:00:23 +01:00
Jean Flach c8561676ec Add limit for subscriptions 2019-11-02 14:00:23 +01:00
Gunnar Beutner f631bf8cb5 Use sets for subscriptions 
refs #5656
 2019-11-02 14:00:23 +01:00
Gunnar Beutner 06211c3ac7 Implement support for the new config/state schema 
fixes #5671
 2019-11-02 14:00:23 +01:00
Gunnar Beutner 1725038ca8 Implement pipelining support for Redis queries 
fixes #5670
 2019-11-02 14:00:23 +01:00
Jean Flach 7c8412928e Subscriptions 
fixes #5656
 2019-11-02 14:00:23 +01:00
Jean Flach 1ada53dd57 Trim event queue 
TODO: make configurable

refs #5119
 2019-11-02 14:00:23 +01:00
Gunnar Beutner b6c86f98ec Clean up the code a bit 2019-11-02 14:00:23 +01:00
Gunnar Beutner fff1049ba0 Ensure that the WorkQueue name is set 2019-11-02 14:00:23 +01:00
Gunnar Beutner b75e21a998 Redis support (WIP) 2019-11-02 14:00:23 +01:00
Michael Friedrich 7e369c0443
Merge pull request #7546 from Icinga/feature/zone-in-zone-7530 
DaemonUtility#ValidateConfigFiles(): re-try unknown zones once they may have become known
 2019-10-31 16:34:08 +01:00
Alexander Aleksandrovič Klimov 3804f4edcc I like to move it, move it 2019-10-28 13:46:33 +01:00
Ant1x 166e79fee1 Added OpenTSDB Metric prefix naming support 
Added OpenTSDB Generic Metric functionality
 2019-10-24 00:04:12 +11:00
Ant1x 0b8fdfd7f2 Removed dictionary cloning behaviour. 
Added configuration caching on instantiation.
 2019-10-24 00:04:12 +11:00
Ant1x c2c4b97ea5 Adjusted explicit String cast 2019-10-24 00:04:12 +11:00
Ant1x 619a487733 Added validation function comments 2019-10-24 00:04:12 +11:00
Ant1x 90c42e1bbc Re-worded debug log message 2019-10-24 00:04:12 +11:00
Ant1x 3cd6b66cd4 Initial commit, add custom tag functionality 2019-10-24 00:04:12 +11:00
Michael Friedrich e0ef5fe9de
Merge pull request #7458 from Icinga/feature/config-parser-cleanup 
Config parser: introduce optional_newlines
 2019-10-22 17:29:59 +02:00
Michael Friedrich 3b49c10d0a
Merge pull request #7584 from Icinga/bugfix/cluster-sync-checksums-timestamps 
Cluster Config Sync: Check the timestamp prior to config file checksums for changes
 2019-10-22 17:22:27 +02:00
Michael Friedrich 6103f53c5b
Merge pull request #7541 from Icinga/bugfix/heredoc-eof 
Config lexer: complain on EOF in heredocs, i.e. {{{abc<EOF>
 2019-10-22 17:19:27 +02:00
Michael Friedrich cb20b4829a Cluster Config Sync: Check the timestamp prior to config file checksums 
Otherwise old configuration received from a secondary master/satellite
could always trigger a config change & reload.
 2019-10-22 14:07:10 +02:00
Alexander A. Klimov 768044a754 Replace std::shared_ptr<NamespaceValue> with NamespaceValue::Ptr 
refs #7361
 2019-10-21 17:10:51 +02:00
Alexander A. Klimov aa4cad7482 Replace std::shared_ptr<Expression> with Expression::Ptr 
refs #7361
 2019-10-21 17:10:51 +02:00
Alexander A. Klimov 4438ccbf9e Introduce SharedObject 
refs #7361
 2019-10-21 17:10:51 +02:00
Alexander A. Klimov ba1ce9c853 Replace std::shared_ptr<boost::asio::ssl::context> with Shared<boost::asio::ssl::context>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov a1fef92835 Replace std::shared_ptr<boost::asio::ip::tcp::acceptor> with Shared<boost::asio::ip::tcp::acceptor>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov 26ce2cfb73 Replace std::shared_ptr<AsioTcpStream> with Shared<AsioTcpStream>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov a1683568a1 Replace std::shared_ptr<AsioTlsStream> with Shared<AsioTlsStream>::Ptr 2019-10-21 16:12:35 +02:00
Alexander A. Klimov b046ffe152 Introduce Shared<T> 2019-10-21 11:07:42 +02:00
Michael Friedrich 3e6fc9bfa1
Merge pull request #7457 from Icinga/feature/config-parser-malloc 
Config parser: save some memory allocations
 2019-10-17 17:19:30 +02:00
Alexander A. Klimov e4bdcedbca MacroProcessor::ResolveArguments(): skip null argument values 
refs #7558
 2019-10-08 17:06:06 +02:00
Michael Friedrich e7c07062f8 Avoid syncing .authorititative marker received from < 2.11 parent nodes 2019-10-02 10:49:02 +02:00
Alexander A. Klimov eacdb3dac7 DaemonUtility#ValidateConfigFiles(): re-try unknown zones once they may have become known 
refs #7530
 2019-09-30 10:26:13 +02:00
Alexander A. Klimov 672f497c3a Config lexer: complain on EOF in heredocs, i.e. {{{abc<EOF> 2019-09-26 13:10:19 +02:00
Michael Friedrich f0fcfdf910
Merge pull request #7538 from Icinga/bugfix/dependency-ignore_on_error-7536 
Dependency#OnAllConfigLoaded(): don't link *this with the child if *this is going to be dropped
 2019-09-25 12:12:22 +02:00
Michael Friedrich 4e23f954fa
Merge pull request #7529 from Icinga/bugfix/activestageoverride-7521 
WarnOnImplicitlySetGlobalVar(): warn only on sins inside actual DSL code
 2019-09-25 12:11:26 +02:00
Alexander A. Klimov 7668314b4a Dependency#OnAllConfigLoaded(): don't link *this with the child if *this is going to be dropped 
refs #7536
 2019-09-25 11:30:50 +02:00
Alexander A. Klimov b8d495ae07 Introduce Checkable#next_update 2019-09-25 10:44:49 +02:00
Chris Boot aece8d61e2 Introduce 'activate' parameter to config stage handling 
This functionality allows a stage to be uploaded and validated as
normal, but not activated. This is useful to pre-flight an Icinga config
package before it is applied to a monitoring cluster, for example in a
CI pipeline.
 2019-09-24 17:17:19 +01:00
Alexander A. Klimov b4e3736e31 WarnOnImplicitlySetGlobalVar(): warn only on sins inside actual DSL code 2019-09-23 15:09:57 +02:00
Michael Friedrich f419efd778 API: Handle permission exceptions soon enough, returning 404 
fixes #7513
 2019-09-23 09:48:50 +02:00
Michael Friedrich 617f1d1333 Improve error message for command endpoint checkable's requiring a zone 
fixes #7514
 2019-09-23 09:41:08 +02:00
Michael Friedrich eddb40a913 CSR Auto-signing: Add debug logging for skipped signing 2019-09-18 11:53:58 +02:00
Michael Friedrich d3eb62301e API: Add AES128-GCM-SHA256 compatible cipher for el6 
fixes #7501
 2019-09-16 14:19:22 +02:00
Michael Friedrich 9ec246a2f4 Revert: Always reset Boost beast buffer in HttpServerConnection#ProcessMessages #7476 
Not a simple revert but also adds a comment for the buffer.

refs #7476
 2019-09-12 17:00:17 +02:00
Michael Friedrich 2c0e0da2d9 Introduce IoEngine::SpawnCoroutine wrapping asio::spawn and Boost exceptions 
This is required to

- catch all exceptions and wrap them into Boost exceptions. They
are the only ones allowed with Boost.Coroutine.
- set a dedicated coroutine stack size for Windows.

refs #7431
 2019-09-09 16:40:35 +02:00
Michael Friedrich 5fa7331cc9 Quality: Replace deprecated Boost IO service code 
https://github.com/boostorg/asio/issues/110
https://www.boost.org/doc/libs/1_66_0/doc/html/boost_asio/example/cpp03/services/logger_service.hpp
 2019-09-09 15:27:57 +02:00
Alexander A. Klimov 0a9563b3db HttpServerConnection#ProcessMessages(): avoid I/O if shutting down 
refs #7431
 2019-09-09 13:37:44 +02:00
Alexander A. Klimov b85b8b9697 HttpServerConnection#ProcessMessages(): avoid I/O after boost::asio::error::operation_aborted 
refs #7431
 2019-09-09 13:29:47 +02:00
Alexander A. Klimov dfaeb88ac3 {HttpServer,JsonRpc}Connection#Disconnect(): cancel I/O ops ASAP 
refs #7431
 2019-09-09 13:11:51 +02:00
Michael Friedrich b3c48e7520
Merge pull request #7485 from Icinga/bugfix/api-disconnect-defer 
Avoid the Defer-Disconnect destructor pattern with Boost.Coroutines
 2019-09-09 11:41:34 +02:00
Michael Friedrich c5aa978912 Rewrite error handling in HttpServerConnection#EnsureValidHeaders() 
Throwing local exceptions unnecessarily pollutes the exception
stack with immediate unwinding. Avoid this pattern at all cost within
Boost.Coroutines. MSVC may handle exceptions differently and cause
problems with stack unwinding.

refs #7431
refs #7351
 2019-09-09 11:03:21 +02:00
Michael Friedrich 17d4d17307 Avoid the Defer-Disconnect destructor pattern with Boost.Coroutines 
Exceptions in Disconnect() might be thrown (this has been reworked
into error_code locally) which are swallowed inside the Destructor
for being dangerous. On the other hand, swallowing them may
corrupt the stack unwinding operation from the coroutine layer.

The best is to avoid Defer inside lib/remote and call Disconnect()
directly after breaking from other operations.

refs #7351
refs #7431
 2019-09-09 10:57:13 +02:00
Michael Friedrich ebb0826be0 JsonRpcConnection: Don't swallow exceptions in Boost.Coroutine 
refs #7351
 2019-09-09 09:26:12 +02:00
Michael Friedrich cdacd545c6
Merge pull request #7477 from Icinga/bugfix/api-boost-exceptions-errors 
HttpServerConnection: Prefer error codes over Boost exceptions
 2019-09-06 10:22:42 +02:00
Michael Friedrich a208f7baf0 HttpServerConnection: Prefer error codes over Boost exceptions 
When run within a coroutine, exceptions on Windows may influence
bad behaviour here. Instead, we'll check for the error code
and extract the message from memory. In contrast to exceptions
which are stored on the stack frame and then return, this costs
a little more memory but simplifies the logic.

This doesn't fix the linked issue, but is related to the analysis.

refs #7431
 2019-09-06 10:06:17 +02:00
Michael Friedrich eabba2de42 Always reset Boost beast buffer in HttpServerConnection#ProcessMessages 
refs #7431
 2019-09-06 09:31:16 +02:00
Michael Friedrich 1f50a705f9 Adjust code comment for Logger->Flush() on Windows 2019-09-06 09:24:34 +02:00
Michael Friedrich 8a07b64800
Merge pull request #7459 from Icinga/feature/expose-problem-handled-counts 
Metrics: Expose problem/handled counts for hosts/services
 2019-08-30 09:04:03 +02:00
Michael Friedrich 55d7da30ca Metrics: Expose problem/handled counts for hosts/services 
With the addition of problem/handled as checkable runtime
attributes in #7096 we should also expose them via CIB
into

- icinga check
- /v1/status/CIB
- IcingaApplication runtime macros

This originates from a request by @phil-or at the recent
Icinga meetup in Linz.
 2019-08-29 17:04:23 +02:00
Alexander A. Klimov 360cb50c9e Config parser: inline arraysep 2019-08-29 14:06:01 +02:00
Alexander A. Klimov fd88ac2f83 Config parser: introduce optional_newlines 2019-08-29 14:05:58 +02:00
Alexander A. Klimov 203482a675 Config parser: save some memory allocations 2019-08-29 10:54:54 +02:00
Michael Friedrich bea8527083
Merge pull request #7356 from Icinga/bugfix/influxdbwriter-clone 
InfluxdbWriter: clone less
 2019-08-28 09:16:19 +02:00
Michael Friedrich f62db49d3e
Merge pull request #7451 from Icinga/bugfix/update-docs 
Update docs: Fix online URL, cipher list
 2019-08-28 08:59:28 +02:00
Michael Friedrich 5ed91098d2
Merge pull request #7445 from Icinga/bugfix/ddos-reconnect-7444 
JsonRpcConnection#Disconnect(): unregister the connection ASAP
 2019-08-28 08:59:14 +02:00
Michael Friedrich 0915c84530 Update doc URL for the API info handler at /v1 2019-08-27 16:47:07 +02:00
Michael Friedrich 9932f04751 Update doc URL references for the DB IDO feature 2019-08-27 16:46:51 +02:00
Michael Friedrich b75e1585d6
Merge pull request #7449 from Icinga/feature/warn-set-global-var 
DSL: warn on x=y if x is a global variable
 2019-08-27 14:53:29 +02:00
Michael Friedrich 9d6ee44e71
Merge pull request #7346 from Icinga/feature/check-plugins-code-page-7110 
DaemonCommand#Run(): set code page to UTF-8
 2019-08-27 14:51:30 +02:00
Alexander A. Klimov 429080ee1c DSL: warn on x=y if x is a global variable 2019-08-27 13:30:02 +02:00
Alexander A. Klimov c24312b870 JsonRpcConnection#Disconnect(): unregister the connection ASAP 
refs #7444
 2019-08-23 17:14:13 +02:00
Alexander A. Klimov 28f708bb7c LegacyTimePeriod: support specifying seconds 2019-08-22 18:50:37 +02:00
Alexander A. Klimov efc7f2cf8d Correct current_concurrent_checks to actually running checks 
refs #7416
 2019-08-15 13:39:01 +02:00
Michael Friedrich c2e1d023e2
Merge pull request #7421 from Icinga/feature/threadpool-metric 
Expose metric current_pending_callbacks
 2019-08-15 10:51:31 +02:00
Michael Friedrich 2760748d78 Fix and improve logging for runtime object sync 
config::UpdateObject would create a new object, but this may
have been silently ignored with 'ignore_on_error' - downtimes, etc.
Since we cannot simply fetch the error from inside the config compiler,
we'd just check whether there's a config object created at this stage.
This happens synchronously, and once there is, log something.

The previous code always logged the creation, even if the downtime
was ignored, e.g. when the first master sent one for local host objects.

This commit also adds more details: identity, endpoint, zone to extract
the MessageOrigin details into log messages for better troubleshooting
and debugging.

refs #7198
 2019-08-15 09:29:05 +02:00
Alexander A. Klimov 448a991404 Expose metric current_pending_callbacks 2019-08-14 17:22:27 +02:00
Alexander A. Klimov a58a5feee3 Introduce ThreadPool#GetPending() 2019-08-14 17:12:59 +02:00
Michael Friedrich 43ea6fb636
Merge pull request #7419 from Icinga/bugfix/downtime-loop-activate-origin 
Fix object create/delete config object cluster loop (missing message origin)
 2019-08-14 16:29:08 +02:00
Michael Friedrich 5b36ff0787 Properly parse the Icinga version for minimum version in the 'icinga' check 
fixes #7415
 2019-08-14 13:15:05 +02:00
Michael Friedrich 96f62d2d34 Add Utility::ParseVersion() and unit tests 
This now uses a regex to extract the short version
similar to how Icinga Web 2 does it.

Additional unit tests prove the rule.
 2019-08-14 11:22:55 +02:00
Michael Friedrich 7c1f716dad Fix cookie with ActivateItems 2019-08-13 16:09:26 +02:00
Michael Friedrich c30edd0a34 Fix message origin for runtime created config object (create/delete events) 2019-08-13 15:05:47 +02:00
Michael Friedrich f9812ee1aa
Merge pull request #7404 from Icinga/bugfix/livestatus-interval 
Explicitly write the 1.x legacy attribute 'interval_length' for Livestatus
 2019-08-07 17:32:38 +02:00
Michael Friedrich d8400699f9
Merge pull request #7353 from Icinga/bugfix/influxdbwriter-skip-tags-7341 
InfluxdbWriter: skip non-resolvable tags
 2019-08-07 17:15:24 +02:00
Michael Friedrich 3f18741c41 Explicitly write the 1.x legacy attribute 'interval_length' for Livestatus 
fixes #7402
 2019-08-07 15:23:04 +02:00
Michael Friedrich 686f5d8ca7
Merge pull request #7397 from Icinga/bugfix/umbrella-logging-systemd-7394 
icinga2 daemon --close-stdio: keep console log open during first config validation
 2019-08-07 13:44:07 +02:00
Michael Friedrich 01fe243f23 Log a hint after failed config validation for systemd users 2019-08-07 12:03:17 +02:00
Michael Friedrich 59081c4f82
Merge pull request #7400 from Icinga/bugfix/cib-stats-concurrent-checks 
Fix missing stats for current_concurrent_checks via REST API
 2019-08-06 15:25:44 +02:00
Michael Friedrich 550a92f077 Fix missing stats for current_concurrent_checks via REST API 
It was added inside the 'icinga' check task, but not for the REST API.
Thanks for asking, @Thomas-Gelf
 2019-08-06 14:51:10 +02:00
Michael Friedrich 743dcad35d Improve logging for downtime/ack events (add, remove, expire) 
fixes #7374
 2019-08-06 13:28:58 +02:00
Alexander A. Klimov 6418c2ebb7 icinga2 daemon --close-stdio: keep console log open during first config validation 
refs #7394
 2019-08-05 18:30:45 +02:00
Michael Friedrich ac4f92ca69
Merge pull request #7391 from Icinga/feature/cluster-sync-avoid-non-utf-8 
Cluster sync: Only sync valid UTF8 content (text config, no binaries)
 2019-08-05 16:48:49 +02:00
Michael Friedrich 8d071c8d30 DB IDO: Fix upgrade script for 2.11.0 (drop index only if existing) 
fixes #7393
 2019-08-05 13:03:38 +02:00
Michael Friedrich c42a2583f0 Cluster sync: Only sync valid UTF8 content (text config, no binaries) 
- *.conf files are sanitized automatically.
- Other files detect sanitizing and treat that as unsupported type

refs #7382
 2019-08-02 16:06:32 +02:00
Michael Friedrich f58d1ef7f7 Revert "API: Improve error handling for 'schedule-downtime' action" 
This reverts commit 8ca38302fc.
 2019-08-01 14:03:44 +02:00
Michael Friedrich 8f3a1335dc Revert "API: Don't be so strict with the downtime start_time" 
This reverts commit 3b7cf5b9b5.
 2019-08-01 14:03:40 +02:00
Michael Friedrich ebd6735c70 TLS Ciphers: Add compatibility suites for older agents (el7) 2019-07-30 10:55:29 +02:00
Alexander A. Klimov 2acdbd81ff InfluxdbWriter: clone less 2019-07-24 10:43:45 +02:00
Alexander A. Klimov d7b1127730 InfluxdbWriter: skip non-resolvable tags 
refs #7341
 2019-07-23 18:21:38 +02:00
Michael Friedrich 0fd2fc0a4f Only include SSL_CTX_set_ecdh_auto for OpenSSL < 1.1.0 2019-07-23 17:39:02 +02:00
Michael Friedrich 647348fbca CLI: Rename client -> agent 2019-07-20 12:53:19 +02:00
Alexander A. Klimov d7e52824c8 DaemonCommand#Run(): set code page to UTF-8 
refs #7110
 2019-07-19 18:00:46 +02:00
Michael Friedrich 844e821cd1
Merge pull request #7320 from Icinga/feature/foreground-5230 
Rework reload handling on *nix
 2019-07-18 18:24:22 +02:00
Michael Friedrich f9f86e3f22
Merge pull request #7272 from Icinga/feature/notification-logging 
Improve type logging for notifications
 2019-07-17 15:16:45 +02:00
Michael Friedrich 71cf491a3b
Merge pull request #7331 from Icinga/bugfix/unit-tests-packaging-7327 
Shutdown timers cleanly on exit
 2019-07-17 15:16:04 +02:00
Alexander A. Klimov 80d976fed6 Shutdown timers cleanly on exit 
refs #7327
 2019-07-17 13:53:43 +02:00
Michael Friedrich 8098f4d54d Improve type logging for notifications 2019-07-16 13:46:16 +02:00
Alexander A. Klimov 31e5394fe9 Fix style 
refs #5230
 2019-07-16 11:45:23 +02:00
Alexander A. Klimov c385355c38 DaemonCommand: make the atomics a bit more atomic 
Just to be sure.

refs #5230
 2019-07-16 11:39:09 +02:00
Alexander A. Klimov 4ee9ac16b4 Fix missing comments 
refs #5230
 2019-07-16 11:11:10 +02:00
Alexander A. Klimov 372ecd8a72 Forward SIGUSR1 
refs #5230
 2019-07-15 18:36:34 +02:00
Alexander A. Klimov 3584ad97d8 Fix missing log messages 
refs #5230
 2019-07-15 18:29:15 +02:00
Alexander A. Klimov ac29b3b93a Adjust sd_notify() 
refs #5230
 2019-07-15 17:04:55 +02:00
Alexander A. Klimov 06b504f291 Adjust PID file management 
refs #5230
 2019-07-15 17:04:53 +02:00
Alexander A. Klimov 368ebf4fbf Catch programming errors 
refs #5230
 2019-07-15 15:24:07 +02:00
Alexander A. Klimov 37a3e7e4d5 Application::RunEventLoop(): forward restart requests to umbrella process 
refs #5230
 2019-07-15 15:23:37 +02:00
Alexander A. Klimov 249408209d Reload on SIGHUP 
refs #5230
 2019-07-15 15:23:34 +02:00
Alexander A. Klimov c303d08c24 Do the actual work in a separate process on *nix 
refs #5230
 2019-07-15 15:18:31 +02:00
Michael Friedrich f4942fd359
Merge pull request #7318 from Icinga/bugfix/tls-options 
TLS: Ensure to specify options in one place
 2019-07-15 15:08:58 +02:00
Alexander A. Klimov d6bc5a1a18 Remove old signal handlers 
refs #5230
 2019-07-15 15:06:29 +02:00
Michael Friedrich 6682a427d4 TLS: Ensure to specify options in one place 
`SetTlsProtocolminToSSLContext()` may have overridden
previous flags.

refs #7277

refs #7041
refs #7211
 2019-07-15 13:29:55 +02:00
Michael Friedrich eff6e7662c Fix style and comments 2019-07-15 09:54:35 +02:00
Diana Flach 5fbc052aba Cluster Sync: Improve log messages 2019-07-15 09:54:26 +02:00
Michael Friedrich b00e1d0c67 Config sync: Count the updates and log them 
```
[2019-07-10 12:34:27 +0200] information/ApiListener: Received configuration updates (2) from endpoint 'master1' are equal to production, not triggering reload.
```
 2019-07-15 09:54:09 +02:00
Diana Flach 87d4575af8 Cluster Sync: Ensure that files are synced everytime 2019-07-15 09:53:47 +02:00
Michael Friedrich 524e2368be Respect OpenSSL 1.1.0 vs older 2019-07-12 14:56:08 +02:00
Michael Friedrich 32d288f243 TLS: Fetch the cipher list and log them for debugging 2019-07-12 14:39:17 +02:00
Michael Friedrich 38b7f10e0e Array: Move Join into the base class, available for programmers 2019-07-12 14:36:55 +02:00
Michael Friedrich 78867313fe
Merge pull request #7310 from Icinga/bugfix/icinga-app-null 
DB IDO: Fix possible crash with program status updates before IcingaApplication is loaded
 2019-07-12 08:48:25 +02:00
Michael Friedrich e659f8d2e1 DB IDO: Fix possible crash with program status updates before IcingaApplication is loaded 2019-07-11 16:06:27 +02:00
Alexander A. Klimov b95e92ea5f Stash notifications until object authority has been updated once 
refs #7086
 2019-07-11 13:07:50 +02:00
Alexander A. Klimov 3f4cb0936c Add ApiListener::UpdatedObjectAuthority() 
refs #7086
 2019-07-11 12:58:07 +02:00
Michael Friedrich 60661eaecb
Merge pull request #7270 from Icinga/feature/notification-after-downtime-ends-5919 
Re-send suppressed notifications
 2019-07-11 10:46:59 +02:00
Michael Friedrich a3c6797310 Fix compiler warnings and style 2019-07-10 11:51:58 +02:00
Michael Friedrich 7c10b9a0d2
Merge pull request #7305 from Icinga/bugfix/internal-methods-command-cr 
Internal methods must update the 'command' key in the check result
 2019-07-10 11:04:34 +02:00
Michael Friedrich 406ecb448c Internal methods must update the 'command' key in the check result 
Currently this is `null` which isn't really correct.

As otherwise, it is tremendously hard to figure out which check
command was involved, if you're not looking at the `.check_command`
checkable object.
 2019-07-10 10:15:15 +02:00
Alexander A. Klimov ffa7b749cb Wait until the next check result if it's expected to arrive soon before re-sending a suppressed notification 
refs #5919
 2019-07-09 16:38:50 +02:00
Alexander A. Klimov ed56fa34dc Re-send suppressed notifications 
refs #5919
 2019-07-09 16:38:50 +02:00
Michael Friedrich 88e5d8c47a TimePeriod: Fully support and test "day -X" notation 
Previously no tests would have detected if this really worked or not.
 2019-07-09 16:21:07 +02:00
Michael Friedrich 0dc87668d6 Fix parsing of "day -X (last day of month)" in TimePeriod class 2019-07-09 16:16:43 +02:00
Michael Friedrich 7665143afa Tests: Rewrite TimePeriod tests using Boost::DateTime 
fixes #7257
 2019-07-09 15:34:07 +02:00
Michael Friedrich 0d25ae0e08 Quality: Prefer BOOST_{,UN}LIKELY gcc optimizer macros over our own 
Our macro collides with Boost::DateTime and the gregorian classes
and I don't see any reason why we shouldn't use Boost::Config
being already there.
 2019-07-09 13:20:53 +02:00
Diana Flach 400d58f95f
Merge pull request #7283 from Icinga/bugfix/cluster-sync-checksum-change 
Cluster: Avoid checking for checksum length with internal files in use
 2019-07-08 15:53:17 +02:00
Michael Friedrich fdaab4b420
Merge pull request #7287 from Icinga/bugfix/script-debugger-crash-7284 
Service: don't rely on the own host being already set during derivative state calculation
 2019-07-08 09:31:15 +02:00
Alexander A. Klimov 3824b03913 Service: don't rely on the own host being already set during derivative state calculation 
refs #7284
 2019-07-04 16:14:40 +02:00
Michael Friedrich 065067c8b5
Merge pull request #7281 from Icinga/bugfix/openssl-1-0-1-7280 
Use SSL_CTX_set_ecdh_auto only if available
 2019-07-04 14:27:45 +02:00
Michael Friedrich 46287c92e6 Cluster: Avoid checking for checksum length with internal files in use 
fixes #7282
 2019-07-04 13:52:31 +02:00
Alexander A. Klimov 6568017658 Use SSL_CTX_set_ecdh_auto only if available 
refs #7280
 2019-07-04 13:05:31 +02:00
Michael Friedrich 4bc02c6c2c Buildfix for Windows with non-unity builds 2019-07-03 13:23:14 +02:00
Michael Friedrich 3b7cf5b9b5 API: Don't be so strict with the downtime start_time 
There may be a slight overlap between the actual request
time and 'now'.

refs #7271
 2019-07-02 15:13:36 +02:00
Michael Friedrich f63d9cce4a
Merge pull request #7261 from Icinga/bugfix/throw-default 
Avoid "~Class() throw() = default;"
 2019-07-02 12:33:54 +02:00
Michael Friedrich 8ca38302fc API: Improve error handling for 'schedule-downtime' action 2019-07-02 11:15:43 +02:00
Diana Flach ad0ff9839d Fix Icinga when calling array.remove() 
fixes #7265
 2019-06-28 16:37:29 +02:00
Alexander A. Klimov 5b841db4a0 Avoid "~Class() throw() = default;" 2019-06-28 09:07:33 +02:00
Janne Heß 3e801fbd5a Fix Path to staged files 
The paths in the list are relative, not absolute to the stage directory.
 2019-06-26 02:04:06 +02:00
Henrik Triem a7e94aab6d
Merge pull request #7251 from Icinga/bugfix/wq-silence-exceptions 
Disable stack traces for WQ exceptions (used in config compiler)
 2019-06-24 17:34:53 +02:00
Michael Friedrich 0b85928a30
Merge pull request #6727 from Icinga/feature/cluster-config-sync-stage 
Improve cluster config sync
 2019-06-19 17:37:30 +02:00
Michael Friedrich 08a47600be Config sync: Only copy paths to prod which are actually there 
Stored files may be removed by external sources.
 2019-06-19 17:00:50 +02:00
Henrik Triem 0381be32c5
Merge pull request #7192 from Crited/bugfix/notification_whitespaceremoval 
Remove double whitespaces for notifications log message

resolves #7192
 2019-06-19 16:42:58 +02:00
Michael Friedrich db4cc13770 Config Sync: Only log config files for stage, no metadata 2019-06-19 16:09:16 +02:00
Michael Friedrich 577e42e137 Quality: Comments and logs in cluster config sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 3852c51c9f Cluster sync: Don't load/sync the .authoritative config file marker 
This would influence everything else, and it isn't needed anywhere
but the master instance (zones.d -> var-zones).
 2019-06-19 14:46:11 +02:00
Michael Friedrich 0aa6f1a3b3 Use boost::filesystem & Utility classes for file IO 2019-06-19 14:46:11 +02:00
Michael Friedrich 6add9f9ecb Avoid concurrent cluster config sync transactions 
fixes #6660
 2019-06-19 14:46:11 +02:00
Michael Friedrich af8624dcf1 Apply ReloadTimeout for 2.11 2019-06-19 14:46:11 +02:00
Michael Friedrich b3b7abdfe8 Spam the log with config file copies from stage to prod 2019-06-19 14:46:11 +02:00
Michael Friedrich 4c6150b254 Improve checksum logic and logging 2019-06-19 14:46:11 +02:00
Michael Friedrich f92f6f7f8c Improve checksum checks for each file content 2019-06-19 14:46:11 +02:00
Michael Friedrich a6ddef17d9 Enhace logging when config change yes/no will trigger further reload actions 2019-06-19 14:46:11 +02:00
Michael Friedrich c230e503e6 Fix global checksum calculation 2019-06-19 14:46:11 +02:00
Michael Friedrich 7a02990ef8 Refactor the client sync, part II (WIP, currently checksums generate an endless loop) 2019-06-19 14:46:11 +02:00
Michael Friedrich 6105ace50f Improve variable names in ApiListener::SendConfigUpdate() 2019-06-19 14:46:11 +02:00
Michael Friedrich a4b48fc7f4 Update code docs 2019-06-19 14:46:11 +02:00
Michael Friedrich fcc1799a5d Split config file sync updates, part I 
This commit also introduces a playground for checksums,
whilst refactoring the code in large parts.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 9df389a843 Improve logging for ignored config updates where we are authoritative for (config master) 2019-06-19 14:46:11 +02:00
Michael Friedrich efc2289178 Remove duplicated validation paths in function signatures 2019-06-19 14:46:11 +02:00
Michael Friedrich 043824a6a9 Leave partial deletes as is, this is dealt with stage purge later 2019-06-19 14:46:11 +02:00
Michael Friedrich b3fa51a5dc Code Documentation: Config file sync 
Adds headers to all functions including parameters. This unveils
certain unused ones too.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 604a8a041d Update log message and implement recursive diff delete 2019-06-19 14:46:11 +02:00
Michael Friedrich 2acf3a6941 Indicate a warning in the 'icinga' check when cluster stage validation failed 
- success: clear the last failed attribute
- failed: populate it with the output and current timestamp

This can be used to highlight this in the 'icinga' check task.
Since 2.9 we don't have problems with circular library dependencies
with just one linked binary, therefore it is safe to include libremote
in libmethods here.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 46cb806b3f Add a note for config updates V1 and V2 
Old clients sync !.conf via update_v2 message, we cannot
remove this handling for the time being.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 83c11962b2 Only remove directories if they exist during sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 4e9439f2d8 Ensure that config master zones.d -> var-api-zones sync removes deleted files 2019-06-19 14:46:11 +02:00
Michael Friedrich 9d53db1401 Purge stage and production directories before copying files 
The cluster-message -> production diff is still intact, we're
just taking care of unwanted/deleted files here.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 86108e6a1e Improve logging and code quality 2019-06-19 14:46:11 +02:00
Michael Friedrich fb367e12cc Store the last failed zone stage sync validation as runtime ApiListener attribute 2019-06-19 14:46:11 +02:00
Michael Friedrich a91bbe8acd Fix constant value for zone var override 2019-06-19 14:46:11 +02:00
Michael Friedrich e3e68caaa3 Inherit parent process arguments for defined path constants 2019-06-19 14:46:11 +02:00
Michael Friedrich e545884952 Improve logging for staged config sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 1853254201 Pass the zonesVar override around 2019-06-19 14:46:11 +02:00
Michael Friedrich 2ed56b50a4 Ensure directory paths are created from stage -> prod 2019-06-19 14:46:11 +02:00
Michael Friedrich c2d7063ae7 Better signal for checking the cluster config sync stage (ignore production) 2019-06-19 14:46:11 +02:00
Michael Friedrich 506eee2f7d Fix crash 2019-06-19 14:46:11 +02:00
Michael Friedrich 2c39d69428 Implement first draft for cluster config staged sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 3d363854e2 Disable stack traces for WQ exceptions (used in config compiler) 
The ConfigItem class collects exceptions and reports them.
In contrast to our other DiagnosticInformation() calls,
verbosity is enabled any time.

This patch allows to re-enable the verbose output including
the stack traces, but disables this by default.
 2019-06-19 14:26:34 +02:00
Michael Friedrich 9c92368774 SSL Context: Explicitly load ECC ciphers on el7 
Otherwise curl/nss as client won't be able to use the
new default cipher list.

fixes #7247
 2019-06-18 14:58:19 +02:00
Alexander A. Klimov 42a33cdc7d Fix build errors with Boost v1.70 
refs #7237
 2019-06-07 16:30:34 +02:00
Michael Friedrich 65c8d43157 Add function docs for CA CLI commands 2019-06-07 10:33:55 +02:00
Michael Friedrich b32d818d1b CLI: Allow to list removed CSRs with 'ca list' 2019-06-07 10:33:55 +02:00
Michael Friedrich a35828a6ff CLI: Update ca remove/restore commands from my review 2019-06-07 10:33:55 +02:00
Andrew Jaffie d95feb4950 Log messages now use CN, file permissions fixed, ca remove now will not remove CSR's that have already been signed. 2019-06-07 10:33:55 +02:00
Andrew Jaffie 6aa2e0c36b Added ca restore command+docs to undo effects of ca remove 2019-06-07 10:33:55 +02:00
Andrew Jaffie 429f1ed317 Ignore repeated requests from client after using ca remove command 2019-06-07 10:33:55 +02:00
Andrew Jaffie a970f7dcf9 Implemented cli command + documentation. 2019-06-07 10:33:55 +02:00
Alexander A. Klimov ffd736f56f LegacyTimePeriod::ProcessTimeRangeRaw(): support ranges across midnight 
refs #5261
 2019-06-06 13:11:34 +02:00
Michael Friedrich 9522a2e06f
Merge pull request #7218 from Icinga/feature/api-host-downtime-all-services 
API Actions: Add downtime for all host services (child objects)
 2019-06-06 12:53:42 +02:00
Michael Friedrich f6fc81c6c3 Combine all_services with child_options for schedule-downtime API action 2019-06-06 11:37:22 +02:00
Michael Friedrich e7c4253fa3 REST API: Allow to schedule downtimes for all services for one or more matching hosts 2019-06-06 11:37:22 +02:00
Michael Friedrich f9a02fb813
Merge pull request #7208 from Icinga/bugfix/waiting-for-running-checks-6841 
Actually wait for running checks
 2019-06-06 11:16:34 +02:00
Michael Friedrich 6a8823f879 Avoid concurrent cluster config sync transactions 
fixes #6660
 2019-06-05 15:23:28 +02:00
Michael Friedrich ef72cd4442
Merge pull request #7220 from Icinga/bugfix/asio-error-handling 
Improve error handling with network connections (Boost ASIO)
 2019-06-05 14:43:31 +02:00
Michael Friedrich 18211ddd23
Merge pull request #7209 from Icinga/bugfix/immediately-close-sockets 
Close server connections and shutdown coroutines immediately on disconnect
 2019-06-05 14:40:24 +02:00
Alexander A. Klimov ad28380884 Close server connections and shutdown coroutines immediately on disconnect 2019-06-05 10:42:03 +02:00
Michael Friedrich fd9887c5af API: Harden default cipher list 
According to https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/
 2019-06-05 09:55:43 +02:00
Michael Friedrich 3798089642 Improve error handling with network connections (Boost ASIO) 
refs #7041
 2019-06-05 09:42:51 +02:00
Michael Friedrich 146b337d4d
Merge pull request #7211 from Icinga/feature/asio-tls-version 
Require TLS 1.2 for Cluster & REST API
 2019-06-03 16:19:22 +02:00
Michael Friedrich d82c067555 Require TLS 1.2 for Cluster & REST API 
refs #7041
 2019-05-29 17:08:36 +02:00
Michael Friedrich 438da67209
Merge pull request #7210 from Icinga/bugfix/boost-asio-deprecated 
Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO
 2019-05-29 15:40:19 +02:00
Michael Friedrich 99bb7fa99c
Merge pull request #7196 from Icinga/feature/network-cleanup 
Cleanup old code (HTTP, Cluster)
 2019-05-29 14:50:40 +02:00
Michael Friedrich 59b95ed1f0 Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO 
refs #7041
 2019-05-29 14:36:10 +02:00
Michael Friedrich f5bc9b469c Quality: Mark NetworkStream, TcpSocket & UnixSocket classes as deprecated 
They're used inside the Livestatus feature which needs rework.
 2019-05-29 14:17:36 +02:00
Alexander A. Klimov 705ab87b60 Actually wait for running checks 
refs #6841
 2019-05-29 10:33:29 +02:00
Michael Friedrich 120aba3919 Quality: Removed unused HttpChunkedEncoding class 2019-05-28 13:46:19 +02:00
Michael Friedrich ba44c3921c Quality: Remove old MakeSSLContext() interface 2019-05-28 13:03:34 +02:00
Michael Friedrich e72721b62f CLI: Remove broken troubleshoot command 
It wasn't finished nor have we used it for support questions.

Issue templates, troubleshooting docs and external scripts
serve a better purpose here, especially with distributed systems.
 2019-05-28 12:31:38 +02:00
Michael Friedrich efd4e8ad40 Quality: Use Boost ASIO/IO engine in Graphite feature 
This commit changes the reconnect priority to high.

Also add function docs.
 2019-05-27 16:49:51 +02:00
Michael Friedrich 0466316019 Quality: Rewrite OpenTSDB to use Boost ASIO and I/O engine 
The connection handling and code isn't really good, but not
really actively maintained either.

Besides that, the "telnet" method doesn't allow for TLS,
this needs a general rewrite against their HTTP API.

I've also added function documentation where applicable.
 2019-05-27 15:09:26 +02:00
Michael Insel a6a0631e99 Unify copyright headers 
Update (left over) copyright headers to generic copyright headers.
 2019-05-24 16:25:32 +02:00