tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,176 Commits 347 Branches 120 Tags 194 MiB
Commit Graph

4855 Commits

Author SHA1 Message Date
Diana Flach 87d4575af8 Cluster Sync: Ensure that files are synced everytime 2019-07-15 09:53:47 +02:00
Michael Friedrich 524e2368be Respect OpenSSL 1.1.0 vs older 2019-07-12 14:56:08 +02:00
Michael Friedrich 32d288f243 TLS: Fetch the cipher list and log them for debugging 2019-07-12 14:39:17 +02:00
Michael Friedrich 38b7f10e0e Array: Move Join into the base class, available for programmers 2019-07-12 14:36:55 +02:00
Michael Friedrich 78867313fe
Merge pull request #7310 from Icinga/bugfix/icinga-app-null 
DB IDO: Fix possible crash with program status updates before IcingaApplication is loaded
 2019-07-12 08:48:25 +02:00
Michael Friedrich e659f8d2e1 DB IDO: Fix possible crash with program status updates before IcingaApplication is loaded 2019-07-11 16:06:27 +02:00
Alexander A. Klimov b95e92ea5f Stash notifications until object authority has been updated once 
refs #7086
 2019-07-11 13:07:50 +02:00
Alexander A. Klimov 3f4cb0936c Add ApiListener::UpdatedObjectAuthority() 
refs #7086
 2019-07-11 12:58:07 +02:00
Michael Friedrich 60661eaecb
Merge pull request #7270 from Icinga/feature/notification-after-downtime-ends-5919 
Re-send suppressed notifications
 2019-07-11 10:46:59 +02:00
Michael Friedrich a3c6797310 Fix compiler warnings and style 2019-07-10 11:51:58 +02:00
Michael Friedrich 7c10b9a0d2
Merge pull request #7305 from Icinga/bugfix/internal-methods-command-cr 
Internal methods must update the 'command' key in the check result
 2019-07-10 11:04:34 +02:00
Michael Friedrich 406ecb448c Internal methods must update the 'command' key in the check result 
Currently this is `null` which isn't really correct.

As otherwise, it is tremendously hard to figure out which check
command was involved, if you're not looking at the `.check_command`
checkable object.
 2019-07-10 10:15:15 +02:00
Alexander A. Klimov ffa7b749cb Wait until the next check result if it's expected to arrive soon before re-sending a suppressed notification 
refs #5919
 2019-07-09 16:38:50 +02:00
Alexander A. Klimov ed56fa34dc Re-send suppressed notifications 
refs #5919
 2019-07-09 16:38:50 +02:00
Michael Friedrich 88e5d8c47a TimePeriod: Fully support and test "day -X" notation 
Previously no tests would have detected if this really worked or not.
 2019-07-09 16:21:07 +02:00
Michael Friedrich 0dc87668d6 Fix parsing of "day -X (last day of month)" in TimePeriod class 2019-07-09 16:16:43 +02:00
Michael Friedrich 7665143afa Tests: Rewrite TimePeriod tests using Boost::DateTime 
fixes #7257
 2019-07-09 15:34:07 +02:00
Michael Friedrich 0d25ae0e08 Quality: Prefer BOOST_{,UN}LIKELY gcc optimizer macros over our own 
Our macro collides with Boost::DateTime and the gregorian classes
and I don't see any reason why we shouldn't use Boost::Config
being already there.
 2019-07-09 13:20:53 +02:00
Diana Flach 400d58f95f
Merge pull request #7283 from Icinga/bugfix/cluster-sync-checksum-change 
Cluster: Avoid checking for checksum length with internal files in use
 2019-07-08 15:53:17 +02:00
Michael Friedrich fdaab4b420
Merge pull request #7287 from Icinga/bugfix/script-debugger-crash-7284 
Service: don't rely on the own host being already set during derivative state calculation
 2019-07-08 09:31:15 +02:00
Alexander A. Klimov 3824b03913 Service: don't rely on the own host being already set during derivative state calculation 
refs #7284
 2019-07-04 16:14:40 +02:00
Michael Friedrich 065067c8b5
Merge pull request #7281 from Icinga/bugfix/openssl-1-0-1-7280 
Use SSL_CTX_set_ecdh_auto only if available
 2019-07-04 14:27:45 +02:00
Michael Friedrich 46287c92e6 Cluster: Avoid checking for checksum length with internal files in use 
fixes #7282
 2019-07-04 13:52:31 +02:00
Alexander A. Klimov 6568017658 Use SSL_CTX_set_ecdh_auto only if available 
refs #7280
 2019-07-04 13:05:31 +02:00
Michael Friedrich 4bc02c6c2c Buildfix for Windows with non-unity builds 2019-07-03 13:23:14 +02:00
Michael Friedrich 3b7cf5b9b5 API: Don't be so strict with the downtime start_time 
There may be a slight overlap between the actual request
time and 'now'.

refs #7271
 2019-07-02 15:13:36 +02:00
Michael Friedrich f63d9cce4a
Merge pull request #7261 from Icinga/bugfix/throw-default 
Avoid "~Class() throw() = default;"
 2019-07-02 12:33:54 +02:00
Michael Friedrich 8ca38302fc API: Improve error handling for 'schedule-downtime' action 2019-07-02 11:15:43 +02:00
Diana Flach ad0ff9839d Fix Icinga when calling array.remove() 
fixes #7265
 2019-06-28 16:37:29 +02:00
Alexander A. Klimov 5b841db4a0 Avoid "~Class() throw() = default;" 2019-06-28 09:07:33 +02:00
Janne Heß 3e801fbd5a Fix Path to staged files 
The paths in the list are relative, not absolute to the stage directory.
 2019-06-26 02:04:06 +02:00
Henrik Triem a7e94aab6d
Merge pull request #7251 from Icinga/bugfix/wq-silence-exceptions 
Disable stack traces for WQ exceptions (used in config compiler)
 2019-06-24 17:34:53 +02:00
Michael Friedrich 0b85928a30
Merge pull request #6727 from Icinga/feature/cluster-config-sync-stage 
Improve cluster config sync
 2019-06-19 17:37:30 +02:00
Michael Friedrich 08a47600be Config sync: Only copy paths to prod which are actually there 
Stored files may be removed by external sources.
 2019-06-19 17:00:50 +02:00
Henrik Triem 0381be32c5
Merge pull request #7192 from Crited/bugfix/notification_whitespaceremoval 
Remove double whitespaces for notifications log message

resolves #7192
 2019-06-19 16:42:58 +02:00
Michael Friedrich db4cc13770 Config Sync: Only log config files for stage, no metadata 2019-06-19 16:09:16 +02:00
Michael Friedrich 577e42e137 Quality: Comments and logs in cluster config sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 3852c51c9f Cluster sync: Don't load/sync the .authoritative config file marker 
This would influence everything else, and it isn't needed anywhere
but the master instance (zones.d -> var-zones).
 2019-06-19 14:46:11 +02:00
Michael Friedrich 0aa6f1a3b3 Use boost::filesystem & Utility classes for file IO 2019-06-19 14:46:11 +02:00
Michael Friedrich 6add9f9ecb Avoid concurrent cluster config sync transactions 
fixes #6660
 2019-06-19 14:46:11 +02:00
Michael Friedrich af8624dcf1 Apply ReloadTimeout for 2.11 2019-06-19 14:46:11 +02:00
Michael Friedrich b3b7abdfe8 Spam the log with config file copies from stage to prod 2019-06-19 14:46:11 +02:00
Michael Friedrich 4c6150b254 Improve checksum logic and logging 2019-06-19 14:46:11 +02:00
Michael Friedrich f92f6f7f8c Improve checksum checks for each file content 2019-06-19 14:46:11 +02:00
Michael Friedrich a6ddef17d9 Enhace logging when config change yes/no will trigger further reload actions 2019-06-19 14:46:11 +02:00
Michael Friedrich c230e503e6 Fix global checksum calculation 2019-06-19 14:46:11 +02:00
Michael Friedrich 7a02990ef8 Refactor the client sync, part II (WIP, currently checksums generate an endless loop) 2019-06-19 14:46:11 +02:00
Michael Friedrich 6105ace50f Improve variable names in ApiListener::SendConfigUpdate() 2019-06-19 14:46:11 +02:00
Michael Friedrich a4b48fc7f4 Update code docs 2019-06-19 14:46:11 +02:00
Michael Friedrich fcc1799a5d Split config file sync updates, part I 
This commit also introduces a playground for checksums,
whilst refactoring the code in large parts.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 9df389a843 Improve logging for ignored config updates where we are authoritative for (config master) 2019-06-19 14:46:11 +02:00
Michael Friedrich efc2289178 Remove duplicated validation paths in function signatures 2019-06-19 14:46:11 +02:00
Michael Friedrich 043824a6a9 Leave partial deletes as is, this is dealt with stage purge later 2019-06-19 14:46:11 +02:00
Michael Friedrich b3fa51a5dc Code Documentation: Config file sync 
Adds headers to all functions including parameters. This unveils
certain unused ones too.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 604a8a041d Update log message and implement recursive diff delete 2019-06-19 14:46:11 +02:00
Michael Friedrich 2acf3a6941 Indicate a warning in the 'icinga' check when cluster stage validation failed 
- success: clear the last failed attribute
- failed: populate it with the output and current timestamp

This can be used to highlight this in the 'icinga' check task.
Since 2.9 we don't have problems with circular library dependencies
with just one linked binary, therefore it is safe to include libremote
in libmethods here.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 46cb806b3f Add a note for config updates V1 and V2 
Old clients sync !.conf via update_v2 message, we cannot
remove this handling for the time being.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 83c11962b2 Only remove directories if they exist during sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 4e9439f2d8 Ensure that config master zones.d -> var-api-zones sync removes deleted files 2019-06-19 14:46:11 +02:00
Michael Friedrich 9d53db1401 Purge stage and production directories before copying files 
The cluster-message -> production diff is still intact, we're
just taking care of unwanted/deleted files here.
 2019-06-19 14:46:11 +02:00
Michael Friedrich 86108e6a1e Improve logging and code quality 2019-06-19 14:46:11 +02:00
Michael Friedrich fb367e12cc Store the last failed zone stage sync validation as runtime ApiListener attribute 2019-06-19 14:46:11 +02:00
Michael Friedrich a91bbe8acd Fix constant value for zone var override 2019-06-19 14:46:11 +02:00
Michael Friedrich e3e68caaa3 Inherit parent process arguments for defined path constants 2019-06-19 14:46:11 +02:00
Michael Friedrich e545884952 Improve logging for staged config sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 1853254201 Pass the zonesVar override around 2019-06-19 14:46:11 +02:00
Michael Friedrich 2ed56b50a4 Ensure directory paths are created from stage -> prod 2019-06-19 14:46:11 +02:00
Michael Friedrich c2d7063ae7 Better signal for checking the cluster config sync stage (ignore production) 2019-06-19 14:46:11 +02:00
Michael Friedrich 506eee2f7d Fix crash 2019-06-19 14:46:11 +02:00
Michael Friedrich 2c39d69428 Implement first draft for cluster config staged sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 3d363854e2 Disable stack traces for WQ exceptions (used in config compiler) 
The ConfigItem class collects exceptions and reports them.
In contrast to our other DiagnosticInformation() calls,
verbosity is enabled any time.

This patch allows to re-enable the verbose output including
the stack traces, but disables this by default.
 2019-06-19 14:26:34 +02:00
Michael Friedrich 9c92368774 SSL Context: Explicitly load ECC ciphers on el7 
Otherwise curl/nss as client won't be able to use the
new default cipher list.

fixes #7247
 2019-06-18 14:58:19 +02:00
Alexander A. Klimov 42a33cdc7d Fix build errors with Boost v1.70 
refs #7237
 2019-06-07 16:30:34 +02:00
Michael Friedrich 65c8d43157 Add function docs for CA CLI commands 2019-06-07 10:33:55 +02:00
Michael Friedrich b32d818d1b CLI: Allow to list removed CSRs with 'ca list' 2019-06-07 10:33:55 +02:00
Michael Friedrich a35828a6ff CLI: Update ca remove/restore commands from my review 2019-06-07 10:33:55 +02:00
Andrew Jaffie d95feb4950 Log messages now use CN, file permissions fixed, ca remove now will not remove CSR's that have already been signed. 2019-06-07 10:33:55 +02:00
Andrew Jaffie 6aa2e0c36b Added ca restore command+docs to undo effects of ca remove 2019-06-07 10:33:55 +02:00
Andrew Jaffie 429f1ed317 Ignore repeated requests from client after using ca remove command 2019-06-07 10:33:55 +02:00
Andrew Jaffie a970f7dcf9 Implemented cli command + documentation. 2019-06-07 10:33:55 +02:00
Alexander A. Klimov ffd736f56f LegacyTimePeriod::ProcessTimeRangeRaw(): support ranges across midnight 
refs #5261
 2019-06-06 13:11:34 +02:00
Michael Friedrich 9522a2e06f
Merge pull request #7218 from Icinga/feature/api-host-downtime-all-services 
API Actions: Add downtime for all host services (child objects)
 2019-06-06 12:53:42 +02:00
Michael Friedrich f6fc81c6c3 Combine all_services with child_options for schedule-downtime API action 2019-06-06 11:37:22 +02:00
Michael Friedrich e7c4253fa3 REST API: Allow to schedule downtimes for all services for one or more matching hosts 2019-06-06 11:37:22 +02:00
Michael Friedrich f9a02fb813
Merge pull request #7208 from Icinga/bugfix/waiting-for-running-checks-6841 
Actually wait for running checks
 2019-06-06 11:16:34 +02:00
Michael Friedrich 6a8823f879 Avoid concurrent cluster config sync transactions 
fixes #6660
 2019-06-05 15:23:28 +02:00
Michael Friedrich ef72cd4442
Merge pull request #7220 from Icinga/bugfix/asio-error-handling 
Improve error handling with network connections (Boost ASIO)
 2019-06-05 14:43:31 +02:00
Michael Friedrich 18211ddd23
Merge pull request #7209 from Icinga/bugfix/immediately-close-sockets 
Close server connections and shutdown coroutines immediately on disconnect
 2019-06-05 14:40:24 +02:00
Alexander A. Klimov ad28380884 Close server connections and shutdown coroutines immediately on disconnect 2019-06-05 10:42:03 +02:00
Michael Friedrich fd9887c5af API: Harden default cipher list 
According to https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/
 2019-06-05 09:55:43 +02:00
Michael Friedrich 3798089642 Improve error handling with network connections (Boost ASIO) 
refs #7041
 2019-06-05 09:42:51 +02:00
Michael Friedrich 146b337d4d
Merge pull request #7211 from Icinga/feature/asio-tls-version 
Require TLS 1.2 for Cluster & REST API
 2019-06-03 16:19:22 +02:00
Michael Friedrich d82c067555 Require TLS 1.2 for Cluster & REST API 
refs #7041
 2019-05-29 17:08:36 +02:00
Michael Friedrich 438da67209
Merge pull request #7210 from Icinga/bugfix/boost-asio-deprecated 
Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO
 2019-05-29 15:40:19 +02:00
Michael Friedrich 99bb7fa99c
Merge pull request #7196 from Icinga/feature/network-cleanup 
Cleanup old code (HTTP, Cluster)
 2019-05-29 14:50:40 +02:00
Michael Friedrich 59b95ed1f0 Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO 
refs #7041
 2019-05-29 14:36:10 +02:00
Michael Friedrich f5bc9b469c Quality: Mark NetworkStream, TcpSocket & UnixSocket classes as deprecated 
They're used inside the Livestatus feature which needs rework.
 2019-05-29 14:17:36 +02:00
Alexander A. Klimov 705ab87b60 Actually wait for running checks 
refs #6841
 2019-05-29 10:33:29 +02:00
Michael Friedrich 120aba3919 Quality: Removed unused HttpChunkedEncoding class 2019-05-28 13:46:19 +02:00
Michael Friedrich ba44c3921c Quality: Remove old MakeSSLContext() interface 2019-05-28 13:03:34 +02:00