Commit Graph

6015 Commits

Author SHA1 Message Date
Yonas Habteab 361807f7a9
Adjust incosistent pki log messages (#8965) 2021-11-22 16:06:55 +01:00
Julian Brost d09925189a
Merge pull request #9037 from Icinga/Al2Klimov-patch-4
InfluxdbCommonWriter#Flush(): fix log message
2021-11-19 17:09:05 +01:00
Julian Brost 2ad0a4b8c3 Add missing include to fix non-unity builds
This commit fixes the following build error:

    [ 55%] Building CXX object lib/icinga/CMakeFiles/icinga.dir/usergroup.cpp.o
    lib/icinga/usergroup.cpp:79:24: error: incomplete type ‘icinga::Notification’ used in nested name specifier
       79 | std::set<Notification::Ptr> UserGroup::GetNotifications() const
          |                        ^~~
2021-11-17 16:11:15 +01:00
Julian Brost a740b1d66c LegacyTimePeriod::ScriptFunc: fix DST edge-cases
This change fixes two problems:
* The internal functions used by ScriptFunc more or less expect to operate on
  full days, but ScriptFunc may have called them with some random timestamp
  during the day. This is fixed by always using midnight of the day as
  reference time.
* Previously, the code advanced a timestamp to the next day by adding 24 hours.
  On days with DST changes, this could either still be on the same day (a day
  may have 25 hours) or skip an entire day (a day may have 23 hours). This is
  fixed by using a struct tm to advance the time to the next day.
2021-11-17 13:09:10 +01:00
Noah Hilverling 4d3b1709fd
Merge pull request #9009 from Icinga/bugfix/icingadb-runtime-updates-delete-relationships
Icinga DB: Make sure object relationships are handled correctly during runtime updates
2021-11-12 17:52:59 +01:00
Julian Brost b9e6273ba0 Icinga DB: only log queries at debug level 2021-11-12 15:41:17 +01:00
Noah Hilverling 7a0796061a IcingaDB::AddObjectDataToRuntimeUpdates(): Copy data before modifying 2021-11-12 13:34:57 +01:00
Noah Hilverling 10bde2075a Dictionary: Make sure underlaying map is ordered 2021-11-12 13:34:57 +01:00
Noah Hilverling 73e0d6e61b Icinga DB: Make sure object relationships are handled correctly 2021-11-12 13:34:57 +01:00
Noah Hilverling 4e79eb080c
Merge pull request #9058 from Icinga/bugfix/icingadb-prefix-command_id
IcingaDB: Prefix command_id with command type
2021-11-11 11:50:26 +01:00
Noah Hilverling c1098bef35
Merge pull request #9061 from Icinga/add-downtime-duration-and-service-state-host-id-streams
Icinga DB: Add `downtime.duration` & `service_state.host_id` to Redis
2021-11-11 10:19:47 +01:00
Noah Hilverling a9c2304c61 IcingaDB: Prefix command_id with command type 2021-11-09 12:26:30 +01:00
Eric Lippmann 35053ac1dd Icinga DB: Sync groups earlier
Host and service groups are structural information that are used
for Web filters and should therefore be synchronized as soon as
possible.
2021-11-09 11:17:01 +01:00
Alexander A. Klimov 07c8440fd2 Icinga DB: sync checkables along with their states first
`WorkQueue#ParallelFor(x, false, y)` will enqueue x's items in FIFO order,
so x has to start with host and service.
2021-11-09 11:17:01 +01:00
Yonas Habteab fe5aa1e18d Icinga DB: Add `service_state.host_id` to Redis 2021-11-09 11:08:22 +01:00
Yonas Habteab 5dc45baebb Icinga DB: Add `downtime.duration` & `scheduled_duration` to Redis 2021-11-09 11:08:22 +01:00
Julian Brost 848f1ae167
Merge pull request #8998 from Icinga/bugfix/icingadb-program-start-milliseconds
Icinga DB: set value in milliseconds for program_start in stats/heartbeat
2021-11-08 18:18:19 +01:00
Julian Brost 524fe92a1d
Merge pull request #9028 from Icinga/bugfix/icingadb-zone-parent
IcingaDB: actually write parent to parent_id of zones
2021-11-08 18:08:48 +01:00
Julian Brost e46d83b6be Icinga DB: set value in milliseconds for program_start in stats/heartbeat 2021-11-08 14:37:08 +01:00
Noah Hilverling 0b9317a5bf IcingaDB: Remove GetObjectIdentifiersWithoutEnv()
Having the command type be a part of the command ID isn't needed anywhere. Removing this simplifies the way we generate IDs in general, because we don't need Prepend() anymore.

The command type was only needed to prevent ID collisions within the command_envvar and command_argument tables. Those tables have since been separated into {check,event,notification}command_envvar and {check,event,notification}command_argument tables.
2021-11-05 17:01:40 +01:00
Julian Brost 3c8672b4dc Icinga DB: increase Redis schema version
PR #9036 introduces some incompatible changes to the Redis schema, most
importantly where Icinga DB has to read the environment from: now it has to use
a new top-level key of the icinga:stats message instead of a value in the
IcingaApplication part of that message.
2021-11-05 14:14:37 +01:00
Julian Brost 6007848146 IcingaDB: export environment_id via API
Primarily required for Icinga DB integration tests at the moment, but could
also be helpful in other situations.
2021-11-05 14:14:37 +01:00
Julian Brost 4ade4c757b IcingaDB: write new environment to icinga:stats stream 2021-11-05 14:14:37 +01:00
Julian Brost 525dd50859 IcingaDB: introduce a new environment ID derived from the CA public key
In order to avoid changes to the environment ID, it is now no longer derived
from the Environment constant but instead from the public key of the CA
certificate. This ensures that it is different between clusters by default, so
no additional changes have to be done to allow two clusters to use Icinga DB to
write into the same database.

To prevent the ID from changing when the CA certificate is replaced, it is also
persisted into the file /var/lib/icinga2/icingadb.env, so if that file exists,
it takes precedence over the CA certificate.
2021-11-05 14:14:37 +01:00
Julian Brost 6cd3a483a0 tlsutility: move hex encoding into a separate function BinaryToHex 2021-11-05 14:14:37 +01:00
Julian Brost f976e351f4
Merge pull request #9044 from Icinga/bugfix/idb-dump-buf-lost
Icinga DB init. dump: flush both buffered states and state checksums
2021-11-04 12:26:28 +01:00
Alexander A. Klimov 0ff7d0a06e Icinga DB: raise icinga:schema 1 -> 2 2021-11-02 15:00:55 +01:00
Alexander A. Klimov b1714a10c2 Icinga DB: make icinga:history:stream:*#event_id deterministic
... i.e. UUID -> SHA1(env, eventType, x...) given that SHA1(env, x...) = type-specific ID.
Rationale: allow both masters to write the same history concurrently (while not
in split-brain), so that REPLACE INTO deduplicates the same events written twice.

* ack: SHA1(env, "ack_set"|"ack_clear", checkable.name, setTime)
* comment: SHA1(env, "comment_add"|"comment_remove", comment.name)
* downtime: SHA1(env, "downtime_start"|"downtime_end", downtime.name)
* flapping: SHA1(env, "flapping_start"|"flapping_end", checkable.name, startTime)
* notification: SHA1(env, "notification", notification.name, notificationType, sendTime)
* state: SHA1(env, "state_change", checkable.name, changeTime)
2021-11-02 15:00:03 +01:00
Alexander A. Klimov 5c44365c4e Icinga DB: make icinga:history:stream:notification#id deterministic
... i.e. UUID -> SHA1(x..., send time) given that SHA1(x...) = notification id.
Rationale: allow both masters to write the same notification history concurrently (while
not in split-brain), so that REPLACE INTO deduplicates the same events written twice.
2021-11-02 15:00:03 +01:00
Alexander A. Klimov c2422c56fe Icinga DB: make icinga:history:stream:state#id deterministic
... i.e. UUID -> SHA1(x..., check time) given that SHA1(x...) = checkable id.
Rationale: allow both masters to write the same state history concurrently (while
not in split-brain), so that REPLACE INTO deduplicates the same events written twice.
2021-11-02 15:00:03 +01:00
Alexander Aleksandrovič Klimov f5f8ccb1f4
Merge pull request #9020 from Icinga/feature/icingaeb-schema-version
Icinga DB: publish Redis schema version via XADD icinga:schema
2021-10-25 13:21:37 +02:00
Alexander A. Klimov d8b4768471 Icinga DB init. dump: flush both buffered states and state checksums
not to dump x states, but only x - (x % bulk) state checksums.
2021-10-21 13:49:24 +02:00
Noah Hilverling a7cbf50674
Merge pull request #9030 from Icinga/Al2Klimov-patch-1
Icinga DB: don't include checkable types in history IDs
2021-10-19 14:52:43 +02:00
Alexander A. Klimov 4b0688047e Icinga DB: stream runtime state updates only to icinga:runtime:state
... where they belong to, not to icinga:runtime.
2021-10-18 18:11:30 +02:00
Alexander Aleksandrovič Klimov 99c5c24a17
InfluxdbCommonWriter#Flush(): fix log message
s/InfluxdbWriter/Influxdb2Writer/

fixes #9035
2021-10-14 12:03:45 +02:00
Alexander Aleksandrovič Klimov e0339c387b
Icinga DB: don't include checkable types in history IDs
... as they’re unnecessary for being distinguish across types.
Services always have a ! in the name, hosts never do.
2021-10-11 16:14:30 +02:00
Alexander Aleksandrovič Klimov 30a5ba3961
Merge pull request #9002 from Icinga/feature/icingadb-remove-usernotification-stream
Icinga DB: remove usernotification history stream
2021-10-08 19:16:26 +02:00
Alexander Aleksandrovič Klimov 4190d58668
Merge pull request #9011 from Icinga/bugfix/icingadb-remove-zone-parent-key
Icinga DB: Remove unused Redis key 'icinga:zone:parent'
2021-10-08 17:19:51 +02:00
Alexander Aleksandrovič Klimov ff60c1af37
Merge pull request #8895 from Icinga/bugfix/typo-8766
Fix typo
2021-10-08 17:19:20 +02:00
Noah Hilverling 750e64b974 Icinga DB: Remove unused Redis key 'icinga:zone:parent' 2021-10-08 12:06:14 +02:00
Julian Brost df84a498f4 IcingaDB: actually write parent to parent_id of zones
This fixes that the code used the wrong variable. Previously, it was written to
Redis that each zone is its own parent (if it has a parent at all).
2021-10-08 11:15:54 +02:00
Alexander A. Klimov 3bf180a341 Fix typo
refs #8766
2021-10-08 10:27:35 +02:00
Alexander Aleksandrovič Klimov ed50a9d529
Merge pull request #9001 from Icinga/feature/icingadb-add-user-ids-to-notification-history
Icinga DB: Write IDs of notified users into notification history stream
2021-10-01 17:42:48 +02:00
Alexander Aleksandrovič Klimov 63fca8faa1
Merge pull request #9000 from haxtibal/feature/journaldlogger
JournaldLogger - log to systemd journal
2021-10-01 17:42:10 +02:00
Alexander A. Klimov 0182d793ac Icinga DB: publish Redis schema version via XADD icinga:schema
... to be able both to subscribe for its change and to just fetch it.
2021-10-01 15:58:57 +02:00
Alexander Aleksandrovič Klimov 6cf0673c11
Merge pull request #9010 from Icinga/feature/icingadb-scheduling_source
Make CheckResult#scheduling_source available to Icinga DB
2021-09-27 16:31:16 +02:00
Tobias Deiminger eb8f67335e Define SD_JOURNAL_SUPPRESS_LOCATION more locally
add_definitions would set SD_JOURNAL_SUPPRESS_LOCATION for all targets
in directory and sub-directories. However, another future target might
want the opposite, so define it as local as possible to journaldlogger.cpp.

To make this work, we must take journaldlogger.cpp out of the unity
build, because all files from a unity of share compiler definitions.
2021-09-23 16:08:39 +02:00
Tobias Deiminger 173caa42aa Add a JournaldLogger
As proposed in #8857, this adds a Logger subclass that writes structured
log messages via journald's native protocol by calling sd_journal_sendv.
The feature therefore depends on the systemd library. sd_journal_sendv is
available since the early days (systemd v38), so a version check is
probably superflous.

We add the following fields to each record:
- MESSAGE: The log message
- PRIORITY (aka severity): Numeric severity as in RFC5424 section 6.2.1
- SYSLOG_FACILITY: Numeric facility as in RFC5424 section 6.2.1
- SYSLOG_IDENTIFIER: If provided, use value from configuration.
  Else use systemd's default behaior, which is to determine the field
  by using libc's program_invocation_short_name, resulting in "icinga2".
- ICINGA2_FACILITY: Facility as in Log::Log(..., String facility, ...),
  e.g. "ApiListener"
- some more fields are added automatically by systemd

Fields are stored indexed, so we can do fast queries for certain field
values. Example:

$ journalctl -t icinga2 ICINGA2_FACILITY=ApiListener -n 5

Syslog compatiblity is ratained because good old tag, severity and facility
is stored along, and systemd can forward to syslog daemons.

See also https://systemd.io/JOURNAL_NATIVE_PROTOCOL/.
2021-09-23 16:08:11 +02:00
Alexander A. Klimov 755fc72a66 Make CheckResult#scheduling_source available to Icinga DB 2021-09-22 16:57:49 +02:00
Julian Brost 6fc15449a8
Merge pull request #8953 from Icinga/bugfix/icinga-checksum-state-growing
Icinga DB: clean up vanished objects from icinga:checksum:*:state
2021-09-17 12:04:41 +02:00
Julian Brost 130b22e939 Icinga DB: remove usernotification history stream
These will be added to the normal notification stream so there is no more need
for this extra stream.
2021-09-15 14:47:25 +02:00
Julian Brost 81e5feeb08 Icinga DB: Write IDs of notified users into notification history stream 2021-09-15 14:45:35 +02:00
Tobias Deiminger de7808e32c Make syslog facility handling reusable
The upcoming JournaldLogger will need the same syslog validation and
conversion logic, so factor it out from SyslogLogger to make it
reusable.

Also explicitely include syslog.h, which defines the syslog()
function.
2021-09-15 10:15:22 +02:00
Julian Brost bb0dcdf0b4 Prevent duplicate donwtimes when combining child_options and all_services 2021-09-03 15:44:01 +02:00
Julian Brost e556d3c489 Fix scheduling of downtimes for all services on child hosts
The loop iterated over the services of the wrong host resulting in duplicate
downtimes scheduled for services of the parent host instead of downtimes for
services of the child host.
2021-09-03 15:19:27 +02:00
Noah Hilverling 95cdc00ad4
Merge pull request from GHSA-cxfm-8j5v-5qr2
Add TLS server certificate validation to ElasticsearchWriter, GelfWriter, InfluxdbWriter and Influxdb2Writer (v2)
2021-08-19 13:52:29 +02:00
Alexander Aleksandrovič Klimov dfc633074e
Merge pull request #8966 from Icinga/feature/scheduled_by
Icinga DB: introduce icinga:history:stream:downtime#scheduled_by
2021-08-16 16:37:08 +02:00
Julian Brost cb09d6833f RedisConnection: remove now redundant setting of TLS verification parameters
This is now done in UnbufferedAsioTlsStream.
2021-08-13 17:24:24 +02:00
Julian Brost 3ab347bfd4 GelfWriter: show error message of exceptions 2021-08-13 17:24:24 +02:00
Julian Brost 8f3f692ecf InfluxdbCommonWriter: actually verify TLS server certificates
And add a new option ssl_insecure_noverify to explicitly disable it if desired.
2021-08-13 17:24:24 +02:00
Julian Brost 29e9df938c GelfWriter: actually verify TLS server certificates
And add a new option insecure_noverify to explicitly disable it if desired.
2021-08-13 17:24:24 +02:00
Julian Brost 5cada85e54 ElasticsearchWriter: actually verify TLS server certificates
And add a new option insecure_noverify to explicitly disable it if desired.
2021-08-13 17:24:24 +02:00
Julian Brost 396f003c69 Enable hostname verification in UnbufferedAsioTlsStream 2021-08-13 10:58:10 +02:00
Alexander A. Klimov 70b4558a62 Icinga DB: introduce icinga:history:stream:downtime#scheduled_by
... with the Downtime#scheduled_by attribute.
2021-08-09 20:07:38 +02:00
Alexander Aleksandrovič Klimov 852d674ec0
Merge pull request #8957 from Icinga/bugfix/apilistener-detect-ipv6-support
ApiListener: Choose bind host default based on OS IPv6 support
2021-08-09 17:32:40 +02:00
Julian Brost ec73b417f2 ApiListener: Choose bind host default based on OS IPv6 support 2021-08-06 12:19:08 +02:00
Alexander Aleksandrovič Klimov 1fbc15bebc
Provide IDO MySQL schema version fix
... for fresh 2.13 installations which didn't make use of previous schema upgrades.
2021-08-05 13:46:07 +02:00
Alexander Aleksandrovič Klimov 815533b334
Fix IDO MySQL schema version
... to match the latest upgrade script.
2021-08-05 13:17:36 +02:00
Julian Brost 782669f13b IDO PgSQL: always use regular string literals
IdoPgsqlConnection::Escape() internally uses PQescapeStringConn() and its
documentation states the following:

  Furthermore, PQescapeStringConn does not generate the single quotes that must
  surround PostgreSQL string literals; they should be provided in the SQL
  command that the result is inserted into.

So it's intended to use the result in 'string' literals, not in E'string'
literals as Icinga did. This results in problems as the behavior of
PQescapeStringConn() depends on how the current connection will interpret
regular single quoted literals, namely on the value of the
standard_conforming_strings variable.

The E'string' literals were initially introduced in
ac6f3f8acf to fix #1206 where PostgreSQL started
warning about escape sequences in string literals not supported by the SQL
standard (but by PostgreSQL depending on the value of
standard_conforming_strings). In the meantime the oldest PostgreSQL version on
any platform supported by Icinga increased to 9.2 (CentOS 7) and starting with
9.1, standard_conforming_strings is enabled by default, so there will be no
warnings about escape sequences (as the warning is only issued if the escape
sequence is actually interpreted by PostgreSQL).
2021-08-05 11:39:32 +02:00
Alexander A. Klimov e3a5d613aa Icinga DB: clean up vanished objects from icinga:checksum:*:state
... not to let it grow non-stop.
2021-08-05 11:32:47 +02:00
Alexander Aleksandrovič Klimov 3aa2289c59
Merge pull request #8946 from Icinga/bugfix/old-packages
ConfigPackageUtility::ValidatePackageName(): always tolerate already existing packages
2021-08-02 20:27:27 +02:00
Alexander A. Klimov 57df803e35 ConfigPackageUtility::ValidatePackageName(): always tolerate already existing packages
... not to require migrating invalid ones.
2021-08-02 15:40:14 +02:00
Alexander A. Klimov c1df4b70f5 ConfigPackageUtility::PackageExists(): accept invalid package names, too 2021-08-02 15:40:14 +02:00
Alexander A. Klimov c666f81361 De-couple package and stage name validation 2021-08-02 15:40:14 +02:00
Alexander Aleksandrovič Klimov 40c186515b
Merge pull request #8942 from Icinga/bugfix/idb-hashes
Icinga DB: keep state checksums consistent
2021-07-29 21:54:58 +02:00
Julian Brost 6fa44c8e4e
Merge pull request #8941 from Icinga/bugfix/icingadb-init-all-connections-before-sync
Icinga DB: ensure all connections are ready on first use
2021-07-29 17:33:29 +02:00
Alexander Aleksandrovič Klimov afca6c001e
Merge pull request #8916 from Icinga/feature/icingadb-last_comment_id
Icinga DB: introduce Checkable#last_comment_id
2021-07-29 17:29:51 +02:00
Alexander A. Klimov 8476627e91 Icinga DB: keep state checksums consistent
I.e. make hashes in hashmaps and stream the same.
2021-07-29 12:43:40 +02:00
Alexander A. Klimov 5c10fffa3b Icinga DB: introduce Checkable#last_comment_id 2021-07-29 12:22:12 +02:00
Alexander A. Klimov 173a93c487 Split IcingaDB#SendStatusUpdate(), separate stream and history 2021-07-29 12:22:12 +02:00
Alexander A. Klimov 2818245e01 Introduce Checkable#GetLastComment() 2021-07-29 12:10:42 +02:00
Alexander Aleksandrovič Klimov 5923950e61
Merge pull request #8919 from Icinga/bugfix/idb-del-state-chksm
Icinga DB: HDEL also icinga:checksum:*:state, not only icinga:*:state
2021-07-29 11:08:33 +02:00
Julian Brost 929ebd0f6c IcingaDB: start initial sync after all child connections are established
Icinga started the initial config sync right after the first Redis connection
was established. If any other connections would take longer to connect than
when it's first needed, queries were discarded.
2021-07-28 15:27:32 +02:00
Julian Brost a50120c399 IcingaDB: start parent connection after children are initialized
The loop in the connected callback of the parent connection uses m_Rcons which
previously was only initialized after that connection was already started.
2021-07-28 15:27:20 +02:00
Julian Brost f4b2bbc7af
Merge pull request #8940 from Icinga/bugfix/redisconnection-reset-callback
RedisConnection: copy callback before calling it
2021-07-28 15:19:26 +02:00
Julian Brost 9d5ae0f6fa
Merge pull request #8899 from Icinga/feature/icingadb-connect_timeout
Introduce IcingaDB#connect_timeout
2021-07-28 13:52:00 +02:00
Julian Brost cc8d3fbedd
Merge pull request #8937 from Icinga/bugfix/timeout-always-unknown
Override exit code on process timeout
2021-07-28 11:56:42 +02:00
Julian Brost 4c7199fd7d RedisConnection: copy callback before calling it
This allows the callback to call RedisConnection::SetConnectedCallback() to set
another callback for this connection. This sets m_ConnectedCallback and thereby
destroys the std::function while it's running resulting in undefined behavior.
By operating on a copy, m_ConnectedCallback can be set without affecting the
currently running callback.
2021-07-28 11:34:17 +02:00
Noah Hilverling ff2abaa687
Merge pull request #8917 from Icinga/bugfix/idb-state-del-prio
Icinga DB: HDEL from *:state with same prio as HSET
2021-07-28 11:08:10 +02:00
Alexander A. Klimov 0919df5aa1 Introduce IcingaDB#connect_timeout 2021-07-27 21:59:09 +02:00
Alexander A. Klimov 504fdda76c Introduce DEFAULT_CONNECT_TIMEOUT 2021-07-27 21:57:02 +02:00
Alexander Aleksandrovič Klimov 9169c805a8
Merge pull request #8933 from Icinga/bugfix/icinga-db-only-start-multiple-redis-connections-after-the-first-one-succeeded-8920
Icinga DB: only start multiple Redis connections after the first one succeeded
2021-07-27 21:52:21 +02:00
Alexander Aleksandrovič Klimov 4d2f694805
Merge pull request #8897 from Icinga/feature/icingadb-pass-db
RedisConnection: AUTH and SELECT
2021-07-27 21:51:46 +02:00
Alexander Aleksandrovič Klimov 2d75bbd8ed
Merge pull request #8915 from Icinga/bugfix/icingadb-prio-state
Icinga DB: priorize state > config
2021-07-27 20:22:26 +02:00
Noah Hilverling dcb5fcc7ba
Merge pull request #8923 from Icinga/bugfix/idb-del-icinga-nextupdate-
Icinga DB: DEL icinga:nextupdate:* along with the other keys to delete
2021-07-27 19:05:43 +02:00
Noah Hilverling 07cb6cd1cb
Merge pull request #8930 from Icinga/bugfix/wq-balance
WorkQueue#ParallelFor(): optionally don't pre-glue items together to chunks of different size
2021-07-27 19:05:26 +02:00
Julian Brost 42eb055c5f
Merge pull request #8921 from Icinga/bugfix/timeperiod-dst
TimePeriod/ScheduledDowntime: improve DST handling
2021-07-27 18:11:34 +02:00
Noah Hilverling 07145d2e61
Merge pull request #8913 from Icinga/feature/remove-child-downtimes
API Action "remove-downtime": Also remove child downtimes
2021-07-27 18:02:15 +02:00
Julian Brost a55939e462 Override exit code on process timeout
As Icinga first sends a SIGTERM to a check plugin on timeout to allow it to
terminate gracefully, this is not really part of the plugin API specification
and we cannot assume that plugins will handle this correctly and still exit
with an exit code that maps to UNKNOWN. Therefore, once Icinga decides to kill
a process, force its exit code to 128 to be sure the state will be UNKNOWN
after a timeout.
2021-07-27 17:57:19 +02:00
Alexander A. Klimov e45b43a4d9 Icinga DB: only start multiple Redis connections after the first one succeeded
refs #8920
2021-07-27 12:21:04 +02:00
Alexander A. Klimov e1e8ec2ea2 RedisConnection: AUTH and SELECT
... or PING to trigger NOAUTH.
2021-07-27 12:05:27 +02:00
Alexander A. Klimov fcda3a7283 Icinga DB: HDEL also icinga:checksum:*:state, not only icinga:*:state
... as they belong together.
2021-07-26 17:35:56 +02:00
Alexander A. Klimov 392fd8a75c Icinga DB: HDEL from *:state with same prio as HSET
... to ensure the right modifications order per key.
2021-07-26 17:30:38 +02:00
Alexander A. Klimov ae9b371128 Icinga DB: priorize state > config
I.e. do the following in parallel (highest priority first):

* Stream state changes to icinga:runtime:state
* Sync config and initial state,
  then let queued runtime updates to the just synced state pass
2021-07-26 16:39:18 +02:00
Alexander Aleksandrovič Klimov 9684fe8141
Merge pull request #8544 from Icinga/feature/icingadb-tls
Icinga DB: support TLS
2021-07-26 15:50:52 +02:00
Alexander A. Klimov 497a8dd993 Icinga DB: DEL icinga:nextupdate:* along with the other keys to delete
... not on config dump finish.
2021-07-26 11:44:21 +02:00
Alexander A. Klimov 8731d84299 WorkQueue#ParallelFor(): optionally don't pre-glue items together to chunks of different size
... to equally distribute the load across the workers.
2021-07-26 11:40:43 +02:00
Noah Hilverling 7217959206 API Action 'remove-downtime': Also remove child downtimes 2021-07-23 13:53:44 +02:00
Alexander A. Klimov 8a30657ce9 Icinga DB: write state updates to icinga:runtime:state
... allowing the Go daemon to priorize state updates.
2021-07-23 11:52:28 +02:00
Julian Brost 4273f30157 LegacyTimePeriod: Prevent modification of input parameters
Many functions of LegacyTimePeriod take a tm pointer as an input parameter and
then pass it to mktime() which actually modifies it. This causes problems if
tm_isdst was intentionally set to -1 (to automatically detect whether DST is
active at some time) and then a function is called that implicitly sets
tm_isdst and then the values of tm are modified in a way that crosses a DST
change. This resulted in 1 hour offsets with ScheduledDowntimes on days with
DST changes.
2021-07-22 15:17:06 +02:00
Alexander A. Klimov 37e53eaa68 Icinga DB: support TLS 2021-07-22 14:34:07 +02:00
Alexander A. Klimov 50bc7a7f3d Icinga DB: HDEL also icinga:checksum:*, not only icinga:* 2021-07-22 14:13:12 +02:00
Alexander A. Klimov 7f7637c9b8 Introduce DEFAULT_TLS_CIPHERS and DEFAULT_TLS_PROTOCOLMIN 2021-07-22 11:12:33 +02:00
Alexander A. Klimov 80a1128ec7 Introduce SetupSslContext() 2021-07-22 11:12:33 +02:00
Alexander A. Klimov fbcaf82e3e InitSslContext(): fall back to default root CAs 2021-07-22 11:12:33 +02:00
Alexander A. Klimov 2728603c29 Rename SetupSslContext() to InitSslContext() 2021-07-22 11:12:33 +02:00
Alexander Aleksandrovič Klimov 2b04e0a754
Merge pull request #8894 from Icinga/bugfix/icinga-db-redis-connection-logging-spam-8883
RedisConnection: log info messages only once
2021-07-21 18:00:24 +02:00
Alexander Aleksandrovič Klimov d073d2268e
Merge pull request #8719 from Icinga/feature/influxdb-2-8711
Introduce Influxdb2Writer
2021-07-21 17:59:58 +02:00
Alexander A. Klimov da922ca157 RedisConnection: log info messages only once
refs #8883
2021-07-20 17:52:12 +02:00
Alexander Aleksandrovič Klimov 2fbaf933bc
Merge pull request #8634 from Icinga/feature/icingadb-stats-log
RedisConnection: log actual query performance
2021-07-20 17:46:57 +02:00
Alexander A. Klimov 9d4b0f1268 Introduce Influxdb2Writer
refs #8711
2021-07-20 16:21:36 +02:00
Alexander A. Klimov d26aa9fb34 InfluxdbCommonWriter: abstract InfluxdbWriter
refs #8711
2021-07-20 16:21:36 +02:00
Michael Insel da394b2ab0
Implement scheduling_source attribute (#6326)
* Implement scheduling_source attribute

This implements the attribute `scheduling_source` for hosts and services to show which endpoint is running the scheduler for the check.

refs #4814
2021-07-20 11:10:26 +02:00
Alexander A. Klimov 67c4ebedd3 Combine all Redis connections' logs 2021-07-16 18:50:41 +02:00
Alexander A. Klimov e6a9631a02 Icinga DB: silence WorkQueue performance 2021-07-16 18:50:41 +02:00
Alexander A. Klimov 82c3827b66 RedisConnection: log actual query performance 2021-07-16 18:50:41 +02:00
Alexander Aleksandrovič Klimov 89472a9e51
Merge pull request #8425 from Icinga/bugfix/hosts-128-characters-7472
IDO MySQL: support larger host and service names
2021-07-16 18:34:29 +02:00
Alexander A. Klimov e4bfb4898d IDO MySQL: support larger host and service names
refs #7472
2021-07-15 11:16:13 +02:00
Julian Brost 9f43c143d7
Merge pull request from GHSA-98wp-jc6q-x5q5
API: hide ApiListener#ticket_salt
2021-07-15 11:13:35 +02:00
Julian Brost f17b97fd7e
Merge pull request from GHSA-wrpw-pmr8-qgj7
Remove passwords from API
2021-07-15 11:12:29 +02:00
Alexander Aleksandrovič Klimov b63eb2aa3d
Merge pull request #8855 from Icinga/bugfix/inconsistent-ido-schema-versions-8852
Fix IDO MySQL schema version (as in v2.11 upgrade)
2021-07-14 18:09:27 +02:00
Alexander Aleksandrovič Klimov bad8059969
Merge pull request #8761 from Icinga/feature/icingadb-perfdata
Icinga DB: introduce icinga:*:state#normalized_performance_data
2021-07-07 12:29:21 +02:00
Noah Hilverling ef73136076
Merge pull request #8830 from Icinga/feature/idb-passive-overdue
Icinga DB: no active checks? Not overdue!
2021-07-07 11:15:04 +02:00
Julian Brost 7d2a1bbffe
Merge pull request #8310 from Icinga/feature/scheduleddowntime-change-remove-downtimes-8309
On ScheduledDowntime change: remove downtimes created before change
2021-07-07 10:44:08 +02:00
Julian Brost 6d6844c102
Merge pull request #8874 from Icinga/bugfix/fixed-dt-end-notify
Checkable::NotifyDowntimeEnd(): don't send Downtime end notification unless triggered
2021-07-07 10:43:28 +02:00
Alexander Aleksandrovič Klimov bee83ead8b
Merge pull request #8730 from Icinga/bugfix/ido-stop-progstat-8727
IDO: update program status on stop
2021-07-06 18:07:38 +02:00
Alexander A. Klimov 43e4ab4760 Checkable::NotifyDowntimeEnd(): don't send Downtime end notification unless triggered
... for fixed Downtimes as well.
2021-07-06 12:50:44 +02:00
Alexander A. Klimov e9118d6b09 Fix IDO MySQL schema version (as in v2.11 upgrade) 2021-07-05 19:17:53 +02:00
Alexander A. Klimov 4373acf8ed Ido*sqlConnection::Reconnect(): de-couple MySQL and Postgres schema versions 2021-07-05 19:17:51 +02:00
Alexander A. Klimov 9e2f58ea9f IdoCheckTask: de-couple MySQL and Postgres schema versions 2021-07-05 19:14:07 +02:00
Alexander A. Klimov 9d1a112edf Icinga DB: introduce icinga:*:state#normalized_performance_data 2021-07-05 19:05:32 +02:00
Alexander A. Klimov ea5411a6e0 PluginUtility::FormatPerfdata(): normalize UoMs if desired 2021-07-05 19:05:32 +02:00
Julian Brost 401d3cdc9e Remove passwords from API
IdoMysqlConnection, IdoPgsqlConnection, IcingaDB, and ElasticsearchWriter
require passwords in their configuration to authenticate against external
services. This commit ensures that these can no longer be accessed using the
API.
2021-07-05 15:09:54 +02:00
Alexander Aleksandrovič Klimov b7efbd0bba
Merge pull request #8626 from Icinga/bugfix/recreate-object-invisible-ido-8584
Ido*sqlConnection#InternalDeactivateObject(): mark object inactive also in memory
2021-07-02 16:34:28 +02:00
Alexander A. Klimov 07d768f166 API: hide ApiListener#ticket_salt 2021-07-02 16:29:53 +02:00
Alexander A. Klimov 666c5818bb On ScheduledDowntime change: remove future downtimes created before change
refs #8309
2021-07-02 10:37:29 +02:00
Alexander Aleksandrovič Klimov b07d181c4a
Merge pull request #8631 from Icinga/feature/icingadb-scheduleddowntime
Icinga DB: introduce icinga:downtime#scheduled_by
2021-06-30 19:03:53 +02:00
Alexander Aleksandrovič Klimov 31f97d3e6a
Merge pull request #8828 from Icinga/bugfix/execute-command-origin-check
event::ExecuteCommand: add missing origin check
2021-06-29 18:08:07 +02:00
Alexander Aleksandrovič Klimov 692f5aa615
Merge pull request #8718 from Icinga/feature/tls-1.3
Support TLS 1.3
2021-06-29 17:52:55 +02:00
Alexander Aleksandrovič Klimov 6048d0e800
Merge pull request #8373 from Icinga/feature/improve-crashlog
Improve crashlog
2021-06-29 17:52:25 +02:00