43ba2da39c
Replace std/boost::bind() function with lambda expression
2021-03-10 16:29:40 +01:00
f60758dc7c
JsonRpcConnection: always log errors
2021-03-04 16:23:07 +01:00
1c5f69683f
l_AppVersionInt: respect versions like r2.12.0, not just v2.12.0
...
refs #8628
2021-02-25 15:31:07 +01:00
c3388e9af6
Use std::mutex, not boost::mutex
2021-02-03 09:54:57 +01:00
986bedd9a0
Merge pull request #8594 from Icinga/feature/remove-upq-from-activate-items
...
Remove upq from ConfigItem::ActivateItems
2021-01-15 12:09:57 +01:00
4063e39d5f
Merge pull request #8515 from Icinga/feature/update-ssl-context-after-accepting-new-connection-8501
...
API: Update the ssl context after each accepting incoming connection
2021-01-15 11:21:36 +01:00
d27f533e5f
ApiListener: Update the ssl cont after each accepting incoming connection
2021-01-14 18:40:20 +01:00
5efe3e662c
Merge pull request #8025 from Icinga/bugfix/downtime-for-host-service-with-long-name-8022
...
ConfigObjectUtility::GetObjectConfigPath(): hash names of not already existing objects
2021-01-14 10:42:04 +01:00
db30704d14
Merge pull request #8532 from Icinga/bugfix/do-not-override-error-codes-that-are-not-200
...
HTTP: Do not override status codes that are not 200
2021-01-14 09:34:04 +01:00
066db5ef60
HTTP: Don't override status codes that are not OK
2021-01-13 18:56:56 +01:00
0c6abc817b
Remove upq from ConfigItem::ActivateItems
...
Since commit d9010c7b9f
2021-01-13 15:19:55 +01:00
68a0079c26
ConfigObjectUtility::GetObjectConfigPath(): hash names of not already existing objects
...
... to avoid too long file names.
refs #8022
2021-01-12 18:03:22 +01:00
a6af5406f7
Merge pull request #8083 from Icinga/feature/Implement-new-API-events-7974
...
Implement new API event streams response
2021-01-12 12:26:05 +01:00
756abbb2ff
ApiEvents: Implement new API event streams response
2021-01-11 14:59:48 +01:00
635a8c5d4c
Merge pull request #8088 from Icinga/bugfix/log-two-nodes-run-on-different-versions-8075
...
Display logmessage if two nodes run on different versions
2021-01-11 12:30:30 +01:00
339b37a985
Use content_length method for setting the Content-Length header
...
Boost.Beast changed the signature of the previously used generic `set`
method so that it no longer accepts integer types, however there is
alreay a more specific method for setting the Content-Length header, so
use this one instead.
2020-12-22 16:27:38 +01:00
4051bc9c8f
ConfigObjectUtility#CreateObject(): check config objects for duplicates
...
... not to delete already existing objects during a trial of re-creation.
refs #7726
2020-12-16 16:45:22 +01:00
8eb4f2e062
ApiListener: Display log message if two nodes run on different versions
2020-12-16 16:09:28 +01:00
f7e368564f
Merge pull request from GHSA-pcmr-2p2f-r7j6
...
Verify certificates against CRL before renewing them (2.13)
2020-12-15 12:30:19 +01:00
2bad55efc7
Fix runtime config updates not working for objects without zone
...
refs #8533
2020-12-10 16:08:55 +01:00
e86bd24348
Verify certificates against CRL before renewing them
...
When a CRL is specified in the ApiListener configuration, Icinga 2 only
used it when connections were established so far, but not when a
certificate is requested. This allows a node to automatically renew a
revoked certificate if it meets the other conditions for auto-renewal
(issued before 2017 or expires in less than 30 days).
2020-12-09 12:10:59 +01:00
bbfd1ecfc8
Use ERR_error_string_n() instead of ERR_error_string()
...
Explicitly pass the actual length of the buffer to avoid overflows.
2020-12-08 13:08:18 +01:00
bee4ac7f7c
Merge pull request #8040 from Icinga/feature/v1-actions-execute-command-8034
...
Add API endpoint: /v1/actions/execute-command
2020-12-02 10:53:24 +01:00
3f4b09f01c
Merge pull request #8488 from Icinga/feature/improve-config-sync-locking
...
Improve config sync locking
2020-11-27 17:55:15 +01:00
81ed8d5629
Merge pull request #8321 from Icinga/bugfix/cant-create-api-user-w-password-8164
...
Allow to create API User w/ password
2020-11-25 15:40:07 +01:00
1343fd538d
Start ApiListener#SyncClient() in the thread pool
...
... not hosting the coroutines not to block them.
Otherwise a large replay log would block messages sending
until the peer disconnects us.
2020-11-24 17:25:43 +01:00
3dcc6c32f3
Merge pull request #8479 from Icinga/bugfix/close-anonymous-connections
...
Close anonymous connections after 10 seconds
2020-11-24 16:44:09 +01:00
2a2924855f
Merge pull request #7922 from Icinga/feature/http-status-codes-in-icinga-mainlog-7053
...
Include HTTP status codes in log
2020-11-24 16:35:58 +01:00
da407660f2
Merge pull request #8500 from Icinga/bugfix/config-sync-only-remove-files-if-timestamp-changed
...
Config sync: Only remove files, if timestamp changed
2020-11-24 16:34:12 +01:00
c154d4d50e
Merge pull request #8466 from Icinga/feature/one-connection
...
ApiListener#NewClientHandlerInternal(): reject connections from already connected endpoints
2020-11-24 16:33:15 +01:00
83b4d8e69d
Config sync: Only remove files, if timestamp changed
2020-11-24 10:44:38 +01:00
39bc1590f6
Merge pull request #8440 from Icinga/bugfix/message-routing-for-global-zones
...
Fix cluster message routing for global zones
2020-11-24 10:41:17 +01:00
e84a4a290d
Merge pull request #8450 from Icinga/bugfix/do-not-accept-api-updates-for-unknown-zone
...
API: Don't accept object updates for unknown global zone
2020-11-24 10:40:20 +01:00
70c9d49ebc
ApiListener: merge new config validation and actication functions
...
Merge AsyncTryActivateZonesStage and TryActivateZonesStageCallback and
name the result TryActivateZonesStage. The old split was a leftover from
the one being a callback function with no actual meaningful separation.
2020-11-17 09:37:13 +01:00
2d1980c10d
Merge pull request #8476 from Icinga/docs/api-action-api-function
...
Clarify difference between API actions and functions in their docstrings
2020-11-17 08:17:05 +01:00
e4610e7dbd
Use std::mutex instead of Spinlock
2020-11-16 17:38:03 +01:00
74b65f1642
API filesync: wait for validation process to exit
...
This avoid having to pass a lock implictly using the captured variables
of a lambda.
2020-11-16 17:10:57 +01:00
d1edcb909c
Close anonymous connections after 10 seconds
...
Anonymous connections are normally only used for requesting a
certificate and are closed after this request is received. However, the
request is only sent if the child has successfully verified the
certificate of its parent so that it is an authenticated connection from
its perspective. In case this verification fails, both ends view it as
an anonymous connection and never actually use it but attempt a
reconnect after 10 seconds leaking the connection. Therefore close it
after a timeout.
2020-11-12 18:01:11 +01:00
8ca765d730
Merge pull request #8455 from Icinga/bugfix/replay-object-deletion
...
Log config object deletions to replay log
2020-11-12 15:08:55 +01:00
01a278bb5e
Clarify difference between API actions and functions in their docstrings
2020-11-12 14:23:41 +01:00
5f6042d92f
Fix 'emoving' typo
2020-11-09 16:35:16 +01:00
cb476172ec
Fix cluster message routing for global zones
...
RelayMessageOne used to relay the message only to one other endpoint for
other zones, which is fine, as long as the target zone is a child/parent
zone but breaks if the target zone is a global one. In this case, the
message has to be forwarded within the local zone as well as to one node
in each child zone.
2020-11-09 15:43:43 +01:00
be53b0af9e
Log config object deletions to replay log
...
The initial config object sync for each new connection (in
`ApiListener::SendRuntimeConfigObjects()`) only considers currently
existing objects and has no way to pass the information that objects
were deleted in the meantime.
This commit logs config object deletions to the replay log if required
so that there is a chance that it will be propagated to nodes that were
offline when the deletion happened.
Note that this can only be considered a workaround as the replay log
might be pruned or could even be completely disabled. Also, there still
seems to be a race-condition between the config sync and replay log of
multiple new connections at the same time.
2020-11-09 14:09:44 +01:00
29e5d7def7
Include HTTP status codes in log
...
refs #7053
2020-11-09 10:20:13 +01:00
8ba5f72533
API: Don't accept object updates for unknown zone
2020-11-06 17:27:10 +01:00
1450e1bb7f
Merge pull request #8108 from Icinga/bugfix/api-incorrect-response-header-6747
...
API: Send Content-Type as api response header too
2020-11-03 18:50:31 +01:00
939f4591a4
Merge pull request #8087 from Icinga/bugfix/log-cout-permission-error-8086
...
Display Logmessage if an permission error occurs
2020-11-03 17:23:06 +01:00
488e6bfb67
HTTP Request: Log an exception message if an error occurs
2020-11-02 15:01:48 +01:00
1e281b060a
Merge pull request #7952 from Icinga/fix/SO_REUSEPORT-optional
...
apilistener: Make SO_REUSEPORT optional
2020-10-29 15:56:56 +01:00
bb851b0558
Merge branch 'master' into feature/v1-actions-execute-command-8034
2020-10-28 18:37:08 +01:00
38110e55d3
ApiListener#NewClientHandlerInternal(): reject connections from already connected endpoints
2020-10-26 15:20:58 +01:00
a32c1bf910
Merge pull request #7864 from Icinga/bugfix/icinga2-doesn-t-close-connections-7203
...
Add timeout for boost::asio::ssl::stream#async_shutdown()
2020-10-19 15:25:12 +02:00
40ac05c182
Introduce Endpoint#capabilities
...
refs #8034
2020-10-19 13:04:20 +02:00
f60ae93717
Merge pull request #7870 from Icinga/bugfix/last-zone-sync-stage-validation-failed-7642
...
Clear ApiListener#last_failed_zones_stage_validation on config::Update if config not changed
2020-10-19 12:31:01 +02:00
4bb6f4c910
Merge pull request #8364 from Icinga/bugfix/configsyncstagelock-unlock-owner-213
...
Make ApiListener::m_ConfigSyncStageLock a SpinLock
2020-10-14 16:01:00 +02:00
fbfa931b31
Clear ApiListener#last_failed_zones_stage_validation on config::Update if config not changed
...
refs #7642
2020-10-14 12:17:14 +02:00
a083635de4
Make ApiListener::m_ConfigSyncStageLock a SpinLock
2020-10-14 10:47:08 +02:00
e04d618ede
Catch exceptions in the thread running HandleConfigUpdate
...
With dc3062a9b0
2020-10-13 14:07:44 +02:00
3f3e04eb69
Allow to create api user w/ password
...
fixes #8164
2020-10-09 20:15:44 +02:00
730075a177
Merge pull request #1 from Al2Klimov/version
...
Introduce Endpoint#icinga_version
2020-08-05 09:23:28 +02:00
a615b2126e
Merge pull request #8142 from Icinga/bugfix/don-not-close-connection-on-missing-heartbeat-8095
...
Remove all codes related to the heartbeat timeout
2020-07-29 15:33:22 +02:00
97fc70ccb2
Merge pull request #7836 from Icinga/bugfix/jsonrpcconnection-m_seen
...
Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message
2020-07-29 15:02:48 +02:00
964a90fa4b
Remove all codes related to the heartbeat timeout
...
until now, if the timeout is exceeded, the connection is immediately terminated.
But since we do not want to disconnect even if the timeout is exceeded, it is
better to send the messages without timeout and have deleted everything that
related to the heartbeat timeout. We also have another mechanism in
JRPC::CheckLiveness that does the disconnect.
2020-07-29 14:27:55 +02:00
9f57e895f1
Merge pull request #8102 from Icinga/bugfix/send-heartbeat-less-often-8098
...
Send heartbeat every 20s and not 10s
2020-07-21 09:46:33 +02:00
df2d30e6af
Send Content-Type as api response header too
2020-07-10 10:42:55 +02:00
cf5ec5e341
Send heartbeat every 20s and not 10s
2020-07-09 13:22:08 +02:00
645dcbdc9e
Introduce Endpoint#icinga_version
...
... and set it to e.g. 21200 via icinga::Hello.
2020-07-07 18:24:06 +02:00
b07471d803
AuthenticatedApiUser name refactor
2020-07-03 11:17:36 +02:00
08c6e9bc42
Make authenticatedApiUser a static property of ActionsHandler
2020-07-03 11:00:40 +02:00
27a6fd6b40
Get API user from ActionsHandler
2020-07-03 10:16:23 +02:00
cc6fa66ba6
Allow apiactions to return sucecss http codes different from 200
2020-06-23 11:52:22 +02:00
19c632e44b
Add timeout for boost::asio::ssl::stream#async_shutdown()
...
refs #7203
2020-06-17 10:33:35 +02:00
647f1547a9
Generalize I/O timeout emulation
2020-06-17 10:31:40 +02:00
84b052b314
Merge pull request #7926 from Icinga/bugfix/jsonrpcconnection-handleandwriteheartbeats-m_endpoint-getname
...
JsonRpcConnection#HandleAndWriteHeartbeats(): check !!#m_Endpoint
2020-06-03 15:46:38 +02:00
d5d89b7f39
Merge pull request #7970 from Icinga/bugfix/reconnect-loop
...
RequestCertificateHandler(): don't disconnect nodes already integrated into the cluster
2020-04-27 13:05:22 +02:00
5a5cf1a2eb
RequestCertificateHandler(): don't disconnect nodes already integrated into the cluster
...
... not to cause a reconnect loop.
2020-04-08 13:29:55 +02:00
2e22ceb23e
Merge pull request #7936 from Icinga/bugfix/config-sync-failed-reload-7742
...
ApiListener::ConfigUpdateHandler(): make the whole process mutually exclusive
2020-04-07 15:55:14 +02:00
bce51c1af5
/v1/actions/*: return 404 if no objects found
...
refs #7956
2020-04-02 11:50:07 +02:00
b5fa7569f2
apilistener: Make SO_REUSEPORT optional
2020-03-31 18:03:59 +02:00
51e534ff4c
Fix CA verification regression
...
Uninitialized bool values may evaluate to true while it should be false.
2020-03-29 16:05:29 +02:00
38f3108c1a
ApiListener::HandleConfigUpdate(): make the whole process mutually exclusive
...
refs #7742
2020-03-23 17:33:14 +01:00
dc3062a9b0
ApiListener::ConfigUpdateHandler(): block as less as possible
...
refs #7742
2020-03-23 17:31:59 +01:00
5e7a675009
JsonRpcConnection#HandleAndWriteHeartbeats(): check !!#m_Endpoint
2020-03-18 11:58:27 +01:00
4c9e4959f3
Merge pull request #7823 from Icinga/bugfix/unify-application-start-times
...
Fix timing point for Application::GetStartTime() (related to command endpoint grace period)
2020-03-09 09:45:57 +01:00
c9ab04d511
Merge pull request #7841 from Icinga/bugfix/jsonrpcconnection-sendmessage-keepalive
...
JsonRpcConnection#Send*Message(): keep this alive
2020-03-03 10:46:33 +01:00
13d2416e29
Fix regression from JsonRPC PKI CA verification checks
...
refs #7835
2020-02-27 12:31:02 +01:00
456b0779bb
JsonRpcConnection PKI: Document swalled exception
2020-02-20 15:15:54 +01:00
0f84ce0470
Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message
2020-02-19 11:11:53 +01:00
a91b9f2ddf
Pki: Extend GetCertificateInformation() with version, serial, signature algorithm, SANs
2020-02-17 17:44:10 +01:00
24397fbee8
CA Proxy: Catch exceptions from VerifyCertificate()
2020-02-17 17:43:11 +01:00
fbce756007
JsonRpcConnection#Send*Message(): keep this alive
2020-02-17 16:12:07 +01:00
d53eb34520
Unify Application::GetStartTime() and drop GetMainTime()
...
This essentially moves the start time into the scope when main
starts to "do something", after the reload and configuration handling
is done.
2020-02-11 17:26:15 +01:00
d99f76bdae
Merge pull request #7767 from Icinga/bugfix/replay-log-windows-rename
...
Ensure that log replay files are properly renamed on Windows
2020-02-10 11:42:25 +01:00
8324970ab9
Merge pull request #7809 from Icinga/bugfix/handshake-timeout-7805
...
Close connections w/o sucessful TLS handshakes during 10s
2020-02-07 16:01:30 +01:00
7488d2614b
Merge pull request #7811 from Icinga/bugfix/config-sync-log
...
Cluster config sync: Use a more friendly message when configs are equal and don't need a reload
2020-02-06 14:32:46 +01:00
35c9f2e7b3
Close connections w/o sucessful TLS handshakes during 10s
...
refs #7805
2020-02-05 15:53:56 +01:00
cdfc6e6f50
Cluster config sync: Use a more friendly message when configs are equal and don't need a reload
...
This also adds an entry to the troubleshooting docs.
2020-02-05 15:31:41 +01:00
0da46c1d4b
Ensure that log replay files are properly renamed on Windows
...
rename() without _unlink() before doesn't work on Windows.
This commits also adds an error message which was swallowed
previously.
2020-01-20 11:41:43 +01:00
3d841d5f64
Don't send event::Heartbeat to unauthenticated peers
...
refs #7746
2020-01-13 11:21:38 +01:00
9d55a8264d
Fix open connections when agent waits for CA approval
...
This closes the agent connection when the certificate sign requests
waits for CA approval.
refs #7680
2019-12-03 21:19:39 +01:00
177c45d787
Improve error message for POST queries
...
If the user does a POST query but forgets to add the
'X-HTTP-Method-Override: GET' HTP header, the error message was
misleading. This changes the error message to a more detailed message
which might give the user a better understanding what the problem
could be.
Fixes #7675 .
2019-12-03 11:39:40 +01:00
859658ab98
Fix TLS context copies in ApiListener
...
This avoids copying the TLS context in the ApiListener class and removes
the obsolete variable.
This is a follow-up from #7654
2019-11-29 16:03:38 +01:00
8431ea52ee
Make SSL context const again
...
Turns out that the switch to the class member variable inside the lambda
expression is sufficient to fix the issue.
2019-11-25 23:42:32 +01:00
016a6c3f25
Fix ApiListener const SSL context
...
This makes the SSL context in ApiListener::SpawnCoroutine non-const to
address an issue when an agent recieves an signed certificate from the
master and tries to update the SSL context. This also uses the class
member variable which is captured by `this` in the lamda expression.
fixes #7650
2019-11-25 22:21:09 +01:00
b1787883f7
Merge pull request #7535 from tigercomputing/Icinga/feature/config-stage-activate-parameter
...
API /v1/config/stages 'activate' parameter
2019-11-15 12:58:03 +01:00
38080405df
Merge pull request #7528 from Icinga/bugfix/api-put-error-handling
...
API: Handle permission exceptions soon enough, returning 404
2019-11-15 11:53:59 +01:00
f601ba51e0
Revert "Eventqueue: Remove unused code"
...
This reverts commit a7873da89d
2019-11-02 14:00:23 +01:00
cb20b4829a
Cluster Config Sync: Check the timestamp prior to config file checksums
...
Otherwise old configuration received from a secondary master/satellite
could always trigger a config change & reload.
2019-10-22 14:07:10 +02:00
aa4cad7482
Replace std::shared_ptr<Expression> with Expression::Ptr
...
refs #7361
2019-10-21 17:10:51 +02:00
ba1ce9c853
Replace std::shared_ptr<boost::asio::ssl::context> with Shared<boost::asio::ssl::context>::Ptr
2019-10-21 16:12:46 +02:00
a1fef92835
Replace std::shared_ptr<boost::asio::ip::tcp::acceptor> with Shared<boost::asio::ip::tcp::acceptor>::Ptr
2019-10-21 16:12:46 +02:00
a1683568a1
Replace std::shared_ptr<AsioTlsStream> with Shared<AsioTlsStream>::Ptr
2019-10-21 16:12:35 +02:00
e7c07062f8
Avoid syncing .authorititative marker received from < 2.11 parent nodes
2019-10-02 10:49:02 +02:00
aece8d61e2
Introduce 'activate' parameter to config stage handling
...
This functionality allows a stage to be uploaded and validated as
normal, but not activated. This is useful to pre-flight an Icinga config
package before it is applied to a monitoring cluster, for example in a
CI pipeline.
2019-09-24 17:17:19 +01:00
f419efd778
API: Handle permission exceptions soon enough, returning 404
...
fixes #7513
2019-09-23 09:48:50 +02:00
eddb40a913
CSR Auto-signing: Add debug logging for skipped signing
2019-09-18 11:53:58 +02:00
d3eb62301e
API: Add AES128-GCM-SHA256 compatible cipher for el6
...
fixes #7501
2019-09-16 14:19:22 +02:00
9ec246a2f4
Revert: Always reset Boost beast buffer in HttpServerConnection#ProcessMessages #7476
...
Not a simple revert but also adds a comment for the buffer.
refs #7476
2019-09-12 17:00:17 +02:00
2c0e0da2d9
Introduce IoEngine::SpawnCoroutine wrapping asio::spawn and Boost exceptions
...
This is required to
- catch all exceptions and wrap them into Boost exceptions. They
are the only ones allowed with Boost.Coroutine.
- set a dedicated coroutine stack size for Windows.
refs #7431
2019-09-09 16:40:35 +02:00
5fa7331cc9
Quality: Replace deprecated Boost IO service code
...
https://github.com/boostorg/asio/issues/110
https://www.boost.org/doc/libs/1_66_0/doc/html/boost_asio/example/cpp03/services/logger_service.hpp
2019-09-09 15:27:57 +02:00
0a9563b3db
HttpServerConnection#ProcessMessages(): avoid I/O if shutting down
...
refs #7431
2019-09-09 13:37:44 +02:00
b85b8b9697
HttpServerConnection#ProcessMessages(): avoid I/O after boost::asio::error::operation_aborted
...
refs #7431
2019-09-09 13:29:47 +02:00
dfaeb88ac3
{HttpServer,JsonRpc}Connection#Disconnect(): cancel I/O ops ASAP
...
refs #7431
2019-09-09 13:11:51 +02:00
b3c48e7520
Merge pull request #7485 from Icinga/bugfix/api-disconnect-defer
...
Avoid the Defer-Disconnect destructor pattern with Boost.Coroutines
2019-09-09 11:41:34 +02:00
c5aa978912
Rewrite error handling in HttpServerConnection#EnsureValidHeaders()
...
Throwing local exceptions unnecessarily pollutes the exception
stack with immediate unwinding. Avoid this pattern at all cost within
Boost.Coroutines. MSVC may handle exceptions differently and cause
problems with stack unwinding.
refs #7431
refs #7351
2019-09-09 11:03:21 +02:00
17d4d17307
Avoid the Defer-Disconnect destructor pattern with Boost.Coroutines
...
Exceptions in Disconnect() might be thrown (this has been reworked
into error_code locally) which are swallowed inside the Destructor
for being dangerous. On the other hand, swallowing them may
corrupt the stack unwinding operation from the coroutine layer.
The best is to avoid Defer inside lib/remote and call Disconnect()
directly after breaking from other operations.
refs #7351
refs #7431
2019-09-09 10:57:13 +02:00
ebb0826be0
JsonRpcConnection: Don't swallow exceptions in Boost.Coroutine
...
refs #7351
2019-09-09 09:26:12 +02:00
cdacd545c6
Merge pull request #7477 from Icinga/bugfix/api-boost-exceptions-errors
...
HttpServerConnection: Prefer error codes over Boost exceptions
2019-09-06 10:22:42 +02:00
a208f7baf0
HttpServerConnection: Prefer error codes over Boost exceptions
...
When run within a coroutine, exceptions on Windows may influence
bad behaviour here. Instead, we'll check for the error code
and extract the message from memory. In contrast to exceptions
which are stored on the stack frame and then return, this costs
a little more memory but simplifies the logic.
This doesn't fix the linked issue, but is related to the analysis.
refs #7431
2019-09-06 10:06:17 +02:00
eabba2de42
Always reset Boost beast buffer in HttpServerConnection#ProcessMessages
...
refs #7431
2019-09-06 09:31:16 +02:00
f62db49d3e
Merge pull request #7451 from Icinga/bugfix/update-docs
...
Update docs: Fix online URL, cipher list
2019-08-28 08:59:28 +02:00
0915c84530
Update doc URL for the API info handler at /v1
2019-08-27 16:47:07 +02:00
c24312b870
JsonRpcConnection#Disconnect(): unregister the connection ASAP
...
refs #7444
2019-08-23 17:14:13 +02:00
2760748d78
Fix and improve logging for runtime object sync
...
config::UpdateObject would create a new object, but this may
have been silently ignored with 'ignore_on_error' - downtimes, etc.
Since we cannot simply fetch the error from inside the config compiler,
we'd just check whether there's a config object created at this stage.
This happens synchronously, and once there is, log something.
The previous code always logged the creation, even if the downtime
was ignored, e.g. when the first master sent one for local host objects.
This commit also adds more details: identity, endpoint, zone to extract
the MessageOrigin details into log messages for better troubleshooting
and debugging.
refs #7198
2019-08-15 09:29:05 +02:00
7c1f716dad
Fix cookie with ActivateItems
2019-08-13 16:09:26 +02:00
c30edd0a34
Fix message origin for runtime created config object (create/delete events)
2019-08-13 15:05:47 +02:00
743dcad35d
Improve logging for downtime/ack events (add, remove, expire)
...
fixes #7374
2019-08-06 13:28:58 +02:00
c42a2583f0
Cluster sync: Only sync valid UTF8 content (text config, no binaries)
...
- *.conf files are sanitized automatically.
- Other files detect sanitizing and treat that as unsupported type
refs #7382
2019-08-02 16:06:32 +02:00
ebd6735c70
TLS Ciphers: Add compatibility suites for older agents (el7)
2019-07-30 10:55:29 +02:00
eff6e7662c
Fix style and comments
2019-07-15 09:54:35 +02:00
5fbc052aba
Cluster Sync: Improve log messages
2019-07-15 09:54:26 +02:00
b00e1d0c67
Config sync: Count the updates and log them
...
```
[2019-07-10 12:34:27 +0200] information/ApiListener: Received configuration updates (2) from endpoint 'master1' are equal to production, not triggering reload.
```
2019-07-15 09:54:09 +02:00
87d4575af8
Cluster Sync: Ensure that files are synced everytime
2019-07-15 09:53:47 +02:00
3f4cb0936c
Add ApiListener::UpdatedObjectAuthority()
...
refs #7086
2019-07-11 12:58:07 +02:00
46287c92e6
Cluster: Avoid checking for checksum length with internal files in use
...
fixes #7282
2019-07-04 13:52:31 +02:00
3e801fbd5a
Fix Path to staged files
...
The paths in the list are relative, not absolute to the stage directory.
2019-06-26 02:04:06 +02:00
08a47600be
Config sync: Only copy paths to prod which are actually there
...
Stored files may be removed by external sources.
2019-06-19 17:00:50 +02:00
db4cc13770
Config Sync: Only log config files for stage, no metadata
2019-06-19 16:09:16 +02:00
577e42e137
Quality: Comments and logs in cluster config sync
2019-06-19 14:46:11 +02:00
3852c51c9f
Cluster sync: Don't load/sync the .authoritative config file marker
...
This would influence everything else, and it isn't needed anywhere
but the master instance (zones.d -> var-zones).
2019-06-19 14:46:11 +02:00
Yonas Habteab
Alexander A. Klimov
Julian Brost
Yonas Habteab
Noah Hilverling
Noah Hilverling
mcodato
Mattia Codato
Benjamin Groeber
Markus Frosch
Michael Insel
Michael Friedrich
Matthias Baur
Chris Boot
Diana Flach
Janne Heß