tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-09-03 07:58:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,423 Commits 273 Branches 124 Tags
Commit Graph

924 Commits

Author SHA1 Message Date
Julian Brost
6b8a018afb
Merge pull request #8486 from Icinga/bugfix/config-sync-only-remove-files-if-timestamp-changed 
Config sync: Only remove files, if timestamp changed
 2020-11-16 17:36:42 +01:00
Noah Hilverling
f184c1bc57 Config sync: Only remove files, if timestamp changed 2020-11-16 17:33:20 +01:00
Noah Hilverling
c40a4c5cbc
Merge pull request #8475 from Icinga/bugfix/replay-log-blocks 
Start ApiListener#SyncClient() in the thread pool
 2020-11-16 14:34:40 +01:00
Noah Hilverling
cd819e3801
Merge pull request #8473 from Icinga/bugfix/message-routing-for-global-zones-2.11 
Fix cluster message routing for global zones
 2020-11-16 14:32:52 +01:00
Julian Brost
de44bf5e71 Close anonymous connections after 10 seconds 
Anonymous connections are normally only used for requesting a
certificate and are closed after this request is received. However, the
request is only sent if the child has successfully verified the
certificate of its parent so that it is an authenticated connection from
its perspective. In case this verification fails, both ends view it as
an anonymous connection and never actually use it but attempt a
reconnect after 10 seconds leaking the connection. Therefore close it
after a timeout.
 2020-11-13 16:33:04 +01:00
Alexander A. Klimov
ba87ae8109 Start ApiListener#SyncClient() in the thread pool 
... not hosting the coroutines not to block them.

Otherwise a large replay log would block messages sending
until the peer disconnects us.
 2020-11-12 14:14:20 +01:00
Julian Brost
1adfe851b1 Fix cluster message routing for global zones 
RelayMessageOne used to relay the message only to one other endpoint for
other zones, which is fine, as long as the target zone is a child/parent
zone but breaks if the target zone is a global one. In this case, the
message has to be forwarded within the local zone as well as to one node
in each child zone.
 2020-11-12 09:49:56 +01:00
Noah Hilverling
d80eb89908
Merge pull request #8457 from Icinga/bugfix/replay-object-deletion-2.11 
Log config object deletions to replay log
 2020-11-10 11:31:49 +01:00
Alexander Aleksandrovič Klimov
97cda44e7d
Merge pull request #8399 from Icinga/feature/one-connection 
ApiListener#NewClientHandlerInternal(): reject connections from already connected endpoints
 2020-11-10 11:17:21 +01:00
Alexander Aleksandrovič Klimov
3c97ab6d47
Merge pull request #8454 from Icinga/feature/http-status-codes-in-icinga-mainlog-7053 
Include HTTP status codes in log
 2020-11-10 11:13:26 +01:00
Noah Hilverling
b2a235c54a API: Don't accept object updates for unknown zone 2020-11-09 16:21:40 +01:00
Julian Brost
b330d8a74e Log config object deletions to replay log 
The initial config object sync for each new connection (in
`ApiListener::SendRuntimeConfigObjects()`) only considers currently
existing objects and has no way to pass the information that objects
were deleted in the meantime.

This commit logs config object deletions to the replay log if required
so that there is a chance that it will be propagated to nodes that were
offline when the deletion happened.

Note that this can only be considered a workaround as the replay log
might be pruned or could even be completely disabled. Also, there still
seems to be a race-condition between the config sync and replay log of
multiple new connections at the same time.
 2020-11-09 15:55:51 +01:00
Alexander A. Klimov
29e5d7def7 Include HTTP status codes in log 
refs #7053
 2020-11-09 10:20:13 +01:00
Alexander A. Klimov
38110e55d3 ApiListener#NewClientHandlerInternal(): reject connections from already connected endpoints 2020-10-26 15:20:58 +01:00
Julian Brost
c5ce54918e Catch exceptions in the thread running HandleConfigUpdate 
With dc3062a9b06fed69cdbb1508ace6eb2f77f87553, exceptions in this code
path were no longer caught properly. This commit restores exception
handling for this function.
 2020-10-13 14:27:47 +02:00
Alexander Aleksandrovič Klimov
dd8b786b3b
Merge pull request #8292 from Icinga/bugfix/icinga2-doesn-t-close-connections-7203-211 
Add timeout for boost::asio::ssl::stream#async_shutdown()
 2020-10-13 13:58:39 +02:00
Julian Brost
21b30322c9
Merge pull request #8308 from Icinga/bugfix/configsyncstagelock-unlock-owner 
Make ApiListener::m_ConfigSyncStageLock a SpinLock
 2020-10-13 13:37:08 +02:00
Alexander A. Klimov
b6b3ac0ab8 Make ApiListener::m_ConfigSyncStageLock a SpinLock 2020-10-02 17:54:36 +02:00
Alexander A. Klimov
b24f438daa Add timeout for boost::asio::ssl::stream#async_shutdown() 
refs #7203
 2020-09-28 15:39:33 +02:00
Noah Hilverling
198090d072
Merge pull request #8230 from Icinga/bugfix/open-connections-2116 
Fix open connections when agent waits for CA approval
 2020-09-14 09:32:31 +02:00
Alexander A. Klimov
a3626d8980 Buildfix 2020-09-11 17:07:40 +02:00
Alexander A. Klimov
89c188996b RequestCertificateHandler(): don't disconnect nodes already integrated into the cluster 
... not to cause a reconnect loop.
 2020-09-11 16:19:43 +02:00
Michael Insel
0ed108bfa2 Fix open connections when agent waits for CA approval 
This closes the agent connection when the certificate sign requests
waits for CA approval.

refs #7680
 2020-09-11 16:17:37 +02:00
Noah Hilverling
6701db4dba
Merge pull request #8225 from Icinga/bugfix/last-zone-sync-stage-validation-failed-7642-2116 
Clear ApiListener#last_failed_zones_stage_validation on config::Update if config not changed
 2020-09-11 14:24:50 +02:00
Alexander A. Klimov
9632d3f634 Clear ApiListener#last_failed_zones_stage_validation on config::Update if config not changed 
refs #7642
 2020-09-11 13:50:32 +02:00
Alexander A. Klimov
dcc3c32dcd Close connections w/o sucessful TLS handshakes during 10s 
refs #7805
 2020-09-11 11:07:50 +02:00
Noah Hilverling
a5370f7d15
Merge pull request #8097 from Icinga/bugfix/don-not-close-connection-on-missing-heartbeat-8095 
Don't close connection on missing heartbeat
 2020-07-29 14:12:07 +02:00
Yonas Habteab
a0a5348895 Remove all codes related to the heartbeat timeout 
until now, if the timeout is exceeded, the connection is immediately terminated.
But since we do not want to disconnect even if the timeout is exceeded, it is
better to send the messages without timeout and have deleted everything that
related to the heartbeat timeout. We also have another mechanism in
JRPC::CheckLiveness that does the disconnect.
 2020-07-29 14:10:42 +02:00
Noah Hilverling
a5d4b5797a
Merge pull request #8121 from Icinga/bugfix/include 
Fix missing include
 2020-07-21 09:10:24 +02:00
Alexander A. Klimov
21895c92fa Fix missing include 2020-07-17 16:58:49 +02:00
Noah Hilverling
3c28c55421
Merge pull request #8103 from Icinga/bugfix/send-heartbeat-less-often-8098 
Send heartbeat every 20s and not 10s
 2020-07-16 09:53:08 +02:00
Yonas Habteab
cf5ec5e341 Send heartbeat every 20s and not 10s 2020-07-09 13:22:08 +02:00
Noah Hilverling
d6a007cd27
Merge pull request #8094 from Icinga/bugfix/jsonrpcconnection-m_seen 
Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message
 2020-07-08 09:59:22 +02:00
Alexander A. Klimov
67b04fae69 ApiListener::HandleConfigUpdate(): make the whole process mutually exclusive 
refs #7742
 2020-07-07 16:11:21 +02:00
Alexander A. Klimov
4d80903c47 ApiListener::ConfigUpdateHandler(): block as less as possible 
refs #7742
 2020-07-07 16:11:21 +02:00
Noah Hilverling
949da2bc6b
Merge pull request #8043 from Icinga/bugfix/unify-application-start-times-v2114 
Fix timing point for Application::GetStartTime() (related to command endpoint grace period)
 2020-06-09 14:04:07 +02:00
Michael Friedrich
18fdc1457a Unify Application::GetStartTime() and drop GetMainTime() 
This essentially moves the start time into the scope when main
starts to "do something", after the reload and configuration handling
is done.
 2020-06-03 16:25:53 +02:00
Alexander Aleksandrovič Klimov
13df2fc067
Merge pull request #7997 from Icinga/bugfix/jsonrpcconnection-handleandwriteheartbeats-m_endpoint-getname 
JsonRpcConnection#HandleAndWriteHeartbeats(): check !!#m_Endpoint
 2020-05-11 11:39:19 +02:00
Alexander A. Klimov
5e7a675009 JsonRpcConnection#HandleAndWriteHeartbeats(): check !!#m_Endpoint 2020-03-18 11:58:27 +01:00
Noah Hilverling
984c0ef645
Merge pull request #7849 from Icinga/bugfix/jsonrpcconnection-sendmessage-keepalive 
JsonRpcConnection#Send*Message(): keep this alive
 2020-03-02 10:45:46 +01:00
Alexander A. Klimov
0f84ce0470 Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message 2020-02-19 11:11:53 +01:00
Alexander A. Klimov
fbce756007 JsonRpcConnection#Send*Message(): keep this alive 2020-02-17 16:12:07 +01:00
Michael Friedrich
df24d51ccf Cluster Config Sync: Check the timestamp prior to config file checksums 
Otherwise old configuration received from a secondary master/satellite
could always trigger a config change & reload.

(cherry picked from commit cb20b4829ac10694920db0d9f52ccc39a1ca1ae1)
 2019-10-22 17:54:45 +02:00
Michael Friedrich
de0876388e Avoid syncing .authorititative marker received from < 2.11 parent nodes 
(cherry picked from commit e7c07062f8f70098cf73c41ca594178b20360d3c)
 2019-10-17 13:54:03 +02:00
Michael Friedrich
eddb40a913 CSR Auto-signing: Add debug logging for skipped signing 2019-09-18 11:53:58 +02:00
Michael Friedrich
d3eb62301e API: Add AES128-GCM-SHA256 compatible cipher for el6 
fixes #7501
 2019-09-16 14:19:22 +02:00
Michael Friedrich
9ec246a2f4 Revert: Always reset Boost beast buffer in HttpServerConnection#ProcessMessages #7476 
Not a simple revert but also adds a comment for the buffer.

refs #7476
 2019-09-12 17:00:17 +02:00
Michael Friedrich
2c0e0da2d9 Introduce IoEngine::SpawnCoroutine wrapping asio::spawn and Boost exceptions 
This is required to

- catch all exceptions and wrap them into Boost exceptions. They
are the only ones allowed with Boost.Coroutine.
- set a dedicated coroutine stack size for Windows.

refs #7431
 2019-09-09 16:40:35 +02:00
Michael Friedrich
5fa7331cc9 Quality: Replace deprecated Boost IO service code 
https://github.com/boostorg/asio/issues/110
https://www.boost.org/doc/libs/1_66_0/doc/html/boost_asio/example/cpp03/services/logger_service.hpp
 2019-09-09 15:27:57 +02:00
Alexander A. Klimov
0a9563b3db HttpServerConnection#ProcessMessages(): avoid I/O if shutting down 
refs #7431
 2019-09-09 13:37:44 +02:00