Gyuho Lee
65464838ba
Merge pull request #9065 from gyuho/watch-id-2
...
*: allow user-provided watch ID to mvcc
2018-01-05 15:08:10 -08:00
Gyuho Lee
5b2f5150d9
etcdserver/api/v3rpc: set grpclog once
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2018-01-02 10:12:49 -08:00
Gyuho Lee
9e11ef3ad5
etcdserver,embed: discard gRPC info logs when debug is off
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2018-01-02 09:29:07 -08:00
Gyuho Lee
9a50255515
etcdserver/api/v3rpc: log stream error with debug level
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2018-01-02 07:44:07 -08:00
Gyuho Lee
33c732b97c
api/v3rpc: add watch ID to "watchStream.Watch"
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-31 13:20:41 -08:00
Gyuho Lee
b3ec44ca99
etcdserver/api: add 3.3.0 as compatible server capability
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-20 13:34:12 -08:00
Gyuho Lee
497412c588
clientv3: call other APIs with default gRPC call options
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-20 10:58:05 -08:00
Gyuho Lee
f87760998b
clientv3: call KV/Txn APIs with default gRPC call options
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-20 10:58:05 -08:00
Gyuho Lee
bcd5390b35
*: regenerate protobuf, grpc-gateway
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-07 21:31:13 -08:00
Gyu-Ho Lee
6bd41f36ff
api/v3rpc: log grpc stream send/recv errors in server-side
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-29 17:34:05 -08:00
Gyu-Ho Lee
cbe8c7eda7
Merge pull request #8880 from gyuho/v3beta-endpoint
...
*: replace grpc-gateway endpoint with /v3beta
2017-11-16 09:42:19 -08:00
Frederic Branczyk
627cffd6f8
*: initialize gRPC server metrics with zero values
2017-11-15 11:21:29 +01:00
Gyu-Ho Lee
ab526e8814
*: regenerate proto, swagger specs
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-15 01:22:09 -08:00
Gyu-Ho Lee
ce6bb4f1c9
etcdserver: replace /v3alpha with /v3beta in proto definitions
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-15 01:19:53 -08:00
tylerauerbeck
527d03e0d2
etcdserver: update metrics to use promhttp
...
Update api/etcdhttp/metrics.go to use promhttp.Handler() instead of prometheus.Handler()
fixes #8729
2017-11-10 09:47:49 -08:00
tamal
c0c19465fc
*: upgrade grpc-gateway to v1.3
2017-11-08 18:38:41 -08:00
Gyu-Ho Lee
f48fe8ecda
api/v3rpc: do not convert server context error to grpc/*status.statusError
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-06 17:32:23 -08:00
Gyu-Ho Lee
5d98710b2e
api/v3rpc: deprecate grpc.Errorf
...
It's been deprecated as of grpc/grpc-go v1.6.x.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-04 22:08:17 -07:00
Gyu-Ho Lee
2feb8ba545
v3rpc/rpctypes: use codes.FailedPrecondition for ErrGRPCNotLeader
...
Changes ErrGRPCNotLeader error code to FailedPrecondition,
to disable retry with unavailable.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-10-20 14:28:17 -07:00
Gyu-Ho Lee
1109c6c321
etcdserver/api/etcdhttp: document package in doc.go
...
It was missing from godoc.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-10-06 10:47:47 -07:00
Gyu-Ho Lee
0199bdc266
*: fix 'ineffassign' issues
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-10-03 10:14:33 -07:00
Gyu-Ho Lee
32e15d790f
api/rpc: accept grpc.ServerOption's for keepalive policy
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-28 10:55:00 -07:00
Gyu-Ho Lee
9553afbb24
Merge pull request #8533 from gyuho/grpc
...
*: upgrade grpclog to LoggerV2
2017-09-12 03:53:04 -07:00
Gyu-Ho Lee
18ba4d60ec
v3rpc/rpctypes: use grpc.status for errors
...
grpc.Code, grpc.ErrorDesc, grpc.Errorf have been deprecated.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-11 09:20:03 -07:00
Gyu-Ho Lee
f37ff4a4e2
v3rpc: use grpclog.LoggerV2 for grpc logs
...
grpclog.Logger has been deprecated.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-08 15:25:36 -07:00
Gyu-Ho Lee
f65aee0759
*: replace 'golang.org/x/net/context' with 'context'
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-07 13:39:42 -07:00
Anthony Romano
8091be6e97
v2v3: ServerV2 backed by clientv3
2017-08-31 11:47:40 -07:00
Anthony Romano
1d3afd4bb5
etcdhttp, v2http, etcdserver: use etcdserver.{Server,ServerV2} interfaces
2017-08-31 11:47:40 -07:00
fanmin shi
d2ca782277
v3rpc: limit recv size using MaxRecvMsgSize and send using MaxSendMsgSize
...
grpc 1.3 uses MaxMsgSize() to limit received message size. However, grpc 1.4 introduces a 4mb default limit on send message size. In etcd, server shouldn't be limit size of message that it can be sent. Hence, set maximum size of send message using MaxSendMsgSize().
2017-08-22 14:31:01 -07:00
Anthony Romano
35dffc7bc1
rpctypes,v3rpc: add Corrupt error code
2017-08-22 09:59:59 -07:00
Gyu-Ho Lee
d25ae50c02
etcdserver: implement LeaseLeases API
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-08-14 14:18:56 -07:00
Gyu-Ho Lee
cd37ef2c1b
*: expose etcdhttp.Health, define proxy health handler
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-31 14:07:54 -07:00
Gyu-Ho Lee
4267d368df
api/etcdhttp: serve error information in '/health', marshal health in JSON
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-27 15:36:59 -07:00
Xiang Li
2a348fb8e9
Merge pull request #8263 from fanminshi/hash_by_rev
...
api: hash by rev
2017-07-26 11:22:33 -07:00
Gyu-Ho Lee
74c8050adc
*: use etcdhttp.Handle* for health, prometheus handlers
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-26 06:23:55 -07:00
Gyu-Ho Lee
78432e3bd2
etcdhttp: add metrics.go for metrics, health handler
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-26 06:23:55 -07:00
Anthony Romano
6fb08672d8
v3rpc: set canceled=true when stream is compacted
...
Fixes #8231
2017-07-25 12:36:01 -07:00
Gyu-Ho Lee
61a736a068
etcdserver: check alarms in health handler
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-18 15:51:28 -07:00
fanmin shi
fbb75d24a4
v3rpc: add HashKV to server rpc
2017-07-14 16:44:00 -07:00
Xiang Li
0a2b580f73
Merge pull request #8238 from yudai/allow_more_streams
...
v3rpc: Let clients establish unlimited streams
2017-07-11 18:21:09 -07:00
Iwasaki Yudai
52101e6e93
v3rpc: Let clients establish unlimited streams
...
From go-grpc v1.2.0, the number of max streams per client is set to 100
by default by the server side. This change makes it impossible
for third party proxies and custom clients to establish many streams.
2017-07-11 13:02:01 -07:00
Anthony Romano
e29db923bc
*: move v2http handlers without /v2 prefix to etcdhttp
...
Lets --enable-v2=false configurations provide /metrics, /health, etc.
Fixes #8167
2017-07-07 18:35:57 -07:00
Gyu-Ho Lee
b1a0ae3a3e
etcdserver/api/v3rpc: add 'MoveLeader' to 'maintenanceServer'
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-23 12:51:24 -07:00
Gyu-Ho Lee
939bbd77c0
etcdserver/*: add 'ErrNotLeader'
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-23 12:46:07 -07:00
Anthony Romano
6ed51dc621
etcdserver, v3rpc: support nested txns
2017-06-21 14:33:15 -07:00
Gyu-Ho Lee
c1e3172e3a
etcdserver/api/v3rpc: add default grpc health service
2017-06-20 10:48:06 -07:00
Gyu-Ho Lee
5e059fd8dc
*: use metadata Incoming/OutgoingContext
...
Fix https://github.com/coreos/etcd/issues/7888 .
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-15 16:41:23 -07:00
Anthony Romano
4ebeba0e18
*: regen protofiles with latest protobuf tools
2017-06-12 15:14:43 -07:00
Anthony Romano
c2dadbd9f8
v2http: put back /v2/machines and mark as non-deprecated
...
This reverts commit 2bb33181b6
. python-etcd
seems to depend on /v2/machines and the maintainer vanished. Plus, it is
prefixed with /v2/ so it probably can't be deprecated anyway.
2017-06-08 09:39:11 -07:00
Anthony Romano
fb086ef13f
v3rpc: dedup resp.Header == nil checks
2017-06-07 09:25:42 -07:00
Anthony Romano
8542f2e673
v3rpc: use map for translating errors to grpc errors
...
Switch statement had poor coverage, use a map instead
2017-06-06 16:55:44 -07:00
Anthony Romano
d8210da505
v3rpc: treat nil txn request op as error
...
Fixes #7889
2017-05-31 12:39:52 -07:00
fanmin shi
68a72c6b6e
v3rpc: change grpc max recv size as needed.
2017-05-25 11:01:51 -07:00
fanmin shi
e9f464debc
integration: creation of cluster now takes maxTxnOps
2017-05-24 14:48:44 -07:00
fanmin shi
ae7ddfb483
etcdserver: add --max-txn-ops flag
...
--max-txn-ops allows users to define the maximum transaction operations
for each txn request. it defaults at 128.
Fixes #7826
2017-05-24 10:32:32 -07:00
Hitoshi Mitake
939912c425
clientv3, etcdserver: support auth in Watch()
2017-05-20 11:34:45 +09:00
Iwasaki Yudai
010ffc0692
v3rpc: remove duplicated error case for lease.ErrLeaseNotFound
2017-05-08 20:09:41 -07:00
Anthony Romano
3ce31acda4
v3client: wrap watch ctxs with blank ctx
...
Printing the values in ctx.String() will data race if the value
is mutable and doesn't implement String(), which seems to be common.
Instead, just return a fixed string instead of computing it; v3client
watches don't need as much flexibility for creating separate strings,
so separate ctx strings probably aren't necessary at this point.
Fixes #7811
2017-04-25 15:03:06 -07:00
Anthony Romano
2bb33181b6
v2http: remove deprecated /v2/machines path
2017-04-22 03:11:21 -07:00
Anthony Romano
393e4335b7
*: put gateway stubs into their own packages
...
Fixes #7773
2017-04-19 13:09:06 -07:00
Xiang Li
957c9cd1df
Merge pull request #7734 from mitake/status-auth
...
etcdserver: let Status() not require authentication
2017-04-13 15:53:33 -07:00
Hitoshi Mitake
67f2e41f20
etcdserver: let Status() not require authentication
...
The information that can be obtained with the RPC doesn't need to be
protected.
Fix https://github.com/coreos/etcd/issues/7721
2017-04-13 17:39:09 +09:00
Anthony Romano
d9ec6b4d22
*: return updated member list in v3 rpcs
...
Now it's possible to atomically know the new member configuration from
issuing a membership change RPC.
2017-04-12 16:24:51 -07:00
Anthony Romano
78a5eb79b5
*: add swagger and grpc-gateway assets for v3lock and v3election
2017-04-10 15:21:07 -07:00
Anthony Romano
dc8115a534
v3election: Election RPC service
...
Fixes #7589
2017-04-07 16:36:38 -07:00
Anthony Romano
135a40751e
v3rpc: force RangeEnd=nil if length is 0
...
gRPC will replace empty strings with nil, but for the embedded case it's
possible for []byte{} to slip in and confuse the single key / >= key
watch logic.
2017-04-07 16:36:38 -07:00
Gyu-Ho Lee
7f2d6b3ef6
clientv3,v3client: add cluster embedded client
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-04-04 08:14:18 -07:00
Anthony Romano
833769f59f
v3rpc: return leader loss error if lease stream is canceled
...
Canceling the stream won't cancel the receive since it's using the internal
grpc context, not the one assigned by etcd.
2017-03-30 20:18:33 -07:00
Gyu-Ho Lee
0bf110e27f
clientv3,v3client: maintenance to embedded client
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-03-28 14:12:43 -07:00
Hitoshi Mitake
c40b86bcde
auth, etcdserver: forbid invalid auth management
...
If auth is enabled,
1. deleting the user root
2. revoking the role root from the user root
must not be allowed. This commit forbids them.
2017-03-23 16:47:58 +09:00
Anthony Romano
dea2516177
v3client: fix doc to use e.Server
...
Was passing embed.Etcd instead of etcdserver.EtcdServer.
2017-03-15 09:17:17 -07:00
Anthony Romano
01d1a579bc
v3client: add example and godoc New
2017-03-14 10:50:41 -07:00
Anthony Romano
47cd9d0277
v3lock: server-side api for locking
2017-03-13 15:23:26 -07:00
Anthony Romano
763a37d3f1
v3client: a bridge between an etcdserver and a clientv3
2017-03-13 15:23:26 -07:00
Anthony Romano
5da5b834e5
api: default to V3 capability
...
Fixes #7154
2017-03-02 14:02:09 -08:00
fanmin shi
2ca1823a96
v3rpc: LeaseTimeToLive returns TTL=-1 resp on lease not found
2017-02-10 16:33:31 -08:00
Hitoshi Mitake
0191509637
auth, etcdserver: authenticate clients based on certificate CommonName
...
This commit lets v3 auth mechanism authenticate clients based on
CommonName of certificate like v2 auth.
2017-01-31 17:22:12 +09:00
sharat
5ac4e4255a
v3rpc: error for non empty lease with 'ignore_lease'
2017-01-25 03:04:07 +05:30
Xiang Li
26d99269c0
Merge pull request #6898 from mitake/auth-maintain
...
RFC, WIP: etcdserver: let maintenance services require root role
2017-01-14 11:22:14 -08:00
Hitoshi Mitake
9886e9448e
auth, etcdserver: let maintenance services require root role
...
This commit lets maintenance services require root privilege. It also
moves AuthInfoFromCtx() from etcdserver to auth pkg for cleaning purpose.
2017-01-14 19:36:24 +09:00
Gyu-Ho Lee
e655420d33
v3rpc: error for non-empty value with ignore_value
2017-01-13 15:13:18 -08:00
Gyu-Ho Lee
ea94aea136
etcdserver/api: add 3.2 in capability
2017-01-13 14:00:03 -08:00
Hitoshi Mitake
d431b64d97
etcdserver, clientv3: handle a case of expired auth token
...
This commit adds a mechanism of handling a case of expired auth token
to clientv3. If a server returns an error code
grpc.codes.Unauthenticated, newRetryWrapper() tries to get a new token
and use it as an option of PerRPCCredential.
Fixes https://github.com/coreos/etcd/issues/7012
2017-01-12 11:49:02 +09:00
Gyu-Ho Lee
2b5f9e1c6b
etcdserver: expose ErrNotEnoughStartedMembers
...
Fix https://github.com/coreos/etcd/issues/7072 .
2017-01-03 15:23:06 -08:00
Anthony Romano
e2463569e7
v2http: submit QGET in health endpoint if no progress
...
Removing the periodic SYNC calls broke the health endpoint since the
raft index stops updating. Instead, don't bother monitoring the
raft index; issue a QGET directly to get a consensus response.
Fixes #6985
2016-12-28 12:20:56 -08:00
fanmin shi
89b18ff1af
Merge pull request #7015 from fanminshi/fix_lease_expired_too_soon
...
lease: force leader to apply its pending committed index for lease op…
2016-12-27 11:26:15 -08:00
fanmin shi
fef4a79528
lease: force leader to apply its pending committed index for lease operations
...
suppose a lease granting request from a follower goes through and followed by a lease look up or renewal, the leader might not apply the lease grant request locally. So the leader might not find the lease from the lease look up or renewal request which will result lease not found error. To fix this issue, we force the leader to apply its pending commited index before looking up lease.
FIX #6978
2016-12-22 14:24:38 -08:00
Anthony Romano
87b1d9571f
v3api, rpctypes: add ErrTimeoutDueToConnectionLost
...
Lack of GRPC code was causing this to look like a halting error to the client.
2016-12-16 10:25:35 -08:00
Gyu-Ho Lee
eb8646a381
v3rpc: remove unused 'splitMethodName' function
2016-12-12 10:07:14 -08:00
Anthony Romano
2c06def8ca
etcdserver, embed, v2http: move pprof setup to embed
...
Seems like a better place for prof setup since it's not specific to v2.
2016-12-09 12:37:35 -08:00
Anthony Romano
be1f36d97c
v3rpc, etcdserver, leasehttp: ctxize Renew with request timeout
...
Would retry a few times before returning a not primary error that
the client should never see. Instead, use proper timeouts and
then return a request timeout error on failure.
Fixes #6922
2016-12-06 14:09:57 -08:00
Anthony Romano
9a20743190
v3rpc: don't close watcher if client closes send
...
grpc-gateway will CloseSend but still want to receive updates.
2016-11-17 15:33:37 -08:00
Gyu-Ho Lee
5e810e30cc
v3rpc: replace grpc metrics w/ go-grpc-prometheus
...
And disable histogram
2016-11-14 15:20:09 -08:00
Gyu-Ho Lee
67082e5bd1
v3rpc: add gRPC active streamsGauge
2016-11-04 11:09:20 -07:00
Hitoshi Mitake
f85701a46f
auth, etcdserver: forbid adding a user with empty name
2016-11-03 13:45:39 +09:00
fanmin shi
ea9e857eb9
Merge pull request #6599 from fanminshi/lease_error_type_fix
...
Lease: Add lease errors to togRPCError()
2016-10-06 15:47:51 -07:00
fanmin shi
a862fd9f0f
Lease: Add lease errors to togRPCError()
...
This allows lease's function to convert lease error to appropriate GRPC errors
2016-10-06 14:29:31 -07:00
Xiang Li
10cafe56b8
v3rpc: return nil as error explicitly
2016-10-06 14:14:43 -07:00
Xiang Li
962433c17f
*: set repo correctly for logging
2016-10-03 17:03:22 +08:00
Xiang Li
c6feb695dc
api: update capability map
2016-09-16 14:34:55 +08:00
Liam Haworth
5cfa9e2384
etcdserver, api, v2http, client: Added support for semicolons
...
Added support into the v2 API to fix an issue (6433) where if there is a semicolon
and fields after it the API would return an "invalid Content-type" message even
if the content type was actually correct
2016-09-15 13:54:22 +10:00
Gyu-Ho Lee
63b0cd470d
etcdserver: implement 'LeaseTimeToLive'
2016-09-09 08:14:14 +09:00
Gyu-Ho Lee
0712ebc9b5
v2http: handle '/leases/internal'
2016-09-09 08:12:31 +09:00
Anthony Romano
1defeda792
v3api, rpctypes: add ErrUnhealthy
2016-09-07 16:51:49 -07:00
Gyu-Ho Lee
2da7b63809
v2http: change to 'NoValueOnSuccess'
2016-08-30 10:53:02 -07:00
Gyu-Ho Lee
572bfd99ff
v2http: update function returns
2016-08-30 10:29:37 -07:00
Michael Fraenkel
82053f04b2
client: do not send previous node data (optional)
...
- Do not send back node data when specified
- remove node and prevNode when noDataOnSuccess is set
2016-08-30 10:04:09 -07:00
Anthony Romano
64ac631863
rpctypes: set unknown codes to Unknown instead of internal
...
An unrecognized error code isn't "very broken".
2016-08-28 19:37:35 -07:00
Anthony Romano
df54ad2208
v3rpc, rpctypes: add error types for timeouts
2016-08-26 09:22:09 -07:00
Gyu-Ho Lee
f91f7dfb91
v2http: fix tests to use new clockwork
2016-08-16 16:36:24 -07:00
Gyu-Ho Lee
4d3b281369
etcdserver: fix spell errors
2016-08-13 20:54:48 -07:00
Anthony Romano
9063ce5e3f
etcdserver, embed: stricter reconfig checking
...
Make --strict-reconfig-check a default and check if cluster is healthy when
adding a member.
2016-08-05 16:59:25 -07:00
Gyu-Ho Lee
87498e0209
v2http: use guest access in non-TLS mode
...
Fix https://github.com/coreos/etcd/issues/6075 .
2016-08-01 14:00:38 -07:00
Anthony Romano
de2c3ec3db
etcdserver, api, membership: don't race on setting version
...
Fixes #6029
2016-07-26 18:21:40 -07:00
Gyu-Ho Lee
5066981cc7
v2http: test with 'ClientCertAuthEnabled'
2016-07-20 16:24:33 -07:00
Gyu-Ho Lee
25aeeb35c3
v2http: set 'ClientCertAuthEnabled' in client.go
2016-07-20 16:24:15 -07:00
Gyu-Ho Lee
68ece954fb
v2http: add 'ClientCertAuthEnabled' in handlers
2016-07-20 16:23:41 -07:00
Gyu-Ho Lee
0f0d32b073
v2http: move 'testdata' from 'etcdhttp'
2016-07-20 16:20:42 -07:00
rob boll
ff5709bb41
v2http: client cert cn authentication
...
introduce client certificate authentication using certificate cn.
2016-07-20 16:20:13 -07:00
rob boll
ab17165352
v2http: refactor http basic auth
...
refactor http basic auth code to combine basic auth extraction and validation
2016-07-20 16:20:05 -07:00
Anthony Romano
299ebc6137
v3rpc: don't elide next progress notification on progress notification
...
Fixes #5878
2016-07-20 11:37:20 -07:00
Anthony Romano
8abae076d1
rpctypes, clientv3: retry RPC on EtcdStopped
...
Fixes #5983
2016-07-19 18:29:12 -07:00
Xiang Li
58aa3483c3
grpcproxy: add filter to watcher
2016-07-18 13:02:34 -07:00
Anthony Romano
51c5c307fa
rpctypes: test error equivalence with Error()
...
grpc.Errorf() now returns *rpcError, which makes comparisons shallow.
2016-07-14 15:59:06 -07:00
Xiang Li
b0f2e5e64a
Merge pull request #5927 from xiang90/pacing
...
*: deny proposals when there is a huge gap between apply/commit
2016-07-14 11:47:53 -07:00
Xiang Li
27b03f0ed5
*: deny proposals when there is a huge gap between apply/commit
2016-07-14 10:02:55 -07:00
Xiang Li
81d5ae3ce1
rpctypes: use permission deny code for permission deny error
2016-07-13 10:32:10 -07:00
Xiang Li
b9f6de9277
Merge pull request #5895 from smallfish/master
...
etcdserver/api/v2http, Documentation: fix debug pprof index miss / in end
2016-07-12 07:10:53 -07:00
smallfish
e6d15b966c
etcdserver/api/v2http, Documentation: fix debug pprof index miss / in end
2016-07-08 10:21:05 +08:00
Xiang Li
427496ebb8
v3rpc: lock progress and prevKV map correctly
2016-07-07 15:01:05 -07:00
Xiang Li
929d6ab62c
Merge pull request #5850 from xiang90/get_o_kv
...
*: support get-old-kv in watch
2016-07-05 16:37:24 -07:00
Xiang Li
c853704ac9
*: support get-old-kv in watch
2016-07-05 16:17:09 -07:00
Xiang Li
70bf768005
Merge pull request #5861 from xiang90/fix_watch
...
v3rpc: do not panic on user error for watch
2016-07-03 13:56:33 -07:00
Xiang Li
13a4056327
v3rpc: do not panic on user error for watch
2016-07-03 08:57:48 -07:00
Gyu-Ho Lee
ba023e539a
etcdserver/api: print only major.minor version API
...
Before
2016-07-01 14:57:50.927170 I | api: enabled capabilities for version 3.0.0
After
2016-07-01 14:57:50.927170 I | api: enabled capabilities for version 3.0
2016-07-01 14:58:06 -07:00
Xiang Li
bc6d7659af
Merge pull request #5795 from xiang90/filter
...
*: support watch with filters
2016-06-28 14:07:12 -07:00
Xiang Li
dced92f8bd
*: support watch with filters
...
Now user can filter events with types. The API is also extensible.
It might make sense for the proxy to filter out events based on
more expensive/customized filter.
2016-06-28 13:46:57 -07:00
Hitoshi Mitake
8df37d53d6
auth, etcdserver: let Authenticate() fail if auth isn't enabled
...
Successful Authenticate() would be confusing and make trouble shooting
harder if auth isn't enabled in a cluster.
2016-06-26 22:49:23 -07:00
Gyu-Ho Lee
a1c7a7df5e
*: use capnslog for grpclog
2016-06-20 20:35:03 -07:00
Xiang Li
e5583b26eb
Merge pull request #5711 from xiang90/client_bytes
...
*: add client network metrics
2016-06-20 12:03:18 -07:00
Xiang Li
35fd81e465
*: add client network metrics
2016-06-20 11:18:06 -07:00
Xiang Li
6f28b43806
*: fix pending events metrics
2016-06-19 23:00:39 -07:00
Hitoshi Mitake
18253e2723
*: support getting all users and roles in auth v3
...
This commit expands RPCs for getting user and role and support list up
all users and roles. etcdctl v3 is now support getting all users and
roles with the newly added option --all e.g. etcdctl user get --all
2016-06-17 16:22:41 +09:00
Xiang Li
da2f2a5189
auth: add root user and root role
2016-06-08 19:55:08 -07:00
Anthony Romano
62f8ec25c0
clientv3: use grpc reconnection logic
2016-06-08 01:04:59 -07:00
Gyu-Ho Lee
6e149e3485
etcdserver: following updates for proto change
2016-06-07 13:32:07 -07:00
Xiang Li
83ce1051ff
auth: make naming consistent
2016-06-07 10:54:50 -07:00
Hitoshi Mitake
94f22e8a07
*: rename RPCs and structs related to revoking
...
This commit renames RPCs and structs related to revoking.
1. UserRevoke -> UserRevokeRole
2. RoleRevoke -> RoleRevokePermission
2016-06-05 16:57:23 +09:00
Hitoshi Mitake
60fc1e4d4e
auth, etcdserver: error codes for revoking non existing role and permission
...
This commit adds error codes for representing revoking non existing
role (from user) and permission (from role).
2016-06-05 16:41:10 +09:00
Hitoshi Mitake
c7a1423d45
*: support deleting a role in auth v3
...
This commit implements RoleDelete() RPC for supporting deleting a role
in auth v3. It also adds a new subcommand "role delete" to etcdctl.
2016-06-04 13:42:45 +09:00
Hitoshi Mitake
0cb1343109
*: support revoking a key from a role in auth v3
...
This commit implements RoleRevoke() RPC for supporting revoking a key
from a role in auth v3. It also adds a new subcommand "role revoke" to
etcdctl.
2016-06-04 13:42:45 +09:00
Hitoshi Mitake
957b07c408
*: support revoking a role from a user in auth v3
...
This commit implements UserRevoke() RPC for supporting revoking a role
from a user in auth v3. It also adds a new subcommand "user revoke" to
etcdctl.
2016-06-04 13:39:26 +09:00
Hitoshi Mitake
10ee69b44c
*: support getting role in auth v3
...
This commit implements RoleGet() RPC of etcdserver and adds a new
subcommand "role get" to etcdctl v3. It will list up permissions that
are granted to a given role.
$ ETCDCTL_API=3 bin/etcdctl role get r1
Role r1
KV Read:
b
d
KV Write:
a
c
d
2016-06-03 13:03:54 +09:00
Hitoshi Mitake
5609fdb9a8
*: support getting user in etcdctl v3
...
This commit adds a new subcommand "user get" to etcdctl v3. It will
list up roles that are granted to a given user.
Example:
$ ETCDCTL_API=3 bin/etcdctl user get u1
User: u1
Roles: r1 r2 r3
This commit also modifies the layout of InternalRaftRequest for
frequent update of auth related members.
2016-06-02 12:10:19 +09:00
Anthony Romano
7709cd84bb
Merge pull request #5505 from heyitsanthony/v3rpc-watcher-close
...
v3rpc: fix race on ctrl channel when watcher stream closes
2016-05-31 14:24:10 -07:00
Gyu-Ho Lee
283318d547
v3rpc: add ErrConnClosed for closed client
...
For https://github.com/coreos/etcd/issues/5495 .
2016-05-31 11:15:01 -07:00
Anthony Romano
09e8f5782e
v3rpc: fix race on closing watcher stream ctrl channel
...
Sometimes close would race with the recvLoop, leading the
recvLoop to write to a close channel.
2016-05-31 11:07:31 -07:00
Xiang Li
6f8cc58214
Merge pull request #5490 from mitake/errcode
...
etcdserver, auth: not return grpc error code directly in the apply phase
2016-05-30 22:00:54 -07:00
Anthony Romano
9c767cbf98
Merge pull request #5464 from heyitsanthony/fix-victim-watchers
...
mvcc: tighten up watcher cancelation and revision handling
2016-05-30 20:09:39 -06:00
Hitoshi Mitake
5144318af0
etcdserver, auth: not return grpc error code directly in the apply phase
...
Current permission checking mechanism doesn't return its error code
well. The internal error (code = 13) is returned to client and the
retry mechanism doesn't work well. This commit fixes the problem.
2016-05-31 11:04:34 +09:00
Hitoshi Mitake
8e821cdc70
*: do permission check in raft log apply phase
...
This commit lets etcdserver check permission during its log applying
phase. With this change, permission checking of operations is
supported.
Currently, put and range are supported. In addition, multi key
permission check of range isn't supported yet.
2016-05-29 00:05:48 +09:00
Anthony Romano
c438310634
v3rpc: make watcher wait for its send goroutine to finish
2016-05-27 16:54:26 -07:00
Anthony Romano
fc7da09d67
*: add missing godoc package descriptions
...
Fixes #4074
2016-05-27 15:15:26 -07:00
Xiang Li
1c544c3ba5
api: add v3rpc capability
2016-05-23 14:45:08 -07:00
Anthony Romano
ac2e3e43bf
v3rpc: add sha trailer to snapshot
2016-05-16 11:15:03 -07:00
Gyu-Ho Lee
abb4cd5646
etcdserver: update LICENSE header
2016-05-12 20:49:40 -07:00
Xiang Li
9c103dd0de
*: cancel required leader streams when memeber lost its leader
2016-05-12 19:42:21 -07:00
Xiang Li
19221b33cc
*: etcd member rejects unary call with leader requirement when it does not have leader
2016-05-11 16:34:34 -07:00
Xiang Li
0d43a2b7e7
Merge pull request #5295 from ajityagaty/auth_disable
...
auth: Adding support for "auth disable" command.
2016-05-07 23:09:37 -07:00
Ajit Yagaty
adc981c53d
auth: Adding support for "auth disable" command.
...
Added support for the auth disable command in the server, added the
etcdctl command and a respective testcase.
2016-05-07 19:21:49 -07:00
Gyu-Ho Lee
74ea9ea5cd
*: bump to 3.0.0-beta.0
2016-05-06 13:09:50 -07:00
Gyu-Ho Lee
3c2d0a229c
v2http: allow empty role for GET /users
...
Fix https://github.com/coreos/etcd/issues/5246 .
2016-05-06 11:39:38 -07:00
Xiang Li
98031a3b6e
Merge pull request #5249 from xiang90/metrics
...
*: add metrics for grpc api
2016-05-05 14:19:46 -07:00
Xiang Li
063307ec0a
*: add metrics for grpc api
2016-05-05 13:45:52 -07:00
Gyu-Ho Lee
a288188001
*: typo, remove string type assertions
2016-05-03 10:59:57 -07:00
Gyu-Ho Lee
064c1ff0f3
etcdserver/api/v3rpc: use Revision from Hash API
2016-05-02 15:06:39 -07:00
Gyu-Ho Lee
506cf1f03f
etcdserver/api/v3rpc: use new errors
2016-04-29 12:00:26 -07:00
Gyu-Ho Lee
2b361cf06b
rpctypes: define a new error interface
2016-04-29 12:00:22 -07:00
Gyu-Ho Lee
f613052435
rpctypes: Error function to convert clientv3 error
2016-04-28 12:16:13 -07:00
Anthony Romano
06ea8aee11
v3rpc: only fill lease grant header if no error
...
Was panicking under cluster fault injection.
2016-04-27 16:28:40 -07:00
Xiang Li
afd2cc7373
Merge pull request #5206 from xiang90/lease_header
...
v3rpc: fill lease header
2016-04-27 11:18:00 -07:00
Xiang Li
c3de53c23c
v3rpc: fill lease header
2016-04-27 10:30:23 -07:00
Anthony Romano
af1a0b60e2
etcdserver: respond with ttl=0 for revoked lease keep alive
...
Fixes #5172
2016-04-26 13:53:20 -07:00
Anthony Romano
b7ac758969
*: rename storage package to mvcc
2016-04-25 15:25:51 -07:00
Hitoshi Mitake
131e3806bb
*: support authenticate in v3 auth
...
This commit implements Authenticate() API of the auth package. It does
authentication based on its authUsers bucket and generate a token for
succeeding RPCs.
2016-04-21 12:32:19 +09:00
Gyu-Ho Lee
86f580fa8f
v3rpc: bytes-key map look-up gc optimization
...
This change
f5f5a8b620
just got merged to go1.6.1 where Go does special optimization for x =
m[string(k)] where k is []byte.
2016-04-17 10:52:19 -07:00
Gyu-Ho Lee
641a1a66e1
*: fix govet -shadow in go tip
2016-04-15 07:39:52 -07:00
Gyu-Ho Lee
b78886239e
*: remove IsLeader field in Member API server side
2016-04-13 16:23:33 -07:00
Gyu-Ho Lee
89f8e66682
*: fixes based on ineffassign
2016-04-13 10:41:58 -07:00
mqliang
a9a06438f9
etcdctlv3: expose db size and raft status in server side
2016-04-12 22:49:15 +08:00
Anthony Romano
be822b05d2
Merge pull request #5012 from heyitsanthony/snap-api
...
*: snapshot RPC
2016-04-11 13:00:18 -07:00
Anthony Romano
a6b6fcf1c4
etcdserverpb, v3rpc: add Snapshot to Maintenance RPC service
2016-04-11 09:51:16 -07:00
Hitoshi Mitake
7ba2646d37
*: support granting a role to a user in v3 auth
2016-04-11 15:53:30 +09:00
Hitoshi Mitake
02033b4c47
*: support granting key permission to role in v3 auth
2016-04-11 12:23:19 +09:00
Gyu-Ho Lee
953a08d841
*: clean up from gosimple
2016-04-08 11:55:03 -07:00
Anthony Romano
2b7ad35fa0
v2http: only report capabilities on update
2016-04-07 20:14:30 -07:00
Gyu-Ho Lee
d78345244b
*: log, expect by capability check
2016-04-07 17:18:51 -07:00
Anthony Romano
c91c7ca3bf
Merge pull request #4961 from heyitsanthony/rename-lease-create
...
*: rename lease Create to Grant
2016-04-07 14:51:22 -07:00
Xiang Li
bf2289ae00
etcdserver: move membership related code to membership pkg
2016-04-07 14:21:37 -07:00
Anthony Romano
dc17eaace7
*: rename Lease Create to Grant
...
Creating a lease through the client API interface union looked like
"c.Create(...)"-- the method name wasn't very descriptive.
2016-04-07 12:28:14 -07:00