65464838ba
Merge pull request #9065 from gyuho/watch-id-2
...
*: allow user-provided watch ID to mvcc
2018-01-05 15:08:10 -08:00
5b2f5150d9
etcdserver/api/v3rpc: set grpclog once
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2018-01-02 10:12:49 -08:00
9e11ef3ad5
etcdserver,embed: discard gRPC info logs when debug is off
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2018-01-02 09:29:07 -08:00
9a50255515
etcdserver/api/v3rpc: log stream error with debug level
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2018-01-02 07:44:07 -08:00
33c732b97c
api/v3rpc: add watch ID to "watchStream.Watch"
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-31 13:20:41 -08:00
b3ec44ca99
etcdserver/api: add 3.3.0 as compatible server capability
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-20 13:34:12 -08:00
497412c588
clientv3: call other APIs with default gRPC call options
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-20 10:58:05 -08:00
f87760998b
clientv3: call KV/Txn APIs with default gRPC call options
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-20 10:58:05 -08:00
bcd5390b35
*: regenerate protobuf, grpc-gateway
...
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
2017-12-07 21:31:13 -08:00
6bd41f36ff
api/v3rpc: log grpc stream send/recv errors in server-side
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-29 17:34:05 -08:00
cbe8c7eda7
Merge pull request #8880 from gyuho/v3beta-endpoint
...
*: replace grpc-gateway endpoint with /v3beta
2017-11-16 09:42:19 -08:00
627cffd6f8
*: initialize gRPC server metrics with zero values
2017-11-15 11:21:29 +01:00
ab526e8814
*: regenerate proto, swagger specs
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-15 01:22:09 -08:00
ce6bb4f1c9
etcdserver: replace /v3alpha with /v3beta in proto definitions
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-15 01:19:53 -08:00
527d03e0d2
etcdserver: update metrics to use promhttp
...
Update api/etcdhttp/metrics.go to use promhttp.Handler() instead of prometheus.Handler()
fixes #8729
2017-11-10 09:47:49 -08:00
c0c19465fc
*: upgrade grpc-gateway to v1.3
2017-11-08 18:38:41 -08:00
f48fe8ecda
api/v3rpc: do not convert server context error to grpc/*status.statusError
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-06 17:32:23 -08:00
5d98710b2e
api/v3rpc: deprecate grpc.Errorf
...
It's been deprecated as of grpc/grpc-go v1.6.x.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-11-04 22:08:17 -07:00
2feb8ba545
v3rpc/rpctypes: use codes.FailedPrecondition for ErrGRPCNotLeader
...
Changes ErrGRPCNotLeader error code to FailedPrecondition,
to disable retry with unavailable.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-10-20 14:28:17 -07:00
1109c6c321
etcdserver/api/etcdhttp: document package in doc.go
...
It was missing from godoc.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-10-06 10:47:47 -07:00
0199bdc266
*: fix 'ineffassign' issues
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-10-03 10:14:33 -07:00
32e15d790f
api/rpc: accept grpc.ServerOption's for keepalive policy
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-28 10:55:00 -07:00
9553afbb24
Merge pull request #8533 from gyuho/grpc
...
*: upgrade grpclog to LoggerV2
2017-09-12 03:53:04 -07:00
18ba4d60ec
v3rpc/rpctypes: use grpc.status for errors
...
grpc.Code, grpc.ErrorDesc, grpc.Errorf have been deprecated.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-11 09:20:03 -07:00
f37ff4a4e2
v3rpc: use grpclog.LoggerV2 for grpc logs
...
grpclog.Logger has been deprecated.
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-08 15:25:36 -07:00
f65aee0759
*: replace 'golang.org/x/net/context' with 'context'
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-09-07 13:39:42 -07:00
8091be6e97
v2v3: ServerV2 backed by clientv3
2017-08-31 11:47:40 -07:00
1d3afd4bb5
etcdhttp, v2http, etcdserver: use etcdserver.{Server,ServerV2} interfaces
2017-08-31 11:47:40 -07:00
d2ca782277
v3rpc: limit recv size using MaxRecvMsgSize and send using MaxSendMsgSize
...
grpc 1.3 uses MaxMsgSize() to limit received message size. However, grpc 1.4 introduces a 4mb default limit on send message size. In etcd, server shouldn't be limit size of message that it can be sent. Hence, set maximum size of send message using MaxSendMsgSize().
2017-08-22 14:31:01 -07:00
35dffc7bc1
rpctypes,v3rpc: add Corrupt error code
2017-08-22 09:59:59 -07:00
d25ae50c02
etcdserver: implement LeaseLeases API
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-08-14 14:18:56 -07:00
cd37ef2c1b
*: expose etcdhttp.Health, define proxy health handler
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-31 14:07:54 -07:00
4267d368df
api/etcdhttp: serve error information in '/health', marshal health in JSON
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-27 15:36:59 -07:00
2a348fb8e9
Merge pull request #8263 from fanminshi/hash_by_rev
...
api: hash by rev
2017-07-26 11:22:33 -07:00
74c8050adc
*: use etcdhttp.Handle* for health, prometheus handlers
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-26 06:23:55 -07:00
78432e3bd2
etcdhttp: add metrics.go for metrics, health handler
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-26 06:23:55 -07:00
6fb08672d8
v3rpc: set canceled=true when stream is compacted
...
Fixes #8231
2017-07-25 12:36:01 -07:00
61a736a068
etcdserver: check alarms in health handler
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-07-18 15:51:28 -07:00
fbb75d24a4
v3rpc: add HashKV to server rpc
2017-07-14 16:44:00 -07:00
0a2b580f73
Merge pull request #8238 from yudai/allow_more_streams
...
v3rpc: Let clients establish unlimited streams
2017-07-11 18:21:09 -07:00
52101e6e93
v3rpc: Let clients establish unlimited streams
...
From go-grpc v1.2.0, the number of max streams per client is set to 100
by default by the server side. This change makes it impossible
for third party proxies and custom clients to establish many streams.
2017-07-11 13:02:01 -07:00
e29db923bc
*: move v2http handlers without /v2 prefix to etcdhttp
...
Lets --enable-v2=false configurations provide /metrics, /health, etc.
Fixes #8167
2017-07-07 18:35:57 -07:00
b1a0ae3a3e
etcdserver/api/v3rpc: add 'MoveLeader' to 'maintenanceServer'
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-23 12:51:24 -07:00
939bbd77c0
etcdserver/*: add 'ErrNotLeader'
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-23 12:46:07 -07:00
6ed51dc621
etcdserver, v3rpc: support nested txns
2017-06-21 14:33:15 -07:00
c1e3172e3a
etcdserver/api/v3rpc: add default grpc health service
2017-06-20 10:48:06 -07:00
5e059fd8dc
*: use metadata Incoming/OutgoingContext
...
Fix https://github.com/coreos/etcd/issues/7888 .
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-06-15 16:41:23 -07:00
4ebeba0e18
*: regen protofiles with latest protobuf tools
2017-06-12 15:14:43 -07:00
c2dadbd9f8
v2http: put back /v2/machines and mark as non-deprecated
...
This reverts commit 2bb33181b6
2017-06-08 09:39:11 -07:00
fb086ef13f
v3rpc: dedup resp.Header == nil checks
2017-06-07 09:25:42 -07:00
8542f2e673
v3rpc: use map for translating errors to grpc errors
...
Switch statement had poor coverage, use a map instead
2017-06-06 16:55:44 -07:00
d8210da505
v3rpc: treat nil txn request op as error
...
Fixes #7889
2017-05-31 12:39:52 -07:00
68a72c6b6e
v3rpc: change grpc max recv size as needed.
2017-05-25 11:01:51 -07:00
e9f464debc
integration: creation of cluster now takes maxTxnOps
2017-05-24 14:48:44 -07:00
ae7ddfb483
etcdserver: add --max-txn-ops flag
...
--max-txn-ops allows users to define the maximum transaction operations
for each txn request. it defaults at 128.
Fixes #7826
2017-05-24 10:32:32 -07:00
939912c425
clientv3, etcdserver: support auth in Watch()
2017-05-20 11:34:45 +09:00
010ffc0692
v3rpc: remove duplicated error case for lease.ErrLeaseNotFound
2017-05-08 20:09:41 -07:00
3ce31acda4
v3client: wrap watch ctxs with blank ctx
...
Printing the values in ctx.String() will data race if the value
is mutable and doesn't implement String(), which seems to be common.
Instead, just return a fixed string instead of computing it; v3client
watches don't need as much flexibility for creating separate strings,
so separate ctx strings probably aren't necessary at this point.
Fixes #7811
2017-04-25 15:03:06 -07:00
2bb33181b6
v2http: remove deprecated /v2/machines path
2017-04-22 03:11:21 -07:00
393e4335b7
*: put gateway stubs into their own packages
...
Fixes #7773
2017-04-19 13:09:06 -07:00
957c9cd1df
Merge pull request #7734 from mitake/status-auth
...
etcdserver: let Status() not require authentication
2017-04-13 15:53:33 -07:00
67f2e41f20
etcdserver: let Status() not require authentication
...
The information that can be obtained with the RPC doesn't need to be
protected.
Fix https://github.com/coreos/etcd/issues/7721
2017-04-13 17:39:09 +09:00
d9ec6b4d22
*: return updated member list in v3 rpcs
...
Now it's possible to atomically know the new member configuration from
issuing a membership change RPC.
2017-04-12 16:24:51 -07:00
78a5eb79b5
*: add swagger and grpc-gateway assets for v3lock and v3election
2017-04-10 15:21:07 -07:00
dc8115a534
v3election: Election RPC service
...
Fixes #7589
2017-04-07 16:36:38 -07:00
135a40751e
v3rpc: force RangeEnd=nil if length is 0
...
gRPC will replace empty strings with nil, but for the embedded case it's
possible for []byte{} to slip in and confuse the single key / >= key
watch logic.
2017-04-07 16:36:38 -07:00
7f2d6b3ef6
clientv3,v3client: add cluster embedded client
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-04-04 08:14:18 -07:00
833769f59f
v3rpc: return leader loss error if lease stream is canceled
...
Canceling the stream won't cancel the receive since it's using the internal
grpc context, not the one assigned by etcd.
2017-03-30 20:18:33 -07:00
0bf110e27f
clientv3,v3client: maintenance to embedded client
...
Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
2017-03-28 14:12:43 -07:00
c40b86bcde
auth, etcdserver: forbid invalid auth management
...
If auth is enabled,
1. deleting the user root
2. revoking the role root from the user root
must not be allowed. This commit forbids them.
2017-03-23 16:47:58 +09:00
dea2516177
v3client: fix doc to use e.Server
...
Was passing embed.Etcd instead of etcdserver.EtcdServer.
2017-03-15 09:17:17 -07:00
01d1a579bc
v3client: add example and godoc New
2017-03-14 10:50:41 -07:00
47cd9d0277
v3lock: server-side api for locking
2017-03-13 15:23:26 -07:00
763a37d3f1
v3client: a bridge between an etcdserver and a clientv3
2017-03-13 15:23:26 -07:00
5da5b834e5
api: default to V3 capability
...
Fixes #7154
2017-03-02 14:02:09 -08:00
2ca1823a96
v3rpc: LeaseTimeToLive returns TTL=-1 resp on lease not found
2017-02-10 16:33:31 -08:00
0191509637
auth, etcdserver: authenticate clients based on certificate CommonName
...
This commit lets v3 auth mechanism authenticate clients based on
CommonName of certificate like v2 auth.
2017-01-31 17:22:12 +09:00
5ac4e4255a
v3rpc: error for non empty lease with 'ignore_lease'
2017-01-25 03:04:07 +05:30
26d99269c0
Merge pull request #6898 from mitake/auth-maintain
...
RFC, WIP: etcdserver: let maintenance services require root role
2017-01-14 11:22:14 -08:00
9886e9448e
auth, etcdserver: let maintenance services require root role
...
This commit lets maintenance services require root privilege. It also
moves AuthInfoFromCtx() from etcdserver to auth pkg for cleaning purpose.
2017-01-14 19:36:24 +09:00
e655420d33
v3rpc: error for non-empty value with ignore_value
2017-01-13 15:13:18 -08:00
ea94aea136
etcdserver/api: add 3.2 in capability
2017-01-13 14:00:03 -08:00
d431b64d97
etcdserver, clientv3: handle a case of expired auth token
...
This commit adds a mechanism of handling a case of expired auth token
to clientv3. If a server returns an error code
grpc.codes.Unauthenticated, newRetryWrapper() tries to get a new token
and use it as an option of PerRPCCredential.
Fixes https://github.com/coreos/etcd/issues/7012
2017-01-12 11:49:02 +09:00
2b5f9e1c6b
etcdserver: expose ErrNotEnoughStartedMembers
...
Fix https://github.com/coreos/etcd/issues/7072 .
2017-01-03 15:23:06 -08:00
e2463569e7
v2http: submit QGET in health endpoint if no progress
...
Removing the periodic SYNC calls broke the health endpoint since the
raft index stops updating. Instead, don't bother monitoring the
raft index; issue a QGET directly to get a consensus response.
Fixes #6985
2016-12-28 12:20:56 -08:00
89b18ff1af
Merge pull request #7015 from fanminshi/fix_lease_expired_too_soon
...
lease: force leader to apply its pending committed index for lease op…
2016-12-27 11:26:15 -08:00
fef4a79528
lease: force leader to apply its pending committed index for lease operations
...
suppose a lease granting request from a follower goes through and followed by a lease look up or renewal, the leader might not apply the lease grant request locally. So the leader might not find the lease from the lease look up or renewal request which will result lease not found error. To fix this issue, we force the leader to apply its pending commited index before looking up lease.
FIX #6978
2016-12-22 14:24:38 -08:00
87b1d9571f
v3api, rpctypes: add ErrTimeoutDueToConnectionLost
...
Lack of GRPC code was causing this to look like a halting error to the client.
2016-12-16 10:25:35 -08:00
eb8646a381
v3rpc: remove unused 'splitMethodName' function
2016-12-12 10:07:14 -08:00
2c06def8ca
etcdserver, embed, v2http: move pprof setup to embed
...
Seems like a better place for prof setup since it's not specific to v2.
2016-12-09 12:37:35 -08:00
be1f36d97c
v3rpc, etcdserver, leasehttp: ctxize Renew with request timeout
...
Would retry a few times before returning a not primary error that
the client should never see. Instead, use proper timeouts and
then return a request timeout error on failure.
Fixes #6922
2016-12-06 14:09:57 -08:00
9a20743190
v3rpc: don't close watcher if client closes send
...
grpc-gateway will CloseSend but still want to receive updates.
2016-11-17 15:33:37 -08:00
5e810e30cc
v3rpc: replace grpc metrics w/ go-grpc-prometheus
...
And disable histogram
2016-11-14 15:20:09 -08:00
67082e5bd1
v3rpc: add gRPC active streamsGauge
2016-11-04 11:09:20 -07:00
f85701a46f
auth, etcdserver: forbid adding a user with empty name
2016-11-03 13:45:39 +09:00
ea9e857eb9
Merge pull request #6599 from fanminshi/lease_error_type_fix
...
Lease: Add lease errors to togRPCError()
2016-10-06 15:47:51 -07:00
a862fd9f0f
Lease: Add lease errors to togRPCError()
...
This allows lease's function to convert lease error to appropriate GRPC errors
2016-10-06 14:29:31 -07:00
10cafe56b8
v3rpc: return nil as error explicitly
2016-10-06 14:14:43 -07:00
962433c17f
*: set repo correctly for logging
2016-10-03 17:03:22 +08:00
c6feb695dc
api: update capability map
2016-09-16 14:34:55 +08:00
5cfa9e2384
etcdserver, api, v2http, client: Added support for semicolons
...
Added support into the v2 API to fix an issue (6433) where if there is a semicolon
and fields after it the API would return an "invalid Content-type" message even
if the content type was actually correct
2016-09-15 13:54:22 +10:00
63b0cd470d
etcdserver: implement 'LeaseTimeToLive'
2016-09-09 08:14:14 +09:00
0712ebc9b5
v2http: handle '/leases/internal'
2016-09-09 08:12:31 +09:00
1defeda792
v3api, rpctypes: add ErrUnhealthy
2016-09-07 16:51:49 -07:00
2da7b63809
v2http: change to 'NoValueOnSuccess'
2016-08-30 10:53:02 -07:00
572bfd99ff
v2http: update function returns
2016-08-30 10:29:37 -07:00
82053f04b2
client: do not send previous node data (optional)
...
- Do not send back node data when specified
- remove node and prevNode when noDataOnSuccess is set
2016-08-30 10:04:09 -07:00
64ac631863
rpctypes: set unknown codes to Unknown instead of internal
...
An unrecognized error code isn't "very broken".
2016-08-28 19:37:35 -07:00
df54ad2208
v3rpc, rpctypes: add error types for timeouts
2016-08-26 09:22:09 -07:00
f91f7dfb91
v2http: fix tests to use new clockwork
2016-08-16 16:36:24 -07:00
4d3b281369
etcdserver: fix spell errors
2016-08-13 20:54:48 -07:00
9063ce5e3f
etcdserver, embed: stricter reconfig checking
...
Make --strict-reconfig-check a default and check if cluster is healthy when
adding a member.
2016-08-05 16:59:25 -07:00
87498e0209
v2http: use guest access in non-TLS mode
...
Fix https://github.com/coreos/etcd/issues/6075 .
2016-08-01 14:00:38 -07:00
de2c3ec3db
etcdserver, api, membership: don't race on setting version
...
Fixes #6029
2016-07-26 18:21:40 -07:00
5066981cc7
v2http: test with 'ClientCertAuthEnabled'
2016-07-20 16:24:33 -07:00
25aeeb35c3
v2http: set 'ClientCertAuthEnabled' in client.go
2016-07-20 16:24:15 -07:00
68ece954fb
v2http: add 'ClientCertAuthEnabled' in handlers
2016-07-20 16:23:41 -07:00
0f0d32b073
v2http: move 'testdata' from 'etcdhttp'
2016-07-20 16:20:42 -07:00
ff5709bb41
v2http: client cert cn authentication
...
introduce client certificate authentication using certificate cn.
2016-07-20 16:20:13 -07:00
ab17165352
v2http: refactor http basic auth
...
refactor http basic auth code to combine basic auth extraction and validation
2016-07-20 16:20:05 -07:00
299ebc6137
v3rpc: don't elide next progress notification on progress notification
...
Fixes #5878
2016-07-20 11:37:20 -07:00
8abae076d1
rpctypes, clientv3: retry RPC on EtcdStopped
...
Fixes #5983
2016-07-19 18:29:12 -07:00
58aa3483c3
grpcproxy: add filter to watcher
2016-07-18 13:02:34 -07:00
51c5c307fa
rpctypes: test error equivalence with Error()
...
grpc.Errorf() now returns *rpcError, which makes comparisons shallow.
2016-07-14 15:59:06 -07:00
b0f2e5e64a
Merge pull request #5927 from xiang90/pacing
...
*: deny proposals when there is a huge gap between apply/commit
2016-07-14 11:47:53 -07:00
27b03f0ed5
*: deny proposals when there is a huge gap between apply/commit
2016-07-14 10:02:55 -07:00
81d5ae3ce1
rpctypes: use permission deny code for permission deny error
2016-07-13 10:32:10 -07:00
b9f6de9277
Merge pull request #5895 from smallfish/master
...
etcdserver/api/v2http, Documentation: fix debug pprof index miss / in end
2016-07-12 07:10:53 -07:00
e6d15b966c
etcdserver/api/v2http, Documentation: fix debug pprof index miss / in end
2016-07-08 10:21:05 +08:00
427496ebb8
v3rpc: lock progress and prevKV map correctly
2016-07-07 15:01:05 -07:00
929d6ab62c
Merge pull request #5850 from xiang90/get_o_kv
...
*: support get-old-kv in watch
2016-07-05 16:37:24 -07:00
c853704ac9
*: support get-old-kv in watch
2016-07-05 16:17:09 -07:00
70bf768005
Merge pull request #5861 from xiang90/fix_watch
...
v3rpc: do not panic on user error for watch
2016-07-03 13:56:33 -07:00
13a4056327
v3rpc: do not panic on user error for watch
2016-07-03 08:57:48 -07:00
ba023e539a
etcdserver/api: print only major.minor version API
...
Before
2016-07-01 14:57:50.927170 I | api: enabled capabilities for version 3.0.0
After
2016-07-01 14:57:50.927170 I | api: enabled capabilities for version 3.0
2016-07-01 14:58:06 -07:00
bc6d7659af
Merge pull request #5795 from xiang90/filter
...
*: support watch with filters
2016-06-28 14:07:12 -07:00
dced92f8bd
*: support watch with filters
...
Now user can filter events with types. The API is also extensible.
It might make sense for the proxy to filter out events based on
more expensive/customized filter.
2016-06-28 13:46:57 -07:00
8df37d53d6
auth, etcdserver: let Authenticate() fail if auth isn't enabled
...
Successful Authenticate() would be confusing and make trouble shooting
harder if auth isn't enabled in a cluster.
2016-06-26 22:49:23 -07:00
a1c7a7df5e
*: use capnslog for grpclog
2016-06-20 20:35:03 -07:00
e5583b26eb
Merge pull request #5711 from xiang90/client_bytes
...
*: add client network metrics
2016-06-20 12:03:18 -07:00
35fd81e465
*: add client network metrics
2016-06-20 11:18:06 -07:00
6f28b43806
*: fix pending events metrics
2016-06-19 23:00:39 -07:00
18253e2723
*: support getting all users and roles in auth v3
...
This commit expands RPCs for getting user and role and support list up
all users and roles. etcdctl v3 is now support getting all users and
roles with the newly added option --all e.g. etcdctl user get --all
2016-06-17 16:22:41 +09:00
da2f2a5189
auth: add root user and root role
2016-06-08 19:55:08 -07:00
62f8ec25c0
clientv3: use grpc reconnection logic
2016-06-08 01:04:59 -07:00
6e149e3485
etcdserver: following updates for proto change
2016-06-07 13:32:07 -07:00
83ce1051ff
auth: make naming consistent
2016-06-07 10:54:50 -07:00
94f22e8a07
*: rename RPCs and structs related to revoking
...
This commit renames RPCs and structs related to revoking.
1. UserRevoke -> UserRevokeRole
2. RoleRevoke -> RoleRevokePermission
2016-06-05 16:57:23 +09:00
60fc1e4d4e
auth, etcdserver: error codes for revoking non existing role and permission
...
This commit adds error codes for representing revoking non existing
role (from user) and permission (from role).
2016-06-05 16:41:10 +09:00
c7a1423d45
*: support deleting a role in auth v3
...
This commit implements RoleDelete() RPC for supporting deleting a role
in auth v3. It also adds a new subcommand "role delete" to etcdctl.
2016-06-04 13:42:45 +09:00
0cb1343109
*: support revoking a key from a role in auth v3
...
This commit implements RoleRevoke() RPC for supporting revoking a key
from a role in auth v3. It also adds a new subcommand "role revoke" to
etcdctl.
2016-06-04 13:42:45 +09:00
957b07c408
*: support revoking a role from a user in auth v3
...
This commit implements UserRevoke() RPC for supporting revoking a role
from a user in auth v3. It also adds a new subcommand "user revoke" to
etcdctl.
2016-06-04 13:39:26 +09:00
10ee69b44c
*: support getting role in auth v3
...
This commit implements RoleGet() RPC of etcdserver and adds a new
subcommand "role get" to etcdctl v3. It will list up permissions that
are granted to a given role.
$ ETCDCTL_API=3 bin/etcdctl role get r1
Role r1
KV Read:
b
d
KV Write:
a
c
d
2016-06-03 13:03:54 +09:00
5609fdb9a8
*: support getting user in etcdctl v3
...
This commit adds a new subcommand "user get" to etcdctl v3. It will
list up roles that are granted to a given user.
Example:
$ ETCDCTL_API=3 bin/etcdctl user get u1
User: u1
Roles: r1 r2 r3
This commit also modifies the layout of InternalRaftRequest for
frequent update of auth related members.
2016-06-02 12:10:19 +09:00
7709cd84bb
Merge pull request #5505 from heyitsanthony/v3rpc-watcher-close
...
v3rpc: fix race on ctrl channel when watcher stream closes
2016-05-31 14:24:10 -07:00
283318d547
v3rpc: add ErrConnClosed for closed client
...
For https://github.com/coreos/etcd/issues/5495 .
2016-05-31 11:15:01 -07:00
09e8f5782e
v3rpc: fix race on closing watcher stream ctrl channel
...
Sometimes close would race with the recvLoop, leading the
recvLoop to write to a close channel.
2016-05-31 11:07:31 -07:00
6f8cc58214
Merge pull request #5490 from mitake/errcode
...
etcdserver, auth: not return grpc error code directly in the apply phase
2016-05-30 22:00:54 -07:00
9c767cbf98
Merge pull request #5464 from heyitsanthony/fix-victim-watchers
...
mvcc: tighten up watcher cancelation and revision handling
2016-05-30 20:09:39 -06:00
5144318af0
etcdserver, auth: not return grpc error code directly in the apply phase
...
Current permission checking mechanism doesn't return its error code
well. The internal error (code = 13) is returned to client and the
retry mechanism doesn't work well. This commit fixes the problem.
2016-05-31 11:04:34 +09:00
8e821cdc70
*: do permission check in raft log apply phase
...
This commit lets etcdserver check permission during its log applying
phase. With this change, permission checking of operations is
supported.
Currently, put and range are supported. In addition, multi key
permission check of range isn't supported yet.
2016-05-29 00:05:48 +09:00
c438310634
v3rpc: make watcher wait for its send goroutine to finish
2016-05-27 16:54:26 -07:00
fc7da09d67
*: add missing godoc package descriptions
...
Fixes #4074
2016-05-27 15:15:26 -07:00
1c544c3ba5
api: add v3rpc capability
2016-05-23 14:45:08 -07:00
ac2e3e43bf
v3rpc: add sha trailer to snapshot
2016-05-16 11:15:03 -07:00
abb4cd5646
etcdserver: update LICENSE header
2016-05-12 20:49:40 -07:00
9c103dd0de
*: cancel required leader streams when memeber lost its leader
2016-05-12 19:42:21 -07:00
19221b33cc
*: etcd member rejects unary call with leader requirement when it does not have leader
2016-05-11 16:34:34 -07:00
0d43a2b7e7
Merge pull request #5295 from ajityagaty/auth_disable
...
auth: Adding support for "auth disable" command.
2016-05-07 23:09:37 -07:00
adc981c53d
auth: Adding support for "auth disable" command.
...
Added support for the auth disable command in the server, added the
etcdctl command and a respective testcase.
2016-05-07 19:21:49 -07:00
74ea9ea5cd
*: bump to 3.0.0-beta.0
2016-05-06 13:09:50 -07:00
3c2d0a229c
v2http: allow empty role for GET /users
...
Fix https://github.com/coreos/etcd/issues/5246 .
2016-05-06 11:39:38 -07:00
98031a3b6e
Merge pull request #5249 from xiang90/metrics
...
*: add metrics for grpc api
2016-05-05 14:19:46 -07:00
063307ec0a
*: add metrics for grpc api
2016-05-05 13:45:52 -07:00
a288188001
*: typo, remove string type assertions
2016-05-03 10:59:57 -07:00
064c1ff0f3
etcdserver/api/v3rpc: use Revision from Hash API
2016-05-02 15:06:39 -07:00
506cf1f03f
etcdserver/api/v3rpc: use new errors
2016-04-29 12:00:26 -07:00
2b361cf06b
rpctypes: define a new error interface
2016-04-29 12:00:22 -07:00
f613052435
rpctypes: Error function to convert clientv3 error
2016-04-28 12:16:13 -07:00
06ea8aee11
v3rpc: only fill lease grant header if no error
...
Was panicking under cluster fault injection.
2016-04-27 16:28:40 -07:00
afd2cc7373
Merge pull request #5206 from xiang90/lease_header
...
v3rpc: fill lease header
2016-04-27 11:18:00 -07:00
c3de53c23c
v3rpc: fill lease header
2016-04-27 10:30:23 -07:00
af1a0b60e2
etcdserver: respond with ttl=0 for revoked lease keep alive
...
Fixes #5172
2016-04-26 13:53:20 -07:00
b7ac758969
*: rename storage package to mvcc
2016-04-25 15:25:51 -07:00
131e3806bb
*: support authenticate in v3 auth
...
This commit implements Authenticate() API of the auth package. It does
authentication based on its authUsers bucket and generate a token for
succeeding RPCs.
2016-04-21 12:32:19 +09:00
86f580fa8f
v3rpc: bytes-key map look-up gc optimization
...
This change
f5f5a8b620
2016-04-17 10:52:19 -07:00
641a1a66e1
*: fix govet -shadow in go tip
2016-04-15 07:39:52 -07:00
b78886239e
*: remove IsLeader field in Member API server side
2016-04-13 16:23:33 -07:00
89f8e66682
*: fixes based on ineffassign
2016-04-13 10:41:58 -07:00
a9a06438f9
etcdctlv3: expose db size and raft status in server side
2016-04-12 22:49:15 +08:00
be822b05d2
Merge pull request #5012 from heyitsanthony/snap-api
...
*: snapshot RPC
2016-04-11 13:00:18 -07:00
a6b6fcf1c4
etcdserverpb, v3rpc: add Snapshot to Maintenance RPC service
2016-04-11 09:51:16 -07:00
7ba2646d37
*: support granting a role to a user in v3 auth
2016-04-11 15:53:30 +09:00
02033b4c47
*: support granting key permission to role in v3 auth
2016-04-11 12:23:19 +09:00
953a08d841
*: clean up from gosimple
2016-04-08 11:55:03 -07:00
2b7ad35fa0
v2http: only report capabilities on update
2016-04-07 20:14:30 -07:00
d78345244b
*: log, expect by capability check
2016-04-07 17:18:51 -07:00
c91c7ca3bf
Merge pull request #4961 from heyitsanthony/rename-lease-create
...
*: rename lease Create to Grant
2016-04-07 14:51:22 -07:00
bf2289ae00
etcdserver: move membership related code to membership pkg
2016-04-07 14:21:37 -07:00
dc17eaace7
*: rename Lease Create to Grant
...
Creating a lease through the client API interface union looked like
"c.Create(...)"-- the method name wasn't very descriptive.
2016-04-07 12:28:14 -07:00
Gyuho Lee