mirrors/etcd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,170 Commits 124 Branches 418 Tags
99a2d6c4b188ca6c090d4eca21d71c8b51da678e
Commit Graph

183 Commits

Author SHA1 Message Date
Xiang Li
957c9cd1df Merge pull request #7734 from mitake/status-auth 
etcdserver: let Status() not require authentication
 2017-04-13 15:53:33 -07:00
Hitoshi Mitake
67f2e41f20 etcdserver: let Status() not require authentication 
The information that can be obtained with the RPC doesn't need to be
protected.

Fix https://github.com/coreos/etcd/issues/7721
 2017-04-13 17:39:09 +09:00
Anthony Romano
d9ec6b4d22 *: return updated member list in v3 rpcs 
Now it's possible to atomically know the new member configuration from
issuing a membership change RPC.
 2017-04-12 16:24:51 -07:00
Anthony Romano
135a40751e v3rpc: force RangeEnd=nil if length is 0 
gRPC will replace empty strings with nil, but for the embedded case it's
possible for []byte{} to slip in and confuse the single key / >= key
watch logic.
 2017-04-07 16:36:38 -07:00
Anthony Romano
833769f59f v3rpc: return leader loss error if lease stream is canceled 
Canceling the stream won't cancel the receive since it's using the internal
grpc context, not the one assigned by etcd.
 2017-03-30 20:18:33 -07:00
Hitoshi Mitake
c40b86bcde auth, etcdserver: forbid invalid auth management 
If auth is enabled,
1. deleting the user root
2. revoking the role root from the user root
must not be allowed. This commit forbids them.
 2017-03-23 16:47:58 +09:00
fanmin shi
2ca1823a96 v3rpc: LeaseTimeToLive returns TTL=-1 resp on lease not found 2017-02-10 16:33:31 -08:00
Hitoshi Mitake
0191509637 auth, etcdserver: authenticate clients based on certificate CommonName 
This commit lets v3 auth mechanism authenticate clients based on
CommonName of certificate like v2 auth.
 2017-01-31 17:22:12 +09:00
sharat
5ac4e4255a v3rpc: error for non empty lease with 'ignore_lease' 2017-01-25 03:04:07 +05:30
Xiang Li
26d99269c0 Merge pull request #6898 from mitake/auth-maintain 
RFC, WIP: etcdserver: let maintenance services require root role
 2017-01-14 11:22:14 -08:00
Hitoshi Mitake
9886e9448e auth, etcdserver: let maintenance services require root role 
This commit lets maintenance services require root privilege. It also
moves AuthInfoFromCtx() from etcdserver to auth pkg for cleaning purpose.
 2017-01-14 19:36:24 +09:00
Gyu-Ho Lee
e655420d33 v3rpc: error for non-empty value with ignore_value 2017-01-13 15:13:18 -08:00
Hitoshi Mitake
d431b64d97 etcdserver, clientv3: handle a case of expired auth token 
This commit adds a mechanism of handling a case of expired auth token
to clientv3. If a server returns an error code
grpc.codes.Unauthenticated, newRetryWrapper() tries to get a new token
and use it as an option of PerRPCCredential.

Fixes https://github.com/coreos/etcd/issues/7012
 2017-01-12 11:49:02 +09:00
Gyu-Ho Lee
2b5f9e1c6b etcdserver: expose ErrNotEnoughStartedMembers 
Fix https://github.com/coreos/etcd/issues/7072.
 2017-01-03 15:23:06 -08:00
Anthony Romano
87b1d9571f v3api, rpctypes: add ErrTimeoutDueToConnectionLost 
Lack of GRPC code was causing this to look like a halting error to the client.
 2016-12-16 10:25:35 -08:00
Gyu-Ho Lee
eb8646a381 v3rpc: remove unused 'splitMethodName' function 2016-12-12 10:07:14 -08:00
Anthony Romano
be1f36d97c v3rpc, etcdserver, leasehttp: ctxize Renew with request timeout 
Would retry a few times before returning a not primary error that
the client should never see. Instead, use proper timeouts and
then return a request timeout error on failure.

Fixes #6922
 2016-12-06 14:09:57 -08:00
Anthony Romano
9a20743190 v3rpc: don't close watcher if client closes send 
grpc-gateway will CloseSend but still want to receive updates.
 2016-11-17 15:33:37 -08:00
Gyu-Ho Lee
5e810e30cc v3rpc: replace grpc metrics w/ go-grpc-prometheus 
And disable histogram
 2016-11-14 15:20:09 -08:00
Gyu-Ho Lee
67082e5bd1 v3rpc: add gRPC active streamsGauge 2016-11-04 11:09:20 -07:00
Hitoshi Mitake
f85701a46f auth, etcdserver: forbid adding a user with empty name 2016-11-03 13:45:39 +09:00
fanmin shi
ea9e857eb9 Merge pull request #6599 from fanminshi/lease_error_type_fix 
Lease: Add lease errors to togRPCError()
 2016-10-06 15:47:51 -07:00
fanmin shi
a862fd9f0f Lease: Add lease errors to togRPCError() 
This allows lease's function to convert lease error to appropriate GRPC errors
 2016-10-06 14:29:31 -07:00
Xiang Li
10cafe56b8 v3rpc: return nil as error explicitly 2016-10-06 14:14:43 -07:00
Xiang Li
962433c17f *: set repo correctly for logging 2016-10-03 17:03:22 +08:00
Gyu-Ho Lee
63b0cd470d etcdserver: implement 'LeaseTimeToLive' 2016-09-09 08:14:14 +09:00
Anthony Romano
1defeda792 v3api, rpctypes: add ErrUnhealthy 2016-09-07 16:51:49 -07:00
Anthony Romano
64ac631863 rpctypes: set unknown codes to Unknown instead of internal 
An unrecognized error code isn't "very broken".
 2016-08-28 19:37:35 -07:00
Anthony Romano
df54ad2208 v3rpc, rpctypes: add error types for timeouts 2016-08-26 09:22:09 -07:00
Gyu-Ho Lee
4d3b281369 etcdserver: fix spell errors 2016-08-13 20:54:48 -07:00
Anthony Romano
de2c3ec3db etcdserver, api, membership: don't race on setting version 
Fixes #6029
 2016-07-26 18:21:40 -07:00
Anthony Romano
299ebc6137 v3rpc: don't elide next progress notification on progress notification 
Fixes #5878
 2016-07-20 11:37:20 -07:00
Anthony Romano
8abae076d1 rpctypes, clientv3: retry RPC on EtcdStopped 
Fixes #5983
 2016-07-19 18:29:12 -07:00
Xiang Li
58aa3483c3 grpcproxy: add filter to watcher 2016-07-18 13:02:34 -07:00
Anthony Romano
51c5c307fa rpctypes: test error equivalence with Error() 
grpc.Errorf() now returns *rpcError, which makes comparisons shallow.
 2016-07-14 15:59:06 -07:00
Xiang Li
b0f2e5e64a Merge pull request #5927 from xiang90/pacing 
*: deny proposals when there is a huge gap between apply/commit
 2016-07-14 11:47:53 -07:00
Xiang Li
27b03f0ed5 *: deny proposals when there is a huge gap between apply/commit 2016-07-14 10:02:55 -07:00
Xiang Li
81d5ae3ce1 rpctypes: use permission deny code for permission deny error 2016-07-13 10:32:10 -07:00
Xiang Li
427496ebb8 v3rpc: lock progress and prevKV map correctly 2016-07-07 15:01:05 -07:00
Xiang Li
929d6ab62c Merge pull request #5850 from xiang90/get_o_kv 
*: support get-old-kv in watch
 2016-07-05 16:37:24 -07:00
Xiang Li
c853704ac9 *: support get-old-kv in watch 2016-07-05 16:17:09 -07:00
Xiang Li
13a4056327 v3rpc: do not panic on user error for watch 2016-07-03 08:57:48 -07:00
Xiang Li
bc6d7659af Merge pull request #5795 from xiang90/filter 
*: support watch with filters
 2016-06-28 14:07:12 -07:00
Xiang Li
dced92f8bd *: support watch with filters 
Now user can filter events with types. The API is also extensible.
It might make sense for the proxy to filter out events based on
more expensive/customized filter.
 2016-06-28 13:46:57 -07:00
Hitoshi Mitake
8df37d53d6 auth, etcdserver: let Authenticate() fail if auth isn't enabled 
Successful Authenticate() would be confusing and make trouble shooting
harder if auth isn't enabled in a cluster.
 2016-06-26 22:49:23 -07:00
Gyu-Ho Lee
a1c7a7df5e *: use capnslog for grpclog 2016-06-20 20:35:03 -07:00
Xiang Li
e5583b26eb Merge pull request #5711 from xiang90/client_bytes 
*: add client network metrics
 2016-06-20 12:03:18 -07:00
Xiang Li
35fd81e465 *: add client network metrics 2016-06-20 11:18:06 -07:00
Xiang Li
6f28b43806 *: fix pending events metrics 2016-06-19 23:00:39 -07:00
Hitoshi Mitake
18253e2723 *: support getting all users and roles in auth v3 
This commit expands RPCs for getting user and role and support list up
all users and roles. etcdctl v3 is now support getting all users and
roles with the newly added option --all e.g. etcdctl user get --all
 2016-06-17 16:22:41 +09:00