1330 Commits

Author SHA1 Message Date
Gyu-Ho Lee
725ded40f7 etcdserver: fix from go vet, go lint 2016-06-22 12:04:15 -07:00
Gyu-Ho Lee
caffcb7fbb *: go vet fix in go tip 2016-06-22 11:10:59 -07:00
Anthony Romano
30cfa30490 etcdserver: make serialized txns auth-aware 2016-06-22 10:51:42 -07:00
Anthony Romano
aafb2e9430 etcdserver: add lock to authApplier so serialized requests don't race 2016-06-22 10:51:42 -07:00
Xiang Li
0b5ea3ec94 Merge pull request #5742 from xiang90/count
*: support count in range query
2016-06-21 19:42:08 -07:00
Xiang Li
def21f11a9 *: support count in range query 2016-06-21 16:20:55 -07:00
Anthony Romano
de68818f03 etcdserver: add some failpoints 2016-06-21 14:43:20 -07:00
Gyu-Ho Lee
a1c7a7df5e *: use capnslog for grpclog 2016-06-20 20:35:03 -07:00
Xiang Li
e5583b26eb Merge pull request #5711 from xiang90/client_bytes
*: add client network metrics
2016-06-20 12:03:18 -07:00
Xiang Li
35fd81e465 *: add client network metrics 2016-06-20 11:18:06 -07:00
Xiang Li
729f5b45fd Merge pull request #5720 from xiang90/report_recv
*: fix pending events metrics
2016-06-20 06:44:16 -07:00
Xiang Li
6f28b43806 *: fix pending events metrics 2016-06-19 23:00:39 -07:00
Xiang Li
8111e0f7dc Merge pull request #5716 from ajityagaty/get_filtering
v3api: Add a flag to RangeRequest to return only the keys.
2016-06-19 14:50:15 -07:00
Ajit Yagaty
ad5d55dd4c v3api: Add a flag to RangeRequest to return only the keys.
Currently the user can't list only the keys in a prefix search. In
order to support such operations the filtering will be done on the
server side to reduce the encoding and network transfer costs.
2016-06-19 14:18:39 -07:00
Gyu-Ho Lee
d37e564eaa etcdserver: use TouchDirAll 2016-06-19 11:26:52 -07:00
Xiang Li
598fa7a10e *: add pending/failed proposal metrics 2016-06-17 13:09:38 -07:00
Xiang Li
57474697af etcdserver: add applied metrics 2016-06-17 11:52:50 -07:00
Gyu-Ho Lee
63901be674 *: regenerate proto 2016-06-17 10:22:28 -07:00
Hitoshi Mitake
18253e2723 *: support getting all users and roles in auth v3
This commit expands RPCs for getting user and role and support list up
all users and roles. etcdctl v3 is now support getting all users and
roles with the newly added option --all e.g. etcdctl user get --all
2016-06-17 16:22:41 +09:00
Xiang Li
2d08e093c1 Merge pull request #5696 from xiang90/fix_panic
etcdserver: fix panic when getting header of raft request
2016-06-16 13:58:50 -07:00
Xiang Li
adff458895 etcdserver: fix panic when getting header of raft request 2016-06-16 13:42:10 -07:00
Gyu-Ho Lee
b3558894f2 Merge pull request #5695 from gyuho/proto
*: use latest protodoc, regenerate
2016-06-16 12:35:44 -07:00
Xiang Li
5f5c3c8f82 Merge pull request #5694 from xiang90/comp
etcdserver: only pause compaction when sending snapshot
2016-06-16 12:26:55 -07:00
Gyu-Ho Lee
0bae7b635c *: regenerate proto, doc 2016-06-16 11:57:46 -07:00
Xiang Li
699e76b631 etcdserver: only pause compaction when sending snapshot 2016-06-16 08:57:02 -07:00
Xiang Li
49266dca2d Merge pull request #5690 from xiang90/fix_s
etcdserver: save state before save snapshot
2016-06-15 22:36:30 -07:00
Xiang Li
9c78cda088 etcdserver: save state before save snapshot 2016-06-15 22:00:33 -07:00
Hitoshi Mitake
cdf1a2ee2c etcdserver: permission checking of Txn() in authApplierV3 2016-06-15 20:10:16 -07:00
Gyu-Ho Lee
32d766d749 etcdserver: preallocate slice 2016-06-15 13:03:10 -07:00
Anthony Romano
16db9e68a2 auth, etcdserver: separate auth checking apply from core apply 2016-06-15 09:03:27 -07:00
Xiang Li
5a7b7f7595 main: add grpc-gateway support
Now etcd can serve HTTP json request at /v3alpha/
2016-06-14 17:09:06 -07:00
Xiang Li
c75fa6fdc9 *: support deleteRange perm checking 2016-06-13 17:49:13 -07:00
Gyu-Ho Lee
5d6af0b51f etcdserver: key, rangeEnd in []byte for auth 2016-06-13 14:21:25 -07:00
Hongchao Deng
c11418b56c docs: v3 api, ErrCompaction -> ErrCompacted 2016-06-10 21:53:06 -07:00
Xiang Li
65ff76882b Merge pull request #5624 from xiang90/warn_apply
etcdserver: warn heavy apply
2016-06-10 15:28:27 -07:00
Xiang Li
64eccd519d etcdserver: warn heavy apply 2016-06-10 14:43:34 -07:00
Hitoshi Mitake
ead5096fa9 auth, etcdserver: make auth tokens consistent for all nodes
Currently auth tokens are generated in the replicated state machine
layer randomly. It means one auth token generated in node A cannot be
used for node B. It is problematic for load balancing and fail
over. This commit moves the token generation logic from the state
machine to API layer (before raft) and let all nodes share a single
token.

Log index of Raft is also added to a token for ensuring uniqueness of
the token and detecting activation of the token in the cluster (some
nodes can receive the token before generating and installing the token
in its state machine).

This commit also lets authStore have simple token related things. It
is required because of unit test. The test requires cleaning of the
state of the simple token things after one test (succeeding test can
create duplicated token and it causes panic).
2016-06-10 13:55:37 -07:00
Anthony Romano
b3a0b0502c etcdserver: respect auth on serialized Range 2016-06-10 11:43:05 -07:00
Xiang Li
f1c6fa48f5 *: add admin permission checking 2016-06-09 15:25:09 -07:00
Xiang Li
fb0df211f0 Merge pull request #5586 from xiang90/root
auth: add root user and root role
2016-06-09 00:23:45 -07:00
Xiang Li
da2f2a5189 auth: add root user and root role 2016-06-08 19:55:08 -07:00
Hitoshi Mitake
253e313c09 *: support granting and revoking range
This commit adds a feature for granting and revoking range of keys,
not a single key.

Example:
$ ETCDCTL_API=3 bin/etcdctl role grant r1 readwrite k1 k3
Role r1 updated
$ ETCDCTL_API=3 bin/etcdctl role get r1
Role r1
KV Read:
        [a, b)
        [k1, k3)
        [k2, k4)
KV Write:
        [a, b)
        [k1, k3)
        [k2, k4)
$ ETCDCTL_API=3 bin/etcdctl --user u1:p get k1 k4
k1
v1
$ ETCDCTL_API=3 bin/etcdctl --user u1:p get k1 k5
Error:  etcdserver: permission denied
2016-06-08 14:58:25 -07:00
Hitoshi Mitake
6bb96074da auth, etcdserver: permission of range requests
Currently the auth mechanism doesn't support permissions of range
request. It just checks exact matching of key names even for range
queries. This commit adds a mechanism for setting permission to range
queries. Range queries are allowed if a range of the query is [begin1,
end1) and the user has a permission of reading [begin2, range2) and
[begin1, end2) is a subset of [begin2, range2). Range delete requests
will follow the same rule.
2016-06-08 11:57:32 -07:00
Anthony Romano
ff2b24a8ac Merge pull request #5583 from heyitsanthony/grpc-nuke-waitstate
clientv3: use grpc balancer
2016-06-08 09:45:44 -07:00
Anthony Romano
62f8ec25c0 clientv3: use grpc reconnection logic 2016-06-08 01:04:59 -07:00
Xiang Li
cc1155c93b etcdserver: make usernameFromCtx more go style 2016-06-07 21:17:32 -07:00
Gyu-Ho Lee
6e149e3485 etcdserver: following updates for proto change 2016-06-07 13:32:07 -07:00
Gyu-Ho Lee
ca630a0803 etcdserverpb: RequestOp, ResponseOp
Fix https://github.com/coreos/etcd/issues/5504.
2016-06-07 13:31:10 -07:00
Xiang Li
83ce1051ff auth: make naming consistent 2016-06-07 10:54:50 -07:00
Hitoshi Mitake
94f22e8a07 *: rename RPCs and structs related to revoking
This commit renames RPCs and structs related to revoking.
1. UserRevoke -> UserRevokeRole
2. RoleRevoke -> RoleRevokePermission
2016-06-05 16:57:23 +09:00