Nikolay
73256fe438
lib/netutil: init implimentation of proxy protocol ( #3687 )
...
* lib/netutil: init implimentation of proxy protocol
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3335
* wip
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2023-01-26 23:08:35 -08:00
Aliaksandr Valialkin
95ce1ba6ce
lib/httpserver: directly pass flag value to CheckAuthFlag()
...
There is no sense in passing a pointer to flag value there.
This is a follow-up for 4225a0bd75
2023-01-10 15:52:23 -08:00
Zakhar Bessarab
4225a0bd75
Use httpAuth.*
flags as a fallback for endpoints protected by *AuthKey
flags ( #3582 )
...
* {lib/server, app/}: use `httpAuth.*` flag as fallback for `*AuthKey` if it is not set
* lib/ingestserver/opentsdbhttp: fix opentdb HTTP handler not respecting `httpAuth.*` flags
* Apply suggestions from code review
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2023-01-10 15:46:13 -08:00
Aliaksandr Valialkin
ad6b3cd47d
lib/pushmetrics: properly handle errors when initializing pushmetrics
2022-07-22 13:36:06 +03:00
Aliaksandr Valialkin
5ced032d66
all: follow-up after 46f803fa7a
...
Add -pushmetrics.* command-line flags to all the VictoriaMetrics apps
2022-07-21 20:36:27 +03:00
Diego Circelli
20bb5e703c
Token authorization scheme ( #2288 )
2022-03-18 18:31:58 +02:00
Aliaksandr Valialkin
e5d4c7f4a7
app/vmauth: initialize reverse proxy only after flag.Parse() is called
...
This should properly take into accoun the `-maxIdleConnsPerBackend` command-line flag value.
Previously it was hardcoded to 100.
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1300
2021-11-09 19:22:34 +02:00
Aliaksandr Valialkin
013d626889
app/vmauth: add ability to specify http headers to send in requests to backends
...
See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1736
2021-10-22 19:10:29 +03:00
Aliaksandr Valialkin
b8123b862a
app/vmauth: fix metric name prefixes: vmagent
-> vmauth
2021-10-19 15:29:07 +03:00
Roman Khavronenko
7fcbd3fa4b
Adjust http.Transport.MaxIdleConns
setting for vmauth/vmalert services ( #1704 )
...
* vmalert: adjust `http.Transport.MaxIdleConns` value accordingly to `http.Transport.MaxIdleConnsPerHost`
`http.Transport.MaxIdleConnsPerHost` setting is controlled by `datasource.maxIdleConnections` flag,
while `http.Transport.MaxIdleConns` is inherited from DefaultTransport and is equal to `100`.
The fix adjusts `http.Transport.MaxIdleConns` value if it is lower than `http.Transport.MaxIdleConnsPerHost`.
Signed-off-by: hagen1778 <roman@victoriametrics.com>
* vmauth: adjust `http.Transport.MaxIdleConns` value accordingly to `http.Transport.MaxIdleConnsPerHost`
`http.Transport.MaxIdleConnsPerHost` setting is controlled by `maxIdleConnsPerBackend` flag,
while `http.Transport.MaxIdleConns` is inherited from DefaultTransport and is equal to `100`.
The fix adjusts `http.Transport.MaxIdleConns` value if it is lower than `http.Transport.MaxIdleConnsPerHost`.
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2021-10-13 17:29:28 +03:00
Aliaksandr Valialkin
adedc83b3b
app/vmauth: do not log invalid auth tokens by default for security reasons
...
The logging can be enabled by passing `-logInvalidAuthTokens` command-line flag to vmauth
2021-09-14 12:20:03 +03:00
Aliaksandr Valialkin
ed83558646
app/vmauth: properly handle http.ErrAbortHandler panic
...
This panic can be raised by the reverseProxy on aborted request to the backend.
So handle it (e.g. suppress) at reverseProxy.ServeHTTP call.
Do not suppress the panic at lib/httpserver generic HTTP handler,
since it may result in an inconsistent state left after the panicking handler.
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1353
2021-06-11 12:50:25 +03:00
Aliaksandr Valialkin
49ecbc765d
app/vmauth: add ability to protect /-/reload
endpoint with authKey
2021-05-20 18:47:01 +03:00
Aliaksandr Valialkin
66aba00549
app/vmauth: reload -auth.config
on the request to /-/reload
...
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1194
2021-05-18 02:23:55 +03:00
Aliaksandr Valialkin
10a47af631
app/{vmalert,vmauth}: explicitly set MaxIdleConnsPerHost in net/http.Client.Transport
...
By default MaxIdleConnsPerHost is set to 2. This limits the possibility to re-use http keep-alive connections.
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1300
2021-05-14 18:12:24 +03:00
Aliaksandr Valialkin
7c4e460513
app/vmauth: parse url_prefix
only once during config load
2021-04-21 10:55:29 +03:00
Aliaksandr Valialkin
6bc52fe41a
all: rename https://victoriametrics.github.io to https://docs.victoriametrics.com
2021-04-20 20:16:17 +03:00
Aliaksandr Valialkin
b1d0028e79
app/vmauth: add support for authorization via Authorization: Bearer <token>
2021-04-02 22:14:53 +03:00
Aliaksandr Valialkin
1e38ad6d20
app/vmauth: add ability to route requests from a single users to multiple targets depending on the requested path
...
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1064
2021-02-11 12:41:16 +02:00
Aliaksandr Valialkin
9d42546a27
docs: consistently use links to https://victoriametrics.github.io for documentation references
2020-12-11 21:08:18 +02:00
Aliaksandr Valialkin
4146fc4668
all: properly handle CPU limits set on the host system/container
...
This can reduce memory usage on systems with enabled CPU limits.
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/946
2020-12-08 21:07:29 +02:00
Aliaksandr Valialkin
9d787f9edd
all: do not print usage info for all the flags when incorrect command-line flag is passed
...
This should improve usability for VictoriaMetrics apps that have big number of command-line flags,
i.e. all the apps.
2020-12-03 21:47:37 +02:00
Aliaksandr Valialkin
ef7e2af8f5
app: respect CPU limits set via cgroups
...
Update GOMAXPROCS to limits set via cgroups. This should reduce CPU trashing and reduce memory usage
for cases when VictoriaMetrics components run in containers with CPU limits.
See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/685
2020-08-11 22:59:19 +03:00
ofen
81746d14b9
401 Unauthorize HTTP error added ( #681 )
...
401 Unauthorize HTTP error added to trigger browser credentials pop-up promt [RFC 7235 https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication ]
2020-08-09 09:38:41 +03:00
Aliaksandr Valialkin
b35cb293f5
lib/httpserver: log remote address in error message from httpserver.Errorf
...
This should improve detection of the root cause of errors.
Thanks to Anant for the idea.
2020-07-20 14:11:22 +03:00
Aliaksandr Valialkin
f5dd2a71a6
app/vmauth: disable automatic response compression/uncompression, since it may work improperly in some cases
...
See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/535
2020-06-05 20:13:56 +03:00
Aliaksandr Valialkin
ff1a725a56
app/vmauth: print brief usage info for vmauth -help
2020-06-05 10:40:00 +03:00
Aliaksandr Valialkin
93c87d28f6
all: print --help
output to stdout instead of stderr
...
This is easier to grep and pipe
2020-05-16 11:59:33 +03:00
Aliaksandr Valialkin
653d51694a
app/vmauth: prevent from attacks with ..
in path for accessing resources outside the configured url_prefix
2020-05-07 12:55:18 +03:00
Aliaksandr Valialkin
e767aedd17
app/vmauth: add initial version of vmauth. See https://github.com/VictoriaMetrics/VictoriaMetrics/blob/master/app/vmauth/README.md for details
2020-05-05 10:54:17 +03:00