Alexander Marshalov
36edba9bfb
added configCheckInterval flag for vmauth ( #3990 ) ( #3991 )
...
* added configCheckInterval flag for vmauth (#3990 )
Signed-off-by: Alexander Marshalov <_@marshalov.org>
2023-03-23 09:34:12 +01:00
Aliaksandr Valialkin
1b5dc9f91d
all: follow-up for 7a3e16e774
...
- Sync the description for -httpListenAddr.useProxyProtocol command-line flag at vmagent and vmauth,
so it is consistent with the description at vmauth and victoria-metrics
- Add a sample of panic text to docs/CHANGELOG.md, so it could be googled
- Mention the -httpListenAddr.useProxyProtocol command-line flag in the description for the bugfix
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3335
2023-03-08 01:26:55 -08:00
Nikolay
7a3e16e774
lib/netutil: fixes panic at proxy protocol ( #3905 )
...
it may occur if non proxy protocol message received by tcp server.
Listener Accept method must return only non-recoverable errors.
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3335
2023-03-07 08:50:18 -08:00
Aliaksandr Valialkin
255a0cf635
all: add makefile rules for GOARCH=s390x for all the VictoriaMetrics components
...
This is a follow-up for 007530f882
2023-02-26 12:36:51 -08:00
Aliaksandr Valialkin
510f78a96b
all: consistently use http.Method{Get,Post,Put} across the codebase
...
This is a follow-up after 9dec3c8f80
2023-02-22 18:58:46 -08:00
Oleksandr Redko
9fff48c3e3
app,lib: fix typos in comments ( #3804 )
2023-02-13 13:27:13 +01:00
Aliaksandr Valialkin
438b2e11bd
app/vmauth: allow specifying max_concurrent_requests
value on a per-user basis bigger than the -maxConcurrentPerUserRequests
value
2023-02-11 20:53:08 -08:00
Aliaksandr Valialkin
776391917f
app/vmauth: improve load balancing by sending incoming requests to backends with the lowest number of concurrent requests
...
While at it, stop sending requests to unavailable backend for 3 seconds
before the next attempt. This should reduce the amounts of useless work
and the number of useless network packets when the backend is temporarily unavailable.
2023-02-11 00:30:31 -08:00
Aliaksandr Valialkin
f3625e4f3f
app/vmauth: add -maxConcurrentPerUserRequests
command-line option for limiting the number of concurrent requests on a per-user basis
...
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3346
2023-02-10 21:58:21 -08:00
Aliaksandr Valialkin
70f8911ca7
app/vmauth: automatically retry failing GET requests on the remaining backends
2023-02-09 21:05:55 -08:00
Dmytro Kozlov
f582f9e8ab
app/vmauth: add concurrent requests limit per auth record ( #3749 )
...
* app/vmauth: add concurent requests limit per auth record
* app/vmauth: added clarification comment
* app/vmauth: remove unused code
* app/vmauth: move read from limiter
* app/vmauth: fix text
* app/vmauth: fix comments
* - Clarify the docs for the max_concurrent_requests option at docs/vmauth.md
- Clarify the description of the change at docs/CHANGELOG.md
- Make sure that the -maxConcurrentRequests takes precedence over per-user max_concurrent_requests
- Update tests for verifying that the max_concurrent_requests option is parsed properly
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3346
---------
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2023-02-09 20:03:01 -08:00
Aliaksandr Valialkin
0e0095d350
all: run apk update && apk upgrade
in base Alpine Docker image in order to get all the recent security fixes
2023-02-09 14:01:32 -08:00
Aliaksandr Valialkin
a0c8b86eab
docs/vmauth.md: update docs after ff39a91147
...
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3346
2023-01-27 14:10:19 -08:00
Aliaksandr Valialkin
ff39a91147
app/vmauth: limit the number of concurrent requests served by vmauth
with the -maxConcurrentRequests
command-line flag
...
See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3346
This commit is based on the https://github.com/VictoriaMetrics/VictoriaMetrics/pull/3486
2023-01-27 14:07:30 -08:00
Aliaksandr Valialkin
372b1688d7
app/vmauth: do not use net/http/httputil.ReverseProxy
...
This allows better controlling requests to backends and providing better error logging.
For example, if the backend was unavailable, then the ReverseProxy was logging the error
message without client ip and the initial request uri. This could harden debugging.
This is based on https://github.com/VictoriaMetrics/VictoriaMetrics/pull/3486
2023-01-27 13:40:05 -08:00
Aliaksandr Valialkin
7e355080ce
app/vmauth: pass the target url to reverse proxy via context.Value instead of request header
...
This is less hacky way, since it doesn't clash with request headers
2023-01-27 12:15:52 -08:00
Aliaksandr Valialkin
36941d6d75
app/vmauth: consistency renaming: UserInfo.URLMap -> UserInfo.URLMaps
...
This is based on https://github.com/VictoriaMetrics/VictoriaMetrics/pull/3486
2023-01-27 00:19:02 -08:00
Aliaksandr Valialkin
0890adde67
docs: update command-line descriptions after 73256fe438
2023-01-27 00:00:37 -08:00
Nikolay
73256fe438
lib/netutil: init implimentation of proxy protocol ( #3687 )
...
* lib/netutil: init implimentation of proxy protocol
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3335
* wip
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2023-01-26 23:08:35 -08:00
Aliaksandr Valialkin
95ce1ba6ce
lib/httpserver: directly pass flag value to CheckAuthFlag()
...
There is no sense in passing a pointer to flag value there.
This is a follow-up for 4225a0bd75
2023-01-10 15:52:23 -08:00
Zakhar Bessarab
4225a0bd75
Use httpAuth.*
flags as a fallback for endpoints protected by *AuthKey
flags ( #3582 )
...
* {lib/server, app/}: use `httpAuth.*` flag as fallback for `*AuthKey` if it is not set
* lib/ingestserver/opentsdbhttp: fix opentdb HTTP handler not respecting `httpAuth.*` flags
* Apply suggestions from code review
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2023-01-10 15:46:13 -08:00
Aliaksandr Valialkin
fd175ad80b
docs: update -help
outputs for vm* tools
2023-01-03 23:27:06 -08:00
Aliaksandr Valialkin
5d30080555
lib/flagutil: support for TB and TiB suffixes for command-line flags, which accept byte sizes
2022-12-14 17:52:32 -08:00
Aliaksandr Valialkin
eeacbaf0b6
all: update Go builder from v1.19.3 to v1.19.4
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.19.4+label%3ACherryPickApproved
2022-12-08 16:41:24 -08:00
Aliaksandr Valialkin
20d758e3e4
all: add a link to https://docs.victoriametrics.com/enterprise.html into description for enterprise flags
2022-11-21 15:42:01 +02:00
Roman Khavronenko
9f8bf524ad
bump go version to 1.19.3 ( #3327 )
...
Signed-off-by: hagen1778 <roman@victoriametrics.com>
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-11-08 16:43:59 +01:00
Aliaksandr Valialkin
518c340ae3
lib/envtemplate: allow referring env vars from other env vars via %{ENV_VAR} syntax
...
This is a follow-up for 02096e06d0
2022-10-26 14:49:33 +03:00
Aliaksandr Valialkin
069401a304
all: log error when environment variables referred from -promscrape.config
are missing
...
This should prevent from using incorrect config files
2022-10-18 10:47:16 +03:00
Aliaksandr Valialkin
b47caa86db
all: update the minimum required Go verson from 1.19.1 to 1.19.2
...
This is needed because of security vulnerabilities found in Go 1.19.1
See https://go.dev/doc/devel/release#go1.19.2
2022-10-07 22:43:37 +03:00
Aliaksandr Valialkin
a296994fed
app/vmauth: do not remove trailing slash from the proxied path
...
This should fix the issue with opening VMUI at /vmui/ page.
See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1752
2022-10-01 16:52:30 +03:00
Dmytro Kozlov
6ab1cede62
lib/{httpserver,netutil}: allow to define min and max TLS version of the http server ( #3109 )
...
* lib/{httpserver,netutil}: allow to define min and max TLS version of the http server
* lib/httpserver: added descriptions about tls supported versions
* lib/netutil: check minimal tls version, added supported tls versions to error
* wip
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2022-09-26 17:35:45 +03:00
Aliaksandr Valialkin
4193af4571
docs/vmauth.md: update -help
output after explicit marking of enterprise flags
2022-09-15 13:22:57 +03:00
Roman Khavronenko
efea51a9ee
bump Go version to 1.19.1 ( #3108 )
...
The reason is to cover vulnerability GO-2022-0969
Found in: net/http@go1.18.5
Fixed in: net/http@go1.19.1
More info: https://pkg.go.dev/vuln/GO-2022-0969
Signed-off-by: hagen1778 <roman@victoriametrics.com>
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-09-14 12:29:19 +02:00
Aliaksandr Valialkin
3d12ee47f9
docs: mention that it is safe sharing the collected profiles from security PoV
...
The collected profiles do not contain sensitive information
2022-08-24 14:07:36 +03:00
Aliaksandr Valialkin
7b8bc8ad59
all: bump the minimum supported version of Go from 1.17 to 1.18
...
This is needed because some dependencies uses generics, which have been appeared in Go1.18
This is a follow-up for caf3dd4fa2
2022-08-08 13:39:38 +03:00
Aliaksandr Valialkin
da11056d85
all: rename -pushmetrics.extraLabels to -pushmetrics.extraLabel for the sake of consistency
2022-07-26 19:24:24 +03:00
Aliaksandr Valialkin
ad6b3cd47d
lib/pushmetrics: properly handle errors when initializing pushmetrics
2022-07-22 13:36:06 +03:00
Aliaksandr Valialkin
5ced032d66
all: follow-up after 46f803fa7a
...
Add -pushmetrics.* command-line flags to all the VictoriaMetrics apps
2022-07-21 20:36:27 +03:00
Aliaksandr Valialkin
22fc7e0e04
docs/vmauth.md: mention that multiple recrods for the same username are supported
...
This is a follow-up for 88029c521c
2022-07-19 19:42:42 +03:00
Nikolay
88029c521c
app/vmauth: allow duplicate usernames ( #2888 )
...
Usernames could be duplicate if it has uniq password.
vmauth makes routing based on auth token and username + password combination must be unique for this case.
2022-07-19 19:33:17 +03:00
Aliaksandr Valialkin
f9500abfe0
app: fix make publish-*
after ed93330e66
...
Add missing `-linux` substring to built binary names for copying into Docker images
2022-07-14 10:59:11 +03:00
Aliaksandr Valialkin
ed93330e66
all: follow-up for d99ba3481b
2022-07-13 16:44:39 +03:00
Dmytro Kozlov
d99ba3481b
Rename release packages ( #2810 )
...
* makefile: add os to each release file
* makefile: update vmutils arm64
* makefile: update victoria-metrics release process
* makefile: update publish with os
* makefile: update publish with os
* makefile: change tar library
* update release logic
* copy all releases
* sort command by GOOS
* rollback commands
* rollback OSARCH
* fix commands
* cleanup
* fix windows build
* sort build by GOOS, update README.md
2022-07-13 15:42:48 +03:00
Aliaksandr Valialkin
cfc99e12da
docs: update docs after e4d6b750f6
...
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/2753
2022-06-21 14:01:12 +03:00
Nikolay
e4d6b750f6
lib/httpserver: adds flagsAuthKey command-line flag ( #2758 )
...
* lib/httpserver: adds flagsAuthKey command-line flag
It protects /flags endpoint with authKey.
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/2753O
* Apply suggestions from code review
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2022-06-20 17:09:32 +03:00
Aliaksandr Valialkin
afc26c57cc
all: replace bash
with console
blocks in all the *.md files
...
This is a follow-up for 954a7a6fc6
2022-06-19 23:00:39 +03:00
Aliaksandr Valialkin
1097ebebe6
lib/httpserver: clarify that -tls
flag enables TLS for http requests to -httpListenAddr
2022-04-16 16:59:26 +03:00
Aliaksandr Valialkin
b49b8020d6
docs: sync docs with the latest changes
2022-04-16 15:59:53 +03:00
Aliaksandr Valialkin
c8f356a6a8
app: sync Markdown changes from a8de1ab000
2022-03-22 14:11:18 +02:00
Aliaksandr Valialkin
620b605786
docs: document 20bb5e703c
2022-03-18 18:41:19 +02:00