self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 09:44:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
teleport/lib/service/supervisor.go

514 lines
13 KiB
Go
Raw Normal View History

Apply apache license to teleport
2015-10-31 18:56:49 +00:00
/*
Copyright 2015 Gravitational, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
package service
import (
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
"context"
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
"fmt"
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
"sync"
External events and sessions storage. Updates #1755 Design ------ This commit adds support for pluggable events and sessions recordings and adds several plugins. In case if external sessions recording storage is used, nodes or proxies depending on configuration store the session recordings locally and then upload the recordings in the background. Non-print session events are always sent to the remote auth server as usual. In case if remote events storage is used, auth servers download recordings from it during playbacks. DynamoDB event backend ---------------------- Transient DynamoDB backend is added for events storage. Events are stored with default TTL of 1 year. External lambda functions should be used to forward events from DynamoDB. Parameter audit_table_name in storage section turns on dynamodb backend. The table will be auto created. S3 sessions backend ------------------- If audit_sessions_uri is specified to s3://bucket-name node or proxy depending on recording mode will start uploading the recorded sessions to the bucket. If the bucket does not exist, teleport will attempt to create a bucket with versioning and encryption turned on by default. Teleport will turn on bucket-side encryption for the tarballs using aws:kms key. File sessions backend --------------------- If audit_sessions_uri is specified to file:///folder teleport will start writing tarballs to this folder instead of sending records to the file server. This is helpful for plugin writers who can use fuse or NFS mounted storage to handle the data. Working dynamic configuration.
2018-03-04 02:26:44 +00:00
"github.com/gravitational/teleport"
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
Moved to go1.5 vendoring
2016-01-20 15:52:25 +00:00
"github.com/gravitational/trace"
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
"github.com/sirupsen/logrus"
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
)
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
// Supervisor implements the simple service logic - registering
// service functions and de-registering the service goroutines
type Supervisor interface {
// Register adds the service to the pool, if supervisor is in
Correct various typos This was fixed running the `misspell` linter in fix mode using `gometalinter`. The exact command I ran was : ``` gometalinter --vendor --disable-all -E misspell --linter='misspell:misspell -w {path}:^(?P<path>.*?\.go):(?P<line>\d+):(?P<col>\d+):\s*(?P<message>.*)$' ./... ``` Some typo were fixed by hand on top of it.
2017-10-20 08:20:26 +00:00
// the started state, the service will be started immediately
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
// otherwise, it will be started after Start() has been called
Register(srv Service)
// RegisterFunc creates a service from function spec and registers
// it within the system
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
RegisterFunc(name string, fn Func)
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
// RegisterCriticalFunc creates a critical service from function spec and registers
// it within the system, if this service exits with error,
// the process shuts down.
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
RegisterCriticalFunc(name string, fn Func)
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
// ServiceCount returns the number of registered and actively running
// services
ServiceCount() int
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
// Start starts all unstarted services
Start() error
// Wait waits until all services exit
Wait() error
// Run starts and waits for the service to complete
// it's a combinatioin Start() and Wait()
Run() error
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
// Services returns list of running services
Services() []string
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
// BroadcastEvent generates event and broadcasts it to all
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
// subscribed parties.
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
BroadcastEvent(Event)
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
// WaitForEvent waits for event to be broadcasted, if the event
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
// was already broadcasted, eventC will receive current event immediately.
WaitForEvent(ctx context.Context, name string, eventC chan Event)
// RegisterEventMapping registers event mapping -
// when the sequence in the event mapping triggers, the
// outbound event will be generated.
RegisterEventMapping(EventMapping)
// ExitContext returns context that will be closed when
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// a hard TeleportExitEvent is broadcasted.
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
ExitContext() context.Context
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// GracefulExitContext returns context that will be closed when
// a graceful or hard TeleportExitEvent is broadcast.
GracefulExitContext() context.Context
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
// ReloadContext returns context that will be closed when
// TeleportReloadEvent is broadcasted.
ReloadContext() context.Context
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
}
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
// EventMapping maps a sequence of incoming
// events and if triggered, generates an out event.
type EventMapping struct {
// In is the incoming event sequence.
In []string
// Out is the outbound event to generate.
Out string
}
// String returns user-friendly representation of the mapping.
func (e EventMapping) String() string {
return fmt.Sprintf("EventMapping(in=%v, out=%v)", e.In, e.Out)
}
func (e EventMapping) matches(currentEvent string, m map[string]Event) bool {
// existing events that have been fired should match
for _, in := range e.In {
if _, ok := m[in]; !ok {
return false
}
}
// current event that is firing should match one of the expected events
for _, in := range e.In {
if currentEvent == in {
return true
}
}
return false
}
// LocalSupervisor is a Teleport's implementation of the Supervisor interface.
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
type LocalSupervisor struct {
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
state int
sync.Mutex
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
wg *sync.WaitGroup
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
services []Service
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
events map[string]Event
eventsC chan Event
eventWaiters map[string][]*waiter
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
closeContext context.Context
signalClose context.CancelFunc
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// exitContext is closed when someone emits a hard Exit event
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
exitContext context.Context
signalExit context.CancelFunc
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// gracefulExitContext is closed when someone emits a graceful or hard Exit event
gracefulExitContext context.Context
signalGracefulExit context.CancelFunc
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
reloadContext context.Context
signalReload context.CancelFunc
eventMappings []EventMapping
id string
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
// log specifies the logger
log logrus.FieldLogger
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
}
// NewSupervisor returns new instance of initialized supervisor
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
func NewSupervisor(id string, parentLog logrus.FieldLogger) Supervisor {
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
ctx := context.TODO()
closeContext, cancel := context.WithCancel(ctx)
exitContext, signalExit := context.WithCancel(ctx)
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// graceful exit context is a subcontext of exit context since any work that terminates
// in the event of graceful exit must also terminate in the event of an immediate exit.
gracefulExitContext, signalGracefulExit := context.WithCancel(exitContext)
reloadContext, signalReload := context.WithCancel(ctx)
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
srv := &LocalSupervisor{
Enable linters: deadcode,goimports,govet,typecheck And fix the relevant findings for these linters. Also, set extra flags for `golangci-lint run` to make sure no findings are suppressed.
2020-04-13 23:35:46 +00:00
state: stateCreated,
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
id: id,
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
services: []Service{},
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
wg: &sync.WaitGroup{},
events: map[string]Event{},
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
eventsC: make(chan Event, 1024),
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
eventWaiters: make(map[string][]*waiter),
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
closeContext: closeContext,
signalClose: cancel,
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
exitContext: exitContext,
signalExit: signalExit,
gracefulExitContext: gracefulExitContext,
signalGracefulExit: signalGracefulExit,
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
reloadContext: reloadContext,
signalReload: signalReload,
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
log: parentLog.WithField(trace.Component, teleport.Component(teleport.ComponentProcess, id)),
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
}
go srv.fanOut()
return srv
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
}
// Event is a special service event that can be generated
// by various goroutines in the supervisor
type Event struct {
Name string
Payload interface{}
}
func (e *Event) String() string {
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
return e.Name
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
func (s *LocalSupervisor) Register(srv Service) {
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
s.log.WithField("service", srv.Name()).Debug("Adding service to supervisor.")
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
s.Lock()
defer s.Unlock()
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
s.services = append(s.services, srv)
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
if s.state == stateStarted {
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
s.serve(srv)
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}
}
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
// ServiceCount returns the number of registered and actively running services
func (s *LocalSupervisor) ServiceCount() int {
s.Lock()
defer s.Unlock()
return len(s.services)
}
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// RegisterFunc creates a service from function spec and registers
// it within the system
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
func (s *LocalSupervisor) RegisterFunc(name string, fn Func) {
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
s.Register(&LocalService{Function: fn, ServiceName: name})
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
// RegisterCriticalFunc creates a critical service from function spec and registers
// it within the system, if this service exits with error,
// the process shuts down.
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
func (s *LocalSupervisor) RegisterCriticalFunc(name string, fn Func) {
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
s.Register(&LocalService{Function: fn, ServiceName: name, Critical: true})
}
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// RemoveService removes service from supervisor tracking list
func (s *LocalSupervisor) RemoveService(srv Service) error {
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
l := s.log.WithField("service", srv.Name())
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
s.Lock()
defer s.Unlock()
for i, el := range s.services {
if el == srv {
s.services = append(s.services[:i], s.services[i+1:]...)
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
l.Debug("Service is completed and removed.")
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
return nil
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
}
}
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
l.Warning("Service is completed but not found.")
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
return trace.NotFound("service %v is not found", srv)
}
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
// ExitEventPayload contains information about service
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
// name, and service error if it exited with error
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
type ExitEventPayload struct {
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
// Service is the service that exited
Service Service
// Error is the error of the service exit
Error error
}
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
func (s *LocalSupervisor) serve(srv Service) {
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
s.wg.Add(1)
go func() {
defer s.wg.Done()
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
defer s.RemoveService(srv)
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
l := s.log.WithField("service", srv.Name())
l.Debug("Service has started.")
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
err := srv.Serve()
Got the basics done for 'teleport'
2016-02-07 21:33:33 +00:00
if err != nil {
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
if err == ErrTeleportExited {
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
l.Info("Teleport process has shut down.")
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
} else {
Introduce SessionRecordingConfig extracting fields from ClusterConfig (#6708)
2021-05-19 19:01:37 +00:00
l.WithError(err).Warning("Teleport process has exited with error.")
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
s.BroadcastEvent(Event{
Name: ServiceExitedWithErrorEvent,
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
Payload: ExitEventPayload{Service: srv, Error: err},
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
})
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
}
Got the basics done for 'teleport'
2016-02-07 21:33:33 +00:00
}
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}()
}
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
func (s *LocalSupervisor) Start() error {
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
s.Lock()
defer s.Unlock()
s.state = stateStarted
if len(s.services) == 0 {
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
s.log.Warning("Supervisor has no services to run. Exiting.")
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
return nil
}
for _, srv := range s.services {
s.serve(srv)
}
return nil
}
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
func (s *LocalSupervisor) Services() []string {
s.Lock()
defer s.Unlock()
out := make([]string, len(s.services))
for i, srv := range s.services {
out[i] = srv.Name()
}
return out
}
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
func (s *LocalSupervisor) Wait() error {
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
defer s.signalClose()
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
s.wg.Wait()
rename supervisor and export a couple of functions
2015-10-27 00:11:19 +00:00
return nil
}
func (s *LocalSupervisor) Run() error {
if err := s.Start(); err != nil {
return trace.Wrap(err)
}
return s.Wait()
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
// ExitContext returns context that will be closed when
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// a hard TeleportExitEvent is broadcasted.
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
func (s *LocalSupervisor) ExitContext() context.Context {
return s.exitContext
}
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// GracefulExitContext returns context that will be closed when
// a hard or graceful TeleportExitEvent is broadcasted.
func (s *LocalSupervisor) GracefulExitContext() context.Context {
return s.gracefulExitContext
}
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
// ReloadContext returns context that will be closed when
// TeleportReloadEvent is broadcasted.
func (s *LocalSupervisor) ReloadContext() context.Context {
return s.reloadContext
}
// BroadcastEvent generates event and broadcasts it to all
// subscribed parties.
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
func (s *LocalSupervisor) BroadcastEvent(event Event) {
s.Lock()
defer s.Unlock()
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
switch event.Name {
case TeleportExitEvent:
improve graceful restart behavior
2021-09-20 17:35:51 +00:00
// if exit event includes a context payload, it is a "graceful" exit, and
// we need to hold off closing the supervisor's exit context until after
// the graceful context has closed. If not, it is an immediate exit.
if ctx, ok := event.Payload.(context.Context); ok {
s.signalGracefulExit()
go func() {
select {
case <-s.exitContext.Done():
case <-ctx.Done():
s.signalExit()
}
}()
} else {
s.signalExit()
}
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
case TeleportReloadEvent:
s.signalReload()
}
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
s.events[event.Name] = event
Support different ready states.
2018-10-26 22:20:02 +00:00
// Log all events other than recovered events to prevent the logs from
// being flooded.
if event.String() != TeleportOKEvent {
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
s.log.WithField("event", event.String()).Debug("Broadcasting event.")
Support different ready states.
2018-10-26 22:20:02 +00:00
}
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
go func() {
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
select {
case s.eventsC <- event:
case <-s.closeContext.Done():
return
}
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
}()
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
for _, m := range s.eventMappings {
if m.matches(event.Name, s.events) {
mappedEvent := Event{Name: m.Out}
s.events[mappedEvent.Name] = mappedEvent
go func(e Event) {
select {
case s.eventsC <- e:
case <-s.closeContext.Done():
return
}
}(mappedEvent)
flaky tests: consistent logging (#4849) * Update logrus package to fix data races * Introduce a logger that uses the test context to log the messages so they are output if a test fails for improved trouble-shooting. * Revert introduction of test logger - simply leave logger configuration at debug level outputting to stderr during tests. * Run integration test for e as well * Use make with a cap and append to only copy the relevant roles. * Address review comments * Update integration test suite to use test-local logger that would only output logs iff a specific test has failed - no logs from other test cases will be output. * Revert changes to InitLoggerForTests API * Create a new logger instance when applying defaults or merging with file service configuration * Introduce a local logger interface to be able to test file configuration merge. * Fix kube integration tests w.r.t log * Move goroutine profile dump into a separate func to handle parameters consistently for all invocations
2020-12-07 14:35:15 +00:00
s.log.WithFields(logrus.Fields{
"in": event.String(),
"out": m.String(),
}).Debug("Broadcasting mapped event.")
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
}
}
}
// RegisterEventMapping registers event mapping -
// when the sequence in the event mapping triggers, the
// outbound event will be generated.
func (s *LocalSupervisor) RegisterEventMapping(m EventMapping) {
s.Lock()
defer s.Unlock()
s.eventMappings = append(s.eventMappings, m)
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
}
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
// WaitForEvent waits for event to be broadcasted, if the event
// was already broadcasted, eventC will receive current event immediately.
func (s *LocalSupervisor) WaitForEvent(ctx context.Context, name string, eventC chan Event) {
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
s.Lock()
defer s.Unlock()
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
waiter := &waiter{eventC: eventC, context: ctx}
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
event, ok := s.events[name]
if ok {
go s.notifyWaiter(waiter, event)
return
}
s.eventWaiters[name] = append(s.eventWaiters[name], waiter)
}
func (s *LocalSupervisor) getWaiters(name string) []*waiter {
s.Lock()
defer s.Unlock()
waiters := s.eventWaiters[name]
out := make([]*waiter, len(waiters))
Fix remaining gosimple findings List of fixed items: ``` integration/helpers.go:1279:2 gosimple S1000: should use for range instead of for { select {} } integration/integration_test.go:144:5 gosimple S1009: should omit nil check; len() for nil slices is defined as zero integration/integration_test.go:173:5 gosimple S1009: should omit nil check; len() for nil slices is defined as zero integration/integration_test.go:296:28 gosimple S1019: should use make(chan error) instead integration/integration_test.go:570:41 gosimple S1019: should use make(chan interface{}) instead integration/integration_test.go:685:40 gosimple S1019: should use make(chan interface{}) instead integration/integration_test.go:759:33 gosimple S1019: should use make(chan string) instead lib/auth/init_test.go:62:2 gosimple S1021: should merge variable declaration with assignment on next line lib/auth/tls_test.go:1658:22 gosimple S1024: should use time.Until instead of t.Sub(time.Now()) lib/backend/dynamo/dynamodbbk.go:420:5 gosimple S1004: should use !bytes.Equal(expected.Key, replaceWith.Key) instead lib/backend/dynamo/dynamodbbk.go:656:12 gosimple S1039: unnecessary use of fmt.Sprintf lib/backend/etcdbk/etcd.go:458:5 gosimple S1004: should use !bytes.Equal(expected.Key, replaceWith.Key) instead lib/backend/firestore/firestorebk.go:407:5 gosimple S1004: should use !bytes.Equal(expected.Key, replaceWith.Key) instead lib/backend/lite/lite.go:317:5 gosimple S1004: should use !bytes.Equal(expected.Key, replaceWith.Key) instead lib/backend/lite/lite.go:336:6 gosimple S1004: should use !bytes.Equal(value, expected.Value) instead lib/backend/memory/memory.go:365:5 gosimple S1004: should use !bytes.Equal(expected.Key, replaceWith.Key) instead lib/backend/memory/memory.go:376:5 gosimple S1004: should use !bytes.Equal(existingItem.Value, expected.Value) instead lib/backend/test/suite.go:327:10 gosimple S1024: should use time.Until instead of t.Sub(time.Now()) lib/client/api.go:1410:9 gosimple S1003: should use strings.ContainsRune(name, ':') instead lib/client/api.go:2355:32 gosimple S1019: should use make([]ForwardedPort, len(spec)) instead lib/client/keyagent_test.go:85:2 gosimple S1021: should merge variable declaration with assignment on next line lib/client/player.go:54:33 gosimple S1019: should use make(chan int) instead lib/config/configuration.go:1024:52 gosimple S1019: should use make(services.CommandLabels) instead lib/config/configuration.go:1025:44 gosimple S1019: should use make(map[string]string) instead lib/config/configuration.go:930:21 gosimple S1003: should use strings.Contains(clf.Roles, defaults.RoleNode) instead lib/config/configuration.go:931:22 gosimple S1003: should use strings.Contains(clf.Roles, defaults.RoleAuthService) instead lib/config/configuration.go:932:23 gosimple S1003: should use strings.Contains(clf.Roles, defaults.RoleProxy) instead lib/service/supervisor.go:387:2 gosimple S1001: should use copy() instead of a loop lib/tlsca/parsegen.go:140:9 gosimple S1034: assigning the result of this type assertion to a variable (switch generalKey := generalKey.(type)) could eliminate type assertions in switch cases lib/utils/certs.go:140:9 gosimple S1034: assigning the result of this type assertion to a variable (switch generalKey := generalKey.(type)) could eliminate type assertions in switch cases lib/utils/certs.go:167:40 gosimple S1010: should omit second index in slice, s[a:len(s)] is identical to s[a:] lib/utils/certs.go:204:5 gosimple S1004: should use !bytes.Equal(certificateChain[0].SubjectKeyId, certificateChain[0].AuthorityKeyId) instead lib/utils/parse/parse.go:116:45 gosimple S1003: should use strings.Contains(variable, "}}") instead lib/utils/parse/parse.go:116:6 gosimple S1003: should use strings.Contains(variable, "{{") instead lib/utils/socks/socks.go:192:10 gosimple S1025: should use String() instead of fmt.Sprintf lib/utils/socks/socks.go:199:10 gosimple S1025: should use String() instead of fmt.Sprintf lib/web/apiserver.go:1054:18 gosimple S1024: should use time.Until instead of t.Sub(time.Now()) lib/web/apiserver.go:1954:9 gosimple S1039: unnecessary use of fmt.Sprintf tool/tsh/tsh.go:1193:14 gosimple S1024: should use time.Until instead of t.Sub(time.Now()) ```
2020-05-20 18:38:32 +00:00
copy(out, waiters)
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
return out
}
func (s *LocalSupervisor) notifyWaiter(w *waiter, event Event) {
select {
case w.eventC <- event:
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
case <-w.context.Done():
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
}
}
func (s *LocalSupervisor) fanOut() {
for {
select {
case event := <-s.eventsC:
waiters := s.getWaiters(event.Name)
for _, waiter := range waiters {
go s.notifyWaiter(waiter, event)
}
Teleport signal handling and live reload. This commit introduces signal handling. Parent teleport process is now capable of forking the child process and passing listeners file descriptors to the child. Parent process then can gracefully shutdown by tracking the amount of current connections and closing listeners once the amount goes to 0. Here are the signals handled: * USR2 signal will cause the parent to fork a child process and pass listener file descriptors to it. Child process will close unused file descriptors and will bind to the used ones. At this moment two processes - the parent and the forked child process will be serving requests. After looking at the traffic and the log files, administrator can either shut down the parent process or the child process if the child process is not functioning as expected. * TERM, INT signals will trigger graceful process shutdown. Auth, node and proxy processes will wait until the amount of active connections goes down to 0 and will exit after that. * KILL, QUIT signals will cause immediate non-graceful shutdown. * HUP signal combines USR2 and TERM signals in a convenient way: parent process will fork a child process and self-initate graceful shutdown. This is a more convenient than USR2/TERM sequence, but less agile and robust as if the connection to the parent process drops, but the new process exits with error, administrators can lock themselves out of the environment. Additionally, boltdb backend has to be phased out, as it does not support read/writes by two concurrent processes. This had required refactoring of the dir backend to use file locking to allow inter-process collaboration on read/write operations.
2018-02-08 02:32:50 +00:00
case <-s.closeContext.Done():
Added the ability to stop teleport without restarting the process
2016-04-03 05:59:09 +00:00
return
migrate from callbacks to events
2016-03-29 23:33:11 +00:00
}
}
}
type waiter struct {
eventC chan Event
Teleport certificate authority rotation. This commit implements #1860 During the the rotation procedure issuing TLS and SSH certificate authorities are re-generated and all internal components of the cluster re-register to get new credentials. The rotation procedure is based on a distributed state machine algorithm - certificate authorities have explicit rotation state and all parts of the cluster sync local state machines by following transitions between phases. Operator can launch CA rotation in auto or manual modes. In manual mode operator moves cluster bewtween rotation states and watches the states of the components to sync. In auto mode state transitions are happening automatically on a specified schedule. The design documentation is embedded in the code: lib/auth/rotate.go
2018-04-08 21:37:33 +00:00
context context.Context
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// Service is a running teleport service function
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
type Service interface {
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// Serve starts the function
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
Serve() error
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// String returns user-friendly description of service
String() string
// Name returns service name
Name() string
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
// IsCritical returns true if the service is critical
// and program can't continue without it
IsCritical() bool
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// LocalService is a locally defined service
type LocalService struct {
// Function is a function to call
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
Function Func
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// ServiceName is a service name
ServiceName string
Shut down process on critical services errors Whenever critical services in teleport exit with errors, system should shut down immediatelly and exit with error. This was not the case since 2.7 release.
2018-09-07 21:35:23 +00:00
// Critical is set to true
// when the service is critical and program can't continue
// without it
Critical bool
}
// IsCritical returns true if the service is critical
// and program can't continue without it
func (l *LocalService) IsCritical() bool {
return l.Critical
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
}
// Serve starts the function
func (l *LocalService) Serve() error {
return l.Function()
}
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// String returns user-friendly service name
func (l *LocalService) String() string {
return l.ServiceName
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
}
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
// Name returns unique service name
func (l *LocalService) Name() string {
return l.ServiceName
}
Fixing golint warnings, batch 1 Mostly cosmetic changes: - making receiver names consistent - renaming `foo.FooBar` to `foo.Bar` (using package name as prefix) - removing redundant `else` branches - changing `a += 1` to `a++`
2020-10-05 22:12:25 +00:00
// Func is a service function
type Func func() error
Mutual TLS Auth server and clients. This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
2017-11-25 01:09:11 +00:00
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
const (
stateCreated = iota
Clean up dead code across the codebase Spring cleaning! A very mechanical cleanup using several linters (unused, deadcode, structcheck). Build and tests still pass so no behavior should be affected.
2020-04-09 00:17:31 +00:00
stateStarted
Provisioning and clear role separation Distinct roles separation: * Stateful auth server, it is stateful and exposes SSH authentication endpoint to the cluster * Stateless ssh node, it connects to the auth server to authenticate access requests * Stateless cp node, it provides web portal to access the cluster and update users keys Provisioning: * Auth server automatically sets itself up on the first start, no need to explicitly set encryption keys and authority certs * SSH node connects to the Auth server to provision host private keys and sertificates using special SSH provisioning key issued by the auth server
2015-05-07 03:10:44 +00:00
)
Reference in a new issue Copy permalink