The NetBSD Project

CVS log for pkgsrc/sysutils/consul/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / sysutils / consul

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.27 / (download) - annotate - [select for diffs], Tue Jul 31 12:34:55 2018 UTC (2 weeks, 4 days ago) by fhajny
Branch: MAIN
CVS Tags: HEAD
Changes since 1.26: +5 -5 lines
Diff to previous 1.26 (colored)

sysutils/consul: Update to 1.2.2

## 1.2.2 (July 30, 2018)

SECURITY:
- acl: Fixed an issue where writes operations on the Keyring and
  Operator were being allowed with a default allow policy even when
  explicitly denied in the policy.

FEATURES:

- **Alias Checks:** Alias checks allow a service or node to alias the
  health status of another service or node in the cluster.
- agent: New Cloud Auto-join providers: vSphere and Packet.net.
- cli: Added `-serf-wan-port`, `-serf-lan-port`, and `-server-port`
  flags to CLI for cases where these can't be specified in config
  files and `-hcl` is too cumbersome.
- connect: The TTL of leaf (service) certificates in Connect is now
  configurable.

IMPROVEMENTS:

- proxy: With `-register` flag, heartbeat failures will only log once
  service registration succeeds.
- http: 1.0.3 introduced rejection of non-printable chars in HTTP URLs
  due to a security vulnerability. Some users who had keys written
  with an older version which are now dissallowed were unable to delete
  them. A new config option disable_http_unprintable_char_filter is
  added to allow those users to remove the offending keys. Leaving this
  new option set long term is strongly discouraged as it bypasses
  filtering necessary to prevent some known vulnerabilities.
- agent: Allow for advanced configuration of some gossip related
  parameters.
- agent: Make some Gossip tuneables configurable via the config file
- ui: Included searching on `.Tags` when using the freetext search
  field.
- ui: Service.ID's are now shown in the Service detail page and (only
  if it is different from the service name) the Node Detail >
  [Services] tab.

BUG FIXES:

- acl/connect: Fix an issue that was causing managed proxies not to
  work when ACLs were enabled.
- connect: Fix issue with managed proxies and watches attempting to
  use a client addr that is 0.0.0.0 or ::
- connect: Allow Native and Unmanaged proxy configurations via config
  file
- connect: Fix bug causing 100% CPU on agent when Connect is disabled
  but a proxy is still running
- proxy: Don't restart proxies setup in a config file when Consul
  restarts
- ui: Display the Service.IP address instead of the Node.IP address in
  the Service detail view.
- ui: Watch for trailing slash stripping 301 redirects and forward the
  user to the correct location.
- connect: Fixed an issue in the connect native HTTP client where it
  failed to resolve service names.

## 1.2.1 (July 12, 2018)

IMPROVEMENTS:

- acl: Prevented multiple ACL token refresh operations from occurring
  simultaneously.
- acl: Add async-cache down policy mode to always do ACL token
  refreshes in the background to reduce latency.
- proxy: Pass through HTTP client env vars to managed proxies so that
  they can connect back to Consul over HTTPs when not serving HTTP.
- connect: Persist intermediate CAs on leader change.

BUG FIXES:

- api: Intention APIs parse error response body for error message.
- agent: Intention read endpoint returns a 400 on invalid UUID
- agent: Service registration with "services" does not error on
  Connect upstream configuration.
- dns: Ensure that TXT RRs dont get put in the Answer section for
  A/AAAA queries.
- dns: Ensure that only 1 CNAME is returned when querying for services
  that have non-IP service addresses.
- api: Fixed issue where `Lock` and `Semaphore` would return earlier
  than their requested timeout when unable to acquire the lock.
- watch: Fix issue with HTTPs only agents not executing watches
  properly
- agent: Managed proxies that bind to 0.0.0.0 now get a health check
  on a sane IP
- server: (Consul Enterprise) Fixed an issue causing Consul to panic
  when network areas were used
- license: (Consul Enterprise) Fixed an issue causing the snapshot
  agent to log erroneous licensing errors

Revision 1.26 / (download) - annotate - [select for diffs], Tue Jul 3 12:14:30 2018 UTC (6 weeks, 4 days ago) by fhajny
Branch: MAIN
Changes since 1.25: +5 -5 lines
Diff to previous 1.25 (colored)

sysutils/consul: Update to 1.2.0.

FEATURES:

- Connect Feature Beta: This version includes a major new feature for
  Consul named Connect. Connect enables secure service-to-service
  communication with automatic TLS encryption and identity-based
  authorization.
  - Connect must be enabled explicitly in configuration so upgrading a
    cluster will not affect any existing functionality until it's
    enabled.
  - This is a Beta feature, we don't recommend enabling this in
    production yet. Please see the documentation for more information.
- dns: Enable PTR record lookups for services with IPs that have no
  registered node
- ui: Default to serving the new UI. Setting the `CONSUL_UI_LEGACY`
  environment variable to `1` or `true` will revert to serving the old
UI

IMPROVEMENTS:

- agent: A Consul user-agent string is now sent to providers when
  making retry-join requests
- client: Add metrics for failed RPCs
- agent: Add configuration entry to control including TXT records for
  node meta in DNS responses
- client: Make RPC rate limit configuration reloadable

BUG FIXES:

- agent: Fixed an issue where watches were being duplicated on reload.
- agent: Fixed an issue with Agent watches on a HTTPS only agent would
  fail to use TLS.
- agent: Fixed bug that would cause unnecessary and frequent logging
  yamux keepalives
- dns: Re-enable full DNS compression

Revision 1.25 / (download) - annotate - [select for diffs], Mon May 14 16:12:41 2018 UTC (3 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2
Changes since 1.24: +5 -5 lines
Diff to previous 1.24 (colored)

sysutils/consul: Update to 1.1.0.

FEATURES:

- UI: The web UI has been completely redesigned and rebuilt and is in
  an opt-in beta period.
- api: Added support for Prometheus client format in metrics endpoint
  with `?format=prometheus` (see docs)
- agent: New Cloud Auto-join provider: Joyent Triton.
- agent: (Consul Enterprise) Implemented license management with
  license propagation within a datacenter.

BREAKING CHANGES:

- agent: The following previously deprecated fields and config options
  have been removed
  - `CheckID` has been removed from config file check definitions (use
    `id` instead).
  - `script` has been removed from config file check definitions (use
    `args` instead).
  - `enableTagOverride` is no longer valid in service definitions (use
    `enable_tag_override` instead).
  - The deprecated set of metric names (beginning with
    `consul.consul.`) has been removed along with the
    `enable_deprecated_names` option from the metrics configuration.

IMPROVEMENTS:

- agent: Improve DNS performance on large clusters
- agent: `start_join`, `start_join_wan`, `retry_join`,
  `retry_join_wan` config params now all support go-sockaddr templates
- server: Added new configuration options `raft_snapshot_interval` and
  `raft_snapshot_threshold` to allow operators to  configure how often
  servers take raft snapshots. The default values for these have been
  tuned for large and busy clusters with high write load.

BUG FIXES:

- agent: Only call signal.Notify once during agent startup
- agent: Add support for the new Service Meta field in agent config
- api: Add support for the new Service Meta field in API client
- agent: Updated serf library for two bug fixes - allow enough time
  for leave intents to propagate
- agent: When node-level checks (e.g. maintenance mode) were deleted,
  some watchers currently in between blocking calls may have missed
  the change in index.

Revision 1.24 / (download) - annotate - [select for diffs], Mon Apr 16 12:36:12 2018 UTC (4 months ago) by fhajny
Branch: MAIN
Changes since 1.23: +5 -5 lines
Diff to previous 1.23 (colored)

sysutils/consul: Update to 1.0.7.

IMPROVEMENTS:

- build: Bumped Go version to 1.10
- agent: Blocking queries on service-specific health and catalog
  endpoints now return a per-service `X-Consul-Index` improving watch
  performance on very busy clusters.
- agent: All endpoints now respond to OPTIONS requests.
- agent: List of supported TLS cipher suites updated to include newer
  options,
- agent: WAN federation can now be disabled by setting the serf WAN
  port to -1.
- agent: Added support for specifying metadata during service
  registration.
- agent: Added a new `discover-max-stale` config option to enable
  stale requests for service discovery endpoints.
- agent: (Consul Enterprise) Added a new option to the snapshot agent
  for configuring the S3 endpoint.
- dns: Introduced a new config param to limit the number of A/AAAA
  records returned.
- dns: Upgrade vendored DNS library to pick up bugfixes and
  improvements.
- server: Updated yamux library to pick up a performance improvement.
- server: Add near=\_ip support for prepared queries
- api: Add support for GZIP compression in HTTP responses.
- api: Add `IgnoreCheckIDs` to Prepared Query definition to allow
  temporarily bypassing faulty health checks

BUG FIXES:

- agent: Fixed an issue where the coordinate update endpoint was not
  correctly parsing the ACL token.
- agent: Fixed an issue where `consul monitor` couldn't be terminated
  until the first log line is delivered
- agent: Added warnings for when a node name isn't a valid DNS name
  and when the node name, a service name or service tags would exceed
  the allowed lengths for DNS names
- agent: Added truncation of TCP DNS responses to prevent errors for
  exceeding message size limits
- agent: Added -config-format flag to validate command to specify the
  syntax that should be used for parsing the config
- agent: HTTP Checks now report the HTTP method used instead of always
  reporting as a GET
- server: Fixed an issue where the leader could miss clean up after a
  leadership transition.

Revision 1.23 / (download) - annotate - [select for diffs], Tue Feb 27 11:37:44 2018 UTC (5 months, 2 weeks ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.22: +5 -5 lines
Diff to previous 1.22 (colored)

sysutils/consul: Update to 1.0.6. Simplify Makefile.

## consul 1.0.6
- agent: Fixed a panic when using the Azure provider for retry-join.
- agent: Fixed a panic when querying Consul's DNS interface over TCP.

Revision 1.22 / (download) - annotate - [select for diffs], Thu Feb 8 12:58:32 2018 UTC (6 months, 1 week ago) by fhajny
Branch: MAIN
Changes since 1.21: +5 -5 lines
Diff to previous 1.21 (colored)

sysutils/consul: Update to 1.0.5.

SECURITY:

- dns: Updated DNS vendor library to pick up bug fix in the DNS server
  where an open idle connection blocks the accept loop.

FEATURES:

- agent: Added support for gRPC health checks that probe the standard
  gRPC health endpoint.

IMPROVEMENTS:

- agent: (Consul Enterprise) The `disable_update_check` option to
  disable Checkpoint now defaults to `true`
- build: Bumped Go version to 1.9.3.

BUG FIXES:

- agent: (Consul Enterprise) Fixed an issue where the snapshot agent's
  HTTP client config was being ignored in favor of the HTTP
  command-line flags.
- agent: Fixed an issue where health checks added to services with
  tags would cause extra periodic writes to the Consul servers, even
  if nothing had changed.
- agent: Fixed several areas where reading from catalog, health, or
  agent HTTP endpoints could make unintended mofidications to Consul's
  state in a way that would cause unnecessary anti-entropy syncs back
  to the Consul servers.
- agent: Fixed an issue where Serf events for failed Consul servers
  weren't being proactively processed by the RPC router.

Revision 1.21 / (download) - annotate - [select for diffs], Wed Feb 7 16:14:38 2018 UTC (6 months, 1 week ago) by fhajny
Branch: MAIN
Changes since 1.20: +5 -5 lines
Diff to previous 1.20 (colored)

Update sysutils/consul to 1.0.4.

- agent: Fixed several areas where reading from catalog, health, or
  agent HTTP endpoints could make unintended mofidications to Consul's
  state in a way that would cause unnecessary anti-entropy syncs back to
  the Consul servers

Revision 1.20 / (download) - annotate - [select for diffs], Fri Feb 2 12:20:27 2018 UTC (6 months, 2 weeks ago) by fhajny
Branch: MAIN
Changes since 1.19: +5 -5 lines
Diff to previous 1.19 (colored)

Update sysutils/consul to 1.0.3.

SECURITY:
- ui: Patched handlebars JS to escape `=` to prevent potential XSS
  issues.

BREAKING CHANGES:
- agent: Updated Consul's HTTP server to ban all URLs containing
  non-printable characters (a bad request status will be returned for
  these cases). This affects some user-facing areas like key/value entry
  key names which are carried in URLs.

FEATURES:
- agent: Added retry-join support for Azure Virtual Machine Scale
  Sets.

IMPROVEMENTS:

- agent: Added agent-side telemetry around Catalog APIs to provide
  insight on Consul's operation from the user's perspecive.
- agent: Added the `NodeID` field back to the /v1/agent/self
  endpoint's `Config` block.
- api: Added missing `CheckID` and `Name` fields to API client's
  `AgentServiceCheck` structure so that IDs and names can be set when
  registering checks with services.

BUG FIXES:
- agent: Fixed an issue where config file symlinks were not being
  interpreted correctly.
- agent: Ignore malformed leftover service/check files and warn about
  them instead of refusing to start.
- agent: Enforce a valid port for the Serf WAN since it can't be
  disabled.
- agent: Stopped looging messages about zero RTTs when updating
  network coordinates since they are not harmful to the algorithm.
  Since we are still trying to find the root cause of these zero
  measurements, we added new metrics counters so these are still
  observable.
- server: Fixed a crash when POST-ing an empty body to the /v1/query
  endpoint.
- server: (Consul Enterprise) Fixed an issue where unhealthy servers
  were not replaced in a redundancy zone by autopilot (servers
  previously needed to be removed in order for a replacement to occur).
- ui: Added a URI escape around key/value keys so that it's not
  possible to create unexpected partial key names when entering
  characters like `?` inside a key.

Revision 1.19 / (download) - annotate - [select for diffs], Mon Dec 18 13:54:44 2017 UTC (7 months, 4 weeks ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.18: +5 -5 lines
Diff to previous 1.18 (colored)

Update sysutils/consul to 1.0.2.

## 1.0.2 (December 15, 2017)

IMPROVEMENTS:

- agent: Updated Serf to activate a new feature that resizes its
  internal message broadcast queue size based on the cluster size.
- agent: Updates posener/complete library to 1.0, which allows
  autocomplete for flags after an equal sign, and simplifies
  autocomplete functions.

BUG FIXES:

- agent: Updated memberlist to pull in a fix for negative RTT
  measurements and their associated log messages about rejected
  coordinates.
- agent: Fixed an issue where node metadata specified via command line
  arguments overrode node metadata specified by configuration files
- agent: Fixed an issue with the /v1/session/create API where it
  wasn't possible to create a session without the `serfHealth` check.
- agent: Fixed an issue with anti-entropy syncing where checks for
  services with tags would cause periodic updates to the catalog, even
  when nothing had changed
- cli: Added missing support for `-base64` option to `consul kv get`
  command.
- server: Fixed an issue with KV store tombstone tracking where bin
  tracking was being confused by monotonic time information carried in
  time stamps, resulting in many unnecessary bins.
- server: (Consul Enterprise) Fixed an issue with Network Segments
  where servers would not properly flood-join each other into all
  segments.
- server: Fixed an issue where it wasn't possible to disable
  Autopilot's dead server cleanup behavior using configuration files.
- server: Removed the 60 second timeout when restoring snapshots,
  which could cause large restores to fail on slower servers.
- server: Fixed a goroutine leak during keyring operations when errors
  are encountered.

## 1.0.1 (November 20, 2017)

FEATURES:

- New Auto Join Cloud Providers: Retry join support was added for
  Aliyun (Alibaba Cloud), Digital Ocean, OpenStack, and Scaleway
- HTTP/2 Support: If TLS is enabled on a Consul agent it will
  automatically negotiate to use HTTP/2 for suitably configured
  clients accessing the client API

IMPROVEMENTS:

- agent: (Consul Enterprise) Added AWS KMS support for S3 snapshots
  using the snapshot agent.
- agent: Watches in the Consul agent can now be configured to invoke
  an HTTP endpoint instead of an executable.
- agent: Added a new `-config-format` command line option which can be
  set to `hcl` or `json` to specify the format of configuration files
- agent: DNS recursors can now be specified as go-sockaddr templates.
- agent: Serf snapshots no longer save network coordinate information.
  This enables recovery from errors upon agent restart.
- agent: Added defensive code to prevent out of range ping times from
  infecting network coordinates
- agent: The agent now warns when there are extra unparsed command
  line arguments and refuses to start.
- agent: Updated go-sockaddr library to get CoreOS route detection
  fixes and the new `mask` functionality.
- agent: Added a new `enable_agent_tls_for_checks` configuration
  option that allows HTTP health checks for services requiring 2-way
  TLS to be checked using the agent's credentials.
- agent: Made logging of health check status more uniform and moved
  log entries with full check output from DEBUG to TRACE level for
  less noise.
- build: Consul is now built with Go 1.9.2.

BUG FIXES:

- agent: Consul 1.0 shipped with an issue where `Args` was erroneously
  named `ScriptArgs` for health check definitions in the
  /v1/agent/check/register and /v1/agent/service/register APIs
- agent: Docker container checks running on Linux could get into a
  flapping state because the Docker agent seems to close the
  connection prematurely even though the body is transferred
- agent: Added new form of `consul.http.*` metrics that were
  accidentally left out of Consul 1.0.
- agent: Fixed an issue with the server manager where periodic server
  client connection rebalancing could select a failed server
- agent: IPv6 addresses without port numbers and without surrounding
  brackets are now properly handled for joins
- agent: Fixed a rare startup panic of the Consul agent related to the
  LAN Serf instance ordering with the router manager.
- agent: Added back an exception for the `snapshot_agent` config key
  so that those configs can again live alongside Consul's configs.
- dns: Fixed an issue where components of a host name near the
  datacenter could be quietly ignored
- server: Fixed an issue where performing rolling updates of Consul
  servers could result in an outage from old servers remaining in the
  cluster
- server: Fixed a deadlock where tombstone garbage collection for the
  KV store could block other KV operations, stalling writes on the
  leader.

Revision 1.17.4.1 / (download) - annotate - [select for diffs], Wed Oct 18 17:38:04 2017 UTC (9 months, 4 weeks ago) by spz
Branch: pkgsrc-2017Q3
Changes since 1.17: +5 -5 lines
Diff to previous 1.17 (colored) next main 1.18 (colored)

Pullup ticket #5581 - requested by bsiegert
sysutils/consul: security update

Revisions pulled up:
- sysutils/consul/Makefile                                      1.23
- sysutils/consul/distinfo                                      1.18

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	fhajny
   Date:		Tue Oct 17 11:39:57 UTC 2017

   Modified Files:
    	pkgsrc/sysutils/consul: Makefile distinfo

   Log Message:
   Update sysutils/consul to 1.0.0

   SECURITY:

   - Fixed an XSS issue with Consul's built-in web UI where node names
      were not being properly escaped.

   BREAKING CHANGES:

   - Raft Protocol Now Defaults to 3
   - Config Files Require an Extension
   - Deprecated Options Have Been Removed
   - `statsite_prefix` Renamed to `metrics_prefix`
   - `advertise_addrs` Removed
   - Escaping Behavior Changed for go-discover Configs
   - HTTP Verbs are Enforced in Many HTTP APIs
   - Unauthorized KV Requests Return 403
   - Config Section of Agent Self Endpoint has Changed
   - Deprecated `configtest` Command Removed
   - Undocumented Flags in `validate` Command Removed
   - Metric Names Updated
   - Checks Validated On Agent Startup

   FEATURES:

   - Support for HCL Config Files
   - Support for Binding to Multiple Addresses
   - Support for RFC1434 DNS TXT records
   - Support for Running Subproccesses Directly Without a Shell
   - Sentinel Integration

   IMPROVEMENTS:

   - agent: Added support to detect public IPv4 and IPv6 addresses on
      AWS.
   - agent: Improved /v1/operator/raft/configuration endpoint which
      allows Consul to avoid an extra agent RPC call for the `consul
      operator raft list-peers` command.
   - agent: Improved ACL system for the KV store to support list
      permissions. This behavior can be opted in. For more information,
      see the ACL Guide].
   - agent: Updates miekg/dns library to later version to pick up bug
      fixes and improvements.
   - agent: Added automatic retries to the RPC path, and a brief RPC
      drain time when servers leave. These changes make Consul more robust
      during graceful leaves of Consul servers, such as during upgrades, and
      help shield applications from "no leader" errors. These are configured
      with new `performance` options.
   - agent: Added a new `discard_check_output` agent-level configuration
      option that can be used to trade off write load to the Consul
      servers vs. visibility of health check output. This is reloadable so
      it can be toggled without fully restarting the agent.
   - api: Updated the API client to ride out network errors when
      monitoring locks and semaphores.
   - build: Updated Go toolchain to version 1.9.1.
   - cli: `consul lock` and `consul watch` commands will forward `TERM`
      and `KILL` signals to their child subprocess.
   - cli: Added support for autocompletion].
   - server: Updated BoltDB to final version 1.3.1.
   - server: Improved dead member reap algorithm to fix edge cases where
      servers could get left behind.

   BUG FIXES:

   - agent: Fixed an issue where disabling both the http and https
      interfaces would cause a watch-related error on agent startup, even
      when no watches were defined.
   - agent: Added an additional step to kill health check scripts that
      timeout on all platforms except Windows, and added a wait so that
      it's not possible to run multiple instances of the same health check
      script at the same time.
   - cli: If the `consul operator raft list-peers` command encounters an
      error it will now exit with a non-zero exit code.
   - cli: CLI commands will now show help for all of their arguments.
   - server: Fixed an issue where the leader server could get into a
      state where it was no longer performing the periodic leader loop
      duties and unable to serve consistent reads after a barrier timeout
      error.

   Full (unabridged) changelog:

      https://github.com/hashicorp/consul/blob/v1.0.0/CHANGELOG.md


   To generate a diff of this commit:
   cvs rdiff -u -r1.22 -r1.23 pkgsrc/sysutils/consul/Makefile
   cvs rdiff -u -r1.17 -r1.18 pkgsrc/sysutils/consul/distinfo

Revision 1.18 / (download) - annotate - [select for diffs], Tue Oct 17 11:39:57 2017 UTC (10 months ago) by fhajny
Branch: MAIN
Changes since 1.17: +5 -5 lines
Diff to previous 1.17 (colored)

Update sysutils/consul to 1.0.0

SECURITY:

- Fixed an XSS issue with Consul's built-in web UI where node names
  were not being properly escaped.

BREAKING CHANGES:

- Raft Protocol Now Defaults to 3
- Config Files Require an Extension
- Deprecated Options Have Been Removed
- `statsite_prefix` Renamed to `metrics_prefix`
- `advertise_addrs` Removed
- Escaping Behavior Changed for go-discover Configs
- HTTP Verbs are Enforced in Many HTTP APIs
- Unauthorized KV Requests Return 403
- Config Section of Agent Self Endpoint has Changed
- Deprecated `configtest` Command Removed
- Undocumented Flags in `validate` Command Removed
- Metric Names Updated
- Checks Validated On Agent Startup

FEATURES:

- Support for HCL Config Files
- Support for Binding to Multiple Addresses
- Support for RFC1434 DNS TXT records
- Support for Running Subproccesses Directly Without a Shell
- Sentinel Integration

IMPROVEMENTS:

- agent: Added support to detect public IPv4 and IPv6 addresses on
  AWS.
- agent: Improved /v1/operator/raft/configuration endpoint which
  allows Consul to avoid an extra agent RPC call for the `consul
  operator raft list-peers` command.
- agent: Improved ACL system for the KV store to support list
  permissions. This behavior can be opted in. For more information,
  see the ACL Guide].
- agent: Updates miekg/dns library to later version to pick up bug
  fixes and improvements.
- agent: Added automatic retries to the RPC path, and a brief RPC
  drain time when servers leave. These changes make Consul more robust
  during graceful leaves of Consul servers, such as during upgrades, and
  help shield applications from "no leader" errors. These are configured
  with new `performance` options.
- agent: Added a new `discard_check_output` agent-level configuration
  option that can be used to trade off write load to the Consul
  servers vs. visibility of health check output. This is reloadable so
  it can be toggled without fully restarting the agent.
- api: Updated the API client to ride out network errors when
  monitoring locks and semaphores.
- build: Updated Go toolchain to version 1.9.1.
- cli: `consul lock` and `consul watch` commands will forward `TERM`
  and `KILL` signals to their child subprocess.
- cli: Added support for autocompletion].
- server: Updated BoltDB to final version 1.3.1.
- server: Improved dead member reap algorithm to fix edge cases where
  servers could get left behind.

BUG FIXES:

- agent: Fixed an issue where disabling both the http and https
  interfaces would cause a watch-related error on agent startup, even
  when no watches were defined.
- agent: Added an additional step to kill health check scripts that
  timeout on all platforms except Windows, and added a wait so that
  it's not possible to run multiple instances of the same health check
  script at the same time.
- cli: If the `consul operator raft list-peers` command encounters an
  error it will now exit with a non-zero exit code.
- cli: CLI commands will now show help for all of their arguments.
- server: Fixed an issue where the leader server could get into a
  state where it was no longer performing the periodic leader loop
  duties and unable to serve consistent reads after a barrier timeout
  error.


Full (unabridged) changelog:

  https://github.com/hashicorp/consul/blob/v1.0.0/CHANGELOG.md

Revision 1.17 / (download) - annotate - [select for diffs], Fri Sep 22 10:24:11 2017 UTC (10 months, 3 weeks ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-
Branch point for: pkgsrc-2017Q3
Changes since 1.16: +5 -5 lines
Diff to previous 1.16 (colored)

consul: Fix checksums.

Revision 1.16 / (download) - annotate - [select for diffs], Mon Sep 11 11:53:06 2017 UTC (11 months ago) by fhajny
Branch: MAIN
Changes since 1.15: +5 -5 lines
Diff to previous 1.15 (colored)

Update sysutils/consul to 0.9.3.

FEATURES:
- LAN Network Segments: (Consul Enterprise) Added a new Network Segments
  capability which allows users to configure Consul to support segmented
  LAN topologies with multiple, distinct gossip pools.
- WAN Join for Cloud Providers: Added WAN support for retry join for
  cloud providers via go-discover, including Amazon AWS, Microsoft
  Azure, Google Cloud, and SoftLayer. This uses the same "provider" syntax
  supported for `-retry-join` via the `-retry-join-wan` configuration.
- RPC Rate Limiter: Consul agents in client mode have a new `limits`
  configuration that enables a rate limit on RPC calls the agent makes
  to Consul servers.

IMPROVEMENTS:
- agent: Switched to using a read lock for the agent's RPC dispatcher,
  which prevents RPC calls from getting serialized.
- agent: When joining a cluster, Consul now skips the unique node ID
  constraint for Consul members running Consul older than 0.8.5. This
  makes it easier to upgrade to newer versions of Consul in an existing
  cluster with non-unique node IDs.
- build: Upgraded Go version to 1.9.
- server: Consul servers can re-establish quorum after all of them
  change their IP addresses upon a restart.

BUG FIXES:
- agent: Fixed an issue with consul watches not triggering when ACLs are
  enabled.
- agent: Updated memberlist library for a deadlock fix.
- agent: Fixed a panic when retrieving NS or SOA records on Consul
  clients (non-servers). This also changed the Consul server list to
  come from the catalog and not the agent's local state when serving these
  requests, so the results are consistent across a cluster.
- cli: Updated the CLI library to pull in a fix that prevents all
  subcommands from being shown when showing the agent's usage list; now
  just top-level commands are shown.
- server: Fixed an issue with Consul snapshots not saving on Windows
  because of errors with the `fsync` syscall.

Revision 1.15 / (download) - annotate - [select for diffs], Thu Aug 17 07:33:28 2017 UTC (12 months ago) by fhajny
Branch: MAIN
Changes since 1.14: +5 -5 lines
Diff to previous 1.14 (colored)

Update sysutils/consul to 0.9.2.

## 0.9.2 (August 9, 2017)

BUG FIXES:

- agent: Fixed an issue where the old `-retry-join-{ec2,azure,gce}`
  command line flags were not being honored.
- server: Reverted the change that made unauthorized KV queries return
  403 instead of 404 because it had a minor bug that affected the
  operation of Vault, and in addition to fixing the bug, we identified an
  additional case that needed to be covered.

## 0.9.1 (August 9, 2017)

FEATURES:

- Secure ACL Token Introduction: It's now possible to manage Consul's
  ACL tokens without having to place any tokens inside configuration
  files.
    * A new `/v1/agent/token` API allows an agent's ACL tokens to be
    * introduced without placing them into config files, and to update
    * them without restarting the agent.
    * A new `/v1/acl/bootstrap` allows a cluster's first management
    * token to be created without using the `acl_master_token`
    * configuration.
- Metrics Viewing Endpoint: A new `/v1/agent/metrics` API displays the
  current values of internally tracked metrics.

IMPROVEMENTS:

- agent: Retry Join for Amazon AWS, Microsoft Azure, Google Cloud, and
  (new) SoftLayer is now handled through the
  https://github.com/hashicorp/go-discover library.
- agent: Reports a more detailed error message if the LAN or WAN Serf
  instance fails to bind to an address.
- agent: Added NS records and corrected SOA records to allow Consul's
  DNS interface to work properly with zone delegation.
- agent: Added support for sending metrics with labels/tags to supported
  backends.
- agent: Added a new `prefix_filter` option in the `telemetry` config to
  allow fine-grained allowing/blocking the sending of certain metrics by
  prefix.
- cli: Added a `-child-exit-code` option to `consul lock` so that it
  propagates an error code of 2 if the child process exits with an
  error.
- docs: Added a new Geo Failover Guide showing how to use prepared
  queries to implement geo failover policies for services.
- docs: Added a new Consul with Containers Guide showing critical
  aspects of operating a Consul cluster that's run inside containers.
- server: Added a `RemoveEmptyTags` option to prepared query templates
  which will strip out any empty strings in the tags list before
  executing a query.
- server: Implemented a much faster recursive delete algorithm for the
  KV store.

BUG FIXES:

- agent: Clean up temporary files during disk write errors when
  persisting services and checks.
- agent: Fixed an issue where DNS and client bind address templates were
  not being parsed via the go-sockaddr library.
- agent: Fixed status code on all KV store operations that fail due to
  an ACL issue. They now return a 403 status code, rather than a 404.
- agent: Fixed quoting issues in script health check on Windows.
- agent: Fixed an issue where `consul monitor` would exit on any empty
  log line.
- server: Updated raft library to fix issue with machine crashes causing
  snapshot files to not get saved to disk

Revision 1.14 / (download) - annotate - [select for diffs], Wed Aug 2 17:57:02 2017 UTC (12 months, 2 weeks ago) by fhajny
Branch: MAIN
Changes since 1.13: +5 -5 lines
Diff to previous 1.13 (colored)

Update sysutils/consul to 0.9.0.

BREAKING CHANGES:

- agent: Added a new `enable_script_checks` configuration option that
  defaults to `false`, meaning that in order to allow an agent to run
  health checks that execute scripts, this will need to be configured
  and set to `true`.
- api: Reworked `context` support in the API client to more closely
  match the Go standard library, and added context support to write
  requests in addition to read requests.
- ui: Since the UI is now bundled with the application we no longer
  provide a separate UI package for downloading.

FEATURES:

- agent: Added a new[`block_endpoints` configuration option that
  allows blocking HTTP API endpoints by prefix.
- cli: Added a new `consul catalog` command for reading datacenters,
  nodes, and services from the catalog.
- server: (Consul Enterprise) Added a new `consul operator area
  update` command and corresponding HTTP endpoint to allow for
  transitioning the TLS setting of network areas at runtime.
- server: (Consul Enterprise) Added a new `UpgradeVersionTag` field to
  the Autopilot config to allow for using the migration feature to
  roll out configuration or cluster changes, without having to upgrade
  Consul itself.

IMPROVEMENTS:

- agent: (Consul Enterprise) Snapshot agent rotation uses S3's
  pagination API, enabling retaining more than a 100 snapshots.
- agent: Removed registration of the `consul` service from the agent
  since it's already handled by the leader.
- agent: Changed /v1/acl/clone response to 403 (from 404) when trying
  to clone an ACL that doesn't exist.
- agent: Changed the `consul exec` ACL resolution logic to use the
  `acl_agent_token` if it's available.
- agent: Updated memberlist to get latest LAN gossip tuning based on
  the Lifeguard paper published by Hashicorp Research.
- api: Added the ability to pass in a `context` as part of the
  `QueryOptions` during a request.
- api: Changed signature for "done" channels on `agent.Monitor()` and
  `session.RenewPeriodic` methods to make them more compatible with
  `context`.
- docs: Added a complete end-to-end example of ACL bootstrapping in
  the ACL Guide.
- vendor: Updated golang.org/x/sys/unix to support IBM s390 platforms.
- agent: rewrote Docker health checks without using the Docker client
  and its dependencies.

BUG FIXES:

- agent: Fixed an issue where watch plans would take up to 10 minutes
  to close their connections and give up their file descriptors after
  reloading Consul.
- agent: (Consul Enterprise) Fixed an issue with the snapshot agent
  where it could get stuck trying to obtain the leader lock after an
  extended server outage.
- agent: Fixed HTTP health checks to allow them to set the `Host`
  header correctly on outgoing requests.
- agent: Serf snapshots can now auto recover from disk write errors
  without needing a restart.
- agent: Fixed log redacting code to properly remove tokens from log
  lines with ACL tokens in the URL itself: `/v1/acl/clone/:uuid`,
  `/v1/acl/destroy/:uuid`, `/v1/acl/info/:uuid`.
- agent: Fixed an issue in the Docker client where Docker checks would
  get EOF errors trying to connect to a volume-mounted Docker socket.
- agent: Fixed a crash when using Azure auto discovery.
- agent: Added `node` read privileges to the `acl_agent_master_token`
  by default so it can see all nodes, which enables it to be used with
  operations like `consul members`.
- agent: Fixed an issue where enabling `-disable-keyring-file` would
  cause gossip encryption to be disabled.
- agent: Fixed a race condition where checks that are not associated
  with any existing services were allowed to persist.
- agent: Stop docker checks on service deregistration and on shutdown.
- server: Updated the Raft library to pull in a fix where servers that
  are very far behind in replication can get stuck in a loop trying to
  install snapshots.
- server: Fixed a rare but serious deadlock where the Consul leader
  routine could get stuck with the Raft internal leader routine while
  waiting for the initial barrier after a leader election.
- server: Added automatic cleanup of failed Raft snapshots.
- server: (Consul Enterprise) Fixed an issue where networks areas
  would not be able to be added when the server restarts if the Raft
  log contained a specific sequence of adds and deletes for network
  areas with the same peer datacenter.
- ui: Provided a path to reset the ACL token when the current token is
  invalid.
- ui: Removed an extra fetch of the nodes resource when loading the
  UI.
- ui: Changed default ACL token type to "client" when creating ACLs.
- ui: Display a 404 error instead of a 200 when trying to load a
  nonexistent node.

Revision 1.13 / (download) - annotate - [select for diffs], Mon Jul 3 21:25:03 2017 UTC (13 months, 2 weeks ago) by fhajny
Branch: MAIN
Changes since 1.12: +5 -5 lines
Diff to previous 1.12 (colored)

Update sysutils/consul to 0.8.5.

BREAKING CHANGES:

- agent: Parse values given to `?passing` for health endpoints.
- agent: The default value of `-disable-host-node-id` has been changed
  from false to true.

IMPROVEMENTS:

- agent: Added a `-disable-keyring-file` option to prevent writing
  keyring data to disk.
- agent: Added automatic notify to systemd on Linux after LAN join is
  complete, which makes it easier to order services that depend on
  Consul being available.
- agent: The `http_api_response_headers` config has been moved into a
  new `http_config` struct, so the old form is still supported but is
  deprecated.
- dns: Added support for EDNS(0) size adjustments if set in the
  request frame.
- server: Added a startup warning for servers when expecting to
  bootstrap with an even number of nodes.
- agent: (Consul Enterprise) Added support for non rotating,
  statically named snapshots for S3 snapshots using the snapshot
  agent.

BUG FIXES:

- agent: Fixed a regression where configuring -1 for the port was no
  longer disabling the DNS server.
- agent: Fix `consul leave` shutdown race.
- agent: Show a better error message than 'EOF' when attempting to
  join with the wrong gossip key.
- agent: Fixed an issue where the `Method` and `Header` features of
  HTTP health checks were not being applied.
- agent: Fixed an issue where internally-configured watches were not
  working because of an incorrect protocol error, and unified internal
  watch handling during reloads of the Consul agent.
- server: Fixed an issue where the leader could return stale data
  duing queries as it is starting up.

Revision 1.12 / (download) - annotate - [select for diffs], Tue Jun 13 06:09:25 2017 UTC (14 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.11: +5 -5 lines
Diff to previous 1.11 (colored)

## 0.8.4 (June 9, 2017)

FEATURES:
- agent: Added a method for transitioning to gossip encryption on an
  existing cluster
- agent: Added a method for transitioning to TLS on an existing cluster
- agent: Added support for RetryJoin on Azure
- agent: (Consul Enterprise) Added AWS server side encryption support
  for S3 snapshots using the snapshot agent.

IMPROVEMENTS:
- agent: Added a check which prevents advertising or setting a service
  to a zero address (`0.0.0.0`, `[::]`, `::`).
- agent: Allow binding to any public IPv6 address with `::`
- agent: Removed SCADA-related code for Atlas and deprecated all
  Atlas-related configuration options.
- agent: Added support for custom check id and name when registering
  checks along with a service.
- agent: Updated go-sockaddr library to add support for new helper
  functions in bind address templates (`GetPrivateIPs`, `GetPublicIPs`),
  new math functions, and to pick up fixes for issues with detecting
  addresses on multi-homed hosts.
- agent: Watches now reset their index back to zero after an error, or
  if the index goes backwards, which allows watches to recover after a
  server restart with fresh state.
- agent: HTTP health checks now upport custom method and headers.
- agent: Increased the graceful leave timeout from 5 to 15 seconds.
- agent: Added additional logging when the agent handles signals and
  when it exits.
- build: Added support for linux/arm64 binaries.
- build: Consul now builds with Go 1.8.3.
- ui: Added a sticky scroll to the KV side panel so the KV edit box
  always stays in place.

BUG FIXES:
- agent: Added defensive code to prevent agents from infecting the
  network coordinates with `NaN` or `Inf` values, and added code to
  clean up in environments where this has happened.
- api: Added code to always read from the body of a request so that
  connections will always be returned to the pool.
- build: Added a vendor fix to allow compilation on Illumos.
- cli: Fixed an issue where `consul exec` would return a 0 exit code,
  even when there were nodes that didn't respond.

Revision 1.11 / (download) - annotate - [select for diffs], Mon May 15 10:24:30 2017 UTC (15 months ago) by fhajny
Branch: MAIN
Changes since 1.10: +5 -5 lines
Diff to previous 1.10 (colored)

Update sysutils/consul to 0.8.3.

- agent: Fixed an issue where NAT-configured agents with a non-routable
  advertise address would refuse to make RPC connections to Consul
  servers. This was a regression related to GH-2822 in Consul 0.8.2.

Revision 1.10 / (download) - annotate - [select for diffs], Wed May 10 17:15:25 2017 UTC (15 months, 1 week ago) by fhajny
Branch: MAIN
Changes since 1.9: +5 -5 lines
Diff to previous 1.9 (colored)

Update sysutils/consul to 0.8.2

BREAKING CHANGES:

- api: HttpClient now defaults to nil in the client config and will be
  generated if left blank. A NewHttpClient function has been added for
  creating an HttpClient with a custom Transport or TLS config.

IMPROVEMENTS:

- agent: Added an error at agent startup time if both -ui and -ui-dir
  are configured together.
- agent: Added the datacenter of a node to the catalog, health, and
  query API endpoints which contain a Node structure.
- agent: Added the ca_path, tls_cipher_suites, and
  tls_prefer_server_cipher_suites options to give more flexibility
  around configuring TLS.
- agent: Reduced the timeouts for the -dev server mode so that the
  development server starts up almost instantly.
- agent: Added verify_incoming_rpc and verify_incoming_https options
  for more granular control over incoming TLS enforcement.
- agent: Use bind address as source for outgoing connections.
- api: Added the ACL replication status endpoint to the Go API client
  library.
- cli: Added Raft protocol version to output of operator raft
  list-peers command.
- ui: Added optional JSON validation when editing KV entries in the
  web UI.
- ui: Updated ACL guide links and made guides open in a new tab.

BUG FIXES:

- server: Fixed a panic when the tombstone garbage collector was
  stopped.
- server: Fixed a panic in Autopilot that could occur when a node is
  elected but cannot complete leader establishment and steps back
  down.
- server: Added a new peers.json format that allows outage recovery
  when using Raft protocol version 3 and higher. Previously, you'd
  have to set the Raft protocol version back to 2 in order to manually
  recover a cluster.
- ui: Add and update favicons

Revision 1.9 / (download) - annotate - [select for diffs], Tue Apr 18 15:47:17 2017 UTC (16 months ago) by fhajny
Branch: MAIN
Changes since 1.8: +5 -5 lines
Diff to previous 1.8 (colored)

Update sysutils/consul to 0.8.1.

IMPROVEMENTS:
- agent: Node IDs derived from host information are now hashed to
  prevent things like common server hardware from generating IDs with
  a common prefix across nodes.
- agent: Added new -disable-host-node-id CLI flag and
  disable_host_node_id config option to the Consul agent to prevent it
  from using information from the host when generating a node ID.
- agent: Removed useless "==> Caught signal: broken pipe" logging
  since that often results from problems sending telemetry or broken
  incoming client connections; operators don't need to be alerted to
  these.
- cli: Added TLS options for setting the client/CA certificates to use
  when communicating with Consul.
- build: Consul is now built with Go 1.8.1.
- ui: Updates Consul assets to new branding.

BUG FIXES:
- api: Added missing Raft index fields to AgentService and Node
  structures.
- server: Fixed an issue where flood joins would not work with IPv6
  addresses.
- server: Fixed an issue where electing a 0.8.x leader during an
  upgrade would cause a panic in older servers.
- server: Fixed an issue where tracking of leadership changes could
  become incorrect when changes occurred very rapidly.
- server: Fixed a panic when checking ACLs on a session that doesn't
  exist.

Revision 1.8 / (download) - annotate - [select for diffs], Thu Apr 6 19:25:17 2017 UTC (16 months, 1 week ago) by fhajny
Branch: MAIN
Changes since 1.7: +5 -5 lines
Diff to previous 1.7 (colored)

Update sysutils/consul to 0.8.0

BREAKING CHANGES:

- Command-Line Interface RPC Deprecation: The RPC client interface has
  been removed.
- Version 8 ACLs Are Now Opt-Out: The acl_enforce_version_8
  configuration now defaults to true to enable full version 8 ACL
  support by default.
- Remote Exec Is Now Opt-In: The default for disable_remote_exec was
  changed to "true", so now operators need to opt-in to having agents
  support running commands remotely via consul exec.
- Raft Protocol Compatibility: When upgrading to Consul 0.8.0 from a
  version lower than 0.7.0, users will need to set the -raft-protocol
  option to 1 in order to maintain backwards compatibility with the old
  servers during the upgrade.

FEATURES:

- Autopilot: A set of features has been added to allow for automatic
  operator-friendly management of Consul servers.
- Dead Server Cleanup: Dead servers will periodically be cleaned up and
  removed from the Raft peer set
- Server Health Checking: An internal health check has been added to
  track the stability of servers.
- New Server Stabilization: When a new server is added to the cluster,
  there will be a waiting period where it must be healthy and stable for
  a certain amount of time before being promoted to a full, voting member.
- Advanced Redundancy: (Consul Enterprise) A new -non-voting-server
  option flag has been added for Consul servers to configure a server
  that does not participate in the Raft quorum.
- Upgrade Orchestration: (Consul Enterprise) Autopilot will
  automatically orchestrate an upgrade strategy for Consul servers
- Network Areas: (Consul Enterprise) A new capability has been added
  which allows operators to define network areas that join together two
  Consul datacenters.
- WAN Soft Fail: Request routing between servers in the WAN is now more
  robust by treating Serf failures as advisory but not final.
- WAN Join Flooding: A new routine was added that looks for Consul
  servers in the LAN and makes sure that they are joined into the WAN as
  well.
- Validate command: To provide consistency across our products, the
  configtest command has been deprecated and replaced with the validate
  command

IMPROVEMENTS:

- agent: Fixed a missing case where gossip would stop flowing to dead
  nodes for a short while.
- agent: Changed agent to seed Go's random number generator.
- agent: Serf snapshots no longer have the executable bit set on the
  file.
- agent: Consul is now built with Go 1.8.
- agent: Updated aws-sdk-go version (used for EC2 auto join) for Go 1.8
  compatibility.
- agent: User-supplied node IDs are now normalized to lower-case.
- agent: Added checks to enforce uniqueness of agent node IDs at cluster
  join time and when registering with the catalog.
- cli: Standardized handling of CLI options for connecting to the Consul
  agent.
- cli: Updated go-cleanhttp library for better HTTP connection handling
  between CLI commands and the Consul agent
- cli: The operator raft subcommand has had its two modes split into the
  list-peers and remove-peer subcommands.
- cli: Added an -id flag to the operator raft remove-peer command to
  allow removing a peer by ID.
- dns: Allows the .service tag to be optional in RFC 2782 lookups.
- server: Changed the internal EnsureRegistration RPC endpoint to
  prevent registering checks that aren't associated with the top-level
  node being registered.

BUG FIXES:

- agent: Fixed an issue with consul watch not working when http was
  listening on a unix socket.
- agent: Fixed an issue where checks and services could not sync
  deregister operations back to the catalog when version 8 ACL support
  is enabled.
- agent: Fixed an issue where agents could use the ACL token registered
  with a service when registering checks for the same service that were
  registered with a different ACL token.
- cli: Fixed consul kv commands not reading the CONSUL_HTTP_TOKEN
  environment variable.
- cli: Fixed an issue where prefixing an address with a protocol (such
  as 'http://' or 'https://') in -http-addr or CONSUL_HTTP_ADDR would
  give an error.
- cli: Fixed an issue where error messages would get printed to stdout
  instead of stderr.
- server: Fixed an issue with version 8 ACLs where servers couldn't
  deregister nodes from the catalog during reconciliation.
- server: Fixed an issue where servers could temporarily roll back
  changes to a node's metadata or tagged addresses when making updates
  to the node's health checks.
- server: Fixed an issue where the service name consul was not subject
  to service ACL policies with version 8 ACLs enabled.

Revision 1.7 / (download) - annotate - [select for diffs], Fri Feb 17 15:22:03 2017 UTC (17 months, 4 weeks ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.6: +5 -5 lines
Diff to previous 1.6 (colored)

Update sysutils/consul to 0.7.5.

- server: Fixed a rare but serious issue where Consul servers could
  panic when performing a large delete operation followed by a specific
  sequence of other updates to related parts of the state store (affects
  KV, sessions, prepared queries, and the catalog).

Revision 1.6 / (download) - annotate - [select for diffs], Tue Feb 14 10:27:50 2017 UTC (18 months ago) by fhajny
Branch: MAIN
Changes since 1.5: +5 -5 lines
Diff to previous 1.5 (colored)

Update sysutils/consul to 0.7.4.

- agent: Integrated gopsutil library to use built in host UUID as node ID,
  if available, instead of a randomly generated UUID. This makes it easier
  for other applications on the same host to generate the same node ID
  without coordinating with Consul.
- agent: Added a configuration option, tls_min_version, for setting the
  minimum allowed TLS version used for the HTTP API and RPC.
- agent: Added a relay-factor option to keyring operations to allow nodes
  to relay their response through N randomly-chosen other nodes in the
  cluster.
- build: Consul is now built with Go 1.7.5.
- dns: Add ability to lookup Consul agents by either their Node ID or Node
  Name through the node interface (e.g. DNS (node-id|node-name).node.consul).
- dns: Fixed an issue where SRV lookups for services on a node registered
  with non-IP addresses were missing the CNAME record in the additional
  section of the response.

Revision 1.5 / (download) - annotate - [select for diffs], Fri Jan 27 14:33:17 2017 UTC (18 months, 2 weeks ago) by fhajny
Branch: MAIN
Changes since 1.4: +5 -5 lines
Diff to previous 1.4 (colored)

Update sysutils/consul to 0.7.3.

FEATURES:

- KV Import/Export CLI: consul kv export and consul kv import can be
  used to move parts of the KV tree between disconnected consul
  clusters, using JSON as the intermediate representation.
- Node Metadata: Support for assigning user-defined metadata key/value
  pairs to nodes has been added.
- Node Identifiers: Consul agents can now be configured with a unique
  identifier, or they will generate one at startup that will persist
  across agent restarts.
- Improved Blocking Queries: Consul's blocking query implementation was
  improved to provide a much more fine-grained mechanism for detecting
  changes.
- GCE auto-discovery: New -retry-join-gce configuration options added to
  allow bootstrapping by automatically discovering Google Cloud
  instances with a given tag at startup.

IMPROVEMENTS:

- build: Consul is now built with Go 1.7.4.
- cli: consul kv get now has a -base64 flag to base 64 encode the value.
- cli: consul kv put now has a -base64 flag for setting values which are
  base 64 encoded.
- ui: Added a notice that JS is required when viewing the web UI with JS
  disabled.

BUG FIXES:

- agent: Redacted the AWS access key and secret key ID from the
  /v1/agent/self output so they are not disclosed.
- agent: Fixed a rare startup panic due to a Raft/Serf race condition.
- cli: Fixed a panic when an empty quoted argument was given to consul
  kv put.
- tests: Fixed a race condition with check mock's map usage.

Revision 1.4 / (download) - annotate - [select for diffs], Tue Jan 3 07:39:07 2017 UTC (19 months, 2 weeks ago) by fhajny
Branch: MAIN
Changes since 1.3: +5 -5 lines
Diff to previous 1.3 (colored)

Update sysutils/consul to 0.7.2

FEATURES:

- Keyring API: A new /v1/operator/keyring HTTP endpoint was added that
  allows for performing operations such as list, install, use, and
  remove on the encryption keys in the gossip keyring.
- Monitor API: A new /v1/agent/monitor HTTP endpoint was added to allow
  for viewing streaming log output from the agent, similar to the consul
  monitor command.
- Reload API: A new /v1/agent/reload HTTP endpoint was added for
  triggering a reload of the agent's configuration.
- Leave API: A new /v1/agent/leave HTTP endpoint was added for causing
  an agent to gracefully shutdown and leave the cluster (previously,
  only force-leave was present in the HTTP API).
- Bind Address Templates (beta): Consul agents now allow
  go-sockaddr/template syntax to be used for any bind address
  configuration (advertise_addr, bind_addr, client_addr, and others).
- Complete ACL Coverage (beta): Consul 0.8 will feature complete ACL
  coverage for all of Consul.

IMPROVEMENTS:

- agent: Defaults to ?pretty JSON for HTTP API requests when in -dev
  mode.
- agent: Updated Circonus metrics library and added new Circonus
  configration options for Consul for customizing check display name and
  tags.
- agent: Added a checksum to UDP gossip messages to guard against packet
  corruption.
- agent: Check whether a snapshot needs to be taken more often (every 5
  seconds instead of 2 minutes) to keep the raft file smaller and to
  avoid doing huge truncations when writing lots of entries very quickly.
- agent: Allow gossiping to suspected/recently dead nodes.
- agent: Changed the gossip suspicion timeout to grow smoothly as the
  number of nodes grows.
- agent: Added a deprecation notice for Atlas features to the CLI and
  docs.
- agent: Give a better error message when the given data-dir is not a
  directory.

BUG FIXES:

- agent: Fixed a panic when SIGPIPE signal was received.
- api: Added missing Raft index fields to CatalogService structure.
- api: Added missing notes field to AgentServiceCheck structure.
- api: Changed type of AgentServiceCheck.TLSSkipVerify from string to
  bool.
- api: Added new HealthChecks.AggregatedStatus() method that makes it
  easy get an overall health status from a list of checks.
- api: Changed type of KVTxnOp.Verb from string to KVOp.
- cli: Fixed an issue with the consul kv put command where a negative
  value would be interpreted as an argument to read from standard input.
- ui: Fixed an issue where extra commas would be shown around service
  tags.
- ui: Customized Bootstrap config to avoid missing font file references.
- ui: Removed "Deregister" button as removing nodes from the catalog
  isn't a common operation and leads to lots of user confusion.

Revision 1.3 / (download) - annotate - [select for diffs], Mon Nov 14 15:00:26 2016 UTC (21 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.2: +5 -5 lines
Diff to previous 1.2 (colored)

Update sysutils/consul to 0.7.1.

BACKWARDS INCOMPATIBILITIES:

- Child process reaping support has been removed, along with the reap
  configuration option.
- The default for max_stale has been increased to a near-indefinite
  threshold (10 years) to allow DNS queries to continue to be served in
  the event of a long outage with no leader.
- The api package's PreparedQuery.Delete() method now takes WriteOptions
  instead of QueryOptions.


FEATURES:

- Key/Value Store Command Line Interface: New consul kv commands were
  added for easy access to all basic key/value store operations.
- Snapshot/Restore: A new /v1/snapshot HTTP endpoint and corresponding
  set of consul snapshot commands were added for easy point-in-time
  snapshots for disaster recovery.
- AWS auto-discovery: New -retry-join-ec2 configuration options added to
  allow bootstrapping by automatically discovering AWS instances with a
  given tag key/value at startup.


IMPROVEMENTS:

- api: All session options can now be set when using api.Lock().
- agent: Added the ability to bind Serf WAN and LAN to different
  interfaces than the general bind address.
- agent: Added a new tls_skip_verify configuration option for HTTP
  checks.
- agent: Consul is now built with Go 1.7.3.


BUG FIXES:

- agent: Fixed a Go race issue with log buffering at startup.
- agent: Fixed a panic during anti-entropy sync for services and checks.
- agent: Fixed an issue on Windows where "wsarecv" errors were logged
  when CLI commands accessed the RPC interface.
- agent: Syslog initialization will now retry on errors for up to 60
  seconds to avoid a race condition at system startup.
- agent: Fixed a panic when both -dev and -bootstrap-expect flags were
  provided.
- agent: Added a retry with backoff when a session fails to invalidate
  after expiring.
- agent: Fixed an issue where Consul would fail to start because of
  leftover malformed check/service state files.
- agent: Fixed agent crashes on macOS Sierra by upgrading Go.
- agent: Log a warning instead of success when attempting to deregister
  a nonexistent service.
- api: Trim leading slashes from keys/prefixes when querying KV
  endpoints to avoid a bug with redirects in Go 1.7 (golang/go#4800).
- dns: Fixed external services that pointed to consul addresses (CNAME
  records) not resolving to A-records.
- dns: Fixed an issue with SRV lookups where the service address was
  different from the node's.
- dns: Fixed an issue where truncated records from a recursor query were
  improperly reported as errors.
- server: Fixed the port numbers in the sample JSON inside peers.info.
- server: Squashes ACL datacenter name to lower case and checks for
  proper formatting at startup.
- ui: Fixed an XSS issue with the display of sessions and ACLs in the
  web UI.

Revision 1.2 / (download) - annotate - [select for diffs], Wed Oct 26 13:49:17 2016 UTC (21 months, 3 weeks ago) by fhajny
Branch: MAIN
Changes since 1.1: +5 -5 lines
Diff to previous 1.1 (colored)

Update sysutils/consul to 0.7.0

BREAKING CHANGES:
- The default behavior of leave_on_terminate and skip_leave_on_interrupt are
  now dependent on whether or not the agent is acting as a server or client.
- The allow_stale configuration for DNS queries to the Consul agent now
  defaults to true, allowing for better utilization of available Consul
  servers and higher throughput at the expense of weaker consistency.
- Output from HTTP checks is truncated to 4k when stored on the servers,
  similar to script check output.
- Consul's Go API client will now send ACL tokens using HTTP headers instead
  of query parameters, requiring Consul 0.6.0 or later.
- Removed support for protocol version 1, so Consul 0.7 is no longer
  compatible with Consul versions prior to 0.3.
- The Raft peers information in consul info has changed format and includes
  information about the suffrage of a server, which will be used in future
  versions of Consul.
- New translate_wan_addrs behavior from [GH-2118] translates addresses in
  HTTP responses and could break clients that are expecting local addresses.
- The behavior of the peers.json file is different in this version of
  Consul. This file won't normally be present and is used only during outage
  recovery.
- Consul's default Raft timing is now set to work more reliably on
  lower-performance servers, which allows small clusters to use lower cost
  compute at the expense of reduced performance for failed leader detection
  and leader elections.

FEATURES:
- Transactional Key/Value API: A new /v1/txn API was added that allows for
  atomic updates to and fetches from multiple entries in the key/value store
  inside of an atomic transaction.
- Native ACL Replication: Added a built-in full replication capability for
  ACLs.
- Server Connection Rebalancing: Consul agents will now periodically
  reconnect to available Consul servers in order to redistribute their RPC
  query load.
- Raft Updates and Consul Operator Interface: This version of Consul
  upgrades to "stage one" of the v2 HashiCorp Raft library.
- Consul's default Raft timing is now set to work more reliably on
  lower-performance servers, which allows small clusters to use lower cost
  compute at the expense of reduced performance for failed leader detection
  and leader elections.
- Servers will now abort bootstrapping if they detect an existing cluster
  with configured Raft peers.
- Added new consul operator command, HTTP endpoint, and associated ACL to
  allow Consul operators to view and update the Raft configuration.
- Serf Lifeguard Updates: Implemented a new set of feedback controls for the
  gossip layer that help prevent degraded nodes that can't meet the soft
  real-time requirements from erroneously causing serfHealth flapping in
  other, healthy nodes
- Prepared Query Near Parameter: Prepared queries support baking in a new
  Near sorting parameter.
- Automatic Service Deregistration: Added a new
  deregister_critical_service_after timeout field for health checks which
  will cause the service associated with that check to get deregistered if the
  check is critical for longer than the timeout.
- WAN Address Translation Everywhere: Extended the translate_wan_addrs
  config option to also translate node addresses in HTTP responses, making
  it easy to use this feature from non-DNS clients.
- RPC Retries: Consul will now retry RPC calls that result in "no leader"
  errors for up to 5 seconds.
- Circonus Telemetry Support: Added support for Circonus as a telemetry
  destination.

IMPROVEMENTS:
- agent: Reap time for failed nodes is now configurable via new
  reconnect_timeout and reconnect_timeout_wan config options (use with
  caution).
- agent: Joins based on a DNS lookup will use TCP and attempt to join with
  the full list of returned addresses.
- agent: Consul will now refuse to start with a helpful message if the same
  UNIX socket is used for more than one listening endpoint.
- agent: Removed an obsolete warning message when Consul starts on Windows.
- agent: Defaults bind address to 127.0.0.1 when running in -dev mode.
- agent: Added version information to the log when Consul starts up.
- agent: Added timing metrics for HTTP requests in the form of
  consul.http.<verb>.<path>.
- build: Updated all vendored dependencies.
- build: Consul releases are now built with Go 1.6.3.
- checks: Script checks now support an optional timeout parameter.
- checks: HTTP health checks limit saved output to 4K to avoid performance
  issues.
- cli: Added a -stale mode for watchers to allow them to pull data from any
  Consul server, not just the leader.
- dns: Consul agents can now limit the number of UDP answers returned via
  the DNS interface.
- dns: Consul now compresses all DNS responses by default.
- dns: Added a new recursor_timeout configuration option to set the timeout
  for Consul's internal DNS client that's used for recursing queries to
  upstream DNS servers.
- dns: Added a new -dns-port command line option so this can be set without
  a config file.
- ui: Added a new network tomography visualization to the UI.

BUG FIXES:
- agent: Fixed an issue where a health check's output never updates if the
  check status doesn't change after the Consul agent starts.
- agent: External services can now be registered with ACL tokens.
- agent: Fixed an issue where large events affecting many nodes could cause
  infinite intent rebroadcasts, leading to many log messages about intent
  queue overflows.
- agent: Gossip encryption keys are now validated before being made
  persistent in the keyring, avoiding delayed feedback at runtime.
- dns: Fixed an issue where DNS requests for SRV records could be
  incorrectly trimmed, resulting in an ADDITIONAL section that was out of
  sync with the ANSWER.
- dns: Fixed two issues where DNS requests for SRV records on a prepared
  query that failed over would report the wrong domain and fail to translate
  addresses.
- server: Fixed a deadlock related to sorting the list of available
  datacenters by round trip time.
- server: Fixed an issue with the state store's immutable radix tree that
  would prevent it from using cached modified objects during transactions,
  leading to extra copies and increased memory / GC pressure.
- server: Upgraded Bolt DB to v1.2.1 to fix an issue on Windows where Consul
  would sometimes fail to start due to open user-mapped sections.

Revision 1.1 / (download) - annotate - [select for diffs], Fri May 6 13:40:17 2016 UTC (2 years, 3 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2

Import consul-0.6.4 as sysutils/consul based on wip/consul.

Consul is a tool for service discovery and configuration. Consul
is distributed, highly available, and extremely scalable.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>