This commit synchronizes the start of the threads that are executing monitoring bulk requests concurrently
to ensure all threads are ready before starting. Without this some threads will execute requests while
other threads are still being constructed.
Original commit: elastic/x-pack-elasticsearch@e777fb5c28
Add API endpoints for the cluster allocation explain API
Relates to elastic/elasticsearchelastic/elasticsearch#17305
Original commit: elastic/x-pack-elasticsearch@0bea108462
This commit changes the handling in the merge method of the IndexAccessControl class to
properly handle merging IndexAccessControl objects with differing values for the granted
flag. Prior to this commit, in a scenario where the flag differed, one IndexAccessControl granted
no access to an index, and the other granted access with DLS/FLS resulted in full access
being granted to the index.
Closeselastic/elasticsearch#1821
Original commit: elastic/x-pack-elasticsearch@e403e43689
This commit removes the parsing of the username in the request body of a put user
request. Additionally, we use the name passed into the put role request builder rather
than the name from the parsed role descriptor.
Original commit: elastic/x-pack-elasticsearch@0a085d5844
This commit is the forward port of renaming the type for esusers to file. There is no
backwards compatibility maintained here. Additionally, a few other renames and
cleanups have been made:
* `esusers` commands is now `users`
* org.elasticsearch.shield.authc.esusers -> org.elasticsearch.shield.authc.file
* Validation.ESUsers -> Validation.Users
* ESUsersTool -> UsersTool
* ESUsersToolTests -> UsersToolTests
* ESNativeUsersStore -> NativeUsersStore
* ESNativeRolesStore -> NativeRolesStore.
* org.elasticsearch.shield.authz.esnative collapsed to org.elasticsearch.shield.authz.store
* ESNativeTests -> NativeRealmIntegTests
Closeselastic/elasticsearch#1793
Original commit: elastic/x-pack-elasticsearch@d2a0c136f3
Some tests [reasonably] fail due to unexpected indices appearing in the cluster due to Watcher.
- Also had to reset shieldEnabled as a static field, which makes no sense, but tests were failing unpredictably without it
- Now they're passing unpredictably with it... will investigate
Original commit: elastic/x-pack-elasticsearch@9b6ce681d8
This is required to make sure that the integration for monitoring the Watcher Threadpool is actually working.
- Also added the full property name when the assertContains check fails
- Made shieldEnabled an instance level field rather than a static one
- Added watcherEnabled field in the same fashion (including enableWatcher method that by default randomly enables it)
- Added method to locally filter the expected field names based on watcher being enabled for the failing test
Original commit: elastic/x-pack-elasticsearch@2c56e2f26f
This is needed in order to make `bin/elasticsearch-plugin install xpack`
work, as it expects the plugin in a certain path.
Original commit: elastic/x-pack-elasticsearch@252c55e5a8
This commit is the forward port of fixes made in 2.3 for the roles and users
pollers. The pollers now refresh since not all operations are guaranteed to
refresh.
The clear roles tests are also made more evil since the poller runs at different
intervals on each node and can sometimes run almost continuously. The
modification requests now randomize if they refresh or not as well.
Original commit: elastic/x-pack-elasticsearch@f61159c40a
Users running the `CleanerService` should not be able to disable it (via a `-1` as the time setting) because they'll just shoot themselves in the foot. This PR changes the behavior to allow extensive amounts via the setting (e.g., they could set it to 2 years). By doing this via the `Setting`, we can avoid a lot of boilerplate code for verification as well. If we decide to allow it to be disabled, then the setting should be explicit. I've found that users tend to not understand setting times to `-1`.
With the internal `IndicesCleaner` runnable, I have also moved the rescheduling code to `onAfter` so that it always happens, even if the license makes it temporarily invalid.
I also think that we should allow the user to dynamically set the setting regardless of it being allowed -- and warn on it. This way they can set it when it's expired or during the trial, but it will take effect when they apply the paid license. I think that this will provide a better user experience so that they do not have to remember to re-set it later.
This also removes the `LocalExporter`-specific setting that allowed it to override the global retention. If we ever add another listener, then we should add exporter-specific settings to support this kind of functionality.
Adds some tests for the settings as well as for the service, while also removing now unneeded ones.
Original commit: elastic/x-pack-elasticsearch@3abd41807e
Currently it first creates a scorer, then checks if the role bits are sparse,
and falls back to the bulk scorer if they are dense. The issue is that creating
scorers and bulk scorers is very expensive on some queries such as ranges,
prefix and terms queries. So it should rather check whether bits are sparse
first in order to decide whether to use the scorer or bulk scorer.
Original commit: elastic/x-pack-elasticsearch@067d630099
Similar to WatcherClientProxy, the elasticsearch client used in exporters must be proxied to avoid circular dependencies at Guice's injection time. This commit add a MonitoringClientProxy as well as a MonitoringClient to be used later in monitoring's transport actions.
(cherry picked from commit b70c095)
Original commit: elastic/x-pack-elasticsearch@17327cffe5
jaymode
Tanguy Leroux
Boaz Leskes
Lee Hinman
Tim Sullivan
Chris Earle
Chris Earle
Lukas Olson
Joe Fleming
Alexander Reelsen
Nik Everett
Areek Zillur
Adrien Grand
Jim Ferenczi