Commit Graph

39038 Commits

Author SHA1 Message Date
Jay Modi 91ab88e86e Security: cache users in PKI realm (elastic/x-pack-elasticsearch#4428)
The PKI realm has never been a caching realm as the need had not
presented itself until now. The PKI realm relies on role mappings to
map the DN from a certificate to roles so that the users have the
appropriate access permissions. Without caching, this role mapping will
happen on every request. For file based role mappings, this is not an
issue as the mappings are based on equality checks for the DN.

However, the design of the API based role mappings allows for more
complex matches. These matches are implemented using automata, which
are built on every request that needs role mappings. Building automata
is an expensive operation and in combination with the PKI realm's lack
of caching leads to a significant performance impact.

The change in this commit makes the PkiRealm a caching realm using the
same pattern as other caching realms. The cache provided by
elasticsearch core is used to map the fingerprint of a certificate to
the user that was resolved from this certificate. The semantics of
modifications to this cache during iteration requires that we use a
read-write lock to protect access. There can be multiple concurrent
modifications and retrievals but iteration must be protected from any
attempts to modify the cache.

Additionally, some PKI tests were converted to single node tests as
part of this change. One test only used a single node and the other did
not require multiple nodes.

relates elastic/x-pack-elasticsearch#4406

Original commit: elastic/x-pack-elasticsearch@214772e1c1
2018-04-20 09:53:47 -06:00
Yannick Welsch 6a4c5f3e93
Abort early on finding duplicate snapshot name in internal structures (#29634)
Adds a check in BlobstoreRepository.snapshot(...) that prevents duplicate snapshot names and fails 
the snapshot before writing out the new index file. This ensures that you cannot end up in this
situation where the index file has duplicate names and cannot be read anymore .

Relates to #28906
2018-04-20 17:32:34 +02:00
Jay Modi cdf41cffd8 Watcher: use same value of watcher state (elastic/x-pack-elasticsearch#4430)
This commit updates the WatcherLifecycleService to use the same value
for the watcher service state when making comparisons to determine the
actions that need to be taken.

See elastic/x-pack-elasticsearch#4429

Original commit: elastic/x-pack-elasticsearch@c6c24fc6da
2018-04-20 08:05:58 -06:00
Jason Tedor 0045111ce2 Deprecate the suggest metrics (#29627)
The suggest stats were folded into the search stats as part of the
indices stats API in 5.0.0. However, the suggest metric remained as a
synonym for the search metric for BWC reasons. This commit deprecates
usage of the suggest metric on the indices stats API.

Similarly, due to the changes to fold the suggest stats into the search
stats, requesting the suggest index metric on the indices metric on the
nodes stats API has produced an empty object as the response since
5.0.0. This commit deprecates this index metric on the indices metric on
the nodes stats API.
2018-04-20 09:47:38 -04:00
Jay Modi dfc7ca7214
Implement Iterator#remove for Cache values iter (#29633)
This commit implements the ability to remove values from a Cache using
the values iterator. This brings the values iterator in line with the
keys iterator and adds support for removing items in the cache that are
not easily found by the key used for the cache.
2018-04-20 07:21:08 -06:00
Costin Leau 03ecbc0ccb SQL: implement COT, RANDOM, SIGN math functions (elastic/x-pack-elasticsearch#4394)
Add a number of missing math functions

Original commit: elastic/x-pack-elasticsearch@a26d9d2454
2018-04-20 15:07:14 +03:00
David Kyle 043a877a31 [ML] Prevent unnecessary job updates. (elastic/x-pack-elasticsearch#4424)
Original commit: elastic/x-pack-elasticsearch@8e0629789e
2018-04-20 12:42:31 +01:00
Ioannis Kakavas 14ad96ea8b Fix link to certificate settings in PKI realm (elastic/x-pack-elasticsearch#4402)
Remove indentation so that the two lines are not interpreted as
code block and the link is rendered correctly

Original commit: elastic/x-pack-elasticsearch@a73d52dfba
2018-04-20 12:43:55 +03:00
Costin Leau bc2ef139a8 SQL: Add Atan2 and Power functions (elastic/x-pack-elasticsearch#4412)
Add missing Atan2 & Power(and introduce BinaryMath operations), similar
to MathOperation.
Also align arithmetic package with binary math for code reuse.

Original commit: elastic/x-pack-elasticsearch@311961815e
2018-04-20 12:23:42 +03:00
Costin Leau e6f69ee269 SQL: Fix version loading in JDBC (elastic/x-pack-elasticsearch#4425)
When deployed, JDBC version needs to look at jars inside the classpath
not on the file system. Failing to do that, causes the version
information to be missing

Original commit: elastic/x-pack-elasticsearch@d35e8abb29
2018-04-20 12:19:45 +03:00
Ryan Ernst 935df40f70 Docs: Fix reference to legacy tribe section
Original commit: elastic/x-pack-elasticsearch@5261193fc1
2018-04-19 18:40:32 -07:00
Nhat Nguyen 42d81a2945 TEST: Unmute testPrimaryRelocationWhileIndexing
Previously we did not put an indexing to a version map if that map does
not require safe access but removed the existing delete tombstone only
if assertion enabled. In #29585, we removed the side-effect caused by
assertion then this test started failing. This failure can be explained
as follows:

- Step 1: Index a doc then delete that doc

- Step 2: The version map can switch to unsafe mode because of
  concurrent refreshes (implicitly called by flushes)

- Step 3: Index a document - the version map won't add this version
  value and won't prune the tombstone (previously it did)

- Step 4: Delete a document - this will return NOT_FOUND instead of
  DELETED because of the stale delete tombstone

This failure is actually fixed by #29619 in which we never leave stale
delete tombstones

Closes #29626
2018-04-19 21:35:21 -04:00
Ryan Ernst ba9c13302a Remove remaining references to tribe node (elastic/x-pack-elasticsearch#4407)
This commit review remaining docs and build references from the docs.

Original commit: elastic/x-pack-elasticsearch@33830b63ed
2018-04-19 18:02:09 -07:00
Ryan Ernst 7975280383
Remove remaining tribe node references (#29574)
While tribe node was removed in
https://github.com/elastic/elasticsearch/pull/28443, there remained a
couple lingering references to it in docs and code. This commit removes
those remaining references.
2018-04-19 18:02:01 -07:00
Nhat Nguyen 9cf8b01fc4
Never leave stale delete tombstones in version map (#29619)
Today the VersionMap does not clean up a stale delete tombstone if it
does not require safe access. However, in a very rare situation due to
concurrent refreshes, the safe-access flag may be flipped over then an
engine accidentally consult that stale delete tombstone.

This commit ensures to never leave stale delete tombstones in a version
map by always pruning delete tombstones when putting a new index entry
regardless of the value of the safe-access flag.
2018-04-19 20:49:56 -04:00
Jason Tedor d1670a18e4
Do not serialize common stats flags using ordinal (#29600)
This commit remove serializing of common stats flags via its enum
ordinal and uses an explicit index defined on the enum. This is to
enable us to remove an unused flag (Suggest) without ruining the
ordering and thus breaking serialization.
2018-04-19 20:12:24 -04:00
Jason Tedor a829d920ee
Remove stale comment from JVM stats (#29625)
We removed catched throwable from the code base and left behind was a
comment about catching InternalError in MemoryManagementMXBean. We are
not going to catch InternalError here as we expect that to be
fatal. This commit removes that stale comment.
2018-04-19 19:56:03 -04:00
Nhat Nguyen 293f85cd52 TEST: Mute testPrimaryRelocationWhileIndexing
AwaitsFix #29626
2018-04-19 19:15:30 -04:00
Jason Tedor 5d767e449a
Remove bulk fallback for write thread pool (#29609)
The name of the bulk thread pool was renamed to "write" with "bulk" as a
fallback name. This change was made in 6.x for BWC reasons yet in 7.0.0
we are removing this fallback. This commit removes this fallback for the
write thread pool.
2018-04-19 16:59:58 -04:00
Zachary Tong 2d6d3c3d74 [Rollup] Add scaled_float to allowed metric mapper types (elastic/x-pack-elasticsearch#4423)
We grab all the NumberFieldMappers to determine the whitelist of allowed
number types, but `scaled_float` is in a module so it isn't picked up
automatically.  This commit adds `scaled_float` to the whitelist
manually.

Original commit: elastic/x-pack-elasticsearch@fb35440315
2018-04-19 13:54:04 -07:00
Julie Tibshirani 113d1d3eab Fix an incorrect reference to 'zero_terms_docs' in match_phrase queries. 2018-04-19 13:24:14 -07:00
Julie Tibshirani 48461ac143 Update the version compatibility for zero_terms_query in match_phrase.
The change was just backported to 6.x.
2018-04-19 13:20:44 -07:00
Nhat Nguyen 955709b3f3 Account translog location to ram usage in version map
This commit accounts a translog location's ram usage in version map.
2018-04-19 16:05:33 -04:00
Jay Modi 3bc6fd76a3 Allow license installation in dev mode without TLS (elastic/x-pack-elasticsearch#4155)
This commit allows license installation without TLS being enabled when
the cluster is in dev mode. The main difference this change enables is
the ability to install a production license on a single node cluster
that is bound to localhost and does not have the single-node discovery
enabled.

relates elastic/x-pack-elasticsearch#4123

Original commit: elastic/x-pack-elasticsearch@04ebcc0fab
2018-04-19 13:49:27 -06:00
Nik Everett f0be979541 SQL: Mimick Elasticsearch defaults for sql action (elastic/x-pack-elasticsearch#4398)
The SQL action supports several text outputs and used to default to an
output that looked like the SQL CLI. It is a lovely output format but
this changes output selection behavior to mimick Elasticsearch's
standard behavior: it'll now default to the same format as the request.

That means that if you want the pretty text format then you need to ask
for it. The way to do that is:

```
POST /_xpack/sql?format=text/plain
{
    "query": "SELECT * FROM library ORDER BY page_count DESC LIMIT 5"
}
```

Original commit: elastic/x-pack-elasticsearch@4a15a23b18
2018-04-19 15:40:19 -04:00
Jason Tedor a28c0d2271 Remove extra spaces from changelog
This commit removes to extra spaces at the end of lines in the
changelog.
2018-04-19 15:10:19 -04:00
Lisa Cawley d835ad42f1 [DOCS] Remove X-Pakc installation page (elastic/x-pack-elasticsearch#4416)
Original commit: elastic/x-pack-elasticsearch@a5ca5c7230
2018-04-19 11:40:26 -07:00
Julie Tibshirani b9e1a00213
Add support to match_phrase query for zero_terms_query. (#29598) 2018-04-19 11:25:27 -07:00
Julie Tibshirani 00d88a5d3e
Fix incorrect references to 'zero_terms_docs' in query parsing error messages. (#29599) 2018-04-19 11:02:49 -07:00
Lee Hinman 0bd9163c28 Move sql-proto and jdbc to java.util.TimeZone (elastic/x-pack-elasticsearch#4350)
* Move sql-proto and jdbc to java.util.TimeZone

This moves sql-proto and jdbc from Joda's `DateTimeZone` to
`java.util.TimeZone`, this will allow us in the future to be able to decouple
JDBC from Joda.

This does not decouple all of SQL from joda, it focuses on as small a piece as I
could for sql-proto and jdbc.

Requires https://github.com/elastic/elasticsearch/pull/29487 to be merged first.

Original commit: elastic/x-pack-elasticsearch@7c9d52e675
2018-04-19 11:27:33 -06:00
Ryan Ernst 2574d4e704 Build: Change bwc java home check to new signature (elastic/x-pack-elasticsearch#4392)
The signature for getJavaHome is changing with
elastic/elasticsearch#29548.


Original commit: elastic/x-pack-elasticsearch@85434d0a13
2018-04-19 09:52:04 -07:00
Ryan Ernst 4f282e9e32
Build: Move java home checks to pre-execution phase (#29548)
This commit moves the checks on JAVAX_HOME (where X is the java version
number) existing to the end of gradle's configuration phase, and based
on whether the tasks needing the java home are configured to execute.

relates #29519
2018-04-19 09:51:52 -07:00
Nhat Nguyen 1b24d4e68b
Avoid side-effect in VersionMap when assertion enabled (#29585)
Today when a version map does not require safe access, we will skip that
document. However, if the assertion is enabled, we remove the delete
tombstone of that document if existed. This side-effect may accidentally
hide bugs in which stale delete tombstone can be accessed.

This change ensures putAssertionMap not modify the tombstone maps.
2018-04-19 12:38:10 -04:00
Lisa Cawley 2578346877 [DOCS] Fixes monitor privilege description (elastic/x-pack-elasticsearch#4403)
Original commit: elastic/x-pack-elasticsearch@579996d671
2018-04-19 09:27:40 -07:00
Christoph Büscher 7fa7dea044 [Tests] Remove accidental logger usage 2018-04-19 18:11:06 +02:00
Jay Modi 61542a5543 Wait for Netty threads after Security tests (elastic/x-pack-elasticsearch#4390)
This commit adds waits for two Netty threads that run in the background
and require explicit calls to await inactivity in them. This shows up
as an issue in security tests since we always use netty and do not have
these waits so these threads can trip the thread leak detector.

relates elastic/x-pack-elasticsearch#4367

Original commit: elastic/x-pack-elasticsearch@76d84553ba
2018-04-19 09:54:25 -06:00
Christoph Büscher d0f6657d90
Add tests for ranking evaluation with aliases (#29452)
The ranking evaluation requests so far were not tested against aliases
but they should run regardless of the targeted index is a real index or
an alias. This change adds cases for this to the integration and rest
tests.
2018-04-19 17:00:52 +02:00
Jay Modi 502bc6c572 Clarify index operations for create privilege (elastic/x-pack-elasticsearch#4337)
The `create` privilege can be misleading based on a user's
interpretation of the meaning of the privilege. The create privilege
grants the user access to the index api and the put mapping api. The
index api allows for a document to be created but it also allows for
an existing document to be overwritten (assuming the CREATE operation
type is not used). However, the name `create` implies the ability to
only create a document and not be able to modify an existing document,
which may not be clear to users unfamiliar with the index API.

This commit adds a small note under the privilege in the documentation
that should add some clarity to the operations allowed by this
privilege.

Original commit: elastic/x-pack-elasticsearch@24596c41b0
2018-04-19 08:52:30 -06:00
Christoph Büscher 24763d881e
Deprecate use of `htmlStrip` as name for HtmlStripCharFilter (#27429)
The camel case name `htmlStip` should be removed in favour of `html_strip`, but
we need to deprecate it first. This change adds deprecation warnings for indices 
with version starting with 6.3.0 and logs deprecation warnings in this cases.
2018-04-19 16:48:17 +02:00
Russ Cam d62b6eb3b8 [DOCS] Update forecast_id to string in response (elastic/x-pack-elasticsearch#4245)
This commit updates forecast_id to be a string within the response,
to match source code.

Original commit: elastic/x-pack-elasticsearch@b6fbc87a84
2018-04-19 15:01:17 +01:00
tomcallahan 8d6f36c507 Remove copy-pasted code (elastic/x-pack-elasticsearch#4298)
* Remove copy-pasted code

An examination of the x-pack source code revealed copy-pasted code
in ActiveDirectoryGroupsResolver in the binarySidToStringSid
method.  I have replaced this with an apache2 implementation from
the apache directory studio project.  Furthermore, I have added
a test that leverages a real binary/string SID pair retrieved
from an active directory domain controller.  The apache2-based
implementation is exempt for the license checker.

Original commit: elastic/x-pack-elasticsearch@81a7471261
2018-04-19 09:12:15 -04:00
Adrien Grand 6e62b481b4
Update plan for the removal of mapping types. (#29586)
8.x will no longer allow types in APIs and 7.x will issue deprecation warnings
when `include_type_name` is set to `false`.
2018-04-19 15:09:14 +02:00
Christoph Büscher 124fecd221 [Docs] Add rankEval method for Jva HL client
This change adds documentation about using the ranking evaluation API
from the high level Java REST client.

Closes #28694
2018-04-19 14:39:42 +02:00
Christoph Büscher 7c56cc2624 Make ranking evaluation details accessible for client
Allow high level java rest client to access details of the metric
calculation by making them accessible across packages. Also renaming the
inner `Breakdown` classes of the evaluation metrics to `Detail` to
better communicate their use.
2018-04-19 14:39:41 +02:00
Jason Tedor 650b80a982 Reflect renaming of bulk thread pool (elastic/x-pack-elasticsearch#4414)
The bulk thread pool was renamed to the write thread pool. This commit
adds support for this in X-Pack. Specifically, a change is needed in
monitoring to reflect the name change (and support the possibility that
the user has the display name for the write thread pool as "bulk").

Original commit: elastic/x-pack-elasticsearch@c3c4b99be5
2018-04-19 08:22:10 -04:00
Jason Tedor c12c2a6cc9 Rename the bulk thread pool to write thread pool (#29593)
This commit renames the bulk thread pool to the write thread pool. This
is to better reflect the fact that the underlying thread pool is used to
execute any document write request (single-document index/delete/update
requests, and bulk requests).

With this change, we add support for fallback settings
thread_pool.bulk.* which will be supported until 7.0.0.

We also add a system property so that the display name of the thread
pool remains as "bulk" if needed to avoid breaking users.
2018-04-19 08:18:58 -04:00
Christoph Büscher fa1052017c
[Test] Minor changes to rank_eval tests (#29577)
Removing an enum in favour of local constants to simplify tests and
removing a few deprecated method calls and warnings.
2018-04-19 13:50:18 +02:00
Tanguy Leroux e2d770d9b9
Fix missing node id prefix in startup logs (#29534)
When `node.name` is not set, some log traces at startup time does not
show the node id.
2018-04-19 09:40:25 +02:00
Martijn van Groningen 8afa7c174f
Added painless execute api. (#29164)
Added an api that allows to execute an arbitrary script and a result to be returned.

```
POST /_scripts/painless/_execute
{
  "script": {
    "source": "params.var1 / params.var2",
    "params": {
      "var1": 1,
      "var2": 1
    }
  }
}
```

Relates to #27875
2018-04-19 09:33:34 +02:00
Martijn van Groningen 621a1935b8
test: also assert deprecation warning after clusters have been closed. 2018-04-19 09:20:04 +02:00