Commit Graph

62 Commits

Author SHA1 Message Date
Ryan Ernst fb690ef748 Settings: Add infrastructure for elasticsearch keystore
This change is the first towards providing the ability to store
sensitive settings in elasticsearch. It adds the
`elasticsearch-keystore` tool, which allows managing a java keystore.
The keystore is loaded upon node startup in Elasticsearch, and used by
the Setting infrastructure when a setting is configured as secure.

There are a lot of caveats to this PR. The most important is it only
provides the tool and setting infrastructure for secure strings. It does
not yet provide for keystore passwords, keypairs, certificates, or even
convert any existing string settings to secure string settings. Those
will all come in follow up PRs. But this PR was already too big, so this
at least gets a basic version of the infrastructure in.

The two main things to look at.  The first is the `SecureSetting` class,
which extends `Setting`, but removes the assumption for the raw value of the
setting to be a string. SecureSetting provides, for now, a single
helper, `stringSetting()` to create a SecureSetting which will return a
SecureString (which is like String, but is closeable, so that the
underlying character array can be cleared). The second is the
`KeyStoreWrapper` class, which wraps the java `KeyStore` to provide a
simpler api (we do not need the entire keystore api) and also extend
the serialized format to add metadata needed for loading the keystore
with no assumptions about keystore type (so that we can change this in
the future) as well as whether the keystore has a password (so that we
can know whether prompting is necessary when we add support for keystore
passwords).
2016-12-22 16:28:34 -08:00
Nik Everett 2087234d74 Timeout improvements for rest client and reindex (#21741)
Changes the default socket and connection timeouts for the rest
client from 10 seconds to the more generous 30 seconds.

Defaults reindex-from-remote to those timeouts and make the
timeouts configurable like so:
```
POST _reindex
{
  "source": {
    "remote": {
      "host": "http://otherhost:9200",
      "socket_timeout": "1m",
      "connect_timeout": "10s"
    },
    "index": "source",
    "query": {
      "match": {
        "test": "data"
      }
    }
  },
  "dest": {
    "index": "dest"
  }
}
```

Closes #21707
2016-12-05 10:54:51 -05:00
Ahmad Ragab 49e1ca249a Update usage.asciidoc
Reordered parameters for last async call based on implementation

Backport of #21360 in master branch (6.0).

Closes #21360.
2016-11-23 17:34:45 +01:00
David Pilato bfb2116aa6 Add missing change for sniffer page
Related to #21737
2016-11-23 17:13:01 +01:00
David Pilato 77e8e1d6f2 Update layout 2016-11-23 17:00:41 +01:00
David Pilato 5e1780061c Add Gradle coordinates for the REST client 2016-11-22 16:34:23 +01:00
Luca Cavanna 293a3cab01 Rest client: don't reuse that same HttpAsyncResponseConsumer across multiple retries (#21378)
* Rest client: don't reuse that same HttpAsyncResponseConsumer across multiple retries

Turns out that AbstractAsyncResponseConsumer from apache async http client is stateful and cannot be reused across multiple requests. The failover mechanism was mistakenly reusing that same instance, which can be provided by users, across retries in case nodes are down or return 5xx errors. The downside is that we have to change the signature of two public methods, as HttpAsyncResponseConsumer cannot be provided directly anymore, rather its factory needs to be provided which is going to be used to create one instance of the consumer per request attempt.

Up until now we tested our RestClient against multiple nodes only in a mock environment, where we don't really send http requests. In that scenario we can verify that retries etc. work properly but the interaction with the http client library in a real scenario is different and can catch other problems. With this commit we also add an integration test that sends requests to multiple hosts, and some of them may also get stopped meanwhile. The specific test for pathPrefix was also removed as pathPrefix is now randomly applied by default, hence implicitly tested. Moved also a small test method that checked the validity of the path argument to the unit test RestClientSingleHostTests.

Also increase default buffer limit to 100MB and make it required in default consumer

The default buffer limit used to be 10MB but that proved not to be high enough for scroll requests (see reindex from remote). With this commit we increase the limit to 100MB and make it a bit more visibile in the consumer factory.
2016-11-08 16:42:42 +01:00
Lukáš Vlček d88e6c62aa [DOC] Fix HttpHost constructor arguments (#21056)
Protocol is the last argument.
Oficial API doc: https://hc.apache.org/httpcomponents-core-ga/httpcore/apidocs/org/apache/http/HttpHost.html
Your own use here: 7560101ec7/client/rest/src/test/java/org/elasticsearch/client/RequestLoggerTests.java (L54)
2016-10-21 09:53:08 +02:00
Clinton Gormley 9974e3f3d8 Bumped doc versions to 6.0.0-alpha1 2016-09-08 18:29:18 +02:00
Chris Earle 6ad92c0f9d [DOCS] Document performRequest being renamed to performRequestAsync
This updates the docs to reflect that the asynchronous variants were renamed to have "Async" at the end.
2016-08-30 11:29:52 -04:00
Clinton Gormley 1760e00489 Bumped version in docs 2016-08-09 15:57:35 +02:00
Luca Cavanna 502217f035 [DOCS] add java REST client docs (#19618)
[DOCS] add java REST client docs

Add some docs on how to get started with the Java REST client, some common configuration that may be needed and the sniffer component.
2016-07-29 11:22:47 +02:00