The purpose of this class is to make it easy from a test program
to access the output of the REST-API. Currently it provides only
the equivalent of "maxctrl list servers", but it can be extended
if and when additional needs arise.
Right now it's implemented so that curl is executed on the 0th
MaxScale instance, using the ssh mechanism of the test framework.
The monitor queries for logged in users with super-privileges and kicks them out to
prevent writes to master. Normal users can stay since their writes are prevented by
read_only. Also, the master-status is removed from the master manually to signal to
routers that no more writes should go to master.
Changes to SSL configurations is expected to be rare which allows them to
be made into immutable objects once created. This is an acceptable
compromise between performance and usability.
The message would be logged multiple times if multiple authentication
attemps failed at the same time.
Also renamed the RateLimit class method to the same as the Listener one.
The header depended on ssl.hh to include the OpenSSL headers even though
it used OpenSSL types. By fixing these dependencies the ssl.h header can
now freely include the rworker_local type which removes the need for the
hidden implementation of SSLProvider.
The class is intended to be inherited by objects that need an SSL context
and a configuration. In practice this will be servers and listeners.
The SSLContext is stored in a rworker_local shared_ptr that makes it
possible to update safely. As the copying is always done behind a lock the
cached local value always holds a valid SSLContext instance for the
duration of all function calls.
Using the pImpl idiom, the routingworker.hh header is not exposed in the
ssl.hh header. This allows the SSLProvider class to be inherited more
easily.
As server relationships are unordered, sorting them guarantees a certain
order. This fixes the MaxCtrl cluster diff test failure.
Also formatted monitor.cc sources: the indentation seems to be off.
Since listeners cannot be reconfigured, we can accept this limitation and
impose it on the servers as well. This keeps the behavior consistent and
removes the need to resolve the deletion issue (for the time being).
The test appears to fail to connect to MaxScale due to unavailability of
connections. Theoretically, the improvement in accept speed due to
SO_REUSEPORT additions could explain the faster exhaustion of available
sockets.
If the authentication process fails due to an inability to start a
session, it should not be counted towards the number of failed
authentication attempts.
Plugins may send additional messages during authentication. These messages
often contain notifications such as password expiration dates. Both the client
and backend side authenticators now handle such messages. The messages are not
sent to the user, only the log. The requirement that only "Password: " is queried
still stands.
Implementations of check_replication() and start_replication() for Clustrix allows to use fix_replication()
also for Clustrix nodes without checking it.
Also several attempts to check nodes after restart are added - to wait for nodes if they are not running
right after server daemon restart
