Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Simplify HTTP configuration #3840

Merged
merged 15 commits into from
Oct 5, 2017
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
77 changes: 75 additions & 2 deletions UPGRADING.rst
Original file line number Diff line number Diff line change
@@ -1,9 +1,82 @@
**************************
Upgrading to Graylog 2.4.x
Upgrading to Graylog 3.0.x
**************************

.. _upgrade-from-23-to-24:
.. _upgrade-from-24-to-30:

This file only contains the upgrade note for the upcoming release.
Please see `our documentation <http://docs.graylog.org/en/latest/pages/upgrade.html>`_
for the complete upgrade notes.

Simplified HTTP interface configuration
=======================================

Graylog used to have a lot of different settings regarding the various HTTP interfaces it provides, namely the Graylog REST API and the Graylog web interface.

This mostly originates from the fact that Graylog used to consist of two components before Graylog 2.0.0, a server component and a separate web interface.

The changes in this release finally merge the HTTP listeners for the Graylog REST API and web interface into a single HTTP listener, which should make the initial configuration of Graylog simpler and reduce errors caused by conflicting settings.

The path of the Graylog REST API is now hard-coded to ``/api``, so if you're still using the legacy URI on port 12900/tcp or have been using a custom path (via the ``rest_listen_uri`` or ``rest_transport_uri`` settings), you'll have to update the URI used to access the Graylog REST API.

For a more detailed description of the new HTTP settings, please consult the annotated `Graylog configuration file <https://github.com/Graylog2/graylog2-server/blob/d9bb656275eeac7027e3fe12d9ee1b6a0905dcd1/misc/graylog.conf#L79-L81>`__.


Overview of deprecated Graylog REST API settings:

+----------------------------------+----------------------------------+--------------------------------+
| Deprecated Setting | New Setting | Default |
+==================================+==================================+================================+
| ``rest_listen_uri`` | ``http_bind_address`` | ``127.0.0.1:9000`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_transport_uri`` | ``http_publish_uri`` | ``http://$http_bind_address/`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``web_endpoint_uri`` | ``http_external_uri`` | ``$http_publish_uri`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_enable_cors`` | ``http_enable_cors`` | ``true`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_enable_gzip`` | ``http_enable_gzip`` | ``true`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_max_header_size`` | ``http_max_header_size`` | ``8192`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_max_initial_line_length`` | ``http_max_initial_line_length`` | ``4096`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_thread_pool_size`` | ``http_thread_pool_size`` | ``16`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_enable_tls`` | ``http_enable_tls`` | ``false`` |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_tls_cert_file`` | ``http_tls_cert_file`` | Empty |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_tls_key_file`` | ``http_tls_key_file`` | Empty |
+----------------------------------+----------------------------------+--------------------------------+
| ``rest_tls_key_password`` | ``http_tls_key_password`` | Empty |
+----------------------------------+----------------------------------+--------------------------------+


Overview of deprecated Graylog web interface settings:

+---------------------------------+----------------------------------+--------------------+
| Deprecated Setting | New Setting | Default |
+=================================+==================================+====================+
| ``web_enable`` | None | |
+---------------------------------+----------------------------------+--------------------+
| ``web_listen_uri`` | ``http_bind_address`` | ``127.0.0.1:9000`` |
+---------------------------------+----------------------------------+--------------------+
| ``web_enable_cors`` | ``http_enable_cors`` | ``true`` |
+---------------------------------+----------------------------------+--------------------+
| ``web_enable_gzip`` | ``http_enable_gzip`` | ``true`` |
+---------------------------------+----------------------------------+--------------------+
| ``web_max_header_size`` | ``http_max_header_size`` | ``8192`` |
+---------------------------------+----------------------------------+--------------------+
| ``web_max_initial_line_length`` | ``http_max_initial_line_length`` | ``4096`` |
+---------------------------------+----------------------------------+--------------------+
| ``web_thread_pool_size`` | ``http_thread_pool_size`` | ``16`` |
+---------------------------------+----------------------------------+--------------------+
| ``web_enable_tls`` | ``http_enable_tls`` | ``false`` |
+---------------------------------+----------------------------------+--------------------+
| ``web_tls_cert_file`` | ``http_tls_cert_file`` | Empty |
+---------------------------------+----------------------------------+--------------------+
| ``web_tls_key_file`` | ``http_tls_key_file`` | Empty |
+---------------------------------+----------------------------------+--------------------+
| ``web_tls_key_password`` | ``http_tls_key_password`` | Empty |
+---------------------------------+----------------------------------+--------------------+
33 changes: 0 additions & 33 deletions graylog2-server/src/main/java/org/graylog2/Configuration.java
Original file line number Diff line number Diff line change
Expand Up @@ -26,20 +26,16 @@
import com.github.joschi.jadconfig.validators.PositiveIntegerValidator;
import com.github.joschi.jadconfig.validators.PositiveLongValidator;
import com.github.joschi.jadconfig.validators.StringNotBlankValidator;
import com.github.joschi.jadconfig.validators.URIAbsoluteValidator;
import org.graylog2.plugin.BaseConfiguration;
import org.graylog2.utilities.IPSubnetConverter;
import org.graylog2.utilities.IpSubnet;
import org.joda.time.DateTimeZone;

import java.net.URI;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Collections;
import java.util.Set;

import static org.graylog2.plugin.Tools.normalizeURI;

/**
* Helper class to hold configuration of Graylog
*/
Expand All @@ -51,12 +47,6 @@ public class Configuration extends BaseConfiguration {
@Parameter(value = "password_secret", required = true, validator = StringNotBlankValidator.class)
private String passwordSecret;

@Parameter(value = "rest_listen_uri", required = true, validator = URIAbsoluteValidator.class)
private URI restListenUri = URI.create("http://127.0.0.1:" + GRAYLOG_DEFAULT_PORT + "/api/");

@Parameter(value = "web_listen_uri", required = true, validator = URIAbsoluteValidator.class)
private URI webListenUri = URI.create("http://127.0.0.1:" + GRAYLOG_DEFAULT_WEB_PORT + "/");

@Parameter(value = "output_batch_size", required = true, validator = PositiveIntegerValidator.class)
private int outputBatchSize = 500;

Expand Down Expand Up @@ -204,16 +194,6 @@ public String getNodeIdFile() {
return nodeIdFile;
}

@Override
public URI getRestListenUri() {
return normalizeURI(restListenUri, getRestUriScheme(), GRAYLOG_DEFAULT_PORT, "/");
}

@Override
public URI getWebListenUri() {
return normalizeURI(webListenUri, getWebUriScheme(), GRAYLOG_DEFAULT_WEB_PORT, "/");
}

public String getRootUsername() {
return rootUsername;
}
Expand Down Expand Up @@ -326,17 +306,4 @@ public void validatePasswordSecret() throws ValidationException {
throw new ValidationException("The minimum length for \"password_secret\" is 16 characters.");
}
}

@ValidatorMethod
@SuppressWarnings("unused")
public void validateNetworkInterfaces() throws ValidationException {
final URI restListenUri = getRestListenUri();
final URI webListenUri = getWebListenUri();

if (restListenUri.getPort() == webListenUri.getPort() &&
!restListenUri.getHost().equals(webListenUri.getHost()) &&
(WILDCARD_IP_ADDRESS.equals(restListenUri.getHost()) || WILDCARD_IP_ADDRESS.equals(webListenUri.getHost()))) {
throw new ValidationException("Wildcard IP addresses cannot be used if the Graylog REST API and web interface listen on the same port.");
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
import java.util.Map;

public interface NodeService extends PersistedService {
String registerServer(String nodeId, boolean isMaster, URI restTransportUri, String hostname);
String registerServer(String nodeId, boolean isMaster, URI httpPublishUri, String hostname);

Node byNodeId(String nodeId) throws NodeNotFoundException;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,13 +42,13 @@ public NodeServiceImpl(final MongoConnection mongoConnection, final Configuratio
}

@Override
public String registerServer(String nodeId, boolean isMaster, URI restTransportUri, String hostname) {
public String registerServer(String nodeId, boolean isMaster, URI httpPublishUri, String hostname) {
Map<String, Object> fields = Maps.newHashMap();
fields.put("last_seen", Tools.getUTCTimestamp());
fields.put("node_id", nodeId);
fields.put("type", Node.Type.SERVER.toString());
fields.put("is_master", isMaster);
fields.put("transport_address", restTransportUri.toString());
fields.put("transport_address", httpPublishUri.toString());
fields.put("hostname", hostname);

try {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@
import org.graylog2.configuration.ElasticsearchClientConfiguration;
import org.graylog2.configuration.ElasticsearchConfiguration;
import org.graylog2.configuration.EmailConfiguration;
import org.graylog2.configuration.HttpConfiguration;
import org.graylog2.configuration.MongoDbConfiguration;
import org.graylog2.configuration.VersionCheckConfiguration;
import org.graylog2.dashboards.DashboardBindings;
Expand Down Expand Up @@ -85,6 +86,7 @@ public class Server extends ServerBootstrap {
private static final Logger LOG = LoggerFactory.getLogger(Server.class);

private static final Configuration configuration = new Configuration();
private final HttpConfiguration httpConfiguration = new HttpConfiguration();
private final ElasticsearchConfiguration elasticsearchConfiguration = new ElasticsearchConfiguration();
private final ElasticsearchClientConfiguration elasticsearchClientConfiguration = new ElasticsearchClientConfiguration();
private final EmailConfiguration emailConfiguration = new EmailConfiguration();
Expand Down Expand Up @@ -137,6 +139,7 @@ protected List<Module> getCommandBindings() {
@Override
protected List<Object> getCommandConfigurationBeans() {
return Arrays.asList(configuration,
httpConfiguration,
elasticsearchConfiguration,
elasticsearchClientConfiguration,
emailConfiguration,
Expand All @@ -153,7 +156,7 @@ protected void startNodeRegistration(Injector injector) {
final ActivityWriter activityWriter = injector.getInstance(ActivityWriter.class);
nodeService.registerServer(serverStatus.getNodeId().toString(),
configuration.isMaster(),
configuration.getRestTransportUri(),
httpConfiguration.getHttpPublishUri(),
Tools.getLocalCanonicalHostname());
serverStatus.setLocalMode(isLocal());
if (configuration.isMaster() && !nodeService.isOnlyMaster(serverStatus.getNodeId())) {
Expand Down
Loading