-
Notifications
You must be signed in to change notification settings - Fork 24.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Password Protected Keystore (Feature Branch) #49210
Commits on Jul 11, 2019
-
Reload secure settings with password (#43197)
If a password is not set, we assume an empty string to be compatible with previous behavior. Only allow the reload to be broadcast to other nodes if TLS is enabled for the transport layer.
Configuration menu - View commit details
-
Copy full SHA for 98ad0eb - Browse repository at this point
Copy the full SHA 98ad0ebView commit details
Commits on Jul 23, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 5b0b591 - Browse repository at this point
Copy the full SHA 5b0b591View commit details -
Add passphrase support to elasticsearch-keystore (#38498)
This change adds support for keystore passphrases to all subcommands of the elasticsearch-keystore cli tool and adds a subcommand for changing the passphrase of an existing keystore. The work to read the passphrase in Elasticsearch when loading, which will be addressed in a different PR. Subcommands of elasticsearch-keystore can handle (open and create) passphrase protected keystores When reading a keystore, a user is only prompted for a passphrase only if the keystore is passphrase protected. When creating a keystore, a user is allowed (default behavior) to create one with an empty passphrase Passphrase can be set to be empty when changing/setting it for an existing keystore Relates to: #32691 Supersedes: #37472
Configuration menu - View commit details
-
Copy full SHA for 9398aac - Browse repository at this point
Copy the full SHA 9398aacView commit details
Commits on Jul 25, 2019
-
Configuration menu - View commit details
-
Copy full SHA for c7882c3 - Browse repository at this point
Copy the full SHA c7882c3View commit details
Commits on Jul 26, 2019
-
Restore behavior for force parameter (#44847)
Turns out that the behavior of `-f` for the add and add-file sub commands where it would also forcibly create the keystore if it didn't exist, was by design - although undocumented. This change restores that behavior auto-creating a keystore that is not password protected if the force flag is used. The force OptionSpec is moved to the BaseKeyStoreCommand as we will presumably want to maintain the same behavior in any other command that takes a force option.
Configuration menu - View commit details
-
Copy full SHA for 6684375 - Browse repository at this point
Copy the full SHA 6684375View commit details
Commits on Jul 31, 2019
-
[ML-DataFrame] Muting tests for backport (#44850)
Mutes data frame BWC tests prior to backporting #44768
Configuration menu - View commit details
-
Copy full SHA for c38fa7a - Browse repository at this point
Copy the full SHA c38fa7aView commit details -
Treat PostDataActionResponse.DataCounts.bucketCount as incremental ra…
…ther than absolute (total). (#44803)
Configuration menu - View commit details
-
Copy full SHA for 83db007 - Browse repository at this point
Copy the full SHA 83db007View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2069e38 - Browse repository at this point
Copy the full SHA 2069e38View commit details -
do not assert on indexer state (#44854)
remove the unreliable check for the state change fixes #44813
Configuration menu - View commit details
-
Copy full SHA for e4c35eb - Browse repository at this point
Copy the full SHA e4c35ebView commit details -
[DOCS] Adds allow no datafeeds query param to the GET, GET stats and …
…STOP datafeed APIs (#44499)
Configuration menu - View commit details
-
Copy full SHA for 24e009b - Browse repository at this point
Copy the full SHA 24e009bView commit details -
[GEO] Fix GeoShapeQueryBuilder to check for valid spatial relations
Refactor left out the spatial strategy check in GeoShapeQueryBuilder.relation setter method. This commit adds that check back in.
Configuration menu - View commit details
-
Copy full SHA for 9c4ea84 - Browse repository at this point
Copy the full SHA 9c4ea84View commit details -
Configuration menu - View commit details
-
Copy full SHA for cade368 - Browse repository at this point
Copy the full SHA cade368View commit details -
Configuration menu - View commit details
-
Copy full SHA for ba34dce - Browse repository at this point
Copy the full SHA ba34dceView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4c65468 - Browse repository at this point
Copy the full SHA 4c65468View commit details -
Fix an NPE when requesting inner hits and _source is disabled. (#44836)
This PR makes two changes to FetchSourceSubPhase when _source is disabled and we're in a nested context: * If no source filters are provided, return early to avoid an NPE. * If there are source filters, make sure to throw an exception. The behavior was chosen to match what currently happens in a non-nested context.
Configuration menu - View commit details
-
Copy full SHA for d420bc4 - Browse repository at this point
Copy the full SHA d420bc4View commit details -
Adds an API to clone an index. This is similar to the index split and shrink APIs, just with the difference that the number of primary shards is kept the same. In case where the filesystem provides hard-linking capabilities, this is a very cheap operation. Indexing cloning can be done by running `POST my_source_index/_clone/my_target_index` and it supports the same options as the split and shrink APIs. Closes #44128
Configuration menu - View commit details
-
Copy full SHA for 91c35aa - Browse repository at this point
Copy the full SHA 91c35aaView commit details -
Configuration menu - View commit details
-
Copy full SHA for 31a8ce9 - Browse repository at this point
Copy the full SHA 31a8ce9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8bbf546 - Browse repository at this point
Copy the full SHA 8bbf546View commit details -
Add missing ZonedDateTime methods for joda compat layer (#44829)
While joda no longer exists in the apis for 7.x, the compatibility layer still exists with helper methods mimicking the behavior of joda for ZonedDateTime objects returned for date fields in scripts. This layer was originally intended to be removed in 7.0, but is now likely to exist for the lifetime of 7.x. This commit adds missing methods from ChronoZonedDateTime to the compat class. These methods were not part of joda, but are needed to act like a real ZonedDateTime. relates #44411
Configuration menu - View commit details
-
Copy full SHA for a05805a - Browse repository at this point
Copy the full SHA a05805aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 78ca898 - Browse repository at this point
Copy the full SHA 78ca898View commit details -
Asynchronously connect to remote clusters (#44825)
Refactors RemoteClusterConnection so that it no longer blockingly connects to remote clusters. Relates to #40150
Configuration menu - View commit details
-
Copy full SHA for c9a9d9e - Browse repository at this point
Copy the full SHA c9a9d9eView commit details -
Adapt BWC condition for clone index API after backport (#44267)
Changes the BWC conditions for the clone index API after backport of the feature to 7.x
Configuration menu - View commit details
-
Copy full SHA for d340467 - Browse repository at this point
Copy the full SHA d340467View commit details -
Add option to filter ILM explain response (#44777)
In order to make it easier to interpret the output of the ILM Explain API, this commit adds two request parameters to that API: - `only_managed`, which causes the response to only contain indices which have `index.lifecycle.name` set - `only_errors`, which causes the response to contain only indices in an ILM error state "Error state" is defined as either being in the `ERROR` step or having `index.lifecycle.name` set to a policy that does not exist.
Configuration menu - View commit details
-
Copy full SHA for 8510717 - Browse repository at this point
Copy the full SHA 8510717View commit details -
Configuration menu - View commit details
-
Copy full SHA for 56e35b8 - Browse repository at this point
Copy the full SHA 56e35b8View commit details -
Configuration menu - View commit details
-
Copy full SHA for f4edb31 - Browse repository at this point
Copy the full SHA f4edb31View commit details -
Document xpack.security.authc.saml.realm for Kibana (#44705)
Since 7.3, it's possible to explicitly configure the SAML realm to be used in Kibana's configuration. This in turn, eliminates the need of properly setting `xpack.security.public.*` settings in Kibana and largely simplifies relevant documentation. This also changes `xpack.security.authProviders` to `xpack.security.authc.providers` as the former was deprecated in favor of the latter in 7.3 in Kibana
Configuration menu - View commit details
-
Copy full SHA for 944c998 - Browse repository at this point
Copy the full SHA 944c998View commit details -
Force Merge should reject requests with
only_expunge_deletes
and `m……ax_num_segments` set (#44761) This commit changes the ForceMergeRequest.validate() method so that it does not accept the parameters only_expunge_deletes and max_num_segments to be set at the same time. The motivation is that InternalEngine.forceMerge() just ignores the max. number of segments parameter when the only expunge parameter is set to true, leaving the wrong impression to the user that max. number of segments has been applied. It also changes InternalEngine.forceMerge() so that it now throws an exception when both parameters are set, and modifies tests where needed. Because it changes the behavior of the REST API I marked this as >breaking. Closes #43102
Configuration menu - View commit details
-
Copy full SHA for df9b97a - Browse repository at this point
Copy the full SHA df9b97aView commit details -
Deprecate setting processors to more than available (#44889)
Today the processors setting is permitted to be set to more than the number of processors available to the JVM. The processors setting directly sizes the number of threads in the various thread pools, with most of these sizes being a linear function in the number of processors. It doesn't make any sense to set processors very high as the overhead from context switching amongst all the threads will overwhelm, and changing the setting does not control how many physical CPU resources there are on which to schedule the additional threads. We have to draw a line somewhere and this commit deprecates setting processors to more than the number of available processors. This is the right place to draw the line given the linear growth as a function of processors in most of the thread pools, and that some are capped at the number of available processors already.
Configuration menu - View commit details
-
Copy full SHA for fc1158b - Browse repository at this point
Copy the full SHA fc1158bView commit details -
Ensure cluster is stable in ShrinkIndexIT.testShrinkThenSplitWithFail…
…edNode (#44860) The test ShrinkIndexIT.testShrinkThenSplitWithFailedNode sometimes fails because the resize operation is not acknowledged (see #44736). This resize operation creates a new index "splitagain" and it results in a cluster state update (TransportResizeAction uses MetaDataCreateIndexService.createIndex() to create the resized index). This cluster state update is expected to be acknowledged by all nodes (see IndexCreationTask.onAllNodesAcked()) but this is not always true: the data node that was just stopped in the test before executing the resize operation might still be considered as a "faulty" node (and not yet removed from the cluster nodes) by the FollowersChecker. The cluster state is then acked on all nodes but one, and it results in a non acknowledged resize operation. This commit adds an ensureStableCluster() check after stopping the node in the test. The goal is to ensure that the data node has been correctly removed from the cluster and that all nodes are fully connected to each before moving forward with the resize operation. Closes #44736
Configuration menu - View commit details
-
Copy full SHA for f8133ec - Browse repository at this point
Copy the full SHA f8133ecView commit details -
[DOCS] Amends data frame analytics resources, GET, and PUT API docs (#…
…44806) This PR addresses the feedback in elastic/ml-team#175 (comment). * Adds an example to `analyzed_fields` * Includes `source` and `dest` objects inline in the resource page * Lists `model_memory_limit` in the PUT API page * Amends the `analysis` section in the resource page * Removes Properties headings in subsections
Configuration menu - View commit details
-
Copy full SHA for 62f8f85 - Browse repository at this point
Copy the full SHA 62f8f85View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0a15aa1 - Browse repository at this point
Copy the full SHA 0a15aa1View commit details -
Fix Test Failure in ScalingThreadPoolTests (#44898)
* Due to #44894 some constellations log a deprecation warning here now * Fixed by checking for that
Configuration menu - View commit details
-
Copy full SHA for c13dda1 - Browse repository at this point
Copy the full SHA c13dda1View commit details -
Ensure index is green in SimpleClusterStateIT.testIndicesOptions() (#…
…44893) SimpleClusterStateIT testIndicesOptions failed in #44817 because it tries to close an index at the beginning of the test. With random index settings, it is possible that the index has a high number of shards (10) and replicas (1), which means that on CI this index can take time to be fully allocated. The close index request can fail in the case where replicas are still recovering operations. Thiscommit adds a simple ensureGreen() at the beginning of the test to be sure that all replicas are started before trying to close the index. closes #44817
Configuration menu - View commit details
-
Copy full SHA for e37df82 - Browse repository at this point
Copy the full SHA e37df82View commit details -
Limit processors by available processors (#44894)
This commit limits the processors setting to be more than the number of available processors.
Configuration menu - View commit details
-
Copy full SHA for fb3d70a - Browse repository at this point
Copy the full SHA fb3d70aView commit details -
Fix failing scaling thread pool test
The previous commit took away the distinction between relying on the defaults versus relying on an explicit setting for processors. This commit adds this back, and adjusts the logic to account for the fact that processors can not exceed available processors any longer.
Configuration menu - View commit details
-
Copy full SHA for 5df6cc8 - Browse repository at this point
Copy the full SHA 5df6cc8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 08c02e7 - Browse repository at this point
Copy the full SHA 08c02e7View commit details -
Geo: refactor geo mapper and query builder (#44884)
Refactors out the indexing and query generation logic out of the mapper and query builder into a separate unit-testable classes.
Configuration menu - View commit details
-
Copy full SHA for 6908663 - Browse repository at this point
Copy the full SHA 6908663View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7411325 - Browse repository at this point
Copy the full SHA 7411325View commit details -
Configuration menu - View commit details
-
Copy full SHA for aa0c83d - Browse repository at this point
Copy the full SHA aa0c83dView commit details -
Optimize Min and Max BKD optimizations (#44315)
MinAggregator - skip BKD optimization when no result found after 1024 lookups. MaxAggregator - skip unnecessary conversions.
Configuration menu - View commit details
-
Copy full SHA for b9a17b4 - Browse repository at this point
Copy the full SHA b9a17b4View commit details -
Guard open connection call in RemoteClusterConnection (#44921)
Fixes an issue where a call to openConnection was not properly guarded, allowing an exception to bubble up to the uncaught exception handler, causing test failures. Closes #44912
Configuration menu - View commit details
-
Copy full SHA for 37b39a6 - Browse repository at this point
Copy the full SHA 37b39a6View commit details -
RestController should not consume request content (#44902)
The change #37504 modifies the BaseRestHandler to make it reject all requests that have an unconsumed body. The notion of consumed or unconsumed body is carried by the RestRequest object and its contentConsumed attribute, which is set to true when the content() or content(true) methods are used. In our REST layer, we usually expect the RestHandlers to consume the request content when needed, but it appears that the RestController always consumes the content upfront. This commit changes the content() method used by the RestController so that it does not mark the content as consumed.
Configuration menu - View commit details
-
Copy full SHA for 929ef7f - Browse repository at this point
Copy the full SHA 929ef7fView commit details -
Remove client feature tracking (#44929)
This commit removes the infrastructure for client feature tracking. We introduced this functionality to support clients that do not necessarily understand all the features that the server might support, for example, customs in the cluster state provided by plugins that a client might not have. This can arise in situations such as rolling upgrades from the OSS distribution to the default distribution. With the removal of the transport client, this infrastructure is no longer needed. This commit removes client feature tracking from the server in 8.0.0.
Configuration menu - View commit details
-
Copy full SHA for d2d7f26 - Browse repository at this point
Copy the full SHA d2d7f26View commit details -
Expand logging when SAML Audience condition fails (#44334)
A mismatched configuration between the IdP and SP will often result in SAML authentication attempts failing because the audience condition is not met (because the IdP and SP disagree about the correct form of the SP's Entity ID). Previously the error message in this case did not provide sufficient information to resolve the issue because the IdP's expected audience would be truncated if it exceeeded 32 characters. Since the error did not provide both IDs in full, it was not possible to determine the correct fix (in detail) based on the error alone. This change expands the message that is included in the thrown exception, and also adds additional logging of every failed audience condition, with diagnostics of the match failure. Resolves: #44305
Configuration menu - View commit details
-
Copy full SHA for 3c74664 - Browse repository at this point
Copy the full SHA 3c74664View commit details -
Cleanup Deadcode o.e.indices (#44931)
* none of this is used anywhere
Configuration menu - View commit details
-
Copy full SHA for b9b242e - Browse repository at this point
Copy the full SHA b9b242eView commit details -
Configuration menu - View commit details
-
Copy full SHA for f5b7feb - Browse repository at this point
Copy the full SHA f5b7febView commit details -
Don't use TypeField for nested filters (#44482)
We changed things in #27469 to filter parent docs by using an exists query on the primary_term field. However, the equivalent query for nested documents is still using the type field. This commit makes newNestedFilter build the complement of newNonNestedFilter instead.
Configuration menu - View commit details
-
Copy full SHA for 270e256 - Browse repository at this point
Copy the full SHA 270e256View commit details -
Do not block transport thread on startup (#44939)
We currently block the transport thread on startup, which has caused test failures. I think this is some kind of deadlock situation. I don't think we should even block a transport thread, and there's also no need to do so. We can just reject requests as long we're not fully set up. Note that the HTTP layer is only started much later (after we've completed full start up of the transport layer), so that one should be completely unaffected by this. Closes #41745
Configuration menu - View commit details
-
Copy full SHA for 6f8e1a3 - Browse repository at this point
Copy the full SHA 6f8e1a3View commit details -
Configuration menu - View commit details
-
Copy full SHA for f96e253 - Browse repository at this point
Copy the full SHA f96e253View commit details -
[Docs] Update daterange-aggregation.asciidoc (#44730)
Correcting the value to be the same as that specified for "missing".
Configuration menu - View commit details
-
Copy full SHA for bc8e75c - Browse repository at this point
Copy the full SHA bc8e75cView commit details -
Configuration menu - View commit details
-
Copy full SHA for f241e30 - Browse repository at this point
Copy the full SHA f241e30View commit details -
Support fixture in repository-gcs:thirdPartyTest and fix GCS fixture (#…
…44885) It turns out that today :plugins:repository-gcs:thirdPartyTest can only run against real GCS. Moreover, thirdPartyTest is not a part of check, so these tests are not running on intake build. This commit addresses the issue and makes repository-gcs:thirdPartyTest work with both fixture and real GCS. To do that, except adjusting build and test itself, I had to make changes to the fixture, because previously it was ignoring BlobListOption.currentDirectory() in the list call.
Configuration menu - View commit details
-
Copy full SHA for 3eb5d26 - Browse repository at this point
Copy the full SHA 3eb5d26View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7b9675b - Browse repository at this point
Copy the full SHA 7b9675bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5b6e049 - Browse repository at this point
Copy the full SHA 5b6e049View commit details -
[ML] Outlier detection should only fetch docs that have the analyzed … (
#44944) As data frame rows with missing values for analyzed fields are skipped, we can be more efficient by including a query that only picks documents that have values for all analyzed fields. Besides improving the number of documents we go through, we also provide a more accurate measurement of how many rows we need which reduces the memory requirements. This also adds an integration test that runs outlier detection on data with missing fields.
Configuration menu - View commit details
-
Copy full SHA for 3b49a0d - Browse repository at this point
Copy the full SHA 3b49a0dView commit details -
Configuration menu - View commit details
-
Copy full SHA for da70449 - Browse repository at this point
Copy the full SHA da70449View commit details -
TaskListener#onFailure to accept Exception instead of Throwable (#44946)
TaskListener accepts today Throwable in its onFailure method. Though looking at where it is called (TransportAction), it can never be notified of a Throwable. This commit changes the signature of TaskListener#onFailure so that it accepts an `Exception` rather than a `Throwable` as second argument.
Configuration menu - View commit details
-
Copy full SHA for c7e4cbf - Browse repository at this point
Copy the full SHA c7e4cbfView commit details -
Fix testBlockingIncomingRequests (#44939)
Adapted test to take non-blocking nature into account.
Configuration menu - View commit details
-
Copy full SHA for e5c3e61 - Browse repository at this point
Copy the full SHA e5c3e61View commit details -
[ML] Catch any error thrown while closing data frame analytics process (
#44958) In case closing the process throws an exception we should be catching it no matter its type. The process may have terminated because of a fatal error in which case closing the process will throw a server error, not an `IOException`. If this happens we fail to mark the persistent task as failed and the task gets in limbo.
Configuration menu - View commit details
-
Copy full SHA for 4e7a1a7 - Browse repository at this point
Copy the full SHA 4e7a1a7View commit details -
[GEO] Refactor DeprecatedParameters in AbstractGeometryFieldMapper (#…
…44923) Refactors DeprecatedParameters specific to legacy geo_shape out of AbstractGeometryFieldMapper.TypeParser#parse.
Configuration menu - View commit details
-
Copy full SHA for 8652ef4 - Browse repository at this point
Copy the full SHA 8652ef4View commit details -
Geo: fix geo query decomposition (#44924)
The recent refactoring introduced an issue where queries where not going through the decomposition processing. Fixes #44891
Configuration menu - View commit details
-
Copy full SHA for 099d7be - Browse repository at this point
Copy the full SHA 099d7beView commit details -
Fix Snapshot CLI Build Portability (#44919)
The snapshot CLI tool does not use the `java` in `JAVA_HOME` but instead uses it from the `PATH` which will lead to some portability issues with the wrong `java` being used as the ES build itself does allow for having a different `java` than what is in `JAVA_HOME` on the `PATH`
Configuration menu - View commit details
-
Copy full SHA for 025b92e - Browse repository at this point
Copy the full SHA 025b92eView commit details -
Rename indexlifecycle to ilm and snapshotlifecycle to slm (#44917)
Configuration menu - View commit details
-
Copy full SHA for 3f80ff8 - Browse repository at this point
Copy the full SHA 3f80ff8View commit details -
Configuration menu - View commit details
-
Copy full SHA for decb1da - Browse repository at this point
Copy the full SHA decb1daView commit details -
Remove leniency in reset engine from translog (#44711)
Replaying operations from the local translog must never fail as those operations were processed successfully on the primary before and the mapping is up to update already. This change removes leniency during resetting engine from translog in IndexShard and InternalEngine.
Configuration menu - View commit details
-
Copy full SHA for 1c86c21 - Browse repository at this point
Copy the full SHA 1c86c21View commit details -
Fix JodaCompatibleZonedDateTime casts in Painless (#44874)
This is a temporary fix during the Joda to Java datetime transition. This will implicitly cast a JodaCompatibleZonedDateTime to a ZonedDateTime for both def and static types. This is necessary to insulate users from needing to know about JodaCompatibleZonedDateTime explicitly.
Configuration menu - View commit details
-
Copy full SHA for c34c064 - Browse repository at this point
Copy the full SHA c34c064View commit details -
Release Pooled Buffers Earlier for HTTP Requests (#44952)
* We should release the buffers right after copying and not only do so after we did all the request handling on the copy * Relates #44564
Configuration menu - View commit details
-
Copy full SHA for 405c51e - Browse repository at this point
Copy the full SHA 405c51eView commit details -
Explicitly fail if a realm only exists in keystore (#44471)
There are no realms that can be configured exclusively with secure settings. Every realm that supports secure settings also requires one or more non-secure settings. However, sometimes a node will be configured with entries in the keystore for which there is nothing in elasticsearch.yml - this may be because the realm we removed from the yml, but not deleted from the keystore, or it could be because there was a typo in the realm name which has accidentially orphaned the keystore entry. In these cases the realm building would fail, but the error would not always be clear or point to the root cause (orphaned keystore entries). RealmSettings would act as though the realm existed, but then fail because an incorrect combination of settings was provided. This change causes realm building to fail early, with an explicit message about incorrect keystore entries.
Configuration menu - View commit details
-
Copy full SHA for 03a204b - Browse repository at this point
Copy the full SHA 03a204bView commit details -
Fix aggregators early termination with breadth-first mode (#44963)
This commit fixes a bug when a deferred aggregator tries to early terminate the collection. In such case the CollectionTerminatedException is not caught and the search fails on the shard. This change makes sure that we catch the exception in order to continue the deferred collection on the next leaf. Fixes #44909
Configuration menu - View commit details
-
Copy full SHA for ba57635 - Browse repository at this point
Copy the full SHA ba57635View commit details -
Configuration menu - View commit details
-
Copy full SHA for b8e668a - Browse repository at this point
Copy the full SHA b8e668aView commit details -
Close nodes properly in Coordinator tests (#44967)
Today closing a `ClusterNode` in an `AbstractCoordinatorTestCase` uses `onNode()` so has no effect if the node is not in the current list of nodes. It also discards the `Runnable` it creates without having run it, so has no effect anyway. This commit makes these tests much stricter about properly closing the nodes started during `Coordinator` tests, by tracking the persisted states that are opened, and adds an assertion to catch the trappy requirement that the closing node still belongs to the cluster.
Configuration menu - View commit details
-
Copy full SHA for 24cb30a - Browse repository at this point
Copy the full SHA 24cb30aView commit details -
Optimize Netty Frame Decoding (#44664)
* We should not create a new wrapper object if there's no bytes in the `ByteBuf` * We should not create a new wrapped `ByteBuf` if it can't contain a message anyway because it doesn't even have enough bytes for a header left
Configuration menu - View commit details
-
Copy full SHA for ddd179b - Browse repository at this point
Copy the full SHA ddd179bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 88711e1 - Browse repository at this point
Copy the full SHA 88711e1View commit details -
S3 3rd Party Test Goal (#44799)
* Create S3 Third Party Test Task that Covers the S3 CLI Tool * Adjust snapshot cli test tool tests to work with real S3 * Build adjustment * Clean up repo path before testing * Dedup the logic for asserting path contents by using the correct utility method here that somehow became unused
Configuration menu - View commit details
-
Copy full SHA for 91472ea - Browse repository at this point
Copy the full SHA 91472eaView commit details -
Remove leniency during replay translog in peer recovery (#44989)
This change removes leniency in InternalEngine during replaying translog in peer recovery.
Configuration menu - View commit details
-
Copy full SHA for 49a4f7d - Browse repository at this point
Copy the full SHA 49a4f7dView commit details -
Configuration menu - View commit details
-
Copy full SHA for ee67c94 - Browse repository at this point
Copy the full SHA ee67c94View commit details -
Mute WatcherRestIT 20_minimal_body
Relates to #43988
Configuration menu - View commit details
-
Copy full SHA for 08608d2 - Browse repository at this point
Copy the full SHA 08608d2View commit details -
[ML][Data Frames] unify validation exceptions between PUT/_preview (#…
…44983) * [ML][Data Frames] unify validation exceptions between PUT/_preview * addressing PR comments
Configuration menu - View commit details
-
Copy full SHA for 393bf48 - Browse repository at this point
Copy the full SHA 393bf48View commit details -
Geo: move indexShape to AbstractGeometryFieldMapper.Indexer (#44979)
Move indexShape functionality into AbstractGeometryFieldMapper to make it more unit testable. Relates to #43644
Configuration menu - View commit details
-
Copy full SHA for 7648868 - Browse repository at this point
Copy the full SHA 7648868View commit details -
Move nio channel initialization to event loop (#43780)
Currently in the transport-nio work we connect and bind channels on the a thread before the channel is registered with a selector. Additionally, it is at this point that we set all the socket options. This commit moves these operations onto the event-loop after the channel has been registered with a selector. It attempts to set the socket options for a non-server channel at registration time. If that fails, it will attempt to set the options after the channel is connected. This should fix #41071.
Configuration menu - View commit details
-
Copy full SHA for 15c0f23 - Browse repository at this point
Copy the full SHA 15c0f23View commit details -
Configuration menu - View commit details
-
Copy full SHA for 501f41f - Browse repository at this point
Copy the full SHA 501f41fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 8c23c92 - Browse repository at this point
Copy the full SHA 8c23c92View commit details -
Configuration menu - View commit details
-
Copy full SHA for 326c247 - Browse repository at this point
Copy the full SHA 326c247View commit details -
[DOCS] Modified section headings, edited text for clarity. (#44988)
* [DOCS] Modified section headings, edited text for clarity. * [DOCS] Modified section headings, edited text for clarity. * [DOCS] Modified section headings, edited text for clarity.
Configuration menu - View commit details
-
Copy full SHA for 8921cf0 - Browse repository at this point
Copy the full SHA 8921cf0View commit details -
Adds usage stats for vectors: (#44512)
An example of a reply: _xpack/usage "vectors": { "available": true, "enabled": true, "dense_vector_fields_count" : 1, "sparse_vector_fields_count" : 1, "dense_vector_dims_avg_count" : 100 }
Configuration menu - View commit details
-
Copy full SHA for 731ddbd - Browse repository at this point
Copy the full SHA 731ddbdView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6acea3c - Browse repository at this point
Copy the full SHA 6acea3cView commit details -
Small optimizations in VectorsUsageTransportAction
Relates to PR#44512
Configuration menu - View commit details
-
Copy full SHA for cd5bf44 - Browse repository at this point
Copy the full SHA cd5bf44View commit details -
Configuration menu - View commit details
-
Copy full SHA for 47f9c35 - Browse repository at this point
Copy the full SHA 47f9c35View commit details -
[SPATIAL] New ShapeFieldMapper for indexing cartesian geometries (#44980
) This commit adds a new ShapeFieldMapper to the xpack spatial module for indexing arbitrary cartesian geometries using a new field type called shape. The indexing approach leverages lucene's new XYShape field type which is backed by BKD in the same manner as LatLonShape but without the WGS84 latitude longitude restrictions. The new field mapper builds on and extends the refactoring effort in AbstractGeometryFieldMapper and accepts shapes in either GeoJSON or WKT format (both of which support non geospatial geometries). Tests are provided in the ShapeFieldMapperTest class in the same manner as GeoShapeFieldMapperTests and LegacyGeoShapeFieldMapperTests. Documentation for how to use the new field type and what parameters are accepted is included. The QueryBuilder for searching indexed shapes is provided in a separate commit.
Configuration menu - View commit details
-
Copy full SHA for 5efc017 - Browse repository at this point
Copy the full SHA 5efc017View commit details -
Improve errors when TLS files cannot be read (#44787)
This change improves the exception messages that are thrown when the system cannot read TLS resources such as keystores, truststores, certificates, keys or certificate-chains (CAs). This change specifically handles: - Files that do not exist - Files that cannot be read due to file-system permissions - Files that cannot be read due to the ES security-manager Relates: #43079
Configuration menu - View commit details
-
Copy full SHA for 7a0a4a5 - Browse repository at this point
Copy the full SHA 7a0a4a5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2ad531a - Browse repository at this point
Copy the full SHA 2ad531aView commit details -
Clarify which circuit breaker settings are static (#44992)
Most of the circuit breaker settings are dynamically configurable. However, `indices.breaker.total.use_real_memory` is not. With this commit we add a clarifying note that this specific setting is static. Closes #44974
Configuration menu - View commit details
-
Copy full SHA for 6a30267 - Browse repository at this point
Copy the full SHA 6a30267View commit details -
Mute all GC Disruption Simulating Tests (#45032)
* We suspect these might be causing #43387 so let's mute them on `master` temporarily to find out
Configuration menu - View commit details
-
Copy full SHA for 73bbb7f - Browse repository at this point
Copy the full SHA 73bbb7fView commit details -
Stop Recreating Wrapped Handlers in RestController (#44964)
* We shouldn't be recreating wrapped REST handlers over and over for every request. We only use this hook in x-pack and the wrapper there does not have any per request state. This is inefficient and could lead to some very unexpected memory behavior => I made the logic create the wrapper on handler registration and adjusted the x-pack wrapper implementation to correctly forward the circuit breaker and content stream flags
Configuration menu - View commit details
-
Copy full SHA for 0c089d6 - Browse repository at this point
Copy the full SHA 0c089d6View commit details -
Configuration menu - View commit details
-
Copy full SHA for cc53cc4 - Browse repository at this point
Copy the full SHA cc53cc4View commit details -
Cleanup Various Action- Listener and Runnable Usages (#42273)
* Dry up code for creating simple `ActionRunnable` a little * Shorten some other code around `ActionListener` usage, in particular when wrapping it in a `TransportResponseListener`
Configuration menu - View commit details
-
Copy full SHA for fecde5d - Browse repository at this point
Copy the full SHA fecde5dView commit details -
Configuration menu - View commit details
-
Copy full SHA for dadac0c - Browse repository at this point
Copy the full SHA dadac0cView commit details -
Indicate that some user APIs handle built-in users (#44857)
The Get Users API also returns users form the restricted realm or built-in users, as we call them in our docs. One can also change the passwords of built-in users with the Change Password API
Configuration menu - View commit details
-
Copy full SHA for 7fcdb41 - Browse repository at this point
Copy the full SHA 7fcdb41View commit details -
Configuration menu - View commit details
-
Copy full SHA for fb9f592 - Browse repository at this point
Copy the full SHA fb9f592View commit details
Commits on Aug 1, 2019
-
Adjust docs for password protected keystore (#45054)
This commit adds relevant parts in the elasticsearch-keystore sub-commands reference docs and in the reload secure settings API doc.
Configuration menu - View commit details
-
Copy full SHA for 0f34e9f - Browse repository at this point
Copy the full SHA 0f34e9fView commit details
Commits on Aug 7, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 4ad6b51 - Browse repository at this point
Copy the full SHA 4ad6b51View commit details
Commits on Aug 16, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 4780880 - Browse repository at this point
Copy the full SHA 4780880View commit details -
Handle pwd protected keystores in all CLI tools (#45289)
This change ensures that `elasticsearch-setup-passwords` and `elasticsearch-saml-metadata` can handle a password protected elasticsearch.keystore. For setup passwords the user would be prompted to add the elasticsearch keystore password upon running the tool. There is no option to pass the password as a parameter as we assume the user is present in order to enter the desired passwords for the built-in users. For saml-metadata, we prompt for the keystore password at all times even though we'd only need to read something from the keystore when there is a signing or encryption configuration.
Configuration menu - View commit details
-
Copy full SHA for d1cb96a - Browse repository at this point
Copy the full SHA d1cb96aView commit details
Commits on Aug 23, 2019
-
Configuration menu - View commit details
-
Copy full SHA for e0b949e - Browse repository at this point
Copy the full SHA e0b949eView commit details
Commits on Aug 28, 2019
-
Modify docs for setup passwords and saml metadata cli (#45797)
Adds a sentence in the documentation of `elasticsearch-setup-passwords` and `elasticsearch-saml-metadata` to describe that users would be prompted for the keystore's password when running these CLI tools, when the keystore is password protected. Co-Authored-By: Lisa Cawley <lcawley@elastic.co>
Configuration menu - View commit details
-
Copy full SHA for 5d461da - Browse repository at this point
Copy the full SHA 5d461daView commit details
Commits on Sep 9, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 5be2efb - Browse repository at this point
Copy the full SHA 5be2efbView commit details
Commits on Sep 19, 2019
-
Configuration menu - View commit details
-
Copy full SHA for b674115 - Browse repository at this point
Copy the full SHA b674115View commit details
Commits on Oct 2, 2019
-
Configuration menu - View commit details
-
Copy full SHA for ae32d3c - Browse repository at this point
Copy the full SHA ae32d3cView commit details
Commits on Oct 9, 2019
-
Configuration menu - View commit details
-
Copy full SHA for e928c27 - Browse repository at this point
Copy the full SHA e928c27View commit details
Commits on Oct 15, 2019
-
Configuration menu - View commit details
-
Copy full SHA for a4a2093 - Browse repository at this point
Copy the full SHA a4a2093View commit details
Commits on Oct 16, 2019
-
Configuration menu - View commit details
-
Copy full SHA for e0181b4 - Browse repository at this point
Copy the full SHA e0181b4View commit details
Commits on Oct 24, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 0944b31 - Browse repository at this point
Copy the full SHA 0944b31View commit details
Commits on Nov 11, 2019
-
Elasticsearch keystore passphrase for startup scripts (#44775)
This commit allows a user to provide a keystore password on Elasticsearch startup, but only prompts when the keystore exists and is encrypted. The entrypoint in Java code is standard input. When the Bootstrap class is checking for secure keystore settings, it checks whether or not the keystore is encrypted. If so, we read one line from standard input and use this as the password. For simplicity's sake, we allow a maximum passphrase length of 128 characters. (This is an arbitrary limit and could be increased or eliminated. It is also enforced in the keystore tools, so that a user can't create a password that's too long to enter at startup.) In order to provide a password on standard input, we have to account for four different ways of starting Elasticsearch: the bash startup script, the Windows batch startup script, systemd startup, and docker startup. We use wrapper scripts to reduce systemd and docker to the bash case: in both cases, a wrapper script can read a passphrase from the filesystem and pass it to the bash script. In order to simplify testing the need for a passphrase, I have added a has-passwd command to the keystore tool. This command can run silently, and exit with status 0 when the keystore has a password. It exits with status 1 if the keystore doesn't exist or exists and is unencrypted. A good deal of the code-change in this commit has to do with refactoring packaging tests to cleanly use the same tests for both the "archive" and the "package" cases. This required not only moving tests around, but also adding some convenience methods for an abstraction layer over distribution-specific commands. I will write some user-facing documentation for these changes in a follow-up commit.
Configuration menu - View commit details
-
Copy full SHA for 0a0db4b - Browse repository at this point
Copy the full SHA 0a0db4bView commit details
Commits on Nov 15, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 3229641 - Browse repository at this point
Copy the full SHA 3229641View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2a34fe0 - Browse repository at this point
Copy the full SHA 2a34fe0View commit details