diff --git a/.changelog/18329.txt b/.changelog/18329.txt new file mode 100644 index 000000000000..ab3671de86bf --- /dev/null +++ b/.changelog/18329.txt @@ -0,0 +1,4 @@ +```release-note:improvement +cli: Adds cli support for checking TCP connection for ports. If -ports flag is not given, it will check for +default ports of consul listed here - https://developer.hashicorp.com/consul/docs/install/ports +``` \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 1cd479a0cf3d..ff575ff1255a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,25 @@ +## 1.17.2 (January 23, 2024) +SECURITY: + +* Upgrade OpenShift container images to use `ubi9-minimal:9.3` as the base image. [[GH-20014](https://github.com/hashicorp/consul/issues/20014)] + +IMPROVEMENTS: + +* connect: Remove usage of deprecated Envoy field `match_subject_alt_names` in favor of `match_typed_subject_alt_names`. [[GH-19954](https://github.com/hashicorp/consul/issues/19954)] +* connect: replace usage of deprecated Envoy field `envoy.config.router.v3.WeightedCluster.total_weight`. [[GH-20011](https://github.com/hashicorp/consul/issues/20011)] +* xds: Replace usage of deprecated Envoy field `envoy.config.cluster.v3.Cluster.http_protocol_options` [[GH-20010](https://github.com/hashicorp/consul/issues/20010)] +* xds: remove usages of deprecated Envoy fields: `envoy.config.cluster.v3.Cluster.http2_protocol_options`, `envoy.config.bootstrap.v3.Admin.access_log_path` [[GH-19940](https://github.com/hashicorp/consul/issues/19940)] +* xds: replace usage of deprecated Envoy field `envoy.extensions.filters.http.lua.v3.Lua.inline_code` [[GH-20012](https://github.com/hashicorp/consul/issues/20012)] + +DEPRECATIONS: + +* cli: Deprecate the `-admin-access-log-path` flag from `consul connect envoy` command in favor of: `-admin-access-log-config`. [[GH-19943](https://github.com/hashicorp/consul/issues/19943)] + +BUG FIXES: + +* prepared-query: (Enterprise-only) Fix issue where sameness-group failover targets to peers would attempt to query data from the default partition, rather than the sameness-group's partition always. +* ui: update token list on Role details page to show only linked tokens [[GH-19912](https://github.com/hashicorp/consul/issues/19912)] + ## 1.17.1 (December 12, 2023) SECURITY: diff --git a/command/registry.go b/command/registry.go index 604b0033b72f..1a403aa11f26 100644 --- a/command/registry.go +++ b/command/registry.go @@ -133,6 +133,7 @@ import ( tlscert "github.com/hashicorp/consul/command/tls/cert" tlscertcreate "github.com/hashicorp/consul/command/tls/cert/create" "github.com/hashicorp/consul/command/troubleshoot" + troubleshootports "github.com/hashicorp/consul/command/troubleshoot/ports" troubleshootproxy "github.com/hashicorp/consul/command/troubleshoot/proxy" troubleshootupstreams "github.com/hashicorp/consul/command/troubleshoot/upstreams" "github.com/hashicorp/consul/command/validate" @@ -275,6 +276,7 @@ func RegisteredCommands(ui cli.Ui) map[string]mcli.CommandFactory { entry{"troubleshoot", func(ui cli.Ui) (cli.Command, error) { return troubleshoot.New(), nil }}, entry{"troubleshoot proxy", func(ui cli.Ui) (cli.Command, error) { return troubleshootproxy.New(ui), nil }}, entry{"troubleshoot upstreams", func(ui cli.Ui) (cli.Command, error) { return troubleshootupstreams.New(ui), nil }}, + entry{"troubleshoot ports", func(ui cli.Ui) (cli.Command, error) { return troubleshootports.New(ui), nil }}, entry{"validate", func(ui cli.Ui) (cli.Command, error) { return validate.New(ui), nil }}, entry{"version", func(ui cli.Ui) (cli.Command, error) { return version.New(ui), nil }}, entry{"watch", func(ui cli.Ui) (cli.Command, error) { return watch.New(ui, MakeShutdownCh()), nil }}, diff --git a/command/troubleshoot/ports/troubleshoot_ports.go b/command/troubleshoot/ports/troubleshoot_ports.go new file mode 100644 index 000000000000..108870305110 --- /dev/null +++ b/command/troubleshoot/ports/troubleshoot_ports.go @@ -0,0 +1,89 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package ports + +import ( + "flag" + "fmt" + "github.com/hashicorp/consul/troubleshoot/ports" + "os" + + "github.com/hashicorp/consul/command/cli" + "github.com/hashicorp/consul/command/flags" +) + +func New(ui cli.Ui) *cmd { + c := &cmd{UI: ui} + c.init() + return c +} + +type cmd struct { + UI cli.Ui + flags *flag.FlagSet + help string + + // flags + host string + ports string +} + +func (c *cmd) init() { + c.flags = flag.NewFlagSet("", flag.ContinueOnError) + + c.flags.StringVar(&c.host, "host", os.Getenv("CONSUL_HTTP_ADDR"), "The consul server host") + + c.flags.StringVar(&c.ports, "ports", "", "Custom ports to troubleshoot") + + c.help = flags.Usage(help, c.flags) +} + +func (c *cmd) Run(args []string) int { + + if err := c.flags.Parse(args); err != nil { + c.UI.Error(fmt.Sprintf("Failed to parse args: %v", err)) + return 1 + } + + if c.host == "" { + c.UI.Error("-host is required. or set environment variable CONSUL_HTTP_ADDR") + return 1 + } + + if c.ports == "" { + ports.TroubleshootDefaultPorts(c.host) + } else { + ports.TroubleShootCustomPorts(c.host, c.ports) + } + return 0 +} + +func (c *cmd) Synopsis() string { + return synopsis +} + +func (c *cmd) Help() string { + return c.help +} + +const ( + synopsis = "Prints open and closed ports on the Consul server" + help = ` +Usage: consul troubleshoot ports [options] + Checks ports for TCP connectivity. Add the -ports flag to check specific ports or omit the -ports flag to check default ports. + Refer to the following reference for default ports: https://developer.hashicorp.com/consul/docs/install/ports + + consul troubleshoot ports -host localhost + + or + export CONSUL_HTTP_ADDR=localhost + consul troubleshoot ports + + Use the -ports flag to check non-default ports, for example: + consul troubleshoot ports -host localhost -ports 1023,1024 + or + export CONSUL_HTTP_ADDR=localhost + consul troubleshoot ports -ports 1234,8500 +` +) diff --git a/go.mod b/go.mod index bd3239905bc8..00077fa28fc6 100644 --- a/go.mod +++ b/go.mod @@ -40,9 +40,9 @@ require ( github.com/hashicorp/consul-net-rpc v0.0.0-20221205195236-156cfab66a69 github.com/hashicorp/consul/api v1.27.0 github.com/hashicorp/consul/envoyextensions v0.5.2 - github.com/hashicorp/consul/proto-public v0.5.1 + github.com/hashicorp/consul/proto-public v0.5.2 github.com/hashicorp/consul/sdk v0.15.1 - github.com/hashicorp/consul/troubleshoot v0.4.1 + github.com/hashicorp/consul/troubleshoot v0.5.0 github.com/hashicorp/go-bexpr v0.1.2 github.com/hashicorp/go-checkpoint v0.5.0 github.com/hashicorp/go-cleanhttp v0.5.2 diff --git a/test-integ/go.mod b/test-integ/go.mod index 7e3425c4c61e..1ab6981dcdc2 100644 --- a/test-integ/go.mod +++ b/test-integ/go.mod @@ -4,7 +4,7 @@ go 1.20 require ( github.com/hashicorp/consul/api v1.27.0 - github.com/hashicorp/consul/proto-public v0.5.1 + github.com/hashicorp/consul/proto-public v0.5.2 github.com/hashicorp/consul/sdk v0.15.1 github.com/hashicorp/consul/test/integration/consul-container v0.0.0-20230628201853-bdf4fad7c5a5 github.com/hashicorp/consul/testing/deployer v0.0.0-20230811171106-4a0afb5d1373 diff --git a/test/integration/consul-container/go.mod b/test/integration/consul-container/go.mod index 75dc0a6a7e0e..7a31d9ec32f9 100644 --- a/test/integration/consul-container/go.mod +++ b/test/integration/consul-container/go.mod @@ -12,7 +12,7 @@ require ( github.com/hashicorp/consul v1.16.1 github.com/hashicorp/consul/api v1.27.0 github.com/hashicorp/consul/envoyextensions v0.5.2 - github.com/hashicorp/consul/proto-public v0.5.1 + github.com/hashicorp/consul/proto-public v0.5.2 github.com/hashicorp/consul/sdk v0.15.1 github.com/hashicorp/consul/testing/deployer v0.0.0-20230811171106-4a0afb5d1373 github.com/hashicorp/go-cleanhttp v0.5.2 diff --git a/troubleshoot/go.mod b/troubleshoot/go.mod index 8331c4ace2d5..5b000c7a4da3 100644 --- a/troubleshoot/go.mod +++ b/troubleshoot/go.mod @@ -12,6 +12,7 @@ require ( github.com/envoyproxy/go-control-plane/xdsmatcher v0.0.0-20230524161521-aaaacbfbe53e github.com/hashicorp/consul/api v1.27.0 github.com/hashicorp/consul/envoyextensions v0.5.2 + github.com/hashicorp/consul/sdk v0.15.1 github.com/stretchr/testify v1.8.3 google.golang.org/protobuf v1.30.0 ) @@ -30,17 +31,17 @@ require ( github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect + github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.2.1 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect github.com/hashicorp/serf v0.10.1 // indirect - github.com/kr/pretty v0.3.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.17 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_model v0.4.0 // indirect - github.com/rogpeppe/go-internal v1.10.0 // indirect go.opentelemetry.io/proto/otlp v0.19.0 // indirect golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 // indirect golang.org/x/net v0.17.0 // indirect @@ -50,6 +51,5 @@ require ( google.golang.org/genproto/googleapis/api v0.0.0-20230526203410-71b5a4ffd15e // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230526203410-71b5a4ffd15e // indirect google.golang.org/grpc v1.56.3 // indirect - gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/troubleshoot/go.sum b/troubleshoot/go.sum index 22146a4346b5..71a27c91b6a4 100644 --- a/troubleshoot/go.sum +++ b/troubleshoot/go.sum @@ -70,7 +70,6 @@ github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= @@ -167,6 +166,7 @@ github.com/hashicorp/consul/api v1.27.0/go.mod h1:JkekNRSou9lANFdt+4IKx3Za7XY0Jz github.com/hashicorp/consul/envoyextensions v0.5.2 h1:L5mYp/caTRHJyfTanIRk2J8phzqLfK2BCnrLxCIiPCA= github.com/hashicorp/consul/envoyextensions v0.5.2/go.mod h1:Y8PTEDOAEs/785atx6iAnmxfpTaXgZjnlXCDJMw+T64= github.com/hashicorp/consul/sdk v0.15.1 h1:kKIGxc7CZtflcF5DLfHeq7rOQmRq3vk7kwISN9bif8Q= +github.com/hashicorp/consul/sdk v0.15.1/go.mod h1:7pxqqhqoaPqnBnzXD1StKed62LqJeClzVsUEy85Zr0A= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -193,6 +193,7 @@ github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdv github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= +github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.2.1 h1:zEfKbn2+PDgroKdiOzqiE8rsmLqU2uwi5PB5pBJ3TkI= github.com/hashicorp/go-version v1.2.1/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= @@ -215,13 +216,10 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -258,6 +256,7 @@ github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144T github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -279,9 +278,7 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= @@ -599,7 +596,6 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/troubleshoot/ports/hostport.go b/troubleshoot/ports/hostport.go new file mode 100644 index 000000000000..1d09e34f0400 --- /dev/null +++ b/troubleshoot/ports/hostport.go @@ -0,0 +1,9 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package ports + +type hostPort struct { + host string + port string +} diff --git a/troubleshoot/ports/troubleshoot_ports.go b/troubleshoot/ports/troubleshoot_ports.go new file mode 100644 index 000000000000..ec1bfda5963f --- /dev/null +++ b/troubleshoot/ports/troubleshoot_ports.go @@ -0,0 +1,53 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package ports + +import ( + "fmt" + "strings" +) + +func TroubleshootDefaultPorts(host string) []string { + // Source - https://developer.hashicorp.com/consul/docs/install/ports + ports := []string{"8600", "8500", "8501", "8502", "8503", "8301", "8302", "8300"} + return troubleshootRun(ports, host) +} + +func TroubleShootCustomPorts(host string, ports string) []string { + portsArr := strings.Split(ports, ",") + return troubleshootRun(portsArr, host) +} + +func troubleshootRun(ports []string, host string) []string { + + resultsChannel := make(chan string) + defer close(resultsChannel) + + var counter = 0 + + for _, port := range ports { + counter += 1 + tcpTroubleShoot := troubleShootTcp{} + port := port + go func() { + err := tcpTroubleShoot.dialPort(&hostPort{host: host, port: port}) + var res string + if err != nil { + res = fmt.Sprintf("TCP: Port %s on %s is closed, unreachable, or the connection timed out.\n", port, host) + } else { + // If no error occurs, the connection was successful, and the port is open. + res = fmt.Sprintf("TCP: Port %s on %s is open.\n", port, host) + } + resultsChannel <- res + }() + } + + resultsArr := make([]string, counter) + for itr := 0; itr < counter; itr++ { + res := <-resultsChannel + fmt.Print(res) + resultsArr[itr] = res + } + return resultsArr +} diff --git a/troubleshoot/ports/troubleshoot_ports_test.go b/troubleshoot/ports/troubleshoot_ports_test.go new file mode 100644 index 000000000000..2358467e6853 --- /dev/null +++ b/troubleshoot/ports/troubleshoot_ports_test.go @@ -0,0 +1,55 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package ports + +import ( + "fmt" + "github.com/hashicorp/consul/sdk/testutil" + "github.com/stretchr/testify/require" + "strconv" + "strings" + "testing" +) + +func TestTroubleShootCustom_Ports(t *testing.T) { + // Create a test Consul server + srv1, err := testutil.NewTestServerConfigT(t, nil) + if err != nil { + t.Fatal(err) + } + + results := TroubleShootCustomPorts("127.0.0.1", strings.Join([]string{ + strconv.Itoa(srv1.Config.Ports.HTTP), + strconv.Itoa(srv1.Config.Ports.DNS), + strconv.Itoa(srv1.Config.Ports.HTTPS), + strconv.Itoa(srv1.Config.Ports.GRPC), + strconv.Itoa(srv1.Config.Ports.SerfLan), + strconv.Itoa(srv1.Config.Ports.SerfWan), + strconv.Itoa(srv1.Config.Ports.Server)}, ",")) + expectedResults := []string{ + fmt.Sprintf("TCP: Port %s on 127.0.0.1 is open.\n", strconv.Itoa(srv1.Config.Ports.HTTP)), + fmt.Sprintf("TCP: Port %s on 127.0.0.1 is open.\n", strconv.Itoa(srv1.Config.Ports.GRPC)), + fmt.Sprintf("TCP: Port %s on 127.0.0.1 is open.\n", strconv.Itoa(srv1.Config.Ports.HTTPS)), + fmt.Sprintf("TCP: Port %s on 127.0.0.1 is open.\n", strconv.Itoa(srv1.Config.Ports.SerfLan)), + fmt.Sprintf("TCP: Port %s on 127.0.0.1 is open.\n", strconv.Itoa(srv1.Config.Ports.SerfWan)), + fmt.Sprintf("TCP: Port %s on 127.0.0.1 is open.\n", strconv.Itoa(srv1.Config.Ports.DNS)), + fmt.Sprintf("TCP: Port %s on 127.0.0.1 is open.\n", strconv.Itoa(srv1.Config.Ports.Server)), + } + for _, res := range expectedResults { + require.Contains(t, results, res) + } + defer srv1.Stop() +} + +func TestTroubleShootCustom_Ports_Not_Reachable(t *testing.T) { + results := TroubleShootCustomPorts("127.0.0.1", strings.Join([]string{"8777", "8888"}, ",")) + + expectedResults := []string{ + fmt.Sprintf("TCP: Port 8777 on 127.0.0.1 is closed, unreachable, or the connection timed out.\n"), + fmt.Sprintf("TCP: Port 8888 on 127.0.0.1 is closed, unreachable, or the connection timed out.\n"), + } + for _, res := range expectedResults { + require.Contains(t, results, res) + } +} diff --git a/troubleshoot/ports/troubleshoot_protocol.go b/troubleshoot/ports/troubleshoot_protocol.go new file mode 100644 index 000000000000..e0299adba7dd --- /dev/null +++ b/troubleshoot/ports/troubleshoot_protocol.go @@ -0,0 +1,8 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package ports + +type troubleShootProtocol interface { + dialPort(hostPort *hostPort) error +} diff --git a/troubleshoot/ports/troubleshoot_tcp.go b/troubleshoot/ports/troubleshoot_tcp.go new file mode 100644 index 000000000000..8ade64dfbed0 --- /dev/null +++ b/troubleshoot/ports/troubleshoot_tcp.go @@ -0,0 +1,24 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package ports + +import ( + "net" + "time" +) + +type troubleShootTcp struct { +} + +func (tcp *troubleShootTcp) dialPort(hostPort *hostPort) error { + address := net.JoinHostPort(hostPort.host, hostPort.port) + + // Attempt to establish a TCP connection with a timeout. + conn, err := net.DialTimeout("tcp", address, 5*time.Second) + if err != nil { + return err + } + defer conn.Close() + return nil +} diff --git a/website/content/commands/troubleshoot/index.mdx b/website/content/commands/troubleshoot/index.mdx index 0c992aab15c9..74d9d9cec32a 100644 --- a/website/content/commands/troubleshoot/index.mdx +++ b/website/content/commands/troubleshoot/index.mdx @@ -22,6 +22,7 @@ Subcommands: proxy Troubleshoots service mesh issues from the current Envoy instance upstreams Gets upstream Envoy identifiers and IPs configured for the proxy + ports Prints open and closed ports on the Consul server. ``` For more information, examples, and usage about a subcommand, click on the name @@ -29,3 +30,4 @@ of the subcommand in the sidebar or one of the links below: - [proxy](/consul/commands/troubleshoot/proxy) - [upstreams](/consul/commands/troubleshoot/upstreams) +- [ports](/consul/commands/troubleshoot/ports) diff --git a/website/content/commands/troubleshoot/ports.mdx b/website/content/commands/troubleshoot/ports.mdx new file mode 100644 index 000000000000..5a4d5faf5082 --- /dev/null +++ b/website/content/commands/troubleshoot/ports.mdx @@ -0,0 +1,47 @@ +--- +layout: commands +page_title: 'Commands: Troubleshoot Ports' +description: >- + The `consul troubleshoot ports` Helps troubleshoot TCP ports by printing if they are open or closed. +--- + +# Consul Troubleshoot Upstreams + +Command: `consul troubleshoot ports` + +The `troubleshoot ports` prints TCP port statuses to help you troubleshoot port connectivity. + +## Usage + +Usage: `consul troubleshoot ports [options]` + +#### Command Options + +- `-host=` - Host name to troubleshoot TCP ports for. You can also set the `CONSUL_HTTP_ADDR` environment variable instead of using the `-host` flag. +- `-ports=` - Specifies a comma-separated list of custom ports to check. + +## Examples + +The following example checks the default ports Consul server uses for TCP connectivity. Note that the `CONSUL_HTTP_ADDR` environment variable is set to `localhost`. As a result, the `-host` flag is not required. +Refer to [Required Ports](/consul/docs/install/ports) for additional information. + +```shell-session +$ export CONSUL_HTTP_ADDR=localhost +$ consul troubleshoot ports +TCP: Port 8501 on localhost is open. +TCP: Port 8502 on localhost is open. +TCP: Port 8503 on localhost is open. +TCP: Port 8302 on localhost is open. +TCP: Port 8300 on localhost is open. +TCP: Port 8600 on localhost is open. +TCP: Port 8301 on localhost is open. +TCP: Port 8500 on localhost is open. +``` + +The following example checks TCP ports status on the `hashicorp.com` host. + +```shell-session +$ consul troubleshoot ports -host hashicorp.com -ports 80,8077 +TCP: Port 80 on hashicorp.com is open. +TCP: Port 8077 on hashicorp.com is closed, unreachable, or the connection timed out. +``` diff --git a/website/data/commands-nav-data.json b/website/data/commands-nav-data.json index 1b0cadd0447c..f8b8af1587a3 100644 --- a/website/data/commands-nav-data.json +++ b/website/data/commands-nav-data.json @@ -575,6 +575,10 @@ { "title": "proxy", "path": "troubleshoot/proxy" + }, + { + "title": "ports", + "path": "troubleshoot/ports" } ] },