3c520019e9
connect/ca: add logic for pruning old stale RootCA entries
2018-07-02 10:35:05 -07:00
8b27c3268a
Make sure we omit the Kind value in JSON if empty
2018-06-25 12:26:10 -07:00
a98b85b25c
connect/ca: add the Vault CA provider
2018-06-25 12:25:41 -07:00
63047f9434
agent: clarify comment
2018-06-25 12:25:14 -07:00
8f26c9c3b9
More test tweaks
2018-06-25 12:25:13 -07:00
22b95283e9
Fix some tests failures caused by the sorting change and some cuased by previous UpdatePrecedence() change
2018-06-25 12:25:13 -07:00
93037b0607
agent/structs: JSON marshal the configuration for a managed proxy
2018-06-25 12:25:12 -07:00
4ebddd6adb
agent/consul: set precedence value on struct itself
2018-06-25 12:24:16 -07:00
52c10d2208
agent/consul: support a Connect option on prepared query request
2018-06-25 12:24:12 -07:00
e8c899b1b8
agent/consul: prepared query supports "Connect" field
2018-06-25 12:24:11 -07:00
ad382d7351
agent: switch ConnectNative to an embedded struct
2018-06-25 12:24:10 -07:00
a3e0ac1ee3
agent/consul/state: support querying by Connect native
2018-06-25 12:24:08 -07:00
418ed161dc
agent: agent service registration supports Connect native services
2018-06-25 12:24:08 -07:00
8e02bbc897
agent/consul: support catalog registration with Connect native
2018-06-25 12:24:07 -07:00
b5b29cd6af
agent: rename test to check
2018-06-14 09:42:18 -07:00
526cfc34bd
agent/consul: implement Intention.Test endpoint
2018-06-14 09:42:17 -07:00
c808833a78
Return TrustDomain from CARoots RPC
2018-06-14 09:42:15 -07:00
1660f9ebab
Add more metadata to structs.CARoot
2018-06-14 09:42:15 -07:00
baf4db1c72
Use provider state table for a global serial index
2018-06-14 09:42:15 -07:00
662f38c625
agent/structs: validate service definitions, port required for proxy
2018-06-14 09:42:13 -07:00
52665f7d23
agent: clean up defaulting of proxy configuration
...
This cleans up and unifies how proxy settings defaults are applied.
2018-06-14 09:42:10 -07:00
669268f85c
agent: start proxy manager
2018-06-14 09:42:09 -07:00
a2167a7fd1
agent/proxy: manager and basic tests, not great coverage yet coming soon
2018-06-14 09:42:08 -07:00
f64a002f68
agent: start/stop proxies
2018-06-14 09:42:08 -07:00
536f31571b
agent: change connect command paths to be slices, not strings
...
This matches other executable configuration and allows us to cleanly
separate executable from arguments without trying to emulate shell
parsing.
2018-06-14 09:42:08 -07:00
02ab461dae
TLS watching integrated into Service with some basic tests.
...
There are also a lot of small bug fixes found when testing lots of things end-to-end for the first time and some cleanup now it's integrated with real CA code.
2018-06-14 09:42:07 -07:00
a29f3c6b96
Fix some inconsistencies around the CA provider code
2018-06-14 09:42:06 -07:00
6f566f750e
Basic `watch` support for connect proxy config and certificate endpoints.
...
- Includes some bug fixes for previous `api` work and `agent` that weren't tested
- Needed somewhat pervasive changes to support hash based blocking - some TODOs left in our watch toolchain that will explicitly fail on hash-based watches.
- Integration into `connect` is partially done here but still WIP
2018-06-14 09:42:05 -07:00
02fef5f9a2
Move ConsulCAProviderConfig into structs package
2018-06-14 09:42:04 -07:00
44b30476cb
Simplify the CA provider interface by moving some logic out
2018-06-14 09:42:04 -07:00
aa10fb2f48
Clarify some comments and names around CA bootstrapping
2018-06-14 09:42:04 -07:00
dcb2671d10
agent/cache: address PR feedback, lots of typos
2018-06-14 09:42:03 -07:00
56774f24d0
agent/cache-types: support intention match queries
2018-06-14 09:42:02 -07:00
3b6c46b7d7
agent/structs: DCSpecificRequest sets all the proper fields for
...
CacheInfo
2018-06-14 09:42:01 -07:00
72c82a9b29
agent/cache: Reorganize some files, RequestInfo struct, prepare for partitioning
2018-06-14 09:42:00 -07:00
ecc789ddb5
agent/cache: ConnectCA roots caching type
2018-06-14 09:42:00 -07:00
43f13d5a0b
Add cross-signing mechanism to root rotation
2018-06-14 09:42:00 -07:00
bbfcb278e1
Add the root rotation mechanism to the CA config endpoint
2018-06-14 09:41:59 -07:00
a585a0ba10
Have the built in CA store its state in raft
2018-06-14 09:41:59 -07:00
fc9ef9741b
Hook the CA RPC endpoint into the provider interface
2018-06-14 09:41:59 -07:00
a90f69faa4
Adds `api` client code and tests for new Proxy Config endpoint, registering with proxy and seeing proxy config in /agent/services list.
2018-06-14 09:41:58 -07:00
44afb5c699
Agent Connect Proxy config endpoint with hash-based blocking
2018-06-14 09:41:57 -07:00
c2266b134a
HTTP agent registration allows proxy to be defined.
2018-06-14 09:41:57 -07:00
78e48fd547
Added connect proxy config and local agent state setup on boot.
2018-06-14 09:41:57 -07:00
adc5589329
Allow duplicate source or destination, but enforce uniqueness across all four.
2018-06-14 09:41:57 -07:00
62b746c380
agent: rename authorize param ClientID to ClientCertURI
2018-06-14 09:41:56 -07:00
3e0e0a94a7
agent/structs: String format for Intention, used for logging
2018-06-14 09:41:55 -07:00
5364a8cd90
agent: /v1/agent/connect/authorize is functional, with tests
2018-06-14 09:41:54 -07:00
894ee3c5b0
Add Connect agent, catalog and health endpoints to api Client
2018-06-14 09:41:54 -07:00
2026cf3753
agent/consul: encode issued cert serial number as hex encoded
2018-06-14 09:41:53 -07:00
deb55c436d
agent/structs: hide some fields from JSON
2018-06-14 09:41:52 -07:00
746f80639a
agent: /v1/connect/ca/configuration PUT for setting configuration
2018-06-14 09:41:52 -07:00
58b6f476e8
agent: /v1/connect/ca/leaf/:service_id
2018-06-14 09:41:52 -07:00
80a058a573
agent/consul: CAS operations for setting the CA root
2018-06-14 09:41:51 -07:00
1928c07d0c
agent/consul: key the public key of the CSR, verify in test
2018-06-14 09:41:51 -07:00
9a8653f45e
agent/consul: test for ConnectCA.Sign
2018-06-14 09:41:51 -07:00
a360c5cca4
agent/consul: basic sign endpoint not tested yet
2018-06-14 09:41:51 -07:00
f433f61fdf
agent/structs: json omit QueryMeta
2018-06-14 09:41:50 -07:00
cfb62677c0
agent/consul/state: CARoot structs and initial state store
2018-06-14 09:41:49 -07:00
f9a55aa7e0
agent: clarified a number of comments per PR feedback
2018-06-14 09:41:49 -07:00
4cc4de1ff6
agent: remove ConnectProxyServiceName
2018-06-14 09:41:49 -07:00
566c98b2fc
agent/consul: require name for proxies
2018-06-14 09:41:48 -07:00
b5fd3017bb
agent/structs: tests for PartialClone and IsSame for proxy fields
2018-06-14 09:41:48 -07:00
c43ccd024a
agent/local: anti-entropy for connect proxy services
2018-06-14 09:41:48 -07:00
253256352c
agent/consul: Catalog.ServiceNodes supports Connect filtering
2018-06-14 09:41:47 -07:00
8a72826483
agent/consul: proxy registration and tests
2018-06-14 09:41:46 -07:00
761b561946
agent: /v1/catalog/service/:service works with proxies
2018-06-14 09:41:46 -07:00
09568ce7b5
agent/consul/state: service registration with proxy works
2018-06-14 09:41:46 -07:00
6a8bba7d48
agent/consul,structs: add tests for ACL filter and prefix for intentions
2018-06-14 09:41:45 -07:00
c54be9bc09
agent/consul: Basic ACL on Intention.Apply
2018-06-14 09:41:44 -07:00
1d0b4ceedb
agent: convert all intention tests to testify/assert
2018-06-14 09:41:44 -07:00
37f66e47ed
agent: use testing intention to get valid intentions
2018-06-14 09:41:43 -07:00
04bd4af99c
agent/consul: set default intention SourceType, validate it
2018-06-14 09:41:43 -07:00
8e2462e301
agent/structs: Intention validation
2018-06-14 09:41:42 -07:00
d34ee200de
agent/consul: support intention description, meta is non-nil
2018-06-14 09:41:42 -07:00
2b047fb09b
agent,agent/consul: set default namespaces
2018-06-14 09:41:42 -07:00
e9d208bcb6
agent/consul: RPC endpoint for Intention.Match
2018-06-14 09:41:42 -07:00
231f7328bd
agent/structs: IntentionPrecedenceSorter for sorting based on precedence
2018-06-14 09:41:41 -07:00
c78b82f43b
agent: POST /v1/connect/intentions
2018-06-14 09:41:40 -07:00
2a8a2f8167
agent/consul: Intention.Get endpoint
2018-06-14 09:41:40 -07:00
48b9a43f1d
agent/consul: Intention.Apply, FSM methods, very little validation
2018-06-14 09:41:39 -07:00
b19a289596
agent/consul: start Intention RPC endpoints, starting with List
2018-06-14 09:41:39 -07:00
c05bed86e1
agent/consul/state: initial work on intentions memdb table
2018-06-14 09:41:39 -07:00
88514d6a82
Add support for reverse lookup of services
2018-05-19 19:39:02 +02:00
a480434517
Remove the script field from checks in favor of args
2018-05-08 15:31:53 -07:00
ed94d356e0
Merge pull request #4023 from hashicorp/f-near-ip
...
Add near=_ip support for prepared queries
2018-04-12 12:10:48 -04:00
89cd24aeca
GH-3798: Add near=_ip support for prepared queries
2018-04-10 14:50:50 -04:00
2ed0d2afcd
Allow ignoring checks by ID when defining a PreparedQuery. Fixes #3727 .
2018-04-10 14:04:16 +01:00
8fbe3dfceb
Adds discovery_max_stale ( #4004 )
...
Adds a new option to allow service discovery endpoints to return stale results if configured at the agent level.
2018-03-30 10:14:44 -05:00
d9d9944179
Renames agent API layer for service metadata to "meta" for consistency
2018-03-28 09:04:50 -05:00
824b72cf90
Merge remote-tracking branch 'origin/master' into service_metadata
2018-02-11 13:20:49 +01:00
f2df4005fe
Added unit tests for structs and fixed PartialClone()
2018-02-09 01:37:45 +01:00
4f3b4d0e55
Addresses additional state mutations.
...
Did a sweep of 84d6ac2d51
2018-02-07 07:02:10 -08:00
3acc5b58d4
Added support for Service Metadata
2018-02-07 01:54:42 +01:00
1a08e8c0f1
Changes "TLS" to "GRPCUseTLS" since it only applies to GRPC checks.
2018-02-02 17:29:34 -08:00
a45f6ad740
Add gRPC health-check #3073
2018-01-04 16:42:30 -05:00
8546a1d3c6
Move autopilot to a standalone package
2017-12-11 16:45:33 -08:00
068ca11eb8
Move check definition to a sub-struct
2017-11-01 14:54:46 -07:00
16908be034
Add deregister critical service field and refactor duration parsing
2017-10-25 19:17:41 -07:00
7d82ece118
Added remaining HTTP health check fields to structs
2017-10-25 19:37:30 +02:00
Kyle Havlovitz