Commit Graph

18393 Commits

Author SHA1 Message Date
skpratt 02559085ad
move port and default check logic to locked step (#14057) 2022-09-06 19:35:31 -05:00
Freddy a7f38384ae
Add SpiffeID for Consul server agents (#14485)
Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com>

By adding a SpiffeID for server agents, servers can now request a leaf
certificate from the Connect CA.

This new Spiffe ID has a key property: servers are identified by their
datacenter name and trust domain. All servers that share these
attributes will share a ServerURI.

The aim is to use these certificates to verify the server name of ANY
server in a Consul datacenter.
2022-09-06 17:58:13 -06:00
David Yu b800f7e175
docs: small typos in single dc k8s clusters (#14484)
* docs: small typos in single dc k8s clusters

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-09-06 16:55:09 -07:00
Daniel Upton 128055c44c proxycfg-glue: server-local implementation of IntentionUpstreamsDestination
This is the OSS portion of enterprise PR 2463.

Generalises the serverIntentionUpstreams type to support matching on a
service or destination.
2022-09-06 23:27:25 +01:00
Daniel Upton 4b76d8a8ff proxycfg-glue: server-local implementation of InternalServiceDump
This is the OSS portion of enterprise PR 2489.

This PR introduces a server-local implementation of the
proxycfg.InternalServiceDump interface that sources data from a blocking query
against the server's state store.

For simplicity, it only implements the subset of the Internal.ServiceDump RPC
handler actually used by proxycfg - as such the result type has been changed
to IndexedCheckServiceNodes to avoid confusion.
2022-09-06 23:27:25 +01:00
Daniel Upton 8cd6c9f95e proxycfg-glue: server-local implementation of ResolvedServiceConfig
This is the OSS portion of enterprise PR 2460.

Introduces a server-local implementation of the proxycfg.ResolvedServiceConfig
interface that sources data from a blocking query against the server's state
store.

It moves the service config resolution logic into the agent/configentry package
so that it can be used in both the RPC handler and data source.

I've also done a little re-arranging and adding comments to call out data
sources for which there is to be no server-local equivalent.
2022-09-06 23:27:25 +01:00
Daniel Upton 3664ac54a5 Make proto-public a Go module
Our original intention was for projects to consume and generate their
own Go code for these protobuf packages using Buf. While this is still
the best route for many projects, it causes some headaches when using
a library (e.g. consul-server-connection-manager) that pulls in the
same protobuf package as your project, as Go's protobuf implementation
only allows for a package/namespace to be registered once.

In such cases, projects can depend on this Go module instead, as a
single place where these protobuf packages are registered.
2022-09-06 19:30:17 +01:00
Derek Menteer d771725a14 Add kv txn get-not-exists operation. 2022-09-06 10:28:59 -05:00
John Cowen 9780aba54a
ui: Add support for prefixing the API path (#14342) 2022-09-06 11:13:51 +01:00
John Cowen 9d555e538e
ui: Additionally use message for displaying errors in DataWriter (#14074) 2022-09-05 19:17:33 +01:00
Kyle Havlovitz a484a759c8
Merge pull request #14429 from hashicorp/ca-prune-intermediates
Prune old expired intermediate certs when appending a new one
2022-09-02 15:34:33 -07:00
David Yu 07c5d4247f
docs: Update single dc multiple k8s clusters doc (#14476)
Co-authored-by: Jona Apelbaum <jona@hashicorp.com>
2022-09-02 15:34:15 -07:00
cskh 4641a78d27
fix(txn api): missing proxy config in registering proxy service (#14471)
* fix(txn api): missing proxy config in registering proxy service
2022-09-02 14:28:05 -04:00
alex 8de0aefea4
lint net/rpc usage (#12816)
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-09-02 09:56:40 -07:00
DanStough 098cd512b2 fix(api): OSS<->ENT exported service incompatibility 2022-09-02 12:07:02 -04:00
Chris S. Kim 9390d71cc5
Fix early return in prototest.AssertElementsMatch (#14467) 2022-09-02 11:57:28 -04:00
Kyle Schochenmaier 14994212c5
update helm docs for release 0.48.0 (#14459) 2022-09-01 17:21:27 -07:00
trujillo-adam 58233f616b
Docs cni plugin (#14009)
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-09-01 16:22:11 -07:00
David Yu 6b6b538607
docs: Consul K8s 0.48.0 release notes (#14414)
Co-authored-by: Thomas Eckert <teckert@hashicorp.com>
2022-09-01 16:21:36 -07:00
Kyle Havlovitz 90fa16c8b5 Prune intermediates before appending new one 2022-09-01 14:24:30 -07:00
DanStough 1fe98bbe0b feat(cli): add initial peering cli commands 2022-09-01 17:20:13 -04:00
Luke Kysow 3cfea70273
Use proxy address for default check (#14433)
When a sidecar proxy is registered, a check is automatically added.
Previously, the address this check used was the underlying service's
address instead of the proxy's address, even though the check is testing
if the proxy is up.

This worked in most cases because the proxy ran on the same IP as the
underlying service but it's not guaranteed and so the proper default
address should be the proxy's address.
2022-09-01 14:03:35 -07:00
malizz c5cbd45b7d
fix TestProxyConfigEntry (#14435) 2022-09-01 11:37:47 -07:00
Kyle Schochenmaier b9f0241d93
[docs] update docs for kube-1.24 support (#14339)
* update docs for kube-1.24 support.
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-09-01 13:33:37 -05:00
John Cowen a4a4383aa8
ui: Adds a HCP home link when in HCP (#14417) 2022-09-01 18:26:12 +01:00
John Cowen fc6b2ccb00
ui: Use credentials for all HTTP API requests (#14343)
Adds withCredentials/credentials to all HTTP API requests.
2022-09-01 18:15:06 +01:00
David Yu fd8b367dc0
docs: minor changes to cluster peering k8s docs and typos (#14442)
* docs: minor changes to cluster peering k8s docs and typos
2022-09-01 10:10:32 -07:00
malizz ef5f697121
Add additional parameters to envoy passive health check config (#14238)
* draft commit

* add changelog, update test

* remove extra param

* fix test

* update type to account for nil value

* add test for custom passive health check

* update comments and tests

* update description in docs

* fix missing commas
2022-09-01 09:59:11 -07:00
Michael Klein 7547f7535f
ui: chore upgrade to ember-qunit v5 (#14430)
* Refactor remaining `moduleFor`-tests

`moduleFor*` will be removed from ember-qunit v5

* Upgrade ember-qunit to v5

* Update how we use ember-sinon-qunit

With ember-qunit v5 we need to use ember-sinon-qunit differently.

* Fix submit-blank test

We can't click on disabled buttons with new test-helpers.
We need to adapt the test accordingly.

* Make sure we await fill-in with form yaml step

We need to await `fill-in`. This changes the reducer
function in the step to create a proper await
chain.

* Fix show-routing test

We need to await a tick before visiting again.

* Remove redundant `wait one tick`-step

* remove unneeded "next Tick" promise from form step

* Increase timeout show-routing feature

* Comment on pause hack for show-routing test
2022-09-01 17:37:37 +02:00
Chris S. Kim 1a8b290086
Merge pull request #14439 from hashicorp/NET-795-fix-ui-services-endpoint-to-return-all-imported-services-for-a-partition
Add Internal.ServiceDump support for querying by PeerName
2022-09-01 11:06:35 -04:00
Chris S. Kim e70ba97e45 Add Internal.ServiceDump support for querying by PeerName 2022-09-01 10:32:59 -04:00
Chris S. Kim 7b338c8d00
Merge pull request #13998 from jorgemarey/f-new-tracing-envoy
Add new envoy tracing configuration
2022-09-01 08:57:23 -04:00
Jorge Marey 2110f1d0ff Fix typo on documentation 2022-08-31 23:14:25 +02:00
Luke Kysow 095934116e
Suppress "unbound variable" error. (#14424)
Without this change, you'd see this error:

```
./run-tests.sh: line 49: LAMBDA_TESTS_ENABLED: unbound variable
./run-tests.sh: line 49: LAMBDA_TESTS_ENABLED: unbound variable
```
2022-08-31 13:06:35 -07:00
malizz ad30192499
validate args before deleting proxy defaults (#14290)
* validate args before deleting proxy defaults

* add changelog

* validate name when normalizing proxy defaults

* add test for proxyConfigEntry

* add comments
2022-08-31 13:03:38 -07:00
Kyle Havlovitz 66b05b1081 Add changelog note 2022-08-31 11:43:21 -07:00
Kyle Havlovitz c5370d52e9 Prune old expired intermediate certs when appending a new one 2022-08-31 11:41:58 -07:00
Jared Kirschner 7ccf92c66b
Merge pull request #14426 from hashicorp/docs/fix-node-lookup-by-removing-tag
docs: node lookups don't support filtering on tag
2022-08-31 14:04:55 -04:00
Jared Kirschner 13aa1bcceb
docs: node lookups don't support filtering on tag 2022-08-31 13:58:23 -04:00
Chris S. Kim 0cea8aaa15
Merge pull request #14420 from hashicorp/docs/fix-peering-guide
docs: Fix code example in cluster peering
2022-08-31 12:26:21 -04:00
Chris S. Kim 851c280dfc Fix code example 2022-08-31 12:11:15 -04:00
Thomas Kula 58e44db5e2 Typo fix in service-splitter.mdx 2022-08-30 17:51:17 -07:00
David Yu 2d1352b02e
docs: re-organize service and node lookups for Consul Enterprise (#14389)
* docs: re-organize service and node lookups for Consul Enterprise

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-08-30 15:17:35 -07:00
Mike Morris ca75f6c936
ci: update backport-assistant to pick merge commit (#14408) 2022-08-30 15:44:06 -04:00
Jeff Boruszak 49453d4402 docs: Additional feedback from PR #12971
This commit incorporates additional feedback received related to
PR #12971.
2022-08-30 11:14:53 -07:00
Josh Roose 7bc220f34d
events compiled to JSON sentence structure (#13717) 2022-08-30 09:53:18 -07:00
Freddy f453ad692c
Merge pull request #14385 from hashicorp/snapshot-agent-path-addressing 2022-08-30 10:47:24 -06:00
Eric Haberkorn 06e7f3cadb
Finish up cluster peering failover (#14396) 2022-08-30 11:46:34 -04:00
Jorge Marey 5525efd2bd Change changelog message 2022-08-30 17:00:11 +02:00
Jorge Marey e3813586f3 Fix typos. Add test. Add documentation 2022-08-30 16:59:02 +02:00