Commit graph

8530 commits

Author SHA1 Message Date
Paul Banks d6b13463ed Fix misc test failures (some from other PRs) 2018-06-25 12:25:13 -07:00
Paul Banks 1283373a64 Only set precedence on write path 2018-06-25 12:25:13 -07:00
Paul Banks 22b95283e9 Fix some tests failures caused by the sorting change and some cuased by previous UpdatePrecedence() change 2018-06-25 12:25:13 -07:00
Paul Banks e2938138f6 Sort intention list by precedence 2018-06-25 12:25:13 -07:00
Mitchell Hashimoto efa2bdb88b agent: intention update/delete responess match ACL/KV behavior 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 93037b0607 agent/structs: JSON marshal the configuration for a managed proxy 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 8cb57b9316 agent: disallow deregistering a managed proxy directly 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 47c0e0dde6 agent: deregister service deregisters the proxy along with it 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 0d457a3e71 agent: RemoveProxy also removes the proxy service 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 8c349a2b24 Fix broken tests from PR merge related to proxy secure defaults 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto a3ef9c2308 agent/cache: always fetch with minimum index of 1 at least 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 6107b8d51e website: fix spacing issue 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 5f5e52f175 website: fix proxies to work via copy/paste 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto 164da57afb agent/proxy: remove debug println 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto 4fa92e7d0c website: document proxy security settings 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto f551413714 agent: disallow API registration with managed proxy if not enabled 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto a8ec3064f5 agent/config: AllowManagedAPIRegistration 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto c30affa4b6 agent/proxy: AllowRoot to disable executing managed proxies when root 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto be83efe61e agent/proxy: set the proper arguments so we only run the helper process 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto a7690301f9 agent/config: add AllowManagedRoot 2018-06-25 12:25:11 -07:00
Kyle Havlovitz 549dc22944 connect: fix two CA tests that were broken in a previous PR (#60) 2018-06-25 12:25:10 -07:00
Paul Banks a8d3131de9 Return defensive error if API response is jank 2018-06-25 12:25:10 -07:00
Paul Banks f6a804029f Refactor resolver logic to be clearer 2018-06-25 12:25:10 -07:00
Paul Banks 3433020fa6 Fix roots race with CA setup hammering bug and defensive nil check hit during obscure upgrade scenario 2018-06-25 12:25:10 -07:00
Mitchell Hashimoto 866dac5db2 website: example typo 2018-06-25 12:25:10 -07:00
Mitchell Hashimoto 00068d6d35 website: clarify custom proxy integration and custom managed proxies 2018-06-25 12:25:10 -07:00
Paul Banks 57595dae2a Fix "fail open" wording
"fail open" implies that we just allow anything if an agent gets partitioned which is not the right meaning!
2018-06-25 12:25:10 -07:00
Kyle Havlovitz 86200f2d03 docs: add Connect CA overview 2018-06-25 12:25:10 -07:00
Kyle Havlovitz e401384194 docs: add agent config options for connect/CA 2018-06-25 12:25:10 -07:00
Kyle Havlovitz 1ce8361aa2 agent: format all CA config fields 2018-06-25 12:25:09 -07:00
Kyle Havlovitz a242e5b130 agent: update accepted CA config fields and defaults 2018-06-25 12:25:09 -07:00
Mitchell Hashimoto 7846206753 agent/proxy: fix build on Windows 2018-06-25 12:24:18 -07:00
Mitchell Hashimoto 67d8cae7d0 website: update security model 2018-06-25 12:24:18 -07:00
Mitchell Hashimoto f0e9076b8b website: clarify namespaces, conflict 2018-06-25 12:24:17 -07:00
Paul Banks d0c2f88aba More misc comment cleanup 2018-06-25 12:24:17 -07:00
Paul Banks 6c77f7883e Misc comment cleanups 2018-06-25 12:24:16 -07:00
Paul Banks d0674cdd7a Warn about killing proxies in dev mode 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 7e796fd07b api: update intention struct for precedence 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto dc7d662731 website: clarify tiebreaker behavior 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 2244844bee website: document the precedence table 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 4ebddd6adb agent/consul: set precedence value on struct itself 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto dd042db965 website: document multi-DC, caching, clarify prepared queries and
multi-DC
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto db72f1018c website: fix typo 2018-06-25 12:24:15 -07:00
Mitchell Hashimoto 61c7e33a22 agent/config: move ports to ports structure, update docs 2018-06-25 12:24:15 -07:00
Paul Banks 01594710c6 Fix unreachable code warning from go vet 2018-06-25 12:24:15 -07:00
Paul Banks d140612350 Fixs a few issues that stopped this working in real life but not caught by tests:
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
 - Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
 - Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
 - Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 36adf98cc4 api: change Connect to a query option 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 83a06df778 connect: remove old unused code 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto cc4871842c website: address feedback 2018-06-25 12:24:14 -07:00
Paul Banks 3df45ac7f1 Don't kill proxies on agent shutdown; backport manager close fix 2018-06-25 12:24:13 -07:00