Paul Banks
d6b13463ed
Fix misc test failures (some from other PRs)
2018-06-25 12:25:13 -07:00
Paul Banks
1283373a64
Only set precedence on write path
2018-06-25 12:25:13 -07:00
Paul Banks
22b95283e9
Fix some tests failures caused by the sorting change and some cuased by previous UpdatePrecedence() change
2018-06-25 12:25:13 -07:00
Paul Banks
e2938138f6
Sort intention list by precedence
2018-06-25 12:25:13 -07:00
Mitchell Hashimoto
efa2bdb88b
agent: intention update/delete responess match ACL/KV behavior
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
93037b0607
agent/structs: JSON marshal the configuration for a managed proxy
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
8cb57b9316
agent: disallow deregistering a managed proxy directly
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
47c0e0dde6
agent: deregister service deregisters the proxy along with it
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
0d457a3e71
agent: RemoveProxy also removes the proxy service
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
8c349a2b24
Fix broken tests from PR merge related to proxy secure defaults
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
a3ef9c2308
agent/cache: always fetch with minimum index of 1 at least
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
6107b8d51e
website: fix spacing issue
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
5f5e52f175
website: fix proxies to work via copy/paste
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
164da57afb
agent/proxy: remove debug println
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
4fa92e7d0c
website: document proxy security settings
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
f551413714
agent: disallow API registration with managed proxy if not enabled
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
a8ec3064f5
agent/config: AllowManagedAPIRegistration
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
c30affa4b6
agent/proxy: AllowRoot to disable executing managed proxies when root
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
be83efe61e
agent/proxy: set the proper arguments so we only run the helper process
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
a7690301f9
agent/config: add AllowManagedRoot
2018-06-25 12:25:11 -07:00
Kyle Havlovitz
549dc22944
connect: fix two CA tests that were broken in a previous PR ( #60 )
2018-06-25 12:25:10 -07:00
Paul Banks
a8d3131de9
Return defensive error if API response is jank
2018-06-25 12:25:10 -07:00
Paul Banks
f6a804029f
Refactor resolver logic to be clearer
2018-06-25 12:25:10 -07:00
Paul Banks
3433020fa6
Fix roots race with CA setup hammering bug and defensive nil check hit during obscure upgrade scenario
2018-06-25 12:25:10 -07:00
Mitchell Hashimoto
866dac5db2
website: example typo
2018-06-25 12:25:10 -07:00
Mitchell Hashimoto
00068d6d35
website: clarify custom proxy integration and custom managed proxies
2018-06-25 12:25:10 -07:00
Paul Banks
57595dae2a
Fix "fail open" wording
...
"fail open" implies that we just allow anything if an agent gets partitioned which is not the right meaning!
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
86200f2d03
docs: add Connect CA overview
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
e401384194
docs: add agent config options for connect/CA
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
1ce8361aa2
agent: format all CA config fields
2018-06-25 12:25:09 -07:00
Kyle Havlovitz
a242e5b130
agent: update accepted CA config fields and defaults
2018-06-25 12:25:09 -07:00
Mitchell Hashimoto
7846206753
agent/proxy: fix build on Windows
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
67d8cae7d0
website: update security model
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
f0e9076b8b
website: clarify namespaces, conflict
2018-06-25 12:24:17 -07:00
Paul Banks
d0c2f88aba
More misc comment cleanup
2018-06-25 12:24:17 -07:00
Paul Banks
6c77f7883e
Misc comment cleanups
2018-06-25 12:24:16 -07:00
Paul Banks
d0674cdd7a
Warn about killing proxies in dev mode
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
7e796fd07b
api: update intention struct for precedence
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
dc7d662731
website: clarify tiebreaker behavior
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
2244844bee
website: document the precedence table
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
4ebddd6adb
agent/consul: set precedence value on struct itself
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
dd042db965
website: document multi-DC, caching, clarify prepared queries and
...
multi-DC
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
db72f1018c
website: fix typo
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
61c7e33a22
agent/config: move ports to ports
structure, update docs
2018-06-25 12:24:15 -07:00
Paul Banks
01594710c6
Fix unreachable code warning from go vet
2018-06-25 12:24:15 -07:00
Paul Banks
d140612350
Fixs a few issues that stopped this working in real life but not caught by tests:
...
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
- Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
- Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
- Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
36adf98cc4
api: change Connect to a query option
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
83a06df778
connect: remove old unused code
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
cc4871842c
website: address feedback
2018-06-25 12:24:14 -07:00
Paul Banks
3df45ac7f1
Don't kill proxies on agent shutdown; backport manager close fix
2018-06-25 12:24:13 -07:00