Commit graph

10142 commits

Author SHA1 Message Date
Matt Keeler d992c5d27d
Initial Mesh Gateway Docs (#6090) 2019-07-08 19:40:57 -04:00
Freddy 16220815b3
Update CHANGELOG.md 2019-07-08 13:43:15 -06:00
Paul Banks 70e6ce6d96
Better gateway image 2019-07-08 16:30:51 +02:00
Jack Pearkes c3ddd51983 Putting source back into Dev Mode 2019-07-08 16:30:03 +02:00
Jack Pearkes 40e58dfb2d website: changes for 1.6.0 beta (#6083)
* website: link to 1.6.0 beta in downloads page

* website: reorganize intention replication/ca federation

* website: remove announcement bar

* Update website/source/docs/connect/connect-internals.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* website: update homepage and service mesh page

Aligning messaging to current product.

* website: fix link TODOs

* Add Mesh Gateway to mesh page, update use case wording
2019-07-08 15:12:42 +01:00
hashicorp-ci d770500730
Release v1.6.0-beta1 2019-07-08 13:20:36 +00:00
hashicorp-ci 88163aae24
update bindata_assetfs.go 2019-07-08 13:20:35 +00:00
Matt Keeler 5a93d956f0
Update CHANGELOG.md 2019-07-08 08:54:10 -04:00
Jack Pearkes 2b1761bab3 Make cluster names SNI always (#6081)
* Make cluster names SNI always

* Update some tests

* Ensure we check for prepared query types

* Use sni for route cluster names

* Proper mesh gateway mode defaulting when the discovery chain is used

* Ignore service splits from PatchSliceOfMaps

* Update some xds golden files for proper test output

* Allow for grpc/http listeners/cluster configs with the disco chain

* Update stats expectation
2019-07-08 12:48:48 +01:00
hashicorp-ci 0aca1565f8 Merge Consul OSS branch 'master' at commit c2c154eaf4135c155617b8ca902780105ac1ac00 2019-07-08 02:00:37 +00:00
Judith Malnick 9fa884059f
[docs] Link to TLS guide in Encryption doc (#6071)
Fixes issue #6067
2019-07-07 16:55:03 +02:00
Jack Pearkes 449b37c2d3
Update CHANGELOG.md 2019-07-05 10:37:42 -07:00
Jack Pearkes 27de3b4996
Update CHANGELOG.md 2019-07-05 10:22:48 -07:00
Michael Schurter 795afd7027 connect: allow overriding envoy listener bind_address (#6033)
* connect: allow overriding envoy listener bind_address

* Update agent/xds/config.go

Co-Authored-By: Kyle Havlovitz <kylehav@gmail.com>

* connect: allow overriding envoy listener bind_port

* envoy: support unix sockets for grpc in bootstrap

Add AgentSocket BootstrapTplArgs which if set overrides the AgentAddress
and AgentPort to generate a bootstrap which points Envoy to a unix
socket file instead of an ip:port.

* Add a test for passing the consul addr as a unix socket

* Fix config formatting for envoy bootstrap tests

* Fix listeners test cases for bind addr/port

* Update website/source/docs/connect/proxies/envoy.md
2019-07-05 16:06:47 +01:00
John Cowen b143a3bb66
ui: Gateway Addresses (#6075)
- Removes 'type' icons (basically the proxy icon, not the text itself)

- Add support for Mesh Gateways plus their addresses
This adds a 'Mesh Gateway' type label to service and service instance
pages, plus a new 'Addresses' tab if the service is a Mesh Gateway
showing a table of addresses for the service - plus tests
2019-07-05 09:07:25 +01:00
Matt Keeler 35a839952b Fix Internal.ServiceDump blocking (#6076)
maxIndexWatchTxn was only watching the IndexEntry of the max index of all the entries. It needed to watch all of them regardless of which was the max.

Also plumbed the query source through in the proxy config to help better track requests.
2019-07-04 16:17:49 +01:00
Matt Keeler 79cb3e1329
make test-docker (#6059)
* Implement the test-docker make target

Running tests within docker allows us to resource constrain them better to not take over our systems. Additionally it allows us to run the tests on linux instead of the host OS which often times is macOS.

* Use GOMAXPROCS instead of -p

* Add a comment about docker cpus
2019-07-04 10:22:59 -04:00
Matt Keeler 0ab7b63940
Don't use WatchedDatacenters in the xds code(#6068)
* Don't use WatchedDatacenters in the xds code as that map gets nil'ed before the ConfigSnapshot is sent to the xds layer.
2019-07-03 10:21:34 -04:00
Matt Keeler f06be580eb Don't use WatchedDatacenters in the xds code as thsoe get nil'ed out prior to sending to xds 2019-07-03 09:59:21 -04:00
Matt Keeler a7b00bc18e
xds message ordering (#6061)
xds message ordering
2019-07-03 09:18:58 -04:00
hashicorp-ci 8adbb8471e Merge Consul OSS branch 'master' at commit a58d8e91ac258c04174afca3818cbdae23aa8d3f 2019-07-03 02:00:31 +00:00
R.B. Boyer 2fdae82d0b
ensure consul config write has snake case conversions for MeshGateway (#6062) 2019-07-02 17:15:30 -05:00
Matt Keeler 0a0775b9a6 Fix a bunch of xds flaky tests
The clusters/endpoints test were still relying on deterministic ordering of clusters/endpoints which cannot be relied upon due to golang purposefully not providing any guarantee about consistent interation ordering of maps.

Also fixed a small bug in the connect proxy cluster generation that was causing the clusters slice to be double the size it needed to with the first half being all nil pointers.
2019-07-02 15:53:06 -04:00
Freddy 63e6a7410f
Fix Envoy 1.10 support note (#6045) 2019-07-02 11:26:26 -06:00
Matt Keeler c49f2fb9b8
Merge pull request #6053 from hashicorp/gateways_and_resolvers
Integrate Mesh Gateways with ServiceResolverSubsets
2019-07-02 12:05:08 -04:00
R.B. Boyer a1900754db
digest the proxy-defaults protocol into the graph (#6050) 2019-07-02 11:01:17 -05:00
Matt Keeler b7ca53f9e3 Update xds/proxycfg tests to use the same looking trust domain as a normal system
This is to prevent confusion about what our SNI fields actually look like.
2019-07-02 10:29:37 -04:00
Matt Keeler e916f2d954 Implement mesh gateway management of service subsets
Fixup some error handling
2019-07-02 10:29:37 -04:00
Matt Keeler fc27eb973a Implement caching for config entry lists
Update agent/cache-types/config_entry.go

Co-Authored-By: R.B. Boyer <public@richardboyer.net>
2019-07-02 10:11:19 -04:00
R.B. Boyer bccbb2b4ae
activate most discovery chain features in xDS for envoy (#6024) 2019-07-01 22:10:51 -05:00
Matt Keeler bcb3439c4c
Fix some tests that I broke when refactoring the ConfigSnapshot (#6051)
* Fix some tests that I broke when refactoring the ConfigSnapshot

* Make sure the MeshGateway config is added to all the right api structs

* Fix some more tests
2019-07-01 19:47:58 -04:00
Pierre Souchay 2e9370ba11 Bump timeout in TestManager_BasicLifecycle (#6030) 2019-07-01 17:02:00 -06:00
Matt Keeler 39bb0e3e77 Implement Mesh Gateways
This includes both ingress and egress functionality.
2019-07-01 16:28:30 -04:00
Matt Keeler 03ccc7c5ae Fix secondary dc connect CA roots watch issue
The general problem was that a the CA config which contained the trust domain was happening outside of the blocking mechanism so if the client started the blocking query before the primary dcs roots had been set then a state trust domain was being pushed down.

This was fixed here but in the future we should probably fixup the CA initialization code to not initialize the CA config twice when it doesn’t need to.
2019-07-01 16:28:30 -04:00
Matt Keeler 44dea31d1f Include a content hash of the intention for use during replication 2019-07-01 16:28:30 -04:00
Matt Keeler 0fc4da6861 Implement intention replication and secondary CA initialization 2019-07-01 16:28:30 -04:00
Matt Keeler 24749bc7e5 Implement Kind based ServiceDump and caching of the ServiceDump RPC 2019-07-01 16:28:30 -04:00
Alvin Huang 6a8b2ee308 increase go test parallelism, resource_class and run tests on release branch (#2) 2019-07-01 16:28:30 -04:00
R.B. Boyer 686e4606c6
do some initial config entry graph validation during writes (#6047) 2019-07-01 15:23:36 -05:00
Jack Pearkes ffa29d2cc3 website: fix link to raft paper (#6046) 2019-07-01 12:38:53 -06:00
hashicorp-ci e36792395e Merge Consul OSS branch 'master' at commit e91f73f59249f5756896b10890e9298e7c1fbacc 2019-06-30 02:00:31 +00:00
Sarah Christoff e7629ba63d
Update CHANGELOG.md 2019-06-28 12:55:58 -05:00
Sarah Christoff 8a930f7d3a
Remove failed nodes from serfWAN (#6028)
* Prune Servers from WAN and LAN

* cleaned up and fixed LAN to WAN

* moving things around

* force-leave remove from serfWAN, create pruneSerfWAN

* removed serfWAN remove, reduced complexity, fixed comments

* add another place to remove from serfWAN

* add nil check

* Update agent/consul/server.go

Co-Authored-By: Paul Banks <banks@banksco.de>
2019-06-28 12:40:07 -05:00
R.B. Boyer 6ce008c022
Allow for both snake_case and CamelCase for config entries written with 'consul config write'. (#6044)
This also has the added benefit of fixing an issue with passing
time.Duration fields through config entries.
2019-06-28 11:35:35 -05:00
Alvin Huang 7400ce2594 fix glossary link (#6043) 2019-06-28 10:04:09 -06:00
Hans Hasselberg bb91fe0722 Putting source back into Dev Mode 2019-06-27 23:27:07 +00:00
Hans Hasselberg 4aad3e2fb2
Release v1.5.2 2019-06-27 22:59:46 +00:00
Hans Hasselberg be6edd6f90
agent: check for gossip encrypt key (#6037) 2019-06-28 00:57:29 +02:00
Hans Hasselberg 73c4e9f07c
tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
Hans Hasselberg 709d7bb36b
Update CHANGELOG.md 2019-06-27 21:07:46 +02:00