Commit Graph

12058 Commits

Author SHA1 Message Date
Seth Hoenig c2a1322894
api/agent: enable setting SuccessBeforePassing and FailuresBeforeCritical in API (#7949)
Fixes #7764

Until now these two fields could only be set through on-disk agent configuration.
This change adds the fields to the agent API struct definition so that they can
be set using the agent HTTP API.
2020-06-29 14:52:35 +02:00
Matt Keeler 3d9ca75e34
Merge pull request #8193 from hashicorp/feature/auto-config/suppress-config-warnings 2020-06-27 10:06:52 -04:00
R.B. Boyer c268725e65 update changelog 2020-06-26 17:00:17 -05:00
R.B. Boyer 72a515f5ec
connect: various changes to make namespaces for intentions work more like for other subsystems (#8194)
Highlights:

- add new endpoint to query for intentions by exact match

- using this endpoint from the CLI instead of the dump+filter approach

- enforcing that OSS can only read/write intentions with a SourceNS or
  DestinationNS field of "default".

- preexisting OSS intentions with now-invalid namespace fields will
  delete those intentions on initial election or for wildcard namespaces
  an attempt will be made to downgrade them to "default" unless one
  exists.

- also allow the '-namespace' CLI arg on all of the intention subcommands

- update lots of docs
2020-06-26 16:59:15 -05:00
Matt Keeler a1275c6e7d
Use the DNS and IP SANs from the auto config stanza when set 2020-06-26 16:01:30 -04:00
Matt Keeler 1fcb9ef03f
Overhaul the auto-config translation
This fixes some issues around spurious warnings about using enterprise configuration in OSS.
2020-06-26 15:25:21 -04:00
Freddy 6ef032fefe
Split up unused key validation for oss/ent (#8189)
Split up unused key validation in config entry decode for oss/ent.

This is needed so that we can return an informative error in OSS if namespaces are provided.
2020-06-25 13:58:29 -06:00
Daniel Nephin 7d5f1ba6bd
Merge pull request #8176 from hashicorp/dnephin/add-linter-unparam-1
lint: add unparam linter and fix some of the issues
2020-06-25 15:34:48 -04:00
Freddy 78751f4b97
Merge pull request #8186 from hashicorp/docs-cleanup 2020-06-25 11:44:24 -06:00
Freddy 36a9bb4133
Update website/pages/docs/acl/auth-methods/jwt.mdx
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2020-06-25 11:43:42 -06:00
Kenia e67af2b292
ui: Support ingress gateways upstreams with multiple addresses (#8185)
* Upgrade consul-api-double to version 3.1.2

* Display multiple addresses for ingress gateway upstreams
2020-06-25 09:50:39 -04:00
Matt Keeler a448e3e636
Merge pull request #8184 from hashicorp/bugfix/goroutine-leaks 2020-06-25 09:22:19 -04:00
freddygv 5b5210e2b7 Remove remaining beta tags 2020-06-24 16:12:24 -06:00
freddygv 2adf1df079 Remove stray instruction 2020-06-24 16:12:08 -06:00
freddygv 5f34f9954c Add docs for upstream destination's namespace 2020-06-24 16:11:44 -06:00
Chris Piraino 8db22c166a
Merge pull request #7932 from hashicorp/ingress/internal-ui-endpoint-multiple-ports
Update gateway-services-nodes API endpoint to allow multiple addresses
2020-06-24 17:11:01 -05:00
freddygv 1ac7e9a07d Add tabs to config entry examples 2020-06-24 16:10:46 -06:00
Chris Piraino 58eb3710fc remove obsolete comments about test parallelization 2020-06-24 16:36:13 -05:00
Chris Piraino abe2ca94c5 Update gateway-services-nodes API endpoint to allow multiple addresses
Previously, we were only returning a single ListenerPort for a single
service. However, we actually allow a single service to be serviced over
multiple ports, as well as allow users to define what hostnames they
expect their services to be contacted over. When no hosts are defined,
we return the default ingress domain for any configured DNS domain.

To show this in the UI, we modify the gateway-services-nodes API to
return a GatewayConfig.Addresses field, which is a list of addresses
over which the specific service can be contacted.
2020-06-24 16:35:23 -05:00
Matt Keeler 2ab8af4093
Add a test for go routine leaks
This is in its own separate package so that it will be a separate test binary that runs thus isolating the go runtime from other tests and allowing accurate go routine leak checking.

This test would ideally use goleak.VerifyTestMain but that will fail 100% of the time due to some architectural things (blocking queries and net/rpc uncancellability).

This test is not comprehensive. We should enable/exercise more features and more cluster configurations. However its a start.
2020-06-24 17:09:50 -04:00
Matt Keeler d471977f62
Fix go routine leak in auto encrypt ca roots tracking 2020-06-24 17:09:50 -04:00
Matt Keeler 90e741c6d2
Allow cancelling blocking queries in response to shutting down. 2020-06-24 17:09:50 -04:00
John Cowen f133abe4f1
ui: Ensure the tooltip panel chevron isn't hidden by overflow (#8183) 2020-06-24 18:07:19 +01:00
Daniel Nephin 0285956fac Update TestAgent_GetCoordinate
The old test case was a very specific regresion test for a case that is no longer possible.
Replaced with a new test that checks the default coordinate is returned.
2020-06-24 13:00:15 -04:00
Daniel Nephin 56ecfce5fa Remove unused return values 2020-06-24 13:00:15 -04:00
Daniel Nephin 07c1081d39 Fix a bunch of unparam lint issues 2020-06-24 13:00:14 -04:00
Matt Keeler 341aedbce9
Ensure that retryLoopBackoff can be cancelled
We needed to pass a cancellable context into the limiter.Wait instead of context.Background. So I made the func take a context instead of a chan as most places were just passing through a Done chan from a context anyways.

Fix go routine leak in the gateway locator
2020-06-24 12:41:08 -04:00
Matt Keeler e395efdbdc
Add test to ensure the StopChannelContext works properly 2020-06-24 12:34:57 -04:00
Matt Keeler 934f92f83b
Don’t leak metrics go routines in tests (#8182) 2020-06-24 10:15:25 -04:00
Kenia 6a581de3cb
ui: Refactor composite rows to use description lists and add Tooltips (#8175)
* Update Consul Service List composite rows with Tooltips and description lists

* Update Consul Service Instance List composite rows with Tooltips and description lists

* Removed line height in reduced pill to match the description lists in the composite rows
2020-06-24 09:54:16 -04:00
gitforbit aebb8e09a7
agent-http: cleanup: return nil instead of err (#8043)
Since err is already checked, it should return `nil`
2020-06-24 14:29:21 +02:00
Mike Morris 8a496af085
Update dev.mdx (#8090)
Remove ref to "virtual service" to avoid confusion with L7 routing virtual services, replace with "debug service".
2020-06-24 14:26:01 +02:00
Valery V. Vorotyntsev 0e50884525
Fix quorum formula in consensus.mdx (#8166)
[Add & Remove Servers](https://learn.hashicorp.com/consul/day-2-operations/servers)
guide uses `(N/2)+1` quorum formula.  So does the
[Raft implementation](5927dcda05/raft.go (L909)).

Consensus Protocol document uses `(n+1)/2` formula.
This formula is not only different, it conflicts with the
[Deployment Table](https://www.consul.io/docs/internals/consensus.html#deployment_table)
in the same document; e.g., (6+1)/2 = 3, not 4.

Replace `(n+1)/2` with `(N/2)+1` in Consensus Protocol document.
2020-06-24 14:23:36 +02:00
Alvin Huang 6cf07d1b2b
remove set -e for cherry-pick script since we collect errors (#8177) 2020-06-23 18:37:20 -04:00
R.B. Boyer ba83b52b32
connect: upgrade github.com/envoyproxy/go-control-plane to v0.9.5 (#8165) 2020-06-23 15:19:56 -05:00
Chris Piraino c1f485c516
docs: Specify port in host for example (#8167)
This example shows a TLS enabled ingress config on a non-https port.
Currently, that means we require the port to be specified in one of the
host entries to route traffic.
2020-06-23 14:41:51 -05:00
John Cowen aa938190c4
ui: Make sure right trim doesn't try to overtrim (#8171) 2020-06-23 18:34:21 +01:00
Freddy 90758e8100
Merge pull request #8169 from hashicorp/config-entry-ns 2020-06-23 11:15:23 -06:00
John Cowen 8eb1133cac
ui: Add namespaced versions of templated policies (#8173) 2020-06-23 17:58:43 +01:00
freddygv 224f486aef Update namespaces subject-verb agreement 2020-06-23 10:57:30 -06:00
Kenia 6bc1b2be44
ui: Update helper to return Proxy and Service Health if the Service has a Proxy (#8168) 2020-06-23 10:28:29 -04:00
John Cowen ed8d148502
ui: Redesigns for the token/policy/roles listings pages (#8144) 2020-06-23 10:12:04 +01:00
John Cowen c5d0216939
ui: Support for Node Identities (#8137)
* Add all the new data required for NodeIdentities

* Add potential NodeIdentity to the token list component

* Amend the policy-form/selector to allow node identity creation

* Fix up CSS for radio buttons and select label

* Add node-identity policy template component

* Fix up and add acceptance tests for NodeIndentities

* Make sure policy previews take node identities into account

* Only show certain policy markup if those we have those policies

* Potentially temporarily hide dt's that don't have icons yet
2020-06-23 09:59:43 +01:00
freddygv c631e7496a Remove break 2020-06-22 19:59:04 -06:00
freddygv e81b6d25ad Let users know namespaces are ent only in config entry decode 2020-06-22 19:59:04 -06:00
Freddy 146afbe9a2
Merge http2 integration test case into grpc case (#8164)
http2 is covered by grpc since grpc uses http2
2020-06-22 13:09:04 -06:00
s-christoff dd19cfe729
Add AgentMemberStatus const (#8110)
* Add AgentMemberStatus const
2020-06-22 12:18:45 -05:00
Matt Keeler 49cdc631d6
Update CHANGELOG.md 2020-06-22 09:03:02 -04:00
Pierre Souchay 667b36cdba
Returns DNS Error NSDOMAIN when DC does not exists (#8103)
This will allow to increase cache value when DC is not valid (aka
return SOA to avoid too many consecutive requests) and will
distinguish DC being temporarily not available from DC not existing.

Implements https://github.com/hashicorp/consul/issues/8102
2020-06-22 09:01:48 -04:00
Brandon Romano 84100ac893
Merge pull request #8162 from hashicorp/nav-update
Update Nav
2020-06-22 04:15:18 -07:00