Commit graph

14446 commits

Author SHA1 Message Date
Daniel Nephin 4905ac6f44 rpc: add tests for canRetry
Also accept an RPCInfo instead of interface{}. Accepting an interface
lead to a bug where the caller was expecting the arg to be the response
when in fact it was always passed the request. By accepting RPCInfo
it should indicate that this is actually the request value.

One caller of canRetry already passed an RPCInfo, the second handles
the type assertion before calling canRetry.
2021-05-06 13:30:07 -04:00
Daniel Nephin c38f4869ad rpc: remove unnecessary arg to ForwardRPC 2021-05-06 13:30:07 -04:00
Daniel Nephin 5b1c14a95e api: fix mesh config entry tests for default namespace 2021-05-06 13:25:32 -04:00
Daniel Nephin bc6266cc76 docs: remove name field from Mesh config entry
Also document the name of these config entries in the API docs, so that
users know how to query for them.

And fix the name of mesh on the index page.
2021-05-06 13:25:32 -04:00
Daniel Nephin 72f52255ff http: set consistency header properly
A recent change in 1.9.x inverted the order of these two lines, which caused the
X-Consul-Effective-Consistency header to be missing for the servie health endpoints
2021-05-06 13:19:45 -04:00
Daniel Nephin 3419d126f1 agent/local: do not persist the agent tokens
Only default to the user token and agent token for the sync. Change the
exported methods to only return the stored tokens associated with a
specific check or service.
2021-05-06 13:18:58 -04:00
Daniel Nephin 5c7b0e6339
ci: add a verify CI job to ensure CI checks are run (#10179)
This workflow will be added as a branch protection rule in github.
2021-05-06 12:26:10 -04:00
hc-github-team-consul-core ff4ad0c853 auto-updated agent/uiserver/bindata_assetfs.go from commit 9801551f7 2021-05-05 23:34:22 +00:00
Mike Morris fc26f4b58d ui: add data-enterprise-logo to logo svg for enterprise 2021-05-05 19:30:10 -04:00
Daniel Nephin 59484f2639 Fix config entry test for enterprise meta 2021-05-05 12:31:23 -06:00
freddygv abcfb2aeda Ensure entmeta is encoded in test correlationID 2021-05-05 12:31:23 -06:00
Mark Anderson 42d39973ef
Merge pull request #10185 from hashicorp/ma/uds_fixups
Fixup UDS failing tests.
2021-05-05 11:28:32 -07:00
Mark Anderson 83c083e70c Fixup more structs_test
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-05 10:13:56 -07:00
R.B. Boyer 8dfa0c7561 fix protobufs for socketpath and re-mogrify 2021-05-05 10:13:56 -07:00
Mark Anderson d911041082 Fixup checksums for tests
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-05 10:13:41 -07:00
Mark Anderson a78a891d56 Fixup filtering tests
Missed annotations for SocketPath, LocalSocketPath, LocalServiceSocketPath

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-05 09:28:17 -07:00
Mark Anderson ac4cb213a1 Fixup agent/config tests
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-05 09:28:17 -07:00
Kendall Strautman ab0b90d480
refactor(downloads): source asset from mktg-logos (#10178) 2021-05-05 08:15:27 -07:00
Daniel Nephin 55f620d636
Merge pull request #10155 from hashicorp/dnephin/config-entry-remove-fields
config-entry: remove Kind and Name field from Mesh config entry
2021-05-04 17:27:56 -04:00
Daniel Nephin 0e5e1270b6 config-entries: add a test for the API client
Also fixes a bug with listing kind=mesh config entries. ValidateConfigEntryKind was only being used by
the List endpoint, and was yet another place where we have to enumerate all the kinds.

This commit removes ValidateConfigEntryKind and uses MakeConfigEntry instead. This change removes
the need to maintain two separate functions at the cost of creating an instance of the config entry which will be thrown away immediately.
2021-05-04 17:14:21 -04:00
Mark Anderson c719f1fbb2
Merge pull request #9981 from hashicorp/ma/uds_upstreams
Unix Domain Socket support for upstreams and downstreams
2021-05-04 12:54:34 -07:00
Mark Anderson ecf416aaf6 Add changelog entry
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-04 12:41:43 -07:00
Mark Anderson b9fc9ddc01 Add simple test for downstream sockets
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-04 12:41:43 -07:00
Mark Anderson 10963d0cbd Add support for downstreams
Enhance config by adding SocketPath and LocalSocketPath config values

Supports syntax of the form:
```
services {
  name = "sock_forwarder"
  id = "sock_forwarder.1"
  socket_path = "/tmp/downstream_3.sock"
  connect {
    sidecar_service {
      proxy {
	local_service_socket_path = "/tmp/downstream.sock"
      }
    }
  }
}
```

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-04 12:41:43 -07:00
Mark Anderson c3510e6d47 Add tests for xds/listeners
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-04 12:41:43 -07:00
Mark Anderson 5f04b6abe2 Convert mode to string representation
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-04 12:41:43 -07:00
Mark Anderson 626b27a874 Continue working through proxy and agent
Rework/listeners, rename makeListener

Refactor, tests pass

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-04 12:41:43 -07:00
Mark Anderson 1d9a7df5d4 First changes for unix domain sockets upstreams
Start making structure changes to support unix domain socket address for upstreams

	upstreams = [
	  {
	    destination_name = "echo-service"
	    local_bind_socket_path = "/tmp/upstream.sock"
	    config {
	      passive_health_check {
		interval = "10s"
		max_failures = 42
	      }
	    }
	  }

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-05-04 12:41:43 -07:00
Daniel Nephin d7f7d9aabc
Merge pull request #10161 from hashicorp/dnephin/update-deps
Update a couple dependencies
2021-05-04 14:30:37 -04:00
Daniel Nephin e7e5e8bc1e Add changelog 2021-05-04 14:09:14 -04:00
Daniel Nephin df98027ad1 lint: fix warning by removing reference to deprecated interface 2021-05-04 14:09:14 -04:00
Daniel Nephin 203c752ee8 Update a couple dependencies
To pickup bug fixes
2021-05-04 14:09:10 -04:00
Daniel Nephin db18c69cb0
Merge pull request #10167 from hashicorp/dnephin/ci-cherry-pick-on-release-branch
ci: allow cherry-picking a manual backport to other release branches
2021-05-04 13:49:17 -04:00
hc-github-team-consul-core 1f1c6a0f5e auto-updated agent/uiserver/bindata_assetfs.go from commit 07e11f32e 2021-05-04 16:56:40 +00:00
John Cowen 18a22c0c82
ui: Remove extra nspace value from service upstreams (#10152)
* ui: Remove extra nspace value from service upstreams
2021-05-04 17:42:13 +01:00
hc-github-team-consul-core 7c7b240685 auto-updated agent/uiserver/bindata_assetfs.go from commit fc7fe23b4 2021-05-04 16:36:21 +00:00
John Cowen 8a43d76c8c
ui: Fix text search for upstream instances (#10151)
* ui: Fix text search for upstream instances

* Clean up predicates for other model types

* Add some docs around DataCollection and searching

* Enable UI Engineering Docs for our preview sites

* Use debug CSS in dev and staging
2021-05-04 17:25:57 +01:00
John Cowen 07496c0180
ui: Adds CRD popover 'informed action' for intentions managed by CRDs (#10100)
* ui: Adds CRD popover 'informed action' for intentions add via CRDs
2021-05-04 17:21:54 +01:00
Freddy ec38cf3206
Fixup discovery chain handling in transparent mode (#10168)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

Previously we would associate the address of a discovery chain target
with the discovery chain's filter chain. This was broken for a few reasons:

- If the upstream is a virtual service, the client proxy has no way of
dialing it because virtual services are not targets of their discovery
chains. The targets are distinct services. This is addressed by watching
the endpoints of all upstream services, not just their discovery chain
targets.

- If multiple discovery chains resolve to the same target, that would
lead to multiple filter chains attempting to match on the target's
virtual IP. This is addressed by only matching on the upstream's virtual
IP.

NOTE: this implementation requires an intention to the redirecting
virtual service and not just to the final destination. This is how
we can know that the virtual service is an upstream to watch.

A later PR will look into traversing discovery chains when computing
upstreams so that intentions are only required to the discovery chain
targets.
2021-05-04 08:45:19 -06:00
Paul Banks d47eea3a3f
Make Raft trailing logs and snapshot timing reloadable (#10129)
* WIP reloadable raft config

* Pre-define new raft gauges

* Update go-metrics to change gauge reset behaviour

* Update raft to pull in new metric and reloadable config

* Add snapshot persistance timing and installSnapshot to our 'protected' list as they can be infrequent but are important

* Update telemetry docs

* Update config and telemetry docs

* Add note to oldestLogAge on when it is visible

* Add changelog entry

* Update website/content/docs/agent/options.mdx

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
2021-05-04 15:36:53 +01:00
Luke Kysow eb84a856c4
Give descriptive error if auth method not found (#10163)
* Give descriptive error if auth method not found

Previously during a `consul login -method=blah`, if the auth method was not found, the
error returned would be "ACL not found". This is potentially confusing
because there may be many different ACLs involved in a login: the ACL of
the Consul client, perhaps the binding rule or the auth method.

Now the error will be "auth method blah not found", which is much easier
to debug.
2021-05-03 13:39:13 -07:00
Freddy 5427a1465c
Only consider virtual IPs for transparent proxies (#10162)
Initially we were loading every potential upstream address into Envoy
and then routing traffic to the logical upstream service. The downside
of this behavior is that traffic meant to go to a specific instance
would be load balanced across ALL instances.

Traffic to specific instance IPs should be forwarded to the original
destination and if it's a destination in the mesh then we should ensure
the appropriate certificates are used.

This PR makes transparent proxying a Kubernetes-only feature for now
since support for other environments requires generating virtual IPs,
and Consul does not do that at the moment.
2021-05-03 14:15:22 -06:00
Daniel Nephin 1f2531a664 ci: allow cherry-picking a manual backport to other release branches
If an automatic backport fails to more than one release branch we need
to crate a PR to backport it. So far we've had to create a backport PR
for each target release branch.

With this change, we may be able to create only a single PR, and then
run the backport automation to cherry-pick it into other release
branches.

The idea is that if a change introduced in version n-1 caused a
conflict, and there are no other changes, then the backport automation
should be able to use the same commit for version n-2 and n-3.
2021-05-03 16:09:10 -04:00
Kendall Strautman e33ed2356e
[Assembly]: Website Branding Refresh (#9884)
* style: update gray brand colors

* style: update brand colors

* chore: upgrades base platform deps

* style: updates learn callouts label color

* style: icons to flat consul primary color

* style: errand link styles

* refactor(home): use react-learn-callout

* chore; adds ts config, upgrades components

* chore: upgrade deps

chore: upgrade to latest component styles

chore: upgrades nextjs-scripts

* chore: fix-router

* update deps, add new downloads page

* chore: upgrade to stable deps

chore: use npm 7

* style: home callouts body copy to gray-2

* chore: upgrade hashi-stack-menu

* style: home feature icons update

* chore: upgrade deps body copy colors

* chore: upgrades alert banner

* feat: updates favicon

* style(downloads): adds pre-release and release candidate styles

* fix(home): adds right padding to quote

* content(home): swap assets

* content(uses-cases): updates assets

* chore: removes use cases icon override

* content(use-cases): swap out svgs for pngs

* content: copies asset

* trying again with this asset

* try putting asset in public

* content(use-cases): updates mercedes case study aseset

* chore: upgrades product download page prerelease

* chore: updates product download page to stable

* chore: updates favicon path

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2021-05-03 12:01:36 -07:00
hc-github-team-consul-core 5146f86dfc auto-updated agent/uiserver/bindata_assetfs.go from commit 211bc824a 2021-05-03 15:24:01 +00:00
Hector Simpson 0e9d4ceb0f
Update brand assets (#10081)
* Update header logo and inline icon

* Update full logos + layout on loading screen

* Update favicon assets and strategy
- Switches to serve an ico file alongside an SVG file
- Introduces an apple-touch-icon

* Removes unused favicon/meta assets

* Changelog item for ui

* Create component for logo

* Simplify logo component, set brand color

* Fix docs loading state CSS issue
2021-05-03 16:19:09 +01:00
Frederic Hemberger 2558197260 docs(discovery/service): Clarify multiple service definitions
Be more explicit that the definition of multiple services only works in config files,
not using the HTTP API.

Ref: https://discuss.hashicorp.com/t/register-multiple-services-via-put-request/
2021-04-30 16:46:02 -07:00
Daniel Nephin dcb5b924dc
Merge pull request #10149 from hashicorp/dnephin/config-use-streaming-backend-defualt-true
config: default UseStreamingBackend to true
2021-04-30 16:29:11 -04:00
R.B. Boyer a305b9da8c
dev: adding a make target to regenerate envoy golden files (#10158) 2021-04-30 11:27:12 -05:00
tarat44 af4ec80649 create separate function with its own context to shutdown http2 client conn in h2ping check 2021-04-29 18:05:50 -04:00