Mitchell Hashimoto
a7690301f9
agent/config: add AllowManagedRoot
2018-06-25 12:25:11 -07:00
Kyle Havlovitz
549dc22944
connect: fix two CA tests that were broken in a previous PR ( #60 )
2018-06-25 12:25:10 -07:00
Paul Banks
a8d3131de9
Return defensive error if API response is jank
2018-06-25 12:25:10 -07:00
Paul Banks
f6a804029f
Refactor resolver logic to be clearer
2018-06-25 12:25:10 -07:00
Paul Banks
3433020fa6
Fix roots race with CA setup hammering bug and defensive nil check hit during obscure upgrade scenario
2018-06-25 12:25:10 -07:00
Mitchell Hashimoto
866dac5db2
website: example typo
2018-06-25 12:25:10 -07:00
Mitchell Hashimoto
00068d6d35
website: clarify custom proxy integration and custom managed proxies
2018-06-25 12:25:10 -07:00
Paul Banks
57595dae2a
Fix "fail open" wording
...
"fail open" implies that we just allow anything if an agent gets partitioned which is not the right meaning!
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
86200f2d03
docs: add Connect CA overview
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
e401384194
docs: add agent config options for connect/CA
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
1ce8361aa2
agent: format all CA config fields
2018-06-25 12:25:09 -07:00
Kyle Havlovitz
a242e5b130
agent: update accepted CA config fields and defaults
2018-06-25 12:25:09 -07:00
Mitchell Hashimoto
7846206753
agent/proxy: fix build on Windows
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
67d8cae7d0
website: update security model
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
f0e9076b8b
website: clarify namespaces, conflict
2018-06-25 12:24:17 -07:00
Paul Banks
d0c2f88aba
More misc comment cleanup
2018-06-25 12:24:17 -07:00
Paul Banks
6c77f7883e
Misc comment cleanups
2018-06-25 12:24:16 -07:00
Paul Banks
d0674cdd7a
Warn about killing proxies in dev mode
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
7e796fd07b
api: update intention struct for precedence
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
dc7d662731
website: clarify tiebreaker behavior
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
2244844bee
website: document the precedence table
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
4ebddd6adb
agent/consul: set precedence value on struct itself
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
dd042db965
website: document multi-DC, caching, clarify prepared queries and
...
multi-DC
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
db72f1018c
website: fix typo
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
61c7e33a22
agent/config: move ports to ports
structure, update docs
2018-06-25 12:24:15 -07:00
Paul Banks
01594710c6
Fix unreachable code warning from go vet
2018-06-25 12:24:15 -07:00
Paul Banks
d140612350
Fixs a few issues that stopped this working in real life but not caught by tests:
...
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
- Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
- Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
- Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
36adf98cc4
api: change Connect to a query option
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
83a06df778
connect: remove old unused code
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
cc4871842c
website: address feedback
2018-06-25 12:24:14 -07:00
Paul Banks
3df45ac7f1
Don't kill proxies on agent shutdown; backport manager close fix
2018-06-25 12:24:13 -07:00
Paul Banks
877390cd28
Test for adopted process Stop race and fix
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
d8715f910b
website: Go native integration with Connect
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
ce5e2a9ed2
website: connect native overview
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
692f1ef357
command/connect/proxy: can specify prepared query upstream types
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
4f8fbd53d3
connect: support prepared query resolution
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
489c84f953
connect: resolver works with native services
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
53c62b7a97
website: clarify where constraints go
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
5bc17838f3
api: support ExecuteConnect
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
e016f37ae7
agent: accept connect param for execute
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
52c10d2208
agent/consul: support a Connect option on prepared query request
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
e8c899b1b8
agent/consul: prepared query supports "Connect" field
2018-06-25 12:24:11 -07:00
Mitchell Hashimoto
e3562e39cc
agent: intention create returns 500 for bad body
2018-06-25 12:24:10 -07:00
Mitchell Hashimoto
62512adb84
api: support native connect
2018-06-25 12:24:10 -07:00
Mitchell Hashimoto
ad382d7351
agent: switch ConnectNative to an embedded struct
2018-06-25 12:24:10 -07:00
Mitchell Hashimoto
c055bde8c5
website: add docs for connect native services API
2018-06-25 12:24:10 -07:00
Paul Banks
1e5a2561b6
Make tests pass and clean proxy persistence. No detached child changes yet.
...
This is a good state for persistence stuff to re-start the detached child work that got mixed up last time.
2018-06-25 12:24:10 -07:00
Paul Banks
3bac52480e
Abandon daemonize for simpler solution (preserving history):
...
Reverts:
- bdb274852ae469c89092d6050697c0ff97178465
- 2c689179c4f61c11f0016214c0fc127a0b813bfe
- d62e25c4a7ab753914b6baccd66f88ffd10949a3
- c727ffbcc98e3e0bf41e1a7bdd40169bd2d22191
- 31b4d18933fd0acbe157e28d03ad59c2abf9a1fb
- 85c3f8df3eabc00f490cd392213c3b928a85aa44
2018-06-25 12:24:10 -07:00
Paul Banks
9ef748157a
WIP
2018-06-25 12:24:09 -07:00
Paul Banks
9cea27c66e
Sanity check that we are never trying to self-exec a test binary. Add daemonize bypass for TestAgent so that we don't have to jump through ridiculous self-execution hooks for every package that might possibly invoke a managed proxy
2018-06-25 12:24:09 -07:00