Commit Graph

19191 Commits

Author SHA1 Message Date
Jeff Boruszak ecdaf9b7c9
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-10-11 09:34:36 -05:00
Jeff Boruszak 3c30b64220
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-11 09:34:17 -05:00
Mariano Asselborn e6d19fcad8
Enable ironbank integration (#14931) 2022-10-11 10:27:06 -04:00
freddygv 9f0ab69aef Fix alias check leak
Preivously when alias check was removed it would not be stopped nor
cleaned up from the associated aliasChecks map.

This means that any time an alias check was deregistered we would
leak a goroutine for CheckAlias.run() because the stopCh would never
be closed.

This issue mostly affects service mesh deployments on platforms where
the client agent is mostly static but proxy services come and go
regularly, since by default sidecars are registered with an alias check.
2022-10-10 16:42:29 -06:00
James Oulman a8695c88d4
Configure Envoy alpn_protocols based on service protocol (#14356)
* Configure Envoy alpn_protocols based on service protocol

* define alpnProtocols in a more standard way

* http2 protocol should be h2 only

* formatting

* add test for getAlpnProtocol()

* create changelog entry

* change scope is connect-proxy

* ignore errors on ParseProxyConfig; fixes linter

* add tests for grpc and http2 public listeners

* remove newlines from PR

* Add alpn_protocol configuration for ingress gateway

* Guard against nil tlsContext

* add ingress gateway w/ TLS tests for gRPC and HTTP2

* getAlpnProtocols: add TCP protocol test

* add tests for ingress gateway with grpc/http2 and per-listener TLS config

* add tests for ingress gateway with grpc/http2 and per-listener TLS config

* add Gateway level TLS config with mixed protocol listeners to validate ALPN

* update changelog to include ingress-gateway

* add http/1.1 to http2 ALPN

* go fmt

* fix test on custom-trace-listener
2022-10-10 13:13:56 -07:00
Freddy 9e93ddd174
Merge pull request #14747 from hashicorp/kisunji/NET-801-add-peer-stream-status 2022-10-10 14:07:54 -06:00
freddygv 9e54791c98 Add changelog entry 2022-10-10 13:35:12 -06:00
freddygv 55b5c1a073 Fixup test 2022-10-10 13:20:14 -06:00
Chris S. Kim 7f48033d0b Fix nil pointer 2022-10-10 13:20:14 -06:00
Chris S. Kim 9d4fb0445a Include stream-related information in peering endpoints 2022-10-10 13:20:14 -06:00
cskh 325eb4e8c0
docs: fix missing agent caching method (#14928) 2022-10-10 14:38:04 -04:00
Paul Glass a3fccf5e5b
Merge central config for GetEnvoyBootstrapParams (#14869)
This fixes GetEnvoyBootstrapParams to merge in proxy-defaults and service-defaults.

Co-authored-by: Dan Upton <daniel@floppy.co>
2022-10-10 12:40:27 -05:00
Freddy 928a9c545f
Merge pull request #14918 from hashicorp/fix/metrics-checker 2022-10-10 11:12:37 -06:00
Geoffrey Grosenbach 93422ea1f1
Fix outdated support email address (#14907)
The software delivery support email address is no longer valid. This replaces it with a link to the official support website.
2022-10-07 16:29:38 -07:00
Kyle Schochenmaier 300471bd9e
update helm docs (#14912) 2022-10-07 16:07:57 -07:00
Freddy 8d93f120ea
Merge pull request #14796 from hashicorp/peering/use-connect-ca 2022-10-07 10:37:37 -06:00
Freddy 92d0231f5a
Merge pull request #14917 from hashicorp/dans/NET-718/peering-outbound-mesh-gateway-xds 2022-10-07 10:20:38 -06:00
freddygv 3ecb29ff42 Add changelog entry 2022-10-07 09:54:08 -06:00
freddygv ae9b3eb662 Fixup test 2022-10-07 09:34:16 -06:00
freddygv 05a8f3e394 Ensure lines were modified
It's possible that the output of the diff contains surrounding lines
that were not modified. This change filters further to lines that were
added or removed.
2022-10-07 09:24:37 -06:00
freddygv 6ef8d329d2 Require Connect and TLS to generate peering tokens
By requiring Connect and a gRPC TLS listener we can automatically
configure TLS for all peering control-plane traffic.
2022-10-07 09:06:29 -06:00
freddygv a21e5799f7 Use internal server certificate for peering TLS
A previous commit introduced an internally-managed server certificate
to use for peering-related purposes.

Now the peering token has been updated to match that behavior:
- The server name matches the structure of the server cert
- The CA PEMs correspond to the Connect CA

Note that if Conect is disabled, and by extension the Connect CA, we
fall back to the previous behavior of returning the manually configured
certs and local server SNI.

Several tests were updated to use the gRPC TLS port since they enable
Connect by default. This means that the peering token will embed the
Connect CA, and the dialer will expect a TLS listener.
2022-10-07 09:05:32 -06:00
freddygv 1c696922fe Simplify mgw watch mgmt 2022-10-07 08:54:37 -06:00
freddygv b67d001b2c Use existing query options to build ctx 2022-10-07 08:46:53 -06:00
DanStough df94470e76 feat: xDS updates for peerings control plane through mesh gw 2022-10-07 08:46:42 -06:00
Tyler Wendlandt 11fe7dc8c5
ui: Remove node name from agentless service instance (#14903)
* [NET-949]: Remove node name from agentless instance

* Add changelog entry
2022-10-07 04:01:34 -06:00
Tim Rosenblatt 9335a5e2e1
Fixes broken URLs in Dataplane docs (#14910) 2022-10-06 19:23:02 -07:00
Jared Kirschner 4ad6e435b8
Merge pull request #14898 from hashicorp/docs/new-vault-connect-ca-permissions-needed
docs: vault ca provider patch upgrade guidance
2022-10-06 19:11:50 -04:00
Jared Kirschner 4ffa54d8b7 docs: vault ca provider patch upgrade guidance 2022-10-06 16:04:43 -07:00
HashiBot 68bc1bc559
website: upgrade next version (#14906)
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
2022-10-06 14:15:47 -05:00
Tyler Wendlandt d64b9d9722
ui: Update empty-state copy throughout app (#14721)
* Update empty-state copy throughout app

Update empty-states throughout the app to only include mentions of ACLs if the user has ACLs enabled.

* Update peers empty state copy
Flip the empty state copy logic for peers. Small typo fixes on other empty states.

* Update Node empty state with docs

* Update intentions empty state
Make ACL copy dependent on if acls are enabled.

* Update Nodes empty state learn copy

* Fix binding rule copy key
2022-10-06 11:01:49 -06:00
Michael Klein 4df01dd6a1
ui: Setup Hashicorp Design System for usage in consul-ui (#14394)
* Use postcss instead of ember-cli-sass

This will make it possible to work with tailwindcss.

* configure postcss to compile sass
* add "sub-app" css into app/styles tree

* pin node@14 via volta

Only used by people that use volta

* Install tailwind and autoprefixer

* Create tailwind config

* Use tailwind via postcss

* Fix: tailwind changes current styling

When adding tailwind to the bottom of app.scss we apparently
change the way the application looks. We will import
it first to make sure we don't change the current styling
of the application right now.

* Automatic import of HDS colors in tailwind

* Install @hashicorp/design-system-components

* install add-on
* setup postcss scss pipeline to include tokens css
* import add-on css

* Install ember-auto-import v2

HDS depends on v2 of ember-auto-import so we need to upgrade.

* Upgrade ember-cli-yadda

v0.6.0 of ember-cli-yadda adds configuration for webpack.
This configuration is incompatible with webpack v5
which ember-auto-import v2 is using.
We need to upgrade ember-cli-yadda to the latest
version that fixes this incompatability with auto-import v2

* Install ember-flight-icons

HDS components are using the addon internally.

* Document HDS usage in engineering docs

* Upgrade ember-cli-api-double

* fix new linting errors
2022-10-06 17:17:20 +02:00
Eric Haberkorn 2f08fab317
Make the mesh gateway changes to allow `local` mode for cluster peering data plane traffic (#14817)
Make the mesh gateway changes to allow `local` mode for cluster peering data plane traffic
2022-10-06 09:54:14 -04:00
cskh 53ff317b01
fix: missing UDP field in checkType (#14885)
* fix: missing UDP field in checkType

* Add changelog

* Update doc
2022-10-05 15:57:21 -04:00
Derek Menteer fbee1272e7
Fix explicit tproxy listeners with discovery chains. (#14751)
Fix explicit tproxy listeners with discovery chains.
2022-10-05 14:38:25 -05:00
Tyler Wendlandt 734be3fa11
ui: Wrap service names on show and instance routes (#14771)
* Wrap service names on show and instance routes
Moves the trailing type/kind/actions to the second row of the header
no matter what length the service name is. Wraps service name text.

* Change grid format of AppView globally

* Add tooltips to the last element of breadcrumbs
2022-10-05 13:21:34 -06:00
Matt Keeler bca6f8ae4a
Add changelog entry for #12890 2022-10-05 13:35:07 -04:00
Alex Oskotsky 4d9309327f
Add the ability to retry on reset connection to service-routers (#12890) 2022-10-05 13:06:44 -04:00
Tu Nguyen 71a4c5cce4
fix broken links (#14892) 2022-10-05 09:54:49 -07:00
cskh 2a4d420c96
fix(api): missing peer name in query option (#14835) 2022-10-05 10:04:08 -04:00
Michael Klein 1f62594deb
Allow managed-runtime badge to be dynamic (#14853) 2022-10-05 11:48:03 +02:00
Nathan Coleman 4f4ad4ce2f
Merge pull request #14880 from hashicorp/nathancoleman-patch-1
Update CAPIGW comparison docs
2022-10-04 20:14:23 -04:00
Ashlee M Boyer 16dca09a62
Merge pull request #14878 from hashicorp/docs/amb.fix-broken-links
[docs] Fix broken Learn link
2022-10-04 19:11:06 -05:00
Ashlee Boyer dbcbebdb5d empty commit 2022-10-04 20:09:33 -04:00
John Murret 08203ace4a
Upgrade serf to v0.10.1 and memberlist to v0.5.0 to get memberlist size metrics and broadcast queue depth metric (#14873)
* updating to serf v0.10.1 and memberlist v0.5.0 to get memberlist size metrics and memberlist broadcast queue depth metric

* update changelog

* update changelog

* correcting changelog

* adding "QueueCheckInterval" for memberlist to test

* updating integration test containers to grab latest api
2022-10-04 17:51:37 -06:00
Nathan Coleman a93b1b510c
Update website/content/docs/consul-vs-other/api-gateway-compare.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-10-04 19:41:16 -04:00
Nathan Coleman 5bdfbf2c21
Update website/content/docs/consul-vs-other/api-gateway-compare.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-10-04 18:05:03 -04:00
Nathan Coleman 7ac4fca0b9
Use consistent casing for "Consul API Gateway" vs. "API gateway" 2022-10-04 17:35:58 -04:00
Nathan Coleman 94963f90b6
Update documentation link to improve readability 2022-10-04 17:34:32 -04:00
Ashlee Boyer 0a6ad4169f Empty-Commit 2022-10-04 16:39:56 -04:00