Commit graph

17915 commits

Author SHA1 Message Date
acpana 778c796ec9
use EqualPartitions
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
2022-07-27 14:48:30 -07:00
acpana 8042b3aeed
better fix
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
2022-07-27 14:28:08 -07:00
acpana b03467e3bd
sync w ent
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
2022-07-27 11:41:39 -07:00
Chris S. Kim 213e985d17 Reduce arm64 flakes for TestConnectCA_ConfigurationSet_ChangeKeyConfig_Primary
There were 16 combinations of tests but 4 of them were duplicates since the default key type and bits were "ec" and 256. That entry was commented out to reduce the subtest count to 12.

testrpc.WaitForLeader was failing on arm64 environments; the cause is unknown but it might be due to the environment being flooded with parallel tests making RPC calls. The RPC polling+retry was replaced with a simpler check for leadership based on raft.
2022-07-27 13:54:34 -04:00
Chris S. Kim c80ab10527 Retry checks for virtual IP metadata 2022-07-27 13:54:34 -04:00
Chris S. Kim 146dd93775 Sort slice of ServiceNames deterministically 2022-07-27 13:54:34 -04:00
Chris S. Kim 85dd506ecb Remove unnecessary goroutine in flaky test
The watch is established in a background goroutine and the first assertion proves that the watcher is active so there is no reason for the update to happen in a racy goroutine.

Note that this does not completely remove the race condition as the first call to testGetConfigValTimeout could time out before a config is returned.
2022-07-27 13:54:34 -04:00
cskh f7858a1bda
chore: clarify the error message: service.service must not be empty (#13907)
- when register service using catalog endpoint, the key of service
  name actually should be "service". Add this information to the
  error message will help user to quickly fix in the request.
2022-07-27 10:16:46 -04:00
Jared Kirschner 39480deed0
Merge pull request #13914 from hashicorp/docs/remove-comparisons-from-ref-docs
docs: remove comparative info from ref docs site
2022-07-27 02:42:41 -04:00
Jared Kirschner 41f5cd2a37
Merge pull request #12903 from hashicorp/docs/show-cli-cmd-options-before-general-options
Docs: Show CLI command-specific options before general options
2022-07-27 02:18:04 -04:00
Jared Kirschner 13b3430a4e docs: show CLI cmd-specific opts before general opts
Applied to a single command (acl auth-method create).
2022-07-26 22:38:44 -07:00
Jared Kirschner d4a0dde9fd docs: remove comparative info from ref docs site 2022-07-26 22:27:39 -07:00
Iryna Shustava 9bd8c0cd6d
docs: update helm reference docs (#13910) 2022-07-26 17:54:51 -06:00
cskh ae04e2f048
chore: removed unused method AddService (#13905)
- This AddService is not used anywhere.
  AddServiceWithChecks is place of AddService
- Test code is updated
2022-07-26 16:54:53 -04:00
John Cowen 4e5190245e
ui: Make peered intentions read-only (#13814)
* ui: Make peered intentions read-only

* Replace "" to undefined for SourcePeer so its the same as PeerName

* Fixup copypasta

* Ensure tests run with no peers
2022-07-26 17:29:37 +01:00
John Cowen f41a754cbe
ui: Add peering establishment to the peer listing page (#13813)
* ui: Add peering establishment to the peer listing page

* Remove this.form.reset
2022-07-26 15:36:49 +01:00
Michael Klein bf9045db69
ui: add deprecation worfklow addon (#13877)
* add ember-cli-deprecation-workflow

* Add deprecation workflow configuration

This will silence all deprecations by default reducing noise in the test
output significantly.

We can tackle deprecations now one by one but won't have to deal with
very verbose console logs anymore.
2022-07-26 15:01:09 +02:00
alex 0a66d0188d
peering: prevent peering in same partition (#13851)
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
2022-07-25 18:00:48 -07:00
trujillo-adam 0a4dff1763
Merge pull request #13897 from hashicorp/peering-metrics-docs-typo
fixed typo
2022-07-25 16:36:49 -07:00
Nitya Dhanushkodi 03ea6517c9
peering: remove validation that forces peering token server addresses to be an IP, allow hostname based addresses (#13874) 2022-07-25 16:33:47 -07:00
Jared Kirschner 5faa515c91
Merge pull request #12045 from hashicorp/partition-cli-acl-info-and-api-crossref
Partitions: Include ACL Info and API cross-ref for CLI Commands
2022-07-25 19:10:55 -04:00
Luke Kysow 5d4209eaf8
Rename receive to recv in tracker (#13896)
Because it's shorter
2022-07-25 16:08:03 -07:00
Iryna Shustava 2a8280a518
build: add a build job to build and push UBI images to DockerHub (#13808) 2022-07-25 15:43:24 -07:00
Jared Kirschner 641bf837b5 docs: remove unnecessary partition CLI cmd info 2022-07-25 15:31:39 -07:00
Jared Kirschner dd81f6a76f docs: adjust HTTP API/CLI characteristics tables 2022-07-25 15:31:39 -07:00
Jared Kirschner dd12584981 docs: restructure partition API characteristics
The existing characteristics were restructured into a list.
The corresponding CLI command characteristic was added.
2022-07-25 15:31:38 -07:00
Jared Kirschner 44de9aaf4b docs: remove partition subcommand usage headings 2022-07-25 15:31:38 -07:00
Jared Kirschner 13c91ddbdc docs: add partition command characteristics
Characteristics include:
- Required ACL permissions
- Corresponding HTTP API endpoint
- (Lack of) support for blocking queries and agent caching
2022-07-25 15:31:38 -07:00
Jared Kirschner d9d29ad0ed docs: add partial for api/cli characteristics links 2022-07-25 15:31:38 -07:00
trujillo-adam fb461995c0 fixed typo 2022-07-25 14:32:33 -07:00
Luke Kysow a8ae88ec59
peering: read endpoints can now return failing status (#13849)
Track streams that have been disconnected due to an error and
set their statuses to failing.
2022-07-25 14:27:53 -07:00
Kyle Havlovitz ec70713dd3
Merge pull request #13872 from hashicorp/remove-upstream-log
Remove extra logging from ingress upstream watch shutdown
2022-07-25 12:55:30 -07:00
David Yu 56a25ab6cc
docs: followup on grammar and typo for latency requirements (#13888) 2022-07-25 12:50:11 -07:00
alex 79bd7d1817
docs: add peering metric doc (#13862)
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-07-25 12:43:06 -07:00
Chris S. Kim 1f8ae56951
Preserve PeeringState on upsert (#13666)
Fixes a bug where if the generate token is called twice, the second call upserts the zero-value (undefined) of PeeringState.
2022-07-25 14:37:56 -04:00
David Yu 706808dd84
docs: add details around Consul latency requirements (#13881)
* docs: add details around Consul latency requirements
2022-07-25 11:02:31 -07:00
Chris S. Kim c752c5bff2
Update envoy metrics label extraction for peered clusters and listeners (#13818)
Now that peered upstreams can generate envoy resources (#13758), we need a way to disambiguate local from peered resources in our metrics. The key difference is that datacenter and partition will be replaced with peer, since in the context of peered resources partition is ambiguous (could refer to the partition in a remote cluster or one that exists locally). The partition and datacenter of the proxy will always be that of the source service.

Regexes were updated to make emitting datacenter and partition labels mutually exclusive with peer labels.

Listener filter names were updated to better match the existing regex.

Cluster names assigned to peered upstreams were updated to be synthesized from local peer name (it previously used the externally provided primary SNI, which contained the peer name from the other side of the peering). Integration tests were updated to assert for the new peer labels.
2022-07-25 13:49:00 -04:00
Michael Klein 27a55683d5
ui: add peers to node search (#13875)
* Make nodes searchable by peer

* fix only surface peer filter on service search when feature is on
2022-07-25 18:46:47 +02:00
DanStough adc810563f chore: ignore vscode files 2022-07-25 12:31:58 -04:00
DanStough f690d299c9 feat: convert destination address to slice 2022-07-25 12:31:58 -04:00
Luke Kysow 5263980884
Re-document peering disabled (#13879)
Change wording because it does have effect on clients because it
disables peering in the UI served from that client.
2022-07-25 09:30:37 -07:00
Freddy e6f997ac5b
[OSS] Add ACL enforcement to peering endpoints (#13878) 2022-07-25 10:04:10 -06:00
Matt Keeler 6a47c44755
Enable/Disable Peering Support in the UI (#13816)
We enabled/disable based on the config flag.
2022-07-25 11:50:11 -04:00
freddygv 5bbc0cc615 Add ACL enforcement to peering endpoints 2022-07-25 09:34:29 -06:00
Kyle Havlovitz 75efc0649b Remove excess debug log from ingress upstream shutdown 2022-07-22 17:29:38 -07:00
alex b60ebc022e
peering: use ShouldDial to validate peer role (#13823)
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
2022-07-22 15:56:25 -07:00
Luke Kysow d21f793b74
peering: add config to enable/disable peering (#13867)
* peering: add config to enable/disable peering

Add config:

```
peering {
  enabled = true
}
```

Defaults to true. When disabled:
1. All peering RPC endpoints will return an error
2. Leader won't start its peering establishment goroutines
3. Leader won't start its peering deletion goroutines
2022-07-22 15:20:21 -07:00
Kyle Havlovitz 3cbcfd4b13
Merge pull request #13847 from hashicorp/gateway-goroutine-leak
Fix goroutine leaks in proxycfg when using ingress gateway
2022-07-22 14:43:22 -07:00
Freddy 922592d6bb
[OSS] Add new peering ACL rule (#13848)
This commit adds a new ACL rule named "peering" to authorize
actions taken against peering-related endpoints.

The "peering" rule has several key properties:
- It is scoped to a partition, and MUST be defined in the default
  namespace.

- Its access level must be "read', "write", or "deny".

- Granting an access level will apply to all peerings. This ACL rule
  cannot be used to selective grant access to some peerings but not
  others.

- If the peering rule is not specified, we fall back to the "operator"
  rule and then the default ACL rule.
2022-07-22 14:42:23 -06:00
NicoletaPopoviciu 12858f4f90
docs: Updates k8s annotation docs (#13809)
* Updates k8s annotation docs
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-07-22 13:26:31 -07:00