luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
15,519 Commits 1 Branch 1 Tag 358 MiB
Commit Graph

3724 Commits

Author SHA1 Message Date
Dhia Ayachi 2d1ac1f7d0
try to perform a leadership transfer when leaving (#11376) 
* try to perform a leadership transfer when leaving

* add a changelog
 2021-10-21 12:44:31 -04:00
Kyle Havlovitz 752a285552 Add new service-exports config entry 2021-10-20 12:24:18 -07:00
Jared Kirschner 716b05f934
Merge pull request #11293 from bisakhmondal/service_filter 
expression validation of service-resolver subset filter
 2021-10-20 08:57:37 -04:00
R.B. Boyer 55dd52cb17
acl: small OSS refactors to help ensure that auth methods with namespace rules work with partitions (#11323) 2021-10-14 15:38:05 -05:00
freddygv f76fddb28e Use stored entmeta to fill authzContext 2021-10-14 08:57:40 -06:00
freddygv bdf3e951f8 Ensure partition is handled by auto-encrypt 2021-10-14 08:32:45 -06:00
FFMMM bb228ab165
fix: only add prom autopilot gauges to servers (#11241) 
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
 2021-10-13 09:25:30 -07:00
Chris S. Kim 0a6d683c84
Update Intentions.List with partitions (#11299) 2021-10-13 10:47:12 -04:00
R.B. Boyer 3e8ece97a8
acl: fix bug in 'consul members' filtering with partitions (#11263) 2021-10-13 09:18:16 -05:00
Bisakh Mondal 929ad1e80f
add service resolver subset filter validation 2021-10-13 02:56:04 +05:30
Connor 2cd80e5f66
Merge pull request #11222 from hashicorp/clly/service-mesh-metrics 
Start tracking connect service mesh usage metrics
 2021-10-11 14:35:03 -05:00
Connor Kelly 2119351f77
Replace fmt.Sprintf with function 2021-10-11 12:43:38 -05:00
FFMMM 7f28301212
fix consul_autopilot_healthy metric emission (#11231) 
https://github.com/hashicorp/consul/issues/10730
 2021-10-08 10:31:50 -07:00
Connor Kelly 38986d6371
Rename ConfigUsageEnterprise to EnterpriseConfigEntryUsage 2021-10-08 10:53:34 -05:00
Connor Kelly 76b3c4ed3c
Rename and prefix ConfigEntry in Usage table 
Rename ConfigUsage functions to ConfigEntry

prefix ConfigEntry kinds with the ConfigEntry table name to prevent
potential conflicts
 2021-10-07 16:19:55 -05:00
Connor Kelly 0e39a7a333
Add connect specific prefix to Usage table 
Ensure that connect Kind's are separate from ConfigEntry Kind's to
prevent miscounting
 2021-10-07 16:16:23 -05:00
Connor Kelly f9ba7c39b5
Add changelog, website and metric docs 
Add changelog to document what changed.
Add entry to telemetry section of the website to document what changed
Add docs to the usagemetric endpoint to help document the metrics in code
 2021-10-05 13:34:24 -05:00
Joshua Montgomery 5446009299
Fixing SOA record to use alt domain when alt domain in use (#10431) 2021-10-05 10:47:27 -04:00
Daniel Nephin e03b7e4c68
Merge pull request #11182 from hashicorp/dnephin/acl-legacy-remove-upgrade 
acl: remove upgrade from legacy, start in non-legacy mode
 2021-10-04 17:25:39 -04:00
Evan Culver e47c5c5ceb
Merge pull request #11118 from hashicorp/eculver/remove-envoy-1.15 
Remove support for Envoy 1.15
 2021-10-04 23:14:24 +02:00
Evan Culver d279c60010
Merge pull request #11115 from hashicorp/eculver/envoy-1.19.1 
Add support for Envoy 1.19.1
 2021-10-04 23:13:26 +02:00
Daniel Nephin b9f0014d70 acl: remove updateEnterpriseSerfTags 
The only remaining caller is a test helper, and the tests don't use the enterprise gossip
pools.
 2021-10-04 17:01:51 -04:00
Daniel Nephin 5ac360b22d
Merge pull request #11126 from hashicorp/dnephin/acl-legacy-remove-resolve-and-get-policy 
acl: remove ACL.GetPolicy RPC endpoint and ACLResolver.resolveTokenLegacy
 2021-10-04 16:29:51 -04:00
Connor Kelly ed5693b537
Add metrics to count the number of service-mesh config entries 2021-10-04 14:50:17 -05:00
Connor Kelly 9c487389cf
Add metrics to count connect native service mesh instances 
This will add the counts of the service mesh instances tagged by
whether or not it is connect native
 2021-10-04 14:37:05 -05:00
Connor Kelly 8000ea45ca
Add metrics to count service mesh Kind instance counts 
This will add the counts of service mesh instances tagged by the
different ServiceKind's.
 2021-10-04 14:36:59 -05:00
Daniel Nephin b6435259c3 acl: fix test failures caused by remocving legacy ACLs 
This commit two test failures:

1. Remove check for "in legacy ACL mode", the actual upgrade will be removed in a following commit.
2. Remove the early WaitForLeader in dc2, because with it the test was
   failing with ACL not found.
 2021-10-01 18:03:10 -04:00
Evan Culver e74ce0fb2e
Add 1.15 versions to too old list 2021-10-01 11:28:26 -07:00
Chris S. Kim 3c8ca0dbd2
agent: Reject partitions in legacy intention endpoints (#11181) 2021-10-01 13:18:57 -04:00
Chris S. Kim bf94949d48
Support partitions in parseIntentionStringComponent (#11202) 2021-10-01 12:36:12 -04:00
Dhia Ayachi 8bd52995d1
fix token list by auth method (#11196) 
* add tests to OIDC authmethod and fix entMeta when retrieving auth-methods

* fix oss compilation error
 2021-10-01 12:00:43 -04:00
Evan Culver 4cdcaf3658
Merge branch 'eculver/envoy-1.19.1' into eculver/remove-envoy-1.15 2021-09-30 11:32:28 -07:00
Evan Culver 7b157bba4e
regenerate more envoy golden files 2021-09-30 10:57:47 -07:00
Daniel Nephin ec935a2486 acl: call stop for the upgrade goroutine when done 
TestAgentLeaks_Server was reporting a goroutine leak without this. Not sure if it would actually
be a leak in production or if this is due to the test setup, but seems easy enough to call it
this way until we remove legacyACLTokenUpgrade.
 2021-09-29 17:36:43 -04:00
Daniel Nephin 0c077d0527 acl: only run startACLUpgrade once 
Since legacy ACL tokens can no longer be created we only need to run this upgrade a single
time when leadership is estalbished.
 2021-09-29 16:22:01 -04:00
Daniel Nephin f21097beda acl: remove reading of serf acl tags 
We no long need to read the acl serf tag, because servers are always either ACL enabled or
ACL disabled.

We continue to write the tag so that during an upgarde older servers will see the tag.
 2021-09-29 15:45:11 -04:00
Daniel Nephin b866e3c4f4 acl: fix test failure 
For some reason removing legacy ACL upgrade requires using an ACL token now
for this WaitForLeader.
 2021-09-29 15:21:30 -04:00
Daniel Nephin ebb2388605 acl: remove legacy ACL upgrades from Server 
As part of removing the legacy ACL system
 2021-09-29 15:19:23 -04:00
Daniel Nephin 41a97360ca acl: fix test failures caused by remocving legacy ACLs 
This commit two test failures:

1. Remove check for "in legacy ACL mode", the actual upgrade will be removed in a following commit.
2. Use the root token in WaitForLeader, because without it the test was
   failing with ACL not found.
 2021-09-29 15:15:50 -04:00
Daniel Nephin b73b68d696 acl: remove ACL.GetPolicy endpoint and resolve legacy acls 
And all code that was no longer used once those two were removed.
 2021-09-29 14:33:19 -04:00
Daniel Nephin b8da06a34d acl: remove ACL upgrading from Clients 
As part of removing the legacy ACL system ACL upgrading and the flag for
legacy ACLs is removed from Clients.

This commit also removes the 'acls' serf tag from client nodes. The tag is only ever read
from server nodes.

This commit also introduces a constant for the acl serf tag, to make it easier to track where
it is used.
 2021-09-29 14:02:38 -04:00
Daniel Nephin 33a5448604
Merge pull request #11136 from hashicorp/dnephin/acl-resolver-fix-default-authz 
acl: fix default Authorizer for down_policy extend-cache/async-cache
 2021-09-29 13:45:12 -04:00
Daniel Nephin afb1dd5827
Merge pull request #11110 from hashicorp/dnephin/acl-legacy-remove-initialize 
acl: remove initializeLegacyACL and the rest of the legacy FSM commands
 2021-09-29 13:44:30 -04:00
Daniel Nephin a9ac148c92
Merge pull request #10999 from hashicorp/dnephin/revert-config-xds-port 
Revert config xds_port
 2021-09-29 13:39:15 -04:00
Daniel Nephin bd28d23b55 command/envoy: stop using the DebugConfig from Self endpoint 
The DebugConfig in the self endpoint can change at any time. It's not a stable API.

This commit adds the XDSPort to a stable part of the XDS api, and changes the envoy command to read
this new field.

It includes support for the old API as well, in case a newer CLI is used with an older API, and
adds a test for both cases.
 2021-09-29 13:21:28 -04:00
Daniel Nephin 2995ac61f2 acl: remove the last of the legacy FSM 
Replace it with an implementation that returns an error, and rename some symbols
to use a Deprecated suffix to make it clear.

Also remove the ACLRequest struct, which is no longer referenced.
 2021-09-29 12:42:23 -04:00
Daniel Nephin a8358f7575 acl: remove bootstrap-init FSM operation 2021-09-29 12:42:23 -04:00
Daniel Nephin ea2e0ad2ec acl: remove initializeLegacyACL from leader init 2021-09-29 12:42:23 -04:00
Daniel Nephin 4e36442583 acl: remove ACLDelete FSM command, and state store function 
These are no longer used now that ACL.Apply has been removed.
 2021-09-29 12:42:23 -04:00
Daniel Nephin 7e37c9a765 acl: remove legacy field to ACLBoostrap 2021-09-29 12:42:23 -04:00