Commit Graph

18509 Commits

Author SHA1 Message Date
twunderlich-grapl 4b3a39c04d
Clarify docs around using either Consul or Vault managed PKI paths (#13295)
* Clarify docs around using either Consul or Vault managed PKI paths

The current docs can be misread to indicate that you need both the
Consul and Vault managed PKI Paths policies. The [Learning Tutorial](https://learn.hashicorp.com/tutorials/consul/vault-pki-consul-connect-ca?in=consul/vault-secure#create-vault-policies)
is clearer. This tries to make the original docs as clear as the
learning tutorial

* Clarify that PKI secret engines are used to store certs

Co-authored-by: Blake Covarrubias <blake.covarrubias@gmail.com>
2022-08-23 17:06:00 -07:00
Rosemary Wang 60ed09fa89
Clarify transparent proxy documentation (#14301)
* Clarify transparent proxy documentation

Some confusion over known limitations for transparent proxy, specifically over federation versus cluster peering.
Updated `KubeDNS` to Kubernetes DNS for consistency with Kubernetes documentation.

Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-08-23 14:52:03 -07:00
Daniel Upton 1cd7ec0543 proxycfg: terminate stream on irrecoverable errors
This is the OSS portion of enterprise PR 2339.

It improves our handling of "irrecoverable" errors in proxycfg data sources.

The canonical example of this is what happens when the ACL token presented by
Envoy is deleted/revoked. Previously, the stream would get "stuck" until the
xDS server re-checked the token (after 5 minutes) and terminated the stream.

Materializers would also sit burning resources retrying something that could
never succeed.

Now, it is possible for data sources to mark errors as "terminal" which causes
the xDS stream to be closed immediately. Similarly, the submatview.Store will
evict materializers when it observes they have encountered such an error.
2022-08-23 20:17:49 +01:00
Ashwin Venkatesh 1e9cb26b65
Updates docs for CRDs (#14267)
Co-authored-by: NicoletaPopoviciu <nicoleta@hashicorp.com>
2022-08-23 15:14:36 -04:00
Tyler Wendlandt 7a3c20ce64
ui: Update badge / pill icon sizing (#14282)
* Update badge icon sizing to be 16x16

* Update icon sizing in pill component
2022-08-23 13:02:40 -06:00
Chris S. Kim 1e7a3b8d8d PR feedback to specify Node name in test mock 2022-08-23 11:51:04 -04:00
Jared Kirschner f6a163f239
Merge pull request #13999 from hashicorp/docs/improve-dns-lookup-variable-consistency
docs: improve consistency of DNS lookup variables
2022-08-23 09:53:04 -04:00
Jared Kirschner 00951602b0 docs: improve consistency of DNS lookup variables
Previously, some variables were wrapped in < > while others were not,
creating ambiguity in whether some labels were a string literal or a
variable.

Now, all variables are wrapped in < >.
2022-08-23 06:47:17 -07:00
Jared Kirschner d5a222fd1a
Merge pull request #14034 from hashicorp/make-proxy-sidecar-for-case-insensitive
Allow uppercase in proxy launch -sidecar-for arg
2022-08-23 09:37:39 -04:00
Jared Kirschner a20c5d0016
Merge pull request #13967 from hashicorp/jkirschner-hashicorp-patch-3
docs: link pq docs to relevant DNS lookup section
2022-08-23 09:23:49 -04:00
Eric Haberkorn 3d45306e1b
Cluster peering failover disco chain changes (#14296) 2022-08-23 09:13:43 -04:00
Jared Kirschner dbeb8a23dc docs: link pq docs to relevant DNS lookup section 2022-08-23 06:02:47 -07:00
Jared Kirschner 90cdc2622d
Merge pull request #14221 from hashicorp/jkirschner-hashicorp-patch-1
docs: update k8s vault connect ca config docs
2022-08-23 09:02:16 -04:00
Jared Kirschner 9189c115a1 docs: update k8s vault connect ca config docs
- Add namespace to additionalConfig example
- Improve the link to additional configuration options available
2022-08-23 05:49:40 -07:00
Tu Nguyen aa25fe1e42 Merge branch 'main' of ssh://github.com/hashicorp/consul 2022-08-22 19:45:15 -07:00
Nathan Coleman 1badd03aa9
Merge pull request #14288 from hashicorp/apigw-docs-x-namespace-cert
Add example code for cross-namespace certificateRefs
2022-08-22 18:23:57 -04:00
Nathan Coleman 34f3729140
Update website/content/docs/api-gateway/configuration/gateway.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-22 16:22:43 -04:00
Nathan Coleman 9362cc6525
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-22 15:14:30 -04:00
Chris S. Kim c14b166b80 Fix flakes 2022-08-22 14:45:31 -04:00
Nathan Coleman 9dd1b95aa7
Update website/content/docs/api-gateway/configuration/gateway.mdx 2022-08-22 14:40:43 -04:00
Nathan Coleman 6f57024d0a
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-22 14:31:19 -04:00
Chris S. Kim 587c57d3f4 Increase heartbeat rate to reduce test flakes 2022-08-22 14:24:05 -04:00
Luke Kysow 96744b581c
Update requirements.mdx (#14286)
* Update requirements.mdx
2022-08-22 11:04:51 -07:00
Chris S. Kim c68e589f26 Remove check for ResponseNonce 2022-08-22 13:55:01 -04:00
Chris S. Kim 0ae3462e61 Add missing mock assertions 2022-08-22 13:55:01 -04:00
Chris S. Kim 575a56062f Fix data race
newMockSnapshotHandler has an assertion on t.Cleanup which gets called before the event publisher is cancelled. This commit reorders the context.WithCancel so it properly gets cancelled before the assertion is made.
2022-08-22 13:55:01 -04:00
cskh e30d6bfc40
Fix: add missing ent meta for test (#14289) 2022-08-22 13:51:04 -04:00
Chris S. Kim 710dc7d008 Add changelog 2022-08-22 13:42:13 -04:00
Chris S. Kim 98d102326f Handle server addresses update as client 2022-08-22 13:42:12 -04:00
Chris S. Kim 205e873689 Send server addresses on update from server 2022-08-22 13:41:44 -04:00
Chris S. Kim 4cf54bef4e Add new subscription for server addresses 2022-08-22 13:40:25 -04:00
Chris S. Kim e1a7456a69 Cleanup unused logger 2022-08-22 13:40:23 -04:00
Nathan Coleman e9ec4f1c25 Correct structure of existing tls.certificateRefs example 2022-08-22 12:34:16 -04:00
Nathan Coleman f47a1c333a Add example code for cross-namespace certificateRefs 2022-08-22 12:33:42 -04:00
Chris S. Kim 9f96f98ab6 Expose external gRPC port in autopilot
The grpc_port was added to a NodeService's meta in ea58f235f5da416224ba615405269661ba1f4d8d
2022-08-22 10:07:00 -04:00
Chris S. Kim b71b187366 Add PeeringServerAddresses proto 2022-08-22 10:04:23 -04:00
Jared Kirschner 8386c3b54f
Merge pull request #14279 from hashicorp/docs/1-13-upgrade-considerations-changelog
docs: add 1.13 upgrade considerations to changelog
2022-08-19 14:32:52 -04:00
Jared Kirschner 9d1086b115 docs: add 1.13 upgrade considerations to changelog 2022-08-19 11:29:57 -07:00
cskh a87d8f48be
fix: missing MaxInboundConnections field in service-defaults config entry (#14072)
* fix:  missing max_inbound_connections field in merge config
2022-08-19 14:11:21 -04:00
Chris Thain f4bfb6d499
Skip Lambda integration tests for fork PRs (#14257) 2022-08-18 16:06:20 -07:00
Jared Kirschner 92b718ad96
Merge pull request #14259 from hashicorp/docs/1-13-upgrade-considerations
docs: add 1.13 upgrade considerations
2022-08-18 18:18:33 -04:00
Jared Kirschner 18bb45db75 docs: add 1.13 upgrade considerations
Adds guidance when upgrading a Consul service mesh deployment to 1.13 and:
- using auto-encrypt or auto-config; or
- the HTTPS port is not enabled on Consul agents
2022-08-18 15:13:21 -07:00
Evan Culver f92aee09f8
Add missing changelog for 1.9.17 (#14053) 2022-08-18 12:59:03 -07:00
Mariano Asselborn 3f88847590
Add version label to Docker image (#14204) 2022-08-18 14:41:34 -04:00
Jared Kirschner b901a2909f
Merge pull request #14231 from hashicorp/jkirschner-hashicorp-patch-4
docs: fix broken markdown
2022-08-18 14:30:22 -04:00
cskh 7f66dfc780
Fix: upgrade pkg imdario/merg to prevent merge config panic (#14237)
* upgrade imdario/merg to prevent merge config panic

* test: service definition takes precedence over service-defaults in merged results
2022-08-17 21:14:04 -04:00
Michele Degges bc6ee86d29
set PRODUCT_VERSION for docker build (#14242)
Changes proposed in this PR:

In `actions-docker-build` we [pass](05c370a26e/scripts/docker_build (L49)) `PRODUCT_VERSION` to the docker build command. Since this was not set, the label did not populate properly which is used in a comparison to determine the `minor-latest` and `latest` docker image tags. 

How I've tested this PR:
 - build the image up to the point of label creation and pass in `--build-arg PRODUCT_VERSION=1.2.3`
 - inspect the image for the label with the above command

How I expect reviewers to test this PR:
- same as above

Related [internal-only] post about this: https://hashicorp.atlassian.net/wiki/spaces/RELENG/pages/2416934922/August+17+2022-+Docker+Build+Failures
2022-08-17 14:48:43 -07:00
James Hartig a5a200e0e9 Use the maximum jitter when calculating the timeout
The timeout should include the maximum possible
jitter since the server will randomly add to it's
timeout a jitter. If the server's timeout is less
than the client's timeout then the client will
return an i/o deadline reached error.

Before:
```
time curl 'http://localhost:8500/v1/catalog/service/service?dc=other-dc&stale=&wait=600s&index=15820644'
rpc error making call: i/o deadline reached
real    10m11.469s
user    0m0.018s
sys     0m0.023s
```

After:
```
time curl 'http://localhost:8500/v1/catalog/service/service?dc=other-dc&stale=&wait=600s&index=15820644'
[...]
real    10m35.835s
user    0m0.021s
sys     0m0.021s
```
2022-08-17 10:24:09 -04:00
Jared Kirschner 149f6a610d
docs: fix broken markdown 2022-08-16 23:08:09 -04:00
Evan Culver 14494d84e0
ci: Replace Nomad integration tests with predictable compatibility matrix (#14220) 2022-08-16 15:33:33 -07:00