Commit Graph

17459 Commits

Author SHA1 Message Date
Daniel Nephin 5bd73fc218 debug: limit the size of the trace
We've noticed that a trace that is captured over the full duration is
too large to open on most machines. A trace.out captured over just the
interval period (30s by default) should be a more than enough time to
capture trace data.
2022-02-15 14:15:34 -05:00
Evan Culver 7c735abe22
ci: fix stalebot config (#12346) 2022-02-15 11:13:32 -08:00
Jeff-Apple bf1e2d79f8
Merge pull request #12352 from hashicorp/Jeff-Apple-patch-1
Fix broken link on Downloads page on wedsite
2022-02-15 08:28:04 -08:00
Jeff-Apple 9216b79666
Fix broken link on Downloads page on wedsite
The link to the Kubernetes Quickstart guide had a typo (space character) in the URL.
2022-02-15 07:45:47 -08:00
Chris S. Kim 2a973028ae
ci: Fix merge conflicts cleanly (#12249) 2022-02-14 23:12:36 -05:00
R.B. Boyer b216d52b66
server: conditionally avoid writing a config entry to raft if it was already the same (#12321)
This will both save on unnecessary raft operations as well as
unnecessarily incrementing the raft modify index of config entries
subject to no-op updates.
2022-02-14 14:39:12 -06:00
R.B. Boyer ef8cc33949
raft: update to v1.3.5 (#12325)
This includes closing some leadership transfer gaps and adding snapshot
restore progress logging.
2022-02-14 13:48:52 -06:00
Evan Culver ff53f38af3
Add release notes from 1.11.3, 1.10.8 and 1.9.15 (#12333)
> Did we want to update the individual branches as well ?

Yes, I have PRs for those: #12335, #12336, and #12337.
2022-02-14 11:24:14 -08:00
Matt Siegel 497a2e0250
Merge pull request #12332 from hashicorp/consul-1_11_3-version-update
Update version.js for Consul 1.11.3
2022-02-14 13:00:11 -05:00
Matt Siegel 1d08cb045e
Update version.js 2022-02-14 12:54:30 -05:00
FFMMM 1f8fb17be7
Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311)
This commit syncs ENT changes to the OSS repo.

Original commit details in ENT:

```
commit 569d25f7f4578981c3801e6e067295668210f748
Author: FFMMM <FFMMM@users.noreply.github.com>
Date:   Thu Feb 10 10:23:33 2022 -0800

    Vendor fork net rpc (#1538)

    * replace net/rpc w consul-net-rpc/net/rpc

    Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>

    * replace msgpackrpc and go-msgpack with fork from mono repo

    Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>

    * gofmt all files touched

    Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
```

Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2022-02-14 09:45:45 -08:00
R.B. Boyer d54a3e6aa1
missed this test adjustment (#12331) 2022-02-14 11:39:00 -06:00
R.B. Boyer 0b80f70a39
local: fixes a data race in anti-entropy sync (#12324)
The race detector noticed this initially in `TestAgentConfigWatcherSidecarProxy` but it is not restricted to just tests.

The two main changes here were:

- ensure that before we mutate the internal `agent/local` representation of a Service (for tags or VIPs) we clone those fields
- ensure that there's no function argument joint ownership between the caller of a function and the local state when calling `AddService`, `AddCheck`, and related using `copystructure` for now.
2022-02-14 10:41:33 -06:00
Dao Thanh Tung 0519a9240e
URL-encode/decode resource names for HTTP API part 5 (#12297) 2022-02-14 10:47:06 -05:00
Mark Anderson fa95afdcf6 Refactor to make ACL errors more structured. (#12308)
* First phase of refactoring PermissionDeniedError

Add extended type PermissionDeniedByACLError that captures information
about the accessor, particular permission type and the object and name
of the thing being checked.

It may be worth folding the test and error return into a single helper
function, that can happen at a later date.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-02-11 12:53:23 -08:00
Daniel Nephin 913848c893
Merge pull request #12322 from hashicorp/dnephin/update-check-docs
Add 7th check registration flow to developer docs
2022-02-11 15:22:24 -05:00
Daniel Nephin 0fad917f13
Add 7th check registration flow to docs
Credit to Freddy for finding this a while ago.
2022-02-11 15:11:22 -05:00
R.B. Boyer d2a5a06006
ensure make dev target puts the newly constructed binary onto the PATH (#12318)
This restores the prior behavior of make dev and ensures that tests
using the sdk package (like the api package) will correctly locate the
consul binary under test.

Also ensure the constructed consul binary is present on the path for sdk-based tests.
2022-02-11 10:45:37 -06:00
John Cowen 961f144b1c
ui: Disclosure Component amends plus DisclosureMenu Component (#12304)
* ui: Disclosure amends plus DisclosureMenu

Co-authored-by: Jamie White <jamie@jgwhite.co.uk>
2022-02-11 14:11:16 +00:00
John Cowen ab3b765a88
ui: Make sure saving intentions from topology includes the partition (#12317) 2022-02-11 13:58:01 +00:00
John Cowen 72a10582d0
ui: Stop ember-data overwriting SyncTimes (#12315) 2022-02-11 13:54:46 +00:00
John Cowen c6342969c5
ui: Exclude Service Health from Node listing page (#12248)
This commit excludes the health of any service instances from the Node Listing page. This means that if you are viewing the Node listing page you will only see failing nodes if there are any Node Checks failing, Service Instance Health checks are no longer taken into account.

Co-authored-by: Jamie White <jamie@jgwhite.co.uk>
2022-02-11 09:52:27 +00:00
Freddy f45bec7779
Merge pull request #12223 from hashicorp/proxycfg/passthrough-cleanup 2022-02-10 17:35:51 -07:00
freddygv 88832f692a Add changelog entry 2022-02-10 17:21:34 -07:00
freddygv 8eaca35df1 Account for upstream targets in another DC.
Transparent proxies typically cannot dial upstreams in remote
datacenters. However, if their upstream configures a redirect to a
remote DC then the upstream targets will be in another datacenter.

In that sort of case we should use the WAN address for the passthrough.
2022-02-10 17:01:57 -07:00
freddygv 7fba7456ec Fix race of upstreams with same passthrough ip
Due to timing, a transparent proxy could have two upstreams to dial
directly with the same address.

For example:
- The orders service can dial upstreams shipping and payment directly.
- An instance of shipping at address 10.0.0.1 is deregistered.
- Payments is scaled up and scheduled to have address 10.0.0.1.
- The orders service receives the event for the new payments instance
before seeing the deregistration for the shipping instance. At this
point two upstreams have the same passthrough address and Envoy will
reject the listener configuration.

To disambiguate this commit considers the Raft index when storing
passthrough addresses. In the example above, 10.0.0.1 would only be
associated with the newer payments service instance.
2022-02-10 17:01:57 -07:00
freddygv d5a2eb677f Ensure passthrough addresses get cleaned up
Transparent proxies can set up filter chains that allow direct
connections to upstream service instances. Services that can be dialed
directly are stored in the PassthroughUpstreams map of the proxycfg
snapshot.

Previously these addresses were not being cleaned up based on new
service health data. The list of addresses associated with an upstream
service would only ever grow.

As services scale up and down, eventually they will have instances
assigned to an IP that was previously assigned to a different service.
When IP addresses are duplicated across filter chain match rules the
listener config will be rejected by Envoy.

This commit updates the proxycfg snapshot management so that passthrough
addresses can get cleaned up when no longer associated with a given
upstream.

There is still the possibility of a race condition here where due to
timing an address is shared between multiple passthrough upstreams.
That concern is mitigated by #12195, but will be further addressed
in a follow-up.
2022-02-10 17:01:57 -07:00
Freddy bb129384b7
Prevent xDS tight loop on cfg errors (#12195) 2022-02-10 15:37:36 -07:00
Jared Kirschner 5f84b8dfba
Merge pull request #12285 from hashicorp/readme-logo-dark-mode
Make README header look good in dark mode
2022-02-10 17:26:12 -05:00
Dhia Ayachi de7598f064
fix race when starting a service while the agent `serviceManager` is … (#12302)
* fix race when starting a service while the agent `serviceManager` is stopping

* add changelog
2022-02-10 13:30:49 -05:00
Bryce Kalow 80be396bec
website: removes references to nextjs-scripts (#12299) 2022-02-10 11:07:41 -06:00
John Cowen d3e5d6edc4
ui: Ensure proxy instance health is taken into account in Service Instance Listings (#12279)
We noticed that the Service Instance listing on both Node and Service views where not taking into account proxy instance health. This fixes that up so that the small health check information in each Service Instance row includes the proxy instances health checks when displaying Service Instance health (afterall if the proxy instance is unhealthy then so is the service instance that it should be proxying)

* Refactor Consul::InstanceChecks with docs

* Add to-hash helper, which will return an object keyed by a prop

* Stop using/relying on ember-data type things, just use a hash lookup

* For the moment add an equivalent "just give me proxies" model prop

* Start stitching things together, this one requires an extra HTTP request

..previously we weren't even requesting proxies instances here

* Finish up the stitching

* Document Consul::ServiceInstance::List while I'm here

* Fix up navigation mocks Name > Service
2022-02-10 15:28:26 +00:00
John Cowen f6d233e4aa
ui: ShadowTemplate component (#12259) 2022-02-10 14:50:42 +00:00
Daniel Nephin db4675bd1a
Merge pull request #12277 from hashicorp/dnephin/panic-in-service-register
catalog: initialize the refs map to prevent a nil panic
2022-02-09 19:48:22 -05:00
trujillo-adam 919f32270a Refactored the ACL documentation 2022-02-09 16:07:49 -08:00
Daniel Nephin 6376141464 config-entry: fix a panic when registering a service or ingress gateway 2022-02-09 18:49:48 -05:00
mrspanishviking bcd2d73397
Merge pull request #12296 from hashicorp/admin-tutorial-add
adding new tutorial
2022-02-09 10:02:26 -07:00
Karl Cardenas 20a463d003
adding new tutorial 2022-02-09 07:45:44 -07:00
mrspanishviking 6c95b27380
Merge pull request #12291 from hashicorp/mgw-improve
docs: update the wan mesh gateway page
2022-02-09 07:03:09 -07:00
John Cowen 1ef0de587f
ui: aria-menu modifier (#12262)
aria-menu modifier plus Menu component (#12266)
2022-02-09 09:47:45 +00:00
Evan Culver aaa78b5890
Add stalebot policy for closing inactive PRs (#11286)
* Add stalebot policy for closing inactive issues and PRs

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2022-02-08 12:21:46 -08:00
John Cowen 46dc0f774b
ui: Disclosure Component (#12263) 2022-02-08 19:24:50 +00:00
Karl Cardenas b1726a7ecb
docs: updated per feedback 2022-02-08 11:02:36 -07:00
Karl Cardenas bdeb752f83
docs: update the wan mesh gateway page 2022-02-08 10:25:27 -07:00
R.B. Boyer 0cd0d505fa
xds: allow only one outstanding delta request at a time (#12236)
Fixes #11876

This enforces that multiple xDS mutations are not issued on the same ADS connection at once, so that we can 100% control the order that they are applied. The original code made assumptions about the way multiple in-flight mutations were applied on the Envoy side that was incorrect.
2022-02-08 10:36:48 -06:00
mrspanishviking ed719d58cf
Merge pull request #12282 from hashicorp/admin-fix
docs: updated admin partitions instructions
2022-02-08 07:19:50 -07:00
Jared Kirschner 6b3760b540 Adjust README header to work in light and dark modes 2022-02-07 16:46:46 -08:00
Jared Kirschner 40d5078d3a Add Consul logomark (no text) asset 2022-02-07 16:46:46 -08:00
Daniel Nephin a4985f2068
Merge pull request #12283 from hashicorp/dnephin/fix-go-test-arm64
ci: fix arm64 build
2022-02-07 17:24:35 -05:00
Daniel Nephin f241dbe149 ci: fix arm64 build
'make dev' is not enough, we need to move it into PATH as well.
2022-02-07 17:11:21 -05:00