open-nomad/client
Seth Hoenig 8b05efcf88 consul/connect: Add support for Connect terminating gateways
This PR implements Nomad built-in support for running Consul Connect
terminating gateways. Such a gateway can be used by services running
inside the service mesh to access "legacy" services running outside
the service mesh while still making use of Consul's service identity
based networking and ACL policies.

https://www.consul.io/docs/connect/gateways/terminating-gateway

These gateways are declared as part of a task group level service
definition within the connect stanza.

service {
  connect {
    gateway {
      proxy {
        // envoy proxy configuration
      }
      terminating {
        // terminating-gateway configuration entry
      }
    }
  }
}

Currently Envoy is the only supported gateway implementation in
Consul. The gateay task can be customized by configuring the
connect.sidecar_task block.

When the gateway.terminating field is set, Nomad will write/update
the Configuration Entry into Consul on job submission. Because CEs
are global in scope and there may be more than one Nomad cluster
communicating with Consul, there is an assumption that any terminating
gateway defined in Nomad for a particular service will be the same
among Nomad clusters.

Gateways require Consul 1.8.0+, checked by a node constraint.

Closes #9445
2021-01-25 10:36:04 -06:00
..
allocdir Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
allochealth lifecycle: successful prestart tasks should not fail deployments 2021-01-13 11:40:21 -05:00
allocrunner consul/connect: Add support for Connect terminating gateways 2021-01-25 10:36:04 -06:00
allocwatcher client/allocwatcher: fix dropped test error (#6592) 2019-10-31 08:29:25 -04:00
config removed backwards-compatible/untagged metrics deprecated in 0.7 2020-10-13 20:18:39 +00:00
consul consul/connect: dynamically select envoy sidecar at runtime 2020-10-13 09:14:12 -05:00
devicemanager Fix some errcheck errors (#9811) 2021-01-14 12:46:35 -08:00
dynamicplugins Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
fingerprint Properly detect unloaded dynamic modules on RHEL derivates. Fixes #9776 2021-01-12 18:28:00 +01:00
interfaces Populate alloc stats API with device stats 2018-11-16 10:26:32 -05:00
lib ar: plumb client config for networking into the network hook 2019-07-31 01:04:06 -04:00
logmon Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
pluginmanager pluginmanager: WaitForFirstFingerprint times out (#9597) 2020-12-10 07:27:15 -08:00
servers client: drop unused DC field from servers list 2019-05-20 14:19:15 -07:00
state Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
stats Update gopsutil code 2020-03-15 09:37:05 +01:00
structs Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
taskenv added documenting unit tests for new TaskEnv.ClientPath method 2021-01-04 22:25:38 +00:00
testutil fixup! vendor: explicit use of hashicorp/go-msgpack 2020-03-31 09:48:07 -04:00
vaultclient Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
acl.go Audit config, seams for enterprise audit features 2020-03-23 13:47:42 -04:00
acl_test.go Event Stream: Track ACL changes, unsubscribe on invalidating changes (#9447) 2020-12-01 11:11:34 -05:00
agent_endpoint.go Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
agent_endpoint_test.go fix params for Agent.Host client RPC (#8795) 2020-08-31 17:14:26 -04:00
alloc_endpoint.go client: improve alloc GC API error messages (#9488) 2021-01-04 11:34:12 -05:00
alloc_endpoint_test.go client: improve alloc GC API error messages (#9488) 2021-01-04 11:34:12 -05:00
alloc_watcher_e2e_test.go tests: swap lib/freeport for tweaked helper/freeport 2019-12-09 08:37:32 -06:00
client.go Fix some errcheck errors (#9811) 2021-01-14 12:46:35 -08:00
client_stats_endpoint.go Server side impl + touch ups 2018-02-15 13:59:02 -08:00
client_stats_endpoint_test.go tests: swap lib/freeport for tweaked helper/freeport 2019-12-09 08:37:32 -06:00
client_test.go Events/msgtype cleanup (#9117) 2020-10-19 09:30:15 -04:00
csi_endpoint.go csi: client RPCs should return wrapped errors for checking (#8605) 2020-08-07 11:01:36 -04:00
csi_endpoint_test.go csi: client RPCs should return wrapped errors for checking (#8605) 2020-08-07 11:01:36 -04:00
driver_manager_test.go tests: fix data race in client TestDriverManager_Fingerprint_Periodic 2019-05-21 09:49:56 -04:00
enterprise_client_oss.go Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
fingerprint_manager.go s/0.13/1.0/g 2020-10-14 15:17:47 -07:00
fingerprint_manager_test.go use allow/deny instead of the colored alternatives (#9019) 2020-10-12 08:47:05 -04:00
fs_endpoint.go fixup! vendor: explicit use of hashicorp/go-msgpack 2020-03-31 09:48:07 -04:00
fs_endpoint_test.go client: fix test umask (#8987) 2020-09-30 08:09:41 -04:00
gc.go Plugins use parent loggers 2019-01-11 11:36:37 -08:00
gc_test.go Events/msgtype cleanup (#9117) 2020-10-19 09:30:15 -04:00
heartbeatstop.go Delayed evaluations for stop_after_client_disconnect can cause unwanted extra followup evaluations around job garbage collection (#8099) 2020-06-03 09:48:38 -04:00
heartbeatstop_test.go docs: s/hearbeat/heartbeat and fix link 2020-07-23 11:33:34 -07:00
node_updater.go client: use NewNodeEvent builder for consistency (#7559) 2020-03-31 10:02:16 -04:00
rpc.go Add gosimple linter (#9590) 2020-12-09 11:05:18 -08:00
rpc_test.go Simplify Bootstrap logic in tests 2020-03-02 13:47:43 -05:00
testing.go consul/connect: dynamically select envoy sidecar at runtime 2020-10-13 09:14:12 -05:00
util.go Revert "client: defensive against getting stale alloc updates" 2020-06-19 15:39:44 -04:00
util_test.go Update state with server 2018-10-16 16:53:29 -07:00