open-nomad/command/agent
Seth Hoenig 14c7cebdea connect: enable automatic expose paths for individual group service checks
Part of #6120

Building on the support for enabling connect proxy paths in #7323, this change
adds the ability to configure the 'service.check.expose' flag on group-level
service check definitions for services that are connect-enabled. This is a slight
deviation from the "magic" that Consul provides. With Consul, the 'expose' flag
exists on the connect.proxy stanza, which will then auto-generate expose paths
for every HTTP and gRPC service check associated with that connect-enabled
service.

A first attempt at providing similar magic for Nomad's Consul Connect integration
followed that pattern exactly, as seen in #7396. However, on reviewing the PR
we realized having the `expose` flag on the proxy stanza inseperably ties together
the automatic path generation with every HTTP/gRPC defined on the service. This
makes sense in Consul's context, because a service definition is reasonably
associated with a single "task". With Nomad's group level service definitions
however, there is a reasonable expectation that a service definition is more
abstractly representative of multiple services within the task group. In this
case, one would want to define checks of that service which concretely make HTTP
or gRPC requests to different underlying tasks. Such a model is not possible
with the course `proxy.expose` flag.

Instead, we now have the flag made available within the check definitions themselves.
By making the expose feature resolute to each check, it is possible to have
some HTTP/gRPC checks which make use of the envoy exposed paths, as well as
some HTTP/gRPC checks which make use of some orthongonal port-mapping to do
checks on some other task (or even some other bound port of the same task)
within the task group.

Given this example,

group "server-group" {
  network {
    mode = "bridge"
    port "forchecks" {
      to = -1
    }
  }

  service {
    name = "myserver"
    port = 2000

    connect {
      sidecar_service {
      }
    }

    check {
      name     = "mycheck-myserver"
      type     = "http"
      port     = "forchecks"
      interval = "3s"
      timeout  = "2s"
      method   = "GET"
      path     = "/classic/responder/health"
      expose   = true
    }
  }
}

Nomad will automatically inject (via job endpoint mutator) the
extrapolated expose path configuration, i.e.

expose {
  path {
    path            = "/classic/responder/health"
    protocol        = "http"
    local_path_port = 2000
    listener_port   = "forchecks"
  }
}

Documentation is coming in #7440 (needs updating, doing next)

Modifications to the `countdash` examples in https://github.com/hashicorp/demo-consul-101/pull/6
which will make the examples in the documentation actually runnable.

Will add some e2e tests based on the above when it becomes available.
2020-03-31 17:15:50 -06:00
..
consul connect: enable proxy.passthrough configuration 2020-03-31 17:15:27 -06:00
event make auditor interface more explicit 2020-03-23 19:32:58 -04:00
monitor unlock before returning, no need for label 2019-11-05 11:44:29 -05:00
pprof Rename profile package to pprof 2020-01-09 15:15:10 -05:00
test-resources chore: Format hcl configurations 2019-07-20 16:55:07 +02:00
testdata update audit examples to an endpoint that is audited 2020-03-30 10:03:11 -04:00
acl_endpoint.go
acl_endpoint_test.go
agent.go connect: enable proxy.passthrough configuration 2020-03-31 17:15:27 -06:00
agent_endpoint.go fixup! vendor: explicit use of hashicorp/go-msgpack 2020-03-31 09:48:07 -04:00
agent_endpoint_test.go test: assert monitor endpoint sets proper headers 2020-03-25 09:45:43 -04:00
agent_oss.go allow all build contexts to use noOpAuditor 2020-03-25 10:38:40 -04:00
agent_test.go add in change missed from ent 2020-03-25 10:53:38 -04:00
alloc_endpoint.go fixup! vendor: explicit use of hashicorp/go-msgpack 2020-03-31 09:48:07 -04:00
alloc_endpoint_test.go acl: check ACL against object namespace 2019-10-08 12:59:22 -04:00
bindata_assetfs.go refactor api profile methods 2020-01-09 15:15:12 -05:00
command.go Audit config, seams for enterprise audit features 2020-03-23 13:47:42 -04:00
command_test.go refactored config validation into a new method, modified Meta.Client 2019-01-08 15:07:36 +00:00
config.go windows: support -dev mode 2020-03-28 12:01:51 -04:00
config_oss.go
config_parse.go fix compilation with correct func 2020-03-23 14:32:11 -04:00
config_parse_test.go update audit examples to an endpoint that is audited 2020-03-30 10:03:11 -04:00
config_test.go Audit config, seams for enterprise audit features 2020-03-23 13:47:42 -04:00
csi_endpoint.go csi: return an empty result list from plugins & volumes without type, not an error (#7471) 2020-03-24 14:28:28 -04:00
deployment_endpoint.go
deployment_endpoint_test.go
eval_endpoint.go
eval_endpoint_test.go
fs_endpoint.go fixup! vendor: explicit use of hashicorp/go-msgpack 2020-03-31 09:48:07 -04:00
fs_endpoint_test.go test: assert fs endpoints are xss safe 2020-03-25 09:45:43 -04:00
helpers.go
helpers_test.go test: fix missing agent shutdowns 2020-02-07 15:50:53 -08:00
http.go fixup! vendor: explicit use of hashicorp/go-msgpack 2020-03-31 09:48:07 -04:00
http_oss.go wrap http.Handlers 2020-03-27 09:35:10 -04:00
http_test.go fixup! vendor: explicit use of hashicorp/go-msgpack 2020-03-31 09:48:07 -04:00
job_endpoint.go connect: enable automatic expose paths for individual group service checks 2020-03-31 17:15:50 -06:00
job_endpoint_test.go jobspec: parse multi expose.path instead of explicit slice 2020-03-31 17:15:27 -06:00
keyring.go
keyring_test.go
log_file.go logging: Correctly track number of written bytes 2019-10-10 14:02:14 +02:00
log_file_test.go logging: Sort files when pruning old logs 2019-10-10 13:51:16 +02:00
log_levels.go Support for hot reloading log levels 2019-07-24 13:37:08 +02:00
log_levels_test.go
metrics_endpoint.go
metrics_endpoint_test.go test: fix flaky TestHTTP_FreshClientAllocMetrics 2020-02-07 15:50:53 -08:00
node_endpoint.go take NodeID from url in api for node eligibility 2019-07-15 18:34:53 +03:00
node_endpoint_test.go tests: remove TestHTTP_NodeDrain_Compat 2020-03-30 07:06:52 -04:00
operator_endpoint.go implement MinQuorum 2020-02-16 16:04:59 -06:00
operator_endpoint_test.go update rest of consul packages 2020-02-16 16:25:04 -06:00
plugins.go move pluginutils -> helper/pluginutils 2019-01-22 15:50:08 -08:00
region_endpoint.go
region_endpoint_test.go
retry_join.go
retry_join_test.go
scaling_endpoint.go bad conversion between api.ScalingPolicy and structs.ScalingPolicy meant 2020-03-24 14:39:06 +00:00
scaling_endpoint_test.go fixed http endpoints for job.register and job.scalestatus 2020-03-24 13:57:16 +00:00
search_endpoint.go
search_endpoint_test.go
stats_endpoint.go
stats_endpoint_test.go
status_endpoint.go
status_endpoint_test.go
stub_asset.go
syslog.go goimports 2019-01-22 15:44:31 -08:00
syslog_test.go goimports 2019-01-22 15:44:31 -08:00
system_endpoint.go
system_endpoint_test.go
testagent.go Simplify Bootstrap logic in tests 2020-03-02 13:47:43 -05:00
testingutils_test.go command/agent: Prune Dead Code (#6682) 2019-11-13 08:20:01 -05:00