Commit Graph

147 Commits (NET-2088-upgrade-test-ingress-gateway)

Author SHA1 Message Date
Derek Menteer 1f7e7abeac
Fix issue with incorrect proxycfg watch on upstream peer-targets. (#15865)
2 years ago
cskh 04bf24c8c1
feat(ingress-gateway): support outlier detection of upstream service for ingress gateway (#15614)
2 years ago
Chris S. Kim 985a4ee1b1
Update hcp-scada-provider to fix diamond dependency problem with go-msgpack (#15185)
2 years ago
Eric Haberkorn 1bdad89026
fix bug that resulted in generating Envoy configs that use CDS with an EDS configuration (#15140)
2 years ago
Kyle Havlovitz aaf892a383 Extend tcp keepalive settings to work for terminating gateways as well
2 years ago
Kyle Havlovitz 2c569f6b9c Update docs and add tcp_keepalive_probes setting
2 years ago
Kyle Havlovitz 2242d1ec4a Add TCP keepalive settings to proxy config for mesh gateways
2 years ago
DanStough 77ab28c5c7 feat: xDS updates for peerings control plane through mesh gw
2 years ago
Eric Haberkorn 1633cf20ea
Make the mesh gateway changes to allow `local` mode for cluster peering data plane traffic (#14817)
2 years ago
Freddy d9fe3578ac
Merge pull request #14734 from hashicorp/NET-643-update-mesh-gateway-envoy-config-for-inbound-peering-control-plane-traffic
2 years ago
freddygv b15d41534f Update xds generation for peering over mesh gws
2 years ago
cskh 69f40df548
feat(ingress gateway: support configuring limits in ingress-gateway c… (#14749)
2 years ago
Eric Haberkorn 6570d5f004
Enable outbound peered requests to go through local mesh gateway (#14763)
2 years ago
freddygv d818d7b096 Manage local server watches depending on mesh cfg
2 years ago
Eric Haberkorn aa8268e50c
Implement Cluster Peering Redirects (#14445)
2 years ago
Eric Haberkorn 3726a0ab7a
Finish up cluster peering failover (#14396)
2 years ago
Eric Haberkorn 72f90754ae
Update max_ejection_percent on outlier detection for peered clusters to 100% (#14373)
2 years ago
Eric Haberkorn ebd5513d4b
Refactor failover code to use Envoy's aggregate clusters (#14178)
2 years ago
DanStough 169ff71132 fix: ipv4 destination dns resolution
2 years ago
Dhia Ayachi 256694b603
inject gateway addons to destination clusters (#13951)
2 years ago
Chris S. Kim 8ed49ea4d0
Update envoy metrics label extraction for peered clusters and listeners (#13818)
2 years ago
DanStough 2da8949d78 feat: convert destination address to slice
2 years ago
Chris S. Kim 495936300e
Make envoy resources for inferred peered upstreams (#13758)
2 years ago
Dan Stough 49f3dadb8f feat: connect proxy xDS for destinations
2 years ago
Chris S. Kim f56810132f Check if an upstream is implicit from either intentions or peered services
2 years ago
Chris S. Kim 02cff2394d Use new maps for proxycfg peered data
2 years ago
Kyle Havlovitz 9097e2b0f0
Merge pull request #13699 from hashicorp/tgate-http2-upstream
2 years ago
Kyle Havlovitz 7d0c692374 Use protocol from resolved config entry, not gateway service
2 years ago
Kyle Havlovitz 7162e3bde2 Enable http2 options for grpc protocol
2 years ago
R.B. Boyer 2317f37b4d
state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726)
2 years ago
Kyle Havlovitz 439eccdd80 Respect http2 protocol for upstreams of terminating gateways
2 years ago
R.B. Boyer 1a9c86ea8f
xds: mesh gateways now correctly load up peer-exported discovery chains using L7 protocols (#13624)
2 years ago
Chris S. Kim fb5eb20563
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508)
2 years ago
DanStough 4b402e3119 feat: tgtwy xDS generation for destinations
2 years ago
R.B. Boyer f557509e58
xds: allow for peered upstreams to use tagged addresses that are hostnames (#13422)
3 years ago
Dan Upton b168424398
xds: remove HTTPCheckFetcher dependency (#13366)
3 years ago
R.B. Boyer 019aeaa57d
peering: update how cross-peer upstreams and represented in proxycfg and rendered in xds (#13362)
3 years ago
Freddy 74ca6406ea
Configure upstream TLS context with peer root certs (#13321)
3 years ago
freddygv 364758ef2f Use embedded SpiffeID for peered upstreams
3 years ago
freddygv c8edec0ab6 Remove intermediate representation of SPIFFE IDs
3 years ago
Kyle Havlovitz f2fbe8aec9 Fix proto lint errors after version bump
3 years ago
Kyle Havlovitz 4bc6c23357 Add connection limit setting to service defaults
3 years ago
R.B. Boyer 25ba9c147a
xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections (#12711)
3 years ago
Kyle Havlovitz 1a3b885027 Use the GatewayService SNI field for upstream SAN validation
3 years ago
Eric Haberkorn 458b1838db
Merge pull request #12659 from hashicorp/bump-go-control-plane
3 years ago
R.B. Boyer e79ce8ab03
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
3 years ago
R.B. Boyer 33fcc83d00 fail on error and use ptypes.MarshalAny for now instead of anypb.New
3 years ago
Eric e4b4f175ed Bump go-control-plane
3 years ago
R.B. Boyer ac5bea862a
server: ensure that service-defaults meta is incorporated into the discovery chain response (#12511)
3 years ago
freddygv cbea3d203c Fix race of upstreams with same passthrough ip
3 years ago