Commit Graph

20372 Commits (217d305b38d5c31415e479217d1d2e0f5f98eb41)

Author SHA1 Message Date
Tom Davies f472164f05
Pass configured role name to Vault for AWS auth in Connect CA (#17885) 2023-07-12 08:24:12 -07:00
Curt Bushko 51d8eb8e07
Docs: Update proxy lifecycle annotations and consul-dataplane flags (#18075)
* Update proxy lifecycle annotations and consul-dataplane flags
2023-07-11 23:11:38 -04:00
Nick Irvine 3dc6f8fc06
ci: use gotestsum v1.10.1 [NET-4042] (#18088) 2023-07-11 17:13:54 -07:00
Curt Bushko bd5af7fe7d
Update helm docs on main (#18085) 2023-07-11 19:59:44 -04:00
david3a 0e58c89978
Update service-mesh-compare.mdx (#17279)
grammar change
2023-07-11 23:05:13 +00:00
David Yu bfb921229d
docs updates - cluster peering and virtual services (#18069)
* Update route-to-virtual-services.mdx
* Update establish-peering.mdx
2023-07-11 22:37:53 +00:00
Joshua Timmons a30ba335b6
Fix a couple typos in Agent Telemetry Metrics docs (#18080)
* Fix metrics docs

* Add changelog

Signed-off-by: josh <josh.timmons@hashicorp.com>

---------

Signed-off-by: josh <josh.timmons@hashicorp.com>
2023-07-11 20:13:30 +00:00
Dan Stough da79997f3d
test: fix FIPS inline cert test message (#18076) 2023-07-11 11:28:27 -04:00
Krastin Krastev 7decc305b9
ui: fix typos for peer service imports (#17999) 2023-07-11 16:09:32 +03:00
Dan Stough 1b08626358
[OSS] Fix initial_fetch_timeout to wait for all xDS resources (#18024)
* fix(connect): set initial_fetch_time to wait indefinitely

* changelog

* PR feedback 1
2023-07-10 17:08:06 -04:00
Fulvio f4b08040fd
Add verify server hostname to tls default (#17155) 2023-07-10 10:34:41 -05:00
David Yu b0a2e33e0a
address feedback (#18045) 2023-07-07 10:03:28 -07:00
David Yu b9a6a744d5
docs - add jobs use case for service mesh k8s (#18037)
* docs - add jobs use case for service mesh k8s
* add code blocks
2023-07-07 09:22:03 -07:00
David Yu 85f2ae024c
docs - add service sync annotations and k8s service weight annotation (#18032)
* Docs for https://github.com/hashicorp/consul-k8s/pull/2293
* remove versions for enterprise features since they are old

---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-07-06 19:46:48 +00:00
trujillo-adam 820cdbb226
removed sameness conf entry from failover nav (#18033) 2023-07-06 17:37:38 +00:00
trujillo-adam f7d399f7fc
fix stand-in text for name field (#18030) 2023-07-06 09:31:45 -07:00
Ronald ada3938115
Add first integration test for jwt auth with intention (#18005) 2023-07-06 07:27:30 -04:00
J.C. Jones 7689a5ef2d
Document that DNS lookups can target cluster peers (#17990)
Static DNS lookups, in addition to explicitly targeting a datacenter,
can target a cluster peer. This was added in 95dc0c7b30 but didn't make the documentation.

The driving function for the change is `parseLocality` here: 0b1299c28d/agent/dns_oss.go (L25)

The biggest change in this is to adjust the standard lookup syntax to tie
`.<datacenter>` to `.dc` as required-together, and to append in the similar `.<cluster-peer>.peer` optional argument, both to A record and SRV record lookups.

Co-authored-by: David Yu <dyu@hashicorp.com>
2023-07-05 15:03:42 -07:00
trujillo-adam 548829a72b
updated typo in tab heading (#18022)
* updated typo in tab heading

* updated tab group typo, too
2023-07-05 20:27:49 +00:00
Jeff Boruszak 7ef807df48
docs: Sameness "beta" warning (#18017)
* Warning updates

* .x
2023-07-05 19:56:25 +00:00
Michael Hofer 2c2e62852d
Fix removed service-to-service peering links (#17221)
* docs: fix removed service-to-service peering links

* docs: extend peering-via-mesh-gateways intro (thanks @trujillo-adam)

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-07-05 12:22:21 -07:00
Ranjandas 7f3446ecec
Fixes Traffic rate limitting docs (#17997) 2023-07-05 10:49:19 -07:00
Dan Stough b94095d92e
[OSS] Improve Gateway Test Coverage of Catalog Health (#18011)
* fix(cli): remove failing check from 'connect envoy' registration for api gateway

* test(integration): add tests to check catalog statsus of gateways on startup

* remove extra sleep comment

* Update test/integration/consul-container/libs/assert/service.go

* changelog
2023-07-05 11:30:48 -04:00
Poonam Jadhav 8af4ad178c
feat: include nodes count in operator usage endpoint and cli command (#17939)
* feat: update operator usage api endpoint to include nodes count

* feat: update operator usange cli command to includes nodes count
2023-07-05 11:23:29 -04:00
Derek Menteer 0094dbf312
Fix incorrect protocol for transparent proxy upstreams. (#17894)
This PR fixes a bug that was introduced in:
https://github.com/hashicorp/consul/pull/16021

A user setting a protocol in proxy-defaults would cause tproxy implicit
upstreams to not honor the upstream service's protocol set in its
`ServiceDefaults.Protocol` field, and would instead always use the
proxy-defaults value.

Due to the fact that upstreams configured with "tcp" can successfully contact
upstream "http" services, this issue was not recognized until recently (a
proxy-defaults with "tcp" and a listening service with "http" would make
successful requests, but not the opposite).

As a temporary work-around, users experiencing this issue can explicitly set
the protocol on the `ServiceDefaults.UpstreamConfig.Overrides`, which should
take precedence.

The fix in this PR removes the proxy-defaults protocol from the wildcard
upstream that tproxy uses to configure implicit upstreams. When the protocol
was included, it would always overwrite the value during discovery chain
compilation, which was not correct. The discovery chain compiler also consumes
proxy defaults to determine the protocol, so simply excluding it from the
wildcard upstream config map resolves the issue.
2023-07-05 09:32:10 -05:00
Chris Thain 4f0bdd35e6
Integration test for ext-authz Envoy extension (#17980) 2023-07-04 08:09:17 -07:00
Ronald 80394278b8
Expose JWKS cluster config through JWTProviderConfigEntry (#17978)
* Expose JWKS cluster config through JWTProviderConfigEntry

* fix typos, rename trustedCa to trustedCA
2023-07-04 09:12:06 -04:00
Evan Phoenix dc6ea1b644
Fix typo (#17198)
servcies => services
2023-07-01 01:55:28 +00:00
Nathan Coleman df85dd83a7
Add changelog entry for 1.16.0 (#17987) 2023-06-30 20:29:47 +00:00
Jeff Boruszak f096fc53ca
docs: samenessGroup YAML examples (#17984)
* configuration entry syntax

* Example config
2023-06-30 20:26:08 +00:00
Chris Thain 0b1299c28d
Remove duplicate and unused newDecodeConfigEntry func (#17979) 2023-06-30 09:39:54 -07:00
wangxinyi7 9ce89c497a
update doc (#17910)
* update doc

* update link
2023-06-30 08:13:24 -07:00
Chris S. Kim 50a9d1b696
Remove POC code (#17974) 2023-06-30 14:05:13 +00:00
Tu Nguyen 5b7f360e77
Fix formatting codeblocks on APIgw docs (#17970)
* fix formatting codeblocks

* remove unnecessary indents
2023-06-30 06:17:38 +00:00
Ashesh Vidyut 2af6bc434a
feature - [NET - 4005] - [Supportability] Reloadable Configuration - enable_debug (#17565)
* # This is a combination of 9 commits.
# This is the 1st commit message:

init without tests

# This is the commit message #2:

change log

# This is the commit message #3:

fix tests

# This is the commit message #4:

fix tests

# This is the commit message #5:

added tests

# This is the commit message #6:

change log breaking change

# This is the commit message #7:

removed breaking change

# This is the commit message #8:

fix test

# This is the commit message #9:

keeping the test behaviour same

* # This is a combination of 12 commits.
# This is the 1st commit message:

init without tests

# This is the commit message #2:

change log

# This is the commit message #3:

fix tests

# This is the commit message #4:

fix tests

# This is the commit message #5:

added tests

# This is the commit message #6:

change log breaking change

# This is the commit message #7:

removed breaking change

# This is the commit message #8:

fix test

# This is the commit message #9:

keeping the test behaviour same

# This is the commit message #10:

made enable debug atomic bool

# This is the commit message #11:

fix lint

# This is the commit message #12:

fix test true enable debug

* parent 10f500e895
author absolutelightning <ashesh.vidyut@hashicorp.com> 1687352587 +0530
committer absolutelightning <ashesh.vidyut@hashicorp.com> 1687352592 +0530

init without tests

change log

fix tests

fix tests

added tests

change log breaking change

removed breaking change

fix test

keeping the test behaviour same

made enable debug atomic bool

fix lint

fix test true enable debug

using enable debug in agent as atomic bool

test fixes

fix tests

fix tests

added update on correct locaiton

fix tests

fix reloadable config enable debug

fix tests

fix init and acl 403

* revert commit
2023-06-30 08:30:29 +05:30
Derek Menteer 2736e645d4
Fix missing BalanceOutboundConnections in v2 catalog. (#17964) 2023-06-29 16:04:21 -05:00
Dan Bond f7305b279c
website: remove deprecated agent rpc docs (#17962) 2023-06-29 20:43:32 +00:00
Ronald 1512ea307e
Dynamically create jwks clusters for jwt-providers (#17944) 2023-06-29 20:37:40 +00:00
David Yu 85b78fe186
Fix streaming backend link (#17958)
* Fix streaming backend link
* Update health.mdx
2023-06-29 12:19:03 -07:00
John Maguire a60b36394d
fixing typo in link to jwt-validations-with-intentions doc (#17955) 2023-06-29 16:35:13 +00:00
Ranjandas 1b1f33f224
Fixes Secondary ConnectCA update (#17846)
This fixes a bug that was identified which resulted in subsequent
ConnectCA configuration update not to persist in the cluster.
2023-06-29 14:24:24 +00:00
John Murret bdf4fad7c5
Revert "Add workflow to verify linux release packages (#17904)" (#17942)
This reverts commit 3368f14fab.
2023-06-28 14:18:53 -06:00
David Yu 6f660e5e25
docs: Deprecations for connect-native SDK and specific connect native APIs (#17937)
* Update v1_16_x.mdx
* Update connect native golang page

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-28 19:45:46 +00:00
Samantha f019457815
tlsutil: Fix check TLS configuration (#17481)
* tlsutil: Fix check TLS configuration
* Rewording docs.
* Update website/content/docs/services/configuration/checks-configuration-reference.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Fix typos and add changelog entry.
---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-28 09:24:51 -07:00
John Maguire 67a239a821
Ensure RSA keys are at least 2048 bits in length (#17911)
* Ensure RSA keys are at least 2048 bits in length

* Add changelog

* update key length check for FIPS compliance

* Fix no new variables error and failing to return when error exists from
validating

* clean up code for better readability

* actually return value
2023-06-28 15:34:09 +00:00
Dan Bond 7dbba6c94d
deps: coredns v1.10.1 (#17912) 2023-06-28 07:53:43 -07:00
David Yu b168132176
Update create-sameness-groups.mdx (#17927) 2023-06-27 20:23:03 -07:00
David Yu 6f5da97d66
Update sameness-group.mdx (#17915) 2023-06-28 01:45:23 +00:00
natemollica-dev 310bc68e65
Update Consul K8s Upgrade Doc Updates (#17921)
Updating upgrade procedures to encompass expected errors during upgrade process from v1.13.x to v1.14.x.
2023-06-27 23:41:53 +00:00
Nathan Coleman f7870881e0
Reference hashicorp/consul instead of consul for Docker image (#17914)
* Reference hashicorp/consul instead of consul for Docker image

* Update Make targets that pull consul directly
2023-06-27 23:17:20 +00:00