Commit Graph

18984 Commits (29ebcf5ff0c15c72b3cdaa72645a7f330f3be9e9)

Author SHA1 Message Date
Michael Klein 454424145a Update peer repo with latest API changes 2022-10-12 09:29:24 +02:00
freddygv 7f9a5d0f58 Add basic nonce management
This commit adds a monotonically increasing nonce to include in peering
replication response messages. Every ack/nack from the peer handling a
response will include this nonce, allowing to correlate the ack/nack
with a specific resource.

At the moment nothing is done with the nonce when it is received. In the
future we may want to add functionality such as retries on NACKs,
depending on the class of error.
2022-10-11 19:02:04 -06:00
Paul Glass d17af23641
gRPC server metrics (#14922)
* Move stats.go from grpc-internal to grpc-middleware
* Update grpc server metrics with server type label
* Add stats test to grpc-external
* Remove global metrics instance from grpc server tests
2022-10-11 17:00:32 -05:00
Stuart e2a6028e8e
Fixed broken links referring to tutorials running as local agent (#14954) 2022-10-11 13:01:29 -07:00
Bryce Kalow eb6254c96d
docs: fix malformed yaml (#14952) 2022-10-11 12:25:19 -05:00
HashiBot 0d2d8c4d45
chore: Update Digital Team Files (#14945)
* Update generated scripts (website-build.sh)

* Update generated scripts (should-build.sh)

* Update generated scripts (website-start.sh)

* Update generated website Makefile
2022-10-11 12:39:47 -04:00
Kevin Wang 9dfff268de
chore: clear redirects (#14939) 2022-10-11 12:38:20 -04:00
John Murret d1f89458b3
[Docs] Add docs for memberlist metrics (#14753)
* Add metrics for consul.memberlist.node.instances, consul.memberlist.queue.broadcast, consul.memberlist.size.local, and consul.memberlist.size.remote

* Fixing last table on page that does not render properly

* fixing queue name
2022-10-11 10:02:51 -06:00
Tyler Wendlandt 06b67a9928
ui: hide node name and meta on agentless instances (#14921)
* [NET-950] hide node name and meta on agentless instances

* Fix linting issues and set synthetic-node value

* ui: changelog entry
2022-10-11 09:59:53 -06:00
Jeff Boruszak 335a3508a3
Merge pull request #14746 from hashicorp/docs/search-refresh06
docs: Search Description Refresh Batch 06
2022-10-11 10:34:02 -05:00
boruszak 1de7977a24 nav fix for deployment 2022-10-11 10:28:08 -05:00
boruszak 8293a2b97b Deployment issue fix 2022-10-11 10:22:41 -05:00
boruszak 212298fd5c Merge branch 'main' into docs/search-refresh06 2022-10-11 10:17:22 -05:00
boruszak 38b1a515f1 Mergimg 2022-10-11 10:10:00 -05:00
boruszak eea2f652ed Nav fix for deployment 2022-10-11 09:59:19 -05:00
Bryce Kalow 6a09b284c9
website: fix broken links (#14943) 2022-10-11 09:58:52 -05:00
cskh e0356e1502
fix(peering): add missing grpc_tls_port for server address reconciliation (#14944) 2022-10-11 10:56:29 -04:00
boruszak 9e1aecc73c Merge branch 'main' into docs/search-refresh06 2022-10-11 09:43:43 -05:00
Jeff Boruszak d31be1e949
Update website/content/docs/dynamic-app-config/watches.mdx
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2022-10-11 09:35:24 -05:00
Jeff Boruszak 9cd63ba543
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-10-11 09:34:36 -05:00
Jeff Boruszak 74f08b9667
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-11 09:34:17 -05:00
Mariano Asselborn 2bb2846790
Enable ironbank integration (#14931) 2022-10-11 10:27:06 -04:00
freddygv f4cc4577ca Fix alias check leak
Preivously when alias check was removed it would not be stopped nor
cleaned up from the associated aliasChecks map.

This means that any time an alias check was deregistered we would
leak a goroutine for CheckAlias.run() because the stopCh would never
be closed.

This issue mostly affects service mesh deployments on platforms where
the client agent is mostly static but proxy services come and go
regularly, since by default sidecars are registered with an alias check.
2022-10-10 16:42:29 -06:00
James Oulman b8bd7a3058
Configure Envoy alpn_protocols based on service protocol (#14356)
* Configure Envoy alpn_protocols based on service protocol

* define alpnProtocols in a more standard way

* http2 protocol should be h2 only

* formatting

* add test for getAlpnProtocol()

* create changelog entry

* change scope is connect-proxy

* ignore errors on ParseProxyConfig; fixes linter

* add tests for grpc and http2 public listeners

* remove newlines from PR

* Add alpn_protocol configuration for ingress gateway

* Guard against nil tlsContext

* add ingress gateway w/ TLS tests for gRPC and HTTP2

* getAlpnProtocols: add TCP protocol test

* add tests for ingress gateway with grpc/http2 and per-listener TLS config

* add tests for ingress gateway with grpc/http2 and per-listener TLS config

* add Gateway level TLS config with mixed protocol listeners to validate ALPN

* update changelog to include ingress-gateway

* add http/1.1 to http2 ALPN

* go fmt

* fix test on custom-trace-listener
2022-10-10 13:13:56 -07:00
Freddy a73c6a26c8
Merge pull request #14747 from hashicorp/kisunji/NET-801-add-peer-stream-status 2022-10-10 14:07:54 -06:00
freddygv b16a69d16f Add changelog entry 2022-10-10 13:35:12 -06:00
freddygv bf72df7b0e Fixup test 2022-10-10 13:20:14 -06:00
Chris S. Kim 4f4112662e Fix nil pointer 2022-10-10 13:20:14 -06:00
Chris S. Kim b0a4c5c563 Include stream-related information in peering endpoints 2022-10-10 13:20:14 -06:00
cskh 7770be3d57
docs: fix missing agent caching method (#14928) 2022-10-10 14:38:04 -04:00
Paul Glass c0c187f1c5
Merge central config for GetEnvoyBootstrapParams (#14869)
This fixes GetEnvoyBootstrapParams to merge in proxy-defaults and service-defaults.

Co-authored-by: Dan Upton <daniel@floppy.co>
2022-10-10 12:40:27 -05:00
Freddy b757624b59
Merge pull request #14918 from hashicorp/fix/metrics-checker 2022-10-10 11:12:37 -06:00
Geoffrey Grosenbach 58c8a10b98
Fix outdated support email address (#14907)
The software delivery support email address is no longer valid. This replaces it with a link to the official support website.
2022-10-07 16:29:38 -07:00
Kyle Schochenmaier 2f1845a4fa
update helm docs (#14912) 2022-10-07 16:07:57 -07:00
Freddy 4abad02abd
Merge pull request #14796 from hashicorp/peering/use-connect-ca 2022-10-07 10:37:37 -06:00
Freddy 56d4aba18c
Merge pull request #14917 from hashicorp/dans/NET-718/peering-outbound-mesh-gateway-xds 2022-10-07 10:20:38 -06:00
freddygv 7851b30aad Add changelog entry 2022-10-07 09:54:08 -06:00
freddygv 7d4da6eb22 Fixup test 2022-10-07 09:34:16 -06:00
freddygv 79da55a4b9 Ensure lines were modified
It's possible that the output of the diff contains surrounding lines
that were not modified. This change filters further to lines that were
added or removed.
2022-10-07 09:24:37 -06:00
freddygv 3034df6a5c Require Connect and TLS to generate peering tokens
By requiring Connect and a gRPC TLS listener we can automatically
configure TLS for all peering control-plane traffic.
2022-10-07 09:06:29 -06:00
freddygv fac3ddc857 Use internal server certificate for peering TLS
A previous commit introduced an internally-managed server certificate
to use for peering-related purposes.

Now the peering token has been updated to match that behavior:
- The server name matches the structure of the server cert
- The CA PEMs correspond to the Connect CA

Note that if Conect is disabled, and by extension the Connect CA, we
fall back to the previous behavior of returning the manually configured
certs and local server SNI.

Several tests were updated to use the gRPC TLS port since they enable
Connect by default. This means that the peering token will embed the
Connect CA, and the dialer will expect a TLS listener.
2022-10-07 09:05:32 -06:00
freddygv 5f97223822 Simplify mgw watch mgmt 2022-10-07 08:54:37 -06:00
freddygv d54db25421 Use existing query options to build ctx 2022-10-07 08:46:53 -06:00
DanStough 77ab28c5c7 feat: xDS updates for peerings control plane through mesh gw 2022-10-07 08:46:42 -06:00
Tyler Wendlandt 2c349bb126
ui: Remove node name from agentless service instance (#14903)
* [NET-949]: Remove node name from agentless instance

* Add changelog entry
2022-10-07 04:01:34 -06:00
Tim Rosenblatt 97ad73ad24
Fixes broken URLs in Dataplane docs (#14910) 2022-10-06 19:23:02 -07:00
Jared Kirschner 8c3376d1e5
Merge pull request #14898 from hashicorp/docs/new-vault-connect-ca-permissions-needed
docs: vault ca provider patch upgrade guidance
2022-10-06 19:11:50 -04:00
Jared Kirschner 2603c0da52 docs: vault ca provider patch upgrade guidance 2022-10-06 16:04:43 -07:00
HashiBot 1ade1de38b
website: upgrade next version (#14906)
Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
2022-10-06 14:15:47 -05:00
Tyler Wendlandt f0be55df86
ui: Update empty-state copy throughout app (#14721)
* Update empty-state copy throughout app

Update empty-states throughout the app to only include mentions of ACLs if the user has ACLs enabled.

* Update peers empty state copy
Flip the empty state copy logic for peers. Small typo fixes on other empty states.

* Update Node empty state with docs

* Update intentions empty state
Make ACL copy dependent on if acls are enabled.

* Update Nodes empty state learn copy

* Fix binding rule copy key
2022-10-06 11:01:49 -06:00