Commit Graph

94 Commits (38a3f65b080c65be119462d278e4a0df8696de7b)

Author SHA1 Message Date
Paul Banks 280f14d64c Make proxy only listen after initial certs are fetched 2018-06-25 12:25:40 -07:00
Paul Banks c6ef6a61c9 Refactor to use embedded struct. 2018-06-25 12:25:39 -07:00
Paul Banks 32f362bad9 StartupTelemetry => InitTelemetry 2018-06-25 12:25:39 -07:00
Paul Banks 96c416012e Misc rebase and test fixes 2018-06-25 12:25:38 -07:00
Paul Banks dc260f42fa Basic proxy active conns and bandwidth telemetry 2018-06-25 12:25:38 -07:00
Paul Banks c08b6f6fec Add accessor and helpers to SDK for fetching self-name and client service ID 2018-06-25 12:25:38 -07:00
Paul Banks 7649d630c6 Basic proxy telemetry working; not sure if it's too ugly; need to instrument things we care about 2018-06-25 12:25:38 -07:00
Paul Banks d83f2e8e21 Expose telemetry config from RuntimeConfig to proxy config endpoint 2018-06-25 12:25:38 -07:00
Paul Banks 01fefd3d92 Return defensive error if API response is jank 2018-06-25 12:25:10 -07:00
Paul Banks e7a345cb9a Refactor resolver logic to be clearer 2018-06-25 12:25:10 -07:00
Paul Banks 41a29a469e Fix roots race with CA setup hammering bug and defensive nil check hit during obscure upgrade scenario 2018-06-25 12:25:10 -07:00
Paul Banks 541cbae5f5 More misc comment cleanup 2018-06-25 12:24:17 -07:00
Paul Banks 0824d1df5f Misc comment cleanups 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 77a8003475 api: change Connect to a query option 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 8d66d1045a connect: remove old unused code 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto e587b7c161 connect: support prepared query resolution 2018-06-25 12:24:13 -07:00
Mitchell Hashimoto 7a4463013d connect: resolver works with native services 2018-06-25 12:24:12 -07:00
Mitchell Hashimoto 11f57ed4f4
connect/proxy: remove dev CA settings 2018-06-14 09:42:22 -07:00
Mitchell Hashimoto ec4e600aeb
connect/proxy: add a full proxy test, parallel 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto baa551355e
connect/proxy: don't start public listener if 0 port 2018-06-14 09:42:21 -07:00
Mitchell Hashimoto 0487cacd10
connect/proxy: use the right variable for loading the new service 2018-06-14 09:42:20 -07:00
Mitchell Hashimoto 8c713e6104
connect/proxy: don't require proxy ID 2018-06-14 09:42:20 -07:00
Paul Banks f6673ce164
Make Service logger log to right place again 2018-06-14 09:42:17 -07:00
Paul Banks 0bfffc92f2
Make connect client resolver resolve trust domain properly 2018-06-14 09:42:17 -07:00
Paul Banks 4aeab3897c
Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes. 2018-06-14 09:42:16 -07:00
Mitchell Hashimoto 867db89303
command/connect/proxy: set proxy ID from env var if set 2018-06-14 09:42:14 -07:00
Paul Banks e0e12e165b
TLS watching integrated into Service with some basic tests.
There are also a lot of small bug fixes found when testing lots of things end-to-end for the first time and some cleanup now it's integrated with real CA code.
2018-06-14 09:42:07 -07:00
Paul Banks d1f4ad3d8a
Fix build error introduced in bad merge of TLS stuff 2018-06-14 09:42:07 -07:00
Paul Banks 67af5c740b
Add TODO for false-sharing 2018-06-14 09:42:07 -07:00
Paul Banks e112386426
Add support for measuring tx/rx packets through proxied connections. 2018-06-14 09:42:06 -07:00
Paul Banks 946e872f2f
Fix tests and listeners to work with Config changes (splitting host and port fields) 2018-06-14 09:42:05 -07:00
Paul Banks e8c510332c
Support legacy watch.HandlerFunc type for backward compat reduces impact of change 2018-06-14 09:42:05 -07:00
Paul Banks ab3df3d4a6
Working proxy config reload tests 2018-06-14 09:42:05 -07:00
Paul Banks cd88b2a351
Basic `watch` support for connect proxy config and certificate endpoints.
- Includes some bug fixes for previous `api` work and `agent` that weren't tested
 - Needed somewhat pervasive changes to support hash based blocking - some TODOs left in our watch toolchain that will explicitly fail on hash-based watches.
 - Integration into `connect` is partially done here but still WIP
2018-06-14 09:42:05 -07:00
Paul Banks 5310561c11
Refactor reloadableTLSConfig and verifyier shenanigans into simpler dynamicTLSConfig 2018-06-14 09:42:05 -07:00
Paul Banks e00ca9a7b7
Connect verification and AuthZ 2018-06-14 09:42:05 -07:00
Paul Banks 18a34c6836
Fix racy connect network tests that always fail in Docker due to listen races 2018-06-14 09:42:04 -07:00
Paul Banks 730da74369
Fix various test failures and vet warnings.
Intention de-duplication in previously merged PR actualy failed some tests that were not caught be me or CI. I ran the test files for state changes but they happened not to trigger this case so I made sure they did first and then fixed. That fixed some upstream intention endpoint tests that I'd not run as part of testing the previous fix.
2018-06-14 09:41:58 -07:00
Paul Banks 10db79c8ae
Rework connect/proxy and command/connect/proxy. End to end demo working again 2018-06-14 09:41:57 -07:00
Paul Banks aa19be4651
Remove old connect client and proxy implementation 2018-06-14 09:41:56 -07:00
Paul Banks 26e65f6bfd
connect.Service based implementation after review feedback. 2018-06-14 09:41:56 -07:00
Paul Banks 69d5efdbbd
Original proxy and connect.Client implementation. Working end to end. 2018-06-14 09:41:56 -07:00
Mitchell Hashimoto f4ec28bfe3
agent/consul: basic sign endpoint not tested yet 2018-06-14 09:41:51 -07:00
Mitchell Hashimoto 7349c94c23
connect: create connect package for helpers 2018-06-14 09:41:50 -07:00