Commit Graph

11498 Commits (3b34ccc99c2a97f281d7797a2a1d05284a13f534)

Author SHA1 Message Date
Matt Keeler e4fb93eeb5
Update CHANGELOG.md 2020-01-24 09:29:10 -05:00
Matt Keeler bbc2eb1951
Add the v1/catalog/node-services/:node endpoint (#7115)
The backing RPC already existed but the endpoint will be useful for other service syncing processes such as consul-k8s as this endpoint can return all services registered with a node regardless of namespacing.
2020-01-24 09:27:25 -05:00
John Cowen 327aac9fe9
ui: Acceptance test improvements to prepare for more NS tests (#6980)
* ui: Acceptance test improvements to prepare for more NS tests

* ui: Namespace acceptance testing (#7005)

* Update api-double and consul-api-double for http.body

* Adds places where we missed passing the nspace through

* Hardcode nspace CRUD to use the default nspace for policies and roles

* Alter test helpers to allow us to control nspaces from the outside

* Amends to allow tests to account for namespace, move ns from queryParam

1. We decided to move how we pass the namespace value through to the
backend when performing write actions (create, update). Previoulsy we
were using the queryParam although using the post body is the preferred
method to send the Namespace details through to the backend.
2. Other various amends to take into account testing across multiple
namespaced scenarios

* Enable nspace testing by default

* Remove last few occurances of old style http assertions

We had informally 'deprecated' our old style of http assertions that
relied on the order of http calls (even though that order was not
important for the assertion). Following on from our namespace work we
removed the majority of the old occrances of these old style assertions.

This commit removes the remaining few, and also then cleans up the
assertions/http.js file to only include the ones we are using.

This reduces our available step count further and prevents any confusion
over the usage of the old types and the new types.

* ui: Namespace CRUD acceptance tests (#7016)

* Upgrade consul-api-double

* Add all the things required for testing:

1. edit and index page objects
2. enable CONSUL_NSPACE_COUNT cookie setting
3. enable mutating HTTP response bodies based on URL

* Add acceptance test for nspace edit/delete/list and searching
2020-01-24 12:26:28 +00:00
Blake Covarrubias b3cf47c861 Redirect /docs/guides/outage.html to Learn
Resolves: #6953
2020-01-24 00:26:07 -08:00
Hans Hasselberg 0ea113e3b0
bot: replace stalebot with hashibot (#7113) 2020-01-24 09:24:21 +01:00
Hans Hasselberg c8ad8db049
Update CHANGELOG.md 2020-01-23 22:12:51 +01:00
Matt Keeler 48268e6344
Update CHANGELOG.md 2020-01-23 15:01:01 -05:00
Chris Piraino 59f1462801
Fix segfault when removing both a service and associated check (#7108)
* Fix segfault when removing both a service and associated check

updateSyncState creates entries in the services and checks maps for
remote services/checks that are not found locally, so that we can then
make sure to delete them in our reconciliation process. However, the
values added to the map are missing key fields that the rest of the code
expects to not be nil.

* Add comment stating Check field can be nil
2020-01-23 10:38:32 -06:00
R.B. Boyer ed6102326d update changelog 2020-01-23 10:00:26 -06:00
R.B. Boyer 0f44bcd3d8
agent: default the primary_datacenter to the datacenter if not configured (#7111)
Something similar already happens inside of the server
(agent/consul/server.go) but by doing it in the general config parsing
for the agent we can have agent-level code rely on the PrimaryDatacenter
field, too.
2020-01-23 09:59:31 -06:00
Freddy db3f0711db
Update CHANGELOG.md 2020-01-22 12:48:20 -07:00
Paul Lesiak 527daba03c bug: Consul lock does not receive signals if lock not acquired (#5909) 2020-01-22 12:44:48 -07:00
Chris Piraino 336f62fa99
Fix up formatting in sdk package (#7109) 2020-01-22 12:45:34 -06:00
Alexey Miasoedov b71630b752 fix Unix socket path in docs 2020-01-22 09:11:24 -08:00
David Yu c2fe8c5acf
Merge pull request #7102 from hashicorp/david-yu-patch-2
Adding links to Kubernetes install to README.md
2020-01-22 08:57:10 -08:00
David Yu 5b4008996b
Merge pull request #7103 from hashicorp/david-yu-patch-3
Adding Service Mesh reference to README.md
2020-01-22 08:56:34 -08:00
David Yu ee329db79a
Merge pull request #7104 from hashicorp/david-yu-patch-4
Small change to TLS connection wording
2020-01-22 08:51:34 -08:00
Song Yihan 04305be555 tests: fix zombie consul process while invoking TestServer.Stop() method in sdk/testutil in Windows (#6032)
* Fix zombie consul process in Windows 

Windows doesn't support Interrupt signal, thus while stop it on Windows platform
it would fail and left zombie consul process
2020-01-22 17:34:35 +01:00
Kit Ewbank 7b17f789d3 docs: add Helm chart 'dns.clusterIP' value. (#5845) 2020-01-22 17:32:08 +01:00
Hans Hasselberg 7d6ea82527
raft: increase raft notify buffer. (#6863)
* Increase raft notify buffer.

Fixes https://github.com/hashicorp/consul/issues/6852.

Increasing the buffer helps recovering from leader flapping. It lowers
the chances of the flapping leader to get into a deadlock situation like
described in #6852.
2020-01-22 16:15:59 +01:00
Kenia b836a772fc
ui: Checks env CONSUL_UI_DISABLE_REALTIME to show/hide blocking queries toggle (#7099)
Adds a conditional that checks env CONSUL_UI_DISABLE_REALTIME to show/hide the Blocking Queries toggle in the Settings page.
2020-01-22 09:19:01 -05:00
John Cowen afafe677a3
ui: New Confirmation Dialogs (#7007)
* ui: Change action-group to use new popup-menu component in intentions

* ui: Slight amends to aria-menu to prevent scrolling

* ui: Begin to use aria-menu/popover-menu for other elements

* Use a simpler, hackier method to fix up zIndexing

* ui: Implement new confirmation dialogs in other list views (#7080)

This includes another amend to the popover-menu in order to allow
mutiple confirmations/subpanels in the same popover menu.

The functionality added here to allow this is likely to change in the
future.
2020-01-22 12:08:29 +00:00
Hans Hasselberg 11a571de95
agent: setup grpc server with auto_encrypt certs and add -https-port (#7086)
* setup grpc server with TLS config used across consul.
* add -https-port flag
2020-01-22 11:32:17 +01:00
Hans Hasselberg 82c556d1be
connect: use correct subject key id for leaf certificates. (#7091) 2020-01-22 11:28:28 +01:00
Iryna Shustava a33154ac9b
Add docs about rolling out TLS on k8s (#7096)
* Add docs about gradually rolling out TLS on k8s

Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2020-01-21 19:29:55 -08:00
David Yu 26a0ea1c39
Small change to wording
Removing automatic connection wording for applications for the time being. From @blake 
> They can automatically establish TLS connections without being aware that TLS is happening. They are aware that they’re routed through the Connect proxy, the app has to configure itself to use the local upstream port.
2020-01-21 16:27:43 -08:00
David Yu fd871dc4ca
Small change 2020-01-21 16:22:22 -08:00
David Yu 6a8f07e49c
Adding change to mention a few guides
Previously mentioned just one one guide in the header
2020-01-21 15:46:04 -08:00
David Yu b30bbc63e0
Adding Service Mesh reference
Adding Service Mesh reference for Consul
2020-01-21 15:07:54 -08:00
David Yu 94e8a3b306
Adding links to Kubernetes install
Adding links to Kubernetes deployment guide and minikube install for visibility
2020-01-21 14:55:21 -08:00
R.B. Boyer c91d0fa2c9
make TestCatalogNodes_Blocking less flaky (#7074)
- Explicitly wait to start the test until the initial AE sync of the node.

- Run the blocking query in the main goroutine to cut down on possible
poor goroutine scheduling issues being to blame for delays.

- If the blocking query is woken up with no index change, rerun the
query. This may happen if the CI server is loaded and time dilation is
happening.
2020-01-21 14:58:50 -06:00
R.B. Boyer e2eb9f0585
test: ensure we don't ask vault to sign a leaf that outlives its CA when acting as a secondary (#7100) 2020-01-21 14:55:21 -06:00
R.B. Boyer 4af5c2d6dd
fix the submodule go.mod and go.sum files (#7098) 2020-01-21 14:49:26 -06:00
R.B. Boyer 98e0cbdebe
test: run both the TestVaultProvider and TestVaultCAProvider tests in CI (#7097) 2020-01-21 12:01:35 -06:00
John Cowen a65d941e76
ui: Improve configuration/env/feature flag usage (also add build time year detection) (#7072)
* Add new getEnvironment util/function

* Use new-ish `env` function in all the places

* Clean up ember env file, add year detection from commit date
2020-01-21 17:52:40 +00:00
Hans Hasselberg f0fc9aea7f
tests: fix autopilot test (#7092) 2020-01-21 14:09:51 +01:00
Paul Banks 1807af552e
Fix TestAPI_DiscoveryChain_Get flake (#7082) 2020-01-20 14:56:56 +00:00
John Cowen ac613993bb
ui: Keyboard navigation improvements (#7090)
* ui: Improve keyboard access for some custom components

* ui: Add some accessibility related metadata
2020-01-20 14:15:15 +00:00
Aestek 8fc736038a agent: remove service sidecars in Agent.cleanupRegistration (#7022)
Sidecar proxies were left behind when cleaning up after an unsuccessful
registration. There are now also removed when the service is cleanup up.
2020-01-20 14:01:40 +01:00
Hans Hasselberg 9c1361c02b
raft: update raft to v1.1.2 (#7079)
* update raft
* use hclogger for raft.
2020-01-20 13:58:02 +01:00
Luke Kysow c9dbcc31ec
Merge pull request #6970 from hashicorp/k8s-docs-refactor
Kubernetes docs reorganization
2020-01-18 19:08:26 -06:00
Luke Kysow e0aff262cf
Reorg kube docs 2020-01-18 19:07:53 -06:00
Hans Hasselberg 804eb17094
connect: check if intermediate cert needs to be renewed. (#6835)
Currently when using the built-in CA provider for Connect, root certificates are valid for 10 years, however secondary DCs get intermediates that are valid for only 1 year. There is no mechanism currently short of rotating the root in the primary that will cause the secondary DCs to renew their intermediates.
This PR adds a check that renews the cert if it is half way through its validity period.

In order to be able to test these changes, a new configuration option was added: IntermediateCertTTL which is set extremely low in the tests.
2020-01-17 23:27:13 +01:00
Hans Hasselberg 87f32c8ba6
auto_encrypt: set dns and ip san for k8s and provide configuration (#6944)
* Add CreateCSRWithSAN
* Use CreateCSRWithSAN in auto_encrypt and cache
* Copy DNSNames and IPAddresses to cert
* Verify auto_encrypt.sign returns cert with SAN
* provide configuration options for auto_encrypt dnssan and ipsan
* rename CreateCSRWithSAN to CreateCSR
2020-01-17 23:25:26 +01:00
Kit Patella 44280103ee
.gitignore: cut IDE-specific entries, cleanup (#7083)
* .gitignore: add vscode and MacOS-specific files. add a little org

* .gitignore: remove IDE-specific ignores, add docs
2020-01-17 11:06:33 -08:00
Matt Keeler 3027923229
Update CHANGELOG.md 2020-01-17 09:55:59 -05:00
Aestek ba8fd8296f Add support for dual stack IPv4/IPv6 network (#6640)
* Use consts for well known tagged adress keys

* Add ipv4 and ipv6 tagged addresses for node lan and wan

* Add ipv4 and ipv6 tagged addresses for service lan and wan

* Use IPv4 and IPv6 address in DNS
2020-01-17 09:54:17 -05:00
Aestek 5dc8875bd3 agent: do not deregister service checks twice (#6168)
Deregistering a service from the catalog automatically deregisters its
checks, however the agent still performs a deregister call for each
service checks even after the service has been deregistered.
With ACLs enabled this results in logs like:
"message:consul: "Catalog.Deregister" RPC failed to server
server_ip:8300: rpc error making call: rpc error making call: Unknown
check 'check_id'"
This change removes associated checks from the agent state when
deregistering a service, which results in less calls to the servers and
supresses the error logs.
2020-01-17 14:26:53 +01:00
Matej Urbas ce023359fe agent: configurable MaxQueryTime and DefaultQueryTime. (#3777) 2020-01-17 14:20:57 +01:00
neillyt a2ab9b4aee Fix Namespace Typo (#7030) 2020-01-16 20:34:04 -07:00