Commit Graph

501 Commits (500dcb1f214639441db41b53a8eb617fa34aac4a)

Author SHA1 Message Date
Nitya Dhanushkodi 8dab825c36
troubleshoot: fixes and updated messages (#16294)
2 years ago
Thomas Eckert 2460ac99c9
API Gateway Envoy Golden Listener Tests (#16221)
2 years ago
Derek Menteer 30112288c8
Fix mesh gateways incorrectly matching peer locality. (#16257)
2 years ago
Thomas Eckert e81a0c2855
API Gateway to Ingress Gateway Snapshot Translation and Routes to Virtual Routers and Splitters (#16127)
2 years ago
Nathan Coleman 72a73661c9
Implement APIGateway proxycfg snapshot (#16194)
2 years ago
Nitya Dhanushkodi 1f25289048
troubleshoot: output messages for the troubleshoot proxy command (#16208)
2 years ago
cskh e91bc9c058
feat: envoy extension - http local rate limit (#16196)
2 years ago
skpratt 1e7e52e3ef
revert method name change in xds server protocol for version compatibility (#16195)
2 years ago
skpratt 9199e99e21
Update token language to distinguish Accessor and Secret ID usage (#16044)
2 years ago
Nitya Dhanushkodi b8b37c2357
refactor: remove troubleshoot module dependency on consul top level module (#16162)
2 years ago
skpratt a010902978
Remove legacy acl policies (#15922)
2 years ago
Derek Menteer 2f149d60cc
[OSS] Add Peer field to service-defaults upstream overrides (#15956)
2 years ago
Nitya Dhanushkodi 8d4c3aa42c
refactor: move service to service validation to troubleshoot package (#16132)
2 years ago
Derek Menteer 06338c8ee7
Add unit test and update golden files. (#16115)
2 years ago
Derek Menteer b19c5a94c7
Add Envoy extension metrics. (#16114)
2 years ago
Derek Menteer 1b02749375
Add extension validation on config save and refactor extensions. (#16110)
2 years ago
Nitya Dhanushkodi 8728a4496c
troubleshoot: service to service validation (#16096)
2 years ago
Michael Wilkerson a1498b015d
Mw/lambda envoy extension parse region (#4107) (#16069)
2 years ago
Derek Menteer 2facf50923
Fix configuration merging for implicit tproxy upstreams. (#16000)
2 years ago
Dan Upton 7a55de375c
xds: don't attempt to load-balance sessions for local proxies (#15789)
2 years ago
Chris S. Kim e4a268e33e
Warn if ACL is enabled but no token is provided to Envoy (#15967)
2 years ago
Matt Keeler 5afd4657ec
Protobuf Modernization (#15949)
2 years ago
Eric Haberkorn 8d923c1789
Add the Lua Envoy extension (#15906)
2 years ago
Derek Menteer 1f7e7abeac
Fix issue with incorrect proxycfg watch on upstream peer-targets. (#15865)
2 years ago
Dan Stough b3bd3a6586
[OSS] feat: access logs for listeners and listener filters (#15864)
2 years ago
Nitya Dhanushkodi 24f01f96b1
add extensions for local service to GetExtensionConfigurations (#15871)
2 years ago
Nitya Dhanushkodi c7ef04c597
[OSS] extensions: refactor PluginConfiguration into a more generic type ExtensionConfiguration (#15846)
2 years ago
Michael Wilkerson 1b28b89439
Enhancement: Consul Compatibility Checking (#15818)
2 years ago
Nitya Dhanushkodi d382ca0aec
extensions: refactor serverless plugin to use extensions from config entry fields (#15817)
2 years ago
cskh 04bf24c8c1
feat(ingress-gateway): support outlier detection of upstream service for ingress gateway (#15614)
2 years ago
Eric Haberkorn 4268c1c25c
Remove the `connect.enable_serverless_plugin` agent configuration option (#15710)
2 years ago
cskh 3df68751f5
Flakiness test: case-cfg-splitter-peering-ingress-gateways (#15707)
2 years ago
Derek Menteer 97ec5279aa
Fix local mesh gateway with peering discovery chains. (#15690)
2 years ago
James Oulman 7e78fb7818
Add support for configuring Envoys route idle_timeout (#14340)
2 years ago
Kyle Schochenmaier bf0f61a878
removes ioutil usage everywhere which was deprecated in go1.16 (#15297)
2 years ago
Derek Menteer 418bd62c44
Fix mesh gateway configuration with proxy-defaults (#15186)
2 years ago
Freddy 7f5f7e9cf9
Avoid blocking child type updates on parent ack (#15083)
2 years ago
Chris S. Kim 985a4ee1b1
Update hcp-scada-provider to fix diamond dependency problem with go-msgpack (#15185)
2 years ago
Derek Menteer f4cb2f82bf
Backport various fixes from ENT. (#15254)
2 years ago
Evan Culver 62d4517f9e
connect: Add Envoy 1.24 to integration tests, remove Envoy 1.20 (#15093)
2 years ago
Eric Haberkorn 1bdad89026
fix bug that resulted in generating Envoy configs that use CDS with an EDS configuration (#15140)
2 years ago
Luke Kysow d3aa2bd9c5
ingress-gateways: don't log error when registering gateway (#15001)
2 years ago
Chris S. Kim bde57c0dd0 Regenerate files according to 1.19.2 formatter
2 years ago
R.B. Boyer 300860412c
chore: update golangci-lint to v1.50.1 (#15022)
2 years ago
Kyle Havlovitz aaf892a383 Extend tcp keepalive settings to work for terminating gateways as well
2 years ago
Kyle Havlovitz 2c569f6b9c Update docs and add tcp_keepalive_probes setting
2 years ago
Kyle Havlovitz 2242d1ec4a Add TCP keepalive settings to proxy config for mesh gateways
2 years ago
Paul Glass bcda205f88
Add consul.xds.server.streamStart metric (#14957)
2 years ago
James Oulman b8bd7a3058
Configure Envoy alpn_protocols based on service protocol (#14356)
2 years ago
DanStough 77ab28c5c7 feat: xDS updates for peerings control plane through mesh gw
2 years ago
Eric Haberkorn 1633cf20ea
Make the mesh gateway changes to allow `local` mode for cluster peering data plane traffic (#14817)
2 years ago
Derek Menteer a279d2d329
Fix explicit tproxy listeners with discovery chains. (#14751)
2 years ago
Alex Oskotsky 13da2c5fad
Add the ability to retry on reset connection to service-routers (#12890)
2 years ago
Evan Culver a3be5a5a82
connect: Bump Envoy 1.20 to 1.20.7, 1.21 to 1.21.5 and 1.22 to 1.22.5 (#14831)
2 years ago
Freddy d9fe3578ac
Merge pull request #14734 from hashicorp/NET-643-update-mesh-gateway-envoy-config-for-inbound-peering-control-plane-traffic
2 years ago
freddygv b15d41534f Update xds generation for peering over mesh gws
2 years ago
cskh 69f40df548
feat(ingress gateway: support configuring limits in ingress-gateway c… (#14749)
2 years ago
malizz 84b0f408fa
Support Stale Queries for Trust Bundle Lookups (#14724)
2 years ago
Eric Haberkorn 6570d5f004
Enable outbound peered requests to go through local mesh gateway (#14763)
2 years ago
Derek Menteer aa4709ab74
Add envoy connection balancing. (#14616)
2 years ago
freddygv d818d7b096 Manage local server watches depending on mesh cfg
2 years ago
Evan Culver d0416f593c
connect: Bump latest Envoy to 1.23.1 in test matrix (#14573)
2 years ago
Eric Haberkorn aa8268e50c
Implement Cluster Peering Redirects (#14445)
2 years ago
Dan Upton 1c2c975b0b
xDS Load Balancing (#14397)
2 years ago
malizz b3ac8f48ca
Add additional parameters to envoy passive health check config (#14238)
2 years ago
Chris S. Kim e62f830fa8
Merge pull request #13998 from jorgemarey/f-new-tracing-envoy
2 years ago
Eric Haberkorn 3726a0ab7a
Finish up cluster peering failover (#14396)
2 years ago
Jorge Marey 3f3bb8831e Fix typos. Add test. Add documentation
2 years ago
Jorge Marey ed7b34128f Add new tracing configuration
2 years ago
Eric Haberkorn 72f90754ae
Update max_ejection_percent on outlier detection for peered clusters to 100% (#14373)
2 years ago
cskh 41aea65214
Fix: the inboundconnection limit filter should be placed in front of http co… (#14325)
2 years ago
Daniel Upton 13c04a13af proxycfg: terminate stream on irrecoverable errors
2 years ago
Eric Haberkorn 58901ad7df
Cluster peering failover disco chain changes (#14296)
2 years ago
Eric Haberkorn ebd5513d4b
Refactor failover code to use Envoy's aggregate clusters (#14178)
2 years ago
DanStough 169ff71132 fix: ipv4 destination dns resolution
2 years ago
Dhia Ayachi 6fd65a4a45
Tgtwy egress HTTP support (#13953)
2 years ago
Dhia Ayachi 256694b603
inject gateway addons to destination clusters (#13951)
2 years ago
Chris S. Kim 8ed49ea4d0
Update envoy metrics label extraction for peered clusters and listeners (#13818)
2 years ago
DanStough 2da8949d78 feat: convert destination address to slice
2 years ago
Evan Culver 4116537b83
connect: Add support for Envoy 1.23, remove 1.19 (#13807)
2 years ago
Chris S. Kim 495936300e
Make envoy resources for inferred peered upstreams (#13758)
2 years ago
Dan Stough 49f3dadb8f feat: connect proxy xDS for destinations
2 years ago
Chris S. Kim f56810132f Check if an upstream is implicit from either intentions or peered services
2 years ago
Chris S. Kim 02cff2394d Use new maps for proxycfg peered data
2 years ago
Kyle Havlovitz 9097e2b0f0
Merge pull request #13699 from hashicorp/tgate-http2-upstream
2 years ago
Dan Upton b9e525d689
grpc: rename public/private directories to external/internal (#13721)
2 years ago
Kyle Havlovitz 7d0c692374 Use protocol from resolved config entry, not gateway service
2 years ago
Kyle Havlovitz 7162e3bde2 Enable http2 options for grpc protocol
2 years ago
R.B. Boyer 2317f37b4d
state: prohibit exported discovery chains to have cross-datacenter or cross-partition references (#13726)
2 years ago
Kyle Havlovitz 439eccdd80 Respect http2 protocol for upstreams of terminating gateways
2 years ago
Eric Haberkorn 653cb42944
Fix spelling mistake in serverless patcher (#13607)
2 years ago
R.B. Boyer 31b95c747b
xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629)
2 years ago
R.B. Boyer de0f9ac519
xds: have mesh gateways forward peered SpiffeIDs using the XFCC header (#13625)
2 years ago
R.B. Boyer 1a9c86ea8f
xds: mesh gateways now correctly load up peer-exported discovery chains using L7 protocols (#13624)
2 years ago
Chris S. Kim fb5eb20563
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508)
2 years ago
DanStough 4b402e3119 feat: tgtwy xDS generation for destinations
2 years ago
R.B. Boyer da8cea58c9
xds: begin refactor to always pass test snapshots through all xDS types (#13461)
2 years ago
R.B. Boyer 201d1458c3
xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460)
2 years ago
Evan Culver 7f8c650d61
connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444)
2 years ago
Evan Culver ba6136eb42
connect: Update Envoy support matrix to latest patch releases (#13431)
2 years ago