Commit Graph

41 Commits (5a3e7ec13953d644086426c1869870edb0f40047)

Author SHA1 Message Date
Matt Keeler 085c0addc0
Protobuf Refactoring for Multi-Module Cleanliness (#16302)
2 years ago
Derek Menteer 2facf50923
Fix configuration merging for implicit tproxy upstreams. (#16000)
2 years ago
Derek Menteer 97ec5279aa
Fix local mesh gateway with peering discovery chains. (#15690)
2 years ago
Eric Haberkorn c340922991
Log Warnings When Peering With Mesh Gateway Mode None (#15304)
2 years ago
Derek Menteer 418bd62c44
Fix mesh gateway configuration with proxy-defaults (#15186)
2 years ago
Riddhi Shah 345191a0df
Service http checks data source for agentless proxies (#14924)
2 years ago
Derek Menteer a279d2d329
Fix explicit tproxy listeners with discovery chains. (#14751)
2 years ago
Eric Haberkorn 6570d5f004
Enable outbound peered requests to go through local mesh gateway (#14763)
2 years ago
Eric Haberkorn 3726a0ab7a
Finish up cluster peering failover (#14396)
2 years ago
freddygv b544ce6485 Add ACL enforcement to peering endpoints
2 years ago
Chris S. Kim 495936300e
Make envoy resources for inferred peered upstreams (#13758)
2 years ago
Dan Stough 49f3dadb8f feat: connect proxy xDS for destinations
2 years ago
Chris S. Kim 02cff2394d Use new maps for proxycfg peered data
2 years ago
Daniel Upton 37ccbd2826 proxycfg: server-local intentions data source
2 years ago
Chris S. Kim fb5eb20563
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508)
2 years ago
R.B. Boyer f557509e58
xds: allow for peered upstreams to use tagged addresses that are hostnames (#13422)
3 years ago
R.B. Boyer 019aeaa57d
peering: update how cross-peer upstreams and represented in proxycfg and rendered in xds (#13362)
3 years ago
Freddy a09c776645 Update public listener with SPIFFE Validator
3 years ago
Freddy 74ca6406ea
Configure upstream TLS context with peer root certs (#13321)
3 years ago
Dan Upton adeabed126
proxycfg: replace direct agent cache usage with interfaces (#13320)
3 years ago
freddygv 364758ef2f Use embedded SpiffeID for peered upstreams
3 years ago
Dan Upton d7f8a8e4ef
proxycfg: remove dependency on `cache.UpdateEvent` (#13144)
3 years ago
Chris S. Kim abc472f2a3
Default discovery chain when upstream targets a DestinationPeer (#12942)
3 years ago
R.B. Boyer 25ba9c147a
xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections (#12711)
3 years ago
R.B. Boyer e79ce8ab03
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
3 years ago
freddygv cbea3d203c Fix race of upstreams with same passthrough ip
3 years ago
freddygv 659ebc05a9 Ensure passthrough addresses get cleaned up
3 years ago
R.B. Boyer 424f3cdd2c
proxycfg: introduce explicit UpstreamID in lieu of bare string (#12125)
3 years ago
freddygv ba12dc215b Clean up chains separately from their watches
3 years ago
freddygv 70d6358426 Store intention upstreams in snapshot
3 years ago
R.B. Boyer 81ea8129d7
proxycfg: ensure all of the watches are canceled if they are cancelable (#11824)
3 years ago
R.B. Boyer 631c649291
various partition related todos (#11822)
3 years ago
Daniel Nephin eb632c53a2 structs: rename the last helper method.
3 years ago
Daniel Nephin 6d72517682 structs: remove two methods that were only used once each.
3 years ago
freddygv 95a6db9cfa Account for partitions in ixn match/decision
3 years ago
freddygv 77681b9f6c Pass partition to intention match query
3 years ago
Dhia Ayachi bc0e4f2f46
partition dicovery chains (#10983)
3 years ago
Dhia Ayachi 1950ebbe1f
oss portion of ent #1069 (#10883)
3 years ago
R.B. Boyer 097e1645e3
agent: ensure that most agent behavior correctly respects partition configuration (#10880)
3 years ago
R.B. Boyer 188e8dc51f
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
3 years ago
Daniel Nephin 6bc5255028 proxycfg: move each handler into a seprate file
4 years ago