Commit Graph

118 Commits (64e35777e044a9c6122093067eacc871f440b7db)

Author SHA1 Message Date
R.B. Boyer e79ce8ab03
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
3 years ago
R.B. Boyer ac5bea862a
server: ensure that service-defaults meta is incorporated into the discovery chain response (#12511)
3 years ago
Kyle Havlovitz 3fe358b831 xds: respect chain protocol on default discovery chain
3 years ago
freddygv cbea3d203c Fix race of upstreams with same passthrough ip
3 years ago
freddygv 659ebc05a9 Ensure passthrough addresses get cleaned up
3 years ago
R.B. Boyer 424f3cdd2c
proxycfg: introduce explicit UpstreamID in lieu of bare string (#12125)
3 years ago
Kyle Havlovitz 0db874c38b Add virtual IP generation for term gateway backed services
3 years ago
Mike Morris 1b1a97e8f9
ingress: allow setting TLS min version and cipher suites in ingress gateway config entries (#11576)
3 years ago
freddygv c5c290c503 Validate chains are associated with upstreams
3 years ago
freddygv e7a7042c69 Update listener generation to account for consul VIP
3 years ago
Freddy 00b5b0a0a2
Update filter chain creation for sidecar/ingress listeners (#11245)
3 years ago
freddygv e93c144d2f Update comments
3 years ago
freddygv 448701dbd8 Replace default partition check
3 years ago
freddygv 12923f5ebc PR comments
3 years ago
freddygv a33b6923e0 Account for partitions in xds gen for mesh gw
3 years ago
freddygv 935112a47a Account for partition in SNI for gateways
3 years ago
freddygv 110fae820a Update xds pkg to account for GatewayKey
3 years ago
Paul Banks 78a00f2e1c Add support for enabling connect-based ingress TLS per listener.
3 years ago
Paul Banks 5cfd030d03 Refactor Ingress-specific lister code to separate file
3 years ago
Paul Banks 136928a90f Minor PR typo and cleanup fixes
3 years ago
Paul Banks 9fa60c7472 Remove unused argument to fix lint error
3 years ago
Paul Banks 659321d008 Handle namespaces in route names correctly; add tests for enterprise
3 years ago
Paul Banks 16b3b1c737 Update xDS Listeners with SDS support
3 years ago
Chris S. Kim f972048ebc
connect: Allow upstream listener escape hatch for prepared queries (#11109)
3 years ago
Dhia Ayachi bc0e4f2f46
partition dicovery chains (#10983)
3 years ago
Dhia Ayachi 09197c989c
add partition to SNI when partition is non default (#10917)
3 years ago
Dhia Ayachi 1950ebbe1f
oss portion of ent #1069 (#10883)
3 years ago
Dhia Ayachi 9b45107c1e
Format certificates properly (rfc7468) with a trailing new line (#10411)
3 years ago
Freddy 0a38c8fe10
Update agent/xds/listeners.go
4 years ago
freddygv f3e4705923 Remove unused param
4 years ago
freddygv 0aec6761dc Update ingress gateway stats labeling
4 years ago
freddygv 6f8c6043b6 Update terminating gateway stats labeling
4 years ago
R.B. Boyer 848ad8535b
xds: ensure that dependent xDS resources are reconfigured during primary type warming (#10381)
4 years ago
Freddy ffb13f35f1
Rename CatalogDestinationsOnly (#10397)
4 years ago
Freddy 429f9d8bb8
Add flag for transparent proxies to dial individual instances (#10329)
4 years ago
Freddy 7577f0e991
Revert "Avoid adding original_dst filter when not needed" (#10365)
4 years ago
Freddy 19334e8abf
Avoid adding original_dst filter when not needed (#10302)
4 years ago
Mark Anderson 583ae65d5b Convert mode to string representation
4 years ago
Mark Anderson 06f0f79218 Continue working through proxy and agent
4 years ago
Freddy ed1082510d
Fixup discovery chain handling in transparent mode (#10168)
4 years ago
Freddy 2ca3f481f8
Only consider virtual IPs for transparent proxies (#10162)
4 years ago
R.B. Boyer abc1dc0fe9
connect: update supported envoy versions to 1.18.2, 1.17.2, 1.16.3, and 1.15.4 (#10101)
4 years ago
R.B. Boyer 71d45a3460
Support Incremental xDS mode (#9855)
4 years ago
Freddy 078c40425f
Rename "cluster" config entry to "mesh" (#10127)
4 years ago
Freddy 55a3697b83
Merge pull request #9987 from hashicorp/remove-kube-dns-hack
4 years ago
freddygv 4e509aa768 Remove todo that was todone
4 years ago
freddygv 7bd51ff536 Replace TransparentProxy bool with ProxyMode
4 years ago
Iryna Shustava 5755c97bc7
cli: Add new `consul connect redirect-traffic` command for applying traffic redirection rules when Transparent Proxy is enabled. (#9910)
4 years ago
freddygv c6d64a8078 Stable sort cidr ranges to match on
4 years ago
freddygv 02f6768cd2 Remove kube-dns resolution since clusterip will be a tagged addr
4 years ago