Commit Graph

166 Commits (82b5b4cc9216cd3f2ad5ef05ad239ffa028282bb)

Author SHA1 Message Date
Matt Keeler 085c0addc0
Protobuf Refactoring for Multi-Module Cleanliness (#16302)
2 years ago
Andrew Stucki b3ddd4d24e
Inline API Gateway TLS cert code (#16295)
2 years ago
Thomas Eckert e81a0c2855
API Gateway to Ingress Gateway Snapshot Translation and Routes to Virtual Routers and Splitters (#16127)
2 years ago
Nathan Coleman 72a73661c9
Implement APIGateway proxycfg snapshot (#16194)
2 years ago
Nitya Dhanushkodi b8b37c2357
refactor: remove troubleshoot module dependency on consul top level module (#16162)
2 years ago
Nitya Dhanushkodi 8728a4496c
troubleshoot: service to service validation (#16096)
2 years ago
Derek Menteer 2facf50923
Fix configuration merging for implicit tproxy upstreams. (#16000)
2 years ago
Matt Keeler 5afd4657ec
Protobuf Modernization (#15949)
2 years ago
Eric Haberkorn 8d923c1789
Add the Lua Envoy extension (#15906)
2 years ago
Derek Menteer 1f7e7abeac
Fix issue with incorrect proxycfg watch on upstream peer-targets. (#15865)
2 years ago
Dan Stough b3bd3a6586
[OSS] feat: access logs for listeners and listener filters (#15864)
2 years ago
James Oulman 7e78fb7818
Add support for configuring Envoys route idle_timeout (#14340)
2 years ago
R.B. Boyer 300860412c
chore: update golangci-lint to v1.50.1 (#15022)
2 years ago
James Oulman b8bd7a3058
Configure Envoy alpn_protocols based on service protocol (#14356)
2 years ago
DanStough 77ab28c5c7 feat: xDS updates for peerings control plane through mesh gw
2 years ago
Freddy d9fe3578ac
Merge pull request #14734 from hashicorp/NET-643-update-mesh-gateway-envoy-config-for-inbound-peering-control-plane-traffic
2 years ago
freddygv b15d41534f Update xds generation for peering over mesh gws
2 years ago
Eric Haberkorn 6570d5f004
Enable outbound peered requests to go through local mesh gateway (#14763)
2 years ago
Derek Menteer aa4709ab74
Add envoy connection balancing. (#14616)
2 years ago
freddygv d818d7b096 Manage local server watches depending on mesh cfg
2 years ago
Eric Haberkorn aa8268e50c
Implement Cluster Peering Redirects (#14445)
2 years ago
Jorge Marey 3f3bb8831e Fix typos. Add test. Add documentation
2 years ago
Jorge Marey ed7b34128f Add new tracing configuration
2 years ago
cskh 41aea65214
Fix: the inboundconnection limit filter should be placed in front of http co… (#14325)
2 years ago
Dhia Ayachi 6fd65a4a45
Tgtwy egress HTTP support (#13953)
2 years ago
Chris S. Kim 8ed49ea4d0
Update envoy metrics label extraction for peered clusters and listeners (#13818)
2 years ago
DanStough 2da8949d78 feat: convert destination address to slice
2 years ago
Chris S. Kim 495936300e
Make envoy resources for inferred peered upstreams (#13758)
2 years ago
Dan Stough 49f3dadb8f feat: connect proxy xDS for destinations
2 years ago
Chris S. Kim f56810132f Check if an upstream is implicit from either intentions or peered services
2 years ago
R.B. Boyer 31b95c747b
xds: modify rbac rules to use the XFCC header for peered L7 enforcement (#13629)
2 years ago
R.B. Boyer de0f9ac519
xds: have mesh gateways forward peered SpiffeIDs using the XFCC header (#13625)
2 years ago
R.B. Boyer 1a9c86ea8f
xds: mesh gateways now correctly load up peer-exported discovery chains using L7 protocols (#13624)
2 years ago
Chris S. Kim fb5eb20563
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508)
2 years ago
DanStough 4b402e3119 feat: tgtwy xDS generation for destinations
2 years ago
R.B. Boyer 201d1458c3
xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460)
2 years ago
Chris S. Kim a02e9abcc1
Update RBAC to handle imported services (#13404)
2 years ago
R.B. Boyer ab758b7b32
peering: allow mesh gateways to proxy L4 peered traffic (#13339)
3 years ago
Dan Upton b168424398
xds: remove HTTPCheckFetcher dependency (#13366)
3 years ago
R.B. Boyer 019aeaa57d
peering: update how cross-peer upstreams and represented in proxycfg and rendered in xds (#13362)
3 years ago
Freddy a09c776645 Update public listener with SPIFFE Validator
3 years ago
Freddy 74ca6406ea
Configure upstream TLS context with peer root certs (#13321)
3 years ago
Kyle Havlovitz f2fbe8aec9 Fix proto lint errors after version bump
3 years ago
Kyle Havlovitz 4bc6c23357 Add connection limit setting to service defaults
3 years ago
Mark Anderson 863bc16530 Change to use APPEND_FORWARD for terminating gateway
3 years ago
Mark Anderson 28b4b3a85d Add x-forwarded-client-cert headers
3 years ago
Evan Culver 000d0621b4
connect: Add Envoy 1.22 to integration tests, remove Envoy 1.18 (#12805)
3 years ago
Mark Anderson 98a2e282be Fixup acl.EnterpriseMeta
3 years ago
R.B. Boyer e79ce8ab03
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
3 years ago
R.B. Boyer ac5bea862a
server: ensure that service-defaults meta is incorporated into the discovery chain response (#12511)
3 years ago