Commit Graph

2244 Commits (9e1aecc73cd9f3021293a3ccbd69142e857e65d8)

Author SHA1 Message Date
Iryna Shustava d7d44f6ae7
Save exposed ports in agent's store and expose them via API (#10173)
4 years ago
R.B. Boyer 3b50a55533
connect: update supported envoy versions to 1.18.3, 1.17.3, 1.16.4, and 1.15.5 (#10231)
4 years ago
Daniel Nephin 347f3d2128
Merge pull request #10155 from hashicorp/dnephin/config-entry-remove-fields
4 years ago
Mark Anderson 06f0f79218 Continue working through proxy and agent
4 years ago
Luke Kysow 8d6cbe7281
Give descriptive error if auth method not found (#10163)
4 years ago
Daniel Nephin a07a58a873 config-entry: use custom MarshalJSON for mesh type
4 years ago
Daniel Nephin 62efaaab21 config-entry: remove Kind and Name field from Mesh config entry
4 years ago
R.B. Boyer abc1dc0fe9
connect: update supported envoy versions to 1.18.2, 1.17.2, 1.16.3, and 1.15.4 (#10101)
4 years ago
R.B. Boyer 71d45a3460
Support Incremental xDS mode (#9855)
4 years ago
Iryna Shustava 8dffb89131
Implement traffic redirection exclusion based on proxy config and user-provided values (#10134)
4 years ago
Freddy 078c40425f
Rename "cluster" config entry to "mesh" (#10127)
4 years ago
Paul Banks c501468d78
Fix panic bug in snapshot inspect (#10091)
4 years ago
Paul Banks d717d2cdc4
CLI: Allow snapshot inspect to work on internal raft snapshots directly. (#10089)
4 years ago
R.B. Boyer 4db8b78854
connect: update centralized upstreams representation in service-defaults (#10015)
4 years ago
freddygv e1808af729 Fixup tests
4 years ago
freddygv 7cb3f32672 Convert new tproxy structs in api module into ptrs
4 years ago
freddygv 7bd51ff536 Replace TransparentProxy bool with ProxyMode
4 years ago
Iryna Shustava 5755c97bc7
cli: Add new `consul connect redirect-traffic` command for applying traffic redirection rules when Transparent Proxy is enabled. (#9910)
4 years ago
Freddy a02245b75a
Merge pull request #9976 from hashicorp/centralized-upstream-fixups
4 years ago
freddygv ab752c1c86 Avoid sending zero-value upstream defaults from api
4 years ago
R.B. Boyer 5bcfe930c6
command: when generating envoy bootstrap configs to stdout do not mix informational logs into the json (#9980)
4 years ago
R.B. Boyer 499fee73b3
connect: add toggle to globally disable wildcard outbound network access when transparent proxy is enabled (#9973)
4 years ago
Hans Hasselberg 53e9c134af
introduce certopts (#9606)
4 years ago
woz5999 39f448589d support env var expansion in envoy statsd urls
4 years ago
Freddy 8207b832df
Add TransparentProxy option to proxy definitions
4 years ago
Freddy c664938bae
Add per-upstream configuration to service-defaults
4 years ago
freddygv 8b46d8dcbb Restore old Envoy prefix on escape hatches
4 years ago
Kyle Havlovitz 1e87c7183a
Merge pull request #9672 from hashicorp/ca-force-skip-xc
4 years ago
freddygv 6fd30d0384 Add TransparentProxy opt to proxy definition
4 years ago
freddygv e3dc2a49df Turn Limits and PassiveHealthChecks into pointers
4 years ago
Kyle Havlovitz d62565f368
Merge pull request #9792 from dzeban/kv-import-prefix
4 years ago
freddygv 87cde19b4c Create new types for service-defaults upstream cfg
4 years ago
Nitya Dhanushkodi 15e8b13891
Add flags to consul connect envoy for metrics merging. (#9768)
4 years ago
R.B. Boyer 398b766532
xds: default to speaking xDS v3, but allow for v2 to be spoken upon request (#9658)
4 years ago
R.B. Boyer 3b6ffc447b
xds: remove deprecated usages of xDS (#9602)
4 years ago
Alex Dzyoba 098fd1797b command/kv: Add prefix option to kv import command
4 years ago
R.B. Boyer 6eeccc93ce
connect: update supported envoy point releases to 1.16.2, 1.15.3, 1.14.6, 1.13.7 (#9737)
4 years ago
Kyle Havlovitz 7dac583863 connect/ca: Allow ForceWithoutCrossSigning for all providers
4 years ago
Daniel Nephin 1dcafa51a4 config: make config.TestLoad_FullConfig use config.Load
4 years ago
Daniel Nephin 32d36d0dd4 config: replace calls to config.NewBuilder with config.Load
4 years ago
Daniel Nephin 97a577502d config: improve the interface of Load
4 years ago
Hans Hasselberg 444cdeb8fb
Add flags to support CA generation for Connect (#9585)
4 years ago
Daniel Nephin 3d39359bcb agent: move deprecated AddServiceFromSource to a test file
4 years ago
Daniel Nephin 6757231b82 agent: rename AddService->AddServiceFromSource
4 years ago
R.B. Boyer b5f9a293c9
chore: regenerate envoy golden files (#9634)
4 years ago
Matt Keeler 9215fc4e9d
Fix flaky CLI Intention Listing Test
4 years ago
Michael Hofer 3c3b67288d
cli: Add consul intention list command (based on PR #6825) (#9468)
4 years ago
Daniel Nephin b9e60c0775 testing: skip slow tests with -short
4 years ago
R.B. Boyer 7c7a3e5165
command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint (#9229)
4 years ago
Freddy fe728855ed
Add DC and NS support for Envoy metrics (#9207)
4 years ago
Mike Morris 7af643ac37
ci: update to Go 1.15.4 and alpine:3.12 (#9036)
4 years ago
Matt Keeler 7ef9b04f90
Add a CLI command for retrieving the autopilot configuration. (#9142)
4 years ago
Joel Watson 81fb937e4f
Merge pull request #9098 from hashicorp/watsonian/kv-size-breakdown
4 years ago
Joel Watson 182333b645 Fix some minor wording issues
4 years ago
Joel Watson 94689b6ecd Back out implicit -kvdetails functionality
4 years ago
Joel Watson 0d48559416 Length check is required here
4 years ago
Joel Watson 48a358df1b Remove trailing tabs from output
4 years ago
Joel Watson 491f2f0a57 Add more func comments
4 years ago
Joel Watson 99ec1febcc Move kvDetails default logic
4 years ago
Joel Watson ea804e57b4 Check for nil rather than length
4 years ago
Joel Watson 7aebd179de Update tests for new flag names
4 years ago
Joel Watson 40a8681816 Allow omission of -kvdetails if another -kv* flag is set
4 years ago
Joel Watson 1ef259b093 Rename params to better reflect their purpose
4 years ago
Joel Watson 5ad0db73c8 Make docs for params clearer
4 years ago
Joel Watson fbe8503258 Break KV portion of enchance into separate func
4 years ago
Joel Watson 5dd703a62a Move KV stat gen to separate func
4 years ago
Matt Keeler c048e86bb2
Switch to using the external autopilot module
4 years ago
Mike Morris 6396042ba7
connect: switch the default gateway port from 443 to 8443 (#9116)
4 years ago
R.B. Boyer 8baf158ea8
Revert "Add namespace support for metrics (OSS) (#9117)" (#9124)
4 years ago
Freddy 06b3b017d3
Add namespace support for metrics (OSS) (#9117)
4 years ago
Joel Watson aabb537aed Pull sorting into separate function
4 years ago
Joel Watson 3ee20d500a Refactor to reduce how many vars are being passed around
4 years ago
Joel Watson 1a50aa023a Fallback to alphabetic sorting if size is equal
4 years ago
Joel Watson be2a212d75 Add tests for new snapshot inspect flags
4 years ago
Joel Watson 5f5b49955c Update snapshot inspect formatter test
4 years ago
Joel Watson eafc593d0f Make key breakdown total size accurate
4 years ago
Joel Watson 4bf70dd857 Cleanup formatter
4 years ago
Joel Watson 208d6ebd95 Get JSON formatting working
4 years ago
Joel Watson e7a88d4a30 This ended up not being used.
4 years ago
Joel Watson 262fb3a0c3 Add snapshot inspect filter param
4 years ago
Joel Watson 10f325dc81 Initial stab at snapshot inspect key breakdown
4 years ago
s-christoff 79ce24e9fc
cli: Add JSON and Pretty Print formatting for `consul snapshot inspect` (#9006)
4 years ago
R.B. Boyer a2c50d3303
connect: add support for envoy 1.16.0, drop support for 1.12.x, and bump point releases as well (#8944)
4 years ago
s-christoff 9bb348c6c7
Enhance the output of consul snapshot inspect (#8787)
4 years ago
Blake Covarrubias 4c83ad3e02
doc: Update acl-method command example (#8845)
4 years ago
R.B. Boyer 9fbcb2e68d
command: remove conditional envoy bootstrap generation for versions <=1.10.0 since those are not supported (#8855)
4 years ago
Ryan Ooi 852896b068 add tailing backtick
4 years ago
Ryan Ooi c80b048111 Update acl-method command example
4 years ago
R.B. Boyer 1b413b0444
connect: support defining intentions using layer 7 criteria (#8839)
4 years ago
R.B. Boyer a2a8e9c783
connect: intentions are now managed as a new config entry kind "service-intentions" (#8834)
4 years ago
Hans Hasselberg ad4e189354
add -list-primary to `consul keyring` command (#8692)
4 years ago
Juliano Martinez 5ce309a2f7 remove nodeName call when using -service
4 years ago
freddygv 7b9d1b41d5 Resolve conflicts against master
4 years ago
freddygv 768dbaa68d Add session flag to cookie config
4 years ago
freddygv eab90ea9fa Revert EnvoyConfig nesting
4 years ago
Tim Arenz a1fe711390
Add support for -ca-path option in the connect envoy command (#8606)
4 years ago
Daniel Nephin 6ca45e1a61 agent: add apiServers type for managing HTTP servers
4 years ago
freddygv cf018cb2e0 Fixup stray LB infix refs
4 years ago
freddygv f81fe6a1a1 Remove LB infix and move injection to xds
4 years ago
R.B. Boyer 119e945c3e
connect: all config entries pick up a meta field (#8596)
4 years ago
freddygv 63f79e5f9b Restructure structs and other PR comments
4 years ago
Daniel Nephin e16375216d config: use logging.Config in RuntimeConfig
4 years ago
Daniel Nephin 33c401a16e logging: Setup accept io.Writer instead of []io.Writer
4 years ago
Daniel Nephin 5d4df54296 agent: extract dependency creation from New
4 years ago
Daniel Nephin 16217fe9b9 testing: use t.Cleanup in testutil.TempFile
4 years ago
Daniel Nephin d68edcecf4 testing: Remove all the defer os.Removeall
4 years ago
R.B. Boyer 397019d970
xds: revert setting set_node_on_first_message_only to true when generating envoy bootstrap config (#8440)
4 years ago
Daniel Nephin 0420d91cdd Remove LogOutput from Agent
4 years ago
R.B. Boyer c599a2f5f4
xds: add support for envoy 1.15.0 and drop support for 1.11.x (#8424)
4 years ago
Marc Billow 6960afdfe3 Simple tls cert create help text typo
4 years ago
Chris Piraino 7c4cc71131
Fix envoy bootstrap logic to not append multiple self_admin clusters (#8371)
4 years ago
Alvin Huang dd9f5928fc
add v to version pretty formatter (#8341)
4 years ago
Kit Patella 0fe7e987f0 command/kv: remove error case in put and edit error message for delete
4 years ago
Kit Patella f530fe558f command: fix cas put when index=0 and better errors in put and delete
4 years ago
Hans Hasselberg 496fb5fc5b
add support for envoy 1.14.4, 1.13.4, 1.12.6 (#8216)
4 years ago
Matt Keeler fb9517bae8
Merge pull request #8268 from hashicorp/feature/improved-version-output
4 years ago
R.B. Boyer 1eef096dfe
xds: version sniff envoy and switch regular expressions from 'regex' to 'safe_regex' on newer envoy versions (#8222)
4 years ago
Matt Keeler 680ac0c1c6
Add Revision to version CLI output and add JSON support
4 years ago
Chris Piraino ea683ebb6c
cli: Output message on success when writing/deleting entries (#7806)
4 years ago
R.B. Boyer 462f0f37ed
connect: various changes to make namespaces for intentions work more like for other subsystems (#8194)
4 years ago
Matt Keeler e2cfa93f02
Don’t leak metrics go routines in tests (#8182)
4 years ago
freddygv c791fbc79c Update namespaces subject-verb agreement
4 years ago
Matt Keeler d6e05482ab
Allow cancelling startup when performing auto-config (#8157)
5 years ago
Matt Keeler 3dbbd2d37d
Implement Client Agent Auto Config
5 years ago
Daniel Nephin 692a4a8fc8
Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file
5 years ago
Daniel Nephin be29d6bf75 config: warn when a config file is skipped
5 years ago
Daniel Nephin 068b43df90 Enable gofmt simplify
5 years ago
Matt Keeler d3881dd754
ACL Node Identities (#7970)
5 years ago
Daniel Nephin 219790ca49 config: Make ConfigFormat not a pointer
5 years ago
Daniel Nephin 77101eee82 config: rename Flags to BuilderOpts
5 years ago
Daniel Nephin 85e0338136 config: remove Args field from Flags
5 years ago
Hans Hasselberg e62a43c6cf
Support envoy 1.14.2, 1.13.2, 1.12.4 (#8057)
5 years ago
Kyle Havlovitz 6fd3b25313 Fix a CLI test failure with namespaces in enterprise
5 years ago
Kyle Havlovitz 0c8966220f
Merge pull request #8040 from hashicorp/ingress/expose-cli
5 years ago
Kyle Havlovitz e3a725c4e0 Always allow updating the exposed service and differentiate by namespace
5 years ago
Kyle Havlovitz edab5588d8 Add -host flag to expose command
5 years ago
Kyle Havlovitz 5958328552 Allow multiple listeners per service via expose command
5 years ago
Daniel Nephin 75cbbe2702 config: add HookWeakDecodeFromSlice
5 years ago
Kyle Havlovitz acae044df4 Document the namespace format for expose CLI command
5 years ago
Kyle Havlovitz b874c8ef0c Add connect expose CLI command
5 years ago
R.B. Boyer 4d083103e2
fix some flaky snapshot tests (#8015)
5 years ago
R.B. Boyer 833211c14c
acl: allow auth methods created in the primary datacenter to optionally create global tokens (#7899)
5 years ago
R.B. Boyer ffb9c7d6f7
acl: remove the deprecated `acl_enforce_version_8` option (#7991)
5 years ago
Jono Sosulska c554ba9e10
Replace whitelist/blacklist terminology with allowlist/denylist (#7971)
5 years ago
Daniel Nephin c88fae0aac ci: Add staticcheck and fix most errors
5 years ago
Daniel Nephin 6a2d7d77c0 config: use the new HookTranslateKeys instead of lib.TranslateKeys
5 years ago
Kyle Havlovitz b14696e32a
Standardize support for Tagged and BindAddresses in Ingress Gateways (#7924)
5 years ago
Daniel Nephin c662f0f0de Fix a number of problems found by staticcheck
5 years ago
Freddy ccd0822539
Use proxy-id in gateway auto-registration (#7845)
5 years ago
Daniel Nephin 600645b5f9 Add unconvert linter
5 years ago
R.B. Boyer 1efafd7523
acl: add auth method for JWTs (#7846)
5 years ago
R.B. Boyer 7414a3fa53
cli: ensure 'acl auth-method update' doesn't deep merge the Config field (#7839)
5 years ago
Kyle Havlovitz 136549205c
Merge pull request #7759 from hashicorp/ingress/tls-hosts
5 years ago
R.B. Boyer 82379779a2
cli: oss refactors to support making the auth method CLI aware of namespace rules in enterprise (#7812)
5 years ago
R.B. Boyer 56ea112908
test: make auth method cli crud test work in both oss and ent (#7800)
5 years ago
Chris Piraino 0c22eacca8 Add TLS field to ingress API structs
5 years ago
R.B. Boyer db870ba92b
test: make auth method cli crud test helper ignore the default namespace (#7799)
5 years ago
Chris Piraino f40833d094 Allow Hosts field to be set on an ingress config entry
5 years ago
Chris Piraino b73a13fc9e Remove service_subset field from ingress config entry
5 years ago
R.B. Boyer 22eb016153
acl: add MaxTokenTTL field to auth methods (#7779)
5 years ago
s-christoff f9956c1c46
cli: Add -config flag to "acl authmethod update/create" (#7776)
5 years ago
R.B. Boyer ca52ba7068
acl: add DisplayName field to auth methods (#7769)
5 years ago
Freddy 137a2c32c6
TLS Origination for Terminating Gateways (#7671)
5 years ago
R.B. Boyer b989967791
cli: ensure that 'snapshot save' is fsync safe and also only writes to the requested file on success (#7698)
5 years ago
R.B. Boyer 5f1518c37c
cli: fix usage of gzip.Reader to better detect corrupt snapshots during save/restore (#7697)
5 years ago
Chris Piraino 3d2de925d8
Add support for ingress-gateway in CLI command (#7618)
5 years ago
Daniel Nephin 25b585d0bf Fix golden file for envoy tests
5 years ago
Daniel Nephin 6b860c926f
Merge pull request #7608 from hashicorp/dnephin/grpc-default-scheme
5 years ago
Hans Hasselberg 66415be90e
connect: support envoy 1.14.1 (#7624)
5 years ago
Freddy aae14b3951
Add decode rules for Expose cfg in service-defaults (#7611)
5 years ago
Daniel Nephin 8b6861518f Fix CONSUL_HTTP_ADDR=https not enabling TLS
5 years ago
Daniel Nephin 0888c6575b Step 3: fix a bug in api.NewClient and fix the tests
5 years ago
Daniel Nephin 1a8ffec6a7 Step 2: extract the grpc address logic and a new type
5 years ago
Daniel Nephin 830b4a15f6 Step 1: move all the grpcAddr logic into the same spot
5 years ago
Freddy b61214ef24
Fix regression with gateway registration and update docs (#7582)
5 years ago
Daniel Nephin 0d8edc3e27
Merge pull request #7562 from hashicorp/dnephin/remove-tname-from-name
5 years ago
Daniel Nephin e759daafdd Rename NewTestAgentWithFields to StartTestAgent
5 years ago
Daniel Nephin f9f6b14533 Convert the remaining calls to NewTestAgentWithFields
5 years ago
Daniel Nephin 475659a132 Remove name from NewTestAgent
5 years ago
Freddy 90576060bc
Add config entry for terminating gateways (#7545)
5 years ago
Kyle Havlovitz c911174327
Add config entry/state for Ingress Gateways (#7483)
5 years ago
Daniel Nephin 09d0876b6c command: remove unused logOutput field
5 years ago
Matt Keeler 37694bbb9c
Add optional JSON format to the ACL CLI commands output (#7198)
5 years ago
Freddy 18d356899c
Enable CLI to register terminating gateways (#7500)
5 years ago
Artur Mullakhmetov 845b9c23fe Return error code in case of formatting failure.
5 years ago
Artur Mullakhmetov eab5b81d91 Add ACL CLI commands output format option.
5 years ago
Daniel Nephin e5d6273a48
command/envoy: Refactor flag parsing/validation (#7504)
5 years ago
Daniel Nephin a95974cf79 Remove unnecessary methods
5 years ago
Daniel Nephin 8df3746927 cmd: use env vars as defaults
5 years ago
Daniel Nephin 6e10616b13 Fix tests failing on master
5 years ago
Hans Hasselberg d5f4b8c3a3
envoy: default to 1.13.1 (#7452)
5 years ago
Hans Hasselberg bf6a91af94
docs: fix filenames (#7453)
5 years ago
Chris Piraino d3dd49b79c
Log "vew version available" message at info level (#7462)
5 years ago
R.B. Boyer dfe5ba134b
fix flaky TestCatalogListNodesCommand_verticalBar test (#7422)
5 years ago
R.B. Boyer 6adad71125
wan federation via mesh gateways (#6884)
5 years ago
Alex Dzyoba 4137d06f9f
command: change delim in columnize to funny node names (#6652)
5 years ago
Johannes Scheuermann f8ded993af
agent: log error when agent crashes in an early stage (#7411)
5 years ago
Chris Piraino d7fdb249fc
Fix -mesh-gateway flag help text (#7265)
5 years ago
Lars Lehtonen 26d706eecd
monitor: fix dropped error (#7206)
5 years ago
Hans Hasselberg 6739fe6e83
connect: add validations around intermediate cert ttl (#7213)
5 years ago