Commit Graph

16651 Commits (b179f9fa91abc6db87c2f445cc8f5b266b39b0f1)

Author SHA1 Message Date
Daniel Nephin 7125fec346
Merge pull request #11221 from hashicorp/dnephin/acl-resolver-5
acl: extract a backend type for the ACLResolverBackend
2022-01-26 16:57:03 -05:00
Blake Covarrubias 2f291df412 docs: Clarify docs for providing multiple join addresses
Rephrase the comment about specifying multiple join addresses to
clarify that it pertains to joining a single cluster by attempting to
contact one or more nodes.
2022-01-26 13:11:51 -08:00
Michele Degges da46255723
Update Dockerfile
Co-authored-by: Evan Culver <eculver@users.noreply.github.com>
2022-01-26 11:24:56 -08:00
Daniel Nephin 3d657376e1
Merge pull request #11686 from hashicorp/dnephin/remove-demo
Remove demo directory
2022-01-26 13:58:56 -05:00
Luke Kysow 4df488b1d3
Update distributed-tracing.mdx with caveat on 128 bit IDs (#12196)
* Update distributed-tracing.mdx
2022-01-26 10:39:33 -08:00
David Yu f4df4c25f2
docs: iptables for TProxy requirement (#12180)
* docs: iptables

Add iptables requirement

* Update website/content/docs/connect/transparent-proxy.mdx

Co-authored-by: Kyle Schochenmaier <kschoche@gmail.com>

Co-authored-by: Kyle Schochenmaier <kschoche@gmail.com>
2022-01-26 10:18:31 -08:00
Dao Thanh Tung 759dd93544
URL-encode/decode resource names for HTTP API part 3 (#12103) 2022-01-26 13:12:42 -05:00
trujillo-adam 41709dcc29 trying to fix persistent formatting problems 2022-01-26 09:44:32 -08:00
Daniel Nephin 295ef2e023
Merge pull request #10578 from hashicorp/pairing/contrib-ca-docs
contrib: add first draft of Connect CA developer docs
2022-01-26 12:39:28 -05:00
trujillo-adam 52ac7657c7 fixed formattting issues 2022-01-26 09:32:47 -08:00
Daniel Nephin f9aef8018b Apply suggestions from code review
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
2022-01-26 12:24:13 -05:00
Daniel Nephin 737c0097e0 acl: extract a backend type for the ACLResolverBackend
This is a small step to isolate the functionality that is used for the
ACLResolver from the large Client and Server structs.
2022-01-26 12:24:10 -05:00
trujillo-adam 4c4a9f3e65 added GWclass and GWClassConfig 2022-01-26 09:23:10 -08:00
Daniel Nephin 2e2156a8bb contrib: add CA manager states diagram 2022-01-26 12:14:29 -05:00
Dhia Ayachi 28d4b2316a fix typo and add a TODO section for the remaining stuff 2022-01-26 12:14:29 -05:00
Dhia Ayachi b843a98890 Add sequence diagram for leader boot sequence 2022-01-26 12:14:29 -05:00
Dhia Ayachi fa833ac0f8 fix types and add reference to mesh and auto_config docs 2022-01-26 12:14:29 -05:00
Daniel Nephin 9a7a06f9f8 contrib: add CA operations 2022-01-26 12:14:29 -05:00
Daniel Nephin c5c5d7777c contrib: add description of cert relationship diagram
And links to code
2022-01-26 12:14:29 -05:00
Dhia Ayachi 440db2985a add HL diagram on the ca generation sequence 2022-01-26 12:14:29 -05:00
Daniel Nephin 79f4d53079 contrib: add first draft of Connect CA developer docs
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-01-26 12:14:29 -05:00
Matt Keeler 19a67d8768
Update telemetry page with advice for monitoring boltdb performance (#12141)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2022-01-26 11:51:19 -05:00
Blake Covarrubias a3ad4be429
docs: Add ingress TLS cipher and version documentation (#12163)
Document the new TLS cipher and version parameters that were added to
ingress gateways in #11576.

Co-authored-by: Mike Morris <mikemorris@users.noreply.github.com>
2022-01-26 08:12:12 -08:00
Michele Degges 987e9d3258 Remove trailing ,'s to keep commit history clean 2022-01-25 18:55:20 -08:00
Michele Degges ec3cf44240 Remove testing build trigger 2022-01-25 17:10:39 -08:00
Michele Degges 6600cf4787 Add docker target that pulls from releases.hashicorp.com 2022-01-25 17:09:42 -08:00
Michele Degges 3f894604bb Fix broken docker builds 2022-01-25 16:59:04 -08:00
David Yu b199b60ded
docs: Service Sync clarify requirements when using Service Mesh (#12177)
* docs: Service Sync clarify requirements when using Service Mesh

* replace with relative link
2022-01-25 15:02:19 -08:00
modrake 64e9e8a574
Merge pull request #12178 from hashicorp/RDX-205-add-netcgo-for-darwin-builds
RDX-205 add netcgo tag for darwin builds
2022-01-25 14:10:02 -08:00
R.B. Boyer d2c0945f52
xds: fix for delta xDS reconnect bug in LDS/CDS (#12174)
When a wildcard xDS type (LDS/CDS/SRDS) reconnects from a delta xDS stream,
prior to envoy `1.19.0` it would populate the `ResourceNamesSubscribe` field
with the full list of currently subscribed items, instead of simply omitting it
to infer that it wanted everything (which is what wildcard mode means).

This upstream issue was filed in envoyproxy/envoy#16063 and fixed in
envoyproxy/envoy#16153 which went out in Envoy `1.19.0` and is fixed in later
versions (later refactored in envoyproxy/envoy#16855).

This PR conditionally forces LDS/CDS to be wildcard-only even when the
connected Envoy requests a non-wildcard subscription, but only does so on
versions prior to `1.19.0`, as we should not need to do this on later versions.

This fixes the failure case as described here: #11833 (comment)

Co-authored-by: Huan Wang <fredwanghuan@gmail.com>
2022-01-25 11:24:27 -06:00
Chris S. Kim f5d816dace
Remove incorrect usage of url.PathEscape (#12184)
When r.toHTTP is called, http.Request is built with the path
already escaped. This removes all calls to url.PathEscape that
would have led to double-escaped URLs.
2022-01-25 12:15:06 -05:00
Morgan Drake 6eea2f2d48 add netcgo tag for darwin builds 2022-01-24 14:34:57 -08:00
Michele Degges d2f36651ab
Make systemd EnvironmentFile optional #12176 2022-01-24 12:47:43 -08:00
Michele Degges 81a79a3595 Adding changelog entry 2022-01-24 12:32:22 -08:00
Michele Degges 282b662641 Don't kill service if envfile isn't present 2022-01-24 12:13:14 -08:00
Michele Degges 7d4d7ab785 Merge branch 'main' of github.com:hashicorp/consul 2022-01-24 12:12:33 -08:00
Karl Cardenas ff80779d4b
added learn tutorial link 2022-01-24 11:33:08 -07:00
Karl Cardenas bd11a5fe13
updated introduction and service mesh styling 2022-01-24 11:25:49 -07:00
mrspanishviking 7baba1d05a
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-01-24 11:20:12 -07:00
Karl Cardenas 3a74ca5374
pushing up local changes 2022-01-24 11:18:37 -07:00
David Yu 6689425bec
docs: Admin Partitions K8s requirement update (#12173)
* docs: Admin Partitions K8s requirement update

* Update admin-partitions.mdx

* Update website/content/docs/enterprise/admin-partitions.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* extra space

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-24 09:04:02 -08:00
Michele Degges 0e37b28323
Add missing consul.env file for linux packaging (#12159) 2022-01-24 10:43:20 -05:00
mrspanishviking f3514d802b
Merge pull request #11980 from krastin/krastin/docsday-ui-viz
adding JSON examples to /docs/connect/observability/ui-visualization
2022-01-24 08:42:46 -07:00
Krastin Krastev 8abf4088c1 fixing K8s notes placement in /docs/connect/observability/ui-visualization 2022-01-24 16:35:18 +01:00
Dao Thanh Tung 6765c0d965
Add api changes to agent endpoint for part 2 (#12150) 2022-01-24 10:23:08 -05:00
Krastin Krastev 65d750a84d migrating <Tabs> to <CodeTabs> in /docs/connect/observability/ui-visualization 2022-01-24 16:10:03 +01:00
Daniel Nephin e134e43da6 acl: remove calls to ResolveIdentityFromToken
We already have an ACLResolveResult, so we can get the accessor ID from
it.
2022-01-22 15:05:42 -05:00
Daniel Nephin edca8d61a3 acl: remove ResolveTokenToIdentity
By exposing the AccessorID from the primary ResolveToken method we can
remove this duplication.
2022-01-22 14:47:59 -05:00
Daniel Nephin a5e8af79c3 acl: return a resposne from ResolveToken that includes the ACLIdentity
So that we can duplicate duplicate methods.
2022-01-22 14:33:09 -05:00
Daniel Nephin 8c9c48e219 acl: remove duplicate methods
Now that ACLResolver is embedded we don't need ResolveTokenToIdentity on
Client and Server.

Moving ResolveTokenAndDefaultMeta to ACLResolver removes the duplicate
implementation.
2022-01-22 14:12:08 -05:00