Paul Banks
3a6024e1b0
Fix merge error
2018-06-25 12:25:40 -07:00
Paul Banks
280f14d64c
Make proxy only listen after initial certs are fetched
2018-06-25 12:25:40 -07:00
Paul Banks
c6ef6a61c9
Refactor to use embedded struct.
2018-06-25 12:25:39 -07:00
Paul Banks
32f362bad9
StartupTelemetry => InitTelemetry
2018-06-25 12:25:39 -07:00
Paul Banks
96c416012e
Misc rebase and test fixes
2018-06-25 12:25:38 -07:00
Paul Banks
dc260f42fa
Basic proxy active conns and bandwidth telemetry
2018-06-25 12:25:38 -07:00
Paul Banks
c08b6f6fec
Add accessor and helpers to SDK for fetching self-name and client service ID
2018-06-25 12:25:38 -07:00
Paul Banks
7649d630c6
Basic proxy telemetry working; not sure if it's too ugly; need to instrument things we care about
2018-06-25 12:25:38 -07:00
Paul Banks
d83f2e8e21
Expose telemetry config from RuntimeConfig to proxy config endpoint
2018-06-25 12:25:38 -07:00
Paul Banks
01fefd3d92
Return defensive error if API response is jank
2018-06-25 12:25:10 -07:00
Paul Banks
e7a345cb9a
Refactor resolver logic to be clearer
2018-06-25 12:25:10 -07:00
Paul Banks
41a29a469e
Fix roots race with CA setup hammering bug and defensive nil check hit during obscure upgrade scenario
2018-06-25 12:25:10 -07:00
Paul Banks
541cbae5f5
More misc comment cleanup
2018-06-25 12:24:17 -07:00
Paul Banks
0824d1df5f
Misc comment cleanups
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
77a8003475
api: change Connect to a query option
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
8d66d1045a
connect: remove old unused code
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
e587b7c161
connect: support prepared query resolution
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
7a4463013d
connect: resolver works with native services
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
11f57ed4f4
connect/proxy: remove dev CA settings
2018-06-14 09:42:22 -07:00
Mitchell Hashimoto
ec4e600aeb
connect/proxy: add a full proxy test, parallel
2018-06-14 09:42:21 -07:00
Mitchell Hashimoto
baa551355e
connect/proxy: don't start public listener if 0 port
2018-06-14 09:42:21 -07:00
Mitchell Hashimoto
0487cacd10
connect/proxy: use the right variable for loading the new service
2018-06-14 09:42:20 -07:00
Mitchell Hashimoto
8c713e6104
connect/proxy: don't require proxy ID
2018-06-14 09:42:20 -07:00
Paul Banks
f6673ce164
Make Service logger log to right place again
2018-06-14 09:42:17 -07:00
Paul Banks
0bfffc92f2
Make connect client resolver resolve trust domain properly
2018-06-14 09:42:17 -07:00
Paul Banks
4aeab3897c
Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes.
2018-06-14 09:42:16 -07:00
Mitchell Hashimoto
867db89303
command/connect/proxy: set proxy ID from env var if set
2018-06-14 09:42:14 -07:00
Paul Banks
e0e12e165b
TLS watching integrated into Service with some basic tests.
...
There are also a lot of small bug fixes found when testing lots of things end-to-end for the first time and some cleanup now it's integrated with real CA code.
2018-06-14 09:42:07 -07:00
Paul Banks
d1f4ad3d8a
Fix build error introduced in bad merge of TLS stuff
2018-06-14 09:42:07 -07:00
Paul Banks
67af5c740b
Add TODO for false-sharing
2018-06-14 09:42:07 -07:00
Paul Banks
e112386426
Add support for measuring tx/rx packets through proxied connections.
2018-06-14 09:42:06 -07:00
Paul Banks
946e872f2f
Fix tests and listeners to work with Config changes (splitting host and port fields)
2018-06-14 09:42:05 -07:00
Paul Banks
e8c510332c
Support legacy watch.HandlerFunc type for backward compat reduces impact of change
2018-06-14 09:42:05 -07:00
Paul Banks
ab3df3d4a6
Working proxy config reload tests
2018-06-14 09:42:05 -07:00
Paul Banks
cd88b2a351
Basic `watch` support for connect proxy config and certificate endpoints.
...
- Includes some bug fixes for previous `api` work and `agent` that weren't tested
- Needed somewhat pervasive changes to support hash based blocking - some TODOs left in our watch toolchain that will explicitly fail on hash-based watches.
- Integration into `connect` is partially done here but still WIP
2018-06-14 09:42:05 -07:00
Paul Banks
5310561c11
Refactor reloadableTLSConfig and verifyier shenanigans into simpler dynamicTLSConfig
2018-06-14 09:42:05 -07:00
Paul Banks
e00ca9a7b7
Connect verification and AuthZ
2018-06-14 09:42:05 -07:00
Paul Banks
18a34c6836
Fix racy connect network tests that always fail in Docker due to listen races
2018-06-14 09:42:04 -07:00
Paul Banks
730da74369
Fix various test failures and vet warnings.
...
Intention de-duplication in previously merged PR actualy failed some tests that were not caught be me or CI. I ran the test files for state changes but they happened not to trigger this case so I made sure they did first and then fixed. That fixed some upstream intention endpoint tests that I'd not run as part of testing the previous fix.
2018-06-14 09:41:58 -07:00
Paul Banks
10db79c8ae
Rework connect/proxy and command/connect/proxy. End to end demo working again
2018-06-14 09:41:57 -07:00
Paul Banks
aa19be4651
Remove old connect client and proxy implementation
2018-06-14 09:41:56 -07:00
Paul Banks
26e65f6bfd
connect.Service based implementation after review feedback.
2018-06-14 09:41:56 -07:00
Paul Banks
69d5efdbbd
Original proxy and connect.Client implementation. Working end to end.
2018-06-14 09:41:56 -07:00
Mitchell Hashimoto
f4ec28bfe3
agent/consul: basic sign endpoint not tested yet
2018-06-14 09:41:51 -07:00
Mitchell Hashimoto
7349c94c23
connect: create connect package for helpers
2018-06-14 09:41:50 -07:00