Commit Graph

222 Commits (eac9767c3d2fe8d91784638337f2226aa3f9995b)

Author SHA1 Message Date
Matt Keeler 118adbb123
ACL Token Persistence and Reloading (#5328)
6 years ago
Matt Keeler baa8946ea6
cache: Pass through wait query param to the cache.Get (#5203)
6 years ago
Grégoire Seux 4f62a3b528 Implement /v1/agent/health/service/<service name> endpoint (#3551)
6 years ago
Jack Pearkes a90c29e60d Doc changes for 1.4 Final (#4870)
6 years ago
Jack Pearkes 8c684db488 New command: consul debug (#4754)
6 years ago
Kyle Havlovitz c617326470 re-add Connect multi-dc config changes
6 years ago
Jack Pearkes 8bcfbaffb6 Revert "Connect multi-dc config" (#4784)
6 years ago
Aestek 25f04fbd21 [Security] Add finer control over script checks (#4715)
6 years ago
Kyle Havlovitz 56dc426227 agent: add primary_datacenter and connect replication config options
6 years ago
Paul Banks c9217c958e merge feedback: fix typos; actually use deliverLatest added previously but not plumbed in
6 years ago
Paul Banks 161482d2cd Fix up tests broken by master merge; add proxy tests to services command (and fix it!); actually run the proxycfg.Manager
6 years ago
Paul Banks dca1303d05 Connect Envoy Command (#4735)
6 years ago
Paul Banks e812f5516a Add -sidecar-for and new /agent/service/:service_id endpoint (#4691)
6 years ago
Paul Banks 1e7eace066 Add SidecarService Syntax sugar to Service Definition (#4686)
6 years ago
Paul Banks b83bbf248c Add Proxy Upstreams to Service Definition (#4639)
6 years ago
Paul O'Connor 6b7f03911e Fix prometheus error message (#4745)
6 years ago
Pierre Souchay 2fe728c7bd Ensure that Proxies ARE always cleaned up, event with DeregisterCriticalServiceAfter (#4649)
6 years ago
Pierre Souchay eddcf228ea Implementation of Weights Data structures (#4468)
6 years ago
Matt Keeler 870a6ad6a8
Handle resolving proxy tokens when parsing HTTP requests (#4453)
6 years ago
Matt Keeler 3fe5f566f2 Persist proxies from config files
6 years ago
Paul Banks 17789d4fe3 register TCP check for managed proxies
7 years ago
Paul Banks 420ae3df69 Limit proxy telemetry config to only be visible with authenticated with a proxy token
7 years ago
Paul Banks c6ef6a61c9 Refactor to use embedded struct.
7 years ago
Paul Banks 38405bd4a9 Allow user override of proxy telemetry config
7 years ago
Paul Banks 7649d630c6 Basic proxy telemetry working; not sure if it's too ugly; need to instrument things we care about
7 years ago
Paul Banks d83f2e8e21 Expose telemetry config from RuntimeConfig to proxy config endpoint
7 years ago
Paul Banks 43b48bc06b Get agent cache tests passing without global hit count (which is racy).
7 years ago
Mitchell Hashimoto e9e6514c9b agent: disallow deregistering a managed proxy directly
7 years ago
Mitchell Hashimoto 66a573e496 agent: deregister service deregisters the proxy along with it
7 years ago
Mitchell Hashimoto 0d6dcbd2f1 agent: disallow API registration with managed proxy if not enabled
7 years ago
Paul Banks e21723a891 Persist proxy state through agent restart
7 years ago
Mitchell Hashimoto eb2a6952ba
address comment feedback
7 years ago
Mitchell Hashimoto cd39f09693
agent: leaf endpoint accepts name, not service ID
7 years ago
Mitchell Hashimoto 1906fe1c0d
agent: address feedback
7 years ago
Mitchell Hashimoto 54ac5adb08
agent: comments to point to differing logic
7 years ago
Paul Banks c58d47ba59
Fix broken api test for service Meta (logical conflict rom OSS). Add test that would make this much easier to catch in future.
7 years ago
Paul Banks 4aeab3897c
Fixed many tests after rebase. Some still failing and seem unrelated to any connect changes.
7 years ago
Paul Banks 1722734313
Verify trust domain on /authorize calls
7 years ago
Mitchell Hashimoto e54e69d11f
agent: verify local proxy tokens for CA leaf + tests
7 years ago
Mitchell Hashimoto a099c27b07
agent: verify proxy token for ProxyConfig endpoint + tests
7 years ago
Mitchell Hashimoto 171bf8d599
agent: clean up defaulting of proxy configuration
7 years ago
Mitchell Hashimoto 3d3eee2f6e
agent: resolve some conflicts and fix tests
7 years ago
Paul Banks e0e12e165b
TLS watching integrated into Service with some basic tests.
7 years ago
Paul Banks 90c574ebaa
Wire up agent leaf endpoint to cache framework to support blocking.
7 years ago
Paul Banks cd88b2a351
Basic `watch` support for connect proxy config and certificate endpoints.
7 years ago
Mitchell Hashimoto 6c01e402e0
agent: augment /v1/connect/authorize to cache intentions
7 years ago
Mitchell Hashimoto 6902d721d6
agent: initialize the cache and cache the CA roots
7 years ago
Paul Banks 36dbd878c9
Adds `api` client code and tests for new Proxy Config endpoint, registering with proxy and seeing proxy config in /agent/services list.
7 years ago
Paul Banks 730da74369
Fix various test failures and vet warnings.
7 years ago
Paul Banks 1e72ad66f5
Refactor localBlockingQuery to use memdb.WatchSet. Much simpler and correct as a bonus!
7 years ago
Paul Banks d73f079d0f
Add X-Consul-ContentHash header; implement removing all proxies; add load/unload test.
7 years ago
Paul Banks 2a69663448
Agent Connect Proxy config endpoint with hash-based blocking
7 years ago
Paul Banks 3e3f0e1f31
HTTP agent registration allows proxy to be defined.
7 years ago
Mitchell Hashimoto 95da20ffd7
agent: rename authorize param ClientID to ClientCertURI
7 years ago
Mitchell Hashimoto 6e57233913
agent: add TODO for verification
7 years ago
Mitchell Hashimoto 5a47a53c70
acl: IntentionDefault => IntentionDefaultAllow
7 years ago
Mitchell Hashimoto ac72a0c5fd
agent: ACL checks for authorize, default behavior
7 years ago
Mitchell Hashimoto 6dc2db94ea
agent/structs: String format for Intention, used for logging
7 years ago
Mitchell Hashimoto fb7bccc690
agent: bolster commenting for clearer understandability
7 years ago
Mitchell Hashimoto 9a987d6452
agent: default deny on connect authorize endpoint
7 years ago
Mitchell Hashimoto 86a8ce45b9
agent: /v1/agent/connect/authorize is functional, with tests
7 years ago
Mitchell Hashimoto 70d1d5bf06
agent: get rid of method checks since they're done in the http layer
7 years ago
Mitchell Hashimoto d28ee70a56
agent: implement an always-200 authorize endpoint
7 years ago
Mitchell Hashimoto c2588262b7
agent: /v1/connect/ca/leaf/:service_id
7 years ago
Mitchell Hashimoto 578db06600
agent/consul: tests for CA endpoints
7 years ago
Mitchell Hashimoto e7536e5485
agent: /v1/connect/ca/roots
7 years ago
Mitchell Hashimoto 714026dfb7
agent: validate service entry on register
7 years ago
Paul Banks c8db140ff7
Merge pull request #4047 from pierresouchay/added_missing_meta_in_service_definition
7 years ago
Pierre Souchay 26388503e0 Removed Nanoseconds cast as requested by @banks
7 years ago
Pierre Souchay 62a68a008d Removed content negotiation of Prometheus as requested by @banks
7 years ago
Pierre Souchay c152cb7bdf Added Missing Service Meta synchronization and field
7 years ago
Pierre Souchay 27362320e8 Enable compression / automatic Mime-Type detection for Prometheus endpoint
7 years ago
Pierre Souchay 93a01b0949 Now use prometheus_retention_time > 0 to enable prometheus support
7 years ago
Pierre Souchay fd98fb1449 Added support exposing metrics in Prometheus format
7 years ago
Yoann 0f6e05d4c1 Add support for compression in http api
7 years ago
Preetha Appan c7581d68c6
Renames agent API layer for service metadata to "meta" for consistency
7 years ago
Preetha daa61c5803
Merge pull request #3881 from pierresouchay/service_metadata
7 years ago
Pierre Souchay 980189a33f Added validation of ServiceMeta in Catalog
7 years ago
Guido Iaquinti 8cd11d5888 Add package name to log output
7 years ago
Josh Soref 94835a2715 Spelling (#3958)
7 years ago
Preetha c87699abf2
Merge pull request #3885 from eddsteel/support-options-requests
7 years ago
Paul Banks de58eb1820
Fixes #3891: agent monitor no longer unresponsive before logs stream.
7 years ago
Edd Steel 77f19f7505
Support OPTIONS requests
7 years ago
Pierre Souchay b259b1609c Merge remote-tracking branch 'origin/master' into service_metadata
7 years ago
James Phillips c2a59f1e6c
Addresses additional state mutations.
7 years ago
James Phillips 1c6de1d623
Fixes all the racy output-side updates to tags.
7 years ago
Pierre Souchay 80dde5465b Added support for Service Metadata
7 years ago
James Phillips 93fd6bfeb4
Moves the coordinate fetch after the ACL check.
7 years ago
James Phillips 9509aa6c4b
Adds the NodeID field back to the /v1/agent/self Config block.
7 years ago
James Phillips 29367cd5ae
Moves ACL disabled response logic down into endpoints.
7 years ago
Frank Schroeder 8f145559d8
Decouple the code that executes checks from the agent
7 years ago
Frank Schroeder b803bf3091
local state: tests compile
7 years ago
Frank Schroeder 29e18c7494
agent: decouple anti-entropy from local state
7 years ago
Frank Schroeder 58b0e153f9
Revert "agent: decouple anti-entropy from local state"
7 years ago
Frank Schroeder 9ed4b2d631
Revert "local state: tests compile"
7 years ago
Frank Schroeder 1af52bf7be local state: tests compile
7 years ago
Frank Schroeder a842dc9c2b agent: decouple anti-entropy from local state
7 years ago
preetapan 77c972f594 Fixes agent error handling when check definition is invalid. Distingu… (#3560)
7 years ago
Frank Schröder 759ef8a1d4 config: add generic method to translate between CamelCase and snake_case (#3557)
7 years ago
Frank Schröder ce887a0c45 Provide stable config for agent/self (#3532)
7 years ago
Frank Schröder 21118cafeb Recursive sanitize (#3505)
7 years ago
Frank Schroeder 56e6439be9
fix data race
7 years ago
Frank Schröder 1e461110e6 agent: consolidate handling of 405 Method Not Allowed (#3405)
7 years ago
Preetha Appan d7e27e67c1 Introduce Code Policy validation via sentinel, with a noop implementation
7 years ago
Frank Schröder 12216583a1 New config parser, HCL support, multiple bind addrs (#3480)
7 years ago
James Phillips 67b19ac065
Allow _all for WAN as a no-op.
7 years ago
James Phillips 1a117ba0a8
Makes the all segments query explict, and the default for `consul members`.
7 years ago
Kyle Havlovitz 7e565d7338
Fix some inconsistencies with segment logic and comments
7 years ago
James Phillips b1a15e0c3d
Adds open source side of network segments (feature is Enterprise-only).
7 years ago
Frank Schroeder d8195b3a4d agent: drop status code comments
7 years ago
Frank Schroeder fa121be33f agent: use http.StatusMethodNotAllowed instead of 405
7 years ago
Frank Schroeder ad5c1d9e72 agent: use http.StatusNotFound instead of 404
7 years ago
Frank Schroeder 5d1546b052 agent: use http.StatusBadRequest instead of 400
7 years ago
Frank Schröder a3934c263c acl: consolidate error handling (#3401)
7 years ago
Frank Schroeder 1acff3533e
agent: move agent/consul/structs to agent/structs
7 years ago
Kyle Havlovitz c1c883f441
Add doc links for metrics endpoint
7 years ago
James Phillips 4bee2e49f5 Adds secure introduction for the ACL replication token. (#3357)
7 years ago
James Phillips c0a5ad7903 Adds a new /v1/acl/bootstrap API (#3349)
7 years ago
James Phillips 496b0bcf07 Adds support for agent-side ACL token management via API instead of config files. (#3324)
7 years ago
Frank Schroeder ea5b0f2c7c agent: fix 'consul leave' shutdown race (#2880)
8 years ago
Frank Schroeder c49a15d0f3 agent: move structs into consul/structs pkg
8 years ago
Frank Schroeder 1c75cf1af5 pkg refactor
8 years ago