Commit Graph

1465 Commits (f452de1c5049a838fd62fe7dfb5a0624387475dd)

Author SHA1 Message Date
Kyle Havlovitz 21380021af txn: update existing txn api docs with new operations
6 years ago
Matt Keeler 1ec5f2a27f
Store leaf cert indexes in raft and use for the ModifyIndex on the returned certs (#5211)
6 years ago
Aestek 4afbe792df Improve blocking queries on services that do not exist (#4810)
6 years ago
Matt Keeler baa8946ea6
cache: Pass through wait query param to the cache.Get (#5203)
6 years ago
Aestek c043de5381 [Security] Allow blocking Write endpoints on Agent using Network Addresses (#4719)
6 years ago
Matt Keeler 1048f3d5e7
acl: Prevent tokens from deleting themselves (#5210)
6 years ago
Paul Banks 0638e09b6e
connect: agent leaf cert caching improvements (#5091)
6 years ago
Kyle Havlovitz c07c5446a8 txn: clean up some state store/acl code
6 years ago
Hans Hasselberg 067027230b
connect: add tls config for vault connect ca provider (#5125)
6 years ago
Alejandro Guirao Rodríguez 9f33353c14 agent/config: Fix typo in comment (#5202)
6 years ago
Paul Banks bb7145f27d
agent: add default weights to service in local state to prevent AE churn (#5126)
6 years ago
Paul Banks 0589525ae9
agent: Don't leave old errors around in cache (#5094)
6 years ago
Pierre Souchay ae7f88f995 Avoid to have infinite recursion in DNS lookups when resolving CNAMEs (#4918)
6 years ago
Paul Banks b29bc906ee
bugfix: use ServiceTags to generate cache key hash (#4987)
6 years ago
Aestek 8709213d6e Prevent status flap when re-registering a check (#4904)
6 years ago
Mitchell Hashimoto f76022fa63 CA Provider Plugins (#4751)
6 years ago
Grégoire Seux 4f62a3b528 Implement /v1/agent/health/service/<service name> endpoint (#3551)
6 years ago
Aestek 5960974db1 [Fix] Services sometimes not being synced with acl_enforce_version_8 = false (#4771)
6 years ago
Hans Hasselberg 0b4a879203
ui: serve /robots.txt when UI is enabled. (#5089)
6 years ago
Kyle Havlovitz 995e728ea0 txn: fix an issue with querying nodes by name instead of ID
6 years ago
Pierre Souchay f4dc8b42e0 [Travis][UnstableTests] Fixed unstable tests in travis (#5013)
6 years ago
Kyle Havlovitz 67bac7a815 api: add support for new txn operations
6 years ago
Kyle Havlovitz de4dbf583e txn: add tests for RPC endpoint
6 years ago
Kyle Havlovitz 6a512e5c0f txn: add ACL enforcement/validation to new txn ops
6 years ago
Kyle Havlovitz 9467067432 state: add tests for new txn ops
6 years ago
Kyle Havlovitz 7759e9ea8b txn: add service operations
6 years ago
Kyle Havlovitz ab58986ac3 txn: add node operations
6 years ago
Kyle Havlovitz 01e1b5b1df txn: add pre-check operations to txn endpoint
6 years ago
Kyle Havlovitz b371ea8783 Add check operations to transaction api
6 years ago
Kyle Havlovitz c7e0d3b919
Merge pull request #5061 from hashicorp/blank-ca-fix
6 years ago
Kyle Havlovitz 4f2715d4e2 connect/ca: prevent blank CA config in snapshot
6 years ago
Jack Pearkes b64e8b262f
Documentation and changes for `verify_server_hostname` (#5069)
6 years ago
R.B. Boyer c1eccfd1db
agent: remove some stray fmt.Print* calls (#5015)
6 years ago
Pierre Souchay c5ae9caa28 Fixed another list of unstable unit tests in travis (#4915)
6 years ago
banks 0bddfa23a2
Release v1.4.0
6 years ago
Kyle Havlovitz 76f102a1e0
Merge pull request #4952 from hashicorp/test-version
6 years ago
R.B. Boyer 934fae659f
acl: add stub hooks to support some plumbing in enterprise (#4951)
6 years ago
Kyle Havlovitz 269354c61d
oss: bump test server version to 1.4.0
6 years ago
Aestek 4942e66440 Fix catalog tag filter backward compat (#4944)
6 years ago
Jack Pearkes a90c29e60d Doc changes for 1.4 Final (#4870)
6 years ago
Paul Banks 54c2ff6aca
connect: remove additional trust-domain validation (#4934)
6 years ago
Kyle Havlovitz 4a73a59d70
Merge pull request #4917 from hashicorp/replication-token-cleanup
6 years ago
Kyle Havlovitz 972177071d update non-voting server test to fix enterprise diff
6 years ago
Kyle Havlovitz 643bd13aed oss: do a proper check-and-set on the CA roots/config fsm operation
6 years ago
R.B. Boyer e30cc73b1d
Update agent tests to wait a bit longer for the /v1/agent/self endpoint (#4937)
6 years ago
R.B. Boyer 2afc2a3c3b
acl: fixes ACL replication for legacy tokens without AccessorIDs (#4885)
6 years ago
Kyle Havlovitz e8dd89359a
agent: fix formatting
6 years ago
Kyle Havlovitz 62691ebc82
config: remote connect replication_token
6 years ago
R.B. Boyer 9211d2701d
fix comment typos (#4890)
6 years ago
Kyle Havlovitz 8337e3d8c0
Merge pull request #4872 from hashicorp/node-snapshot-fix
6 years ago
Matt Keeler db2cf01406 Adds documentation for the new ACL APIs (#4851)
6 years ago
Matt Keeler f9cf0eb36e Remaining ACL Unit Tests (#4852)
6 years ago
Kyle Havlovitz bd6d0e598f fsm: update snapshot/restore test to include ID and datacenter
6 years ago
Kyle Havlovitz 6483356329 fsm: add missing ID/datacenter to persistNodes
6 years ago
Matt Keeler d238cb181c
New ACL API Tests (#4848)
6 years ago
Matt Keeler 790cf90ee5
Fix the NonVoter Bootstrap test (#4786)
6 years ago
banks 1757fbc0aa
Release v1.4.0-rc1
6 years ago
Kyle Havlovitz 819566f6b7 fsm: add Intention operations to transactions for internal use
6 years ago
Matt Keeler 34b53e7099 A few misc fixes found by go vet
6 years ago
Matt Keeler 18b29c45c4
New ACLs (#4791)
6 years ago
Pierre Souchay fab55bee2b dns: implements prefix lookups for DNS TTL (#4605)
6 years ago
Jack Pearkes 8c684db488 New command: consul debug (#4754)
6 years ago
Kyle Havlovitz c617326470 re-add Connect multi-dc config changes
6 years ago
R.B. Boyer 307d91934c
fix some test hangs (#4785)
6 years ago
banks 469768ae39 Release v1.3.0
6 years ago
Jack Pearkes 8bcfbaffb6 Revert "Connect multi-dc config" (#4784)
6 years ago
Aestek 25f04fbd21 [Security] Add finer control over script checks (#4715)
6 years ago
Paul Banks 298af6dca7
Quick fix for cache age flakiness in CI
6 years ago
Rebecca Zanzig 34e5516834 Support multiple tags for health and catalog http api endpoints (#4717)
6 years ago
Pierre Souchay 51b33ef015 [Performance On Large clusters] Reduce updates on large services (#4720)
6 years ago
Paul Banks 51c0001aad
[WIP] Initial draft of Sidecar Service and Managed Proxy deprecation docs (#4752)
6 years ago
Pierre Souchay 251156eb68 Added SOA configuration for DNS settings. (#4714)
6 years ago
Kyle Havlovitz e4349c5710 connect/ca: more OSS split for multi-dc
6 years ago
Kyle Havlovitz 0da4f2b2e8 connect/ca: split CA initialization logic between oss/enterprise
6 years ago
Kyle Havlovitz 56dc426227 agent: add primary_datacenter and connect replication config options
6 years ago
Kyle Havlovitz 98d95cfa80 connect: add ExternalTrustDomain to CARoot fields
6 years ago
Kyle Havlovitz 46c829b879 docs: deprecate acl_datacenter and replace it with primary_datacenter
6 years ago
Paul Banks c9217c958e merge feedback: fix typos; actually use deliverLatest added previously but not plumbed in
6 years ago
Paul Banks 161482d2cd Fix up tests broken by master merge; add proxy tests to services command (and fix it!); actually run the proxycfg.Manager
6 years ago
Paul Banks a28e4a33b2 Fix bug in leaf-cert cache type where multiple client tokens collide (#4736)
6 years ago
Paul Banks dca1303d05 Connect Envoy Command (#4735)
6 years ago
Paul Banks 1909a95118 xDS Server Implementation (#4731)
6 years ago
Paul Banks 8336b5e6b9 XDS Server Config (#4730)
6 years ago
Paul Banks 0f27ffd163 Proxy Config Manager (#4729)
6 years ago
Paul Banks 96b9b95a19 Add cache.Notify to abstract watching for cache updates for types that support blocking semantics. (#4695)
6 years ago
Paul Banks e812f5516a Add -sidecar-for and new /agent/service/:service_id endpoint (#4691)
6 years ago
Paul Banks 1e7eace066 Add SidecarService Syntax sugar to Service Definition (#4686)
6 years ago
Paul Banks b83bbf248c Add Proxy Upstreams to Service Definition (#4639)
6 years ago
Paul Banks b06ddc9187 Rename proxy package (re-run of #4550) (#4638)
6 years ago
Paul Banks 88388d760d Support Agent Caching for Service Discovery Results (#4541)
6 years ago
Igal Shprincis e1fe3af37f watch: don't set TLSConfig.Address explicitly (#4727)
6 years ago
Paul Banks e8ba527f23
Add a Close method to cache that stops background goroutines. (#4746)
6 years ago
Paul O'Connor 6b7f03911e Fix prometheus error message (#4745)
6 years ago
R.B. Boyer 491826ddbc
cli: forward SIGTERM to child process of 'lock' and 'watch' subcommands (#4737)
6 years ago
Alex Dadgar 43d0f96c42 do not bootstrap with non voters
6 years ago
Kyle Havlovitz 57deb28ade connect/ca: tighten up the intermediate signing verification
6 years ago
Kyle Havlovitz 2919519665 connect/ca: add intermediate functions to Vault ca provider
6 years ago
Kyle Havlovitz 52e8652ac5 connect/ca: add intermediate functions to Consul CA provider
6 years ago
Kyle Havlovitz d515d25856
Merge pull request #4644 from hashicorp/ca-refactor
6 years ago
mkeeler 48d287ef69
Release v1.2.3
6 years ago
Paul Banks 74f2a80a42
Fix CA pruning when CA config uses string durations. (#4669)
6 years ago
Hans Hasselberg 8e235a72b4
Allow disabling the HTTP API again. (#4655)
6 years ago
Kyle Havlovitz 5c7fbc284d connect/ca: hash the consul provider ID and include isRoot
6 years ago
Pierre Souchay 1a906ef34e Fix more unstable tests in agent and command
6 years ago
Kyle Havlovitz c112a72880
connect/ca: some cleanup and reorganizing of the new methods
6 years ago
Pierre Souchay 2fe728c7bd Ensure that Proxies ARE always cleaned up, event with DeregisterCriticalServiceAfter (#4649)
6 years ago
Matt Keeler d3ee66eed4
Add ECS option to EDNS responses where appropriate (#4647)
6 years ago
Pierre Souchay 22500f242e Fix unstable tests in agent, api, and command/watch
6 years ago
Mitchell Hashimoto 49b165965d
Merge pull request #4642 from hashicorp/f-ui-meta
6 years ago
Mitchell Hashimoto b95348c4b1
agent: ExternalSources instead of Meta
6 years ago
Matt Keeler cc8327ed9a
Ensure that errors setting up the DNS servers get propagated back to the shell (#4598)
6 years ago
Pierre Souchay eddcf228ea Implementation of Weights Data structures (#4468)
6 years ago
Kyle Havlovitz 546bdf8663
connect/ca: add Configure/GenerateRoot to provider interface
6 years ago
Mitchell Hashimoto e9ea190df0
agent: aggregate service instance meta for UI purposes
6 years ago
Mitchell Hashimoto 99eb154f6f
agent: configure k8s go-discover
6 years ago
Martin feb3ce4ee0 Use target service name instead of ID as connect proxy service name (#4620)
6 years ago
Pierre Souchay 9a2ae6e8eb Fixed more flaky tests in ./agent/consul (#4617)
6 years ago
Pierre Souchay 92acdaa94c Fixed flaky tests (#4626)
6 years ago
Siva Prasad ca35d04472
Adds a new command line flag -log-file for file based logging. (#4581)
6 years ago
Freddy d7a404f2ee
Bugfix: Use "%#v" when formatting structs (#4600)
6 years ago
Siva Prasad b1a34f899f
TestAgentAntiEntropy: Wait until Consul service is up on the agent. (#4591)
6 years ago
Pierre Souchay 5e0218ccf4 Fix unit test TestOperatorAutopilotGetConfigCommand (#4594)
6 years ago
Pierre Souchay aea31d3c5d Fixed unstable test TestUiNodeInfo (#4586)
6 years ago
Pierre Souchay b898131723 [BUGFIX] Avoid returning empty data on startup of a non-leader server (#4554)
6 years ago
Miroslav Bagljas 3c23979afd Fixes #4483: Add support for Authorization: Bearer token Header (#4502)
6 years ago
Matt Keeler e81c85c051
Fix #4515: Segfault when serf_wan port was -1 but reconnect_time_wan was set (#4531)
6 years ago
Kyle Havlovitz e5e1f867e5
Merge branch 'master' into ca-snapshot-fix
6 years ago
Kyle Havlovitz f186edc42c
fsm: add connect service config to snapshot/restore test
6 years ago
nickmy9729 beddf03b26 Added code to allow snapshot inclusion of NodeMeta (#4527)
6 years ago
Kyle Havlovitz b51d76f469
fsm: add missing CA config to snapshot/restore logic
6 years ago
Kyle Havlovitz 4b35d877ca
autopilot: don't follow the normal server removal rules for nonvoters
6 years ago
Kyle Havlovitz ea14482376
Fix stats fetcher healthcheck RPCs not being independent
6 years ago
Pierre Souchay 0d6de257a2 Display more information about check being not properly added when it fails (#4405)
6 years ago
Freddy 6d43d24edb
Improve reliability of tests with TestAgent (#4525)
6 years ago
Pierre Souchay ef3b81ab13 Allow to rename nodes with IDs, will fix #3974 and #4413 (#4415)
6 years ago
Siva Prasad c88900aaa9
PR to fix TestAgent_IndexChurn and TestPreparedQuery_Wrapper. (#4512)
6 years ago
Armon Dadgar 4f1fd34e9e consul: Update buffer sizes
6 years ago
Siva Prasad 288d350a73
Revert "CA initialization while boostrapping and TestLeader_ChangeServerID fix." (#4497)
6 years ago
Pierre Souchay cec5d72396 BUGFIX: Unit test relying on WaitForLeader() did not work due to wrong test (#4472)
6 years ago
Siva Prasad 589b589b53
CA initialization while boostrapping and TestLeader_ChangeServerID fix. (#4493)
6 years ago
Siva Prasad 865068a358
DNS : Fixes recursors answering the DNS query to properly return the correct response. (#4461)
6 years ago
Paul Banks 71dd3b408a
Fixes memory leak when blocking on /event/list (#4482)
6 years ago
mkeeler e716d1b5f8
Release v1.2.2
6 years ago
Matt Keeler 870a6ad6a8
Handle resolving proxy tokens when parsing HTTP requests (#4453)
6 years ago
Matt Keeler 0e0227792b
Gossip tuneables (#4444)
6 years ago
Kyle Havlovitz fa0d8aff33
fix inconsistency in TestConnectCAConfig_GetSet
6 years ago
Paul Banks 8dd50d5b2d
Add config option to disable HTTP printable char path check (#4442)
6 years ago
Kyle Havlovitz ed87949385
Merge pull request #4400 from hashicorp/leaf-cert-ttl
6 years ago
Kyle Havlovitz f67a4d59c0
connect/ca: simplify passing of leaf cert TTL
6 years ago
Siva Prasad f4a1c381a5 Vendoring update for go-discover. (#4412)
6 years ago
Paul Banks 8cbeb29e73
Fixes #4421: General solution to stop blocking queries with index 0 (#4437)
6 years ago
Paul Banks 5635227fa6
Allow config-file based Service Definitions for unmanaged proxies and Connect-natice apps. (#4443)
6 years ago
Paul Banks d5e934f9ff
Ooops that was meant to be to a branch no master... EMORECOFFEE
6 years ago
Paul Banks eebe45a47b
Add config option to disable HTTP printable char path check
6 years ago
Paul Banks e954450dec
Merge pull request #4353 from azam/add-serf-lan-wan-port-args
6 years ago
Kyle Havlovitz ce10de036e
connect/ca: check LeafCertTTL when rotating expired roots
6 years ago
Mitchell Hashimoto 7fa6bb022f
Merge pull request #4320 from hashicorp/f-alias-check
6 years ago
azam 342bcb1c24 Make Serf LAN & WAN port configurable from CLI
6 years ago
Mitchell Hashimoto b3854fdd28
agent/local: silly spacing on select statements
6 years ago
Mitchell Hashimoto 8c72bb0cdf
agent/local: address remaining test feedback
6 years ago
Matt Keeler 560c9c26f7 Use the agent logger instead of log module
6 years ago
Matt Keeler ca5851318d Update a couple erroneous tests.
6 years ago
Mitchell Hashimoto 9f128e40d6
agent/local: don't use time.After in test since notify is instant
6 years ago
Matt Keeler 3fe5f566f2 Persist proxies from config files
6 years ago
Kyle Havlovitz d6ca015a42
connect/ca: add configurable leaf cert TTL
6 years ago
Matt Keeler c891e264ca Fix issue with choosing a client addr that is 0.0.0.0 or ::
6 years ago
Mitchell Hashimoto 9a90400821
agent/checks: prevent overflow of backoff
6 years ago
Mitchell Hashimoto d6ecd97d1d
agent: use the correct ACL token for alias checks
6 years ago
Mitchell Hashimoto f97bfd5be8
agent: address some basic feedback
6 years ago
Mitchell Hashimoto 19ced12668
agent: alias checks have no interval
6 years ago
Mitchell Hashimoto 5bc27feb0b
agent/structs: check is alias if node is empty
6 years ago
Mitchell Hashimoto 36e330941a
agent/checks: support node-only checks
6 years ago
Mitchell Hashimoto 1e9233eec1
agent/checks: set critical if RPC fails
6 years ago
Mitchell Hashimoto e9914ee71c
agent/checks: use local state for local services
6 years ago
Mitchell Hashimoto 7543d270e2
agent/local: support local alias checks
6 years ago
Mitchell Hashimoto 4a67beb734
agent: run alias checks
6 years ago
Mitchell Hashimoto 60c75b88da
agent/checks: reflect node failure as alias check failure
6 years ago
Mitchell Hashimoto f0658a0ede
agent/config: support configuring alias check
6 years ago
Mitchell Hashimoto 632e4a2c69
agent/checks: add Alias check type
6 years ago
mkeeler 39f93f011e
Release v1.2.1
6 years ago
Matt Keeler 63d5c069fc
Merge pull request #4379 from hashicorp/persist-intermediates
6 years ago
Paul Banks 9015cd62ab
Merge pull request #4381 from hashicorp/proxy-check-default
6 years ago
Matt Keeler 0e83059d1f
Revert "Allow changing Node names since Node now have IDs"
6 years ago
Matt Keeler 91150cca59 Fixup formatting
6 years ago
Matt Keeler 3807e04de9 Revert PR 4294 - Catalog Register: Generate UUID for services registered without one
6 years ago
Matt Keeler 7572ca0f37
Merge pull request #4374 from hashicorp/feature/proxy-env-vars
6 years ago
Paul Banks 8405b41f2b
Update proxy config docs and add test for ipv6
6 years ago
Paul Banks bb9a5c703b
Default managed proxy TCP check address sanely when proxy is bound to 0.0.0.0.
6 years ago
Matt Keeler 0f56ed2d01 Set api.Config’s InsecureSkipVerify to the value of !RuntimeConfig.VerifyOutgoing
6 years ago
Matt Keeler 22e4058893 Use type switch instead of .Network for more reliably detecting UnixAddrs
6 years ago
Matt Keeler 700a275ddf Look specifically for tcp instead of unix
6 years ago
Matt Keeler c8df4b824c Update proxy manager test - test passing ProxyEnv vars
6 years ago
Kyle Havlovitz f95c6807e7
connect: use reflect.DeepEqual instead for test
6 years ago
Matt Keeler 98ead2a8f8
Merge pull request #3983 from pierresouchay/node_renaming
6 years ago
Kyle Havlovitz 4e5fb6bc19
connect: add provider state to snapshots
6 years ago
Kyle Havlovitz 462ace4867
connect: update leader initializeCA comment
6 years ago
Kyle Havlovitz 1d3f4b5099
connect: persist intermediate CAs on leader change
6 years ago
Matt Keeler c54b43bef3 PR Updates
6 years ago
Matt Keeler 4d1ead10b3
Merge pull request #4371 from hashicorp/bugfix/gh-4358
6 years ago
Pierre Souchay fecae3de21 When renaming a node, ensure the name is not taken by another node.
6 years ago