Commit Graph

12175 Commits (fb99346b6085766c17be09423566a1acc38bb2ca)

Author SHA1 Message Date
Alvin Huang 2a95289f56
remove set -e for cherry-pick script since we collect errors (#8177) 2020-06-23 18:37:20 -04:00
R.B. Boyer c63c994b04
connect: upgrade github.com/envoyproxy/go-control-plane to v0.9.5 (#8165) 2020-06-23 15:19:56 -05:00
Chris Piraino 2904cdac36
docs: Specify port in host for example (#8167)
This example shows a TLS enabled ingress config on a non-https port.
Currently, that means we require the port to be specified in one of the
host entries to route traffic.
2020-06-23 14:41:51 -05:00
John Cowen 20a6e1c638
ui: Make sure right trim doesn't try to overtrim (#8171) 2020-06-23 18:34:21 +01:00
Freddy 5f9c5ef73a
Merge pull request #8169 from hashicorp/config-entry-ns 2020-06-23 11:15:23 -06:00
John Cowen 6885c883b3
ui: Add namespaced versions of templated policies (#8173) 2020-06-23 17:58:43 +01:00
freddygv c791fbc79c Update namespaces subject-verb agreement 2020-06-23 10:57:30 -06:00
Kenia 3dbd7f7c77
ui: Update helper to return Proxy and Service Health if the Service has a Proxy (#8168) 2020-06-23 10:28:29 -04:00
John Cowen 7a8b5e7eb7
ui: Redesigns for the token/policy/roles listings pages (#8144) 2020-06-23 10:12:04 +01:00
John Cowen 4c58f9402e
ui: Support for Node Identities (#8137)
* Add all the new data required for NodeIdentities

* Add potential NodeIdentity to the token list component

* Amend the policy-form/selector to allow node identity creation

* Fix up CSS for radio buttons and select label

* Add node-identity policy template component

* Fix up and add acceptance tests for NodeIndentities

* Make sure policy previews take node identities into account

* Only show certain policy markup if those we have those policies

* Potentially temporarily hide dt's that don't have icons yet
2020-06-23 09:59:43 +01:00
freddygv 044d027ff8 Remove break 2020-06-22 19:59:04 -06:00
freddygv 70810b0602 Let users know namespaces are ent only in config entry decode 2020-06-22 19:59:04 -06:00
Freddy cc1407e867
Merge http2 integration test case into grpc case (#8164)
http2 is covered by grpc since grpc uses http2
2020-06-22 13:09:04 -06:00
s-christoff 818d00fda3
Add AgentMemberStatus const (#8110)
* Add AgentMemberStatus const
2020-06-22 12:18:45 -05:00
Matt Keeler 6dd0abdc9f
Update CHANGELOG.md 2020-06-22 09:03:02 -04:00
Pierre Souchay 35d852fd9a
Returns DNS Error NSDOMAIN when DC does not exists (#8103)
This will allow to increase cache value when DC is not valid (aka
return SOA to avoid too many consecutive requests) and will
distinguish DC being temporarily not available from DC not existing.

Implements https://github.com/hashicorp/consul/issues/8102
2020-06-22 09:01:48 -04:00
Brandon Romano 22239b8f6d
Merge pull request #8162 from hashicorp/nav-update
Update Nav
2020-06-22 04:15:18 -07:00
Brandon Romano 2509e8d222 Update Nav 2020-06-21 19:35:34 -07:00
Matt Keeler 4a5b352c18
Require enabling TLS to enable Auto Config (#8159)
On the servers they must have a certificate.

On the clients they just have to set verify_outgoing to true to attempt TLS connections for RPCs.

Eventually we may relax these restrictions but right now all of the settings we push down (acl tokens, acl related settings, certificates, gossip key) are sensitive and shouldn’t be transmitted over an unencrypted connection. Our guides and docs should recoommend verify_server_hostname on the clients as well.

Another reason to do this is weird things happen when making an insecure RPC when TLS is not enabled. Basically it tries TLS anyways. We should probably fix that to make it clearer what is going on.
2020-06-19 16:38:14 -04:00
Freddy 0719e3e5da
Update CHANGELOG.md 2020-06-19 13:36:37 -06:00
Freddy b3dde7c033
Update CHANGELOG.md 2020-06-19 13:35:22 -06:00
Freddy 5baa7b1b04
Always return a gateway cluster (#8158) 2020-06-19 13:31:39 -06:00
Matt Keeler d6e05482ab
Allow cancelling startup when performing auto-config (#8157)
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2020-06-19 15:16:00 -04:00
Preetha c2593957bd
Merge pull request #8156 from hashicorp/docs-update-version
update version to 1.8.0
2020-06-18 20:05:53 -05:00
Preetha 8bf0432fae
remove prerelease tag 2020-06-18 20:02:21 -05:00
Preetha 3ca775a75e
update alert banner 2020-06-18 19:36:42 -05:00
Preetha e8da210b4b
update version to 1.8.0 2020-06-18 19:32:11 -05:00
Freddy 28f22c8a90
Finalize gateway documentation for 1.8.0 GA (#8121)
Co-authored-by: Derek Strickland <1111455+DerekStrickland@users.noreply.github.com>
2020-06-18 15:27:06 -06:00
Chris Piraino 9459ef87eb
Remove ingress line items from UNRELEASED header
These all got squashed into the Ingress Gateway feature item in 1.8.0.
2020-06-18 15:54:36 -05:00
Chris Piraino 7b75c82714
Update master CHANGELOG to release 1.8.0 (#8152) 2020-06-18 15:28:18 -05:00
Luke Kysow d3cc5ec1fe
Merge pull request #8150 from hashicorp/18-wan-fed-docs
Remove consul:beta now that 1.8 is out.
2020-06-18 12:54:31 -07:00
Daniel Nephin 4f17350928
Merge pull request #8147 from hashicorp/dnephin/remove-private-ip-2
Remove some dead code from agent/consul/util.go
2020-06-18 15:51:09 -04:00
Matt Keeler b0fcf86140 Change auto config authorizer to allow for future extension
The envisioned changes would allow extra settings to enable dynamically defined auth methods to be used instead of  or in addition to the statically defined one in the configuration.
2020-06-18 15:22:24 -04:00
Luke Kysow fcbed6da44
Remove consul:beta now that 1.8 is out. 2020-06-18 11:50:25 -07:00
Rebecca Zanzig ea8fbdc68f
Merge pull request #8126 from hashicorp/k8s/gateway-docs
Add helm chart options for ingress and terminating gateways
2020-06-18 11:30:59 -07:00
Jono Sosulska c8bee5a934
Fixing multiple document updates (#8135)
* Fixes #7663-ACL Token Reloadable#7432-Cipher Suites,#7385-KV Delete DC, raft list-peers docs

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2020-06-18 14:10:45 -04:00
Rebecca Zanzig 5c7e62169d Add helm chart options for ingress and terminating gateways 2020-06-18 11:04:19 -07:00
Dexter Lowe 6e208a2120
#8059 Improve Clarity on TTL docs (#8141) 2020-06-18 13:53:43 -04:00
Daniel Nephin b0ba546a1f Remove bytesToUint64 from agent/consul 2020-06-18 12:45:43 -04:00
Daniel Nephin a00f007c5e Remove unused private IP code from agent/consul 2020-06-18 12:40:38 -04:00
Chris Piraino af11169c26
Bump golang to 1.14.4 to avoid known runtime issue (#8146)
An issue where the golang runtime would hang and loop forever
2020-06-18 11:38:33 -05:00
Matt Keeler abce1f0eee
Merge pull request #8086 from hashicorp/feature/auto-config/client-config-inject 2020-06-18 10:44:32 -04:00
John Cowen 6bde8b6378
ui: Remove with-listeners mixin (#8142)
This mixin was a very thin mixin over the top of our listeners utility,
and we have been gradually preferring using the utility straight rather
than using the mixin. This commit removes the last places where we still
used the mixin, and also potentially the last few places where we
continued to use the old API for our listeners utility.
2020-06-18 14:54:31 +01:00
Kenia 191f0966a0
ui: Refactor Upstreams and Exposed Paths icons (#8139)
* Update Ports to have copy-button to the left

* Update exposed paths use a description list
2020-06-18 09:23:42 -04:00
Matt Keeler 3dbbd2d37d
Implement Client Agent Auto Config
There are a couple of things in here.

First, just like auto encrypt, any Cluster.AutoConfig RPC will implicitly use the less secure RPC mechanism.

This drastically modifies how the Consul Agent starts up and moves most of the responsibilities (other than signal handling) from the cli command and into the Agent.
2020-06-17 16:49:46 -04:00
Matt Keeler 8b7d669a27
Allow the Agent its its child Client/Server to share a connection pool
This is needed so that we can make an AutoConfig RPC at the Agent level prior to creating the Client/Server.
2020-06-17 16:19:33 -04:00
Matt Keeler 51c3a605ad
Merge pull request #8035 from hashicorp/feature/auto-config/server-rpc 2020-06-17 16:07:25 -04:00
Chris Piraino 79a862d019
Remove ACLEnforceVersion8 from tests (#8138)
The field had been deprecated for a while and was recently removed,
however a PR which added these tests prior to removal was merged.
2020-06-17 14:58:01 -05:00
Chris Piraino bb103f22dd
Updates docs with ingress Host header clarifications (#8062)
* Updates docs with ingress Host header changes

Clarify that a Host header is required for L7 protocols, and specify
that the default is to use the Consul DNS ingress subdomain

* Add sentence about using '*' by itself for testing

* Add optional step for using L7 routing config

* Note that port numbers may need to be added in the Hosts field
2020-06-17 14:43:58 -05:00
Daniel Nephin 692a4a8fc8
Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file
config: warn if a config file is being skipped because of its file extension
2020-06-17 15:14:40 -04:00