Commit Graph

20944 Commits

Author SHA1 Message Date
John Maguire 5b581e0442
Update links and fix route kind for APIGW JWT Docs (#19585)
Update links and fix route kind
2023-11-09 11:16:04 -05:00
John Murret 4aa95f3d1f
Migrate individual resource tests for Ingress Gateway to TestAllResourcesFromSnapshot (#19506)
migrate ingress-gateway tests to resources_test.go
2023-11-09 16:08:07 +00:00
John Murret 2553d6e8b9
Migrate individual resource tests for Terminating Gateway to TestAllResourcesFromSnapshot (#19505)
migrate terminating-gateway tests to resources_test.go
2023-11-09 08:38:33 -07:00
Ashesh Vidyut 515eed8c7c
Net 6439 (#19517)
* node health controller tenancy

* some prog

* some fixes

* revert

* pr comment resolved

* removed name

* Add namespace and tenancy in sidecar proxy controller test

* revert node health controller

* clean up data

* fix local

* copy from ENT

* removed dup code

* removed tenancy

* add test tenancies
2023-11-09 11:47:19 +05:30
R.B. Boyer 2296bd5c9a
docs: spike of info about how to use deployer topology tests (#19576)
Initial developer facing docs on how to write deployer (topology) integration tests.
2023-11-08 17:26:58 -06:00
R.B. Boyer a7f3069a94
test: add a v2 container integration test of xRoute splits (#19570)
This adds a deployer-based integration test verifying that a 90/10 traffic
split works for: HTTPRoute, GRPCRoute, and TCPRoute.
2023-11-08 17:20:00 -06:00
John Murret 7de0b45ba4
Fix xds v2 from creating envoy endpoint resources when already inlined in the cluster (#19580)
* migrate expose checks and paths  tests to resources_test.go

* fix failing expose paths tests

* fix the way endpoint resources get created to make expose tests pass.

* wip

* remove endpoint resources that are already inlined on local_app clusters

* renaiming and comments
2023-11-08 22:18:51 +00:00
John Murret 5aff19f9bc
Migrate individual resource tests for JWT Provider to TestAllResourcesFromSnapshot (#19511)
migrate jwt provider tests to resources_test.go
2023-11-08 14:34:40 -07:00
Nathan Coleman 873b705f1e
Update Helm docs for consul-k8s 1.3.0 (#19581) 2023-11-08 19:38:14 +00:00
John Murret 903ff7fccb
Migrate individual resource tests for custom configuration to TestAllResourcesFromSnapshot (#19512)
* Configure TestAllResourcesFromSnapshot to run V2 tests

* migrate custom configuration tests to resources_test.go
2023-11-08 10:34:23 -07:00
Matt Keeler a7774a9538
Introduce randomized timings and reproducible randomization into controller integration tests. (#19393)
As the V2 architecture hinges on eventual consistency and controllers reconciling the existing state in response to writes, there are potential issues we could run into regarding ordering and timing of operations. We want to be able to guarantee that given a set of resources the system will always eventually get to the desired correct state. The order of resource writes and delays in performing those writes should not alter the final outcome of reaching the desired state.

To that end, this commit introduces arbitrary randomized delays before performing resources writes into the `resourcetest.Client`. Its `PublishResources` method was already randomizing the order of resource writes. By default, no delay is added to normal writes and deletes but tests can opt-in via either passing hard coded options when creating the `resourcetest.Client` or using the `resourcetest.ConfigureTestCLIFlags` function to allow processing of CLI parameters.

In addition to allowing configurability of the request delay min and max, the client also has a configurable random number generator seed. When Using the CLI parameter helpers, a test log will be written noting the currently used settings. If the test fails then you can reproduce the same delays and order randomizations by providing the seed during the previous test failure.
2023-11-08 10:45:25 -05:00
John Murret 09f73d1abf
Migrate individual resource tests for expose paths and checks to TestAllResourcesFromSnapshot (#19513)
* migrate expose checks and paths  tests to resources_test.go

* fix failing expose paths tests
2023-11-08 14:24:27 +00:00
Ashesh Vidyut 985aa76da3
NET 6354 - Add tenancy in Node Health Controller (#19457)
* node health controller tenancy

* some prog

* some fixes

* revert

* pr comment resolved

* removed name

* cleanup nodes

* some fixes

* merge main
2023-11-08 13:01:17 +05:30
John Murret 7bc2581c81
Migrate individual resource tests for Discovery Chains to TestAllResourcesFromSnapshot (#19508)
migrate disco chain tests to resources_test.go
2023-11-08 01:34:42 +00:00
John Murret caaff73337
add DeliverLatest as common function for use by Manager and ProxyTracker Open (#19564)
Open
add DeliverLatest as common function for use by Manager and ProxyTracker
2023-11-07 23:03:37 +00:00
cskh 8d6545ec43
test/deployer: add the method of deregistering services (#19525) 2023-11-07 17:29:13 -05:00
Jeff Boruszak 48d7d4a0fe
docs: Multi-port support for v1.17 GA (#19401)
* Catalog concept pages creation

* Multi-port services overview - initial update

* CLI command page creation

* File location adjustment

* nav

* New resource pages - creation

* nav fix

* resource info

* specs start

* GRPCRoute specs and structure

* GRPCRoute configuration model

* gRPCRoute models and examples

* HTTP copy

* Resource configuration alignment

* Catalogs

* Deployment error fix

* HTTPRoute specs

* TCP Route specifications

* proxy configuration model

* ProxyConfiguration specifications

* Example

* basic traffic permissions info

* complete config structure

* tab spacing

* Traffic permission specifications

* Proxy config example description

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>

* v1 concept review updates

* v2 catalog code review updates

* V2 catalog contraints + guidance

* Proxyconfiguration code review changes

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Cross-apply suggestions to reference pages

* More code review suggestions

* comment fix

* Apply suggestions from code review

* Index + usage updates

* TCP clarification

* Minor fixes

* remove references to unsupported features

* comment fix

* Resource command section removed

* Tested instructions

* More updates based on testing

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Multi-port traffic permissions example

* parent/child alignment

* Dataplanes requirement

* Update version-specific CLI install

* Method 2

* Tab fix

* Consul resource updates

* nav fix

* Catalog groups

* Catalog `group` info

* time formatting

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2023-11-07 14:23:34 -08:00
Nathan Coleman f2f7235924
Fix typo in GatewayClassConfig docs (#19563)
* Fix typo in GatewayClassConfig docs

* Fix broken links
2023-11-07 17:22:17 -05:00
Tu Nguyen 6e2a44ef81
Update enterprise features table with 1.17 features (#19558)
update enterprise features table with 1.17 features
2023-11-07 14:30:08 -06:00
Dan Stough 20f43d81bf
test: update certs for 10 year expiry (#19481) 2023-11-07 14:57:52 -05:00
R.B. Boyer d203c0abe3
test: update deployer default images (#19554) 2023-11-07 13:15:40 -06:00
R.B. Boyer 4d7754ad25
test: update makefile to include ways to trigger deployer integration tests (#19553) 2023-11-07 12:41:14 -06:00
Tyler Wendlandt 1f5aa83a9e
ui: clear peer on home link (#19549)
Clear peer on home link
2023-11-07 10:27:20 -07:00
Nathan Coleman 028f1d8c50
NET-6390 Initialize MeshGateway proto (#19548) 2023-11-07 12:24:54 -05:00
Derek Menteer 393f7a429b
Fix more test flakes (#19533)
Fix flaky snapshot and metrics tests.
2023-11-07 10:15:50 -06:00
R.B. Boyer a66cb58e71
test: fix some of the peering topology tests to safely run without tenancy in CE (#19540) 2023-11-07 10:11:42 -06:00
Ashwin Venkatesh 64db2d9c58
Add kubebuilder annotations to enums (#19454) 2023-11-07 11:02:38 -05:00
John Murret f115cdb1d5
NET-6385 - Static routes that are inlined in listener filters are also created as a resource. (#19459)
* cover all protocols in local_app golden tests

* fix xds tests

* updating latest

* fix broken test

* add sorting of routers to TestBuildLocalApp to get rid of the flaking

* cover all protocols in local_app golden tests

* cover all protocols in local_app golden tests

* cover all protocols in local_app golden tests

* process envoy resource by walking the map.  use a map rather than array for envoy resource to prevent duplication.

* cleanup.  doc strings.

* update to latest

* fix broken test

* update tests after adding sorting of routers in local_app builder tests

* do not make endpoints for local_app

* fix catalog destinations only by creating clusters for any cluster not already created by walking the graph.

* Configure TestAllResourcesFromSnapshot to run V2 tests

* wip

* fix processing of failover groups

* add endpoints and clusters for any clusters that were not created from walking the listener -> path

* fix xds v2 golden files for clusters to include failover group clusters
2023-11-07 08:00:08 -07:00
Semir Patel 2da7dd077a
v2tenancy: register tenancy controller deps (#19531) 2023-11-07 08:06:10 -06:00
Ganesh S 5352ff945c
Added tenancy tests for WorkloadHealth controller (#19530) 2023-11-07 09:09:15 +05:30
trujillo-adam 24df835aff
added 1.17 features to enterprise overview (#19514)
* added 1.17 features to enterprise overview

* added features to runtime tables

* Apply suggestions from code review

Co-authored-by: David Yu <dyu@hashicorp.com>

* add ecs release notes

* add draft of 1.3.x consul-k8s release notes

* update nav with new release notes

* Apply suggestions from code review

Co-authored-by: Jeff Apple <79924108+Jeff-Apple@users.noreply.github.com>

---------

Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: Jeff Apple <79924108+Jeff-Apple@users.noreply.github.com>
2023-11-06 13:55:14 -08:00
cskh 38d94282ca
Ci upgrade test 1 17 (#19536)
CI: upgrade test from 1.17
2023-11-06 21:35:59 +00:00
Michael Zalimeni 90aa83fb0f
[NET-5916] docs: Remove locality proxy startup section (#19534)
docs: Remove locality proxy startup section

This section is not necessary as it is not unique to the feature. The
instructions for starting proxies are available in other pages.
2023-11-06 21:02:44 +00:00
Michael Zalimeni c9f2a6add4
[NET-5916] Update locality-aware routing docs (#19529)
* docs: Update locality-aware routing docs

- Align locality-aware routing documentation to the recommended use of the
feature and incorporate engineer feedback.
- Remove docs for unreleased multi-cluster failover feature.
- Fix minor typos and formatting in examples.

* docs: Fix rate limit docs typo
2023-11-06 15:03:47 -05:00
trujillo-adam 28b1469cb8
fixed typos in redirect for api gateways (#19526)
* fixed typos in redirect for api gateways

* one more typo

* final typo
2023-11-06 09:08:25 -08:00
Tyler Wendlandt e5948e8eb4
CC-5545: Side Nav (#19342)
* Initial work for sidenav

* Use HDS::Text

* Add resolution for ember-element-helper

* WIP dc selector

* Update HCP Home link

* DC selector

* Hook up remaining selectors

* Fix settings and tutorial links

* Remove comments

* Remove skip-links

* Replace auth with new dropdown

* Use href-to helper for sidenav links

* Changelog

* Add description to NavSelector

* Wrap version in footer and role

* Fix login tests

* Add data-test selectors for namespaces

* Fix datacenter disclosure menu test

* Stop rendering auth dialog if acls are disabled

* Update disabled selector state and token selector

* Fix logic in ACL selector

* Fix HCP Home integration test

* Remove toggling the sidenav in tests

* Add sidenav to eng docs

* Re-add debug navigation for eng docs

* Remove ember-in-viewport

* Remove unused styles

* Upgrade @hashicorp/design-system-componentseee

* Add translations for side-nav

* Only show back to hcp link if url is present

* Disable responsive due to a11y-dialog issue
2023-11-06 08:18:48 -07:00
Derek Menteer 6baf695cd9
[NET-6459] Fix issue with wanfed lan ip conflicts. (#19503)
Fix issue with wanfed lan ip conflicts.

Prior to this commit, the connection pools were unaware which datacenter the
connection was associated with. This meant that any time servers with
overlapping LAN IP addresses and node shortnames existed, they would be
incorrectly co-located in the same pool. Whenever this occurred, the servers
would get stuck in an infinite loop of forwarding RPCs to themselves (rather
than the intended remote DC) until they eventually run out of memory.

Most notably, this issue can occur whenever wan federation through mesh
gateways is enabled.

This fix adds extra metadata to specify which DC the connection is associated
with in the pool.
2023-11-06 08:47:12 -06:00
Derek Menteer 395d32e5ad
Shuffle CICD tests to spread worker load. (#19501) 2023-11-06 08:23:34 -06:00
R.B. Boyer 6f4e037621
testing: disable v2 linkage to nodes in integration tests (#19509) 2023-11-03 21:00:48 +00:00
John Murret 74daaa5043
XDS V1 should not make runs for TCP Disco Chains. (#19496)
* XDS V1 should not make runs for TCP Disco Chains.

* update TestEnvoyExtenderWithSnapshot
2023-11-03 14:53:17 -06:00
Poonam Jadhav c3c836edae
Net-6291/fix/watch resources (#19467)
* fix: update watch endpoint to default based on scope

* test: additional test

* refactor: rename list validate function

* refactor: rename validate<Op>Request() -> ensure<Op>RequestValid() for consistency
2023-11-03 16:03:07 -04:00
R.B. Boyer 65592d91a8
chore: apply enterprise changes that were missed to some testing files (#19504)
This should align between CE ef35525 and ENT 7f95226dbe40151c8f17dd4464784b60cf358dc1 in:

- testing/integration/consul-container
- test-integ
- testing/deployer
2023-11-03 11:43:43 -05:00
Dan Stough fd128f4947
build: dependency updates for 1.17.0 (#19453) 2023-11-03 12:29:59 -04:00
Semir Patel ef35525cf1
resource: finalizer aware delete endpoint (2 of 5) (#19493)
resource: make delete endpoint finalizer aware
2023-11-03 10:10:58 -04:00
John Murret d94d316204
NET-6319 - L7 routes have statePrefix of upstream. and should have a full path (#19473) 2023-11-02 19:58:54 -06:00
Nitya Dhanushkodi 2bc0bc30b9
update v2 changelog (#19446) 2023-11-02 14:59:55 -07:00
R.B. Boyer 4b85aa5a97
testing/deployer: support tproxy in v2 for dataplane (#19094)
This updates the testing/deployer (aka "topology test") framework to allow for a 
v2-oriented topology to opt services into enabling TransparentProxy. The restrictions 
are similar to that of #19046

The multiport Ports map that was added in #19046 was changed to allow for the 
protocol to be specified at this time, but for now the only supported protocol is TCP 
as only L4 functions currently on main.

As part of making transparent proxy work, the DNS server needed a new zonefile 
for responding to virtual.consul requests, since there is no Kubernetes DNS and 
the Consul DNS work for v2 has not happened yet. Once Consul DNS supports v2 we should switch over. For now the format of queries is:

<service>--<namespace>--<partition>.virtual.consul

Additionally:

- All transparent proxy enabled services are assigned a virtual ip in the 10.244.0/24
  range. This is something Consul will do in v2 at a later date, likely during 1.18.
- All services with exposed ports (non-mesh) are assigned a virtual port number for use
  with tproxy
- The consul-dataplane image has been made un-distroless, and gotten the necessary
  tools to execute consul connect redirect-traffic before running dataplane, thus simulating
  a kubernetes init container in plain docker.
2023-11-02 16:13:16 -05:00
Semir Patel aaac20f4a8
resource: misc finalizer apis (#19474) 2023-11-02 15:56:02 -05:00
R.B. Boyer a72f868218
testing/deployer: update deployer to use v2 catalog constructs when requested (#19046)
This updates the testing/deployer (aka "topology test") framework to conditionally 
configure and launch catalog constructs using v2 resources. This is controlled via a 
Version field on the Node construct in a topology.Config. This only functions for a 
dataplane type and has other restrictions that match the rest of v2 (no peering, no 
wanfed, no mesh gateways).

Like config entries, you can statically provide a set of initial resources to be synced 
when bringing up the cluster (beyond those that are generated for you such as 
workloads, services, etc).

If you want to author a test that can be freely converted between v1 and v2 then that 
is possible. If you switch to the multi-port definition on a topology.Service (aka 
"workload/instance") then that makes v1 ineligible.

This also adds a starter set of "on every PR" integration tests for single and multiport 
under test-integ/catalogv2
2023-11-02 14:25:48 -05:00
Derek Menteer 8f4c43727d
[NET-5916] Fix locality-aware routing config and tests (CE) (#19483)
Fix locality-aware routing config and tests
2023-11-02 14:05:06 -05:00