Commit Graph

12071 Commits

Author SHA1 Message Date
R.B. Boyer cfa5908c8d add namespace waiting function to envoy integration tests (#9051) 2020-10-28 18:24:07 +00:00
Kyle Havlovitz b72e11aa9c Merge pull request #9053 from hashicorp/vault-token-lookupself
connect: Use the lookup-self endpoint for Vault token
2020-10-27 21:34:37 +00:00
Kevin Pruett b3ec64c23f Merge pull request #9021 from hashicorp/pruett.alertbanner-exp
Expose `expirationDate` prop in <AlertBanner/>
2020-10-26 20:13:49 +00:00
Kim Ngo 6cbc41d5b5 NIA: add Terraform version compatibility (#9023) 2020-10-26 14:47:50 +00:00
Mike Morris aca865adc3
Merge pull request #9027 from hashicorp/release/1.8.5
Merge back release/1.8.5
2020-10-23 18:35:26 -04:00
Mike Morris 3848804bc8 changelog: fixup formatting for 8774.txt 2020-10-23 17:19:41 -04:00
hashicorp-ci 18e8949c6f Putting source back into Dev Mode 2020-10-23 21:08:15 +00:00
hashicorp-ci 1e03567d33
Release v1.8.5 2020-10-23 20:32:14 +00:00
hashicorp-ci 90324f1bac
update bindata_assetfs.go 2020-10-23 20:32:13 +00:00
Mike Morris 8e371c9fd6 changelog: add unreleased entries for 1.8.5 2020-10-23 16:15:09 -04:00
Mike Morris 3bf05fd6e3 changelog: fixup CVE link for 9024.txt 2020-10-23 16:13:36 -04:00
Mike Morris acfd9fbfea changelog: fixup note.tmpl syntax 2020-10-23 16:10:58 -04:00
R.B. Boyer a155423f29 server: config entry replication now correctly uses namespaces in comparisons (#9024)
Previously config entries sharing a kind & name but in different
namespaces could occasionally cause "stuck states" in replication
because the namespace fields were ignored during the differential
comparison phase.

Example:

Two config entries written to the primary:

    kind=A,name=web,namespace=bar
    kind=A,name=web,namespace=foo

Under the covers these both get saved to memdb, so they are sorted by
all 3 components (kind,name,namespace) during natural iteration. This
means that before the replication code does it's own incomplete sort,
the underlying data IS sorted by namespace ascending (bar comes before
foo).

After one pass of replication the primary and secondary datacenters have
the same set of config entries present. If
"kind=A,name=web,namespace=bar" were to be deleted, then things get
weird. Before replication the two sides look like:

primary: [
    kind=A,name=web,namespace=foo
]
secondary: [
    kind=A,name=web,namespace=bar
    kind=A,name=web,namespace=foo
]

The differential comparison phase walks these two lists in sorted order
and first compares "kind=A,name=web,namespace=foo" vs
"kind=A,name=web,namespace=bar" and falsely determines they are the SAME
and are thus cause an update of "kind=A,name=web,namespace=foo". Then it
compares "<nothing>" with "kind=A,name=web,namespace=foo" and falsely
determines that the latter should be DELETED.

During reconciliation the deletes are processed before updates, and so
for a brief moment in the secondary "kind=A,name=web,namespace=foo" is
erroneously deleted and then immediately restored.

Unfortunately after this replication phase the final state is identical
to the initial state, so when it loops around again (rate limited) it
repeats the same set of operations indefinitely.
2020-10-23 18:42:45 +00:00
James Light e0bfd96dc4 Update managed-deprecated.mdx (#9016)
fix typo / spell checker replacing w/ wrong word
2020-10-23 14:55:46 +00:00
R.B. Boyer 3456b57dec
connect: update supported envoy point releases to 1.14.5, 1.13.6, 1.12.7, 1.11.2 for 1.8.x (#8999)
Selective backport of #8944 to 1.8.x
2020-10-22 13:26:51 -05:00
Kim Ngo 4e196b0a16 NIA: document daemon exiting on task errors (#8985) 2020-10-22 18:23:57 +00:00
Daniel Nephin 2ed5b108c5 Merge pull request #8924 from ShimmerGlass/fix-sidecar-deregister-after-restart
Fix: service LocallyRegisteredAsSidecar property is not persisted
2020-10-22 17:27:41 +00:00
Blake Covarrubias 315b68228a Add extraEnvironmentVars and client.affinity to Helm values (#8997)
Document client.extraEnvironmentVars, server.extraEnvironmentVars, and
client.affinity Helm chart values.

Remove deprecated connectInject.imageEnvoy and meshGateway.imageEnvoy
values.
2020-10-22 06:29:25 +00:00
Blake Covarrubias d2f0cf42c3 docs: Remove sentence about pluggable CAs
Consul's Connect CA documentation mentions future releases will
support a pluggable CA system. This sentence has existed in the docs
for over two years, however there are currently no plans to develop
this feature on the near-term roadmap.

This commit removes this sentence to avoid giving the impression that
this feature will be available in an upcoming release.
2020-10-20 18:52:49 +00:00
Jasmine W 5c1d25df84 Merge pull request #8959 from hashicorp/docs-update-api-cli
Update docs-navigation.js
2020-10-20 15:46:23 +00:00
Sabeen Syed aa8ab4161b Update links (#8949) 2020-10-19 19:38:49 +00:00
Sabeen Syed 303e1142da Add A10 and Checkpoint TF modules (#8950) 2020-10-15 21:12:17 +00:00
Kit Patella 9c1bbb4b50 Merge pull request #8960 from hashicorp/mkcp/docs/truncate-old-jepsen-log
truncate jepsen.mdx log for length
2020-10-14 20:59:27 +00:00
Sabeen Syed 0335eb1fa0 Remove email address (#8931) 2020-10-13 18:17:30 +00:00
Kim Ngo b7060f89b8 Add docs on what activates task execution (#8936) 2020-10-13 16:48:09 +00:00
lornasong 62ae98286a Merge pull request #8935 from hashicorp/nia-docs-tfmod
Update Requirements doc: Terraform module links
2020-10-13 15:55:43 +00:00
Iryna Shustava 313e2f70b6 Update compatibility matrix (#8928) 2020-10-13 01:04:36 +00:00
Iryna Shustava 76c9b2bb8d docs: add Helm docs for openshift; also add other missing Helm docs (#8833) 2020-10-12 23:35:53 +00:00
Sabeen Syed e8ae1ea703 Update a link and reword some sentences (#8925)
Update PANOS link
Update sentences
2020-10-12 22:40:43 +00:00
Kyle Havlovitz 21e1ab7461
Merge pull request #8917 from hashicorp/1.8.x-primary-renew
backport/1.8.x: renew intermediates in primary
2020-10-09 14:10:06 -07:00
Ricardo Oliveira fe864e8f45 Update service-defaults.mdx (#8780) 2020-10-09 20:45:33 +00:00
Blake Covarrubias 16937d7f5d doc: Update acl-method command example (#8845)
* Update acl-method command example

* add tailing backtick
2020-10-09 19:26:54 +00:00
Kyle Havlovitz a8cc967a02 Merge pull request #8784 from hashicorp/renew-intermediate-primary
connect: Enable renewing the intermediate cert in the primary DC
2020-10-09 12:26:49 -07:00
Sabeen Syed ceba2c6422 Docs: Nia/docs tech preview (#8908)
* Add outline and basic content for Tech Preview docs
* Add Tech Preview tag
* Add auto-labler for Consul Terrform Sync
* Add Consul Terraform Sync config docs (#8837)
* CLI Docs for Consul Terraform Sync
* Task Docs for Consul Terraform Sync
* Add docs for NIA Terraform driver (#8871)
* Update Installation Docs for Consul Terraform Sync
* Initial high level architecture overview (#8872)
* Docs: compatible Terraform modules for Consul-Terraform-Sync (#8887)
* Update Requirements Docs for Consul Terraform Sync
* Remove empty partner module sections
2020-10-09 15:18:47 -04:00
Kim Ngo 3e14b35211 Minor updates to NIA partner docs (#8912)
* Renames Terraform module registry to its new name Terraform Registry
2020-10-09 19:17:20 +00:00
Hans Hasselberg b1ef15166e note template with ent support (#8910) 2020-10-09 19:07:16 +00:00
Sabeen Syed 4ff537b250 Docs: Nia/docs partner integration (#8907)
* Add NIA Integration Program page
* Update name to Consul-Terraform-Sync and add Tech Preview tags
* Update diagram to include sequence numbers
* Remove Tech Preview tags and Update Images
* Add TF module naming convention, update image and links
* Add a note, update PANW link, and working updates
* Update URLs to local path
2020-10-09 18:23:05 +00:00
Jimmy Merritello be6a0effaf [Website] Add HashiStackMenu to website (#8854)
* Add new HashiStackMenu

* Add transpile option

* Bump version

* Bump HSM version and rm meganav styles
2020-10-09 15:49:04 +00:00
Kyle Havlovitz df160fee3e
Merge pull request #8862 from hashicorp/backport/1.8.x-vault-token-renew
backport(1.8.x): vault token renew
2020-10-09 08:10:45 -07:00
Matt Keeler 6cae442ef4 Add capability for the v1/connect/ca/roots endpoint to return a PEM encoded certificate chain (#8774)
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-10-09 14:43:59 +00:00
R.B. Boyer c0fa5722ed website: re-add forgotten updates (#8890) 2020-10-09 02:27:57 +00:00
Kyle Havlovitz 2dea87b5bb Run make update-vendor after cherry-pick 2020-10-07 16:40:28 -04:00
Kyle Havlovitz b8038d1814 Update vault CA for latest api client 2020-10-07 16:40:27 -04:00
Kyle Havlovitz c7981ac932 vendor: Update vault api package 2020-10-07 16:40:27 -04:00
Kyle Havlovitz 57a98945f5 Clean up CA shutdown logic and error 2020-10-07 16:40:27 -04:00
Kyle Havlovitz 9496780ab4 Clean up Vault renew tests and shutdown 2020-10-07 16:40:27 -04:00
Kyle Havlovitz 844e9ffe16 Use mapstructure for decoding vault data 2020-10-07 16:40:27 -04:00
Kyle Havlovitz 449103411d Add a stop function to make sure the renewer is shut down on leader change 2020-10-07 16:40:27 -04:00
Kyle Havlovitz 2fc2b61b48 Add a test for token renewal 2020-10-07 16:40:27 -04:00
Kyle Havlovitz f416c1a8bd Automatically renew the token used by the Vault CA provider 2020-10-07 16:40:27 -04:00