377 Commits

Author SHA1 Message Date
Preetha
daa61c5803
Merge pull request #3881 from pierresouchay/service_metadata
Feature Request: Support key-value attributes for services
2018-03-27 16:33:57 -05:00
Preetha Appan
6c0bb5a810
Fix test and remove unused method 2018-03-27 09:44:41 -05:00
Preetha Appan
d77ab91123
Allows disabling WAN federation by setting serf WAN port to -1 2018-03-26 14:21:06 -05:00
Josh Soref
94835a2715 Spelling (#3958)
* spelling: another

* spelling: autopilot

* spelling: beginning

* spelling: circonus

* spelling: default

* spelling: definition

* spelling: distance

* spelling: encountered

* spelling: enterprise

* spelling: expands

* spelling: exits

* spelling: formatting

* spelling: health

* spelling: hierarchy

* spelling: imposed

* spelling: independence

* spelling: inspect

* spelling: last

* spelling: latest

* spelling: client

* spelling: message

* spelling: minimum

* spelling: notify

* spelling: nonexistent

* spelling: operator

* spelling: payload

* spelling: preceded

* spelling: prepared

* spelling: programmatically

* spelling: required

* spelling: reconcile

* spelling: responses

* spelling: request

* spelling: response

* spelling: results

* spelling: retrieve

* spelling: service

* spelling: significantly

* spelling: specifies

* spelling: supported

* spelling: synchronization

* spelling: synchronous

* spelling: themselves

* spelling: unexpected

* spelling: validations

* spelling: value
2018-03-19 16:56:00 +00:00
Devin Canterberry
2187ab1e1c
🎨 Formatting changes only; convert leading space to tabs 2018-03-15 10:30:38 -07:00
Devin Canterberry
7236c95e11
Match expectation of TLSCipherSuites to values of tls_cipher_suites 2018-03-15 10:19:46 -07:00
Devin Canterberry
c901307a47
🔒 Update supported TLS cipher suites
The list of cipher suites included in this commit are consistent with
the values and precedence in the [Golang TLS documentation](https://golang.org/src/crypto/tls/cipher_suites.go).

> **Note:** Cipher suites with RC4 are still included within the list
> of accepted values for compatibility, but **these cipher suites are
> not safe to use** and should be deprecated with warnings and
> subsequently removed. Support for RC4 ciphers has already been
> removed or disabled by default in many prominent browsers and tools,
> including Golang.
>
> **References:**
>
>  * [RC4 on Wikipedia](https://en.wikipedia.org/wiki/RC4)
>  * [Mozilla Security Blog](https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/)
2018-03-15 10:19:46 -07:00
Pierre Souchay
0b7f620dc6 Allow to control the number of A/AAAA Record returned by DNS
This allows to have randomized resource records (i.e. each
answer contains only one IP, but the IP changes every request) for
A, AAAA records.

It will fix https://github.com/hashicorp/consul/issues/3355 and
https://github.com/hashicorp/consul/issues/3937

See https://github.com/hashicorp/consul/issues/3937#issuecomment-370610509
for details.

It basically add a new option called `a_record_limit` and will not
return more than a_record_limit when performing A, AAAA or ANY DNS
requests.

The existing `udp_answer_limit` option is still working but should
be considered as deprecated since it works only with DNS clients
not supporting EDNS.
2018-03-06 02:07:42 +01:00
Pierre Souchay
9a57dfd68a Fixed TestSanitize unit test 2018-02-11 12:11:11 +01:00
Kyle Havlovitz
f6ecaa4a1c
Add enterprise default config section 2018-02-05 13:33:59 -08:00
James Phillips
e748c63fff
Merge pull request #3855 from hashicorp/pr-3782-slackpad
Adds support for gRPC health checks.
2018-02-02 17:57:27 -08:00
James Phillips
5f31c8d8d3
Changes "TLS" to "GRPCUseTLS" since it only applies to GRPC checks. 2018-02-02 17:29:34 -08:00
Kyle Havlovitz
8c5be2dd97
Enforce a valid port for the Serf WAN since it can't be disabled.
Fixes #3817
2018-01-19 14:22:23 -08:00
James Hartig
aedab91a66 Resolve symlinks in config directory
Docker/Openshift/Kubernetes mount the config file as a symbolic link and
IsDir returns true if the file is a symlink. Before calling IsDir, the
symlink should be resolved to determine if it points at a file or
directory.

Fixes #3753
2018-01-12 15:43:38 -05:00
James Phillips
ebcd1787db
Adds more info about how to fix the private IP error.
Closes #3790
2018-01-10 09:53:41 -08:00
Dmytro Kostiuchenko
1a10b08e82 Add gRPC health-check #3073 2018-01-04 16:42:30 -05:00
James Phillips
98e837167e
Changes maps to merge vs. overwrite when processing configs.
Fixes #3716
2017-12-13 16:06:01 -08:00
James Phillips
46742a5041
Adds TODOs referencing #3744. 2017-12-13 10:52:06 -08:00
James Phillips
2892f91d0b
Copies the autopilot settings from the runtime config.
Fixes #3730
2017-12-13 10:32:05 -08:00
James Phillips
44d824a58f
Renames "segments" to "segment" to be consistent with other files. 2017-11-29 18:36:52 -08:00
James Phillips
34c13925d4
Skips files with unknown extensions when not forcing a format.
Fixes #3685
2017-11-10 18:06:07 -08:00
James Phillips
1e49c157c5
Adds a snapshot agent stub to the config structure.
Fixes #3678
2017-11-10 13:50:45 -08:00
James Phillips
93f68555d0
Adds enable_agent_tls_for_checks configuration option which allows (#3661)
HTTP health checks for services requiring 2-way TLS to be checked
using the agent's credentials.
2017-11-07 18:22:09 -08:00
Frank Schröder
874e350b2f config: add -config-format option (#3626)
* config: refactor ReadPath(s) methods without side-effects

Return the sources instead of modifying the state.

* config: clean data dir before every test

* config: add tests for config-file and config-dir

* config: add -config-format option

Starting with Consul 1.0 all config files must have a '.json' or '.hcl'
extension to make it unambigous how the data should be parsed. Some
automation tools generate temporary files by appending a random string
to the generated file which obfuscates the extension and prevents the
file type detection.

This patch adds a -config-format option which can be used to override
the auto-detection behavior by forcing all config files or all files
within a config directory independent of their extension to be
interpreted as of this format.

Fixes #3620
2017-10-31 17:30:01 -05:00
Frank Schroeder
2e7ed2fd86
Merge pull request #3585 from hashicorp/document-runtime-config
Moving the previous `agent/config.go` documentation to
`agent/config/runtime.go`.
2017-10-23 10:51:22 +02:00
Frank Schroeder
5bfb2808f9
Merge pull request #3598 from hashicorp/issue-3397-error-with-extra-flags
The `consul agent` command was ignoring extra command line arguments
which can lead to confusion when the user has for example forgotten to
add a dash in front of an argument or is not using an `=` when setting
boolean flags to `true`. `-bootstrap true` is not the same as
`-bootstrap=true`, for example.

Since all command line flags are known and we don't expect unparsed
arguments we can return an error. However, this may make it slightly
more difficult in the future if we ever wanted to have these kinds of
arguments.

Fixes #3397
2017-10-23 10:47:04 +02:00
Frank Schroeder
b97ab367f4
config: return error on extra command line arguments (#3397)
The `consul agent` command was ignoring extra command line arguments
which can lead to confusion when the user has for example forgotten to
add a dash in front of an argument or is not using an `=` when setting
boolean flags to `true`. `-bootstrap true` is not the same as
`-bootstrap=true`, for example.

Since all command line flags are known and we don't expect unparsed
arguments we can return an error. However, this may make it slightly
more difficult in the future if we ever wanted to have these kinds of
arguments.

Fixes #3397
2017-10-23 08:07:48 +02:00
Frank Schroeder
1fef7f4b67
config: rename test struct field to args 2017-10-23 08:07:48 +02:00
Frank Schroeder
f6e9ad99ec config: address review comments 2017-10-23 08:06:26 +02:00
Frank Schroeder
0ed4561f12 config: document remaining config options 2017-10-23 08:06:26 +02:00
Frank Schroeder
9864609201 config: document more config options 2017-10-23 08:06:26 +02:00
Frank Schroeder
bf81cdea6e config: document more config options 2017-10-23 08:06:26 +02:00
Frank Schroeder
2682ce0b82 config: document more acl options 2017-10-23 08:06:26 +02:00
Frank Schroeder
a38c69d784 config: document config options 2017-10-23 08:06:26 +02:00
Frank Schroeder
7396bd31fd config: document acl options 2017-10-23 08:06:26 +02:00
Frank Schroeder
7685ef409c config: document autopilot options 2017-10-23 08:06:26 +02:00
Frank Schroeder
5e57e9273e config: document dns options 2017-10-23 08:06:26 +02:00
Frank Schroeder
5f59857448 config: document http options 2017-10-23 08:06:26 +02:00
Frank Schroeder
7fede4472d config: document telemetry options 2017-10-23 08:06:26 +02:00
Frank Schroeder
21a7d399bd
config: address review comments 2017-10-23 08:05:47 +02:00
Frank Schroeder
cf0a571a76
config: document remaining config options 2017-10-23 08:04:03 +02:00
Frank Schroeder
149ab13a13
config: document more config options 2017-10-23 08:04:03 +02:00
Frank Schroeder
a8f709a875
config: document more config options 2017-10-23 08:04:03 +02:00
Frank Schroeder
6c64cf9b5d
config: document more acl options 2017-10-23 08:04:03 +02:00
Frank Schroeder
ffb0f6ec8b
config: document config options 2017-10-23 08:04:03 +02:00
Frank Schroeder
70270d6d98
config: document acl options 2017-10-23 08:04:03 +02:00
Frank Schroeder
7f214b1e1c
config: document autopilot options 2017-10-23 08:04:03 +02:00
Frank Schroeder
cfc891fc25
config: document dns options 2017-10-23 08:04:03 +02:00
Frank Schroeder
d27617c60b
config: document http options 2017-10-23 08:04:03 +02:00
Frank Schroeder
625713dd72
config: document telemetry options 2017-10-23 08:04:03 +02:00