Mitchell Hashimoto
0e8c0b7b48
agent/proxy: implement snapshotting for daemons
2018-06-14 09:42:11 -07:00
Mitchell Hashimoto
b7580f4fad
agent/proxy: manager configures the daemon pid path to write pids
2018-06-14 09:42:11 -07:00
Mitchell Hashimoto
1e7f253b53
agent/proxy: write pid file whenever the daemon process changes
2018-06-14 09:42:11 -07:00
Mitchell Hashimoto
09dcb0be98
agent/proxy: change LogDir to DataDir to reuse for other things
2018-06-14 09:42:11 -07:00
Mitchell Hashimoto
5e6bd8291c
agent/proxy: make the logs test a bit more robust by waiting for file
2018-06-14 09:42:11 -07:00
Mitchell Hashimoto
d00ff7cb58
agent/proxy: don't create the directory in newProxy
2018-06-14 09:42:11 -07:00
Mitchell Hashimoto
6cdacd1fd9
agent/proxy: send logs to the correct location for daemon proxies
2018-06-14 09:42:10 -07:00
Mitchell Hashimoto
ba00fa3548
agent: add additional tests for defaulting in AddProxy
2018-06-14 09:42:10 -07:00
Mitchell Hashimoto
171bf8d599
agent: clean up defaulting of proxy configuration
...
This cleans up and unifies how proxy settings defaults are applied.
2018-06-14 09:42:10 -07:00
Mitchell Hashimoto
6031c58ef9
Remove temporary hacks from Makefile
2018-06-14 09:42:10 -07:00
Mitchell Hashimoto
3d3eee2f6e
agent: resolve some conflicts and fix tests
2018-06-14 09:42:10 -07:00
Mitchell Hashimoto
d9bd4ffebd
agent/local: clarify the non-risk of a full buffer
2018-06-14 09:42:10 -07:00
Mitchell Hashimoto
437689e83c
agent/local: remove outdated comment
2018-06-14 09:42:10 -07:00
Mitchell Hashimoto
6ae95d754c
agent: use os.Executable
2018-06-14 09:42:09 -07:00
Mitchell Hashimoto
39974df52a
agent/proxy: local state event coalescing
2018-06-14 09:42:09 -07:00
Mitchell Hashimoto
b0f377b519
agent/proxy: implement force kill of unresponsive proxy process
2018-06-14 09:42:09 -07:00
Mitchell Hashimoto
6539280f2a
agent: fix crash that could happen if proxy was nil on load
2018-06-14 09:42:09 -07:00
Mitchell Hashimoto
420edc4c1e
agent/proxy: pull exit status extraction to constrained file
2018-06-14 09:42:09 -07:00
Mitchell Hashimoto
1a2b28602c
agent: start proxy manager
2018-06-14 09:42:09 -07:00
Mitchell Hashimoto
7879e1d2ef
agent/proxy: detect config change to stop/start proxies
2018-06-14 09:42:09 -07:00
Mitchell Hashimoto
2d60684a8b
agent/proxy: test removing proxies and stopping them
2018-06-14 09:42:08 -07:00
Mitchell Hashimoto
fcd2ab2338
agent/proxy: manager and basic tests, not great coverage yet coming soon
2018-06-14 09:42:08 -07:00
Mitchell Hashimoto
2bd39a84a6
agent/local: add Notify mechanism for proxy changes
2018-06-14 09:42:08 -07:00
Mitchell Hashimoto
476ea7b04a
agent: start/stop proxies
2018-06-14 09:42:08 -07:00
Mitchell Hashimoto
fbfc6fce66
agent/proxy: clean up usage, can't be restarted
2018-06-14 09:42:08 -07:00
Mitchell Hashimoto
aaa2431350
agent: change connect command paths to be slices, not strings
...
This matches other executable configuration and allows us to cleanly
separate executable from arguments without trying to emulate shell
parsing.
2018-06-14 09:42:08 -07:00
Mitchell Hashimoto
7355a614fe
agent/local: store proxy on local state, wip, not working yet
2018-06-14 09:42:08 -07:00
Mitchell Hashimoto
ffd284de36
agent/proxy: exponential backoff on restarts
2018-06-14 09:42:07 -07:00
Mitchell Hashimoto
aa08a4cb46
agent/proxy: Daemon works, tests cover it too
2018-06-14 09:42:07 -07:00
Mitchell Hashimoto
e14fa850d8
wip
2018-06-14 09:42:07 -07:00
Paul Banks
e0e12e165b
TLS watching integrated into Service with some basic tests.
...
There are also a lot of small bug fixes found when testing lots of things end-to-end for the first time and some cleanup now it's integrated with real CA code.
2018-06-14 09:42:07 -07:00
Paul Banks
90c574ebaa
Wire up agent leaf endpoint to cache framework to support blocking.
2018-06-14 09:42:07 -07:00
Paul Banks
d1f4ad3d8a
Fix build error introduced in bad merge of TLS stuff
2018-06-14 09:42:07 -07:00
Paul Banks
67af5c740b
Add TODO for false-sharing
2018-06-14 09:42:07 -07:00
Paul Banks
e112386426
Add support for measuring tx/rx packets through proxied connections.
2018-06-14 09:42:06 -07:00
Kyle Havlovitz
a4d18f0eaa
Fill out connect CA rpc endpoint tests
2018-06-14 09:42:06 -07:00
Kyle Havlovitz
b081c34255
Fix config tests
2018-06-14 09:42:06 -07:00
Kyle Havlovitz
cce7f1cca1
Add tests for the built in CA's state store table
2018-06-14 09:42:06 -07:00
Kyle Havlovitz
15fbc2fd97
Add more tests for built-in provider
2018-06-14 09:42:06 -07:00
Kyle Havlovitz
edcfdb37af
Fix some inconsistencies around the CA provider code
2018-06-14 09:42:06 -07:00
Paul Banks
1b197d934a
Don't allow connect watches in agent/cli yet
2018-06-14 09:42:06 -07:00
Paul Banks
946e872f2f
Fix tests and listeners to work with Config changes (splitting host and port fields)
2018-06-14 09:42:05 -07:00
Paul Banks
e8c510332c
Support legacy watch.HandlerFunc type for backward compat reduces impact of change
2018-06-14 09:42:05 -07:00
Paul Banks
ab3df3d4a6
Working proxy config reload tests
2018-06-14 09:42:05 -07:00
Paul Banks
cd88b2a351
Basic `watch` support for connect proxy config and certificate endpoints.
...
- Includes some bug fixes for previous `api` work and `agent` that weren't tested
- Needed somewhat pervasive changes to support hash based blocking - some TODOs left in our watch toolchain that will explicitly fail on hash-based watches.
- Integration into `connect` is partially done here but still WIP
2018-06-14 09:42:05 -07:00
Paul Banks
5310561c11
Refactor reloadableTLSConfig and verifyier shenanigans into simpler dynamicTLSConfig
2018-06-14 09:42:05 -07:00
Paul Banks
e00ca9a7b7
Connect verification and AuthZ
2018-06-14 09:42:05 -07:00
Kyle Havlovitz
daa8dd1779
Add CA config to connect section of agent config
2018-06-14 09:42:05 -07:00
Kyle Havlovitz
32d1eae28b
Move ConsulCAProviderConfig into structs package
2018-06-14 09:42:04 -07:00
Kyle Havlovitz
315b8bf594
Simplify the CAProvider.Sign method
2018-06-14 09:42:04 -07:00