12279 Commits

Author SHA1 Message Date
Derek Strickland
2bf85fae62
Added link to Secure Consul on K8S Tutorial (#8402) 2020-08-14 14:27:34 -04:00
Mike Morris
ac6415f0a8
changelog: update for 1.8.3, 1.7.7 and 1.6.8 (#8508)
* Update CHANGELOG.md

* changelog: update for 1.8.3, 1.7.7 and 1.6.8

Co-authored-by: Sarah Christoff <schristoff@hashicorp.com>
2020-08-13 20:03:58 -04:00
Iryna Shustava
7f8e723dc2
docs: add docs to use Connect CA providers with Helm (#8464) 2020-08-13 14:29:59 -07:00
Derek Strickland
930d7d3158
Learn/link updates derek (#8487)
* Updated Learn url paths.

Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
2020-08-13 17:02:44 -04:00
Iryna Shustava
cd3d6adbf4
docs: consul on k8s doesn't support external servers requiring mTLS (#8484) 2020-08-13 12:04:34 -07:00
Daniel Nephin
2ed33089aa
Merge pull request #8473 from hashicorp/dnephin/unmethod-consul-config
agent: convert consulConfig method to a function
2020-08-13 12:35:44 -04:00
Daniel Nephin
399c77dfb6 agent: rename vars in newConsulConfig
'base' is a bit misleading, since it is the return value. Renamed to cfg.
2020-08-13 11:58:21 -04:00
Daniel Nephin
7b5b170a0d agent: Move setupKeyring functions to keyring.go
There are a couple reasons for this change:

1. agent.go is way too big. Smaller files makes code eaasier to read
   because tools that show usage also include filename which can give
   a lot more context to someone trying to understand which functions
   call other functions.
2. these two functions call into a large number of functions already in
   keyring.go.
2020-08-13 11:58:21 -04:00
Daniel Nephin
9919e5dfa5 agent: unmethod consulConfig
To allow us to move newConsulConfig out of Agent.
2020-08-13 11:58:21 -04:00
Daniel Nephin
1f7dab07d6
Merge pull request #8482 from hashicorp/dnephin/more-state-store-unmethod
state: remove unused Store method receiver
2020-08-13 11:56:44 -04:00
Daniel Nephin
8f596f5551 Fix conflict in merged PRs
One PR renamed the var from config->cfg, and another used the old name config, which caused the
build to fail on master.
2020-08-13 11:28:26 -04:00
Daniel Nephin
d677706625 state: remove unused Store method receiver
And use ReadTxn interface where appropriate.
2020-08-13 11:25:22 -04:00
Daniel Nephin
190fcc14a3
Merge pull request #8463 from hashicorp/dnephin/unmethod-make-node-id
agent: convert NodeID methods to functions
2020-08-13 11:18:11 -04:00
Daniel Nephin
912aae8624
Merge pull request #8461 from hashicorp/dnephin/remove-notify-shutdown
agent/consul: Remove NotifyShutdown
2020-08-13 11:16:48 -04:00
Daniel Nephin
5b37efd91b
Merge pull request #8365 from hashicorp/dnephin/fix-service-by-node-meta-flake
state: speed up tests that use watchLimit
2020-08-13 11:16:12 -04:00
Hans Hasselberg
b86c018a19
Link issue in note template (#8502)
Issue and PR numbers do not overlap, they are based of the same counter.
A PR can be also linked to via issues, if it is a PR, Github will
redirect to it.
This change has the benefit that one can link to both - issues and PRs.
2020-08-13 10:22:56 +02:00
Luke Kysow
7e5253bf04
Update k8s sync docs (#8452)
* Update k8s sync docs

- remove docs that said for nodeport service we register each instance
on a node with its same node name. We instead register each instance
onto the k8s-sync node
- add docs describing which ports and ips are used
2020-08-12 16:34:55 -07:00
Luke Kysow
0f99b63fc8
Document k8s sidecar resource annotations (#8455) 2020-08-12 16:34:17 -07:00
s-christoff
27a6871434
Update version.js to 1.8.3 (#8505) 2020-08-12 17:35:54 -05:00
Daniel Nephin
3c523eee9e
Merge pull request #8500 from hashicorp/dnephin/auto-config-loader
auto-config: reduce awareness of config
2020-08-12 18:14:09 -04:00
s-christoff
7301d473ad
Update CHANGELOG.md 2020-08-12 14:47:19 -05:00
Daniel Nephin
37eacf8192 auto-config: reduce awareness of config
This is a small step to allowing Agent to accept its dependencies
instead of creating them in New.

There were two fields in autoconfig.Config that were used exclusively
to load config. These were replaced with a single function, allowing us
to move LoadConfig back to the config package.

Also removed the WithX functions for building a Config. Since these were
simple assignment, it appeared we were not getting much value from them.
2020-08-12 13:23:23 -04:00
Daniel Nephin
e07554500e Remove check that hostID is a uuid.
Immediately afterward we hash the ID, so it does not need to be a uuid anymore.
2020-08-12 13:05:10 -04:00
Daniel Nephin
875d8bde42 agent: convert NodeID methods to functions
Making these functions allows us to cleanup how an agent is initialized. They only make use of a config and a logger, so they do not need to be agent methods.

Also cleanup the testing to use t.Run and require.
2020-08-12 13:05:10 -04:00
Daniel Nephin
0738eb8596 Extract nodeID functions to a different file
In preparation for turning them into functions.
To reduce the scope of Agent, and refactor how Agent is created and started.
2020-08-12 13:05:10 -04:00
R.B. Boyer
839ca03b7c update changelog snippet 2020-08-12 11:21:54 -05:00
R.B. Boyer
e3cd4a8539
connect: use stronger validation that ingress gateways have compatible protocols defined for their upstreams (#8470)
Fixes #8466

Since Consul 1.8.0 there was a bug in how ingress gateway protocol
compatibility was enforced. At the point in time that an ingress-gateway
config entry was modified the discovery chain for each upstream was
checked to ensure the ingress gateway protocol matched. Unfortunately
future modifications of other config entries were not validated against
existing ingress-gateway definitions, such as:

1. create tcp ingress-gateway pointing to 'api' (ok)
2. create service-defaults for 'api' setting protocol=http (worked, but not ok)
3. create service-splitter or service-router for 'api' (worked, but caused an agent panic)

If you were to do these in a different order, it would fail without a
crash:

1. create service-defaults for 'api' setting protocol=http (ok)
2. create service-splitter or service-router for 'api' (ok)
3. create tcp ingress-gateway pointing to 'api' (fail with message about
   protocol mismatch)

This PR introduces the missing validation. The two new behaviors are:

1. create tcp ingress-gateway pointing to 'api' (ok)
2. (NEW) create service-defaults for 'api' setting protocol=http ("ok" for back compat)
3. (NEW) create service-splitter or service-router for 'api' (fail with
   message about protocol mismatch)

In consideration for any existing users that may be inadvertently be
falling into item (2) above, that is now officiall a valid configuration
to be in. For anyone falling into item (3) above while you cannot use
the API to manufacture that scenario anymore, anyone that has old (now
bad) data will still be able to have the agent use them just enough to
generate a new agent/proxycfg error message rather than a panic.
Unfortunately we just don't have enough information to properly fix the
config entries.
2020-08-12 11:19:20 -05:00
Freddy
d72f72dcd5
Notify alias checks when aliased service is [de]registered (#8456) 2020-08-12 09:47:41 -06:00
Daniel Nephin
3d96c5b651
Merge pull request #8469 from hashicorp/dnephin/config-source
config: make Source an interface to avoid the marshal/unmarshal cycle in auto-config
2020-08-12 11:17:15 -04:00
Mike Morris
ebc9b27cfa
ci: bump Go to v1.14.7 (#8449) 2020-08-12 10:43:19 -04:00
Hans Hasselberg
aacf0fd777
Merge pull request #8471 from hashicorp/local_only
thread local-only through the layers
2020-08-12 08:54:51 +02:00
Freddy
875816d0d3
Internal endpoint to query intentions associated with a gateway (#8400) 2020-08-11 17:20:41 -06:00
Iryna Shustava
ed0fa4b3b1
docs: update helm chart ref (#8483)
No longer require servers to be running on k8s when
manageSystemACLs is true
2020-08-11 14:39:44 -07:00
Daniel Nephin
36202a12dd
Merge pull request #8453 from hashicorp/dnephin/fix-test-server-timeout
sdk: mitigate api test timeout
2020-08-11 16:48:29 -04:00
Kyle Havlovitz
635952681e Fix a state store comment about version 2020-08-11 13:46:12 -07:00
Kyle Havlovitz
9bc9d3014d
Merge pull request #8474 from hashicorp/snapshot-index-fix
fsm: Fix snapshot bug with restoring node/service/check indexes
2020-08-11 12:35:08 -07:00
Kyle Havlovitz
c39a275666 fsm: Fix snapshot bug with restoring node/service/check indexes 2020-08-11 11:49:52 -07:00
Freddy
58a2788578
Update CHANGELOG.md 2020-08-11 12:15:53 -06:00
John Cowen
43ec04f073
ui: Reduce reconnection attempts on disconnection (#8481)
* ui: Reduce reconnection attempts on disconnection

The UI will attempt to reconnect/retry a blocking query to Consul after
a disconnection in certain circumstances.

1. On receipt of a 5xx error (used for keeping blocking queries running
through reverse proxies that have lowertimeouts than consul itself)
2. When a user switches to a different tab and back again)
3. When the connection to Consul is dropped entirely (when Consul itself
has exited)

In the last case the retry attempts where not using a 3 second interval
between attempts like the first case is.

This commit changes the last case to use the same 3 second pause as the
last case.
2020-08-11 18:47:15 +01:00
John Cowen
a686de0414
ui: Add Optgroups and selectedItems to multiple select dropdown and use (#8476)
* ui: Switch selects to use more HTML-like approach for optgroups

* Add KV comparator

* Use new option/optgroup approach for sort/select

* Fix up tests for new order of menu items
2020-08-11 18:02:51 +01:00
John Cowen
7f711bb68f
ui: Passthrough any error from a route:application refresh (#8480) 2020-08-11 17:57:22 +01:00
Kenia
2d30d864ce
ui: Add unique slug key id to proxy (#8479) 2020-08-11 12:53:45 -04:00
s-christoff
102b7e55da
Update Go-Metrics 0.3.4 (#8478) 2020-08-11 11:17:43 -05:00
Daniel Nephin
fe2f80c3a1 Use SIGABRT to get a stack trace when the timeout is hit 2020-08-11 12:12:55 -04:00
Hans Hasselberg
aff02198d7 Refactor keyring ops:
* changes some functions to return data instead of modifying pointer
  arguments
* renames globalRPC() to keyringRPCs() to make its purpose more clear
* restructures KeyringOperation() to make it more understandable
2020-08-11 13:42:03 +02:00
Hans Hasselberg
07261db64d thread local-only through the layers
$ consul keyring -list -local-only
==> Gathering installed encryption keys...

dc1 (LAN):
  aUlAW4ST3+vwseI61so24CoORkyjZofcmHk+j7QPSYQ= [1/1]
2020-08-11 13:41:53 +02:00
Daniel Nephin
4297a8ba07 auto-config: Avoid the marshal/unmarshal cycle in auto-config
Use a LiteralConfig and return a config.Config from translate.
2020-08-10 20:07:52 -04:00
Daniel Nephin
38980ebb4c config: Make Source an interface
This will allow us to accept config from auto-config without needing to
go through a serialziation cycle.
2020-08-10 12:46:28 -04:00
John Cowen
8bea00d974
ui: Dropdown/select improvements (#8468)
* ui: Better org of split-button/sort-button ready for design change

* ui: Improve keyboard accessibility of dropdown menu
2020-08-10 16:00:05 +01:00
Kenia
31bcf71d63
ui: Add sorting to namespaces (#8405)
* Add sorting to namespaces

* Add sorting to namespaces

* ui: Fix up default namespace no delete test (#8467)

Co-authored-by: John Cowen <johncowen@users.noreply.github.com>
2020-08-10 10:54:51 -04:00