Commit Graph

161 Commits

Author SHA1 Message Date
Chris S. Kim 670531f828 Retry docker build steps 2022-08-08 12:22:16 -04:00
Luke Kysow 988e1fd35d
peering: default to false (#13963)
* defaulting to false because peering will be released as beta
* Ignore peering disabled error in bundles cachetype

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: freddygv <freddy@hashicorp.com>
Co-authored-by: Matt Keeler <mjkeeler7@gmail.com>
2022-08-01 15:22:36 -04:00
Chris S. Kim 8ed49ea4d0
Update envoy metrics label extraction for peered clusters and listeners (#13818)
Now that peered upstreams can generate envoy resources (#13758), we need a way to disambiguate local from peered resources in our metrics. The key difference is that datacenter and partition will be replaced with peer, since in the context of peered resources partition is ambiguous (could refer to the partition in a remote cluster or one that exists locally). The partition and datacenter of the proxy will always be that of the source service.

Regexes were updated to make emitting datacenter and partition labels mutually exclusive with peer labels.

Listener filter names were updated to better match the existing regex.

Cluster names assigned to peered upstreams were updated to be synthesized from local peer name (it previously used the externally provided primary SNI, which contained the peer name from the other side of the peering). Integration tests were updated to assert for the new peer labels.
2022-07-25 13:49:00 -04:00
Chris Thain af40b9b144
Add Consul Lambda integration tests (#13770) 2022-07-21 09:54:56 -07:00
Evan Culver 4116537b83
connect: Add support for Envoy 1.23, remove 1.19 (#13807) 2022-07-19 14:51:04 -07:00
R.B. Boyer bb4d4040fb
server: ensure peer replication can successfully use TLS over external gRPC (#13733)
Ensure that the peer stream replication rpc can successfully be used with TLS activated.

Also:

- If key material is configured for the gRPC port but HTTPS is not
  enabled now TLS will still be activated for the gRPC port.

- peerstream replication stream opened by the establishing-side will now
  ignore grpc.WithBlock so that TLS errors will bubble up instead of
  being awkwardly delayed or suppressed
2022-07-15 13:15:50 -05:00
Evan Culver d523d005d9
Latest submodule versions (#13750) 2022-07-15 09:58:21 -07:00
R.B. Boyer af04851637
peering: move peer replication to the external gRPC port (#13698)
Peer replication is intended to be between separate Consul installs and
effectively should be considered "external". This PR moves the peer
stream replication bidirectional RPC endpoint to the external gRPC
server and ensures that things continue to function.
2022-07-08 12:01:13 -05:00
R.B. Boyer 1a9c86ea8f
xds: mesh gateways now correctly load up peer-exported discovery chains using L7 protocols (#13624)
A mesh gateway will now configure the filter chains for L7 exported
services using the correct discovery chain information.
2022-06-28 14:52:25 -05:00
R.B. Boyer 7133ee38f6
test: for upgrade compatibility tests retain assigned container ip addresses on upgrade (#13615)
Use a synthetic pod construct to hold onto the IP address in the
interim.
2022-06-28 09:50:13 -05:00
Dan Upton ebf74d08fd
test: run Envoy integration tests against both servers and clients (#13610) 2022-06-28 13:15:45 +01:00
R.B. Boyer a1e911a70c
tests: ensure integration tests show logs from the containers to help debugging (#13593) 2022-06-24 10:26:17 -05:00
Dhia Ayachi 355cbfa766
update github.com/containerd/containerd to 1.5.13 (#13520) 2022-06-21 12:20:00 -04:00
Evan Culver 7f8c650d61
connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444) 2022-06-14 15:29:41 -07:00
Evan Culver ba6136eb42
connect: Update Envoy support matrix to latest patch releases (#13431) 2022-06-14 13:19:09 -07:00
R.B. Boyer 7001e1151c
peering: rename initiate to establish in the context of the APIs (#13419) 2022-06-10 11:10:46 -05:00
R.B. Boyer bba3eb8cdd
peering: mesh gateways are required for cross-peer service mesh communication (#13410)
Require use of mesh gateways in order for service mesh data plane
traffic to flow between peers.

This also adds plumbing for envoy integration tests involving peers, and
one starter peering test.
2022-06-09 11:05:18 -05:00
R.B. Boyer fbee9eda08
test: break dep on main consul module (#13373)
The main consul module is not a great library and complicates some oss/ent module issues.

This undoes #13371
2022-06-06 16:06:39 -05:00
R.B. Boyer 979b9312ca
test: use a go mod replace trick for the compat test dependency on the main repo (#13371) 2022-06-06 14:12:49 -05:00
cskh 74158a8aa2
Add isLeader metric to track if a server is a leader (#13304)
CTIA-21: sdd is_leader metric to track if a server is a leader

Co-authored-by: alex <8968914+acpana@users.noreply.github.com>
2022-06-03 13:07:37 -04:00
DanStough 817449041d chore(test): Update bats version 2022-05-24 11:56:08 -04:00
R.B. Boyer 851c8c32b4
test: fix more flakes in the compatibility test (#13145) 2022-05-19 14:05:41 -05:00
R.B. Boyer 2a4d474d28
test: cleanup and unflake parts of the upgrade compat tests (#13126) 2022-05-18 14:52:26 -05:00
Dhia Ayachi 15a6d150f9
sync changes to healthcheck tests (#12984) 2022-05-09 15:00:46 -04:00
Dhia Ayachi feda67f4d1
Create clients with specific version for integration tests (#12978)
* tidy code and add some doc strings

* add doc strings to tests

* add partitions tests, need to adapt to run in both oss and ent

* split oss and enterprise versions

* remove parallel tests

* add error

* fix queryBackend in test

* revert unneeded change

* fix failing tests
2022-05-09 14:36:49 -04:00
R.B. Boyer bd87505bf2
ci: upgrade bats and the circle machine executors to get integration tests to function again (#12918)
Bonus change: send less context when building the test-sds-server to
speed up the setup.
2022-05-03 11:21:32 -05:00
Dhia Ayachi 0f89a72e01
try to read license from env and mapped to container (#12854) 2022-04-25 11:58:29 -04:00
Dhia Ayachi 4488b6c339
Add versions compatibility tests between Consul (#12702)
* add a sample

* Consul cluster test

* add build dockerfile

* add tests to cover mixed versions tests

* use flag to pass docker image name

* remove default config and rely on flags to inject the right image to test

* add cluster abstraction

* fix imports and remove old files

* fix imports and remove old files

* fix dockerIgnore

* make a `Node interface` and encapsulate ConsulContainer

* fix a test bug where we only check the leader against a single node.

* add upgrade tests to CI

* fix yaml alignment

* fix alignment take 2

* fix flag naming

* fix image to build

* fix test run and go mod tidy

* add a debug command

* run without RYUK

* fix parallel run

* add skip reaper code

* make tempdir in local dir

* chmod the temp dir to 0777

* chmod the right dir name

* change executor to use machine instead of docker

* add docker layer caching

* remove setup docker

* add gotestsum

* install go version

* use variable for GO installed version

* add environment

* add environment in the right place

* do not disable RYUK in CI

* add service check to tests

* assertions outside routines

* add queryBackend to the api query meta.

* check if we are using the right backend  for those tests (streaming)

* change the tested endpoint to use one that have streaming.

* refactor to test multiple scenarios for streaming

* Fix dockerfile

Co-authored-by: FFMMM <FFMMM@users.noreply.github.com>

* rename Clients to clients

Co-authored-by: FFMMM <FFMMM@users.noreply.github.com>

* check if cluster have 0 node

* tidy code and add some doc strings

* use uuid instead of random string

* add doc strings to tests

* add queryBackend to the api query meta.

* add a changelog

* fix for api backend query

* add missing require

* fix q.QueryBackend

* Revert "fix q.QueryBackend"

This reverts commit cd0e5f7b1a1730e191673d624f8e89b591871c05.

* fix circle ci config

* tidy go mod after merging main

* rename package and fix test scenario

* update go download url

* address review comments

* rename flag in CI

* add readme to the upgrade tests

* fix golang download url

* fix golang arch downloaded

* fix AddNodes to handle an empty cluster case

* use `parseBool`

* rename circle job and add comment

* update testcontainer to 0.13

* fix circle ci config

* remove build docker file and use `make dev-docker` instead

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* fix a typo

Co-authored-by: FFMMM <FFMMM@users.noreply.github.com>
Co-authored-by: Dan Upton <daniel@floppy.co>
2022-04-25 10:41:36 -04:00
Evan Culver 000d0621b4
connect: Add Envoy 1.22 to integration tests, remove Envoy 1.18 (#12805)
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-04-18 09:36:07 -07:00
Evan Culver 881e17fae1
connect: Add Envoy 1.21.1 to support matrix, remove 1.17.4 (#12777) 2022-04-14 10:44:42 -07:00
R.B. Boyer 231e5b61e7
test: use docker buildkit backend for envoy integration tests (#12726) 2022-04-11 10:49:44 -05:00
R.B. Boyer d06183ba7f
syncing changes back from enterprise (#12701) 2022-04-05 15:46:56 -05:00
Evan Culver 522676ed8d
connect: Update supported Envoy versions to include 1.19.3 and 1.18.6 2022-02-24 16:59:33 -08:00
Evan Culver b95f010ac0
connect: Upgrade Envoy 1.20 to 1.20.2 (#12443) 2022-02-24 16:19:39 -08:00
Evan Culver e35dd08a63
connect: Upgrade Envoy 1.20 to 1.20.1 (#11895) 2022-01-18 14:35:27 -05:00
Chris S. Kim 7d1899d907
Fix integration test with updated file perms (#11916) 2021-12-23 19:00:02 -05:00
freddygv 5c1f7aa372 Allow cross-partition references in disco chain
* Add partition fields to targets like service route destinations
* Update validation to prevent cross-DC + cross-partition references
* Handle partitions when reading config entries for disco chain
* Encode partition in compiled targets
2021-12-06 12:32:19 -07:00
freddygv 129d54d060 Fix integ test 2021-12-03 17:02:57 -07:00
R.B. Boyer 1e02460bd1
re-run gofmt on 1.17 (#11579)
This should let freshly recompiled golangci-lint binaries using Go 1.17
pass 'make lint'
2021-11-16 12:04:01 -06:00
freddygv cc19f09f92 Add cross-partition integration test 2021-11-12 14:45:50 -07:00
freddygv d6c26ea598 Bump retry time for cross-DC RPC
The secondary DC now takes longer to populate the MGW snapshot because
it needs to wait for the secondary CA to be initialized before it can
receive roots and generate xDS config.

Previously MGWs could receive empty roots before the CA was
initialized. This wasn't necessarily a problem since the cluster ID in
the trust domain isn't verified.
2021-11-10 12:00:00 -07:00
Evan Culver 61be9371f5
connect: Remove support for Envoy 1.16 (#11354) 2021-10-27 18:51:35 -07:00
Evan Culver bec08f4ec3
connect: Add support for Envoy 1.20 (#11277) 2021-10-27 18:38:10 -07:00
R.B. Boyer c5b7e2a759
test: pin the version of bats to one that works on CircleCI (#11401) 2021-10-22 17:06:25 -05:00
R.B. Boyer 3b6eeced50
test: remove some envoy integ test warnings (#11369)
We launch one container as part of the test with --pid=host but
apparently within that container it launches a copy of "tini" as a
process supervisor that prefers to be PID 1.

Because it's not PID 1 it logs a warning message about this to the envoy
integration test logs that can lead to thinking somehow that a test
failure is related when in fact it's completely unrelated.

Adding this environment variable avoids the warning.
2021-10-20 15:50:45 -05:00
Evan Culver 585d9363ed
Merge branch 'main' into eculver/envoy-1.19.1 2021-09-28 11:54:33 -07:00
Paul Banks e0efb420f7 Add Envoy integration test for split-route SDS case 2021-09-23 10:17:03 +01:00
Paul Banks ab27214a10 Minor improvements to SDS server from review 2021-09-23 10:13:41 +01:00
Paul Banks 2b755d7b3f Allow skipping v2 compat tests for SDS as it's only the SDS server integration that doesn't support v2 2021-09-23 10:12:37 +01:00
Paul Banks e01c3585a5 Fix integration tests in CI - serve SDS certs from the Docker image not a mounted path 2021-09-23 10:12:37 +01:00