Commit Graph

19700 Commits

Author SHA1 Message Date
sarahalsmiller 436160e155
Added check for empty peeringsni in restrictPeeringEndpoints (#15239)
Add check for empty peeringSNI in restrictPeeringEndpoints

Co-authored-by: Derek Menteer <derek.menteer@hashicorp.com>
2022-11-02 17:20:52 -05:00
cskh 94d232ab1e
integ test: reduce flakiness due to compound output from retry (#15233)
* integ test: avoid flakiness due to compound output from retry

* changelog
2022-11-02 14:08:17 -04:00
Derek Menteer bd1019fadb
Prevent peering acceptor from subscribing to addr updates. (#15214) 2022-11-02 07:55:41 -05:00
Dan Stough 05e93f7569
test: refactor testcontainers and add peering integ tests (#15084) 2022-11-01 15:03:23 -04:00
Derek Menteer cf114d029f
Regenerate test certificates. (#15218)
Regenerate test certificates
2022-11-01 10:51:13 -05:00
Nathan Coleman 2f005f2086
Update required Helm chart version to match APIGW release notes (#15168) 2022-10-31 16:31:10 -04:00
Derek Menteer fa5d87c116 Decrease retry time for failed peering connections. 2022-10-31 14:30:27 -05:00
R.B. Boyer 97b9fcbf48
test: fix flaky TestSubscribeBackend_IntegrationWithServer_DeliversAllMessages test (#15195)
Allow for some message duplication in subscription events during assertions.

I'm pretty sure the subscriptions machinery allows for messages to occasionally
be duplicated instead of dropping them, as a once-and-only-once queue is a pipe
dream and you have to pick one of the other two options.
2022-10-31 12:10:43 -05:00
Evan Culver 62d4517f9e
connect: Add Envoy 1.24 to integration tests, remove Envoy 1.20 (#15093) 2022-10-31 10:50:45 -05:00
Derek Menteer 693c8a4706 Allow peering endpoints to bypass verify_incoming. 2022-10-31 09:56:30 -05:00
Derek Menteer 2d4b62be3c Add tests. 2022-10-31 08:45:00 -05:00
Derek Menteer 1483c94531 Fix peered service protocols using proxy-defaults. 2022-10-31 08:45:00 -05:00
R.B. Boyer 218eb3e1ea
build: ensure 'make dev-docker' also produces a matching CLI binary at the same time (#15188) 2022-10-28 15:21:05 -05:00
Nathan Coleman 87581a223f
Merge pull request #15187 from hashicorp/nathancoleman-patch-1
Fix broken link in Consul API Gateway docs
2022-10-28 15:35:29 -04:00
Nathan Coleman 5d73fda1f4
Fix broken link in Consul API Gateway docs 2022-10-28 15:01:38 -04:00
R.B. Boyer 25ce082d8f
build: ensure 'make dev-docker' updates consul-dev:latest too (#15176)
Fixes a minor regression from #14222
2022-10-28 10:27:24 -05:00
Eric Haberkorn cf50bdbe20
Fix peering metrics bug (#15178)
This bug was caused by the peering health metric being set to NaN.
2022-10-28 10:51:12 -04:00
Tyler Wendlandt c55ec2823b
Merge pull request #15153 from hashicorp/ui/chore/update-icons-to-use-flight-icons-component
ui: update icons to use flight icons component
2022-10-27 15:21:56 -06:00
wenincode f1ce34836f Replace main consul logo with FlightIcon 2022-10-27 14:28:10 -06:00
wenincode 2dd31ff96f Format index template 2022-10-27 14:23:41 -06:00
Michael Klein 67905f8348
Merge pull request #15159 from hashicorp/ui/fix-peered-service-not-unique-based-on-peer
ui: Fix PeerName is part of service uniqueness
2022-10-27 20:26:50 +02:00
Michael Klein 288bb16cd5
Merge pull request #15158 from hashicorp/ui/improve-layout-address-list-peer-detail
ui: Improve layout address list peer detail
2022-10-27 20:26:30 +02:00
Chris S. Kim 0e176dd6aa
Allow consul debug on non-ACL consul servers (#15155) 2022-10-27 09:25:18 -04:00
wenincode 46ba6174d5 Format intentions table hbs template 2022-10-26 11:46:35 -06:00
wenincode 4dbb1e16f4 Replace k8s informed action with flight icon 2022-10-26 11:07:42 -06:00
cskh a9427e1310
fix(peering): nil pointer in calling handleUpdateService (#15160)
* fix(peering): nil pointer in calling handleUpdateService

* changelog
2022-10-26 11:50:34 -04:00
Michael Klein 033694e6a3 Fix PeerName is part of service uniqueness
We need to make a PeerName part of a the service id when present.

This makes sure that peers can export services named
the same as other peers but have the UI still treat them
as separate services.
2022-10-26 17:34:45 +02:00
Michael Klein e5130be812
Merge pull request #15156 from hashicorp/ui/peer-create-redirect-to-show
ui: peer create redirect to show
2022-10-26 17:16:28 +02:00
wenincode c1800b9187 Remove consul logo icons 2022-10-26 08:57:43 -06:00
wenincode cbc150f7bf Update iconography documentation 2022-10-26 08:57:31 -06:00
Michael Klein ca0dbe2052 Improve layout address list peer detail 2022-10-26 16:17:05 +02:00
Michael Klein 41e50a0f8d
Merge pull request #15148 from hashicorp/ui/update-hds-usage-best-practices
UI: update hds usage to hds best practices
2022-10-26 16:10:05 +02:00
wenincode 6a4cd42a2b Remove shadow-template/host and related components 2022-10-26 08:07:35 -06:00
wenincode b34244c62d Remove template log 2022-10-26 06:43:57 -06:00
Michael Klein 3ba50bd5a3 Redirect to peers.show after establishing peering 2022-10-26 11:15:57 +02:00
Michael Klein 63a2d5a1f5 Prettify peers.index template 2022-10-26 11:15:06 +02:00
Michael Klein 44c7614b3b prettify peer/initiate form 2022-10-26 10:11:41 +02:00
wenincode f96b45b9f0 Add back logo-consul-color 2022-10-25 14:13:12 -06:00
wenincode ee9481d3aa Remove some icons 2022-10-25 14:02:38 -06:00
Eric Haberkorn 1bdad89026
fix bug that resulted in generating Envoy configs that use CDS with an EDS configuration (#15140) 2022-10-25 14:49:57 -04:00
wenincode 9eb97b29f9 Use FlightIcon component for k8s type select in authmethods 2022-10-25 12:01:09 -06:00
Luke Kysow d3aa2bd9c5
ingress-gateways: don't log error when registering gateway (#15001)
* ingress-gateways: don't log error when registering gateway

Previously, when an ingress gateway was registered without a
corresponding ingress gateway config entry, an error was logged
because the watch on the config entry returned a nil result.
This is expected so don't log an error.
2022-10-25 10:55:44 -07:00
Luke Kysow fbd47e1161
config entry: hardcode proxy-defaults name as global (#14833)
* config entry: hardcode proxy-defaults name as global

proxy-defaults can only have the name global. Because of this,
we support not even setting the name in the config file:

```
kind = "proxy-defaults"
```

Previously, writing this would result in the output:

```
Config entry written: proxy-defaults/
```

Now it will output:

```
Config entry written: proxy-defaults/global
```

This change follows what was done for the new Mesh config entry.
2022-10-25 10:55:15 -07:00
wenincode 64904d35da Format auth method search bar template 2022-10-25 11:55:09 -06:00
wenincode 59936ae661 Set the color to black for vault 2022-10-25 11:44:27 -06:00
Luke Kysow 9999672fd7
autoencrypt: helpful error for clients with wrong dc (#14832)
* autoencrypt: helpful error for clients with wrong dc

If clients have set a different datacenter than the servers they're
connecting with for autoencrypt, give a helpful error message.
2022-10-25 10:13:41 -07:00
wenincode 4d47dd78e7 Share code with new icons for sources select 2022-10-25 11:12:15 -06:00
Michael Klein 0c2903a730 Update hds-docs with custom utility class 2022-10-25 18:40:36 +02:00
R.B. Boyer 3c44116a8f
cache: refactor agent cache fetching to prevent unnecessary fetches on error (#14956)
This continues the work done in #14908 where a crude solution to prevent a
goroutine leak was implemented. The former code would launch a perpetual
goroutine family every iteration (+1 +1) and the fixed code simply caused a
new goroutine family to first cancel the prior one to prevent the
leak (-1 +1 == 0).

This PR refactors this code completely to:

- make it more understandable
- remove the recursion-via-goroutine strangeness
- prevent unnecessary RPC fetches when the prior one has errored.

The core issue arose from a conflation of the entry.Fetching field to mean:

- there is an RPC (blocking query) in flight right now
- there is a goroutine running to manage the RPC fetch retry loop

The problem is that the goroutine-leak-avoidance check would treat
Fetching like (2), but within the body of a goroutine it would flip that
boolean back to false before the retry sleep. This would cause a new
chain of goroutines to launch which #14908 would correct crudely.

The refactored code uses a plain for-loop and changes the semantics
to track state for "is there a goroutine associated with this cache entry"
instead of the former.

We use a uint64 unique identity per goroutine instead of a boolean so
that any orphaned goroutines can tell when they've been replaced when
the expiry loop deletes a cache entry while the goroutine is still running
and is later replaced.
2022-10-25 10:27:26 -05:00
wenincode 19e99f0188 Update icon-map to work for auth methods 2022-10-25 07:14:55 -06:00