12005 Commits

Author SHA1 Message Date
Matt Keeler
4fb535ba48
Pass the Config and TLS Configurator into the AutoConfig constructor
This is instead of having the AutoConfigBackend interface provide functions for retrieving them.

NOTE: the config is not reloadable. For now this is fine as we don’t look at any reloadable fields. If that changes then we should provide a way to make it reloadable.
2020-07-08 12:36:11 -04:00
Matt Keeler
f2f32735ce
Rename (*Server).forward to (*Server).ForwardRPC
Also get rid of the preexisting shim in server.go that existed before to have this name just call the unexported one.
2020-07-08 11:05:44 -04:00
Matt Keeler
d2e4869c7c
Refactor AutoConfig RPC to not have a direct dependency on the Server type
Instead it has an interface which can be mocked for better unit testing that is deterministic and not prone to flakiness.
2020-07-08 11:05:44 -04:00
John Cowen
b5b9c8d953
ui: Remove jQuery from the production build (#8088)
* ui: Split up client/http and replace $.ajax

This splits the client/http service more in the following ways:

1. Connections are now split out into its own service
2. The transport is now split out into its own service that returns a
listener based http transport
3. Various string parsing/stringifying functions are now split out into
utils

* Remove jQuery from our production build

* Move the coverage serving to the server.js file

* Self review amends

* Add X-Requested-With header

* Move some files around, externalize some functions

* Move connection tracking to use native Set

* Ensure HTTP parsing doesn't encode headers

In the future this will change to deal with all HTTP parsing in one
place, hence the commented out METHOD_PARSING etc

* Start to fix up integration tests to use requestParams
2020-07-07 19:58:46 +01:00
John Cowen
22e4e0ac12
ui: Re-adds gray backgrounds to old style %pills (#8251) 2020-07-07 19:03:15 +01:00
Chris Piraino
490ee77535
Update CHANGELOG.md 2020-07-07 10:45:25 -05:00
Chris Piraino
735337b170
Append port number to ingress host domain (#8190)
A port can be sent in the Host header as defined in the HTTP RFC, so we
take any hosts that we want to match traffic to and also add another
host with the listener port added.

Also fix an issue with envoy integration tests not running the
case-ingress-gateway-tls test.
2020-07-07 10:43:04 -05:00
Jeff Escalante
74350bb5c3 learn -> tutorials in subnav 2020-07-06 18:44:30 -04:00
Seth Hoenig
a93e44f20c
docs: fix link to connect authorize endpoint (#8248)
/docs/connect/intentions has a broken link presumably meant
to go to /api-docs/agent/connect#authorize

This PR fixes the link.
2020-07-06 16:16:09 -05:00
Blake Covarrubias
59b4a4d836 Update URLs for gateway docs
PRs #7610 and #7962 changed the locations/URLs for the gateway docs
which results in a HTTP 404 Not Found being returned when accessing
the previous URLs.

Update URLs for gateway docs to point to new URLs.

PR #8243 adds corresponding redirects on consul.io.
2020-07-06 11:34:22 -07:00
Kevin Pruett
2d1686c7a1 Append redirects 2020-07-06 09:39:37 -07:00
Kevin Pruett
52d05480c8
Merge pull request #8242 from hashicorp/pruett.ci-fixup
Update Algolia CI script
2020-07-06 11:22:54 -04:00
Kevin Pruett
2abe9b2f50
Update Algolia CI script 2020-07-06 10:09:48 -04:00
Daniel Nephin
a7f69b615a
Merge pull request #8215 from hashicorp/dnephin/support-not-modified-response-server
agent/consul: Add support for NotModified to two endpoints
2020-07-03 16:15:31 -04:00
Pierre Souchay
20d1ea7d2d
Upgrade go-connlimit to v0.3.0 / return http 429 on too many connections (#8221)
Fixes #7527

I want to highlight this and explain what I think the implications are and make sure we are aware:

* `HTTPConnStateFunc` closes the connection when it is beyond the limit. `Close` does not block.
* `HTTPConnStateFuncWithDefault429Handler(10 * time.Millisecond)` blocks until the following is done (worst case):
  1) `conn.SetDeadline(10*time.Millisecond)` so that
  2) `conn.Write(429error)` is guaranteed to timeout after 10ms, so that the http 429 can be written and 
  3) `conn.Close` can happen

The implication of this change is that accepting any new connection is worst case delayed by 10ms. But only after a client reached the limit already.
2020-07-03 09:25:07 +02:00
Daniel Nephin
5d36f98710 agent/consul: Add support for NotModified to two endpoints
A query made with AllowNotModifiedResponse and a MinIndex, where the
result has the same Index as MinIndex, will return an empty response
with QueryMeta.NotModified set to true.

Co-authored-by: Pierre Souchay <pierresouchay@users.noreply.github.com>
2020-07-02 17:05:46 -04:00
Jono Sosulska
0cd4178a4c
Fix typos on commandline flags, updated config opts (#8227)
* Fix typos on commandline flags, updated config opts

- Added anchors to https://github.com/hashicorp/consul/pull/8223
- Fix Typos

Updated to include config file options as well as CLI.
2020-07-02 16:13:11 -04:00
Jeff Escalante
9f5624a1a6 remove unneeded mdx provider option 2020-07-02 14:22:29 -04:00
Jeff Escalante
7f5a1223f6 drop out unused font 2020-07-02 14:22:29 -04:00
Jeff Escalante
bcca066d80 generate readme 2020-07-02 14:22:29 -04:00
Jeff Escalante
b449d7ab5d update dependencies, fapply upgrades, fix breaking changes 2020-07-02 14:22:29 -04:00
Blake Covarrubias
08c92ba880
docs: Fix formatting issues on built-in proxy page (#8005)
Fix markdown formatting and display issues on built-in proxy page.
2020-07-02 12:39:50 -04:00
Rémi Lapeyre
421b9e8ef1
Fix typo in configuration documentation (#7997) 2020-07-02 12:39:23 -04:00
Matt Keeler
db387eccd6
Update CHANGELOG.md 2020-07-02 09:57:23 -04:00
Matt Keeler
f8e8f48125
Merge pull request #8211 from hashicorp/bugfix/auto-encrypt-various 2020-07-02 09:49:49 -04:00
Hans Hasselberg
1b69a24f36
Update CHANGELOG.md 2020-07-02 13:41:25 +02:00
kaitlincarter-hc
b353b5f920
update landing page links to learn to specific guides (#8214) 2020-07-01 14:58:46 -05:00
Kenia
7a1284e11b
ui: Redesign - Node service instances tab (#8204)
* Upgrade consul-api-dobule to version 3.1.3

* Create ConsulInstaceChecks component with test

* Redesign: Service Instaces tab in for a Node

* Update Node tests to work with the ConsulServiceInstancesList

* Style fix to the copy button in the composite-row details

* Delete helper and move logic to ConsulInstanceChecks component

* Delete unused component consul-node-service-list
2020-07-01 10:27:29 -04:00
Matt Keeler
3f04c4a51b
Update CHANGELOG.md 2020-07-01 09:15:26 -04:00
Matt Keeler
e0f9e4a2d9
Merge pull request #8218 from yurkeen/fix-dns-rcode 2020-07-01 09:12:59 -04:00
André
d06d9ef29e
Update lock.mdx (#8217)
Remove duplicated `-timeout` value.
2020-07-01 14:59:07 +02:00
Hans Hasselberg
95c027a3ea
Update gopsutil (#8208)
https://github.com/shirou/gopsutil/pull/895 is merged and fixes our
problem. Time to update. Since there is no new version just yet,
updating to the sha.
2020-07-01 14:47:56 +02:00
John Cowen
07b49f8887
ui: Ensure routing tab is shown when connect enabled (#8209)
In https://github.com/hashicorp/consul/pull/8065 we attempted to reduce
the amount of times that the UI requests the discovery chain endpoint
when connect is disabled on a datacenter.

Currently we can only tell if connect is disabled on a datacenter by
detecting a 500 error from a connect related endpoint.

In the above PR we mistakenly returned from a catch instead of
rethrowing the error, which meant that when a none 500 error was caught
the discovery chain data would be removed. Whilst at first glance this
doens't seem like a big problem due to the endpoint erroring, but we
also receive a 0 error when we abort endpoints during blocking queries.
This means that in certain cases we can remove cached data for the
discovery chain and then delay reloading it via a blocking query.

This PR replaces the return with a throw, which means that everything is
dealt with correctly via the blocking query error detection/logic.
2020-07-01 10:21:15 +01:00
Yury Evtikhov
10361dd210 DNS: add IsErrQueryNotFound function for easier error evaluation 2020-07-01 03:41:44 +01:00
Yury Evtikhov
8d18422f19 DNS: fix agent returning SERVFAIL where NXDOMAIN should be returned 2020-07-01 01:51:21 +01:00
Yury Evtikhov
3b4ddaaab5 DNS: add test to verify NXDOMAIN is returned when a non-existent domain is queried over RPC 2020-07-01 01:51:16 +01:00
Matt Keeler
6e7acfa618
Add an AutoEncrypt “integration” test
Also fix a bug where Consul could segfault if TLS was enabled but no client certificate was provided. How no one has reported this as a problem I am not sure.
2020-06-30 15:23:29 -04:00
Matt Keeler
2ddcba00c6
Overwrite agent leaf cert trust domain on the servers 2020-06-30 09:59:08 -04:00
Matt Keeler
19040f1166
Store the Connect CA rate limiter on the server
This fixes a bug where auto_encrypt was operating without utilizing a common rate limiter.
2020-06-30 09:59:07 -04:00
Matt Keeler
a5a9560bbd
Initialize the agent leaf cert cache result with a state to prevent unnecessary second certificate signing 2020-06-30 09:59:07 -04:00
Matt Keeler
39b567a55a
Fix auto_encrypt IP/DNS SANs
The initial auto encrypt CSR wasn’t containing the user supplied IP and DNS SANs. This fixes that. Also We were configuring a default :: IP SAN. This should be ::1 instead and was fixed.
2020-06-30 09:59:07 -04:00
Davor Kapsa
b287ebc1fb
clean cli.Run error message (#8191) 2020-06-30 13:12:29 +02:00
Fatih Sarhan
f6eaf74de2 docs: Fix typo on openstack cloud-auto-join 2020-06-29 13:56:01 -07:00
Chris Piraino
ea683ebb6c
cli: Output message on success when writing/deleting entries (#7806)
This provides a user with a better experience, knowing that the command
worked appropriately. The output of the write/delete CLI commands are
not going to be used in a bash script, in fact previously a success
provided no ouput, so we do not have to worry about spurious text being
injected into bash pipelines.
2020-06-29 15:47:40 -05:00
Kevin Pruett
8335a15b34
Merge pull request #8202 from hashicorp/pruett.algolia-index-ci
Add Algolia indexing to CI
2020-06-29 15:04:50 -04:00
Kevin Pruett
41254a1b74
Add Algolia indexing to CI 2020-06-29 12:14:43 -04:00
John Cowen
73e8face3c
ui: Don't hide TTL check output (#8187)
We'd assumed that TTL check outputs shouldn't be shown as it seemed like
they never had outputs, but they can be submitted with notes, which are
then converted into the output.

This unhides the output for TTLs and treats them exactly the same as
other healthchecks.
2020-06-29 15:29:20 +01:00
Seth Hoenig
95f46eb3ed
api/agent: enable setting SuccessBeforePassing and FailuresBeforeCritical in API (#7949)
Fixes #7764

Until now these two fields could only be set through on-disk agent configuration.
This change adds the fields to the agent API struct definition so that they can
be set using the agent HTTP API.
2020-06-29 14:52:35 +02:00
Matt Keeler
85fd8c552f
Merge pull request #8193 from hashicorp/feature/auto-config/suppress-config-warnings 2020-06-27 10:06:52 -04:00
R.B. Boyer
75de960011 update changelog 2020-06-26 17:00:17 -05:00