Commit Graph

8809 Commits

Author SHA1 Message Date
Kyle Havlovitz 1d3f4b5099
connect: persist intermediate CAs on leader change 2018-07-11 09:44:30 -07:00
Matt Keeler c54b43bef3 PR Updates
Proxy now doesn’t need to know anything about the api as we pass env vars to it instead of the api config.
2018-07-11 09:44:54 -04:00
Matt Keeler f8dcff8bd8
Update CHANGELOG.md 2018-07-11 08:51:15 -04:00
Matt Keeler 4d1ead10b3
Merge pull request #4371 from hashicorp/bugfix/gh-4358
Remove https://prefix from TLSConfig.Address
2018-07-11 08:50:10 -04:00
Pierre Souchay fecae3de21 When renaming a node, ensure the name is not taken by another node.
Since DNS is case insensitive and DB as issues when similar names with different
cases are added, check for unicity based on case insensitivity.

Following another big incident we had in our cluster, we also validate
that adding/renaming a not does not conflicts with case insensitive
matches.

We had the following error once:

 - one node called: mymachine.MYDC.mydomain was shut off
 - another node (different ID) was added with name: mymachine.mydc.mydomain before
   72 hours

When restarting the consul server of domain, the consul server restarted failed
to start since it detected an issue in RAFT database because
mymachine.MYDC.mydomain and mymachine.mydc.mydomain had the same names.

Checking at registration time with case insensitivity should definitly fix
those issues and avoid Consul DB corruption.
2018-07-11 14:42:54 +02:00
John Cowen 4179afae06 Instead of rewriting the API call, use ember to rewrite the URL
We now essentially do 2 redirects if you hit a `folder/`

1. If you visit `/ui/dc1/kv/folder/`, `consul` will redirect you to `/ui/dc1/kv/folder`
2. Once redirected to `/ui/dc1/kv/folder` via a 301, use ember/history
API to redirect you back to `/ui/dc1/kv/folder/`.

Bit long winded, but achieves what we want without having to get stuck
into `consul` itself to remove the 301 for the UI
2018-07-11 10:44:37 +01:00
John Cowen 1fe325fb81
Merge pull request #4348 from hashicorp/bugfix/last-healthcheck-icon
UI - CSS: don't assume the last item in the healthcheck listing is passing
2018-07-11 09:55:05 +01:00
Pierre Souchay 68f7f85cda Tune GNUMakefile to pass more easily Travis tests 2018-07-10 22:55:37 +02:00
Pierre Souchay 817a69edad Avoid travis to fail with flacky tests 2018-07-10 22:55:37 +02:00
Matt Keeler bd76a34002
Merge pull request #4365 from pierresouchay/fix_test_warning
Fixed compilation warning about wrong type
2018-07-10 16:53:29 -04:00
Matt Keeler 3b6eef8ec6 Pass around an API Config object and convert to env vars for the managed proxy 2018-07-10 12:13:51 -04:00
Pierre Souchay 7d2e4b77ec Use %q, not %s as it used to 2018-07-10 16:52:08 +02:00
Matt Keeler 6da4cd8fea
Update CHANGELOG.md 2018-07-10 10:40:38 -04:00
Matt Keeler ad3d5e3738
Merge pull request #4328 from hashicorp/bugfix/prevent-multi-c
Only allow 1 CNAME when querying for a service.
2018-07-10 10:39:03 -04:00
Paul Banks fc9fb4f915
Update CHANGELOG.md 2018-07-10 15:30:24 +01:00
Paul Banks 8d26474dcf
Update CHANGELOG.md 2018-07-10 15:28:56 +01:00
Paul Banks 7ed3b23333
Merge pull request #4346 from hamishforbes/lock_timeout
Fix lock and semaphore timeouts
2018-07-10 15:26:52 +01:00
Matt Keeler 0fd7e97c2d Merge remote-tracking branch 'origin/master' into bugfix/prevent-multi-cname 2018-07-10 10:26:45 -04:00
Matt Keeler ba24bdd32b
Update CHANGELOG.md 2018-07-10 09:02:06 -04:00
Matt Keeler d19c7d8882
Merge pull request #4303 from pierresouchay/non_blocking_acl
Only send one single ACL cache refresh across network when TTL is over
2018-07-10 08:57:33 -04:00
Matt Keeler c146f837bd
Update CHANGELOG.md 2018-07-10 08:52:15 -04:00
Matt Keeler d066fb7b18
Merge pull request #4362 from hashicorp/bugfix/gh-4354
Ensure TXT RRs always end up in the Additional section except for ANY or TXT queries
2018-07-10 08:50:31 -04:00
Paul Banks efa13a1daf
Merge pull request #4361 from lganzzzo/patch-1
C++ oatpp-consul integration added to Libraries & SDKs page
2018-07-10 12:37:20 +01:00
Pierre Souchay 2f76019847 Fixed message: testutil/server.go:317: missing ... in args forwarded to print-like function 2018-07-10 11:04:25 +02:00
Pierre Souchay b112bdd52d Fixed compilation warning about wrong type
It fixes the following warnings:

  agent/config/builder.go:1201: Errorf format %q has arg s of wrong type *string
  agent/config/builder.go:1240: Errorf format %q has arg s of wrong type *string
2018-07-09 23:43:56 +02:00
Paul Banks 41c3a4ac8e
Merge pull request #4038 from pierresouchay/ACL_additional_info
Track calls blocked by ACLs using metrics
2018-07-09 20:21:21 +01:00
Jack Pearkes 7ca7c09925 add copyright notice file
Fixes #1390
2018-07-09 10:58:26 -07:00
Siva Prasad fbc5017d5d
Merge pull request #4363 from MagnumOpus21/master
Agent/Proxy : Fixes Windows's basic managed proxy support problem.
2018-07-09 13:24:02 -04:00
MagnumOpus21 371f0c3d5f Tests/Proxy : Changed function name to match the system being tested. 2018-07-09 13:18:57 -04:00
MagnumOpus21 9d57b72e81 Resolved merge conflicts 2018-07-09 12:48:34 -04:00
MagnumOpus21 300330e24b Agent/Proxy: Formatting and test cases fix 2018-07-09 12:46:10 -04:00
Matt Keeler 962f6a1816 Remove https://prefix from TLSConfig.Address 2018-07-09 12:31:15 -04:00
Matt Keeler cbf8f14451 Ensure TXT RRs always end up in the Additional section except for ANY or TXT queries
This also changes where the enforcement of the enable_additional_node_meta_txt configuration gets applied.

formatNodeRecord returns the main RRs and the meta/TXT RRs in separate slices. Its then up to the caller to add to the appropriate sections or not.
2018-07-09 12:30:11 -04:00
MagnumOpus21 94e8ff55cf Proxy/Tests: Added test cases to check env variables 2018-07-09 12:28:29 -04:00
MagnumOpus21 6cecf2961d Agent/Proxy : Properly passes env variables to child 2018-07-09 12:28:29 -04:00
Kyle Havlovitz f92e5b1121
Merge pull request #4325 from hashicorp/ca-pruning
connect/ca: add logic for pruning old stale RootCA entries
2018-07-09 09:05:41 -07:00
John Cowen 887d4e9dde If we are indexing or foldering then its going to be folder-like
...therefore add a trailing slash to the API call
2018-07-09 15:52:22 +01:00
John Cowen faf813fee2 Add tests that break when you request a folder without a trailing slash 2018-07-09 15:51:01 +01:00
Leonid Stryzhevskyi d508a6ba7c
oatpp-consul integration added to Libraries & SDKs page 2018-07-09 17:28:03 +03:00
Paul Banks c8b37f0a4c
Merge pull request #4351 from hashicorp/doc-config-dir-reads-hcl-files
Notes that both "hcl" and "json" files are loaded from the config-dir.
2018-07-09 14:43:55 +01:00
Paul Banks 0241cda645
Fix formatting issue in config docs.
The floating paragraph seems to need additional indentation to work correctly on the markdown parser middle man uses - GitHub got it right before in the preview but the website broke dumping the new config option inline.
2018-07-09 14:39:20 +01:00
Pierre Souchay a937c7fa70 Added new ACL blocked Metrics to telemetry.html 2018-07-09 11:36:33 +02:00
Pierre Souchay ff53648df2 Merge remote-tracking branch 'origin/master' into ACL_additional_info 2018-07-07 14:09:18 +02:00
Pierre Souchay 0e4e451a56 Fixed indentation in test 2018-07-07 14:03:34 +02:00
Kyle Havlovitz 401b206a2e
Store the time CARoot is rotated out instead of when to prune 2018-07-06 16:05:25 -07:00
Geoffrey Grosenbach f132d0e1e1 Note that `-dev` generates certs for Connect.
Previous version of the documentation didn't mention this, which can
lead to confusion when experimenting with Connect. Many other features
of Consul work fine without `-dev` mode, but Connect needs certs in
order to proxy, which must be done with this flag or by generating certs
directly and passing them to Consul in configs.
2018-07-06 12:26:15 -07:00
Geoffrey Grosenbach 5eecbeb7ae Notes that both "hcl" and "json" files are loaded from the config-dir.
The previous version only mentioned "json" but the behavior was to read
"hcl" files as well.
2018-07-06 12:22:18 -07:00
John Cowen f6cd162f75 Stop trying to remove consul-api-double we don't need to anymore 2018-07-06 16:50:52 +01:00
John Cowen fb91d05eb4 Don't assume the last item in the healthcheck listing is passing 2018-07-06 16:40:04 +01:00
John Cowen e918221275 Tiny ui build additions
1. Use `ls -A` to list dotfiles also, ready for tarring
2. Don't copy ember's `./tmp` if you have one
2018-07-06 15:08:11 +01:00