2133 Commits

Author SHA1 Message Date
Joel Watson
40a8681816 Allow omission of -kvdetails if another -kv* flag is set 2020-11-10 10:55:30 -06:00
Joel Watson
1ef259b093 Rename params to better reflect their purpose 2020-11-10 10:44:09 -06:00
Joel Watson
5ad0db73c8 Make docs for params clearer 2020-11-10 10:35:24 -06:00
Joel Watson
fbe8503258 Break KV portion of enchance into separate func 2020-11-10 10:29:49 -06:00
Joel Watson
5dd703a62a Move KV stat gen to separate func 2020-11-10 10:09:03 -06:00
Matt Keeler
c048e86bb2
Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
Mike Morris
6396042ba7
connect: switch the default gateway port from 443 to 8443 (#9116)
* test: update ingress gateway golden file to port 8443

* test: update Envoy flags_test to port 8443

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-11-06 20:47:29 -05:00
R.B. Boyer
8baf158ea8
Revert "Add namespace support for metrics (OSS) (#9117)" (#9124)
This reverts commit 06b3b017d326853dbb53bc0ec08ce371265c5ce9.
2020-11-06 10:24:32 -06:00
Freddy
06b3b017d3
Add namespace support for metrics (OSS) (#9117) 2020-11-05 18:24:29 -07:00
Joel Watson
aabb537aed Pull sorting into separate function 2020-11-05 16:25:21 -06:00
Joel Watson
3ee20d500a Refactor to reduce how many vars are being passed around 2020-11-05 14:26:47 -06:00
Joel Watson
1a50aa023a Fallback to alphabetic sorting if size is equal 2020-11-05 11:02:02 -06:00
Joel Watson
be2a212d75 Add tests for new snapshot inspect flags 2020-11-05 11:01:44 -06:00
Joel Watson
5f5b49955c Update snapshot inspect formatter test 2020-11-05 10:40:02 -06:00
Joel Watson
eafc593d0f Make key breakdown total size accurate 2020-11-05 10:32:23 -06:00
Joel Watson
4bf70dd857 Cleanup formatter 2020-11-04 14:36:42 -06:00
Joel Watson
208d6ebd95 Get JSON formatting working 2020-11-04 14:04:17 -06:00
Joel Watson
e7a88d4a30 This ended up not being used. 2020-11-04 10:30:38 -06:00
Joel Watson
262fb3a0c3 Add snapshot inspect filter param 2020-11-04 10:11:20 -06:00
Joel Watson
10f325dc81 Initial stab at snapshot inspect key breakdown 2020-11-03 18:00:44 -06:00
s-christoff
79ce24e9fc
cli: Add JSON and Pretty Print formatting for consul snapshot inspect (#9006) 2020-10-29 11:31:14 -05:00
R.B. Boyer
a2c50d3303
connect: add support for envoy 1.16.0, drop support for 1.12.x, and bump point releases as well (#8944)
Supported versions will be: "1.16.0", "1.15.2", "1.14.5", "1.13.6"
2020-10-22 13:46:19 -05:00
s-christoff
9bb348c6c7
Enhance the output of consul snapshot inspect (#8787) 2020-10-09 14:57:29 -05:00
Blake Covarrubias
4c83ad3e02
doc: Update acl-method command example (#8845)
* Update acl-method command example

* add tailing backtick
2020-10-09 12:26:14 -07:00
R.B. Boyer
9fbcb2e68d
command: remove conditional envoy bootstrap generation for versions <=1.10.0 since those are not supported (#8855) 2020-10-07 10:53:23 -05:00
Ryan Ooi
852896b068 add tailing backtick 2020-10-07 07:14:56 +08:00
Ryan Ooi
c80b048111 Update acl-method command example 2020-10-07 06:44:24 +08:00
R.B. Boyer
1b413b0444
connect: support defining intentions using layer 7 criteria (#8839)
Extend Consul’s intentions model to allow for request-based access control enforcement for HTTP-like protocols in addition to the existing connection-based enforcement for unspecified protocols (e.g. tcp).
2020-10-06 17:09:13 -05:00
R.B. Boyer
a2a8e9c783
connect: intentions are now managed as a new config entry kind "service-intentions" (#8834)
- Upgrade the ConfigEntry.ListAll RPC to be kind-aware so that older
copies of consul will not see new config entries it doesn't understand
replicate down.

- Add shim conversion code so that the old API/CLI method of interacting
with intentions will continue to work so long as none of these are
edited via config entry endpoints. Almost all of the read-only APIs will
continue to function indefinitely.

- Add new APIs that operate on individual intentions without IDs so that
the UI doesn't need to implement CAS operations.

- Add a new serf feature flag indicating support for
intentions-as-config-entries.

- The old line-item intentions way of interacting with the state store
will transparently flip between the legacy memdb table and the config
entry representations so that readers will never see a hiccup during
migration where the results are incomplete. It uses a piece of system
metadata to control the flip.

- The primary datacenter will begin migrating intentions into config
entries on startup once all servers in the datacenter are on a version
of Consul with the intentions-as-config-entries feature flag. When it is
complete the old state store representations will be cleared. We also
record a piece of system metadata indicating this has occurred. We use
this metadata to skip ALL of this code the next time the leader starts
up.

- The secondary datacenters continue to run the old intentions
replicator until all servers in the secondary DC and primary DC support
intentions-as-config-entries (via serf flag). Once this condition it met
the old intentions replicator ceases.

- The secondary datacenters replicate the new config entries as they are
migrated in the primary. When they detect that the primary has zeroed
it's old state store table it waits until all config entries up to that
point are replicated and then zeroes its own copy of the old state store
table. We also record a piece of system metadata indicating this has
occurred. We use this metadata to skip ALL of this code the next time
the leader starts up.
2020-10-06 13:24:05 -05:00
Hans Hasselberg
ad4e189354
add -list-primary to consul keyring command (#8692)
* add -list-primary

* add docs

* use builder

* fix multiple actions
2020-09-24 20:04:20 +02:00
Juliano Martinez
5ce309a2f7 remove nodeName call when using -service
- fix #8734
2020-09-23 10:45:16 +02:00
freddygv
7b9d1b41d5 Resolve conflicts against master 2020-09-11 18:41:58 -06:00
freddygv
768dbaa68d Add session flag to cookie config 2020-09-11 18:34:03 -06:00
freddygv
eab90ea9fa Revert EnvoyConfig nesting 2020-09-11 09:21:43 -06:00
Tim Arenz
a1fe711390
Add support for -ca-path option in the connect envoy command (#8606)
* Add support for -ca-path option in the connect envoy command
* Adding changelog entry
2020-09-08 12:16:16 +02:00
Daniel Nephin
6ca45e1a61 agent: add apiServers type for managing HTTP servers
Remove Server field from HTTPServer. The field is no longer used.
2020-09-03 13:40:12 -04:00
freddygv
cf018cb2e0 Fixup stray LB infix refs 2020-09-03 08:56:17 -06:00
freddygv
f81fe6a1a1 Remove LB infix and move injection to xds 2020-09-02 15:13:50 -06:00
R.B. Boyer
119e945c3e
connect: all config entries pick up a meta field (#8596)
Fixes #8595
2020-09-02 14:10:25 -05:00
freddygv
63f79e5f9b Restructure structs and other PR comments 2020-09-02 09:10:50 -06:00
Daniel Nephin
e16375216d config: use logging.Config in RuntimeConfig
To add structure to RuntimeConfig, and remove the need to translate into a third type.
2020-08-19 13:21:00 -04:00
Daniel Nephin
33c401a16e logging: Setup accept io.Writer instead of []io.Writer
Also accept a non-pointer Config, since the config is not modified
2020-08-19 13:20:41 -04:00
Daniel Nephin
5d4df54296 agent: extract dependency creation from New
With this change, Agent.New() accepts many of the dependencies instead
of creating them in New. Accepting fully constructed dependencies from
a constructor makes the type easier to test, and easier to change.

There are still a number of dependencies created in Start() which can
be addressed in a follow up.
2020-08-18 19:04:55 -04:00
Daniel Nephin
16217fe9b9 testing: use t.Cleanup in testutil.TempFile
So that it has the same behaviour as TempDir.

Also remove the now unnecessary 'defer os.Remove'
2020-08-14 20:06:01 -04:00
Daniel Nephin
d68edcecf4 testing: Remove all the defer os.Removeall
Now that testutil uses t.Cleanup to remove the directory the caller no longer has to manage
the removal
2020-08-14 19:58:53 -04:00
R.B. Boyer
397019d970
xds: revert setting set_node_on_first_message_only to true when generating envoy bootstrap config (#8440)
When consul is restarted and an envoy that had already sent
DiscoveryRequests to the previous consul process sends a request to the
new process it doesn't respect the setting and never populates
DiscoveryRequest.Node for the life of the new consul process due to this
bug: https://github.com/envoyproxy/envoy/issues/9682

Fixes #8430
2020-08-05 15:00:24 -05:00
Daniel Nephin
0420d91cdd Remove LogOutput from Agent
Now that it is no longer used, we can remove this unnecessary field. This is a pre-step in cleanup up RuntimeConfig->Consul.Config, which is a pre-step to adding a gRPCHandler component to Server for streaming.

Removing this field also allows us to remove one of the return values from logging.Setup.
2020-08-05 14:00:44 -04:00
R.B. Boyer
c599a2f5f4
xds: add support for envoy 1.15.0 and drop support for 1.11.x (#8424)
Related changes:

- hard-fail the xDS connection attempt if the envoy version is known to be too old to be supported
- remove the RouterMatchSafeRegex proxy feature since all supported envoy versions have it
- stop using --max-obj-name-len (due to: envoyproxy/envoy#11740)
2020-07-31 15:52:49 -05:00
Marc Billow
6960afdfe3 Simple tls cert create help text typo 2020-07-30 12:04:21 -07:00
Chris Piraino
7c4cc71131
Fix envoy bootstrap logic to not append multiple self_admin clusters (#8371)
Previously, the envoy bootstrap config would blindly copy the self_admin
cluster into the list of static clusters when configuring either
ReadyBindAddr, PrometheusBindAddr, or StatsBindAddr.

Since ingress gateways always configure the ReadyBindAddr property,
users ran into this case much more often than previously.
2020-07-23 13:12:08 -05:00