12721 Commits

Author SHA1 Message Date
Mike Morris
708957a982
chore: update raft to v1.2.0 (#8822) 2020-10-08 15:07:10 -04:00
Matt Keeler
38f5ddce2a
Add per-agent reconnect timeouts (#8781)
This allows for client agent to be run in a more stateless manner where they may be abruptly terminated and not expected to come back. If advertising a per-agent reconnect timeout using the advertise_reconnect_timeout configuration when that agent leaves, other agents will wait only that amount of time for the agent to come back before reaping it.

This has the advantageous side effect of causing servers to deregister the node/services/checks for that agent sooner than if the global reconnect_timeout was used.
2020-10-08 15:02:19 -04:00
Paul Banks
57a7057067
Add UI metrics proxy (#8744)
* Fix merge conflicts

* Add /v1/internal/ui/metrics-proxy API endpoint that proxies to a configured metrics provider backend.
2020-10-08 18:04:06 +01:00
Paul Banks
46f58e05bd
Add support for serving additional metrics provider JS in the UI (#8743) 2020-10-08 18:03:13 +01:00
Mike Morris
d68b4b9e79 chore(ci): remove docs-cherrypick autolabel
This label should never be auto-applied to prevent accidentally publishing docs intended for a major release early.
2020-10-08 12:50:03 -04:00
Paul Banks
332477f24c
Add /v1/internal/ui/metrics-proxy API endpoint that proxies to a configured metrics provider backend. 2020-10-08 17:32:29 +01:00
Paul Banks
80910b46f3
Fix merge conflicts 2020-10-08 17:31:36 +01:00
hashicorp-ci
fc6a7df5f6 auto-updated agent/uiserver/bindata_assetfs.go from commit b373456c7 2020-10-08 15:56:05 +00:00
Kenia
b373456c76
ui: Add deny SVG lines with icons (#8846)
* Refactor and color SVG Lines based on intention permissions

* Create Icon component with L7 and Deny icon styling

* Reposition icons on the lines when the lines are redrawn

* Create service/intention-permissions helper

* Use service/intention-permissions helper to return allow or deny lines

* Upgrade consul-api-double to v5.3.5

* Update HasPermission attribute
2020-10-08 11:52:09 -04:00
Freddy
164ce57db2
Support ingress gateways in mesh viz endpoint (#8864)
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-10-08 09:47:09 -06:00
hashicorp-ci
418fe6ba32 auto-updated agent/uiserver/bindata_assetfs.go from commit ef7b1f8a4 2020-10-08 15:41:40 +00:00
Kenia
ef7b1f8a4b
ui: Add namespaces to downstream cards (#8873)
* Add nspace to downstream cards

* Remove portion of conditional
2020-10-08 11:38:03 -04:00
hashicorp-ci
12e735dbca auto-updated agent/uiserver/bindata_assetfs.go from commit d849f025c 2020-10-08 15:08:16 +00:00
John Cowen
d849f025cf
ui: L7 intentions improvements (#8851)
* Disable source as well as destination on editing

* Various visual/textual amends

* Make errors only appear once you've interacted with a field

* Move tests that involve selecting menus to a create form

* Revert fieldsets and checkboxes
2020-10-08 16:02:31 +01:00
John Cowen
ec084cf79b
ui: Use a custom request for nspace deletion (#8878)
* Turn repo.remove into a custom action to bypass ember-data deletion

* Don't show actions on a deleting nspace
2020-10-08 16:00:52 +01:00
Daniel Nephin
fcaf362c9f
Merge pull request #8841 from hashicorp/streaming/materialize-view-fix-service-unique-id
streaming: Use an ID that includes namespace to store services in the materialized view
2020-10-07 21:28:53 -04:00
Daniel Nephin
2513f42c68
Merge pull request #8809 from hashicorp/streaming/materialize-view
Add StreamingHealthServices cache-type
2020-10-07 21:26:38 -04:00
Daniel Nephin
b103568e98
Merge pull request #8818 from hashicorp/streaming/add-subscribe-service-batch-events
stream: handle batch events as a special case of Event
2020-10-07 21:25:32 -04:00
Daniel Nephin
da6400192b
Merge pull request #8768 from hashicorp/streaming/add-subscribe-service
subscribe: add subscribe service for streaming change events
2020-10-07 21:24:03 -04:00
Freddy
da91e999f6
Return intention info in svc topology endpoint (#8853) 2020-10-07 18:35:34 -06:00
Daniel Nephin
21c21191f4 structs: add CheckServiceNode.CanRead
And use it from the subscribe endpoint.
2020-10-07 18:15:13 -04:00
Mike Morris
6c0907f494
test(vault): generate test coverage and upload to CodeCov (#8870) 2020-10-07 16:32:25 -04:00
R.B. Boyer
71ba8300a3
add testrpc.WaitForServiceIntentions to help unflake tests that manipulate intentions (#8867) 2020-10-07 14:20:25 -05:00
R.B. Boyer
0c9177f6a5
api: unflake some intention-related api tests (#8857) 2020-10-07 13:32:53 -05:00
Jono Sosulska
16e8235abe
Turns PR labeler to only trigger on create (#8838) 2020-10-07 13:45:17 -04:00
Mike Morris
1ebc2fb006
chore(deps): update gopsutil to v2.20.9 (#8843)
* core(deps): bump golang.org/x/sys

To resolve /go/pkg/mod/github.com/shirou/gopsutil@v2.20.9+incompatible/host/host_bsd.go:20:13: undefined: unix.SysctlTimeval

* chore(deps): make update-vendor
2020-10-07 12:57:18 -04:00
R.B. Boyer
9fbcb2e68d
command: remove conditional envoy bootstrap generation for versions <=1.10.0 since those are not supported (#8855) 2020-10-07 10:53:23 -05:00
R.B. Boyer
3e6cbc649e add missing changelog entry for #8839 2020-10-07 10:22:40 -05:00
hashicorp-ci
8655b24639 auto-updated agent/uiserver/bindata_assetfs.go from commit 0d0de4309 2020-10-07 14:13:29 +00:00
John Cowen
0d0de43098
ui: Change query param name for service instance listing from nspace to ns (#8852) 2020-10-07 15:08:13 +01:00
hashicorp-ci
eb4bc23a03 auto-updated agent/uiserver/bindata_assetfs.go from commit a61b6c53d 2020-10-07 13:50:39 +00:00
John Cowen
a61b6c53d9
ui: Move node listing copy button to the detail rather than the title (#8850) 2020-10-07 14:45:52 +01:00
hashicorp-ci
aa0f5ff839 auto-updated agent/uiserver/bindata_assetfs.go from commit 222555c4c 2020-10-07 08:09:54 +00:00
John Cowen
222555c4c9
ui: Fix up Service filtering by whether a Service is in the mesh or not in the mesh (#8836)
* Add MeshEnabled, InMesh properties and add Proxy back in

* Change query param to in-mesh/not-in-mesh

* Use new computed properties
2020-10-07 09:04:55 +01:00
R.B. Boyer
1b413b0444
connect: support defining intentions using layer 7 criteria (#8839)
Extend Consul’s intentions model to allow for request-based access control enforcement for HTTP-like protocols in addition to the existing connection-based enforcement for unspecified protocols (e.g. tcp).
2020-10-06 17:09:13 -05:00
Pierre Souchay
eabba09b66 Added changelog for merged PR #8221 2020-10-06 17:15:33 -04:00
Daniel Nephin
8b887af0d3 streaming: store services with a unique ID that includes namespace 2020-10-06 16:54:56 -04:00
Daniel Nephin
bbc6d07c38 proto: add Namespace to EnterpriseMeta
By adding Namespace to the OSS EnterpriseMeta we reduce the differences between OSS and Enterprise
which simplifies the code quite a bit.
2020-10-06 16:42:09 -04:00
Mike Morris
ad74b48385 Update CHANGELOG.md 2020-10-06 16:27:38 -04:00
Alvin Huang
c6001e9b68
add ui test-node (#8820) 2020-10-06 15:58:12 -04:00
R.B. Boyer
a2a8e9c783
connect: intentions are now managed as a new config entry kind "service-intentions" (#8834)
- Upgrade the ConfigEntry.ListAll RPC to be kind-aware so that older
copies of consul will not see new config entries it doesn't understand
replicate down.

- Add shim conversion code so that the old API/CLI method of interacting
with intentions will continue to work so long as none of these are
edited via config entry endpoints. Almost all of the read-only APIs will
continue to function indefinitely.

- Add new APIs that operate on individual intentions without IDs so that
the UI doesn't need to implement CAS operations.

- Add a new serf feature flag indicating support for
intentions-as-config-entries.

- The old line-item intentions way of interacting with the state store
will transparently flip between the legacy memdb table and the config
entry representations so that readers will never see a hiccup during
migration where the results are incomplete. It uses a piece of system
metadata to control the flip.

- The primary datacenter will begin migrating intentions into config
entries on startup once all servers in the datacenter are on a version
of Consul with the intentions-as-config-entries feature flag. When it is
complete the old state store representations will be cleared. We also
record a piece of system metadata indicating this has occurred. We use
this metadata to skip ALL of this code the next time the leader starts
up.

- The secondary datacenters continue to run the old intentions
replicator until all servers in the secondary DC and primary DC support
intentions-as-config-entries (via serf flag). Once this condition it met
the old intentions replicator ceases.

- The secondary datacenters replicate the new config entries as they are
migrated in the primary. When they detect that the primary has zeroed
it's old state store table it waits until all config entries up to that
point are replicated and then zeroes its own copy of the old state store
table. We also record a piece of system metadata indicating this has
occurred. We use this metadata to skip ALL of this code the next time
the leader starts up.
2020-10-06 13:24:05 -05:00
Daniel Nephin
5972bdc87c streaming: improve godoc for cache-type
And fix a bug where any error that implemented the temporary interface was considered
a temporary error, even when the method would return false.
2020-10-06 13:52:02 -04:00
Daniel Nephin
d0b87cd5d0 submatview: remove notifyUpdateLocked from reset
This call appears to only be necessary because reset() was called from
NewMaterializer.

This commit has the constructor set a default value for updateCh, and
removes both the call to reset() from New(), and the call to
notifyUpdateLocked() from reset().

This should ensure that we do not notify the Fetch() call before we have new
values to report.
2020-10-06 13:22:02 -04:00
Daniel Nephin
5eab1d8cef submatview: remove method receiver from handlers 2020-10-06 13:22:02 -04:00
Daniel Nephin
3fa08beecf submatview: add a test for handling of NewSnapshotToFollow
Also add some godoc
Rename some vars and functions
Fix a data race in the new cache test for entry closing.
2020-10-06 13:22:02 -04:00
Daniel Nephin
534d8b45bb submatview: refactor Materializer
Refactor of Materializer.Run
Use handlers to manage state in Materializer
Rename Materializer receiver
rename m.l to m.lock, and flip some conditionals to remove the negative.
Improve godoc, rename Deps, move resetErr, and pass err into notifyUpdate
Update for NewSnapshotToFollow events
Refactor to move context cancel out of Materializer
2020-10-06 13:22:02 -04:00
Daniel Nephin
e849f6d7ac submatview: Move the 'use materialize from result.State' logic
No need to do all this other work if we have one already.

This logic moved closer to this call site 3 times during the process
of refactoring.
2020-10-06 13:22:02 -04:00
Daniel Nephin
edf30b2714 submatview: Move Materializer to submatview package 2020-10-06 13:22:02 -04:00
Daniel Nephin
ed45957ffb submatview: Refactor MaterializeView
Replace InitFilter with Reset.
Removes the need to store a fatalErr and the cache-type, and removes the need to recreate the filter
each time.
Pass dependencies into MaterializedView.
Remove context from MaterializedView.
Rename state to view.
Rename MaterialziedView to Materialzier.
Rename to NewMaterializer
Pass in retry.Waiter
2020-10-06 13:22:02 -04:00
Daniel Nephin
b576a2d3c7 cache-types: Update Streaming health cache-type
To use latest protobuf types
2020-10-06 13:22:02 -04:00