15435 Commits

Author SHA1 Message Date
Paul Glass
13c6973e47 docs: Migrate Existing Tasks page for ECS 2021-09-15 17:28:34 -05:00
Paul Glass
c546be4460
Merge pull request #11043 from hashicorp/pglass/consul-ecs-arch-doc
ECS architecture docs for Beta
2021-09-15 17:00:53 -05:00
Paul Glass
2604719ce6
Merge pull request #11033 from hashicorp/consul-ecs-beta-docs
updates to ECS docs per beta release
2021-09-15 17:00:00 -05:00
Paul Glass
0480cf4fe7 docs: ECS architecture feedback 2021-09-15 16:18:37 -05:00
trujillo-adam
1e97752f31 applied comment feedback about my_task example 2021-09-15 14:09:47 -07:00
Mark Anderson
9f12fbd3cc
ACL Binding Rules table partitioning (#11044)
* ACL Binding Rules table partitioning

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-09-15 13:26:08 -07:00
Paul Glass
ad4936afdb docs: Address ECS architecture feedback 2021-09-15 15:04:39 -05:00
trujillo-adam
a25a30921a added a few more nbsp to improve table readability 2021-09-15 11:59:30 -07:00
David Yu
f58418f811
docs: Reformat Uninstall steps (#11040)
* docs: Reformat Uninstall steps

Reformatting uninstall as steps to make uninstall instructions more clear.
2021-09-15 11:59:02 -07:00
hc-github-team-consul-core
02051c141e auto-updated agent/uiserver/bindata_assetfs.go from commit fc14a412f 2021-09-15 18:55:29 +00:00
trujillo-adam
dfb4775712 updates to the uninstall flags, preset descriptions 2021-09-15 11:55:14 -07:00
Paul Glass
c53b0d2ebb docs: remove T3 in ECS task startup arch doc 2021-09-15 13:50:38 -05:00
John Cowen
fc14a412fd
ui: Partitions Application Layer (#11017)
* Add Partition to all our models

* Add partitions into our serializers/fingerprinting

* Make some amends to a few adapters ready for partitions

* Amend blueprints to avoid linting error

* Update all  our repositories to include partitions, also

Remove enabled/disable nspace repo and just use a nspace with
conditionals

* Ensure nspace and parition parameters always return '' no matter what

* Ensure data-sink finds the model properly

This will later be replaced by a @dataSink decorator but we are find
kicking that can down the road a little more

* Add all the new partition data layer

* Add a way to set the title of the page from inside the route

and make it accessibile via a route announcer

* Make the Consul Route the default/basic one

* Tweak nspace and partition abilities not to check the length

* Thread partition through all the components that need it

* Some ACL tweaks

* Move the entire app to use partitions

* Delete all the tests we no longer need

* Update some Unit tests to use partition

* Fix up KV title tests

* Fix up a few more acceptance tests

* Fixup and temporarily ignore some acceptance tests

* Stop using ember-cli-page-objects fillable as it doesn't seem to work

* Fix lint error

* Remove old ACL related test

* Add a tick after filling out forms

* Fix token warning modal

* Found some more places where we need a partition var

* Fixup some more acceptance tests

* Tokens still needs a repo service for CRUD

* Remove acceptance tests we no longer need

* Fixup and "FIXME ignore" a few tests

* Remove an s

* Disable blocking queries for KV to revert to previous release for now

* Fixup adapter tests to follow async/function resolving interface

* Fixup all the serializer integration tests

* Fixup service/repo integration tests

* Fixup deleting acceptance test

* Fixup some ent tests

* Make sure nspaces passes the dc through for when thats important

* ...aaaand acceptance nspaces with the extra dc param
2021-09-15 19:50:11 +01:00
Paul Glass
4263f93eb6 docs: correct point about service health checks for ECS 2021-09-15 13:38:19 -05:00
Paul Glass
be46f2d7b7 ECS architecture docs for Beta 2021-09-15 13:04:07 -05:00
trujillo-adam
cf0ebdf751
Apply suggestions from code review
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-09-15 10:46:00 -07:00
hc-github-team-consul-core
0eb4a98fab auto-updated agent/uiserver/bindata_assetfs.go from commit b16a6fa03 2021-09-15 17:14:42 +00:00
John Cowen
b16a6fa033
ui: Adds Partitions to the HTTP layer (#10447)
This PR mainly adds partition to our HTTP adapter. Additionally and perhaps most importantly, we've also taken the opportunity to move our 'conditional namespaces' deeper into the app.

The reason for doing this was, we like that namespaces should be thought of as required instead of conditional, 'special' things and would like the same thinking to be applied to partitions.

Now, instead of using code throughout the app throughout the adapters to add/remove namespaces or partitions depending on whether they are enabled or not. As a UI engineer you just pretend that namespaces and partitions are always enabled, and we remove them for you deeper in the app, out of the way of you forgetting to treat these properties as a special case.

Notes:

Added a PartitionAbility while we were there (not used as yet)
Started to remove the CONSTANT variables we had just for property names. I prefer that our adapters are as readable and straightforwards as possible, it just looks like HTTP.
We'll probably remove our formatDatacenter method we use also at some point, it was mainly too make it look the same as our previous formatNspace, but now we don't have that, it instead now looks different!
We enable parsing of partition in the UIs URL, but this is feature flagged so still does nothing just yet.
All of the test changes were related to the fact that we were treating client.url as a function rather than a method, and now that we reference this in client.url (etc) it needs binding to client.
2021-09-15 18:09:55 +01:00
Jared Kirschner
3231709b03 docs: improve network segments agent options docs 2021-09-15 10:00:41 -07:00
Jared Kirschner
702df44f9b docs: expand network segments documentation
Includes a brief overview with images, descriptions of server and client
configuration with examples, and how to join an agent to a segment.
2021-09-15 10:00:41 -07:00
David Yu
4e26d94080
docs: Remove step for deleting webhook-cert-manager secret on Consul K8s uninstall (#11035)
* Remove step for deleting webhook-cert-manager secret
* Update website/content/docs/k8s/operations/uninstall.mdx
2021-09-15 08:11:22 -07:00
Dhia Ayachi
af21578039
use const instead of literals for tableIndex (#11039) 2021-09-15 10:24:04 -04:00
Mark Anderson
6be54052f7
Refactor indexAuthMethod in tableACLBindingRules (#11029)
* Port consul-enterprise #1123 to OSS

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

* Fixup missing query field

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

* change to re-trigger ci system

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-09-15 09:34:19 -04:00
trujillo-adam
6985ccc7d3 updates to ECS docs per beta release 2021-09-14 16:36:52 -07:00
Kyle Havlovitz
4f05d80a5f
Merge pull request #11032 from hashicorp/partitions/acl-rule-oss
oss: Add partition rule ACL type
2021-09-14 15:41:59 -07:00
Kyle Havlovitz
a20ba21e29 acl: rename merge context update() -> fill() 2021-09-14 15:20:56 -07:00
trujillo-adam
e35236a053 adding k8s-cli alpha docs 2021-09-14 12:25:24 -07:00
Freddy
ce04ce13dd
Merge pull request #11024 from hashicorp/partitions/rbac 2021-09-14 11:18:19 -06:00
Freddy
e18f3c1f6d
Update error texts (#11022)
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-09-14 11:08:06 -06:00
freddygv
d90e30f009 Update spiffe ID patterns used for RBAC 2021-09-14 11:00:03 -06:00
freddygv
5e54f253d7 Expand testing of simplifyNotSourceSlice for partitions 2021-09-14 10:55:15 -06:00
freddygv
19da23be28 Expand testing of removeSameSourceIntentions for partitions 2021-09-14 10:55:09 -06:00
freddygv
beab0cd962 Account for partition when matching src intentions 2021-09-14 10:55:02 -06:00
Daniel Nephin
1f9479603c
Add failures_before_warning to checks (#10969)
Signed-off-by: Jakub Sokołowski <jakub@status.im>

* agent: add failures_before_warning setting

The new setting allows users to specify the number of check failures
that have to happen before a service status us updated to be `warning`.
This allows for more visibility for detected issues without creating
alerts and pinging administrators. Unlike the previous behavior, which
caused the service status to not update until it reached the configured
`failures_before_critical` setting, now Consul updates the Web UI view
with the `warning` state and the output of the service check when
`failures_before_warning` is breached.

The default value of `FailuresBeforeWarning` is the same as the value of
`FailuresBeforeCritical`, which allows for retaining the previous default
behavior of not triggering a warning.

When `FailuresBeforeWarning` is set to a value higher than that of
`FailuresBeforeCritical it has no effect as `FailuresBeforeCritical`
takes precedence.

Resolves: https://github.com/hashicorp/consul/issues/10680

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Co-authored-by: Jakub Sokołowski <jakub@status.im>
2021-09-14 12:47:52 -04:00
Chris S. Kim
5b658d2f39
Sync partition fields from enterprise (#11021) 2021-09-13 17:53:52 -04:00
Dhia Ayachi
ad914e16c2
acl-tokens table partitioning (#11020)
* convert `Policies` index to use `indexerMulti`

* remove non used indexer

* fix oss policy Get

* add oss tests

* remove reference to partition in oss test

* convert `Roles` index to use `indexerMulti`

* add role test in oss

* fix oss to use the right index func

* convert `Roles` index to use `indexerSingle`

* split authmethod write indexer to oss and ent

* add auth method unit tests

* add index locality

* move intFromBool to be available for oss

* add expiry indexes

* add api tests

* fix rebase

* use Bool func

* preallocate slice

* rename variable
2021-09-13 16:53:09 -04:00
Dhia Ayachi
b4d5860197
convert expiration indexed in ACLToken table to use indexerSingle (#11018)
* move intFromBool to be available for oss

* add expiry indexes

* remove dead code: `TokenExpirationIndex`

* fix remove indexer `TokenExpirationIndex`

* fix rebase issue
2021-09-13 14:37:16 -04:00
Dhia Ayachi
11f44dfcf8
add locality indexer partitioning (#11016)
* convert `Roles` index to use `indexerSingle`

* split authmethod write indexer to oss and ent

* add index locality

* add locality unit tests

* move intFromBool to be available for oss

* use Bool func

* refactor `aclTokenList` to merge func
2021-09-13 11:53:00 -04:00
Jared Kirschner
63b2cebcb3
Merge pull request #10837 from jkirschner-hashicorp/improve-docs-dns-with-acl
Improve documentation around using DNS with ACLs Enabled
2021-09-13 11:09:09 -04:00
Kyle MacDonald
4b966094ff
website: fixup incorrect markdown syntax (#11015) 2021-09-13 10:36:34 -04:00
Jared Kirschner
fcd89c2674 docs: add ACL component relationships visual 2021-09-10 15:33:23 -07:00
Jared Kirschner
b89832221c docs: discuss use of ACLs on DNS page 2021-09-10 15:33:23 -07:00
Dhia Ayachi
ba4ee6e67c
convert indexAuthMethod index to use indexerSingle (#11014)
* convert `Roles` index to use `indexerSingle`

* fix oss build

* split authmethod write indexer to oss and ent

* add auth method unit tests
2021-09-10 16:56:56 -04:00
Paul Banks
b6b4080dfb
Merge pull request #10613 from hashicorp/feature/mesh-header-manip
Feature: allow manipulation of HTTP headers in ingress and mesh routing
2021-09-10 21:40:26 +01:00
Paul Banks
c118e51d5c
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-10 21:29:43 +01:00
Paul Banks
fd259db9fb
Document how to make namespace wildcard intentions. (#10724)
* Update intentions.mdx

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-10 21:25:09 +01:00
Paul Banks
b38e84df63 Include namespace and partition in error messages when validating ingress header manip 2021-09-10 21:11:00 +01:00
Paul Banks
1079089f20 Refactor HTTPHeaderModifiers.MergeDefaults based on feedback 2021-09-10 21:11:00 +01:00
Paul Banks
9e4e204e96 Fix enterprise test failures caused by differences in normalizing EnterpriseMeta 2021-09-10 21:11:00 +01:00
Paul Banks
3004eadd08 Fix enterprise discovery chain tests; Fix multi-level split merging 2021-09-10 21:11:00 +01:00