Commit Graph

12011 Commits

Author SHA1 Message Date
Matt Keeler 6dd0abdc9f
Update CHANGELOG.md 2020-06-22 09:03:02 -04:00
Pierre Souchay 35d852fd9a
Returns DNS Error NSDOMAIN when DC does not exists (#8103)
This will allow to increase cache value when DC is not valid (aka
return SOA to avoid too many consecutive requests) and will
distinguish DC being temporarily not available from DC not existing.

Implements https://github.com/hashicorp/consul/issues/8102
2020-06-22 09:01:48 -04:00
Brandon Romano 22239b8f6d
Merge pull request #8162 from hashicorp/nav-update
Update Nav
2020-06-22 04:15:18 -07:00
Brandon Romano 2509e8d222 Update Nav 2020-06-21 19:35:34 -07:00
Matt Keeler 4a5b352c18
Require enabling TLS to enable Auto Config (#8159)
On the servers they must have a certificate.

On the clients they just have to set verify_outgoing to true to attempt TLS connections for RPCs.

Eventually we may relax these restrictions but right now all of the settings we push down (acl tokens, acl related settings, certificates, gossip key) are sensitive and shouldn’t be transmitted over an unencrypted connection. Our guides and docs should recoommend verify_server_hostname on the clients as well.

Another reason to do this is weird things happen when making an insecure RPC when TLS is not enabled. Basically it tries TLS anyways. We should probably fix that to make it clearer what is going on.
2020-06-19 16:38:14 -04:00
Freddy 0719e3e5da
Update CHANGELOG.md 2020-06-19 13:36:37 -06:00
Freddy b3dde7c033
Update CHANGELOG.md 2020-06-19 13:35:22 -06:00
Freddy 5baa7b1b04
Always return a gateway cluster (#8158) 2020-06-19 13:31:39 -06:00
Matt Keeler d6e05482ab
Allow cancelling startup when performing auto-config (#8157)
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2020-06-19 15:16:00 -04:00
Preetha c2593957bd
Merge pull request #8156 from hashicorp/docs-update-version
update version to 1.8.0
2020-06-18 20:05:53 -05:00
Preetha 8bf0432fae
remove prerelease tag 2020-06-18 20:02:21 -05:00
Preetha 3ca775a75e
update alert banner 2020-06-18 19:36:42 -05:00
Preetha e8da210b4b
update version to 1.8.0 2020-06-18 19:32:11 -05:00
Freddy 28f22c8a90
Finalize gateway documentation for 1.8.0 GA (#8121)
Co-authored-by: Derek Strickland <1111455+DerekStrickland@users.noreply.github.com>
2020-06-18 15:27:06 -06:00
Chris Piraino 9459ef87eb
Remove ingress line items from UNRELEASED header
These all got squashed into the Ingress Gateway feature item in 1.8.0.
2020-06-18 15:54:36 -05:00
Chris Piraino 7b75c82714
Update master CHANGELOG to release 1.8.0 (#8152) 2020-06-18 15:28:18 -05:00
Luke Kysow d3cc5ec1fe
Merge pull request #8150 from hashicorp/18-wan-fed-docs
Remove consul:beta now that 1.8 is out.
2020-06-18 12:54:31 -07:00
Daniel Nephin 4f17350928
Merge pull request #8147 from hashicorp/dnephin/remove-private-ip-2
Remove some dead code from agent/consul/util.go
2020-06-18 15:51:09 -04:00
Matt Keeler b0fcf86140 Change auto config authorizer to allow for future extension
The envisioned changes would allow extra settings to enable dynamically defined auth methods to be used instead of  or in addition to the statically defined one in the configuration.
2020-06-18 15:22:24 -04:00
Luke Kysow fcbed6da44
Remove consul:beta now that 1.8 is out. 2020-06-18 11:50:25 -07:00
Rebecca Zanzig ea8fbdc68f
Merge pull request #8126 from hashicorp/k8s/gateway-docs
Add helm chart options for ingress and terminating gateways
2020-06-18 11:30:59 -07:00
Jono Sosulska c8bee5a934
Fixing multiple document updates (#8135)
* Fixes #7663-ACL Token Reloadable#7432-Cipher Suites,#7385-KV Delete DC, raft list-peers docs

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2020-06-18 14:10:45 -04:00
Rebecca Zanzig 5c7e62169d Add helm chart options for ingress and terminating gateways 2020-06-18 11:04:19 -07:00
Dexter Lowe 6e208a2120
#8059 Improve Clarity on TTL docs (#8141) 2020-06-18 13:53:43 -04:00
Daniel Nephin b0ba546a1f Remove bytesToUint64 from agent/consul 2020-06-18 12:45:43 -04:00
Daniel Nephin a00f007c5e Remove unused private IP code from agent/consul 2020-06-18 12:40:38 -04:00
Chris Piraino af11169c26
Bump golang to 1.14.4 to avoid known runtime issue (#8146)
An issue where the golang runtime would hang and loop forever
2020-06-18 11:38:33 -05:00
Matt Keeler abce1f0eee
Merge pull request #8086 from hashicorp/feature/auto-config/client-config-inject 2020-06-18 10:44:32 -04:00
John Cowen 6bde8b6378
ui: Remove with-listeners mixin (#8142)
This mixin was a very thin mixin over the top of our listeners utility,
and we have been gradually preferring using the utility straight rather
than using the mixin. This commit removes the last places where we still
used the mixin, and also potentially the last few places where we
continued to use the old API for our listeners utility.
2020-06-18 14:54:31 +01:00
Kenia 191f0966a0
ui: Refactor Upstreams and Exposed Paths icons (#8139)
* Update Ports to have copy-button to the left

* Update exposed paths use a description list
2020-06-18 09:23:42 -04:00
Matt Keeler 3dbbd2d37d
Implement Client Agent Auto Config
There are a couple of things in here.

First, just like auto encrypt, any Cluster.AutoConfig RPC will implicitly use the less secure RPC mechanism.

This drastically modifies how the Consul Agent starts up and moves most of the responsibilities (other than signal handling) from the cli command and into the Agent.
2020-06-17 16:49:46 -04:00
Matt Keeler 8b7d669a27
Allow the Agent its its child Client/Server to share a connection pool
This is needed so that we can make an AutoConfig RPC at the Agent level prior to creating the Client/Server.
2020-06-17 16:19:33 -04:00
Matt Keeler 51c3a605ad
Merge pull request #8035 from hashicorp/feature/auto-config/server-rpc 2020-06-17 16:07:25 -04:00
Chris Piraino 79a862d019
Remove ACLEnforceVersion8 from tests (#8138)
The field had been deprecated for a while and was recently removed,
however a PR which added these tests prior to removal was merged.
2020-06-17 14:58:01 -05:00
Chris Piraino bb103f22dd
Updates docs with ingress Host header clarifications (#8062)
* Updates docs with ingress Host header changes

Clarify that a Host header is required for L7 protocols, and specify
that the default is to use the Consul DNS ingress subdomain

* Add sentence about using '*' by itself for testing

* Add optional step for using L7 routing config

* Note that port numbers may need to be added in the Hosts field
2020-06-17 14:43:58 -05:00
Daniel Nephin 692a4a8fc8
Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file
config: warn if a config file is being skipped because of its file extension
2020-06-17 15:14:40 -04:00
Daniel Nephin be29d6bf75 config: warn when a config file is skipped
All commands which read config (agent, services, and validate) will now
print warnings when one of the config files is skipped because it did
not match an expected format.

Also ensures that config validate prints all warnings.
2020-06-17 13:08:54 -04:00
Kevin Pruett 61446a7ad7
Merge pull request #8136 from hashicorp/pruett.update-nextjs-scripts-dep
Update @hashicorp/nextjs-scripts dep
2020-06-17 12:16:45 -04:00
Daniel Nephin 5afcf5c1bc
Merge pull request #8034 from hashicorp/dnephin/add-linter-staticcheck-4
ci: enable SA4006 staticcheck check and add ineffassign
2020-06-17 12:16:02 -04:00
Kevin Pruett d2aed50ba1
Update @hashicorp/nextjs-scripts dep 2020-06-17 12:01:56 -04:00
Matt Keeler 9b01f9423c
Implement the insecure version of the Cluster.AutoConfig RPC endpoint
Right now this is only hooked into the insecure RPC server and requires JWT authorization. If no JWT authorizer is setup in the configuration then we inject a disabled “authorizer” to always report that JWT authorization is disabled.
2020-06-17 11:25:29 -04:00
wisp b29da31f94
Fixed a typo (#8132)
Fixed a little typo 🐰
2020-06-17 10:21:33 -04:00
John Cowen 2344ed1505
ui: Switch out WithResizingMixin for on-window helper (#8130)
* ui: Add ember-on-helper

* Switch out WithResizingMixin for {{on-window}} helper
2020-06-17 14:26:50 +01:00
John Cowen 49ec61e523
ui: Remove WithEventSource mixin, use a component instead (#7953)
The WithEventSource mixin was responsible for catching EventSource
errors and cleaning up events sources then the user left a Controller.

As we are trying to avoid mixin usage, we moved this all to an
`EventSource` component, which can clean up when the component is
removed from the page, and also fires an onerror event.

Moving to a component firing an onerror event means we can also remove
all of our custom computed property work that we were using previously
to catch errors (thrown when a service etc. is removed)
2020-06-17 14:19:50 +01:00
John Cowen f4f7920e08
ui: Change code-editor tested to use querySelectorAll (#8087) (#8131) 2020-06-17 14:17:00 +01:00
John Cowen 61433fabb4
ui: Don't show duplicate services in the intentions form dropdown (#8133)
* Add uniq-by helper
* Pass unique services through to intentions form
* Add acceptance test
2020-06-17 14:11:40 +01:00
Pierre Souchay d31691dc87
gossip: Ensure that metadata of Consul Service is updated (#7903)
While upgrading servers to a new version, I saw that metadata of
existing servers are not upgraded, so the version and raft meta
is not up to date in catalog.

The only way to do it was to:
 * update Consul server
 * make it leave the cluster, then metadata is accurate

That's because the optimization to avoid updating catalog does
not take into account metadata, so no update on catalog is performed.
2020-06-17 12:16:13 +02:00
John Cowen 7522bd5dab
ui: Token listing redesign (#8117) 2020-06-17 10:25:54 +01:00
Daniel Nephin d345cd8d30 ci: Add ineffsign linter
And fix an additional ineffective assignment that was not caught by staticcheck
2020-06-16 17:32:50 -04:00
Daniel Nephin a9851e1812
Merge pull request #8070 from hashicorp/dnephin/add-gofmt-simplify
ci: Enable gofmt simplify
2020-06-16 17:18:38 -04:00