Commit Graph

12474 Commits

Author SHA1 Message Date
Jack 77d0c33fc8
Specify allowed ingress gateway protocols in docs (#8454)
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2020-08-07 13:25:23 -06:00
Mike Morris 0ff4f46c52
Update CHANGELOG.md 2020-08-07 13:15:20 -04:00
Matt Keeler 2e92bec149
Update CHANGELOG.md 2020-08-07 10:21:44 -04:00
Matt Keeler 67dec3b609
Require token replication to be enabled in secondary dcs when ACLs are enabled with AutoConfig (#8451)
AutoConfig will generate local tokens for clients and the ability to use local tokens is gated off of token replication being enabled and being configured with a replication token. Therefore we already have a hard requirement on having token replication enabled, this commit just makes sure to surface that to the operator instead of having to discern what the issue is from RPC errors.
2020-08-07 10:20:27 -04:00
Hans Hasselberg 3f9d089a1a
Update CHANGELOG.md 2020-08-07 12:07:12 +02:00
Hans Hasselberg d316cd06c1
auto_config implies connect (#8433) 2020-08-07 12:02:02 +02:00
Rebecca Zanzig 39b62e5d8a
Merge pull request #8426 from hashicorp/docs/k8s-resources
Add lifecycle sidecar and init container resource settings docs
2020-08-06 15:28:11 -07:00
Rebecca Zanzig 18e9f925b8 Add lifecycle sidecar and init container resource settings docs 2020-08-06 15:11:54 -07:00
Hans Hasselberg 586ee2566f
Introducing changelog-gen (#8387)
* add templates for changelog-gen
* add entry files for currently unreleased PRs on master
2020-08-06 23:15:29 +02:00
Daniel Nephin 8e67d8eaeb sdk: mitigate api test timeout
Occasionally we are seeing the go-test-api job timeout at 10 minutes.
Looking at the stack trace I saw the following:

1. Lots of tests blocked on server.Stop in NewTestServerConfigT. This
   suggests that SIGINT is being sent to the server, but the server is
   not properly shutting down.

2. Over 20k goroutines that look like this:

goroutine 16355 [select, 8 minutes]:
net/http.(*persistConn).readLoop(0xc004270240)
    /usr/local/go/src/net/http/transport.go:2099 +0x99e
created by net/http.(*Transport).dialConn
    /usr/local/go/src/net/http/transport.go:1647 +0xc56

Issue 1 seems to be the main problem, but debugging that directly is not
possible because our buffered logs do not get sent when the tests
timeout. To mitigate this problem I've added a timeout to the cmd.Wait()
to force kill the process and return an error.

Unfortunately because we retry this operation, we still may not see the
cause because the next attempt will likely pass. I'm tempted to remove
the retry around NewTestServerConfigT.

Issue 2 seems to be caused by not closing the response body. Since the
request is performed many times in a loop, many goroutines are created
and are not closed until the response body is closed.
2020-08-06 17:00:20 -04:00
Hans Hasselberg d4217cc165
Update CHANGELOG.md 2020-08-06 21:31:18 +02:00
Blake Covarrubias c81610c5f9 website: Redirect /mesh to new URL
Redirect service mesh use case page to point to new URL.
2020-08-06 09:25:08 -07:00
Hans Hasselberg 51a8e15cf8
Mark its own cluster as healthy when rebalancing. (#8406)
This code started as an optimization to avoid doing an RPC Ping to
itself. But in a single server cluster the rebalancing was led to
believe that there were no healthy servers because foundHealthyServer
was not set. Now this is being set properly.

Fixes #8401 and #8403.
2020-08-06 10:42:09 +02:00
Mike Morris 7fd4471b80
Update version.js to 1.8.1 (#8439) 2020-08-05 16:56:38 -04:00
R.B. Boyer d405a095a2 update changelog 2020-08-05 15:02:35 -05:00
R.B. Boyer 397019d970
xds: revert setting set_node_on_first_message_only to true when generating envoy bootstrap config (#8440)
When consul is restarted and an envoy that had already sent
DiscoveryRequests to the previous consul process sends a request to the
new process it doesn't respect the setting and never populates
DiscoveryRequest.Node for the life of the new consul process due to this
bug: https://github.com/envoyproxy/envoy/issues/9682

Fixes #8430
2020-08-05 15:00:24 -05:00
Daniel Nephin ae382805bd
Merge pull request #8404 from hashicorp/dnephin/remove-log-output-field
Use Logger consistently, instead of LogOutput
2020-08-05 14:31:43 -04:00
Daniel Nephin 3b82ad0955 Rename NewClient/NewServer
Now that duplicate constructors have been removed we can use the shorter names for the single constructor.
2020-08-05 14:00:55 -04:00
Daniel Nephin 0420d91cdd Remove LogOutput from Agent
Now that it is no longer used, we can remove this unnecessary field. This is a pre-step in cleanup up RuntimeConfig->Consul.Config, which is a pre-step to adding a gRPCHandler component to Server for streaming.

Removing this field also allows us to remove one of the return values from logging.Setup.
2020-08-05 14:00:44 -04:00
Daniel Nephin 5acf01ceeb Remove LogOutput from Server 2020-08-05 14:00:44 -04:00
Daniel Nephin 0c5428eea8 Remove LogOutput from Client 2020-08-05 14:00:42 -04:00
Daniel Nephin 136cb82158
Merge pull request #8437 from hashicorp/dnephin/fix-service-checks-cache-type
cache-type: Return nil value on error
2020-08-05 13:50:05 -04:00
Daniel Nephin e8ee2cf2f7 Pass a logger to ConnPool and yamux, instead of an io.Writer
Allowing us to remove the LogOutput field from config.
2020-08-05 13:25:08 -04:00
Daniel Nephin ed8210fe4d api: Use a Logger instead of an io.Writer in api.Watch
So that we can pass around only a Logger, not a LogOutput
2020-08-05 13:25:08 -04:00
Daniel Nephin 1e17a0c3e1 config: Remove unused field 2020-08-05 13:25:08 -04:00
Daniel Nephin ba3ace1219 Return nil value on error.
The main bug was fixed in cb050b280c, but the return value of 'result' is still misleading.
Change the return value to nil to make the code more clear.
2020-08-05 13:10:17 -04:00
Daniel Nephin da799c6a59
Merge pull request #8385 from hashicorp/dnephin/check-generated
ci: Add check-generated-protobuf
2020-08-05 12:10:27 -04:00
R.B. Boyer ab32ab0df1 update changelog 2020-07-31 15:54:19 -05:00
R.B. Boyer c599a2f5f4
xds: add support for envoy 1.15.0 and drop support for 1.11.x (#8424)
Related changes:

- hard-fail the xDS connection attempt if the envoy version is known to be too old to be supported
- remove the RouterMatchSafeRegex proxy feature since all supported envoy versions have it
- stop using --max-obj-name-len (due to: envoyproxy/envoy#11740)
2020-07-31 15:52:49 -05:00
Marc Billow 6960afdfe3 Simple tls cert create help text typo 2020-07-30 12:04:21 -07:00
Mike Morris dbff27c8bd
Update CHANGELOG.md 2020-07-30 14:08:08 -04:00
Pierre Souchay 316883a7d5
Removed trailing backslash in CHANGELOG (#8414) 2020-07-30 14:01:06 -04:00
Mike Morris 6edd8ef78b
Update CHANGELOG.md (#8413) 2020-07-30 13:18:42 -04:00
Freddy f1e8addbdf
Avoid panics during shutdown routine (#8412) 2020-07-30 11:11:10 -06:00
Kyle Havlovitz a4b373b333
Update CHANGELOG.md 2020-07-30 09:41:16 -07:00
Matt Keeler 6352766235
Add some auto-config docs (#8410)
We will probably want a tutorial about this in the future but for now at least we document it a little.
2020-07-30 12:10:25 -04:00
Matt Keeler ff02b95718
Update CHANGELOG.md 2020-07-30 11:38:08 -04:00
Matt Keeler 1a78cf9b4c
Ensure certificates retrieved through the cache get persisted with auto-config (#8409) 2020-07-30 11:37:18 -04:00
Matt Keeler dbb461a5d3
Allow setting verify_incoming* when using auto_encrypt or auto_config (#8394)
Ensure that enabling AutoConfig sets the tls configurator properly

This also refactors the TLS configurator a bit so the naming doesn’t imply only AutoEncrypt as the source of the automatically setup TLS cert info.
2020-07-30 10:15:12 -04:00
Hans Hasselberg c21c2fe494
Mention agent-cache ratelimiting. 2020-07-30 14:46:51 +02:00
Hans Hasselberg 054595b1f8
agent/cache test for cache throttling. (#8396) 2020-07-30 14:41:13 +02:00
Kenia 4c8a15b698
ui: Add sorting to Policies (#8373)
* Add sorting to ACLs policies with comparator

* Add acls/roles sorting test

* Add navigation test for acls/policies

* Update onchange value for sorting policies
2020-07-29 14:36:09 -04:00
Daniel Nephin b34be1a877 Generate Go files using protobuf 3.12.3 2020-07-29 12:11:51 -04:00
Daniel Nephin f4791f0e82 ci: Add check-generated
And remove makefile targets that can be accomplished with --always-make
2020-07-29 12:10:44 -04:00
Mike Morris 85ef7ba943
api: restore Leader() and Peers() to avoid breaking function signatures (#8395)
api: add TestAPI_StatusLeaderWithQueryOptions and TestAPI_StatusPeersWithQueryOptions
api: make TestAPI_Status* error messages more verbose
2020-07-29 12:09:15 -04:00
Matt Keeler 7d2aa180a4
Update CHANGELOG.md 2020-07-29 11:11:47 -04:00
Kenia 4eb47ba716
ui: Add sorting to Roles (#8369)
* Add sorting to ACLs roles with comparator

* Add acls/roles sorting test

* Add navigation feature test to roles

* Update onchange value target for sorting roles
2020-07-29 10:55:38 -04:00
Kenia fb99346b60
ui: Update onchange value target for sorting tokens (#8399) 2020-07-29 10:13:00 -04:00
John Cowen b8a8435643
ui: Ensure URLs for tabs change when selecting a different DC (#8397)
* ui: Add URLs to tabs to we can assert them

* Add dcs to the service show page, temporarily

There is an ongoing PR which removes the need to do this by adding a dcs
property to the navigation, hence temporary

* Add a step to assert on whether text _contains_ rather than exact match

* Test whether the URL of the instance tab changes when the user switches dcs using the main navigation menu

* Recompute href-to's on URL change, just like is-href
2020-07-29 16:09:40 +02:00
Kenia fe0a835fd1
ui: Fix up on the onchange value to target for soting intentions (#8398) 2020-07-29 10:07:48 -04:00