Commit Graph

8320 Commits

Author SHA1 Message Date
Paul Banks 05a8097c5d Fix misc test failures (some from other PRs) 2018-06-25 12:25:13 -07:00
Paul Banks 382ce8f98a Only set precedence on write path 2018-06-25 12:25:13 -07:00
Paul Banks 4a54f8f7e3 Fix some tests failures caused by the sorting change and some cuased by previous UpdatePrecedence() change 2018-06-25 12:25:13 -07:00
Paul Banks bf7a62e0e0 Sort intention list by precedence 2018-06-25 12:25:13 -07:00
Mitchell Hashimoto 181fbcc9b9 agent: intention update/delete responess match ACL/KV behavior 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 3c17144fb5 agent/structs: JSON marshal the configuration for a managed proxy 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto e9e6514c9b agent: disallow deregistering a managed proxy directly 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto 66a573e496 agent: deregister service deregisters the proxy along with it 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto a82726f0b8 agent: RemoveProxy also removes the proxy service 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto e2653bec02 Fix broken tests from PR merge related to proxy secure defaults 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto cf9b377c78 agent/cache: always fetch with minimum index of 1 at least 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto e02a5fc2cc website: fix spacing issue 2018-06-25 12:25:12 -07:00
Mitchell Hashimoto f92a89b310 website: fix proxies to work via copy/paste 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto 6a438c25d0 agent/proxy: remove debug println 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto 7f83ae1faf website: document proxy security settings 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto 0d6dcbd2f1 agent: disallow API registration with managed proxy if not enabled 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto f7fc026e18 agent/config: AllowManagedAPIRegistration 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto ed98d65c2b agent/proxy: AllowRoot to disable executing managed proxies when root 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto 5ae32837f7 agent/proxy: set the proper arguments so we only run the helper process 2018-06-25 12:25:11 -07:00
Mitchell Hashimoto 4897ca6545 agent/config: add AllowManagedRoot 2018-06-25 12:25:11 -07:00
Kyle Havlovitz 82a4b3c13f connect: fix two CA tests that were broken in a previous PR (#60) 2018-06-25 12:25:10 -07:00
Paul Banks 01fefd3d92 Return defensive error if API response is jank 2018-06-25 12:25:10 -07:00
Paul Banks e7a345cb9a Refactor resolver logic to be clearer 2018-06-25 12:25:10 -07:00
Paul Banks 41a29a469e Fix roots race with CA setup hammering bug and defensive nil check hit during obscure upgrade scenario 2018-06-25 12:25:10 -07:00
Mitchell Hashimoto 4b7ca952d6 website: example typo 2018-06-25 12:25:10 -07:00
Mitchell Hashimoto c809840c90 website: clarify custom proxy integration and custom managed proxies 2018-06-25 12:25:10 -07:00
Paul Banks 12a46cd996 Fix "fail open" wording
"fail open" implies that we just allow anything if an agent gets partitioned which is not the right meaning!
2018-06-25 12:25:10 -07:00
Kyle Havlovitz 5d005df8c6 docs: add Connect CA overview 2018-06-25 12:25:10 -07:00
Kyle Havlovitz 860bf825a3 docs: add agent config options for connect/CA 2018-06-25 12:25:10 -07:00
Kyle Havlovitz aafa3ca64a agent: format all CA config fields 2018-06-25 12:25:09 -07:00
Kyle Havlovitz edbeeeb23c agent: update accepted CA config fields and defaults 2018-06-25 12:25:09 -07:00
Mitchell Hashimoto 316bdbe010 agent/proxy: fix build on Windows 2018-06-25 12:24:18 -07:00
Mitchell Hashimoto 070c91cb23 website: update security model 2018-06-25 12:24:18 -07:00
Mitchell Hashimoto d1e48b4790 website: clarify namespaces, conflict 2018-06-25 12:24:17 -07:00
Paul Banks 541cbae5f5 More misc comment cleanup 2018-06-25 12:24:17 -07:00
Paul Banks 0824d1df5f Misc comment cleanups 2018-06-25 12:24:16 -07:00
Paul Banks e57aa52ca6 Warn about killing proxies in dev mode 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 71216631d7 api: update intention struct for precedence 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto fb0a58e682 website: clarify tiebreaker behavior 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto f6685177f0 website: document the precedence table 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 028aa78e83 agent/consul: set precedence value on struct itself 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 1f5398e17c website: document multi-DC, caching, clarify prepared queries and
multi-DC
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto 9ebd27522b website: fix typo 2018-06-25 12:24:15 -07:00
Mitchell Hashimoto 927b45bf91 agent/config: move ports to `ports` structure, update docs 2018-06-25 12:24:15 -07:00
Paul Banks ecfda7cda5 Fix unreachable code warning from go vet 2018-06-25 12:24:15 -07:00
Paul Banks d1c67d90bc Fixs a few issues that stopped this working in real life but not caught by tests:
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
 - Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
 - Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
 - Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 77a8003475 api: change Connect to a query option 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 8d66d1045a connect: remove old unused code 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 6ea59241d1 website: address feedback 2018-06-25 12:24:14 -07:00
Paul Banks 85d6502ab3 Don't kill proxies on agent shutdown; backport manager close fix 2018-06-25 12:24:13 -07:00