Paul Banks
05a8097c5d
Fix misc test failures (some from other PRs)
2018-06-25 12:25:13 -07:00
Paul Banks
382ce8f98a
Only set precedence on write path
2018-06-25 12:25:13 -07:00
Paul Banks
4a54f8f7e3
Fix some tests failures caused by the sorting change and some cuased by previous UpdatePrecedence() change
2018-06-25 12:25:13 -07:00
Paul Banks
bf7a62e0e0
Sort intention list by precedence
2018-06-25 12:25:13 -07:00
Mitchell Hashimoto
181fbcc9b9
agent: intention update/delete responess match ACL/KV behavior
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
3c17144fb5
agent/structs: JSON marshal the configuration for a managed proxy
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
e9e6514c9b
agent: disallow deregistering a managed proxy directly
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
66a573e496
agent: deregister service deregisters the proxy along with it
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
a82726f0b8
agent: RemoveProxy also removes the proxy service
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
e2653bec02
Fix broken tests from PR merge related to proxy secure defaults
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
cf9b377c78
agent/cache: always fetch with minimum index of 1 at least
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
e02a5fc2cc
website: fix spacing issue
2018-06-25 12:25:12 -07:00
Mitchell Hashimoto
f92a89b310
website: fix proxies to work via copy/paste
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
6a438c25d0
agent/proxy: remove debug println
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
7f83ae1faf
website: document proxy security settings
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
0d6dcbd2f1
agent: disallow API registration with managed proxy if not enabled
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
f7fc026e18
agent/config: AllowManagedAPIRegistration
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
ed98d65c2b
agent/proxy: AllowRoot to disable executing managed proxies when root
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
5ae32837f7
agent/proxy: set the proper arguments so we only run the helper process
2018-06-25 12:25:11 -07:00
Mitchell Hashimoto
4897ca6545
agent/config: add AllowManagedRoot
2018-06-25 12:25:11 -07:00
Kyle Havlovitz
82a4b3c13f
connect: fix two CA tests that were broken in a previous PR ( #60 )
2018-06-25 12:25:10 -07:00
Paul Banks
01fefd3d92
Return defensive error if API response is jank
2018-06-25 12:25:10 -07:00
Paul Banks
e7a345cb9a
Refactor resolver logic to be clearer
2018-06-25 12:25:10 -07:00
Paul Banks
41a29a469e
Fix roots race with CA setup hammering bug and defensive nil check hit during obscure upgrade scenario
2018-06-25 12:25:10 -07:00
Mitchell Hashimoto
4b7ca952d6
website: example typo
2018-06-25 12:25:10 -07:00
Mitchell Hashimoto
c809840c90
website: clarify custom proxy integration and custom managed proxies
2018-06-25 12:25:10 -07:00
Paul Banks
12a46cd996
Fix "fail open" wording
...
"fail open" implies that we just allow anything if an agent gets partitioned which is not the right meaning!
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
5d005df8c6
docs: add Connect CA overview
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
860bf825a3
docs: add agent config options for connect/CA
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
aafa3ca64a
agent: format all CA config fields
2018-06-25 12:25:09 -07:00
Kyle Havlovitz
edbeeeb23c
agent: update accepted CA config fields and defaults
2018-06-25 12:25:09 -07:00
Mitchell Hashimoto
316bdbe010
agent/proxy: fix build on Windows
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
070c91cb23
website: update security model
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
d1e48b4790
website: clarify namespaces, conflict
2018-06-25 12:24:17 -07:00
Paul Banks
541cbae5f5
More misc comment cleanup
2018-06-25 12:24:17 -07:00
Paul Banks
0824d1df5f
Misc comment cleanups
2018-06-25 12:24:16 -07:00
Paul Banks
e57aa52ca6
Warn about killing proxies in dev mode
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
71216631d7
api: update intention struct for precedence
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
fb0a58e682
website: clarify tiebreaker behavior
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
f6685177f0
website: document the precedence table
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
028aa78e83
agent/consul: set precedence value on struct itself
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
1f5398e17c
website: document multi-DC, caching, clarify prepared queries and
...
multi-DC
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
9ebd27522b
website: fix typo
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
927b45bf91
agent/config: move ports to `ports` structure, update docs
2018-06-25 12:24:15 -07:00
Paul Banks
ecfda7cda5
Fix unreachable code warning from go vet
2018-06-25 12:24:15 -07:00
Paul Banks
d1c67d90bc
Fixs a few issues that stopped this working in real life but not caught by tests:
...
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
- Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
- Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
- Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
77a8003475
api: change Connect to a query option
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
8d66d1045a
connect: remove old unused code
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
6ea59241d1
website: address feedback
2018-06-25 12:24:14 -07:00
Paul Banks
85d6502ab3
Don't kill proxies on agent shutdown; backport manager close fix
2018-06-25 12:24:13 -07:00