Commit Graph

10494 Commits

Author SHA1 Message Date
R.B. Boyer 403881650d fix changelog after merge 2019-07-17 14:46:27 -05:00
Alvin Huang 6f1953d96d Merge branch 'master' into release/1-6 2019-07-17 15:43:30 -04:00
R.B. Boyer 26026d7f72 update changelog 2019-07-17 14:09:22 -05:00
R.B. Boyer 4f94aa151a update changelog 2019-07-17 14:08:17 -05:00
R.B. Boyer d7a5158805
xds: allow http match criteria to be applied to routes on services using grpc protocols (#6149) 2019-07-17 14:07:08 -05:00
R.B. Boyer b16d7f00bc
agent: avoid reverting any check updates that occur while a service is being added or the config is reloaded (#6144) 2019-07-17 14:06:50 -05:00
Judith Malnick f946545b28
Detail required settings in Gateway doc (#6126)
* Update mesh_gateway.html.md

* Apply suggestions from code review

Co-Authored-By: Luke Kysow <1034429+lkysow@users.noreply.github.com>

* Add WAN joining requirement

* re-word primary dc guidance

Co-Authored-By: Luke Kysow <1034429+lkysow@users.noreply.github.com>

* Update website/source/docs/connect/mesh_gateway.html.md
2019-07-17 11:02:58 -07:00
Alvin Huang 7b0614ea82
turning on go tests in circle for non-forks (#6154)
* turning on go tests in circle for non-forks

* fix comment
2019-07-17 13:43:33 -04:00
Freddy 5526cfac8b
Reduce number of servers in TestServer_Expect_NonVoters (#6155) 2019-07-17 11:35:33 -06:00
Sarah Adams 3b5f2bb1ff
Update CHANGELOG.md 2019-07-17 10:11:58 -07:00
Freddy 59dbd070d7
More flaky test fixes (#6151)
* Add retry to TestAPI_ClientTxn

* Add retry to TestLeader_RegisterMember

* Account for empty watch result in ConnectRootsWatch
2019-07-17 09:33:38 -06:00
Luke Kysow c31cb95da3
Document multiple services config in hcl
Also change ttl => timeout since ttl doesn't work anymore.
2019-07-17 15:26:08 +01:00
R.B. Boyer 4a9f4b97e6
tests: when running envoy integration tests try to limit container bleedover between cases (#6148) 2019-07-17 09:20:10 -05:00
hashicorp-ci fa20c7db97 Merge Consul OSS branch 'master' at commit 95dbb7f2f1 2019-07-17 02:00:21 +00:00
Alvin Huang 95dbb7f2f1
add lint-consul-retry tool (#6139)
* add lint-consul-retry tool

* lint consul retry for forks too
2019-07-16 18:52:24 -04:00
Sarah Adams ea2bd5b728
http/tcp checks: fix long timeout behavior to default to user-configured value (#6094)
Fixes #5834
2019-07-16 15:13:26 -07:00
Freddy d219e31db8
Update retries that weren't using retry.R (#6146) 2019-07-16 14:47:45 -06:00
Alvin Huang 648e20d0c9 Putting source back into Dev Mode 2019-07-15 15:03:36 -04:00
hashicorp-ci 6937bb292c
Release v1.6.0-beta2 2019-07-15 18:09:31 +00:00
hashicorp-ci 4bb858161e
update bindata_assetfs.go 2019-07-15 18:09:30 +00:00
Jack Pearkes 255653c6fb Merge remote-tracking branch 'origin/master' into release/1-6 2019-07-15 10:02:34 -07:00
R.B. Boyer e8132b61c0
add test for discovery chain agent cache-type (#6130) 2019-07-15 10:09:52 -05:00
John Cowen e262631900
ui: Force upgrades lodash and lodash submodules: (#6137)
All related to:

- https://github.com/lodash/lodash/pull/4336
2019-07-15 14:48:51 +01:00
John Cowen 2664a5efa5
ui: Forced upgrade handlebars from 4.0 to 4.1 (#6077)
Force bumps [handelbars](https://github.com/wycats/handlebars.js) from 4.0 to 4.1.2 using `resolutions`

- [Release Notes](https://github.com/wycats/handlebars.js/blob/master/release-notes.md)
2019-07-15 14:06:26 +01:00
Jack Pearkes 17569d7714 Update CHANGELOG.md 2019-07-12 15:54:29 -07:00
Jack Pearkes 338aed32af Merge branch 'master' into release/1-6 2019-07-12 14:51:25 -07:00
Matt Keeler 4728329aeb
Various Gateway Fixes (#6093)
* Ensure the mesh gateway configuration comes back in the api within each upstream

* Add a test for the MeshGatewayConfig in the ToAPI functions

* Ensure we don’t use gateways for dc local connections

* Update the svc kind index for deletions

* Replace the proxycfg.state cache with an interface for testing

Also start implementing proxycfg state testing.

* Update the state tests to verify some gateway watches for upstream-targets of a discovery chain.
2019-07-12 17:19:37 -04:00
Sarah Adams ce3a6e8660
fix flaky test TestACLEndpoint_SecureIntroEndpoints_OnlyCreateLocalData (#6116)
* fix test to write only to dc2 (typo)
* fix retry behavior in existing test (was being used incorrectly)
2019-07-12 14:14:42 -07:00
R.B. Boyer bcd2de3a2e
implement some missing service-router features and add more xDS testing (#6065)
- also implement OnlyPassing filters for non-gateway clusters
2019-07-12 14:16:21 -05:00
R.B. Boyer 8a90185bbd
unknown fields now fail, so omit these unimplemented fields (#6125) 2019-07-12 14:04:15 -05:00
Freddy 97ecc0517c
Fix some retries in api pkg (#6124) 2019-07-12 12:57:41 -06:00
R.B. Boyer 9138a97054
Fix bug in service-resolver redirects if the destination uses a default resolver. (#6122)
Also:
- add back an internal http endpoint to dump a compiled discovery chain for debugging purposes

Before the CompiledDiscoveryChain.IsDefault() method would test:

- is this chain just one resolver step?
- is that resolver step just the default?

But what I forgot to test:

- is that resolver step for the same service that the chain represents?

This last point is important because if you configured just one config
entry:

    kind = "service-resolver"
    name = "web"
    redirect {
      service = "other"
    }

and requested the chain for "web" you'd get back a **default** resolver
for "other".  In the xDS code the IsDefault() method is used to
determine if this chain is "empty". If it is then we use the
pre-discovery-chain logic that just uses data embedded in the Upstream
object (and still lets the escape hatches function).

In the example above that means certain parts of the xDS code were going
to try referencing a cluster named "web..." despite the other parts of
the xDS code maintaining clusters named "other...".
2019-07-12 12:21:25 -05:00
R.B. Boyer 67a36e3452
handle structs.ConfigEntry decoding similarly to api.ConfigEntry decoding (#6106)
Both 'consul config write' and server bootstrap config entries take a
decoding detour through mapstructure on the way from HCL to an actual
struct. They both may take in snake_case or CamelCase (for consistency)
so need very similar handling.

Unfortunately since they are operating on mirror universes of structs
(api.* vs structs.*) the code cannot be identitical, so try to share the
kind-configuration and duplicate the rest for now.
2019-07-12 12:20:30 -05:00
Matt Keeler 6e65811db2
Envoy CLI bind addresses (#6107)
* Ensure we MapWalk the proxy config in the NodeService and ServiceNode structs

This gets rid of some json encoder errors in the catalog endpoints

* Allow passing explicit bind addresses to envoy

* Move map walking to the ConnectProxyConfig struct

Any place where this struct gets JSON encoded will benefit as opposed to having to implement it everywhere.

* Fail when a non-empty address is provided and not bindable

* camel case

* Update command/connect/envoy/envoy.go

Co-Authored-By: Paul Banks <banks@banksco.de>
2019-07-12 12:57:31 -04:00
R.B. Boyer 911ed76e5b
tests: further reduce envoy integration test flakiness (#6112)
In addition to waiting until s2 shows up healthy in the Catalog, wait
until s2 endpoints show up healthy via EDS in the s1 upstream clusters.
2019-07-12 11:12:56 -05:00
Freddy 5873c56a03
Flaky test overhaul (#6100) 2019-07-12 09:52:26 -06:00
Freddy 4033a4d632
Remove dummy config (#6121) 2019-07-12 09:50:14 -06:00
Freddy 0b9111714b
Update TestServer creation in sdk/testutil (#6084)
* Retry the creation of the test server three times.
* Reduce the retry timeout for the API wait to 2 seconds, opting to fail faster and start over.
* Remove wait for leader from server creation. This wait can be added on a test by test basis now that the function is being exported.
* Remove wait for anti-entropy sync. This is built into the existing WaitForSerfCheck func, so that can be used if the anti-entropy wait is needed
2019-07-12 09:37:29 -06:00
Freddy 0f8837824e
Clean up StatsFetcher work when context is exceeded (#6086) 2019-07-12 08:23:28 -06:00
Matt Keeler de23af071a
Move ctx and cancel func setup into the Replicator.Start (#6115)
Previously a sequence of events like:

Start
Stop
Start
Stop

would segfault on the second stop because the original ctx and cancel func were only initialized during the constructor and not during Start.
2019-07-12 10:10:48 -04:00
hashicorp-ci 79e36385ce Merge Consul OSS branch 'master' at commit 3f3cd9a164 2019-07-11 02:00:37 +00:00
R.B. Boyer d4e58e9773 test: for envoy integration tests bump the time to wait for the upstream to be healthy (#6109) 2019-07-10 18:07:47 -04:00
R.B. Boyer 20caa4f744
test: for envoy integration tests, wait until 's2' is healthy in consul before interrogating envoy (#6108)
When the envoy healthy panic threshold was explicitly disabled as part
of L7 traffic management it changed how envoy decided to load balance to
endpoints in a cluster. This only matters when envoy is in "panic mode"
aka "when you have a bunch of unhealthy endpoints". Panic mode sends
traffic to unhealthy instances in certain circumstances.

Note: Prior to explicitly disabling the healthy panic threshold, the
default value is 50%.

What was happening is that the test harness was bringing up consul the
sidecars, and the service instances all at once and sometimes the
proxies wouldn't have time to be checked by consul to be labeled as
'passing' in the catalog before a round of EDS happened.

The xDS server in consul effectively queries /v1/health/connect/s2 and
gets 1 result, but that one result has a 'critical' check so the xDS
server sends back that endpoint labeled as UNHEALTHY.

Envoy sees that 100% of the endpoints in the cluster are unhealthy and
would enter panic mode and still send traffic to s2. This is why the
test suites PRIOR to disabling the healthy panic threshold worked. They
were _incorrectly_ passing.

When the healthy panic threshol is disabled, envoy never enters panic
mode in this situation and thus the cluster has zero healthy endpoints
so load balancing goes nowhere and the tests fail.

Why does this only affect the test suites for envoy 1.8.0? My guess is
that https://github.com/envoyproxy/envoy/pull/4442 was merged into the
1.9.x series and somehow that plays a role.

This PR modifies the bats scripts to explicitly wait until the upstream
sidecar is healthy as measured by /v1/health/connect/s2?passing BEFORE
trying to interrogate envoy which should make the tests less racy.
2019-07-10 15:58:25 -05:00
Jack Pearkes da1f0af18e
Update CHANGELOG.md 2019-07-09 15:41:32 +02:00
Jack Pearkes df6eab83d4 website: link to beta changelog 2019-07-09 13:43:29 +02:00
Jack Pearkes ad9dcfcfe5 website: fix use-case dropdown size 2019-07-09 08:45:58 +02:00
Jack Pearkes 6cf9abcf2f website: remove configuration use-case 2019-07-09 07:47:49 +02:00
Jack Pearkes 81aba02015 website: better mesh call to actions 2019-07-09 05:55:58 +02:00
Jack Pearkes 12dc9019af website: better mesh links into new docs 2019-07-09 05:51:23 +02:00
R.B. Boyer 068a069512
config entry doc snippet for mesh gateways (#6095) 2019-07-08 21:25:25 -05:00