0d1d2fc4c9
add order by locality failover to Consul enterprise ( #16791 )
2023-03-30 10:08:38 -04:00
94ec4eb2f4
copyright headers for agent folder ( #16704 )
...
* copyright headers for agent folder
* Ignore test data files
* fix proto files and remove headers in agent/uiserver folder
* ignore deep-copy files
2023-03-28 14:39:22 -04:00
7477f52a16
add sameness groups to discovery chains ( #16671 )
2023-03-20 09:12:37 -04:00
eaa39f4ef5
add sameness group support to service resolver failover and redirects ( #16664 )
2023-03-17 10:48:06 -04:00
e298f506a5
Add Peer Locality to Discovery Chains ( #16588 )
...
Add peer locality to discovery chains
2023-03-10 12:59:47 -05:00
5f81662066
Add support for failover policies ( #16505 )
2023-03-03 11:12:38 -05:00
4b661d1e0c
Add ServiceResolver RequestTimeout for route timeouts to make TerminatingGateway upstream timeouts configurable ( #16495 )
...
* Leverage ServiceResolver ConnectTimeout for route timeouts to make TerminatingGateway upstream timeouts configurable
* Regenerate golden files
* Add RequestTimeout field
* Add changelog entry
2023-03-03 09:37:12 -05:00
7e78fb7818
Add support for configuring Envoys route idle_timeout ( #14340 )
...
* Add idleTimeout
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-11-29 17:43:15 -05:00
bde57c0dd0
Regenerate files according to 1.19.2 formatter
2022-10-24 16:12:08 -04:00
13da2c5fad
Add the ability to retry on reset connection to service-routers ( #12890 )
2022-10-05 13:06:44 -04:00
1099665473
Update the structs and discovery chain for service resolver redirects to cluster peers. ( #14366 )
2022-08-29 09:51:32 -04:00
58901ad7df
Cluster peering failover disco chain changes ( #14296 )
2022-08-23 09:13:43 -04:00
1a73b0ca20
Add `Targets` field to service resolver failovers. ( #14162 )
...
This field will be used for cluster peering failover.
2022-08-15 09:20:25 -04:00
05eded4f1d
Manual Structs fixup
...
Change things by hand that I couldn't figure out how to automate
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-04-05 14:51:10 -07:00
676ea58bc4
Refactor config checks oss ( #12550 )
...
Currently the config_entry.go subsystem delegates authorization decisions via the ConfigEntry interface CanRead and CanWrite code. Unfortunately this returns a true/false value and loses the details of the source.
This is not helpful, especially since it the config subsystem can be more complex to understand, since it covers so many domains.
This refactors CanRead/CanWrite to return a structured error message (PermissionDenied or the like) with more details about the reason for denial.
Part of #12241
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-11 13:45:51 -08:00
8b987a4d59
configentry: make a new package to hold shared config entry structs that aren't used for RPC or the FSM ( #12384 )
...
First two candidates are ConfigEntryKindName and DiscoveryChainConfigEntries.
2022-02-22 10:36:36 -06:00
60fe5f75bb
Remove support for failover to partition
...
Failing over to a partition is more siimilar to failing over to another
datacenter than it is to failing over to a namespace. In a future
release we should update how localities for failover are specified. We
should be able to accept a list of localities which can include both
partition and datacenter.
2021-12-06 12:32:24 -07:00
5c1f7aa372
Allow cross-partition references in disco chain
...
* Add partition fields to targets like service route destinations
* Update validation to prevent cross-DC + cross-partition references
* Handle partitions when reading config entries for disco chain
* Encode partition in compiled targets
2021-12-06 12:32:19 -07:00
a350a383d3
add service resolver subset filter validation
2021-10-13 02:56:04 +05:30
1079089f20
Refactor HTTPHeaderModifiers.MergeDefaults based on feedback
2021-09-10 21:11:00 +01:00
3004eadd08
Fix enterprise discovery chain tests; Fix multi-level split merging
2021-09-10 21:11:00 +01:00
b5ae00d753
Remove unnecessary check
2021-09-10 21:09:24 +01:00
e22cc9c53a
Header manip for split legs plumbing
2021-09-10 21:09:24 +01:00
d776a2d236
Add HTTP header manip for router and splitter entries
2021-09-10 21:09:24 +01:00
46e4041283
Header manip and validation added for ingress-gateway entries
2021-09-10 21:09:24 +01:00
bc0e4f2f46
partition dicovery chains ( #10983 )
...
* partition dicovery chains
* fix default partition for OSS
2021-09-07 16:29:32 -04:00
1950ebbe1f
oss portion of ent #1069 ( #10883 )
2021-08-20 12:57:45 -04:00
e637cd71f3
acl: use authz consistently as the variable name for an acl.Authorizer
...
Follow up to https://github.com/hashicorp/consul/pull/10737#discussion_r682147950
Renames all variables for acl.Authorizer to use `authz`. Previously some
places used `rule` which I believe was an old name carried over from the
legacy ACL system.
A couple places also used authorizer.
This commit also removes another couple of authorizer nil checks that
are no longer necessary.
2021-08-17 12:14:10 -04:00
5f73de6fbc
Merge pull request #10560 from jkirschner-hashicorp/change-sane-to-reasonable
...
Replace use of 'sane' where appropriate
2021-07-06 11:46:04 -04:00
bd536151e1
Replace use of 'sane' where appropriate
...
HashiCorp voice, style, and language guidelines recommend avoiding ableist
language unless its reference to ability is accurate in a particular use.
2021-07-02 12:18:46 -04:00
e3835ac6a1
structs: prohibit config entries from referencing more than one partition at a time ( #10478 )
...
affected kinds: service-defaults, ingress-gateway, terminating-gateway, service-intentions
2021-06-23 16:44:10 -05:00
ba15f92a8a
structs: fix cache keys
...
So that requests are cached properly, and the cache does not return the wrong data for a
request.
2021-05-31 17:22:16 -04:00
1b413b0444
connect: support defining intentions using layer 7 criteria ( #8839 )
...
Extend Consul’s intentions model to allow for request-based access control enforcement for HTTP-like protocols in addition to the existing connection-based enforcement for unspecified protocols (e.g. tcp).
2020-10-06 17:09:13 -05:00
7b9d1b41d5
Resolve conflicts against master
2020-09-11 18:41:58 -06:00
768dbaa68d
Add session flag to cookie config
2020-09-11 18:34:03 -06:00
eab90ea9fa
Revert EnvoyConfig nesting
2020-09-11 09:21:43 -06:00
cd4cf5161f
Update resolver defaulting
2020-09-03 13:08:44 -06:00
ef877449ce
Move valid policies to pkg level
2020-09-02 15:49:03 -06:00
f81fe6a1a1
Remove LB infix and move injection to xds
2020-09-02 15:13:50 -06:00
119e945c3e
connect: all config entries pick up a meta field ( #8596 )
...
Fixes #8595
2020-09-02 14:10:25 -05:00
63f79e5f9b
Restructure structs and other PR comments
2020-09-02 09:10:50 -06:00
0236e169bb
Add documentation for resolver LB cfg
2020-08-28 14:46:13 -06:00
ff56a64b08
Add LB policy to service-resolver
2020-08-27 19:44:02 -06:00
74d5df7c7a
xds: use envoy's rbac filter to handle intentions entirely within envoy ( #8569 )
2020-08-27 12:20:58 -05:00
068b43df90
Enable gofmt simplify
...
Code changes done automatically with 'gofmt -s -w'
2020-06-16 13:21:11 -04:00
8ced4300c8
Add alias struct tags for new decode hook
2020-05-27 16:24:47 -04:00
600645b5f9
Add unconvert linter
...
To find unnecessary type convertions
2020-05-12 13:47:25 -04:00
9e5fd7f925
OSS Changes for various config entry namespacing bugs ( #7226 )
2020-02-06 10:52:25 -05:00
c09693e545
Updates to Config Entries and Connect for Namespaces ( #7116 )
2020-01-24 10:04:58 -05:00
a704ebe639
Add Namespace support to the API module and the CLI commands ( #6874 )
...
Also update the Docs and fixup the HTTP API to return proper errors when someone attempts to use Namespaces with an OSS agent.
Add Namespace HTTP API docs
Make all API endpoints disallow unknown fields
2019-12-06 11:14:56 -05:00
Eric Haberkorn
Ronald
Andrew Stucki
James Oulman
Chris S. Kim
Alex Oskotsky
Mark Anderson
R.B. Boyer
freddygv
Bisakh Mondal
Paul Banks
Dhia Ayachi
Daniel Nephin
jkirschner-hashicorp
Jared Kirschner
R.B. Boyer
freddygv
Matt Keeler