Commit Graph

11766 Commits

Author SHA1 Message Date
Kenia cb63a0557f ui: Refactor Upstreams and Exposed Paths icons (#8139)
* Update Ports to have copy-button to the left

* Update exposed paths use a description list
2020-06-18 13:24:36 +00:00
Matt Keeler 9f37a218c5 Merge pull request #8035 from hashicorp/feature/auto-config/server-rpc 2020-06-17 20:08:17 +00:00
Daniel Nephin 058114e82e Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file
config: warn if a config file is being skipped because of its file extension
2020-06-17 15:21:34 -04:00
John Cowen 830b110070 ui: Switch out WithResizingMixin for on-window helper (#8130)
* ui: Add ember-on-helper

* Switch out WithResizingMixin for {{on-window}} helper
2020-06-17 13:27:23 +00:00
John Cowen 2b0b1e61d2 ui: Remove WithEventSource mixin, use a component instead (#7953)
The WithEventSource mixin was responsible for catching EventSource
errors and cleaning up events sources then the user left a Controller.

As we are trying to avoid mixin usage, we moved this all to an
`EventSource` component, which can clean up when the component is
removed from the page, and also fires an onerror event.

Moving to a component firing an onerror event means we can also remove
all of our custom computed property work that we were using previously
to catch errors (thrown when a service etc. is removed)
2020-06-17 13:20:42 +00:00
John Cowen 918b6525d5 ui: Change code-editor tested to use querySelectorAll (#8087) (#8131) 2020-06-17 13:17:29 +00:00
John Cowen 17f7c01bff ui: Don't show duplicate services in the intentions form dropdown (#8133)
* Add uniq-by helper
* Pass unique services through to intentions form
* Add acceptance test
2020-06-17 13:12:17 +00:00
John Cowen 92eca67e20
ui: Remove now unused intention fields DefaultAddr and DefaultPort (#8134) 2020-06-17 14:08:34 +01:00
Pierre Souchay 318495d1f8 gossip: Ensure that metadata of Consul Service is updated (#7903)
While upgrading servers to a new version, I saw that metadata of
existing servers are not upgraded, so the version and raft meta
is not up to date in catalog.

The only way to do it was to:
 * update Consul server
 * make it leave the cluster, then metadata is accurate

That's because the optimization to avoid updating catalog does
not take into account metadata, so no update on catalog is performed.
2020-06-17 10:17:33 +00:00
John Cowen 1d80920c81 ui: Token listing redesign (#8117) 2020-06-17 09:33:17 +00:00
Kenia 8620f7e325 ui: Refactor detailed health checks to use more of the service/instance-checks helper (#8119) 2020-06-17 09:32:54 +00:00
Matt Keeler c3b348bebb Agent Auto Configuration: Configuration Syntax Updates (#8003) 2020-06-16 19:03:59 +00:00
Alvin Huang 7033ea1737 Merge Consul OSS branch 'master' at commit 57a23ccf45 2020-06-16 14:26:36 -04:00
John Cowen 57bc19ca6e ui: Add ...attributes to healthcheck-info (#8120) 2020-06-16 18:23:26 +00:00
Matt Keeler 262e5fb295
Update CHANGELOG.md 2020-06-16 13:00:10 -04:00
Matt Keeler 3c4413cbed ACL Node Identities (#7970)
A Node Identity is very similar to a service identity. Its main targeted use is to allow creating tokens for use by Consul agents that will grant the necessary permissions for all the typical agent operations (node registration, coordinate updates, anti-entropy).

Half of this commit is for golden file based tests of the acl token and role cli output. Another big updates was to refactor many of the tests in agent/consul/acl_endpoint_test.go to use the same style of tests and the same helpers. Besides being less boiler plate in the tests it also uses a common way of starting a test server with ACLs that should operate without any warnings regarding deprecated non-uuid master tokens etc.
2020-06-16 16:55:01 +00:00
Kenia 9fcad3e0c3 ui: Add detailed Health Checks to Service Detail page (#8111) 2020-06-16 16:00:03 +00:00
John Cowen c16f5e8fa7 ui: Move healthcheck ordering to use new comparators (#8096) 2020-06-16 13:14:05 +00:00
Daniel Nephin 7cf96ade22 Merge pull request #8106 from hashicorp/dnephin/hook-translate-keys-make-a-copy
decode: do not modify the source data in HookTranslateKeys
2020-06-15 18:49:02 +00:00
Preetha 17382b583c
Merge pull request #8105 from hashicorp/1.8.0_rc_changelog
1.8.0 rc changelog
2020-06-15 13:47:42 -05:00
Preetha c26c5a3900
update changelog with suggestions 2020-06-15 13:46:39 -05:00
Daniel Nephin 1a9d7802ed Merge pull request #8101 from hashicorp/dnephin/decode-hook-slice-interfaces
decode: recursively unslice opaque config
2020-06-15 17:34:53 +00:00
Preetha Appan f051351a16 Fix up changelog 2020-06-15 12:29:08 -05:00
Chris Piraino 67ad2b9f32
Update CHANGELOG.md 2020-06-15 10:59:59 -05:00
Chris Piraino 9f5498e4d6
Update CHANGELOG.md 2020-06-15 10:55:31 -05:00
Matt Keeler 64262d22d6 Make the Agent Cache more Context aware (#8092)
Blocking queries issues will still be uncancellable (that cannot be helped until we get rid of net/rpc). However this makes it so that if calling getWithIndex (like during a cache Notify go routine) we can cancell the outer routine. Previously it would keep issuing more blocking queries until the result state actually changed.
2020-06-15 15:43:32 +00:00
Matt Keeler 826e372b27
Update CHANGELOG.md 2020-06-15 11:03:44 -04:00
Freddy 2af14433be Merge pull request #8099 from hashicorp/gateway-services-endpoint 2020-06-12 21:15:25 +00:00
Freddy c9dbb6c51a Only pass one hostname via EDS and prefer healthy ones (#8084)
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

Currently when passing hostname clusters to Envoy, we set each service instance registered with Consul as an LbEndpoint for the cluster.

However, Envoy can only handle one per cluster:
[2020-06-04 18:32:34.094][1][warning][config] [source/common/config/grpc_subscription_impl.cc:87] gRPC config for type.googleapis.com/envoy.api.v2.Cluster rejected: Error adding/updating cluster(s) dc2.internal.ddd90499-9b47-91c5-4616-c0cbf0fc358a.consul: LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint, server.dc2.consul: LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint

Envoy is currently handling this gracefully by only picking one of the endpoints. However, we should avoid passing multiple to avoid these warning logs.

This PR:

* Ensures we only pass one endpoint, which is tied to one service instance.
* We prefer sending an endpoint which is marked as Healthy by Consul.
* If no endpoints are healthy we emit a warning and skip the cluster.
* If multiple unique hostnames are spread across service instances we emit a warning and let the user know which will be resolved.
2020-06-12 19:46:51 +00:00
John Cowen a0393c6ecf ui: Colocate pageobject components with their components (#8098) 2020-06-12 15:50:34 +00:00
Kenia fb1fd730a4 ui: Add health check icon to Ingress Upstreams and add Tooltips in additional areas (#8091)
* Add Health Checks and update Tooltips in Ingress Upstreams

* Update Tooltip in Proxy Info tab Upstreams

* Add Tooltips to Proxy Info tab Exposed Paths

* Add Health Checks with Tooltips to Service List page
2020-06-12 13:36:34 +00:00
John Cowen 51660ffb25 ui: Exclude any component/pageobject.js files from being included (#7978)
This excludes any /components/**/pageobject.js files from our production
builds which means we can co-locate all of our component page objects
(and selectors) along with the components themselves.
2020-06-12 12:08:00 +00:00
Chris Piraino 7f89ab990e Allow users to set hosts to the wildcard specifier when TLS is disabled (#8083)
This allows easier demoing/testing of ingress gateways, while still
preserving the validation we have for DNSSANs
2020-06-11 15:03:46 +00:00
Hans Hasselberg a8830aca88 Support envoy 1.14.2, 1.13.2, 1.12.4 (#8057) 2020-06-10 21:20:42 +00:00
Chris Piraino 42c8f34788 Move ingress param to a new endpoint (#8081)
In discussion with team, it was pointed out that query parameters tend
to be filter mechanism, and that semantically the "/v1/health/connect"
endpoint should return "all healthy connect-enabled endpoints (e.g.
could be side car proxies or native instances) for this service so I can
connect with mTLS".

That does not fit an ingress gateway, so we remove the query parameter
and add a new endpoint "/v1/health/ingress" that semantically means
"all the healthy ingress gateway instances that I can connect to
to access this connect-enabled service without mTLS"
2020-06-10 18:07:41 +00:00
John Cowen 2738deaa40
Update CHANGELOG.md 2020-06-10 17:44:30 +01:00
John Cowen daf283d315 Merge pull request #8080 from hashicorp/ui-staging
ui: UI Release Merge (1.8-beta-3: ui-staging merge)
2020-06-10 16:41:25 +00:00
Kyle Havlovitz d7d37bace4 Merge pull request #8075 from hashicorp/expose-cli-testfix
Fix a CLI test failure with namespaces in enterprise
2020-06-09 22:26:23 +00:00
Chris Piraino ea1b54a826 Merge pull request #8064 from hashicorp/ingress/health-query-param
Add API query parameter ?ingress to allow users to find ingress gateways associated to a service
2020-06-09 21:09:09 +00:00
Hans Hasselberg a678b47c73 acl: do not resolve local tokens from remote dcs (#8068) 2020-06-09 19:14:19 +00:00
Kyle Havlovitz 9e6718ad0f Merge pull request #8040 from hashicorp/ingress/expose-cli
Ingress expose CLI command
2020-06-09 19:11:51 +00:00
Daniel Nephin 1bfb7f3b07 Merge pull request #7964 from hashicorp/dnephin/remove-patch-slice-of-maps-forward-compat
config: Use HookWeakDecodeFromSlice in place of PatchSliceOfMaps
2020-06-08 23:53:31 +00:00
Hans Hasselberg cfc95732f3
Tokens converted from legacy ACLs get their Hash computed (#8047) (#8054)
This allows new style token replication to work for legacy tokens as well when they change.
Fixes #5606
2020-06-08 23:36:55 +02:00
Hans Hasselberg b4f33b52a2 agent: add option to disable agent cache for HTTP endpoints (#8023)
This allows the operator to disable agent caching for the http endpoint.
It is on by default for backwards compatibility and if disabled will
ignore the url parameter `cached`.
2020-06-08 22:49:33 +02:00
Chris Piraino 165a9af053 Always require Host header values for http services (#7990)
Previously, we did not require the 'service-name.*' host header value
when on a single http service was exposed. However, this allows a user
to get into a situation where, if they add another service to the
listener, suddenly the previous service's traffic might not be routed
correctly. Thus, we always require the Host header, even if there is
only 1 service.

Also, we add the make the default domain matching more restrictive by
matching "service-name.ingress.*" by default. This lines up better with
the namespace case and more accurately matches the Consul DNS value we
expect people to use in this case.
2020-06-08 18:16:48 +00:00
Hans Hasselberg c675166e1b Setup intermediate_pki_path on secondary when using vault (#8001)
Make sure to mount vault backend for intermediate_pki_path on secondary
dc.
2020-06-05 19:37:21 +00:00
Hans Hasselberg de3e68c577 Merge pull request #7966 from hashicorp/pool_improvements
Agent connection pool cleanup
2020-06-05 19:03:24 +00:00
R.B. Boyer 476a50769e Use linkmode=external for the arm builds (#8029)
This gets around some issues regarding too large plt offsets when compiling with CGO

Co-authored-by: Matt Keeler <mjkeeler7@gmail.com>
2020-06-05 18:22:20 +00:00
John Cowen f622542ce7 ui: Blocking with filtering intentions amends (#8027)
* ui: Now intentions use blocking queries invalidation isn't needed

* ui: Ensure reconciliation doesn't happen when filtering for intentions
2020-06-05 13:45:42 +00:00
R.B. Boyer 89fc98322e tests: ensure that the ServiceExists helper function normalizes entmeta (#8025)
This fixes a unit test failure over in enterprise due to https://github.com/hashicorp/consul/pull/7384
2020-06-05 08:42:35 +00:00