Paul Banks
12a46cd996
Fix "fail open" wording
...
"fail open" implies that we just allow anything if an agent gets partitioned which is not the right meaning!
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
5d005df8c6
docs: add Connect CA overview
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
860bf825a3
docs: add agent config options for connect/CA
2018-06-25 12:25:10 -07:00
Kyle Havlovitz
aafa3ca64a
agent: format all CA config fields
2018-06-25 12:25:09 -07:00
Kyle Havlovitz
edbeeeb23c
agent: update accepted CA config fields and defaults
2018-06-25 12:25:09 -07:00
Mitchell Hashimoto
316bdbe010
agent/proxy: fix build on Windows
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
070c91cb23
website: update security model
2018-06-25 12:24:18 -07:00
Mitchell Hashimoto
d1e48b4790
website: clarify namespaces, conflict
2018-06-25 12:24:17 -07:00
Paul Banks
541cbae5f5
More misc comment cleanup
2018-06-25 12:24:17 -07:00
Paul Banks
0824d1df5f
Misc comment cleanups
2018-06-25 12:24:16 -07:00
Paul Banks
e57aa52ca6
Warn about killing proxies in dev mode
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
71216631d7
api: update intention struct for precedence
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
fb0a58e682
website: clarify tiebreaker behavior
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
f6685177f0
website: document the precedence table
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
028aa78e83
agent/consul: set precedence value on struct itself
2018-06-25 12:24:16 -07:00
Mitchell Hashimoto
1f5398e17c
website: document multi-DC, caching, clarify prepared queries and
...
multi-DC
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
9ebd27522b
website: fix typo
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto
927b45bf91
agent/config: move ports to `ports` structure, update docs
2018-06-25 12:24:15 -07:00
Paul Banks
ecfda7cda5
Fix unreachable code warning from go vet
2018-06-25 12:24:15 -07:00
Paul Banks
d1c67d90bc
Fixs a few issues that stopped this working in real life but not caught by tests:
...
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
- Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
- Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
- Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
77a8003475
api: change Connect to a query option
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
8d66d1045a
connect: remove old unused code
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto
6ea59241d1
website: address feedback
2018-06-25 12:24:14 -07:00
Paul Banks
85d6502ab3
Don't kill proxies on agent shutdown; backport manager close fix
2018-06-25 12:24:13 -07:00
Paul Banks
b2ff583392
Test for adopted process Stop race and fix
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
03131398c4
website: Go native integration with Connect
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
f522249e6b
website: connect native overview
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
caae034f3b
command/connect/proxy: can specify prepared query upstream types
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
e587b7c161
connect: support prepared query resolution
2018-06-25 12:24:13 -07:00
Mitchell Hashimoto
7a4463013d
connect: resolver works with native services
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
21f27c1842
website: clarify where constraints go
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
b55f0641e6
api: support ExecuteConnect
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
62d4aaa33e
agent: accept connect param for execute
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
daf46c9cfa
agent/consul: support a Connect option on prepared query request
2018-06-25 12:24:12 -07:00
Mitchell Hashimoto
440b1b2d97
agent/consul: prepared query supports "Connect" field
2018-06-25 12:24:11 -07:00
Mitchell Hashimoto
8bcadddda7
agent: intention create returns 500 for bad body
2018-06-25 12:24:10 -07:00
Mitchell Hashimoto
297e4f272e
api: support native connect
2018-06-25 12:24:10 -07:00
Mitchell Hashimoto
1830c6b308
agent: switch ConnectNative to an embedded struct
2018-06-25 12:24:10 -07:00
Mitchell Hashimoto
1df5d91b39
website: add docs for connect native services API
2018-06-25 12:24:10 -07:00
Paul Banks
df2cb30b01
Make tests pass and clean proxy persistence. No detached child changes yet.
...
This is a good state for persistence stuff to re-start the detached child work that got mixed up last time.
2018-06-25 12:24:10 -07:00
Paul Banks
cdc7cfaa36
Abandon daemonize for simpler solution (preserving history):
...
Reverts:
- bdb274852ae469c89092d6050697c0ff97178465
- 2c689179c4f61c11f0016214c0fc127a0b813bfe
- d62e25c4a7ab753914b6baccd66f88ffd10949a3
- c727ffbcc98e3e0bf41e1a7bdd40169bd2d22191
- 31b4d18933fd0acbe157e28d03ad59c2abf9a1fb
- 85c3f8df3eabc00f490cd392213c3b928a85aa44
2018-06-25 12:24:10 -07:00
Paul Banks
a2fe604191
WIP
2018-06-25 12:24:09 -07:00
Paul Banks
8cf4b3a6eb
Sanity check that we are never trying to self-exec a test binary. Add daemonize bypass for TestAgent so that we don't have to jump through ridiculous self-execution hooks for every package that might possibly invoke a managed proxy
2018-06-25 12:24:09 -07:00
Mitchell Hashimoto
827b671d4a
agent/proxy: Manager.Close also has to stop all proxy watchers
2018-06-25 12:24:09 -07:00
Paul Banks
ef9c40643e
Fix import tooling fail
2018-06-25 12:24:09 -07:00
Paul Banks
ba0fb58a72
Make daemoinze an option on test binary without hacks. Misc fixes for racey or broken tests. Still failing on several though.
2018-06-25 12:24:09 -07:00
Paul Banks
2b377dc624
Run daemon processes as a detached child.
...
This turns out to have a lot more subtelty than we accounted for. The test suite is especially prone to races now we can only poll the child and many extra levels of indirectoin are needed to correctly run daemon process without it becoming a Zombie.
I ran this test suite in a loop with parallel enabled to verify for races (-race doesn't find any as they are logical inter-process ones not actual data races). I made it through ~50 runs before hitting an error due to timing which is much better than before. I want to go back and see if we can do better though. Just getting this up.
2018-06-25 12:24:08 -07:00
Paul Banks
e21723a891
Persist proxy state through agent restart
2018-06-25 12:24:08 -07:00
Mitchell Hashimoto
eb3fcb39b3
agent/consul/state: support querying by Connect native
2018-06-25 12:24:08 -07:00
Mitchell Hashimoto
6b745964c4
agent/cache: update comment from PR review to clarify
2018-06-25 12:24:08 -07:00