Commit Graph

8504 Commits

Author SHA1 Message Date
Paul Banks 12a46cd996 Fix "fail open" wording
"fail open" implies that we just allow anything if an agent gets partitioned which is not the right meaning!
2018-06-25 12:25:10 -07:00
Kyle Havlovitz 5d005df8c6 docs: add Connect CA overview 2018-06-25 12:25:10 -07:00
Kyle Havlovitz 860bf825a3 docs: add agent config options for connect/CA 2018-06-25 12:25:10 -07:00
Kyle Havlovitz aafa3ca64a agent: format all CA config fields 2018-06-25 12:25:09 -07:00
Kyle Havlovitz edbeeeb23c agent: update accepted CA config fields and defaults 2018-06-25 12:25:09 -07:00
Mitchell Hashimoto 316bdbe010 agent/proxy: fix build on Windows 2018-06-25 12:24:18 -07:00
Mitchell Hashimoto 070c91cb23 website: update security model 2018-06-25 12:24:18 -07:00
Mitchell Hashimoto d1e48b4790 website: clarify namespaces, conflict 2018-06-25 12:24:17 -07:00
Paul Banks 541cbae5f5 More misc comment cleanup 2018-06-25 12:24:17 -07:00
Paul Banks 0824d1df5f Misc comment cleanups 2018-06-25 12:24:16 -07:00
Paul Banks e57aa52ca6 Warn about killing proxies in dev mode 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 71216631d7 api: update intention struct for precedence 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto fb0a58e682 website: clarify tiebreaker behavior 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto f6685177f0 website: document the precedence table 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 028aa78e83 agent/consul: set precedence value on struct itself 2018-06-25 12:24:16 -07:00
Mitchell Hashimoto 1f5398e17c website: document multi-DC, caching, clarify prepared queries and
multi-DC
2018-06-25 12:24:15 -07:00
Mitchell Hashimoto 9ebd27522b website: fix typo 2018-06-25 12:24:15 -07:00
Mitchell Hashimoto 927b45bf91 agent/config: move ports to `ports` structure, update docs 2018-06-25 12:24:15 -07:00
Paul Banks ecfda7cda5 Fix unreachable code warning from go vet 2018-06-25 12:24:15 -07:00
Paul Banks d1c67d90bc Fixs a few issues that stopped this working in real life but not caught by tests:
- Dev mode assumed no persistence of services although proxy state is persisted which caused proxies to be killed on startup as their services were no longer registered. Fixed.
 - Didn't snapshot the ProxyID which meant that proxies were adopted OK from snapshot but failed to restart if they died since there was no proxyID in the ENV on restart
 - Dev mode with no persistence just kills all proxies on shutdown since it can't recover them later
 - Naming things
2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 77a8003475 api: change Connect to a query option 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 8d66d1045a connect: remove old unused code 2018-06-25 12:24:14 -07:00
Mitchell Hashimoto 6ea59241d1 website: address feedback 2018-06-25 12:24:14 -07:00
Paul Banks 85d6502ab3 Don't kill proxies on agent shutdown; backport manager close fix 2018-06-25 12:24:13 -07:00
Paul Banks b2ff583392 Test for adopted process Stop race and fix 2018-06-25 12:24:13 -07:00
Mitchell Hashimoto 03131398c4 website: Go native integration with Connect 2018-06-25 12:24:13 -07:00
Mitchell Hashimoto f522249e6b website: connect native overview 2018-06-25 12:24:13 -07:00
Mitchell Hashimoto caae034f3b command/connect/proxy: can specify prepared query upstream types 2018-06-25 12:24:13 -07:00
Mitchell Hashimoto e587b7c161 connect: support prepared query resolution 2018-06-25 12:24:13 -07:00
Mitchell Hashimoto 7a4463013d connect: resolver works with native services 2018-06-25 12:24:12 -07:00
Mitchell Hashimoto 21f27c1842 website: clarify where constraints go 2018-06-25 12:24:12 -07:00
Mitchell Hashimoto b55f0641e6 api: support ExecuteConnect 2018-06-25 12:24:12 -07:00
Mitchell Hashimoto 62d4aaa33e agent: accept connect param for execute 2018-06-25 12:24:12 -07:00
Mitchell Hashimoto daf46c9cfa agent/consul: support a Connect option on prepared query request 2018-06-25 12:24:12 -07:00
Mitchell Hashimoto 440b1b2d97 agent/consul: prepared query supports "Connect" field 2018-06-25 12:24:11 -07:00
Mitchell Hashimoto 8bcadddda7 agent: intention create returns 500 for bad body 2018-06-25 12:24:10 -07:00
Mitchell Hashimoto 297e4f272e api: support native connect 2018-06-25 12:24:10 -07:00
Mitchell Hashimoto 1830c6b308 agent: switch ConnectNative to an embedded struct 2018-06-25 12:24:10 -07:00
Mitchell Hashimoto 1df5d91b39 website: add docs for connect native services API 2018-06-25 12:24:10 -07:00
Paul Banks df2cb30b01 Make tests pass and clean proxy persistence. No detached child changes yet.
This is a good state for persistence stuff to re-start the detached child work that got mixed up last time.
2018-06-25 12:24:10 -07:00
Paul Banks cdc7cfaa36 Abandon daemonize for simpler solution (preserving history):
Reverts:
  - bdb274852ae469c89092d6050697c0ff97178465
  - 2c689179c4f61c11f0016214c0fc127a0b813bfe
  - d62e25c4a7ab753914b6baccd66f88ffd10949a3
  - c727ffbcc98e3e0bf41e1a7bdd40169bd2d22191
  - 31b4d18933fd0acbe157e28d03ad59c2abf9a1fb
  - 85c3f8df3eabc00f490cd392213c3b928a85aa44
2018-06-25 12:24:10 -07:00
Paul Banks a2fe604191 WIP 2018-06-25 12:24:09 -07:00
Paul Banks 8cf4b3a6eb Sanity check that we are never trying to self-exec a test binary. Add daemonize bypass for TestAgent so that we don't have to jump through ridiculous self-execution hooks for every package that might possibly invoke a managed proxy 2018-06-25 12:24:09 -07:00
Mitchell Hashimoto 827b671d4a agent/proxy: Manager.Close also has to stop all proxy watchers 2018-06-25 12:24:09 -07:00
Paul Banks ef9c40643e Fix import tooling fail 2018-06-25 12:24:09 -07:00
Paul Banks ba0fb58a72 Make daemoinze an option on test binary without hacks. Misc fixes for racey or broken tests. Still failing on several though. 2018-06-25 12:24:09 -07:00
Paul Banks 2b377dc624 Run daemon processes as a detached child.
This turns out to have a lot more subtelty than we accounted for. The test suite is especially prone to races now we can only poll the child and many extra levels of indirectoin are needed to correctly run daemon process without it becoming a Zombie.

I ran this test suite in a loop with parallel enabled to verify for races (-race doesn't find any as they are logical inter-process ones not actual data races). I made it through ~50 runs before hitting an error due to timing which is much better than before. I want to go back and see if we can do better though. Just getting this up.
2018-06-25 12:24:08 -07:00
Paul Banks e21723a891 Persist proxy state through agent restart 2018-06-25 12:24:08 -07:00
Mitchell Hashimoto eb3fcb39b3 agent/consul/state: support querying by Connect native 2018-06-25 12:24:08 -07:00
Mitchell Hashimoto 6b745964c4 agent/cache: update comment from PR review to clarify 2018-06-25 12:24:08 -07:00