19071 Commits

Author SHA1 Message Date
wenincode
f0cdbb00b3 Pre-populate partition on sso login 2022-10-19 17:26:25 -06:00
Curt Bushko
00cf1fbd44
Merge pull request #15064 from hashicorp/curtbushko/update-envoy-bootstrap
update prometheus template args
2022-10-19 16:17:42 -04:00
Curt Bushko
161273a931
Update command/connect/envoy/bootstrap_tpl.go
Co-authored-by: Paul Glass <pglass@hashicorp.com>
2022-10-19 15:52:10 -04:00
Curt Bushko
cd185c4c2c update prometheus template args 2022-10-19 15:44:19 -04:00
Nitya Dhanushkodi
5e156772f6
Remove ability to specify external addresses in GenerateToken endpoint (#14930)
* Reverts "update generate token endpoint to take external addresses (#13844)"

This reverts commit f47319b7c6b6e7c7dd720a5af927ad2d33fa536d.
2022-10-19 09:31:36 -07:00
Tyler Wendlandt
2a9cc3f084
Merge pull request #14971 from hashicorp/ui/feature/agentless-nodes-banner
ui: agentless nodes notice banner banner
2022-10-19 09:06:46 -06:00
cskh
6a9739ad7e
chore: fix the module path to align with the code structure (#15053) 2022-10-19 10:36:35 -04:00
Tu Nguyen
e8fcbfe19e
Merge pull request #15036 from hashicorp/update-ent-license-link
Update enterprise license link
2022-10-18 23:22:01 -07:00
Kyle Havlovitz
5c3427608b
Merge pull request #15035 from hashicorp/vault-ttl-update-warn
Warn instead of returning error when missing intermediate mount tune permissions
2022-10-18 15:41:52 -07:00
Tyler Wendlandt
d59d0a36cd
Merge pull request #14974 from hashicorp/ui/chore/enable-synthetic-nodes-in-mock-data
ui: enable synthetic nodes in mock data
2022-10-18 16:00:47 -06:00
Chris S. Kim
3d05a8e9af Remove unused methods from template 2022-10-18 16:35:16 -04:00
cskh
d562d363fc
peering: skip registering duplicate node and check from the peer (#14994)
* peering: skip register duplicate node and check from the peer

* Prebuilt the nodes map and checks map to avoid repeated for loop

* use key type to struct: node id, service id, and check id
2022-10-18 16:19:24 -04:00
wenincode
15d14ba308 Enable synthetic nodes in mock data via env var 2022-10-18 13:45:14 -06:00
trujillo-adam
588a196c86
Merge pull request #15033 from hashicorp/docs/fix-front-matter-typo
Docs/fix front matter typo
2022-10-18 12:31:28 -07:00
R.B. Boyer
c3fa46c3f6
test: possibly fix flaky TestEnvoy/case-ingress-gateway-multiple-services test (#15034)
The integration test TestEnvoy/case-ingress-gateway-multiple-services is flaky
and this possibly reduces the flakiness by explicitly waiting for services to show
up in the catalog as healthy before waiting for them to show up in envoy as
healthy which gives it just a bit more time to sync.
2022-10-18 14:23:52 -05:00
Chris S. Kim
29a297d3e9
Refactor client RPC timeouts (#14965)
Fix an issue where rpc_hold_timeout was being used as the timeout for non-blocking queries. Users should be able to tune read timeouts without fiddling with rpc_hold_timeout. A new configuration `rpc_read_timeout` is created.

Refactor some implementation from the original PR 11500 to remove the misleading linkage between RPCInfo's timeout (used to retry in case of certain modes of failures) and the client RPC timeouts.
2022-10-18 15:05:09 -04:00
Kyle Havlovitz
d122108992 Warn instead of returning an error when intermediate mount tune permission is missing 2022-10-18 12:01:25 -07:00
wenincode
9da2a73785 Call super with arguments to safeguard against future changes 2022-10-18 11:53:24 -06:00
Tu Nguyen
b46172d4a3 Update enterprise license link 2022-10-18 10:52:50 -07:00
wenincode
815439b593 Update yarn lockfile 2022-10-18 10:17:03 -06:00
trujillo-adam
3f3847d651 clarification that Consul K8s in these instructions refers to the the CLI tool 2022-10-18 09:14:26 -07:00
trujillo-adam
55b387b5be removed quotation marks around front matter and revised the introduction 2022-10-18 08:56:38 -07:00
R.B. Boyer
0cca4c088d
test: possibly fix flake in TestIntentionGetExact (#15021)
Restructure test setup to be similar to TestAgent_ServerCertificate
and see if that's enough to avoid flaking after join.
2022-10-18 10:51:20 -05:00
wenincode
c450183b4c Use local-storage service to manage localStorage
Use local-storage service, prototyped here https://github.com/LevelbossMike/local-storage-service, to manage local storage usage in an octane way. Does not write to local storage in tests by default and is easy to stub out.
2022-10-18 09:40:47 -06:00
Dhia Ayachi
5eb2bad8fd
bump relevant modules versions (#14972) 2022-10-18 11:24:26 -04:00
Iryna Shustava
5cd0ccfc75
Support auth method with snapshot agent [ENT] (#15020)
Port of hashicorp/consul-enterprise#3303
2022-10-17 15:57:48 -06:00
R.B. Boyer
fe2d41ddad
cache: prevent goroutine leak in agent cache (#14908)
There is a bug in the error handling code for the Agent cache subsystem discovered:

1. NotifyCallback calls notifyBlockingQuery which calls getWithIndex in
   a loop (which backs off on-error up to 1 minute)

2. getWithIndex calls fetch if there’s no valid entry in the cache

3. fetch starts a goroutine which calls Fetch on the cache-type, waits
   for a while (again with backoff up to 1 minute for errors) and then
   calls fetch to trigger a refresh

The end result being that every 1 minute notifyBlockingQuery spawns an
ancestry of goroutines that essentially lives forever.

This PR ensures that the goroutine started by `fetch` cancels any prior
goroutine spawned by the same line for the same key.

In isolated testing where a cache type was tweaked to indefinitely
error, this patch prevented goroutine counts from skyrocketing.
2022-10-17 14:38:10 -05:00
R.B. Boyer
02a858efa0
ca: fix a masked bug in leaf cert generation that would not be notified of root cert rotation after the first one (#15005)
In practice this was masked by #14956 and was only uncovered fixing the
other bug.

  go test ./agent -run TestAgentConnectCALeafCert_goodNotLocal

would fail when only #14956 was fixed.
2022-10-17 13:24:27 -05:00
David Yu
efe25cfe46
docs: formatting on backend application and delete peering CRDs (#15007)
* docs: formatting on backend application and delete peering CRDs

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-10-17 10:34:05 -07:00
Dan Upton
641347fe14
proto: deep-copy PeeringTrustBundle using proto.Clone (#15004)
Fixes a `go vet` warning caused by the pragma.DoNotCopy on the protobuf
message type.

Originally I'd hoped we wouldn't need any reflection in the proxycfg hot
path, but it seems proto.Clone is the only supported way to copy a message.
2022-10-17 16:30:35 +01:00
Chris S. Kim
3d2dffff16
Merge pull request #13388 from deblasis/feature/health-checks_windows_service
Feature: Health checks windows service
2022-10-17 09:26:19 -04:00
Dan Upton
f8b4b41205
proxycfg: fix goroutine leak when service is re-registered (#14988)
Fixes a bug where we'd leak a goroutine in state.run when the given
context was canceled while there was a pending update.
2022-10-17 11:31:10 +01:00
Kyle Havlovitz
3a60885259
Merge pull request #14800 from hashicorp/mgw-tcp-keepalives
Add TCP keepalive settings to proxy config for mesh gateways
2022-10-14 19:01:02 -07:00
Kyle Havlovitz
aaf892a383 Extend tcp keepalive settings to work for terminating gateways as well 2022-10-14 17:05:46 -07:00
Kyle Havlovitz
2c569f6b9c Update docs and add tcp_keepalive_probes setting 2022-10-14 17:05:46 -07:00
Kyle Havlovitz
2242d1ec4a Add TCP keepalive settings to proxy config for mesh gateways 2022-10-14 17:05:46 -07:00
David Yu
1a883891a7
docs: improvements on language from cluster peering steps (#14993)
* docs: improvements on language from cluster peering steps

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-10-14 14:29:11 -07:00
wenincode
63c4d670d9 Set postfix for agentless-notice storage key based on partition and dc 2022-10-14 14:08:40 -06:00
wenincode
6c2ca0ba3f Save agentless node notice dismissal per dc 2022-10-14 12:21:25 -06:00
Derek Menteer
2a33d0ff96 Fix issue with incorrect method signature on test. 2022-10-14 11:04:57 -05:00
Freddy
24d0c8801a
Merge pull request #14981 from hashicorp/peering/dial-through-gateways 2022-10-14 09:44:56 -06:00
Tyler Wendlandt
0c8563f060
Merge pull request #14986 from hashicorp/ui/feature/filter-node-healthchecks-agentless
UI: filter node healthchecks on agentless service instances
2022-10-14 09:33:45 -06:00
Dan Upton
328e3ff563
proxycfg: rate-limit delivery of config snapshots (#14960)
Adds a user-configurable rate limiter to proxycfg snapshot delivery,
with a default limit of 250 updates per second.

This addresses a problem observed in our load testing of Consul
Dataplane where updating a "global" resource such as a wildcard
intention or the proxy-defaults config entry could starve the Raft or
Memberlist goroutines of CPU time, causing general cluster instability.
2022-10-14 15:52:00 +01:00
Derek Menteer
29ebcf5ff0 Add tests for peering state snapshots / restores. 2022-10-14 09:48:04 -05:00
Derek Menteer
e3ff9912d0 Add test for ExportedServicesForAllPeersByName 2022-10-14 09:48:04 -05:00
Alessandro De Blasis
5f99f578a9
Update website/content/api-docs/agent/check.mdx 2022-10-14 12:32:55 +01:00
Dan Upton
e6b55d1d81
perf: remove expensive reflection from xDS hot path (#14934)
Replaces the reflection-based implementation of proxycfg's
ConfigSnapshot.Clone with code generated by deep-copy.

While load testing server-based xDS (for consul-dataplane) we discovered
this method is extremely expensive. The ConfigSnapshot struct, directly
or indirectly, contains a copy of many of the structs in the agent/structs
package, which creates a large graph for copystructure.Copy to traverse
at runtime, on every proxy reconfiguration.
2022-10-14 10:26:42 +01:00
Michael Klein
03734a1bac
Merge pull request #14977 from hashicorp/ui/fix/scrollbar-bento-box
ui: Bento-Box show scrollbars only when necessary
2022-10-14 09:07:57 +02:00
wenincode
c85d70e80d Address linting errors 2022-10-13 19:05:19 -06:00
wenincode
363db8c849 Add changelog entry 2022-10-13 18:54:39 -06:00