Commit Graph

12828 Commits

Author SHA1 Message Date
Matt Keeler 38f5ddce2a
Add per-agent reconnect timeouts (#8781)
This allows for client agent to be run in a more stateless manner where they may be abruptly terminated and not expected to come back. If advertising a per-agent reconnect timeout using the advertise_reconnect_timeout configuration when that agent leaves, other agents will wait only that amount of time for the agent to come back before reaping it.

This has the advantageous side effect of causing servers to deregister the node/services/checks for that agent sooner than if the global reconnect_timeout was used.
2020-10-08 15:02:19 -04:00
Paul Banks 57a7057067
Add UI metrics proxy (#8744)
* Fix merge conflicts

* Add /v1/internal/ui/metrics-proxy API endpoint that proxies to a configured metrics provider backend.
2020-10-08 18:04:06 +01:00
Paul Banks 46f58e05bd
Add support for serving additional metrics provider JS in the UI (#8743) 2020-10-08 18:03:13 +01:00
Mike Morris d68b4b9e79 chore(ci): remove docs-cherrypick autolabel
This label should never be auto-applied to prevent accidentally publishing docs intended for a major release early.
2020-10-08 12:50:03 -04:00
Paul Banks 332477f24c
Add /v1/internal/ui/metrics-proxy API endpoint that proxies to a configured metrics provider backend. 2020-10-08 17:32:29 +01:00
Paul Banks 80910b46f3
Fix merge conflicts 2020-10-08 17:31:36 +01:00
Daniel Nephin b93577c94f config: add field for enabling streaming RPC endpoint 2020-10-08 12:11:20 -04:00
Daniel Nephin b5b790d4c0 streaming: Use a shorter LastGetTTL for the cache 2020-10-08 12:11:20 -04:00
hashicorp-ci fc6a7df5f6 auto-updated agent/uiserver/bindata_assetfs.go from commit b373456c7 2020-10-08 15:56:05 +00:00
Kenia b373456c76
ui: Add deny SVG lines with icons (#8846)
* Refactor and color SVG Lines based on intention permissions

* Create Icon component with L7 and Deny icon styling

* Reposition icons on the lines when the lines are redrawn

* Create service/intention-permissions helper

* Use service/intention-permissions helper to return allow or deny lines

* Upgrade consul-api-double to v5.3.5

* Update HasPermission attribute
2020-10-08 11:52:09 -04:00
Freddy 164ce57db2
Support ingress gateways in mesh viz endpoint (#8864)
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-10-08 09:47:09 -06:00
hashicorp-ci 418fe6ba32 auto-updated agent/uiserver/bindata_assetfs.go from commit ef7b1f8a4 2020-10-08 15:41:40 +00:00
Kenia ef7b1f8a4b
ui: Add namespaces to downstream cards (#8873)
* Add nspace to downstream cards

* Remove portion of conditional
2020-10-08 11:38:03 -04:00
hashicorp-ci 12e735dbca auto-updated agent/uiserver/bindata_assetfs.go from commit d849f025c 2020-10-08 15:08:16 +00:00
John Cowen d849f025cf
ui: L7 intentions improvements (#8851)
* Disable source as well as destination on editing

* Various visual/textual amends

* Make errors only appear once you've interacted with a field

* Move tests that involve selecting menus to a create form

* Revert fieldsets and checkboxes
2020-10-08 16:02:31 +01:00
John Cowen ec084cf79b
ui: Use a custom request for nspace deletion (#8878)
* Turn repo.remove into a custom action to bypass ember-data deletion

* Don't show actions on a deleting nspace
2020-10-08 16:00:52 +01:00
Daniel Nephin fcaf362c9f
Merge pull request #8841 from hashicorp/streaming/materialize-view-fix-service-unique-id
streaming: Use an ID that includes namespace to store services in the materialized view
2020-10-07 21:28:53 -04:00
Daniel Nephin 2513f42c68
Merge pull request #8809 from hashicorp/streaming/materialize-view
Add StreamingHealthServices cache-type
2020-10-07 21:26:38 -04:00
Daniel Nephin b103568e98
Merge pull request #8818 from hashicorp/streaming/add-subscribe-service-batch-events
stream: handle batch events as a special case of Event
2020-10-07 21:25:32 -04:00
Daniel Nephin da6400192b
Merge pull request #8768 from hashicorp/streaming/add-subscribe-service
subscribe: add subscribe service for streaming change events
2020-10-07 21:24:03 -04:00
Freddy da91e999f6
Return intention info in svc topology endpoint (#8853) 2020-10-07 18:35:34 -06:00
Kit Patella 7fe2f80b4b add config flag to disable 1.9 metrics backwards compatibility. Add warnings on start and reload on default value 2020-10-07 17:12:52 -07:00
Daniel Nephin 21c21191f4 structs: add CheckServiceNode.CanRead
And use it from the subscribe endpoint.
2020-10-07 18:15:13 -04:00
Mike Morris 6c0907f494
test(vault): generate test coverage and upload to CodeCov (#8870) 2020-10-07 16:32:25 -04:00
R.B. Boyer 71ba8300a3
add testrpc.WaitForServiceIntentions to help unflake tests that manipulate intentions (#8867) 2020-10-07 14:20:25 -05:00
R.B. Boyer 0c9177f6a5
api: unflake some intention-related api tests (#8857) 2020-10-07 13:32:53 -05:00
Jono Sosulska 16e8235abe
Turns PR labeler to only trigger on create (#8838) 2020-10-07 13:45:17 -04:00
Mike Morris 1ebc2fb006
chore(deps): update gopsutil to v2.20.9 (#8843)
* core(deps): bump golang.org/x/sys

To resolve /go/pkg/mod/github.com/shirou/gopsutil@v2.20.9+incompatible/host/host_bsd.go:20:13: undefined: unix.SysctlTimeval

* chore(deps): make update-vendor
2020-10-07 12:57:18 -04:00
R.B. Boyer 9fbcb2e68d
command: remove conditional envoy bootstrap generation for versions <=1.10.0 since those are not supported (#8855) 2020-10-07 10:53:23 -05:00
R.B. Boyer 3e6cbc649e add missing changelog entry for #8839 2020-10-07 10:22:40 -05:00
hashicorp-ci 8655b24639 auto-updated agent/uiserver/bindata_assetfs.go from commit 0d0de4309 2020-10-07 14:13:29 +00:00
John Cowen 0d0de43098
ui: Change query param name for service instance listing from nspace to ns (#8852) 2020-10-07 15:08:13 +01:00
hashicorp-ci eb4bc23a03 auto-updated agent/uiserver/bindata_assetfs.go from commit a61b6c53d 2020-10-07 13:50:39 +00:00
John Cowen a61b6c53d9
ui: Move node listing copy button to the detail rather than the title (#8850) 2020-10-07 14:45:52 +01:00
hashicorp-ci aa0f5ff839 auto-updated agent/uiserver/bindata_assetfs.go from commit 222555c4c 2020-10-07 08:09:54 +00:00
John Cowen 222555c4c9
ui: Fix up Service filtering by whether a Service is in the mesh or not in the mesh (#8836)
* Add MeshEnabled, InMesh properties and add Proxy back in

* Change query param to in-mesh/not-in-mesh

* Use new computed properties
2020-10-07 09:04:55 +01:00
Ryan Ooi 852896b068 add tailing backtick 2020-10-07 07:14:56 +08:00
Ryan Ooi c80b048111 Update acl-method command example 2020-10-07 06:44:24 +08:00
R.B. Boyer 1b413b0444
connect: support defining intentions using layer 7 criteria (#8839)
Extend Consul’s intentions model to allow for request-based access control enforcement for HTTP-like protocols in addition to the existing connection-based enforcement for unspecified protocols (e.g. tcp).
2020-10-06 17:09:13 -05:00
Pierre Souchay eabba09b66 Added changelog for merged PR #8221 2020-10-06 17:15:33 -04:00
Daniel Nephin 8b887af0d3 streaming: store services with a unique ID that includes namespace 2020-10-06 16:54:56 -04:00
Daniel Nephin bbc6d07c38 proto: add Namespace to EnterpriseMeta
By adding Namespace to the OSS EnterpriseMeta we reduce the differences between OSS and Enterprise
which simplifies the code quite a bit.
2020-10-06 16:42:09 -04:00
Mike Morris ad74b48385 Update CHANGELOG.md 2020-10-06 16:27:38 -04:00
Alvin Huang c6001e9b68
add ui test-node (#8820) 2020-10-06 15:58:12 -04:00
R.B. Boyer a2a8e9c783
connect: intentions are now managed as a new config entry kind "service-intentions" (#8834)
- Upgrade the ConfigEntry.ListAll RPC to be kind-aware so that older
copies of consul will not see new config entries it doesn't understand
replicate down.

- Add shim conversion code so that the old API/CLI method of interacting
with intentions will continue to work so long as none of these are
edited via config entry endpoints. Almost all of the read-only APIs will
continue to function indefinitely.

- Add new APIs that operate on individual intentions without IDs so that
the UI doesn't need to implement CAS operations.

- Add a new serf feature flag indicating support for
intentions-as-config-entries.

- The old line-item intentions way of interacting with the state store
will transparently flip between the legacy memdb table and the config
entry representations so that readers will never see a hiccup during
migration where the results are incomplete. It uses a piece of system
metadata to control the flip.

- The primary datacenter will begin migrating intentions into config
entries on startup once all servers in the datacenter are on a version
of Consul with the intentions-as-config-entries feature flag. When it is
complete the old state store representations will be cleared. We also
record a piece of system metadata indicating this has occurred. We use
this metadata to skip ALL of this code the next time the leader starts
up.

- The secondary datacenters continue to run the old intentions
replicator until all servers in the secondary DC and primary DC support
intentions-as-config-entries (via serf flag). Once this condition it met
the old intentions replicator ceases.

- The secondary datacenters replicate the new config entries as they are
migrated in the primary. When they detect that the primary has zeroed
it's old state store table it waits until all config entries up to that
point are replicated and then zeroes its own copy of the old state store
table. We also record a piece of system metadata indicating this has
occurred. We use this metadata to skip ALL of this code the next time
the leader starts up.
2020-10-06 13:24:05 -05:00
Daniel Nephin 5972bdc87c streaming: improve godoc for cache-type
And fix a bug where any error that implemented the temporary interface was considered
a temporary error, even when the method would return false.
2020-10-06 13:52:02 -04:00
Daniel Nephin d0b87cd5d0 submatview: remove notifyUpdateLocked from reset
This call appears to only be necessary because reset() was called from
NewMaterializer.

This commit has the constructor set a default value for updateCh, and
removes both the call to reset() from New(), and the call to
notifyUpdateLocked() from reset().

This should ensure that we do not notify the Fetch() call before we have new
values to report.
2020-10-06 13:22:02 -04:00
Daniel Nephin 5eab1d8cef submatview: remove method receiver from handlers 2020-10-06 13:22:02 -04:00
Daniel Nephin 3fa08beecf submatview: add a test for handling of NewSnapshotToFollow
Also add some godoc
Rename some vars and functions
Fix a data race in the new cache test for entry closing.
2020-10-06 13:22:02 -04:00
Daniel Nephin 534d8b45bb submatview: refactor Materializer
Refactor of Materializer.Run
Use handlers to manage state in Materializer
Rename Materializer receiver
rename m.l to m.lock, and flip some conditionals to remove the negative.
Improve godoc, rename Deps, move resetErr, and pass err into notifyUpdate
Update for NewSnapshotToFollow events
Refactor to move context cancel out of Materializer
2020-10-06 13:22:02 -04:00