mirror of https://github.com/status-im/consul.git
fdd10dd8b8
Fixes: #5396 This PR adds a proxy configuration stanza called expose. These flags register listeners in Connect sidecar proxies to allow requests to specific HTTP paths from outside of the node. This allows services to protect themselves by only listening on the loopback interface, while still accepting traffic from non Connect-enabled services. Under expose there is a boolean checks flag that would automatically expose all registered HTTP and gRPC check paths. This stanza also accepts a paths list to expose individual paths. The primary use case for this functionality would be to expose paths for third parties like Prometheus or the kubelet. Listeners for requests to exposed paths are be configured dynamically at run time. Any time a proxy, or check can be registered, a listener can also be created. In this initial implementation requests to these paths are not authenticated/encrypted. |
||
|---|---|---|
| .. | ||
| catalog_datacenters.go | ||
| catalog_datacenters_test.go | ||
| catalog_list_services.go | ||
| catalog_list_services_test.go | ||
| catalog_services.go | ||
| catalog_services_test.go | ||
| config_entry.go | ||
| config_entry_test.go | ||
| connect_ca_leaf.go | ||
| connect_ca_leaf_test.go | ||
| connect_ca_root.go | ||
| connect_ca_root_test.go | ||
| discovery_chain.go | ||
| discovery_chain_test.go | ||
| health_services.go | ||
| health_services_test.go | ||
| intention_match.go | ||
| intention_match_test.go | ||
| mock_RPC.go | ||
| node_services.go | ||
| node_services_test.go | ||
| prepared_query.go | ||
| prepared_query_test.go | ||
| resolved_service_config.go | ||
| resolved_service_config_test.go | ||
| rpc.go | ||
| service_checks.go | ||
| service_checks_test.go | ||
| service_dump.go | ||
| service_dump_test.go | ||
| testing.go | ||