Backport of Add reason why port 53 is not used by default into release/1.14.x #19231
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
enable `consul resource read` command in cli
* change log for audit log * fix file name * breaking change
* Begin adding TCPUseTLS * More TCP with TLS plumbing * Making forward progress * Keep on adding TCP+TLS support for healthchecks * Removed too many lines * Unit tests for TCP+TLS * Update tlsutil/config.go Co-authored-by: Samantha <[email protected]> * Working on the tcp+tls unit test * Updated the runtime integration tests * Progress * Revert this file back to HEAD * Remove debugging lines * Implement TLS enabled TCP socket server and make a successful TCP+TLS healthcheck on it * Update docs * Update agent/agent_test.go Co-authored-by: Samantha <[email protected]> * Update website/content/docs/ecs/configuration-reference.mdx Co-authored-by: Samantha <[email protected]> * Update website/content/docs/ecs/configuration-reference.mdx Co-authored-by: Samantha <[email protected]> * Update agent/checks/check.go Co-authored-by: Samantha <[email protected]> * Address comments * Remove extraneous bracket * Update agent/agent_test.go Co-authored-by: Samantha <[email protected]> * Update agent/agent_test.go Co-authored-by: Samantha <[email protected]> * Update website/content/docs/ecs/configuration-reference.mdx Co-authored-by: Samantha <[email protected]> * Update the mockTLSServer * Remove trailing newline * Address comments * Fix merge problem * Add changelog entry --------- Co-authored-by: Samantha <[email protected]>
* fix windows image for enterprise * added quotesT
…e command and using leader version in version (#18680) * init * fix tests * fix tests lint * fix api call inside dc * updated doc * address comments
* update guide to reflect tenancy and scope * Apply suggestions from code review Co-authored-by: Semir Patel <[email protected]> * update ACLHooks signature * Update docs/resources/guide.md Co-authored-by: Semir Patel <[email protected]> --------- Co-authored-by: Semir Patel <[email protected]>
Add support for querying tokens by service name The consul-k8s endpoints controller has a workflow where it fetches all tokens. This is not performant for large clusters, where there may be a sizable number of tokens. This commit attempts to alleviate that problem and introduces a new way to query by the token's service name.
) This PR enables the GetEnvoyBootstrapParams endpoint to construct envoy bootstrap parameters from v2 catalog and mesh resources. * Make bootstrap request and response parameters less specific to services so that we can re-use them for workloads or service instances. * Remove ServiceKind from bootstrap params response. This value was unused previously and is not needed for V2. * Make access logs generation generic so that we can generate them using v1 or v2 resources.
* first commit; reformat PD conf entry * updated proxies overview page * added Deploy SM proxy usage and removed reg index * moved sidecar proxy usage to main proxy folder * recast sidecar reg page as Deploy sidecar services * fix typos * recast SM reg as conf reference- set the sidebar * add redirects * fix links * add PD conf entry usage to appropro pages * edits to proxy conf ref * fix links on index page * example command to write PD conf entry * updated links to old SM proxy reg page * updated links to sidecar service reg page * tryna fix front matter issues * Apply suggestions from code review Co-authored-by: Ronald <[email protected]> * added paragraph about SM proxies to overivew * Apply suggestions from code review Co-authored-by: Jeff Boruszak <[email protected]> --------- Co-authored-by: Ronald <[email protected]> Co-authored-by: Jeff Boruszak <[email protected]>
…3988) (#18352) * This controller generates and saves ProxyStateTemplate for sidecar proxies. * It currently supports single-port L4 ports only. * It keeps a cache of all destinations to make it easier to compute and retrieve destinations. * It will update the status of the pbmesh.Upstreams resource if anything is invalid. * This commit also changes service endpoints to include workload identity. This made the implementation a bit easier as we don't need to look up as many workloads and instead rely on endpoints data.
* Fixes issues in setting status * Update golden files for changes to xds generation to not use deprecated methods * Fixed default for validation of JWT for route
* fix: NET-1521 show latest config in /v1/agent/self
using 4x large for ent
* [NET-5325] ACL templated policies support in tokens and roles - Add API support for creating tokens/roles with templated-policies - Add CLI support for creating tokens/roles with templated-policies * adding changelog
…18532) Co-authored-by: trujillo-adam <[email protected]>
…18605) Co-authored-by: Matt Keeler <[email protected]>
* feat: implement apply command * fix: resolve lint issues * refactor: use fixed types * fix: ci lint failures after main rebase
…#18646) * Add response header filters to http-route config entry definitions * Map response header filters from config entry when constructing route destination * Support response header modifiers at the service level as well * Update protobuf definitions * Update existing unit tests * Add response filters to route consolidation logic * Make existing unit tests more robust * Add missing docstring * Add changelog entry * Add response filter modifiers to existing integration test * Add more robust testing for response header modifiers in the discovery chain * Add more robust testing for request header modifiers in the discovery chain * Modify test to verify that service filter modifiers take precedence over rule filter modifiers
* [NET-5330] Support templated policies in Binding rules * changelog for templated policy support in binding rules
* Generate deep-copy code * Undo license header removal
#18458) This commit adds support for transparent proxy to the sidecar proxy controller. As we do not yet support inferring destinations from intentions, this assumes that all services in the cluster are destinations.
hc-github-team-consul-core
force-pushed
the
backport/dyu/dns-port/typically-creative-hermit
branch
from
ea4adcf to
251075a
Compare
hc-github-team-consul-core
force-pushed
the
backport/dyu/dns-port/typically-creative-hermit
branch
from
209a8b7 to
3964585
Compare
github-team-consul-core-pr-approver
approved these changes
Oct 16, 2023
github-actions
bot
added
type/docs
|
🤔 This PR has changes in the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport
This PR is auto-generated from #19222 to be assessed for backporting due to the inclusion of the label backport/1.14.
🚨
The person who merged in the original PR is:
@david-yu
This person should manually cherry-pick the original PR into a new backport PR,
and close this one when the manual backport PR is merged in.
The below text is copied from the body of the original PR.
Description
Add reason in docs why port 53 is not used by default.
Testing & Reproduction steps
Links
PR Checklist
Overview of commits