Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Various updates to support managed service provider token enhancements #7714

Merged
merged 4 commits into from
May 4, 2020
Merged

Various updates to support managed service provider token enhancements #7714

merged 4 commits into from
May 4, 2020

Conversation

mkeeler
Copy link
Member

@mkeeler mkeeler commented Apr 27, 2020

  • The ACL.Bootstrap & ACL.BootstrapTokens RPC endpoint disabling when msp tokens are configured can now be disabled. Specifically it defaults to allowing those endpoints to remain active and will require tuning the config to enable the "disabling" of those endpoints.
  • For agents configured with managed service provider tokens, they will now use the first one of those as the agent token for node registration and coordinate updates.
  • Lastly many enterprise only configurations have been moved into the OSS. I got rid of the struct embedding in the top level agent/config.Config struct. Instead we now emit warnings for configurations that will not have any effect in Consul outside of the enterprise release. This necessitated the mapstructure update as I found in the lib that was preventing things from working quite right.

@mkeeler mkeeler requested a review from a team April 27, 2020 20:59
@mkeeler mkeeler modified the milestones: 1.8.0, 1.7.3, 1.7.x Apr 27, 2020
@mkeeler
Update mapstructure to v1.2.3
8c545b5 
This release contains a fix to prevent duplicate keys in the Metadata after decoding where the output value contains pointer fields.
@mkeeler
Some boilerplate to allow for ACL Bootstrap disabling configurability
bec3fb7
@mkeeler
Updates to allow for using an enterprise specific token as the agents…
7a4c73a 
… token

This is needed to allow for managed Consul instances to register themselves in the catalog with one of the managed service provider tokens.
hanshasselberg
hanshasselberg approved these changes May 4, 2020
View reviewed changes
Copy link
Member

@hanshasselberg hanshasselberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left two small comments, LGTM otherwise.

agent/config/config.go Outdated Show resolved Hide resolved
agent/config/config.go Show resolved Hide resolved
@mkeeler
Update enterprise configurations to be in OSS
cbe3a70 
This will emit warnings about the configs not doing anything but still allow them to be parsed.

This also added the warnings for enterprise fields that we already had in OSS but didn’t change their enforcement behavior. For example, attempting to use a network segment will cause a hard error in OSS.
@mkeeler mkeeler merged commit daec810 into master May 4, 2020
@mkeeler mkeeler deleted the oss-sync/msp-agent-token branch May 4, 2020 15:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hanshasselberg hanshasselberg hanshasselberg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.7.x
Development

Successfully merging this pull request may close these issues.
2 participants
@mkeeler @hanshasselberg