luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Updates docs for CRDs (#14267) 

Co-authored-by: NicoletaPopoviciu <nicoleta@hashicorp.com>
This commit is contained in:
Ashwin Venkatesh 2022-08-23 15:14:36 -04:00 committed by GitHub
parent 7a3c20ce64
commit 1e9cb26b65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 4 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
website/content/docs/connect/config-entries/ingress-gateway.mdx
View File

@ -991,14 +991,12 @@ You can specify the following parameters to configure ingress gateway configurat
},
{
name: 'TLSMinVersion',
yaml: false,
type: 'string: ""',
description:
"Set the default minimum TLS version supported for the gateway's listeners. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.",
},
{
name: 'TLSMaxVersion',
yaml: false,
type: 'string: ""',
description: {
hcl:
@ -1009,7 +1007,6 @@ You can specify the following parameters to configure ingress gateway configurat
},
{
name: 'CipherSuites',
yaml: false,
type: 'array<string>: <optional>',
description: `Set the default list of TLS cipher suites for the gateway's
listeners to support when negotiating connections using
@ -1179,21 +1176,18 @@ You can specify the following parameters to configure ingress gateway configurat
},
{
name: 'TLSMinVersion',
yaml: false,
type: 'string: ""',
description:
'Set the minimum TLS version supported for this listener. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.',
},
{
name: 'TLSMaxVersion',
yaml: false,
type: 'string: ""',
description:
'Set the maximum TLS version supported for this listener. Must be greater than or equal to `TLSMinVersion`. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`.',
},
{
name: 'CipherSuites',
yaml: false,
type: 'array<string>: <optional>',
description: `Set the list of TLS cipher suites to support when negotiating
connections using TLS 1.2 or earlier. If unspecified,

11
website/content/docs/connect/config-entries/mesh.mdx
View File

@ -271,7 +271,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
children: [
{
name: 'Incoming',
yaml: false,
type: 'TLSDirectionConfig: <optional>',
description: `TLS configuration for inbound mTLS connections targeting
the public listener on \`connect-proxy\` and \`terminating-gateway\`
@ -279,14 +278,12 @@ Note that the Kubernetes example does not include a `partition` field. Configura
children: [
{
name: 'TLSMinVersion',
yaml: false,
type: 'string: ""',
description:
"Set the default minimum TLS version supported. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.",
},
{
name: 'TLSMaxVersion',
yaml: false,
type: 'string: ""',
description: {
hcl:
@ -297,7 +294,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
},
{
name: 'CipherSuites',
yaml: false,
type: 'array<string>: <optional>',
description: `Set the default list of TLS cipher suites
to support when negotiating connections using
@ -315,7 +311,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
},
{
name: 'Outgoing',
yaml: false,
type: 'TLSDirectionConfig: <optional>',
description: `TLS configuration for outbound mTLS connections dialing upstreams
from \`connect-proxy\` and \`ingress-gateway\`
@ -323,14 +318,12 @@ Note that the Kubernetes example does not include a `partition` field. Configura
children: [
{
name: 'TLSMinVersion',
yaml: false,
type: 'string: ""',
description:
"Set the default minimum TLS version supported. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.",
},
{
name: 'TLSMaxVersion',
yaml: false,
type: 'string: ""',
description: {
hcl:
@ -341,7 +334,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
},
{
name: 'CipherSuites',
yaml: false,
type: 'array<string>: <optional>',
description: `Set the default list of TLS cipher suites
to support when negotiating connections using
@ -366,9 +358,8 @@ Note that the Kubernetes example does not include a `partition` field. Configura
children: [
{
name: 'SanitizeXForwardedClientCert',
yaml: false,
type: 'bool: <optional>',
description: `If configured to \`true\`, the \`forward_client_cert_details\` option will be set to \`SANITIZE\`
description: `If configured to \`true\`, the \`forward_client_cert_details\` option will be set to \`SANITIZE\`
for all Envoy proxies. As a result, Consul will not include the \`x-forwarded-client-cert\` header in the next hop.
If set to \`false\` (default), the XFCC header is propagated to upstream applications.`,
},

8
website/content/docs/connect/config-entries/proxy-defaults.mdx
View File

@ -10,7 +10,7 @@ description: >-
# Proxy Defaults
The `proxy-defaults` configuration entry (`ProxyDefaults` on Kubernetes) allows you
The `proxy-defaults` configuration entry (`ProxyDefaults` on Kubernetes) allows you
to configure global defaults across all services for Connect proxy
configurations. Only one global entry is supported.
@ -28,8 +28,8 @@ service definitions](/docs/connect/registration/sidecar-service).
## Requirements
The following Consul binaries are supported:
* Consul 1.8.4+ on Kubernetes.
* Consul 1.5.0+ on other platforms.
* Consul 1.8.4+ on Kubernetes.
* Consul 1.5.0+ on other platforms.
## Usage
@ -321,7 +321,6 @@ spec:
\`direct\` represents that the proxy's listeners must be dialed directly by the local
application and other proxies.
Added in v1.10.0.`,
yaml: false,
},
{
name: 'TransparentProxy',
@ -333,7 +332,6 @@ spec:
type: 'int: "15001"',
description: `The port the proxy should listen on for outbound traffic. This must be the port where
outbound application traffic is captured and redirected to.`,
yaml: false,
},
{
name: 'DialedDirectly',

2
website/content/docs/connect/config-entries/service-defaults.mdx
View File

@ -366,7 +366,6 @@ represents a location outside the Consul cluster. They can be dialed directly wh
\`direct\` represents that the proxy's listeners must be dialed directly by the local
application and other proxies.
Added in v1.10.0.`,
yaml: false,
},
{
name: 'UpstreamConfig',
@ -652,7 +651,6 @@ represents a location outside the Consul cluster. They can be dialed directly wh
type: 'int: "15001"',
description: `The port the proxy should listen on for outbound traffic. This must be the port where
outbound application traffic is redirected to.`,
yaml: false,
},
{
name: 'DialedDirectly',