Merge pull request #12100 from hashicorp/update-gateway-overview-visual

docs: clarify gateways don't connect to public internet
This commit is contained in:
Jared Kirschner 2022-01-18 19:03:32 -05:00 committed by GitHub
commit 73219b6b92
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 385 additions and 615 deletions

View File

@ -10,10 +10,10 @@ description: >-
This topic provides an overview of the gateway features shipped with Consul. Gateways provide connectivity into, out of, and between Consul service meshes. You can configure the following types of gateways: This topic provides an overview of the gateway features shipped with Consul. Gateways provide connectivity into, out of, and between Consul service meshes. You can configure the following types of gateways:
- [Mesh gateways](#mesh-gateways) enable service-to-service traffic between Consul datacenters or between Consul admin partitions. They also enable datacenters to be federated across wide area networks. - [Mesh gateways](#mesh-gateways) enable service-to-service traffic between Consul datacenters or between Consul admin partitions. They also enable datacenters to be federated across wide area networks.
- [Ingress gateways](#ingress-gateways) enable services to accept traffic from outside the Consul service mesh. - [Ingress gateways](#ingress-gateways) enable connectivity within your organizational network from services outside the Consul service mesh to services in the mesh.
- [Terminating gateways](#terminating-gateways) enable you to route traffic from services in the Consul service mesh to external services. - [Terminating gateways](#terminating-gateways) enable connectivity within your organizational network from services in the Consul service mesh to services outside the mesh.
[![Gateway Architecture](/img/consul-connect/svgs/consul_gateway_overview_wide.svg)](/img/consul-connect/svgs/consul_gateway_overview_wide.svg) [![Gateway Architecture](/img/consul-connect/svgs/consul_gateway_overview.svg)](/img/consul-connect/svgs/consul_gateway_overview.svg)
## Mesh Gateways ## Mesh Gateways
@ -37,8 +37,9 @@ Mesh gateways enable the following scenarios:
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer. -> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
Ingress gateways are an entrypoint for outside traffic. They enable potentially unauthenticated ingress traffic from Ingress gateways enable connectivity within your organizational network from services outside the Consul service mesh
services outside the Consul service mesh to services inside the service mesh. to services in the mesh. To accept ingress traffic from the public internet, use Consul's
[API Gateway](https://www.hashicorp.com/blog/announcing-hashicorp-consul-api-gateway) instead.
These gateways allow you to define what services should be exposed, on what port, and by what hostname. You configure These gateways allow you to define what services should be exposed, on what port, and by what hostname. You configure
an ingress gateway by defining a set of listeners that can map to different sets of backing services. an ingress gateway by defining a set of listeners that can map to different sets of backing services.
@ -55,7 +56,8 @@ and the [ingress gateway tutorial](https://learn.hashicorp.com/tutorials/consul/
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer. -> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
Terminating gateways enable connectivity from services in the Consul service mesh to services outside the mesh. Terminating gateways enable connectivity within your organizational network from services in the Consul service mesh
to services outside the mesh.
Services outside the mesh do not have sidecar proxies or are not [integrated natively](/docs/connect/native). Services outside the mesh do not have sidecar proxies or are not [integrated natively](/docs/connect/native).
These may be services running on legacy infrastructure or managed cloud services running on These may be services running on legacy infrastructure or managed cloud services running on
infrastructure you do not control. infrastructure you do not control.

View File

@ -10,8 +10,8 @@ description: >-
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer. -> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
Ingress gateways enable ingress traffic from services outside the Consul Ingress gateways enable connectivity within your organizational network from services outside the Consul
service mesh to services inside the Consul service mesh. An ingress gateway is service mesh to services in the mesh. An ingress gateway is
a type of proxy and must be registered as a service in Consul, with the a type of proxy and must be registered as a service in Consul, with the
[kind](/api/agent/service#kind) set to "ingress-gateway". They are an [kind](/api/agent/service#kind) set to "ingress-gateway". They are an
entrypoint for outside traffic and allow you to define what services should be entrypoint for outside traffic and allow you to define what services should be

View File

@ -11,7 +11,7 @@ description: >-
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer. -> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
Terminating gateways enable connectivity from services in the Consul service mesh to Terminating gateways enable connectivity within your organizational network from services in the Consul service mesh to
services outside the mesh. These gateways effectively act as Connect proxies that can services outside the mesh. These gateways effectively act as Connect proxies that can
represent more than one service. They terminate Connect mTLS connections, enforce intentions, represent more than one service. They terminate Connect mTLS connections, enforce intentions,
and forward requests to the appropriate destination. and forward requests to the appropriate destination.

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 334 KiB

After

Width:  |  Height:  |  Size: 504 KiB

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 334 KiB