Merge pull request #12100 from hashicorp/update-gateway-overview-visual
docs: clarify gateways don't connect to public internet
This commit is contained in:
commit
73219b6b92
|
@ -10,10 +10,10 @@ description: >-
|
||||||
This topic provides an overview of the gateway features shipped with Consul. Gateways provide connectivity into, out of, and between Consul service meshes. You can configure the following types of gateways:
|
This topic provides an overview of the gateway features shipped with Consul. Gateways provide connectivity into, out of, and between Consul service meshes. You can configure the following types of gateways:
|
||||||
|
|
||||||
- [Mesh gateways](#mesh-gateways) enable service-to-service traffic between Consul datacenters or between Consul admin partitions. They also enable datacenters to be federated across wide area networks.
|
- [Mesh gateways](#mesh-gateways) enable service-to-service traffic between Consul datacenters or between Consul admin partitions. They also enable datacenters to be federated across wide area networks.
|
||||||
- [Ingress gateways](#ingress-gateways) enable services to accept traffic from outside the Consul service mesh.
|
- [Ingress gateways](#ingress-gateways) enable connectivity within your organizational network from services outside the Consul service mesh to services in the mesh.
|
||||||
- [Terminating gateways](#terminating-gateways) enable you to route traffic from services in the Consul service mesh to external services.
|
- [Terminating gateways](#terminating-gateways) enable connectivity within your organizational network from services in the Consul service mesh to services outside the mesh.
|
||||||
|
|
||||||
[![Gateway Architecture](/img/consul-connect/svgs/consul_gateway_overview_wide.svg)](/img/consul-connect/svgs/consul_gateway_overview_wide.svg)
|
[![Gateway Architecture](/img/consul-connect/svgs/consul_gateway_overview.svg)](/img/consul-connect/svgs/consul_gateway_overview.svg)
|
||||||
|
|
||||||
## Mesh Gateways
|
## Mesh Gateways
|
||||||
|
|
||||||
|
@ -37,8 +37,9 @@ Mesh gateways enable the following scenarios:
|
||||||
|
|
||||||
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
||||||
|
|
||||||
Ingress gateways are an entrypoint for outside traffic. They enable potentially unauthenticated ingress traffic from
|
Ingress gateways enable connectivity within your organizational network from services outside the Consul service mesh
|
||||||
services outside the Consul service mesh to services inside the service mesh.
|
to services in the mesh. To accept ingress traffic from the public internet, use Consul's
|
||||||
|
[API Gateway](https://www.hashicorp.com/blog/announcing-hashicorp-consul-api-gateway) instead.
|
||||||
|
|
||||||
These gateways allow you to define what services should be exposed, on what port, and by what hostname. You configure
|
These gateways allow you to define what services should be exposed, on what port, and by what hostname. You configure
|
||||||
an ingress gateway by defining a set of listeners that can map to different sets of backing services.
|
an ingress gateway by defining a set of listeners that can map to different sets of backing services.
|
||||||
|
@ -55,7 +56,8 @@ and the [ingress gateway tutorial](https://learn.hashicorp.com/tutorials/consul/
|
||||||
|
|
||||||
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
||||||
|
|
||||||
Terminating gateways enable connectivity from services in the Consul service mesh to services outside the mesh.
|
Terminating gateways enable connectivity within your organizational network from services in the Consul service mesh
|
||||||
|
to services outside the mesh.
|
||||||
Services outside the mesh do not have sidecar proxies or are not [integrated natively](/docs/connect/native).
|
Services outside the mesh do not have sidecar proxies or are not [integrated natively](/docs/connect/native).
|
||||||
These may be services running on legacy infrastructure or managed cloud services running on
|
These may be services running on legacy infrastructure or managed cloud services running on
|
||||||
infrastructure you do not control.
|
infrastructure you do not control.
|
||||||
|
|
|
@ -10,8 +10,8 @@ description: >-
|
||||||
|
|
||||||
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
||||||
|
|
||||||
Ingress gateways enable ingress traffic from services outside the Consul
|
Ingress gateways enable connectivity within your organizational network from services outside the Consul
|
||||||
service mesh to services inside the Consul service mesh. An ingress gateway is
|
service mesh to services in the mesh. An ingress gateway is
|
||||||
a type of proxy and must be registered as a service in Consul, with the
|
a type of proxy and must be registered as a service in Consul, with the
|
||||||
[kind](/api/agent/service#kind) set to "ingress-gateway". They are an
|
[kind](/api/agent/service#kind) set to "ingress-gateway". They are an
|
||||||
entrypoint for outside traffic and allow you to define what services should be
|
entrypoint for outside traffic and allow you to define what services should be
|
||||||
|
|
|
@ -11,7 +11,7 @@ description: >-
|
||||||
|
|
||||||
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
-> **1.8.0+:** This feature is available in Consul versions 1.8.0 and newer.
|
||||||
|
|
||||||
Terminating gateways enable connectivity from services in the Consul service mesh to
|
Terminating gateways enable connectivity within your organizational network from services in the Consul service mesh to
|
||||||
services outside the mesh. These gateways effectively act as Connect proxies that can
|
services outside the mesh. These gateways effectively act as Connect proxies that can
|
||||||
represent more than one service. They terminate Connect mTLS connections, enforce intentions,
|
represent more than one service. They terminate Connect mTLS connections, enforce intentions,
|
||||||
and forward requests to the appropriate destination.
|
and forward requests to the appropriate destination.
|
||||||
|
|
File diff suppressed because one or more lines are too long
Before Width: | Height: | Size: 334 KiB After Width: | Height: | Size: 504 KiB |
File diff suppressed because one or more lines are too long
Before Width: | Height: | Size: 334 KiB |
Loading…
Reference in New Issue