Refactor docs links to learn (#8490)

This commit is contained in:
danielehc 2020-08-17 18:17:51 +02:00 committed by GitHub
parent 483140c9a6
commit b2d87296ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 45 additions and 45 deletions

View File

@ -145,8 +145,8 @@ On success, the Policy is returned:
``` ```
The created policy can now be specified either by name or by ID when The created policy can now be specified either by name or by ID when
[creating a token](https://learn.hashicorp.com/consul/security-networking/production-acls#create-the-agent-token). This will grant the rules [creating a token](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production#create-the-agent-token).
provided to the [bearer of that token](/api#authentication). This will grant the rules provided to the [bearer of that token](/api#authentication).
Below is a breakdown of each rule type. Below is a breakdown of each rule type.

View File

@ -18,7 +18,7 @@ The ACL is [Capability-based](https://en.wikipedia.org/wiki/Capability-based_sec
are associated with policies to determine which fine grained rules can be applied. Consul's capability based are associated with policies to determine which fine grained rules can be applied. Consul's capability based
ACL system is very similar to the design of [AWS IAM](https://aws.amazon.com/iam/). ACL system is very similar to the design of [AWS IAM](https://aws.amazon.com/iam/).
To learn how to setup the ACL system on an existing Consul datacenter, use the [Bootstrapping The ACL System guide](https://learn.hashicorp.com/consul/day-0/acl-guide?utm_source=consul.io&utm_medium=docs). To learn how to setup the ACL system on an existing Consul datacenter, use the [Bootstrapping The ACL System tutorial](https://learn.hashicorp.com/tutorials/consul/access-control-setup?utm_source=consul.io&utm_medium=docs).
## ACL System Overview ## ACL System Overview
@ -62,7 +62,7 @@ Consul operators via Consul's [ACL API](/api/acl/acl),
[HashiCorp's Vault](https://www.vaultproject.io/docs/secrets/consul). [HashiCorp's Vault](https://www.vaultproject.io/docs/secrets/consul).
If the ACL system becomes inoperable, you can follow the If the ACL system becomes inoperable, you can follow the
[reset procedure](https://learn.hashicorp.com/consul/security-networking/acl-troubleshooting?utm_source=consul.io&utm_medium=docs) at any time. [reset procedure](https://learn.hashicorp.com/tutorials/consul/access-control-troubleshoot#reset-the-acl-system) at any time.
### ACL Policies ### ACL Policies
@ -292,7 +292,7 @@ system, or accessing Consul in special situations:
| ------------------------------------------------------------------------ | ---------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ------------------------------------------------------------------------ | ---------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [`acl.tokens.agent_master`](/docs/agent/options#acl_tokens_agent_master) | `OPTIONAL` | `OPTIONAL` | Special token that can be used to access [Agent API](/api/agent) when remote bearer token resolution fails; used for setting up the cluster such as doing initial join operations, see the [ACL Agent Master Token](#acl-agent-master-token) section for more details | | [`acl.tokens.agent_master`](/docs/agent/options#acl_tokens_agent_master) | `OPTIONAL` | `OPTIONAL` | Special token that can be used to access [Agent API](/api/agent) when remote bearer token resolution fails; used for setting up the cluster such as doing initial join operations, see the [ACL Agent Master Token](#acl-agent-master-token) section for more details |
| [`acl.tokens.agent`](/docs/agent/options#acl_tokens_agent) | `OPTIONAL` | `OPTIONAL` | Special token that is used for an agent's internal operations, see the [ACL Agent Token](#acl-agent-token) section for more details | | [`acl.tokens.agent`](/docs/agent/options#acl_tokens_agent) | `OPTIONAL` | `OPTIONAL` | Special token that is used for an agent's internal operations, see the [ACL Agent Token](#acl-agent-token) section for more details |
| [`acl.tokens.master`](/docs/agent/options#acl_tokens_master) | `OPTIONAL` | `N/A` | Special token used to bootstrap the ACL system, see the [Bootstrapping ACLs](https://learn.hashicorp.com/consul/advanced/day-1-operations/acl-guide) guide for more details | | [`acl.tokens.master`](/docs/agent/options#acl_tokens_master) | `OPTIONAL` | `N/A` | Special token used to bootstrap the ACL system, check the [Bootstrapping ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production) tutorial for more details |
| [`acl.tokens.default`](/docs/agent/options#acl_tokens_default) | `OPTIONAL` | `OPTIONAL` | Default token to use for client requests where no token is supplied; this is often configured with read-only access to services to enable DNS service discovery on agents | | [`acl.tokens.default`](/docs/agent/options#acl_tokens_default) | `OPTIONAL` | `OPTIONAL` | Default token to use for client requests where no token is supplied; this is often configured with read-only access to services to enable DNS service discovery on agents |
All of these tokens except the `master` token can all be introduced or updated via the [/v1/agent/token API](/api/agent#update-acl-tokens). All of these tokens except the `master` token can all be introduced or updated via the [/v1/agent/token API](/api/agent#update-acl-tokens).
@ -336,5 +336,5 @@ The `service_prefix` policy needs read access for any services that can be regis
## Next Steps ## Next Steps
Setup ACLs with the [Bootstrapping the ACL System guide](https://learn.hashicorp.com/consul/security-networking/production-acls?utm_source=consul.io&utm_medium=docs) or continue reading about Setup ACLs with the [Bootstrapping the ACL System tutorial](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production?utm_source=consul.io&utm_medium=docs) or continue reading about
[ACL rules](/docs/acl/acl-rules). [ACL rules](/docs/acl/acl-rules).

View File

@ -68,4 +68,4 @@ communications, and agent communications with ACLs. When securing your cluster
you should configure the ACLs first. The ACL documentation introduces basic you should configure the ACLs first. The ACL documentation introduces basic
concepts and syntax for the ACL system, and we recommend that you read it concepts and syntax for the ACL system, and we recommend that you read it
before you begin [this before you begin [this
guide](https://learn.hashicorp.com/consul/security-networking/production-acls). tutorial](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).

View File

@ -14,7 +14,7 @@ description: >-
One of the primary roles of the agent is management of system-level and application-level health One of the primary roles of the agent is management of system-level and application-level health
checks. A health check is considered to be application-level if it is associated with a checks. A health check is considered to be application-level if it is associated with a
service. If not associated with a service, the check monitors the health of the entire node. service. If not associated with a service, the check monitors the health of the entire node.
Review the [health checks guide](https://learn.hashicorp.com/consul/developer-discovery/health-checks) to get a more complete example on how to leverage health check capabilities in Consul. Review the [health checks tutorial](https://learn.hashicorp.com/tutorials/consul/service-registration-health-checks) to get a more complete example on how to leverage health check capabilities in Consul.
A check is defined in a configuration file or added at runtime over the HTTP interface. Checks A check is defined in a configuration file or added at runtime over the HTTP interface. Checks
created via the HTTP interface persist with that node. created via the HTTP interface persist with that node.

View File

@ -387,7 +387,7 @@ Also make two services in the frontend namespace available over a custom port wi
## ACLs ## ACLs
Configuration entries may be protected by Configuration entries may be protected by
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Reading an `ingress-gateway` config entry requires `service:read` on the `Name` Reading an `ingress-gateway` config entry requires `service:read` on the `Name`
field of the config entry. field of the config entry.

View File

@ -85,7 +85,7 @@ Config {
## ACLs ## ACLs
Configuration entries may be protected by Configuration entries may be protected by
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Reading a `proxy-defaults` config entry requires no specific privileges. Reading a `proxy-defaults` config entry requires no specific privileges.

View File

@ -73,7 +73,7 @@ Protocol = "http"
## ACLs ## ACLs
Configuration entries may be protected by Configuration entries may be protected by
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Reading a `service-defaults` config entry requires `service:read` on itself. Reading a `service-defaults` config entry requires `service:read` on itself.

View File

@ -167,7 +167,7 @@ referenced by their names throughout the other configuration entry kinds.
## ACLs ## ACLs
Configuration entries may be protected by Configuration entries may be protected by
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Reading a `service-resolver` config entry requires `service:read` on itself. Reading a `service-resolver` config entry requires `service:read` on itself.

View File

@ -260,7 +260,7 @@ Routes = [
## ACLs ## ACLs
Configuration entries may be protected by Configuration entries may be protected by
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Reading a `service-router` config entry requires `service:read` on itself. Reading a `service-router` config entry requires `service:read` on itself.

View File

@ -102,7 +102,7 @@ Splits = [
## ACLs ## ACLs
Configuration entries may be protected by Configuration entries may be protected by
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Reading a `service-splitter` config entry requires `service:read` on itself. Reading a `service-splitter` config entry requires `service:read` on itself.

View File

@ -438,7 +438,7 @@ and configure default certificates for mutual TLS. Also override the SNI and CA
## ACLs ## ACLs
Configuration entries may be protected by Configuration entries may be protected by
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Reading a `terminating-gateway` config entry requires `service:read` on the `Name` Reading a `terminating-gateway` config entry requires `service:read` on the `Name`
field of the config entry. field of the config entry.

View File

@ -36,7 +36,7 @@ as the DNS server for a node and provide a
[`recursors`](/docs/agent/options#recursors) configuration so that non-Consul queries [`recursors`](/docs/agent/options#recursors) configuration so that non-Consul queries
can also be resolved. The last method is to forward all queries for the "consul." can also be resolved. The last method is to forward all queries for the "consul."
domain to a Consul agent from the existing DNS server. Review the domain to a Consul agent from the existing DNS server. Review the
[DNS Forwarding guide](https://learn.hashicorp.com/consul/security-networking/forwarding?utm_source=consul.io&utm_medium=docs) for examples. [DNS Forwarding tutorial](https://learn.hashicorp.com/tutorials/consul/dns-forwarding?utm_source=consul.io&utm_medium=docs) for examples.
You can experiment with Consul's DNS server on the command line using tools such as `dig`: You can experiment with Consul's DNS server on the command line using tools such as `dig`:
@ -283,8 +283,8 @@ are not truncated.
By default, all DNS results served by Consul set a 0 TTL value. This disables By default, all DNS results served by Consul set a 0 TTL value. This disables
caching of DNS results. However, there are many situations in which caching is caching of DNS results. However, there are many situations in which caching is
desirable for performance and scalability. This is discussed more in the guide desirable for performance and scalability. This is discussed more in the tutorial
for [DNS caching](https://learn.hashicorp.com/consul/security-networking/dns-caching). for [DNS caching](https://learn.hashicorp.com/tutorials/consul/dns-caching).
## WAN Address Translation ## WAN Address Translation

View File

@ -14,9 +14,9 @@ The Consul agent supports encrypting all of its network traffic. The exact
method of encryption is described on the [encryption internals page](/docs/internals/security). method of encryption is described on the [encryption internals page](/docs/internals/security).
There are two separate encryption systems, one for gossip traffic and one for RPC. There are two separate encryption systems, one for gossip traffic and one for RPC.
To configure the encryption systems on a new cluster, review this following guides to To configure the encryption systems on a new cluster, review this following tutorials to
[enable gossip encryption](https://learn.hashicorp.com/consul/security-networking/agent-encryption?utm_source=consul.io&utm_medium=docs) and [enable gossip encryption](https://learn.hashicorp.com/tutorials/consul/gossip-encryption-secure?utm_source=consul.io&utm_medium=docs) and
[TLS encryption for agent communication](https://learn.hashicorp.com/consul/security-networking/certificates?utm_source=consul.io&utm_medium=docs). [TLS encryption for agent communication](https://learn.hashicorp.com/tutorials/consul/tls-encryption-secure?utm_source=consul.io&utm_medium=docs).
## Gossip Encryption ## Gossip Encryption
@ -62,7 +62,7 @@ order to send and receive cluster information.
## Configuring Gossip Encryption on an existing cluster ## Configuring Gossip Encryption on an existing cluster
As of version 0.8.4, Consul supports upshifting to encrypted gossip on a running cluster As of version 0.8.4, Consul supports upshifting to encrypted gossip on a running cluster
through the following process. Review this [step-by-step guide](https://learn.hashicorp.com/consul/security-networking/agent-encryption#enable-gossip-encryption-existing-cluster) through the following process. Review this [step-by-step tutorial](https://learn.hashicorp.com/tutorials/consul/gossip-encryption-secure#enable-gossip-encryption-existing-cluster)
to encrypt gossip on an existing cluster. to encrypt gossip on an existing cluster.
## RPC Encryption with TLS ## RPC Encryption with TLS
@ -71,7 +71,7 @@ Consul supports using TLS to verify the authenticity of servers and clients. To
Consul requires that all clients and servers have key pairs that are generated by a single Consul requires that all clients and servers have key pairs that are generated by a single
Certificate Authority. This can be a private CA, used only internally. The Certificate Authority. This can be a private CA, used only internally. The
CA then signs keys for each of the agents, as in CA then signs keys for each of the agents, as in
[this tutorial on generating both a CA and signing keys](https://learn.hashicorp.com/consul/security-networking/certificates). [this tutorial on generating both a CA and signing keys](https://learn.hashicorp.com/tutorials/consul/tls-encryption-secure).
~> Certificates need to be created with x509v3 extendedKeyUsage attributes for both clientAuth and serverAuth since Consul uses a single cert/key pair for both server and client communications. ~> Certificates need to be created with x509v3 extendedKeyUsage attributes for both clientAuth and serverAuth since Consul uses a single cert/key pair for both server and client communications.
@ -109,6 +109,6 @@ and is secured using a symmetric key. See above for enabling gossip encryption.
As of version 0.8.4, Consul supports migrating to TLS-encrypted traffic on a running cluster As of version 0.8.4, Consul supports migrating to TLS-encrypted traffic on a running cluster
without downtime. This process assumes a starting point with no TLS settings configured and involves without downtime. This process assumes a starting point with no TLS settings configured and involves
an intermediate step in order to get to full TLS encryption. Review the an intermediate step in order to get to full TLS encryption. Review the
[Securing RPC Communication with TLS Encryption guide](https://learn.hashicorp.com/consul/security-networking/certificates) [Securing RPC Communication with TLS Encryption tutorial](ps://learn.hashicorp.com/tutorials/consul/tls-encryption-secure)
for the step-by-step process to configure TLS on a new or existing cluster. Note the call outs there for the step-by-step process to configure TLS on a new or existing cluster. Note the call outs there
for existing cluster configuration. for existing cluster configuration.

View File

@ -29,7 +29,7 @@ operations and maintain very little state of their own.
The agent is started with the [`consul agent`](/docs/commands/agent) command. The agent is started with the [`consul agent`](/docs/commands/agent) command.
This command blocks, running forever or until told to quit. You can test a This command blocks, running forever or until told to quit. You can test a
local agent by following the local agent by following the
[Getting Started guides](https://learn.hashicorp.com/consul/getting-started/install?utm_source=consul.io&utm_medium=docs). [Getting Started tutorials](https://learn.hashicorp.com/tutorials/consul/get-started-install?utm_source=consul.io&utm_medium=docs).
The agent command takes a variety of The agent command takes a variety of
[`configuration options`](/docs/agent/options#command-line-options), but most [`configuration options`](/docs/agent/options#command-line-options), but most

View File

@ -23,7 +23,7 @@ Having a quorum of servers will decrease the risk of data loss if an outage
occurs. occurs.
If you have not used Consul KV, check out this [Getting Started If you have not used Consul KV, check out this [Getting Started
guide](https://learn.hashicorp.com/consul/getting-started/kv?utm_source=consul.io&utm_medium=docs) on HashiCorp tutorial](https://learn.hashicorp.com/tutorials/consul/get-started-key-value-store?utm_source=consul.io&utm_medium=docs) on HashiCorp
Learn. Learn.
## Accessing the KV store ## Accessing the KV store
@ -31,7 +31,7 @@ Learn.
The KV store can be accessed by the [consul kv CLI The KV store can be accessed by the [consul kv CLI
subcommands](/docs/commands/kv), [HTTP API](/api/kv), and Consul UI. subcommands](/docs/commands/kv), [HTTP API](/api/kv), and Consul UI.
To restrict access, enable and configure To restrict access, enable and configure
[ACLs](https://learn.hashicorp.com/consul/security-networking/production-acls). [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production).
Once the ACL system has been bootstrapped, users and services, will need a Once the ACL system has been bootstrapped, users and services, will need a
valid token with KV [privileges](/docs/agent/acl-rules#key-value-rules) to valid token with KV [privileges](/docs/agent/acl-rules#key-value-rules) to
access the the data store, this includes even reads. We recommend creating a access the the data store, this includes even reads. We recommend creating a
@ -68,8 +68,8 @@ using the API and in shell scripts.
If you plan to use Consul KV as part of your configuration management process If you plan to use Consul KV as part of your configuration management process
review the [Consul review the [Consul
Template](https://learn.hashicorp.com/consul/developer-configuration/consul-template) Template](https://learn.hashicorp.com/tutorials/consul/consul-template)
guide on how to update configuration based on value updates in the KV. Consul tutorial on how to update configuration based on value updates in the KV. Consul
Template is based on Go Templates and allows for a series of scripted actions Template is based on Go Templates and allows for a series of scripted actions
to be initiated on value changes to a Consul key. to be initiated on value changes to a Consul key.
@ -90,10 +90,10 @@ increment to the `LockIndex` and the session value is updated to reflect the
session holding the lock. Review the session documentation for more information session holding the lock. Review the session documentation for more information
on the [integration](/docs/internals/sessions#k-v-integration). on the [integration](/docs/internals/sessions#k-v-integration).
Review the following guides to learn how to use Consul sessions for [application leader election](https://learn.hashicorp.com/consul/developer-configuration/elections) and Review the following tutorials to learn how to use Consul sessions for [application leader election](https://learn.hashicorp.com/tutorials/consul/application-leader-elections) and
to [build distributed semaphores](https://learn.hashicorp.com/consul/developer-configuration/semaphore). to [build distributed semaphores](https://learn.hashicorp.com/tutorials/consul/distributed-semaphore).
### Vault ### Vault
If you plan to use Consul KV as a backend for Vault, please review [this If you plan to use Consul KV as a backend for Vault, please review [this
guide](https://learn.hashicorp.com/vault/operations/ops-vault-ha-consul). tutorial](https://learn.hashicorp.com/tutorials/vault/ha-with-consul).

View File

@ -41,8 +41,8 @@ documented below in the
configuration reload. configuration reload.
You can test the following configuration options by following the You can test the following configuration options by following the
[Getting Started](https://learn.hashicorp.com/consul/getting-started/install?utm_source=consul.io&utm_medium=docs) [Getting Started](https://learn.hashicorp.com/tutorials/consul/get-started-install?utm_source=consul.io&utm_medium=docs)
guides to install a local agent. tutorials to install a local agent.
## Environment Variables ## Environment Variables
@ -442,8 +442,8 @@ The options below are all specified on the command-line.
- `-segment` ((#\_segment)) <EnterpriseAlert inline /> - This flag is used to set - `-segment` ((#\_segment)) <EnterpriseAlert inline /> - This flag is used to set
the name of the network segment the agent belongs to. An agent can only join and the name of the network segment the agent belongs to. An agent can only join and
communicate with other agents within its network segment. See the [Network Segments communicate with other agents within its network segment. Review the [Network Segments
Guide](https://learn.hashicorp.com/consul/day-2-operations/network-segments) for tutorial](https://learn.hashicorp.com/tutorials/consul/network-partition-datacenters) for
more details. By default, this is an empty string, which is the default network more details. By default, this is an empty string, which is the default network
segment. segment.
@ -699,7 +699,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
This designates the datacenter which is authoritative for ACL information. It must be provided to enable ACLs. All servers and datacenters must agree on the ACL datacenter. Setting it on the servers is all you need for cluster-level enforcement, but for the APIs to forward properly from the clients, This designates the datacenter which is authoritative for ACL information. It must be provided to enable ACLs. All servers and datacenters must agree on the ACL datacenter. Setting it on the servers is all you need for cluster-level enforcement, but for the APIs to forward properly from the clients,
it must be set on them too. In Consul 0.8 and later, this also enables agent-level enforcement it must be set on them too. In Consul 0.8 and later, this also enables agent-level enforcement
of ACLs. Please see the [ACL Guide](https://learn.hashicorp.com/consul/security-networking/production-acls) for more details. of ACLs. Please review the [ACL tutorial](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production) for more details.
- `acl_default_policy` ((#acl_default_policy_legacy)) - **Deprecated in Consul 1.4.0. See the [`acl.default_policy`](#acl_default_policy) field instead.** - `acl_default_policy` ((#acl_default_policy_legacy)) - **Deprecated in Consul 1.4.0. See the [`acl.default_policy`](#acl_default_policy) field instead.**
Either "allow" or "deny"; defaults to "allow". The default policy controls the Either "allow" or "deny"; defaults to "allow". The default policy controls the
@ -759,7 +759,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
- `acl_replication_token` ((#acl_replication_token_legacy)) - **Deprecated - `acl_replication_token` ((#acl_replication_token_legacy)) - **Deprecated
in Consul 1.4.0. See the [`acl.tokens.replication`](#acl_tokens_replication) field in Consul 1.4.0. See the [`acl.tokens.replication`](#acl_tokens_replication) field
instead.** Only used for servers outside the [`primary_datacenter`](#primary_datacenter) instead.** Only used for servers outside the [`primary_datacenter`](#primary_datacenter)
running Consul 0.7 or later. When provided, this will enable [ACL replication](https://learn.hashicorp.com/consul/day-2-operations/acl-replication) running Consul 0.7 or later. When provided, this will enable [ACL replication](https://learn.hashicorp.com/tutorials/consul/access-control-replication-multiple-datacenters)
using this ACL replication using this token to retrieve and replicate the ACLs using this ACL replication using this token to retrieve and replicate the ACLs
to the non-authoritative local datacenter. In Consul 0.9.1 and later you can enable to the non-authoritative local datacenter. In Consul 0.9.1 and later you can enable
ACL replication using [`enable_acl_replication`](#enable_acl_replication) and then ACL replication using [`enable_acl_replication`](#enable_acl_replication) and then
@ -877,7 +877,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
respected on bootstrapping. If they are not provided, the defaults will be used. respected on bootstrapping. If they are not provided, the defaults will be used.
In order to change the value of these options after bootstrapping, you will need In order to change the value of these options after bootstrapping, you will need
to use the [Consul Operator Autopilot](/docs/commands/operator/autopilot) to use the [Consul Operator Autopilot](/docs/commands/operator/autopilot)
command. For more information about Autopilot, see the [Autopilot Guide](https://learn.hashicorp.com/consul/day-2-operations/autopilot). command. For more information about Autopilot, review the [Autopilot tutorial](https://learn.hashicorp.com/tutorials/consul/autopilot-datacenter-operations).
The following sub-keys are available: The following sub-keys are available:
@ -1292,7 +1292,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
equivalent to the [`max_stale`](#max_stale) configuration for DNS requests. If this value is zero (default), all service discovery HTTP endpoints are forwarded to the leader. If this value is greater than zero, any Consul server can handle the service discovery request. If a Consul server is behind the leader by more than `discovery_max_stale`, the query will be re-evaluated on the leader to get more up-to-date results. Consul agents also add a new `X-Consul-Effective-Consistency` response header which indicates if the agent did a stale read. `discover-max-stale` was introduced in Consul 1.0.7 as a way for Consul operators to force stale requests from clients at the agent level, and defaults to zero which matches default consistency behavior in earlier Consul versions. equivalent to the [`max_stale`](#max_stale) configuration for DNS requests. If this value is zero (default), all service discovery HTTP endpoints are forwarded to the leader. If this value is greater than zero, any Consul server can handle the service discovery request. If a Consul server is behind the leader by more than `discovery_max_stale`, the query will be re-evaluated on the leader to get more up-to-date results. Consul agents also add a new `X-Consul-Effective-Consistency` response header which indicates if the agent did a stale read. `discover-max-stale` was introduced in Consul 1.0.7 as a way for Consul operators to force stale requests from clients at the agent level, and defaults to zero which matches default consistency behavior in earlier Consul versions.
- `dns_config` This object allows a number of sub-keys - `dns_config` This object allows a number of sub-keys
to be set which can tune how DNS queries are serviced. See this guide on [DNS caching](https://learn.hashicorp.com/consul/security-networking/dns-caching) for more detail. to be set which can tune how DNS queries are serviced. Check the tutorial on [DNS caching](https://learn.hashicorp.com/tutorials/consul/dns-caching) for more detail.
The following sub-keys are available: The following sub-keys are available:
@ -1554,7 +1554,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
only works with API endpoints, not `/ui` or `/debug`, those must be disabled only works with API endpoints, not `/ui` or `/debug`, those must be disabled
with their respective configuration options. Any CLI commands that use disabled with their respective configuration options. Any CLI commands that use disabled
endpoints will no longer function as well. For more general access control, Consul's endpoints will no longer function as well. For more general access control, Consul's
[ACL system](https://learn.hashicorp.com/consul/security-networking/production-acls) [ACL system](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production)
should be used, but this option is useful for removing access to HTTP API endpoints should be used, but this option is useful for removing access to HTTP API endpoints
completely, or on specific agents. This is available in Consul 0.9.0 and later. completely, or on specific agents. This is available in Consul 0.9.0 and later.
@ -1773,7 +1773,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'."
- `segments` <EnterpriseAlert inline /> - This is a list of nested objects - `segments` <EnterpriseAlert inline /> - This is a list of nested objects
that allows setting the bind/advertise information for network segments. This can that allows setting the bind/advertise information for network segments. This can
only be set on servers. See the [Network Segments Guide](https://learn.hashicorp.com/consul/day-2-operations/network-segments) only be set on servers. Review the [Network Segments tutorial](https://learn.hashicorp.com/tutorials/consul/network-partition-datacenters)
for more details. for more details.
- `name` ((#segment_name)) - The name of the segment. Must be a string - `name` ((#segment_name)) - The name of the segment. Must be a string

View File

@ -20,7 +20,7 @@ a health check. A health check is considered to be application level if it is
associated with a service. A service is defined in a configuration file associated with a service. A service is defined in a configuration file
or added at runtime over the HTTP interface. or added at runtime over the HTTP interface.
Use the [Getting Started guides](https://learn.hashicorp.com/consul/getting-started/services?utm_source=consul.io&utm_medium=docs) to get hands-on experience registering a simple service with a health check on your local machine. Use the [Getting Started tutorials](https://learn.hashicorp.com/tutorials/consul/get-started-service-discovery?utm_source=consul.io&utm_medium=docs) to get hands-on experience registering a simple service with a health check on your local machine.
## Service Definition ## Service Definition

View File

@ -20,13 +20,13 @@ it will dump the current telemetry information to the agent's `stderr`.
This telemetry information can be used for debugging or otherwise This telemetry information can be used for debugging or otherwise
getting a better view of what Consul is doing. Review the [Monitoring and getting a better view of what Consul is doing. Review the [Monitoring and
Metrics guide](https://learn.hashicorp.com/consul/day-2-operations/monitoring?utm_source=consul.io&utm_medium=docs) to learn how collect and interpret Consul data. Metrics tutorial](https://learn.hashicorp.com/tutorials/consul/monitor-datacenter-health?utm_source=consul.io&utm_medium=docs) to learn how collect and interpret Consul data.
Additionally, if the [`telemetry` configuration options](/docs/agent/options#telemetry) Additionally, if the [`telemetry` configuration options](/docs/agent/options#telemetry)
are provided, the telemetry information will be streamed to a are provided, the telemetry information will be streamed to a
[statsite](http://github.com/armon/statsite) or [statsd](http://github.com/etsy/statsd) server where [statsite](http://github.com/armon/statsite) or [statsd](http://github.com/etsy/statsd) server where
it can be aggregated and flushed to Graphite or any other metrics store. it can be aggregated and flushed to Graphite or any other metrics store.
For a configuration example for Telegraf, review the [Monitoring with Telegraf guide](https://learn.hashicorp.com/consul/integrations/telegraf?utm_source=consul.io&utm_medium=docs). For a configuration example for Telegraf, review the [Monitoring with Telegraf tutorial](https://learn.hashicorp.com/tutorials/consul/monitor-health-telegraf?utm_source=consul.io&utm_medium=docs).
This This
information can also be viewed with the [metrics endpoint](/api/agent#view-metrics) in JSON information can also be viewed with the [metrics endpoint](/api/agent#view-metrics) in JSON