From ef9282d22426c2126b28eea188ef84b4d6202c6a Mon Sep 17 00:00:00 2001 From: hc-github-team-consul-core Date: Fri, 7 Jul 2023 17:53:45 -0500 Subject: [PATCH] Backport of Fix removed service-to-service peering links into release/1.16.x (#18019) * no-op commit due to failed cherry-picking * Fix removed service-to-service peering links (#17221) * docs: fix removed service-to-service peering links * docs: extend peering-via-mesh-gateways intro (thanks @trujillo-adam) --------- Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --------- Co-authored-by: temp Co-authored-by: Michael Hofer Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../gateways/mesh-gateway/peering-via-mesh-gateways.mdx | 6 +++--- website/content/docs/lambda/invoke-from-lambda.mdx | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx b/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx index 97045649b..3cf7eadc6 100644 --- a/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx +++ b/website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx @@ -7,9 +7,7 @@ description: >- # Enabling Peering Control Plane Traffic -In addition to [service-to-service traffic routing](/consul/docs/connect/cluster-peering/usage/establish-cluster-peering), -we recommend routing control plane traffic between cluster peers through mesh gateways -to simplfy networking requirements. +This topic describes how to configure a mesh gateway to route control plane traffic between Consul clusters that share a peer connection. For information about routing service traffic between cluster peers through a mesh gateway, refer to [Enabling Service-to-service Traffic Across Admin Partitions](/consul/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions). Control plane traffic between cluster peers includes the initial secret handshake and the bi-directional stream replicating peering data. @@ -60,6 +58,7 @@ For Consul Enterprise clusters, mesh gateways must be registered in the "default In addition to the [ACL Configuration](/consul/docs/connect/cluster-peering/tech-specs#acl-specifications) necessary for service-to-service traffic, mesh gateways that route peering control plane traffic must be granted `peering:read` access to all peerings. + This access allows the mesh gateway to list all peerings in a Consul cluster and generate unique routing per peered datacenter. @@ -81,6 +80,7 @@ peering = "read" In addition to the [ACL Configuration](/consul/docs/connect/cluster-peering/tech-specs#acl-specifications) necessary for service-to-service traffic, mesh gateways that route peering control plane traffic must be granted `peering:read` access to all peerings in all partitions. + This access allows the mesh gateway to list all peerings in a Consul cluster and generate unique routing per peered partition. diff --git a/website/content/docs/lambda/invoke-from-lambda.mdx b/website/content/docs/lambda/invoke-from-lambda.mdx index fd0da6077..9ce0d0877 100644 --- a/website/content/docs/lambda/invoke-from-lambda.mdx +++ b/website/content/docs/lambda/invoke-from-lambda.mdx @@ -84,7 +84,7 @@ spec: ### Deploy the mesh gateway -The mesh gateway must be running and registered to the Lambda function’s Consul datacenter. Refer to the following documentation and tutorials for instructions: +The mesh gateway must be running and registered to the Lambda function’s Consul datacenter. Refer to the following documentation and tutorials for instructions: - [Mesh Gateways between WAN-Federated Datacenters](/consul/docs/connect/gateways/mesh-gateway/service-to-service-traffic-wan-datacenters) - [Mesh Gateways between Admin Partitions](/consul/docs/connect/gateways/mesh-gateway/service-to-service-traffic-partitions)