Mike Morris
67a11e4d16
Merge pull request #9270 from hashicorp/release/1.9.0
...
merge: release/1.9.0 back into 1.9.x
2020-11-24 17:36:47 -05:00
David Yu
790e30259b
docs: adding Consul 1.9.x to compat matrix and link to Envoy compat matrix ( #9263 )
...
* Adding Consul 1.9.x to compat matrix and link to Envoy compat matrix
Adding 1.9.x and link to Envoy compat matrix
2020-11-24 10:49:53 -08:00
Daniel Nephin
685cb158cf
docs: deprecate some old filter parameters
...
The filtering can be done with the general purpose `filter` query parameter.
2020-11-23 18:23:58 -05:00
Kit Patella
669783f965
Merge pull request #9261 from hashicorp/telemetry/fix-missing-and-stale-docs-2
...
Telemetry/fix missing and stale docs
2020-11-23 13:34:19 -08:00
Hans Hasselberg
25f9e232af
add missing descriptions for metrics
2020-11-23 22:06:30 +01:00
Daniel Nephin
7d7cffb613
docs: mark streaming as experimental
2020-11-23 15:59:47 -05:00
Kit Patella
7a8844ccce
add entries for missing fsm operations and mark duplicated metrics prefixes as deprecated
2020-11-23 12:42:51 -08:00
Sabeen Syed
64733d8a89
Update NIA architecture image ( #9180 )
2020-11-23 01:47:58 -06:00
Kit Patella
3ea27d75e4
Merge pull request #9245 from hashicorp/telemetry/fix-missing-and-stale-docs
...
Telemetry/fix missing and stale docs
2020-11-20 12:54:29 -08:00
Kit Patella
4ad076207e
add telemetry and definition help entries for missing catalog and acl metrics
2020-11-19 13:29:44 -08:00
R.B. Boyer
7bcbc59dea
command: when generating envoy bootstrap configs use the datacenter returned from the agent services endpoint ( #9229 )
...
Fixes #9215
2020-11-19 15:27:31 -06:00
Kit Patella
46205bbf27
remove stale entries and rename/define acl.resolveToken
2020-11-19 13:06:28 -08:00
Freddy
e4e306210a
Require operator:write to get Connect CA config ( #9240 )
...
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh.
--
This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.
2020-11-19 10:14:48 -07:00
Kit Patella
c5af73c4f1
Merge pull request #9091 from scellef/correct-upgrade-guide
...
Correcting text on when default was changed in Consul
2020-11-18 16:54:48 -08:00
Nitya Dhanushkodi
866628b6e8
Add docs for envoyExtraArgs ( #9206 )
2020-11-18 15:40:39 -08:00
Matt Keeler
4bca029be9
Refactor to call non-voting servers read replicas ( #9191 )
...
Co-authored-by: Kit Patella <kit@jepsen.io>
2020-11-17 10:53:57 -05:00
Matt Keeler
a7d945e7b9
[docs] Change links to the DNS information to the right place ( #8675 )
...
The redirects were working in many situations but some (INTERNALS.md) was not. This just flips everything over to using the real link.
2020-11-17 10:03:00 -05:00
Luke Kysow
292058c569
Docs for upgrading to CRDs ( #9176 )
...
* Add Upgrading to CRDs docs
2020-11-13 15:19:21 -08:00
Kent 'picat' Gruber
4ffa3e66d9
Merge pull request #9106 from hashicorp/security-model-docs-revamp
...
Revamp Security Model Documentation
2020-11-13 17:30:24 -05:00
Mike Morris
4902e42ca4
Merge pull request #9155 from hashicorp/release/1.9.0-beta3
...
merge: 1.9.0-beta3
2020-11-13 16:45:50 -05:00
Kyle Schochenmaier
2504ddc9f1
Docs: for consul-k8s health checks ( #8819 )
...
* docs for consul-k8s health checks
Co-authored-by: Derek Strickland <1111455+DerekStrickland@users.noreply.github.com>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2020-11-12 16:55:44 -06:00
Nitya Dhanushkodi
1bd1f44bf2
Update compatibility matrix
...
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
2020-11-12 14:43:33 -08:00
R.B. Boyer
a5bd1ba323
agent: return the default ACL policy to callers as a header ( #9101 )
...
Header is: X-Consul-Default-ACL-Policy=<allow|deny>
This is of particular utility when fetching matching intentions, as the
fallthrough for a request that doesn't match any intentions is to
enforce using the default acl policy.
2020-11-12 10:38:32 -06:00
Paul Banks
990134371b
Update ui-visualization.mdx
2020-11-12 15:52:24 +00:00
Matt Keeler
58f98db227
Add a CLI command for retrieving the autopilot configuration. ( #9142 )
2020-11-11 13:19:02 -05:00
Joel Watson
4b9034b976
Merge pull request #9098 from hashicorp/watsonian/kv-size-breakdown
...
Add detailed key size breakdown to snapshot inspect
2020-11-11 11:34:45 -06:00
Joel Watson
1dd5362620
docs: add warning in 0.9.0 upgrade notes
2020-11-11 09:23:43 -05:00
Joel Watson
a88177fbf9
Missed a spot with old params in docs
2020-11-10 11:22:45 -06:00
Joel Watson
aa21a32ca5
Rename params to better reflect their purpose
2020-11-10 10:44:09 -06:00
Joel Watson
4298a0f7e1
Make docs for params clearer
2020-11-10 10:35:24 -06:00
Matt Keeler
114521af25
Add some autopilot docs and update the changelog ( #9139 )
2020-11-09 14:14:19 -05:00
Matt Keeler
755fb72994
Switch to using the external autopilot module
2020-11-09 09:22:11 -05:00
Mike Morris
9ccb340893
chore: upgrade to gopsutil/v3 ( #9118 )
...
* deps: update golang.org/x/sys
* deps: update imports to gopsutil/v3
* chore: make update-vendor
2020-11-06 20:48:38 -05:00
Mike Morris
4ac5e4638c
website: update callout to 1.9.0-beta2 ( #9131 )
2020-11-06 20:39:25 -05:00
Kent 'picat' Gruber
aa46893717
Adjust the ACLs requirement section wording and add link to ACL docs
...
It's better to avoid the ambiguous Vault statement that was not clarified and drop the loaded "roles" term in favor of "capabilities" since the ACL system is described as capability-based in previous ACL documentation.
2020-11-06 16:25:21 -05:00
Paul Banks
1757ed6326
UI Metrics documentation ( #9048 )
...
* UI Metrics documentation
* Update website/pages/docs/connect/observability/ui-visualization.mdx
* Fix some review comments
* Fix review comments
* Apply suggestions from code review
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-11-06 20:32:28 +00:00
Kent 'picat' Gruber
7d692f0b13
Use the EnterpriseAlert inline widget
2020-11-06 10:47:22 -05:00
Kent 'picat' Gruber
9e1054097b
Add mention of auto_encrypt to mTLS requirements
2020-11-06 10:15:26 -05:00
Kent 'picat' Gruber
c3aa90fe27
Fix sublist format for client agent threats
2020-11-05 16:41:15 -05:00
Kent 'picat' Gruber
e0735f6fe0
Add link to the keygen command
2020-11-05 16:34:32 -05:00
Kent 'picat' Gruber
0fa4a13233
Use short link to keyring command
2020-11-05 16:33:04 -05:00
Kent 'picat' Gruber
8e1b9cb177
Add link to default_policy with code format to ACLs requirement section
2020-11-05 16:30:00 -05:00
Kent 'picat' Gruber
845cd6d1da
Cleanup verify_server_hostname mTLS requirement
2020-11-05 16:27:23 -05:00
Kent 'picat' Gruber
99906ad09d
Add extra clarification around verify_incoming_https for localhost
...
In many cases access to localhost is restricted to trusted/privellged actors only
2020-11-05 16:20:41 -05:00
Kent 'picat' Gruber
f2c124702c
Fix inline links + format in mTLS requirements section
2020-11-05 16:09:07 -05:00
Kent 'picat' Gruber
e39c20c715
Capitalize enterprise and add link to enerprise docs
2020-11-05 16:03:14 -05:00
Kent 'picat' Gruber
6688fc7e5c
Soften language by replacing utilize with use
2020-11-05 15:59:53 -05:00
Kim Ngo
43f3a42a11
Fix NIA doc links ( #9110 )
...
fix config link and anchor
2020-11-05 13:35:57 -06:00
Joel Watson
4ae01f349a
Update docs with new flags
2020-11-05 10:31:36 -06:00
Kent 'picat' Gruber
2c62e82143
Actually fix spelling of recommendations
...
I obviously have no idea how to spell this word
2020-11-05 11:13:14 -05:00
Kent 'picat' Gruber
ef4c2f40d7
Fix spelling of recomendations
...
Thank you @rboyer!
2020-11-04 17:44:51 -05:00
Kent 'picat' Gruber
9f802dffc2
Revamp security model documentation
2020-11-04 17:05:44 -05:00
Sean Ellefson
7180f9e114
Correcting text on when default was changed in Consul
2020-11-02 15:10:34 -08:00
s-christoff
ee3eb03f50
cli: Add JSON and Pretty Print formatting for consul snapshot inspect
( #9006 )
2020-10-29 11:31:14 -05:00
Kim Ngo
1b0efbfd27
docs: Add links in CTS docs for the community to get involved ( #9060 )
2020-10-29 10:07:20 -05:00
Daniel Nephin
cfe0ffde15
Merge pull request #9026 from hashicorp/dnephin/streaming-without-cache-query-param
...
streaming: rename config and remove requirement for cache=1
2020-10-28 12:33:25 -04:00
Daniel Nephin
aaca3610ff
docs: Add the new metrics to telemetry.mdx
2020-10-27 16:49:50 -04:00
Kevin Pruett
7589b0f265
Merge pull request #9021 from hashicorp/pruett.alertbanner-exp
...
Expose `expirationDate` prop in <AlertBanner/>
2020-10-26 16:08:23 -04:00
Kim Ngo
bb4d43ae50
NIA: add Terraform version compatibility ( #9023 )
2020-10-26 09:46:34 -05:00
Daniel Nephin
1dcbfd17c3
health: change the name of UseStreamingBackend config
...
Remove it from the cache section, and update the docs.
2020-10-23 17:47:01 -04:00
Kevin Pruett
895110ef11
Expose expirationDate
prop in <AlertBanner/>
2020-10-23 11:19:41 -04:00
James Light
728b025d5d
Update managed-deprecated.mdx ( #9016 )
...
fix typo / spell checker replacing w/ wrong word
2020-10-23 10:54:16 -04:00
R.B. Boyer
2183842f0e
connect: add support for envoy 1.16.0, drop support for 1.12.x, and bump point releases as well ( #8944 )
...
Supported versions will be: "1.16.0", "1.15.2", "1.14.5", "1.13.6"
2020-10-22 13:46:19 -05:00
Kim Ngo
e65934a549
NIA: document daemon exiting on task errors ( #8985 )
2020-10-22 13:22:55 -05:00
Blake Covarrubias
00f4ac9f6c
Add extraEnvironmentVars and client.affinity to Helm values ( #8997 )
...
Document client.extraEnvironmentVars, server.extraEnvironmentVars, and
client.affinity Helm chart values.
Remove deprecated connectInject.imageEnvoy and meshGateway.imageEnvoy
values.
2020-10-21 23:28:39 -07:00
Blake Covarrubias
e4f72840ab
docs: Remove sentence about pluggable CAs
...
Consul's Connect CA documentation mentions future releases will
support a pluggable CA system. This sentence has existed in the docs
for over two years, however there are currently no plans to develop
this feature on the near-term roadmap.
This commit removes this sentence to avoid giving the impression that
this feature will be available in an upcoming release.
2020-10-20 11:51:22 -07:00
Sabeen Syed
aabd0130a9
Update links ( #8949 )
2020-10-19 14:38:10 -05:00
Sabeen Syed
cc520e13fa
Add A10 and Checkpoint TF modules ( #8950 )
2020-10-15 16:11:09 -05:00
Luke Kysow
b4897cca6e
Update to CRD docs ( #8956 )
...
* Update to CRD docs
* Update website/pages/docs/k8s/crds.mdx
* Modify proxy default and service default protocols
Carry over from previous PR that I forgot to submit a review/suggestion to, TCP and HTTP are not valid protocols for Proxy Defaults and Service Defaults
kubectl apply -f sdefault.yml
Error from server: error when creating "sdefault.yml": admission webhook "mutate-servicedefaults.consul.hashicorp.com" denied the request: servicedefaults.consul.hashicorp.com "your-service-name" is invalid: spec.expose.paths[0].protocol: Invalid value: "tcp": must be one of "http", "http2"
kubectl apply -f sdefault.yml
Error from server: error when creating "sdefault.yml": admission webhook "mutate-servicedefaults.consul.hashicorp.com" denied the request: servicedefaults.consul.hashicorp.com "your-service-name" is invalid: spec.expose.paths[0].protocol: Invalid value: "tcp": must be one of "http", "http2"
Co-authored-by: David Yu <dyu@hashicorp.com>
2020-10-15 10:35:26 -07:00
Kit Patella
5825f5f6be
truncate jepsen.mdx log for length
2020-10-14 13:13:38 -07:00
R.B. Boyer
7093b2ea43
docs: all intention documentation updates ( #8869 )
2020-10-14 10:23:05 -05:00
Preetha
e7cc973c7c
Merge pull request #8920 from hashicorp/crd-docs
...
CRD Docs
2020-10-14 09:42:45 -05:00
Luke Kysow
1d5fc07248
CRD docs
2020-10-13 17:00:24 -07:00
Luke Kysow
4cdb2ca066
Recommend using vault token auto-renew in 1.8.5 ( #8945 )
2020-10-13 16:18:19 -07:00
Peter M
2a2670ea39
Add files via upload
...
updating logo grid image
2020-10-13 15:16:34 -07:00
Kyle Havlovitz
d1402b5386
Merge pull request #8943 from hashicorp/vault-renew-docs
...
docs: Add a note about auto-renewing the Vault token
2020-10-13 14:36:44 -07:00
Mike Morris
6ebfd29658
website: add v1.9.0-beta1 download callout ( #8939 )
2020-10-13 17:33:49 -04:00
Kyle Havlovitz
37f95e6e79
docs: Add a note about auto-renewing the Vault token
2020-10-13 14:25:42 -07:00
Paul Banks
25956c58dd
Add ui metrics config docs ( #8921 )
...
* Add ui metrics docs
* Update website/pages/docs/agent/options.mdx
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-10-13 22:11:12 +01:00
Sabeen Syed
2491177d37
Remove email address ( #8931 )
2020-10-13 13:16:06 -05:00
Kim Ngo
30993a7495
Add docs on what activates task execution ( #8936 )
2020-10-13 11:47:30 -05:00
Lorna Song
38989b9c77
Update Requirements doc: Terraform module links
...
Update "Using Terraform Modules" with latest module links from partners
2020-10-13 09:26:39 -06:00
Brandon Romano
8d475e5e3b
Plugs in proper links for NIA page
2020-10-12 20:39:34 -07:00
Brandon Romano
51ac5c31b5
Fix failed build
2020-10-12 19:38:43 -07:00
Peter M
0df5077d99
Update network-infrastructure-automation.jsx
2020-10-12 19:20:48 -07:00
pcmccarron
bb7f305a99
updating use case pages
2020-10-12 19:20:48 -07:00
pcmccarron
d3f74c4227
updating NIA use case page
2020-10-12 19:20:48 -07:00
Iryna Shustava
713c50ef7b
Update compatibility matrix ( #8928 )
2020-10-12 18:03:54 -07:00
Iryna Shustava
72ac873857
docs: add Helm docs for openshift; also add other missing Helm docs ( #8833 )
2020-10-12 16:35:20 -07:00
Sabeen Syed
518a138df4
Update a link and reword some sentences ( #8925 )
...
Update PANOS link
Update sentences
2020-10-12 17:40:01 -05:00
Ricardo Oliveira
30fc50397a
Update service-defaults.mdx ( #8780 )
2020-10-09 13:43:52 -07:00
s-christoff
a62705101f
Enhance the output of consul snapshot inspect ( #8787 )
2020-10-09 14:57:29 -05:00
Ashwin Venkatesh
251e468ec4
Initial docs commit
2020-10-09 15:54:15 -04:00
Kit Patella
0419efe9e1
Merge pull request #8913 from hashicorp/mkcp/docs/add-missing-options
...
adds missing options.mdx entry for telemetry {disable_compat_1.9}
2020-10-09 12:35:46 -07:00
Kit Patella
333e23984e
adds missing options.mdx entry for telemetry {disable_compat_1.9}
2020-10-09 12:29:40 -07:00
Blake Covarrubias
4d8393d8cb
doc: Update acl-method command example ( #8845 )
...
* Update acl-method command example
* add tailing backtick
2020-10-09 12:26:14 -07:00
Kim Ngo
fe8f4c5169
Minor updates to NIA partner docs ( #8912 )
...
* Renames Terraform module registry to its new name Terraform Registry
2020-10-09 14:16:45 -05:00
Sabeen Syed
ef2b6f848e
Docs: Nia/docs tech preview ( #8908 )
...
* Add outline and basic content for Tech Preview docs
* Add Tech Preview tag
* Add auto-labler for Consul Terrform Sync
* Add Consul Terraform Sync config docs (#8837 )
* CLI Docs for Consul Terraform Sync
* Task Docs for Consul Terraform Sync
* Add docs for NIA Terraform driver (#8871 )
* Update Installation Docs for Consul Terraform Sync
* Initial high level architecture overview (#8872 )
* Docs: compatible Terraform modules for Consul-Terraform-Sync (#8887 )
* Update Requirements Docs for Consul Terraform Sync
* Remove empty partner module sections
2020-10-09 13:37:20 -05:00
Daniel Nephin
dd0e8d42c4
Merge pull request #8825 from hashicorp/streaming/add-config
...
streaming: add config and docs
2020-10-09 14:33:58 -04:00
Sabeen Syed
64eefe7e7e
Docs: Nia/docs partner integration ( #8907 )
...
* Add NIA Integration Program page
* Update name to Consul-Terraform-Sync and add Tech Preview tags
* Update diagram to include sequence numbers
* Remove Tech Preview tags and Update Images
* Add TF module naming convention, update image and links
* Add a note, update PANW link, and working updates
* Update URLs to local path
2020-10-09 13:22:18 -05:00