Commit graph

1919 commits

Author SHA1 Message Date
freddygv 775ea7af6e Remove docs refs to NS inference from ACL token 2019-12-10 13:50:28 -07:00
Matt Keeler 442924c35a
Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
Iryna Shustava 26cf9e2860
Merge pull request #6902 from hashicorp/k8s-auto-join-min-perms
Clarify the minimum permissions required for k8s auto-join
2019-12-06 13:35:15 -08:00
Iryna Shustava e51e5c0901
Clarify minimum perms required for k8s auto-join 2019-12-06 12:57:47 -08:00
Hans Hasselberg 368d5c643f
tls: auto_encrypt and verify_incoming (#6811) (#6899)
* relax requirements for auto_encrypt on server
* better error message when auto_encrypt and verify_incoming on
* docs: explain verify_incoming on Consul clients.
2019-12-06 21:36:13 +01:00
Luke Kysow 70dc714a48
Link directly to reset 2019-12-06 09:38:52 -08:00
Matt Keeler b9996e6bbe
Add Namespace support to the API module and the CLI commands (#6874)
Also update the Docs and fixup the HTTP API to return proper errors when someone attempts to use Namespaces with an OSS agent.

Add Namespace HTTP API docs

Make all API endpoints disallow unknown fields
2019-12-06 11:14:56 -05:00
Blake Covarrubias da34b90ad8 docs: Fix expose path HTTP listener ports
The listener ports specified in the headings for the HTTP and HTTP2
examples do not match the ports in the corresponding service
registration configurations.

This commit changes the port specified in the heading for the HTTP
listener to match the port used in the service registration example.

In addition, the listener_port specified for the HTTP2 listener is
modified to match the port number specified in the heading.
2019-12-05 09:00:52 -08:00
Li Kexian a013020355 add tencentcloud auto join docs (#6818) 2019-12-05 12:36:44 +00:00
Luke Kysow ce149917e4
Reorg helm chart docs
- Remove duplicate install instructions from the Helm Chart page and
kept them in Running Consul
- Renamed Helm Chart to Helm Chart Reference because that's mostly what
it contains (along with some examples)
- Renamed Running Consul to Installing Consul
- Changed instructions to be for installing using Helm 3 and added
  notes if using Helm 2
- Used release name "hashicorp" so subsequent instructions can be more
concise and pastable, e.g. "port forward to svc/hashicorp-consul-server" vs. "port
forward to svc/<your release name>-consul-server"
- Use config.yaml as the name for the override values file since it
differentiates from the default values.yaml file and its the name of the
file used in the helm docs
(https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing)
2019-12-03 17:49:05 -08:00
Chris Piraino 2a95701341
Allow configuration of upstream connection limits in Envoy (#6829)
* Adds 'limits' field to the upstream configuration of a connect proxy

This allows a user to configure the envoy connect proxy with
'max_connections', 'max_queued_requests', and 'max_concurrent_requests'. These
values are defined in the local proxy on a per-service instance basis
and should thus NOT be thought of as a global-level or even service-level value.
2019-12-03 14:13:33 -06:00
Tyler Ryan 3d46c1a3f5 Docs/consul k8s existing pvc (#6872)
Update docs for using pre-existing PVCs with helm
2019-12-03 11:14:25 -08:00
Luke Kysow ea2570a79b
Merge pull request #6855 from hashicorp/opaque-config-examples
Document how to json encode envoy config
2019-12-02 17:55:07 -08:00
Luke Kysow 841361a0f3
Merge pull request #6798 from hashicorp/namespace-selector-docs
Fix documentation for namespaceSelector
2019-12-02 17:54:04 -08:00
Luke Kysow 8e901d7d4a
Fix documentation for namespaceSelector
Also remove the example for using namespace selector because it requires
labelling a namespace which is harder to explain.
2019-12-02 12:25:38 -08:00
Luke Kysow a0b1cd30a1
Document how to json encode envoy config
It wasn't clear how users should encode their config.
2019-11-29 09:43:42 -08:00
Luke Kysow 87d359bb8c
Fix helm docs bug
If the ServiceAccount isn't applied first, we get an error since the Pod
references a non-existing ServiceAccount
2019-11-29 09:17:56 -08:00
Luke Kysow d7a4347307
Merge pull request #6722 from hashicorp/jump-to-section
Add "jump to section" dropdown
2019-11-26 12:20:26 -08:00
Luke Kysow 21d18471a1
Add "jump to section" dropdown 2019-11-26 11:58:23 -08:00
Matt Keeler 90ae4a1f1e
OSS KV Modifications to Support Namespaces 2019-11-25 12:57:35 -05:00
rerorero e1c79c69c4 docs: Fix links to K8s L7 observability guide (#6834) 2019-11-22 18:51:33 -08:00
Blake Covarrubias 854a4bbd49 docs: Fix links to Sentinel docs for Consul
Current URL returns a 404 error. Correct links to point to the proper
URL.
2019-11-22 10:41:01 -08:00
Paul Banks a84b82b3df
connect: Add AWS PCA provider (#6795)
* Update AWS SDK to use PCA features.

* Add AWS PCA provider

* Add plumbing for config, config validation tests, add test for inheriting existing CA resources created by user

* Unparallel the tests so we don't exhaust PCA limits

* Merge updates

* More aggressive polling; rate limit pass through on sign; Timeout on Sign and CA create

* Add AWS PCA docs

* Fix Vault doc typo too

* Doc typo

* Apply suggestions from code review

Co-Authored-By: R.B. Boyer <rb@hashicorp.com>
Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Doc fixes; tests for erroring if State is modified via API

* More review cleanup

* Uncomment tests!

* Minor suggested clean ups
2019-11-21 17:40:29 +00:00
kaitlincarter-hc 44dd24d099
[WIP] Kubernetes Docs (#6770)
* adding cloud providers for k8s

* adding links

* added utm parameters

* Updating descriptions

* fix sidenav

* renaming page minikube
2019-11-18 12:00:01 -06:00
Chris Piraino d027daf221 docs: add sentence linking to available service-resolver filters
Resolves #6434
2019-11-18 09:38:36 -06:00
Blake Covarrubias 06cb3d8deb Add missing docs for checks Watch type (#5188)
Add configuration examples for specifying watch checks by health check
state or service, and corresponding CLI examples.

Resolves: #5188
2019-11-13 11:24:35 -08:00
Paul Banks 1197b43c7b
Support Connect CAs that can't cross sign (#6726)
* Support Connect CAs that can't cross sign

* revert spurios mod changes from make tools

* Add log warning when forcing CA rotation

* Fixup SupportsCrossSigning to report errors and work with Plugin interface (fixes tests)

* Fix failing snake_case test

* Remove misleading comment

* Revert "Remove misleading comment"

This reverts commit bc4db9cabed8ad5d0e39b30e1fe79196d248349c.

* Remove misleading comment

* Regen proto files messed up by rebase
2019-11-11 21:36:22 +00:00
John Cowen 2a8f876ec1 docs: Add link to config entries 2019-11-08 09:51:39 -08:00
Blake Covarrubias bc42074f57
docs: Miscellaneous docs cleanup (#6742)
Fix spelling errors, API doc inconsistencies, and formatting issues.

* Fix several spelling errors.
* Prepend / to v1/event/list path in Watches.
* Rename script handlers to match Watch type.
* Remove /v1 path prefix on service health API endpoints.

Makes request path consistent with the rest of the HTTP API
documentation which does not include the /v1 prefix.

* Fix bracket formatting issue on Telemetry page.

The HTML codes used for brackets inside of the code block are not
interpolated, and are shown as literal strings.

Replace the numeric HTML codes with the intended character value to
fix display formatting.

Also placed variable reference on agent/options.html inside code block
for consistency with the presentation of other options on the page.

* Add missing word to Coordinate.Node docstring.

Resolves #6014
2019-11-05 20:34:46 -08:00
Robert Hencke b759bc7c00 [docs] Fix sentence order for GCE Cloud Auto-Join 2019-11-04 12:27:58 -08:00
Yahya ea3b6986a5 [Docs] Fix typo (#6523) 2019-11-04 15:17:28 -05:00
Charlie Voiselle 3c7587c9ab
Merge pull request #6710 from hashicorp/docs/connect-nomad
[docs] Updating Nomad Consul Connect info
2019-11-04 14:18:03 -05:00
R.B. Boyer 7994712731
docs: fix hcl use on production acls guide (#6739)
Also clean up some general whitespace formatting.
2019-11-04 11:11:59 -06:00
Paul Banks 5f405c3277
Fix support for RSA CA keys in Connect. (#6638)
* Allow RSA CA certs for consul and vault providers to correctly sign EC leaf certs.

* Ensure key type ad bits are populated from CA cert and clean up tests

* Add integration test and fix error when initializing secondary CA with RSA key.

* Add more tests, fix review feedback

* Update docs with key type config and output

* Apply suggestions from code review

Co-Authored-By: R.B. Boyer <rb@hashicorp.com>
2019-11-01 13:20:26 +00:00
R.B. Boyer e0e3ec1f32
docs: mention that all logging flags also work in the config file (#6705) 2019-10-31 16:15:48 -05:00
Luke Kysow db2ca07f98
Merge pull request #6583 from hashicorp/connect-annotations
Document new annotations for Connect injections
2019-10-31 12:58:43 -07:00
kaitlincarter-hc 18484ae775 removed the term easy and updated the formatting 2019-10-29 15:59:21 -05:00
Charlie Voiselle 820b2bc8f1 Updating Nomad Consul Connect info 2019-10-29 16:53:25 -04:00
Sarah Christoff 86b30bbfbe
Set MinQuorum variable in Autopilot (#6654)
* Add MinQuorum to Autopilot
2019-10-29 09:04:41 -05:00
Sarah Christoff 969d51781a
Update -protocol doc (#6681)
* Update -protocol to have more clear version wording

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>
2019-10-29 08:41:28 -05:00
Luke Kysow 7a08629b32
Merge pull request #6683 from hashicorp/service-account-connect-inject-docs
Document service account name requirements
2019-10-28 10:26:52 -07:00
Luke Kysow 1b1b41b62e
Document service account name requirements
If ACLs are enabled, service account name must match the name of the
service in Consul.

Fixes https://github.com/hashicorp/consul-helm/issues/202
2019-10-24 16:51:51 -07:00
kaitlincarter-hc fd8e6d1a65
missed UTM parameter (#6679) 2019-10-24 12:29:54 -05:00
kaitlincarter-hc 4fbe4f40ca
fixing ACL reset links (#6678) 2019-10-24 12:22:08 -05:00
kaitlincarter-hc 136a7a2fa8
Top Navigation change (#6630)
* Changed Guides to Learn in the top nav and added utm parameters to the guide index page

* Update website/source/docs/guides/index.html.md

* Update website/source/docs/guides/index.html.md

* Update website/source/layouts/layout.erb
2019-10-21 14:19:27 -05:00
kaitlincarter-hc b5b7925264
updating broken link (#6633) 2019-10-16 16:18:39 -05:00
PHBourquin 16ca8340c1 Checks to passing/critical only after reaching a consecutive success/failure threshold (#5739)
A check may be set to become passing/critical only if a specified number of successive
checks return passing/critical in a row. Status will stay identical as before until
the threshold is reached.
This feature is available for HTTP, TCP, gRPC, Docker & Monitor checks.
2019-10-14 21:49:49 +01:00
kaitlincarter-hc 1a373271e3
[docs] Adding Links to Learn (#6611)
* adding links to Learn

* fixing a couple typos

* adding utm paramaters

* Update website/source/docs/connect/registration/sidecar-service.md

* Update website/source/docs/connect/registration/sidecar-service.md

* Update website/source/docs/acl/acl-system.html.md

* Update website/source/docs/acl/acl-system.html.md

* Update website/source/docs/agent/encryption.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/connect/proxies/built-in.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/connect/registration/sidecar-service.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/install/index.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/agent/kv.html.md

* Update website/source/docs/connect/security.html.md

* Update website/source/docs/connect/security.html.md

* Update website/source/docs/internals/architecture.html.md
2019-10-14 10:40:35 -05:00
Luke Kysow 9093b99dfd
Document new annotations for Connect injections 2019-10-04 15:31:24 -07:00
Sarah Christoff 9b93dd93c9
Prune Unhealthy Agents (#6571)
* Add -prune flag to ForceLeave
2019-10-04 16:10:02 -05:00
Freddy 349fa7f97d
Update Force Leave docs (#6550)
Fixes #2742

Previously the docs didn't clarify that if a server restarts as a client then force-leave won't lead to removing the node from the raft config. This is because the node, which is alive after a restart, will refute messages about it having left . These messages about members leaving are in turn what trigger Consul's leader to remove a server from raft.
2019-09-27 17:49:28 -06:00
Mike Morris 3434c8289d
docs: add managed proxy removal note to specific version upgrade notes (#6557) 2019-09-27 10:52:47 -04:00
Judith Malnick 746f786a9f
Specify that mesh gateways require Envoy (#6506)
* Specify that mesh gateways must operate on L7

* Add feedback from Matt

* clarify gateway requirements
2019-09-26 20:06:58 -07:00
Freddy 5eace88ce2
Expose HTTP-based paths through Connect proxy (#6446)
Fixes: #5396

This PR adds a proxy configuration stanza called expose. These flags register
listeners in Connect sidecar proxies to allow requests to specific HTTP paths from outside of the node. This allows services to protect themselves by only
listening on the loopback interface, while still accepting traffic from non
Connect-enabled services.

Under expose there is a boolean checks flag that would automatically expose all
registered HTTP and gRPC check paths.

This stanza also accepts a paths list to expose individual paths. The primary
use case for this functionality would be to expose paths for third parties like
Prometheus or the kubelet.

Listeners for requests to exposed paths are be configured dynamically at run
time. Any time a proxy, or check can be registered, a listener can also be
created.

In this initial implementation requests to these paths are not
authenticated/encrypted.
2019-09-25 20:55:52 -06:00
R.B. Boyer cc889443a5
connect: don't colon-hex-encode the AuthorityKeyId and SubjectKeyId fields in connect certs (#6492)
The fields in the certs are meant to hold the original binary
representation of this data, not some ascii-encoded version.

The only time we should be colon-hex-encoding fields is for display
purposes or marshaling through non-TLS mediums (like RPC).
2019-09-23 12:52:35 -05:00
Luke Kysow c5fca5d4b5
Update consul-helm enterprise docs for ACLs
If ACLs are added then slightly different commands are needed.
2019-09-19 15:09:38 -07:00
Luke Kysow bd789f1011
Update Consul DNS on kube docs
- fix instructions for CoreDNS (it updated)
- fix instructions for new component names
- recommend installing with the name 'consul'
- add disclaimer that catalog sync is not always required
- clean up example values.yaml files
2019-09-19 15:09:38 -07:00
Iryna Shustava ca98bd0eb8
Merge pull request #6500 from hashicorp/typo-fix
Fix typo in "Service Ports" section
2019-09-18 13:11:52 -07:00
kaitlincarter-hc 483870b01a
[docs]Updated Containers Guide (#6215)
* Adding the updated containers guide that will be deployed on Learn only.

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md
2019-09-17 13:35:46 -07:00
Iryna Shustava b3f1b5afd5
Fix typo in "Service Ports" section 2019-09-17 12:05:04 -07:00
Blake Covarrubias d6f2371fcd docs: Fix typo in acl/acl-rules 2019-09-13 19:50:35 -07:00
Hans Hasselberg 62de041a36
docs (Consul Enterprise): Google Cloud Storage snapshot documentation (#6480) 2019-09-13 17:54:15 +02:00
Jud White 25aab18339 docs: fix typo in install/performance (#6428) 2019-09-09 21:23:25 +01:00
dcallao 876a7cbef9 fixed broken links on consul program page (#6463) 2019-09-06 17:18:59 -04:00
dcallao 58f19c5918 docs: added Consul Integration Program Docs Page (#6459)
* adding the Consul Integration Program page in docs section
2019-09-06 14:52:18 -04:00
Freddy 51fbcc5fcd
Rephrase bind docs (#6394) 2019-08-26 11:31:55 -06:00
R.B. Boyer 2d4a3b51d0
Merge pull request #6388 from hashicorp/release/1-6
merging release/1-6 into master
2019-08-23 13:44:46 -05:00
Anudeep Reddy 02197b2cd2 Update observability.html.md (#6379) 2019-08-23 17:07:48 +02:00
danielehc 992b1a8d88
Update agent.html.markdown.erb (#6380)
Adding a note on how to make Consul trust S3-compatible storage that expose a self-signed certificate.
2019-08-23 16:09:41 +02:00
R.B. Boyer 17bf364668
docs: remove beta references; leave version notation (#6372) 2019-08-21 16:23:08 -05:00
R.B. Boyer e7b8032b48
docs: document how envoy escape hatches work with the discovery chain (#6350)
- Bootstrap escape hatches are OK.
- Public listener/cluster escape hatches are OK.
- Upstream listener/cluster escape hatches are not supported.

If an unsupported escape hatch is configured and the discovery chain is
activated log a warning and act like it was not configured.

Fixes #6160
2019-08-21 15:10:12 -05:00
Alvin Huang 387557dc34 Merge Consul OSS branch 'master' at commit ce9cfc773d529ae4b8259d195323c0c350c1f9f1 2019-08-21 16:07:04 -04:00
R.B. Boyer 5f9acb6894 docs: fixing L7 config entries documentation (#6358)
- add service-router example involving gRPC
- fix indentation on service-router page by splitting it up
- remove reference to removed setting
2019-08-21 12:29:53 -05:00
R.B. Boyer e04395ae1a docs: add documentation for discovery chains
Fixes #6273
2019-08-21 12:29:53 -05:00
Ján Dzurek e79a3a9e19 docs: ports docs missing paren fix (#6367) 2019-08-21 10:23:03 +02:00
hashicorp-ci f3a46e5a48 Merge Consul OSS branch 'master' at commit a7ded1bd8efcbc3c67978f050b6f16ec5e8a832d 2019-08-21 02:00:53 +00:00
Matt Keeler 80b67c50da
Turned on Envoy 1.11.1 integration tests (#6347)
I also ran this against 1.5.2 so the docs update claiming compatibility should still be accurate.
2019-08-20 10:20:13 -04:00
tryan225 a57dbc0d2a Clarifying autopilot bootstrap and config options 2019-08-16 10:54:13 -07:00
hashicorp-ci 29767157ed Merge Consul OSS branch 'master' at commit 8f7586b339dbb518eff3a2eec27d7b8eae7a3fbb 2019-08-13 02:00:43 +00:00
Sarah Adams 2f7a90bc52
add flag to allow /operator/keyring requests to only hit local servers (#6279)
Add parameter local-only to operator keyring list requests to force queries to only hit local servers (no WAN traffic).

HTTP API: GET /operator/keyring?local-only=true
CLI: consul keyring -list --local-only

Sending the local-only flag with any non-GET/list request will result in an error.
2019-08-12 11:11:11 -07:00
hashicorp-ci eb53f9175c Merge Consul OSS branch 'master' at commit 8241787e922955e973c0e762ad3cb8db1804f6cd 2019-08-11 02:01:18 +00:00
Jake Lundberg a530fee06e docs: Update consul-helm example to pull latest tag 2019-08-09 16:33:43 -06:00
Mike Morris 88df658243
connect: remove managed proxies (#6220)
* connect: remove managed proxies implementation and all supporting config options and structs

* connect: remove deprecated ProxyDestination

* command: remove CONNECT_PROXY_TOKEN env var

* agent: remove entire proxyprocess proxy manager

* test: remove all managed proxy tests

* test: remove irrelevant managed proxy note from TestService_ServerTLSConfig

* test: update ContentHash to reflect managed proxy removal

* test: remove deprecated ProxyDestination test

* telemetry: remove managed proxy note

* http: remove /v1/agent/connect/proxy endpoint

* ci: remove deprecated test exclusion

* website: update managed proxies deprecation page to note removal

* website: remove managed proxy configuration API docs

* website: remove managed proxy note from built-in proxy config

* website: add note on removing proxy subdirectory of data_dir
2019-08-09 15:19:30 -04:00
Matt Keeler ef7cbc5850
mesh-gateway ACL tokens should also have node:read on everyth… (#6291) 2019-08-07 13:52:57 -04:00
Alvin Huang ae898a4a33 Merge remote-tracking branch 'origin/master' into release/1-6 2019-08-02 18:09:32 -04:00
Omer Zach 1e80fc9c0f Fix typo in architecture.html.md (#6261) 2019-08-01 12:21:37 -06:00
Venkata Krishna Annam 5011f305e0 docs: Fix minor mistakes in index.html.md (#6239) 2019-08-01 12:57:26 -05:00
freddygv 00157a2c1f Update default gossip encryption key size to 32 bytes 2019-07-30 09:45:41 -06:00
Alvin Huang 7972514b82 Merge remote-tracking branch 'origin/master' into release/1-6 2019-07-26 16:22:53 -04:00
Matt Keeler 9dd72121e1
Set --max-obj-name-len 256 when execing Envoy (#6202)
* Pass -max-obj-name-len 256 to envoy

* Update test expectations.

* Add a note about requireing the max-obj-name-len option to be set
2019-07-26 15:43:15 -04:00
Todd Radel c253a23630
Merge pull request #6210 from hashicorp/docs/fix-ambassador-link
Fix links to ambassador website
2019-07-26 14:29:03 -04:00
R.B. Boyer 1b95d2e5e3 Merge Consul OSS branch master at commit b3541c4f34d43ab92fe52256420759f17ea0ed73 2019-07-26 10:34:24 -05:00
Mike Morris 2c78c476a0
docs: add TCP half-close broken pipe to common errors (#6203) 2019-07-25 16:01:33 -04:00
Todd Radel 7575bce5c9 Fix links to ambassador website 2019-07-24 13:23:49 -04:00
R.B. Boyer bd4a2d7be2
connect: allow L7 routers to match on http methods (#6164)
Fixes #6158
2019-07-23 20:56:39 -05:00
R.B. Boyer 67f3da61af
connect: change router syntax for matching query parameters to resemble the syntax for matching paths and headers for consistency. (#6163)
This is a breaking change, but only in the context of the beta series.
2019-07-23 20:55:26 -05:00
R.B. Boyer 2bfad66efa
connect: rework how the service resolver subset OnlyPassing flag works (#6173)
The main change is that we no longer filter service instances by health,
preferring instead to render all results down into EDS endpoints in
envoy and merely label the endpoints as HEALTHY or UNHEALTHY.

When OnlyPassing is set to true we will force consul checks in a
'warning' state to render as UNHEALTHY in envoy.

Fixes #6171
2019-07-23 20:20:24 -05:00
Alvin Huang 5b6fa58453 resolve circleci config conflicts 2019-07-23 20:18:36 -04:00
Paul Banks 42296292a4
Allow raft TrailingLogs to be configured. (#6186)
This fixes pathological cases where the write throughput and snapshot size are both so large that more than 10k log entries are written in the time it takes to restore the snapshot from disk. In this case followers that restart can never catch up with leader replication again and enter a loop of constantly downloading a full snapshot and restoring it only to find that snapshot is already out of date and the leader has truncated its logs so a new snapshot is sent etc.

In general if you need to adjust this, you are probably abusing Consul for purposes outside its design envelope and should reconsider your usage to reduce data size and/or write volume.
2019-07-23 15:19:57 +01:00
kaitlincarter-hc e89b6dd85d
[docs] New K8s-Consul deployment guide (#5859)
* New K8s-Consul deployment guide

* Update website/source/docs/guides/kubernetes-production-deploy.md

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* updating based on comments

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

* Update website/source/docs/guides/kubernetes-production-deploy.md
2019-07-22 19:16:06 -05:00