Commit Graph

16440 Commits

Author SHA1 Message Date
Chris S. Kim 4f0a3a997c
Fix races in anti-entropy tests (#12028) 2022-01-11 14:28:51 -05:00
Kim Ngo 5818d6b669
Clarify CTS monitoring of service and instances (#12008)
* Clarify CTS monitoring of service and instances

Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-01-11 13:06:13 -06:00
Blake Covarrubias 97e7e118e0 docs: Fix spelling errors 2022-01-11 09:37:09 -08:00
mrspanishviking a51f17a0f1
Merge pull request #11983 from hashicorp/resolver_examples
docs: added another resolver example for DC and namespace failover
2022-01-11 10:27:57 -07:00
Chip Vaughn fd71fdbefb Fixing CircleCI issues and adding Partition CLI links 2022-01-11 11:46:50 -05:00
Mike Morris 277c41d336
ingress: allow setting TLS min version and cipher suites in ingress gateway config entries (#11576)
* xds: refactor ingress listener SDS configuration

* xds: update resolveListenerSDS call args in listeners_test

* ingress: add TLS min, max and cipher suites to GatewayTLSConfig

* xds: implement envoyTLSVersions and envoyTLSCipherSuites

* xds: merge TLS config

* xds: configure TLS parameters with ingress TLS context from leaf

* xds: nil check in resolveListenerTLSConfig validation

* xds: nil check in makeTLSParameters* functions

* changelog: add entry for TLS params on ingress config entries

* xds: remove indirection for TLS params in TLSConfig structs

* xds: return tlsContext, nil instead of ambiguous err

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* xds: switch zero checks to types.TLSVersionUnspecified

* ingress: add validation for ingress config entry TLS params

* ingress: validate listener TLS config

* xds: add basic ingress with TLS params tests

* xds: add ingress listeners mixed TLS min version defaults precedence test

* xds: add more explicit tests for ingress listeners inheriting gateway defaults

* xds: add test for single TLS listener on gateway without TLS defaults

* xds: regen golden files for TLSVersionInvalid zero value, add TLSVersionAuto listener test

* types/tls: change TLSVersion to string

* types/tls: update TLSCipherSuite to string type

* types/tls: implement validation functions for TLSVersion and TLSCipherSuites, make some maps private

* api: add TLS params to GatewayTLSConfig, add tests

* api: add TLSMinVersion to ingress gateway config entry test JSON

* xds: switch to Envoy TLS cipher suite encoding from types package

* xds: fixup validation for TLSv1_3 min version with cipher suites

* add some kitchen sink tests and add a missing struct tag

* xds: check if mergedCfg.TLSVersion is in TLSVersionsWithConfigurableCipherSuites

* xds: update connectTLSEnabled comment

* xds: remove unsued resolveGatewayServiceTLSConfig function

 * xds: add makeCommonTLSContextFromLeafWithoutParams

* types/tls: add LessThan comparator function for concrete values

* types/tls: change tlsVersions validation map from string to TLSVersion keys

* types/tls: remove unused envoyTLSCipherSuites

* types/tls: enable chacha20 cipher suites for Consul agent

* types/tls: remove insecure cipher suites from allowed config

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 are both explicitly listed as insecure and disabled in the Go source.

Refs https://cs.opensource.google/go/go/+/refs/tags/go1.17.3:src/crypto/tls/cipher_suites.go;l=329-330

* types/tls: add ValidateConsulAgentCipherSuites function, make direct lookup map private

* types/tls: return all unmatched cipher suites in validation errors

* xds: check that Envoy API value matching TLS version is found when building TlsParameters

* types/tls: check that value is found in map before appending to slice in MarshalEnvoyTLSCipherSuiteStrings

* types/tls: cast to string rather than fmt.Printf in TLSCihperSuite.String()

* xds: add TLSVersionUnspecified to list of configurable cipher suites

* structs: update note about config entry warning

* xds: remove TLS min version cipher suite unconfigurable test placeholder

* types/tls: update tests to remove assumption about private map values

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-01-11 11:46:42 -05:00
Jasmine W 889aa2dd1a
Merge pull request #12002 from hashicorp/kubernetes-service-screenshot
added screenshot of k8s service
2022-01-11 11:34:00 -05:00
Jasmine W e671ea7f60
Merge pull request #11995 from hashicorp/l7-routing-screenshots
Adding UI screenshots to L7 overview
2022-01-11 11:33:20 -05:00
Chip Vaughn cd0405ff0d Correcting CLI links and grammer changes part 2 2022-01-11 11:26:05 -05:00
Hannah Hearth 8436b4b0d1 Add CTS and API Gateway to docs on tools page 2022-01-11 10:22:30 -06:00
Jasmine W 8f662c49f6
Update website/content/docs/connect/config-entries/service-splitter.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:49 -05:00
Jasmine W 62583f75fe
Update website/content/docs/connect/config-entries/service-router.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:43 -05:00
Jasmine W d011b1afcb
Update website/content/docs/connect/config-entries/service-resolver.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:36 -05:00
Jasmine W b9bfb424b5 pushing for circleci 2022-01-11 11:16:24 -05:00
Chip Vaughn db58296ce8 Correcting CLI links and grammer changes 2022-01-11 10:41:48 -05:00
Chip Vaughn 0f6e660077 Correcting CLI links and grammer changes 2022-01-11 10:37:48 -05:00
Chip Vaughn 7f61e9f677 Editing links and grammer changes 2022-01-11 10:36:09 -05:00
Kenia fbb9f5cdf5
ui: Adding Partition to topology card (#11805) 2022-01-11 10:04:06 -05:00
Matt Siegel 24ea879264 Added some missing ACL info, updated details around some permissions, added missing HTTP API refs 2022-01-11 09:41:54 -05:00
Dao Thanh Tung 217e2dc656
URL-encode/decode resource names for HTTP API part 2 (#11957) 2022-01-11 08:52:45 -05:00
Matt Siegel 079f27ee52 Fixed absolute links to HTTP apis. 2022-01-11 08:26:58 -05:00
John Cowen fc8e89d640
ui: Ensure the partition is passed through to the request for the SSO auth URL (#11979)
* Make sure the mocks reflect the requested partition/namespace

* Ensure partition is passed through to the HTTP adapter

* Pass AuthMethod object through to TokenSource in order to use Partition

* Change up docs and add potential improvements for future

* Pass the query partition back onto the response

* Make sure the OIDC callback mock returns a Partition

* Enable OIDC provider mock overwriting during acceptance testing

* Make sure we can enable partitions and SSO post bootup only required

...for now

* Wire up oidc provider mocking

* Add SSO full auth flow acceptance tests
2022-01-11 11:02:46 +00:00
Anthony a217d13e1b
docs: Add CodeBlockConfig to network coordinates page 2022-01-10 22:13:27 -08:00
Connor a4d2dc0ce2
Add go-sockaddr examples for multiple interfaces (#11998)
* Add overview example for multiple interfaces with go-sockaddr

* Include go-sockaddr examples in agent configuration

* Add changelog entry

* Make suggested changes

* Simplify hcl comment

* Update link and fix gRPC

* Switch index.mdx from Tabs to CodeTabs

* Reformat new links for screen readers

* Apply suggestions from code review

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Fix spacing in code block

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 20:10:25 -06:00
mrspanishviking 071b3025af
Merge pull request #12016 from hashicorp/Screenshot-Updates
Consul UI Screenshot Updates
2022-01-10 18:05:02 -07:00
Xuan Luo 8ca86265a5
Merge pull request #12017 from hashicorp/doc-changes
Doc changes
2022-01-10 16:33:47 -08:00
Xuan Luo 3ae25bfb58 updated image 2022-01-10 16:29:32 -08:00
Jake Herschman 0925fba881 fixed duplicated image path 2022-01-10 19:08:16 -05:00
Jake Herschman a93ba20343 Updated Consul UI Screenshots 2022-01-10 19:01:42 -05:00
Xuan Luo edb95ce99c docs: add gateway overview illustration 2022-01-10 15:47:57 -08:00
Luke Kysow e30e0a075c
Add distributed tracing docs (#12010)
* Add distributed tracing docs
2022-01-10 15:43:31 -08:00
Jake Herschman 5469bcd6d1 updated topology image 2022-01-10 18:39:35 -05:00
Jake Herschman 52ef50b1da updated datacenter dropdown image 2022-01-10 18:38:41 -05:00
Jake Herschman af77cb65f9 updated topology image 2022-01-10 18:37:51 -05:00
Neena Pemmaraju c20694d453
docs: updated the description of min_quorum 2022-01-10 15:37:36 -08:00
Xuan Luo ac0205bbbf docs: added gateway overview illustration 2022-01-10 15:30:01 -08:00
Preetha cc8eafbf5e
Updated health check docs page with HCL examples (#12000)
All healthcheck JSON examples now have HCL equivalents.
2022-01-10 17:19:39 -06:00
Amier Chery 6c230ff458 Added images to respective pages
Added the images to each respective page on splitting/routing/resolving along with a brief description on how to navigate there.
2022-01-10 18:14:24 -05:00
mrspanishviking 3e30d6decf
Merge pull request #11997 from hashicorp/20sr20-patch-1
Adding texts in verify_leader metric
2022-01-10 15:59:20 -07:00
Sujata Roy e62ec3783e
Update website/content/docs/agent/telemetry.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 14:57:14 -08:00
mrspanishviking 2eb4375caf
Merge pull request #12007 from hashicorp/Amier3-patch-1-1
docs: clarify hcl/cli differences
2022-01-10 15:45:46 -07:00
Matt Keeler 9e788fbd47
Document Consul enterprise 1.10.0-1.10.4 forwards incompatibility with 1.11 (#11978)
Also fixed a broken link in the 1.10.x upgrade instructions.

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 17:18:40 -05:00
Amier Chery db29a926da
Create options.mdx
Adding a small little note to the top of the 'command line options' section of this page following community feedback in #10628
2022-01-10 17:15:33 -05:00
Matt Siegel dcdaefcf79 Added ACL requirements for CLI commands 2022-01-10 16:44:56 -05:00
Jasmine W b8fe5038d1 added screenshot of k8s service 2022-01-10 15:57:15 -05:00
Sujata Roy 59e50ac42e
Adding texts in verify_leader metric
- Added description providing example case when the metric can go high
2022-01-10 12:01:27 -08:00
Jasmine W 2e60b0949f Adding UI screenshots to L7 overview 2022-01-10 14:34:00 -05:00
Chip Vaughn 309f1eab4b Updating HTTP API endpoints with CLI equivalent links 2022-01-10 14:21:32 -05:00
Preetha f9328bfdae
Added HCL examples to service discovery page (#11989)
Improved HCL examples in the service discovery docs page
2022-01-10 13:12:42 -06:00
Chris S. Kim 14e1898544
Add LastErrorMessage to /acl/replication docs (#11990) 2022-01-10 13:42:57 -05:00