Changes to doc :
Changed default service_name to consul-terraform-sync. Service name is used in service registration it was previously proper case, it is now lower case.
Ensure that the peer stream replication rpc can successfully be used with TLS activated.
Also:
- If key material is configured for the gRPC port but HTTPS is not
enabled now TLS will still be activated for the gRPC port.
- peerstream replication stream opened by the establishing-side will now
ignore grpc.WithBlock so that TLS errors will bubble up instead of
being awkwardly delayed or suppressed
* Made changes based on Adams suggestions
* updating list layout in systems integration guide. updating wan federation docs.
* fixing env vars on systems integration page
* fixing h3 to h2 on enterprise license page
* Changed `The following steps will be performed` to `Complete the following steps`
* Replaced `These steps will be repeated for each datacenter` with `Repeat the following steps for each datacenter in the cluster`
* Emphasizing that kv2 secrets only need to be stored once.
* Move the sentence indicating where the vault path maps to the helm chart out of the -> Note callout
* remaining suggestions
* Removing store the secret in Vault from server-tls page
* Making the Bootstrapping the Server PKI Engine sections the same on server-tls and webhook-cert pages
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Updating VAULT_ADDR on systems-integration to get it out of the shell.
* Updating intro paragraph of Overview on systems-integration.mdx to what Adamsuggested.
* Putting the GKE, AKS, AKS info into tabs on the systems integration page.
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* feat(cli): enable to delete config entry from an input file
- A new flag to config delete to delete a config entry in a
valid config file, e.g., config delete -filename
intention-allow.hcl
- Updated flag validation; -filename and -kind can't be set
at the same time
- Move decode config entry method from config_write.go to
helpers.go for reusing ParseConfigEntry()
- add changelog
Co-authored-by: Dan Upton <daniel@floppy.co>
This commit updates the DNS query locality parsing so that the virtual
IP for an imported service can be queried.
Note that:
- Support for parsing a peer in other service discovery queries was not
added.
- Querying another datacenter for a virtual IP is not supported. This
was technically allowed in 1.11 but is being rolled back for 1.13
because it is not a use-case we intended to support. Virtual IPs in
different datacenters are going to collide because they are allocated
sequentially.