James Phillips
2dc98dee32
Adds a note about prepared queries to the coordinates internals guide.
2016-06-28 23:02:00 -07:00
Sean Chittenden
b20f86b4c7
Speling police
2016-05-15 09:13:52 -07:00
James Phillips
0ed56d6606
Adds a note about template query ACLs.
2016-03-17 08:21:58 -07:00
James Phillips
ae7b45a6df
Merge pull request #1820 from hashicorp/f-port-docs
...
Adds a reference to the network ports from the security guide.
2016-03-09 21:22:41 -08:00
James Phillips
b2992a5e83
Adds a reference to the network ports from the security page.
2016-03-09 21:21:49 -08:00
James Phillips
72f7c08a0a
Cleans up the documents.
2016-02-24 18:05:58 -08:00
James Phillips
2f7eac8b86
Renames "prepared_query" ACL policy to "query".
2016-02-24 17:02:06 -08:00
James Phillips
a8ac27fa49
Refactors docs into a more complete state for prepared query ACLs.
2016-02-23 22:27:44 -08:00
James Phillips
633c231d67
Creates new "prepared-query" ACL type and new token capture behavior.
...
Prior to this change, prepared queries had the following behavior for
ACLs, which will need to change to support templates:
1. A management token, or a token with read access to the service being
queried needed to be provided in order to create a prepared query.
2. The token used to create the prepared query was stored with the query
in the state store and used to execute the query.
3. A management token, or the token used to create the query needed to be
supplied to perform and CRUD operations on an existing prepared query.
This was pretty subtle and complicated behavior, and won't work for
templates since the service name is computed at execution time. To solve
this, we introduce a new "prepared-query" ACL type, where the prefix
applies to the query name for static prepared query types and to the
prefix for template prepared query types.
With this change, the new behavior is:
1. A management token, or a token with "prepared-query" write access to
the query name or (soon) the given template prefix is required to do
any CRUD operations on a prepared query, or to list prepared queries
(the list is filtered by this ACL).
2. You will no longer need a management token to list prepared queries,
but you will only be able to see prepared queries that you have access
to (you get an empty list instead of permission denied).
3. When listing or getting a query, because it was easy to capture
management tokens given the past behavior, this will always blank out
the "Token" field (replacing the contents as <hidden>) for all tokens
unless a management token is supplied. Going forward, we should
discourage people from binding tokens for execution unless strictly
necessary.
4. No token will be captured by default when a prepared query is created.
If the user wishes to supply an execution token then can pass it in via
the "Token" field in the prepared query definition. Otherwise, this
field will default to empty.
5. At execution time, we will use the captured token if it exists with the
prepared query definition, otherwise we will use the token that's passed
in with the request, just like we do for other RPCs (or you can use the
agent's configured token for DNS).
6. Prepared queries with no name (accessible only by ID) will not require
ACLs to create or modify (execution time will depend on the service ACL
configuration). Our argument here is that these are designed to be
ephemeral and the IDs are as good as an ACL. Management tokens will be
able to list all of these.
These changes enable templates, but also enable delegation of authority to
manage the prepared query namespace.
2016-02-23 17:12:43 -08:00
csawyerYumaed
793195b7d8
Update documentation - add Network Ports.
...
Update security.html.markdown add section on Network Port usage.
TODO: add Atlas port usage.
2016-02-23 11:27:15 -08:00
Seth Vargo
dc9131a732
Use HTTPS + www. where appropriate
2016-01-13 17:44:01 -05:00
James Phillips
9e29bb4238
Adds and updates docs for prepared queries.
2015-11-15 17:06:00 -08:00
James Phillips
1a3c523816
Adds a note about the new acquire behavior into the sessions internals guide.
2015-11-14 10:28:14 -08:00
James Phillips
c2fab40aee
Fixes a typo.
2015-10-30 23:50:11 -07:00
James Phillips
b3b1c6940b
Updates docs for network coordinates.
2015-10-23 15:23:01 -07:00
James Phillips
b25797a808
Merge pull request #1187 from sfncook/enable_tag_drift_03
...
Enable tag drift 03
2015-09-11 15:35:32 -07:00
Shawn Cook
451abfa206
Doc changes in response to review.
2015-09-11 15:26:30 -07:00
Shawn Cook
7d6f30da1c
Docs - add verbage to anti-entropy page.
2015-09-11 14:27:54 -07:00
Anthony Scalisi
8d733b7fca
remove various typos
2015-09-11 12:29:54 -07:00
Jack Pearkes
49181fce76
website: fix broken link on acl page
2015-07-31 12:14:28 -07:00
Ryan Uber
d7f76702fe
website: docs for keyring ACLs
2015-07-07 11:45:49 -06:00
Ryan Uber
457cff1007
website: fix event acl policy docs
2015-06-19 12:18:09 -07:00
Ryan Uber
e0ce6059f6
website: add docs for user event acls
2015-06-18 18:13:29 -07:00
Ryan Uber
9de7d95109
website: fix mention of read-only policy for service acls
2015-06-18 18:13:01 -07:00
Ryan Uber
62a8d82f9f
website: add note about anonymous token and discovery ACLs
2015-06-11 17:39:01 -07:00
Ryan Uber
c09dfe05a7
website: document service discovery ACLs
2015-06-11 14:45:52 -07:00
Armon Dadgar
dd17147deb
website: Update ACL description to longest-prefix
2015-05-06 12:04:40 -07:00
Ryan Uber
af74095584
website: document service and check acl options
2015-04-28 14:28:06 -07:00
Ryan Breen
f6d38ef6e5
Website: cleanup for docs/internals/sessions.html.
2015-04-15 14:47:15 -04:00
Ryan Breen
65daaf8c03
Website: cleanup for docs/internals/security.html.
2015-04-13 18:17:29 -04:00
Ryan Breen
a6befa8ef0
Website: minor tweaks for docs/internals/jepsen.html.
2015-04-12 22:44:57 -04:00
Ryan Breen
f772412b92
Website: fix caps issue in docs/internals/consensus.html.
2015-04-11 18:32:15 -04:00
Ryan Breen
db65ebb631
Website: minor additional tweaks for docs/internals/consensus.html.
2015-04-11 11:41:55 -04:00
Ryan Breen
da1c476343
Website: cleanup for docs/internals/consensus.html, including removing LMDB references in favor of BoltDB per GH-857.
2015-04-10 23:06:28 -04:00
Ryan Breen
47c52a62d4
Website: tweaks to docs/internals/architecture.html.
2015-03-30 18:07:58 -04:00
Ryan Breen
4d4c631fd6
Website: very minor tweaks to docs/internals/anti-entropy.html.
2015-03-29 10:53:49 -04:00
Ryan Breen
746e1fc9e4
Website: more cleanup for docs/internals/acl.html.
2015-03-28 11:54:16 -04:00
Ryan Breen
9d71844965
Website: GH-781 and cleanup for docs/internals/acl.html.
2015-03-28 11:26:26 -04:00
Ryan Breen
8f4ad0bbf9
Website: GH-730 for docs/internals/acl.html.
2015-03-22 11:44:16 -04:00
Ryan Breen
15f2afe92f
Website: cleanup for docs/internals/index.html.
2015-03-21 21:52:26 -04:00
Ryan Uber
8dd9061956
website: fix typo in anti-entropy docs
2015-03-03 16:35:27 -08:00
Ryan Uber
6325442f93
Merge pull request #751 from hashicorp/f-ae-doc
...
Document anti-entropy internals
2015-03-03 16:34:00 -08:00
Ryan Uber
3e48f8c969
website: adjustments to anti-entropy docs
2015-03-03 16:32:17 -08:00
Ryan Uber
7f40698666
website: first pass at anti-entropy docs
2015-03-03 14:13:59 -08:00
Ryan Breen
ad7d1b3090
Website: GH-747 change acl_master token to acl_master_token
2015-03-03 11:46:57 -05:00
Ryan Breen
ce93505a16
Website: GH-747 Add docs on acl_master_token installation.
2015-03-03 11:33:49 -05:00
Ryan Breen
9910c7d7bd
Website: rework docs/guides/outage.html to cover cases where recovery might be easier than manual removal of failed nodes from peers.json.
2015-03-01 18:21:33 -05:00
Emil Hessman
8c991c3632
website: omit excessive use of the word lastly
...
Simplify wording by removing various uses of the word lastly.
2015-01-09 06:37:26 +01:00
Armon Dadgar
95b3837b75
website: Document session behavior and TTL
2015-01-07 15:38:16 -08:00
Emil Hessman
4461c750bb
website: fix typo, casing and links
...
Fix typo in Leader Election guide: s/blog/blob/
Also fix various casing issues and prefer HTTPS links
for HashiCorp projects.
2015-01-04 12:58:58 +01:00
Armon Dadgar
d74f79b3fa
consul: Enforce service registration ACLs
2014-11-30 21:05:15 -07:00
Armon Dadgar
376f9694f4
website: Update ACL docs
2014-11-30 20:12:44 -07:00
Dan Frost
261c69c4ff
docs: internals/security: minor fixes
2014-11-26 13:05:33 +00:00
Dan Frost
548f1a07ad
docs: internals/acl: minor fixes
2014-11-26 12:57:15 +00:00
Dan Frost
2ad884abee
docs: internals/sessions: minor fixes
2014-11-26 12:49:53 +00:00
Dan Frost
dbb365baca
docs: internals/architecture: minor fixes
2014-11-26 12:31:38 +00:00
Laurent Raufaste
bb7eb29ade
Another typo
2014-11-13 17:44:20 -05:00
Laurent Raufaste
dfc094a5d0
extra '
2014-11-13 17:43:25 -05:00
Laurent Raufaste
19820d9794
Doc explaining the blacklist mode and consul exec
2014-11-13 17:42:39 -05:00
Danny Berger
4347b9394d
Fix some typos in website docs
2014-11-04 21:33:42 -07:00
Seth Vargo
e57ea7df78
Do not index "Jespen" code block
...
The word "Jespen" is one of our top keywords because it appears so many times
in the Jespen Testing page. This commit adds a comment to disable Google
indexing in that code block so we can better target keywords.
2014-10-26 22:34:14 -04:00
Laurent Raufaste
9df9eb0983
Small typo in the doc
2014-10-23 14:32:11 -04:00
Seth Vargo
e265ea050d
Use new Markdown syntaxes and add SEO descriptions
2014-10-19 19:42:13 -04:00
Ryan Uber
002083ad8d
website: re-word a few things
2014-10-13 22:59:35 -07:00
Seth Vargo
651f559380
Pre-process sessions docs as ERB for image tags
2014-10-06 19:12:25 -04:00
Seth Vargo
ab75771eb6
Pre-process architecture docs as ERB for image tags
2014-10-06 19:12:17 -04:00
Christian Berg
344f4f93d4
Fix typo
...
Should be whitelist, not whilelist.
2014-09-23 15:24:19 +02:00
Joseph Anthony Pasquale Holsten
93d728ef58
add link to raft visualization
2014-08-30 23:43:45 +00:00
Armon Dadgar
99db96e4ea
website: rewording
2014-08-18 15:46:59 -07:00
Armon Dadgar
ea0a1dca2e
website: ACL internals
2014-08-18 15:46:59 -07:00
Armon Dadgar
1e861114c7
website: Adding guide on leader election
2014-05-20 16:25:30 -07:00
Armon Dadgar
2748dcd4c6
website: Starting to document sessions
2014-05-20 16:25:30 -07:00
Shayan Pooya
48f947386b
website: fix a couple of typos.
2014-05-03 19:16:55 -04:00
Jack Pearkes
be8b976451
website: remove some serf stuff, old js files
2014-05-02 14:13:48 -04:00
Armon Dadgar
757f590455
website: Cleanup verbage
2014-04-21 13:50:18 -07:00
Armon Dadgar
a11fd66f28
website: Document the consistency modes
2014-04-21 13:46:57 -07:00
Martin Ringehahn
189a440cef
fix typo
2014-04-17 21:35:59 -04:00
Caleb Spare
e40da274d5
Copy fixes: typos, misspellings, grammar, wording
2014-04-17 14:45:53 -07:00
Armon Dadgar
eb77b40027
website: Grammar cleanup
2014-04-16 17:29:37 -07:00
Armon Dadgar
3bce8ff0e9
website: Add note about jepsen testing
2014-04-16 17:03:48 -07:00
Armon Dadgar
f104336fd2
website: Adding page on Jepsen testing
2014-04-16 17:03:48 -07:00
Jacques Fuentes
dd6f55ff3b
Round 2: Fix typos, grammar errors, and misspellings
2014-04-16 00:01:12 -04:00
Armon Dadgar
caf48c8722
website: Multiple warnings about single server deployment
2014-04-11 12:43:06 -07:00
Armon Dadgar
911ce92cf3
website: Documentation cleanup
2014-04-09 11:06:27 -07:00
Jacques Fuentes
38e645ac18
Add raft link and fix some typos
2014-03-28 23:33:50 -04:00
Armon Dadgar
c975f5b968
website: documenting the internals
2014-02-20 12:26:50 -08:00
Armon Dadgar
30bc19f002
website: fixing typo
2014-02-19 17:05:57 -08:00
Armon Dadgar
5101cf88df
website: document the high level architecture
2014-02-19 16:58:15 -08:00
Armon Dadgar
0611db496a
website: bulk copy from serf
2014-02-07 16:41:03 -08:00