Commit Graph

16274 Commits

Author SHA1 Message Date
John Cowen 4d62ee7353
ui: Adds a notice for non-primary intention creation (#11985) 2022-01-12 11:50:09 +00:00
John Cowen a408644205
ui: Fix up wiring or empty state login button (#11981)
* ui: Some ACL component documentation (#11982)
2022-01-12 11:05:24 +00:00
John Cowen 754afd356a
ui: Alter position of dashboard button in the service instance header (#11988) 2022-01-12 09:31:54 +00:00
John Cowen fe105d1ba7
ui: Allow templateName paths to be relative (#11955) 2022-01-12 09:27:00 +00:00
John Cowen ac72b1b9f0
ui: First pass at writing some data layer related Eng docs (#11203) 2022-01-12 09:26:02 +00:00
mrspanishviking fa192431eb
Merge pull request #12034 from vanphan24/patch-2
Clarifies external CA config
2022-01-11 15:09:50 -07:00
vanphan24 2c0a87a057
Clarifies external CA config
It is not clear that this page is to configure an external CA for Connect CA. Added line to clarify that this page is for configuring external CA's for the Connect CA. For the built-in CA, no config is needed.
2022-01-11 13:22:50 -08:00
David Yu 733526a012
docs: Update uninstall to ensure CRDs are deleted (#12021)
* docs: Update uninstall to ensure CRDs are deleted

* Update website/content/docs/k8s/operations/uninstall.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* add more details around CRD deletion

* move around crd deletion to before unsintall

* slight wording

* move deletion of CRDs to first line

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-01-11 12:53:39 -08:00
Kim Ngo 9340b3bfe5
CTS OSS vs Ent docs (#12006)
* Add CTS OSS and Ent feature comparision chart

* Mention CTS Ent in intro

* Update CTS install page with Ent and tab install options

* Clarify local workspaces and add Collaboration row

* Oxford comma, rename to Automation Driver, install +ent ctx

* Update website/content/docs/nia/installation/install.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Remove self-hosted row and add TFE explicitly

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com>
2022-01-11 13:31:06 -06:00
Chris S. Kim 4f0a3a997c
Fix races in anti-entropy tests (#12028) 2022-01-11 14:28:51 -05:00
Kim Ngo 5818d6b669
Clarify CTS monitoring of service and instances (#12008)
* Clarify CTS monitoring of service and instances

Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-01-11 13:06:13 -06:00
Blake Covarrubias 97e7e118e0 docs: Fix spelling errors 2022-01-11 09:37:09 -08:00
mrspanishviking a51f17a0f1
Merge pull request #11983 from hashicorp/resolver_examples
docs: added another resolver example for DC and namespace failover
2022-01-11 10:27:57 -07:00
Mike Morris 277c41d336
ingress: allow setting TLS min version and cipher suites in ingress gateway config entries (#11576)
* xds: refactor ingress listener SDS configuration

* xds: update resolveListenerSDS call args in listeners_test

* ingress: add TLS min, max and cipher suites to GatewayTLSConfig

* xds: implement envoyTLSVersions and envoyTLSCipherSuites

* xds: merge TLS config

* xds: configure TLS parameters with ingress TLS context from leaf

* xds: nil check in resolveListenerTLSConfig validation

* xds: nil check in makeTLSParameters* functions

* changelog: add entry for TLS params on ingress config entries

* xds: remove indirection for TLS params in TLSConfig structs

* xds: return tlsContext, nil instead of ambiguous err

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* xds: switch zero checks to types.TLSVersionUnspecified

* ingress: add validation for ingress config entry TLS params

* ingress: validate listener TLS config

* xds: add basic ingress with TLS params tests

* xds: add ingress listeners mixed TLS min version defaults precedence test

* xds: add more explicit tests for ingress listeners inheriting gateway defaults

* xds: add test for single TLS listener on gateway without TLS defaults

* xds: regen golden files for TLSVersionInvalid zero value, add TLSVersionAuto listener test

* types/tls: change TLSVersion to string

* types/tls: update TLSCipherSuite to string type

* types/tls: implement validation functions for TLSVersion and TLSCipherSuites, make some maps private

* api: add TLS params to GatewayTLSConfig, add tests

* api: add TLSMinVersion to ingress gateway config entry test JSON

* xds: switch to Envoy TLS cipher suite encoding from types package

* xds: fixup validation for TLSv1_3 min version with cipher suites

* add some kitchen sink tests and add a missing struct tag

* xds: check if mergedCfg.TLSVersion is in TLSVersionsWithConfigurableCipherSuites

* xds: update connectTLSEnabled comment

* xds: remove unsued resolveGatewayServiceTLSConfig function

 * xds: add makeCommonTLSContextFromLeafWithoutParams

* types/tls: add LessThan comparator function for concrete values

* types/tls: change tlsVersions validation map from string to TLSVersion keys

* types/tls: remove unused envoyTLSCipherSuites

* types/tls: enable chacha20 cipher suites for Consul agent

* types/tls: remove insecure cipher suites from allowed config

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 are both explicitly listed as insecure and disabled in the Go source.

Refs https://cs.opensource.google/go/go/+/refs/tags/go1.17.3:src/crypto/tls/cipher_suites.go;l=329-330

* types/tls: add ValidateConsulAgentCipherSuites function, make direct lookup map private

* types/tls: return all unmatched cipher suites in validation errors

* xds: check that Envoy API value matching TLS version is found when building TlsParameters

* types/tls: check that value is found in map before appending to slice in MarshalEnvoyTLSCipherSuiteStrings

* types/tls: cast to string rather than fmt.Printf in TLSCihperSuite.String()

* xds: add TLSVersionUnspecified to list of configurable cipher suites

* structs: update note about config entry warning

* xds: remove TLS min version cipher suite unconfigurable test placeholder

* types/tls: update tests to remove assumption about private map values

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-01-11 11:46:42 -05:00
Jasmine W 889aa2dd1a
Merge pull request #12002 from hashicorp/kubernetes-service-screenshot
added screenshot of k8s service
2022-01-11 11:34:00 -05:00
Jasmine W e671ea7f60
Merge pull request #11995 from hashicorp/l7-routing-screenshots
Adding UI screenshots to L7 overview
2022-01-11 11:33:20 -05:00
Hannah Hearth 8436b4b0d1 Add CTS and API Gateway to docs on tools page 2022-01-11 10:22:30 -06:00
Jasmine W 8f662c49f6
Update website/content/docs/connect/config-entries/service-splitter.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:49 -05:00
Jasmine W 62583f75fe
Update website/content/docs/connect/config-entries/service-router.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:43 -05:00
Jasmine W d011b1afcb
Update website/content/docs/connect/config-entries/service-resolver.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:36 -05:00
Jasmine W b9bfb424b5 pushing for circleci 2022-01-11 11:16:24 -05:00
Kenia fbb9f5cdf5
ui: Adding Partition to topology card (#11805) 2022-01-11 10:04:06 -05:00
Dao Thanh Tung 217e2dc656
URL-encode/decode resource names for HTTP API part 2 (#11957) 2022-01-11 08:52:45 -05:00
John Cowen fc8e89d640
ui: Ensure the partition is passed through to the request for the SSO auth URL (#11979)
* Make sure the mocks reflect the requested partition/namespace

* Ensure partition is passed through to the HTTP adapter

* Pass AuthMethod object through to TokenSource in order to use Partition

* Change up docs and add potential improvements for future

* Pass the query partition back onto the response

* Make sure the OIDC callback mock returns a Partition

* Enable OIDC provider mock overwriting during acceptance testing

* Make sure we can enable partitions and SSO post bootup only required

...for now

* Wire up oidc provider mocking

* Add SSO full auth flow acceptance tests
2022-01-11 11:02:46 +00:00
Anthony a217d13e1b
docs: Add CodeBlockConfig to network coordinates page 2022-01-10 22:13:27 -08:00
Connor a4d2dc0ce2
Add go-sockaddr examples for multiple interfaces (#11998)
* Add overview example for multiple interfaces with go-sockaddr

* Include go-sockaddr examples in agent configuration

* Add changelog entry

* Make suggested changes

* Simplify hcl comment

* Update link and fix gRPC

* Switch index.mdx from Tabs to CodeTabs

* Reformat new links for screen readers

* Apply suggestions from code review

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Fix spacing in code block

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 20:10:25 -06:00
mrspanishviking 071b3025af
Merge pull request #12016 from hashicorp/Screenshot-Updates
Consul UI Screenshot Updates
2022-01-10 18:05:02 -07:00
Xuan Luo 8ca86265a5
Merge pull request #12017 from hashicorp/doc-changes
Doc changes
2022-01-10 16:33:47 -08:00
Xuan Luo 3ae25bfb58 updated image 2022-01-10 16:29:32 -08:00
Jake Herschman 0925fba881 fixed duplicated image path 2022-01-10 19:08:16 -05:00
Jake Herschman a93ba20343 Updated Consul UI Screenshots 2022-01-10 19:01:42 -05:00
Xuan Luo edb95ce99c docs: add gateway overview illustration 2022-01-10 15:47:57 -08:00
Luke Kysow e30e0a075c
Add distributed tracing docs (#12010)
* Add distributed tracing docs
2022-01-10 15:43:31 -08:00
Jake Herschman 5469bcd6d1 updated topology image 2022-01-10 18:39:35 -05:00
Jake Herschman 52ef50b1da updated datacenter dropdown image 2022-01-10 18:38:41 -05:00
Jake Herschman af77cb65f9 updated topology image 2022-01-10 18:37:51 -05:00
Xuan Luo ac0205bbbf docs: added gateway overview illustration 2022-01-10 15:30:01 -08:00
Preetha cc8eafbf5e
Updated health check docs page with HCL examples (#12000)
All healthcheck JSON examples now have HCL equivalents.
2022-01-10 17:19:39 -06:00
Amier Chery 6c230ff458 Added images to respective pages
Added the images to each respective page on splitting/routing/resolving along with a brief description on how to navigate there.
2022-01-10 18:14:24 -05:00
mrspanishviking 3e30d6decf
Merge pull request #11997 from hashicorp/20sr20-patch-1
Adding texts in verify_leader metric
2022-01-10 15:59:20 -07:00
Sujata Roy e62ec3783e
Update website/content/docs/agent/telemetry.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 14:57:14 -08:00
mrspanishviking 2eb4375caf
Merge pull request #12007 from hashicorp/Amier3-patch-1-1
docs: clarify hcl/cli differences
2022-01-10 15:45:46 -07:00
Matt Keeler 9e788fbd47
Document Consul enterprise 1.10.0-1.10.4 forwards incompatibility with 1.11 (#11978)
Also fixed a broken link in the 1.10.x upgrade instructions.

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 17:18:40 -05:00
Amier Chery db29a926da
Create options.mdx
Adding a small little note to the top of the 'command line options' section of this page following community feedback in #10628
2022-01-10 17:15:33 -05:00
Jasmine W b8fe5038d1 added screenshot of k8s service 2022-01-10 15:57:15 -05:00
Sujata Roy 59e50ac42e
Adding texts in verify_leader metric
- Added description providing example case when the metric can go high
2022-01-10 12:01:27 -08:00
Jasmine W 2e60b0949f Adding UI screenshots to L7 overview 2022-01-10 14:34:00 -05:00
Preetha f9328bfdae
Added HCL examples to service discovery page (#11989)
Improved HCL examples in the service discovery docs page
2022-01-10 13:12:42 -06:00
Chris S. Kim 14e1898544
Add LastErrorMessage to /acl/replication docs (#11990) 2022-01-10 13:42:57 -05:00
Karl Cardenas 52a667ca85
added additonal example for failover within DC and unique namespace 2022-01-10 11:41:43 -07:00