Commit Graph

3130 Commits

Author SHA1 Message Date
Luke Kysow 812aedce48
Merge pull request #7586 from hashicorp/helm-docs
Document bootstrapACLs deprecation
2020-04-07 14:02:12 -07:00
Matt Keeler 42f02e80c3
Enable filtering language support for the v1/connect/intentions… (#7593)
* Enable filtering language support for the v1/connect/intentions listing API

* Update website for filtering of Intentions

* Update website/source/api/connect/intentions.html.md
2020-04-07 11:48:44 -04:00
Luke Kysow 1cef40b6a4
Update website/source/docs/platform/k8s/helm.html.md
Co-Authored-By: Iryna Shustava <ishustava@users.noreply.github.com>
2020-04-06 09:16:49 -07:00
Jono Sosulska ab14c969cd
Change style to match "join" singular (#7569)
* Change style to match "join" singular

- Replaced "(Consul) cluster" with  "Consul Datacenter"
- Removed "ing" so the feature fits "Consul Auto-join", and that the tense is correct.

Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
2020-04-03 16:04:07 -04:00
David Yu 33b6bfd106
[docs] Built-in Proxies not meant for production (#7579)
* [docs] Built-in Proxies not meant for production

* Adding link to Envoy for Connect

* Update website/source/docs/connect/proxies/built-in.md

Co-Authored-By: Blake Covarrubias <blake@covarrubi.as>

* Revising note

* Update website/source/docs/connect/proxies/built-in.md

period

Co-Authored-By: Hans Hasselberg <me@hans.io>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Hans Hasselberg <me@hans.io>
2020-04-03 11:52:05 -07:00
Luke Kysow b87d92147d
Document bootstrapACLs deprecation 2020-04-02 16:58:55 -07:00
Freddy f5eb6ab539
Fix regression with gateway registration and update docs (#7582) 2020-04-02 12:52:11 -06:00
Daniel Nephin b490790f60
Merge pull request #7427 from hashicorp/dnephin/website-fix-errrors-in-upgrade-docs
docs: fix some errors in upgrade-specific
2020-04-01 11:36:53 -04:00
Daniel Nephin b099bb4b1a
Merge pull request #7465 from hashicorp/dnephin/correct-docs-log-file
docs: Update config reference for log-file
2020-04-01 11:29:20 -04:00
Hans Hasselberg f6de4a0112
docs: revert "docs: fix param for register checks id->checkid (#7393)" (#7565)
This reverts commit ed5202943e43d054e31e958ff0178473974e4015.
2020-04-01 11:49:20 +02:00
Rasmus Mikkelsen 239b60b2ff
docs: fix param for register checks id->checkid (#7393) 2020-04-01 10:59:28 +02:00
Andreas Gruhler e598190ad1
docs: make example code for RedundancyZoneTag match description (#7464) 2020-03-31 22:54:04 +02:00
Geoffrey Grosenbach 4f599893f3
docs: add link to Learn from downloads page (#7534)
Adds a link to Learn from the downloads page as well as a link to the Consul
Template guide.
2020-03-31 22:30:29 +02:00
Jono Sosulska 42998c0eb6
Updated Security Model and FAQ pages (#7528)
* Updated Security Model and FAQ pages
2020-03-30 16:43:26 -04:00
Matt Keeler a8961e37d9
Add docs for v1/acl/policy/name endpoint (#7501) 2020-03-27 10:20:09 -04:00
Cody De Arkland b29170201d
Merge pull request #7495 from hashicorp/3242020-ent-docs-update
updating enterprise documentation with additional clarity
2020-03-26 11:56:56 -07:00
Matt Keeler e873dbe111
Add optional JSON format to the ACL CLI commands output (#7198)
* Add ACL CLI commands output format option.

Add command level formatter, that incapsulates command output printing
logiс that depends on the command `-format` option.
Move Print* functions from acl_helpers to prettyFormatter. Add jsonFormatter.

* Return error code in case of formatting failure.

* Add acl commands -format option to doc.
2020-03-26 13:16:21 -04:00
Freddy f666727607
Exposing paths isn't an upstream configuration (#7515) 2020-03-26 11:15:01 -06:00
Freddy cb55fa3742
Enable CLI to register terminating gateways (#7500)
* Enable CLI to register terminating gateways

* Centralize gateway proxy configuration
2020-03-26 10:20:56 -06:00
Artur Mullakhmetov 6db4996f4c Add acl commands -format option to doc. 2020-03-26 19:05:11 +03:00
Cody De Arkland c9601fefa1 updating enterprise documentation with additional clarity
Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/namespaces/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/namespaces/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/network-segments/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/upgrades/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/upgrades/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/network-segments/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

updating capitalization of namespaces
2020-03-24 21:49:47 -07:00
Iryna Shustava 6865d63df1
Add missing Helm docs (#7492) 2020-03-24 16:06:57 -07:00
Daniel Nephin 6eca5357cf docs: Update config reference for log-file 2020-03-19 18:06:46 -04:00
Daniel Nephin 221aaa9651
Merge pull request #7458 from hashicorp/dnephin/small-doc-improvements
website/docs: small doc improvements to CLI reference
2020-03-17 18:35:44 -04:00
Hans Hasselberg 672db9bef6
docs: fix filenames (#7453) 2020-03-17 21:00:45 +01:00
Kim Ngo 9e8eb7896f
agent/xds: Update mesh gateway to use service router timeout (#7444)
* website/connect/proxy/envoy: specify timeout precedence for services behind mesh gateway
2020-03-17 14:50:14 -05:00
Daniel Nephin 02fe105ac0 website/docs: small doc improvements to CLI reference
Small improvements to the join docs.

The help text for `lock` says -try is deprecated and replaced with -timeout.
Update the docs to match.
2020-03-16 17:54:45 -04:00
Hans Hasselberg 90a234d242
docs: update website version (#7456) 2020-03-16 22:03:36 +01:00
Matt Keeler ef944f6c3d
Update namespace docs for some new CLI commands (#7435)
Co-Authored-By: Hans Hasselberg <me@hans.io>
2020-03-16 09:42:39 -04:00
Charlie Jones 0fc91ca047
docs: fix typo in consul-template tutorial (#7454) 2020-03-16 14:04:28 +01:00
Daniel Nephin 44d9ad2e38 docs: fix some errors in upgrade-specific
Fix 2 broken links
    Fix some gramatical errors
2020-03-10 14:20:18 -04:00
Matt Keeler eb44ea335c
Update intention precedence table in the docs (#7421)
* Update intention precedence table in the docs

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2020-03-10 11:49:08 -04:00
Hans Hasselberg f49144fcee
connect: support for envoy 1.13.1 and 1.12.3 (#7380)
* setup new envoy versions for CI
* bump version on the website too.
2020-03-10 11:04:46 +01:00
R.B. Boyer a7fb26f50f
wan federation via mesh gateways (#6884)
This is like a Möbius strip of code due to the fact that low-level components (serf/memberlist) are connected to high-level components (the catalog and mesh-gateways) in a twisty maze of references which make it hard to dive into. With that in mind here's a high level summary of what you'll find in the patch:

There are several distinct chunks of code that are affected:

* new flags and config options for the server

* retry join WAN is slightly different

* retry join code is shared to discover primary mesh gateways from secondary datacenters

* because retry join logic runs in the *agent* and the results of that
  operation for primary mesh gateways are needed in the *server* there are
  some methods like `RefreshPrimaryGatewayFallbackAddresses` that must occur
  at multiple layers of abstraction just to pass the data down to the right
  layer.

* new cache type `FederationStateListMeshGatewaysName` for use in `proxycfg/xds` layers

* the function signature for RPC dialing picked up a new required field (the
  node name of the destination)

* several new RPCs for manipulating a FederationState object:
  `FederationState:{Apply,Get,List,ListMeshGateways}`

* 3 read-only internal APIs for debugging use to invoke those RPCs from curl

* raft and fsm changes to persist these FederationStates

* replication for FederationStates as they are canonically stored in the
  Primary and replicated to the Secondaries.

* a special derivative of anti-entropy that runs in secondaries to snapshot
  their local mesh gateway `CheckServiceNodes` and sync them into their upstream
  FederationState in the primary (this works in conjunction with the
  replication to distribute addresses for all mesh gateways in all DCs to all
  other DCs)

* a "gateway locator" convenience object to make use of this data to choose
  the addresses of gateways to use for any given RPC or gossip operation to a
  remote DC. This gets data from the "retry join" logic in the agent and also
  directly calls into the FSM.

* RPC (`:8300`) on the server sniffs the first byte of a new connection to
  determine if it's actually doing native TLS. If so it checks the ALPN header
  for protocol determination (just like how the existing system uses the
  type-byte marker).

* 2 new kinds of protocols are exclusively decoded via this native TLS
  mechanism: one for ferrying "packet" operations (udp-like) from the gossip
  layer and one for "stream" operations (tcp-like). The packet operations
  re-use sockets (using length-prefixing) to cut down on TLS re-negotiation
  overhead.

* the server instances specially wrap the `memberlist.NetTransport` when running
  with gateway federation enabled (in a `wanfed.Transport`). The general gist is
  that if it tries to dial a node in the SAME datacenter (deduced by looking
  at the suffix of the node name) there is no change. If dialing a DIFFERENT
  datacenter it is wrapped up in a TLS+ALPN blob and sent through some mesh
  gateways to eventually end up in a server's :8300 port.

* a new flag when launching a mesh gateway via `consul connect envoy` to
  indicate that the servers are to be exposed. This sets a special service
  meta when registering the gateway into the catalog.

* `proxycfg/xds` notice this metadata blob to activate additional watches for
  the FederationState objects as well as the location of all of the consul
  servers in that datacenter.

* `xds:` if the extra metadata is in place additional clusters are defined in a
  DC to bulk sink all traffic to another DC's gateways. For the current
  datacenter we listen on a wildcard name (`server.<dc>.consul`) that load
  balances all servers as well as one mini-cluster per node
  (`<node>.server.<dc>.consul`)

* the `consul tls cert create` command got a new flag (`-node`) to help create
  an additional SAN in certs that can be used with this flavor of federation.
2020-03-09 15:59:02 -05:00
Freddy da2639adf5
Update namespace docs for config entries (#7420) 2020-03-09 14:51:21 -06:00
Dane Harrigan 21cb30acc8
Update envoy.html.md.erb (#7394)
Minor typo
2020-03-09 13:58:29 -04:00
Noel Quiles 955f065d70
website:update middleman-hashicorp to 0.3.44 (#7382) 2020-03-09 14:41:58 +01:00
Hans Hasselberg eb8bdc372e
docs: add docs for kv_max_value_size (#7405)
Apart from the added docs, the error messages are similar now and are
pointing to the corresponding options.
Fixes #6708.
2020-03-09 11:13:40 +01:00
Kim Ngo ab8a3b8044
agent/txn_endpoint: configure max txn request length (#7388)
configure max transaction size separately from kv limit
2020-03-05 15:42:37 -06:00
Freddy 9634076894
1.7 upgrade note (#7397)
The Session API in Consul 1.7.0 and 1.7.1 is incompatible with prior versions of Consul.

This PR adds a note to our version-specific upgrade guide to guard against users upgrading before the fix in 1.7.2 is released.
2020-03-05 13:04:04 -07:00
John Cowen 1f1c347f34
docs: Add that `response_headers` also affects the UI (#7376) 2020-03-05 12:06:35 +00:00
Alvin Huang 460b31771b
update envoy doc notes (#7389) 2020-03-04 14:59:30 -05:00
steven jacobs 7ee0ff8743
docs:add documentation for Linode cloud auto-join (#6719)
The go-discover library supports Linode. This adds support for
discovering other Consul agents running on Linode. Consul has supported
this since [66b8c20][1] was merged, so this commit just updates the
documentation to match current features.

[1]: 66b8c20990
2020-02-27 06:51:21 -05:00
Blake Covarrubias 65ae050fcc Update Consul version on website to 1.7.1 2020-02-23 14:04:20 -08:00
Luke Kysow c3f7e7d690
Merge pull request #7207 from hashicorp/namespace-k8s-docs
Docs for consul-k8s namespaces support
2020-02-21 14:05:38 -07:00
Luke Kysow 72f467902c
Docs for Consul namespaces in kube 2020-02-20 14:27:09 -07:00
Jono Sosulska 03f327ce90
Merge pull request #7304 from hashicorp/docs/anti-entropy
Added links to Anti-entropy guide + catalog
2020-02-20 11:16:13 -05:00
Hans Hasselberg 322367d476
tls: support tls 1.3 (#7325) 2020-02-19 23:22:31 +01:00
kaitlincarter-hc 34b812642e
docs: adding new guide for namespaces and service discovery (#6788) 2020-02-18 18:34:21 +01:00
kaitlincarter-hc 0d96039426
docs: setup secure namespaces (#6789)
* Adding new guide for namespaces and ACLs

* Update website/source/docs/guides/secure-namespaces.html.md

Co-Authored-By: Blake Covarrubias <bcovarrubias@hashicorp.com>

Co-authored-by: Hans Hasselberg <me@hans.io>
Co-authored-by: Blake Covarrubias <blake.covarrubias@gmail.com>
2020-02-18 18:33:35 +01:00
Mishin Nickolay 4ced7aa0e4
docs: add note bout change case in config files to specific version upgrade notes (#6870) (#6878) 2020-02-18 14:32:07 +01:00
Tom Downes 2b54237e33
docs: add documentation for enabling reverse DNS lookup with systemd-resolved (#6731)
* Remove trailing whitespace in DNS forwarding guide.
* Add example for enabling reverse lookup of IP addrseses to .consul domain on systemd-resolved platforms
2020-02-18 14:16:12 +01:00
Mr.gao 0a239e49db
docs: update libraries-and-sdks.html.md (#6745)
python-consul maintainer gone, this is my version you want to add to the recommended
2020-02-18 14:08:57 +01:00
Aleksey Stepanenko e84b7904bf
docs: update connection for the openstack provider (#6776)
The option `username` does not work. Need to use user_name with underscore

> Authentication failed: Exactly one of Username and UserID must be provided for password authentication

The option `user_name` works, however, it's need to use `region`, `domain_name` in additional.
2020-02-18 14:06:34 +01:00
jsosulska 738f23c0d1 Added links to Anti-entropy guide + catalog 2020-02-14 09:27:37 -05:00
Hans Hasselberg 0cdc75a6e3
website: put a note on the website re vault with 1.7.0 and 1.6.3 (#7295) 2020-02-13 20:42:36 +01:00
Christoph Puhl 9944096d66
Adjust formula for quorum size (#7286)
Current formula for quorum size does not match numbers in table below.
2020-02-13 15:57:38 +00:00
Hans Hasselberg 0d043f045b
config: increase http_max_conns_per_client default to 200 (#7289) 2020-02-13 16:27:33 +01:00
Hans Hasselberg d1a550c85a
docs: correct envoy versions (#7266) 2020-02-11 23:18:09 +01:00
David Yu 424ed35fd2
Merge pull request #7263 from hashicorp/david-yu-patch-2
1.7.0 Namespaces Learn Guides
2020-02-11 11:56:59 -08:00
Judith Malnick 204ab2fb9a
docs: add f5 guide text (#6493) 2020-02-11 20:39:44 +01:00
Judith Malnick 564de1e536
docs: add splitting guide (#6597)
* add splitting guide, originially adapted from nic's blog and drafted on learn
2020-02-11 20:39:08 +01:00
David Yu 4653c82bf6
1.7.0 Namespaces Learn Guides
Attaching learn guides associated with Namespaces release
2020-02-11 11:31:47 -08:00
Matt Keeler e82b3d8747
Merge branch 'master' of github.com:hashicorp/consul 2020-02-11 11:54:58 -05:00
hashicorp-ci 62ddc1a69d
Release v1.7.0 2020-02-11 15:19:16 +00:00
Nuno Adrego f8c5e2a898
docs: changed the return value from null to empty JSON list, when a session does not exist (#7232) 2020-02-11 11:03:28 +01:00
Nicole Forrester ea2109a60d
website: bump middleman version (#7254) 2020-02-11 10:59:14 +01:00
Blake Covarrubias 1c88dc15ef
docs: document format for TTL values in Consul config (#6693) 2020-02-11 10:47:21 +01:00
kaitlincarter-hc 698aa3e69f
docs: adding note to ACL rules page for intentions. (#6569) 2020-02-11 10:28:48 +01:00
Blake Covarrubias c4fbc030ba Fix broken link to consul-aws guide on Learn 2020-02-10 12:25:54 -08:00
Hans Hasselberg 4ae725cab2
add envoy version 1.12.2 and 1.13.0 to the matrix (#7240)
* add 1.12.2

* add envoy 1.13.0

* Introduce -envoy-version to get 1.10.0 passing.

* update old version and fix consul-exec case

* add envoy_version and fix check

* Update Envoy CLI tests to account for the 1.13 compatibility changes.

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
2020-02-10 14:53:04 -05:00
Matt Keeler cb2664361f
Remove the 1.7.0 beta banner on downloads page (#7253) 2020-02-10 14:20:51 -05:00
Kit Patella d28bc1acbe
rpc: measure blocking queries (#7224)
* agent: measure blocking queries

* agent.rpc: update docs to mention we only record blocking queries

* agent.rpc: make go fmt happy

* agent.rpc: fix non-atomic read and decrement with bitwise xor of uint64 0

* agent.rpc: clarify review question

* agent.rpc: today I learned that one must declare all variables before interacting with goto labels

* Update agent/consul/server.go

agent.rpc: more precise comment on `Server.queriesBlocking`

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/agent/telemetry.html.md

agent.rpc: improve queries_blocking description

Co-Authored-By: Paul Banks <banks@banksco.de>

* agent.rpc: fix some bugs found in review

* add a note about the updated counter behavior to telemetry.md

* docs: add upgrade-specific note on consul.rpc.quer{y,ies_blocking} behavior

Co-authored-by: Paul Banks <banks@banksco.de>
2020-02-10 10:01:15 -08:00
Akshay Ganeshen fd32016ce9
feat: support sending body in HTTP checks (#6602) 2020-02-10 09:27:12 -07:00
danielehc 6b8ca85f6c
Adding upgrade-legacy doc (#7212)
Addresses #7071
2020-02-10 15:43:51 +01:00
Kyle Havlovitz a271152881 Update config entry docs for namespaces 2020-02-07 12:01:04 -08:00
Blake Covarrubias 1c072277ac docs: Indent secretName and secretKey under aclSyncToken
These are sub-parameters under aclSyncToken. Fix indentation so that
they are properly displayed under that top-level key.
2020-02-06 10:40:33 -08:00
Fredrik Hoem Grelland 0a9aadbb48
docs: namespaces has erroneous HCL example (#7228) 2020-02-06 06:33:07 -06:00
Freddy 67e02a0752
Add managed service provider token (#7218)
Stubs for enterprise-only ACL token to be used by managed service providers.
2020-02-04 13:58:56 -07:00
Luke Kysow 6aed66e3af
Helm ref docs for consul-k8s namespaces support 2020-02-03 17:17:48 -07:00
Paschalis Tsilias 1b81cccbf9
Expose Envoy's /stats for statsd agents (#7173)
* Expose Envoy /stats for statsd agents; Add testcases

* Remove merge conflict leftover

* Add support for prefix instead of path; Fix docstring to mirror these changes

* Add new config field to docs; Add testcases to check that /stats/prometheus is exposed as well

* Parametrize matchType (prefix or path) and value

* Update website/source/docs/connect/proxies/envoy.md

Co-Authored-By: Paul Banks <banks@banksco.de>

Co-authored-by: Paul Banks <banks@banksco.de>
2020-02-03 17:19:34 +00:00
Anudeep Reddy 2ce45ae171
[docs] Enabling connect requires server restarts (#6904) 2020-02-03 09:58:12 -06:00
Mohammad Gufran 473ecf57dc
docs: add Flightpath to the list of community tools (#7176) 2020-02-03 13:16:21 +01:00
Stuart Williams d12429ef2b
docs: rate limiting applies to Consul agents in server mode (#6932) 2020-02-03 13:10:47 +01:00
Chris Arcand 705723015d
docs: update available Sentinel imports (#6920) 2020-02-03 11:44:25 +01:00
Michael Hofer ee3b157eda
docs: add missing Autopilot -min-quorum documentation (#7192) 2020-02-03 10:59:53 +01:00
Blake Covarrubias fc496e780e Fix org name in Helm chart's imageEnvoy description
Update the description for the Helm chart's connectInject.imageEnvoy
parameter to reflect the correct organization name for images published by
EnvoyProxy.io.
2020-02-03 01:46:58 -08:00
Alexandru Matei e6e6759b94
docs: add detailed documentation about Health Checking specific service using the gRPC method (#6574) 2020-02-03 10:19:06 +01:00
Anthony Scalisi 3616c94935
docs: fix typos, IDs are UUIDs, /acl/token endpoints manage ACL tokens (#5736) 2020-02-03 09:41:54 +01:00
Hans Hasselberg 50281032e0
Security fixes (#7182)
* Mitigate HTTP/RPC Services Allow Unbounded Resource Usage

Fixes #7159.

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Paul Banks <banks@banksco.de>
2020-01-31 11:19:37 -05:00
Sarah Christoff 67344befc8
[docs] Clarify retry-join (#7078) 2020-01-30 12:52:58 -06:00
Matt Keeler 26bb1584c1
Updates to the Txn API for namespaces (#7172)
* Updates to the Txn API for namespaces

* Update agent/consul/txn_endpoint.go

Co-Authored-By: R.B. Boyer <rb@hashicorp.com>

Co-authored-by: R.B. Boyer <public@richardboyer.net>
2020-01-30 13:12:26 -05:00
Iryna Shustava b8cac0d6e4
docs: clarify that clients and servers need to talk over LAN if outside k8s (#7156) 2020-01-29 19:09:38 -08:00
Iryna Shustava 44b921a780
docs: Clarify the use of kustomize or ship with the Helm chart (#7154) 2020-01-28 22:18:12 -08:00
Chris Piraino 3dd0b59793
Allow users to configure either unstructured or JSON logging (#7130)
* hclog Allow users to choose between unstructured and JSON logging
2020-01-28 17:50:41 -06:00
Iryna Shustava daff8f82dc docs: update ACL perms for the /connect/ca/roots endpoint (#7155) 2020-01-28 20:01:25 +01:00
Blake Covarrubias 091e1ea330 docs: Fix success/passing health check definition
This commit changes the health check example shown for the
success/failures_before_passing option to correctly show that the value
of `checks` is an array of objects, not an object.

Added text clarifying these check parameters are available in Consul
1.7.0 and later.

Expanded the health check to provide a more complete configuration
example.

Resolves #7114.
2020-01-27 12:15:25 -08:00
Matt Keeler 90b9f87160
Add the v1/catalog/node-services/:node endpoint (#7115)
The backing RPC already existed but the endpoint will be useful for other service syncing processes such as consul-k8s as this endpoint can return all services registered with a node regardless of namespacing.
2020-01-24 09:27:25 -05:00
Blake Covarrubias 9d1bb9e8aa Redirect /docs/guides/outage.html to Learn
Resolves: #6953
2020-01-24 00:26:07 -08:00
Alexey Miasoedov b7b4bef33a fix Unix socket path in docs 2020-01-22 09:11:24 -08:00
David Yu 8b473c956f
Merge pull request #7104 from hashicorp/david-yu-patch-4
Small change to TLS connection wording
2020-01-22 08:51:34 -08:00
Kit Ewbank 013dfe109f docs: add Helm chart 'dns.clusterIP' value. (#5845) 2020-01-22 17:32:08 +01:00
Hans Hasselberg e00effa325
agent: setup grpc server with auto_encrypt certs and add -https-port (#7086)
* setup grpc server with TLS config used across consul.
* add -https-port flag
2020-01-22 11:32:17 +01:00
Iryna Shustava 2163f79170
Add docs about rolling out TLS on k8s (#7096)
* Add docs about gradually rolling out TLS on k8s

Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2020-01-21 19:29:55 -08:00
David Yu 54c46ec678
Small change to wording
Removing automatic connection wording for applications for the time being. From @blake 
> They can automatically establish TLS connections without being aware that TLS is happening. They are aware that they’re routed through the Connect proxy, the app has to configure itself to use the local upstream port.
2020-01-21 16:27:43 -08:00
Luke Kysow e2ea3c5965
Merge pull request #6970 from hashicorp/k8s-docs-refactor
Kubernetes docs reorganization
2020-01-18 19:08:26 -06:00
Luke Kysow 520d37fcd5
Reorg kube docs 2020-01-18 19:07:53 -06:00
Hans Hasselberg 315ba7d6ad
connect: check if intermediate cert needs to be renewed. (#6835)
Currently when using the built-in CA provider for Connect, root certificates are valid for 10 years, however secondary DCs get intermediates that are valid for only 1 year. There is no mechanism currently short of rotating the root in the primary that will cause the secondary DCs to renew their intermediates.
This PR adds a check that renews the cert if it is half way through its validity period.

In order to be able to test these changes, a new configuration option was added: IntermediateCertTTL which is set extremely low in the tests.
2020-01-17 23:27:13 +01:00
Hans Hasselberg b6c83e06d5
auto_encrypt: set dns and ip san for k8s and provide configuration (#6944)
* Add CreateCSRWithSAN
* Use CreateCSRWithSAN in auto_encrypt and cache
* Copy DNSNames and IPAddresses to cert
* Verify auto_encrypt.sign returns cert with SAN
* provide configuration options for auto_encrypt dnssan and ipsan
* rename CreateCSRWithSAN to CreateCSR
2020-01-17 23:25:26 +01:00
Matej Urbas d877e091d6 agent: configurable MaxQueryTime and DefaultQueryTime. (#3777) 2020-01-17 14:20:57 +01:00
John Cowen 248ee65f72
docs: Add note about using valid DNS labels for service names (#7035)
Add note about using valid DNS labels for service names
2020-01-15 15:36:17 +00:00
Kit Patella 79fef74772
Small improvements to Connect docs (#6910)
* docs/connect add link to intentions and minor phrasing change

* docs/connect pluralize 'applications'

* Update website/source/docs/connect/connect-internals.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>
2020-01-14 14:59:27 -08:00
Freddy f3ba6a9166
Update force-leave ACL requirement to operator:write (#7033) 2020-01-14 15:40:34 -07:00
Matt Keeler c8294b8595
AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
Matt Keeler baa89c7c65
Intentions ACL enforcement updates (#7028)
* Renamed structs.IntentionWildcard to structs.WildcardSpecifier

* Refactor ACL Config

Get rid of remnants of enterprise only renaming.

Add a WildcardName field for specifying what string should be used to indicate a wildcard.

* Add wildcard support in the ACL package

For read operations they can call anyAllowed to determine if any read access to the given resource would be granted.

For write operations they can call allAllowed to ensure that write access is granted to everything.

* Make v1/agent/connect/authorize namespace aware

* Update intention ACL enforcement

This also changes how intention:read is granted. Before the Intention.List RPC would allow viewing an intention if the token had intention:read on the destination. However Intention.Match allowed viewing if access was allowed for either the source or dest side. Now Intention.List and Intention.Get fall in line with Intention.Matches previous behavior.

Due to this being done a few different places ACL enforcement for a singular intention is now done with the CanRead and CanWrite methods on the intention itself.

* Refactor Intention.Apply to make things easier to follow.
2020-01-13 15:51:40 -05:00
danielehc 71eca6330c
added disclaimer about network segments due to Serf limitations (#7004)
* added disclaimer about network segments due to Serf limitations

using work made at https://github.com/hashicorp/consul/pull/6558 by @thepomeranian

* Lowercasing functionality name

* Update website/source/docs/enterprise/network-segments/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Co-authored-by: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2020-01-09 10:41:31 +01:00
danielehc aca0720a0e
Update docs to point to new learn guide (#7003)
* Changed the link to point to new guide
* Removed querystring from link
2020-01-09 10:26:47 +01:00
DevOps Rob 7a4b055f50 Azure MSI for cloud auto-join (#7000)
* Azure MSI documentation

Adding in note about support for Azure MSI authentication method for Cloud auto-join

* fixing text formatting

fixing text formatting

* missing word

missing word - variable

* Update website/source/docs/agent/cloud-auto-join.html.md

Language change to be specific about where the security risk mitigation is concerned

Co-Authored-By: Jack Pearkes <jackpearkes@gmail.com>

Co-authored-by: Jack Pearkes <jackpearkes@gmail.com>
2020-01-08 20:43:45 -05:00
kaitlincarter-hc dcd8153244
updating the ent docs to mention GCP (#7001) 2020-01-07 13:19:34 -08:00
tehmoon 7fead04f2e docs: Fix extraVolumes mount paths in helm.html.md (#7008) 2020-01-07 12:13:09 -08:00
Rémi Lapeyre 6b4050fdbf docs: fix typo in ACL legacy documentation (#7006) 2020-01-07 14:33:56 +01:00
kaitlincarter-hc 21f1e7a1b4
[docs] Managing ACL Policies (#6573)
* New Acl policy guide

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

Co-authored-by: Paul Banks <banks@banksco.de>
2020-01-06 15:44:17 -08:00
kaitlincarter-hc ddaf9e0d44
[docs] New Replication Guide (#5823)
* new replication guide

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing list

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing another list

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing formating

* Updating based on feedback.

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* updating introduction based on feedback

* Update website/source/docs/guides/acl-replication.md

* updating intro based on feedback

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* updating based on feedback

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Additional note about servers

Co-authored-by: R.B. Boyer <public@richardboyer.net>
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 15:35:59 -08:00
kaitlincarter-hc c3f6d8e4cd
New Connect guide for new users (#6749) 2020-01-06 15:17:24 -08:00
Blake Covarrubias 532d6d0d18 Move bootstrapACLs under global key in Helm docs
The global.bootstrapACLs key in the Helm chart docs was inadvertently
moved to a top-level key in commit 12e6ef8, which is incorrect.

This commit reverts that error.
2019-12-21 18:47:42 -08:00
Matt Keeler 9ea83a749b
Revert "Remove docs refs to NS inference from ACL token" (#6976)
This reverts commit 3a8426de9c76e7d8dd2728e4ae78bc4e5e18626a.

# Conflicts:
#	command/flags/http.go
#	website/source/api/acl/binding-rules.html.md
#	website/source/api/acl/policies.html.md
#	website/source/api/acl/roles.html.md
#	website/source/api/acl/tokens.html.md
#	website/source/api/kv.html.md
#	website/source/api/session.html.md
#	website/source/docs/commands/_http_api_namespace_options.html.md
2019-12-20 11:52:50 -05:00
Blake Covarrubias befb914cf6 Add 'kind = connect-proxy' to mesh_gateway.html 2019-12-18 15:35:42 -08:00
Hans Hasselberg 1bf94b01e2
log: handle discard all logfiles properly (#6945)
* Handle discard all logfiles properly

Fixes https://github.com/hashicorp/consul/issues/6892.

The [docs](https://www.consul.io/docs/agent/options.html#_log_rotate_max_files) are stating:

> -log-rotate-max-files - to specify the maximum number of older log
> file archives to keep. Defaults to 0 (no files are ever deleted). Set to
> -1 to disable rotation and discard all log files.

But the `-1` case was not implemented and led to a panic when being
used.

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-12-18 22:31:22 +01:00
Kyle MacDonald f0befc3b7a
website: embed yt videos on intro pages (#6871)
- website: embed yt videos on intro pages
- for /docs/connect
- for /intro
- css to handle iframe responding at smaller viewports
- Update consul connect video with introductory description. Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
- Update consul connect intro with introductory description. Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-12-18 13:54:39 -05:00
Matt Keeler 5c56aab3be
Change how namespaces are specified for the CLI (#6960) 2019-12-18 11:06:39 -05:00
Blake Covarrubias 1818d55fbb Clarify -retry-join can be provided multiple times
Update -retry-join documentation to explicitly state the option can be
specified multiple times. Add corresponding config example showing
multiple join addresses.
2019-12-17 10:25:14 -08:00
Paul Banks ee100e5d48
Fix formatting and add version info (#6926) 2019-12-13 19:55:48 +00:00
Luke Kysow b7bf7d8ed9
Update Helm docs to match repo 2019-12-13 10:15:58 -08:00
ychuzevi f82e704fa3 docs: Fix documentation for kv store create endpoint (#6940) 2019-12-13 09:12:01 -08:00
Luke Kysow f5b9bc2a00
Document that env vars can't be used for config (#6912)
* Document that env vars can't be used for config

Environment variables are not read for config values when starting the
Consul agent. Document this.
2019-12-12 09:31:24 -08:00
Nate Dobbs aad3bf98b0 docs: Fixed typo for 'consul members' link (#6918)
Quick fix on a small typo I noticed while reading the docs on this command.
2019-12-10 20:42:38 -08:00
Alvin Huang 4e88ef70c0
correct website download version to 1.6.2 (#6927) 2019-12-10 17:29:58 -05:00
Mike Morris 0cf75f495e website: add 1.7.0 Beta announcement to Downloads page (#6911)
* website: add 1.7.0 Beta announcement to Downloads page

* Update downloads.html.erb
2019-12-10 17:09:38 -05:00
freddygv 992dfabd82 Fix typos and add expand wildcard ns docs 2019-12-10 14:04:24 -07:00
freddygv 775ea7af6e Remove docs refs to NS inference from ACL token 2019-12-10 13:50:28 -07:00
Matt Keeler 442924c35a
Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
Iryna Shustava 26cf9e2860
Merge pull request #6902 from hashicorp/k8s-auto-join-min-perms
Clarify the minimum permissions required for k8s auto-join
2019-12-06 13:35:15 -08:00
Iryna Shustava e51e5c0901
Clarify minimum perms required for k8s auto-join 2019-12-06 12:57:47 -08:00
Hans Hasselberg 368d5c643f
tls: auto_encrypt and verify_incoming (#6811) (#6899)
* relax requirements for auto_encrypt on server
* better error message when auto_encrypt and verify_incoming on
* docs: explain verify_incoming on Consul clients.
2019-12-06 21:36:13 +01:00
Luke Kysow 70dc714a48
Link directly to reset 2019-12-06 09:38:52 -08:00
Matt Keeler b9996e6bbe
Add Namespace support to the API module and the CLI commands (#6874)
Also update the Docs and fixup the HTTP API to return proper errors when someone attempts to use Namespaces with an OSS agent.

Add Namespace HTTP API docs

Make all API endpoints disallow unknown fields
2019-12-06 11:14:56 -05:00
Blake Covarrubias da34b90ad8 docs: Fix expose path HTTP listener ports
The listener ports specified in the headings for the HTTP and HTTP2
examples do not match the ports in the corresponding service
registration configurations.

This commit changes the port specified in the heading for the HTTP
listener to match the port used in the service registration example.

In addition, the listener_port specified for the HTTP2 listener is
modified to match the port number specified in the heading.
2019-12-05 09:00:52 -08:00
Li Kexian a013020355 add tencentcloud auto join docs (#6818) 2019-12-05 12:36:44 +00:00
Luke Kysow ce149917e4
Reorg helm chart docs
- Remove duplicate install instructions from the Helm Chart page and
kept them in Running Consul
- Renamed Helm Chart to Helm Chart Reference because that's mostly what
it contains (along with some examples)
- Renamed Running Consul to Installing Consul
- Changed instructions to be for installing using Helm 3 and added
  notes if using Helm 2
- Used release name "hashicorp" so subsequent instructions can be more
concise and pastable, e.g. "port forward to svc/hashicorp-consul-server" vs. "port
forward to svc/<your release name>-consul-server"
- Use config.yaml as the name for the override values file since it
differentiates from the default values.yaml file and its the name of the
file used in the helm docs
(https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing)
2019-12-03 17:49:05 -08:00
Chris Piraino 2a95701341
Allow configuration of upstream connection limits in Envoy (#6829)
* Adds 'limits' field to the upstream configuration of a connect proxy

This allows a user to configure the envoy connect proxy with
'max_connections', 'max_queued_requests', and 'max_concurrent_requests'. These
values are defined in the local proxy on a per-service instance basis
and should thus NOT be thought of as a global-level or even service-level value.
2019-12-03 14:13:33 -06:00
Tyler Ryan 3d46c1a3f5 Docs/consul k8s existing pvc (#6872)
Update docs for using pre-existing PVCs with helm
2019-12-03 11:14:25 -08:00
Luke Kysow ea2570a79b
Merge pull request #6855 from hashicorp/opaque-config-examples
Document how to json encode envoy config
2019-12-02 17:55:07 -08:00
Luke Kysow 841361a0f3
Merge pull request #6798 from hashicorp/namespace-selector-docs
Fix documentation for namespaceSelector
2019-12-02 17:54:04 -08:00
Blake Covarrubias 34914cb76c docs: Rename TTL to Timeout in Script/TCP checks
TTL and Interval options were made mutually exclusive in
https://github.com/hashicorp/consul/pull/3560.

Change to Timeout, which is a correct parameter for HTTP, Script, and
TCP checks.

Resolves #6343
2019-12-02 15:40:49 -08:00
Luke Kysow 8e901d7d4a
Fix documentation for namespaceSelector
Also remove the example for using namespace selector because it requires
labelling a namespace which is harder to explain.
2019-12-02 12:25:38 -08:00
Luke Kysow a0b1cd30a1
Document how to json encode envoy config
It wasn't clear how users should encode their config.
2019-11-29 09:43:42 -08:00
Luke Kysow 87d359bb8c
Fix helm docs bug
If the ServiceAccount isn't applied first, we get an error since the Pod
references a non-existing ServiceAccount
2019-11-29 09:17:56 -08:00
Luke Kysow d7a4347307
Merge pull request #6722 from hashicorp/jump-to-section
Add "jump to section" dropdown
2019-11-26 12:20:26 -08:00
Luke Kysow 21d18471a1
Add "jump to section" dropdown 2019-11-26 11:58:23 -08:00
Matt Keeler 90ae4a1f1e
OSS KV Modifications to Support Namespaces 2019-11-25 12:57:35 -05:00
Matt Keeler 68d79142c4
OSS Modifications necessary for sessions namespacing 2019-11-25 12:07:04 -05:00
rerorero e1c79c69c4 docs: Fix links to K8s L7 observability guide (#6834) 2019-11-22 18:51:33 -08:00
Blake Covarrubias 854a4bbd49 docs: Fix links to Sentinel docs for Consul
Current URL returns a 404 error. Correct links to point to the proper
URL.
2019-11-22 10:41:01 -08:00
kaitlincarter-hc f6785b88b9
removed kubecon banner (#6827) 2019-11-22 11:08:17 -06:00
Paul Banks a84b82b3df
connect: Add AWS PCA provider (#6795)
* Update AWS SDK to use PCA features.

* Add AWS PCA provider

* Add plumbing for config, config validation tests, add test for inheriting existing CA resources created by user

* Unparallel the tests so we don't exhaust PCA limits

* Merge updates

* More aggressive polling; rate limit pass through on sign; Timeout on Sign and CA create

* Add AWS PCA docs

* Fix Vault doc typo too

* Doc typo

* Apply suggestions from code review

Co-Authored-By: R.B. Boyer <rb@hashicorp.com>
Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Doc fixes; tests for erroring if State is modified via API

* More review cleanup

* Uncomment tests!

* Minor suggested clean ups
2019-11-21 17:40:29 +00:00
kaitlincarter-hc 66b3a01616
fixing link (#6817) 2019-11-19 17:36:18 -06:00
kaitlincarter-hc dacbd8137a
Replacing updgrade jtbd with k8s (#6813) 2019-11-19 15:20:55 -06:00
RJ Spiker 3035ba56e7 website - add -moz-osx-font-smoothing for smooth firefox osx fonts (#6755) 2019-11-19 14:43:18 -05:00
Chris Piraino d23dfff333 Improve session API documentation
- Remove incorrect statement that `LockDelay` must be greater than 0
- Add sentence to the top of the page pointing to the internal document
describing the sessions mechanism for more context
2019-11-18 16:20:34 -06:00
kaitlincarter-hc 44dd24d099
[WIP] Kubernetes Docs (#6770)
* adding cloud providers for k8s

* adding links

* added utm parameters

* Updating descriptions

* fix sidenav

* renaming page minikube
2019-11-18 12:00:01 -06:00
Jack Pearkes 766224a285 website: alert for kubecon (#6806)
* website: alert for kubecon

* Update website/source/index.html.erb
2019-11-18 10:41:17 -06:00
Chris Piraino d027daf221 docs: add sentence linking to available service-resolver filters
Resolves #6434
2019-11-18 09:38:36 -06:00
Blake Covarrubias 06cb3d8deb Add missing docs for checks Watch type (#5188)
Add configuration examples for specifying watch checks by health check
state or service, and corresponding CLI examples.

Resolves: #5188
2019-11-13 11:24:35 -08:00
Alvin Huang 95afa5c242
add arm download notes (#6785) 2019-11-13 14:21:50 -05:00
kaitlincarter-hc a7e37417ed
fixing buttons (#6772) 2019-11-12 09:23:45 -06:00
Paul Banks 1197b43c7b
Support Connect CAs that can't cross sign (#6726)
* Support Connect CAs that can't cross sign

* revert spurios mod changes from make tools

* Add log warning when forcing CA rotation

* Fixup SupportsCrossSigning to report errors and work with Plugin interface (fixes tests)

* Fix failing snake_case test

* Remove misleading comment

* Revert "Remove misleading comment"

This reverts commit bc4db9cabed8ad5d0e39b30e1fe79196d248349c.

* Remove misleading comment

* Regen proto files messed up by rebase
2019-11-11 21:36:22 +00:00
kaitlincarter-hc b8e71e6fd3
[Website] Add JTBD - WIP (#6673)
* updating the landing page with jtbd

* changed the buttons to pink

* updating CSS based on John's help

* updating a use case

* updating the language and rearranging the guides

* adding icons

* fixed image width

* fixing buttons and updating traffic splitting language.
2019-11-11 09:26:36 -06:00
John Cowen 2a8f876ec1 docs: Add link to config entries 2019-11-08 09:51:39 -08:00
rogerwelin cbfaedb952 Adds crystal-consul to libraries & sdk docs 2019-11-08 09:37:56 -08:00
Tramale Turner 2d2503262b Update proxies.html.md (#6754)
Missing preposition.
2019-11-08 09:26:44 -08:00
Mr.gao 340c968444 docs: Fix delete config entry description (#6593)
Fix the documentation to correctly state the HTTP DELETE method will
remove the specified config entry.
2019-11-06 11:30:44 -08:00
RJ Spiker 8c11e3a4fc website - font and brand updates (#6716)
* website - font and brand updates

* sidebar font-size adjustments and scss cleanup

* adjust nav and inline code styles
2019-11-06 13:53:36 -05:00
Blake Covarrubias bc42074f57
docs: Miscellaneous docs cleanup (#6742)
Fix spelling errors, API doc inconsistencies, and formatting issues.

* Fix several spelling errors.
* Prepend / to v1/event/list path in Watches.
* Rename script handlers to match Watch type.
* Remove /v1 path prefix on service health API endpoints.

Makes request path consistent with the rest of the HTTP API
documentation which does not include the /v1 prefix.

* Fix bracket formatting issue on Telemetry page.

The HTML codes used for brackets inside of the code block are not
interpolated, and are shown as literal strings.

Replace the numeric HTML codes with the intended character value to
fix display formatting.

Also placed variable reference on agent/options.html inside code block
for consistency with the presentation of other options on the page.

* Add missing word to Coordinate.Node docstring.

Resolves #6014
2019-11-05 20:34:46 -08:00
Thibault Gilles 3d816585f4 Fix docs for replace-existing-checks parameter 2019-11-04 12:34:11 -08:00
Robert Hencke b759bc7c00 [docs] Fix sentence order for GCE Cloud Auto-Join 2019-11-04 12:27:58 -08:00
Rémi Lapeyre db9a83ca08 Fix typo in config HTTP API documentation 2019-11-04 12:26:36 -08:00
Yahya ea3b6986a5 [Docs] Fix typo (#6523) 2019-11-04 15:17:28 -05:00
Charlie Voiselle 3c7587c9ab
Merge pull request #6710 from hashicorp/docs/connect-nomad
[docs] Updating Nomad Consul Connect info
2019-11-04 14:18:03 -05:00
R.B. Boyer 7994712731
docs: fix hcl use on production acls guide (#6739)
Also clean up some general whitespace formatting.
2019-11-04 11:11:59 -06:00
Paul Banks 5f405c3277
Fix support for RSA CA keys in Connect. (#6638)
* Allow RSA CA certs for consul and vault providers to correctly sign EC leaf certs.

* Ensure key type ad bits are populated from CA cert and clean up tests

* Add integration test and fix error when initializing secondary CA with RSA key.

* Add more tests, fix review feedback

* Update docs with key type config and output

* Apply suggestions from code review

Co-Authored-By: R.B. Boyer <rb@hashicorp.com>
2019-11-01 13:20:26 +00:00
R.B. Boyer e0e3ec1f32
docs: mention that all logging flags also work in the config file (#6705) 2019-10-31 16:15:48 -05:00
Luke Kysow db2ca07f98
Merge pull request #6583 from hashicorp/connect-annotations
Document new annotations for Connect injections
2019-10-31 12:58:43 -07:00
Alexandra Freeman 48ba388ec9 Update mediums on main community page (#6699)
Updating all .io Community sites to direct practitioners to the Forum as the first medium for communicating with other users and HashiCorp employees. Deleted Gitter link and Google Group link, as these will be phased out over the next few months. Updated what appeared to be a typo on the page description. Chatted with Nic Jackson before submitting PR.
2019-10-31 14:52:23 -04:00
kaitlincarter-hc 18484ae775 removed the term easy and updated the formatting 2019-10-29 15:59:21 -05:00
Charlie Voiselle 820b2bc8f1 Updating Nomad Consul Connect info 2019-10-29 16:53:25 -04:00
Sarah Christoff 86b30bbfbe
Set MinQuorum variable in Autopilot (#6654)
* Add MinQuorum to Autopilot
2019-10-29 09:04:41 -05:00
Sarah Christoff 969d51781a
Update -protocol doc (#6681)
* Update -protocol to have more clear version wording

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>
2019-10-29 08:41:28 -05:00
Luke Kysow 7a08629b32
Merge pull request #6683 from hashicorp/service-account-connect-inject-docs
Document service account name requirements
2019-10-28 10:26:52 -07:00
Luke Kysow 1b1b41b62e
Document service account name requirements
If ACLs are enabled, service account name must match the name of the
service in Consul.

Fixes https://github.com/hashicorp/consul-helm/issues/202
2019-10-24 16:51:51 -07:00
kaitlincarter-hc fd8e6d1a65
missed UTM parameter (#6679) 2019-10-24 12:29:54 -05:00
kaitlincarter-hc 4fbe4f40ca
fixing ACL reset links (#6678) 2019-10-24 12:22:08 -05:00
Alvin Huang 8dad4143f3
modify netlify-cli installation (#6674)
* modify netlify CLI installation

* bump middleman-hashicorp to 0.3.40 to include ssh
2019-10-23 13:54:19 -04:00
kaitlincarter-hc 136a7a2fa8
Top Navigation change (#6630)
* Changed Guides to Learn in the top nav and added utm parameters to the guide index page

* Update website/source/docs/guides/index.html.md

* Update website/source/docs/guides/index.html.md

* Update website/source/layouts/layout.erb
2019-10-21 14:19:27 -05:00
kaitlincarter-hc b5b7925264
updating broken link (#6633) 2019-10-16 16:18:39 -05:00
PHBourquin 16ca8340c1 Checks to passing/critical only after reaching a consecutive success/failure threshold (#5739)
A check may be set to become passing/critical only if a specified number of successive
checks return passing/critical in a row. Status will stay identical as before until
the threshold is reached.
This feature is available for HTTP, TCP, gRPC, Docker & Monitor checks.
2019-10-14 21:49:49 +01:00
kaitlincarter-hc 1a373271e3
[docs] Adding Links to Learn (#6611)
* adding links to Learn

* fixing a couple typos

* adding utm paramaters

* Update website/source/docs/connect/registration/sidecar-service.md

* Update website/source/docs/connect/registration/sidecar-service.md

* Update website/source/docs/acl/acl-system.html.md

* Update website/source/docs/acl/acl-system.html.md

* Update website/source/docs/agent/encryption.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/connect/proxies/built-in.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/connect/registration/sidecar-service.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/install/index.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/docs/agent/kv.html.md

* Update website/source/docs/connect/security.html.md

* Update website/source/docs/connect/security.html.md

* Update website/source/docs/internals/architecture.html.md
2019-10-14 10:40:35 -05:00
Blake Covarrubias 84e9a35a06 Add Consul's L7 features to Istio comparison
Add text listing Consul's L7 features (via Envoy). Re-organize text to
flow similarly to Istio section.

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>
2019-10-10 11:33:34 -07:00
Luke Kysow 9093b99dfd
Document new annotations for Connect injections 2019-10-04 15:31:24 -07:00
Sarah Christoff 9b93dd93c9
Prune Unhealthy Agents (#6571)
* Add -prune flag to ForceLeave
2019-10-04 16:10:02 -05:00
Freddy 349fa7f97d
Update Force Leave docs (#6550)
Fixes #2742

Previously the docs didn't clarify that if a server restarts as a client then force-leave won't lead to removing the node from the raft config. This is because the node, which is alive after a restart, will refute messages about it having left . These messages about members leaving are in turn what trigger Consul's leader to remove a server from raft.
2019-09-27 17:49:28 -06:00
Mike Morris 3434c8289d
docs: add managed proxy removal note to specific version upgrade notes (#6557) 2019-09-27 10:52:47 -04:00
Judith Malnick 746f786a9f
Specify that mesh gateways require Envoy (#6506)
* Specify that mesh gateways must operate on L7

* Add feedback from Matt

* clarify gateway requirements
2019-09-26 20:06:58 -07:00
Freddy 5eace88ce2
Expose HTTP-based paths through Connect proxy (#6446)
Fixes: #5396

This PR adds a proxy configuration stanza called expose. These flags register
listeners in Connect sidecar proxies to allow requests to specific HTTP paths from outside of the node. This allows services to protect themselves by only
listening on the loopback interface, while still accepting traffic from non
Connect-enabled services.

Under expose there is a boolean checks flag that would automatically expose all
registered HTTP and gRPC check paths.

This stanza also accepts a paths list to expose individual paths. The primary
use case for this functionality would be to expose paths for third parties like
Prometheus or the kubelet.

Listeners for requests to exposed paths are be configured dynamically at run
time. Any time a proxy, or check can be registered, a listener can also be
created.

In this initial implementation requests to these paths are not
authenticated/encrypted.
2019-09-25 20:55:52 -06:00
Alvin Huang e8605da914
remove alert bar on homepage (#6544) 2019-09-25 17:28:14 -04:00
R.B. Boyer cc889443a5
connect: don't colon-hex-encode the AuthorityKeyId and SubjectKeyId fields in connect certs (#6492)
The fields in the certs are meant to hold the original binary
representation of this data, not some ascii-encoded version.

The only time we should be colon-hex-encoding fields is for display
purposes or marshaling through non-TLS mediums (like RPC).
2019-09-23 12:52:35 -05:00
Jack Pearkes 7736be1b5c
website: update alert bar on homepage (#6518)
Per @changli0617
2019-09-20 15:32:25 -07:00
Luke Kysow 9ee27c49ff
Merge pull request #6511 from hashicorp/code-highlighting
Give code blocks coloured background
2019-09-20 10:35:53 -07:00
Luke Kysow 65258a0fb3
Merge pull request #6460 from hashicorp/helm-wait
Update consul-helm enterprise docs for ACLs
2019-09-19 15:32:27 -07:00
Bartek Jaroszewski 3be27beba3 website, add git2consul-go to the tools list (#6286)
Signed-off-by: bjaroszewski <bjaroszewski@griddynamics.com>
2019-09-19 17:20:50 -05:00
Luke Kysow c5fca5d4b5
Update consul-helm enterprise docs for ACLs
If ACLs are added then slightly different commands are needed.
2019-09-19 15:09:38 -07:00
Luke Kysow bd789f1011
Update Consul DNS on kube docs
- fix instructions for CoreDNS (it updated)
- fix instructions for new component names
- recommend installing with the name 'consul'
- add disclaimer that catalog sync is not always required
- clean up example values.yaml files
2019-09-19 15:09:38 -07:00
Luke Kysow 7ac70493c6
Give code blocks coloured background
This will make them stand out more and matches the style of terraform.io
2019-09-19 14:53:28 -07:00
Iryna Shustava ca98bd0eb8
Merge pull request #6500 from hashicorp/typo-fix
Fix typo in "Service Ports" section
2019-09-18 13:11:52 -07:00
kaitlincarter-hc 483870b01a
[docs]Updated Containers Guide (#6215)
* Adding the updated containers guide that will be deployed on Learn only.

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md

* Update website/source/docs/guides/containers-guide.md
2019-09-17 13:35:46 -07:00
Iryna Shustava b3f1b5afd5
Fix typo in "Service Ports" section 2019-09-17 12:05:04 -07:00
Blake Covarrubias d6f2371fcd docs: Fix typo in acl/acl-rules 2019-09-13 19:50:35 -07:00
Blake Covarrubias 2888e444c2 docs: Add .tgz to snapshot restore example (#6476) 2019-09-13 19:48:49 -07:00
Hans Hasselberg 62de041a36
docs (Consul Enterprise): Google Cloud Storage snapshot documentation (#6480) 2019-09-13 17:54:15 +02:00
hashicorp-ci a42944542b
Release v1.6.1 2019-09-12 19:39:59 +00:00
Jud White 25aab18339 docs: fix typo in install/performance (#6428) 2019-09-09 21:23:25 +01:00
dcallao 876a7cbef9 fixed broken links on consul program page (#6463) 2019-09-06 17:18:59 -04:00
dcallao 58f19c5918 docs: added Consul Integration Program Docs Page (#6459)
* adding the Consul Integration Program page in docs section
2019-09-06 14:52:18 -04:00
John Cowen 5134140b5b
docs: Fix discovery chain internals link (#6449) 2019-09-05 13:56:50 +01:00
Aestek 19c4459d19 Add option to register services and their checks idempotently (#4905) 2019-09-02 09:38:29 -06:00
Matt Keeler f8d49dc4da
TxnCheckOp has a `Check` field not a `Service` field (#6418) 2019-08-28 15:57:41 -04:00
Nick Fagerlund e4e3fd4299 website: Update middleman-hashicorp container and Gemfile.lock (#6374)
* website: Update middleman-hashicorp container and Gemfile.lock

Time marches on, and so do security vulnerabilities in Nokogiri. So it's time
for a new container.

As with last time, here's a reminder for the next person who needs to update
this:

- You shouldn't just update the dependency in Gemfile.lock, because your build
  times will go to heck as you compile Nokogiri from source on every run. So you
  need an updated container with all the dependencies.
- To update the container, you need to push a new tag to the middleman-hashicorp
  repo. Teamcity does the rest, and will ship a new container to Docker Hub
  (unless its credentials are out of date, in which case go ask team-eng-serv.)
- Once that's pushed:
    - Update Makefile
    - Update the Gemfile
    - Delete Gemfile.lock
    - `make website` until it comes up, then ctrl-C
    - Commit the changes

* website: Specify a different json version in Gemfile.lock

The Consul website uses different containers for preview and deploy, and this
oddball JSON version was causing issues. This commit sacrifices a little bit
of preview startup speed for (hopefully) working deploys.
2019-08-27 11:05:18 -04:00
Mike Morris c108fd01a0
bump eventmachine to 1.2.7 in Gemfile.lock (#6389) 2019-08-27 02:00:43 -04:00
Freddy 51fbcc5fcd
Rephrase bind docs (#6394) 2019-08-26 11:31:55 -06:00
hashicorp-ci 59bda8d3d5
Release v1.6.0 2019-08-23 22:10:51 +00:00
R.B. Boyer 2d4a3b51d0
Merge pull request #6388 from hashicorp/release/1-6
merging release/1-6 into master
2019-08-23 13:44:46 -05:00
Anudeep Reddy 02197b2cd2 Update observability.html.md (#6379) 2019-08-23 17:07:48 +02:00
danielehc 992b1a8d88
Update agent.html.markdown.erb (#6380)
Adding a note on how to make Consul trust S3-compatible storage that expose a self-signed certificate.
2019-08-23 16:09:41 +02:00
Jack Pearkes 88b7db3b79 website: fix typo on mesh page (#6368)
Fixes #6345.
2019-08-21 16:35:11 -05:00
R.B. Boyer 17bf364668
docs: remove beta references; leave version notation (#6372) 2019-08-21 16:23:08 -05:00
R.B. Boyer e7b8032b48
docs: document how envoy escape hatches work with the discovery chain (#6350)
- Bootstrap escape hatches are OK.
- Public listener/cluster escape hatches are OK.
- Upstream listener/cluster escape hatches are not supported.

If an unsupported escape hatch is configured and the discovery chain is
activated log a warning and act like it was not configured.

Fixes #6160
2019-08-21 15:10:12 -05:00
Alvin Huang 387557dc34 Merge Consul OSS branch 'master' at commit ce9cfc773d529ae4b8259d195323c0c350c1f9f1 2019-08-21 16:07:04 -04:00
R.B. Boyer 5f9acb6894 docs: fixing L7 config entries documentation (#6358)
- add service-router example involving gRPC
- fix indentation on service-router page by splitting it up
- remove reference to removed setting
2019-08-21 12:29:53 -05:00
R.B. Boyer e04395ae1a docs: add documentation for discovery chains
Fixes #6273
2019-08-21 12:29:53 -05:00
Ján Dzurek e79a3a9e19 docs: ports docs missing paren fix (#6367) 2019-08-21 10:23:03 +02:00
hashicorp-ci f3a46e5a48 Merge Consul OSS branch 'master' at commit a7ded1bd8efcbc3c67978f050b6f16ec5e8a832d 2019-08-21 02:00:53 +00:00
Matt Keeler 80b67c50da
Turned on Envoy 1.11.1 integration tests (#6347)
I also ran this against 1.5.2 so the docs update claiming compatibility should still be accurate.
2019-08-20 10:20:13 -04:00
John Cowen 54c345babf
docs: Fix typo layey > layer (#6352) 2019-08-20 10:16:30 +02:00
Tyler Ryan ac1282eb6c
Merge pull request #6341 from tryan225/docs/autopilot-updates
Clarifying autopilot bootstrap and config options
2019-08-19 13:36:50 -07:00
Jack Pearkes 957cda2884
website: update the vs. envoy and proxies page (#6326)
* website: update the vs. envoy and proxies page

This is the second result on Google for "consul envoy" and
it seemed like it needed a bit of an upgrade to help clarify the
current state.

* Update website/source/intro/vs/proxies.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/intro/vs/proxies.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/intro/vs/proxies.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Update website/source/intro/vs/proxies.html.md

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>

* Apply suggestions from code review

Co-Authored-By: Judith Malnick <judith.patudith@gmail.com>
2019-08-16 14:25:24 -07:00
tryan225 a57dbc0d2a Clarifying autopilot bootstrap and config options 2019-08-16 10:54:13 -07:00
hashicorp-ci fcf8b12e8e Merge Consul OSS branch 'master' at commit 23cf22960af00a02530f51327d9566c8b52e4de7 2019-08-16 02:00:30 +00:00
mattc41190 7757a0186b Fix 404 (#6300)
On page: https://www.consul.io/discovery.html

If you click the link for Health Checks -> Learn More the underlying resource is:

https://learn.hashicorp.com/consul/getting-started/checks

This page for me is a 404. I think you've bundled it together in the following page:

Register a Service and Health Check - Service Discovery

Located at: https://learn.hashicorp.com/consul/getting-started/services

Thanks for Consul, it's really awesome.
2019-08-15 14:04:30 -07:00
hashicorp-ci 29767157ed Merge Consul OSS branch 'master' at commit 8f7586b339dbb518eff3a2eec27d7b8eae7a3fbb 2019-08-13 02:00:43 +00:00
Sarah Adams 2f7a90bc52
add flag to allow /operator/keyring requests to only hit local servers (#6279)
Add parameter local-only to operator keyring list requests to force queries to only hit local servers (no WAN traffic).

HTTP API: GET /operator/keyring?local-only=true
CLI: consul keyring -list --local-only

Sending the local-only flag with any non-GET/list request will result in an error.
2019-08-12 11:11:11 -07:00
hashicorp-ci eb53f9175c Merge Consul OSS branch 'master' at commit 8241787e922955e973c0e762ad3cb8db1804f6cd 2019-08-11 02:01:18 +00:00
Jake Lundberg a530fee06e docs: Update consul-helm example to pull latest tag 2019-08-09 16:33:43 -06:00
Mike Morris d163740bbf
website: restore accidental JSON deletion [skip ci] (#6303) 2019-08-09 15:32:54 -04:00
Mike Morris 88df658243
connect: remove managed proxies (#6220)
* connect: remove managed proxies implementation and all supporting config options and structs

* connect: remove deprecated ProxyDestination

* command: remove CONNECT_PROXY_TOKEN env var

* agent: remove entire proxyprocess proxy manager

* test: remove all managed proxy tests

* test: remove irrelevant managed proxy note from TestService_ServerTLSConfig

* test: update ContentHash to reflect managed proxy removal

* test: remove deprecated ProxyDestination test

* telemetry: remove managed proxy note

* http: remove /v1/agent/connect/proxy endpoint

* ci: remove deprecated test exclusion

* website: update managed proxies deprecation page to note removal

* website: remove managed proxy configuration API docs

* website: remove managed proxy note from built-in proxy config

* website: add note on removing proxy subdirectory of data_dir
2019-08-09 15:19:30 -04:00
Matt Keeler ef7cbc5850
mesh-gateway ACL tokens should also have `node:read` on everyth… (#6291) 2019-08-07 13:52:57 -04:00
Alvin Huang ae898a4a33 Merge remote-tracking branch 'origin/master' into release/1-6 2019-08-02 18:09:32 -04:00
Omer Zach 1e80fc9c0f Fix typo in architecture.html.md (#6261) 2019-08-01 12:21:37 -06:00
Venkata Krishna Annam 5011f305e0 docs: Fix minor mistakes in index.html.md (#6239) 2019-08-01 12:57:26 -05:00
freddygv 00157a2c1f Update default gossip encryption key size to 32 bytes 2019-07-30 09:45:41 -06:00
Alvin Huang 7972514b82 Merge remote-tracking branch 'origin/master' into release/1-6 2019-07-26 16:22:53 -04:00
Matt Keeler 9dd72121e1
Set --max-obj-name-len 256 when execing Envoy (#6202)
* Pass -max-obj-name-len 256 to envoy

* Update test expectations.

* Add a note about requireing the max-obj-name-len option to be set
2019-07-26 15:43:15 -04:00
Todd Radel c253a23630
Merge pull request #6210 from hashicorp/docs/fix-ambassador-link
Fix links to ambassador website
2019-07-26 14:29:03 -04:00
R.B. Boyer 1b95d2e5e3 Merge Consul OSS branch master at commit b3541c4f34d43ab92fe52256420759f17ea0ed73 2019-07-26 10:34:24 -05:00
hashicorp-ci 601703497f
Release v1.5.3 2019-07-25 23:41:17 +00:00
Mike Morris 2c78c476a0
docs: add TCP half-close broken pipe to common errors (#6203) 2019-07-25 16:01:33 -04:00
Matt Keeler c4a34602b6
Allow forwarding of some status RPCs (#6198)
* Allow forwarding of some status RPCs

* Update docs

* add comments about not using the regular forward
2019-07-25 14:26:22 -04:00
Todd Radel 7575bce5c9 Fix links to ambassador website 2019-07-24 13:23:49 -04:00
R.B. Boyer bd4a2d7be2
connect: allow L7 routers to match on http methods (#6164)
Fixes #6158
2019-07-23 20:56:39 -05:00
R.B. Boyer 67f3da61af
connect: change router syntax for matching query parameters to resemble the syntax for matching paths and headers for consistency. (#6163)
This is a breaking change, but only in the context of the beta series.
2019-07-23 20:55:26 -05:00
R.B. Boyer 2bfad66efa
connect: rework how the service resolver subset OnlyPassing flag works (#6173)
The main change is that we no longer filter service instances by health,
preferring instead to render all results down into EDS endpoints in
envoy and merely label the endpoints as HEALTHY or UNHEALTHY.

When OnlyPassing is set to true we will force consul checks in a
'warning' state to render as UNHEALTHY in envoy.

Fixes #6171
2019-07-23 20:20:24 -05:00
Alvin Huang 5b6fa58453 resolve circleci config conflicts 2019-07-23 20:18:36 -04:00
Matt Keeler c51b7aa676
Update go-bexpr (#6190)
* Update go-bexpr to v0.1.1

This brings in:

• `in`/`not in` operators to do substring matching
• `matches` / `not matches` operators to perform regex string matching.

* Add the capability to auto-generate the filtering selector ops tables for our docs
2019-07-23 14:45:20 -04:00
Paul Banks 42296292a4
Allow raft TrailingLogs to be configured. (#6186)
This fixes pathological cases where the write throughput and snapshot size are both so large that more than 10k log entries are written in the time it takes to restore the snapshot from disk. In this case followers that restart can never catch up with leader replication again and enter a loop of constantly downloading a full snapshot and restoring it only to find that snapshot is already out of date and the leader has truncated its logs so a new snapshot is sent etc.

In general if you need to adjust this, you are probably abusing Consul for purposes outside its design envelope and should reconsider your usage to reduce data size and/or write volume.
2019-07-23 15:19:57 +01:00
kaitlincarter-hc e89b6dd85d
[docs] New K8s-Consul deployment guide (#5859)
* New K8s-Consul deployment guide

* Update website/source/docs/guides/kubernetes-production-deploy.md

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* updating based on comments

* Update website/source/docs/guides/kubernetes-production-deploy.md

Co-Authored-By: Rebecca Zanzig <rebecca@hashicorp.com>

* Update website/source/docs/guides/kubernetes-production-deploy.md

* Update website/source/docs/guides/kubernetes-production-deploy.md
2019-07-22 19:16:06 -05:00
hashicorp-ci 8b109e5f9f Merge Consul OSS branch 'master' at commit ef257b084d2e2a474889518440515e360d0cd990 2019-07-20 02:00:29 +00:00
Freddy 358c1a6e7a
Fix typo chose/choose (#6170) 2019-07-19 16:29:42 -06:00
javicrespo d4f3eebf9d log rotation: limit count of rotated log files (#5831) 2019-07-19 15:36:34 -06:00
hashicorp-ci 466dc60909 Merge Consul OSS branch 'master' at commit 42dae36923ff08eb14658e78b22d56af78eb7b84 2019-07-19 02:00:21 +00:00
Luke Kysow 45e443f7a3
Merge pull request #6141 from hashicorp/hcl-multi-service-docs
Document multiple services config in hcl
2019-07-18 12:15:22 +01:00
kaitlincarter-hc f330619621 [docs] Encryption docs update (#6082)
* Bad link in encryption docs

* clarifying the guide link

* Update website/source/docs/agent/encryption.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/agent/encryption.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-07-17 20:36:36 -07:00
Judith Malnick c07324b206
Detail required settings in Gateway doc (#6126)
* Update mesh_gateway.html.md

* Apply suggestions from code review

Co-Authored-By: Luke Kysow <1034429+lkysow@users.noreply.github.com>

* Add WAN joining requirement

* re-word primary dc guidance

Co-Authored-By: Luke Kysow <1034429+lkysow@users.noreply.github.com>

* Update website/source/docs/connect/mesh_gateway.html.md
2019-07-17 11:02:58 -07:00
Luke Kysow d28c367280
Document multiple services config in hcl
Also change ttl => timeout since ttl doesn't work anymore.
2019-07-17 15:26:08 +01:00
Sarah Adams 20d9e5193b
http/tcp checks: fix long timeout behavior to default to user-configured value (#6094)
Fixes #5834
2019-07-16 15:13:26 -07:00
Jack Pearkes 58afaf47c0 website: link to beta changelog 2019-07-09 13:43:29 +02:00
Jack Pearkes e83cb53440 website: fix use-case dropdown size 2019-07-09 08:45:58 +02:00
Jack Pearkes 8922527bdf website: remove configuration use-case 2019-07-09 07:47:49 +02:00
Jack Pearkes ab0ff9765a website: better mesh call to actions 2019-07-09 05:55:58 +02:00
Jack Pearkes d6876e8ea3 website: better mesh links into new docs 2019-07-09 05:51:23 +02:00
R.B. Boyer 4f493a43d7
config entry doc snippet for mesh gateways (#6095) 2019-07-08 21:25:25 -05:00
R.B. Boyer 43d21f8e4f
Initial L7 Documentation (#6056) 2019-07-08 21:11:19 -05:00
Judith Malnick 437881b584
[docs] Guide - Connecting Services Across Datacenters (#6052)
* add connect gateway guide

* Remove stray space

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* Specify stanza and exact options

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>

* incorporate comments from freddy

* integrate feedback from matt

* make snippets all json

* incorporate more comments from matt

* added links

* incorporate comments from neena on google doc draft

* make learn lnks relative

* clarify that gateways are new

* change socat to netcat

* add more description about replication token permissions

* Apply suggestions from code review

Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com>

* add the prerequisite to enable centralized service config

* finish adding docs links
2019-07-09 02:07:51 +02:00
Matt Keeler d992c5d27d
Initial Mesh Gateway Docs (#6090) 2019-07-08 19:40:57 -04:00
Paul Banks 70e6ce6d96
Better gateway image 2019-07-08 16:30:51 +02:00
Jack Pearkes 40e58dfb2d website: changes for 1.6.0 beta (#6083)
* website: link to 1.6.0 beta in downloads page

* website: reorganize intention replication/ca federation

* website: remove announcement bar

* Update website/source/docs/connect/connect-internals.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* website: update homepage and service mesh page

Aligning messaging to current product.

* website: fix link TODOs

* Add Mesh Gateway to mesh page, update use case wording
2019-07-08 15:12:42 +01:00
hashicorp-ci 0aca1565f8 Merge Consul OSS branch 'master' at commit c2c154eaf4135c155617b8ca902780105ac1ac00 2019-07-08 02:00:37 +00:00
Judith Malnick 9fa884059f
[docs] Link to TLS guide in Encryption doc (#6071)
Fixes issue #6067
2019-07-07 16:55:03 +02:00
Michael Schurter 795afd7027 connect: allow overriding envoy listener bind_address (#6033)
* connect: allow overriding envoy listener bind_address

* Update agent/xds/config.go

Co-Authored-By: Kyle Havlovitz <kylehav@gmail.com>

* connect: allow overriding envoy listener bind_port

* envoy: support unix sockets for grpc in bootstrap

Add AgentSocket BootstrapTplArgs which if set overrides the AgentAddress
and AgentPort to generate a bootstrap which points Envoy to a unix
socket file instead of an ip:port.

* Add a test for passing the consul addr as a unix socket

* Fix config formatting for envoy bootstrap tests

* Fix listeners test cases for bind addr/port

* Update website/source/docs/connect/proxies/envoy.md
2019-07-05 16:06:47 +01:00
hashicorp-ci 8adbb8471e Merge Consul OSS branch 'master' at commit a58d8e91ac258c04174afca3818cbdae23aa8d3f 2019-07-03 02:00:31 +00:00
Freddy 63e6a7410f
Fix Envoy 1.10 support note (#6045) 2019-07-02 11:26:26 -06:00
Jack Pearkes ffa29d2cc3 website: fix link to raft paper (#6046) 2019-07-01 12:38:53 -06:00
hashicorp-ci e36792395e Merge Consul OSS branch 'master' at commit e91f73f59249f5756896b10890e9298e7c1fbacc 2019-06-30 02:00:31 +00:00
Alvin Huang 7400ce2594 fix glossary link (#6043) 2019-06-28 10:04:09 -06:00
Hans Hasselberg 4aad3e2fb2
Release v1.5.2 2019-06-27 22:59:46 +00:00
Hans Hasselberg 73c4e9f07c
tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
Akshay Ganeshen 93b8a4e8d8 dns: support alt domains for dns resolution (#5940)
this adds an option for an alt domain to be used with dns while migrating to a new consul domain.
2019-06-27 12:00:37 +02:00
hashicorp-ci 3224bea082 Merge Consul OSS branch 'master' at commit 4eb73973b6e53336fd505dc727ac84c1f7e78872 2019-06-27 02:00:41 +00:00
Sarah Christoff e946ed9427
ui: modify content path (#5950)
* Add ui-content-path flag

* tests complete, regex validator on string, index.html updated

* cleaning up debugging stuff

* ui: Enable ember environment configuration to be set via the go binary at runtime (#5934)

* ui: Only inject {{.ContentPath}} if we are makeing a prod build...

...otherwise we just use the current rootURL

This gets injected into a <base /> node which solves the assets path
problem but not the ember problem

* ui: Pull out the <base href=""> value and inject it into ember env

See previous commit:

The <base href=""> value is 'sometimes' injected from go at index
serve time. We pass this value down to ember by overwriting the ember
config that is injected via a <meta> tag. This has to be done before
ember bootup.

Sometimes (during testing and development, basically not production)
this is injected with the already existing value, in which case this
essentially changes nothing.

The code here is slightly abstracted away from our specific usage to
make it easier for anyone else to use, and also make sure we can cope
with using this same method to pass variables down from the CLI through
to ember in the future.

* ui: We can't use <base /> move everything to javascript (#5941)

Unfortuantely we can't seem to be able to use <base> and rootURL
together as URL paths will get doubled up (`ui/ui/`).

This moves all the things that we need to interpolate with .ContentPath
to the `startup` javascript so we can conditionally print out
`{{.ContentPath}}` in lots of places (now we can't use base)

* fixed when we serve index.html

* ui: For writing a ContentPath, we also need to cope with testing... (#5945)

...and potentially more environments

Testing has more additional things in a separate index.html in `tests/`

This make the entire thing a little saner and uses just javascriopt
template literals instead of a pseudo handbrake synatx for our
templating of these files.

Intead of just templating the entire file this way, we still only
template `{{content-for 'head'}}` and `{{content-for 'body'}}`
in this way to ensure we support other plugins/addons

* build: Loosen up the regex for retrieving the CONSUL_VERSION (#5946)

* build: Loosen up the regex for retrieving the CONSUL_VERSION

1. Previously the `sed` replacement was searching for the CONSUL_VERSION
comment at the start of a line, it no longer does this to allow for
indentation.
2. Both `grep` and `sed` where looking for the omment at the end of the
line. We've removed this restriction here. We don't need to remove it
right now, but if we ever put the comment followed by something here the
searching would break.
3. Added `xargs` for trimming the resulting version string. We aren't
using this already in the rest of the scripts, but we are pretty sure
this is available on most systems.

* ui: Fix erroneous variable, and also force an ember cache clean on build

1. We referenced a variable incorrectly here, this fixes that.
2. We also made sure that every `make` target clears ember's `tmp` cache
to ensure that its not using any caches that have since been edited
everytime we call a `make` target.

* added docs, fixed encoding

* fixed go fmt

* Update agent/config/config.go

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Completed Suggestions

* run gofmt on http.go

* fix testsanitize

* fix fullconfig/hcl by setting correct 'want'

* ran gofmt on agent/config/runtime_test.go

* Update website/source/docs/agent/options.html.md

Co-Authored-By: Hans Hasselberg <me@hans.io>

* Update website/source/docs/agent/options.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* remove contentpath from redirectFS struct
2019-06-26 11:43:30 -05:00
Pierre Souchay e394a9469b Support for maximum size for Output of checks (#5233)
* Support for maximum size for Output of checks

This PR allows users to limit the size of output produced by checks at the agent 
and check level.

When set at the agent level, it will limit the output for all checks monitored
by the agent.

When set at the check level, it can override the agent max for a specific check but
only if it is lower than the agent max.

Default value is 4k, and input must be at least 1.
2019-06-26 09:43:25 -06:00
Michael Schurter 76a2915787 docs: small typo/wording fixes for envoy (#6018) 2019-06-26 09:34:58 -06:00
hashicorp-ci d237e86d83 Merge Consul OSS branch 'master' at commit 88b15d84f9fdb58ceed3dc971eb0390be85e3c15
skip-checks: true
2019-06-25 02:00:26 +00:00
Justin Weissig e0364b0076 docs: fixed typos on a few doc pages (#5870) 2019-06-24 15:25:57 -06:00
kaitlincarter-hc ddb1955bda
[docs] New Glossary Page (#5999)
* Moved the glossary to a new page and removed the advanced warnings from all internals docs.

* Update website/source/layouts/docs.erb

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Updates based on PR feedback

* Update website/source/docs/internals/index.html.md

* Update website/source/docs/internals/index.html.md

* Update website/source/docs/internals/index.html.md

* Update website/source/docs/internals/index.html.md

* Update website/source/docs/internals/index.html.md
2019-06-24 16:19:12 -05:00
kaitlincarter-hc 698a1e2e3e
[docs] Architecture Node vs Agent (#6010)
* Upating the term node to be more clear

* Update website/source/docs/internals/architecture.html.md

* Update website/source/docs/internals/architecture.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Addressing the failure detection comment
2019-06-24 12:25:47 -05:00
Hans Hasselberg f25496bd34
docs: document reset license in enterprise (#5977) 2019-06-24 14:36:59 +02:00
Matt Keeler a471968cb4 Fix weird sentence in the proxy docs (#6002)
* Fix weird sentence in the proxy docs

* Update website/source/docs/connect/proxies.html.md
2019-06-21 10:01:00 -07:00
RJ Spiker 490242b4b8 website - updates to home hero video carousel (#5932) 2019-06-20 20:06:29 -04:00
Sarah Christoff 352adf204c
[docs] update documentation for connect-service-upstreams (#5422)
* update documentation for connect-service-upstreams

Adds documentation for services, multiple services, and prepared
query under connect-service-upstreams annotation.

* changing tone of voice

* active voice fix

* fixing spaces

* fixed order, added clarification for multiple upstreams

* Update website/source/docs/platform/k8s/connect.html.md

Co-Authored-By: s-christoff <sarah.christoff13@gmail.com>
2019-06-20 14:18:34 -05:00
kaitlincarter-hc 703981eea4
[docs] Sidecar Registration (#5998)
* missing service option

* fixing the second example
2019-06-20 12:31:17 -05:00
A. F 8c7576298c fix invalid curl request (#5972) 2019-06-20 09:48:56 -05:00
kaitlincarter-hc a1400cc042
[docs] Internals (#5979)
* Updating internals docs for clarity

* Update website/source/docs/internals/consensus.html.md

Co-Authored-By: Hans Hasselberg <me@hans.io>
2019-06-18 12:12:39 -05:00
Andrei Burd 484aedeacc docs: add agent to windows service (#5982) 2019-06-18 09:50:07 +02:00
Alvin Huang 7ff9308e6d
Support relative and external URL rewrites (#5970)
* switch to relative path redirects for non external links

* update website deploy script to support relative+full url redirects
2019-06-17 11:48:29 -04:00
Matt Keeler b6688a6b5b
Add tagged addresses for services (#5965)
This allows addresses to be tagged at the service level similar to what we allow for nodes already. The address translation that can be enabled with the `translate_wan_addrs` config was updated to take these new addresses into account as well.
2019-06-17 10:51:50 -04:00
Judith Malnick 086b95ead1
[docs] Correct typos in API agnet docs (#5966) 2019-06-14 09:30:41 -07:00
Judith Malnick 877202818f
[docs] Reorganize connect documentation for clarity (#5864)
* clarify possibilities for centralized proxy configuration

* add line breaks to config entries file

* add info about centralized config to built in proxy doc

* mondify connect landing page to help with navigation

* move internals details to its own page

* link fixes and shortening text on main page

* put built-in proxy options on its own page

* add configuration details for connect

* clarify security title and add observability page

* reorganize menu

* remove observability from configuration section

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/index.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/agent/config_entries.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* rename connect section to include service mesh

* reorganize sections per suggestions from paul

* add configuration edits from paul

* add internals edits from paul

* add observability edits from paul

* reorganize pages and menu

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* menu corrections and edits

* incorporate some of pauls comments

* incorporate more of pauls comments

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/connect/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/connect/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* incorporate kaitlin and pavanni feedback

* add redirect

* fix conflicts in index file

* Resolve conflicts in index file

* correct links for new organization

* Update website/source/docs/connect/proxies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* add title to service registration page
2019-06-13 22:52:50 -07:00
Hans Hasselberg 7e6356a53a
Remove the misleading default separator for listing keys. (#5288)
The default separator for key listing is an empty string - the docs incorrectly made it seem as if this was `/`.
2019-06-14 00:06:18 +02:00
Justin Weissig b36c1fa0d5 docs: fixed typos (#5854)
Fixed typos: alterative/alternative & communciation/communication
2019-06-14 00:05:32 +02:00
Hans Hasselberg fc283334e1
docs: wording (#5889)
Fixed wording: "will be resolve to the" -> "will be resolved to the".
2019-06-13 23:59:05 +02:00
Justin Weissig 5453409938 docs: fixed typo polices/policies (#5894)
Fixed typo: polices/policies.
2019-06-13 23:58:34 +02:00
Yoan Blanc f8ae6d7987 docs: fix markdown consul operator (#5901)
broken markdown
2019-06-13 23:57:38 +02:00
Joel Kuzmarski aa7f106fc6 Update production-acls.html.md (#5959) 2019-06-13 10:03:22 -04:00
Luke Kysow c28ace2db1
Merge pull request #5948 from hashicorp/lkysow-patch-1
Update kubernetes-reference.html.md
2019-06-13 10:07:15 +01:00
Judith Malnick a066288fb9
Add a redirect for the K8s reference arch guide (#5949) 2019-06-11 10:28:52 -07:00
Luke Kysow 17024a6db4
Update kubernetes-reference.html.md 2019-06-11 15:58:46 +01:00
Paul Banks 737be347eb
Upgrade xDS (go-control-plane) API to support Envoy 1.10. (#5872)
* Upgrade xDS (go-control-plane) API to support Envoy 1.10.

This includes backwards compatibility shim to work around the ext_authz package rename in 1.10.

It also adds integration test support in CI for 1.10.0.

* Fix go vet complaints

* go mod vendor

* Update Envoy version info in docs

* Update website/source/docs/connect/proxies/envoy.md
2019-06-07 07:10:43 -05:00
Chris Marchesi 2c0d46282e website: fix Sentinel time-of-day policy (#5930)
The policy in the time-of-day Sentinel example incorrectly references
the top-level time.hour constant. This is actually the same as the
time.Hour Go value, so in other words, 3600000000000 (the int64 value
representing the time in nanoseconds).

This is corrected by just using time.now.hour instead.
2019-06-06 14:31:54 -06:00
Nitish Alluri da5ded8ec4 docs: update default grpc-addr value in connect envoy command (#5886)
* Update envoy.html.md.erb
2019-06-06 10:37:29 +02:00
Jack Pearkes af8de66be4
website: add azure storage options for enterprise (#5920)
This documents the additional backup target for
the snapshot agent.

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-06-04 20:40:22 -05:00
kaitlincarter-hc 0a1c276b57
[docs] Enterprise Landing Page (#5804)
* Updating enterprise landing page to be more clear about the licensing process.

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Jack Pearkes <jackpearkes@gmail.com>

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/enterprise/index.html.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Updating based on Matt's feedback
2019-06-04 11:01:46 -05:00
Matt Keeler 923448f00e
Update links to envoy docs on xDS protocol (#5871) 2019-06-03 11:03:05 -05:00
Matt Keeler a7c55ffed2
Fix acl.enable_key_list to be acl.enable_key_list_policy in docs (#5907) 2019-06-03 09:31:02 -05:00