Commit Graph

17572 Commits

Author SHA1 Message Date
trujillo-adam 88dc4de903
Apply suggestions from code review
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
2022-06-21 16:53:10 -07:00
trujillo-adam 393505a7be Merge branch 'main' of github.com:hashicorp/consul into docs-ecs-mesh-gw
pulling merged changes into this branch
2022-06-21 13:20:22 -07:00
trujillo-adam be6fe11784 applied suggestions from review, udpates to TF secure configuration 2022-06-21 13:20:14 -07:00
David Yu 2422c8bf37
docs: Consul K8s compat matrix update for 0.45.0+ to include Consul 1.11 compatibility (#13528) 2022-06-21 12:10:43 -07:00
R.B. Boyer e7a7232a6b
state: peering ID assignment cannot happen inside of the state store (#13525)
Move peering ID assignment outisde of the FSM, so that the ID is written
to the raft log and the same ID is used by all voters, and after
restarts.
2022-06-21 13:04:08 -05:00
Matt Keeler c2421825f3
Add server local blocking queries and watches (#13438)
Co-authored-by: Dan Upton <daniel@floppy.co>
2022-06-21 13:36:49 -04:00
trujillo-adam 8dc94aff32 removed terminating and ingress polices from secure manual installation 2022-06-21 09:27:04 -07:00
Dhia Ayachi 7eedeeecfc
update github.com/containerd/containerd to 1.5.13 (#13520) 2022-06-21 12:20:00 -04:00
trujillo-adam f26995bced Merge branch 'main' of github.com:hashicorp/consul into docs-ecs-mesh-gw 2022-06-21 08:53:30 -07:00
David Yu 3a35b181f2
docs: Lambda consul service mesh naming suggestions (#13506)
* docs: Lambda consul service mesh naming suggestions
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-21 08:14:43 -07:00
trujillo-adam c0a0227c96
Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
2022-06-21 08:08:37 -07:00
Chris S. Kim 247b56def3
Pass trust domain to RBAC to validate and fix use of wrong peer trust bundles (#13508) 2022-06-20 22:47:14 -04:00
David Yu b724f8b3ab
docs: Use "error" to use standard log level value (#13507)
* docs: Use "error" to use standard log level value
2022-06-20 16:07:38 -07:00
trujillo-adam cfd9e2e41d fixed links to TF install examples 2022-06-20 14:14:18 -07:00
trujillo-adam 1bd3909a71
Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-06-20 14:11:05 -07:00
trujillo-adam c779d224e2
Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-06-20 13:53:48 -07:00
trujillo-adam f6d0220af8 incorporated examples from @cthain 2022-06-20 12:38:21 -07:00
trujillo-adam 03a3c44031 Merge remote-tracking branch 'origin/docs/cthain-ecs-mesh-gateway' into docs-ecs-mesh-gw
pulling in change from cthain
2022-06-20 09:47:04 -07:00
Chris Thain b74e8f3713 merge branch main 2022-06-20 09:13:51 -07:00
Chris Thain 569cf68daa Add mesh gateway configuration examples. 2022-06-20 09:07:44 -07:00
trujillo-adam 7249a0326e tweaks to the enterprise section for ecs mesh gateways 2022-06-17 15:17:48 -07:00
trujillo-adam c5c5ef7845 tweaks to the secure configuration for manually installing consul ecs 2022-06-17 15:13:48 -07:00
trujillo-adam 1cee20a644 Added note about manually creating mesh gw not being supported 2022-06-17 14:57:37 -07:00
trujillo-adam 4850a1d4c1 tweaks to the secure TF install section 2022-06-17 14:42:51 -07:00
trujillo-adam 1b1cfa900e minor tweaks to TF install 2022-06-17 14:15:29 -07:00
trujillo-adam e00c5c7554 updates to ECS Terraform install 2022-06-17 12:58:47 -07:00
trujillo-adam 461dbb2e77 Merge branch 'main' of github.com:hashicorp/consul into docs-ecs-mesh-gw 2022-06-17 11:32:05 -07:00
Kyle Schochenmaier 6980975d6f
update helm values docs and annotations (#13487) 2022-06-17 12:47:47 -05:00
John Murret 6b77fa11d9
Docs - k8s - Webhook Certs on Vault (#13441)
* Docs - k8s - Webhook Certs on Vault

* Adding webhook certs to data-integration overview page

* marking items as code

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Updating prerequisites intro

* Updating prerequisites intro

* Updating `Create a Vault auth roles that link the policy to each Consul on Kubernetes service account that requires access` to `Link the Vault policy to Consul workloads`

* changing `Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart` to `Update the Consul on Kubernetes helm chart`.

* Changed `Create a Vault PKI role that establishes the domains that it is allowed to issue certificates for` to `Configure allowed domains for PKI certificates`

* Moved `Create a Vault policy that authorizes the desired level of access to the secret` to the Set up per Consul Datacenter section

* Update website/content/docs/k8s/installation/vault/data-integration/webhook-certs.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Moving Overview above Prerequisites.  Adding sentence where missing after page title.

* Moving Overview above Prerequisites for webhook certs page.

* fixing the end of the overview section that was not moved.

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-17 10:23:54 -06:00
trujillo-adam dfcd28048a referred to mesh gateway functionality in ECS overview 2022-06-17 09:04:52 -07:00
Tu Nguyen fa9c1bfcf4
Merge pull request #13466 from hashicorp/consul-lambda-broken-link
Fix broken link in lambda docs
2022-06-17 08:31:10 -07:00
Dan Upton 989b22425c
Move ACLResolveResult into acl/resolver package (#13467)
Having this type live in the agent/consul package makes it difficult to
put anything that relies on token resolution (e.g. the new gRPC services)
in separate packages without introducing import cycles.

For example, if package foo imports agent/consul for the ACLResolveResult
type it means that agent/consul cannot import foo to register its service.

We've previously worked around this by wrapping the ACLResolver to
"downgrade" its return type to an acl.Authorizer - aside from the
added complexity, this also loses the resolved identity information.

In the future, we may want to move the whole ACLResolver into the
acl/resolver package. For now, putting the result type there at least,
fixes the immediate import cycle issues.
2022-06-17 10:24:43 +01:00
DanStough 37694eefb5 feat: tgtwy xDS generation for destinations
Signed-off-by: Dhia Ayachi <dhia@hashicorp.com>
2022-06-16 16:17:49 -04:00
alex d73adfef81
peering: block Intention.Apply ops (#13451)
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
2022-06-16 12:07:28 -07:00
alex ba1f235d70
peering, state: account for peer intentions (#13443)
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
2022-06-16 10:27:31 -07:00
Luke Kysow d8a2825361
Add type info to options (#13477) 2022-06-16 10:09:39 -07:00
Luke Kysow a7b01600b6
Update index.mdx (#13476) 2022-06-16 09:59:49 -07:00
Sam Salisbury 3712143786
Merge pull request #13469 from hashicorp/correct-redhat-tags
Correct redhat tags
2022-06-16 17:13:37 +01:00
Eric Haberkorn fefb936456
Lambda documentation tweaks (#13459)
Lambda documentation tweaks
2022-06-16 09:00:21 -04:00
Sam Salisbury cf603d51ff correct redgat_tag ospid 2022-06-16 13:28:36 +01:00
Sam Salisbury 1f76000690 strip trailing whitespace 2022-06-16 13:27:37 +01:00
John Cowen 91bdeef373
ui: Fix intl keys in order to render correct messages for empty states (#13409)
* ui: Fix intl keys in order to render correct messages for empty states

* Add a debug only debug log to warn about missing keys
2022-06-16 12:07:04 +01:00
Tu Nguyen 6e0a42b150
Fix broken link in lambda docs 2022-06-15 21:23:56 -07:00
R.B. Boyer 9c5d818546
xds: begin refactor to always pass test snapshots through all xDS types (#13461) 2022-06-15 14:58:28 -05:00
R.B. Boyer 93611819e2
xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460)
This is only configured in xDS when a service with an L7 protocol is
exported.

They also load any relevant trust bundles for the peered services to
eventually use for L7 SPIFFE validation during mTLS termination.
2022-06-15 14:36:18 -05:00
Daniel Upton 8d39e1fd7e docs: instructions for interacting with the private gRPC server locally 2022-06-15 18:26:58 +01:00
Riddhi Shah 414bb7e34e
[OSS] Support merge-central-config option in node services list API (#13450)
Adds the merge-central-config query param option to the /catalog/node-services/:node-name API,
to get a service definition in the response that is merged with central defaults (proxy-defaults/service-defaults).

Updated the consul connect envoy command to use this option when
retrieving the proxy service details so as to render the bootstrap configuration correctly.
2022-06-15 08:30:31 -07:00
Eric Haberkorn eb9c341f5e
Lambda Beta Documentation (#13426)
* Document the `enable_serverless_plugin` Agent Configuration Option (#13372)
* Initial AWS Lambda documentation (#13245)
2022-06-15 11:14:16 -04:00
cskh 340a194894
Load test, upgrade packer version, fix k6s installation (#13382)
- fix sg: need remote access to test server
- Give the load generator a name
- Update loadtest hcl filename in readme
- Add terraform init
- Disable access to the server machine by default
2022-06-15 09:29:38 -04:00
Jared Kirschner a01acbae1b
Merge pull request #13353 from hashicorp/jkirschner-hashicorp-patch-1
docs: show HCP Consul supports CTS enterprise
2022-06-15 00:05:30 -04:00