Commit graph

9359 commits

Author SHA1 Message Date
Rebecca Zanzig f9abffb340
Merge pull request #4948 from hashicorp/docs/helm-auto-join
Update the helm chart `join` instructions
2018-11-12 12:58:43 -08:00
Rebecca Zanzig b04e96f889 Update the helm chart join instructions
This fixes some previous incorrect information about the join feature
in the Helm chart. Based on the fix for consul-helm issue 59.
2018-11-12 12:22:18 -08:00
Paul Banks bc5333905a
connect: remove additional trust-domain validation (#4934)
* connct: Remove additional trust-domain validation

* Comment typos

* Update connect_ca.go
2018-11-12 20:20:12 +00:00
Kyle Havlovitz b0dcf54e50
Merge pull request #4917 from hashicorp/replication-token-cleanup
Use acl replication_token for connect
2018-11-12 09:12:54 -08:00
Kyle Havlovitz 16f843bdf4
Merge pull request #4940 from hashicorp/ent-test-diff
Update non-voting server test to fix enterprise diff
2018-11-09 20:26:45 -08:00
Rebecca Zanzig 9da67861e2
Merge pull request #4941 from hashicorp/docs/helm-maxUnavilable
Update docs for Helm chart `maxUnavailable` value
2018-11-09 17:13:15 -08:00
Rebecca Zanzig bd5ecc4828 Update docs for Helm chart maxUnavailable value
Due to a Helm templating limitation, setting this value to `0` requires
an extra flag when installing. This adds information about that.
2018-11-09 16:58:54 -08:00
Kyle Havlovitz 038aefa0bc update non-voting server test to fix enterprise diff 2018-11-09 12:50:24 -08:00
Rebecca Zanzig 0b7b3cbd41
Merge pull request #4928 from hashicorp/docs/server-affinity
Add documentation of server affinity Helm chart variable
2018-11-09 12:37:33 -08:00
Kyle Havlovitz 70accbb2e0 oss: do a proper check-and-set on the CA roots/config fsm operation 2018-11-09 12:36:23 -08:00
R.B. Boyer 003dacb340
Update agent tests to wait a bit longer for the /v1/agent/self endpoint (#4937) 2018-11-09 10:35:47 -06:00
R.B. Boyer 74520a6470
docs: use hcl heredoc syntax for multi line strings in sentinel examples (#4930) 2018-11-08 16:28:40 -06:00
Rebecca Zanzig 25f5085e6c Add doc info for added server affinity value
Supports newly added functionality to the Helm chart.
2018-11-08 12:07:30 -08:00
Rebecca Zanzig 4323efed53 Reorder Helm chart server values
This matches the ordering in the Helm chart, to make it easier for
users to find information.
2018-11-08 12:06:00 -08:00
R.B. Boyer 480ea8e7c6
docs: remove curly quotes from shell block (#4921) 2018-11-07 10:42:13 -08:00
Kyle Havlovitz ee4f8b79cb
Merge pull request #4912 from hashicorp/acl-doc-fixes
docs: fix some examples in the new ACL guide
2018-11-07 09:23:36 -08:00
Kyle Havlovitz 69a8d149d5
docs: remove leftover typo from replication_token info 2018-11-07 09:22:23 -08:00
R.B. Boyer 2e29f234b1
acl: fixes ACL replication for legacy tokens without AccessorIDs (#4885) 2018-11-07 07:59:44 -08:00
John Cowen 751f8552b2
UI: Removes success notification on faking a success response for self (#4906)
In order to continue supporting the legacy ACL system, we replace
the 500 error from a non-existent `self` endpoint with a response of a
`null` `AccessorID` - which makes sense (a null AccessorID means old
API)

We then redirect the user to the old ACL pages which then gives a 403
if their token was wrong which then redirects them back to the login page.

Due to the multiple redirects and not wanting to test the validity of the token
before redirecting (thus calling the same API endpoint twice), it is not
straightforwards to turn the 'faked' response from the `self` endpoint
into an error (flash messages are 'lost' through multiple redirects).

In order to make this a slightly better experience, you can now return a
`false` during execution of an action requiring success/failure
feedback, this essentially skips the notification, so if the action is
'successful' but you don't want to show the notification, you can. This
resolves showing a successful notification when the `self` endpoint
response is faked. The last part of the puzzle is to make sure that the
global 403 catching error in the application Route also produces an
erroneous notification.

Please note this can only happen with a ui client using the new ACL
system when communicating with a cluster using the old ACL system, and
only when you enter the wrong token.

Lastly, further acceptance tests have been added around this

This commit also adds functionality to avoid any possible double 
notification messages, to avoid UI overlapping
2018-11-07 15:57:41 +00:00
Kyle Havlovitz 1a4204f363
agent: fix formatting 2018-11-07 02:16:03 -08:00
Kyle Havlovitz 60bb53d4e6
config: remote connect replication_token 2018-11-07 02:15:37 -08:00
Kyle Havlovitz f5bb65931b
Merge pull request #4911 from mtpettyp/kv_doc_updates
Update consul CLI docs for kv export and import
2018-11-06 18:49:28 -08:00
Kyle Havlovitz 604951e466 docs: fix some examples in the new ACL guide 2018-11-06 18:47:44 -08:00
Mike Pettypiece 6ca8138d4e Update consul CLI docs for kv export and import
This will make the kv docs consistent with get/delete/put
2018-11-06 20:19:09 -05:00
Rebecca Zanzig 85372872a5
Merge pull request #4900 from hashicorp/docs/helm-extension
Document options for additional helm chart configuration
2018-11-06 15:39:40 -08:00
Hans Hasselberg f80414fa99
Update CHANGELOG.md 2018-11-06 22:35:51 +01:00
Philipp Gillé f23abddbc0 Remove wrong space character (#4910)
There should be no space before a comma
2018-11-06 22:34:36 +01:00
John Cowen d7e969f513
ui: Make empty Rules ('') take priority over a Legacy: true (#4899)
Even if an old style token has a Legacy of true, yet it has an empty set
of Rules, treat the token as a new style token, as its essentially the
same
2018-11-06 18:08:10 +00:00
Rebecca Zanzig e4be60b25c
Merge pull request #4891 from hashicorp/docs/k8s-storage
Clarify storage usage for consul + k8s
2018-11-05 12:45:22 -08:00
Rebecca Zanzig 3ec036f499 Document options for additional helm chart configuration
There is a fine line between making the helm chart easy and simple to
use and supporting lots of configurability. This documents options for
users who would like to extend the Helm chart beyond what is readily
available in the `values.yaml` file.
2018-11-05 12:20:14 -08:00
Rebecca Zanzig cb36193b74 Clarify storage usage for consul + k8s
This adds two Helm chart values into the documentation with details
that have come up in several issues.

Additionally, it notes that persistent volumes and their claims need
to be removed manually because of current kubernetes and helm design.
2018-11-05 10:50:41 -08:00
Paul Banks 952ee6f546
Allow ACL legacy migration via CLI (#4882)
* Adds a flag to `consul acl token update` that allows legacy ACLs to be upgraded via the CLI.

Also fixes a bug where descriptions are deleted if not specified.

* Remove debug
2018-11-05 14:32:09 +00:00
R.B. Boyer 917488abc2 command/debug: make better use of atomic operations to write out the debug snapshots to disk 2018-11-02 13:13:49 -05:00
R.B. Boyer a5d57f5326
fix comment typos (#4890) 2018-11-02 12:00:39 -05:00
John Cowen d1b3a63b2f
UI: Catch 500 error on token endpoint and revert to legacy tokens (#4874)
In some circumstances a consul 1.4 client could be running in an
un-upgraded 1.3 or lower cluster. Currently this gives a 500 error on
the new ACL token endpoint. Here we catch this specific 500 error/message
and set the users AccessorID to null. Elsewhere in the frontend we use
this fact (AccessorID being null) to decide whether to present the
legacy or the new ACL UI to the user.

Also:
- Re-adds in most of the old style ACL acceptance tests, now that we are keeping the old style UI
- Restricts code editors to HCL only mode for all `Rules` editing (legacy/'half legacy'/new style)
- Adds a [Stop using] button to the old style ACL rows so its possible to logout.
- Updates copy and documentation links for the upgrade notices
2018-11-02 14:44:36 +00:00
Geoffrey Grosenbach 5a4543cf56 Adds redirects and updates links for learn.hashicorp (#4878)
* Adds redirects for Getting Started pages

* Uses correct links to resources at learn.hashicorp

* Reconfigures "Learn more" links to point to learn.hashicorp

* Links to learn.hashicorp on segmentation page

* Adds redirect for sample config file

* Fixes links to Getting Started guide on learn.hashicorp

* Remove getting started guide which is now on learn.hashicorp

* Corrects link to `consul/io` which should go to `consul.io`

* Revert "Remove getting started guide which is now on learn.hashicorp"

This reverts commit 2cebacf402f83fb936718b41ac9a27415f4e9f21 so a placeholder
message can be written here while we are transitioning content to
learn.hashicorp

* Adding a new page for getting started to direct users to learn.

* Added a note at the being of each doc to notify users about the temporary repo change.

* Revert "Added a note at the being of each doc to notify users about the temporary repo change."

This reverts commit 9a2a8781f9705028e4f53f758ef235e74b2b7198.

From conversation at https://github.com/hashicorp/consul/pull/4878

* Removes redirect from sample web.json demo file

* Removed typo
2018-11-01 14:44:49 -07:00
Kyle Havlovitz 79ceff046b
Update CHANGELOG.md 2018-10-31 15:53:02 -07:00
Kyle Havlovitz 5b7b8bf842
Merge pull request #4872 from hashicorp/node-snapshot-fix
Node ID/datacenter snapshot fix
2018-10-31 15:51:07 -07:00
Matt Keeler 26b1873b3b Adds documentation for the new ACL APIs (#4851)
* Update the ACL API docs

* Add a CreateTime to the anon token

Also require acl:read permissions at least to perform rule translation. Don’t want someone DoSing the system with an open endpoint that actually does a bit of work.

* Fix one place where I was referring to id instead of AccessorID

* Add godocs for the API package additions.

* Minor updates: removed some extra commas and updated the acl intro paragraph

* minor tweaks

* Updated the language to be clearer

* Updated the language to be clearer for policy page

* I was also confused by that! Your updates are much clearer.

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Sounds much better.

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Updated sidebar layout and deprecated warning
2018-10-31 15:11:51 -07:00
Rebecca Zanzig 0cb5073184
Merge pull request #4873 from hashicorp/docs/helm-default-sync
Update Helm docs to include the `default` flag for catalog sync
2018-10-31 14:50:36 -07:00
Anubhav Mishra 80776eead4
Clarify sync wording.
Co-Authored-By: adilyse <rebecca@hashicorp.com>
2018-10-31 13:18:50 -07:00
Anubhav Mishra 548c8e798d
Updating configuration wording.
Co-Authored-By: adilyse <rebecca@hashicorp.com>
2018-10-31 13:18:01 -07:00
Matt Keeler ec9934b6f8 Remaining ACL Unit Tests (#4852)
* Add leader token upgrade test and fix various ACL enablement bugs

* Update the leader ACL initialization tests.

* Add a StateStore ACL tests for ACLTokenSet and ACLTokenGetBy* functions

* Advertise the agents acl support status with the agent/self endpoint.

* Make batch token upsert CAS’able to prevent consistency issues with token auto-upgrade

* Finish up the ACL state store token tests

* Finish the ACL state store unit tests

Also rename some things to make them more consistent.

* Do as much ACL replication testing as I can.
2018-10-31 13:00:46 -07:00
Paul Banks d24a65eb8c
Doc and whitespace fixes for translate-rules command (#4877) 2018-10-31 17:28:04 +00:00
Rebecca Zanzig e2a1b2fa2d Update Helm docs to include the default flag for catalog sync
Additionally fixes an issue with quotes on the related annotation.
2018-10-30 16:37:04 -07:00
Kyle Havlovitz cf2210b5c5 fsm: update snapshot/restore test to include ID and datacenter 2018-10-30 15:53:14 -07:00
Kyle Havlovitz 58ff5e46cb fsm: add missing ID/datacenter to persistNodes 2018-10-30 15:52:54 -07:00
Rémi Lapeyre 70a051363f Add support for multiple checks in Consul Client (#4849) 2018-10-29 09:39:25 -07:00
Jack Pearkes a2485f60af
website: clarify log file filename format (#4856)
Fixes #4697
2018-10-29 09:29:14 -07:00
Hans Hasselberg a57d08faad
Update CHANGELOG.md 2018-10-29 11:32:54 +01:00