Commit Graph

16263 Commits

Author SHA1 Message Date
Blake Covarrubias 97e7e118e0 docs: Fix spelling errors 2022-01-11 09:37:09 -08:00
mrspanishviking a51f17a0f1
Merge pull request #11983 from hashicorp/resolver_examples
docs: added another resolver example for DC and namespace failover
2022-01-11 10:27:57 -07:00
Mike Morris 277c41d336
ingress: allow setting TLS min version and cipher suites in ingress gateway config entries (#11576)
* xds: refactor ingress listener SDS configuration

* xds: update resolveListenerSDS call args in listeners_test

* ingress: add TLS min, max and cipher suites to GatewayTLSConfig

* xds: implement envoyTLSVersions and envoyTLSCipherSuites

* xds: merge TLS config

* xds: configure TLS parameters with ingress TLS context from leaf

* xds: nil check in resolveListenerTLSConfig validation

* xds: nil check in makeTLSParameters* functions

* changelog: add entry for TLS params on ingress config entries

* xds: remove indirection for TLS params in TLSConfig structs

* xds: return tlsContext, nil instead of ambiguous err

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* xds: switch zero checks to types.TLSVersionUnspecified

* ingress: add validation for ingress config entry TLS params

* ingress: validate listener TLS config

* xds: add basic ingress with TLS params tests

* xds: add ingress listeners mixed TLS min version defaults precedence test

* xds: add more explicit tests for ingress listeners inheriting gateway defaults

* xds: add test for single TLS listener on gateway without TLS defaults

* xds: regen golden files for TLSVersionInvalid zero value, add TLSVersionAuto listener test

* types/tls: change TLSVersion to string

* types/tls: update TLSCipherSuite to string type

* types/tls: implement validation functions for TLSVersion and TLSCipherSuites, make some maps private

* api: add TLS params to GatewayTLSConfig, add tests

* api: add TLSMinVersion to ingress gateway config entry test JSON

* xds: switch to Envoy TLS cipher suite encoding from types package

* xds: fixup validation for TLSv1_3 min version with cipher suites

* add some kitchen sink tests and add a missing struct tag

* xds: check if mergedCfg.TLSVersion is in TLSVersionsWithConfigurableCipherSuites

* xds: update connectTLSEnabled comment

* xds: remove unsued resolveGatewayServiceTLSConfig function

 * xds: add makeCommonTLSContextFromLeafWithoutParams

* types/tls: add LessThan comparator function for concrete values

* types/tls: change tlsVersions validation map from string to TLSVersion keys

* types/tls: remove unused envoyTLSCipherSuites

* types/tls: enable chacha20 cipher suites for Consul agent

* types/tls: remove insecure cipher suites from allowed config

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 are both explicitly listed as insecure and disabled in the Go source.

Refs https://cs.opensource.google/go/go/+/refs/tags/go1.17.3:src/crypto/tls/cipher_suites.go;l=329-330

* types/tls: add ValidateConsulAgentCipherSuites function, make direct lookup map private

* types/tls: return all unmatched cipher suites in validation errors

* xds: check that Envoy API value matching TLS version is found when building TlsParameters

* types/tls: check that value is found in map before appending to slice in MarshalEnvoyTLSCipherSuiteStrings

* types/tls: cast to string rather than fmt.Printf in TLSCihperSuite.String()

* xds: add TLSVersionUnspecified to list of configurable cipher suites

* structs: update note about config entry warning

* xds: remove TLS min version cipher suite unconfigurable test placeholder

* types/tls: update tests to remove assumption about private map values

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-01-11 11:46:42 -05:00
Jasmine W 889aa2dd1a
Merge pull request #12002 from hashicorp/kubernetes-service-screenshot
added screenshot of k8s service
2022-01-11 11:34:00 -05:00
Jasmine W e671ea7f60
Merge pull request #11995 from hashicorp/l7-routing-screenshots
Adding UI screenshots to L7 overview
2022-01-11 11:33:20 -05:00
Hannah Hearth 8436b4b0d1 Add CTS and API Gateway to docs on tools page 2022-01-11 10:22:30 -06:00
Jasmine W 8f662c49f6
Update website/content/docs/connect/config-entries/service-splitter.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:49 -05:00
Jasmine W 62583f75fe
Update website/content/docs/connect/config-entries/service-router.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:43 -05:00
Jasmine W d011b1afcb
Update website/content/docs/connect/config-entries/service-resolver.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:36 -05:00
Jasmine W b9bfb424b5 pushing for circleci 2022-01-11 11:16:24 -05:00
Kenia fbb9f5cdf5
ui: Adding Partition to topology card (#11805) 2022-01-11 10:04:06 -05:00
Dao Thanh Tung 217e2dc656
URL-encode/decode resource names for HTTP API part 2 (#11957) 2022-01-11 08:52:45 -05:00
John Cowen fc8e89d640
ui: Ensure the partition is passed through to the request for the SSO auth URL (#11979)
* Make sure the mocks reflect the requested partition/namespace

* Ensure partition is passed through to the HTTP adapter

* Pass AuthMethod object through to TokenSource in order to use Partition

* Change up docs and add potential improvements for future

* Pass the query partition back onto the response

* Make sure the OIDC callback mock returns a Partition

* Enable OIDC provider mock overwriting during acceptance testing

* Make sure we can enable partitions and SSO post bootup only required

...for now

* Wire up oidc provider mocking

* Add SSO full auth flow acceptance tests
2022-01-11 11:02:46 +00:00
Anthony a217d13e1b
docs: Add CodeBlockConfig to network coordinates page 2022-01-10 22:13:27 -08:00
Connor a4d2dc0ce2
Add go-sockaddr examples for multiple interfaces (#11998)
* Add overview example for multiple interfaces with go-sockaddr

* Include go-sockaddr examples in agent configuration

* Add changelog entry

* Make suggested changes

* Simplify hcl comment

* Update link and fix gRPC

* Switch index.mdx from Tabs to CodeTabs

* Reformat new links for screen readers

* Apply suggestions from code review

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Fix spacing in code block

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 20:10:25 -06:00
mrspanishviking 071b3025af
Merge pull request #12016 from hashicorp/Screenshot-Updates
Consul UI Screenshot Updates
2022-01-10 18:05:02 -07:00
Xuan Luo 8ca86265a5
Merge pull request #12017 from hashicorp/doc-changes
Doc changes
2022-01-10 16:33:47 -08:00
Xuan Luo 3ae25bfb58 updated image 2022-01-10 16:29:32 -08:00
Jake Herschman 0925fba881 fixed duplicated image path 2022-01-10 19:08:16 -05:00
Jake Herschman a93ba20343 Updated Consul UI Screenshots 2022-01-10 19:01:42 -05:00
Xuan Luo edb95ce99c docs: add gateway overview illustration 2022-01-10 15:47:57 -08:00
Luke Kysow e30e0a075c
Add distributed tracing docs (#12010)
* Add distributed tracing docs
2022-01-10 15:43:31 -08:00
Jake Herschman 5469bcd6d1 updated topology image 2022-01-10 18:39:35 -05:00
Jake Herschman 52ef50b1da updated datacenter dropdown image 2022-01-10 18:38:41 -05:00
Jake Herschman af77cb65f9 updated topology image 2022-01-10 18:37:51 -05:00
Xuan Luo ac0205bbbf docs: added gateway overview illustration 2022-01-10 15:30:01 -08:00
Preetha cc8eafbf5e
Updated health check docs page with HCL examples (#12000)
All healthcheck JSON examples now have HCL equivalents.
2022-01-10 17:19:39 -06:00
Amier Chery 6c230ff458 Added images to respective pages
Added the images to each respective page on splitting/routing/resolving along with a brief description on how to navigate there.
2022-01-10 18:14:24 -05:00
mrspanishviking 3e30d6decf
Merge pull request #11997 from hashicorp/20sr20-patch-1
Adding texts in verify_leader metric
2022-01-10 15:59:20 -07:00
Sujata Roy e62ec3783e
Update website/content/docs/agent/telemetry.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 14:57:14 -08:00
mrspanishviking 2eb4375caf
Merge pull request #12007 from hashicorp/Amier3-patch-1-1
docs: clarify hcl/cli differences
2022-01-10 15:45:46 -07:00
Matt Keeler 9e788fbd47
Document Consul enterprise 1.10.0-1.10.4 forwards incompatibility with 1.11 (#11978)
Also fixed a broken link in the 1.10.x upgrade instructions.

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 17:18:40 -05:00
Amier Chery db29a926da
Create options.mdx
Adding a small little note to the top of the 'command line options' section of this page following community feedback in #10628
2022-01-10 17:15:33 -05:00
Jasmine W b8fe5038d1 added screenshot of k8s service 2022-01-10 15:57:15 -05:00
Sujata Roy 59e50ac42e
Adding texts in verify_leader metric
- Added description providing example case when the metric can go high
2022-01-10 12:01:27 -08:00
Jasmine W 2e60b0949f Adding UI screenshots to L7 overview 2022-01-10 14:34:00 -05:00
Preetha f9328bfdae
Added HCL examples to service discovery page (#11989)
Improved HCL examples in the service discovery docs page
2022-01-10 13:12:42 -06:00
Chris S. Kim 14e1898544
Add LastErrorMessage to /acl/replication docs (#11990) 2022-01-10 13:42:57 -05:00
Karl Cardenas 52a667ca85
added additonal example for failover within DC and unique namespace 2022-01-10 11:41:43 -07:00
mrspanishviking 095ad35891
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-01-10 11:22:53 -07:00
mrspanishviking cc8f9ddea5
Merge pull request #11977 from hashicorp/boxofrad/kv-docs-examples
docs: kv doc improvements
2022-01-10 11:22:09 -07:00
Karl Cardenas 77b6e1824c
removed empty {} 2022-01-10 10:51:00 -07:00
Karl Cardenas 967093f425
added another example for DC and namespace failover 2022-01-10 10:45:54 -07:00
trujillo-adam 43d013ddcf
Merge pull request #11930 from hashicorp/docs/admin-partition-updates-1.11.0-misc
added line about wildcard intentions not supported for admin partitions
2022-01-10 07:53:58 -08:00
Daniel Upton dd8d8fb6fd Incorporate feedback from @jkirschner-hashicorp and @karl-cardenas-coding 2022-01-10 15:53:41 +00:00
Daniel Upton e69ad56141 docs: clarify transaction usage and limitations in kv api docs 2022-01-10 13:59:43 +00:00
Daniel Upton d9f057aa69 docs: call out `kv export` and the transaction API 2022-01-10 13:51:35 +00:00
Daniel Upton e33402f292 docs: improve kv get examples
- Split examples into sections with headers
- Hide the clipboard on examples as the copied text isn't useful
- Format inline flags as code using backticks
2022-01-10 13:40:24 +00:00
Daniel Upton 77b49965ee docs: call out `kv import` and the transaction API 2022-01-10 12:30:28 +00:00
Daniel Upton c2f81b492b docs: improve read/scanability of kv put examples
- Split examples into sections with headers
- Hide the clipboard on examples as the copied text isn't useful
- Add an example of supplying data in a heredoc
- Move the flags section to the bottom to clearly separate it from CAS
  which also mentions "flags" of a different kind
- Slight re-wording for clarity
2022-01-10 12:15:59 +00:00