Commit Graph

16693 Commits

Author SHA1 Message Date
Daniel Nephin e2481923df
Merge pull request #10578 from hashicorp/pairing/contrib-ca-docs
contrib: add first draft of Connect CA developer docs
2022-01-26 12:39:28 -05:00
trujillo-adam a5471ae90a fixed formattting issues 2022-01-26 09:32:47 -08:00
Daniel Nephin 74dc9925cc Apply suggestions from code review
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
2022-01-26 12:24:13 -05:00
Daniel Nephin 2c311161cc acl: extract a backend type for the ACLResolverBackend
This is a small step to isolate the functionality that is used for the
ACLResolver from the large Client and Server structs.
2022-01-26 12:24:10 -05:00
trujillo-adam 93a514595c added GWclass and GWClassConfig 2022-01-26 09:23:10 -08:00
Daniel Nephin e0084abe8e contrib: add CA manager states diagram 2022-01-26 12:14:29 -05:00
Dhia Ayachi 724248e339 fix typo and add a TODO section for the remaining stuff 2022-01-26 12:14:29 -05:00
Dhia Ayachi 8e93c6ae1e Add sequence diagram for leader boot sequence 2022-01-26 12:14:29 -05:00
Dhia Ayachi d826afffe6 fix types and add reference to mesh and auto_config docs 2022-01-26 12:14:29 -05:00
Daniel Nephin 974f1604bf contrib: add CA operations 2022-01-26 12:14:29 -05:00
Daniel Nephin dfedb5a97f contrib: add description of cert relationship diagram
And links to code
2022-01-26 12:14:29 -05:00
Dhia Ayachi 50618d95e2 add HL diagram on the ca generation sequence 2022-01-26 12:14:29 -05:00
Daniel Nephin e26c9f46ab contrib: add first draft of Connect CA developer docs
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-01-26 12:14:29 -05:00
Matt Keeler 4198c09c47
Update telemetry page with advice for monitoring boltdb performance (#12141)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2022-01-26 11:51:19 -05:00
Blake Covarrubias ea0d3d8d05
docs: Add ingress TLS cipher and version documentation (#12163)
Document the new TLS cipher and version parameters that were added to
ingress gateways in #11576.

Co-authored-by: Mike Morris <mikemorris@users.noreply.github.com>
2022-01-26 08:12:12 -08:00
Michele Degges 7ab2a3fff9 Remove trailing ,'s to keep commit history clean 2022-01-25 18:55:20 -08:00
Michele Degges 7a69752cb5 Remove testing build trigger 2022-01-25 17:10:39 -08:00
Michele Degges 0f1c11bdc9 Add docker target that pulls from releases.hashicorp.com 2022-01-25 17:09:42 -08:00
Michele Degges 8d0b03b54d Fix broken docker builds 2022-01-25 16:59:04 -08:00
David Yu ad376d8478
docs: Service Sync clarify requirements when using Service Mesh (#12177)
* docs: Service Sync clarify requirements when using Service Mesh

* replace with relative link
2022-01-25 15:02:19 -08:00
modrake 80194bfe8e
Merge pull request #12178 from hashicorp/RDX-205-add-netcgo-for-darwin-builds
RDX-205 add netcgo tag for darwin builds
2022-01-25 14:10:02 -08:00
R.B. Boyer b999b3edfc
xds: fix for delta xDS reconnect bug in LDS/CDS (#12174)
When a wildcard xDS type (LDS/CDS/SRDS) reconnects from a delta xDS stream,
prior to envoy `1.19.0` it would populate the `ResourceNamesSubscribe` field
with the full list of currently subscribed items, instead of simply omitting it
to infer that it wanted everything (which is what wildcard mode means).

This upstream issue was filed in envoyproxy/envoy#16063 and fixed in
envoyproxy/envoy#16153 which went out in Envoy `1.19.0` and is fixed in later
versions (later refactored in envoyproxy/envoy#16855).

This PR conditionally forces LDS/CDS to be wildcard-only even when the
connected Envoy requests a non-wildcard subscription, but only does so on
versions prior to `1.19.0`, as we should not need to do this on later versions.

This fixes the failure case as described here: #11833 (comment)

Co-authored-by: Huan Wang <fredwanghuan@gmail.com>
2022-01-25 11:24:27 -06:00
Chris S. Kim ece75a03e3
Remove incorrect usage of url.PathEscape (#12184)
When r.toHTTP is called, http.Request is built with the path
already escaped. This removes all calls to url.PathEscape that
would have led to double-escaped URLs.
2022-01-25 12:15:06 -05:00
Morgan Drake 11ef7d99bd add netcgo tag for darwin builds 2022-01-24 14:34:57 -08:00
Michele Degges 3aee25270c
Make systemd EnvironmentFile optional #12176 2022-01-24 12:47:43 -08:00
Michele Degges 300ce7b8e7 Adding changelog entry 2022-01-24 12:32:22 -08:00
Michele Degges bc776aa258 Don't kill service if envfile isn't present 2022-01-24 12:13:14 -08:00
Michele Degges 5447e0ecb2 Merge branch 'main' of github.com:hashicorp/consul 2022-01-24 12:12:33 -08:00
Karl Cardenas c1ea9932b2
added learn tutorial link 2022-01-24 11:33:08 -07:00
Karl Cardenas 05a41a079a
updated introduction and service mesh styling 2022-01-24 11:25:49 -07:00
mrspanishviking 80172cf15e
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-01-24 11:20:12 -07:00
Karl Cardenas bf40add957
pushing up local changes 2022-01-24 11:18:37 -07:00
David Yu 6a27360203
docs: Admin Partitions K8s requirement update (#12173)
* docs: Admin Partitions K8s requirement update

* Update admin-partitions.mdx

* Update website/content/docs/enterprise/admin-partitions.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* extra space

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-24 09:04:02 -08:00
Michele Degges 97427f80b7
Add missing consul.env file for linux packaging (#12159) 2022-01-24 10:43:20 -05:00
mrspanishviking 14f6ee5aae
Merge pull request #11980 from krastin/krastin/docsday-ui-viz
adding JSON examples to /docs/connect/observability/ui-visualization
2022-01-24 08:42:46 -07:00
Krastin Krastev 1e550a4c3f fixing K8s notes placement in /docs/connect/observability/ui-visualization 2022-01-24 16:35:18 +01:00
Dao Thanh Tung 2a653efba9
Add api changes to agent endpoint for part 2 (#12150) 2022-01-24 10:23:08 -05:00
Krastin Krastev fcddb890c5 migrating <Tabs> to <CodeTabs> in /docs/connect/observability/ui-visualization 2022-01-24 16:10:03 +01:00
Daniel Nephin c1da07e2ea acl: remove calls to ResolveIdentityFromToken
We already have an ACLResolveResult, so we can get the accessor ID from
it.
2022-01-22 15:05:42 -05:00
Daniel Nephin ed1cc5f255 acl: remove ResolveTokenToIdentity
By exposing the AccessorID from the primary ResolveToken method we can
remove this duplication.
2022-01-22 14:47:59 -05:00
Daniel Nephin 26f0ebd96f acl: return a resposne from ResolveToken that includes the ACLIdentity
So that we can duplicate duplicate methods.
2022-01-22 14:33:09 -05:00
Daniel Nephin 314614f073 acl: remove duplicate methods
Now that ACLResolver is embedded we don't need ResolveTokenToIdentity on
Client and Server.

Moving ResolveTokenAndDefaultMeta to ACLResolver removes the duplicate
implementation.
2022-01-22 14:12:08 -05:00
Daniel Nephin 62c09b2d0a acl: embed ACLResolver in Client and Server
In preparation for removing duplicate resolve token methods.
2022-01-22 14:07:26 -05:00
Jake Herschman 00223a5462 updated CTS compatibility page to account for vault and all support product versions 2022-01-21 16:36:08 -08:00
David Yu d7418df51d
docs: 1.11.0 release notes (#12138)
* Work in Progress

* edit nav to show 1.11

* slight updates to release note content

* acl changes

* add details on bbolt

* first draft

* add more admin partition details

* revert package-lock.json

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* add sds change, and 1.10 change for tproxy

* Small changes

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Update website/content/docs/release-notes/1-11-0.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* adding Consul Service mesh term

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-21 15:46:02 -08:00
Peter M a2b839a838
Updated intro text
Jeff and I re-worded/expanded the text a bit here for the introduction section.
2022-01-21 16:14:45 -07:00
Michele Degges b7541e7698 Add missing consul.env file for linux packaging 2022-01-21 13:43:21 -08:00
Chris S. Kim d209de4230
Push bindata_assetfs.go to a non-protected branch (#12151) 2022-01-21 16:10:54 -05:00
Chris S. Kim 9ef448dedd
Generate bindata_assetfs.go (#12146) 2022-01-21 16:06:44 -05:00
R.B. Boyer 6472dcc1c0
update main to reflect it is v1.12.0-dev (#12157) 2022-01-21 15:03:11 -06:00