Commit Graph

514 Commits

Author SHA1 Message Date
boruszak 6d7a78b79a Fixes according to Freddy's review/comments 2022-08-09 09:42:01 -05:00
Jeff Boruszak 59c1113b22
Update website/content/docs/connect/cluster-peering/k8s.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-09 09:25:45 -05:00
Jeff Boruszak c3944bb191
Update website/content/docs/connect/cluster-peering/index.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-09 09:10:34 -05:00
boruszak e07dcd87bd WAN Federation/Cluster Peering comparison table addition 2022-08-09 09:07:25 -05:00
Jeff Boruszak 1d3f9e6448
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-09 09:02:33 -05:00
Jeff Boruszak 8cc8c9351f
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-09 09:02:16 -05:00
Jeff Boruszak 07ef084981
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-09 09:02:05 -05:00
Jeff Boruszak 69e1b6fa92
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-09 09:01:42 -05:00
Chris S. Kim e519a8e024 Update wording on intentions 2022-08-09 10:01:30 -04:00
Jeff Boruszak 557271e0de
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-08-09 09:01:27 -05:00
boruszak 8b5b4aa6ce Delete peering UI instructions 2022-08-09 08:53:03 -05:00
Tu Nguyen 6b7b64240f Fixed rendering 2022-08-08 16:40:14 -07:00
Chris S. Kim 5960c5351f Update docs for peered transparent proxy 2022-08-08 18:33:57 -04:00
boruszak ed10dee9b6 UI instructions 2022-08-08 16:32:38 -05:00
boruszak a8fea65f9f Add peering connection UI iinitial commit. 2022-08-08 15:34:28 -05:00
Dhia Ayachi 11ec7b1f90
add config parameters doc for destination in service-defaults (#13950)
* add config parameters doc for destination in service-defaults

* add destination config example

* add documentations around tgateway config

* Apply suggestions from code review

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Dan Stough <dan.stough@hashicorp.com>

* fix based on comments

* fix typo

* fix code tab array

* fix yaml description for addresses and port

* do not split yaml and hcl when the description is the same

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: Dan Stough <dan.stough@hashicorp.com>
2022-08-08 16:28:37 -04:00
boruszak a50dd4848c Added info about Consul server config requirements 2022-08-08 15:09:12 -05:00
boruszak cb587192ba Minor edit 2022-08-02 16:25:13 -05:00
boruszak f3a9f607b9 Proofing edits 2022-08-02 16:20:43 -05:00
boruszak c0c97f2cb3 Proofing edits 2022-08-02 16:01:22 -05:00
boruszak a7b4444958 New features/functions list 2022-08-02 15:17:09 -05:00
boruszak b96d540271 New "Mesh Gateways for Peered Clusters" page 2022-08-02 15:09:00 -05:00
boruszak 8ace17e47c Initial new features commit 2022-08-02 14:26:20 -05:00
boruszak 52656f4426 Proofing updates & adjustments 2022-08-01 14:43:10 -05:00
boruszak 58a7b3aece Updated functionality + task instructions 2022-08-01 14:28:50 -05:00
boruszak 31df478292 Beta release constraints updated 2022-08-01 10:43:38 -05:00
boruszak e9c8abefcb Update "technical preview" to "beta" 2022-08-01 10:30:36 -05:00
Krastin Krastev 7f2eea5be3 Merge branch 'main' into krastin/docs/sidecarservice-typo 2022-07-21 10:51:39 +03:00
Jared Kirschner 53ab2bd9d2
Merge pull request #13405 from hashicorp/jkirschner-hashicorp-patch-3
docs: correct Vault CA multiple namespace support
2022-07-20 17:52:32 -04:00
Krastin Krastev 40c0519d46 docs: clean-up expanded service def 2022-07-18 13:45:59 +03:00
boruszak 7384eefff0 Clarification around "peering_token.json" and adding Partition names 2022-07-07 16:10:21 -05:00
boruszak 368d88f9b3 "<service-name" fix - added brackets 2022-07-07 10:08:53 -05:00
David Yu 8f8ed954cc
docs: add controller to cluster peering docs (#13639)
* docs: add controller to cluster peering docs
2022-06-29 11:08:37 -07:00
Tu Nguyen 3c608f5536
Fix typo in cluster peering docs (#13574)
* Fix typo in cluster peering docs
* Remove highlight, update curly quotes
2022-06-28 15:54:57 -07:00
Matt Keeler 91b8bf4b55
Clarify the wording of the peering limitations in the preview (#13590) 2022-06-24 09:58:31 -04:00
David Yu baf6c67415
docs: add indent to code block config tab to align with other branches (#13573) 2022-06-23 08:38:36 -07:00
David Yu e8f7a1f2c1
docs: add Core requirements to cluster peering k8s docs (#13569)
* docs: add Core requirements to cluster peering k8s docs

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-22 19:12:08 -07:00
Tu Nguyen a35d37c574
Merge pull request #13433 from hashicorp/docs-cluster-peering-technical-preview
docs: Cluster Peering for OSS Technical Preview
2022-06-22 00:10:11 -07:00
David Yu 563c11baa5
Update website/content/docs/connect/cluster-peering/k8s.mdx 2022-06-21 16:34:45 -07:00
Tu Nguyen 5596f6fc4b
Apply suggestions from code review 2022-06-21 16:31:49 -07:00
David Yu 32eb9a70a9 adding fixes 2022-06-21 16:27:06 -07:00
Tu Nguyen 32ecc216f6
Update website/content/docs/connect/cluster-peering/k8s.mdx
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-06-21 16:21:29 -07:00
Tu Nguyen 5df3af9778
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx 2022-06-21 16:15:34 -07:00
Tu Nguyen 60f6948b0a
Apply suggestions from code review
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-21 16:13:39 -07:00
Tu Nguyen 23e4884779
Merge pull request #13448 from hashicorp/docs-cluster-peering-k8s-technical-preview
docs: Cluster Peering for Kubernetes Technical Preview
2022-06-21 10:18:13 -07:00
Jeff Boruszak 3ded4522fb
Apply suggestions from code review
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-20 15:28:50 -05:00
Freddy 902e76d304
Additional service mesh docs updates for peering (#13464)
This PR covers two sets of changes:
- Documenting the new `destination_peer` for proxy upstream definitions.
- Updating the exported-services config entry documentation.

Updates to the `exported-services` config entry include:
- As of 1.13.0 it is no longer only for Consul Enterprise
- A `PeerName` is now a possible consumer for an exported service.
- Added examples for OSS and Enterprise
- Linked to peering docs
2022-06-17 18:40:38 -06:00
Jeff Boruszak 4c520323a5
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx 2022-06-17 12:35:35 -05:00
Jeff Boruszak 85463445b4
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-17 12:31:11 -05:00
Chris S. Kim 4b0ffb227a
Update docs with Source.Peer field (#13463) 2022-06-16 09:30:05 -04:00
Jeff Boruszak 93a50d5b12
Additional consistency edits 2022-06-15 16:25:57 -05:00
Jeff Boruszak 8bd57c75fe
Apply suggestions from code review
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-06-15 16:15:03 -05:00
Jeff Boruszak 627173110b
Update website/content/docs/connect/cluster-peering/index.mdx 2022-06-15 14:26:40 -05:00
Jeff Boruszak 1a6eea4fc3
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:23:18 -05:00
boruszak b00262381b Limitations -> Constraints 2022-06-15 14:21:58 -05:00
Jeff Boruszak 08716c5279
Apply suggestions from code review
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-15 14:19:03 -05:00
boruszak 37acf49357 typo fix 2022-06-15 14:08:34 -05:00
boruszak 80f779a528 Switch fronend-service and backend-service 2022-06-15 14:07:56 -05:00
Jeff Boruszak e8d34bab68
Apply suggestions from code review 2022-06-15 14:04:52 -05:00
Jeff Boruszak c23ab4259e
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:01:34 -05:00
Jeff Boruszak 199e9a900a
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-06-15 13:56:55 -05:00
boruszak 1c7d51f9d9 peering_token.json addition 2022-06-15 13:55:53 -05:00
Jared Kirschner bd68f0f6f6
Merge branch 'main' into jkirschner-hashicorp-patch-3 2022-06-15 00:06:40 -04:00
Jeff Boruszak caa2dc5bfb
Apply suggestions from code review
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:34:21 -05:00
Evan Culver ca7acd2970
connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444) 2022-06-14 15:29:41 -07:00
Jeff Boruszak 687c16b9e0
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:29:30 -05:00
Jeff Boruszak 9a8235993a
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx 2022-06-14 17:28:06 -05:00
Jeff Boruszak fe0a5491d2
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:27:03 -05:00
Jeff Boruszak 24409fa40b
Update website/content/docs/connect/cluster-peering/index.mdx
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:23:07 -05:00
boruszak e22171cdbf Cluster Peering on Kubernetes page creation 2022-06-14 17:15:14 -05:00
boruszak 703ce412c7 Removing k8s updates on this branch 2022-06-14 17:12:45 -05:00
boruszak 8687f1511e <CodeBlockConfig> fixes 2022-06-14 16:58:07 -05:00
boruszak 0b60e6b539 Code Block fixes 2022-06-14 16:55:25 -05:00
boruszak c901667dd4 Cluster Peering on Kubernetes initial draft 2022-06-14 16:33:29 -05:00
boruszak 0bffbc429c Cluster Peering on Kubernetes page creation 2022-06-14 16:15:57 -05:00
Evan Culver 2adb9f7c8a
connect: Update Envoy support matrix to latest patch releases (#13431) 2022-06-14 13:19:09 -07:00
Jeff Boruszak 2e5163dfdc
Fixing double-ticks ` 2022-06-14 10:00:22 -05:00
boruszak 0c1b6d77d8 Removing Kubernetes page - will submit separate PR for timing reason 2022-06-13 16:47:47 -05:00
boruszak ad4712334d Typo fix 2022-06-13 16:42:29 -05:00
boruszak 00e648ab89 Create and Manage Peering Connections additional fixes 2022-06-13 16:38:44 -05:00
boruszak ecdb4cda96 What is Cluster Peering? additional fixes 2022-06-13 16:06:29 -05:00
boruszak fb573f7801 Create and Manage Peering Connections page 2022-06-13 14:24:02 -05:00
boruszak 4b306efd94 What is Cluster Peering? additional fixes 2022-06-13 13:41:57 -05:00
boruszak d3fd58ad8e What is Cluster Peering? page 2022-06-13 13:31:13 -05:00
boruszak b8b9be4d56 Initial page creation 2022-06-13 12:58:16 -05:00
Jared Kirschner 40402339e8
docs: correct Vault CA multiple namespace support 2022-06-08 17:50:56 -04:00
Mark Anderson 3046ad707b yUpdate website/content/docs/connect/ca/vault.mdx
Port some changes that were made to the backport branch but not in the original PR.

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-31 20:22:12 -07:00
Blake Covarrubias a74710fd45
docs: Remove unnecessary use of CodeBlockConfig (#12974)
Remove empty CodeBlockConfig elements. These elements are not
providing any benefit for the enclosed code blocks. This PR removes
the elements so so that the source is easier to read.
2022-05-11 15:37:02 -07:00
Blake Covarrubias 13ac34c08b
docs: Fix spelling errors across site (#12973) 2022-05-10 07:28:33 -07:00
Mark Anderson f4c4c0e9ae
Update website/content/docs/connect/config-entries/mesh.mdx (#12943)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Signed-off-by: Mark Anderson <manderson@hashicorp.com>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-05-05 10:39:53 -07:00
Mark Anderson 18193f2916
Support vault namespaces in connect CA (#12904)
* Support vault namespaces in connect CA

Follow on to some missed items from #12655

From an internal ticket "Support standard "Vault namespace in the
path" semantics for Connect Vault CA Provider"

Vault allows the namespace to be specified as a prefix in the path of
a PKI definition, but our usage of the Vault API includes calls that
don't support a namespaced key. In particular the sys.* family of
calls simply appends the key, instead of prefixing the namespace in
front of the path.

Unfortunately it is difficult to reliably parse a path with a
namespace; only vault knows what namespaces are present, and the '/'
separator can be inside a key name, as well as separating path
elements. This is in use in the wild; for example
'dc1/intermediate-key' is a relatively common naming schema.

Instead we add two new fields: RootPKINamespace and
IntermediatePKINamespace, which are the absolute namespace paths
'prefixed' in front of the respective PKI Paths.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-04 19:41:55 -07:00
Mark Anderson e6282c7c64 Docs and changelog edits
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-04 08:50:59 -07:00
Mark Anderson 33bc0a8cb3 Add some docs
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-04 08:50:58 -07:00
Blake Covarrubias 8dc68002f9
docs: Add example Envoy escape hatch configs (#12764)
Add example escape hatch configurations for all supported override
types.
2022-05-02 11:25:59 -07:00
Karl Cardenas 20975a35f6
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-04-26 13:12:53 -07:00
Karl Cardenas 7ead9840b5
docs: updated connect docs and re-deploying missed changes 2022-04-25 10:04:06 -07:00
David Yu ab78b897e4
docs: remove 1.9.x row in Envoy compatibility matrix (#12828) 2022-04-20 19:35:06 -07:00
Evan Culver 9d0b5bf8e9
connect: Add Envoy 1.22 to integration tests, remove Envoy 1.18 (#12805)
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-04-18 09:36:07 -07:00
Evan Culver e62745c82c
connect: Add Envoy 1.21.1 to support matrix, remove 1.17.4 (#12777) 2022-04-14 10:44:42 -07:00
Natalie Smith b9ec2222db docs: simplify agent docs slugs 2022-04-11 17:38:47 -07:00
Natalie Smith cd73f27c84 docs: fix external links to agent config pages 2022-04-11 17:38:11 -07:00
R.B. Boyer f4eac06b21
xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections (#12711)
Just like standard upstreams the order of applicability in descending precedence:

1. caller's `service-defaults` upstream override for destination
2. caller's `service-defaults` upstream defaults
3. destination's `service-resolver` ConnectTimeout
4. system default of 5s

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-04-07 16:58:21 -05:00
Kyle Havlovitz 9380343689
Merge pull request #12672 from hashicorp/tgate-san-validation
Respect SNI with terminating gateways and log a warning if it isn't set alongside TLS
2022-04-05 11:15:59 -07:00
Blake Covarrubias d60e8cd646
docs: Update links to K8s service mesh annotations (#12652)
The list of supported annotations for Consul service mesh were moved
from /docs/k8s/connect to /docs/k8s/annotations-and-labels in PR
#12323.

This commit updates various across the site to point to the new
URL for these annotations.
2022-04-04 14:35:07 -07:00
Kyle Havlovitz 116b6c57cb Use the GatewayService SNI field for upstream SAN validation 2022-03-31 13:54:25 -07:00
Kyle Havlovitz cc3c39b920 Recommend SNI with TLS in the terminating gateway docs 2022-03-31 12:19:16 -07:00
Bryce Kalow 04ec4c2aa4
website: redirect /api to /api-docs (#12660) 2022-03-30 16:16:26 -05:00
R.B. Boyer e9230e93d8
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
- `tls.incoming`: applies to the inbound mTLS targeting the public
  listener on `connect-proxy` and `terminating-gateway` envoy instances

- `tls.outgoing`: applies to the outbound mTLS dialing upstreams from
  `connect-proxy` and `ingress-gateway` envoy instances

Fixes #11966
2022-03-30 13:43:59 -05:00
R.B. Boyer d4e80b8800
server: ensure that service-defaults meta is incorporated into the discovery chain response (#12511)
Also add a new "Default" field to the discovery chain response to clients
2022-03-30 10:04:18 -05:00
Krastin Krastev f6958894f5
docs: fix a trailing comma in JSON body
removing a comma after a last element in JSON body
2022-03-22 20:36:59 +01:00
David Yu 6363cb16c3
docs: Consul Service Mesh overview - rename of title and K8s getting started (#12574)
* Consul Service Mesh overview - rename of title and K8s getting started

* reformat lines
2022-03-18 08:55:57 -07:00
Dan Upton 57f0f42733
Support per-listener TLS configuration ⚙️ (#12504)
Introduces the capability to configure TLS differently for Consul's
listeners/ports (i.e. HTTPS, gRPC, and the internal multiplexed RPC
port) which is useful in scenarios where you may want the HTTPS or
gRPC interfaces to present a certificate signed by a well-known/public
CA, rather than the certificate used for internal communication which
must have a SAN in the form `server.<dc>.consul`.
2022-03-18 10:46:58 +00:00
Jacob 578d82fd96
Update ui-visualization.mdx 2022-03-16 10:08:22 -04:00
mrspanishviking 1ae820ea0a
Revert "[Docs] Agent configuration hierarchy " 2022-03-15 16:13:58 -07:00
trujillo-adam 667976c94f fixing merge conflicts part 3 2022-03-15 15:25:03 -07:00
trujillo-adam 33d0ed5e96 fixed merge conflicts pt2 2022-03-15 14:01:24 -07:00
trujillo-adam 60a88bb40f merging new hierarchy for agent configuration 2022-03-14 15:44:41 -07:00
Kyle Schochenmaier 6e6e705ae0
update docs (#12543) 2022-03-09 13:24:20 -06:00
Blake Covarrubias 866c8cde4b
docs: Update Kubernetes YAML examples in UI visualization (#12419)
* Update Kubernetes related YAML config examples to document supported
syntax in the latest version of the Helm chart.
* Fix syntax in JSON example configs.

Resolves #12403

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-03-03 21:31:57 -08:00
David Yu 30aff819f7
docs: Envoy 'compatibility' typo (#12513) 2022-03-03 10:50:56 -08:00
David Yu b1035b6f4a
docs: bump Envoy for 1.10.x (#12472)
* docs: bump Envoy for 1.10.x

* update security notes and remove previous versions older than n-2

Envoy 1.9.0 and older have last vulnerability.

* Update envoy.mdx

* Update envoy.mdx

* Update envoy.mdx

* Update envoy.mdx

* formatting

* Update website/content/docs/connect/proxies/envoy.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/connect/proxies/envoy.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-03-03 10:34:30 -08:00
Luke Kysow 2a925b7ef1
Update exported-services.mdx (#12499) 2022-03-02 15:57:58 -08:00
Eddie Rowe 56c2f00676 Remove deprecated built-in proxy tutorial reference 2022-03-01 14:35:28 -06:00
Evan Culver 7889071385
connect: Update supported Envoy versions to include 1.19.3 and 1.18.6 2022-02-24 16:59:33 -08:00
Evan Culver 9f4d9f3f74
connect: Upgrade Envoy 1.20 to 1.20.2 (#12443) 2022-02-24 16:19:39 -08:00
Karl Cardenas 568ba392b6
docs: added example for service-router retry 2022-02-24 10:52:41 -07:00
Daniel Nephin 58f3fec54a docs: add docs for using an external CA 2022-02-17 18:21:30 -05:00
Karl Cardenas b1726a7ecb
docs: updated per feedback 2022-02-08 11:02:36 -07:00
Karl Cardenas bdeb752f83
docs: update the wan mesh gateway page 2022-02-08 10:25:27 -07:00
Luke Kysow fcf804043c
docs: update for k8s support for igw and header manip (#12264)
Add docs now that k8s supports these new config entry fields
2022-02-03 14:03:21 -08:00
Blake Covarrubias 4dcb6e8904 docs: Fix discrepancy with sidecar min/max port range
Remove incorrect sidecar port range on docs for built-in proxy.

Updates the bind_port/port fields on the built-in proxy and sidecar
service registration pages to link to the `sidecar_min_port` and
`sidecar_max_port` configuration options for the defined port range.

Fixes #12253
2022-02-02 20:12:00 -08:00
Dan Upton a3c4b85cec
docs: add transparent proxy visual aid (#12211)
Co-authored-by: Paul Banks <banks@banksco.de>
2022-01-28 10:57:37 +00:00
Luke Kysow 0eb453ce17
Update distributed-tracing.mdx with caveat on 128 bit IDs (#12196)
* Update distributed-tracing.mdx
2022-01-26 10:39:33 -08:00
David Yu 3a2d1dfccb
docs: iptables for TProxy requirement (#12180)
* docs: iptables

Add iptables requirement

* Update website/content/docs/connect/transparent-proxy.mdx

Co-authored-by: Kyle Schochenmaier <kschoche@gmail.com>

Co-authored-by: Kyle Schochenmaier <kschoche@gmail.com>
2022-01-26 10:18:31 -08:00
Blake Covarrubias ea0d3d8d05
docs: Add ingress TLS cipher and version documentation (#12163)
Document the new TLS cipher and version parameters that were added to
ingress gateways in #11576.

Co-authored-by: Mike Morris <mikemorris@users.noreply.github.com>
2022-01-26 08:12:12 -08:00
mrspanishviking 14f6ee5aae
Merge pull request #11980 from krastin/krastin/docsday-ui-viz
adding JSON examples to /docs/connect/observability/ui-visualization
2022-01-24 08:42:46 -07:00
Krastin Krastev 1e550a4c3f fixing K8s notes placement in /docs/connect/observability/ui-visualization 2022-01-24 16:35:18 +01:00
Krastin Krastev fcddb890c5 migrating <Tabs> to <CodeTabs> in /docs/connect/observability/ui-visualization 2022-01-24 16:10:03 +01:00
R.B. Boyer acef0e816e
docs: update config entry docs for proxy-defaults to follow new template (#12011) 2022-01-20 15:35:27 -06:00
Blake Covarrubias f46bbb7205 Fix spelling errors 2022-01-20 08:54:23 -08:00
Blake Covarrubias 54b37823bc Convert absolute URLs to relative URLs for consul.io 2022-01-20 08:52:51 -08:00
Blake Covarrubias d81889bb41 docs: Avoid redirects by pointing links to new URLs
Avoid HTTP redirects for internal site links by updating old URLs to
point to the new location for the target content.
2022-01-20 08:52:51 -08:00
Blake Covarrubias 86d6d2b3ba docs: Fix typo in service resolver's RingHashConfig
Fix typo in documentation for service resolver's RingHashConfig. The
correct child parameters are `MinimumRingSize` and `MaximumRingSize`.
2022-01-19 15:17:53 -08:00
Jared Kirschner 73219b6b92
Merge pull request #12100 from hashicorp/update-gateway-overview-visual
docs: clarify gateways don't connect to public internet
2022-01-18 19:03:32 -05:00
trujillo-adam 42d5c5d2a7
Merge pull request #11898 from hashicorp/docs/service-mesh-config-entries-add-partitions--1.11.0
updated configuration entry params for admin partitions 1.11
2022-01-18 15:46:15 -08:00
trujillo-adam c7331577c9 applied final feedback 2022-01-18 15:40:43 -08:00
trujillo-adam 55e9afec99
Apply suggestions from code review
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-01-18 15:31:58 -08:00
Jared Kirschner c82e3130a0 docs: clarify gateways don't connect to internet
Consul's ingress and terminating gateways are meant to enable connectivity
within your organizational network between services outside the Consul service
mesh and those within. They are not meant to connect to the public internet.
2022-01-18 13:28:26 -08:00
Evan Culver ec65890f01
connect: Upgrade Envoy 1.20 to 1.20.1 (#11895) 2022-01-18 14:35:27 -05:00
Jared Kirschner 39f00317c4
Merge pull request #12101 from hashicorp/wan-federation-with-mesh-gateways-networking-visual
docs: show WAN fed with/without mesh gateways
2022-01-18 09:22:13 -05:00
Jared Kirschner f6f28c4952 docs: show WAN fed with/without mesh gateways 2022-01-16 16:55:12 -08:00
Thomas Kula fdd196ae1c
docs: Minor grammar change to ingress-gateway.mdx (#11365)
Use plural form of "listeners", not possessive form of "listener's"
2022-01-14 16:36:02 -08:00
trujillo-adam 23ac796406 Merge branch 'docs/service-mesh-config-entries-add-partitions--1.11.0' of github.com:hashicorp/consul into docs/service-mesh-config-entries-add-partitions--1.11.0
pre and post docs day merge
2022-01-14 11:34:36 -08:00
trujillo-adam 71907728ff applying latest round of feedback 2022-01-14 09:51:57 -08:00
Blake Covarrubias 5a12f2cf20
docs: Use long form of CLI flags (#12030)
Use long form of CLI flags in all example commands.

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-01-12 15:05:01 -08:00
Dhia Ayachi 2a0e15cd69
CA certificates relationship HL diagram (#12022)
* add diagram and text to explain certificates in consul

* use bullet points instead of enumeration

* Apply suggestions from code review

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* remove non needed text and improve image

* fix cert naming

* move section to the right place

* rename DC

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-12 16:10:00 -05:00
Blake Covarrubias 97e7e118e0 docs: Fix spelling errors 2022-01-11 09:37:09 -08:00
mrspanishviking a51f17a0f1
Merge pull request #11983 from hashicorp/resolver_examples
docs: added another resolver example for DC and namespace failover
2022-01-11 10:27:57 -07:00
Jasmine W e671ea7f60
Merge pull request #11995 from hashicorp/l7-routing-screenshots
Adding UI screenshots to L7 overview
2022-01-11 11:33:20 -05:00
Jasmine W 8f662c49f6
Update website/content/docs/connect/config-entries/service-splitter.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:49 -05:00
Jasmine W 62583f75fe
Update website/content/docs/connect/config-entries/service-router.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:43 -05:00
Jasmine W d011b1afcb
Update website/content/docs/connect/config-entries/service-resolver.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-11 11:18:36 -05:00
Natalie Smith 61980f0808 docs: simplify agent docs slugs 2022-01-10 17:37:18 -08:00
Natalie Smith 2b71c59298 docs: fix external links to agent config pages 2022-01-10 17:11:50 -08:00
mrspanishviking 071b3025af
Merge pull request #12016 from hashicorp/Screenshot-Updates
Consul UI Screenshot Updates
2022-01-10 18:05:02 -07:00
Xuan Luo 8ca86265a5
Merge pull request #12017 from hashicorp/doc-changes
Doc changes
2022-01-10 16:33:47 -08:00
Xuan Luo 3ae25bfb58 updated image 2022-01-10 16:29:32 -08:00
Xuan Luo edb95ce99c docs: add gateway overview illustration 2022-01-10 15:47:57 -08:00
Luke Kysow e30e0a075c
Add distributed tracing docs (#12010)
* Add distributed tracing docs
2022-01-10 15:43:31 -08:00
Jake Herschman 5469bcd6d1 updated topology image 2022-01-10 18:39:35 -05:00
Amier Chery 6c230ff458 Added images to respective pages
Added the images to each respective page on splitting/routing/resolving along with a brief description on how to navigate there.
2022-01-10 18:14:24 -05:00
Jasmine W 2e60b0949f Adding UI screenshots to L7 overview 2022-01-10 14:34:00 -05:00
Karl Cardenas 52a667ca85
added additonal example for failover within DC and unique namespace 2022-01-10 11:41:43 -07:00
mrspanishviking 095ad35891
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-01-10 11:22:53 -07:00
Karl Cardenas 77b6e1824c
removed empty {} 2022-01-10 10:51:00 -07:00
Karl Cardenas 967093f425
added another example for DC and namespace failover 2022-01-10 10:45:54 -07:00
Krastin Krastev 32ee4e440d adding JSON examples to /docs/connect/observability/ui-visualization 2022-01-10 17:47:51 +01:00
trujillo-adam 43d013ddcf
Merge pull request #11930 from hashicorp/docs/admin-partition-updates-1.11.0-misc
added line about wildcard intentions not supported for admin partitions
2022-01-10 07:53:58 -08:00
trujillo-adam 15220e8d39 applied feedback 2022-01-07 15:43:51 -08:00
trujillo-adam c617a4a970
Update website/content/docs/connect/config-entries/mesh.mdx
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-01-07 14:20:43 -08:00
trujillo-adam ea2ae4b637 tweaks to the language used in the requirements section 2022-01-05 12:01:10 -08:00
Noel Quiles 2c047e1c3a
website: Update copy (#11853) 2022-01-04 15:29:46 -05:00
trujillo-adam 31551b49f4 added line about wildcard intentions not supported for admin partitions 2022-01-03 15:31:58 -08:00
trujillo-adam f072adc618 proposed language about why there is no <CE>.meta.partition field 2022-01-03 14:40:03 -08:00
trujillo-adam 186adb00e5 Merge branch 'docs/service-mesh-config-entries-add-partitions--1.11.0' of github.com:hashicorp/consul into docs/service-mesh-config-entries-add-partitions--1.11.0
updating local with GH comments
2022-01-03 11:32:34 -08:00
trujillo-adam 078003955b
Apply suggestions from code review
typos and minor corrections

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-01-03 11:32:14 -08:00
saurabh-sp-tripathi 5e6c934135 Fix typo, Layer 7 is application layer not network 2021-12-22 15:13:56 -08:00
trujillo-adam 5835d18664 Merge branch 'main' of github.com:hashicorp/consul into docs/service-mesh-config-entries-add-partitions--1.11.0
pulling main into the this branch
2021-12-22 13:12:08 -08:00
trujillo-adam 2edf383b79
Merge pull request #11859 from hashicorp/docs/service-mesh-gateways-clarification-for-1.11.0
clarify mesh gateway docs use cases; include admin partition flow
2021-12-22 11:56:11 -08:00
trujillo-adam ca41ee4484 fixed bad md syntax 2021-12-22 11:40:26 -08:00
trujillo-adam ec6aff8dc0 applied feedback 2021-12-22 11:18:06 -08:00
trujillo-adam 0288678e00 updated configuration entry params for admin partitions 1.11 2021-12-20 16:30:39 -08:00
David Yu e1d32b6a9f
docs: ExportedServices YAML correction (#11883)
* docs: ExportedServices YAML correction

* Add enterprise alert to CRD index
2021-12-17 11:29:10 -08:00
trujillo-adam 94da06f6ee additional clarification on upstream configurations for x-dc and x-partition traffic 2021-12-17 09:46:50 -08:00
David Yu 463c7e9f43
docs: fix ExportedServices typo on example
Fix typlo
2021-12-17 09:39:55 -08:00
David Yu 1a2f8b04c6
add enterprise inline 2021-12-16 20:23:03 -08:00
David Yu 5b5d5f283d
docs: add exported services to overview 2021-12-16 20:20:11 -08:00
David Yu d369a13795
docs: ExportedServices CRD typo and change heading for services (#11845) 2021-12-15 15:51:24 -08:00
trujillo-adam 478e988206 clarify mesh gateway docs use cases; include admin partition flow 2021-12-15 13:11:52 -08:00
Chris S. Kim 540b5c1945
docs: Update discovery chain compilation results with partition fields (#11835) 2021-12-14 15:37:34 -05:00
Kyle Havlovitz e964cb37cf docs: Update exported-services page to include required Name field 2021-12-14 12:10:30 -08:00
Paul Banks 6a97a5d02e
Merge pull request #11164 from hashicorp/docs/ingress-sds
Document SDS for ingress gateways
2021-12-14 17:32:40 +00:00
freddygv a2fd30e514 Clean up additional refs to partition exports 2021-12-04 15:16:40 -07:00
freddygv 32a2012059 Move exported-services docs based on new name 2021-12-03 17:47:32 -07:00
freddygv 02fb323652 Rename partition-exports to exported-services
Using a name less tied to partitions gives us more flexibility to use
this config entry in OSS for exports between datacenters/meshes.
2021-12-03 17:47:31 -07:00
Paul Banks 5015e9a733 Reformatting suggestions from review 2021-12-01 15:35:24 +00:00
Paul Banks 15ece49126 Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-12-01 15:13:40 +00:00
Paul Banks d149311cee Apply suggestions from code review
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-12-01 15:13:40 +00:00
Paul Banks c1b9601a94 Add documentation for SDS support in ingress gateways. 2021-12-01 15:13:40 +00:00
John Cowen 6fa1a058a6
ui: Add `Service.Partition` as available variable for dashboard urls (#11654) 2021-12-01 11:05:57 +00:00
trujillo-adam cff9356f97
Merge pull request #11558 from hashicorp/docs/admin-partitions-service-exports-configuration-entry
Admin partition docs: cross-partition support beta2/3
2021-11-30 11:22:30 -08:00
trujillo-adam 861e756b70 addtional feedback; added PartitionExports to CRDs section 2021-11-30 11:18:12 -08:00
trujillo-adam 5c47887093 applied additional feedback 2021-11-29 13:28:05 -08:00
David Yu db01c70914
docs: Notes about WAN Federation when using Vault as Connect CA (#11143)
* docs: Notes about WAN Federation when using Vault as Connect CA

* Apply suggestions from code review

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>

* Update website/content/docs/connect/ca/vault.mdx

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>

* Update website/content/docs/connect/ca/vault.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/connect/ca/vault.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update vault.mdx

* Update vault.mdx

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-11-29 12:37:14 -08:00
Karl Cardenas 4a52289e2b
docs: updated proxy page to use new codeblock 2021-11-18 18:17:38 -07:00
Iryna Shustava bd3fb0d0e9
connect: Support auth methods for the vault connect CA provider (#11573)
* Support vault auth methods for the Vault connect CA provider
* Rotate the token (re-authenticate to vault using auth method) when the token can no longer be renewed
2021-11-18 13:15:28 -07:00
trujillo-adam 8dfab9eb67 fixed typo and added link from partition exports to admin partitions section 2021-11-17 08:50:07 -08:00
trujillo-adam 4d9f7c5f53 fixed bad links 2021-11-16 12:05:18 -08:00
trujillo-adam 7fbb8dd08b added link to agent configuration from partition exports in usage section 2021-11-16 10:53:07 -08:00
trujillo-adam 3d2222cd8a applied freddy's feedback 2021-11-16 10:44:21 -08:00
trujillo-adam c06675fb3a Adding partition exports configuraiton entry details, upstream config, acl impact 2021-11-13 18:52:58 -08:00
trujillo-adam b937934b35 first commit for cross-partition support - partition exports section 2021-11-11 18:43:57 -08:00
mrspanishviking dadb7a7c33
Merge pull request #11543 from hashicorp/envoy-token
docs: added more information to help endusers with proxies and ACL
2021-11-11 08:37:12 -08:00
mrspanishviking a7bda35a3f
Update website/content/docs/connect/proxies/integrate.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-11-11 08:05:45 -08:00
mrspanishviking 0ae860df38
Update website/content/docs/connect/ca/vault.mdx
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-11-10 13:03:28 -08:00
Karl Cardenas 3ee1996504
docs: added more information to help endusers with proxies and ACL tokens 2021-11-10 08:52:44 -07:00
Karl Cardenas e7faee6ef7
docs: added link to the Learn tutorial in Vault CA integration page 2021-11-10 07:30:12 -07:00
Freddy 0344f3579b
Fix caveat about resolvers operating at L4 (#11497)
Service resolvers can specify L4 rules such as redirects, or L7 rules such as
hash-based load balancing policies.
2021-11-08 07:11:36 -07:00
Connor b3af482e09
Support Vault Namespaces explicitly in CA config (#11477)
* Support Vault Namespaces explicitly in CA config

If there is a Namespace entry included in the Vault CA configuration,
set it as the Vault Namespace on the Vault client

Currently the only way to support Vault namespaces in the Consul CA
config is by doing one of the following:
1) Set the VAULT_NAMESPACE environment variable which will be picked up
by the Vault API client
2) Prefix all Vault paths with the namespace

Neither of these are super pleasant. The first requires direct access
and modification to the Consul runtime environment. It's possible and
expected, not super pleasant.

The second requires more indepth knowledge of Vault and how it uses
Namespaces and could be confusing for anyone without that context. It
also infers that it is not supported

* Add changelog

* Remove fmt.Fprint calls

* Make comment clearer

* Add next consul version to website docs

* Add new test for default configuration

* go mod tidy

* Add skip if vault not present

* Tweak changelog text
2021-11-05 11:42:28 -05:00
FFMMM 573ea1a95d
change vault ca docs to mention root cert ttl config (#11488)
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2021-11-04 15:44:22 -07:00
Luke Kysow 0f8434a213
Add quick-link for users coming from UI (#11403)
The Consul UI topology view has an icon with the text
"Configure metrics dashboard" that links to this page. Add a notice at
the top of the page that links them directly to the relevant section.
2021-11-03 09:37:30 -07:00
Luke Kysow 6131a207cf
Remove Name/Namespace fields from upstream default (#11456)
The UpstreamConfig.Defaults field does not support setting Name or
Namespace because the purpose is to apply defaults to all upstreams.
I think this was just missed in the docs since those fields would
error if set under Defaults.

i.e. this is not supported:

```
UpstreamConfig {
  Defaults {
    Name = "foo"
    Namespace = "bar"
    # Defaults config here
  }
}
```
2021-11-02 14:21:15 -07:00
Evan Culver 98acbfa79c
connect: Add support for Envoy 1.20 (#11277) 2021-10-27 18:38:10 -07:00
Andy Assareh 97dda48b74
docs: Mesh gateway requires 1.6.0 *or newer* (#11333)
* 1.6.0 or newer

* Update website/content/docs/connect/gateways/mesh-gateway/index.mdx
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2021-10-18 17:11:00 -07:00
Paul Banks 51769d1f95
Merge pull request #11037 from hashicorp/docs/mesh-header-manip
Document HTTP Header manipulation options added in #10613
2021-10-08 13:11:44 +01:00
Paul Banks a3e0d0c69d Wording improvements from review 2021-10-08 12:26:11 +01:00
Evan Culver 807871224a
Merge branch 'main' into eculver/envoy-1.19.1 2021-09-28 15:58:20 -07:00
Jared Kirschner 25181b2cc6
Merge pull request #11167 from hashicorp/add-cross-dc-comm-model-visual
Improve mesh gateway diagram
2021-09-28 13:19:18 -04:00
Jared Kirschner 21753a9331 Improve mesh gateway diagram
Diagram now shows all possible cross-DC communication models supported by mesh
gateways for both the control and data planes.
2021-09-28 09:56:05 -07:00
Paul Banks bdd7a31837
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-28 17:19:13 +01:00
Chris S. Kim 90fe20c3a2
agent: Clean up unused built-in proxy config (#11165) 2021-09-28 11:29:10 -04:00
Paul Banks 05c8387891
Merge pull request #10725 from hashicorp/banks-patch-3
Call out the incompatibility of wildcards and L7 permissions
2021-09-28 13:51:41 +01:00
Paul Banks d84380882b Document HTTP Header manipulation options added in #10613 2021-09-27 14:46:15 +01:00
Evan Culver 34f64ed208
update docs to indicate support for envoy 1.19.1 in Consul 1.11.x 2021-09-22 10:57:22 -07:00
Kyle MacDonald 13e0bb2906
website: fixup incorrect markdown syntax (#11015) 2021-09-13 10:36:34 -04:00
Paul Banks b9dd859c6d
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-10 21:29:43 +01:00
Paul Banks 64957f2d22
Document how to make namespace wildcard intentions. (#10724)
* Update intentions.mdx

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-10 21:25:09 +01:00
Freddy 11672defaf
connect: update envoy supported versions to latest patch release
(#10961)

Relevant advisory: 
https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8h
2021-08-31 10:39:18 -06:00
Nitya Dhanushkodi 59eab91d69
doc: remove sentence that tproxy works cross-DC with config entries. (#10885)
It can only work if there is a running service instance in the local DC,
so this is a bit misleading, since failover and redirects are typically
used when there is not an instance in the local DC.
2021-08-23 12:14:28 -07:00
Blake Covarrubias ef11e8bc92
docs: Add common CA config options to provider doc pages (#10842)
Add the list of common Connect CA configuration options to the
provider-specific CA docs.

Previously these options were only documented under the agent
configuration options. This change makes it so that all supported CA
provider configuration options are available from a single location.

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-08-19 11:18:55 -07:00