Commit graph

16537 commits

Author SHA1 Message Date
Daniel Nephin 72db158eb9
Merge pull request #12066 from hashicorp/dependabot/go_modules/github.com/hashicorp/go-multierror-1.1.1
build(deps): bump github.com/hashicorp/go-multierror from 1.1.0 to 1.1.1
2022-01-13 13:09:46 -05:00
dependabot[bot] 12a148f0d3
build(deps): bump github.com/hashicorp/go-multierror from 1.1.0 to 1.1.1
Bumps [github.com/hashicorp/go-multierror](https://github.com/hashicorp/go-multierror) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/hashicorp/go-multierror/releases)
- [Commits](https://github.com/hashicorp/go-multierror/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-multierror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 17:41:15 +00:00
Daniel Nephin dae7288008
Merge pull request #12059 from hashicorp/dnephin/update-dependabot-config
remove api, sdk, and ui packages from dependabot
2022-01-13 12:39:45 -05:00
Daniel Nephin 709b807c7a remove api, sdk, and ui packages from dependabot
sdk and api are removed because those two are libraries, and updating libraries to the latest
dependency versions only serves to make the library harder to use. A
library which uses all the latest versions requires every application
which uses it to update all its dependencies in a single batch, which is
not great.
It is applications that need the latest version of dependencies.

Remove UI at the request as jc, since javascript libraries are updated so frequently it ends up
being too much noise.

Also update the number of PRs for gomod to 10, so we have a few more to
work with.
2022-01-13 12:37:49 -05:00
Krastin Krastev c61afe74fa
Merge pull request #12039 from hashicorp/krastin/docs-telemetry-consulversion
docs: Clarify consul.version telemetry description
2022-01-13 12:47:33 +01:00
Blake Covarrubias 5a12f2cf20
docs: Use long form of CLI flags (#12030)
Use long form of CLI flags in all example commands.

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-01-12 15:05:01 -08:00
trujillo-adam 2e90c9075d moved consul api gateway to top of nav hierarchy 2022-01-12 14:04:03 -08:00
Kyle Havlovitz 3a19174b1c
Merge pull request #12049 from hashicorp/term-gateway-vips
OSS: Add virtual IP generation for terminating gateway backed services
2022-01-12 13:16:08 -08:00
Dhia Ayachi 2a0e15cd69
CA certificates relationship HL diagram (#12022)
* add diagram and text to explain certificates in consul

* use bullet points instead of enumeration

* Apply suggestions from code review

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* remove non needed text and improve image

* fix cert naming

* move section to the right place

* rename DC

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-12 16:10:00 -05:00
Kyle Havlovitz d32928a98b Add changelog note 2022-01-12 12:31:28 -08:00
Kyle Havlovitz 2ba76486d0 Add virtual IP generation for term gateway backed services 2022-01-12 12:08:49 -08:00
trujillo-adam 1fdc74c7d7 fixes to the params table 2022-01-12 11:53:32 -08:00
trujillo-adam 0d69bb1902 added beta flag to nav link 2022-01-12 11:32:32 -08:00
trujillo-adam c9f2cc370c missed a cmd block when adding dollar signs 2022-01-12 11:24:36 -08:00
trujillo-adam 77cecf9755 forgot to update the image version 2022-01-12 11:23:22 -08:00
trujillo-adam 5e9d9d032c applied feedback 2022-01-12 11:19:15 -08:00
David Yu ca94446773
docs: Formatting for Consul K8s uninstall commands (#12031)
* docs: Missing $ prior to command for Consul K8s uninstall

* re-do numer bullets was mis-numbered

* Update uninstall.mdx

* simplify wording
2022-01-12 09:16:42 -08:00
mrspanishviking 90f2f91a19
Merge pull request #12044 from vanphan24/patch-3
Update server-tls.mdx
2022-01-12 10:09:15 -07:00
Chris S. Kim 5a0f3e994e
Update memberlist to 0.3.1 (#12042) 2022-01-12 12:00:18 -05:00
vanphan24 5781b74d40
Update website/content/docs/k8s/installation/vault/server-tls.mdx
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2022-01-12 08:57:14 -08:00
vanphan24 7a44e0d78c
Update website/content/docs/k8s/installation/vault/server-tls.mdx
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2022-01-12 08:57:09 -08:00
vanphan24 0d43b17228
Update website/content/docs/k8s/installation/vault/server-tls.mdx
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2022-01-12 08:57:02 -08:00
vanphan24 073387885e
Update website/content/docs/k8s/installation/vault/server-tls.mdx
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2022-01-12 08:56:58 -08:00
vanphan24 088decf30f
Update website/content/docs/k8s/installation/vault/server-tls.mdx
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2022-01-12 08:56:53 -08:00
vanphan24 26fb50a326
Update website/content/docs/k8s/installation/vault/server-tls.mdx
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2022-01-12 08:56:33 -08:00
vanphan24 399864d3ce
Update server-tls.mdx
Added k8s auth role for client
Added to Consul yaml file: tls.enableAutoEncrypt: true
Fixed name of CA policy: policies=ca-policy
2022-01-12 08:46:55 -08:00
Bryce Kalow 369c4d0760
website: upgrade downloads page (#12043) 2022-01-12 10:30:46 -06:00
Chris S. Kim 4330a6a21a
Fix race with tags (#12041) 2022-01-12 11:24:51 -05:00
mrspanishviking 29e07eb48c
Merge pull request #12014 from hashicorp/neenap-patch-1
docs: updated the description of min_quorum
2022-01-12 07:55:41 -07:00
Matt Siegel a7912028b9
Merge pull request #11984 from hashicorp/msiege2/docs-day
Docs: Update CLI commands to show corresponding HTTP API commands and ACL policies required
2022-01-12 08:18:52 -05:00
John Cowen 4d62ee7353
ui: Adds a notice for non-primary intention creation (#11985) 2022-01-12 11:50:09 +00:00
John Cowen a408644205
ui: Fix up wiring or empty state login button (#11981)
* ui: Some ACL component documentation (#11982)
2022-01-12 11:05:24 +00:00
Krastin Krastev 5cadcae8e7
Clarify consul.version telemetry description
The description of consul.version telemetry is not very clear, fixing
2022-01-12 11:21:13 +01:00
John Cowen 754afd356a
ui: Alter position of dashboard button in the service instance header (#11988) 2022-01-12 09:31:54 +00:00
John Cowen fe105d1ba7
ui: Allow templateName paths to be relative (#11955) 2022-01-12 09:27:00 +00:00
John Cowen ac72b1b9f0
ui: First pass at writing some data layer related Eng docs (#11203) 2022-01-12 09:26:02 +00:00
mrspanishviking fa192431eb
Merge pull request #12034 from vanphan24/patch-2
Clarifies external CA config
2022-01-11 15:09:50 -07:00
vanphan24 2c0a87a057
Clarifies external CA config
It is not clear that this page is to configure an external CA for Connect CA. Added line to clarify that this page is for configuring external CA's for the Connect CA. For the built-in CA, no config is needed.
2022-01-11 13:22:50 -08:00
Matt Siegel 749f02e500
Merge branch 'main' into msiege2/docs-day 2022-01-11 16:16:41 -05:00
David Yu 733526a012
docs: Update uninstall to ensure CRDs are deleted (#12021)
* docs: Update uninstall to ensure CRDs are deleted

* Update website/content/docs/k8s/operations/uninstall.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* add more details around CRD deletion

* move around crd deletion to before unsintall

* slight wording

* move deletion of CRDs to first line

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-01-11 12:53:39 -08:00
Chip Vaughn e210e7cb58 CLI Link clean-up 2022-01-11 15:51:04 -05:00
Kim Ngo 9340b3bfe5
CTS OSS vs Ent docs (#12006)
* Add CTS OSS and Ent feature comparision chart

* Mention CTS Ent in intro

* Update CTS install page with Ent and tab install options

* Clarify local workspaces and add Collaboration row

* Oxford comma, rename to Automation Driver, install +ent ctx

* Update website/content/docs/nia/installation/install.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Remove self-hosted row and add TFE explicitly

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com>
2022-01-11 13:31:06 -06:00
Chris S. Kim 4f0a3a997c
Fix races in anti-entropy tests (#12028) 2022-01-11 14:28:51 -05:00
Kim Ngo 5818d6b669
Clarify CTS monitoring of service and instances (#12008)
* Clarify CTS monitoring of service and instances

Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-01-11 13:06:13 -06:00
Blake Covarrubias 97e7e118e0 docs: Fix spelling errors 2022-01-11 09:37:09 -08:00
mrspanishviking a51f17a0f1
Merge pull request #11983 from hashicorp/resolver_examples
docs: added another resolver example for DC and namespace failover
2022-01-11 10:27:57 -07:00
Chip Vaughn fd71fdbefb Fixing CircleCI issues and adding Partition CLI links 2022-01-11 11:46:50 -05:00
Mike Morris 277c41d336
ingress: allow setting TLS min version and cipher suites in ingress gateway config entries (#11576)
* xds: refactor ingress listener SDS configuration

* xds: update resolveListenerSDS call args in listeners_test

* ingress: add TLS min, max and cipher suites to GatewayTLSConfig

* xds: implement envoyTLSVersions and envoyTLSCipherSuites

* xds: merge TLS config

* xds: configure TLS parameters with ingress TLS context from leaf

* xds: nil check in resolveListenerTLSConfig validation

* xds: nil check in makeTLSParameters* functions

* changelog: add entry for TLS params on ingress config entries

* xds: remove indirection for TLS params in TLSConfig structs

* xds: return tlsContext, nil instead of ambiguous err

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* xds: switch zero checks to types.TLSVersionUnspecified

* ingress: add validation for ingress config entry TLS params

* ingress: validate listener TLS config

* xds: add basic ingress with TLS params tests

* xds: add ingress listeners mixed TLS min version defaults precedence test

* xds: add more explicit tests for ingress listeners inheriting gateway defaults

* xds: add test for single TLS listener on gateway without TLS defaults

* xds: regen golden files for TLSVersionInvalid zero value, add TLSVersionAuto listener test

* types/tls: change TLSVersion to string

* types/tls: update TLSCipherSuite to string type

* types/tls: implement validation functions for TLSVersion and TLSCipherSuites, make some maps private

* api: add TLS params to GatewayTLSConfig, add tests

* api: add TLSMinVersion to ingress gateway config entry test JSON

* xds: switch to Envoy TLS cipher suite encoding from types package

* xds: fixup validation for TLSv1_3 min version with cipher suites

* add some kitchen sink tests and add a missing struct tag

* xds: check if mergedCfg.TLSVersion is in TLSVersionsWithConfigurableCipherSuites

* xds: update connectTLSEnabled comment

* xds: remove unsued resolveGatewayServiceTLSConfig function

 * xds: add makeCommonTLSContextFromLeafWithoutParams

* types/tls: add LessThan comparator function for concrete values

* types/tls: change tlsVersions validation map from string to TLSVersion keys

* types/tls: remove unused envoyTLSCipherSuites

* types/tls: enable chacha20 cipher suites for Consul agent

* types/tls: remove insecure cipher suites from allowed config

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 are both explicitly listed as insecure and disabled in the Go source.

Refs https://cs.opensource.google/go/go/+/refs/tags/go1.17.3:src/crypto/tls/cipher_suites.go;l=329-330

* types/tls: add ValidateConsulAgentCipherSuites function, make direct lookup map private

* types/tls: return all unmatched cipher suites in validation errors

* xds: check that Envoy API value matching TLS version is found when building TlsParameters

* types/tls: check that value is found in map before appending to slice in MarshalEnvoyTLSCipherSuiteStrings

* types/tls: cast to string rather than fmt.Printf in TLSCihperSuite.String()

* xds: add TLSVersionUnspecified to list of configurable cipher suites

* structs: update note about config entry warning

* xds: remove TLS min version cipher suite unconfigurable test placeholder

* types/tls: update tests to remove assumption about private map values

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-01-11 11:46:42 -05:00
Jasmine W 889aa2dd1a
Merge pull request #12002 from hashicorp/kubernetes-service-screenshot
added screenshot of k8s service
2022-01-11 11:34:00 -05:00
Jasmine W e671ea7f60
Merge pull request #11995 from hashicorp/l7-routing-screenshots
Adding UI screenshots to L7 overview
2022-01-11 11:33:20 -05:00