5577b8ef66
Updates documentation for ACL replication.
2016-08-05 00:23:28 -07:00
1b2586abd4
Update arch diagram
2016-08-02 13:13:43 +05:30
2dc98dee32
Adds a note about prepared queries to the coordinates internals guide.
2016-06-28 23:02:00 -07:00
b20f86b4c7
Speling police
2016-05-15 09:13:52 -07:00
0ed56d6606
Adds a note about template query ACLs.
2016-03-17 08:21:58 -07:00
ae7b45a6df
Merge pull request #1820 from hashicorp/f-port-docs
...
Adds a reference to the network ports from the security guide.
2016-03-09 21:22:41 -08:00
b2992a5e83
Adds a reference to the network ports from the security page.
2016-03-09 21:21:49 -08:00
72f7c08a0a
Cleans up the documents.
2016-02-24 18:05:58 -08:00
2f7eac8b86
Renames "prepared_query" ACL policy to "query".
2016-02-24 17:02:06 -08:00
a8ac27fa49
Refactors docs into a more complete state for prepared query ACLs.
2016-02-23 22:27:44 -08:00
633c231d67
Creates new "prepared-query" ACL type and new token capture behavior.
...
Prior to this change, prepared queries had the following behavior for
ACLs, which will need to change to support templates:
1. A management token, or a token with read access to the service being
queried needed to be provided in order to create a prepared query.
2. The token used to create the prepared query was stored with the query
in the state store and used to execute the query.
3. A management token, or the token used to create the query needed to be
supplied to perform and CRUD operations on an existing prepared query.
This was pretty subtle and complicated behavior, and won't work for
templates since the service name is computed at execution time. To solve
this, we introduce a new "prepared-query" ACL type, where the prefix
applies to the query name for static prepared query types and to the
prefix for template prepared query types.
With this change, the new behavior is:
1. A management token, or a token with "prepared-query" write access to
the query name or (soon) the given template prefix is required to do
any CRUD operations on a prepared query, or to list prepared queries
(the list is filtered by this ACL).
2. You will no longer need a management token to list prepared queries,
but you will only be able to see prepared queries that you have access
to (you get an empty list instead of permission denied).
3. When listing or getting a query, because it was easy to capture
management tokens given the past behavior, this will always blank out
the "Token" field (replacing the contents as <hidden>) for all tokens
unless a management token is supplied. Going forward, we should
discourage people from binding tokens for execution unless strictly
necessary.
4. No token will be captured by default when a prepared query is created.
If the user wishes to supply an execution token then can pass it in via
the "Token" field in the prepared query definition. Otherwise, this
field will default to empty.
5. At execution time, we will use the captured token if it exists with the
prepared query definition, otherwise we will use the token that's passed
in with the request, just like we do for other RPCs (or you can use the
agent's configured token for DNS).
6. Prepared queries with no name (accessible only by ID) will not require
ACLs to create or modify (execution time will depend on the service ACL
configuration). Our argument here is that these are designed to be
ephemeral and the IDs are as good as an ACL. Management tokens will be
able to list all of these.
These changes enable templates, but also enable delegation of authority to
manage the prepared query namespace.
2016-02-23 17:12:43 -08:00
793195b7d8
Update documentation - add Network Ports.
...
Update security.html.markdown add section on Network Port usage.
TODO: add Atlas port usage.
2016-02-23 11:27:15 -08:00
dc9131a732
Use HTTPS + www. where appropriate
2016-01-13 17:44:01 -05:00
9e29bb4238
Adds and updates docs for prepared queries.
2015-11-15 17:06:00 -08:00
1a3c523816
Adds a note about the new acquire behavior into the sessions internals guide.
2015-11-14 10:28:14 -08:00
c2fab40aee
Fixes a typo.
2015-10-30 23:50:11 -07:00
b3b1c6940b
Updates docs for network coordinates.
2015-10-23 15:23:01 -07:00
b25797a808
Merge pull request #1187 from sfncook/enable_tag_drift_03
...
Enable tag drift 03
2015-09-11 15:35:32 -07:00
451abfa206
Doc changes in response to review.
2015-09-11 15:26:30 -07:00
7d6f30da1c
Docs - add verbage to anti-entropy page.
2015-09-11 14:27:54 -07:00
8d733b7fca
remove various typos
2015-09-11 12:29:54 -07:00
49181fce76
website: fix broken link on acl page
2015-07-31 12:14:28 -07:00
d7f76702fe
website: docs for keyring ACLs
2015-07-07 11:45:49 -06:00
457cff1007
website: fix event acl policy docs
2015-06-19 12:18:09 -07:00
e0ce6059f6
website: add docs for user event acls
2015-06-18 18:13:29 -07:00
9de7d95109
website: fix mention of read-only policy for service acls
2015-06-18 18:13:01 -07:00
62a8d82f9f
website: add note about anonymous token and discovery ACLs
2015-06-11 17:39:01 -07:00
c09dfe05a7
website: document service discovery ACLs
2015-06-11 14:45:52 -07:00
dd17147deb
website: Update ACL description to longest-prefix
2015-05-06 12:04:40 -07:00
af74095584
website: document service and check acl options
2015-04-28 14:28:06 -07:00
f6d38ef6e5
Website: cleanup for docs/internals/sessions.html.
2015-04-15 14:47:15 -04:00
65daaf8c03
Website: cleanup for docs/internals/security.html.
2015-04-13 18:17:29 -04:00
a6befa8ef0
Website: minor tweaks for docs/internals/jepsen.html.
2015-04-12 22:44:57 -04:00
f772412b92
Website: fix caps issue in docs/internals/consensus.html.
2015-04-11 18:32:15 -04:00
db65ebb631
Website: minor additional tweaks for docs/internals/consensus.html.
2015-04-11 11:41:55 -04:00
da1c476343
Website: cleanup for docs/internals/consensus.html, including removing LMDB references in favor of BoltDB per GH-857.
2015-04-10 23:06:28 -04:00
47c52a62d4
Website: tweaks to docs/internals/architecture.html.
2015-03-30 18:07:58 -04:00
4d4c631fd6
Website: very minor tweaks to docs/internals/anti-entropy.html.
2015-03-29 10:53:49 -04:00
746e1fc9e4
Website: more cleanup for docs/internals/acl.html.
2015-03-28 11:54:16 -04:00
9d71844965
Website: GH-781 and cleanup for docs/internals/acl.html.
2015-03-28 11:26:26 -04:00
8f4ad0bbf9
Website: GH-730 for docs/internals/acl.html.
2015-03-22 11:44:16 -04:00
15f2afe92f
Website: cleanup for docs/internals/index.html.
2015-03-21 21:52:26 -04:00
8dd9061956
website: fix typo in anti-entropy docs
2015-03-03 16:35:27 -08:00
6325442f93
Merge pull request #751 from hashicorp/f-ae-doc
...
Document anti-entropy internals
2015-03-03 16:34:00 -08:00
3e48f8c969
website: adjustments to anti-entropy docs
2015-03-03 16:32:17 -08:00
7f40698666
website: first pass at anti-entropy docs
2015-03-03 14:13:59 -08:00
ad7d1b3090
Website: GH-747 change acl_master token to acl_master_token
2015-03-03 11:46:57 -05:00
ce93505a16
Website: GH-747 Add docs on acl_master_token installation.
2015-03-03 11:33:49 -05:00
9910c7d7bd
Website: rework docs/guides/outage.html to cover cases where recovery might be easier than manual removal of failed nodes from peers.json.
2015-03-01 18:21:33 -05:00
8c991c3632
website: omit excessive use of the word lastly
...
Simplify wording by removing various uses of the word lastly.
2015-01-09 06:37:26 +01:00
95b3837b75
website: Document session behavior and TTL
2015-01-07 15:38:16 -08:00
4461c750bb
website: fix typo, casing and links
...
Fix typo in Leader Election guide: s/blog/blob/
Also fix various casing issues and prefer HTTPS links
for HashiCorp projects.
2015-01-04 12:58:58 +01:00
d74f79b3fa
consul: Enforce service registration ACLs
2014-11-30 21:05:15 -07:00
376f9694f4
website: Update ACL docs
2014-11-30 20:12:44 -07:00
261c69c4ff
docs: internals/security: minor fixes
2014-11-26 13:05:33 +00:00
548f1a07ad
docs: internals/acl: minor fixes
2014-11-26 12:57:15 +00:00
2ad884abee
docs: internals/sessions: minor fixes
2014-11-26 12:49:53 +00:00
dbb365baca
docs: internals/architecture: minor fixes
2014-11-26 12:31:38 +00:00
bb7eb29ade
Another typo
2014-11-13 17:44:20 -05:00
dfc094a5d0
extra '
2014-11-13 17:43:25 -05:00
19820d9794
Doc explaining the blacklist mode and consul exec
2014-11-13 17:42:39 -05:00
4347b9394d
Fix some typos in website docs
2014-11-04 21:33:42 -07:00
e57ea7df78
Do not index "Jespen" code block
...
The word "Jespen" is one of our top keywords because it appears so many times
in the Jespen Testing page. This commit adds a comment to disable Google
indexing in that code block so we can better target keywords.
2014-10-26 22:34:14 -04:00
9df9eb0983
Small typo in the doc
2014-10-23 14:32:11 -04:00
e265ea050d
Use new Markdown syntaxes and add SEO descriptions
2014-10-19 19:42:13 -04:00
002083ad8d
website: re-word a few things
2014-10-13 22:59:35 -07:00
651f559380
Pre-process sessions docs as ERB for image tags
2014-10-06 19:12:25 -04:00
ab75771eb6
Pre-process architecture docs as ERB for image tags
2014-10-06 19:12:17 -04:00
344f4f93d4
Fix typo
...
Should be whitelist, not whilelist.
2014-09-23 15:24:19 +02:00
93d728ef58
add link to raft visualization
2014-08-30 23:43:45 +00:00
99db96e4ea
website: rewording
2014-08-18 15:46:59 -07:00
ea0a1dca2e
website: ACL internals
2014-08-18 15:46:59 -07:00
1e861114c7
website: Adding guide on leader election
2014-05-20 16:25:30 -07:00
2748dcd4c6
website: Starting to document sessions
2014-05-20 16:25:30 -07:00
48f947386b
website: fix a couple of typos.
2014-05-03 19:16:55 -04:00
be8b976451
website: remove some serf stuff, old js files
2014-05-02 14:13:48 -04:00
757f590455
website: Cleanup verbage
2014-04-21 13:50:18 -07:00
a11fd66f28
website: Document the consistency modes
2014-04-21 13:46:57 -07:00
189a440cef
fix typo
2014-04-17 21:35:59 -04:00
e40da274d5
Copy fixes: typos, misspellings, grammar, wording
2014-04-17 14:45:53 -07:00
eb77b40027
website: Grammar cleanup
2014-04-16 17:29:37 -07:00
3bce8ff0e9
website: Add note about jepsen testing
2014-04-16 17:03:48 -07:00
f104336fd2
website: Adding page on Jepsen testing
2014-04-16 17:03:48 -07:00
dd6f55ff3b
Round 2: Fix typos, grammar errors, and misspellings
2014-04-16 00:01:12 -04:00
caf48c8722
website: Multiple warnings about single server deployment
2014-04-11 12:43:06 -07:00
911ce92cf3
website: Documentation cleanup
2014-04-09 11:06:27 -07:00
38e645ac18
Add raft link and fix some typos
2014-03-28 23:33:50 -04:00
c975f5b968
website: documenting the internals
2014-02-20 12:26:50 -08:00
30bc19f002
website: fixing typo
2014-02-19 17:05:57 -08:00
5101cf88df
website: document the high level architecture
2014-02-19 16:58:15 -08:00
0611db496a
website: bulk copy from serf
2014-02-07 16:41:03 -08:00
James Phillips