Commit graph

907 commits

Author SHA1 Message Date
javicrespo d4f3eebf9d log rotation: limit count of rotated log files (#5831) 2019-07-19 15:36:34 -06:00
Luke Kysow 45e443f7a3
Merge pull request #6141 from hashicorp/hcl-multi-service-docs
Document multiple services config in hcl
2019-07-18 12:15:22 +01:00
kaitlincarter-hc f330619621 [docs] Encryption docs update (#6082)
* Bad link in encryption docs

* clarifying the guide link

* Update website/source/docs/agent/encryption.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/agent/encryption.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-07-17 20:36:36 -07:00
Luke Kysow d28c367280
Document multiple services config in hcl
Also change ttl => timeout since ttl doesn't work anymore.
2019-07-17 15:26:08 +01:00
Judith Malnick 9fa884059f
[docs] Link to TLS guide in Encryption doc (#6071)
Fixes issue #6067
2019-07-07 16:55:03 +02:00
Hans Hasselberg 73c4e9f07c
tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
Akshay Ganeshen 93b8a4e8d8 dns: support alt domains for dns resolution (#5940)
this adds an option for an alt domain to be used with dns while migrating to a new consul domain.
2019-06-27 12:00:37 +02:00
Sarah Christoff e946ed9427
ui: modify content path (#5950)
* Add ui-content-path flag

* tests complete, regex validator on string, index.html updated

* cleaning up debugging stuff

* ui: Enable ember environment configuration to be set via the go binary at runtime (#5934)

* ui: Only inject {{.ContentPath}} if we are makeing a prod build...

...otherwise we just use the current rootURL

This gets injected into a <base /> node which solves the assets path
problem but not the ember problem

* ui: Pull out the <base href=""> value and inject it into ember env

See previous commit:

The <base href=""> value is 'sometimes' injected from go at index
serve time. We pass this value down to ember by overwriting the ember
config that is injected via a <meta> tag. This has to be done before
ember bootup.

Sometimes (during testing and development, basically not production)
this is injected with the already existing value, in which case this
essentially changes nothing.

The code here is slightly abstracted away from our specific usage to
make it easier for anyone else to use, and also make sure we can cope
with using this same method to pass variables down from the CLI through
to ember in the future.

* ui: We can't use <base /> move everything to javascript (#5941)

Unfortuantely we can't seem to be able to use <base> and rootURL
together as URL paths will get doubled up (`ui/ui/`).

This moves all the things that we need to interpolate with .ContentPath
to the `startup` javascript so we can conditionally print out
`{{.ContentPath}}` in lots of places (now we can't use base)

* fixed when we serve index.html

* ui: For writing a ContentPath, we also need to cope with testing... (#5945)

...and potentially more environments

Testing has more additional things in a separate index.html in `tests/`

This make the entire thing a little saner and uses just javascriopt
template literals instead of a pseudo handbrake synatx for our
templating of these files.

Intead of just templating the entire file this way, we still only
template `{{content-for 'head'}}` and `{{content-for 'body'}}`
in this way to ensure we support other plugins/addons

* build: Loosen up the regex for retrieving the CONSUL_VERSION (#5946)

* build: Loosen up the regex for retrieving the CONSUL_VERSION

1. Previously the `sed` replacement was searching for the CONSUL_VERSION
comment at the start of a line, it no longer does this to allow for
indentation.
2. Both `grep` and `sed` where looking for the omment at the end of the
line. We've removed this restriction here. We don't need to remove it
right now, but if we ever put the comment followed by something here the
searching would break.
3. Added `xargs` for trimming the resulting version string. We aren't
using this already in the rest of the scripts, but we are pretty sure
this is available on most systems.

* ui: Fix erroneous variable, and also force an ember cache clean on build

1. We referenced a variable incorrectly here, this fixes that.
2. We also made sure that every `make` target clears ember's `tmp` cache
to ensure that its not using any caches that have since been edited
everytime we call a `make` target.

* added docs, fixed encoding

* fixed go fmt

* Update agent/config/config.go

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Completed Suggestions

* run gofmt on http.go

* fix testsanitize

* fix fullconfig/hcl by setting correct 'want'

* ran gofmt on agent/config/runtime_test.go

* Update website/source/docs/agent/options.html.md

Co-Authored-By: Hans Hasselberg <me@hans.io>

* Update website/source/docs/agent/options.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* remove contentpath from redirectFS struct
2019-06-26 11:43:30 -05:00
Pierre Souchay e394a9469b Support for maximum size for Output of checks (#5233)
* Support for maximum size for Output of checks

This PR allows users to limit the size of output produced by checks at the agent 
and check level.

When set at the agent level, it will limit the output for all checks monitored
by the agent.

When set at the check level, it can override the agent max for a specific check but
only if it is lower than the agent max.

Default value is 4k, and input must be at least 1.
2019-06-26 09:43:25 -06:00
Justin Weissig e0364b0076 docs: fixed typos on a few doc pages (#5870) 2019-06-24 15:25:57 -06:00
Judith Malnick 877202818f
[docs] Reorganize connect documentation for clarity (#5864)
* clarify possibilities for centralized proxy configuration

* add line breaks to config entries file

* add info about centralized config to built in proxy doc

* mondify connect landing page to help with navigation

* move internals details to its own page

* link fixes and shortening text on main page

* put built-in proxy options on its own page

* add configuration details for connect

* clarify security title and add observability page

* reorganize menu

* remove observability from configuration section

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/index.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/agent/config_entries.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* rename connect section to include service mesh

* reorganize sections per suggestions from paul

* add configuration edits from paul

* add internals edits from paul

* add observability edits from paul

* reorganize pages and menu

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* menu corrections and edits

* incorporate some of pauls comments

* incorporate more of pauls comments

* Update website/source/docs/connect/configuration.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/connect/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/connect/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* incorporate kaitlin and pavanni feedback

* add redirect

* fix conflicts in index file

* Resolve conflicts in index file

* correct links for new organization

* Update website/source/docs/connect/proxies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/connect/registration.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* add title to service registration page
2019-06-13 22:52:50 -07:00
Chris Marchesi 2c0d46282e website: fix Sentinel time-of-day policy (#5930)
The policy in the time-of-day Sentinel example incorrectly references
the top-level time.hour constant. This is actually the same as the
time.Hour Go value, so in other words, 3600000000000 (the int64 value
representing the time in nanoseconds).

This is corrected by just using time.now.hour instead.
2019-06-06 14:31:54 -06:00
Matt Keeler a7c55ffed2
Fix acl.enable_key_list to be acl.enable_key_list_policy in docs (#5907) 2019-06-03 09:31:02 -05:00
kaitlincarter-hc 9074778c0c
[docs] Updating links to guides (#5795)
* fixing links in the docs post guide migartion.

* fixed one more

* Update website/source/docs/acl/acl-legacy.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/enterprise/connect-multi-datacenter/index.html.md

* Updating based on comments and fixing word wrap

* Update website/source/api/acl-legacy.html.md

* Update website/source/api/acl/acl.html.md

* Update website/source/docs/agent/options.html.md

* Update website/source/docs/faq.html.md

* Update website/source/docs/internals/architecture.html.md

* Update website/source/docs/agent/encryption.html.md
2019-05-15 10:49:41 -05:00
Justin Weissig 88f976914b docs: spelling and wording (#5830)
Fixed spelling and wording: avaliable/available, upto/up to, an other/another, recieved/received, transfered/transferred (x2)
2019-05-13 16:39:25 +01:00
Justin Weissig 4383d22580 docs: fixed typos (#5832)
Fixed typos: persmissions/permissions + regardles/regardless
2019-05-13 10:22:17 -05:00
Brian Flad 51fe3dd37e docs/agent/options: Add go-sockaddr template examples for -bind (#5701)
Reference: https://github.com/hashicorp/consul/issues/4090

Examples covering a variety of potential use cases. Verified via `sockaddr eval` and `console agent -bind` on a test machine:

```console
# Baseline
$ sockaddr eval 'GetAllInterfaces'
[127.0.0.1/8 {1 65536 lo  up|loopback} ::1 {1 65536 lo  up|loopback} 10.0.0.10/8 {2 1500 eth0 b8:27:eb:7b:36:95 up|broadcast|multicast} fe80::12dc:5e4d:8ff8:2d96/64 {2 1500 eth0 b8:27:eb:7b:36:95 up|broadcast|multicast} 192.168.1.10/24 {3 1500 wlan0 b8:27:eb:2e:63:c0 up|broadcast|multicast} fe80::b6dc:5758:c306:b15b/64 {3 1500 wlan0 b8:27:eb:2e:63:c0 up|broadcast|multicast}]

# Using address within a specific CIDR
$ sockaddr eval 'GetPrivateInterfaces | include "network" "10.0.0.0/8" | attr "address"'
10.0.0.10

# Using a static network interface name
$ sockaddr eval 'GetInterfaceIP "eth0"'
10.0.0.10

# Using regular expression matching for network interface name that is forwardable and up
$ sockaddr eval 'GetAllInterfaces | include "name" "^eth" | include "flags" "forwardable|up" | attr "address"'
10.0.0.10
```
2019-05-13 14:08:05 +01:00
Aidan Daniels-Soles 87c9abca2b Clarify mutual exclusivity of Azure scale set auto-join parameters (#5750) 2019-05-13 13:30:02 +01:00
Matt Keeler 5385e31fc5
Add some config entry docs (#5808)
* Add some config entry docs

* Update website/source/docs/agent/config_entries.html.md

Co-Authored-By: mkeeler <mkeeler@users.noreply.github.com>

* Update website/source/docs/agent/config_entries.html.md

Co-Authored-By: mkeeler <mkeeler@users.noreply.github.com>

* Get rid of double negative

* Some incremental updates

* Update the config list docs to not point to service-default related things.

* A few more doc updates to get rid of some service-defaults specific linking info in the cli docs

* In progress update

* Update website/source/docs/agent/config_entries.html.md

Co-Authored-By: mkeeler <mkeeler@users.noreply.github.com>

* Reword bootstrap section

* Update example proxy-defaults config

* Finish up the examples section for managing config entries with the CLI

* Update website/source/docs/agent/config_entries.html.md

Co-Authored-By: mkeeler <mkeeler@users.noreply.github.com>

* Use $ for shell command start

* Make it very clear that the normal way to manage things is via the API/CLI

* Update website/source/docs/agent/options.html.md

Co-Authored-By: mkeeler <mkeeler@users.noreply.github.com>
2019-05-08 16:19:37 -04:00
kaitlincarter-hc 2511ad92b9
[docs] WIP ports page (#5693)
* Updating ports information to be consistent accross docs.

* adding some extra notes based on feedback
2019-05-08 11:09:12 -05:00
R.B. Boyer aa18aece2e
docs: adding note about enabling acl token replication for auth methods (#5792) 2019-05-06 11:57:31 -05:00
Tyler Ryan bda1e80841 Add documentation for Serf member telemetry metrics 2019-05-01 15:35:52 -06:00
R.B. Boyer 41dac76ab3
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 16:11:23 -05:00
Kyle Havlovitz 1de73ff037 Config Entry docs (#5734)
* Add api docs for the config entry endpoints

* Add enable_central_service_config field to agent docs

* Add docs for config entry CLI operations

* Fix wording and links in config entry docs

* Add links to the central service config option

* Update the central service config setting description.
2019-05-01 11:21:11 -07:00
kaitlincarter-hc 4a2ad7d36a
[docs] Fixing API broken links (#5732)
* starting broken link fixes

* Updating the other links for ACLs

* Updating the rest of the links

* fixing acl required links.

* update a bunch of other links

* updated a couple more broken links based on Alvins checker

* removed the extra s
2019-04-30 12:20:51 -05:00
Matt Keeler 32e821eda2
Enabling "service" watch handler to accept a slice of tags
Originally from PR #5347
2019-04-29 15:28:01 -04:00
Matt Keeler 3ea9fe3bff
Implement bootstrapping proxy defaults from the config file (#5714) 2019-04-26 14:25:03 -04:00
Freddy fa94b09a99
Clarify -log-rotate-duration string format and default value 2019-04-19 14:07:18 -06:00
Matt Keeler 960e1fa79e
Add missing token field in the service definition in the docs (#5685)
Fixes #5684
2019-04-18 16:05:51 -04:00
kaitlincarter-hc 7859d8c409
[docs] Server Performance (#5627)
* Moving server performance guide to docs.

* fixing broken links

* updating broken link

* fixing broken links
2019-04-17 13:17:12 -05:00
Freddy 4fa4cffd41
Add additional raft metrics (#5628)
* Add documentation for new raft metrics
* Revendor raft from master
2019-04-09 16:09:22 -06:00
Sarah Christoff f6843713fc Updated Ports Documentation 2019-04-05 12:25:44 -05:00
Alvin Huang e3f3987835
missed a broken link (#5545) 2019-03-25 18:46:10 -04:00
kaitlincarter-hc ad1a9a5651
[docs] ACL Side Navigation Added (#5526)
* Adding new ACL menu item with guides and documentation.

* removing sidebar stuff from under agent, some documenting
2019-03-25 16:20:40 -05:00
Alvin Huang d686201776 fix broken link 2019-03-22 19:20:48 -04:00
Erik DeLamarter a3ca2e77ce [Docs] Added a note to GCE auto-join credentials option (#5391)
* Added a note to GCE auto-join credentials option

Simply added a note to remind users that putting a json file in the config-dir will make consul parse it as a config file.
Hope to help someone else avoid wasting a day because of these errors:
==> Error parsing /etc/consul.d/credentials.json: 10 error(s) occurred: * invalid config key private_key

* Updated according to style guidelines

Co-Authored-By: delamart <erik@delamarter.ch>
2019-03-19 09:40:12 -05:00
Steve Burns ff8ab320da Add log_file attribute to agent configuration documentation (#5492) 2019-03-18 10:24:49 -07:00
Alex Mayer a73d983d19 Docs Proofing (#5424)
* Docs: Remove default_policy From Code Example

It is not needed according to:
https://www.consul.io/docs/agent/acl-system.html#configuring-acls

* Docs: Cleanup Commands And Their Output On ACL Guide Page

Remove extra spaces and newlines
Ensure rules match input rules

* Docs: Remove Incomplete "Added In Version" Statement

Version added is specified on parent option

* Docs: Fix Broken Links

* Docs: Minor Sentence Tweaks
2019-03-15 09:35:33 -05:00
kaitlincarter-hc a321b69a45
[docs] Move Sentinel documentation (#5478)
* Moving sentinel doc

* updating links, fixing headings.

* Update website/source/docs/agent/acl-rules.html.md
2019-03-13 12:47:25 -05:00
Hans Hasselberg d511e86491
agent: enable reloading of tls config (#5419)
This PR introduces reloading tls configuration. Consul will now be able to reload the TLS configuration which previously required a restart. It is not yet possible to turn TLS ON or OFF with these changes. Only when TLS is already turned on, the configuration can be reloaded. Most importantly the certificates and CAs.
2019-03-13 10:29:06 +01:00
Reid Beels 257d079fac Remove misleading encrypt param documentation (#5452)
According to https://www.consul.io/docs/agent/options.html#_encrypt, the `encrypt` param specifies the 16-byte key to use, not the path to a config file containing the key.
2019-03-12 10:26:40 -05:00
Alvin Huang 4956d632b9
Merge pull request #5451 from hashicorp/update_go_discover_for_azure
Update go-discover vendor
2019-03-11 16:39:39 -04:00
Lowe Schmidt 7638a1ca1a Typo fix (segement > segment) (#5469) 2019-03-11 16:25:19 +01:00
Masato Yamazaki 774b39dd94 website: delete duplication of "are" (#5464) 2019-03-11 10:42:15 +01:00
petems e9b7569759 Update go-discover vendor
* Adds note about use of ENV variables for auto-join on Azure
2019-03-08 22:57:48 +00:00
R.B. Boyer 66af091de9 website: fix broken links 2019-03-05 14:24:33 -06:00
Hans Hasselberg 330b8aec69 default to tls 1.2 as promised. (#5340) 2019-03-04 09:42:04 -05:00
Aestek ce447e0e16 Fix race condition in DNS when using cache (#5398)
* Fix race condition in DNS when using cache

The healty node filtering was modifying the result from the cache, which
caused a crash when multiple queries were made to the same service
simultaneously.
We now copy the node slice before filtering to ensure we do not modify
the data stored in the cache.

* Fix wording in dns cache config doc

s/dns_max_age/cache_max_age/
2019-03-04 09:22:01 -05:00
Matt Keeler 0c76a4389f
ACL Token Persistence and Reloading (#5328)
This PR adds two features which will be useful for operators when ACLs are in use.

1. Tokens set in configuration files are now reloadable.
2. If `acl.enable_token_persistence` is set to `true` in the configuration, tokens set via the `v1/agent/token` endpoint are now persisted to disk and loaded when the agent starts (or during configuration reload)

Note that token persistence is opt-in so our users who do not want tokens on the local disk will see no change.

Some other secondary changes:

* Refactored a bunch of places where the replication token is retrieved from the token store. This token isn't just for replicating ACLs and now it is named accordingly.
* Allowed better paths in the `v1/agent/token/` API. Instead of paths like: `v1/agent/token/acl_replication_token` the path can now be just `v1/agent/token/replication`. The old paths remain to be valid. 
* Added a couple new API functions to set tokens via the new paths. Deprecated the old ones and pointed to the new names. The names are also generally better and don't imply that what you are setting is for ACLs but rather are setting ACL tokens. There is a minor semantic difference there especially for the replication token as again, its no longer used only for ACL token/policy replication. The new functions will detect 404s and fallback to using the older token paths when talking to pre-1.4.3 agents.
* Docs updated to reflect the API additions and to show using the new endpoints.
* Updated the ACL CLI set-agent-tokens command to use the non-deprecated APIs.
2019-02-27 14:28:31 -05:00
Aestek f8a28d13dd Allow DNS interface to use agent cache (#5300)
Adds two new configuration parameters "dns_config.use_cache" and
"dns_config.cache_max_age" controlling how DNS requests use the agent
cache when querying servers.
2019-02-25 14:06:01 -05:00