Commit graph

907 commits

Author SHA1 Message Date
James Phillips 20fcfe866e
Tweaks network segments guide. 2017-09-01 11:19:39 -07:00
Kyle Havlovitz 334e082848 Merge pull request #3431 from hashicorp/network-segments-oss 2017-09-01 10:24:58 -07:00
Kyle Havlovitz 02c35fe0ba
Add doc sections for network segments 2017-08-31 11:19:08 -07:00
David Terry 5d891ba7e1 docs: add quotes around example invocation for google cloud retry join 2017-08-30 23:05:45 +02:00
Frank Schroeder 2190a4fb71
doc: document that retry-join values are URL encoded
Fixes #3417
2017-08-26 15:19:43 +02:00
Frank Schroeder b7c3c8756d
doc: fix parameter name for aws retry-join
Fixes #3417
2017-08-26 15:19:34 +02:00
Frank Schroeder 0e246054ef doc: document cloud auto-joining for retry-join-wan 2017-08-23 21:23:34 +02:00
Frank Schröder fd4bf4070e doc: retry_join is a string array (#3388) 2017-08-10 09:58:26 +02:00
James Phillips 48b1afeb26 Removes partial details in the retry_join config file section. (#3386) 2017-08-09 21:27:17 -07:00
Seth Vargo b6f4df4b03 Document the new auto-join in the config and CLI (#3381)
* Document the new auto-join in the config and CLI
* Mention and example DNS
2017-08-09 21:14:56 -07:00
Kyle Havlovitz 160395d3c7
Add doc links for metrics endpoint 2017-08-08 13:05:38 -07:00
Kyle Havlovitz 975ded2714
Add support for labels/filters from go-metrics 2017-08-08 01:45:10 -07:00
Nicolae Vlădescu 8be48291da Add a more elegant alternative to the reap option
Add a more elegant alternative to the reap option using the native built-in docker init process
2017-08-07 11:49:40 +03:00
James Phillips cdd2c75df6
Fixes a bunch of borken list nesting in the options doc. 2017-08-03 17:13:22 -07:00
James Phillips 803ed9a245 Adds secure introduction for the ACL replication token. (#3357)
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
Frank Schroeder d18141eb4b
doc: add retry-join docs for Softlayer 2017-08-03 21:35:30 +02:00
Frank Schroeder 68e8f3d0f7 agent: use github.com/hashicorp/go-discover
Replace the provider specific node discovery code
with go-discover to support AWS, Azure and GCE.

Fixes #3282
2017-08-01 11:41:43 +02:00
James Phillips 923119a7d8 Update options.html.md 2017-07-24 22:37:12 -07:00
James Phillips 2d1111479e Clarifies endpoint blocking in the docs. 2017-07-19 17:14:19 -07:00
James Phillips 788dd255a1 Adds new config to make script checks opt-in, updates documentation. (#3284) 2017-07-17 11:20:35 -07:00
James Phillips f7629a4f66 Fixes a broken link. 2017-07-17 00:07:34 -07:00
James Phillips 838591c916 Changes remote exec KV read to call GetTokenForAgent(). (#3283)
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.

Fixes #3160.

* Fixes remote exec unit test with ACLs.

* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips 5876b81896 Adds node read privileges to the acl_agent_master_token. (#3277)
Fixes #3113.
2017-07-16 20:08:26 -07:00
Kyle Havlovitz 6ea05706a1
Add network area TLS setting to docs 2017-07-14 17:06:33 -07:00
James Phillips a66d61622a Adds a version note about block_endpoints config. 2017-07-10 13:56:02 -07:00
James Phillips 68991da95f Adds the ability to blacklist specific HTTP endpoints. (#3252) 2017-07-10 13:51:25 -07:00
Brian Shumate bb18ffab27 DOCS: Add note in Ports Used section (#3241)
- Add note about port 8302 to address #3058
2017-07-07 09:38:56 -07:00
Chris Griggs 38f92aa4e8 Update # of ports (#3238)
I counted twice.
2017-07-06 13:50:12 -07:00
Frank Schroeder 913748bcc4
Revert "agent: add allowStale option for HTTP API (#3142)"
This reverts commit 1e0fd27a74f5b18775ce91a84310430de35a4a80.
2017-06-27 07:04:55 +02:00
James Phillips a8d90ccb2c Adds missing tls_skip_verify option to HTTP check example. 2017-06-24 15:37:52 -07:00
James Phillips 884a82b61a Update options.html.md 2017-06-24 15:28:23 -07:00
James Phillips 2184136284 Changes host-based node IDs from opt-out to opt-in. (#3187) 2017-06-24 09:36:53 -07:00
wojtkiewicz f320bb9083
agent: add allowStale option for HTTP API (#3142)
This patch adds an "allowStale" option to the HTTP API
configuration which allows stale reads to provide linear
read scalability.

Fixes #3142
2017-06-22 10:31:13 +02:00
wojtkiewicz 26c8697a40
agent: add "http_config"
This patch adds an "http_config" object to the config file
and moves the "http_api_response_headers" option there.

"http_api_response_headers" is now deprecated in favor of
"http_config.response_headers"
2017-06-22 10:31:11 +02:00
Frank Schröder 04b636d1f4 agent: notify systemd after JoinLAN (#2121)
This patch adds support for notifying systemd via the
NOTIFY_SOCKET by sending 'READY=1' to the socket after
a successful JoinLAN.

Fixes #2121
2017-06-21 06:43:55 +02:00
Kyle Havlovitz d52a0b2909 Update encryption.html.md 2017-06-16 12:54:25 -07:00
Kyle Havlovitz 5e45aec642 Add an option to disable keyring file (#3145)
Also disables keyring file in dev mode.
2017-06-15 15:24:04 -07:00
James Phillips 536915fa9a Fixes version reference in encryption docs. 2017-06-07 21:31:48 -07:00
Frank Schröder e206ab5cb6 agent: support custom header and method for http checks (#3106)
This patch adds support for custom headers and
method for HTTP checks.

Fixes #2474
Fixes #2657
Fixes #3106
2017-06-07 01:11:56 +02:00
Kyle Havlovitz e196576c07 Add settings for upshifting to encrypted gossip (#3079) 2017-05-30 08:51:37 -07:00
Michael Leow ec81c18006
agent: add RetryJoin support for Azure
Pull #2978 from leowmjw/develop

Resolves #2978
2017-05-24 10:15:38 +02:00
Frank Schroeder 2391e8e98a
website: rename *.markdown to *.md 2017-05-17 20:25:45 +02:00
Kyle Havlovitz e4af6583f5 Add a path for transitioning to TLS on an existing cluster (#3001)
Fixes #1705
2017-05-10 14:25:48 -07:00
Brian Shumate a1850b789d
DOCS: minor clarification to address #2950 2017-05-05 11:51:46 -04:00
Kyle Havlovitz b5ed2ba536 Add separate option for verifying incoming HTTPS traffic (#2974)
* Add separate option for verifying incoming HTTPS traffic
2017-04-28 16:15:55 -07:00
rcgenova 63842b1e09 Merge pull request #2964 from hashicorp/d-remove-atlas-references
Remove references to the deprecated Consul/Atlas integration
2017-04-27 08:32:09 -07:00
Kyle Havlovitz 42cf797ad9 Add TLS cipher suite options and CA path support (#2963)
This patch adds options to configure the available
TLS cipher suites and adds support for a path
for multiple CA certificates.

Fixes #2959
2017-04-27 01:29:39 -07:00
Rob Genova cb285879bf Remove references to the deprecated Consul/Atlas integration 2017-04-26 22:24:24 +00:00
mckennajones 703bb52369
Updating documentation regarding webui flags 2017-04-17 17:29:14 -07:00
James Phillips a55e074a33 Merge pull request #2910 from hashicorp/jbs-2867
Docs: update bootstrapping and config, fixes #2867
2017-04-13 12:26:27 -07:00
Brian Shumate 35f16d888f
Docs: update bootstrapping and config, fixes #2867
- Add various join options to bootstrapping guide
- Add note about Atlas deprecation to bootstrapping guide
- Add notes about -retry-join and retry_join to -join option
- Add notes about -retry-join and retry_join to start_join option
2017-04-13 13:03:26 -04:00
James Phillips 20bf47d2b4
Adds a new -disable-host-node-id option to help when testing with containers.
Fixes #2877.
2017-04-12 22:07:18 -07:00
Cihat Genc 13037fc139 Fix wrong option name in options.html.markdown 2017-04-11 14:58:15 +02:00
James Phillips 8967fad448
Removed RPC link from the sidebar. 2017-04-05 11:51:52 -07:00
James Phillips 217d304619
Does a complete rework of the ACL guide. 2017-04-05 10:36:19 -07:00
James Phillips 686ddd8c83
Deprecates the ACLs internals doc in favor of a guide. 2017-04-04 18:56:42 -07:00
Seth Vargo b3cd9acdae
Link to new api 2017-04-04 12:52:00 -04:00
Seth Vargo b0bb01d5da
Update API docs 2017-04-04 12:33:35 -04:00
James Phillips 10fc02d362 Merge pull request #2862 from wjimenez5271/wjimenez5271-docs
clarify when acl_default_policy takes effect
2017-03-31 08:49:23 -07:00
Brian Shumate ca68cdb572
docs: Configuration precedence clarification, fixes #1203 2017-03-30 14:13:50 -04:00
James Phillips c7f7e969d7 Merge pull request #2854 from hashicorp/remote-exec
Changes `disable_remote_exec` default to true so remote exec is opt-in.
2017-03-30 10:29:09 -07:00
Kyle Havlovitz a2058d23ef
Add CLI/API endpoints for removing peer by ID 2017-03-30 10:13:32 -07:00
James Phillips ac90110396
Changes disable_remote_exec default to true so remote exec is opt-in. 2017-03-30 09:43:32 -07:00
James Phillips 4259ecd8bc
Disables agent-level enforcement on Consul agents unless acl_datacenter is set. 2017-03-29 12:24:42 -07:00
Kyle Havlovitz 15b60b07f0 Merge pull request #2840 from hashicorp/f-advanced-autopilot-guide
Add section on advanced autopilot features to the guide
2017-03-28 12:06:51 -07:00
Kyle Havlovitz 4f9a57cda3
Add section on advanced autopilot features to the guide 2017-03-28 11:56:21 -07:00
James Phillips 36aface2e2
Adds network area CLI documentation. 2017-03-28 10:31:56 -07:00
James Phillips 12e20ddfa9
Adds basic operator area HTTP documentation. 2017-03-28 01:09:20 -07:00
James Phillips 086912d800
Breaks the operator HTTP doc into sections. 2017-03-27 23:28:08 -07:00
VEBER Arnaud d4a7e75246
docs(agent/options): remove atlas_endpoint dup 2017-03-25 13:25:54 +01:00
James Phillips 7c2509f407
Adds node metadata to the reload list. 2017-03-24 10:29:39 -07:00
James Phillips 7be075f1f1
Adds a note about the deprecated RPC ports. 2017-03-24 10:23:45 -07:00
James Phillips 16a9f6d671
Modifies server reconcile path to not use the server's token for internal operations. 2017-03-23 13:34:30 -07:00
Kyle Havlovitz 37ea20cb44
Add advanced autopilot features 2017-03-22 15:25:16 -07:00
James Phillips 82b6fbd844
Adds router into RPC paths with work in progress on coordinates. 2017-03-16 16:42:18 -07:00
Kyle Havlovitz 006c6b93b3 Merge pull request #2802 from hashicorp/f-autopilot-improvements
Fix an issue with changing server ID when re-joining
2017-03-15 20:26:16 -07:00
Kyle Havlovitz bc0494e396
Reorganized cluster health check loop and logic 2017-03-15 18:27:17 -07:00
Kyle Havlovitz c40279e012
Fix an issue with changing server IDs and add a few UX enhancements around autopilot features 2017-03-15 16:09:55 -07:00
Nic Jackson 414ac8bf7b Updated documentation to add information that bootstrap overrides server mode 2017-03-14 17:56:33 -07:00
Kyle Havlovitz 3c6bece859
Add autopilot guide to the docs 2017-03-10 14:55:18 -08:00
Kyle Havlovitz 4807215fa1 Merge pull request #2788 from hashicorp/f-autopilot-2
Autopilot server health monitoring
2017-03-10 12:29:45 -08:00
Kyle Havlovitz 8130f9b1c1
Cleaned up and reorganized some autopilot-related code 2017-03-09 18:21:40 -08:00
James Phillips 0cb637927c
Adds back the RPC page with a deprecation notice.
Fixes #2794.
2017-03-09 11:09:11 -08:00
James Phillips 61ea6faf6c Fixes a typo in the snapshot docs. 2017-03-08 19:49:07 -08:00
Kyle Havlovitz 0606133b75
Merge branch 'master' into f-autopilot-2 2017-03-06 16:02:19 -08:00
Kyle Havlovitz 8bcab6c6d7
Add autopilot server health tracking
This adds two goroutines to perform autopilot tasks on the leader - one
to monitor the health of servers and another to periodically clean up
dead servers with a limit on removal count. Also adds a new http endpoint,
`/v1/operator/autopilot/health`, for querying this information through an
operator RPC endpoint.
2017-03-06 16:00:10 -08:00
Sean Chittenden c6feba6ab7 Revert "Change ClientAddr to default to BindAddr when not present." 2017-03-06 13:32:43 -08:00
Sean Chittenden 17ccae59f4
Note the default value prior to 0.8 for -client was 127.0.0.1. 2017-03-06 12:26:35 -08:00
Sean Chittenden e1ced1de30
Change ClientAddr to default to BindAddr when not present.
With this change, it is now possible to only specify the `-bind` or
`bind_addr` attributes and get a functioning consul agent.
2017-03-04 20:52:52 -08:00
James Phillips 233795704c Moves raft_protocol config out into its own top-level item. 2017-03-04 09:20:23 -08:00
James Phillips aba567273e Merge pull request #2690 from zeroae/f-simple-rfc2782
RFC 2782 support with optional .service tag
2017-03-02 14:49:36 -08:00
Kyle Havlovitz 44f0b08db7 Merge pull request #2771 from hashicorp/f-autopilot
Autopilot dead server cleanup, config, and raft version compatibility
2017-02-28 15:04:16 -08:00
Kyle Havlovitz 23c492a74e
Rename DeadServerCleanup and make wording adjustments 2017-02-28 14:45:21 -08:00
Kyle Havlovitz 3b67c50c1d
Remove the RPC client interface and update docs 2017-02-28 13:41:09 -08:00
Kyle Havlovitz f7b6d776f4
Add cli docs and minor test/comment tweaks 2017-02-24 16:55:44 -08:00
Kyle Havlovitz 7d514a7ef6
Add docs and api client methods for autopilot config 2017-02-23 21:00:15 -08:00
Kyle Havlovitz af1bc4fa27
Add config section to docs for autopilot 2017-02-22 13:11:01 -08:00
Ellery Addington-White 17b9f3346d Adds missing double quote 2017-02-16 13:38:55 -08:00
James Phillips b88a7eee95 Adds clarifying note about the wakeup jitter.
Closes #2727.
2017-02-09 20:28:38 -08:00
James Phillips 723391b22d Removes broken WriteRequest ACL reference for catalog endpoints.
Fixes #1034.
2017-02-07 19:02:18 -08:00
Andrey Upadyshev f2b5a6439c Fix acquire parameter nesting 2017-02-03 00:20:35 +01:00
Kyle Havlovitz 4fc3bd3abf
Added -relay-factor param to keyring operations 2017-02-01 21:53:29 -05:00
Kyle Havlovitz f48cd78bc5 Merge pull request #2699 from hashicorp/f-tls-min-version
Add TLSMinVersion to config options
2017-02-01 16:31:53 -05:00
Kyle Havlovitz 086975ac0a
Add TLSMinVersion to config options 2017-02-01 16:20:33 -05:00
James Phillips d593771d3c Merge pull request #2692 from Toady00/patch-1
Specify PUT for agent maintenance endpoint
2017-02-01 06:58:20 -08:00
James Phillips cbaf7ee81e Merge pull request #2666 from hashicorp/sethvargo-patch-1
Say which ec2 perms to use
2017-02-01 06:57:07 -08:00
Brandon Dennis fe8e7238e5 Specify PUT for agent maintenance endpoint
Through most of the documentation if the method isn't specified it should be a `GET` request, but here it should be a `PUT`.
2017-01-31 16:00:27 -05:00
Patrick Sodré 5b68178dc1 Simple RFC 2782 support with optional .service tag
Add support for SRV queries of names matching:
_<service>._<protocol>.[.service][.datacenter]<.domain>
2017-01-30 19:46:02 -05:00
Andrey Upadyshev 0523eaf1f3 Fix missing query parameters formatting in HTTP API documentation 2017-01-25 14:34:56 +01:00
Kyle Havlovitz cc271aa436
Merge branch 'master' into f-prepared-query-nodemeta 2017-01-23 20:17:48 -05:00
Kyle Havlovitz 3cd054e81f
Add tests for node meta in prepared queries and update docs 2017-01-23 19:17:30 -05:00
Seth Vargo 222ade1f84 Say which ec2 perms to use 2017-01-20 17:13:28 -05:00
James Phillips 2e67edb2f2 Fixes a paste-o in the docs. 2017-01-18 16:02:04 -08:00
James Phillips 55cd1d975c
Adds catalog support for node IDs. 2017-01-18 14:26:42 -08:00
James Phillips 96bff003b7
Adds basic support for node IDs. 2017-01-17 22:47:59 -08:00
Mikhail Zholobov d54630ed79
website: Fix nesting for "raft_multiplier" option 2017-01-17 14:59:18 +02:00
Kyle Havlovitz 9080006a37
Add support for multiple metadata filters to remaining endpoints
Enabled multiple meta filters for /v1/catalog/nodes and /v1/catalog/services
2017-01-13 20:49:13 -05:00
Kyle Havlovitz e37f25dc02
Add node metadata filtering to remaining health/catalog endpoints 2017-01-13 20:08:43 -05:00
Kyle Havlovitz 2139dbb029
Merge branch 'master' into f-gce-discovery 2017-01-11 22:57:07 -05:00
Kyle Havlovitz 84b157eade
Condense gce discovery logging a bit 2017-01-11 22:37:22 -05:00
Kyle Havlovitz 821735d175 Merge pull request #2643 from hashicorp/f-node-metadata
Node metadata
2017-01-11 20:29:24 -05:00
Kyle Havlovitz 15f008b3e3
Update client api and docs for node metadata 2017-01-11 19:28:58 -05:00
Kyle Havlovitz 561d6c71e0
Update website docs for node metadata 2017-01-11 17:52:31 -05:00
Brian Shumate f81d8c0754
DOCS: update environment variables
- Move environment variables to section of CLI page
- Remove environment variables page
- Remove environment variables nagivation menu entry
2017-01-09 12:02:06 -05:00
Brian Shumate d5bdc4c98b
DOCS: update environment variables page
- Relocate Environment Variables page to Agent section
- Correct front matter newlines issue
2017-01-06 09:42:49 -05:00
James Phillips 5647e37ef2 Merge pull request #2611 from amiryal/patch-1
Correct heading level in encryption documentation
2017-01-05 12:13:13 -08:00
Ruslan Sennov e81502babb update /v1/agent/service/register endpoint doc 2016-12-26 23:32:20 +03:00
Amir Yalon 58ee61c3c7 Correct heading level in encryption documentation
The ‘RPC Encryption’ heading is semantically at the same level as ‘Gossip Encryption’.
2016-12-22 10:51:20 +02:00
James Phillips fe07574220
Fixes a typo in the agent options docs. 2016-12-14 21:03:16 -08:00
James Phillips b617e54ff0 Merge pull request #2594 from hashicorp/acl-complete
Adds complete ACL support for /v1/agent endpoints.
2016-12-14 20:49:00 -08:00
Kyle Havlovitz 398f4a04ef
Add a notice about deprecation of atlas features 2016-12-14 15:13:51 -05:00
James Phillips 927aa3789a
Adds ACL management support to the agent. 2016-12-14 07:07:41 -08:00
James Phillips 67f1fe8d0b
Adds support for a new "acl_agent_token" which is used for internal
catalog operations.
2016-12-12 14:52:27 -08:00
Chris Marchesi 1b4e26d005 command/agent: Google Compute Engine host discovery
This commit adds several command-line and config options that facilitate
host discovery through Google Compute Engine (GCE), much like the
recently added EC2 host discovery options. This should assist with
bootstrapping and joining servers within GCE when non-static addresses
are used, such as when using managed instance groups.

Documentation has also been added. It should be noted that if running
from within a GCE instance, the only option that should be necessary is
-retry-join-gce-tag-value.
2016-12-06 17:46:40 -08:00
James Phillips eb07e77c1c
Adds an opt-in for new ACL policies and features coming in Consul 0.8. 2016-12-06 11:06:14 -08:00
James Phillips c5ca72c5a5
Fixes broken link in options doc. 2016-12-05 18:53:51 -08:00
Mike Zupan 492d39fbb3 Needs to be moved
This took 2 hours from my life. The near has to be inside a service and not in the main block.
2016-12-01 22:47:02 -08:00
William Lord 67a84e0e20 Update snapshot.html.markdown 2016-12-01 10:11:35 +00:00
James Phillips bd5adea5ba Merge pull request #2555 from hashicorp/pr-2497-slackpad
Updates Circonus library and adds support for custom display name and tags.
2016-11-30 21:42:01 -08:00
James Phillips 7d67346f42
Changes Consul version number for new Circonus options. 2016-11-30 21:35:54 -08:00
Kyle Havlovitz dd05afb32e Add reload/leave http endpoints (#2516) 2016-11-30 13:29:42 -05:00
James Phillips ee16675eda Merge pull request #2532 from jamtur01/docspass
Documentation pass
2016-11-29 15:15:04 -08:00
James Phillips f4f96c180d Update dns.html.markdown 2016-11-29 15:01:38 -08:00
Kyle Havlovitz d91854f3b0 Add monitor http endpoint 2016-11-28 18:36:26 -05:00
James Turnbull edd5739e90 Final dc pass 2016-11-25 13:29:55 -05:00
James Turnbull 25566a292b Removed two space after period exceptions 2016-11-25 13:25:09 -05:00
James Turnbull 39364aa937 Another catch 2016-11-25 13:14:09 -05:00
James Turnbull 38be465b7d And a handful more 2016-11-25 12:39:08 -05:00
James Turnbull 51bc365377 More consistency 2016-11-25 12:34:07 -05:00
James Turnbull dd4918fd16 Documentation pass
I was reviewing some docs and found a few issues.

1. Fixed some spelling mistakes.
2. Re-formatted some paragraphs.
3. Changed some potentially loaded language.
4. Fixed some grammar issues.
5. Tried to consistently use syntax-highlighting.
6. Fixed post-period spacing.
7. Fixed some formatting issues and inconsistency.
8. All "notes" are either proper notes or re-written.
2016-11-25 12:02:32 -05:00
Kyle Havlovitz 66dea6951a Fix keyring doc method wording 2016-11-22 20:10:43 -05:00
Kyle Havlovitz 79f339b5dc Combine keyring endpoints into one 2016-11-22 20:10:43 -05:00
Kyle Havlovitz b13c9dc5d3 Add version specific note to keyring http docs 2016-11-22 20:10:43 -05:00
Kyle Havlovitz 86ae45c78b Add keyring api website doc sections 2016-11-22 20:10:43 -05:00
James Phillips 2319624f69 Makes addresses blank in service definition. 2016-11-22 08:29:29 -08:00
James Phillips a34d968aeb Tweaks title of snapshot link. 2016-11-21 09:02:19 -08:00
Brian Shumate 71e00601ec
tweaks 2016-11-18 10:53:59 -05:00
Brian Shumate e7b21b6876
Attempt to describe entire response (for #2393)
Describe fields returned by /v1/catalog/service/<service>
2016-11-18 10:33:37 -05:00
Cameron Stokes 17bc5a80ba ~ docs: Typo in agent options page. 2016-11-16 07:58:24 -08:00
Benjamin Farley e52e0b2a5a Small change to how operator docs read 2016-11-16 09:01:51 +00:00
Brian Shumate a487aec803 Docs: Web UI config updates (#2411)
* Updates around Web UI directory configuration

* consistent terms
2016-11-12 13:08:15 -08:00
Brian Shumate 1d6917fa9f Updated broken Extended Key Usage link (#2500) 2016-11-10 08:09:39 -08:00
Sumit Gupta 14cfeb8f7c Remove Extra > (#2499) 2016-11-10 08:09:17 -08:00
James Phillips 60d0c66be0
Revert "Updates Circonus metrics library and adds support for display name and tags."
This reverts commit bd490ec937a5859ba43b07d9103b3cb8f037e9e5 from #2491.
2016-11-09 16:21:02 -08:00
matt maier c7f98fe988 Updates Circonus metrics library and adds support for display name and tags.
* Update circonus-gometrics

`vendor circonus-labs/circonus-gometrics`
`vendor circonus-labs/circonus-gometrics/api`
`vendor circonus-labs/circonus-gometrics/checkmgr`
`vendor circonus-labs/circonusllhist`
`vendor hashicorp/go-retryablehttp`

* Update Circonus integration expose Check Display Name and Check Tags configuration options.

* Adds version info to docs for new Circonus options.
2016-11-09 13:26:43 -08:00
James Phillips dbf6232238 Adds version info to docs for new Circonus options. 2016-11-09 13:26:20 -08:00
matt maier 62fe94b3d6 Update Circonus integration expose Check Display Name and Check Tags configuration options. 2016-11-09 15:33:37 -05:00
Kyle Havlovitz 1ffdf04bd7 Set MaxStale default to 10 years and add a stale counter (#2481)
Default MaxStale to 10 years and add a counter at `consul.dns.stale_queries` that tracks when an agent serves a query that's stale by at least 5 seconds. Previously, MaxStale defaulted to 5 seconds and DNS would become unavailable after a short period of time with no leader. This new default allows DNS requests to still be served in the event of a long outage.

Fixes #2460.
2016-11-08 14:45:12 -05:00
Cameron Stokes f4e34397ac Clarify -retry-join docs. (#2469) 2016-11-03 14:22:46 -07:00
Kyle McCullough 697ea0f8eb Add setting to skip ssl certificate verification for HTTP checks (#1984)
* http check: add setting to skip ssl certificate verification

* update http check documentation

* fix typo in documentation

* Add TLSSkipVerify to agent api
2016-11-03 13:17:30 -07:00
James Phillips 18926728d4 Supports WAN and LAN Serf Bind Addresses. (#2468)
* * adding cli config and config file support for specifying the serf wan and lan bind addresses
* updating documentation for serf wan and lan options
Fixes #2007

* Cleans up some small things from #2380.

* Uses the bind default for the agent test for Serf WAN and LAN.
2016-11-03 12:58:58 -07:00
Kyle Havlovitz 1e2ca107c2
Small tweaks to docs and syntax 2016-11-03 13:04:42 -04:00
Kyle Havlovitz a3af480c42
Add support for ECS task roles as an auth mechanism 2016-11-02 18:48:15 -04:00
Kyle Havlovitz b9aa912e4c
Move EC2 discovery logic into retryJoin for robustness 2016-11-02 14:35:37 -04:00
Kyle Havlovitz c6f461aa25 Enable snapshots in dev mode (#2453) 2016-10-31 14:39:47 -04:00
James Phillips bc29610124 Adds support for snapshots and restores. (#2396)
* Updates Raft library to get new snapshot/restore API.

* Basic backup and restore working, but need some cleanup.

* Breaks out a snapshot module and adds a SHA256 integrity check.

* Adds snapshot ACL and fills in some missing comments.

* Require a consistent read for snapshots.

* Make sure snapshot works if ACLs aren't enabled.

* Adds a bit of package documentation.

* Returns an empty response from restore to avoid EOF errors.

* Adds API client support for snapshots.

* Makes internal file names match on-disk file snapshots.

* Adds DC and token coverage for snapshot API test.

* Adds missing documentation.

* Adds a unit test for the snapshot client endpoint.

* Moves the connection pool out of the client for easier testing.

* Fixes an incidental issue in the prepared query unit test.

I realized I had two servers in bootstrap mode so this wasn't a good setup.

* Adds a half close to the TCP stream and fixes panic on error.

* Adds client and endpoint tests for snapshots.

* Moves the pool back into the snapshot RPC client.

* Adds a TLS test and fixes half-closes for TLS connections.

* Tweaks some comments.

* Adds a low-level snapshot test.

This is independent of Consul so we can pull this out into a library
later if we want to.

* Cleans up snapshot and archive and completes archive tests.

* Sends a clear error for snapshot operations in dev mode.

Snapshots require the Raft snapshots to be readable, which isn't supported
in dev mode. Send a clear error instead of a deep-down Raft one.

* Adds docs for the snapshot endpoint.

* Adds a stale mode and index feedback for snapshot saves.

This gives folks a way to extract data even if the cluster has no
leader.

* Changes the internal format of a snapshot from zip to tgz.

* Pulls in Raft fix to cancel inflight before a restore.

* Pulls in new Raft restore interface.

* Adds metadata to snapshot saves and a verify function.

* Adds basic save and restore snapshot CLI commands.

* Gets rid of tarball extensions and adds restore message.

* Fixes an incidental bad link in the KV docs.

* Adds documentation for the snapshot CLI commands.

* Scuttle any request body when a snapshot is saved.

* Fixes archive unit test error message check.

* Allows for nil output writers in snapshot RPC handlers.

* Renames hash list Decode to DecodeAndVerify.

* Closes the client connection for snapshot ops.

* Lowers timeout for restore ops.

* Updates Raft vendor to get new Restore signature and integrates with Consul.

* Bounces the leader's internal state when we do a restore.
2016-10-25 19:20:24 -07:00
James Phillips 1adbcff059 Merge pull request #2383 from hashicorp/jbs-1462
Clarify retry_join addresses for #1462
2016-10-20 11:40:03 -07:00
Brian Shumate fd794ec0b4
Reworded and applied to -retry-join also 2016-10-20 14:14:55 -04:00
James Phillips 78815ea44d Adds a note about child process reaping going away. 2016-10-06 21:38:29 -07:00
Andreas Böttger 13c1315916 json syntax corrected 2016-10-04 15:40:53 +02:00
Brian Shumate 7fbec39f1f
Clarify retry_join addresses for #1462
- Initial pass at adding note about address formats for retry_join;
  IPv4 is a list of IPs only, whereas IPv6 are bracketed IPs + port
2016-10-03 12:15:24 -04:00
Brian Shumate df41000a94
Update variable value information as port must also be specified, fixes #2210 2016-09-29 12:50:00 -04:00
Brian Shumate a470c4901a
Finalize update for -bind 2016-09-27 18:36:19 -04:00
Brian Shumate bd43bd9981
Clarification 2016-09-27 12:38:32 -04:00
Brian Shumate ac9e1d6a10
Correct inaccurate bind reference, closes #2234 2016-09-27 12:05:22 -04:00
McKenna Jones 3390063ec6 cli flag formatting for agent docs and one guide 2016-09-26 21:22:01 -07:00
Seth Vargo 6a6d169ace
Clarify that hostname defaults to localhost for tcp 2016-09-21 12:20:36 -04:00
Brian Shumate af45d3463a
Remove references to the 'unknown' state.
- Remove reference to 'unknown' state in catalog endpoint docs
- Remove reference to 'unknown' state in health endpoint docs
2016-09-21 09:50:12 -04:00
James Phillips daa8a40993 Adds Operator endpoint link. 2016-09-15 13:13:09 -07:00
James Phillips 3b1f368fe5 Adds version note to near parameter. 2016-09-06 07:50:06 -07:00
James Phillips 6db4aea4c4 Tweaks options doc after latest merges. 2016-09-01 22:18:34 -07:00
James Phillips aed72ccc60 Merge pull request #2263 from sweeneyb/dnsPort
Add support for dns port as a command line option
2016-09-01 22:16:15 -07:00
James Phillips 1924eccf71 Merge pull request #2322 from hashicorp/pr-2321-slackpad
Adds a configurable timeout for DNS recursor client.
2016-09-01 22:11:54 -07:00
James Phillips ca71911eed
Tweaks documentation. 2016-09-01 21:50:46 -07:00
Pivotal DX129 2682410059 Merge remote-tracking branch 'upstream/master' 2016-09-01 10:15:32 -04:00
James Phillips d419a0ae0d
Changes default for leave_on_terminate based on server or client mode. 2016-08-31 23:39:11 -07:00
James Phillips 3304352272
Changes default DNS allow_stale to true. 2016-08-30 13:55:19 -07:00
James Phillips c063a1a8d0
Updates documentation with details on the Consul operator actions. 2016-08-30 13:15:37 -07:00
James Phillips 1b7a16b7d3
Adds new consul operator endpoint, CLI, and ACL and some basic Raft commands. 2016-08-30 00:02:50 -07:00
Pierre Delagrave a5fccc45db Added website documentation for the new recursor_timeout parameter 2016-08-29 14:41:30 -04:00
James Phillips 2f4c237cff
Adds a max raft multiplier and tweaks documentation. 2016-08-25 15:36:05 -07:00
James Phillips b339b0d2fc
Adds performance tuning capability for Raft, detuned defaults, and supplemental docs. 2016-08-24 21:58:37 -07:00
Brian Shumate b1164d256e Fix typo 2016-08-18 09:14:15 -04:00
James Phillips 1820de27fc Merge pull request #2235 from robwdux/patch-1
update ca tutorial to one more recent and relevant
2016-08-17 18:00:03 -07:00
James Phillips db4666c7e4 Update acl.html.markdown 2016-08-17 10:21:59 -07:00
James Phillips db9a72dde1
Merge branch 'master' into f-deregister-critical 2016-08-16 12:53:21 -07:00
James Phillips 607595f99e
Cleans up based on code review feedback. 2016-08-16 12:52:30 -07:00
James Phillips bc333335be
Adds an X-Consul-Translate-Addresses to signal translation is enabled. 2016-08-16 11:31:41 -07:00
James Phillips 817d7e93e4
Adds an "lan" tagged address so we have a way to get them all.
If we didn't have this, then there would be no way to know the LAN
address if address translation was turned on.
2016-08-16 10:49:03 -07:00
James Phillips f517f9ed0d
Fixes a typo and adds an admonition about only being in Consul 0.7+. 2016-08-16 09:27:20 -07:00
James Phillips b4f981c837
Adds ability to deregister a service based on critical check state longer than a timeout. 2016-08-16 01:00:26 -07:00
James Phillips 4ca26f68fd Tweaks translate_wan_addr documentation.
Adds a note about HTTP being 0.7 and later only.
2016-08-15 16:23:01 -07:00
James Phillips 3af9257cb8 Merge pull request #2275 from hashicorp/pr-2118-slackpad
Translates node addresses to WAN addresses where appropriate.
2016-08-15 16:16:56 -07:00
James Phillips ee2e161dfe
Updates docs for WAN address translation and tweaks some nearby unrelated docs. 2016-08-15 16:12:01 -07:00
Brian Shumate dc7824b0cd Add anchor 2016-08-15 16:48:54 -04:00
James Phillips 086a5af5ff
Finishes up DNS compression by adding opt-out, tests, and documentation. Fixes trim routine. 2016-08-11 16:27:08 -07:00
sweeneyb e8117ba622 Add support for dns port as a command line option 2016-08-10 04:05:56 +00:00
James Phillips ff64833b4a Adds a note about HTTP telemetry. 2016-08-09 16:03:59 -07:00
James Phillips 3585b5a4cb Merge pull request #2237 from hashicorp/f-acl-replication
Adds ACL replication.
2016-08-09 11:42:16 -07:00
James Phillips 5577b8ef66
Updates documentation for ACL replication. 2016-08-05 00:23:28 -07:00
rob dux 3bd9be7151 update ca tutorial to one more recent and relevant 2016-08-02 21:24:02 -05:00
Andrei Burd 06c0663082 Added missing comma 2016-08-01 18:46:43 +03:00
James Phillips 63ff6ebc2c Adds a cautionary note about the stats in the self API. 2016-07-29 13:45:25 -07:00
James Phillips 36b2ef619e Tweaks the agent docs for EnableTagOverride. 2016-07-23 14:48:54 -07:00
shalev67 0763f1a9f5 Added api agent docs enableTagOverride var 2016-07-22 20:21:07 +03:00
Jason Martin bda170a872
Escape verify_server_hostname angle-brackets 2016-07-20 15:57:07 -07:00
matt maier 9c3f14ce1b Change circonus_broker_search_tag to circonus_broker_select_tag to match same change to command/agent/config.go 2016-07-20 11:44:38 -04:00
James Phillips 51fbad91fd Merge pull request #2193 from hashicorp/pr-2188-slackpad
Adds Circonus support for telemetry metrics.
2016-07-19 17:15:29 -07:00
James Phillips ca5f42d61d Tweaks the docs a bit. 2016-07-19 15:54:52 -07:00
akbarahmed 99c1e0051d Merge remote-tracking branch 'upstream/master' 2016-07-19 11:01:55 -07:00
akbarahmed 25f6bc9d56 Unnest TaggedAddresses. Add sentence to mention that multiple Checks may
be specified as an array. Closes hashicorp/consul#2176
2016-07-19 10:55:46 -07:00
matt maier 53936f336d Documentation for Circonus Telemetry integration 2016-07-18 16:24:49 -04:00
Stu Small 6a664a4669 Fixing minor punctuation mistake. 2016-07-13 16:50:19 -06:00
Ryan Uber 62d0edbdd4 Merge pull request #1847 from mssola/dc-to-datacenter
[proposal] command: deprecated the -dc flag in the agent CLI
2016-07-05 13:01:51 -07:00
Sean Macdonald c24fe9f8b5 small typo 2016-07-02 01:29:00 -04:00
Ryan Uber 53dc58ff27 website: document near parameter of prepared queries 2016-07-01 11:50:09 -07:00
James Phillips 055b6973f6 Merge pull request #2123 from hashicorp/f-key-metrics
Adds a key metrics section to the telemetry guide.
2016-06-18 04:01:15 +01:00
James Phillips 53f082b2af Adds a key metrics section to the telemetry guide. 2016-06-17 18:57:42 +01:00
Sheldon Kwok a3788d4ede Update agent.html.markdown
The documentation was not clear and I had to try with the cli to figure it out.
2016-06-09 16:48:18 -07:00
lihz b862d3f044 add tcp in service/register
I found consul /service/register interface supprt TCP check as well.
2016-06-03 19:29:05 +08:00
Michael Barrow 0871236ca7 Fix typo
Simple typo fix.
2016-05-29 10:24:44 -07:00
Sean Chittenden 67b9104daf
Fix the href target for the /v1/catalog/node/<node> endpoint. 2016-05-27 00:12:17 -07:00
Sean Kilgore a60c0b630a docs: clarify address specification for telemetry
Earlier on this page, under `addresses`, we say "For TCP addresses, these should simply be an IP address without the port. For example: 10.0.0.1, not 10.0.0.1:8500." Since we expect the port to be included for `_address` for telemetry, call it out specifically.
2016-05-24 12:55:23 -07:00
Saif Abid e786aafe70 Fix json for /v1/catalog/node in markdown
add in a missing comma after the "Address" field
2016-05-19 14:41:41 -04:00
James Phillips ffcba3df58 Merge pull request #2028 from hashicorp/f-atomic-kv
Adds support for atomic transactions spanning multiple KV entries.
2016-05-15 13:46:05 -07:00
Sean Chittenden b20f86b4c7
Speling police 2016-05-15 09:13:52 -07:00
James Phillips c786e1d457 Reduces the number of operations in a transaction to 64. 2016-05-14 21:40:46 -07:00
James Phillips a11f32a1da Adds a get-tree verb to KV transaction operations. 2016-05-13 16:57:39 -07:00
James Phillips 77ae55c692 Adds some size limiting features to transactions to help prevent abuse. 2016-05-13 13:39:01 -07:00
James Phillips 5fd99b13ef Removes null results for deletes, and preps for more than one result from an operation. 2016-05-13 01:47:55 -07:00
James Phillips 2649a6336e Adds a read-only optimized path for transactions. 2016-05-13 00:34:05 -07:00
James Phillips 6daf26ada4 Adds documentation for the transaction endpoint. 2016-05-11 14:18:47 -07:00
James Phillips 76b90ccb17 Fixes and clarifies the only_passing docs. 2016-04-27 14:55:38 -07:00
James Phillips 03b0c196e0 Merge pull request #1762 from mshean/script-timeout
Add Timeout field to CheckMonitor
2016-04-24 23:08:06 -07:00
Sean Chittenden b0203278f2 Tweak discussion regarding reaping to advise against adjusting these
values.
2016-04-21 14:24:41 -07:00
Sean Chittenden 515a42e733 Fix broken markdown 2016-04-20 18:46:01 -04:00
James Phillips 6182a34600 Merge pull request #1935 from hashicorp/f-reap-time
Makes reap time configurable for LAN and WAN.
2016-04-20 13:50:21 -07:00
James Phillips bc6efbae18 Sets an anti-footgun floor for the configurable reap time. 2016-04-20 13:49:51 -07:00
Matt Shean f232a11291 Update documentation for CheckMonitor timeout 2016-04-20 11:43:49 -07:00
James Phillips 24c2bc44f1 Clarifies default behavior of blank service addresses. 2016-04-20 10:16:06 -07:00
Ryan Uber 1e9f3341d0 website: mention 4K output limit for checks 2016-04-14 14:35:35 -07:00
James Phillips 07e9c09a58 Merge pull request #1891 from romansky/patch-1
clerify RPC usage
2016-04-12 02:10:15 -07:00
James Phillips 86bb36f211 Updates some docs that say reaping is not configurable. 2016-04-11 00:56:03 -07:00
James Phillips 32389a9822 Makes reap time configurable for LAN and WAN. 2016-04-11 00:38:25 -07:00
Sean Chittenden 8156eb9953 Add a note re: pre-0.7 behavior 2016-03-31 18:06:58 -07:00
Sean Chittenden 9eaffc456f skip_leave_on_int's default changes based on agent mode
`skip_leave_on_int`'s behavior now changes based on whether or not the agent is acting as a client or server.

Fixes: 1687
2016-03-31 17:45:14 -07:00
Roman Landenband bb17b99dbe fix correct RPC entity 2016-03-30 12:21:52 +03:00
Sean Chittenden 7603dcfd4b Reword udp_answer_limit for the better. 2016-03-29 23:48:22 -07:00
Sean Chittenden 0bf0f2a1ab Use industry jargon re: DNS round-robin
s/randomized DNS round-robin/round-robin DNS/
2016-03-29 23:07:42 -07:00
Sean Chittenden 64c1c12752 Whitespace, indent markdown correctly 2016-03-29 19:27:36 -07:00
Sean Chittenden d1166307aa Trim UDP responses per configuration 2016-03-29 19:27:21 -07:00
Sean Chittenden f8a0e1fb1a Merge branch 'b-dns-single-record' of ssh://github.com/hashicorp/consul into b-dns-single-record
# Conflicts:
#	command/agent/dns.go
2016-03-29 19:24:53 -07:00
Sean Chittenden a29f6e8c8f Allow adjusting the number of DNS records in a response...
Based on work done by @fusiondog in #1583, extend the concept to use an integer instead of a boolean.

Fixes: #1583 && #1481
2016-03-29 19:23:56 -07:00
Roman Landenband f0c30e8d0f clerify RPC usage 2016-03-29 15:10:28 +03:00
James Phillips 0f23210628 Fixes JSON in wildcard query example. 2016-03-23 14:33:20 -07:00
James Phillips 7ad0d9789f Merge pull request #1839 from foxel/patch-1
Clarification for advertise_addrs.rpc
2016-03-21 16:14:17 -07:00
Sean Chittenden 5a40caf2a8 Update the docs slightly re: only_passing
Signed-off by: @slackpad
2016-03-21 16:07:56 -07:00
Sayalic 85e3590a95 add inline code segment to enableTagOverride 2016-03-20 11:09:12 +08:00
Wim 508bc796a8 Allow [::] as a bind address (binds to first public IPv6 address) 2016-03-18 23:59:44 +01:00
Miquel Sabaté Solà 314a0913e2 command: deprecated the -dc flag in the agent CLI
The `-dc` flag from the agent CLI command has been deprecated in favor of
`-datacenter`. This is done this way because:

- Other CLI commands used `-datacenter`. See: event, exec and watch.
- The agent configuration file uses `datacenter`.

Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
2016-03-18 15:44:35 +01:00
James Phillips 4c3b2edfed Fixes a few bugs in the prepared query doc. 2016-03-17 23:42:27 -07:00
Andrey Kupreychik d3bce2b1af Clarification for advertise_addrs.rpc
Clarification for advertise_addrs.rpc as it sets the server RPC port (default 8300)
2016-03-16 12:10:54 +05:00
James Phillips ec82388e32 Merge pull request #1803 from tylert/doc-enc-update
Update agent encryption doc example
2016-03-10 20:06:02 -08:00
James Phillips ae7b45a6df Merge pull request #1820 from hashicorp/f-port-docs
Adds a reference to the network ports from the security guide.
2016-03-09 21:22:41 -08:00
James Phillips b2992a5e83 Adds a reference to the network ports from the security page. 2016-03-09 21:21:49 -08:00
Igor Dubinskiy 8a877c44eb Fix doc typo 2016-03-09 12:41:49 -08:00
Tyler Tidman df7f593747 Update agent encryption doc example 2016-03-09 11:18:48 -05:00
Igor Dubinskiy f4edb28ef3 Make sure UDP DNS responses aren't larger than allowed 2016-03-07 16:41:17 -08:00
James Phillips e634e91ae6 Fixes broken example JSON. 2016-03-07 10:45:39 -08:00
James Phillips 275c84a0cc Renames "debug" endpoint and structures to "explain". 2016-03-07 10:45:39 -08:00
James Phillips 8493640b09 Adds a prepared query debug endpoint. 2016-03-07 10:45:39 -08:00
James Phillips e6232a21e4 Adds basic docs for prepared query templates. 2016-03-07 10:45:39 -08:00
James Phillips bd4f2ee6b7 Adds a new PUT-based TTL check update endpoint. 2016-03-02 17:54:01 -08:00
James Phillips ecc617008a Merge pull request #1777 from hashicorp/b-port-docfix
TLS example and correcting error
2016-03-01 13:02:30 -08:00
James Phillips 807769e6bd Tweaks the address and advertise docs. 2016-03-01 13:01:13 -08:00
James Phillips 72f7c08a0a Cleans up the documents. 2016-02-24 18:05:58 -08:00
James Phillips c75256ac8b Adds a check for users re-submitting the redacted token. 2016-02-24 17:35:26 -08:00
James Phillips 2f7eac8b86 Renames "prepared_query" ACL policy to "query". 2016-02-24 17:02:06 -08:00
James Phillips a8ac27fa49 Refactors docs into a more complete state for prepared query ACLs. 2016-02-23 22:27:44 -08:00
James Phillips 633c231d67 Creates new "prepared-query" ACL type and new token capture behavior.
Prior to this change, prepared queries had the following behavior for
ACLs, which will need to change to support templates:

1. A management token, or a token with read access to the service being
   queried needed to be provided in order to create a prepared query.

2. The token used to create the prepared query was stored with the query
   in the state store and used to execute the query.

3. A management token, or the token used to create the query needed to be
   supplied to perform and CRUD operations on an existing prepared query.

This was pretty subtle and complicated behavior, and won't work for
templates since the service name is computed at execution time. To solve
this, we introduce a new "prepared-query" ACL type, where the prefix
applies to the query name for static prepared query types and to the
prefix for template prepared query types.

With this change, the new behavior is:

1. A management token, or a token with "prepared-query" write access to
   the query name or (soon) the given template prefix is required to do
   any CRUD operations on a prepared query, or to list prepared queries
   (the list is filtered by this ACL).

2. You will no longer need a management token to list prepared queries,
   but you will only be able to see prepared queries that you have access
   to (you get an empty list instead of permission denied).

3. When listing or getting a query, because it was easy to capture
   management tokens given the past behavior, this will always blank out
   the "Token" field (replacing the contents as <hidden>) for all tokens
   unless a management token is supplied. Going forward, we should
   discourage people from binding tokens for execution unless strictly
   necessary.

4. No token will be captured by default when a prepared query is created.
   If the user wishes to supply an execution token then can pass it in via
   the "Token" field in the prepared query definition. Otherwise, this
   field will default to empty.

5. At execution time, we will use the captured token if it exists with the
   prepared query definition, otherwise we will use the token that's passed
   in with the request, just like we do for other RPCs (or you can use the
   agent's configured token for DNS).

6. Prepared queries with no name (accessible only by ID) will not require
   ACLs to create or modify (execution time will depend on the service ACL
   configuration). Our argument here is that these are designed to be
   ephemeral and the IDs are as good as an ACL. Management tokens will be
   able to list all of these.

These changes enable templates, but also enable delegation of authority to
manage the prepared query namespace.
2016-02-23 17:12:43 -08:00