Commit Graph

10068 Commits

Author SHA1 Message Date
Alvin Huang f1b736afa9 add redirects for ACL docs 2019-03-25 15:22:51 -04:00
kaitlincarter-hc 119cb6dd86
[Docs] Launching K8s getting started path on Learn (#5511)
* Moving Minikube guide.

* Update website/source/layouts/docs.erb

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

* Update website/source/docs/guides/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-03-25 12:12:07 -05:00
Judith Malnick 76ed1e46bb
Update website/source/docs/guides/connect-envoy.md
Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-03-25 09:28:03 -05:00
Judith Malnick ed6f10ecdc
Update website/source/docs/guides/connect-envoy.md
Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-03-25 09:27:52 -05:00
kaitlincarter-hc f072b465de
Updated for migration. (#5512) 2019-03-25 09:24:28 -05:00
kaitlincarter-hc 5cf6d7681a
Fixing smart quotes (#5522) 2019-03-25 09:22:27 -05:00
Alvin Huang 3510bfb630
Merge pull request #5544 from hashicorp/fix-broken-link
fix broken link
2019-03-22 19:24:36 -04:00
Alvin Huang d686201776 fix broken link 2019-03-22 19:20:48 -04:00
Alvin Huang 759cd30c8d
Merge pull request #5525 from hashicorp/add-xc-builds
Add xc builds
2019-03-22 17:49:28 -04:00
Paul Banks cf5528734c
Connect: Fix Envoy getting stuck during load (#5499)
* Connect: Fix Envoy getting stuck during load

Also in this PR:
 - Enabled outlier detection on upstreams which will mark instances unhealthy after 5 failures (using Envoy's defaults)
 - Enable weighted load balancing where DNS weights are configured

* Fix empty load assignments in the right place

* Fix import names from review

* Move millisecond parse to a helper function
2019-03-22 19:37:14 +00:00
Alvin Huang eefc580d91 adding distro builds to circleci 2019-03-22 14:49:49 -04:00
Judith Malnick 6c75291aeb
[docs] improve telegraf guide with objectives, summary, formatting (#5527) 2019-03-22 09:40:38 -07:00
Kyle Havlovitz 7aa1e14b18
Add some basic normalize/validation logic for config entries 2019-03-22 09:25:37 -07:00
R.B. Boyer caadf208bd
api: fix panic in 'consul acl set-agent-token' (#5533)
api: fix panic in 'consul acl set-agent-token'

Fixes #5531
2019-03-21 15:04:40 -05:00
Jud White 84bcf52cdb docs: update 'sc' usage in windows-guide.html.md (#5501)
- the space after `=` is significant in sc parameters (binPath= "<path> <args>, start= auto)
- given the text "the service automatically starts up during/after boot", added `start= auto` to
  the example,  otherwise the service will be set to Manual start mode.
2019-03-21 12:51:04 -05:00
Paul Banks 68e8933ba5
Connect: Make Connect health queries unblock correctly (#5508)
* Make Connect health queryies unblock correctly in all cases and use optimal number of watch chans. Fixes #5506.

* Node check test cases and clearer bug test doc

* Comment update
2019-03-21 16:01:56 +00:00
Todd Radel 10d71fa84a [docs] New doc on integration with Ambassador Proxy (#5497)
* New doc on integration with Ambassador Proxy

* Remove reference to "step 1"

* Added link to docs for `consul intention check`

* Update website/source/docs/platform/k8s/ambassador.html.md

Co-Authored-By: tradel <todd@radel.us>

* Update website/source/docs/platform/k8s/ambassador.html.md

Co-Authored-By: tradel <todd@radel.us>

* Update website/source/docs/platform/k8s/ambassador.html.md

Co-Authored-By: tradel <todd@radel.us>

* Added links to install guide and Connect guide
2019-03-21 11:00:39 -05:00
Hans Hasselberg 6f6bd14d25 Putting source back into Dev Mode 2019-03-21 16:34:48 +01:00
Hans Hasselberg 24bd9ad9a2 Merge branch 'master' of github.com:hashicorp/consul 2019-03-21 15:13:03 +00:00
Judith Malnick 0957c8f59d
Update website/source/docs/guides/kubernetes-reference.html.md
Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-03-21 09:51:37 -05:00
Judith Malnick cf875d74c3
Update website/source/docs/guides/kubernetes-reference.html.md
Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-03-21 09:50:25 -05:00
kaitlincarter-hc d186873324
Updating network segments guide (#5529) 2019-03-21 09:35:49 -05:00
Rebecca Zanzig 96d6aa0eaf
Merge pull request #5523 from hashicorp/docs/coredns
Add dns configuration info for CoreDNS users
2019-03-20 23:47:41 -07:00
Rebecca Zanzig 05587186a6 Add dns configuration info for CoreDNS users 2019-03-20 23:02:04 -07:00
kaitlincarter 83594b22e6 New k8s reference arch guide. 2019-03-20 19:20:05 -05:00
Kyle Havlovitz c2cba68042 Fix fsm serialization and add snapshot/restore 2019-03-20 16:13:13 -07:00
Alvin Huang b1e8299d5d add optional parallel flag to gox 2019-03-20 15:19:27 -04:00
Hans Hasselberg f5440be54d
Release v1.4.4 2019-03-20 16:00:54 +00:00
Hans Hasselberg ffaf12e3c8 Update CHANGELOG.md 2019-03-20 13:15:35 +00:00
Hans Hasselberg 483975249b Update CHANGELOG.md 2019-03-20 10:53:32 +00:00
Kyle Havlovitz 9df597b257 Fill out state store/FSM functions and add tests 2019-03-19 15:56:17 -07:00
R.B. Boyer 5b1f66f818 agent: ensure the TLS hostname verification knows about the currently configured domain (#5513) 2019-03-19 22:35:19 +01:00
tryan225 3dcc00f854 Adding an example of extraVolumes with the Helm chart 2019-03-19 14:31:11 -07:00
Kyle Havlovitz 53913461db Add config types and state store table 2019-03-19 10:06:46 -07:00
Hans Hasselberg 6617e3bf01
Update CHANGELOG.md 2019-03-19 17:09:15 +01:00
Erik DeLamarter a3ca2e77ce [Docs] Added a note to GCE auto-join credentials option (#5391)
* Added a note to GCE auto-join credentials option

Simply added a note to remind users that putting a json file in the config-dir will make consul parse it as a config file.
Hope to help someone else avoid wasting a day because of these errors:
==> Error parsing /etc/consul.d/credentials.json: 10 error(s) occurred: * invalid config key private_key

* Updated according to style guidelines

Co-Authored-By: delamart <erik@delamarter.ch>
2019-03-19 09:40:12 -05:00
Kyle Havlovitz bb0839ea5b Condense some test logic and add a comment about renaming 2019-03-18 16:15:36 -07:00
kaitlincarter-hc facda98f0a Updating the intro. 2019-03-18 14:52:17 -05:00
John Cowen 73f79ac599 [Docs] Connect Sidecar Proxies: Fixes 'must may' typo and adds formatting to follow other docs (#5397)
* Fixes 'must may' typo and adds formatting to follow other docs

* Reverts local_service_port docs to state its optional
2019-03-18 11:48:56 -07:00
Todd Radel d3ad84a710 [docs] Added section on using Helm chart to deploy Enterprise binaries (#5454)
* Added section on using Helm chart to deploy Enterprise binaries

* Update website/source/docs/platform/k8s/helm.html.md

Switch to active voice.

Co-Authored-By: tradel <todd@radel.us>

* Update website/source/docs/platform/k8s/helm.html.md

Co-Authored-By: tradel <todd@radel.us>

* Update website/source/docs/platform/k8s/helm.html.md

* Update website/source/docs/platform/k8s/helm.html.md

Co-Authored-By: tradel <todd@radel.us>
2019-03-18 11:21:40 -07:00
Steve Burns ff8ab320da Add log_file attribute to agent configuration documentation (#5492) 2019-03-18 10:24:49 -07:00
Hans Hasselberg 4eaffe4c41
agent: only use TestAgent when appropriate (#5502) 2019-03-18 17:06:16 +01:00
Paul Banks 5d56039874
Update CHANGELOG.md 2019-03-15 20:20:39 +00:00
Paul Banks dd08426b04
Optimize health watching to single chan/goroutine. (#5449)
Refs #4984.

Watching chans for every node we touch in a health query is wasteful. In #4984 it shows that if there are more than 682 service instances we always fallback to watching all services which kills performance.

We already have a record in MemDB that is reliably update whenever the service health result should change thanks to per-service watch indexes.

So in general, provided there is at least one service instances and we actually have a service index for it (we always do now) we only ever need to watch a single channel.

This saves us from ever falling back to the general index and causing the performance cliff in #4984, but it also means fewer goroutines and work done for every blocking health query.

It also saves some allocations made during the query because we no longer have to populate a WatchSet with 3 chans per service instance which saves the internal map allocation.

This passes all state store tests except the one that explicitly checked for the fallback behaviour we've now optimized away and in general seems safe.
2019-03-15 20:18:48 +00:00
Paul Banks c9663d8235
Update CHANGELOG.md 2019-03-15 20:16:13 +00:00
Pierre Souchay 8f0fe5a00a Ensure we remove Connect proxy before deregistering the service itself (#5482)
This will fix https://github.com/hashicorp/consul/issues/5351
2019-03-15 20:14:46 +00:00
Alex Mayer a73d983d19 Docs Proofing (#5424)
* Docs: Remove default_policy From Code Example

It is not needed according to:
https://www.consul.io/docs/agent/acl-system.html#configuring-acls

* Docs: Cleanup Commands And Their Output On ACL Guide Page

Remove extra spaces and newlines
Ensure rules match input rules

* Docs: Remove Incomplete "Added In Version" Statement

Version added is specified on parent option

* Docs: Fix Broken Links

* Docs: Minor Sentence Tweaks
2019-03-15 09:35:33 -05:00
Matt Keeler 240934e856
Update CHANGELOG.md 2019-03-14 11:10:32 -04:00
Valentin Fritz 0fde90b172 Fix checks removal when removing service (#5457)
Fix my recently discovered issue described here: #5456
2019-03-14 11:02:49 -04:00
R.B. Boyer d65008700a
acl: reduce complexity of token resolution process with alternative singleflighting (#5480)
acl: reduce complexity of token resolution process with alternative singleflighting

Switches acl resolution to use golang.org/x/sync/singleflight. For the
identity/legacy lookups this is a drop-in replacement with the same
overall approach to request coalescing.

For policies this is technically a change in behavior, but when
considered holistically is approximately performance neutral (with the
benefit of less code).

There are two goals with this blob of code (speaking specifically of
policy resolution here):

  1) Minimize cross-DC requests.
  2) Minimize client-to-server LAN requests.

The previous iteration of this code was optimizing for the case of many
possibly different tokens being resolved concurrently that have a
significant overlap in linked policies such that deduplication would be
worth the complexity. While this is laudable there are some things to
consider that can help to adjust expectations:

  1) For v1.4+ policies are always replicated, and once a single policy
  shows up in a secondary DC the replicated data is considered
  authoritative for requests made in that DC. This means that our
  earlier concerns about minimizing cross-DC requests are irrelevant
  because there will be no cross-DC policy reads that occur.

  2) For Server nodes the in-memory ACL policy cache is capped at zero,
  meaning it has no caching. Only Client nodes run with a cache. This
  means that instead of having an entire DC's worth of tokens (what a
  Server might see) that can have policy resolutions coalesced these
  nodes will only ever be seeing node-local token resolutions. In a
  reasonable worst-case scenario where a scheduler like Kubernetes has
  "filled" a node with Connect services, even that will only schedule
  ~100 connect services per node. If every service has a unique token
  there will only be 100 tokens to coalesce and even then those requests
  have to occur concurrently AND be hitting an empty consul cache.

Instead of seeing a great coalescing opportunity for cutting down on
redundant Policy resolutions, in practice it's far more likely given
node densities that you'd see requests for the same token concurrently
than you would for two tokens sharing a policy concurrently (to a degree
that would warrant the overhead of the current variation of
singleflighting.

Given that, this patch switches the Policy resolution process to only
singleflight by requesting token (but keeps the cache as by-policy).
2019-03-14 09:35:34 -05:00