Commit Graph

3046 Commits

Author SHA1 Message Date
Denislav Denov 3932b5b907
Update website/pages/docs/commands/license.mdx
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
2020-05-08 15:51:52 +03:00
Denislav Denov aa5527303b
Update license.mdx
Hello team,

I noticed that the reset part of the consul license command was missing in the documentation so I added it and created this PR.
2020-05-08 11:13:41 +03:00
Jeff Escalante 55e5c1b9ef add alert banner to website 2020-05-06 20:06:39 -04:00
R.B. Boyer 1187d7288e
acl: oss plumbing to support auth method namespace rules in enterprise (#7794)
This includes website docs updates.
2020-05-06 13:48:04 -05:00
Luke Kysow 3b9e53e290
Merge pull request #7724 from hashicorp/helm-repo
Update k8s instructions for new helm repo
2020-05-05 16:17:53 -07:00
Iryna Shustava a61329c747
docs: add Helm docs for external servers and bootstrapToken (#7725) 2020-05-04 18:09:59 -07:00
R.B. Boyer c9c557477b
acl: add MaxTokenTTL field to auth methods (#7779)
When set to a non zero value it will limit the ExpirationTime of all
tokens created via the auth method.
2020-05-04 17:02:57 -05:00
R.B. Boyer 265d2ea9e1
acl: add DisplayName field to auth methods (#7769)
Also add a few missing acl fields in the api.
2020-05-04 15:18:25 -05:00
R.B. Boyer 5848f0fd7b
docs: add docs for snapshot agent local_scratch_path option (#7730)
Also fix some website upgrade bugs.
2020-05-01 14:51:57 -05:00
Jeff Escalante c00f246129
fix multiline note (#7744) 2020-04-30 14:07:16 -04:00
Luke Kysow 7115c41277
Update k8s instructions for new helm repo
Also remove index page for operations since it just linked to the other
pages in the list.
2020-04-30 10:04:55 -07:00
Iryna Shustava d4a5c0b2ba
docs: add Helm docs for external servers and bootstrapToken (#7725)
Also, backfill some Helm docs that got lost in the new website merge
2020-04-28 14:38:02 -07:00
Jeff Escalante 76268de08c
dependencies 2020-04-28 12:53:30 -04:00
Luke Kysow 6aeb465dd4
Fix broken markdown link 2020-04-28 12:53:29 -04:00
Jeff Escalante cd91a8e7dc
update dependencies 2020-04-28 12:53:29 -04:00
Jeff Escalante 851e6dd62d
remove guides from sidebar 2020-04-28 12:53:29 -04:00
Blake Covarrubias 6e3b3a3f04
Add callouts to Enterprise features (#7548)
Label all enterprise-related content with Enterprise badge/callout.

Resolves #6887

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-04-28 12:53:29 -04:00
Jeff Escalante ad0a235242
update dependencies 2020-04-28 12:53:28 -04:00
Jeff Escalante 763994533f
update deps with a bunch of incremental fixes 2020-04-28 12:53:28 -04:00
kaitlincarter-hc 48cdd43606
[Docs] Kuberentes Guides (#7660)
* Update k8s guide titles

* Update website/pages/docs/k8s/installation/gke.mdx

Co-Authored-By: Luke Kysow <1034429+lkysow@users.noreply.github.com>

Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2020-04-28 12:53:28 -04:00
Jeff Escalante ed938cf125
correct rebased k8s/eks location 2020-04-28 12:53:27 -04:00
Jeff Escalante adca928bb3
anchor link analytics (#7648) 2020-04-28 12:53:27 -04:00
Jeff Escalante 87091f7456
add clearer safe write note to readme 2020-04-28 12:53:27 -04:00
Jeff Escalante 8ff109b66f
add 301 to readme 2020-04-28 12:53:27 -04:00
Jeff Escalante be78f98a6c
a couple more anchor link fixes 2020-04-28 12:53:26 -04:00
Jeff Escalante 7c293ffd25
misc cleanup & fixes 2020-04-28 12:53:26 -04:00
Jeff Escalante d14f99f0b0
update meta description 2020-04-28 12:53:26 -04:00
Jeff Escalante 0d0f0ee514
update deps, add no-index category, fix downloads page 2020-04-28 12:53:25 -04:00
Jeff Escalante 3461407f34
fix broken links 2020-04-28 12:53:25 -04:00
Jeff Escalante 4183723bd9
fix homepage link, docs index 2020-04-28 12:53:25 -04:00
Jeff Escalante 7d426348ce
remove guides that were moved to learn 2020-04-28 12:53:24 -04:00
Jeff Escalante 3ab1f76c6e
add k8s/consul alias back, fix react prop name 2020-04-28 12:53:24 -04:00
Jeff Escalante b685869419
remove 'sidebar_current' from frontmatter 2020-04-28 12:53:24 -04:00
Jeff Escalante 99c297e898
home & use case pages 2020-04-28 12:53:23 -04:00
Jeff Escalante 0629d161ac
one more time 2020-04-28 12:53:23 -04:00
Jeff Escalante 2755fd51e7
test 2020-04-28 12:53:23 -04:00
Jeff Escalante 4d647fea42
update to latest nextjs-scripts 2020-04-28 12:53:22 -04:00
Jeff Escalante 17452af412
fix new syntax error 2020-04-28 12:53:22 -04:00
Jeff Escalante b062a9f063
update deps, fixes for agent/options 2020-04-28 12:53:22 -04:00
Jeff Escalante d7edea1f65
add correct bugsnag and segment keys 2020-04-28 12:53:22 -04:00
Jeff Escalante 298332c54e
another redirect fix 2020-04-28 12:53:21 -04:00
Jeff Escalante 428d51d16a
redirect corrections 2020-04-28 12:53:21 -04:00
Jeff Escalante 1a599f22ff
redirect tinkering 2020-04-28 12:53:21 -04:00
Jeff Escalante 598fad31d0
add more redirects 2020-04-28 12:53:20 -04:00
Jeff Escalante 99784c4f24
replace internal .html link extensions 2020-04-28 12:53:20 -04:00
Jeff Escalante 4211f12f38
remove internal /index.html 2020-04-28 12:53:20 -04:00
Jeff Escalante a69778d939
add redirects 2020-04-28 12:53:19 -04:00
Jeff Escalante 8536881aa8
add one-off pages 2020-04-28 12:53:19 -04:00
Jeff Escalante ee102ac06c
remove export trailing slash 2020-04-28 12:53:19 -04:00
Jeff Escalante 8438c2a6a2
redirects port 2020-04-28 12:53:18 -04:00
Jeff Escalante 0fa88294e0
correct favicon 2020-04-28 12:53:18 -04:00
Jeff Escalante bad492ad9e
anchor link fixes across a lot of pages 2020-04-28 12:53:18 -04:00
Jeff Escalante 086073d6fb
docs rendering 2020-04-28 12:53:18 -04:00
Jeff Escalante 957c04eb20
intro and api navigation converted 2020-04-28 12:52:44 -04:00
Jeff Escalante 0d9e72f1dc
initial 2020-04-28 12:52:43 -04:00
Brandon Romano 86490107c9 Update with proper notification 2020-04-28 09:44:37 -07:00
Mike Wickett df0a90039f website: add alert banner 2020-04-28 08:56:21 -04:00
Alvin Huang 66ae2e1e27
netlify CLI outputs "Website Draft URL" now instead of "Live Draft URL" (#7676) 2020-04-20 15:57:34 -04:00
danielehc 11ed4207fc
Adding links to new GS track in learn (#7649)
* Adding links to new GS track in learn
2020-04-16 19:56:31 +02:00
David Yu 8d76671947
Consul on Kubernetes Learn Guide Links (#7642)
* Adding EKS Learn Guide to Docs
2020-04-14 07:53:17 -07:00
danielehc 778ba5310a
docs: Link to compatibility matrix for imageEnvoy (#7387)
* docs: Link to compatibility matrix for imageEnvoy

Added a link to the Envoy supported version in the documentation for `imageEnvoy` parameter.

* Update website/source/docs/platform/k8s/helm.html.md
2020-04-14 14:13:14 +02:00
Andrea Scarpino 2757510e84
docs: document consulPrefix properly (#7603) 2020-04-09 22:02:23 +02:00
danielehc 8174c2c0e7
Adding API version for example call (#7626) 2020-04-09 21:25:22 +02:00
Hans Hasselberg b78220981c
connect: support envoy 1.14.1 (#7624) 2020-04-09 20:58:22 +02:00
Blake Covarrubias a088d12a20 docs: Fix broken link to Nomad Consul Connect guide 2020-04-08 14:59:36 -07:00
Iryna Shustava 1b5cff80f2
docs: Add Helm docs for auto-encrypt and external servers (#7595)
* docs: Add Helm docs for auto-encrypt and external servers
2020-04-07 14:41:16 -07:00
Luke Kysow 812aedce48
Merge pull request #7586 from hashicorp/helm-docs
Document bootstrapACLs deprecation
2020-04-07 14:02:12 -07:00
Matt Keeler 42f02e80c3
Enable filtering language support for the v1/connect/intentions… (#7593)
* Enable filtering language support for the v1/connect/intentions listing API

* Update website for filtering of Intentions

* Update website/source/api/connect/intentions.html.md
2020-04-07 11:48:44 -04:00
Luke Kysow 1cef40b6a4
Update website/source/docs/platform/k8s/helm.html.md
Co-Authored-By: Iryna Shustava <ishustava@users.noreply.github.com>
2020-04-06 09:16:49 -07:00
Jono Sosulska ab14c969cd
Change style to match "join" singular (#7569)
* Change style to match "join" singular

- Replaced "(Consul) cluster" with  "Consul Datacenter"
- Removed "ing" so the feature fits "Consul Auto-join", and that the tense is correct.

Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
2020-04-03 16:04:07 -04:00
David Yu 33b6bfd106
[docs] Built-in Proxies not meant for production (#7579)
* [docs] Built-in Proxies not meant for production

* Adding link to Envoy for Connect

* Update website/source/docs/connect/proxies/built-in.md

Co-Authored-By: Blake Covarrubias <blake@covarrubi.as>

* Revising note

* Update website/source/docs/connect/proxies/built-in.md

period

Co-Authored-By: Hans Hasselberg <me@hans.io>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Hans Hasselberg <me@hans.io>
2020-04-03 11:52:05 -07:00
Luke Kysow b87d92147d
Document bootstrapACLs deprecation 2020-04-02 16:58:55 -07:00
Freddy f5eb6ab539
Fix regression with gateway registration and update docs (#7582) 2020-04-02 12:52:11 -06:00
Daniel Nephin b490790f60
Merge pull request #7427 from hashicorp/dnephin/website-fix-errrors-in-upgrade-docs
docs: fix some errors in upgrade-specific
2020-04-01 11:36:53 -04:00
Daniel Nephin b099bb4b1a
Merge pull request #7465 from hashicorp/dnephin/correct-docs-log-file
docs: Update config reference for log-file
2020-04-01 11:29:20 -04:00
Hans Hasselberg f6de4a0112
docs: revert "docs: fix param for register checks id->checkid (#7393)" (#7565)
This reverts commit ed5202943e43d054e31e958ff0178473974e4015.
2020-04-01 11:49:20 +02:00
Rasmus Mikkelsen 239b60b2ff
docs: fix param for register checks id->checkid (#7393) 2020-04-01 10:59:28 +02:00
Andreas Gruhler e598190ad1
docs: make example code for RedundancyZoneTag match description (#7464) 2020-03-31 22:54:04 +02:00
Geoffrey Grosenbach 4f599893f3
docs: add link to Learn from downloads page (#7534)
Adds a link to Learn from the downloads page as well as a link to the Consul
Template guide.
2020-03-31 22:30:29 +02:00
Jono Sosulska 42998c0eb6
Updated Security Model and FAQ pages (#7528)
* Updated Security Model and FAQ pages
2020-03-30 16:43:26 -04:00
Matt Keeler a8961e37d9
Add docs for v1/acl/policy/name endpoint (#7501) 2020-03-27 10:20:09 -04:00
Cody De Arkland b29170201d
Merge pull request #7495 from hashicorp/3242020-ent-docs-update
updating enterprise documentation with additional clarity
2020-03-26 11:56:56 -07:00
Matt Keeler e873dbe111
Add optional JSON format to the ACL CLI commands output (#7198)
* Add ACL CLI commands output format option.

Add command level formatter, that incapsulates command output printing
logiс that depends on the command `-format` option.
Move Print* functions from acl_helpers to prettyFormatter. Add jsonFormatter.

* Return error code in case of formatting failure.

* Add acl commands -format option to doc.
2020-03-26 13:16:21 -04:00
Freddy f666727607
Exposing paths isn't an upstream configuration (#7515) 2020-03-26 11:15:01 -06:00
Freddy cb55fa3742
Enable CLI to register terminating gateways (#7500)
* Enable CLI to register terminating gateways

* Centralize gateway proxy configuration
2020-03-26 10:20:56 -06:00
Artur Mullakhmetov 6db4996f4c Add acl commands -format option to doc. 2020-03-26 19:05:11 +03:00
Cody De Arkland c9601fefa1 updating enterprise documentation with additional clarity
Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/namespaces/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/backups/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/namespaces/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/network-segments/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/upgrades/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/upgrades/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/network-segments/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/read-scale/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Update website/source/docs/enterprise/redundancy/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

updating capitalization of namespaces
2020-03-24 21:49:47 -07:00
Iryna Shustava 6865d63df1
Add missing Helm docs (#7492) 2020-03-24 16:06:57 -07:00
Daniel Nephin 6eca5357cf docs: Update config reference for log-file 2020-03-19 18:06:46 -04:00
Daniel Nephin 221aaa9651
Merge pull request #7458 from hashicorp/dnephin/small-doc-improvements
website/docs: small doc improvements to CLI reference
2020-03-17 18:35:44 -04:00
Hans Hasselberg 672db9bef6
docs: fix filenames (#7453) 2020-03-17 21:00:45 +01:00
Kim Ngo 9e8eb7896f
agent/xds: Update mesh gateway to use service router timeout (#7444)
* website/connect/proxy/envoy: specify timeout precedence for services behind mesh gateway
2020-03-17 14:50:14 -05:00
Daniel Nephin 02fe105ac0 website/docs: small doc improvements to CLI reference
Small improvements to the join docs.

The help text for `lock` says -try is deprecated and replaced with -timeout.
Update the docs to match.
2020-03-16 17:54:45 -04:00
Hans Hasselberg 90a234d242
docs: update website version (#7456) 2020-03-16 22:03:36 +01:00
Matt Keeler ef944f6c3d
Update namespace docs for some new CLI commands (#7435)
Co-Authored-By: Hans Hasselberg <me@hans.io>
2020-03-16 09:42:39 -04:00
Charlie Jones 0fc91ca047
docs: fix typo in consul-template tutorial (#7454) 2020-03-16 14:04:28 +01:00
Daniel Nephin 44d9ad2e38 docs: fix some errors in upgrade-specific
Fix 2 broken links
    Fix some gramatical errors
2020-03-10 14:20:18 -04:00
Matt Keeler eb44ea335c
Update intention precedence table in the docs (#7421)
* Update intention precedence table in the docs

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2020-03-10 11:49:08 -04:00
Hans Hasselberg f49144fcee
connect: support for envoy 1.13.1 and 1.12.3 (#7380)
* setup new envoy versions for CI
* bump version on the website too.
2020-03-10 11:04:46 +01:00
R.B. Boyer a7fb26f50f
wan federation via mesh gateways (#6884)
This is like a Möbius strip of code due to the fact that low-level components (serf/memberlist) are connected to high-level components (the catalog and mesh-gateways) in a twisty maze of references which make it hard to dive into. With that in mind here's a high level summary of what you'll find in the patch:

There are several distinct chunks of code that are affected:

* new flags and config options for the server

* retry join WAN is slightly different

* retry join code is shared to discover primary mesh gateways from secondary datacenters

* because retry join logic runs in the *agent* and the results of that
  operation for primary mesh gateways are needed in the *server* there are
  some methods like `RefreshPrimaryGatewayFallbackAddresses` that must occur
  at multiple layers of abstraction just to pass the data down to the right
  layer.

* new cache type `FederationStateListMeshGatewaysName` for use in `proxycfg/xds` layers

* the function signature for RPC dialing picked up a new required field (the
  node name of the destination)

* several new RPCs for manipulating a FederationState object:
  `FederationState:{Apply,Get,List,ListMeshGateways}`

* 3 read-only internal APIs for debugging use to invoke those RPCs from curl

* raft and fsm changes to persist these FederationStates

* replication for FederationStates as they are canonically stored in the
  Primary and replicated to the Secondaries.

* a special derivative of anti-entropy that runs in secondaries to snapshot
  their local mesh gateway `CheckServiceNodes` and sync them into their upstream
  FederationState in the primary (this works in conjunction with the
  replication to distribute addresses for all mesh gateways in all DCs to all
  other DCs)

* a "gateway locator" convenience object to make use of this data to choose
  the addresses of gateways to use for any given RPC or gossip operation to a
  remote DC. This gets data from the "retry join" logic in the agent and also
  directly calls into the FSM.

* RPC (`:8300`) on the server sniffs the first byte of a new connection to
  determine if it's actually doing native TLS. If so it checks the ALPN header
  for protocol determination (just like how the existing system uses the
  type-byte marker).

* 2 new kinds of protocols are exclusively decoded via this native TLS
  mechanism: one for ferrying "packet" operations (udp-like) from the gossip
  layer and one for "stream" operations (tcp-like). The packet operations
  re-use sockets (using length-prefixing) to cut down on TLS re-negotiation
  overhead.

* the server instances specially wrap the `memberlist.NetTransport` when running
  with gateway federation enabled (in a `wanfed.Transport`). The general gist is
  that if it tries to dial a node in the SAME datacenter (deduced by looking
  at the suffix of the node name) there is no change. If dialing a DIFFERENT
  datacenter it is wrapped up in a TLS+ALPN blob and sent through some mesh
  gateways to eventually end up in a server's :8300 port.

* a new flag when launching a mesh gateway via `consul connect envoy` to
  indicate that the servers are to be exposed. This sets a special service
  meta when registering the gateway into the catalog.

* `proxycfg/xds` notice this metadata blob to activate additional watches for
  the FederationState objects as well as the location of all of the consul
  servers in that datacenter.

* `xds:` if the extra metadata is in place additional clusters are defined in a
  DC to bulk sink all traffic to another DC's gateways. For the current
  datacenter we listen on a wildcard name (`server.<dc>.consul`) that load
  balances all servers as well as one mini-cluster per node
  (`<node>.server.<dc>.consul`)

* the `consul tls cert create` command got a new flag (`-node`) to help create
  an additional SAN in certs that can be used with this flavor of federation.
2020-03-09 15:59:02 -05:00
Freddy da2639adf5
Update namespace docs for config entries (#7420) 2020-03-09 14:51:21 -06:00
Dane Harrigan 21cb30acc8
Update envoy.html.md.erb (#7394)
Minor typo
2020-03-09 13:58:29 -04:00
Noel Quiles 955f065d70
website:update middleman-hashicorp to 0.3.44 (#7382) 2020-03-09 14:41:58 +01:00
Hans Hasselberg eb8bdc372e
docs: add docs for kv_max_value_size (#7405)
Apart from the added docs, the error messages are similar now and are
pointing to the corresponding options.
Fixes #6708.
2020-03-09 11:13:40 +01:00
Kim Ngo ab8a3b8044
agent/txn_endpoint: configure max txn request length (#7388)
configure max transaction size separately from kv limit
2020-03-05 15:42:37 -06:00
Freddy 9634076894
1.7 upgrade note (#7397)
The Session API in Consul 1.7.0 and 1.7.1 is incompatible with prior versions of Consul.

This PR adds a note to our version-specific upgrade guide to guard against users upgrading before the fix in 1.7.2 is released.
2020-03-05 13:04:04 -07:00
John Cowen 1f1c347f34
docs: Add that `response_headers` also affects the UI (#7376) 2020-03-05 12:06:35 +00:00
Alvin Huang 460b31771b
update envoy doc notes (#7389) 2020-03-04 14:59:30 -05:00
steven jacobs 7ee0ff8743
docs:add documentation for Linode cloud auto-join (#6719)
The go-discover library supports Linode. This adds support for
discovering other Consul agents running on Linode. Consul has supported
this since [66b8c20][1] was merged, so this commit just updates the
documentation to match current features.

[1]: 66b8c20990
2020-02-27 06:51:21 -05:00
Blake Covarrubias 65ae050fcc Update Consul version on website to 1.7.1 2020-02-23 14:04:20 -08:00
Luke Kysow c3f7e7d690
Merge pull request #7207 from hashicorp/namespace-k8s-docs
Docs for consul-k8s namespaces support
2020-02-21 14:05:38 -07:00
Luke Kysow 72f467902c
Docs for Consul namespaces in kube 2020-02-20 14:27:09 -07:00
Jono Sosulska 03f327ce90
Merge pull request #7304 from hashicorp/docs/anti-entropy
Added links to Anti-entropy guide + catalog
2020-02-20 11:16:13 -05:00
Hans Hasselberg 322367d476
tls: support tls 1.3 (#7325) 2020-02-19 23:22:31 +01:00
kaitlincarter-hc 34b812642e
docs: adding new guide for namespaces and service discovery (#6788) 2020-02-18 18:34:21 +01:00
kaitlincarter-hc 0d96039426
docs: setup secure namespaces (#6789)
* Adding new guide for namespaces and ACLs

* Update website/source/docs/guides/secure-namespaces.html.md

Co-Authored-By: Blake Covarrubias <bcovarrubias@hashicorp.com>

Co-authored-by: Hans Hasselberg <me@hans.io>
Co-authored-by: Blake Covarrubias <blake.covarrubias@gmail.com>
2020-02-18 18:33:35 +01:00
Mishin Nickolay 4ced7aa0e4
docs: add note bout change case in config files to specific version upgrade notes (#6870) (#6878) 2020-02-18 14:32:07 +01:00
Tom Downes 2b54237e33
docs: add documentation for enabling reverse DNS lookup with systemd-resolved (#6731)
* Remove trailing whitespace in DNS forwarding guide.
* Add example for enabling reverse lookup of IP addrseses to .consul domain on systemd-resolved platforms
2020-02-18 14:16:12 +01:00
Mr.gao 0a239e49db
docs: update libraries-and-sdks.html.md (#6745)
python-consul maintainer gone, this is my version you want to add to the recommended
2020-02-18 14:08:57 +01:00
Aleksey Stepanenko e84b7904bf
docs: update connection for the openstack provider (#6776)
The option `username` does not work. Need to use user_name with underscore

> Authentication failed: Exactly one of Username and UserID must be provided for password authentication

The option `user_name` works, however, it's need to use `region`, `domain_name` in additional.
2020-02-18 14:06:34 +01:00
jsosulska 738f23c0d1 Added links to Anti-entropy guide + catalog 2020-02-14 09:27:37 -05:00
Hans Hasselberg 0cdc75a6e3
website: put a note on the website re vault with 1.7.0 and 1.6.3 (#7295) 2020-02-13 20:42:36 +01:00
Christoph Puhl 9944096d66
Adjust formula for quorum size (#7286)
Current formula for quorum size does not match numbers in table below.
2020-02-13 15:57:38 +00:00
Hans Hasselberg 0d043f045b
config: increase http_max_conns_per_client default to 200 (#7289) 2020-02-13 16:27:33 +01:00
Hans Hasselberg d1a550c85a
docs: correct envoy versions (#7266) 2020-02-11 23:18:09 +01:00
David Yu 424ed35fd2
Merge pull request #7263 from hashicorp/david-yu-patch-2
1.7.0 Namespaces Learn Guides
2020-02-11 11:56:59 -08:00
Judith Malnick 204ab2fb9a
docs: add f5 guide text (#6493) 2020-02-11 20:39:44 +01:00
Judith Malnick 564de1e536
docs: add splitting guide (#6597)
* add splitting guide, originially adapted from nic's blog and drafted on learn
2020-02-11 20:39:08 +01:00
David Yu 4653c82bf6
1.7.0 Namespaces Learn Guides
Attaching learn guides associated with Namespaces release
2020-02-11 11:31:47 -08:00
Matt Keeler e82b3d8747
Merge branch 'master' of github.com:hashicorp/consul 2020-02-11 11:54:58 -05:00
hashicorp-ci 62ddc1a69d
Release v1.7.0 2020-02-11 15:19:16 +00:00
Nuno Adrego f8c5e2a898
docs: changed the return value from null to empty JSON list, when a session does not exist (#7232) 2020-02-11 11:03:28 +01:00
Nicole Forrester ea2109a60d
website: bump middleman version (#7254) 2020-02-11 10:59:14 +01:00
Blake Covarrubias 1c88dc15ef
docs: document format for TTL values in Consul config (#6693) 2020-02-11 10:47:21 +01:00
kaitlincarter-hc 698aa3e69f
docs: adding note to ACL rules page for intentions. (#6569) 2020-02-11 10:28:48 +01:00
Blake Covarrubias c4fbc030ba Fix broken link to consul-aws guide on Learn 2020-02-10 12:25:54 -08:00
Hans Hasselberg 4ae725cab2
add envoy version 1.12.2 and 1.13.0 to the matrix (#7240)
* add 1.12.2

* add envoy 1.13.0

* Introduce -envoy-version to get 1.10.0 passing.

* update old version and fix consul-exec case

* add envoy_version and fix check

* Update Envoy CLI tests to account for the 1.13 compatibility changes.

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
2020-02-10 14:53:04 -05:00
Matt Keeler cb2664361f
Remove the 1.7.0 beta banner on downloads page (#7253) 2020-02-10 14:20:51 -05:00
Kit Patella d28bc1acbe
rpc: measure blocking queries (#7224)
* agent: measure blocking queries

* agent.rpc: update docs to mention we only record blocking queries

* agent.rpc: make go fmt happy

* agent.rpc: fix non-atomic read and decrement with bitwise xor of uint64 0

* agent.rpc: clarify review question

* agent.rpc: today I learned that one must declare all variables before interacting with goto labels

* Update agent/consul/server.go

agent.rpc: more precise comment on `Server.queriesBlocking`

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/agent/telemetry.html.md

agent.rpc: improve queries_blocking description

Co-Authored-By: Paul Banks <banks@banksco.de>

* agent.rpc: fix some bugs found in review

* add a note about the updated counter behavior to telemetry.md

* docs: add upgrade-specific note on consul.rpc.quer{y,ies_blocking} behavior

Co-authored-by: Paul Banks <banks@banksco.de>
2020-02-10 10:01:15 -08:00
Akshay Ganeshen fd32016ce9
feat: support sending body in HTTP checks (#6602) 2020-02-10 09:27:12 -07:00
danielehc 6b8ca85f6c
Adding upgrade-legacy doc (#7212)
Addresses #7071
2020-02-10 15:43:51 +01:00
Kyle Havlovitz a271152881 Update config entry docs for namespaces 2020-02-07 12:01:04 -08:00
Blake Covarrubias 1c072277ac docs: Indent secretName and secretKey under aclSyncToken
These are sub-parameters under aclSyncToken. Fix indentation so that
they are properly displayed under that top-level key.
2020-02-06 10:40:33 -08:00
Fredrik Hoem Grelland 0a9aadbb48
docs: namespaces has erroneous HCL example (#7228) 2020-02-06 06:33:07 -06:00
Freddy 67e02a0752
Add managed service provider token (#7218)
Stubs for enterprise-only ACL token to be used by managed service providers.
2020-02-04 13:58:56 -07:00
Luke Kysow 6aed66e3af
Helm ref docs for consul-k8s namespaces support 2020-02-03 17:17:48 -07:00
Paschalis Tsilias 1b81cccbf9
Expose Envoy's /stats for statsd agents (#7173)
* Expose Envoy /stats for statsd agents; Add testcases

* Remove merge conflict leftover

* Add support for prefix instead of path; Fix docstring to mirror these changes

* Add new config field to docs; Add testcases to check that /stats/prometheus is exposed as well

* Parametrize matchType (prefix or path) and value

* Update website/source/docs/connect/proxies/envoy.md

Co-Authored-By: Paul Banks <banks@banksco.de>

Co-authored-by: Paul Banks <banks@banksco.de>
2020-02-03 17:19:34 +00:00
Anudeep Reddy 2ce45ae171
[docs] Enabling connect requires server restarts (#6904) 2020-02-03 09:58:12 -06:00
Mohammad Gufran 473ecf57dc
docs: add Flightpath to the list of community tools (#7176) 2020-02-03 13:16:21 +01:00
Stuart Williams d12429ef2b
docs: rate limiting applies to Consul agents in server mode (#6932) 2020-02-03 13:10:47 +01:00
Chris Arcand 705723015d
docs: update available Sentinel imports (#6920) 2020-02-03 11:44:25 +01:00
Michael Hofer ee3b157eda
docs: add missing Autopilot -min-quorum documentation (#7192) 2020-02-03 10:59:53 +01:00
Blake Covarrubias fc496e780e Fix org name in Helm chart's imageEnvoy description
Update the description for the Helm chart's connectInject.imageEnvoy
parameter to reflect the correct organization name for images published by
EnvoyProxy.io.
2020-02-03 01:46:58 -08:00
Alexandru Matei e6e6759b94
docs: add detailed documentation about Health Checking specific service using the gRPC method (#6574) 2020-02-03 10:19:06 +01:00
Anthony Scalisi 3616c94935
docs: fix typos, IDs are UUIDs, /acl/token endpoints manage ACL tokens (#5736) 2020-02-03 09:41:54 +01:00
Hans Hasselberg 50281032e0
Security fixes (#7182)
* Mitigate HTTP/RPC Services Allow Unbounded Resource Usage

Fixes #7159.

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Paul Banks <banks@banksco.de>
2020-01-31 11:19:37 -05:00
Sarah Christoff 67344befc8
[docs] Clarify retry-join (#7078) 2020-01-30 12:52:58 -06:00
Matt Keeler 26bb1584c1
Updates to the Txn API for namespaces (#7172)
* Updates to the Txn API for namespaces

* Update agent/consul/txn_endpoint.go

Co-Authored-By: R.B. Boyer <rb@hashicorp.com>

Co-authored-by: R.B. Boyer <public@richardboyer.net>
2020-01-30 13:12:26 -05:00
Iryna Shustava b8cac0d6e4
docs: clarify that clients and servers need to talk over LAN if outside k8s (#7156) 2020-01-29 19:09:38 -08:00
Iryna Shustava 44b921a780
docs: Clarify the use of kustomize or ship with the Helm chart (#7154) 2020-01-28 22:18:12 -08:00
Chris Piraino 3dd0b59793
Allow users to configure either unstructured or JSON logging (#7130)
* hclog Allow users to choose between unstructured and JSON logging
2020-01-28 17:50:41 -06:00
Iryna Shustava daff8f82dc docs: update ACL perms for the /connect/ca/roots endpoint (#7155) 2020-01-28 20:01:25 +01:00
Blake Covarrubias 091e1ea330 docs: Fix success/passing health check definition
This commit changes the health check example shown for the
success/failures_before_passing option to correctly show that the value
of `checks` is an array of objects, not an object.

Added text clarifying these check parameters are available in Consul
1.7.0 and later.

Expanded the health check to provide a more complete configuration
example.

Resolves #7114.
2020-01-27 12:15:25 -08:00
Matt Keeler 90b9f87160
Add the v1/catalog/node-services/:node endpoint (#7115)
The backing RPC already existed but the endpoint will be useful for other service syncing processes such as consul-k8s as this endpoint can return all services registered with a node regardless of namespacing.
2020-01-24 09:27:25 -05:00
Blake Covarrubias 9d1bb9e8aa Redirect /docs/guides/outage.html to Learn
Resolves: #6953
2020-01-24 00:26:07 -08:00
Alexey Miasoedov b7b4bef33a fix Unix socket path in docs 2020-01-22 09:11:24 -08:00
David Yu 8b473c956f
Merge pull request #7104 from hashicorp/david-yu-patch-4
Small change to TLS connection wording
2020-01-22 08:51:34 -08:00
Kit Ewbank 013dfe109f docs: add Helm chart 'dns.clusterIP' value. (#5845) 2020-01-22 17:32:08 +01:00
Hans Hasselberg e00effa325
agent: setup grpc server with auto_encrypt certs and add -https-port (#7086)
* setup grpc server with TLS config used across consul.
* add -https-port flag
2020-01-22 11:32:17 +01:00
Iryna Shustava 2163f79170
Add docs about rolling out TLS on k8s (#7096)
* Add docs about gradually rolling out TLS on k8s

Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2020-01-21 19:29:55 -08:00
David Yu 54c46ec678
Small change to wording
Removing automatic connection wording for applications for the time being. From @blake 
> They can automatically establish TLS connections without being aware that TLS is happening. They are aware that they’re routed through the Connect proxy, the app has to configure itself to use the local upstream port.
2020-01-21 16:27:43 -08:00
Luke Kysow e2ea3c5965
Merge pull request #6970 from hashicorp/k8s-docs-refactor
Kubernetes docs reorganization
2020-01-18 19:08:26 -06:00
Luke Kysow 520d37fcd5
Reorg kube docs 2020-01-18 19:07:53 -06:00
Hans Hasselberg 315ba7d6ad
connect: check if intermediate cert needs to be renewed. (#6835)
Currently when using the built-in CA provider for Connect, root certificates are valid for 10 years, however secondary DCs get intermediates that are valid for only 1 year. There is no mechanism currently short of rotating the root in the primary that will cause the secondary DCs to renew their intermediates.
This PR adds a check that renews the cert if it is half way through its validity period.

In order to be able to test these changes, a new configuration option was added: IntermediateCertTTL which is set extremely low in the tests.
2020-01-17 23:27:13 +01:00
Hans Hasselberg b6c83e06d5
auto_encrypt: set dns and ip san for k8s and provide configuration (#6944)
* Add CreateCSRWithSAN
* Use CreateCSRWithSAN in auto_encrypt and cache
* Copy DNSNames and IPAddresses to cert
* Verify auto_encrypt.sign returns cert with SAN
* provide configuration options for auto_encrypt dnssan and ipsan
* rename CreateCSRWithSAN to CreateCSR
2020-01-17 23:25:26 +01:00
Matej Urbas d877e091d6 agent: configurable MaxQueryTime and DefaultQueryTime. (#3777) 2020-01-17 14:20:57 +01:00
John Cowen 248ee65f72
docs: Add note about using valid DNS labels for service names (#7035)
Add note about using valid DNS labels for service names
2020-01-15 15:36:17 +00:00
Kit Patella 79fef74772
Small improvements to Connect docs (#6910)
* docs/connect add link to intentions and minor phrasing change

* docs/connect pluralize 'applications'

* Update website/source/docs/connect/connect-internals.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>
2020-01-14 14:59:27 -08:00
Freddy f3ba6a9166
Update force-leave ACL requirement to operator:write (#7033) 2020-01-14 15:40:34 -07:00
Matt Keeler c8294b8595
AuthMethod updates to support alternate namespace logins (#7029) 2020-01-14 10:09:29 -05:00
Matt Keeler baa89c7c65
Intentions ACL enforcement updates (#7028)
* Renamed structs.IntentionWildcard to structs.WildcardSpecifier

* Refactor ACL Config

Get rid of remnants of enterprise only renaming.

Add a WildcardName field for specifying what string should be used to indicate a wildcard.

* Add wildcard support in the ACL package

For read operations they can call anyAllowed to determine if any read access to the given resource would be granted.

For write operations they can call allAllowed to ensure that write access is granted to everything.

* Make v1/agent/connect/authorize namespace aware

* Update intention ACL enforcement

This also changes how intention:read is granted. Before the Intention.List RPC would allow viewing an intention if the token had intention:read on the destination. However Intention.Match allowed viewing if access was allowed for either the source or dest side. Now Intention.List and Intention.Get fall in line with Intention.Matches previous behavior.

Due to this being done a few different places ACL enforcement for a singular intention is now done with the CanRead and CanWrite methods on the intention itself.

* Refactor Intention.Apply to make things easier to follow.
2020-01-13 15:51:40 -05:00
danielehc 71eca6330c
added disclaimer about network segments due to Serf limitations (#7004)
* added disclaimer about network segments due to Serf limitations

using work made at https://github.com/hashicorp/consul/pull/6558 by @thepomeranian

* Lowercasing functionality name

* Update website/source/docs/enterprise/network-segments/index.html.md

Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>

Co-authored-by: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2020-01-09 10:41:31 +01:00
danielehc aca0720a0e
Update docs to point to new learn guide (#7003)
* Changed the link to point to new guide
* Removed querystring from link
2020-01-09 10:26:47 +01:00
DevOps Rob 7a4b055f50 Azure MSI for cloud auto-join (#7000)
* Azure MSI documentation

Adding in note about support for Azure MSI authentication method for Cloud auto-join

* fixing text formatting

fixing text formatting

* missing word

missing word - variable

* Update website/source/docs/agent/cloud-auto-join.html.md

Language change to be specific about where the security risk mitigation is concerned

Co-Authored-By: Jack Pearkes <jackpearkes@gmail.com>

Co-authored-by: Jack Pearkes <jackpearkes@gmail.com>
2020-01-08 20:43:45 -05:00
kaitlincarter-hc dcd8153244
updating the ent docs to mention GCP (#7001) 2020-01-07 13:19:34 -08:00
tehmoon 7fead04f2e docs: Fix extraVolumes mount paths in helm.html.md (#7008) 2020-01-07 12:13:09 -08:00
Rémi Lapeyre 6b4050fdbf docs: fix typo in ACL legacy documentation (#7006) 2020-01-07 14:33:56 +01:00
kaitlincarter-hc 21f1e7a1b4
[docs] Managing ACL Policies (#6573)
* New Acl policy guide

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

* Update website/source/docs/guides/managing-acl-policies.html.md

Co-Authored-By: Paul Banks <banks@banksco.de>

Co-authored-by: Paul Banks <banks@banksco.de>
2020-01-06 15:44:17 -08:00
kaitlincarter-hc ddaf9e0d44
[docs] New Replication Guide (#5823)
* new replication guide

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing list

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing another list

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: R.B. Boyer <public@richardboyer.net>

* fixing formating

* Updating based on feedback.

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Matt Keeler <mkeeler@users.noreply.github.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* updating introduction based on feedback

* Update website/source/docs/guides/acl-replication.md

* updating intro based on feedback

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* updating based on feedback

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Update website/source/docs/guides/acl-replication.md

Co-Authored-By: Judith Malnick <judith@hashicorp.com>

* Additional note about servers

Co-authored-by: R.B. Boyer <public@richardboyer.net>
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Judith Malnick <judith@hashicorp.com>
2020-01-06 15:35:59 -08:00
kaitlincarter-hc c3f6d8e4cd
New Connect guide for new users (#6749) 2020-01-06 15:17:24 -08:00
Blake Covarrubias 532d6d0d18 Move bootstrapACLs under global key in Helm docs
The global.bootstrapACLs key in the Helm chart docs was inadvertently
moved to a top-level key in commit 12e6ef8, which is incorrect.

This commit reverts that error.
2019-12-21 18:47:42 -08:00
Matt Keeler 9ea83a749b
Revert "Remove docs refs to NS inference from ACL token" (#6976)
This reverts commit 3a8426de9c76e7d8dd2728e4ae78bc4e5e18626a.

# Conflicts:
#	command/flags/http.go
#	website/source/api/acl/binding-rules.html.md
#	website/source/api/acl/policies.html.md
#	website/source/api/acl/roles.html.md
#	website/source/api/acl/tokens.html.md
#	website/source/api/kv.html.md
#	website/source/api/session.html.md
#	website/source/docs/commands/_http_api_namespace_options.html.md
2019-12-20 11:52:50 -05:00
Blake Covarrubias befb914cf6 Add 'kind = connect-proxy' to mesh_gateway.html 2019-12-18 15:35:42 -08:00
Hans Hasselberg 1bf94b01e2
log: handle discard all logfiles properly (#6945)
* Handle discard all logfiles properly

Fixes https://github.com/hashicorp/consul/issues/6892.

The [docs](https://www.consul.io/docs/agent/options.html#_log_rotate_max_files) are stating:

> -log-rotate-max-files - to specify the maximum number of older log
> file archives to keep. Defaults to 0 (no files are ever deleted). Set to
> -1 to disable rotation and discard all log files.

But the `-1` case was not implemented and led to a panic when being
used.

Co-Authored-By: Freddy <freddygv@users.noreply.github.com>
2019-12-18 22:31:22 +01:00
Kyle MacDonald f0befc3b7a
website: embed yt videos on intro pages (#6871)
- website: embed yt videos on intro pages
- for /docs/connect
- for /intro
- css to handle iframe responding at smaller viewports
- Update consul connect video with introductory description. Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
- Update consul connect intro with introductory description. Co-Authored-By: kaitlincarter-hc <43049322+kaitlincarter-hc@users.noreply.github.com>
2019-12-18 13:54:39 -05:00
Matt Keeler 5c56aab3be
Change how namespaces are specified for the CLI (#6960) 2019-12-18 11:06:39 -05:00
Blake Covarrubias 1818d55fbb Clarify -retry-join can be provided multiple times
Update -retry-join documentation to explicitly state the option can be
specified multiple times. Add corresponding config example showing
multiple join addresses.
2019-12-17 10:25:14 -08:00
Paul Banks ee100e5d48
Fix formatting and add version info (#6926) 2019-12-13 19:55:48 +00:00
Luke Kysow b7bf7d8ed9
Update Helm docs to match repo 2019-12-13 10:15:58 -08:00
ychuzevi f82e704fa3 docs: Fix documentation for kv store create endpoint (#6940) 2019-12-13 09:12:01 -08:00