R.B. Boyer
9c5d818546
xds: begin refactor to always pass test snapshots through all xDS types ( #13461 )
2022-06-15 14:58:28 -05:00
Nathan Coleman
521e040356
Add note about expected status for invalid CertificateRef
2022-06-15 15:46:46 -04:00
R.B. Boyer
93611819e2
xds: mesh gateways now have their own leaf certificate when involved in a peering ( #13460 )
...
This is only configured in xDS when a service with an L7 protocol is
exported.
They also load any relevant trust bundles for the peered services to
eventually use for L7 SPIFFE validation during mTLS termination.
2022-06-15 14:36:18 -05:00
Jeff Boruszak
3b85a9dda2
Update website/data/docs-nav-data.json
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:26:54 -05:00
Jeff Boruszak
627173110b
Update website/content/docs/connect/cluster-peering/index.mdx
2022-06-15 14:26:40 -05:00
Jeff Boruszak
1a6eea4fc3
Apply suggestions from code review
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:23:18 -05:00
boruszak
b00262381b
Limitations -> Constraints
2022-06-15 14:21:58 -05:00
Jeff Boruszak
08716c5279
Apply suggestions from code review
...
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-15 14:19:03 -05:00
boruszak
37acf49357
typo fix
2022-06-15 14:08:34 -05:00
boruszak
80f779a528
Switch fronend-service and backend-service
2022-06-15 14:07:56 -05:00
Jeff Boruszak
e8d34bab68
Apply suggestions from code review
2022-06-15 14:04:52 -05:00
Jeff Boruszak
c23ab4259e
Apply suggestions from code review
...
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:01:34 -05:00
Jeff Boruszak
199e9a900a
Apply suggestions from code review
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-06-15 13:56:55 -05:00
boruszak
1c7d51f9d9
peering_token.json addition
2022-06-15 13:55:53 -05:00
Daniel Upton
8d39e1fd7e
docs: instructions for interacting with the private gRPC server locally
2022-06-15 18:26:58 +01:00
Riddhi Shah
414bb7e34e
[OSS] Support merge-central-config option in node services list API ( #13450 )
...
Adds the merge-central-config query param option to the /catalog/node-services/:node-name API,
to get a service definition in the response that is merged with central defaults (proxy-defaults/service-defaults).
Updated the consul connect envoy command to use this option when
retrieving the proxy service details so as to render the bootstrap configuration correctly.
2022-06-15 08:30:31 -07:00
Eric Haberkorn
eb9c341f5e
Lambda Beta Documentation ( #13426 )
...
* Document the `enable_serverless_plugin` Agent Configuration Option (#13372 )
* Initial AWS Lambda documentation (#13245 )
2022-06-15 11:14:16 -04:00
cskh
340a194894
Load test, upgrade packer version, fix k6s installation ( #13382 )
...
- fix sg: need remote access to test server
- Give the load generator a name
- Update loadtest hcl filename in readme
- Add terraform init
- Disable access to the server machine by default
2022-06-15 09:29:38 -04:00
Jared Kirschner
a01acbae1b
Merge pull request #13353 from hashicorp/jkirschner-hashicorp-patch-1
...
docs: show HCP Consul supports CTS enterprise
2022-06-15 00:05:30 -04:00
Jeff Boruszak
caa2dc5bfb
Apply suggestions from code review
...
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:34:21 -05:00
Evan Culver
ca7acd2970
connect: Use Envoy 1.22.2 instead of 1.22.1 ( #13444 )
2022-06-14 15:29:41 -07:00
Jeff Boruszak
687c16b9e0
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
...
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:29:30 -05:00
Jeff Boruszak
9a8235993a
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
2022-06-14 17:28:06 -05:00
Jeff Boruszak
fe0a5491d2
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
...
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:27:03 -05:00
Jeff Boruszak
24409fa40b
Update website/content/docs/connect/cluster-peering/index.mdx
...
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:23:07 -05:00
boruszak
e22171cdbf
Cluster Peering on Kubernetes page creation
2022-06-14 17:15:14 -05:00
boruszak
72b91c3481
Nav.json updates
2022-06-14 17:14:34 -05:00
boruszak
703ce412c7
Removing k8s updates on this branch
2022-06-14 17:12:45 -05:00
boruszak
b9a4ff73ce
Updated nav.json
2022-06-14 17:01:48 -05:00
Freddy
81fff23841
Merge pull request #13445 from hashicorp/peering/finalize-deletions
2022-06-14 15:58:44 -06:00
boruszak
8687f1511e
<CodeBlockConfig> fixes
2022-06-14 16:58:07 -05:00
boruszak
0b60e6b539
Code Block fixes
2022-06-14 16:55:25 -05:00
freddygv
a288d0c388
Avoid deleting peerings marked as terminated.
...
When our peer deletes the peering it is locally marked as terminated.
This termination should kick off deleting all imported data, but should
not delete the peering object itself.
Keeping peerings marked as terminated acts as a signal that the action
took place.
2022-06-14 15:37:09 -06:00
freddygv
a5283e4361
Add leader routine to clean up peerings
...
Once a peering is marked for deletion a new leader routine will now
clean up all imported resources and then the peering itself.
A lot of the logic was grabbed from the namespace/partitions deferred
deletions but with a handful of simplifications:
- The rate limiting is not configurable.
- Deleting imported nodes/services/checks is done by deleting nodes with
the Txn API. The services and checks are deleted as a side-effect.
- There is no "round rate limiter" like with namespaces and partitions.
This is because peerings are purely local, and deleting a peering in
the datacenter does not depend on deleting data from other DCs like
with WAN-federated namespaces. All rate limiting is handled by the
Raft rate limiter.
2022-06-14 15:36:50 -06:00
boruszak
c901667dd4
Cluster Peering on Kubernetes initial draft
2022-06-14 16:33:29 -05:00
Nathan Coleman
a768fb8e80
Indent points specific to xRoute backend references
2022-06-14 17:27:02 -04:00
boruszak
0bffbc429c
Cluster Peering on Kubernetes page creation
2022-06-14 16:15:57 -05:00
Evan Culver
2adb9f7c8a
connect: Update Envoy support matrix to latest patch releases ( #13431 )
2022-06-14 13:19:09 -07:00
Nathan Coleman
ac0be8644a
Add docs for ReferencePolicy as it applies to Gateways
2022-06-14 15:11:28 -04:00
alex
6dbcb1d88e
peering: intentions list test ( #13435 )
2022-06-14 10:59:53 -07:00
Kyle Schochenmaier
df468af991
[docs] update terminating gateway docs for trust store path ( #13432 )
...
* update terminating gateway docs for trust store
* Update website/content/docs/k8s/connect/terminating-gateways.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-14 12:29:33 -05:00
Jeff Boruszak
2e5163dfdc
Fixing double-ticks `
2022-06-14 10:00:22 -05:00
Jeff Boruszak
3097f4d00f
Added nav data
2022-06-13 17:27:11 -05:00
boruszak
0c1b6d77d8
Removing Kubernetes page - will submit separate PR for timing reason
2022-06-13 16:47:47 -05:00
boruszak
ad4712334d
Typo fix
2022-06-13 16:42:29 -05:00
boruszak
00e648ab89
Create and Manage Peering Connections additional fixes
2022-06-13 16:38:44 -05:00
Sarah Alsmiller
0428a2ef99
light restructureing/fixed some copypasta
2022-06-13 16:16:45 -05:00
boruszak
ecdb4cda96
What is Cluster Peering? additional fixes
2022-06-13 16:06:29 -05:00
Sarah Alsmiller
42b840b684
updated referencepolicy to referencegrant, added v0.3.0 upgrade instructions
2022-06-13 16:05:21 -05:00
boruszak
fb573f7801
Create and Manage Peering Connections page
2022-06-13 14:24:02 -05:00