Commit Graph

19291 Commits

Author SHA1 Message Date
Jeff Boruszak fb8b3d63b2
docs: Dataplane performance impact (#15566)
* New image + performance considerations

* Image related updates

* Update website/content/docs/connect/dataplane/index.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

Co-authored-by: David Yu <dyu@hashicorp.com>
2022-11-28 14:33:22 -06:00
Dan Stough c696516e11
chore(ci): update backport-assistant to use gh automerge (#14839) 2022-11-28 13:21:04 -05:00
Dan Stough 4795de72f5
[OSS] chore(ci): add auto-approve workflow for consul bot (#15533) 2022-11-28 12:29:46 -05:00
Jared Kirschner 0d23452578
docs: add peering control plane diagrams (#15498) 2022-11-26 09:37:56 -05:00
Chris S. Kim 450c8b9eff
[OSS] Add boilerplate for proto files implementing BlockableQuery (#15554) 2022-11-25 15:46:56 -05:00
Nitya Dhanushkodi e72dd6254a
update docs with mesh and proxydefaults config (#15526) 2022-11-24 10:02:47 -08:00
Chris S. Kim 4ad4cb1183
Use backport-compatible assertion (#15546)
* Use backport-compatible assertion

* Add workaround for broken apt-get
2022-11-24 11:44:20 -05:00
Chris S. Kim d146a3d542
Use rpcHoldTimeout to calculate blocking timeout (#15541)
Adds buffer to clients so that servers have time to respond to blocking queries.
2022-11-24 10:13:02 -05:00
Chris Thain 650d4b45fb
Snapshot agent docs updates (#15504) 2022-11-22 06:13:13 -08:00
Chris Thain f9b85cbee6
Add changelog for snapshot agent updates (#15516) 2022-11-22 06:11:46 -08:00
Tu Nguyen 245a1e471d
fix typo in cluster peering docs (#15519) 2022-11-21 13:51:40 -08:00
Jared Kirschner 68f74a197c
docs: add retry_max agent config option (#15487) 2022-11-21 16:16:56 -05:00
Derek Menteer 8c3d314c6c
Add 1.14.1 release updates. (#15514)
Add post-release changes for 1.14.1 updates.
2022-11-21 13:35:30 -06:00
Jeff Boruszak de9213a10b
ServerExternalAddresses parameter clarification (#15506) 2022-11-21 11:51:09 -06:00
Dan Stough 141f6c7591
docs: revert peering API changes (#15505) 2022-11-21 12:45:51 -05:00
Derek Menteer 519a2ae563
Add -grpc-ca-file and -grpc-ca-path CLI info on upgrade notes. (#15500)
* Add -grpc-ca-file and -grpc-ca-path CLI info on upgrade notes.
2022-11-21 09:41:29 -06:00
Jared Kirschner b97acfb107
Support RFC 2782 for prepared query DNS lookups (#14465)
Format:
	_<query id or name>._tcp.query[.<datacenter>].<domain>
2022-11-20 17:21:24 -05:00
Jared Kirschner fb46ae870c
docs: remove unnecessary ent label (#15081) 2022-11-19 08:53:52 -05:00
Jared Kirschner 9224ab9b35
docs: clarify TLS cipher suite config (#15203) 2022-11-19 08:53:27 -05:00
David Yu 6e82262611
docs: formatting release notes (#15484) 2022-11-18 19:50:09 -08:00
David Yu 14aa1a30fb
docs: Core 1.14 and K8s 1.0 release notes (#15416)
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-11-18 18:40:54 -08:00
Jared Kirschner 475f86adbd
docs: clarify -retry-max (#15477) 2022-11-18 18:51:28 -05:00
Dan Stough 62023c7062
docs(peering): peering GA ACL updates (#15366)
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-11-18 17:39:41 -05:00
Derek Menteer 25376f5f06
Add Consul 1.14.0 known issue. (#15469)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2022-11-18 14:59:57 -07:00
Derek Menteer 3d82afcb01
Fix issue with connect Envoy choosing incorrect TLS settings. (#15466)
This commit fixes a situation where the API TLS configuration
incorrectly influences the GRPC port TLS configuration for XDS.
2022-11-18 14:36:20 -06:00
Jared Kirschner 64b8982261
docs: include upgrade path to 1.14 (#15463) 2022-11-18 09:56:41 -08:00
Iryna Shustava 57a2c201fa
docs: remaining agentless docs updates (#15455)
* Update servers-outside-kubernetes.mdx

* Update single-dc-multi-k8s.mdx

* update Vault data integration for snapshot agent

* update k8s health checks page

* remove all instances of controller.enabled in helm values examples

* API Gateway update

* Apply suggestions from code review

Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>

* Apply suggestions from code review

* Apply suggestions from code review

* Cleaner diagram

* added change around clients to workloads

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-11-18 11:33:02 -06:00
Derek Menteer d71f071bec
Fix SDK to support older versions of Consul. (#15423)
This change was necessary, because the configuration was always
generated with a gRPC TLS port, which did not exist in Consul 1.13,
and would result in the server failing to launch with an error.

This code checks the version of Consul and conditionally adds the
gRPC TLS port, only if the version number is greater than 1.14.
2022-11-18 10:32:01 -06:00
trujillo-adam ec112f0d3c
Update docs for the release of Consul API Gateway v0.5 (#15015)
* added usage folder to organize use case docs for CAPIgw

* Add peer field to MeshService configuration page

* Add first pass at guide for routing to peered services

* Add exception to same-datacenter restriction for referenced Consul service

* Add example HTTPRoute referencing the MeshService as backendRef

* Add example ServiceResolver

* Add note about current ServiceResolver requirement

ServiceResolver may eventually be created implicitly by the API gateway controller, but that decision is pending.

* tweaks to the usage page for routing to peered services

* tweaks to the  description in the  configuration reference

* resolved TO-DOs from previous iteration

* Remove datacenter federation from limited support matrix

* added tolerations doc

* Remove note excluding k8s 1.24 since we now support it

* Reorder sections to maintain alphabetical sort

* Add example configuration for MeshService resource

* Adjust wording + indentation of other docs

* Use consistent "example-" prefix for resource names in example code

* reframed the tolerations documentation; STILL A WIP

* add helm chart documentation

* removed tolerations from gwcconfig configuration model reference

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* update version to 0.5.0

* Update install.mdx

* added release notes for v.0.5.x

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2022-11-17 15:42:25 -08:00
David Yu 9d9526a108
docs: Update admin-partitions.mdx (#15428)
* Update admin-partitions.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-11-17 15:12:32 -08:00
Jeff Boruszak de543f1aee
docs: Consul Dataplane updates for v.1.14.0 (#15384)
* Consul Architecture update

* Consul on Kubernetes architecture

* Install Consul on Kubernetes with Helm updates

* Vault as the Secrets Backend Data Integration

* Kubernetes Service Mesh Overview

* Terminating Gateways

* Fully updated

* Join external service to k8s

* Consul on Kubernetes

* Configure metrics for Consul on Kubernetes

* Service Sync for Consul on Kubernetes

* Custom Resource Definitions for Consul on k8s

* Upgrading Consul on Kubernetes Components

* Rolling Updates to TLS

* Dataplanes diagram

* Upgrade instructions

* k8s architecture page updates

* Update website/content/docs/k8s/connect/observability/metrics.mdx

Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>

* Update website/content/docs/architecture/index.mdx

* Update website/content/docs/k8s/connect/terminating-gateways.mdx

* CRDs

* updating version numbers

* Updated example config

* Image clean up

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/k8s/architecture.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-17 17:04:29 -06:00
Derek Menteer 5c9bf9cd4b
Improve language on 1.14 upgrade instructions. (#15412) 2022-11-17 16:28:47 -06:00
Nitya Dhanushkodi 4fdc50b034
generate helm docs (#15443) 2022-11-17 14:26:14 -08:00
Matt Keeler 405c2dfd5f
Update licensing docs to account for virtual agents. (#15398)
* Update licensing docs to account for virtual agents.

* Update website/content/docs/enterprise/license/overview.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-17 13:58:07 -08:00
Paul Glass 74aae08dbc
docs: Include env vars in consul-dataplane reference (#15369)
* docs: Include env vars in consul-dataplane reference
* docs: Consul Dataplane bundles Envoy 1.24
* docs: Consul Dataplane is no longer beta
2022-11-17 15:56:41 -06:00
David Yu 58935ce7ca
docs: Consul K8s 1.0/Consul 1.14 GA Compat Matrix change (#15400)
* docs: 1.0 GA Compat Matrix change
2022-11-17 13:42:06 -08:00
Alexander Scheel 8ef3fe3812
Detect Vault 1.11+ import, update default issuer (#15253)
Consul used to rely on implicit issuer selection when calling Vault endpoints to issue new CSRs. Vault 1.11+ changed that behavior, which caused Consul to check the wrong (previous) issuer when renewing its Intermediate CA. This patch allows Consul to explicitly set a default issuer when it detects that the response from Vault is 1.11+.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
2022-11-17 16:29:49 -05:00
Tu Nguyen 3744102232
Update guidance for vault PKI CA provider (#15422)
* Update guidance for vault PKI CA provider

* clarify workarounds if already using vault 1.11+

* Update website/content/docs/connect/ca/vault.mdx

* Update website/content/docs/k8s/connect/connect-ca-provider.mdx

* Update website/content/docs/k8s/deployment-configurations/vault/data-integration/connect-ca.mdx

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* add suggestion from Matt

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-11-17 08:51:43 -08:00
Dan Stough 9f90e80795
docs(peering): update k8s docs for GA (#15417)
* docs(peering): update k8s docs for GA

* fix code formatting and typo
2022-11-17 08:25:32 -08:00
Michael Schurter 2dea269a25
docs: add nomad incompatibility to 1.14 docs (#15397)
docs: add nomad incompatibility to 1.14 docs
2022-11-16 16:45:58 -06:00
cskh 248aef38cc
fix: clarifying error message when acquiring a lock in remote dc (#15394)
* fix: clarifying error message when acquiring a lock in remote dc

* Update website/content/commands/lock.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-16 15:27:37 -05:00
Derek Menteer ff86e305be
Include addresses.grpc_tls in upgrade docs. (#15408) 2022-11-16 14:10:29 -06:00
cskh 071884bca6
docs: make the h1 title consistent with the page_title (#15396) 2022-11-16 14:40:52 -05:00
Derek Menteer fdc0db7c28
Fix issue with formatting in upgrade notes. (#15395) 2022-11-16 13:38:09 -06:00
Nitya Dhanushkodi e8e018d600
update compatibility matrix (#15389) 2022-11-15 22:07:37 -08:00
cskh 4e95a4c8ac
integ-test: remove unnecessary step since connection is already via mgw (#15381) 2022-11-15 15:26:40 -05:00
Derek Menteer 1f21364f7c
Consul 1.14 post-release updates (#15382)
* Update changelog with 1.14 notes.

* gomod version bumps for 1.14 release.
2022-11-15 14:22:43 -06:00
Dan Stough 408b141134
chore(ci): exempt backport docs and ui from go tests (#14223) 2022-11-15 11:39:51 -05:00
cskh 5fe7604cf6
docs: minor clarifiation to mesh gateway (#15373)
* doc: minor clarifiation to mesh gateway

* update h1 title of mgw for wan fed control plan traffic
2022-11-15 11:00:58 -05:00
Kyle Havlovitz f5c5d2f5c6
auto-config: relax node name validation for JWT authorization (#15370)
* auto-config: relax node name validation for JWT authorization

This changes the JWT authorization logic to allow all non-whitespace,
non-quote characters when validating node names. Consul had previously
allowed these characters in node names, until this validation was added
to fix a security vulnerability with whitespace/quotes being passed to
the `bexpr` library. This unintentionally broke node names with
characters like `.` which aren't related to this vulnerability.

* Update website/content/docs/agent/config/cli-flags.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-14 18:24:40 -06:00