Go to file
Matt Keeler 19d71c6eb4
Add ECS option to EDNS responses where appropriate (#4647)
This implements parts of RFC 7871 where Consul is acting as an authoritative name server (or forwarding resolver when recursors are configured)

If ECS opt is present in the request we will mirror it back and return a response with a scope of 0 (global) or with the same prefix length as the request (indicating its valid specifically for that subnet).

We only mirror the prefix-length (non-global) for prepared queries as those could potentially use nearness checks that could be affected by the subnet. In the future we could get more sophisticated with determining the scope bits and allow for better caching of prepared queries that don’t rely on nearness checks.

The other thing this does not do is implement the part of the ECS RFC related to originating ECS headers when acting as a intermediate DNS server (forwarding resolver). That would take a quite a bit more effort and in general provide very little value. Consul will currently forward the ECS headers between recursors and the clients transparently, we just don't originate them for non-ECS clients to get potentially more accurate "location aware" results.
2018-09-11 09:37:46 -04:00
.github/ISSUE_TEMPLATE github: some minor changes to issue templates (#4521) 2018-08-28 09:07:28 -07:00
acl Rewrite all of acl_test.go 2018-07-24 20:29:34 -04:00
agent Add ECS option to EDNS responses where appropriate (#4647) 2018-09-11 09:37:46 -04:00
api Fix unstable tests in agent, api, and command/watch 2018-09-10 16:58:53 +01:00
bench
build-support Detect correct GOOS/ARCH for copying binary with build_consul_local 2018-09-10 10:25:15 -07:00
command Fix unstable tests in agent, api, and command/watch 2018-09-10 16:58:53 +01:00
connect Connect: Verify the leaf cert to determine its readiness. (#4540) 2018-09-07 10:58:06 -04:00
demo demo: Added udp port forwarding 2018-05-30 13:56:56 +09:00
ipaddr
lib Refactor to use embedded struct. 2018-06-25 12:25:39 -07:00
logger Adds a new command line flag -log-file for file based logging. (#4581) 2018-08-29 16:56:58 -04:00
sentinel
service_os Changes made : 2018-06-28 21:18:14 -04:00
snapshot
terraform Spelling (#3958) 2018-03-19 16:56:00 +00:00
test Update test certificates that expire this year to be way in the future 2018-05-12 10:15:45 +01:00
testrpc Bugfix: Use "%#v" when formatting structs (#4600) 2018-08-28 12:37:34 -04:00
testutil Fixed message: testutil/server.go:317: missing ... in args forwarded to print-like function 2018-07-10 11:04:25 +02:00
tlsutil 🐛 Formatting changes only; add missing trailing commas 2018-03-15 10:19:46 -07:00
types
ui Remove upgrade banner html from v1 ui 2018-06-22 17:51:43 +01:00
ui-v2 UI: Bugfix. Fix code toggle in Safari (#4608) 2018-08-30 10:02:26 +01:00
vendor Update Raft Vendoring (#4539) 2018-09-06 15:07:42 -04:00
version Putting source back into Dev Mode 2018-07-30 13:54:29 -04:00
watch Fixed flaky watch tests (#4595) 2018-09-04 12:32:59 +01:00
website Ensure that errors setting up the DNS servers get propagated back to the shell (#4598) 2018-09-07 10:48:29 -04:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitattributes
.gitignore Update .gitignore - ignore some macos fs event notification stuff 2018-05-24 10:34:23 -04:00
.travis.yml Enable CI on f-envoy feature branch 2018-09-06 15:41:29 +01:00
CHANGELOG.md Update CHANGELOG.md 2018-09-07 10:59:15 -04:00
GNUmakefile Add script and makefile goal to help debug flaky tests 2018-09-10 16:44:07 +01:00
INTERNALS.md Spelling (#3958) 2018-03-19 16:56:00 +00:00
LICENSE
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md readme: add note about security related issues (#4401) 2018-07-19 12:43:36 -07:00
Vagrantfile
main.go Abandon daemonize for simpler solution (preserving history): 2018-06-25 12:24:10 -07:00
main_test.go

README.md

Consul Build Status Join the chat at https://gitter.im/hashicorp-consul/Lobby

Consul is a tool for service discovery and configuration. Consul is distributed, highly available, and extremely scalable.

Consul provides several key features:

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Segmentation - Consul Connect enables secure service-to-service communication with automatic TLS encryption and identity-based authorization.

Consul runs on Linux, Mac OS X, FreeBSD, Solaris, and Windows. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

An extensive quick start is viewable on the Consul website:

https://www.consul.io/intro/getting-started/install.html

Documentation

Full, comprehensive documentation is viewable on the Consul website:

https://www.consul.io/docs

Developing Consul

If you wish to work on Consul itself, you'll first need Go installed (version 1.9+ is required). Make sure you have Go properly installed, including setting up your GOPATH.

Next, clone this repository into $GOPATH/src/github.com/hashicorp/consul and then just type make. In a few moments, you'll have a working consul executable:

$ make
...
$ bin/consul
...

Note: make will build all os/architecture combinations. Set the environment variable CONSUL_DEV=1 to build it just for your local machine's os/architecture, or use make dev.

Note: make will also place a copy of the binary in the first part of your $GOPATH.

You can run tests by typing make test. The test suite may fail if over-parallelized, so if you are seeing stochastic failures try GOTEST_FLAGS="-p 2 -parallel 2" make test.

If you make any changes to the code, run make format in order to automatically format the code according to Go standards.

Vendoring

Consul currently uses govendor for vendoring and vendorfmt for formatting vendor.json to a more merge-friendly "one line per package" format.