luxolus/open-consul
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-consul/website/content/docs/connect/config-entries/mesh.mdx
Freddy 401f3010e0
Rename "cluster" config entry to "mesh" (#10127) 
This config entry is being renamed primarily because in k8s the name
cluster could be confusing given that the config entry applies across
federated datacenters.

Additionally, this config entry will only apply to Consul as a service
mesh, so the more generic "cluster" name is not needed.
2021-04-28 16:13:29 -06:00

80 lines
2.2 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: 'Configuration Entry Kind: Mesh'
description: >-
The mesh config entry kind allows for globally defining default
configuration across all services mesh proxies.
Settings in this config entry apply across all namespaces and federated datacenters.
Currently, only one mesh entry is supported.
---
# Mesh <sup>Beta</sup>
-> **v1.10.0+:** This config entry is supported in Consul versions 1.10.0+.
The `mesh` config entry kind allows for globally defining
default configuration that applies to all service mesh proxies.
Settings in this config entry apply across all namespaces and federated datacenters.
## Sample Config Entries
### Proxy traffic to catalog destinations only
<Tabs>
<Tab heading="HCL">
```hcl
Kind = "mesh"
Name = "mesh"
TransparentProxy {
CatalogDestinationsOnly = true
}
```
</Tab>
<Tab heading="HCL (Consul Enterprise)">
**NOTE:** The `mesh` config entry can only be created in the `default`
namespace and it will apply to proxies across **all** namespaces.
```hcl
Kind = "mesh"
Name = "mesh"
Namespace = "default" # Can only be set to "default".
TransparentProxy {
CatalogDestinationsOnly = true
}
```
</Tab>
</Tabs>
## Available Fields
- `Kind` - Must be set to `mesh`
- `Name` `(string: <required>)` - Must be set to `mesh`
- `Namespace` `(string: "default")` <EnterpriseAlert inline /> - Specifies the namespace the config entry will apply to.
Must be set to `default`
- `Meta` `(map<string|string>: nil)` - Specifies arbitrary KV metadata pairs.
- `TransparentProxy` `(TransparentProxyConfig: <optional>)` - Controls configuration specific to proxies in
`transparent` [mode](/docs/connect/config-entries/service-defaults#mode). Added in v1.10.0.
- `CatalogDestinationsOnly` `(bool: false)` - Determines whether sidecar proxies operating in transparent mode can
proxy traffic to IP addresses not registered in Consul's catalog. If enabled, traffic will only be proxied
to upstreams with service registrations in the catalog.
## ACLs
Configuration entries may be protected by [ACLs](/docs/security/acl).
Reading a `mesh` config entry requires no specific privileges.
Creating, updating, or deleting a `mesh` config entry requires
`operator:write`.
Reference in a new issue View git blame Copy permalink