Go to file
Michael Zalimeni 4cae008559
Disable remote proxy patching except AWS Lambda (#17415)
To avoid unintended tampering with remote downstreams via service
config, refactor BasicEnvoyExtender and RuntimeConfig to disallow
typical Envoy extensions from being applied to non-local proxies.

Continue to allow this behavior for AWS Lambda and the read-only
Validate builtin extensions.

Addresses CVE-2023-2816.
2023-05-23 11:55:06 +00:00
.changelog Disable remote proxy patching except AWS Lambda (#17415) 2023-05-23 11:55:06 +00:00
.github consul-container test: no splitting and on single runner (#17394) 2023-05-17 14:57:12 -04:00
.release Remove version bump from CRT workflow (#16728) 2023-03-23 11:21:27 -05:00
acl server: wire up in-process Resource Service (#16978) 2023-04-18 10:03:23 +01:00
agent Disable remote proxy patching except AWS Lambda (#17415) 2023-05-23 11:55:06 +00:00
api Disable remote proxy patching except AWS Lambda (#17415) 2023-05-23 11:55:06 +00:00
bench Gets benchmarks running again and does a rough pass for 0.7.1. 2016-11-29 13:02:26 -08:00
build-support proto: clear out old ratelimit.tmp files before making new ones (#17292) 2023-05-11 10:36:41 -05:00
command Add ACLs Enabled field to consul agent startup status message (#17086) 2023-05-16 13:47:02 -05:00
connect Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
docs docs: initial documentation for the new State Store (#17315) 2023-05-15 12:34:36 +01:00
envoyextensions Disable remote proxy patching except AWS Lambda (#17415) 2023-05-23 11:55:06 +00:00
grafana add readme outlining how to edit and publish 2021-01-12 14:47:11 -08:00
internal Add the workload health controller (#17215) 2023-05-19 13:53:29 -04:00
ipaddr Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
lib Controller Supervision (#17016) 2023-04-25 12:52:35 +01:00
logging Controller Supervision (#17016) 2023-04-25 12:52:35 +01:00
proto prototest: fix early return condition in AssertElementsMatch (#17416) 2023-05-22 13:49:50 -05:00
proto-public docs: initial documentation for the new State Store (#17315) 2023-05-15 12:34:36 +01:00
sdk Test: add noCleanup to TestServer stop (#16919) 2023-04-07 20:47:54 -04:00
sentinel Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
service_os Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
snapshot snapshot: some improvments to the snapshot process (#17236) 2023-05-09 15:28:52 -04:00
test xds: generate endpoints directly from API gateway snapshot (#17390) 2023-05-19 18:50:59 +00:00
testrpc Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
tlsutil Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
tools/internal-grpc-proxy Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
troubleshoot Disable remote proxy patching except AWS Lambda (#17415) 2023-05-23 11:55:06 +00:00
types Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
ui ci: remove test-integrations CircleCI workflow (#16928) 2023-04-19 16:19:29 +00:00
version Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
website updates to links in services overview description paragraph (#17406) 2023-05-18 09:51:29 -07:00
.copywrite.hcl Remove UI brand-loader copyright headers as they do not render appropriately (#16835) 2023-03-31 11:29:19 -04:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitattributes Initial commit 2013-11-04 14:15:27 -08:00
.gitignore grpc: `protoc` plugin for generating gRPC rate limit specifications (#15564) 2023-01-04 16:07:02 +00:00
.golangci.yml Sync .golangci.yml from ENT (#17180) 2023-04-28 17:14:37 +00:00
CHANGELOG.md Add changelog entries for Consul 1.13.8 + 1.14.7 (#17399) 2023-05-17 18:28:29 -04:00
Dockerfile Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
GNUmakefile Container test: fix container test slow image build (#17316) 2023-05-11 22:49:49 +00:00
LICENSE [COMPLIANCE] Update MPL-2.0 LICENSE (#14964) 2022-11-09 12:24:14 -06:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md Fixed broken links referring to tutorials running as local agent (#14954) 2022-10-11 13:01:29 -07:00
buf.work.yaml Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
fixup_acl_move.sh Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
go.mod Add new fields to HCP bootstrap config request and push state request 2023-05-12 21:01:56 -06:00
go.sum Add new fields to HCP bootstrap config request and push state request 2023-05-12 21:01:56 -06:00
main.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00

README.md

Consul logo Consul

Docker Pulls Go Report Card

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh - Consul Service Mesh enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections with Transparent Proxy.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website: https://consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.