Find a file
Matt Keeler 62c631368d
Connect: Verify the leaf cert to determine its readiness. (#4540)
This improves the checking so that if a certificate were to expire or the roots changed then we will go into a non-ready state.

This parses the x509 certificates from the TLS certificate when the leaf is set. The readyCh will be closed whenever a parseable certificate is set and the ca roots are set. This does not mean that the certificate is valid but that it has been setup and is generally valid. The Ready function will now do x509 certificate verification which will in addition to verifying the signatures with the installed CA roots will also verify the certificate isn't expired or not set to become valid in the future. 

The correct way to use these functions is to wait for the ReadyWait chan to be closed and then periodically check the readiness to determine if the certificate is currently useable.
2018-09-07 10:58:06 -04:00
.github/ISSUE_TEMPLATE github: some minor changes to issue templates (#4521) 2018-08-28 09:07:28 -07:00
acl Rewrite all of acl_test.go 2018-07-24 20:29:34 -04:00
agent Ensure that errors setting up the DNS servers get propagated back to the shell (#4598) 2018-09-07 10:48:29 -04:00
api Implementation of Weights Data structures (#4468) 2018-09-07 15:30:47 +01:00
bench Gets benchmarks running again and does a rough pass for 0.7.1. 2016-11-29 13:02:26 -08:00
build-support Fixed a make build issue with Windows Binaries. (#4538) 2018-08-17 09:31:57 -04:00
command Implementation of Weights Data structures (#4468) 2018-09-07 15:30:47 +01:00
connect Connect: Verify the leaf cert to determine its readiness. (#4540) 2018-09-07 10:58:06 -04:00
demo demo: Added udp port forwarding 2018-05-30 13:56:56 +09:00
ipaddr New config parser, HCL support, multiple bind addrs (#3480) 2017-09-25 11:40:42 -07:00
lib Refactor to use embedded struct. 2018-06-25 12:25:39 -07:00
logger Adds a new command line flag -log-file for file based logging. (#4581) 2018-08-29 16:56:58 -04:00
sentinel Renames stubs to be more consistent. 2017-11-29 18:36:52 -08:00
service_os Changes made : 2018-06-28 21:18:14 -04:00
snapshot Removes timeout when restoring snapshots. 2017-12-13 14:10:54 -08:00
terraform Spelling (#3958) 2018-03-19 16:56:00 +00:00
test Update test certificates that expire this year to be way in the future 2018-05-12 10:15:45 +01:00
testrpc Bugfix: Use "%#v" when formatting structs (#4600) 2018-08-28 12:37:34 -04:00
testutil Fixed message: testutil/server.go:317: missing ... in args forwarded to print-like function 2018-07-10 11:04:25 +02:00
tlsutil 🐛 Formatting changes only; add missing trailing commas 2018-03-15 10:19:46 -07:00
types Removes remoteConsuls in favor of the new router. 2017-03-16 16:42:19 -07:00
ui Remove upgrade banner html from v1 ui 2018-06-22 17:51:43 +01:00
ui-v2 UI: Bugfix. Fix code toggle in Safari (#4608) 2018-08-30 10:02:26 +01:00
vendor Update Raft Vendoring (#4539) 2018-09-06 15:07:42 -04:00
version Putting source back into Dev Mode 2018-07-30 13:54:29 -04:00
watch Fixed flaky watch tests (#4595) 2018-09-04 12:32:59 +01:00
website Ensure that errors setting up the DNS servers get propagated back to the shell (#4598) 2018-09-07 10:48:29 -04:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitattributes Initial commit 2013-11-04 14:15:27 -08:00
.gitignore Update .gitignore - ignore some macos fs event notification stuff 2018-05-24 10:34:23 -04:00
.travis.yml Enable CI on f-envoy feature branch 2018-09-06 15:41:29 +01:00
CHANGELOG.md Update CHANGELOG.md 2018-09-07 10:49:54 -04:00
GNUmakefile Keep same parameters on retry so results can be cached by go test (#4627) 2018-09-04 12:27:39 +01:00
INTERNALS.md Spelling (#3958) 2018-03-19 16:56:00 +00:00
LICENSE Initial commit 2013-11-04 14:15:27 -08:00
main.go Abandon daemonize for simpler solution (preserving history): 2018-06-25 12:24:10 -07:00
main_test.go Adding basic CLI infrastructure 2013-12-19 11:22:08 -08:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md readme: add note about security related issues (#4401) 2018-07-19 12:43:36 -07:00
Vagrantfile Adds a basic Linux Vagrant setup, stolen from Nomad. 2017-10-06 08:10:12 -07:00

Consul Build Status Join the chat at https://gitter.im/hashicorp-consul/Lobby

Consul is a tool for service discovery and configuration. Consul is distributed, highly available, and extremely scalable.

Consul provides several key features:

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Segmentation - Consul Connect enables secure service-to-service communication with automatic TLS encryption and identity-based authorization.

Consul runs on Linux, Mac OS X, FreeBSD, Solaris, and Windows. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

An extensive quick start is viewable on the Consul website:

https://www.consul.io/intro/getting-started/install.html

Documentation

Full, comprehensive documentation is viewable on the Consul website:

https://www.consul.io/docs

Developing Consul

If you wish to work on Consul itself, you'll first need Go installed (version 1.9+ is required). Make sure you have Go properly installed, including setting up your GOPATH.

Next, clone this repository into $GOPATH/src/github.com/hashicorp/consul and then just type make. In a few moments, you'll have a working consul executable:

$ make
...
$ bin/consul
...

Note: make will build all os/architecture combinations. Set the environment variable CONSUL_DEV=1 to build it just for your local machine's os/architecture, or use make dev.

Note: make will also place a copy of the binary in the first part of your $GOPATH.

You can run tests by typing make test. The test suite may fail if over-parallelized, so if you are seeing stochastic failures try GOTEST_FLAGS="-p 2 -parallel 2" make test.

If you make any changes to the code, run make format in order to automatically format the code according to Go standards.

Vendoring

Consul currently uses govendor for vendoring and vendorfmt for formatting vendor.json to a more merge-friendly "one line per package" format.