Go to file
Mark Anderson aa29324a24
Avoid using sys/mounts to enable namespaces (#12655)
* Avoid doing list of /sys/mounts

From an internal ticket "Support standard "Vault namespace in the path" semantics for Connect Vault CA Provider"

Vault allows the namespace to be specified as a prefix in the path of
a PKI definition, but this doesn't currently work for
```IntermediatePKIPath``` specifications, because we attempt to list
all of the paths to check if ours is already defined. This doesn't
really work in a namespaced world.

This changes the IntermediatePKIPath code to follow the same pattern
as the root key, where we directly get the key rather than listing.

This code is difficult to write automated tests for because it relies
on features of Vault Enterprise, which isn't currently part of our
test framework, so it was tested manually.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

* add changelog

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-31 23:35:38 -07:00
.changelog Avoid using sys/mounts to enable namespaces (#12655) 2022-03-31 23:35:38 -07:00
.circleci build: auto install correct version of protoc locally (#12651) 2022-03-30 10:08:17 -05:00
.github Add example of goimports -local 2022-03-28 10:20:50 -04:00
.release [RelAPI Onboarding] Add release API metadata file (#12591) 2022-03-28 13:45:53 -07:00
acl Fixups for error messages from ACL Errors (#12620) 2022-03-25 12:34:59 -07:00
agent Avoid using sys/mounts to enable namespaces (#12655) 2022-03-31 23:35:38 -07:00
api Add expanded token read flag and endpoint option 2022-03-31 10:49:49 -07:00
bench Gets benchmarks running again and does a rough pass for 0.7.1. 2016-11-29 13:02:26 -08:00
build-support build: run mog separately after the protobufs are generated (#12665) 2022-03-31 13:49:42 -05:00
command Merge pull request #12670 from hashicorp/token-read-expanded 2022-03-31 12:24:11 -07:00
connect Bump go-control-plane 2022-03-30 13:11:27 -04:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
docs Restructure gRPC server setup (#12586) 2022-03-22 12:40:24 +00:00
grafana add readme outlining how to edit and publish 2021-01-12 14:47:11 -08:00
internal Add IAM Auth Method (#12583) 2022-03-31 10:18:48 -05:00
ipaddr Ensure Consul is IPv6 compliant (#5468) 2019-06-04 10:02:38 -04:00
lib auto-reload configuration when config files change (#12329) 2022-03-31 15:11:49 -04:00
logging bulk rewrite using this script 2022-01-20 10:46:23 -06:00
proto Bump go-control-plane 2022-03-30 13:11:27 -04:00
sdk raft: update to v1.3.5 (#12325) 2022-02-14 13:48:52 -06:00
sentinel re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
service_os re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
snapshot Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311) 2022-02-14 09:45:45 -08:00
terraform terraform: remove modules in repo (#5085) 2019-04-04 16:31:43 -07:00
test connect: Update supported Envoy versions to include 1.19.3 and 1.18.6 2022-02-24 16:59:33 -08:00
testrpc ca: remove unused provider.ActiveRoot call 2022-01-06 16:56:48 -05:00
tlsutil agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
types agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
ui ui: Tile CSS component (#12570) 2022-03-23 10:34:26 +00:00
version update main to reflect it is v1.12.0-dev (#12157) 2022-01-21 15:03:11 -06:00
website Add doc examples for expanded token read CLI and API 2022-03-31 15:03:41 -07:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitattributes Initial commit 2013-11-04 14:15:27 -08:00
.gitignore build: auto install correct version of protoc locally (#12651) 2022-03-30 10:08:17 -05:00
.golangci.yml ci: Add explanation in forbidigo (#12140) 2022-01-20 13:07:10 -05:00
CHANGELOG.md Revert "[Docs] Agent configuration hierarchy " 2022-03-15 16:13:58 -07:00
Dockerfile Update docker image base to alpine:3.15 (#12276) 2022-02-04 13:56:39 -08:00
GNUmakefile build: run mog separately after the protobufs are generated (#12665) 2022-03-31 13:49:42 -05:00
INTERNALS.md Move contributing to docs 2021-08-30 16:17:09 -04:00
LICENSE Initial commit 2013-11-04 14:15:27 -08:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md Adjust README header to work in light and dark modes 2022-02-07 16:46:46 -08:00
Vagrantfile Adds a basic Linux Vagrant setup, stolen from Nomad. 2017-10-06 08:10:12 -07:00
codecov.yml Update all the references in CI and makefile to the bindata file location 2020-10-01 16:19:10 +01:00
go.mod Add IAM Auth Method (#12583) 2022-03-31 10:18:48 -05:00
go.sum Bump go-control-plane 2022-03-30 13:11:27 -04:00
main.go cmd: introduce a shim to expose Stdout/Stderr writers 2021-06-02 16:51:34 -04:00
main_test.go Adding basic CLI infrastructure 2013-12-19 11:22:08 -08:00
package-lock.json Adding UI screenshots to L7 overview 2022-01-10 14:34:00 -05:00

README.md

Consul logo Consul

Docker Pulls Go Report Card

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh/Service Segmentation - Consul Connect enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections without being aware of Connect at all.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website:

https://www.consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.