luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
15,709 Commits 1 Branch 1 Tag 358 MiB
Go 62%
MDX 17.7%
SCSS 11%
JavaScript 4.7%
Handlebars 2%
Other 2.4%
Go to file
Connor b3af482e09
Support Vault Namespaces explicitly in CA config (#11477) 
* Support Vault Namespaces explicitly in CA config

If there is a Namespace entry included in the Vault CA configuration,
set it as the Vault Namespace on the Vault client

Currently the only way to support Vault namespaces in the Consul CA
config is by doing one of the following:
1) Set the VAULT_NAMESPACE environment variable which will be picked up
by the Vault API client
2) Prefix all Vault paths with the namespace

Neither of these are super pleasant. The first requires direct access
and modification to the Consul runtime environment. It's possible and
expected, not super pleasant.

The second requires more indepth knowledge of Vault and how it uses
Namespaces and could be confusing for anyone without that context. It
also infers that it is not supported

* Add changelog

* Remove fmt.Fprint calls

* Make comment clearer

* Add next consul version to website docs

* Add new test for default configuration

* go mod tidy

* Add skip if vault not present

* Tweak changelog text
 		2021-11-05 11:42:28 -05:00
.changelog Support Vault Namespaces explicitly in CA config (#11477) 2021-11-05 11:42:28 -05:00
.circleci connect: Remove support for Envoy 1.16 (#11354) 2021-10-27 18:51:35 -07:00
.github Prevent running build workflows on all PRs (#11469) 2021-11-01 17:29:45 -06:00
.release Update release branch to 1.11.x 2021-10-27 14:14:02 -07:00
acl Rework acl exports interface 2021-10-27 12:50:39 -06:00
agent Support Vault Namespaces explicitly in CA config (#11477) 2021-11-05 11:42:28 -05:00
api add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
bench Gets benchmarks running again and does a rough pass for 0.7.1. 2016-11-29 13:02:26 -08:00
build-support build-support: remove test-flake machinery 2021-10-21 17:16:25 -04:00
command Support Check-And-Set deletion of config entries (#11419) 2021-11-01 16:42:01 +00:00
connect oss portion of ent #1069 (#10883) 2021-08-20 12:57:45 -04:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
demo demo: Added udp port forwarding 2018-05-30 13:56:56 +09:00
docs Move contributing to docs 2021-08-30 16:17:09 -04:00
grafana add readme outlining how to edit and publish 2021-01-12 14:47:11 -08:00
internal sso/oidc: add support for acr_values request parameter (#11026) 2021-09-17 09:10:05 -07:00
ipaddr Ensure Consul is IPv6 compliant (#5468) 2019-06-04 10:02:38 -04:00
lib lib/decode: fix hook to work with embedded squash struct 2021-09-22 13:22:16 -04:00
logging sync changes to oss files made in enterprise (#10670) 2021-07-22 13:58:08 -05:00
proto fix protos 2021-10-05 00:41:27 -04:00
sdk add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
sentinel Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
service_os Changes made : 2018-06-28 21:18:14 -04:00
snapshot testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
terraform terraform: remove modules in repo (#5085) 2019-04-04 16:31:43 -07:00
test regenerate expired certs (#11462) 2021-11-01 11:40:16 -04:00
testrpc Support Check-And-Set deletion of config entries (#11419) 2021-11-01 16:42:01 +00:00
tlsutil regenerate expired certs (#11462) 2021-11-01 11:40:16 -04:00
types Move RPC router from Client/Server and into BaseDeps (#8559) 2020-08-27 11:23:52 -04:00
ui ui: Only show partition / partition selector if enabled (#11484) 2021-11-04 12:14:43 +00:00
version Putting source back into Dev Mode 2021-09-22 10:09:18 -05:00
website Support Vault Namespaces explicitly in CA config (#11477) 2021-11-05 11:42:28 -05:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitattributes Initial commit 2013-11-04 14:15:27 -08:00
.gitignore website: remove netlify artifacts and port missing redirects over to new format (#9601) 2021-01-21 10:16:17 -05:00
.golangci.yml xds: remove deprecated usages of xDS (#9602) 2021-02-22 15:00:15 -06:00
CHANGELOG.md Fixing SOA record to use alt domain when alt domain in use (#10431) 2021-10-05 10:47:27 -04:00
Dockerfile PR fixes 2021-10-28 22:22:38 -07:00
GNUmakefile build-support: remove test-flake machinery 2021-10-21 17:16:25 -04:00
INTERNALS.md Move contributing to docs 2021-08-30 16:17:09 -04:00
LICENSE Initial commit 2013-11-04 14:15:27 -08:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md docs: Call out the UI in README and include details for contributing to it (#11187) 2021-09-30 13:34:28 +01:00
Vagrantfile Adds a basic Linux Vagrant setup, stolen from Nomad. 2017-10-06 08:10:12 -07:00
codecov.yml Update all the references in CI and makefile to the bindata file location 2020-10-01 16:19:10 +01:00
go.mod Support Vault Namespaces explicitly in CA config (#11477) 2021-11-05 11:42:28 -05:00
go.sum use *telemetry.MetricsPrefix as prometheus.PrometheusOpts.Name (#11290) 2021-10-21 13:33:01 -07:00
main.go cmd: introduce a shim to expose Stdout/Stderr writers 2021-06-02 16:51:34 -04:00
main_test.go Adding basic CLI infrastructure 2013-12-19 11:22:08 -08:00
package-lock.json Add Algolia indexing to CI 2020-06-29 12:14:43 -04:00

README.md

Consul CircleCI Discuss

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh/Service Segmentation - Consul Connect enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections without being aware of Connect at all.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website:

https://www.consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.