status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #8631 from hashicorp/update-docs 

Update useSystemRoots docs for k8s
This commit is contained in:
Luke Kysow 2020-09-08 13:21:49 -07:00 committed by GitHub
parent d17a9577f8 8595fef2be
commit 0cd2a22823
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
website/data/docs-navigation.js
View File

@ -94,7 +94,6 @@ export default [
{ {
category: 'installation', category: 'installation',
content: [ content: [
'helm',
{ {
category: 'platforms', category: 'platforms',
name: 'Platform Guides', name: 'Platform Guides',
@ -151,6 +150,7 @@ export default [
'ambassador', 'ambassador',
'upgrade', 'upgrade',
'uninstall', 'uninstall',
'helm',
], ],
}, },
{ {

13
website/pages/docs/k8s/installation/helm.mdx → website/pages/docs/k8s/helm.mdx
View File

@ -1,7 +1,7 @@
--- ---
layout: docs layout: docs
page_title: Install with Helm Chart page_title: Helm Chart Reference
sidebar_title: Install with Helm Chart sidebar_title: Helm Chart Reference
description: Reference for the Consul Helm chart. description: Reference for the Consul Helm chart.
--- ---
@ -386,8 +386,13 @@ and consider if they're appropriate for your deployment.
- `tlsServerName` ((#v-externalservers-tlsservername)) (`string: null`) - The server name to use as the SNI host header when connecting with HTTPS. - `tlsServerName` ((#v-externalservers-tlsservername)) (`string: null`) - The server name to use as the SNI host header when connecting with HTTPS.
- `useSystemRoots` ((#v-externalservers-usesystemroots)) (`boolean: false`) - If true, the Helm chart will ignore the CA set in `global.tls.caCert` - `useSystemRoots` ((#v-externalservers-usesystemroots)) (`boolean: false`) - If true, consul-k8s components will ignore the CA set in
and will rely on the container's system CAs for TLS verification when talking to Consul servers. Otherwise, the chart will use `global.tls.caCert`. [`global.tls.caCert`](#v-global-cacert) when making HTTPS calls to Consul servers and
will instead use the consul-k8s image's system CAs for TLS verification.
If false, consul-k8s components will use `global.tls.caCert` when
making HTTPS calls to Consul servers.
**NOTE:** This does not affect Consul's internal RPC communication which will
always use `global.tls.caCert`.
- `k8sAuthMethodHost` ((#v-externalservers-k8sauthmethodhost)) (`string: null`) - If you are setting `global.acls.manageSystemACLs` and - `k8sAuthMethodHost` ((#v-externalservers-k8sauthmethodhost)) (`string: null`) - If you are setting `global.acls.manageSystemACLs` and
`connectInject.enabled` to true, set `k8sAuthMethodHost` to the address of the Kubernetes API server. `connectInject.enabled` to true, set `k8sAuthMethodHost` to the address of the Kubernetes API server.