mirror of https://github.com/status-im/consul.git
Updates docs for CRDs (#14267)
Co-authored-by: NicoletaPopoviciu <nicoleta@hashicorp.com>
This commit is contained in:
parent
cb1043d8ac
commit
24a3975494
|
@ -991,14 +991,12 @@ You can specify the following parameters to configure ingress gateway configurat
|
|||
},
|
||||
{
|
||||
name: 'TLSMinVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description:
|
||||
"Set the default minimum TLS version supported for the gateway's listeners. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.",
|
||||
},
|
||||
{
|
||||
name: 'TLSMaxVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description: {
|
||||
hcl:
|
||||
|
@ -1009,7 +1007,6 @@ You can specify the following parameters to configure ingress gateway configurat
|
|||
},
|
||||
{
|
||||
name: 'CipherSuites',
|
||||
yaml: false,
|
||||
type: 'array<string>: <optional>',
|
||||
description: `Set the default list of TLS cipher suites for the gateway's
|
||||
listeners to support when negotiating connections using
|
||||
|
@ -1179,21 +1176,18 @@ You can specify the following parameters to configure ingress gateway configurat
|
|||
},
|
||||
{
|
||||
name: 'TLSMinVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description:
|
||||
'Set the minimum TLS version supported for this listener. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.',
|
||||
},
|
||||
{
|
||||
name: 'TLSMaxVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description:
|
||||
'Set the maximum TLS version supported for this listener. Must be greater than or equal to `TLSMinVersion`. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`.',
|
||||
},
|
||||
{
|
||||
name: 'CipherSuites',
|
||||
yaml: false,
|
||||
type: 'array<string>: <optional>',
|
||||
description: `Set the list of TLS cipher suites to support when negotiating
|
||||
connections using TLS 1.2 or earlier. If unspecified,
|
||||
|
|
|
@ -271,7 +271,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
|
|||
children: [
|
||||
{
|
||||
name: 'Incoming',
|
||||
yaml: false,
|
||||
type: 'TLSDirectionConfig: <optional>',
|
||||
description: `TLS configuration for inbound mTLS connections targeting
|
||||
the public listener on \`connect-proxy\` and \`terminating-gateway\`
|
||||
|
@ -279,14 +278,12 @@ Note that the Kubernetes example does not include a `partition` field. Configura
|
|||
children: [
|
||||
{
|
||||
name: 'TLSMinVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description:
|
||||
"Set the default minimum TLS version supported. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.",
|
||||
},
|
||||
{
|
||||
name: 'TLSMaxVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description: {
|
||||
hcl:
|
||||
|
@ -297,7 +294,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
|
|||
},
|
||||
{
|
||||
name: 'CipherSuites',
|
||||
yaml: false,
|
||||
type: 'array<string>: <optional>',
|
||||
description: `Set the default list of TLS cipher suites
|
||||
to support when negotiating connections using
|
||||
|
@ -315,7 +311,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
|
|||
},
|
||||
{
|
||||
name: 'Outgoing',
|
||||
yaml: false,
|
||||
type: 'TLSDirectionConfig: <optional>',
|
||||
description: `TLS configuration for outbound mTLS connections dialing upstreams
|
||||
from \`connect-proxy\` and \`ingress-gateway\`
|
||||
|
@ -323,14 +318,12 @@ Note that the Kubernetes example does not include a `partition` field. Configura
|
|||
children: [
|
||||
{
|
||||
name: 'TLSMinVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description:
|
||||
"Set the default minimum TLS version supported. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer [will default to TLS 1.2 as a min version](https://github.com/envoyproxy/envoy/pull/19330), while older releases of Envoy default to TLS 1.0.",
|
||||
},
|
||||
{
|
||||
name: 'TLSMaxVersion',
|
||||
yaml: false,
|
||||
type: 'string: ""',
|
||||
description: {
|
||||
hcl:
|
||||
|
@ -341,7 +334,6 @@ Note that the Kubernetes example does not include a `partition` field. Configura
|
|||
},
|
||||
{
|
||||
name: 'CipherSuites',
|
||||
yaml: false,
|
||||
type: 'array<string>: <optional>',
|
||||
description: `Set the default list of TLS cipher suites
|
||||
to support when negotiating connections using
|
||||
|
@ -366,9 +358,8 @@ Note that the Kubernetes example does not include a `partition` field. Configura
|
|||
children: [
|
||||
{
|
||||
name: 'SanitizeXForwardedClientCert',
|
||||
yaml: false,
|
||||
type: 'bool: <optional>',
|
||||
description: `If configured to \`true\`, the \`forward_client_cert_details\` option will be set to \`SANITIZE\`
|
||||
description: `If configured to \`true\`, the \`forward_client_cert_details\` option will be set to \`SANITIZE\`
|
||||
for all Envoy proxies. As a result, Consul will not include the \`x-forwarded-client-cert\` header in the next hop.
|
||||
If set to \`false\` (default), the XFCC header is propagated to upstream applications.`,
|
||||
},
|
||||
|
|
|
@ -10,7 +10,7 @@ description: >-
|
|||
# Proxy Defaults
|
||||
|
||||
|
||||
The `proxy-defaults` configuration entry (`ProxyDefaults` on Kubernetes) allows you
|
||||
The `proxy-defaults` configuration entry (`ProxyDefaults` on Kubernetes) allows you
|
||||
to configure global defaults across all services for Connect proxy
|
||||
configurations. Only one global entry is supported.
|
||||
|
||||
|
@ -28,8 +28,8 @@ service definitions](/docs/connect/registration/sidecar-service).
|
|||
## Requirements
|
||||
|
||||
The following Consul binaries are supported:
|
||||
* Consul 1.8.4+ on Kubernetes.
|
||||
* Consul 1.5.0+ on other platforms.
|
||||
* Consul 1.8.4+ on Kubernetes.
|
||||
* Consul 1.5.0+ on other platforms.
|
||||
|
||||
## Usage
|
||||
|
||||
|
@ -321,7 +321,6 @@ spec:
|
|||
\`direct\` represents that the proxy's listeners must be dialed directly by the local
|
||||
application and other proxies.
|
||||
Added in v1.10.0.`,
|
||||
yaml: false,
|
||||
},
|
||||
{
|
||||
name: 'TransparentProxy',
|
||||
|
@ -333,7 +332,6 @@ spec:
|
|||
type: 'int: "15001"',
|
||||
description: `The port the proxy should listen on for outbound traffic. This must be the port where
|
||||
outbound application traffic is captured and redirected to.`,
|
||||
yaml: false,
|
||||
},
|
||||
{
|
||||
name: 'DialedDirectly',
|
||||
|
|
|
@ -366,7 +366,6 @@ represents a location outside the Consul cluster. They can be dialed directly wh
|
|||
\`direct\` represents that the proxy's listeners must be dialed directly by the local
|
||||
application and other proxies.
|
||||
Added in v1.10.0.`,
|
||||
yaml: false,
|
||||
},
|
||||
{
|
||||
name: 'UpstreamConfig',
|
||||
|
@ -652,7 +651,6 @@ represents a location outside the Consul cluster. They can be dialed directly wh
|
|||
type: 'int: "15001"',
|
||||
description: `The port the proxy should listen on for outbound traffic. This must be the port where
|
||||
outbound application traffic is redirected to.`,
|
||||
yaml: false,
|
||||
},
|
||||
{
|
||||
name: 'DialedDirectly',
|
||||
|
|
Loading…
Reference in New Issue