From 2a70eef7c8d4d64ea1974b4a90df75c5be2157aa Mon Sep 17 00:00:00 2001 From: boruszak Date: Wed, 14 Sep 2022 17:20:05 -0500 Subject: [PATCH 1/8] /docs/k8s/crds --- website/content/docs/k8s/crds/index.mdx | 8 +++----- website/content/docs/k8s/crds/upgrade-to-crds.mdx | 6 +++--- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/website/content/docs/k8s/crds/index.mdx b/website/content/docs/k8s/crds/index.mdx index 03757ff1d6..b8598407fe 100644 --- a/website/content/docs/k8s/crds/index.mdx +++ b/website/content/docs/k8s/crds/index.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Consul Custom Resource Definitions +page_title: Custom Resource Definitions for Consul on Kubernetes description: >- - Consul supports managing configuration entries via Kubernetes Custom Resources. - These custom resource can be used to manage the configuration for workloads - deployed within the cluster. +Consul on Kubernetes supports Consul's configuration entry kind through Custom Resource Definitions (CRDs). Learn how to configure Helm charts to enable CRDs and use kubectl to create, manage, and delete mesh components like gateways and intentions on k8s. --- -# Custom Resource Definitions +# Custom Resource Definitions (CRDs) for Consul on Kubernetes This topic describes how to manage Consul [configuration entries](/docs/agent/config-entries) via Kubernetes Custom Resources. Configuration entries provide cluster-wide defaults for the service mesh. diff --git a/website/content/docs/k8s/crds/upgrade-to-crds.mdx b/website/content/docs/k8s/crds/upgrade-to-crds.mdx index d5b0754206..bcbe491f0f 100644 --- a/website/content/docs/k8s/crds/upgrade-to-crds.mdx +++ b/website/content/docs/k8s/crds/upgrade-to-crds.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Upgrade An Existing Cluster to CRDs +page_title: Upgrade Existing Clusters to Use Custom Resource Definitions description: >- - Upgrade an existing cluster to use custom resources. +Kubernetes clusters configured with a Consul Helm chart version older than 0.30.0 require updates in order to use CRDs. Learn about the changes you need to make, as well as how to migrate a Consul config entry to a k8s CRD. --- -# Upgrade An Existing Cluster to CRDs +# Upgrade Existing Clusters to Use Custom Resource Definitions Upgrading to consul-helm versions >= `0.30.0` will require some changes if you utilize the following: From e339379291ef53889111bd55a062fbc9911717a4 Mon Sep 17 00:00:00 2001 From: boruszak Date: Wed, 14 Sep 2022 17:21:47 -0500 Subject: [PATCH 2/8] /docs/k8s/upgrades --- website/content/docs/k8s/upgrade/index.mdx | 7 ++++--- website/content/docs/k8s/upgrade/upgrade-cli.mdx | 6 +++--- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/website/content/docs/k8s/upgrade/index.mdx b/website/content/docs/k8s/upgrade/index.mdx index fec63efa41..fd5fefdbcd 100644 --- a/website/content/docs/k8s/upgrade/index.mdx +++ b/website/content/docs/k8s/upgrade/index.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Upgrade -description: Upgrade Consul on Kubernetes +page_title: Upgrading Consul on Kubernetes Components +description: >- +Consul on Kubernetes relies on packages and binaries that have individual upgrade requirements. Learn how to update Helm configurations, Helm versions, Consul versions, and Consul agents, as well as how to determine what will change and its impact on your service mesh. --- -# Upgrade Consul on Kubernetes +# Upgrading Consul on Kubernetes Components ## Upgrade Types diff --git a/website/content/docs/k8s/upgrade/upgrade-cli.mdx b/website/content/docs/k8s/upgrade/upgrade-cli.mdx index fdb5139656..ae835a4613 100644 --- a/website/content/docs/k8s/upgrade/upgrade-cli.mdx +++ b/website/content/docs/k8s/upgrade/upgrade-cli.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Upgrade the Consul K8s CLI +page_title: Update the Consul K8s CLI description: >- - Consul K8s CLI is a tool for quickly installing and interacting with Consul on Kubernetes. +The Consul on Kubernetes CLI tool helps you schedule clusters without direct interaction with Helm or Consul’s CLI. Learn how to update the consul-k8s CLI tool to a new version. --- -# Upgrade the Consul K8s CLI +# Update the Consul K8s CLI Consul K8s CLI is a tool for quickly installing and interacting with Consul on Kubernetes. Ensure that you are running the correct version of the CLI prior to upgrading your Consul on Kubernetes deployment, as the CLI and the control plane are version dependent. From 0de4184b9574be76a5caab3b3de6d7ed44b64d26 Mon Sep 17 00:00:00 2001 From: boruszak Date: Wed, 14 Sep 2022 17:26:14 -0500 Subject: [PATCH 3/8] /docs/k8s --- website/content/docs/k8s/annotations-and-labels.mdx | 2 +- website/content/docs/k8s/architecture.mdx | 4 ++-- website/content/docs/k8s/compatibility.mdx | 7 ++++--- website/content/docs/k8s/dns.mdx | 8 +++----- website/content/docs/k8s/helm.mdx | 7 ++++--- website/content/docs/k8s/index.mdx | 9 +++------ website/content/docs/k8s/k8s-cli.mdx | 4 ++-- website/content/docs/k8s/service-sync.mdx | 8 +++----- 8 files changed, 22 insertions(+), 27 deletions(-) diff --git a/website/content/docs/k8s/annotations-and-labels.mdx b/website/content/docs/k8s/annotations-and-labels.mdx index 1c45a12c57..204e4fcfa0 100644 --- a/website/content/docs/k8s/annotations-and-labels.mdx +++ b/website/content/docs/k8s/annotations-and-labels.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Annotations and Labels description: >- - The list of available labels and annotations for running Consul on Kubernetes. +Annotations and labels configure Consul sidecar properties and injection behavior when scheduling Kubernetes clusters. Learn about the required annotations and labels that enable Consul’s service mesh and secure upstream communication on k8s in this reference guide. --- # Annotations and Labels diff --git a/website/content/docs/k8s/architecture.mdx b/website/content/docs/k8s/architecture.mdx index 3a6e6ae323..bf0b59a943 100644 --- a/website/content/docs/k8s/architecture.mdx +++ b/website/content/docs/k8s/architecture.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Consul on Kubernetes Architecture +page_title: Consul on Kubernetes Control Plane Architecture description: >- - A high level overview of Consul on Kubernetes Architecture +When running on Kubernetes, Consul’s control plane architecture does not change significantly. Server agents are deployed as a StatefulSet with a persistent volume, while client agents run as a k8s DaemonSet with an exposed API port. --- diff --git a/website/content/docs/k8s/compatibility.mdx b/website/content/docs/k8s/compatibility.mdx index f5e362cb46..84d12e1d7a 100644 --- a/website/content/docs/k8s/compatibility.mdx +++ b/website/content/docs/k8s/compatibility.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Compatibility Matrix -description: Compatibility Matrix for Consul Kubernetes +page_title: Consul on Kubernetes Version Compatibility +description: >- +New releases require corresponding version updates to Consul on Kubernetes and its Helm chart. Review the compatibility matrix for Consul and consul-k8s and additional notes for integrating Vault and third-party platforms. --- -# Compatibility Matrix for Consul on Kubernetes +# Consul on Kubernetes Version Compatibility For every release of Consul on Kubernetes, a Helm chart, `consul-k8s-control-plane` binary and a `consul-k8s` CLI binary is built and distributed through a single version. When deploying via Helm, the recommended best path for upgrading Consul on Kubernetes, is to upgrade using the same `consul-k8s-control-plane` version as the Helm Chart, as the Helm Chart and Control Plane binary are tightly coupled. diff --git a/website/content/docs/k8s/dns.mdx b/website/content/docs/k8s/dns.mdx index 47c9fc189d..73abb6a9ef 100644 --- a/website/content/docs/k8s/dns.mdx +++ b/website/content/docs/k8s/dns.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Consul DNS - Kubernetes +page_title: Resolve Consul DNS requests in Kubernetes description: >- - One of the primary query interfaces to Consul is the DNS interface. The Consul - DNS interface can be exposed for all pods in Kubernetes using a stub-domain - configuration. +Use a k8s ConfigMap to configure KubeDNS or CoreDNS so that you can use Consul's `.service.consul` syntax for queries and other DNS requests. In Kubernetes, this process uses either stub-domain or proxy configuration. --- -# Consul DNS on Kubernetes +# Resolve Consul DNS requests in Kubernetes One of the primary query interfaces to Consul is the [DNS interface](/docs/discovery/dns). You can configure Consul DNS in diff --git a/website/content/docs/k8s/helm.mdx b/website/content/docs/k8s/helm.mdx index b51b3f72e6..a31184a75c 100644 --- a/website/content/docs/k8s/helm.mdx +++ b/website/content/docs/k8s/helm.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Helm Chart Configuration -description: Configuration for the Consul Helm chart. +page_title: Helm Chart Reference +description: >- +The Helm Chart allows you to schedule Kubernetes clusters with injected Consul sidecars by defining custom values in a YAML configuration. Find stanza hierarchy, the parameters you can set, and their default values in this k8s reference guide. --- -# Helm Chart Configuration +# Helm Chart Reference The chart is highly customizable using [Helm configuration values](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). diff --git a/website/content/docs/k8s/index.mdx b/website/content/docs/k8s/index.mdx index f2987aab8a..ffdc3f2664 100644 --- a/website/content/docs/k8s/index.mdx +++ b/website/content/docs/k8s/index.mdx @@ -1,14 +1,11 @@ --- layout: docs -page_title: Kubernetes +page_title: Consul & Kubernetes description: >- - Consul has many integrations with Kubernetes. You can deploy Consul to - Kubernetes using the Helm chart, sync services between Consul and Kubernetes, - automatically secure Pod communication with Connect, and more. This section - documents the official integrations between Consul and Kubernetes. +Consul supports Kubernetes natively, allowing you to deploy Consul sidecars to a Kubernetes service mesh and sync the k8s service registry with non-k8s services. Learn how to install Consul on Kubernetes with Helm or the Consul K8s CLI and get started with tutorials. --- -# Kubernetes +# Consul & Kubernetes Consul has many integrations with Kubernetes. You can deploy Consul to Kubernetes using the [Helm chart](/docs/k8s/installation/install#helm-chart-installation) or [Consul K8s CLI](/docs/k8s/installation/install#consul-k8s-cli-installation), sync services between Consul and diff --git a/website/content/docs/k8s/k8s-cli.mdx b/website/content/docs/k8s/k8s-cli.mdx index 8f6467cbb0..65872e63fa 100644 --- a/website/content/docs/k8s/k8s-cli.mdx +++ b/website/content/docs/k8s/k8s-cli.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Consul K8s CLI Reference +page_title: Consul on Kubernetes CLI Reference description: >- - The Consul on Kubernetes CLI (consul-k8s) is a tool for installing and managing Consul on Kubernetes. +The Consul on Kubernetes CLI tool enables you to manage Consul with the `consul-k8s` command instead of direct interaction with Helm, kubectl, or Consul’s CLI. Learn about commands, their flags, and review examples in this reference guide. --- # Consul on Kubernetes CLI Reference diff --git a/website/content/docs/k8s/service-sync.mdx b/website/content/docs/k8s/service-sync.mdx index 5fbabe6b27..9effcd05ea 100644 --- a/website/content/docs/k8s/service-sync.mdx +++ b/website/content/docs/k8s/service-sync.mdx @@ -1,13 +1,11 @@ --- layout: docs -page_title: Service Sync - Kubernetes +page_title: Service Sync for Consul on Kubernetes description: >- - The services in Kubernetes and Consul can be automatically synced so that - Kubernetes services are available to Consul agents and services in Consul can - be available as first-class Kubernetes services. +Service sync is a Consul on Kubernetes feature that makes Kubernetes and Consul services available to each other. Learn how to configure Helm values so services can communicate and make Kubernetes services appear in the Consul UI. --- -# Syncing Kubernetes and Consul Services +# Service Sync for Consul on Kubernetes The services in Kubernetes and Consul can be automatically synced so that Kubernetes services are available to Consul agents and services in Consul can be available From acfbda94e7f3ac105e88cf3b084b7a588da5ada7 Mon Sep 17 00:00:00 2001 From: boruszak Date: Wed, 14 Sep 2022 17:29:21 -0500 Subject: [PATCH 4/8] /docs/k8s/operations --- .../content/docs/k8s/operations/certificate-rotation.mdx | 7 ++++--- .../docs/k8s/operations/gossip-encryption-key-rotation.mdx | 7 ++++--- .../docs/k8s/operations/tls-on-existing-cluster.mdx | 7 ++++--- website/content/docs/k8s/operations/uninstall.mdx | 7 ++++--- 4 files changed, 16 insertions(+), 12 deletions(-) diff --git a/website/content/docs/k8s/operations/certificate-rotation.mdx b/website/content/docs/k8s/operations/certificate-rotation.mdx index 6a73fdf482..69ff7d53f5 100644 --- a/website/content/docs/k8s/operations/certificate-rotation.mdx +++ b/website/content/docs/k8s/operations/certificate-rotation.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Certificate Rotation -description: Rotate Certificate on Kubernetes Cluster safely +page_title: Rotate TLS Certificates for Consul on Kubernetes +description: >- +As of Consul Helm version 0.29.0, new server agent TLS certificates are issued every time the Helm version is upgraded. Learn how to trigger certificate rotation manually when it doesn't happen automatically. --- -# Rotating Server Certificates +# Rotate TLS Certificates for Consul on Kubernetes As of Consul Helm version `0.29.0`, if TLS is enabled, new TLS certificates for the Consul Server are issued every time the Helm chart is upgraded. These certificates are signed by the same CA and will diff --git a/website/content/docs/k8s/operations/gossip-encryption-key-rotation.mdx b/website/content/docs/k8s/operations/gossip-encryption-key-rotation.mdx index 3f02c449be..83e0136369 100644 --- a/website/content/docs/k8s/operations/gossip-encryption-key-rotation.mdx +++ b/website/content/docs/k8s/operations/gossip-encryption-key-rotation.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Gossip Encryption Key Rotation -description: Rotate the Gossip Encryption Key on Kubernetes Cluster safely +page_title: Rotate Gossip Encryption Keys for Consul on Kubernetes +description: >- +Consul agents use encryption keys to secure their gossip communication, and you must rotate the keys periodically to maintain network security. Learn how to use `keygen` and `keyring` commands to rotate keys for agents on k8s clusters. --- -# Rotating Gossip Encryption Key +# Rotate Gossip Encryption Keys for Consul on Kubernetes The following instructions provides a step-by-step manual process for rotating [gossip encryption](/docs/security/encryption#gossip-encryption) keys on Consul clusters that are deployed onto a Kubernetes cluster with Consul on Kubernetes. diff --git a/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx b/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx index 2b69be5380..82498eea7c 100644 --- a/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx +++ b/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Configure TLS on an Existing Cluster -description: Configure TLS on an existing Consul cluster running in Kubernetes +page_title: Rolling Updates to TLS for Existing Clusters on Kubernetes +description: >- +Consul's Helm chart began supporting TLS communication within clusters in version 0.16.0. Follow the instructions to trigger rolling updates for consul-k8s without causing downtime. --- -# Configuring TLS on an Existing Cluster +# Rolling Updates to TLS for Existing Clusters on Kubernetes As of Consul Helm version `0.16.0`, the chart supports TLS for communication within the cluster. If you already have a Consul cluster deployed on Kubernetes, diff --git a/website/content/docs/k8s/operations/uninstall.mdx b/website/content/docs/k8s/operations/uninstall.mdx index 9e0a4e3185..bdcacca855 100644 --- a/website/content/docs/k8s/operations/uninstall.mdx +++ b/website/content/docs/k8s/operations/uninstall.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Uninstall -description: Uninstall Consul on Kubernetes +page_title: Uninstall Consul on Kubernetes +description: >- +You can use the Consul-K8s CLI tool to remove all or part of a Consul installation on Kubernetes. You can also use Helm and then manually remove resources that Helm does not delete. --- -# Uninstall Consul +# Uninstall Consul on Kubernetes You can uninstall Consul using Helm commands or the Consul K8s CLI. From 906ebb97695927126ba1f6767393a58491d3e51e Mon Sep 17 00:00:00 2001 From: boruszak Date: Wed, 14 Sep 2022 17:44:13 -0500 Subject: [PATCH 5/8] /docs/k8s/installation + /installation/platforms --- website/content/docs/k8s/installation/install-cli.mdx | 6 +++--- website/content/docs/k8s/installation/install.mdx | 9 +++------ .../installation/platforms/self-hosted-kubernetes.mdx | 7 ++++--- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/website/content/docs/k8s/installation/install-cli.mdx b/website/content/docs/k8s/installation/install-cli.mdx index 4cd3ea9f55..86b5eff1b9 100644 --- a/website/content/docs/k8s/installation/install-cli.mdx +++ b/website/content/docs/k8s/installation/install-cli.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Installing the Consul K8s CLI +page_title: Install Consul on K8s CLI description: >- - Consul K8s CLI is a tool for quickly installing and interacting with Consul on Kubernetes. +You can use the Consul K8s CLI tool to schedule Kubernetes deployments instead of using Helm. Learn how to download and install the tool to interact with Consul on Kubernetes using the `consul-k8s` command. --- -# Installing the Consul K8s CLI +# Install Consul on K8s CLI Consul K8s CLI is a tool for quickly installing and interacting with Consul on Kubernetes. Ensure that you are installing the correct version of the CLI for your Consul on Kubernetes deployment, as the CLI and the control plane are version dependent. diff --git a/website/content/docs/k8s/installation/install.mdx b/website/content/docs/k8s/installation/install.mdx index 65227f174b..79d466fcb3 100644 --- a/website/content/docs/k8s/installation/install.mdx +++ b/website/content/docs/k8s/installation/install.mdx @@ -1,14 +1,11 @@ --- layout: docs -page_title: Installing Consul on Kubernetes +page_title: Install Consul on Kubernetes with Helm description: >- - Consul can run directly on Kubernetes, both in server or client mode. For - pure-Kubernetes workloads, this enables Consul to also exist purely within - Kubernetes. For heterogeneous workloads, Consul agents can join a server - running inside or outside of Kubernetes. +You can use Helm to configure Consul on Kubernetes deployments. Learn how to add the official Helm chart to your repository and the parameters that enable the service mesh, CNI plugins, Consul UI, and Consul HTTP API. --- -# Installing Consul on Kubernetes +# Install Consul on Kubernetes with Helm Consul can run directly on Kubernetes, both in server or client mode. For pure-Kubernetes workloads, this enables Consul to also exist purely diff --git a/website/content/docs/k8s/installation/platforms/self-hosted-kubernetes.mdx b/website/content/docs/k8s/installation/platforms/self-hosted-kubernetes.mdx index e0ab7c6889..60e7ce994c 100644 --- a/website/content/docs/k8s/installation/platforms/self-hosted-kubernetes.mdx +++ b/website/content/docs/k8s/installation/platforms/self-hosted-kubernetes.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Self Hosted Kubernetes -description: Installing Consul on Self Hosted Kubernetes +page_title: Install Consul on Self-Hosted Kubernetes Clusters +description: >- +The process for installing Consul on Kubernetes is the same as installing it on cloud-hosted k8s platforms, but requires additional configuration. Learn how to pre-define Persistent Volume Claims (PVCs) and a default storage class for server agents. --- -# Self Hosted Kubernetes +# Install Consul on Self-Hosted Kubernetes Clusters Except for creating persistent volumes and ensuring there is a storage class configured (see below), installing Consul on your From beee474916ce2bbea2d4d0b26f9af8480e025cdd Mon Sep 17 00:00:00 2001 From: boruszak Date: Wed, 14 Sep 2022 17:48:49 -0500 Subject: [PATCH 6/8] /docs/k8s/connect --- .../content/docs/k8s/connect/connect-ca-provider.mdx | 11 ++++++----- website/content/docs/k8s/connect/health.mdx | 7 ++++--- website/content/docs/k8s/connect/index.mdx | 9 +++------ .../content/docs/k8s/connect/ingress-controllers.mdx | 7 ++++--- website/content/docs/k8s/connect/ingress-gateways.mdx | 7 ++++--- .../content/docs/k8s/connect/terminating-gateways.mdx | 7 ++++--- 6 files changed, 25 insertions(+), 23 deletions(-) diff --git a/website/content/docs/k8s/connect/connect-ca-provider.mdx b/website/content/docs/k8s/connect/connect-ca-provider.mdx index 8cd84531c2..274de2395c 100644 --- a/website/content/docs/k8s/connect/connect-ca-provider.mdx +++ b/website/content/docs/k8s/connect/connect-ca-provider.mdx @@ -1,10 +1,11 @@ ---- +"--- layout: docs -page_title: Configuring a Connect CA Provider -description: Configuring a Connect CA Provider ---- +page_title: Configure Certificate Authority (CA) for Consul on Kubernetes +description: >- +Consul includes a built-in CA, but when bootstrapping a cluster on k8s, you can configure your service mesh to use a custom certificate provider instead. Learn how to configure Vault as an external CA in primary and secondary datacenters and manually rotate Vault tokens. +---" -# Configuring a Connect CA Provider +# Configure Certificate Authority (CA) for Consul on Kubernetes ~> **NOTE:** The instructions below should only be used for initially bootstrapping a cluster with **Consul K8s 0.38.0+.** To update the Connect CA provider on an existing cluster or to update any properties, such as tokens, of the CA provider, diff --git a/website/content/docs/k8s/connect/health.mdx b/website/content/docs/k8s/connect/health.mdx index 2ff0d38133..1b78c3e83b 100644 --- a/website/content/docs/k8s/connect/health.mdx +++ b/website/content/docs/k8s/connect/health.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Kubernetes Health Checks -description: Configuring Kubernetes Health Checks +page_title: Configure Health Checks for Consul on Kubernetes +description: >- +Kubernetes has built-in health probes you can sync with Consul's health checks to ensure service mesh traffic is routed to healthy pods. Learn how to register a TTL Health check and use mutating webhooks to redirect k8s liveness, readiness, and startup probes through Envoy proxies. --- -# Kubernetes Health Checks in Consul on Kubernetes +# Configure Health Checks for Consul on Kubernetes ~> This topic requires familiarity with [Kubernetes Health Checks](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/). diff --git a/website/content/docs/k8s/connect/index.mdx b/website/content/docs/k8s/connect/index.mdx index 7a3c472cab..6cff7748de 100644 --- a/website/content/docs/k8s/connect/index.mdx +++ b/website/content/docs/k8s/connect/index.mdx @@ -1,14 +1,11 @@ --- layout: docs -page_title: Consul Service Mesh on Kubernetes +page_title: How does Consul Service Mesh Work on Kubernetes? description: >- - Consul Service Mesh is a feature built into to Consul that enables automatic - service-to-service authorization and connection encryption across your Consul - services. Consul Service Mesh can be used with Kubernetes to secure pod communication with - other services. +An injection annotation allows Consul to automatically deploy sidecar proxies on Kubernetes pods, enabling Consul's service mesh for containers running on k8s. Learn how to configure sidecars, enable services with multiple ports, change default injection settings. --- -# Consul Service Mesh on Kubernetes +# How does Consul Service Mesh Work on Kubernetes? [Consul Service Mesh](/docs/connect) is a feature built into to Consul that enables automatic service-to-service authorization and connection encryption across diff --git a/website/content/docs/k8s/connect/ingress-controllers.mdx b/website/content/docs/k8s/connect/ingress-controllers.mdx index eb99cc93f9..225d838358 100644 --- a/website/content/docs/k8s/connect/ingress-controllers.mdx +++ b/website/content/docs/k8s/connect/ingress-controllers.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Ingress Controller Integrations -description: Configuring Ingress Controllers With Consul On Kubernetes +page_title: Configure Ingress Controllers for Consul on Kubernetes +description: >- +Ingress controllers are pluggable components that must be configured in k8s in order to use the Ingress resource. Learn how to deploy sidecars with the controller to secure its communication with Consul, review common configuration issues, and find links to example configurations. --- -# Configuring Ingress Controllers with Consul on Kubernetes +# Configure Ingress Controllers for Consul on Kubernetes -> This topic requires familiarity with [Ingress Controllers](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/) diff --git a/website/content/docs/k8s/connect/ingress-gateways.mdx b/website/content/docs/k8s/connect/ingress-gateways.mdx index 523299168a..e9ec3bf195 100644 --- a/website/content/docs/k8s/connect/ingress-gateways.mdx +++ b/website/content/docs/k8s/connect/ingress-gateways.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Ingress Gateways - Kubernetes -description: Configuring Ingress Gateways on Kubernetes +page_title: Configure Ingress Gateways for Consul on Kubernetes +description: >- +Ingress gateways listen for external requests and route authorized traffic to instances in the service mesh running on Kubernetes. Learn how to configure ingress gateways, set intentions, and connect them to k8s applications. --- -# Ingress Gateways on Kubernetes +# Configure Ingress Gateways for Consul on Kubernetes -> 1.9.0+: This feature is available in Consul versions 1.9.0 and higher diff --git a/website/content/docs/k8s/connect/terminating-gateways.mdx b/website/content/docs/k8s/connect/terminating-gateways.mdx index 06316f5f51..7379ff1e1d 100644 --- a/website/content/docs/k8s/connect/terminating-gateways.mdx +++ b/website/content/docs/k8s/connect/terminating-gateways.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Terminating Gateways - Kubernetes -description: Configuring Terminating Gateways on Kubernetes +page_title: Configure Terminating Gateways for Consul on Kubernetes +description: >- +Terminating gateways send secure requests from the service mesh to locations outside of the Kubernetes cluster. Learn how to configure terminating gateways for k8s, register external services in Consul’s service catalog, and define external sources as upstreams in your service mesh. --- -# Terminating Gateways on Kubernetes +# Configure Terminating Gateways for Consul on Kubernetes Adding a terminating gateway is a multi-step process: From 46499d2ca7cea7ad6132a38c9fa1261674d4380b Mon Sep 17 00:00:00 2001 From: boruszak Date: Wed, 14 Sep 2022 17:49:29 -0500 Subject: [PATCH 7/8] /docs/k8s/connect/observability --- website/content/docs/k8s/connect/observability/metrics.mdx | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/website/content/docs/k8s/connect/observability/metrics.mdx b/website/content/docs/k8s/connect/observability/metrics.mdx index 109c2d3e0c..5d822396cc 100644 --- a/website/content/docs/k8s/connect/observability/metrics.mdx +++ b/website/content/docs/k8s/connect/observability/metrics.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Metrics -description: Metrics for Consul on Kubernetes +page_title: Configure metrics for Consul on Kubernetes +description: >- +Use the `connectInject.metrics` Helm values to enable Prometheus and Grafana integrations and capture metrics. Consul can collect metrics from the service mesh, sidecar proxies, agents, and gateways in a k8s cluster and then display service traffic metrics in Consul’s UI for additional observability. --- -# Metrics +# Configure metrics for Consul on Kubernetes Consul on Kubernetes integrates with Prometheus and Grafana to provide metrics for Consul Service Mesh. The metrics available are: From 7c2b8e4f5b591575dcef509033b77a24c6a07169 Mon Sep 17 00:00:00 2001 From: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Date: Thu, 15 Sep 2022 14:33:39 -0500 Subject: [PATCH 8/8] Apply suggestions from code review Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- website/content/docs/k8s/annotations-and-labels.mdx | 2 +- website/content/docs/k8s/connect/observability/metrics.mdx | 2 +- website/content/docs/k8s/crds/upgrade-to-crds.mdx | 2 +- website/content/docs/k8s/dns.mdx | 2 +- website/content/docs/k8s/index.mdx | 4 ++-- website/content/docs/k8s/operations/certificate-rotation.mdx | 2 +- .../content/docs/k8s/operations/tls-on-existing-cluster.mdx | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/website/content/docs/k8s/annotations-and-labels.mdx b/website/content/docs/k8s/annotations-and-labels.mdx index 204e4fcfa0..dc95b8f216 100644 --- a/website/content/docs/k8s/annotations-and-labels.mdx +++ b/website/content/docs/k8s/annotations-and-labels.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Annotations and Labels description: >- -Annotations and labels configure Consul sidecar properties and injection behavior when scheduling Kubernetes clusters. Learn about the required annotations and labels that enable Consul’s service mesh and secure upstream communication on k8s in this reference guide. +Annotations and labels configure Consul sidecar properties and injection behavior when scheduling Kubernetes clusters. Learn about the annotations and labels that enable Consul’s service mesh and secure upstream communication on k8s in this reference guide. --- # Annotations and Labels diff --git a/website/content/docs/k8s/connect/observability/metrics.mdx b/website/content/docs/k8s/connect/observability/metrics.mdx index 5d822396cc..91e9510921 100644 --- a/website/content/docs/k8s/connect/observability/metrics.mdx +++ b/website/content/docs/k8s/connect/observability/metrics.mdx @@ -5,7 +5,7 @@ description: >- Use the `connectInject.metrics` Helm values to enable Prometheus and Grafana integrations and capture metrics. Consul can collect metrics from the service mesh, sidecar proxies, agents, and gateways in a k8s cluster and then display service traffic metrics in Consul’s UI for additional observability. --- -# Configure metrics for Consul on Kubernetes +# Configure Metrics for Consul on Kubernetes Consul on Kubernetes integrates with Prometheus and Grafana to provide metrics for Consul Service Mesh. The metrics available are: diff --git a/website/content/docs/k8s/crds/upgrade-to-crds.mdx b/website/content/docs/k8s/crds/upgrade-to-crds.mdx index bcbe491f0f..4dc5ab7325 100644 --- a/website/content/docs/k8s/crds/upgrade-to-crds.mdx +++ b/website/content/docs/k8s/crds/upgrade-to-crds.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Upgrade Existing Clusters to Use Custom Resource Definitions description: >- -Kubernetes clusters configured with a Consul Helm chart version older than 0.30.0 require updates in order to use CRDs. Learn about the changes you need to make, as well as how to migrate a Consul config entry to a k8s CRD. +Kubernetes clusters configured with a Consul Helm chart version older than 0.30.0 require updates in order to use CRDs. Learn about upgrading to a supported Helm version and how to migrate a Consul config entry to a k8s CRD. --- # Upgrade Existing Clusters to Use Custom Resource Definitions diff --git a/website/content/docs/k8s/dns.mdx b/website/content/docs/k8s/dns.mdx index 73abb6a9ef..6db0f664e8 100644 --- a/website/content/docs/k8s/dns.mdx +++ b/website/content/docs/k8s/dns.mdx @@ -5,7 +5,7 @@ description: >- Use a k8s ConfigMap to configure KubeDNS or CoreDNS so that you can use Consul's `.service.consul` syntax for queries and other DNS requests. In Kubernetes, this process uses either stub-domain or proxy configuration. --- -# Resolve Consul DNS requests in Kubernetes +# Resolve Consul DNS Requests in Kubernetes One of the primary query interfaces to Consul is the [DNS interface](/docs/discovery/dns). You can configure Consul DNS in diff --git a/website/content/docs/k8s/index.mdx b/website/content/docs/k8s/index.mdx index ffdc3f2664..9f24a98ab7 100644 --- a/website/content/docs/k8s/index.mdx +++ b/website/content/docs/k8s/index.mdx @@ -1,11 +1,11 @@ --- layout: docs -page_title: Consul & Kubernetes +page_title: Consul on Kubernetes description: >- Consul supports Kubernetes natively, allowing you to deploy Consul sidecars to a Kubernetes service mesh and sync the k8s service registry with non-k8s services. Learn how to install Consul on Kubernetes with Helm or the Consul K8s CLI and get started with tutorials. --- -# Consul & Kubernetes +# Consul on Kubernetes Consul has many integrations with Kubernetes. You can deploy Consul to Kubernetes using the [Helm chart](/docs/k8s/installation/install#helm-chart-installation) or [Consul K8s CLI](/docs/k8s/installation/install#consul-k8s-cli-installation), sync services between Consul and diff --git a/website/content/docs/k8s/operations/certificate-rotation.mdx b/website/content/docs/k8s/operations/certificate-rotation.mdx index 69ff7d53f5..a7337abb65 100644 --- a/website/content/docs/k8s/operations/certificate-rotation.mdx +++ b/website/content/docs/k8s/operations/certificate-rotation.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Rotate TLS Certificates for Consul on Kubernetes description: >- -As of Consul Helm version 0.29.0, new server agent TLS certificates are issued every time the Helm version is upgraded. Learn how to trigger certificate rotation manually when it doesn't happen automatically. +In Consul Helm version 0.29.0 and later, new server agent TLS certificates are issued every time the Helm version is upgraded. Learn how to manually trigger certificate rotation if they do not rotate automatically. --- # Rotate TLS Certificates for Consul on Kubernetes diff --git a/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx b/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx index 82498eea7c..07ffa89ddc 100644 --- a/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx +++ b/website/content/docs/k8s/operations/tls-on-existing-cluster.mdx @@ -2,7 +2,7 @@ layout: docs page_title: Rolling Updates to TLS for Existing Clusters on Kubernetes description: >- -Consul's Helm chart began supporting TLS communication within clusters in version 0.16.0. Follow the instructions to trigger rolling updates for consul-k8s without causing downtime. +Consul Helm chart 0.16.0 and later supports TLS communication within clusters. Follow the instructions to trigger rolling updates for consul-k8s without causing downtime. --- # Rolling Updates to TLS for Existing Clusters on Kubernetes