mirror of https://github.com/status-im/consul.git
docs rendering
This commit is contained in:
parent
6bd1a51413
commit
711352bcf1
|
@ -5,4 +5,215 @@
|
|||
// - All directories must have an "index.mdx" file to serve as
|
||||
// the landing page for the category
|
||||
|
||||
export default []
|
||||
export default [
|
||||
{ category: 'install', content: ['ports', 'bootstrapping', 'performance'] },
|
||||
{
|
||||
category: 'upgrading', // todo: this folder didn't exist before
|
||||
content: ['compatibility', 'upgrade-specific'],
|
||||
},
|
||||
'glossary',
|
||||
{
|
||||
category: 'internals',
|
||||
content: [
|
||||
'architecture',
|
||||
'consensus',
|
||||
'gossip',
|
||||
'coordinates',
|
||||
'sessions',
|
||||
'anti-entropy',
|
||||
'security',
|
||||
'jepsen',
|
||||
'discovery-chain',
|
||||
],
|
||||
},
|
||||
{
|
||||
category: 'commands',
|
||||
content: [
|
||||
{
|
||||
category: 'acl',
|
||||
content: [
|
||||
{
|
||||
category: 'auth-method', // these all had leafs converted to index files
|
||||
content: ['create', 'delete', 'list', 'read', 'update'],
|
||||
},
|
||||
{
|
||||
category: 'binding-rule',
|
||||
content: ['create', 'delete', 'list', 'read', 'update'],
|
||||
},
|
||||
'bootstrap',
|
||||
{
|
||||
category: 'policy',
|
||||
content: ['create', 'delete', 'list', 'read', 'update'],
|
||||
},
|
||||
{
|
||||
category: 'role',
|
||||
content: ['create', 'delete', 'list', 'read', 'update'],
|
||||
},
|
||||
'set-agent-token',
|
||||
{
|
||||
category: 'token',
|
||||
content: ['clone', 'create', 'delete', 'list', 'read', 'update'],
|
||||
},
|
||||
'translate-rules',
|
||||
],
|
||||
},
|
||||
'agent',
|
||||
{ category: 'catalog', content: ['datacenters', 'nodes', 'services'] }, // leaf to index
|
||||
{ category: 'config', content: ['delete', 'list', 'read', 'write'] }, // leaf to index
|
||||
{ category: 'connect', content: ['ca', 'proxy', 'envoy'] }, // leaf to index
|
||||
'debug',
|
||||
'event',
|
||||
'exec',
|
||||
'force-leave',
|
||||
'info',
|
||||
{
|
||||
category: 'intention', // leaf to index
|
||||
content: ['check', 'create', 'delete', 'get', 'match'],
|
||||
},
|
||||
'join',
|
||||
'keygen',
|
||||
'keyring',
|
||||
{
|
||||
category: 'kv', // leaf to index
|
||||
content: ['delete', 'export', 'get', 'import', 'put'],
|
||||
},
|
||||
'leave',
|
||||
'license',
|
||||
'lock',
|
||||
'login',
|
||||
'logout',
|
||||
'maint',
|
||||
'members',
|
||||
'monitor',
|
||||
{
|
||||
category: 'namespace', // leaf to index
|
||||
content: ['create', 'delete', 'list', 'read', 'update', 'write'],
|
||||
},
|
||||
{
|
||||
category: 'operator', // leaf to index
|
||||
content: ['area', 'autopilot', 'raft'],
|
||||
},
|
||||
'reload',
|
||||
'rtt',
|
||||
{ category: 'services', content: ['register', 'deregister'] }, // leaf to index
|
||||
{
|
||||
category: 'snapshot', // leaf to index
|
||||
content: ['agent', 'inspect', 'restore', 'save'],
|
||||
},
|
||||
{ category: 'tls', content: ['ca', 'cert'] }, // leaf to index
|
||||
'validate',
|
||||
'version',
|
||||
'watch',
|
||||
],
|
||||
},
|
||||
{
|
||||
category: 'agent', // index was formerly "basics"
|
||||
content: [
|
||||
'dns',
|
||||
'options',
|
||||
{
|
||||
category: 'config-entries', // index was formerly config_entries
|
||||
content: [
|
||||
'service-router',
|
||||
'service-splitter',
|
||||
'service-resolver',
|
||||
'service-defaults',
|
||||
'proxy-defaults',
|
||||
],
|
||||
},
|
||||
'cloud-auto-join',
|
||||
'services',
|
||||
'checks',
|
||||
'kv',
|
||||
'sentinel',
|
||||
'encryption',
|
||||
'telemetry',
|
||||
'watches',
|
||||
],
|
||||
},
|
||||
{
|
||||
category: 'acl',
|
||||
content: [
|
||||
'acl-system',
|
||||
'acl-rules',
|
||||
'acl-legacy',
|
||||
'acl-migrate-tokens',
|
||||
{ category: 'auth-methods', content: ['kubernetes'] }, // index was formerly 'acl-auth-methods'
|
||||
],
|
||||
},
|
||||
{
|
||||
category: 'connect',
|
||||
content: [
|
||||
'configuration',
|
||||
'observability',
|
||||
'l7-traffic-management',
|
||||
'intentions',
|
||||
'connect-internals',
|
||||
{
|
||||
category: 'proxies', // index was formerly 'proxies'
|
||||
content: ['envoy', 'built-in', 'integrate'],
|
||||
},
|
||||
'mesh_gateway',
|
||||
{
|
||||
category: 'registration', // index was formerly 'registration'
|
||||
content: ['service-registration', 'sidecar-service'],
|
||||
},
|
||||
'security',
|
||||
{
|
||||
category: 'ca', // index was formerly 'ca'
|
||||
content: ['consul', 'vault', 'aws'],
|
||||
},
|
||||
{ category: 'native', content: ['go'] }, // index was formerly 'native'
|
||||
'dev',
|
||||
'nomad', // todo - redirect, was /platform/nomad
|
||||
// todo - 'connect' was removed as an alias
|
||||
],
|
||||
},
|
||||
{
|
||||
category: 'k8s', // formerly was nested inside /platform
|
||||
content: [
|
||||
{
|
||||
category: 'installation', // todo: these folders didn't exist before
|
||||
content: [
|
||||
// todo: the index here was formerly 'run'
|
||||
'aks',
|
||||
'eks',
|
||||
'gke',
|
||||
'minikube',
|
||||
'consul-enterprise',
|
||||
'clients-outside-kubernetes',
|
||||
'servers-outside-kubernetes',
|
||||
'predefined-pvcs',
|
||||
],
|
||||
},
|
||||
{
|
||||
category: 'operations', // index was formerly 'operations'
|
||||
content: ['upgrading', 'tls-on-existing-cluster', 'uninstalling'],
|
||||
},
|
||||
'dns',
|
||||
'service-sync',
|
||||
'connect',
|
||||
'ambassador',
|
||||
'helm',
|
||||
],
|
||||
},
|
||||
'-------',
|
||||
{ category: 'guides', content: [] },
|
||||
'common-errors',
|
||||
'faq',
|
||||
'--------',
|
||||
'partnerships', // todo: add leaf redirects
|
||||
{
|
||||
category: 'enterprise',
|
||||
content: [
|
||||
'backups', // todo: add leaf redirects
|
||||
'upgrades',
|
||||
'read-scale',
|
||||
'redundancy',
|
||||
'federation',
|
||||
'network-segments',
|
||||
'namespaces',
|
||||
'sentinel',
|
||||
],
|
||||
},
|
||||
]
|
||||
|
|
|
@ -1,30 +1,36 @@
|
|||
import DocsPage from '@hashicorp/react-docs-page'
|
||||
import order from '../data/api-navigation.js'
|
||||
import { frontMatter as data } from '../pages/api-docs/**/*.mdx'
|
||||
import { MDXProvider } from '@mdx-js/react'
|
||||
import Head from 'next/head'
|
||||
import Link from 'next/link'
|
||||
import EnterpriseAlert from '@hashicorp/react-enterprise-alert'
|
||||
|
||||
const DEFAULT_COMPONENTS = { EnterpriseAlert }
|
||||
|
||||
function ApiDocsLayoutWrapper(pageMeta) {
|
||||
function ApiDocsLayout(props) {
|
||||
return (
|
||||
<DocsPage
|
||||
{...props}
|
||||
product="consul"
|
||||
head={{
|
||||
is: Head,
|
||||
title: `${pageMeta.page_title} | Consul by HashiCorp`,
|
||||
description: pageMeta.description,
|
||||
siteName: 'Consul by HashiCorp',
|
||||
}}
|
||||
sidenav={{
|
||||
Link,
|
||||
category: 'api-docs',
|
||||
currentPage: props.path,
|
||||
data,
|
||||
order,
|
||||
}}
|
||||
resourceURL={`https://github.com/hashicorp/consul/blob/master/website/pages/${pageMeta.__resourcePath}`}
|
||||
/>
|
||||
<MDXProvider components={DEFAULT_COMPONENTS}>
|
||||
<DocsPage
|
||||
{...props}
|
||||
product="consul"
|
||||
head={{
|
||||
is: Head,
|
||||
title: `${pageMeta.page_title} | Consul by HashiCorp`,
|
||||
description: pageMeta.description,
|
||||
siteName: 'Consul by HashiCorp',
|
||||
}}
|
||||
sidenav={{
|
||||
Link,
|
||||
category: 'api-docs',
|
||||
currentPage: props.path,
|
||||
data,
|
||||
order,
|
||||
}}
|
||||
resourceURL={`https://github.com/hashicorp/consul/blob/master/website/pages/${pageMeta.__resourcePath}`}
|
||||
/>
|
||||
</MDXProvider>
|
||||
)
|
||||
}
|
||||
|
||||
|
|
|
@ -1,30 +1,36 @@
|
|||
import DocsPage from '@hashicorp/react-docs-page'
|
||||
import order from '../data/docs-navigation.js'
|
||||
import { frontMatter as data } from '../pages/docs/**/*.mdx'
|
||||
import { MDXProvider } from '@mdx-js/react'
|
||||
import EnterpriseAlert from '@hashicorp/react-enterprise-alert'
|
||||
import Head from 'next/head'
|
||||
import Link from 'next/link'
|
||||
|
||||
const DEFAULT_COMPONENTS = { EnterpriseAlert }
|
||||
|
||||
function DocsLayoutWrapper(pageMeta) {
|
||||
function DocsLayout(props) {
|
||||
return (
|
||||
<DocsPage
|
||||
{...props}
|
||||
product="consul"
|
||||
head={{
|
||||
is: Head,
|
||||
title: `${pageMeta.page_title} | Consul by HashiCorp`,
|
||||
description: pageMeta.description,
|
||||
siteName: 'Consul by HashiCorp',
|
||||
}}
|
||||
sidenav={{
|
||||
Link,
|
||||
category: 'docs',
|
||||
currentPage: props.path,
|
||||
data,
|
||||
order,
|
||||
}}
|
||||
resourceURL={`https://github.com/hashicorp/consul/blob/master/website/pages/${pageMeta.__resourcePath}`}
|
||||
/>
|
||||
<MDXProvider components={DEFAULT_COMPONENTS}>
|
||||
<DocsPage
|
||||
{...props}
|
||||
product="consul"
|
||||
head={{
|
||||
is: Head,
|
||||
title: `${pageMeta.page_title} | Consul by HashiCorp`,
|
||||
description: pageMeta.description,
|
||||
siteName: 'Consul by HashiCorp',
|
||||
}}
|
||||
sidenav={{
|
||||
Link,
|
||||
category: 'docs',
|
||||
currentPage: props.path,
|
||||
data,
|
||||
order,
|
||||
}}
|
||||
resourceURL={`https://github.com/hashicorp/consul/blob/master/website/pages/${pageMeta.__resourcePath}`}
|
||||
/>
|
||||
</MDXProvider>
|
||||
)
|
||||
}
|
||||
|
||||
|
|
|
@ -2,8 +2,8 @@ import DocsPage from '@hashicorp/react-docs-page'
|
|||
import Head from 'next/head'
|
||||
import Link from 'next/link'
|
||||
|
||||
function DocsLayoutWrapper(pageMeta) {
|
||||
function DocsLayout(props) {
|
||||
function DefaultLayoutWrapper(pageMeta) {
|
||||
function DefaultLayout(props) {
|
||||
return (
|
||||
<DocsPage
|
||||
{...props}
|
||||
|
@ -27,9 +27,9 @@ function DocsLayoutWrapper(pageMeta) {
|
|||
)
|
||||
}
|
||||
|
||||
DocsLayout.getInitialProps = ({ asPath }) => ({ path: asPath })
|
||||
DefaultLayout.getInitialProps = ({ asPath }) => ({ path: asPath })
|
||||
|
||||
return DocsLayout
|
||||
return DefaultLayout
|
||||
}
|
||||
|
||||
export default DocsLayoutWrapper
|
||||
export default DefaultLayoutWrapper
|
||||
|
|
|
@ -1,30 +1,36 @@
|
|||
import DocsPage from '@hashicorp/react-docs-page'
|
||||
import order from '../data/intro-navigation.js'
|
||||
import { frontMatter as data } from '../pages/intro/**/*.mdx'
|
||||
import { MDXProvider } from '@mdx-js/react'
|
||||
import Head from 'next/head'
|
||||
import Link from 'next/link'
|
||||
import EnterpriseAlert from '@hashicorp/react-enterprise-alert'
|
||||
|
||||
const DEFAULT_COMPONENTS = { EnterpriseAlert }
|
||||
|
||||
function IntroLayoutWrapper(pageMeta) {
|
||||
function IntroLayout(props) {
|
||||
return (
|
||||
<DocsPage
|
||||
{...props}
|
||||
product="consul"
|
||||
head={{
|
||||
is: Head,
|
||||
title: `${pageMeta.page_title} | Consul by HashiCorp`,
|
||||
description: pageMeta.description,
|
||||
siteName: 'Consul by HashiCorp',
|
||||
}}
|
||||
sidenav={{
|
||||
Link,
|
||||
category: 'intro',
|
||||
currentPage: props.path,
|
||||
data,
|
||||
order,
|
||||
}}
|
||||
resourceURL={`https://github.com/hashicorp/consul/blob/master/website/pages/${pageMeta.__resourcePath}`}
|
||||
/>
|
||||
<MDXProvider components={DEFAULT_COMPONENTS}>
|
||||
<DocsPage
|
||||
{...props}
|
||||
product="consul"
|
||||
head={{
|
||||
is: Head,
|
||||
title: `${pageMeta.page_title} | Consul by HashiCorp`,
|
||||
description: pageMeta.description,
|
||||
siteName: 'Consul by HashiCorp',
|
||||
}}
|
||||
sidenav={{
|
||||
Link,
|
||||
category: 'intro',
|
||||
currentPage: props.path,
|
||||
data,
|
||||
order,
|
||||
}}
|
||||
resourceURL={`https://github.com/hashicorp/consul/blob/master/website/pages/${pageMeta.__resourcePath}`}
|
||||
/>
|
||||
</MDXProvider>
|
||||
)
|
||||
}
|
||||
|
||||
|
|
|
@ -3228,6 +3228,21 @@
|
|||
"resolved": "https://registry.npmjs.org/@hashicorp/react-docs-sitemap/-/react-docs-sitemap-1.0.0.tgz",
|
||||
"integrity": "sha512-hMmGfwNUBJjZE/hW6+dfCDwwfqqye+BIIcQgpoiHTrv6y9bPprPAQ6k5NRhBGtpkP1My4C5MQVQKBwHt+jIa/Q=="
|
||||
},
|
||||
"@hashicorp/react-enterprise-alert": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/@hashicorp/react-enterprise-alert/-/react-enterprise-alert-2.0.0.tgz",
|
||||
"integrity": "sha512-omM48XbjjFTQ0Zqdo598Mztgqc3eF/3wCtxf4aAscI0/6ytGAiFK9Cadv5aafucgONCodMCQnzcPehb5Ae3C7g==",
|
||||
"requires": {
|
||||
"@hashicorp/js-utils": "^1.0.9-alpha.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"@hashicorp/js-utils": {
|
||||
"version": "1.0.9-alpha.0",
|
||||
"resolved": "https://registry.npmjs.org/@hashicorp/js-utils/-/js-utils-1.0.9-alpha.0.tgz",
|
||||
"integrity": "sha512-/Mgw6ufzjsysw5U0v7c0tCXMQeE4BSbGeasDaTuh1r6jQ+2Cokl1XhPqKqXn4+xkcx3CIVdyoUYOSLmgzutn3Q=="
|
||||
}
|
||||
}
|
||||
},
|
||||
"@hashicorp/react-footer": {
|
||||
"version": "3.1.12",
|
||||
"resolved": "https://registry.npmjs.org/@hashicorp/react-footer/-/react-footer-3.1.12.tgz",
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
"@hashicorp/react-docs-page": "^1.0.2",
|
||||
"@hashicorp/react-docs-sidenav": "^3.0.5",
|
||||
"@hashicorp/react-docs-sitemap": "^1.0.0",
|
||||
"@hashicorp/react-enterprise-alert": "^2.0.0",
|
||||
"@hashicorp/react-footer": "^3.1.12",
|
||||
"@hashicorp/react-global-styles": "^4.1.0",
|
||||
"@hashicorp/react-head": "^0.1.1",
|
||||
|
|
|
@ -43,7 +43,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request PUT \
|
||||
http://127.0.0.1:8500/v1/acl/bootstrap
|
||||
|
@ -109,7 +109,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request PUT \
|
||||
--data @payload.json \
|
||||
|
@ -161,7 +161,7 @@ required.
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request PUT \
|
||||
--data @payload.json \
|
||||
|
@ -203,7 +203,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request PUT \
|
||||
http://127.0.0.1:8500/v1/acl/destroy/8f246b77-f3e1-ff88-5b48-8ec93abf3e05
|
||||
|
@ -242,7 +242,7 @@ Note: No ACL is required because the ACL is specified in the URL path.
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
http://127.0.0.1:8500/v1/acl/info/8f246b77-f3e1-ff88-5b48-8ec93abf3e05
|
||||
```
|
||||
|
@ -289,7 +289,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request PUT \
|
||||
http://127.0.0.1:8500/v1/acl/clone/8f246b77-f3e1-ff88-5b48-8ec93abf3e05
|
||||
|
@ -323,7 +323,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
http://127.0.0.1:8500/v1/acl/list
|
||||
```
|
||||
|
@ -374,7 +374,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
http://127.0.0.1:8500/v1/acl/replication
|
||||
```
|
||||
|
|
|
@ -76,7 +76,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/auth-method
|
||||
|
@ -132,7 +132,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/auth-method/minikube
|
||||
```
|
||||
|
||||
|
@ -212,7 +212,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/auth-method/minikube
|
||||
|
@ -273,7 +273,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X DELETE \
|
||||
http://127.0.0.1:8500/v1/acl/auth-method/minikube
|
||||
```
|
||||
|
@ -313,7 +313,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
## Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/auth-methods
|
||||
```
|
||||
|
||||
|
|
|
@ -108,7 +108,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/binding-rule
|
||||
|
@ -162,7 +162,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/binding-rule/000ed53c-e2d3-e7e6-31a5-c19bc3518a3d
|
||||
```
|
||||
|
||||
|
@ -276,7 +276,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/binding-rule/000ed53c-e2d3-e7e6-31a5-c19bc3518a3d
|
||||
|
@ -331,7 +331,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X DELETE \
|
||||
http://127.0.0.1:8500/v1/acl/binding-rule/000ed53c-e2d3-e7e6-31a5-c19bc3518a3d
|
||||
```
|
||||
|
@ -374,7 +374,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
## Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/binding-rules
|
||||
```
|
||||
|
||||
|
|
|
@ -321,7 +321,7 @@ replication enabled.
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request POST \
|
||||
--data @payload.json \
|
||||
|
@ -380,7 +380,7 @@ deleting a token for which you already must possess its secret.
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
-H "X-Consul-Token: b78d37c7-0ca7-5f4d-99ee-6d9975ce4586" \
|
||||
--request POST \
|
||||
|
|
|
@ -69,7 +69,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/policy
|
||||
|
@ -121,7 +121,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/policy/e359bd81-baca-903e-7e64-1ccd9fdc78f5
|
||||
```
|
||||
|
||||
|
@ -171,7 +171,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/policy/name/node-read
|
||||
```
|
||||
|
||||
|
@ -246,7 +246,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/policy/c01a1f82-44be-41b0-a686-685fb6e0f485
|
||||
|
@ -300,7 +300,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X DELETE \
|
||||
http://127.0.0.1:8500/v1/acl/policy/8f246b77-f3e1-ff88-5b48-8ec93abf3e05
|
||||
```
|
||||
|
@ -340,7 +340,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
## Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/policies
|
||||
```
|
||||
|
||||
|
|
|
@ -97,7 +97,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/role
|
||||
|
@ -162,7 +162,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/role/aa770e5b-8b0b-7fcf-e5a1-8535fcc388b4
|
||||
```
|
||||
|
||||
|
@ -225,7 +225,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/role/name/example-role
|
||||
```
|
||||
|
||||
|
@ -325,7 +325,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/role/8bec74a4-5ced-45ed-9c9d-bca6153490bb
|
||||
|
@ -388,7 +388,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X DELETE \
|
||||
http://127.0.0.1:8500/v1/acl/role/8f246b77-f3e1-ff88-5b48-8ec93abf3e05
|
||||
```
|
||||
|
@ -433,7 +433,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
## Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/roles
|
||||
```
|
||||
|
||||
|
|
|
@ -114,7 +114,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/token
|
||||
|
@ -176,7 +176,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/token/6a1253d2-1785-24fd-91c2-f8e78c745511
|
||||
```
|
||||
|
||||
|
@ -235,7 +235,7 @@ retrieving the data for a token that you must already possess its secret.
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -H "X-Consul-Token: 6a1253d2-1785-24fd-91c2-f8e78c745511" \
|
||||
http://127.0.0.1:8500/v1/acl/token/self
|
||||
```
|
||||
|
@ -366,7 +366,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/token/6a1253d2-1785-24fd-91c2-f8e78c745511
|
||||
|
@ -442,7 +442,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
--data @payload.json \
|
||||
http://127.0.0.1:8500/v1/acl/token/6a1253d2-1785-24fd-91c2-f8e78c745511/clone
|
||||
|
@ -511,7 +511,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X DELETE \
|
||||
http://127.0.0.1:8500/v1/acl/token/8f246b77-f3e1-ff88-5b48-8ec93abf3e05
|
||||
```
|
||||
|
@ -566,7 +566,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
## Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X GET http://127.0.0.1:8500/v1/acl/tokens
|
||||
```
|
||||
|
||||
|
|
|
@ -73,7 +73,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request PUT \
|
||||
--data @payload \
|
||||
|
@ -124,7 +124,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request GET \
|
||||
http://127.0.0.1:8500/v1/config/service-defaults/web
|
||||
|
@ -183,7 +183,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request GET \
|
||||
http://127.0.0.1:8500/v1/config/service-defaults
|
||||
|
@ -254,7 +254,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--request DELETE \
|
||||
http://127.0.0.1:8500/v1/config/service-defaults/web
|
||||
|
|
|
@ -14,7 +14,7 @@ A filter expression is used to refine a data query for some API listing endpoint
|
|||
Filtering will be executed on the Consul server before data is returned, reducing the network load. To pass a
|
||||
filter expression to Consul, with a data query, use the `filter` parameter.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
curl -G <path> --data-urlencode 'filter=<filter expression>'
|
||||
```
|
||||
|
||||
|
@ -135,7 +135,7 @@ is executed on the leader.
|
|||
|
||||
**Command - Unfiltered**
|
||||
|
||||
```sh
|
||||
```shell
|
||||
curl -X GET localhost:8500/v1/agent/services
|
||||
```
|
||||
|
||||
|
@ -195,7 +195,7 @@ curl -X GET localhost:8500/v1/agent/services
|
|||
|
||||
**Command - Filtered**
|
||||
|
||||
```sh
|
||||
```shell
|
||||
curl -G localhost:8500/v1/agent/services --data-urlencode 'filter=Meta.env == qa'
|
||||
```
|
||||
|
||||
|
@ -225,7 +225,7 @@ curl -G localhost:8500/v1/agent/services --data-urlencode 'filter=Meta.env == qa
|
|||
|
||||
**Command - Unfiltered**
|
||||
|
||||
```sh
|
||||
```shell
|
||||
curl -X GET localhost:8500/v1/catalog/service/api-internal
|
||||
```
|
||||
|
||||
|
@ -326,7 +326,7 @@ curl -X GET localhost:8500/v1/catalog/service/api-internal
|
|||
|
||||
**Command - Filtered**
|
||||
|
||||
```sh
|
||||
```shell
|
||||
curl -G localhost:8500/v1/catalog/service/api-internal --data-urlencode 'filter=NodeMeta.os == linux'
|
||||
```
|
||||
|
||||
|
@ -370,7 +370,7 @@ curl -G localhost:8500/v1/catalog/service/api-internal --data-urlencode 'filter=
|
|||
|
||||
**Command - Unfiltered**
|
||||
|
||||
```sh
|
||||
```shell
|
||||
curl -X GET localhost:8500/v1/health/node/node-1
|
||||
```
|
||||
|
||||
|
@ -411,7 +411,7 @@ curl -X GET localhost:8500/v1/health/node/node-1
|
|||
|
||||
**Command - Filtered**
|
||||
|
||||
```sh
|
||||
```shell
|
||||
curl -G localhost:8500/v1/health/node/node-1 --data-urlencode 'filter=ServiceName != ""'
|
||||
```
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ clients should communicate via TLS. If you don’t provide a token in the reques
|
|||
|
||||
Below is an example using `curl` with `X-Consul-Token`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--header "X-Consul-Token: <consul token>" \
|
||||
http://127.0.0.1:8500/v1/agent/members
|
||||
|
@ -32,7 +32,7 @@ $ curl \
|
|||
|
||||
Below is an example using `curl` with Bearer scheme.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl \
|
||||
--header "Authorization: Bearer <consul token>" \
|
||||
http://127.0.0.1:8500/v1/agent/members
|
||||
|
|
|
@ -96,7 +96,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
-H "X-Consul-Token: 5cdcae6c-0cce-4210-86fe-5dff3b984a6e" \
|
||||
--data @payload.json \
|
||||
|
@ -167,7 +167,7 @@ the request has been granted any access in the namespace (read, list or write).
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -H "X-Consul-Token: b23b3cad-5ea1-4413-919e-c76884b9ad60" \
|
||||
http://127.0.0.1:8500/v1/namespace/team-1
|
||||
```
|
||||
|
@ -290,7 +290,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X PUT \
|
||||
-H "X-Consul-Token: 5cdcae6c-0cce-4210-86fe-5dff3b984a6e" \
|
||||
--data @payload.json \
|
||||
|
@ -366,7 +366,7 @@ The table below shows this endpoint's support for
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -X DELETE \
|
||||
-H "X-Consul-Token: b23b3cad-5ea1-4413-919e-c76884b9ad60" \
|
||||
http://127.0.0.1:8500/v1/namespace/team-1
|
||||
|
@ -433,7 +433,7 @@ the request has been granted any access in the namespace (read, list or write).
|
|||
|
||||
### Sample Request
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ curl -H "X-Consul-Token: 0137db51-5895-4c25-b6cd-d9ed992f4a52" \
|
||||
http://127.0.0.1:8500/v1/namespaces
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: ACL System (Legacy Mode)
|
||||
sidebar_title: 'Legacy Mode'
|
||||
sidebar_current: docs-acl-legacy
|
||||
description: >-
|
||||
Consul provides an optional Access Control List (ACL) system which can be used
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: ACL Token Migration
|
||||
sidebar_title: 'Token Migration'
|
||||
sidebar_current: docs-acl-migrate-tokens
|
||||
description: >-
|
||||
Consul 1.4.0 introduces a new ACL system with improvements for the security
|
||||
|
@ -167,7 +168,7 @@ potentially identical policies to manage or clean up later.
|
|||
You can get the AccessorID of every legacy token from the API. For example,
|
||||
using `curl` and `jq` in bash:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ LEGACY_IDS=$(curl -sH "X-Consul-Token: $CONSUL_HTTP_TOKEN" \
|
||||
'localhost:8500/v1/acl/tokens' | jq -r '.[] | select (.Legacy) | .AccessorID')
|
||||
$ echo "$LEGACY_IDS"
|
||||
|
@ -178,7 +179,7 @@ ba464aa8-d857-3d26-472c-4d49c3bdae72
|
|||
|
||||
To create a policy for each one we can use something like:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
for id in $LEGACY_IDS; do \
|
||||
consul acl policy create -name "migrated-$id" -from-token $id \
|
||||
-description "Migrated from legacy ACL token"; \
|
||||
|
@ -188,7 +189,7 @@ done
|
|||
Each policy now has an identical set of rules to the original token. You can
|
||||
inspect these:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy read -name migrated-621cbd12-dde7-de06-9be0-e28d067b5b7f
|
||||
ID: 573d84bd-8b08-3061-e391-d2602e1b4947
|
||||
Name: migrated-621cbd12-dde7-de06-9be0-e28d067b5b7f
|
||||
|
@ -209,7 +210,7 @@ prefix matching behavior will still work.
|
|||
With the policies created as above, we can automatically upgrade all legacy
|
||||
tokens.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
for id in $LEGACY_IDS; do \
|
||||
consul acl token update -id $id -policy-name "migrated-$id" -upgrade-legacy; \
|
||||
done
|
||||
|
@ -230,7 +231,7 @@ manipulate policies.
|
|||
You can get the AccessorID of every legacy token from the API. For example,
|
||||
using `curl` and `jq` in bash:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ LEGACY_IDS=$(curl -sH "X-Consul-Token: $CONSUL_HTTP_TOKEN" \
|
||||
'localhost:8500/v1/acl/tokens' | jq -r '.[] | select (.Legacy) | .AccessorID')
|
||||
$ echo "$LEGACY_IDS"
|
||||
|
@ -243,7 +244,7 @@ Now we want to read the actual policy for each legacy token and de-duplicate
|
|||
them. We can use the `translate-rules` helper sub-command which will read the
|
||||
token's policy and return a new ACL policy that is exactly equivalent.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ for id in $LEGACY_IDS; do \
|
||||
echo "Policy for $id:"
|
||||
consul acl translate-rules -token-accessor "$id"; \
|
||||
|
@ -268,7 +269,7 @@ We can change the loop above to take a hash of this policy definition to
|
|||
de-duplicate the policies into a set of files locally. This example uses command
|
||||
available on macOS but equivalents for other platforms should be easy to find.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ mkdir policies
|
||||
$ for id in $LEGACY_IDS; do \
|
||||
# Fetch the equivalent new policy rules based on the legacy token rules
|
||||
|
@ -290,7 +291,7 @@ You can now manually inspect and potentially edit these policies. For example we
|
|||
could rename them according to their intended use. In this case we maintain the
|
||||
hash as it will allow us to match tokens to policies later.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ cat policies/024ce11f26f59436c518fb31f0999d1400485c17.hcl
|
||||
service_prefix "bar" {
|
||||
policy = "write"
|
||||
|
@ -304,7 +305,7 @@ You might also choose to tighten up the rules, for example if you know you never
|
|||
rely on prefix-matching the service name `foo` you might choose to modify the
|
||||
policy to use exact match.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ cat policies/501b787c9444fbd62f346ab257eeb27197be2444.hcl
|
||||
service_prefix "foo" {
|
||||
policy = "write"
|
||||
|
@ -320,7 +321,7 @@ $ mv policies/501b787c9444fbd62f346ab257eeb27197be2444.hcl \
|
|||
We now have a minimal set of policies to create, with human-readable names. We
|
||||
can create each one with something like the following.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ for p in $(ls policies | grep ".hcl"); do \
|
||||
# Extract the hash part of the file name
|
||||
HASH=$(echo "$p" | cut -d - -f 1); \
|
||||
|
@ -356,7 +357,7 @@ policy file names. The `-upgrade-legacy` flag removes the token's legacy
|
|||
embedded rules at the same time as associating them with the new policies
|
||||
created from those rules.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ for id in $LEGACY_IDS; do \
|
||||
NEW_POLICY=$(consul acl translate-rules -token-accessor "$id"); \
|
||||
HASH=$(echo -n "$NEW_POLICY" | shasum | awk '{ print $1 }'); \
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: ACL Rules
|
||||
sidebar_title: 'ACL Rules'
|
||||
sidebar_current: docs-acl-rules
|
||||
description: >-
|
||||
Consul provides an optional Access Control List (ACL) system which can be used
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: ACL System
|
||||
sidebar_title: 'ACL System'
|
||||
sidebar_current: docs-acl-system
|
||||
description: >-
|
||||
Consul provides an optional Access Control List (ACL) system which can be used
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: ACL Auth Methods
|
||||
sidebar_title: 'Auth Methods'
|
||||
sidebar_current: docs-acl-auth-methods
|
||||
description: >-
|
||||
An auth method is a component in Consul that performs authentication against a
|
||||
|
@ -98,7 +99,7 @@ jointly linked to the token created by the login process.
|
|||
Applications are responsible for exchanging their auth method specific secret
|
||||
bearer token for a Consul ACL token by using the login process:
|
||||
|
||||
![diagram of auth method login](/assets/images/auth-methods.svg)
|
||||
![diagram of auth method login](/img/auth-methods.svg)
|
||||
|
||||
1. Applications use the `consul login` subcommand or the [login API
|
||||
endpoint](/api/acl/acl.html#login-to-auth-method) to authenticate to a
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Kubernetes Auth Method
|
||||
sidebar_title: 'Kubernetes'
|
||||
sidebar_current: docs-acl-auth-methods-kubernetes
|
||||
description: >-
|
||||
The Kubernetes auth method type allows for a Kubernetes service account token
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: ACL Guides
|
||||
sidebar_title: 'Access Control (ACLs)'
|
||||
sidebar_current: docs-acl-index
|
||||
description: >-
|
||||
Consul provides an optional Access Control List (ACL) system which can be used
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Check Definition
|
||||
sidebar_title: 'Check Definitions'
|
||||
sidebar_current: docs-agent-checks
|
||||
description: >-
|
||||
One of the primary roles of the agent is management of system- and
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Cloud Auto-join
|
||||
sidebar_title: 'Cloud Auto-join'
|
||||
sidebar_current: docs-agent-cloud-auto-join
|
||||
description: >-
|
||||
Consul supports automatically joining a Consul datacenter using cloud metadata
|
||||
|
@ -22,7 +23,7 @@ As of Consul 1.0 the values are taken literally and must not be URL
|
|||
encoded. If the values contain spaces, equals, backslashes or double quotes then
|
||||
they need to be double quoted and the usual escaping rules apply.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join 'provider=my-cloud config=val config2="some other val" ...'
|
||||
```
|
||||
|
||||
|
@ -50,7 +51,7 @@ provider.
|
|||
This returns the first private IP address of all servers in the given
|
||||
region which have the given `tag_key` and `tag_value`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=aws tag_key=... tag_value=..."
|
||||
```
|
||||
|
||||
|
@ -88,7 +89,7 @@ This returns the first private IP address of all servers in the given region
|
|||
which have the given `tag_key` and `tag_value` in the tenant and subscription, or in
|
||||
the given `resource_group` of a `vm_scale_set` for Virtual Machine Scale Sets.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=azure tag_name=... tag_value=... tenant_id=... client_id=... subscription_id=... secret_access_key=..."
|
||||
```
|
||||
|
||||
|
@ -133,7 +134,7 @@ When using Virtual Machine Scale Sets the only role action needed is `Microsoft.
|
|||
This returns the first private IP address of all servers in the given
|
||||
project which have the given `tag_value`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=gce project_name=... tag_value=..."
|
||||
```
|
||||
|
||||
|
@ -168,7 +169,7 @@ Credentials are searched using the following paths, in order of precedence.
|
|||
This returns the first private IP address of all servers for the given
|
||||
datacenter with the given `tag_value`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=softlayer datacenter=... tag_value=... username=... api_key=..."
|
||||
```
|
||||
|
||||
|
@ -194,7 +195,7 @@ $ consul agent -retry-join "provider=softlayer datacenter=... tag_value=... user
|
|||
This returns the first private IP address of all servers for the given
|
||||
`region` with the given `tag_key` and `tag_value`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=aliyun region=... tag_key=consul tag_value=... access_key_id=... access_key_secret=..."
|
||||
```
|
||||
|
||||
|
@ -221,7 +222,7 @@ It is recommended you make a dedicated key used to auto-join.
|
|||
This returns the first private IP address of all servers for the given
|
||||
`region` with the given `tag_name`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=digitalocean region=... tag_name=... api_token=..."
|
||||
```
|
||||
|
||||
|
@ -241,7 +242,7 @@ $ consul agent -retry-join "provider=digitalocean region=... tag_name=... api_to
|
|||
This returns the first private IP address of all servers for the given
|
||||
`region` with the given `tag_key` and `tag_value`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=os tag_key=consul tag_value=server username=... password=... auth_url=..."
|
||||
```
|
||||
|
||||
|
@ -273,7 +274,7 @@ The configuration can also be provided by environment variables.
|
|||
This returns the first private IP address of all servers for the given
|
||||
`region` with the given `tag_name`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=scaleway organization=my-org tag_name=consul-server token=... region=..."
|
||||
```
|
||||
|
||||
|
@ -295,7 +296,7 @@ $ consul agent -retry-join "provider=scaleway organization=my-org tag_name=consu
|
|||
|
||||
This returns the first IP address of all servers for the given `region` with the given `tag_key` and `tag_value`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=tencentcloud region=... tag_key=consul tag_value=... access_key_id=... access_key_secret=..."
|
||||
```
|
||||
|
||||
|
@ -322,7 +323,7 @@ It is recommended you make a dedicated key used to auto-join the Consul datacent
|
|||
|
||||
This returns the first PrimaryIP addresses for all servers with the given `tag_key` and `tag_value`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=triton account=testaccount url=https://us-sw-1.api.joyentcloud.com key_id=... tag_key=consul-role tag_value=server"
|
||||
```
|
||||
|
||||
|
@ -345,7 +346,7 @@ $ consul agent -retry-join "provider=triton account=testaccount url=https://us-s
|
|||
|
||||
This returns the first private IP address of all servers for the given region with the given `tag_name` and `category_name`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=vsphere category_name=consul-role tag_name=consul-server host=... user=... password=... insecure_ssl=[true|false]"
|
||||
```
|
||||
|
||||
|
@ -370,7 +371,7 @@ $ consul agent -retry-join "provider=vsphere category_name=consul-role tag_name=
|
|||
|
||||
This returns the first private IP address (or the IP address of `address type`) of all servers with the given `project` and `auth_token`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=packet auth_token=token project=uuid url=... address_type=..."
|
||||
```
|
||||
|
||||
|
@ -392,7 +393,7 @@ $ consul agent -retry-join "provider=packet auth_token=token project=uuid url=..
|
|||
|
||||
This returns the first private IP address of all servers for the given `region` with the given `tag_name`.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=linode region=us-east tag_name=consul-server"
|
||||
```
|
||||
|
||||
|
@ -429,7 +430,7 @@ gossip port (default behavior with all join requests). The pod may specify
|
|||
the `consul.hashicorp.com/auto-join-port` annotation to set the port. The value
|
||||
may be an integer or a named port.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul agent -retry-join "provider=k8s label_selector=\"app=consul,component=server\""
|
||||
```
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Configuration Entry Definitions
|
||||
sidebar_title: 'Configuration Entries'
|
||||
sidebar_current: docs-agent-cfg_entries
|
||||
description: >-
|
||||
Consul allows storing configuration entries centrally to be used as defaults
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Configuration Entry Kind: Proxy Defaults'
|
||||
sidebar_title: 'proxy-defaults'
|
||||
sidebar_current: docs-agent-cfg_entries-proxy_defaults
|
||||
description: >-
|
||||
The proxy-defaults config entry kind allows for configuring global config
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Configuration Entry Kind: Service Defaults'
|
||||
sidebar_title: 'service-defaults'
|
||||
sidebar_current: docs-agent-cfg_entries-service_defaults
|
||||
description: >-
|
||||
The service-defaults config entry kind controls default global values for a
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Configuration Entry Kind: Service Resolver'
|
||||
sidebar_title: 'service-resolver'
|
||||
sidebar_current: docs-agent-cfg_entries-service_resolver
|
||||
description: >-
|
||||
The `service-resolver` config entry kind controls which service instances
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Configuration Entry Kind: Service Router'
|
||||
sidebar_title: 'service-router'
|
||||
sidebar_current: docs-agent-cfg_entries-service_router
|
||||
description: >-
|
||||
The service-router config entry kind controls Connect traffic routing and
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Configuration Entry Kind: Service Splitter'
|
||||
sidebar_title: 'service-splitter'
|
||||
sidebar_current: docs-agent-cfg_entries-service_splitter
|
||||
description: >-
|
||||
The service-splitter config entry kind controls how to split incoming Connect
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: DNS Interface
|
||||
sidebar_title: 'DNS Interface'
|
||||
sidebar_current: docs-agent-dns
|
||||
description: >-
|
||||
One of the primary query interfaces for Consul is DNS. The DNS interface
|
||||
|
@ -40,7 +41,9 @@ domain to a Consul agent from the existing DNS server. Review the
|
|||
|
||||
You can experiment with Consul's DNS server on the command line using tools such as `dig`:
|
||||
|
||||
$ dig @127.0.0.1 -p 8600 redis.service.dc1.consul. ANY
|
||||
```shell
|
||||
$ dig @127.0.0.1 -p 8600 redis.service.dc1.consul. ANY
|
||||
```
|
||||
|
||||
-> **Note:** In DNS, all queries are case-insensitive. A lookup of `PostgreSQL.node.dc1.consul` will find all nodes named `postgresql`.
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Encryption
|
||||
sidebar_title: 'Encryption'
|
||||
sidebar_current: docs-agent-encryption
|
||||
description: >-
|
||||
The Consul agent supports encrypting all of its network traffic. The exact
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Agent
|
||||
sidebar_title: 'Agent'
|
||||
sidebar_current: docs-agent-running
|
||||
description: >-
|
||||
The Consul agent is the core process of Consul. The agent maintains membership
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Consul KV
|
||||
sidebar_title: 'Consul KV'
|
||||
sidebar_current: docs-agent-kv
|
||||
description: Consul KV is a core feature of Consul and is installed with the Consul agent.
|
||||
---
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Configuration
|
||||
sidebar_title: 'Configuration'
|
||||
sidebar_current: docs-agent-config
|
||||
description: >-
|
||||
The agent has various configuration options that can be specified via the
|
||||
|
@ -105,17 +106,17 @@ The options below are all specified on the command-line.
|
|||
and later this can be set to a [go-sockaddr](https://godoc.org/github.com/hashicorp/go-sockaddr/template)
|
||||
template that needs to resolve to a single address. Some example templates:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using address within a specific CIDR
|
||||
$ consul agent -bind '{{ GetPrivateInterfaces | include "network" "10.0.0.0/8" | attr "address" }}'
|
||||
```
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using a static network interface name
|
||||
$ consul agent -bind '{{ GetInterfaceIP "eth0" }}'
|
||||
```
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using regular expression matching for network interface name that is forwardable and up
|
||||
$ consul agent -bind '{{ GetAllInterfaces | include "name" "^eth" | include "flags" "forwardable|up" | attr "address" }}'
|
||||
```
|
||||
|
@ -351,22 +352,22 @@ The options below are all specified on the command-line.
|
|||
are given, they are tried and retried in the order listed until the first
|
||||
succeeds. Here are some examples:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using a DNS entry
|
||||
$ consul agent -retry-join "consul.domain.internal"
|
||||
```
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using IPv4
|
||||
$ consul agent -retry-join "10.0.4.67"
|
||||
```
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using IPv6
|
||||
$ consul agent -retry-join "[::1]:8301"
|
||||
```
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using multiple addresses
|
||||
$ consul agent -retry-join "consul.domain.internal" -retry-join "10.0.4.67"
|
||||
```
|
||||
|
@ -378,7 +379,7 @@ The options below are all specified on the command-line.
|
|||
automatic cluster joining using cloud metadata. For more information, see
|
||||
the [Cloud Auto-join page](/docs/agent/cloud-auto-join.html).
|
||||
|
||||
```sh
|
||||
```shell
|
||||
# Using Cloud Auto-Joining
|
||||
$ consul agent -retry-join "provider=aws tag_key=..."
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Sentinel in Consul
|
||||
sidebar_title: 'Sentinel'
|
||||
sidebar_current: docs-agent-sentinel
|
||||
description: >-
|
||||
Consul Enterprise uses Sentinel to augment the built-in ACL system to provide
|
||||
|
@ -10,11 +11,7 @@ description: >-
|
|||
|
||||
# Sentinel Overview
|
||||
|
||||
[//]: # ' ~> The Sentinel functionality described here is available only in '
|
||||
|
||||
[//]: # ( [Consul Enterprise](https://www.hashicorp.com/products/consul/) version 1.0.0 and later. )
|
||||
|
||||
<%= enterprise_alert :consul %>
|
||||
<EnterpriseAlert product="consul" />
|
||||
|
||||
Consul 1.0 adds integration with [Sentinel](https://hashicorp.com/sentinel) for policy enforcement.
|
||||
Sentinel policies help extend the ACL system in Consul beyond the static "read", "write", and "deny"
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Service Definition
|
||||
sidebar_title: 'Service Definitions'
|
||||
sidebar_current: docs-agent-services
|
||||
description: >-
|
||||
One of the main goals of service discovery is to provide a catalog of
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Telemetry
|
||||
sidebar_title: 'Telemetry'
|
||||
sidebar_current: docs-agent-telemetry
|
||||
description: >-
|
||||
The Consul agent collects various runtime metrics about the performance of
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Watches
|
||||
sidebar_title: 'Watches'
|
||||
sidebar_current: docs-agent-watches
|
||||
description: >-
|
||||
Watches are a way of specifying a view of data (e.g. list of nodes, KV pairs,
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Auth Method Create'
|
||||
sidebar_title: 'create'
|
||||
sidebar_current: docs-commands-acl-auth-method-create
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl auth-method create [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -52,7 +54,7 @@ Usage: `consul acl auth-method create [options] [args]`
|
|||
|
||||
Create a new Kubernetes auth method:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method create -name minikube -type kubernetes \
|
||||
-description 'minikube auth method' \
|
||||
-kubernetes-host 'https://192.0.2.42:8443' \
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Auth Method Delete'
|
||||
sidebar_title: 'delete'
|
||||
sidebar_current: docs-commands-acl-auth-method-delete
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl auth-method delete [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -31,7 +33,7 @@ Usage: `consul acl auth-method delete [options]`
|
|||
|
||||
Delete an auth method:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method delete -name minikube
|
||||
Auth-method "minikube" deleted successfully
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Auth Methods'
|
||||
sidebar_title: 'auth-method'
|
||||
sidebar_current: docs-commands-acl-auth-method
|
||||
---
|
||||
|
||||
|
@ -45,7 +46,7 @@ of the subcommand in the sidebar.
|
|||
|
||||
Create a new auth method:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method create -type "kubernetes" \
|
||||
-name "my-k8s" \
|
||||
-description "This is an example kube auth method" \
|
||||
|
@ -56,13 +57,13 @@ $ consul acl auth-method create -type "kubernetes" \
|
|||
|
||||
List all auth methods:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method list
|
||||
```
|
||||
|
||||
Update all editable fields of the auth method:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method update -name "my-k8s" \
|
||||
-description "new description" \
|
||||
-kubernetes-host "https://new-apiserver.example.com:8443" \
|
||||
|
@ -72,12 +73,12 @@ $ consul acl auth-method update -name "my-k8s" \
|
|||
|
||||
Read an auth method:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method read -name my-k8s
|
||||
```
|
||||
|
||||
Delete an auth method:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method delete -name my-k8s
|
||||
```
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Auth Method List'
|
||||
sidebar_title: 'list'
|
||||
sidebar_current: docs-commands-acl-auth-method-list
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl auth-method list`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -34,7 +36,7 @@ Usage: `consul acl auth-method list`
|
|||
|
||||
Default listing.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method list
|
||||
minikube:
|
||||
Type: kubernetes
|
||||
|
@ -46,7 +48,7 @@ minikube-two:
|
|||
|
||||
Show Metadata.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method list -meta
|
||||
minikube:
|
||||
Type: kubernetes
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Auth Method Read'
|
||||
sidebar_title: 'read'
|
||||
sidebar_current: docs-commands-acl-auth-method-read
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl auth-method read [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -36,7 +38,7 @@ Usage: `consul acl auth-method read [options] [args]`
|
|||
|
||||
Get auth method details:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method read -name minikube
|
||||
Name: minikube
|
||||
Type: kubernetes
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Auth Method Update'
|
||||
sidebar_title: 'update'
|
||||
sidebar_current: docs-commands-acl-auth-method-update
|
||||
---
|
||||
|
||||
|
@ -20,6 +21,7 @@ Usage: `consul acl auth-method update [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -57,7 +59,7 @@ Usage: `consul acl auth-method update [options] [args]`
|
|||
|
||||
Update an auth method:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl auth-method update -name minikube \
|
||||
-description 'dev cluster' \
|
||||
-kubernetes-host 'https://192.0.2.44:8443'
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Binding Rule Create'
|
||||
sidebar_title: 'create'
|
||||
sidebar_current: docs-commands-acl-binding-rule-create
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl binding-rule create [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -47,7 +49,7 @@ Usage: `consul acl binding-rule create [options] [args]`
|
|||
|
||||
Create a new binding rule that binds to a service identity:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule create -method 'minikube' \
|
||||
-description 'wildcard service' \
|
||||
-bind-type 'service' \
|
||||
|
@ -63,7 +65,7 @@ Selector: serviceaccount.namespace==default and serviceaccount.name!=vault
|
|||
|
||||
Create a new binding rule that binds to a role:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule create -method 'minikube' \
|
||||
-description 'just vault role' \
|
||||
-bind-type 'role' \
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Binding Rule Delete'
|
||||
sidebar_title: 'delete'
|
||||
sidebar_current: docs-commands-acl-binding-rule-delete
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl binding-rule delete [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -32,7 +34,7 @@ Usage: `consul acl binding-rule delete [options]`
|
|||
|
||||
Delete a binding rule:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule delete -id 0ec1bd
|
||||
Binding rule "0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890" deleted successfully
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Binding Rule'
|
||||
sidebar_title: 'binding-rule'
|
||||
sidebar_current: docs-commands-acl-binding-rule
|
||||
---
|
||||
|
||||
|
@ -55,7 +56,7 @@ resolved to the full UUID and used.
|
|||
|
||||
Create a new binding rule:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule create \
|
||||
-method=minikube \
|
||||
-bind-type=service \
|
||||
|
@ -65,25 +66,25 @@ $ consul acl binding-rule create \
|
|||
|
||||
List all binding rules:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule list
|
||||
```
|
||||
|
||||
Update a binding rule:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule update -id=43cb72df-9c6f-4315-ac8a-01a9d98155ef \
|
||||
-bind-name='k8s-${serviceaccount.name}'
|
||||
```
|
||||
|
||||
Read a binding rule:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule read -id fdabbcb5-9de5-4b1a-961f-77214ae88cba
|
||||
```
|
||||
|
||||
Delete a binding rule:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule delete -id b6b856da-5193-4e78-845a-7d61ca8371ba
|
||||
```
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Binding Rule List'
|
||||
sidebar_title: 'list'
|
||||
sidebar_current: docs-commands-acl-binding-rule-list
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl binding-rule list`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -34,7 +36,7 @@ Usage: `consul acl binding-rule list`
|
|||
|
||||
Default listing.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule list
|
||||
0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890:
|
||||
AuthMethod: minikube
|
||||
|
@ -52,7 +54,7 @@ e21ae868-7b13-a230-0235-f8e83510642c:
|
|||
|
||||
Show Metadata.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule list -meta
|
||||
0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890:
|
||||
AuthMethod: minikube
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Binding Rule Read'
|
||||
sidebar_title: 'read'
|
||||
sidebar_current: docs-commands-acl-binding-rule-read
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl binding-rule read [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -37,7 +39,7 @@ Usage: `consul acl binding-rule read [options] [args]`
|
|||
|
||||
Get binding rule details:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule read -id '0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890'
|
||||
ID: 0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890
|
||||
AuthMethod: minikube
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Binding Rule Update'
|
||||
sidebar_title: 'update'
|
||||
sidebar_current: docs-commands-acl-binding-rule-update
|
||||
---
|
||||
|
||||
|
@ -20,6 +21,7 @@ Usage: `consul acl binding-rule update [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -54,7 +56,7 @@ Usage: `consul acl binding-rule update [options] [args]`
|
|||
|
||||
Update a binding rule:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl binding-rule update -id '0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890' \
|
||||
-selector 'serviceaccount.namespace==default'
|
||||
Binding rule updated successfully
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Bootstrap'
|
||||
sidebar_title: 'bootstrap'
|
||||
sidebar_current: docs-commands-acl-bootstrap
|
||||
---
|
||||
|
||||
|
@ -22,6 +23,7 @@ Usage: `consul acl bootstrap [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL'
|
||||
sidebar_title: 'acl'
|
||||
sidebar_current: docs-commands-acl
|
||||
---
|
||||
|
||||
|
@ -17,7 +18,7 @@ ACLs are also accessible via the [HTTP API](/api/acl/acl.html).
|
|||
|
||||
Bootstrap Consul's ACLs:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl bootstrap
|
||||
AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01
|
||||
SecretID: 86cddfb9-2760-d947-358d-a2811156bf31
|
||||
|
@ -30,7 +31,7 @@ Policies:
|
|||
|
||||
Create a policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy create -name "acl-replication" -description "Token capable of replicating ACL policies" -rules 'acl = "read"'
|
||||
ID: 35b8ecb0-707c-ee18-2002-81b238b54b38
|
||||
Name: acl-replication
|
||||
|
@ -42,7 +43,7 @@ acl = "read"
|
|||
|
||||
Create a token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token create -description "Agent Policy Replication - my-agent" -policy-name "acl-replication"
|
||||
AccessorID: c24c11aa-4e08-e25c-1a67-705a2e8d75a4
|
||||
SecretID: e7024f9c-f016-02dd-6217-daedbffb86ac
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Policy Create'
|
||||
sidebar_title: 'create'
|
||||
sidebar_current: docs-commands-acl-policy-create
|
||||
---
|
||||
|
||||
|
@ -29,6 +30,7 @@ Usage: `consul acl policy create [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -65,7 +67,7 @@ Usage: `consul acl policy create [options] [args]`
|
|||
|
||||
Create a new policy that is valid in all datacenters:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy create -name "acl-replication" -description "Policy capable of replicating ACL policies" -rules 'acl = "read"'
|
||||
ID: 35b8ecb0-707c-ee18-2002-81b238b54b38
|
||||
Name: acl-replication
|
||||
|
@ -77,7 +79,7 @@ acl = "read"
|
|||
|
||||
Create a new policy valid only in specific datacenters with rules read from a file:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy create -name "replication" -description "Replication" -rules @rules.hcl -valid-datacenter dc1 -valid-datacenter dc2
|
||||
ID: ca44555b-a2d8-94de-d763-88caffdaf11f
|
||||
Name: replication
|
||||
|
@ -93,7 +95,7 @@ service_prefix "" {
|
|||
|
||||
Create a new policy with rules equivalent to that of a legacy ACL token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy create -name "node-services-read" -from-token 5793a5ce -description "Can read any node and service"
|
||||
ID: 06acc965-df4b-5a99-58cb-3250930c6324
|
||||
Name: node-services-read
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Policy Delete'
|
||||
sidebar_title: 'delete'
|
||||
sidebar_current: docs-commands-acl-policy-delete
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl policy delete [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -34,14 +36,14 @@ Usage: `consul acl policy delete [options]`
|
|||
|
||||
Delete a policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy delete -id 35b8
|
||||
Policy "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully
|
||||
```
|
||||
|
||||
Delete a policy by name:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy delete -name acl-replication
|
||||
Policy "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Policy'
|
||||
sidebar_title: 'policy'
|
||||
sidebar_current: docs-commands-acl-policy
|
||||
---
|
||||
|
||||
|
@ -63,7 +64,7 @@ Builtin policies:
|
|||
|
||||
Create a new ACL policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy create -name "new-policy" \
|
||||
-description "This is an example policy" \
|
||||
-datacenter "dc1" \
|
||||
|
@ -73,24 +74,24 @@ $ consul acl policy create -name "new-policy" \
|
|||
|
||||
List all policies:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy list
|
||||
```
|
||||
|
||||
Update a policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy update -name "other-policy" -datacenter "dc1"
|
||||
```
|
||||
|
||||
Read a policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy read -id 0479e93e-091c-4475-9b06-79a004765c24
|
||||
```
|
||||
|
||||
Delete a policy
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy delete -name "my-policy"
|
||||
```
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Policy List'
|
||||
sidebar_title: 'list'
|
||||
sidebar_current: docs-commands-acl-policy-list
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl policy list`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -34,7 +36,7 @@ Usage: `consul acl policy list`
|
|||
|
||||
Default listing.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy list
|
||||
global-management:
|
||||
ID: 00000000-0000-0000-0000-000000000001
|
||||
|
@ -48,7 +50,7 @@ acl-replication:
|
|||
|
||||
Show Metadata.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy list -meta
|
||||
global-management:
|
||||
ID: 00000000-0000-0000-0000-000000000001
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Policy Read'
|
||||
sidebar_title: 'read'
|
||||
sidebar_current: docs-commands-acl-policy-read
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl policy read [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -39,7 +41,7 @@ Usage: `consul acl policy read [options] [args]`
|
|||
|
||||
Get policy details:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy read -id 00000000-0000-0000-0000-000000000001
|
||||
ID: 00000000-0000-0000-0000-000000000001
|
||||
Name: global-management
|
||||
|
@ -76,7 +78,7 @@ session_prefix "" {
|
|||
|
||||
Get policy details by name:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy read -name "acl-replication"
|
||||
ID: 35b8ecb0-707c-ee18-2002-81b238b54b38
|
||||
Name: acl-replication
|
||||
|
@ -90,7 +92,7 @@ Get policy details (Builtin Policies):
|
|||
|
||||
Builtin policies can be accessed by specifying their original name as the value to the `-id` parameter.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy read -id global-management
|
||||
ID: 00000000-0000-0000-0000-000000000001
|
||||
Name: global-management
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Policy Update'
|
||||
sidebar_title: 'update'
|
||||
sidebar_current: docs-commands-acl-policy-update
|
||||
---
|
||||
|
||||
|
@ -21,6 +22,7 @@ Usage: `consul acl policy update [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -56,7 +58,7 @@ Usage: `consul acl policy update [options] [args]`
|
|||
|
||||
Update a policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy update -id 35b8 -name "replication" -description "Policy capable of replication ACL policies and Intentions" -rules @rules.hcl
|
||||
Policy updated successfully
|
||||
ID: 35b8ecb0-707c-ee18-2002-81b238b54b38
|
||||
|
@ -74,7 +76,7 @@ service_prefix "" {
|
|||
|
||||
Rename a policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl policy update -id 35b8 -name "dc1-replication"
|
||||
Policy updated successfully
|
||||
ID: 35b8ecb0-707c-ee18-2002-81b238b54b38
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Role Create'
|
||||
sidebar_title: 'create'
|
||||
sidebar_current: docs-commands-acl-role-create
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl role create [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -48,7 +50,7 @@ Usage: `consul acl role create [options] [args]`
|
|||
|
||||
Create a new role with one policy:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role create -name "crawler" -description "web crawler role" -policy-name "crawler-kv"
|
||||
ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
|
||||
Name: crawler
|
||||
|
@ -59,7 +61,7 @@ Policies:
|
|||
|
||||
Create a new role with one service identity:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role create -name archiver -description 'archiver role' -service-identity "archiver:dc2"
|
||||
ID: a365fdc9-ac71-e754-0645-7ab6bd747301
|
||||
Name: archiver
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Role Delete'
|
||||
sidebar_title: 'delete'
|
||||
sidebar_current: docs-commands-acl-role-delete
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl role delete [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -34,14 +36,14 @@ Usage: `consul acl role delete [options]`
|
|||
|
||||
Delete a role by prefix:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role delete -id 57147
|
||||
Role "57147d87-6bf7-f794-1a6e-7d038c4e4ae9" deleted successfully
|
||||
```
|
||||
|
||||
Delete a role by name:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role delete -name crawler
|
||||
Role "a365fdc9-ac71-e754-0645-7ab6bd747301" deleted successfully
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Role'
|
||||
sidebar_title: 'role'
|
||||
sidebar_current: docs-commands-acl-role
|
||||
---
|
||||
|
||||
|
@ -55,7 +56,7 @@ full UUID and used.
|
|||
|
||||
Create a new ACL role:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role create -name "new-role" \
|
||||
-description "This is an example role" \
|
||||
-policy-id 06acc965
|
||||
|
@ -63,24 +64,24 @@ $ consul acl role create -name "new-role" \
|
|||
|
||||
List all roles:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role list
|
||||
```
|
||||
|
||||
Update a role:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role update -name "other-role" -datacenter "dc1"
|
||||
```
|
||||
|
||||
Read a role:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role read -id 0479e93e-091c-4475-9b06-79a004765c24
|
||||
```
|
||||
|
||||
Delete a role
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role delete -name "my-role"
|
||||
```
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Role List'
|
||||
sidebar_title: 'list'
|
||||
sidebar_current: docs-commands-acl-role-list
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl role list`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -34,7 +36,7 @@ Usage: `consul acl role list`
|
|||
|
||||
Default listing.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role list
|
||||
web-crawler:
|
||||
ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
|
||||
|
@ -52,7 +54,7 @@ archiver:
|
|||
|
||||
Show Metadata.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role list -meta
|
||||
web-crawler:
|
||||
ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Role Read'
|
||||
sidebar_title: 'read'
|
||||
sidebar_current: docs-commands-acl-role-read
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl role read [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -39,7 +41,7 @@ Usage: `consul acl role read [options] [args]`
|
|||
|
||||
Get role details:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role read -id 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
|
||||
ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
|
||||
Name: crawler
|
||||
|
@ -50,7 +52,7 @@ Policies:
|
|||
|
||||
Get role details by name:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role read -name archiver
|
||||
ID: a365fdc9-ac71-e754-0645-7ab6bd747301
|
||||
Name: archiver
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Role Update'
|
||||
sidebar_title: 'update'
|
||||
sidebar_current: docs-commands-acl-role-update
|
||||
---
|
||||
|
||||
|
@ -21,6 +22,7 @@ Usage: `consul acl role update [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -59,7 +61,7 @@ Usage: `consul acl role update [options] [args]`
|
|||
|
||||
Update a role:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role update -id 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 \
|
||||
-description 'web crawler updated role' -service-identity 'crawler'
|
||||
Role updated successfully
|
||||
|
@ -74,7 +76,7 @@ Service Identities:
|
|||
|
||||
Rename a role by prefix:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl role update -id 57147 -name web-crawler
|
||||
Role updated successfully
|
||||
ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Set Agent Token'
|
||||
sidebar_title: 'set-agent-token'
|
||||
sidebar_current: docs-commands-acl-set-agent-token
|
||||
---
|
||||
|
||||
|
@ -15,7 +16,7 @@ agent is restarted.
|
|||
|
||||
## Usage
|
||||
|
||||
Usage: consul acl set-agent-token [options] TYPE TOKEN
|
||||
Usage: `consul acl set-agent-token [options] TYPE TOKEN`
|
||||
|
||||
### Token Types
|
||||
|
||||
|
@ -37,6 +38,7 @@ Usage: consul acl set-agent-token [options] TYPE TOKEN
|
|||
### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
## Examples
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Token Clone'
|
||||
sidebar_title: 'clone'
|
||||
sidebar_current: docs-commands-acl-token-clone
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl token clone [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -38,7 +40,7 @@ Usage: `consul acl token clone [options]`
|
|||
|
||||
Clone a token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token clone -id 59f8 -description "Clone of Super User"
|
||||
Token cloned successfully.
|
||||
AccessorID: dcfa52ed-9288-b3ff-056d-255ef69d2d88
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Token Create'
|
||||
sidebar_title: 'create'
|
||||
sidebar_current: docs-commands-acl-token-create
|
||||
---
|
||||
|
||||
|
@ -19,6 +20,7 @@ Usage: `consul acl token create [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -62,7 +64,7 @@ Usage: `consul acl token create [options] [args]`
|
|||
|
||||
Create a new token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token create -description "Read Nodes and Services" -policy-id 06acc965
|
||||
AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d
|
||||
SecretID: ec15675e-2999-d789-832e-8c4794daa8d7
|
||||
|
@ -75,7 +77,7 @@ Policies:
|
|||
|
||||
Create a new local token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token create -description "Read Nodes and Services" -policy-id 06acc965 -local
|
||||
AccessorID: 4fdf0ec8-d251-3865-079c-7247c974fc50
|
||||
SecretID: 02143514-abf2-6c23-0aa1-ec2107e68f6b
|
||||
|
@ -88,7 +90,7 @@ Policies:
|
|||
|
||||
Create a new token and link with policies by name:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token create -description "Super User" -policy-name global-management
|
||||
AccessorID: 59f86a9b-d3b6-166c-32a0-be4ab3f94caa
|
||||
SecretID: ada7f751-f654-8872-7f93-498e799158b6
|
||||
|
@ -101,7 +103,7 @@ Policies:
|
|||
|
||||
Create a new token with one service identity that expires in 15 minutes:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token create -description 'crawler token' -service-identity 'crawler' -expires-ttl '15m'
|
||||
AccessorID: 0c083aca-6c15-f0cc-c4d9-30578db54cd9
|
||||
SecretID: 930dafb6-5c08-040b-23fb-a368a95256f9
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Token Delete'
|
||||
sidebar_title: 'delete'
|
||||
sidebar_current: docs-commands-acl-token-delete
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl token delete [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -32,7 +34,7 @@ Usage: `consul acl token delete [options]`
|
|||
|
||||
Delete a token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token delete -id 35b8
|
||||
Token "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Token'
|
||||
sidebar_title: 'token'
|
||||
sidebar_current: docs-commands-acl-token
|
||||
---
|
||||
|
||||
|
@ -61,7 +62,7 @@ Builtin Tokens:
|
|||
|
||||
Create a new ACL token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token create \
|
||||
-description "This is an example token" \
|
||||
-policy-id 06acc965
|
||||
|
@ -69,24 +70,24 @@ $ consul acl token create \
|
|||
|
||||
List all tokens:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token list
|
||||
```
|
||||
|
||||
Update a token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token update -id 986193 -description "WonderToken"
|
||||
```
|
||||
|
||||
Read a token with an accessor ID:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token read -id 986193
|
||||
```
|
||||
|
||||
Delete a token
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token delete -id 986193
|
||||
```
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Token List'
|
||||
sidebar_title: 'list'
|
||||
sidebar_current: docs-commands-acl-token-list
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl token list`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -34,7 +36,7 @@ Usage: `consul acl token list`
|
|||
|
||||
Default listing.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token list
|
||||
AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01
|
||||
Description: Bootstrap Token (Global Management)
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Token Read'
|
||||
sidebar_title: 'read'
|
||||
sidebar_current: docs-commands-acl-token-read
|
||||
---
|
||||
|
||||
|
@ -17,6 +18,7 @@ Usage: `consul acl token read [options] [args]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -40,7 +42,7 @@ Usage: `consul acl token read [options] [args]`
|
|||
|
||||
Get token details:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token read -id 986
|
||||
AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d
|
||||
SecretID: ec15675e-2999-d789-832e-8c4794daa8d7
|
||||
|
@ -53,7 +55,7 @@ Policies:
|
|||
|
||||
Get token details using the token secret ID:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$consul acl token read -self
|
||||
AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01
|
||||
SecretID: 86cddfb9-2760-d947-358d-a2811156bf31
|
||||
|
@ -66,7 +68,7 @@ Policies:
|
|||
|
||||
Get token details (Builtin Tokens)
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token read -id anonymous
|
||||
AccessorID: 00000000-0000-0000-0000-000000000002
|
||||
SecretID: anonymous
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Token Update'
|
||||
sidebar_title: 'update'
|
||||
sidebar_current: docs-commands-acl-token-update
|
||||
---
|
||||
|
||||
|
@ -18,6 +19,7 @@ Usage: `consul acl token update [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -68,7 +70,7 @@ guide.
|
|||
|
||||
Update the anonymous token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token update -id anonymous -policy-id 06acc
|
||||
Token updated successfully.
|
||||
AccessorID: 00000000-0000-0000-0000-000000000002
|
||||
|
@ -82,7 +84,7 @@ Policies:
|
|||
|
||||
Update a token description and take the policies from the existing token:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl token update -id 986193 -description "WonderToken" -merge-policies
|
||||
Token updated successfully.
|
||||
AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: ACL Translate Rules'
|
||||
sidebar_title: 'translate-rules'
|
||||
sidebar_current: docs-commands-acl-translate-rules
|
||||
---
|
||||
|
||||
|
@ -20,6 +21,7 @@ Usage: `consul acl translate rules [options] TRANSLATE`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
@ -41,30 +43,30 @@ Usage: `consul acl translate rules [options] TRANSLATE`
|
|||
|
||||
Translate rules within a file:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl translate-rules @rules.hcl
|
||||
```
|
||||
|
||||
Translate rules from stdin:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl translate-rules -
|
||||
```
|
||||
|
||||
Translate rules from a string argument:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl translate-rules 'key "" { policy = "write"}'
|
||||
```
|
||||
|
||||
Translate rules for a legacy ACL token using its SecretID passed from stdin:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl translate-rules --token-secret -
|
||||
```
|
||||
|
||||
Translate rules for a legacy ACL token using its AccessorID:
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul acl translate-rules 429cd746-03d5-4bbb-a83a-18b164171c89
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Agent'
|
||||
sidebar_title: 'agent'
|
||||
sidebar_current: docs-commands-agent
|
||||
description: >-
|
||||
The `consul agent` command is the heart of Consul: it runs the agent that
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Catalog List Datacenters'
|
||||
sidebar_title: 'datacenters'
|
||||
sidebar_current: docs-commands-catalog-datacenters
|
||||
---
|
||||
|
||||
|
@ -28,4 +29,5 @@ Usage: `consul catalog datacenters [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Catalog'
|
||||
sidebar_title: 'catalog'
|
||||
sidebar_current: docs-commands-catalog
|
||||
---
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Catalog List Nodes'
|
||||
sidebar_title: 'nodes'
|
||||
sidebar_current: docs-commands-catalog-nodes
|
||||
---
|
||||
|
||||
|
@ -54,6 +55,7 @@ Usage: `consul catalog nodes [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Catalog List Nodes Options
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Catalog List Services'
|
||||
sidebar_title: 'services'
|
||||
sidebar_current: docs-commands-catalog-services
|
||||
---
|
||||
|
||||
|
@ -47,6 +48,7 @@ Usage: `consul catalog services [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Enterprise Options
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Config Delete'
|
||||
sidebar_title: 'delete'
|
||||
sidebar_current: docs-commands-config-delete
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Config'
|
||||
sidebar_title: 'config'
|
||||
sidebar_current: docs-commands-config
|
||||
---
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Config List'
|
||||
sidebar_title: 'list'
|
||||
sidebar_current: docs-commands-config-list
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Config Read'
|
||||
sidebar_title: 'read'
|
||||
sidebar_current: docs-commands-config-read
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Config Write'
|
||||
sidebar_title: 'write'
|
||||
sidebar_current: docs-commands-config-write
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Connect CA'
|
||||
sidebar_title: 'ca'
|
||||
sidebar_current: docs-commands-connect-ca
|
||||
description: >
|
||||
The connect CA subcommand is used to view and modify the Connect Certificate
|
||||
|
@ -48,6 +49,7 @@ Usage: `consul connect ca get-config [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
The output looks like this:
|
||||
|
@ -72,6 +74,7 @@ Usage: `consul connect ca set-config [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Connect Proxy'
|
||||
sidebar_title: 'envoy'
|
||||
sidebar_current: docs-commands-connect-envoy
|
||||
description: >
|
||||
The connect proxy subcommand is used to run the built-in mTLS proxy for
|
||||
|
@ -181,7 +182,7 @@ $ consul connect envoy -sidecar-for db -admin-bind localhost:19001
|
|||
|
||||
The mesh gateway Envoy process can be started with.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul connect envoy -gateway=mesh -register \
|
||||
-address '{{ GetInterfaceIP "eth0" }}:8443' \
|
||||
-wan-address '{{ GetInterfaceIP "eth1" }}:8443'
|
||||
|
@ -191,7 +192,7 @@ $ consul connect envoy -gateway=mesh -register \
|
|||
|
||||
The terminating gateway Envoy process can be started with.
|
||||
|
||||
```sh
|
||||
```shell
|
||||
$ consul connect envoy -gateway=terminating -register \
|
||||
-address '{{ GetInterfaceIP "eth0" }}:8443'
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Connect'
|
||||
sidebar_title: 'connect'
|
||||
sidebar_current: docs-commands-connect
|
||||
---
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Connect Proxy'
|
||||
sidebar_title: 'proxy'
|
||||
sidebar_current: docs-commands-connect-proxy
|
||||
description: >
|
||||
The connect proxy subcommand is used to run the built-in mTLS proxy for
|
||||
|
@ -23,6 +24,7 @@ Usage: `consul connect proxy [options]`
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Proxy Options
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Debug'
|
||||
sidebar_title: 'debug'
|
||||
sidebar_current: docs-commands-debug
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Event'
|
||||
sidebar_title: 'event'
|
||||
sidebar_current: docs-commands-event
|
||||
description: >-
|
||||
The event command provides a mechanism to fire a custom user event to an
|
||||
|
@ -46,6 +47,7 @@ payload can be provided as the final argument.
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Exec'
|
||||
sidebar_title: 'exec'
|
||||
sidebar_current: docs-commands-exec
|
||||
description: >-
|
||||
The exec command provides a mechanism for remote execution. For example, this
|
||||
|
@ -52,6 +53,7 @@ completion as a script to evaluate.
|
|||
#### API Options
|
||||
|
||||
@include 'http_api_options_client.mdx'
|
||||
|
||||
@include 'http_api_options_server.mdx'
|
||||
|
||||
#### Command Options
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Force Leave'
|
||||
sidebar_title: 'force-leave'
|
||||
sidebar_current: docs-commands-forceleave
|
||||
description: >-
|
||||
The `force-leave` command forces a member of a Consul cluster to enter the
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: Commands
|
||||
sidebar_title: 'Commands (CLI)'
|
||||
sidebar_current: docs-commands
|
||||
description: >-
|
||||
Consul is controlled via a very easy to use command-line interface (CLI).
|
||||
|
@ -100,7 +101,7 @@ you can invoke a new shell and use the feature.
|
|||
|
||||
For example, assume a tab is typed at the end of each prompt line:
|
||||
|
||||
```
|
||||
```shell
|
||||
$ consul e
|
||||
event exec
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Info'
|
||||
sidebar_title: 'info'
|
||||
sidebar_current: docs-commands-info
|
||||
description: >-
|
||||
The `info` command provides various debugging information that can be useful
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Intention Check'
|
||||
sidebar_title: 'check'
|
||||
sidebar_current: docs-commands-intention-check
|
||||
---
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Intention Create'
|
||||
sidebar_title: 'create'
|
||||
sidebar_current: docs-commands-intention-create
|
||||
---
|
||||
|
||||
|
@ -39,12 +40,18 @@ Usage: `consul intention create [options] -f FILE...`
|
|||
|
||||
Create an intention `web => db`:
|
||||
|
||||
$ consul intention create web db
|
||||
```shell
|
||||
$ consul intention create web db
|
||||
```
|
||||
|
||||
Create intentions from a set of files:
|
||||
|
||||
$ consul intention create -file one.json two.json
|
||||
```shell
|
||||
$ consul intention create -file one.json two.json
|
||||
```
|
||||
|
||||
Create intentions from a directory using shell expansion:
|
||||
|
||||
$ consul intention create -file intentions/*.json
|
||||
```shell
|
||||
$ consul intention create -file intentions/*.json
|
||||
```
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
layout: docs
|
||||
page_title: 'Commands: Intention Delete'
|
||||
sidebar_title: 'delete'
|
||||
sidebar_current: docs-commands-intention-delete
|
||||
---
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue