status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-10 22:06:20 +00:00
Code Issues Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Applying some of the feedback from review

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
This commit is contained in:
trujillo-adam 2021-10-19 15:27:23 -07:00 committed by GitHub
parent ef968aaf3f
commit b1d73bee0a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
website/content/commands/admin-partition.mdx
View File

@ -42,7 +42,7 @@ Usage: consul admin-partition <subcommand> [options] [args]
Read an admin partition: Read an admin partition:
$ consul admin-partition read ns1 $ consul admin-partition read team1
List all admin partitions: List all admin partitions:
@ -54,7 +54,7 @@ Usage: consul admin-partition <subcommand> [options] [args]
Delete an admin partition: Delete an admin partition:
$ consul admin-partition delete ns1 $ consul admin-partition delete team1
For more examples, ask for subcommand help or view the documentation. For more examples, ask for subcommand help or view the documentation.
``` ```
@ -214,7 +214,7 @@ consul admin-partition delete webdev
## Admin Partition Definition ## Admin Partition Definition
Namespaces are managed exclusively through the HTTP API and the Consul CLI. The HTTP API accepts only JSON formatted definitions while the CLI will parse either JSON or HCL. Admin partitions are managed exclusively through the HTTP API and the Consul CLI. The HTTP API accepts only JSON formatted definitions while the CLI will parse either JSON or HCL.
The following parameters are supported in admin partition defintion files: The following parameters are supported in admin partition defintion files:

8
website/content/docs/enterprise/admin-partitions.mdx
View File

@ -60,7 +60,7 @@ Your Consul configuration must meet the following requirements to use admin part
* The agent token used by the client agent will need to allow `node:write` in the admin partition. * The agent token used by the client agent will need to allow `node:write` in the admin partition.
* The `read` permission for `proxy-defaults` require `admin_partition:read` for the specific partition. The `write` permission for proxy-defaults require `mesh:write`. See [Admin Partition Rules](/docs/security/acl/acl-rules#admin-partition-rules) for additional information * The `read` permission for `proxy-defaults` require `admin_partition:read` for the specific partition. The `write` permission for proxy-defaults require `mesh:write`. See [Admin Partition Rules](/docs/security/acl/acl-rules#admin-partition-rules) for additional information
* The write permissions for ingress and terminating gateways must be `operator:write`. * The write permissions for ingress and terminating gateways must be `mesh:write`.
* Existing intentions must be set to `deny` all traffic from outside the admin partition. * Existing intentions must be set to `deny` all traffic from outside the admin partition.
* Wildcards (`*`) are not supported when creating intentions for admin partitions. * Wildcards (`*`) are not supported when creating intentions for admin partitions.
@ -122,7 +122,7 @@ Verify that your Consul deployment meets the [Kubernetes Requirements](#kubernet
1. Create the license secret in each cluster, e.g.: 1. Create the license secret in each cluster, e.g.:
```shell-session ```shell-session
kubectl create secret generic license --from-literal=key=<LICENSE_KEY> kubectl create secret generic license --from-file=key=[license file path i.e. ./license.hclic]
``` ```
This step must also be completed for each workload cluster. This step must also be completed for each workload cluster.
@ -175,7 +175,7 @@ Verify that your Consul deployment meets the [Kubernetes Requirements](#kubernet
global: global:
enabled: false enabled: false
enableConsulNamespaces: true enableConsulNamespaces: true
image: hashicorp/consul-enterprise:1.11.0-ent-alpha image: hashicorp/consul-enterprise:1.11.0-ent-beta1
adminPartitions: adminPartitions:
enabled: true enabled: true
name: "clients" // partition name name: "clients" // partition name
@ -193,7 +193,7 @@ Verify that your Consul deployment meets the [Kubernetes Requirements](#kubernet
secretKey: key secretKey: key
externalServers: externalServers:
enabled: true enabled: true
hosts: "35.192.119.38" hosts: "35.192.119.38" # Insert External IP of LoadBalancer here
tlsServerName: server.dc1.consul tlsServerName: server.dc1.consul
client: client:
enabled: true enabled: true