From fcdce608d88f73d67b4c3cf8b469a935eea0ecbc Mon Sep 17 00:00:00 2001 From: Ryan Breen Date: Sat, 21 Feb 2015 17:39:52 -0500 Subject: [PATCH] Website: cleanup for docs/guides/atlas. --- .../source/docs/guides/atlas.html.markdown | 30 +++++++++---------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/website/source/docs/guides/atlas.html.markdown b/website/source/docs/guides/atlas.html.markdown index 86e76cac8e..510a826473 100644 --- a/website/source/docs/guides/atlas.html.markdown +++ b/website/source/docs/guides/atlas.html.markdown @@ -8,14 +8,13 @@ description: |- # Atlas Integration -[Atlas](https://atlas.hashicorp.com) is service provided by HashiCorp to deploy applications and manage infrastructure. +[Atlas](https://atlas.hashicorp.com) is a service provided by HashiCorp to deploy applications and manage infrastructure. Starting with Consul 0.5, it is possible to integrate Consul with Atlas. This is done by registering a node as part -of an Atlas infrastructure (specified with the `-atlas` flag). Consul maintains a long running connection to the +of an Atlas infrastructure (specified with the `-atlas` flag). Consul maintains a long-running connection to the [SCADA](http://scada.hashicorp.com) service which allows Atlas to retrieve data and control nodes. -Data acquisition allows Atlas to display the state of the Consul cluster in its dashboard as well as enabling -alerts to be setup using health checks. Remote control enables Atlas to provide features like the auto joinining -nodes. +Data acquisition allows Atlas to display the state of the Consul cluster in its dashboard and set up alerts +based on health checks. Remote control enables Atlas to provide features like auto-joinining nodes. ## Enabling Atlas Integration @@ -24,7 +23,7 @@ token. The Atlas infrastructure name can be set either with the `-atlas` CLI fla [configuration option](/docs/agent/options.html). The Atlas token is set with the `-atlas-token` CLI flag, `atlas_token` configuration option, or `ATLAS_TOKEN` environment variable. -To verify the integration, either run the agent with `debug` level logging or use `consul monitor -log-level=debug` +To verify the integration, either run the agent with `debug`-level logging or use `consul monitor -log-level=debug` and look for a line like: [DEBUG] scada-client: assigned session '406ca55d-1801-f964-2942-45f5f9df3995' @@ -33,27 +32,26 @@ This shows that the Consul agent was successfully able to register with the SCAD ## Using Auto-Join -Once integrated with Atlas, the auto join feature can be used to have nodes automatically join other +Once integrated with Atlas, the auto-join feature can be used to have nodes automatically join other peers in their datacenter. Server nodes will automatically join peer LAN nodes and other WAN nodes. Client nodes will only join other LAN nodes in their datacenter. -Auto join is enabled with the `-atlas-join` CLI flag or the `atlas_join` configuration option. +Auto-join is enabled with the `-atlas-join` CLI flag or the `atlas_join` configuration option. ## Securing Atlas The connection to Atlas does not have elevated privileges. API requests made by Atlas -are served in the same way any other HTTP request is made. If ACLs are enabled, it is possible to -force an Atlas ACL token to be used instead of the agent's default token. +are served in the same way any other HTTP request is handled. If ACLs are enabled, it is possible, via +the `atlas_acl_token` configuration option, to force an Atlas ACL token to be used instead of the +agent's default token. -When ACLs are enabled, the `atlas_acl_token` configuration option can be specified. This changes -the ACL token resolution order to be: +The resolution order for ACL tokens is: -1. Request specific token provided by `?token=`. These tokens are set in the Atlas UI. -2. The `atlas_acl_token` if configured. -3. The `acl_token` if configured. +1. Request-specific token provided by `?token=`. These tokens are set in the Atlas UI. +2. The agent's `atlas_acl_token`, if configured. +3. The agent's `acl_token`, if configured. 4. The `anonymous` token. Because the `acl_token` typically has elevated permissions compared to the `anonymous` token, the `atlas_acl_token` can be set to `anonymous` to drop privileges that would otherwise be inherited from the agent. -