mirror of https://github.com/status-im/consul.git
maintenance complete, pending markdown-page component addition
This commit is contained in:
parent
9b7bd1a548
commit
d3bf52b03e
|
@ -1,8 +0,0 @@
|
|||
{
|
||||
"ignore": {
|
||||
"marked": {
|
||||
"versions": "0.8.2",
|
||||
"reason": "IE breaks"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,11 +1,4 @@
|
|||
module.exports = {
|
||||
...require('@hashicorp/nextjs-scripts/.stylelintrc.js'),
|
||||
rules: {
|
||||
'selector-pseudo-class-no-unknown': [
|
||||
true,
|
||||
{
|
||||
ignorePseudoClasses: ['first', 'last'],
|
||||
},
|
||||
],
|
||||
},
|
||||
/* Specify overrides here */
|
||||
}
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
module.exports = {
|
||||
presets: ['next/babel'],
|
||||
plugins: ['import-glob-array'],
|
||||
}
|
|
@ -1,28 +0,0 @@
|
|||
import Search from '@hashicorp/react-search'
|
||||
|
||||
export default function SearchBar() {
|
||||
return (
|
||||
<Search
|
||||
renderHitContent={({ hit, Highlight }) => (
|
||||
<>
|
||||
<span className="name">
|
||||
<Highlight attribute="page_title" hit={hit} tagName="span" />
|
||||
</span>
|
||||
<span className="description">
|
||||
<Highlight attribute="description" hit={hit} tagName="span" />
|
||||
</span>
|
||||
</>
|
||||
)}
|
||||
resolveHitLink={(hit) => ({
|
||||
href: {
|
||||
pathname: `/${transformIdtoUrl(hit.objectID)}`,
|
||||
},
|
||||
})}
|
||||
placeholder="Search Consul documentation"
|
||||
/>
|
||||
)
|
||||
}
|
||||
|
||||
function transformIdtoUrl(id) {
|
||||
return id.replace(/\/index$/, '')
|
||||
}
|
|
@ -1,4 +0,0 @@
|
|||
.g-search {
|
||||
width: calc(100% - 2rem);
|
||||
max-width: 600px;
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
import BasicHero from '../../components/basic-hero'
|
||||
import PrefooterCTA from '../../components/prefooter-cta'
|
||||
import ConsulEnterpriseComparison from '../../components/enterprise-comparison/consul'
|
||||
import BasicHero from 'components/basic-hero'
|
||||
import PrefooterCTA from 'components/prefooter-cta'
|
||||
import ConsulEnterpriseComparison from 'components/enterprise-comparison/consul'
|
||||
import Head from 'next/head'
|
||||
import HashiHead from '@hashicorp/react-head'
|
||||
|
|
@ -388,10 +388,7 @@ $ curl \
|
|||
|
||||
## OIDC Authorization URL Request
|
||||
|
||||
<EnterpriseAlert>
|
||||
{' '}
|
||||
This is an enterprise only endpoint.
|
||||
</EnterpriseAlert>
|
||||
<EnterpriseAlert> This is an enterprise only endpoint.</EnterpriseAlert>
|
||||
|
||||
This endpoint was added in Consul 1.8.0 and is used to obtain an authorization
|
||||
URL from Consul to start an [OIDC login flow](/docs/acl/auth-methods/oidc).
|
||||
|
@ -467,10 +464,7 @@ $ curl \
|
|||
|
||||
## OIDC Callback
|
||||
|
||||
<EnterpriseAlert>
|
||||
{' '}
|
||||
This is an enterprise only endpoint.
|
||||
</EnterpriseAlert>
|
||||
<EnterpriseAlert> This is an enterprise only endpoint.</EnterpriseAlert>
|
||||
|
||||
This endpoint was added in Consul 1.8.0 and is used to exchange an OIDC
|
||||
authorization code for an OIDC ID Token. The ID token will in turn be exchanged
|
|
@ -19,7 +19,7 @@ to optimize performance of Connect without having to make requests to the server
|
|||
## Authorize
|
||||
|
||||
-> **Note:** This endpoint will always treat intentions with `Permissions`
|
||||
defined as *deny* intentions during evaluation, as this endpoint is only suited
|
||||
defined as _deny_ intentions during evaluation, as this endpoint is only suited
|
||||
for networking layer 4 (e.g. TCP) integration.
|
||||
For performance and reliability reasons it is desirable to implement intention
|
||||
enforcement by listing [intentions that match the
|
|
@ -146,7 +146,11 @@ The table below shows this endpoint's support for
|
|||
| ----------------- | ----------------- | ------------- | -------------- |
|
||||
| `YES`<sup>1</sup> | `none` | `none` | `service:read` |
|
||||
|
||||
<sup>1</sup> Supports <a href="/api/features/blocking#hash-based-blocking-queries">hash-based blocking</a> only.
|
||||
<sup>
|
||||
1
|
||||
</sup> Supports <a href="/api/features/blocking#hash-based-blocking-queries">
|
||||
hash-based blocking
|
||||
</a> only.
|
||||
|
||||
### Parameters
|
||||
|
|
@ -248,7 +248,7 @@ The table below shows this endpoint's support for
|
|||
<sup>1</sup> The ACL required depends on the config entry kind being deleted:
|
||||
|
||||
| Config Entry Kind | Required ACL |
|
||||
| ------------------- | ---------------- |
|
||||
| ------------------- | ------------------ |
|
||||
| ingress-gateway | `operator:write` |
|
||||
| proxy-defaults | `operator:write` |
|
||||
| service-defaults | `service:write` |
|
|
@ -120,10 +120,11 @@ The table below shows this endpoint's support for
|
|||
[required ACLs](/api#authentication).
|
||||
|
||||
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
||||
| ---------------- | ----------------- | ------------- | --------------- |
|
||||
| ---------------- | ----------------- | ------------- | ----------------------------- |
|
||||
| `YES` | `all` | `none` | `operator:write` <sup>1</sup> |
|
||||
|
||||
<sup>1</sup> ACL required was <code>operator:read</code> prior to versions 1.8.6, 1.7.10, and 1.6.10.
|
||||
<sup>1</sup> ACL required was <code>operator:read</code> prior to versions 1.8.6,
|
||||
1.7.10, and 1.6.10.
|
||||
|
||||
### Sample Request
|
||||
|
|
@ -47,8 +47,8 @@ The table below shows this endpoint's support for
|
|||
| `NO` | `none` | `none` | `intentions:write`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -156,8 +156,8 @@ The table below shows this endpoint's support for
|
|||
| `NO` | `none` | `none` | `intentions:write`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -254,8 +254,8 @@ The table below shows this endpoint's support for
|
|||
| `NO` | `none` | `none` | `intentions:write`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -308,8 +308,8 @@ The table below shows this endpoint's support for
|
|||
| `YES` | `all` | `none` | `intentions:read`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -383,8 +383,8 @@ The table below shows this endpoint's support for
|
|||
| `YES` | `all` | `none` | `intentions:read`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -443,8 +443,8 @@ The table below shows this endpoint's support for
|
|||
| `YES` | `all` | `none` | `intentions:read`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -528,12 +528,12 @@ The table below shows this endpoint's support for
|
|||
[required ACLs](/api#authentication).
|
||||
|
||||
| Blocking Queries | Consistency Modes | Agent Caching | ACL Required |
|
||||
| ---------------- | ----------------- | ------------- | ----------------------------- |
|
||||
| ---------------- | ----------------- | ------------- | ------------------------------ |
|
||||
| `NO` | `none` | `none` | `intentions:write`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -590,8 +590,8 @@ The table below shows this endpoint's support for
|
|||
| `NO` | `none` | `none` | `intentions:write`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -618,7 +618,7 @@ and returns whether the connection would be authorized or not given the current
|
|||
Consul configuration and set of intentions.
|
||||
|
||||
-> **Note:** This endpoint will always evaulate intentions with `Permissions`
|
||||
defined as *deny* intentions during. This endpoint is only suited for
|
||||
defined as _deny_ intentions during. This endpoint is only suited for
|
||||
networking layer 4 (e.g. TCP) integration.
|
||||
|
||||
For performance and reliability reasons it is desirable to implement intention
|
||||
|
@ -645,8 +645,8 @@ The table below shows this endpoint's support for
|
|||
| `NO` | `none` | `none` | `intentions:read`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
||||
|
@ -708,8 +708,8 @@ The table below shows this endpoint's support for
|
|||
| `YES` | `all` | `background refresh` | `intentions:read`<sup>1</sup> |
|
||||
|
||||
<p>
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a <code>service</code> rule.
|
||||
See{' '}
|
||||
<sup>1</sup> Intention ACL rules are specified as part of a{' '}
|
||||
<code>service</code> rule. See{' '}
|
||||
<a href="/docs/connect/intentions#intention-management-permissions">
|
||||
Intention Management Permissions
|
||||
</a>{' '}
|
|
@ -252,13 +252,12 @@ $ curl \
|
|||
The HTTP status code will indicate the health of the cluster. If `Healthy` is true, then a
|
||||
status of 200 will be returned. If `Healthy` is false, then a status of 429 will be returned.
|
||||
|
||||
|
||||
## Read the Autopilot State
|
||||
|
||||
This endpoint queries the health of the autopilot status.
|
||||
|
||||
| Method | Path | Produces |
|
||||
| ------ | ---------------------------- | ------------------ |
|
||||
| ------ | --------------------------- | ------------------ |
|
||||
| `GET` | `/operator/autopilot/state` | `application/json` |
|
||||
|
||||
The table below shows this endpoint's support for
|
||||
|
@ -322,7 +321,6 @@ $ curl \
|
|||
- `FailureTolerance` is the number of redundant healthy servers that could be
|
||||
fail without causing an outage (this would be 2 in a healthy cluster of 5
|
||||
servers).
|
||||
|
||||
- `OptimisticFailuretolerance` <EnterpriseAlert inline /> is the maximum number
|
||||
of servers that could fail in the right order over the right period of time
|
||||
without causing an outage. This value is only useful when using the [Redundancy
|
||||
|
@ -340,7 +338,6 @@ $ curl \
|
|||
|
||||
- `ReadReplicas` <EnterpriseAlert inline /> is a list of server IDs that autopilot has identified as read replicas.
|
||||
These will never be promoted. These values can be used as indexes into the `Servers` map.
|
||||
|
||||
- `Upgrade` <EnterpriseAlert inline /> is an object holding all the information about any ongoing automated upgrade.
|
||||
The format of this object is detailed in its own section.
|
||||
|
||||
|
@ -389,19 +386,13 @@ $ curl \
|
|||
- `Healthy` is whether the server is healthy according to the current Autopilot configuration.
|
||||
|
||||
- `StableSince` is the time this server has been in its current `Healthy` state.
|
||||
|
||||
- `RedundancyZone` <EnterpriseAlert inline /> is the name of the redundancy zone this server is within.
|
||||
|
||||
- `UpgradeVersion` <EnterpriseAlert inline /> is the version that will be used for automated upgrade calculations.
|
||||
|
||||
- `ReadReplica` <EnterpriseAlert inline /> indicates whether this server is a read replica or not.
|
||||
|
||||
- `Status` indicates the current Raft status of this server. Possible values are:
|
||||
`leader`, `voter`, `non-voter`, or `staging`.
|
||||
|
||||
- `Meta` is the node metadata of this server. Values within this map are used for determining a server's
|
||||
redundancy zone and upgrade version.
|
||||
|
||||
- `NodeType` is the desired type autopilot thinks this server should have. In Consul OSS the only possible
|
||||
value is `voter` as all present servers should having voting rights. In Consul Enterprise the possible values also
|
||||
include `read-replica`, `zone-voter`, `zone-standby` and `zone-extra-voter`. `zone-voter` indicates that autopilot
|
||||
|
@ -419,10 +410,8 @@ $ curl \
|
|||
"10b71f14-4b08-4ae5-840c-f86d39e7d330",
|
||||
"b007061c-6d15-4c90-b3d6-2fef276a0650"
|
||||
],
|
||||
"Voters": [
|
||||
"b007061c-6d15-4c90-b3d6-2fef276a0650"
|
||||
],
|
||||
"FailureTolerance": 1,
|
||||
"Voters": ["b007061c-6d15-4c90-b3d6-2fef276a0650"],
|
||||
"FailureTolerance": 1
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -430,7 +419,6 @@ Each zone in the responses `RedundancyZones` mapping will have this structure.
|
|||
|
||||
- `Servers` is a list of server IDs of all the servers in this zone. These values can be used as indexes
|
||||
into the top level response's `Servers` mapping.
|
||||
|
||||
- `Voters` is a list of server IDs of all servers in this zone that have voting rights. Typically this will
|
||||
be a list with 1 value but in some failure scenarios or upgrade scenarios the size could increase. These
|
||||
values can be used as indexes into the top level response's `Servers` mapping.
|
||||
|
@ -444,16 +432,12 @@ Each zone in the responses `RedundancyZones` mapping will have this structure.
|
|||
{
|
||||
"Status": "awaiting-new-servers",
|
||||
"TargetVersion": "1.9.1+ent",
|
||||
"TargetVersionVoters": [
|
||||
"f0344689-3e1f-4125-b55d-e888d3abf514"
|
||||
],
|
||||
"TargetVersionVoters": ["f0344689-3e1f-4125-b55d-e888d3abf514"],
|
||||
"TargetVersionNonVoters": [
|
||||
"619a4ba6-1a0b-476e-8a1a-28aeee7735a2",
|
||||
"fd683fe6-541f-4ebf-bc5a-6eae51571ddb"
|
||||
],
|
||||
"TargetVersionReadReplicas": [
|
||||
"9f1e27ae-1129-45ef-97dd-6d8c3ec47e6a"
|
||||
],
|
||||
"TargetVersionReadReplicas": ["9f1e27ae-1129-45ef-97dd-6d8c3ec47e6a"],
|
||||
"OtherVersionVoters": [
|
||||
"0cbdd493-235f-48f2-98d9-1bf2443b9d72",
|
||||
"21812bd7-2f21-4565-9892-2fdd3d4e1a99",
|
||||
|
@ -463,10 +447,8 @@ Each zone in the responses `RedundancyZones` mapping will have this structure.
|
|||
"6d973f11-6bdb-4f7d-8a90-c1300066da4c",
|
||||
"6241ab45-371e-4b2a-a0f1-d847c3b7b1b0"
|
||||
],
|
||||
"OtherVersionReadReplicas": [
|
||||
"42d10fc3-581b-4403-832d-945b3a0d8841"
|
||||
],
|
||||
}
|
||||
"OtherVersionReadReplicas": ["42d10fc3-581b-4403-832d-945b3a0d8841"]
|
||||
}
|
||||
```
|
||||
|
||||
- `Status` is the automated upgrade status. Possible values are:
|
||||
|
@ -477,23 +459,18 @@ Each zone in the responses `RedundancyZones` mapping will have this structure.
|
|||
|
||||
- `await-new-voters` indicates that a newer versioned server has been added but that autopilot is waiting for more servers
|
||||
of that version to be added before proceeding with the upgrade.
|
||||
|
||||
- `promoting` indicates that enough servers of the target version have been added and autopilot will now promote them
|
||||
to voters.
|
||||
|
||||
- `demoting` indicates that autopilot is currently demoting the servers not running the target version.
|
||||
|
||||
- `leader-transfer` indicates that autopilot is in the process of transferring leadership to a server running
|
||||
the target version.
|
||||
|
||||
- `await-new-servers` indicates that the majority of the upgrade is complete but that more servers running the target
|
||||
version need to be added to completely replace all of the previous servers.
|
||||
|
||||
- `await-server-removal` indicates that the upgrade is complete and it is now safe to remove the previous servers.
|
||||
|
||||
- `TargetVersion` is the version that Autopilot is upgrading to. This will be the maximum version of all servers
|
||||
`UpgradeVersion` field in the top level `Servers` mapping.
|
||||
|
||||
- `TargetVersionVoters` is a list of IDs of servers running the target version and that currently have voting rights.
|
||||
|
||||
- `TargetVersionNonVoters` is a list of IDs of servers running the target version and that currently do not have voting rights.
|
|
@ -67,7 +67,7 @@ $ curl \
|
|||
"WbL6oaTPom+7RG7Q/INbJWKy09OLar/Hf2SuOAdoQE4=": 1
|
||||
},
|
||||
"PrimaryKeys": {
|
||||
"pUqJrVyVRj5jsiYEkM/tFQYfWyJIv4s3XkvDwy7Cu5s=": 1,
|
||||
"pUqJrVyVRj5jsiYEkM/tFQYfWyJIv4s3XkvDwy7Cu5s=": 1
|
||||
},
|
||||
"NumNodes": 3
|
||||
},
|
||||
|
@ -81,7 +81,7 @@ $ curl \
|
|||
"WbL6oaTPom+7RG7Q/INbJWKy09OLar/Hf2SuOAdoQE4=": 1
|
||||
},
|
||||
"PrimaryKeys": {
|
||||
"pUqJrVyVRj5jsiYEkM/tFQYfWyJIv4s3XkvDwy7Cu5s=": 1,
|
||||
"pUqJrVyVRj5jsiYEkM/tFQYfWyJIv4s3XkvDwy7Cu5s=": 1
|
||||
},
|
||||
"NumNodes": 3
|
||||
}
|
|
@ -2,8 +2,7 @@
|
|||
layout: commands
|
||||
page_title: 'Commands: Connect Proxy'
|
||||
sidebar_title: envoy
|
||||
description:
|
||||
The connect proxy subcommand is used to run the Envoy proxy for Connect.
|
||||
description: The connect proxy subcommand is used to run the Envoy proxy for Connect.
|
||||
---
|
||||
|
||||
# Consul Connect Envoy
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue