Commit Graph

4569 Commits

Author SHA1 Message Date
Natalie Smith 0a51e145c1 docs: simplify agent docs slugs 2022-04-11 17:38:47 -07:00
Natalie Smith 0fcdddcd46 docs: pr feedback 2022-04-11 17:38:17 -07:00
Natalie Smith 1d8e89425e chore: rebase updates 2022-04-11 17:38:17 -07:00
Natalie Smith ddae7d18a2 docs: fix external links to agent config pages 2022-04-11 17:38:11 -07:00
Natalie Smith 83f9879b2d docs: fix agent config links 2022-04-11 16:07:09 -07:00
Natalie Smith 4d4c760190 docs: arrange agent configuration file parameters into logical groups 2022-04-11 16:06:54 -07:00
Blake Covarrubias f4c03d2340 docs: move configuration files content from agent/config/index to agent/config/agent-config-files 2022-04-11 16:06:20 -07:00
Blake Covarrubias c5220fd184 docs: move cli content from agent/config/index to agent/config/agent-config-cli
And add sections for logical groupings of options
2022-04-11 16:05:48 -07:00
Blake Covarrubias caf34daa39 docs: move agent/options.mdx into agent/config/index.mdx and add placeholder .mdx files for cli/files
Also update nav data
2022-04-11 16:05:21 -07:00
David Yu e1db4c04d8
redirect.js: fixing redirect to new compatibility matrix for k8s (#12755) 2022-04-11 15:45:18 -07:00
David Yu 3f9b31effe
website: redirect change consul k8s compatibility matrix link (#12751) 2022-04-11 13:51:21 -07:00
David Yu 140e4f5578
docs: Upgrade Consul K8s update link to combat matrix (#12744) 2022-04-11 11:41:35 -07:00
R.B. Boyer 25ba9c147a
xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections (#12711)
Just like standard upstreams the order of applicability in descending precedence:

1. caller's `service-defaults` upstream override for destination
2. caller's `service-defaults` upstream defaults
3. destination's `service-resolver` ConnectTimeout
4. system default of 5s

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-04-07 16:58:21 -05:00
John Murret 62476e25fb
docs: Updating Gossip EncryptionKey Rotation page with Vault use case (#12720)
* docs: Updating Gossip EncryptionKey Rotation page with Vault use case

* Adding a note to the vault instructions linking to the gossip key encryption using Vault page.

* Correcting Vault guide for storing the rotated gossip key.

* adding $ to shell sessions where it is missing on the gossip rotation page

* adding $ to more shell sessions where it is missing on the gossip rotation page
2022-04-07 13:41:42 -06:00
Chris Thain 1502936c12
Consul on ECS 0.4.0 (#12694)
Update website docs for Consul on ECS 0.4.0
2022-04-07 11:43:12 -07:00
Kyle Havlovitz 9780b672da
Merge pull request #12685 from hashicorp/http-check-redirect-option
Add a field to disable following redirects on http checks
2022-04-07 11:29:27 -07:00
John Murret fd08b6aaf6
Update k8s docs for Vault as a Secrets Backend (#12691)
* Updating k8s Vault as a Secrets Backend docs

* Moving files in data-integration folder

* Updating routes to moved files

* Removing known limitations since we have delivered them.

* Revise overview page to point towards the System Integration and Data Integration pages.

* Updating Systems Overview page

* Making corrections to Overview and Systems Integration page

* Updating Data Integration page

* Gossip page

* Enterprise Licensepage

* Bootstrap Token

* Replication Token

* Revisions to bootrap, replication, and enterprise license

* snapshot agent page.  revisiions to other data integration pages

* Consul Service Mesh TLS Provider page

* ServerTLS page

* Spelling, grammar errors

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/index.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/server-tls.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/gossip.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/snapshot-agent-config.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/bootstrap-token.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/connect-ca.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/enterprise-license.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/data-integration/replication-token.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Updating data center to datacenter

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* interim changes

* more formatting changes

* adding additional formatting changes

* more formatting on systems integration page

* remove TODO

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/index.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Update website/content/docs/k8s/installation/vault/systems-integration.mdx

Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>

* Adding partition token

* removing dangling word

* Adding missing navlink for partitions page

* Adding VAULT_TOKEN documentation and a note to VAULT_ADDR about https and the possible need for the VAULT_CACERT.

* Fixing broken links and ordering lists

* Fixing broken links.  Changing pre-requisites to prerequisites.

Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2022-04-07 12:16:24 -06:00
Matt Keeler a553982506
Enable running autopilot state updates on all servers (#12617)
* Fixes a lint warning about t.Errorf not supporting %w

* Enable running autopilot on all servers

On the non-leader servers all they do is update the state and do not attempt any modifications.

* Fix the RPC conn limiting tests

Technically they were relying on racey behavior before. Now they should be reliable.
2022-04-07 10:48:48 -04:00
John Murret 25c32be517
k8s docs - ACLs refactor - Updating terminating gateway documentation to call out updating the role rather than the token with the policy (#12612)
* k8s docs - ACLs refactor - Updating terminating gateway documentation to call out updating the role rather than the token with the policy

* Modifying role and policy names based on naming convention change.
2022-04-06 15:54:27 -06:00
Kyle Havlovitz 3b44343276 Add a field to disable following redirects on http checks 2022-04-05 16:12:18 -07:00
Kyle Havlovitz 6cf22a5cef
Merge pull request #12672 from hashicorp/tgate-san-validation
Respect SNI with terminating gateways and log a warning if it isn't set alongside TLS
2022-04-05 11:15:59 -07:00
Bryce Kalow 82d3418642
website: fix usages of img tag (#12696) 2022-04-05 11:18:57 -05:00
David Yu d49ea7930a
docs: rename Connect Service Mesh Kubernetes to Consul Service Mesh on Kubernetes (#12690)
* docs:rename Connect Service Mesh Kubernetes to Consul Service Mesh on Kubernetes
2022-04-05 07:46:14 -07:00
Thomas Eckert f51c02a923
Update Helm docs to reflect 0.42.0 release (#12689)
* Update Helm docs to reflect 0.42.0 release

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-04-04 14:50:59 -07:00
Blake Covarrubias 79144dbac6
docs: Update links to K8s service mesh annotations (#12652)
The list of supported annotations for Consul service mesh were moved
from /docs/k8s/connect to /docs/k8s/annotations-and-labels in PR
#12323.

This commit updates various across the site to point to the new
URL for these annotations.
2022-04-04 14:35:07 -07:00
mrspanishviking 13fba7567f
Merge pull request #12687 from hashicorp/acl-fix
docs: fixes broken url in acl overview page
2022-04-04 14:06:09 -07:00
John Murret 2bc11a5db6
Updating helm docs with additionalVault and ACLs refactor functionality. (#12669)
* Updating helm docs with additionalVault and ACLs refactor funtionality.

* PR Feedback corrections.

- Fix indentation.
- Fix description of secretName and secretKey to be consistent
- Change description of manageACLsRole to be more clear.
- Make the added vault role field descriptions consistent

* PR Feedback - correcting description for adminPartitionsRole

* Fixing broken shell sessions

* Fixing broken shell sessions by changing shell-session tobecloser tocomment marker
2022-04-04 14:36:19 -06:00
Karl Cardenas 1db1905cb5
docs: fixes broken url in acl overview page 2022-04-04 09:47:15 -07:00
Dhia Ayachi 319fe48561
documentation for config auto reload feature (#12548)
* add config watcher to the config package

* add logging to watcher

* add test and refactor to add WatcherEvent.

* add all API calls and fix a bug with recreated files

* add tests for watcher

* remove the unnecessary use of context

* Add debug log and a test for file rename

* use inode to detect if the file is recreated/replaced and only listen to create events.

* tidy ups (#1535)

* tidy ups

* Add tests for inode reconcile

* fix linux vs windows syscall

* fix linux vs windows syscall

* fix windows compile error

* increase timeout

* use ctime ID

* remove remove/creation test as it's a use case that fail in linux

* fix linux/windows to use Ino/CreationTime

* fix the watcher to only overwrite current file id

* fix linter error

* fix remove/create test

* set reconcile loop to 200 Milliseconds

* fix watcher to not trigger event on remove, add more tests

* on a remove event try to add the file back to the watcher and trigger the handler if success

* fix race condition

* fix flaky test

* fix race conditions

* set level to info

* fix when file is removed and get an event for it after

* fix to trigger handler when we get a remove but re-add fail

* fix error message

* add tests for directory watch and fixes

* detect if a file is a symlink and return an error on Add

* rename Watcher to FileWatcher and remove symlink deref

* add fsnotify@v1.5.1

* fix go mod

* do not reset timer on errors, rename OS specific files

* rename New func

* events trigger on write and rename

* add missing test

* fix flaking tests

* fix flaky test

* check reconcile when removed

* delete invalid file

* fix test to create files with different mod time.

* back date file instead of sleeping

* add watching file in agent command.

* fix watcher call to use new API

* add configuration and stop watcher when server stop

* add certs as watched files

* move FileWatcher to the agent start instead of the command code

* stop watcher before replacing it

* save watched files in agent

* add add and remove interfaces to the file watcher

* fix remove to not return an error

* use `Add` and `Remove` to update certs files

* fix tests

* close events channel on the file watcher even when the context is done

* extract `NotAutoReloadableRuntimeConfig` is a separate struct

* fix linter errors

* add Ca configs and outgoing verify to the not auto reloadable config

* add some logs and fix to use background context

* add tests to auto-config reload

* remove stale test

* add tests to changes to config files

* add check to see if old cert files still trigger updates

* rename `NotAutoReloadableRuntimeConfig` to `StaticRuntimeConfig`

* fix to re add both key and cert file. Add test to cover this case.

* review suggestion

Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

* add check to static runtime config changes

* fix test

* add changelog file

* fix review comments

* Apply suggestions from code review

Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

* update flag description

Co-authored-by: FFMMM <FFMMM@users.noreply.github.com>

* fix compilation error

* add static runtime config support

* fix test

* fix review comments

* fix log test

* Update .changelog/12329.txt

Co-authored-by: Dan Upton <daniel@floppy.co>

* transfer tests to runtime_test.go

* fix filewatcher Replace to not deadlock.

* avoid having lingering locks

Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

* split ReloadConfig func

* fix warning message

Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

* convert `FileWatcher` into an interface

* fix compilation errors

* fix tests

* extract func for adding and removing files

* add a coalesceTimer with a very small timer

* extract coaelsce Timer and add a shim for testing

* add tests to coalesceTimer fix to send remaining events

* set `coalesceTimer` to 1 Second

* support symlink, fix a nil deref.

* fix compile error

* fix compile error

* refactor file watcher rate limiting to be a Watcher implementation

* fix linter issue

* fix runtime config

* fix runtime test

* fix flaky tests

* fix compile error

* Apply suggestions from code review

Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

* fix agent New to return an error if File watcher New return an error

* add a coalesceTimer with a very small timer

* extract coaelsce Timer and add a shim for testing

* set `coalesceTimer` to 1 Second

* add flag description to agent command docs

* fix link

* add Static runtime config docs

* fix links and alignment

* fix typo

* Revert "add a coalesceTimer with a very small timer"

This reverts commit d9db2fcb8213a81ac761f04b458091409c5fb1ee.

* Revert "extract coaelsce Timer and add a shim for testing"

This reverts commit 0ab86012a415ffeb452acf58e52c9f37c9f49254.

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
Co-authored-by: FFMMM <FFMMM@users.noreply.github.com>
Co-authored-by: Daniel Upton <daniel@floppy.co>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-04-04 12:01:38 -04:00
FFMMM 973d2d0f9a
mark disable_compat_1.9 to deprecate in 1.13, change default to true (#12675)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2022-04-01 10:35:56 -07:00
Eric Haberkorn a7d5aa94a3
Merge pull request #12680 from hashicorp/fix-k8s-dns-service-name
Fix the Kubernetes service name for DNS
2022-04-01 11:03:24 -04:00
Eric d7b4ed1597 Fix the Kubernetes service name for DNS 2022-04-01 10:38:56 -04:00
Kyle Havlovitz 763f728df4 Add doc examples for expanded token read CLI and API 2022-03-31 15:03:41 -07:00
Kyle Havlovitz 1a3b885027 Use the GatewayService SNI field for upstream SAN validation 2022-03-31 13:54:25 -07:00
FFMMM 64e35777e0
docs: new rpc metric (#12608) 2022-03-31 13:04:33 -07:00
Kyle Havlovitz 51527907ab Recommend SNI with TLS in the terminating gateway docs 2022-03-31 12:19:16 -07:00
Bryce Kalow 6bf67b7ef4
website: redirect /api to /api-docs (#12660) 2022-03-30 16:16:26 -05:00
Mike Morris 7cb9bfdfa9
website(api-gateway): add common errors page (#12643)
* Adding common errors page for API Gateway

* website(api-gateway): add missing CRDs common error message

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>

* Update website/content/docs/api-gateway/common-errors.mdx

* Additional page editing instructions and formating

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff-Apple <79924108+Jeff-Apple@users.noreply.github.com>
Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-03-30 16:05:00 -04:00
R.B. Boyer e79ce8ab03
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
- `tls.incoming`: applies to the inbound mTLS targeting the public
  listener on `connect-proxy` and `terminating-gateway` envoy instances

- `tls.outgoing`: applies to the outbound mTLS dialing upstreams from
  `connect-proxy` and `ingress-gateway` envoy instances

Fixes #11966
2022-03-30 13:43:59 -05:00
Matt Keeler 15ddbbc686
Update raft-boltdb to pull in new writeCapacity metric (#12646) 2022-03-30 11:38:44 -04:00
R.B. Boyer ac5bea862a
server: ensure that service-defaults meta is incorporated into the discovery chain response (#12511)
Also add a new "Default" field to the discovery chain response to clients
2022-03-30 10:04:18 -05:00
Mike Morris 885edde8c1
website(api-gateway): add consul namespace to helm install (#12644)
* website: api-gateway helm install consul namespace

To mirror instructions at https://learn.hashicorp.com/tutorials/consul/kubernetes-api-gateway

* website(api-gateway): add notes on where to find available versions

* website(api-gateway): fixup link to more clearly indicate Consul Helm chart releases

* Update website/content/docs/api-gateway/api-gateway-usage.mdx
2022-03-29 17:36:21 -04:00
Michele Degges 535edfa247
[RelAPI Onboarding] Add release API metadata file (#12591) 2022-03-28 13:45:53 -07:00
mrspanishviking 7da80ddbb4
Merge pull request #12595 from hashicorp/k8s-cli-install
docs: add link to k8s cli install page
2022-03-25 14:09:39 -07:00
Luke Kysow c8cdebd9cc
Update consul-enterprise.mdx (#12622) 2022-03-25 13:00:14 -07:00
Mike Morris f8a2ae2606
agent: convert listener config to TLS types (#12522)
* tlsutil: initial implementation of types/TLSVersion

tlsutil: add test for parsing deprecated agent TLS version strings

tlsutil: return TLSVersionInvalid with error

tlsutil: start moving tlsutil cipher suite lookups over to types/tls

tlsutil: rename tlsLookup to ParseTLSVersion, add cipherSuiteLookup

agent: attempt to use types in runtime config

agent: implement b.tlsVersion validation in config builder

agent: fix tlsVersion nil check in builder

tlsutil: update to renamed ParseTLSVersion and goTLSVersions

tlsutil: fixup TestConfigurator_CommonTLSConfigTLSMinVersion

tlsutil: disable invalid config parsing tests

tlsutil: update tests

auto_config: lookup old config strings from base.TLSMinVersion

auto_config: update endpoint tests to use TLS types

agent: update runtime_test to use TLS types

agent: update TestRuntimeCinfig_Sanitize.golden

agent: update config runtime tests to expect TLS types

* website: update Consul agent tls_min_version values

* agent: fixup TLS parsing and compilation errors

* test: fixup lint issues in agent/config_runtime_test and tlsutil/config_test

* tlsutil: add CHACHA20_POLY1305 cipher suites to goTLSCipherSuites

* test: revert autoconfig tls min version fixtures to old format

* types: add TLSVersions public function

* agent: add warning for deprecated TLS version strings

* agent: move agent config specific logic from tlsutil.ParseTLSVersion into agent config builder

* tlsutil(BREAKING): change default TLS min version to TLS 1.2

* agent: move ParseCiphers logic from tlsutil into agent config builder

* tlsutil: remove unused CipherString function

* agent: fixup import for types package

* Revert "tlsutil: remove unused CipherString function"

This reverts commit 6ca7f6f58d268e617501b7db9500113c13bae70c.

* agent: fixup config builder and runtime tests

* tlsutil: fixup one remaining ListenerConfig -> ProtocolConfig

* test: move TLS cipher suites parsing test from tlsutil into agent config builder tests

* agent: remove parseCiphers helper from auto_config_endpoint_test

* test: remove unused imports from tlsutil

* agent: remove resolved FIXME comment

* tlsutil: remove TODO and FIXME in cipher suite validation

* agent: prevent setting inherited cipher suite config when TLS 1.3 is specified

* changelog: add entry for converting agent config to TLS types

* agent: remove FIXME in runtime test, this is covered in builder tests with invalid tls9 value now

* tlsutil: remove config tests for values checked at agent config builder boundary

* tlsutil: remove tls version check from loadProtocolConfig

* tlsutil: remove tests and TODOs for logic checked in TestBuilder_tlsVersion and TestBuilder_tlsCipherSuites

* website: update search link for supported Consul agent cipher suites

* website: apply review suggestions for tls_min_version description

* website: attempt to clean up markdown list formatting for tls_min_version

* website: moar linebreaks to fix tls_min_version formatting

* Revert "website: moar linebreaks to fix tls_min_version formatting"

This reverts commit 38585927422f73ebf838a7663e566ac245f2a75c.

* autoconfig: translate old values for TLSMinVersion

* agent: rename var for translated value of deprecated TLS version value

* Update agent/config/deprecated.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* agent: fix lint issue

* agent: fixup deprecated config test assertions for updated warning

Co-authored-by: Dan Upton <daniel@floppy.co>
2022-03-24 15:32:25 -04:00
Jared Kirschner 9db69653e4
Merge pull request #12602 from hashicorp/jkirschner-hashicorp-patch-1
docs: make gossip threat model more visible
2022-03-23 14:54:17 -04:00
Luke Kysow f1745c25c5
Lkysow/docs updates 2 (#12604)
* Document intermediate_cert_ttl
2022-03-23 10:22:08 -07:00
Jared Kirschner 74b181018b
docs: make gossip threat model more visible 2022-03-23 11:46:56 -04:00
Karl Cardenas d6778f4e63
docs: removed the word page 2022-03-22 15:51:04 -07:00