* Consul Architecture update
* Consul on Kubernetes architecture
* Install Consul on Kubernetes with Helm updates
* Vault as the Secrets Backend Data Integration
* Kubernetes Service Mesh Overview
* Terminating Gateways
* Fully updated
* Join external service to k8s
* Consul on Kubernetes
* Configure metrics for Consul on Kubernetes
* Service Sync for Consul on Kubernetes
* Custom Resource Definitions for Consul on k8s
* Upgrading Consul on Kubernetes Components
* Rolling Updates to TLS
* Dataplanes diagram
* Upgrade instructions
* k8s architecture page updates
* Update website/content/docs/k8s/connect/observability/metrics.mdx
Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
* Update website/content/docs/architecture/index.mdx
* Update website/content/docs/k8s/connect/terminating-gateways.mdx
* CRDs
* updating version numbers
* Updated example config
* Image clean up
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Update website/content/docs/k8s/architecture.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Update guidance for vault PKI CA provider
* clarify workarounds if already using vault 1.11+
* Update website/content/docs/connect/ca/vault.mdx
* Update website/content/docs/k8s/connect/connect-ca-provider.mdx
* Update website/content/docs/k8s/deployment-configurations/vault/data-integration/connect-ca.mdx
* Apply suggestions from code review
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
* add suggestion from Matt
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
* auto-config: relax node name validation for JWT authorization
This changes the JWT authorization logic to allow all non-whitespace,
non-quote characters when validating node names. Consul had previously
allowed these characters in node names, until this validation was added
to fix a security vulnerability with whitespace/quotes being passed to
the `bexpr` library. This unintentionally broke node names with
characters like `.` which aren't related to this vulnerability.
* Update website/content/docs/agent/config/cli-flags.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Prevent serving TLS via ports.grpc
We remove the ability to run the ports.grpc in TLS mode to avoid
confusion and to simplify configuration. This breaking change
ensures that any user currently using ports.grpc in an encrypted
mode will receive an error message indicating that ports.grpc_tls
must be explicitly used.
The suggested action for these users is to simply swap their ports.grpc
to ports.grpc_tls in the configuration file. If both ports are defined,
or if the user has not configured TLS for grpc, then the error message
will not be printed.
* Update Consul Dataplane CLI reference
* Add new page for Consul Dataplane telemetry
* Add `server_type` label to agent grpc metrics
* Callout Consul Dataplane in Envoy bootstrap configuration section
* Update consul-dataplane unsupported features
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
Jeff Boruszak
Derek Menteer
Nitya Dhanushkodi
Matt Keeler
Paul Glass
David Yu
Tu Nguyen
Dan Stough
Michael Schurter
cskh
Kyle Havlovitz
Nick Wales
Luke Kysow
malizz
Krastin Krastev
Sudharshan K S
Nathan Coleman
Evan Culver
Jared Kirschner
Jared Kirschner
Freddy
freddygv
trujillo-adam