Commit Graph

17548 Commits

Author SHA1 Message Date
Freddy 1b2df5388c
Additional service mesh docs updates for peering (#13464)
This PR covers two sets of changes:
- Documenting the new `destination_peer` for proxy upstream definitions.
- Updating the exported-services config entry documentation.

Updates to the `exported-services` config entry include:
- As of 1.13.0 it is no longer only for Consul Enterprise
- A `PeerName` is now a possible consumer for an exported service.
- Added examples for OSS and Enterprise
- Linked to peering docs
2022-06-17 18:40:38 -06:00
Jeff Boruszak 95aa915b42
Apply suggestions from code review 2022-06-17 13:36:20 -05:00
Jeff Boruszak ccbe00e469
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx 2022-06-17 12:35:35 -05:00
Jeff Boruszak 5062e89651
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-17 12:31:11 -05:00
Chris S. Kim a4c28d1aea
Update docs with peer query parameter (#13462)
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-16 16:25:44 -04:00
Chris S. Kim c66edb8af5
Update docs with Source.Peer field (#13463) 2022-06-16 09:30:05 -04:00
Freddy 7e30357c17
Add peering endpoint API docs (#13454) 2022-06-15 14:18:14 -06:00
Jeff Boruszak 343586e847
Update website/data/docs-nav-data.json
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:26:54 -05:00
Jeff Boruszak 611ad5016e
Update website/content/docs/connect/cluster-peering/index.mdx 2022-06-15 14:26:40 -05:00
Jeff Boruszak 40e5d8b0ae
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:23:18 -05:00
boruszak 3e21f554ef Limitations -> Constraints 2022-06-15 14:21:58 -05:00
Jeff Boruszak e79aa5474f
Apply suggestions from code review
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-15 14:19:03 -05:00
boruszak 2bc2f08d1d typo fix 2022-06-15 14:08:34 -05:00
boruszak ef4d603972 Switch fronend-service and backend-service 2022-06-15 14:07:56 -05:00
Jeff Boruszak 96fb08ef61
Apply suggestions from code review 2022-06-15 14:04:52 -05:00
Jeff Boruszak e1277973aa
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:01:34 -05:00
Jeff Boruszak fd81c4a412
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-06-15 13:56:55 -05:00
boruszak e1b3cfc9a9 peering_token.json addition 2022-06-15 13:55:53 -05:00
Jeff Boruszak 993cd2f3bc
Apply suggestions from code review
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:34:21 -05:00
Jeff Boruszak 034861119a
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:29:30 -05:00
Jeff Boruszak 811674d526
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx 2022-06-14 17:28:06 -05:00
Jeff Boruszak 92d655e83d
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:27:03 -05:00
Jeff Boruszak f0737c97dd
Update website/content/docs/connect/cluster-peering/index.mdx
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:23:07 -05:00
boruszak b8ad96b516 Removing k8s updates on this branch 2022-06-14 17:12:45 -05:00
boruszak 62d1f949e5 Updated nav.json 2022-06-14 17:01:48 -05:00
boruszak 740246797b <CodeBlockConfig> fixes 2022-06-14 16:58:07 -05:00
boruszak c5b5a6ee76 Code Block fixes 2022-06-14 16:55:25 -05:00
boruszak 923b7d0db6 Cluster Peering on Kubernetes initial draft 2022-06-14 16:33:29 -05:00
boruszak be152b25c4 Cluster Peering on Kubernetes page creation 2022-06-14 16:15:57 -05:00
Jeff Boruszak fb916e999b
Fixing double-ticks ` 2022-06-14 10:00:22 -05:00
Jeff Boruszak c39bf49eab
Added nav data 2022-06-13 17:27:11 -05:00
boruszak 084dc1c6e5 Removing Kubernetes page - will submit separate PR for timing reason 2022-06-13 16:47:47 -05:00
boruszak b0430df680 Typo fix 2022-06-13 16:42:29 -05:00
boruszak 61f60ceb4f Create and Manage Peering Connections additional fixes 2022-06-13 16:38:44 -05:00
boruszak ebe0f5408d What is Cluster Peering? additional fixes 2022-06-13 16:06:29 -05:00
boruszak 0ddcd78ec1 Create and Manage Peering Connections page 2022-06-13 14:24:02 -05:00
boruszak de4f9bcf4a What is Cluster Peering? additional fixes 2022-06-13 13:41:57 -05:00
boruszak 4fd06dff17 What is Cluster Peering? page 2022-06-13 13:31:13 -05:00
boruszak bb972974cb Initial page creation 2022-06-13 12:58:16 -05:00
Mark Anderson edbf19f4e8
Merge pull request #13357 from hashicorp/ma/add-build-date-oss
Add build date (oss)
2022-06-13 08:43:20 -07:00
Mark Anderson a5efa461dd Fix infinite recursion in bash_env
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-06-10 20:24:15 -07:00
Chris S. Kim a02e9abcc1
Update RBAC to handle imported services (#13404)
When converting from Consul intentions to xds RBAC rules, services imported from other peers must encode additional data like partition (from the remote cluster) and trust domain.

This PR updates the PeeringTrustBundle to hold the sending side's local partition as ExportedPartition. It also updates RBAC code to encode SpiffeIDs of imported services with the ExportedPartition and TrustDomain.
2022-06-10 17:15:22 -04:00
R.B. Boyer f557509e58
xds: allow for peered upstreams to use tagged addresses that are hostnames (#13422)
Mesh gateways can use hostnames in their tagged addresses (#7999). This is useful
if you were to expose a mesh gateway using a cloud networking load balancer appliance
that gives you a DNS name but no reliable static IPs.

Envoy cannot accept hostnames via EDS and those must be configured using CDS.
There was already logic when configuring gateways in other locations in the code, but
given the illusions in play for peering the downstream of a peered service wasn't aware
that it should be doing that.

Also:
- ensuring that we always try to use wan-like addresses to cross peer boundaries.
2022-06-10 16:11:40 -05:00
Kyle Havlovitz 3f0de89a28
Merge pull request #13421 from hashicorp/dns-node-query-partitions
OSS: Add dns node lookup support in partitions
2022-06-10 12:22:34 -07:00
Kyle Havlovitz 14119d372d Add changelog note 2022-06-10 12:05:05 -07:00
Kyle Havlovitz 7f62571419 Add dns node lookup support in partitions 2022-06-10 11:23:51 -07:00
Mark Anderson 9e27cc02d9
Merge pull request #13316 from hashicorp/ma/vault-docs-report-backport
Update website/content/docs/connect/ca/vault.mdx
2022-06-10 09:59:15 -07:00
R.B. Boyer 7001e1151c
peering: rename initiate to establish in the context of the APIs (#13419) 2022-06-10 11:10:46 -05:00
Mark Anderson 175728b292 Minor cleanup for build-date script
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-06-09 17:07:41 -07:00
Mark Anderson dd22ceccd1 Change default dates
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-06-09 17:07:41 -07:00