Add case insensitive param on service route match
This commit adds in a new feature that allows service routers to specify that
paths and path prefixes should ignore upper / lower casing when matching URLs.
Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
* docs: update k8s upgrade instructions
With https://github.com/hashicorp/consul-k8s/pull/3000 merged, users can
upgrade their k8s installs using a regular helm upgrade since the
upgrade is now stable.
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* cli: Deprecate the `-admin-access-log-path` flag from `consul connect envoy` command in favor of: `-admin-access-log-config`.
* fix changelog
* add in documentation change.
* updating usage of http2_protocol_options and access_log_path
* add changelog
* update template for AdminAccessLogConfig
* remove mucking with AdminAccessLogConfig
* Adding cli command to list exported services to a peer
* Changelog added
* Addressing docs comments
* Adding test case for no exported services scenario
docs: Add locality examples and troubleshooting
Add further examples and tips for locality-aware routing configuration,
observability, and troubleshooting.
* Set default of 1m for StatsFlushInterval when the collector is setup
* Add documentation on the stats_flush_interval value
* Do not default in two conditions 1) preconfigured sinks exist 2) preconfigured flush interval exists
* Fix wording of docs
* Add changelog
* Fix docs
* [Docs] Update admin-partitions.mdx
Adding a note on DNS queries requiring the presence of a Consul Client in the Admin partition
The consul-dns endpoints are the consul clients and servers as seen In the Helm chart consul/templates/dns-service.yaml
selector:
app: {{ template "consul.name" . }}
release: "{{ .Release.Name }}"
hasDNS: "true"
all components have the first two labels for app and release but only consul clients and servers have the last one hasDNS so it will only match clients AND servers
grep hasDNS ./* 2> /dev/null
./client-daemonset.yaml: hasDNS: "true"
./dns-service.yaml: hasDNS: "true"
./server-statefulset.yaml: hasDNS: "true"
* Update website/content/docs/enterprise/admin-partitions.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
---------
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
* DNS token doc updates
Review feedback
Update website/content/commands/acl/set-agent-token.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
Update dns token doc to link to policy templates
* PR feedback updates
* added 1.17 features to enterprise overview
* added features to runtime tables
* Apply suggestions from code review
Co-authored-by: David Yu <dyu@hashicorp.com>
* add ecs release notes
* add draft of 1.3.x consul-k8s release notes
* update nav with new release notes
* Apply suggestions from code review
Co-authored-by: Jeff Apple <79924108+Jeff-Apple@users.noreply.github.com>
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: Jeff Apple <79924108+Jeff-Apple@users.noreply.github.com>
docs: Remove locality proxy startup section
This section is not necessary as it is not unique to the feature. The
instructions for starting proxies are available in other pages.
* docs: Update locality-aware routing docs
- Align locality-aware routing documentation to the recommended use of the
feature and incorporate engineer feedback.
- Remove docs for unreleased multi-cluster failover feature.
- Fix minor typos and formatting in examples.
* docs: Fix rate limit docs typo
* Add NET_BIND_SERVICE capability to list of consul-dataplane requirements
* Add link to related Kubernetes documentation
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Prior to the introduction of this configuration, grpc keepalive messages were
sent after 2 hours of inactivity on the stream. This posed issues in various
scenarios where the server-side xds connection balancing was unaware that envoy
instances were uncleanly killed / force-closed, since the connections would
only be cleaned up after ~5 minutes of TCP timeouts occurred. Setting this
config to a 30 second interval with a 20 second timeout ensures that at most,
it should take up to 50 seconds for a dead xds connection to be closed.
The control-plane-request-limit config entry does not support
specifying parameter names in snake case format.
This commit updates the HCL and JSON examples to use the supported
camel case key format.
* update main apigw overview
* moved the tech specs to main gw folder
* merged tech specs into single topic
* restructure nav part 1
* fix typo in nav json file
* moved k8s install up one level
* restructure nav part 2
* moved and created all listeners and routes content
* moved errors ref and upgrades
* fix error in upgrade-k8s link
* moved conf refs to appropriate spots
* updated conf overview
* fixed some links and bad formatting
* fixed link
* added JWT on VMs usage page
* added JWT conf to APIGW conf entry
* added JWTs to HTTP route conf entry
* added new gatwaypolicy k8s conf reference
* added metadesc for gatewaypolicy conf ref
* added http route auth filter k8s conf ref
* added http route auth filter k8s conf ref to nav
* updates to k8s route conf ref to include extensionRef
* added JWTs usage page for k8s
* fixed link in gwpolicy conf ref
* added openshift installation info to installation pages
* fixed bad link on tech specs
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
* fixed VerityClaims param
* best guess at verifyclaims params
* tweaks to gateway policy dconf ref
* Docs/ce 475 retries timeouts for apigw (#19086)
* added timeout and retry conf ref for k8s
* added retry and TO filters to HTTP routes conf ref for VMs
* Apply suggestions from code review
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
* fix copy/paste error in http route conf entry
---------
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
* update links across site and add redirects
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Thomas Eckert <teckert@hashicorp.com>
* Applied feedback from review
* Apply suggestions from code review
* Apply suggestions from code review
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
* Update CRD configuration for responseHeaderModifiers
* Update Config Entry for http-route
* Add ResponseFilter example to service
* Update website/redirects.js
errant curly brace breaking the preview
* fix links and bad MD
* fixed md formatting issues
* fix formatting errors
* fix formatting errors
* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx
* Apply suggestions from code review
* fixed typo
* Fix headers in http-route
* Apply suggestions from code review
Co-authored-by: John Maguire <john.maguire@hashicorp.com>
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
Co-authored-by: Thomas Eckert <teckert@hashicorp.com>
Co-authored-by: John Maguire <john.maguire@hashicorp.com>
* updated nav; renamed L7 traffic folder
* Added locality-aware routing to traffic mgmt overview
* Added route to local upstreams topic
* Updated agent configuration reference
* Added locality param to services conf ref
* Added locality param to conf entries
* mentioned traffic management in proxies overview
* added locality-aware to failover overview
* added docs for service rate limiting
* updated service defaults conf entry
* Apply suggestions from code review
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
* updated links and added redirects
---------
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
This PR fixes an issue where upstreams did not correctly inherit the proper
namespace / partition from the parent service when attempting to fetch the
upstream protocol due to inconsistent normalization.
Some of the merge-service-configuration logic would normalize to default, while
some of the proxycfg logic would normalize to match the parent service. Due to
this mismatch in logic, an incorrect service-defaults configuration entry would
be fetched and have its protocol applied to the upstream.
* updated architecture topic
* fixed type in arch diagram filenames
* fixed path to img file
* updated index page - still need to add links
* moved arch and tech specs to reference folder
* moved other ref topics to ref folder
* set up the Deploy folder and TF install topics
* merged secure conf into TF deploy instructions
* moved bind addr and route conf to their own topics
* moved arch and tech specs back to main folder
* update migrate-existing-tasks content
* merged manual deploy content; added serv conf ref
* fixed links
* added procedure for upgrading to dataplanes
* fixed linked reported by checker
* added updates to dataplanes overview page
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* updated links and added redirects
* removed old architecture content
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
Replaces unicode quotation marks with ASCII quotation marks.
For code examples, this fixes HCL decoding errors that would otherwise
be raised when attempting to read the file.
Remove YAML service registration examples and replace them with JSON.
This is because YAML is not a supported configuration format for the
Consul's agent configuration, nor is it supported by the HTTP API.
This commit replaces the YAML examples with JSON and adds additional
JSON examples where they were missing.
Lord-Y
Luke Kysow
Derek Menteer
Krastin Krastev
Jeff Boruszak
Nathan Coleman
Pascal Hofmann
Dan Stough
Ashesh Vidyut
David Yu
John Murret
natemollica-dev
Tauhid Anjum
Ronald
cskh
Jeff Apple
Michael Zalimeni
aahel
Chris S. Kim
Ashvitha
Mike Nomitch
Ganesh S
sarahalsmiller
am-ak
Joshua Timmons
John Landa
John Maguire
Tu Nguyen
trujillo-adam
Chris Thain
Blake Covarrubias