Commit Graph

2486 Commits

Author SHA1 Message Date
Luke Kysow 720dda7d70
Update index.mdx (#17477) 2023-05-25 14:00:44 -07:00
Hans Hasselberg c7bb36559e
add docs for consul-k8s config read command (#17461)
* add docs for consul-k8s config read command

This PR adds documentation for the functionality introduced in
https://github.com/hashicorp/consul-k8s/pull/2078.

* add output

---------

Co-authored-by: David Yu <dyu@hashicorp.com>
2023-05-25 17:10:00 +00:00
Luke Kysow 9327f85284
Update common-errors.mdx (#17467) 2023-05-25 09:11:30 -07:00
John Murret 127eba6d61
docs: update the defaults for request limits (#17437) 2023-05-25 15:00:21 +00:00
Derek Menteer a90c9ce2b0
Fix ACL check on health endpoint (#17424)
Fix ACL check on health endpoint

Prior to this change, the service health API would not explicitly return an
error whenever a token with invalid permissions was given, and it would instead
return empty results.  With this change, a "Permission denied" error is returned
whenever data is queried. This is done to better support the agent cache, which
performs a fetch backoff sleep whenever ACL errors are encountered.  Affected
endpoints are: `/v1/health/connect/` and `/v1/health/ingress/`.
2023-05-24 16:35:55 -05:00
Luke Kysow b74e41ecd1
Update service-intentions.mdx (#17443) 2023-05-24 08:48:21 -07:00
Dan Stough d935c7b466
[OSS] gRPC Blocking Queries (#17426)
* feat: initial grpc blocking queries

* changelog and docs update
2023-05-23 17:29:10 -04:00
trujillo-adam d20e3df63c
updates to links in services overview description paragraph (#17406) 2023-05-18 09:51:29 -07:00
Jeff Boruszak bd5a3c137d
docs: Reference pages for service-router and service-resolver config entries (#17145)
* service-resolve configuration entry reference

* Updates

* missing backtick

* service router configuration entry reference

* link fixes + tab fixes

* link and tab fixes

* link fixes

* service resolver improvements

* hierarchy fixes

* spacing

* links + formatting

* proofing fixes

* mmore fixes

* Apply suggestions from code review

suggestions from code review for service resolver

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* policy sections edits

* service router code review

* Tables to sections - service router HCL

* YAML tables to sections

* formatting fixes

* converting tables to sections - service resolver

* final tables to sections

* Adjustments/alignments

* nanosecond fix

* Update website/content/docs/connect/config-entries/service-router.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* link to filter example config

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-05-17 13:50:57 -07:00
trujillo-adam 94ea0a9731
Docs/igw docs day refactor (#17259)
* reformatted IGW conf ref

* set up nav structure for IGW docs

* added main usage IGW usage doc

* added usage for serving custom tls certs

* updated internal links

* Update website/content/docs/connect/config-entries/ingress-gateway.mdx

* Apply suggestions from code review

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>

* changed filenames for IGW usage pages

* Apply suggestions from code review

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

---------

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-05-17 13:27:21 -07:00
Connor 0789661ce5
Rename hcp-metrics-collector to consul-telemetry-collector (#17327)
* Rename hcp-metrics-collector to consul-telemetry-collector

* Fix docs

* Fix doc comment

---------

Co-authored-by: Ashvitha Sridharan <ashvitha.sridharan@hashicorp.com>
2023-05-16 14:36:05 -04:00
Dan Bond 95f462d5f1
agent: prevent very old servers re-joining a cluster with stale data (#17171)
* agent: configure server lastseen timestamp

Signed-off-by: Dan Bond <danbond@protonmail.com>

* use correct config

Signed-off-by: Dan Bond <danbond@protonmail.com>

* add comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* use default age in test golden data

Signed-off-by: Dan Bond <danbond@protonmail.com>

* add changelog

Signed-off-by: Dan Bond <danbond@protonmail.com>

* fix runtime test

Signed-off-by: Dan Bond <danbond@protonmail.com>

* agent: add server_metadata

Signed-off-by: Dan Bond <danbond@protonmail.com>

* update comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* correctly check if metadata file does not exist

Signed-off-by: Dan Bond <danbond@protonmail.com>

* follow instructions for adding new config

Signed-off-by: Dan Bond <danbond@protonmail.com>

* add comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* update comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* Update agent/agent.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* agent/config: add validation for duration with min

Signed-off-by: Dan Bond <danbond@protonmail.com>

* docs: add new server_rejoin_age_max config definition

Signed-off-by: Dan Bond <danbond@protonmail.com>

* agent: add unit test for checking server last seen

Signed-off-by: Dan Bond <danbond@protonmail.com>

* agent: log continually for 60s before erroring

Signed-off-by: Dan Bond <danbond@protonmail.com>

* pr comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* remove unneeded todo

* agent: fix error message

Signed-off-by: Dan Bond <danbond@protonmail.com>

---------

Signed-off-by: Dan Bond <danbond@protonmail.com>
Co-authored-by: Dan Upton <daniel@floppy.co>
2023-05-15 04:05:47 -07:00
Jeremy Jacobson f334fccb4f
[release/1.15.3] Add cloud stanza documentation (#17311)
* [CC-4856] Add cloud stanza documentation

* Add environment variables to cloud descriptions
2023-05-15 12:52:57 +02:00
Krastin Krastev d90e7d8126
docs: update names in references to renamed tutorials (#17261)
* docs: update names for tutorial references

* docs: update more names for tutorial references
2023-05-15 10:59:30 +03:00
Jeff Boruszak 8dce0ba504
docs: connect-service-upstreams annotation fixes (#17312)
* corrections

* fixes

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Update website/content/docs/k8s/annotations-and-labels.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Switching order of labeled/unlabeled

---------

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-05-12 22:07:29 +00:00
Tu Nguyen 30eee13cb9
Update consul-k8s install command so it is valid (#17310) 2023-05-11 11:55:23 -07:00
cskh 48f7d99305
snapshot: some improvments to the snapshot process (#17236)
* snapshot: some improvments to the snapshot process

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
2023-05-09 15:28:52 -04:00
Jared Kirschner f908ad82d0
docs: correct misspelling (#17229) 2023-05-08 13:30:48 -04:00
Jared Kirschner 166d7a39e8
docs: consistently name Consul service mesh (#17222)
Remove outdated usage of "Consul Connect" instead of Consul service mesh.

The connect subsystem in Consul provides Consul's service mesh capabilities.
However, the term "Consul Connect" should not be used as an alternative to
the name "Consul service mesh".
2023-05-05 13:41:40 -04:00
Eddie Rowe 90fc9bd9e5
Fix broken lightstep link (#17201) 2023-05-01 14:24:52 +00:00
Semir Patel 5eaeb7b8e5
Support Envoy's MaxEjectionPercent and BaseEjectionTime config entries for passive health checks (#15979)
* Add MaxEjectionPercent to config entry

* Add BaseEjectionTime to config entry

* Add MaxEjectionPercent and BaseEjectionTime to protobufs

* Add MaxEjectionPercent and BaseEjectionTime to api

* Fix integration test breakage

* Verify MaxEjectionPercent and BaseEjectionTime in integration test upstream confings

* Website docs for MaxEjectionPercent and BaseEjection time

* Add `make docs` to browse docs at http://localhost:3000

* Changelog entry

* so that is the difference between consul-docker and dev-docker

* blah

* update proto funcs

* update proto

---------

Co-authored-by: Maliz <maliheh.monshizadeh@hashicorp.com>
2023-04-26 15:59:48 -07:00
Mike Morris f93bb65913
docs: fixup note about node scope for admin partitions (#17147) 2023-04-26 13:46:22 -04:00
David Yu cc5cbcba7c
Update single-dc-multi-k8s.mdx (#17126) 2023-04-25 09:42:31 -07:00
Rosemary Wang 3f6069bd34
Clarify OpenTelemetry support for tracing (#17082) 2023-04-24 17:04:32 -07:00
malizz 2d3038874f
remove envoy endpoint flag from k8s docs (#17105) 2023-04-24 15:30:00 -07:00
Michael Wilkerson 001d540afc
Add sameness group field to prepared queries (#17089)
* added method for converting SamenessGroupConfigEntry
- added new method `ToQueryFailoverTargets` for converting a SamenessGroupConfigEntry's members to a list of QueryFailoverTargets
- renamed `ToFailoverTargets` ToServiceResolverFailoverTargets to distinguish it from `ToQueryFailoverTargets`

* Added SamenessGroup to PreparedQuery
- exposed Service.Partition to API when defining a prepared query
- added a method for determining if a QueryFailoverOptions is empty
- This will be useful for validation
- added unit tests

* added method for retrieving a SamenessGroup to state store

* added logic for using PQ with SamenessGroup
- added branching path for SamenessGroup handling in execute. It will be handled separate from the normal PQ case
- added a new interface so that the `GetSamenessGroupFailoverTargets` can be properly tested
- separated the execute logic into a `targetSelector` function so that it can be used for both failover and sameness group PQs
- split OSS only methods into new PQ OSS files
- added validation that `samenessGroup` is an enterprise only feature

* added documentation for PQ SamenessGroup
2023-04-24 13:21:28 -07:00
Eddie Rowe 863cd57117
fix broken links (#17032)
* fix broken links

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-04-20 16:12:11 +00:00
Jared Kirschner 0c846fa19b
docs: update docs related to GH-16779 (#17020) 2023-04-17 23:41:31 +00:00
trujillo-adam f5725b414e
added an intro statement for the SI conf entry confiration model (#17017)
* added an intro statement for the SI conf entry confiration model

* caught a few more typos
2023-04-17 11:29:32 -07:00
trujillo-adam b7b3e6eb6e
fixed bad link (#17009) 2023-04-14 13:51:56 -07:00
trujillo-adam 04b881a854
added missing error message content to troubleshooting (#17005) 2023-04-14 13:04:12 -07:00
Nathan Coleman 5410139575
Update list of Envoy versions (#16889)
* Update list of Envoy versions

* Update docs + CI + tests

* Add changelog entry

* Add newly-released Envoy versions 1.23.8 and 1.24.6

* Add newly-released Envoy version 1.22.11
2023-04-12 17:43:15 -04:00
Luke Kysow d3d7847ca1
Remove global.name requirement for APs (#16964)
This is not a requirement when using APs because each AP has its own
auth method so it's okay if the names overlap.
2023-04-11 11:41:33 -07:00
Derek Menteer 2ef812f68b
Update docs for service-defaults overrides. (#16960)
Update docs for service-defaults overrides.

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-04-11 11:40:55 -05:00
Thomas Eckert 380d74ca95
Fix the indentation of the copyAnnotations example (#16873) 2023-04-11 15:34:52 +00:00
Derek Menteer 1bcaeabfc3
Remove deprecated service-defaults upstream behavior. (#16957)
Prior to this change, peer services would be targeted by service-default
overrides as long as the new `peer` field was not found in the config entry.
This commit removes that deprecated backwards-compatibility behavior. Now
it is necessary to specify the `peer` field in order for upstream overrides
to apply to a peer upstream.
2023-04-11 10:20:33 -05:00
Andrea Scarpino a1404d6dcf
docs: fix typo in LocalRequestTimeoutMs (#16917) 2023-04-10 09:56:49 -07:00
Jared Kirschner e5be4b4550
docs: improve upgrade path guidance (#16925) 2023-04-07 20:47:15 +00:00
John Eikenberry eccd2f9871
highlight the agent.tls cert metric with CA ones
Include server agent certificate with list of cert metrics that need monitoring.
2023-04-07 20:41:14 +00:00
Eddie Rowe 5bdf795f2b
Fix API GW broken link (#16885)
* Fix API GW broken link

* Update website/content/docs/api-gateway/upgrades.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-04-06 22:29:09 +00:00
Eddie Rowe 25f9da48d7
Omit false positives from 404 checker (#16881)
* Remove false positives from 404 checker

* fix remaining 404s
2023-04-05 17:58:29 +00:00
Dao Thanh Tung 0582f137c5
Fix broken doc in consul-k8s upgrade (#16852)
Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg>
Co-authored-by: David Yu <dyu@hashicorp.com>
2023-04-03 21:21:51 +00:00
John Eikenberry 40854125a5
CA mesh CA expiration to it's own section
This is part of an effort to raise awareness that you need to monitor
your mesh CA if coming from an external source as you'll need to manage
the rotation.
2023-04-03 20:02:08 +00:00
Hariram Sankaran 71c32b4607
Fix typo on cli-flags.mdx (#16843)
Change "segements" to segments
2023-04-03 10:28:18 -07:00
Jared Kirschner cc23b0e4dc
docs: raise awareness of GH-16779 (#16823) 2023-03-30 17:23:19 -04:00
Jeff Boruszak 4c038df0ab
docs: Updates to support HCP Consul cluster peering release (#16774)
* New HCP Consul documentation section + links

* Establish cluster peering usage cross-link

* unrelated fix to backport to v1.15

* nav correction + fixes

* Tech specs fixes

* specifications for headers

* Tech specs fixes + alignments

* sprawl edits

* Tip -> note
2023-03-29 09:27:41 -07:00
Michael Wilkerson e5d58c59c9
changes to support new PQ enterprise fields (#16793) 2023-03-27 15:40:49 -07:00
trujillo-adam 90bbae5d75
Docs/intentions refactor docs day 2022 (#16758)
* converted intentions conf entry to ref CT format

* set up intentions nav

* add page for intentions usage

* final intentions usage page

* final intentions overview page

* fixed old relative links

* updated diagram for overview

* updated links to intentions content

* fixed typo in updated links

* rename intentions overview page file to index

* rollback link updates to intentions overview

* fixed nav

* Updated custom HTML in API and CLI pages to MD

* applied suggestions from review to index page

* moved conf examples from usage to conf ref

* missed custom HTML section

* applied additional feedback

* Apply suggestions from code review

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

* updated headings in usage page

* renamed files and udpated nav

* updated links to new file names

* added redirects and final tweaks

* typo

---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-03-24 15:16:06 -07:00
Eddie Rowe ce6e278d9b
Fix broken links in Consul docs (#16640)
* Fix broken links in Consul docs

* more broken link fixes

* more 404 fixes

* 404 fixes

* broken link fix

---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-03-24 19:35:34 +00:00
malizz a168d0e667
add failover policy to ProxyConfigEntry in api (#16759)
* add failover policy to ProxyConfigEntry in api

* update docs
2023-03-24 12:03:00 -07:00
Tu Nguyen e3fd7d32da
Use GH issues type for edu board (#16750) 2023-03-23 09:00:38 -07:00
Luke Kysow 8f7e4d4a7c
Helm docs without developer.hashicorp.com prefix (#16711)
This was causing linter errors
2023-03-21 18:26:40 +00:00
Tu Nguyen 93a3a76de7
Update envoy extension docs, service-defaults, add multi-config example for lua (#16710) 2023-03-21 10:44:02 -07:00
Luke Kysow 1f4c590f2c
Regen helm docs (#16701) 2023-03-21 09:15:53 -07:00
Paul Banks 7eb3dcb65f
Update WAL Known issues (#16676) 2023-03-20 21:44:00 +00:00
Tu Nguyen c8d9cadd56
Fix broken links from api docs (#16695) 2023-03-20 13:53:09 -07:00
Melisa Griffin 606f8fbbab
Adds check to verify that the API Gateway is being created with at least one listener 2023-03-20 12:37:30 -04:00
Rosemary Wang 33a205877e
Fix incorrect links on Envoy extensions documentation (#16666) 2023-03-17 08:29:58 -07:00
Vipin John Wilson c26b6bc037
First cluster grpc service should be NodePort for the second cluster to connect (#16430)
* First cluster grpc service should be NodePort

This is based on the issue opened here https://github.com/hashicorp/consul-k8s/issues/1903

If you follow the documentation https://developer.hashicorp.com/consul/docs/k8s/deployment-configurations/single-dc-multi-k8s exactly as it is, the first cluster will only create the consul UI service on NodePort but not the rest of the services (including for grpc). By default, from the helm chart, they are created as headless services by setting clusterIP None. This will cause an issue for the second cluster to discover consul server on the first cluster over gRPC as it cannot simply cannot through gRPC default port 8502 and it ends up in an error as shown in the issue https://github.com/hashicorp/consul-k8s/issues/1903

As a solution, the grpc service should be exposed using NodePort (or LoadBalancer). I added those changes required in both cluster1-values.yaml and cluster2-values.yaml, and also a description for those changes for the normal users to understand. Kindly review and I hope this PR will be accepted.

* Update website/content/docs/k8s/deployment-configurations/single-dc-multi-k8s.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/k8s/deployment-configurations/single-dc-multi-k8s.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/k8s/deployment-configurations/single-dc-multi-k8s.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-03-16 16:43:19 +00:00
Paul Banks e557fb4e8c
Add known issues to Raft WAL docs. (#16600)
* Add known issues to Raft WAL docs.

* Refactor update based on review feedback
2023-03-15 04:21:31 +00:00
Bastien Dronneau a915d0ca87
Docs discovery typo (#16628)
* docs(discovery): typo

* docs(discovery): EOF and trim lines

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-03-14 08:49:48 -07:00
Ashvitha f95ffe0355
Allow HCP metrics collection for Envoy proxies
Co-authored-by: Ashvitha Sridharan <ashvitha.sridharan@hashicorp.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>

Add a new envoy flag: "envoy_hcp_metrics_bind_socket_dir", a directory
where a unix socket will be created with the name
`<namespace>_<proxy_id>.sock` to forward Envoy metrics.

If set, this will configure:
- In bootstrap configuration a local stats_sink and static cluster.
  These will forward metrics to a loopback listener sent over xDS.

- A dynamic listener listening at the socket path that the previously
  defined static cluster is sending metrics to.

- A dynamic cluster that will forward traffic received at this listener
  to the hcp-metrics-collector service.


Reasons for having a static cluster pointing at a dynamic listener:
- We want to secure the metrics stream using TLS, but the stats sink can
  only be defined in bootstrap config. With dynamic listeners/clusters
  we can use the proxy's leaf certificate issued by the Connect CA,
  which isn't available at bootstrap time.

- We want to intelligently route to the HCP collector. Configuring its
  addreess at bootstrap time limits our flexibility routing-wise. More
  on this below.

Reasons for defining the collector as an upstream in `proxycfg`:
- The HCP collector will be deployed as a mesh service.

- Certificate management is taken care of, as mentioned above.

- Service discovery and routing logic is automatically taken care of,
  meaning that no code changes are required in the xds package.

- Custom routing rules can be added for the collector using discovery
  chain config entries. Initially the collector is expected to be
  deployed to each admin partition, but in the future could be deployed
  centrally in the default partition. These config entries could even be
  managed by HCP itself.
2023-03-10 13:52:54 -07:00
natemollica-dev 726c97b2bd
Consul WAN Fed with Vault Secrets Backend document updates (#16597)
* Consul WAN Fed with Vault Secrets Backend document updates

* Corrected dc1-consul.yaml and dc2-consul.yaml file highlights

* Update website/content/docs/k8s/deployment-configurations/vault/wan-federation.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/k8s/deployment-configurations/vault/wan-federation.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-03-10 12:45:32 -08:00
trujillo-adam 51902695de
fixes for unsupported partitions field in CRD metadata block (#16604)
* fixes for unsupported partitions field in CRD metadata block

* Apply suggestions from code review

Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>

---------

Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2023-03-10 19:33:42 +00:00
Eddie Rowe 3d75ab8a41
Broken link fixes (#16566) 2023-03-07 23:27:11 +00:00
Paul Glass 58016d1aa2
docs: Document config entry permissions (#16556) 2023-03-07 14:05:23 -06:00
Tu Nguyen a5b8256111
Update docs to reflect functionality (#16549)
* Update docs to reflect functionality

* make consistent with other client runtimes
2023-03-07 08:21:23 -08:00
John Maguire 6166889d44
Update the consul-k8s cli docs for the new `proxy log` subcommand (#16458)
* Update the consul-k8s cli docs for the new `proxy log` subcommand

* Updated consul-k8s docs from PR feedback

* Added proxy log command to release notes
2023-03-06 20:43:36 +00:00
Ronald bf501a337b
Improve ux around ACL token to help users avoid overwriting node/service identities (#16506)
* Deprecate merge-node-identities and merge-service-identities flags

* added tests for node identities changes

* added changelog file and docs
2023-03-06 15:00:39 +00:00
trujillo-adam 9e93a30f4d
fixes empty link in DNS usage page (#16534) 2023-03-03 15:04:05 -08:00
Melisa Griffin 129eca8fdb
NET-2903 Normalize weight for http routes (#16512)
* NET-2903 Normalize weight for http routes

* Update website/content/docs/connect/gateways/api-gateway/configuration/http-route.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-03-03 16:39:59 -05:00
John Eikenberry 8910002e8f
update connect/ca's vault AuthMethod conf section (#16346)
Updated Params field to re-frame as supporting arguments specific to the
supported vault-agent auth-auth methods with links to each methods
"#configuration" section.
Included a call out limits on parameters supported.
2023-03-03 19:32:21 +00:00
trujillo-adam 43bd3512f0
fixed broken links associated with cluster peering updates (#16523)
* fixed broken links associated with cluster peering updates

* additional links to fix

* typos

* fixed redirect file
2023-03-03 11:17:26 -08:00
Andrew Stucki 4b661d1e0c
Add ServiceResolver RequestTimeout for route timeouts to make TerminatingGateway upstream timeouts configurable (#16495)
* Leverage ServiceResolver ConnectTimeout for route timeouts to make TerminatingGateway upstream timeouts configurable

* Regenerate golden files

* Add RequestTimeout field

* Add changelog entry
2023-03-03 09:37:12 -05:00
Michael Hofer bbbdc5f4e5
docs(architecture): remove merge conflict leftovers (#16507) 2023-03-02 21:02:52 +00:00
David Yu 21c30958cc
docs: Update release notes with Envoy compat issue (#16494)
* Update v1_15_x.mdx

---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-03-01 14:21:32 -08:00
Ronald 4f8594b28f
Improve ux to help users avoid overwriting fields of ACL tokens, roles and policies (#16288)
* Deprecate merge-policies and add options add-policy-name/add-policy-id to improve CLI token update command

* deprecate merge-roles fields

* Fix potential flakey tests and update ux to remove 'completely' + typo fixes
2023-03-01 15:00:37 -05:00
David Yu 66de1def3b
docs: Consul 1.15.0 and Consul K8s 1.0 release notes (#16481)
* add new release notes
---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-03-01 00:09:11 -08:00
trujillo-adam 1f422f3df3
Changed titles for services pages to sentence style cap (#16477)
* Changed titles for services pages to sentence style cap

* missed a meta title
2023-02-28 19:56:18 -08:00
skpratt be800f0277
docs: clarify license expiration upgrade behavior (#16464) 2023-02-28 16:46:03 -06:00
trujillo-adam 23e247d765
Docs/services refactor docs day 122022 (#16103)
* converted main services page to services overview page

* set up services usage dirs

* added Define Services usage page

* converted health checks everything page to Define Health Checks usage page

* added Register Services and Nodes usage page

* converted Query with DNS to Discover Services and Nodes Overview page

* added Configure DNS Behavior usage page

* added Enable Static DNS Lookups usage page

* added the Enable Dynamic Queries DNS Queries usage page

* added the Configuration dir and overview page - may not need the overview, tho

* fixed the nav from previous commit

* added the Services Configuration Reference page

* added Health Checks Configuration Reference page

* updated service defaults configuraiton entry to new configuration ref format

* fixed some bad links found by checker

* more bad links found by checker

* another bad link found by checker

* converted main services page to services overview page

* set up services usage dirs

* added Define Services usage page

* converted health checks everything page to Define Health Checks usage page

* added Register Services and Nodes usage page

* converted Query with DNS to Discover Services and Nodes Overview page

* added Configure DNS Behavior usage page

* added Enable Static DNS Lookups usage page

* added the Enable Dynamic Queries DNS Queries usage page

* added the Configuration dir and overview page - may not need the overview, tho

* fixed the nav from previous commit

* added the Services Configuration Reference page

* added Health Checks Configuration Reference page

* updated service defaults configuraiton entry to new configuration ref format

* fixed some bad links found by checker

* more bad links found by checker

* another bad link found by checker

* fixed cross-links between new topics

* updated links to the new services pages

* fixed bad links in scale file

* tweaks to titles and phrasing

* fixed typo in checks.mdx

* started updating the conf ref to latest template

* update SD conf ref to match latest CT standard

* Apply suggestions from code review

Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com>

* remove previous version of the checks page

* fixed cross-links

* Apply suggestions from code review

Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com>

---------

Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com>
2023-02-28 14:09:56 -08:00
David Yu 04f9c6bb74
docs: Add backwards compatibility for Consul 1.14.x and consul-dataplane in the Envoy compat matrix (#16462)
* Update envoy.mdx
2023-02-28 10:38:29 -08:00
amitchahalgits 3cbbd63ba2
Update ingress-gateways.mdx (#16330)
* Update ingress-gateways.mdx

Added an example of running the HELM install for the ingress gateways using values.yaml

* Apply suggestions from code review

* Update ingress-gateways.mdx

Adds closing back ticks on example command. The suggesting UI strips them out.

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-02-27 18:43:12 -08:00
Curt Bushko afbc56622a
Update docs for consul-k8s 1.1.0 (#16447) 2023-02-27 19:50:01 -05:00
Bryce Kalow 344411b718
docs: remove extra whitespace in frontmatter (#16436) 2023-02-27 11:57:47 -06:00
Tu Nguyen 378f01736e
Add missing link (#16437) 2023-02-27 09:27:50 -08:00
Tu Nguyen ec4a2e18b5
Refactor and move wal docs (#16387)
* Add WAL documentation. Also fix some minor metrics registration details

* Add tests to verify metrics are registered correctly

* refactor and move wal docs

* Updates to the WAL overview page

* updates to enable WAL usage topic

* updates to the monitoring WAL backend topic

* updates for revert WAL topic

* a few tweaks to overview and udpated metadescriptions

* Apply suggestions from code review

Co-authored-by: Paul Banks <pbanks@hashicorp.com>

* make revert docs consistent with enable

* Apply suggestions from code review

Co-authored-by: Paul Banks <pbanks@hashicorp.com>

* address feedback

* address final feedback

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Paul Banks <pbanks@hashicorp.com>
Co-authored-by: trujillo-adam <ajosetru@gmail.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-02-26 19:21:35 -08:00
Thomas Eckert 3c77a89414
Native API Gateway Docs (#16365)
* Create empty files

* Copy over content for overview

* Copy over content for usage

* Copy over content for api-gateway config

* Copy over content for http-route config

* Copy over content for tcp-route config

* Copy over content for inline-certificate config

* Add docs to the sidebar

* Clean up overview. Start cleaning up usage

* Add BETA badge to API Gateways portion of nav

* Fix header

* Fix up usage

* Fix up API Gateway config

* Update paths to be consistent w/ other gateway docs

* Fix up http-route

* Fix up inline-certificate

* rename path

* Fix up tcp-route

* Add CodeTabs

* Add headers to config pages

* Fix configuration model for http route and inline certificate

* Add version callout to API gateway overview page

* Fix values for inline certificate

* Fix values for api gateway configuration

* Fix values for TCP Route config

* Fix values for HTTP Route config

* Adds link from k8s gateway to vm gateway page

* Remove versioning warning

* Serve overview page at ../api-gateway, consistent w/ mesh-gateway

* Remove weight field from tcp-route docs

* Linking to usage instead of overview from k8s api-gateway to vm api-gateway

* Fix issues in usage page

* Fix links in usage

* Capitalize Kubernetes

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* remove optional callout

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

* Update website/content/docs/connect/gateways/api-gateway/configuration/api-gateway.mdx

* Fix formatting of Hostnames

* Update website/content/docs/api-gateway/index.mdx

* Update website/content/docs/connect/gateways/api-gateway/configuration/http-route.mdx

Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>

* Add cross-linking of config entries

* Fix rendering error on new operator usage docs

* Update website/content/docs/connect/gateways/api-gateway/configuration/http-route.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/configuration/http-route.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

* Apply suggestions from code review

* Add BETA badges to config entry links

* http route updates

* Add Enterprise keys

* Use map instead of list for meta field, use consistent formatting

* Convert spaces to tabs

* Add all Enterprise info to TCP Route

* Use pascal case for JSON api-gateway example

* Add enterprise to HCL api-gw cfg

* Use pascal case for missed JSON config fields

* Add enterprise to JSON api-gw cfg

* Add enterprise to api-gw values

* adds enterprise to http route

* Update website/content/docs/connect/gateways/api-gateway/index.mdx

Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>

* Add enterprise to api-gw spec

* Add missing namespace, partition + meta to specification

* fixes for http route

* Fix ordering of API Gatetway cfg spec items

* whitespace

* Add linking of values to tcp

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Fix comma in wrong place

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Move Certificates down

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Tabs to spaces in httproute

* Use configuration entry instead of config entry

* Fix indentations on api-gateway and tcp-route

* Add whitespace between code block and prose

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* adds <> to http route

---------

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
Co-authored-by: Melisa Griffin <missylbytes@users.noreply.github.com>
Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-02-23 21:01:47 +00:00
Poonam Jadhav 6b5e48b2d9
fix(docs): correct rate limit metrics (#16400) 2023-02-23 14:35:29 -05:00
Nathan Coleman 7c9801ecf6
Fix rendering error on new operator usage docs (#16393) 2023-02-23 12:02:03 -06:00
Jeff Boruszak cddf86f337
Docs/cluster peering 1.15 updates (#16291)
* initial commit

* initial commit

* Overview updates

* Overview page improvements

* More Overview improvements

* improvements

* Small fixes/updates

* Updates

* Overview updates

* Nav data

* More nav updates

* Fix

* updates

* Updates + tip test

* Directory test

* refining

* Create restructure w/ k8s

* Single usage page

* Technical Specification

* k8s pages

* typo

* L7 traffic management

* Manage connections

* k8s page fix

* Create page tab corrections

* link to k8s

* intentions

* corrections

* Add-on intention descriptions

* adjustments

* Missing </CodeTabs>

* Diagram improvements

* Final diagram update

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>

* diagram name fix

* Fixes

* Updates to index.mdx

* Tech specs page corrections

* Tech specs page rename

* update link to tech specs

* K8s - new pages + tech specs

* k8s - manage peering connections

* k8s L7 traffic management

* Separated establish connection pages

* Directory fixes

* Usage clean up

* k8s docs edits

* Updated nav data

* CodeBlock Component fix

* filename

* CodeBlockConfig removal

* Redirects

* Update k8s filenames

* Reshuffle k8s tech specs for clarity, fmt yaml files

* Update general cluster peering docs, reorder CLI > API > UI, cross link to kubernetes

* Fix config rendering in k8s usage docs, cross link to general usage from k8s docs

* fix legacy link

* update k8s docs

* fix nested list rendering

* redirect fix

* page error

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
2023-02-23 11:58:39 -06:00
Jeff Boruszak d1294cf14e
Troubleshoot service to service comms (#16385)
* Troubleshoot service to service comms

* adjustments

* breaking fix

* api-docs breaking fix

* Links added to CLI pages

* Update website/content/docs/troubleshoot/troubleshoot-services.mdx

Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com>

* Update website/content/docs/troubleshoot/troubleshoot-services.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

* Update website/content/docs/troubleshoot/troubleshoot-services.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

* nav re-ordering

* Edits recommended in code review

---------

Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-02-23 11:57:12 -06:00
Tu Nguyen 27af33e6ed
Add envoy extension docs (#16376)
* Add envoy extension docs

* Update message about envoy extensions with proxy defaults

* fix tab error

* Update website/content/docs/connect/proxies/envoy-extensions/usage/lua.mdx

* fix operator prerender issue

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* update envoyextension warning in proxy defaults so its inline

* Update website/content/docs/connect/proxies/envoy-extensions/index.mdx

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-02-23 09:41:30 -08:00
trujillo-adam 340b562353
Docs/rate limiting 1.15 (#16345)
* Added rate limit section to agent overview, updated headings per style guide

* added GTRL section and overview

* added usage docs for rate limiting 1.15

* added file for initializing rate limits

* added steps for initializing rate limits

* updated descriptions for rate_limits in agent conf

* updated rate limiter-related metrics

* tweaks to agent index

* Apply suggestions from code review

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Co-authored-by: Krastin Krastev <krastin@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Krastin Krastev <krastin@hashicorp.com>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Co-authored-by: Krastin Krastev <krastin@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-02-22 13:02:51 -08:00
Kyle Havlovitz 5400e3d83d
Add docs for usage endpoint and command (#16258)
* Add docs for usage endpoint and command
2023-02-22 12:36:25 -08:00
Ranjandas 182f6c8be5
Documentation update: Adding K8S clusters to external Consul servers (#16285)
* Remove Consul Client installation option

With Consul-K8S 1.0 and introduction of Consul-Dataplane, K8S has
the option to run without running Consul Client agents.

* remove note referring to the same documentation

* Added instructions on the use of httpsPort when servers are not running TLS enabled

* Modified titile and description
2023-02-22 12:27:02 -08:00
Nathan Coleman b09d04a785
Update existing docs from Consul API Gateway -> API Gateway for Kubernetes (#16360)
* Update existing docs from Consul API Gateway -> API Gateway for Kubernetes

* Update page header to reflect page title change

* Update nav title to match new page title
2023-02-22 17:34:27 +00:00
malizz c9c49ea3a2
new docs for consul and consul-k8s troubleshoot command (#16284)
* new docs for consul and consul-k8s troubleshoot command

* add changelog

* add troubleshoot command

* address comments, and update cli output to match

* revert changes to troubleshoot upstreams, changes will happen in separate pr

* Update .changelog/16284.txt

Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>

* address comments

* update trouble proxy output

* add missing s, add required fields in usage

---------

Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2023-02-17 13:25:49 -08:00
trujillo-adam c5e729e865
Docs/reformat service splitters conf entry (#16264)
* for tab testing

* updates

* Update

* adding sandbox to test conf ref types

* testing tweaks to the conf ref template

* reintroduce tabbed specification

* applied feedback from MKO session

* applied feedback on format from luke and jared

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* fixed some minor HCL formatting in complete conf

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* fixed bad link

* resolving conflicts

---------

Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
Co-authored-by: Dan Upton <daniel@floppy.co>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-02-15 14:37:32 -08:00
Curt Bushko 1d9ee50681
[OSS] connect: Bump Envoy 1.22.5 to 1.22.7, 1.23.2 to 1.23.4, 1.24.0 to 1.24.2, add 1.25.1, remove 1.21.5 (#16274)
* Bump Envoy 1.22.5 to 1.22.7, 1.23.2 to 1.23.4, 1.24.0 to 1.24.2, add 1.25.1, remove 1.21.5
2023-02-15 11:45:43 -05:00
Nicholas Richu dc2aa36b6f
Update index.mdx (#16247)
* Update index.mdx

* Update website/content/docs/connect/dataplane/index.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-02-13 16:38:05 -05:00
oneoneonepig dae88b16e8
Fix typo in checks.mdx (#16187)
Typo severeal -> several
2023-02-09 10:20:00 -08:00
skpratt 9199e99e21
Update token language to distinguish Accessor and Secret ID usage (#16044)
* remove legacy tokens

* remove lingering legacy token references from docs

* update language and naming for token secrets and accessor IDs

* updates all tokenID references to clarify accessorID

* remove token type references and lookup tokens by accessorID index

* remove unnecessary constants

* replace additional tokenID param names

* Add warning info for deprecated -id parameter

Co-authored-by: Paul Glass <pglass@hashicorp.com>

* Update field comment

Co-authored-by: Paul Glass <pglass@hashicorp.com>

---------

Co-authored-by: Paul Glass <pglass@hashicorp.com>
2023-02-07 12:26:30 -06:00
Bryce Kalow 9edb625331
docs: update redirected links (#16179) 2023-02-07 10:36:32 -06:00
Dao Thanh Tung 57a91190a9
Add missing doc for gRPC TLS (#16161)
Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg>
2023-02-07 03:01:28 +00:00
cskh 8b98c1a1a5
docs(service-resolver): clarify the default time unit in service-resolver.ConnectTimeout (#16149)
* doc: clarify the default time unit in service-resolver.ConnectTimeout

* Update website/content/docs/connect/config-entries/service-resolver.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-02-06 18:56:51 +00:00
Semir Patel 54f198f922
Add links in release-notes for the last five patch releases (#16109) 2023-02-06 17:46:28 +00:00
Jared Kirschner a837984398
docs: refine server TLS Vault PKI role config (#16166)
The generate_lease=true configuration is unnecessary and generates a note about performance implications in Vault logs. Remove this configuration so that the default value of generate_lease=false is used instead.
2023-02-06 12:29:36 -05:00
Luke Kysow 98cf66dc14
Document how numRetries can't be set to 0 (#16123)
* Document how numRetries can't be set to 0

Resolves https://github.com/hashicorp/consul/issues/11816 and https://github.com/hashicorp/consul/issues/8516.

* Update website/content/docs/connect/config-entries/service-router.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-02-06 17:19:44 +00:00
Curt Bushko 9e184e1b04
Update helm docs based on consul-k8s release/1.0.x branch (#16157)
* docs - Docs/k8s 1.0.3 helm docs

* remove openebs entry
2023-02-03 19:00:12 -08:00
Ashwin Venkatesh 92ac3c2269
docs: use proxy health checks when enabled (#16033) 2023-02-03 14:49:09 -08:00
Dan Stough f1d18f1a9b
docs(service-defaults): upstream overrides for peered services (#16122)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-02-03 17:08:06 -05:00
Dan Upton e40b731a52
rate: add prometheus definitions, docs, and clearer names (#15945) 2023-02-03 12:01:57 +00:00
Nicholas Richu 5737b55136
Docs: change connect to SM for mTLS page (#16082)
* Update connect-internals.mdx

Removed most references for 'Connect' given the terminology has long been deprecated in official use.

* Apply suggestions from code review

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update connect-internals.mdx

Updates based on Blakes recommendations

* Update connect-internals.mdx

---------

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>
2023-02-02 09:40:35 -05:00
Kyle Havlovitz d53c331a37
Add a flag for enabling debug logs to the `connect envoy` command (#15988)
* Add a flag for enabling debug logs to the `connect envoy` command

* Update website/content/commands/connect/envoy.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Add changelog note

* Add debug log note to envoy proxy doc page

* Update website/content/docs/connect/proxies/envoy.mdx

Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>

* Wording tweak in envoy bootstrap section

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>
2023-01-31 13:30:20 -08:00
Chris S. Kim 90041639fc
Update docs for tls commands (#16077) 2023-01-30 17:26:56 +00:00
skpratt ad43846755
Remove legacy acl tokens (#15947)
* remove legacy tokens

* Update test comment

Co-authored-by: Paul Glass <pglass@hashicorp.com>

* fix imports

* update docs for additional CLI changes

* add test case for anonymous token

* set deprecated api fields to json ignore and fix patch errors

* update changelog to breaking-change

* fix import

* update api docs to remove legacy reference

* fix docs nav data

---------

Co-authored-by: Paul Glass <pglass@hashicorp.com>
2023-01-27 09:17:07 -06:00
Jeff Boruszak 94eb9536d1
Fixes (#16086) 2023-01-26 14:19:12 -08:00
Jeff Boruszak 44c608706b
docs: Consul at scale guide (#15890)
* Initial page and nav data

* Formatting

* Fixes

* Page description

* DNS lookup fixes

* admin partition link

* Control Plane Resiliency rephrase

* Dataplanes/xDS callout

* word choice correction

* Consul as Vault backend clarifications

* Link to blog post on testing

* Update website/content/docs/architecture/scale.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Update website/content/docs/architecture/scale.mdx

* Apply suggestions from code review

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

* Update website/content/docs/architecture/scale.mdx

* Update website/content/docs/architecture/scale.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2023-01-26 13:35:21 -06:00
Jeff Boruszak abfdc35fc7
docs: CLI page descriptions for automated checker (#16056)
* ACL

* ACL

* Catalog

* consul config

* consul connect

* top-level updates

* consul intention

* consul kv

* consul namespace

* consul peering

* consul peering delete

* consul services

* consul snapshot

* consul tls

* consul acl auth-method

* acl binding-rule

* acl policy

* acl role

* acl token

* fix

* standardization

* Update website/content/commands/snapshot/save.mdx

Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>

* consul debug
consul keyring

Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-01-26 12:42:13 -06:00
Dan Upton eb971cb507
docs: update Nomad 1.14 upgrade note to detail additonal info. (#16071)
Co-authored-by: James Rasell <jrasell@hashicorp.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-01-26 17:30:21 +00:00
danielehc 0edebe6e58
Update service-resolver.mdx (#16073)
* Update service-resolver.mdx

Fixing links in the Documentation for service-resolver filter options.

* Update website/content/docs/connect/config-entries/service-resolver.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-01-26 17:14:46 +01:00
Ashlee M Boyer 6e425f7428
docs: Migrate link formats (#15976)
* Adding check-legacy-links-format workflow

* Adding test-link-rewrites workflow

* Updating docs-content-check-legacy-links-format hash

* Migrating links to new format

Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com>
2023-01-25 08:52:43 -08:00
Ronald 6167aef641
Warn when the token query param is used for auth (#16009) 2023-01-24 16:21:41 +00:00
Jared Kirschner 53772c241d
docs: clarify service defaults example (#16043) 2023-01-23 19:34:28 -05:00
Ashlee M Boyer 7b3b0f469b
Updating MD links in ConfigEntryReference components (#16038) 2023-01-20 20:02:25 -05:00
Jared Kirschner 0611726bea
docs: clarify reloadable config option usage (#15957) 2023-01-20 18:42:30 -05:00
Luke Kysow 7f887a1b89
Update gossip.mdx (#16030)
Fix description of topic. I think it was copy pasted incorrectly.
2023-01-20 12:10:50 -08:00
Jeff Boruszak e4807d4be1
docs: link fixes for Envoy proxy page (#16023)
* Link path fixes

* update

* Revert "update"

This reverts commit 6b3344481c501a2d8e1190e80977cc1bb7ae7ee1.

* Link fixes
2023-01-20 11:12:18 -06:00
Ashwin Venkatesh a1e2a4f8d6
Add support for envoy readiness flags (#16015)
* Add support for envoy readiness flags
- add flags 'envoy-ready-bind-port` and `envoy-ready-bind-addr` on consul connect envoy to create a ready listener on that address.
2023-01-19 16:54:11 -05:00
am-ak ff477c44d6
Major updates and reorganizing of checks.mdx (#15806)
* Major updates and reorganizing of checks.mdx

* Update checks.mdx

Additional suggestion for clarity around gRPC `:/service-identifier` example

Signed-off-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

Signed-off-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-01-19 15:55:13 +00:00
Ashlee M Boyer 02869ce9a8
[docs] Adjusting links for rewrite project (#15999) 2023-01-17 17:18:04 -08:00
trujillo-adam dfcc11ec5f
fixes pre-devdot links in service defaults ref docs (#15989) 2023-01-17 10:09:14 -08:00
Chris S. Kim e4a268e33e
Warn if ACL is enabled but no token is provided to Envoy (#15967) 2023-01-16 12:31:56 -05:00
Ranjandas db69cd6f65
Update TG Docs with SAN match option when using SNI (#15971)
When using SNI in Terminating Gateway, Consul configures envoy to
have strict SAN matching. This requires all external services to
have SANs in their certificates and not having it will throw
CERTIFICATE_VERIFY_FAILED error.
2023-01-12 19:55:36 -08:00
Frank DiRocco 59a3a0749c
Update go-discover to support ECS discovery (#13782)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-01-12 12:06:29 -06:00
Michael Wilkerson d94fc2d8ad
removed Consul requirements from documentation as it may be confusing (#15958)
* removed Consul requirements from documentation as it may be confusing
2023-01-11 21:01:30 -08:00
Dan Stough 5d3643f4f0
docs(access logs): new docs for access logging (#15948)
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-01-11 16:41:02 +00:00
Paul Glass f5231b9157
Add new config_file_service_registration token (#15828) 2023-01-10 10:24:02 -06:00
Jared Kirschner 8bfdc0c02f
docs: cluster peering upgrade clarification (#15935) 2023-01-06 18:30:10 -05:00
Dhia Ayachi 233eacf0a4
inject logger and create logdrop sink (#15822)
* inject logger and create logdrop sink

* init sink with an empty struct instead of nil

* wrap a logger instead of a sink and add a discard logger to avoid double logging

* fix compile errors

* fix linter errors

* Fix bug where log arguments aren't properly formatted

* Move log sink construction outside of handler

* Add prometheus definition and docs for log drop counter

Co-authored-by: Daniel Upton <daniel@floppy.co>
2023-01-06 11:33:53 -07:00
Jared Kirschner 3d7fcf7795
docs: fix markdown heading levels (#15912) 2023-01-06 11:37:19 -05:00
Tu Nguyen 7b8ccca498
Update example link for Consul K8s NGINX ingress controller (#15916) 2023-01-06 08:11:13 -08:00
lbausch 4795daa809
docs: Fix link (#14890)
Co-authored-by: David Yu <dyu@hashicorp.com>
2023-01-06 05:21:56 +00:00
Tu Nguyen 01a4510d6c
Update api gateway version to latest (#15197)
* Update api gateway version to latest

* Update website/content/docs/api-gateway/install.mdx

* update to latest apigw version 0.5.1

* update consul and helm version
2023-01-04 12:44:02 -08:00
Florian Apolloner 077b0a48a3
Allow Operator Generated bootstrap token (#14437)
Add support to provide an initial token via the bootstrap HTTP API, similar to hashicorp/nomad#12520
2023-01-04 20:19:33 +00:00
Tu Nguyen 4bbfad8dca
Update links to new get started tutorials (#15154) 2023-01-04 09:58:08 -08:00
Gerard Nguyen 53250b19f4
docs: update intentions config (#15868) 2022-12-22 20:07:23 +00:00
Jeff Boruszak a38a3d0b5e
Removed technical preview callout (#15872) 2022-12-22 12:52:34 -06:00
Vladislav Sharapov 629878a687
Update service-discovery.mdx (#15832)
* Update service-discovery.mdx

* Update website/content/docs/concepts/service-discovery.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-12-20 13:54:33 -06:00
Michael Wilkerson 1b28b89439
Enhancement: Consul Compatibility Checking (#15818)
* add functions for returning the max and min Envoy major versions
- added an UnsupportedEnvoyVersions list
- removed an unused error from TestDetermineSupportedProxyFeaturesFromString
- modified minSupportedVersion to use the function for getting the Min Envoy major version. Using just the major version without the patch is equivalent to using `.0`

* added a function for executing the envoy --version command
- added a new exec.go file to not be locked to unix system

* added envoy version check when using consul connect envoy

* added changelog entry

* added docs change
2022-12-20 09:58:19 -08:00
trujillo-adam 1f89de051c
fixed bad markdown in network segments usage (#15852) 2022-12-19 16:23:57 -08:00
trujillo-adam f3f9e54b0d
Docs/network segments tutorial docs conversion (#15829)
* added a NS folder and refactored main page into the overview page

* added NS usage page to NS folder

* updated links to NS docs

* updated nav

* addressed feedback from review
2022-12-19 15:35:05 -08:00
Nitya Dhanushkodi d382ca0aec
extensions: refactor serverless plugin to use extensions from config entry fields (#15817)
docs: update config entry docs and the Lambda manual registration docs

Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
Co-authored-by: Eric <eric@haberkorn.co>
2022-12-19 12:19:37 -08:00
Tu Nguyen 3df2b7d2ab
Update docs to reflect vault and consul compatibility (#15826)
* update docs to reflect vault and consul compatibility

* Update website/content/docs/connect/ca/vault.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-12-19 10:32:25 -08:00
Paul Glass 619032cfcd
Deprecate -join and -join-wan (#15598) 2022-12-14 20:28:25 +00:00
Paul Glass 8ad56b778c
Update compat table for ECS (#15782) 2022-12-13 16:15:30 -06:00
John Murret e027c94b52
adding config for request_limits (#15531)
* server: add placeholder glue for rate limit handler

This commit adds a no-op implementation of the rate-limit handler and
adds it to the `consul.Server` struct and setup code.

This allows us to start working on the net/rpc and gRPC interceptors and
config logic.

* Add handler errors

* Set the global read and write limits

* fixing multilimiter moving packages

* Fix typo

* Simplify globalLimit usage

* add multilimiter and tests

* exporting LimitedEntity

* Apply suggestions from code review

Co-authored-by: John Murret <john.murret@hashicorp.com>

* add config update and rename config params

* add doc string and split config

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* use timer to avoid go routine leak and change the interface

* add comments to tests

* fix failing test

* add prefix with config edge, refactor tests

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* refactor to apply configs for limiters under a prefix

* add fuzz tests and fix bugs found. Refactor reconcile loop to have a simpler logic

* make KeyType an exported type

* split the config and limiter trees to fix race conditions in config update

* rename variables

* fix race in test and remove dead code

* fix reconcile loop to not create a timer on each loop

* add extra benchmark tests and fix tests

* fix benchmark test to pass value to func

* server: add placeholder glue for rate limit handler

This commit adds a no-op implementation of the rate-limit handler and
adds it to the `consul.Server` struct and setup code.

This allows us to start working on the net/rpc and gRPC interceptors and
config logic.

* Set the global read and write limits

* fixing multilimiter moving packages

* add server configuration for global rate limiting.

* remove agent test

* remove added stuff from handler

* remove added stuff from multilimiter

* removing unnecessary TODOs

* Removing TODO comment from handler

* adding in defaulting to infinite

* add disabled status in there

* adding in documentation for disabled mode.

* make disabled the default.

* Add mock and agent test

* addig documentation and missing mock file.

* Fixing test TestLoad_IntegrationWithFlags

* updating docs based on PR feedback.

* Updating Request Limits mode to use int based on PR feedback.

* Adding RequestLimits struct so we have a nested struct in ReloadableConfig.

* fixing linting references

* Update agent/consul/rate/handler.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* Update agent/consul/config.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* removing the ignore of the request limits in JSON.  addingbuilder logic to convert any read rate or write rate less than 0 to rate.Inf

* added conversion function to convert request limits object to handler config.

* Updating docs to reflect gRPC and RPC are rate limit and as a result, HTTP requests are as well.

* Updating values for TestLoad_FullConfig() so that they were different and discernable.

* Updating TestRuntimeConfig_Sanitize

* Fixing TestLoad_IntegrationWithFlags test

* putting nil check in place

* fixing rebase

* removing change for missing error checks.  will put in another PR

* Rebasing after default multilimiter config change

* resolving rebase issues

* updating reference for incomingRPCLimiter to use interface

* updating interface

* Updating interfaces

* Fixing mock reference

Co-authored-by: Daniel Upton <daniel@floppy.co>
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-12-13 13:09:55 -07:00
cskh 04bf24c8c1
feat(ingress-gateway): support outlier detection of upstream service for ingress gateway (#15614)
* feat(ingress-gateway): support outlier detection of upstream service for ingress gateway

* changelog

Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com>
2022-12-13 11:51:37 -05:00
John Murret 348bbf60f1
Fixing CLI instructions so that the installing a cluster that is embedded in the mac instructions is moved outside of the tabbed instructions. (#15736)
* Fixing CLI instructions so that the installing a cluster that is embedded in the mac instructions is moved outside of the tabbed instructions.
Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-12-10 18:21:45 +00:00
Geoffrey Grosenbach a013696f17
Remove mention of enterprise license form (#15752)
The license form is no longer available so this recommends contacting a support representative instead.
2022-12-09 14:02:25 -08:00
Jared Kirschner 8991e116fe
docs: how to launch envoy when ACLs enabled (#15497) 2022-12-08 20:15:58 -05:00
Jeff Boruszak 8950762e35
docs: Enterprise Feature Table update (#15738)
* Table update

* Old table re-added and alphabetized

* Update website/content/docs/enterprise/index.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-12-08 16:49:49 -06:00
Eric Haberkorn 4268c1c25c
Remove the `connect.enable_serverless_plugin` agent configuration option (#15710) 2022-12-08 14:46:42 -05:00
Paul Glass 707ca06d79
docs: Fix go-sockaddr links (#15723) 2022-12-08 10:32:37 -06:00
David Yu 1c5d54cb29
docs: Small docs updates, peering and K8s CNI (#15702) 2022-12-07 10:08:24 -08:00
David Yu 7a759be2c5
docs: K8s CNI namespace (#15696) 2022-12-06 13:51:31 -08:00
Curt Bushko 95bcfd207d
Update consul-k8s docs based on the consul-k8s release/1.0.x branch (#15678) 2022-12-05 13:20:14 -08:00
David Yu 98cbf341ae
docs: Update Consul K8s CRDs (#15675) 2022-12-05 13:06:02 -08:00
Jeff Boruszak d16a9dc409
docs: Agentless performance clarifications (#15671)
* Requested changes
2022-12-05 12:43:15 -08:00
Evan Culver 692a6fdecf
Fix broken link to Consul Dataplane index (#15660)
The `/index` appears to result in a 404.
2022-12-03 10:17:06 -08:00
Jared Kirschner 66e28f35f1
docs: clarify Vault CA provider permissions needed (#15478) 2022-12-03 09:17:33 -05:00
James Oulman 2da843818c
docs: fix agent catalog-services caching method (#15645)
* docs: fix agent catalog-services caching method
2022-12-02 18:42:49 +00:00
am-ak d73871b5a2
docs: Correct a typo in checks.mdx (#15426)
* Update checks.mdx

Correcting a typo under  `UDP + Interval`

* Update website/content/docs/discovery/checks.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-12-02 08:22:32 -08:00
skpratt 06880bd51f
update docs for exp v2 licensing changes (#15563) 2022-12-01 11:30:29 -06:00
David Yu 62e5c65e59
docs: fix typos helm install (#15625)
* fix typos helm install and small compat matrix change related to host ports not required any longer
2022-11-30 12:36:40 -08:00
James Oulman 7e78fb7818
Add support for configuring Envoys route idle_timeout (#14340)
* Add idleTimeout

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-11-29 17:43:15 -05:00
Chris S. Kim 31d58014fd
docs: Update acl-tokens.mdx (#15607) 2022-11-29 16:20:39 -05:00
Conrad Kleinespel b168b5c353
Fix AWS IAM trusted identity entity_tags.<key> (#14727)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-29 12:34:28 -08:00
David Yu 1b0e20a681
docs: typo on cluster peering k8s (#15602) 2022-11-29 11:49:54 -08:00
David Yu 54a3714543
docs: Clean up k8s cluster peering instructions (#15592) 2022-11-29 10:58:13 -08:00
cskh 7561303855
docs: clarify envoy proxy configuration (#15562)
- Specify using the service config entry to configure
  service's envoy proxy
- add missing fields in proxy.config
2022-11-28 20:33:54 -05:00
David Yu 25c4ed6ea0
docs: Fix language to describe clients previously ran on each node (#15580) 2022-11-28 14:50:48 -08:00
cskh 97c9432843
fix(peering): increase the gRPC limit to 8MB (#15503)
* fix(peering): increase the gRPC limit to 50MB

* changelog

* update gRPC limit to 8MB
2022-11-28 17:48:43 -05:00
Jeff Boruszak 73e2b96f9f
Load Balancer addition (#15583) 2022-11-28 16:48:01 -06:00
David Yu 62205d60cc
docs: Update Consul K8s Release Notes to mention updates to Cluster Peering (#15573) 2022-11-28 13:26:56 -08:00
Jeff Boruszak b856a17cbf
docs: Dataplane performance impact (#15566)
* New image + performance considerations

* Image related updates

* Update website/content/docs/connect/dataplane/index.mdx

Co-authored-by: David Yu <dyu@hashicorp.com>

Co-authored-by: David Yu <dyu@hashicorp.com>
2022-11-28 14:33:22 -06:00
Jared Kirschner 1a68dfc668
docs: add peering control plane diagrams (#15498) 2022-11-26 09:37:56 -05:00
Nitya Dhanushkodi d4ca1b5316
update docs with mesh and proxydefaults config (#15526) 2022-11-24 10:02:47 -08:00
Chris Thain 6b477ceff8
Snapshot agent docs updates (#15504) 2022-11-22 06:13:13 -08:00
Tu Nguyen 5ea70d7d83
fix typo in cluster peering docs (#15519) 2022-11-21 13:51:40 -08:00
Jared Kirschner d3dede5f8b
docs: add retry_max agent config option (#15487) 2022-11-21 16:16:56 -05:00
Jeff Boruszak ef235c7c36
ServerExternalAddresses parameter clarification (#15506) 2022-11-21 11:51:09 -06:00
Dan Stough 44097c1154
docs: revert peering API changes (#15505) 2022-11-21 12:45:51 -05:00
Derek Menteer 2703545331
Add -grpc-ca-file and -grpc-ca-path CLI info on upgrade notes. (#15500)
* Add -grpc-ca-file and -grpc-ca-path CLI info on upgrade notes.
2022-11-21 09:41:29 -06:00
Jared Kirschner 3e7e8ae9c5
Support RFC 2782 for prepared query DNS lookups (#14465)
Format:
	_<query id or name>._tcp.query[.<datacenter>].<domain>
2022-11-20 17:21:24 -05:00
Jared Kirschner f0837a2cd0
docs: remove unnecessary ent label (#15081) 2022-11-19 08:53:52 -05:00
Jared Kirschner 124e717d2d
docs: clarify TLS cipher suite config (#15203) 2022-11-19 08:53:27 -05:00
David Yu 1153779677
docs: formatting release notes (#15484) 2022-11-18 19:50:09 -08:00
David Yu fd801d7225
docs: Core 1.14 and K8s 1.0 release notes (#15416)
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-11-18 18:40:54 -08:00
Jared Kirschner f80f9a60b2
docs: clarify -retry-max (#15477) 2022-11-18 18:51:28 -05:00
Dan Stough f6ebc48c4e
docs(peering): peering GA ACL updates (#15366)
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-11-18 17:39:41 -05:00
Derek Menteer 9a8c47d589
Add Consul 1.14.0 known issue. (#15469)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2022-11-18 14:59:57 -07:00
Derek Menteer 6fa8fa4fca
Fix issue with connect Envoy choosing incorrect TLS settings. (#15466)
This commit fixes a situation where the API TLS configuration
incorrectly influences the GRPC port TLS configuration for XDS.
2022-11-18 14:36:20 -06:00
Jared Kirschner c14f664399
docs: include upgrade path to 1.14 (#15463) 2022-11-18 09:56:41 -08:00
Iryna Shustava 2be8b3326c
docs: remaining agentless docs updates (#15455)
* Update servers-outside-kubernetes.mdx

* Update single-dc-multi-k8s.mdx

* update Vault data integration for snapshot agent

* update k8s health checks page

* remove all instances of controller.enabled in helm values examples

* API Gateway update

* Apply suggestions from code review

Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>

* Apply suggestions from code review

* Apply suggestions from code review

* Cleaner diagram

* added change around clients to workloads

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-11-18 11:33:02 -06:00
trujillo-adam ab51aac7e0
Update docs for the release of Consul API Gateway v0.5 (#15015)
* added usage folder to organize use case docs for CAPIgw

* Add peer field to MeshService configuration page

* Add first pass at guide for routing to peered services

* Add exception to same-datacenter restriction for referenced Consul service

* Add example HTTPRoute referencing the MeshService as backendRef

* Add example ServiceResolver

* Add note about current ServiceResolver requirement

ServiceResolver may eventually be created implicitly by the API gateway controller, but that decision is pending.

* tweaks to the usage page for routing to peered services

* tweaks to the  description in the  configuration reference

* resolved TO-DOs from previous iteration

* Remove datacenter federation from limited support matrix

* added tolerations doc

* Remove note excluding k8s 1.24 since we now support it

* Reorder sections to maintain alphabetical sort

* Add example configuration for MeshService resource

* Adjust wording + indentation of other docs

* Use consistent "example-" prefix for resource names in example code

* reframed the tolerations documentation; STILL A WIP

* add helm chart documentation

* removed tolerations from gwcconfig configuration model reference

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* update version to 0.5.0

* Update install.mdx

* added release notes for v.0.5.x

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2022-11-17 15:42:25 -08:00
David Yu 940084e097
docs: Update admin-partitions.mdx (#15428)
* Update admin-partitions.mdx
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-11-17 15:12:32 -08:00
Jeff Boruszak 0b711ec8a2
docs: Consul Dataplane updates for v.1.14.0 (#15384)
* Consul Architecture update

* Consul on Kubernetes architecture

* Install Consul on Kubernetes with Helm updates

* Vault as the Secrets Backend Data Integration

* Kubernetes Service Mesh Overview

* Terminating Gateways

* Fully updated

* Join external service to k8s

* Consul on Kubernetes

* Configure metrics for Consul on Kubernetes

* Service Sync for Consul on Kubernetes

* Custom Resource Definitions for Consul on k8s

* Upgrading Consul on Kubernetes Components

* Rolling Updates to TLS

* Dataplanes diagram

* Upgrade instructions

* k8s architecture page updates

* Update website/content/docs/k8s/connect/observability/metrics.mdx

Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>

* Update website/content/docs/architecture/index.mdx

* Update website/content/docs/k8s/connect/terminating-gateways.mdx

* CRDs

* updating version numbers

* Updated example config

* Image clean up

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/k8s/architecture.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-17 17:04:29 -06:00
Derek Menteer ad0cba9fd5
Improve language on 1.14 upgrade instructions. (#15412) 2022-11-17 16:28:47 -06:00
Nitya Dhanushkodi 05f7b51c6a
generate helm docs (#15443) 2022-11-17 14:26:14 -08:00
Matt Keeler 26f9008808
Update licensing docs to account for virtual agents. (#15398)
* Update licensing docs to account for virtual agents.

* Update website/content/docs/enterprise/license/overview.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-17 13:58:07 -08:00
Paul Glass 781f1499d7
docs: Include env vars in consul-dataplane reference (#15369)
* docs: Include env vars in consul-dataplane reference
* docs: Consul Dataplane bundles Envoy 1.24
* docs: Consul Dataplane is no longer beta
2022-11-17 15:56:41 -06:00
David Yu 2fcb043816
docs: Consul K8s 1.0/Consul 1.14 GA Compat Matrix change (#15400)
* docs: 1.0 GA Compat Matrix change
2022-11-17 13:42:06 -08:00
Tu Nguyen 43097a4db9
Update guidance for vault PKI CA provider (#15422)
* Update guidance for vault PKI CA provider

* clarify workarounds if already using vault 1.11+

* Update website/content/docs/connect/ca/vault.mdx

* Update website/content/docs/k8s/connect/connect-ca-provider.mdx

* Update website/content/docs/k8s/deployment-configurations/vault/data-integration/connect-ca.mdx

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* add suggestion from Matt

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-11-17 08:51:43 -08:00
Dan Stough 778812a457
docs(peering): update k8s docs for GA (#15417)
* docs(peering): update k8s docs for GA

* fix code formatting and typo
2022-11-17 08:25:32 -08:00
Michael Schurter 527b58db66
docs: add nomad incompatibility to 1.14 docs (#15397)
docs: add nomad incompatibility to 1.14 docs
2022-11-16 16:45:58 -06:00
cskh 435e16ecda
fix: clarifying error message when acquiring a lock in remote dc (#15394)
* fix: clarifying error message when acquiring a lock in remote dc

* Update website/content/commands/lock.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-16 15:27:37 -05:00
Derek Menteer 5853710829
Include addresses.grpc_tls in upgrade docs. (#15408) 2022-11-16 14:10:29 -06:00
cskh 5593d5ddb5
docs: make the h1 title consistent with the page_title (#15396) 2022-11-16 14:40:52 -05:00
Derek Menteer b0041311f7
Fix issue with formatting in upgrade notes. (#15395) 2022-11-16 13:38:09 -06:00
Nitya Dhanushkodi 4a0fd15b69
update compatibility matrix (#15389) 2022-11-15 22:07:37 -08:00
cskh e0487281a8
docs: minor clarifiation to mesh gateway (#15373)
* doc: minor clarifiation to mesh gateway

* update h1 title of mgw for wan fed control plan traffic
2022-11-15 11:00:58 -05:00
Kyle Havlovitz f4c3e54b11
auto-config: relax node name validation for JWT authorization (#15370)
* auto-config: relax node name validation for JWT authorization

This changes the JWT authorization logic to allow all non-whitespace,
non-quote characters when validating node names. Consul had previously
allowed these characters in node names, until this validation was added
to fix a security vulnerability with whitespace/quotes being passed to
the `bexpr` library. This unintentionally broke node names with
characters like `.` which aren't related to this vulnerability.

* Update website/content/docs/agent/config/cli-flags.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-14 18:24:40 -06:00
Nick Wales c4eb1b67f5
Fixes broken links (#15343)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-14 14:18:57 -08:00
Dhia Ayachi 225ae55e83
Leadership transfer cmd (#14132)
* add leadership transfer command

* add RPC call test (flaky)

* add missing import

* add changelog

* add command registration

* Apply suggestions from code review

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

* add the possibility of providing an id to raft leadership transfer. Add few tests.

* delete old file from cherry pick

* rename changelog filename to PR #

* rename changelog and fix import

* fix failing test

* check for OperatorWrite

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

* rename from leader-transfer to transfer-leader

* remove version check and add test for operator read

* move struct to operator.go

* first pass

* add code for leader transfer in the grpc backend and tests

* wire the http endpoint to the new grpc endpoint

* remove the RPC endpoint

* remove non needed struct

* fix naming

* add mog glue to API

* fix comment

* remove dead code

* fix linter error

* change package name for proto file

* remove error wrapping

* fix failing test

* add command registration

* add grpc service mock tests

* fix receiver to be pointer

* use defined values

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

* reuse MockAclAuthorizer

* add documentation

* remove usage of external.TokenFromContext

* fix failing tests

* fix proto generation

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Apply suggestions from code review

* add more context in doc for the reason

* Apply suggestions from docs code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* regenerate proto

* fix linter errors

Co-authored-by: github-team-consul-core <github-team-consul-core@hashicorp.com>
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-11-14 15:35:12 -05:00
Dan Stough 9a5196a47f
Peering Mesh Gateway Updates for GA (#15344)
* docs(peering): remove beta references

Co-authored-by: hc-github-team-consul-core <github-team-consul-core@hashicorp.com>
Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com>
Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
2022-11-14 15:03:17 -05:00
Dan Stough e426b79a60
docs(peering): remove beta references (#15340)
* docs(peering): remove beta references
2022-11-14 14:49:50 -05:00
Derek Menteer 931cec42b3
Prevent serving TLS via ports.grpc (#15339)
Prevent serving TLS via ports.grpc

We remove the ability to run the ports.grpc in TLS mode to avoid
confusion and to simplify configuration. This breaking change
ensures that any user currently using ports.grpc in an encrypted
mode will receive an error message indicating that ports.grpc_tls
must be explicitly used.

The suggested action for these users is to simply swap their ports.grpc
to ports.grpc_tls in the configuration file. If both ports are defined,
or if the user has not configured TLS for grpc, then the error message
will not be printed.
2022-11-11 14:29:22 -06:00
Derek Menteer d981fb8d14
Add peering incompatibility warning to upgrade docs. (#15319) 2022-11-10 09:32:31 -06:00
Luke Kysow c80f8c3526
Add description for anon token policy (#15311) 2022-11-09 10:26:10 -08:00
malizz b9a9e1219c
update config defaults, add docs (#15302)
* update config defaults, add docs

* update grpc tls port for non-default values

* add changelog

* Update website/content/docs/upgrading/upgrade-specific.mdx

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>

* update logic for setting grpc tls port value

* move default config to default.go, update changelog

* update docs

* Fix config tests.

* Fix linter error.

* Fix ConnectCA tests.

* Cleanup markdown on upgrade notes.

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
Co-authored-by: Derek Menteer <derek.menteer@hashicorp.com>
2022-11-09 09:29:55 -08:00
Krastin Krastev f5669a3ec5
docs: fix links in ent-license faq (#15242) 2022-11-09 15:56:58 +01:00
Sudharshan K S 9cb7311abc
Update dns-tools-compare.mdx (#15287)
Corrected the markdown to correctly display the link
2022-11-08 16:29:22 -05:00
Derek Menteer b64972d486
Bring back parameter ServerExternalAddresses in GenerateToken endpoint (#15267)
Re-add ServerExternalAddresses parameter in GenerateToken endpoint

This reverts commit 5e156772f6
and adds extra functionality to support newer peering behaviors.
2022-11-08 14:55:18 -06:00
Jeff Boruszak 80fb1f0e3f
docs: Admin Partition clarification for cluster peering (#15281)
* Updates

* datcenter statement

* cluster peering page addition

* typo fix

* Update website/content/docs/enterprise/admin-partitions.mdx

* Update website/content/docs/enterprise/admin-partitions.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-11-08 14:40:03 -06:00
David Yu b848849742
docs: cluster peering docs feedback (#15268)
* docs: cluster peering docs feedback

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
2022-11-04 15:01:23 -07:00
Paul Glass 325d0e2320
docs: Update consul-dataplane docs for post-beta (#15177)
* Update Consul Dataplane CLI reference
* Add new page for Consul Dataplane telemetry
* Add `server_type` label to agent grpc metrics
* Callout Consul Dataplane in Envoy bootstrap configuration section
* Update consul-dataplane unsupported features

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Riddhi Shah <riddhi@hashicorp.com>
2022-11-03 12:05:29 -05:00
Nathan Coleman 2f005f2086
Update required Helm chart version to match APIGW release notes (#15168) 2022-10-31 16:31:10 -04:00
Evan Culver 62d4517f9e
connect: Add Envoy 1.24 to integration tests, remove Envoy 1.20 (#15093) 2022-10-31 10:50:45 -05:00
Nathan Coleman 5d73fda1f4
Fix broken link in Consul API Gateway docs 2022-10-28 15:01:38 -04:00
Jared Kirschner 1296ce8c4d
Merge pull request #15141 from hashicorp/docs/upgrade-vault-ca-provider-policy-guidance
docs: update Vault CA provider policy guidance
2022-10-24 17:34:43 -04:00
Jared Kirschner 1ac7988541 docs: update Vault CA provider policy guidance 2022-10-24 14:16:51 -07:00
Jared Kirschner 61b60a79e1
Merge pull request #15028 from hashicorp/docs/auto-cert-1-13-2
Update upgrade docs for 1.13.2.
2022-10-24 11:39:29 -04:00
Freddy 94ff34bbe4
Update website/content/docs/upgrading/upgrade-specific.mdx 2022-10-22 15:49:57 -06:00
Freddy 415e4a5012
Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-21 18:12:25 -06:00
Freddy d47006d27e
Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-21 18:12:13 -06:00
David Yu d714003dda
docs: update versions to include .x in release notes (#15104) 2022-10-21 16:20:24 -07:00
Freddy ccf15f4153
Merge pull request #15032 from hashicorp/docs/mgw-primary-upgrade 2022-10-21 16:52:27 -06:00
Freddy 72553b3499
Update website/content/docs/connect/gateways/mesh-gateway/wan-federation-via-mesh-gateways.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-10-21 16:43:40 -06:00