Commit Graph

776 Commits

Author SHA1 Message Date
Luke Kysow dfc74f56f5
Add TOC to helm reference (#11144) 2021-09-28 16:25:40 -07:00
Evan Culver 9b73e7319d
Merge branch 'main' into eculver/envoy-1.19.1 2021-09-28 15:58:20 -07:00
Luke Kysow 410d57879c
Fix broken link (#11171) 2021-09-28 14:04:33 -07:00
Evan Culver 585d9363ed
Merge branch 'main' into eculver/envoy-1.19.1 2021-09-28 11:54:33 -07:00
Jared Kirschner d9e78cd3e8
Merge pull request #11167 from hashicorp/add-cross-dc-comm-model-visual
Improve mesh gateway diagram
2021-09-28 13:19:18 -04:00
Jared Kirschner 98f53e913f Improve mesh gateway diagram
Diagram now shows all possible cross-DC communication models supported by mesh
gateways for both the control and data planes.
2021-09-28 09:56:05 -07:00
Paul Banks 1a611f0c1b
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-28 17:19:13 +01:00
Chris S. Kim e3248c20c9
agent: Clean up unused built-in proxy config (#11165) 2021-09-28 11:29:10 -04:00
Jared Kirschner 9ef6490533
Merge pull request #10702 from jkirschner-hashicorp/network-segments-docs-enhancements
Network segments docs enhancements
2021-09-28 10:24:05 -04:00
Paul Banks 020e2692da
Merge pull request #10725 from hashicorp/banks-patch-3
Call out the incompatibility of wildcards and L7 permissions
2021-09-28 13:51:41 +01:00
David Yu 10b52a284b
docs: consul-k8s cli install, add `bin/` to source path (#11146)
Add `bin/` to path from which you move `consul-k8s` to `/usr/local/bin/consul-k8s`
2021-09-27 22:11:54 -07:00
Paul Banks fe92cf7cb6 Document HTTP Header manipulation options added in #10613 2021-09-27 14:46:15 +01:00
Blake Covarrubias 94d3849472 docs: Decode K8s secrets with base64decode function
Use kubectl's base64decode template function (added in K8s 1.11) to
decode values in Secrets. Removes external call to `base64` utility on
the host system.
2021-09-24 08:59:34 -07:00
trujillo-adam b22684540e
Merge pull request #11028 from hashicorp/docs-k8s-cli-alpha
adding k8s-cli alpha docs
2021-09-23 16:35:56 -07:00
trujillo-adam 52f82f2831 adding timeout flags, wait flag, and updated build procedure 2021-09-23 16:07:56 -07:00
Daniel Nephin 6e4ecfd05b docs: clarify acl down policy 2021-09-23 18:13:39 -04:00
Daniel Nephin 5eafcea4d4 config: Deprecate EnableACLReplication
replaced by ACL.TokenReplication
2021-09-23 15:14:59 -04:00
CJ 978699943f
docs: Fix grammatical errors in glossary (#10751) 2021-09-23 08:36:52 -07:00
Daniel Nephin c84867feda acl: remove ACL.Apply
As part of removing the legacy ACL system.
2021-09-22 18:28:08 -04:00
Evan Culver f7380461c7
update docs to indicate support for envoy 1.19.1 in Consul 1.11.x 2021-09-22 10:57:22 -07:00
Connor 1e3ba26223
Merge pull request #11090 from hashicorp/clly/kv-usage-metrics
Add KVUsage to consul state usage metrics
2021-09-22 11:26:56 -05:00
Ashwin Venkatesh fd7f670f12
Update docs (#11111) 2021-09-22 12:26:08 -04:00
trujillo-adam f0815f9cc2 removed extra codeblock ticks, again 2021-09-20 14:44:38 -07:00
trujillo-adam 1700dab2e6 Merge branch 'docs-k8s-cli-alpha' of github.com:hashicorp/consul into docs-k8s-cli-alpha
implementing feedback
2021-09-20 14:42:09 -07:00
trujillo-adam bf72046737 fixed formatting 2021-09-20 14:40:36 -07:00
trujillo-adam 4aa40ccbe1
Apply suggestions from code review
Co-authored-by: David Yu <dyu@hashicorp.com>
2021-09-20 14:38:51 -07:00
trujillo-adam 9863054362 removed extra codeblock ticks 2021-09-20 11:04:04 -07:00
Connor Kelly 59f9f67cc2
Add new telemetry to website
This will add information about the new kv_usage metric to the website
2021-09-20 12:43:40 -05:00
trujillo-adam c6eae6858c fixed indentation on install page 2021-09-20 10:25:06 -07:00
trujillo-adam faee67e35b removed extra codeblock tic 2021-09-20 10:19:27 -07:00
trujillo-adam 0722e17e93 updating the helm uninstall instructions 2021-09-17 15:11:10 -07:00
trujillo-adam 2cc678d388 fixing some syntax errors that didn't appear locally 2021-09-17 09:31:19 -07:00
Evan Culver c4c833fd0e
sso/oidc: add support for acr_values request parameter (#11026)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2021-09-17 09:10:05 -07:00
trujillo-adam 8ec22f6567 Merge branch 'docs-k8s-cli-alpha' of github.com:hashicorp/consul into docs-k8s-cli-alpha
resolving merge conflict
2021-09-16 16:34:41 -07:00
trujillo-adam 183b021767 applied additional feedback, updated uninstall flags 2021-09-16 16:32:13 -07:00
Iryna Shustava 770c67a7e3
Merge pull request #11050 from hashicorp/ecs-beta-doc-prep
docs: ECS docs for beta
2021-09-16 16:27:53 -06:00
Paul Glass 930e3824df docs: correct link to ecs production installation 2021-09-16 12:30:08 -05:00
Paul Glass 791eec9493 Fix merge conflict 2021-09-16 12:24:52 -05:00
trujillo-adam 8629beacd1
Merge branch 'main' into docs-k8s-cli-alpha 2021-09-16 10:14:43 -07:00
trujillo-adam 0a3ded7dcc Merge branch 'docs-k8s-cli-alpha' of github.com:hashicorp/consul into docs-k8s-cli-alpha
removed name flag from install, added config-file flag, applied feedback
2021-09-16 10:13:04 -07:00
trujillo-adam bacd9423e0 removed flag, added flag, and applied feedback 2021-09-16 09:54:55 -07:00
Iryna Shustava a3f8e1ca56
docs: Add production installation ECS docs (#11049)
Co-authored-by: Paul Glass <pglass@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-16 10:28:05 -06:00
Luke Kysow a24c98c945
Update ecs docs (#11053) 2021-09-16 09:17:01 -07:00
Paul Glass 392919ae61 docs: adjust references between ECS "migrate" and "install" pages 2021-09-16 10:39:37 -05:00
Paul Glass 01dfbedcf3
docs: Apply suggestions from code review
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-16 10:19:15 -05:00
trujillo-adam ef9c1776dd
Update website/content/docs/k8s/k8s-cli.mdx
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2021-09-15 20:32:21 -07:00
trujillo-adam 470fba1a0e
Update website/content/docs/k8s/installation/install.mdx
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2021-09-15 20:31:43 -07:00
trujillo-adam b8d1e205cd
Update website/content/docs/k8s/index.mdx
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2021-09-15 20:31:17 -07:00
trujillo-adam 5987900fd3
Update website/content/docs/k8s/installation/install.mdx
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
2021-09-15 20:30:58 -07:00
Paul Glass 2c9fbc2bff docs: update ECS Install guide for beta 2021-09-15 17:29:31 -05:00
Paul Glass 13c6973e47 docs: Migrate Existing Tasks page for ECS 2021-09-15 17:28:34 -05:00
Paul Glass c546be4460
Merge pull request #11043 from hashicorp/pglass/consul-ecs-arch-doc
ECS architecture docs for Beta
2021-09-15 17:00:53 -05:00
Paul Glass 2604719ce6
Merge pull request #11033 from hashicorp/consul-ecs-beta-docs
updates to ECS docs per beta release
2021-09-15 17:00:00 -05:00
Paul Glass 0480cf4fe7 docs: ECS architecture feedback 2021-09-15 16:18:37 -05:00
trujillo-adam 1e97752f31 applied comment feedback about my_task example 2021-09-15 14:09:47 -07:00
Paul Glass ad4936afdb docs: Address ECS architecture feedback 2021-09-15 15:04:39 -05:00
trujillo-adam a25a30921a added a few more nbsp to improve table readability 2021-09-15 11:59:30 -07:00
David Yu f58418f811
docs: Reformat Uninstall steps (#11040)
* docs: Reformat Uninstall steps

Reformatting uninstall as steps to make uninstall instructions more clear.
2021-09-15 11:59:02 -07:00
trujillo-adam dfb4775712 updates to the uninstall flags, preset descriptions 2021-09-15 11:55:14 -07:00
Paul Glass c53b0d2ebb docs: remove T3 in ECS task startup arch doc 2021-09-15 13:50:38 -05:00
Paul Glass 4263f93eb6 docs: correct point about service health checks for ECS 2021-09-15 13:38:19 -05:00
Paul Glass be46f2d7b7 ECS architecture docs for Beta 2021-09-15 13:04:07 -05:00
trujillo-adam cf0ebdf751
Apply suggestions from code review
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-09-15 10:46:00 -07:00
Jared Kirschner 3231709b03 docs: improve network segments agent options docs 2021-09-15 10:00:41 -07:00
Jared Kirschner 702df44f9b docs: expand network segments documentation
Includes a brief overview with images, descriptions of server and client
configuration with examples, and how to join an agent to a segment.
2021-09-15 10:00:41 -07:00
David Yu 4e26d94080
docs: Remove step for deleting webhook-cert-manager secret on Consul K8s uninstall (#11035)
* Remove step for deleting webhook-cert-manager secret
* Update website/content/docs/k8s/operations/uninstall.mdx
2021-09-15 08:11:22 -07:00
trujillo-adam 6985ccc7d3 updates to ECS docs per beta release 2021-09-14 16:36:52 -07:00
trujillo-adam e35236a053 adding k8s-cli alpha docs 2021-09-14 12:25:24 -07:00
Daniel Nephin 1f9479603c
Add failures_before_warning to checks (#10969)
Signed-off-by: Jakub Sokołowski <jakub@status.im>

* agent: add failures_before_warning setting

The new setting allows users to specify the number of check failures
that have to happen before a service status us updated to be `warning`.
This allows for more visibility for detected issues without creating
alerts and pinging administrators. Unlike the previous behavior, which
caused the service status to not update until it reached the configured
`failures_before_critical` setting, now Consul updates the Web UI view
with the `warning` state and the output of the service check when
`failures_before_warning` is breached.

The default value of `FailuresBeforeWarning` is the same as the value of
`FailuresBeforeCritical`, which allows for retaining the previous default
behavior of not triggering a warning.

When `FailuresBeforeWarning` is set to a value higher than that of
`FailuresBeforeCritical it has no effect as `FailuresBeforeCritical`
takes precedence.

Resolves: https://github.com/hashicorp/consul/issues/10680

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Co-authored-by: Jakub Sokołowski <jakub@status.im>
2021-09-14 12:47:52 -04:00
Jared Kirschner 63b2cebcb3
Merge pull request #10837 from jkirschner-hashicorp/improve-docs-dns-with-acl
Improve documentation around using DNS with ACLs Enabled
2021-09-13 11:09:09 -04:00
Kyle MacDonald 4b966094ff
website: fixup incorrect markdown syntax (#11015) 2021-09-13 10:36:34 -04:00
Jared Kirschner fcd89c2674 docs: add ACL component relationships visual 2021-09-10 15:33:23 -07:00
Jared Kirschner b89832221c docs: discuss use of ACLs on DNS page 2021-09-10 15:33:23 -07:00
Paul Banks c118e51d5c
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-10 21:29:43 +01:00
Paul Banks fd259db9fb
Document how to make namespace wildcard intentions. (#10724)
* Update intentions.mdx

* Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-10 21:25:09 +01:00
Jared Kirschner 8a4d3b3009
Merge pull request #10834 from jkirschner-hashicorp/improve-docs-configure-ui-https
docs: give tutorials links for securing UI access
2021-09-09 11:08:11 -04:00
Jared Kirschner 0b02dbb410 docs: give tutorials links for securing UI access 2021-09-07 22:13:09 -07:00
trujillo-adam 74e3bf4e68
Merge pull request #10980 from hashicorp/docs-fix-policy-federation-vm-k8-secondary
fixing the policy for configuring k8 clusters as secondary in federated arch
2021-09-07 08:10:39 -07:00
trujillo-adam 0ee554ea54
Update website/content/docs/k8s/installation/multi-cluster/vms-and-kubernetes.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-09-07 07:53:57 -07:00
mrspanishviking bffdce7c1e
Merge pull request #10815 from hashicorp/docs/prepared-query-consistency-modes-3475
docs: Add supported consistency modes to prepared queries
2021-09-03 07:43:40 -07:00
trujillo-adam 7cb56d6a9b fixing the policy for configuring k8 clusters as secondary in federated arch 2021-09-02 15:26:41 -07:00
mrspanishviking a2e6a15e93
Merge pull request #10977 from hashicorp/nia-style-fix
docs: fixed numbering of license bullets and corrected indent
2021-09-02 12:51:35 -07:00
Karl Cardenas b3fbc3a621
docs: indenting pr web dev guidance and Blake 2021-09-02 11:25:49 -07:00
mrspanishviking 9d008f3238
Update website/content/docs/nia/enterprise/license.mdx
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-02 11:24:21 -07:00
Peter M 5eeb556c10
Adding NIA to Consul Ent page 2021-09-02 10:32:07 -06:00
Karl Cardenas 64048497cf
docs: fixed numbering of license bullets and corrected indent 2021-09-02 09:28:36 -07:00
Amos Shapira 9870c8dc0f
docs: Add missing "is" on core security models (#10975)
Add missing "is" in description of `auto_encrypt.tls` parameter on
core security models page.
2021-09-01 22:07:20 -07:00
Karl Cardenas a5a529983f
docs: link to the enterprise license tutorial 2021-09-01 15:59:12 -07:00
lornasong 6ee3c63c71
nia/docs 0.3.0 (#10930)
Co-authored-by: Kim Ngo <6362111+findkim@users.noreply.github.com>
Co-authored-by: Melissa Kam <mkam@hashicorp.com>
Co-authored-by: Michael Wilkerson <mwilkerson@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-01 13:45:36 -05:00
Freddy 3254308fd3
Update audit logging example (#10966)
* Update audit-logging.mdx
2021-08-31 16:04:47 -06:00
Freddy 8d83d27674
connect: update envoy supported versions to latest patch release
(#10961)

Relevant advisory: 
https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8h
2021-08-31 10:39:18 -06:00
trujillo-adam ea451971d4
Merge pull request #10892 from hashicorp/docs-tables-service-discovery-services
Reformatting service discovery parameters into tables
2021-08-30 15:20:42 -07:00
trujillo-adam ebaa331cc9 missed typo 2021-08-30 14:50:55 -07:00
trujillo-adam 28e11d350d applying @blake 's feedback 2021-08-30 14:49:32 -07:00
mrspanishviking 222ce6b621
Merge pull request #10912 from hashicorp/auto_config
docs: added information about a conflict when using auto_config and a…
2021-08-30 08:32:32 -07:00
Karl Cardenas 2c861a4f4e
docs: fixed identation of warning components 2021-08-30 07:12:30 -07:00
Dustin Clifford c9ff4bfac8
docs: Bad External VM Example (#10943)
Adds a missing `\` for continuation in the example command for
connecting an external VM client outside of Kubernetes to the Consul
server cluster.
2021-08-27 11:38:55 -07:00
mrspanishviking 763e720ffe
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-27 07:41:11 -07:00
Luke Kysow dda8efc612
Update helm reference (#10939)
* Update helm reference

* Fix docs issue breaking build

* Remove keys that aren't yet in the release
2021-08-26 17:58:59 -07:00
Karl Cardenas b4f47383fa
docs: added information about a conflict when using auto_config and auto_encrypt 2021-08-25 21:25:18 -07:00
sridhar 0081443567
Merge pull request #10673 from hashicorp/srikrishmurthy-patch-1
Updated a note in the ingress-gateway YAML that the ingress gateway name must match with what's configured in the helm chart
2021-08-25 17:35:00 -07:00
trujillo-adam e197fff45c removed merge conflict chars 2021-08-24 12:05:01 -07:00
trujillo-adam f1327c6aad fixed merge conflicts 2021-08-24 11:46:27 -07:00
trujillo-adam 4c7eab88b9 Merge branch 'main' of github.com:hashicorp/consul into docs-tables-service-discovery-services 2021-08-24 11:26:32 -07:00
trujillo-adam 7f823e040f fixed more typos, applied additional tables, additional edits 2021-08-24 11:15:33 -07:00
trujillo-adam f69bb3a54f fixed typos, finished applying tables, minor editing 2021-08-24 09:57:48 -07:00
Nitya Dhanushkodi 329ec62582
doc: remove sentence that tproxy works cross-DC with config entries. (#10885)
It can only work if there is a running service instance in the local DC,
so this is a bit misleading, since failover and redirects are typically
used when there is not an instance in the local DC.
2021-08-23 12:14:28 -07:00
trujillo-adam 44e9f8ed94
Update website/content/docs/discovery/services.mdx
Co-authored-by: Geoffrey Grosenbach <26+topfunky@users.noreply.github.com>
2021-08-23 11:09:43 -07:00
trujillo-adam 6a5fedbf84
Update website/content/docs/discovery/services.mdx
Co-authored-by: Geoffrey Grosenbach <26+topfunky@users.noreply.github.com>
2021-08-23 11:09:34 -07:00
trujillo-adam cc42b49e4f testing markdown table format for ref docs 2021-08-20 13:41:03 -07:00
Blake Covarrubias e62b1d05d8
docs: Add common CA config options to provider doc pages (#10842)
Add the list of common Connect CA configuration options to the
provider-specific CA docs.

Previously these options were only documented under the agent
configuration options. This change makes it so that all supported CA
provider configuration options are available from a single location.

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-08-19 11:18:55 -07:00
Daniel Nephin 26ef0df458 docs: update CLI reference docs for debug
the cluster target was renamed to members.
2021-08-18 12:29:34 -04:00
sridhar cf66becabe
Update website/content/docs/k8s/connect/ingress-gateways.mdx
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-17 16:32:35 -07:00
Olatunde Alex-Oni ad07ed705c Update documentation for enable_key_list_policy
The current suggests the option expects a string of either "enabled" or "disabled" but this results in an error `'acl.enable_key_list_policy' expected type 'bool', got unconvertible type 'string', value: 'enabled'`. Setting to a boolean value resolves this, also had a quick look at the code (d2b58cd0d6/agent/config/runtime.go (L109)) and it suggests this too
2021-08-16 13:10:54 -07:00
Blake Covarrubias 97b4fdff0d
Document possible risk w.r.t exposing the admin API in Envoy (#10817)
Add a section to the Connect Security page which highlights the risks
of exposing Envoy's administration interface outside of localhost.

Resolves #5692

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
2021-08-13 10:05:29 -07:00
Blake Covarrubias 8a396ae73f
Document tagged addresses (#10744)
Add section for tagged addresses on service definition documentation.

Resolves #6989

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-08-12 16:49:59 -07:00
Blake Covarrubias 8aa89c2c12
docs: Clarify ingress gateway's -address flag (#10810)
Clarify the function of `-address` flag when instantiating an ingress
gateway.

Resolves #9849

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-08-12 14:56:07 -07:00
Mark Anderson d3cebbd32c
Fixup to support unix domain socket via command line (#10758)
Missed the need to add support for unix domain socket config via
api/command line. This is a variant of the problems described in
it is easy to drop one.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-08-12 10:05:22 -07:00
Chris Piraino 8f5e2a440b
docs: remove note on ingress gateway hosts field needing a port number (#10827)
This was necessary in older versions of Consul, but was obsoleted by
making Consul add the port number itself when constructing the Envoy
configuration.
2021-08-11 16:36:57 -05:00
Blake Covarrubias 99b1d8ed8c docs: Update code blocks across website
* Use CodeTabs for examples in multiple formats.
* Ensure correct language on code fences.
* Use CodeBlockConfig for examples with filenames, or which need
highlighted content.
2021-08-11 13:20:03 -07:00
Blake Covarrubias 7622e52013 docs: Add supported consistency modes to prepared queries
Resolves #3475
2021-08-10 16:19:22 -07:00
Blake Covarrubias 3363da7d35 docs: Add JSON examples to all config entries
This commit adds example JSON configs for several config entry
resources were missing examples in this language.

The examples have been updated to use the new CodeTabs resource
instead of the Tab component.
2021-08-10 15:34:28 -07:00
trujillo-adam 9e348edfaf
Merge branch 'main' into docs-envoy-proxy-breaks-when-enabling-tls 2021-08-09 14:57:29 -07:00
trujillo-adam ec7526caaa
Update website/content/docs/connect/proxies/envoy.mdx
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-09 13:36:28 -07:00
trujillo-adam 7d00adb824
Update website/content/docs/connect/proxies/envoy.mdx
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-09 13:36:07 -07:00
trujillo-adam 3fabe18acd docs: adding env var info, resolves #7926 2021-08-09 13:14:02 -07:00
sridhar 8b4672f644
Update website/content/docs/k8s/connect/ingress-gateways.mdx
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-04 16:25:36 -07:00
Daniel Nephin e94016872a
Merge pull request #10768 from hashicorp/dnephin/agent-tls-cert-expiration-metric
telemetry: add Agent TLS Certificate expiration metric
2021-08-04 18:42:02 -04:00
trujillo-adam c5824a834b
Merge pull request #10763 from hashicorp/docs-proxy-integration-improvements
general language and readability improvements to proxy integration docs
2021-08-04 14:36:47 -07:00
trujillo-adam 5913aca502 Applying more feedback from @black and @karl-cardenas-coding 2021-08-04 14:02:42 -07:00
trujillo-adam 8ec29432d2 Applying feedback from @blake 2021-08-04 11:29:21 -07:00
Daniel Nephin 8c575445da telemetry: add a metric for agent TLS cert expiry 2021-08-04 13:51:44 -04:00
trujillo-adam ee1de179ed
Update website/content/docs/connect/proxies/integrate.mdx
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-04 10:44:06 -07:00
trujillo-adam 31b9058602 general language and readability improvements to proxy integration docs 2021-08-03 15:56:56 -07:00
Evan Culver 710bd90ef7
checks: Add Interval and Timeout to API response (#10717) 2021-08-03 15:26:49 -07:00
joshwolfer 63a650028e Update options.mdx
add service config link to description of enable_central_service_config.
2021-08-03 15:36:51 -04:00
Blake Covarrubias 370a76ff3e
docs: Fix service checks docs on session endpoint (#10759)
The ServiceChecks parameter was incorrectly documented in e515c9d44 to
state that it accepted a list of string values, when actually the API
requires an array of ServiceCheck objects.

This commit updates the docs for the parameter to correctly reflect
the fields required by the API.

Resolves #10752
2021-08-03 09:57:31 -07:00
Matt Explosion 06f27fa088 Updated link to repo for native Scala Consul client Helm 2021-08-02 22:01:05 -07:00
Blake Covarrubias 734fd1949f
docs: Note proxy-defaults can globally set service protocol (#10649)
Add a note to the docs for the service defaults config entry which
informs users that the service protocol can be configured for all
services using the proxy defaults config entry.

Resolves #8279

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2021-08-02 13:23:58 -07:00
Blake Covarrubias 17e18df81e
docs: Document supported `consul connect` env vars (#10667)
Document the ability to specify `-sidecar-for` and `-proxy-id` flags
via environment variables.
2021-08-02 12:50:51 -07:00
Blake Covarrubias 46b1de8467
docs: Add namespace parameter to additional HTTP endpoints (#10731)
Document the namespace parameter can be specified on HTTP Check,
Connect CA leaf, and Discovery Chain API endpoints.

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2021-08-02 11:55:23 -07:00
Blake Covarrubias b710d60043 docs: Add /v1/agent/host endpoint
Document /v1/agent/host endpoint which is used by `consul debug`.
Originally added in #4754.
2021-08-02 10:29:39 -07:00
Blake Covarrubias 11f1f3fe34 Add OSS changes for specifying audit log permission mode 2021-07-30 09:58:11 -07:00
Daniel Nephin 20537d8952
Update website/content/docs/agent/options.mdx
Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
2021-07-29 12:38:30 -04:00
Paul Banks 260364bb04
Call out the incompatibility of wildcards and L7 permissions 2021-07-29 11:58:21 +01:00
Daniel Nephin 9f02119314 docs: give better guidance about how to configure the agent TLS CA 2021-07-28 18:22:35 -04:00
Sabeen Syed baf480fa78
Add Citrix TF module links to NIA docs (#10710) 2021-07-28 12:52:40 -05:00
Jared Kirschner ccc8c9b128 Generalize base64 command usage in docs
The base64 CLI utility has two different short flag arguments for decode
depending on the platform: -D and -d.

Previously, the docs used the -D flag exclusively with the base64 utility.
Luckily, the long form of the flag is the same across platforms: --decode.

All uses of the base64 -D flag have been replaced with --decode.
2021-07-28 11:40:35 -04:00
trujillo-adam 445dfa9bae
Merge pull request #10685 from hashicorp/docs-fix-broken-link-swim-article
Docs fix broken link swim article
2021-07-26 11:31:17 -07:00
Blake Covarrubias 26738ac65e docs: Add version callout for `kv import -prefix`
Add a sentence stating the version of Consul that introduced the
`-prefix` option for `consul kv import`.

Resolves #10172
2021-07-26 09:45:24 -07:00
Fabio Lichinchi b408bcfa39
Update vault.mdx (#10679) 2021-07-26 09:16:00 -07:00
trujillo-adam 67d47345cc General improvements to the wording 2021-07-22 16:20:16 -07:00
trujillo-adam 785a55d1db docs: fixed broken link to SWIM article in architecture/gossip ref 2021-07-22 15:19:46 -07:00
sridhar d4d62a5667
Update ingress-gateways.mdx
Updated a note in the ingress-gateway YAML that the ingress gateway name must match with what's configured in the helm chart
2021-07-21 16:18:40 -07:00
Blake Covarrubias c89287dc77
Merge pull request #10462 from hashicorp/docs/add-ns-agent-services-9710
docs: Add namespace parameters to /agent/service* endpoints
2021-07-21 11:16:49 -07:00
Blake Covarrubias f61eee0ac6 Update output for /v1/agent/health/service/(id|name)/ endpoints 2021-07-21 11:09:53 -07:00
Blake Covarrubias da747c2cc0 docs: Add namespace parameters to /agent/service*
Document supported namespace parameters for /agent/service* API
endpoints.

Resolves #9710
2021-07-21 11:07:37 -07:00
Blake Covarrubias e515c9d449 docs: Update responses for /v1/session/ endpoints post 1.7
Update output for /v1/session/ endpoints to match output post Consul
1.7.0.

Documents new `NodeChecks` and `ServiceChecks` parameters which were
added in that release.

Resolves #7341, resolves #10095
2021-07-21 08:26:59 -07:00
Blake Covarrubias c271308473
docs: Add intentions to ACL System docs (#10323)
Adds mention of `intentions` rules to ACL System and ACL Rules pages.

Resolves #9790
2021-07-19 15:31:41 -07:00
Blake Covarrubias a0cd3dd88e
Add DNS recursor strategy option (#10611)
This change adds a new `dns_config.recursor_strategy` option which
controls how Consul queries DNS resolvers listed in the `recursors`
config option. The supported options are `sequential` (default), and
`random`.

Closes #8807

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Priyanka Sengupta <psengupta@flatiron.com>
2021-07-19 15:22:51 -07:00
Blake Covarrubias 832896ed11 docs: Fix spelling errors across website 2021-07-19 14:29:54 -07:00
Daniel Nephin 0ba5d74fcc
Merge pull request #10617 from hashicorp/dnephin/config-add-missing-docs
docs: add config options that were missing
2021-07-15 11:23:32 -04:00
Daniel Nephin 510262b3bb docs: add deprecation version for ports.grpc settings 2021-07-14 17:06:13 -04:00
Daniel Nephin 5581c86597 docs: add config options that were missing
https://github.com/hashicorp/consul/pull/128 added pid_file
https://github.com/hashicorp/consul/pull/1331 added disable_coordinates
2021-07-14 16:51:07 -04:00
Melissa Kam fb95d447db
Merge pull request #10614 from hashicorp/nia/docs-0.2.1
nia/docs 0.2.1
2021-07-14 12:03:13 -05:00
David Yu 28087b6949
docs: Add link to learn guide on migrating ACL tokens (#10609)
* docs: Add link to learn guide on migrating ACL tokens
2021-07-13 14:02:51 -07:00
Daniel Nephin 74fb650b6b
Merge pull request #10588 from hashicorp/dnephin/config-fix-ports-grpc
config: rename `ports.grpc` to `ports.xds`
2021-07-13 13:11:38 -04:00
Daniel Nephin c48f26b0a6 config: update config settings and flags for ports.xds 2021-07-13 12:31:48 -04:00
Iryna Shustava 95305881ce
cli/sdk: Allow applying redirect-traffic rules in a provided Linux namespace (#10564) 2021-07-13 10:05:48 -06:00
Melissa Kam ea302c7d3e nia/docs: Terraform 1.0 compatability 2021-07-13 10:22:05 -05:00
Daniel Nephin dc15e5eb8c
Merge pull request #10579 from hashicorp/dnephin/improve-config-docs-tls
docs: Improve TLS user documentation
2021-07-12 19:09:15 -04:00
Curt Marker eb3e9271d3
Fixed a typo that broke the example static-server deployment (#10582)
The service account was typo'd and needs to be fixed
2021-07-12 13:28:36 -07:00
Daniel Nephin c69a3fa760 docs: move TLS example next to field reference 2021-07-12 13:08:02 -04:00
Daniel Nephin 7e681b1428
Update website/content/docs/agent/options.mdx
Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
2021-07-12 13:03:32 -04:00
Karl Cardenas d4eb089d4a docs: changing license faq title to align with Nomad and Vault faq pages 2021-07-09 10:20:51 -07:00
Evan Culver 13bd86527b
Add support for returning ACL secret IDs for accessors with acl:write (#10546) 2021-07-08 15:13:08 -07:00
Daniel Nephin d906ddb218 docs: group all agent tls settings together.
To make it easier to see all of the related settings in one place.

Also add some context about how these settings are applied.
2021-07-08 18:05:37 -04:00
Daniel Nephin 54fffe5266 docs: fix example of TLS config
To actually enable TLS
2021-07-08 17:51:12 -04:00
Daniel Nephin ec6da0859d
Merge pull request #10570 from hashicorp/copy-of-master
Changes that were accidentally merged into the old master branch
2021-07-08 16:28:56 -04:00
David Yu fc411b2313
docs: Update docs to reflect limitation in TProxy when using single Consul DC deployment with multiple k8s clusters (#10549)
* docs: Update to reflect single Consul DC deployment with multiple k8s clusters
2021-07-08 10:44:29 -07:00
Dhia Ayachi 6390e91be5
Add ca certificate metrics (#10504)
* add intermediate ca metric routine

* add Gauge config for intermediate cert

* Stop metrics routine when stopping leader

* add changelog entry

* updage changelog

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>

* use variables instead of a map

* go imports sort

* Add metrics for primary and secondary ca

* start metrics routine in the right DC

* add telemetry documentation

* update docs

* extract expiry fetching in a func

* merge metrics for primary and secondary into signing ca metric

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-07-07 09:41:01 -04:00
Daniel Nephin 2c4f22a9f0
Merge pull request #10552 from hashicorp/dnephin/ca-remove-rotation-period
ca: remove unused RotationPeriod field
2021-07-06 18:49:33 -04:00
Luke Kysow 75b21259a1
Add headings to Helm docs (#10562) 2021-07-06 11:23:10 -07:00
jkirschner-hashicorp 5f73de6fbc
Merge pull request #10560 from jkirschner-hashicorp/change-sane-to-reasonable
Replace use of 'sane' where appropriate
2021-07-06 11:46:04 -04:00
Daniel Nephin 3a045cca8d ca: remove unused RotationPeriod field
This field was never used. Since it is persisted as part of a map[string]interface{} it
is pretty easy to remove it.
2021-07-05 19:15:44 -04:00
Jared Kirschner bd536151e1 Replace use of 'sane' where appropriate
HashiCorp voice, style, and language guidelines recommend avoiding ableist
language unless its reference to ability is accurate in a particular use.
2021-07-02 12:18:46 -04:00
David Yu 619eb5875d
docs: Formatting for Ingress Controllers example repos (#10542)
* docs: Formatting for Ingress Controllers example repos
* Update ingress-controllers.mdx
2021-07-01 10:48:40 -07:00
Kyle Schochenmaier 307f49dd31
docs: Ingress controllers configurations (#10495)
Add high level documentation on how to enable ingress controllers in consul on k8s.

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2021-07-01 11:24:27 -05:00
David Yu c3f0e395f0
docs: remove alpha from 1.10.0 reference for observability on k8s metrics merging (#10528)
The docs note an alpha pre-release version on K8s observability. Updating to only reference the GA 1.10.0 version of Consul for observability on k8s and metrics merging.
2021-06-30 12:18:19 -07:00
Daniel Nephin fa5d627014
Merge pull request #10527 from hashicorp/rename-main-branch
Update references to the main branch
2021-06-30 13:07:09 -04:00
Luke Kysow 68c4c232a1
docs: Document setting dashboard_url on k8s (#10510)
It's tricky because the `{{` needs to be escaped with Helm.
2021-06-30 09:16:38 -07:00
Jan Berktold e91996f130
Add rs-consul client to community-provided SDKs list (#10529)
* Add rs-consul

* Update website/content/api-docs/libraries-and-sdks.mdx

Co-authored-by: Mike Morris <mikemorris@users.noreply.github.com>
2021-06-30 10:43:41 -04:00
Blake Covarrubias 8a832635b8
docs: Add Consul 1.10 release notes (#10489)
Co-authored-by: Mike Morris <mikemorris@users.noreply.github.com>
2021-06-29 16:08:57 -07:00
Daniel Nephin d3bc19c47d Rename main branch in CHANGELOG and website docs 2021-06-29 18:55:35 -04:00
Daniel Nephin 4d741531b4 Update references to the main branch
The main branch is being renamed from master->main. This commit should
update all references to the main branch to the new name.

Co-Authored-By: Mike Morris <mikemorris@users.noreply.github.com>
2021-06-29 17:17:38 -04:00
Iryna Shustava 1c0beefc73
docs: add docs for running a single Consul dc in multiple k8s clusters (#10508) 2021-06-29 14:23:36 -06:00
jkirschner-hashicorp 89f01647fb
Merge pull request #10519 from jkirschner-hashicorp/fix-doc-service-splitter-example
docs: fix service splitter example weight sum
2021-06-29 15:51:18 -04:00
Ashwin Venkatesh 48069d18dd
Add docs for gossip encryption key rotation (#10522)
* Add docs for gossip encryption key rotation with feedback from David, Kyle and Luke.
2021-06-29 14:45:19 -04:00
Daniel Nephin 391a0eae46
Merge pull request #10437 from christopherlai/patch-1
Link to Reverse Proxy from Load Balancer
2021-06-29 14:37:41 -04:00
Blake Covarrubias 8a9dad08b5
docs: Add audit logging examples (#10382)
* docs: Add audit logging examples

Resolves #8375, resolves #9055
2021-06-29 10:58:15 -07:00
Blake Covarrubias ef6e618753
docs: Clarify serf_lan/retry_join behavior with network segments (#10386)
* docs: Add info on using cloud auto-join with Network Segments

Resolves hashicorp/go-discover#57

* Add note about joining network segments

Specifically call out that agents can be configured to join a network
segment by either specifying the Serf LAN port in the join address,
changing the agent's default Serf LAN port by configuring
`ports.serf_lan`, or specifying the port in the `-serf-lan-port`
command line flag.

Resolves #9972
2021-06-29 10:57:33 -07:00
David Yu 0c63a7b4d4
docs: Remove Helm 2 mention in Consul K8s install and uninstall (#10517)
* docs: Remove Helm 2 mention in Consul K8s install and uninstall
Helm 2 is no longer supported via Consul K8s. Helm 3 is now the supported version for Consul K8s.
2021-06-29 09:18:08 -07:00
Mike Ajala d87263b5eb
Update self-hosted-kubernetes.mdx (#10518)
Corrected typo, from you _mean_ need to you _may_ need.
2021-06-29 09:17:07 -07:00
Jared Kirschner 8dae08e30e Fix service splitter example weight sum
Weight sum must be equal to 100.
2021-06-29 07:01:55 -04:00
Daniel Nephin 16b21b0864 http: add an X-Consul-Query-Backend header to responses
So that it is easier to detect and test when streaming is being used.
2021-06-28 16:44:58 -04:00
Daniel Nephin 7531a6681d docs: correct some misleading telemetry docs
The query metrics are actually reported for all read queries, not only
ones that use a MinIndex to block for updates.

Also clarify the raft.apply metric is only on the leader.
2021-06-28 12:20:53 -04:00
Ludovic Ortega c138c38392
[Fix] Add missing quote (#10484) 2021-06-24 13:59:39 -07:00
lornasong d43f3af2c6
docs/nia: fix catalog-services typos pt 2 (#10493) 2021-06-24 16:45:46 -04:00
Kim Ngo 993f4715fd
docs/nia: fix typo (#10492) 2021-06-24 13:51:26 -05:00
David Yu e7557ab4a1
docs: Remove beta version references from Helm reference (#10477)
Removing references from the 1.10 beta that were included in Helm Configuration Reference
2021-06-24 09:08:33 -07:00
Kim Ngo 491bd51033
docs/nia: Update CTS compatible versions (#10487) 2021-06-24 10:16:03 -05:00
David Yu 2872fc6b26
docs: Removal of Consul vs ZooKeeper analysis (#10469)
* docs: Removal of Consul vs ZooKeeper

Although Consul does have a KV, we are not positioning Consul as a first class KV store versus other alternatives such as etcd or Zookeeper. Will remove this since this has not been updated with further analysis since this content was created.

* Removing from Zookeeper analysis Navbar
* Removing Zookeeper analysis from redirects
2021-06-24 07:23:57 -07:00
trujillo-adam 45d12ac629
Merge pull request #10467 from hashicorp/docs-upgrading-to-1-10-0-fixes
Docs upgrading to 1 10 0 fixes
2021-06-23 11:04:01 -07:00
trujillo-adam 2d9d9dbe7a docs: fixed instance of incorrect grammar usage 2021-06-23 08:50:30 -07:00
David Yu 7962dd82f1
docs - Adding Mesh as CRD in Consul K8s (#10459)
* docs - Adding Mesh as CRD in Consul K8s
* Removing extra left brace in ServiceDefaults
2021-06-22 19:18:13 -07:00
Luke Kysow 1dcdd2516c
Update config entry docs for CRDs (#10407)
* Update mesh, proxy-defaults and service-defaults docs to properly
document Kubernetes YAML.

Co-authored-by: David Yu <dyu@hashicorp.com>
2021-06-22 16:56:53 -07:00
Ashwin Venkatesh 17dc691c61
update docs (#10405)
Consul 1.10 GA for Consul K8s
2021-06-22 16:41:53 -07:00
Nitya Dhanushkodi b72ad40286
docs: upgrading to tproxy (/docs/upgrades/upgrade-specific) (#10416)
* docs: update tproxy docs
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2021-06-22 16:41:08 -07:00
Iryna Shustava 1fea51fbb5
docs: update docs/k8s/connect to for tproxy GA. (#10408)
* Assume tproxy is enabled by default and connect to upstreams
  with kube DNS.
* Update docs for missing annotations.
2021-06-22 16:34:20 -07:00
Nitya Dhanushkodi 7494b25c1e
docs: update tproxy docs (/docs/connect/transparent-proxy) (#10415)
* docs: update tproxy docs

* add examples

* links
2021-06-22 16:29:52 -07:00
David Yu 32179b9867
docs: Update Consul K8s Compat Matrix for Consul 1.10 (#10456) 2021-06-22 16:27:04 -07:00
Blake Covarrubias fbd7acc754 Remove beta release callout on downloads page 2021-06-22 16:22:50 -07:00
Blake Covarrubias d9add7c2c3 docs: Remove beta tag for 1.10 features
Remove beta tag for 1.10 features which are now GA.
2021-06-22 16:22:50 -07:00
trujillo-adam 82d362f79d docs: fixed some grammar errors and suggested some language improvments in the 'upgrading to 1.10.0' page 2021-06-22 16:16:08 -07:00
trujillo-adam c1bbd7f0aa
Merge pull request #10434 from hashicorp/faq-license-update
docs: updated FAQ to accommodate new requirements prior to upgrading
2021-06-22 14:36:32 -07:00
David Yu b45ad10299
docs: Remove Grafana from Observability section (#10454)
* Remove Grafana from Observability section

Reference Grafana Config in the learn guide
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-06-22 14:31:45 -07:00
Karl Cardenas e34ebdbb1e docs: removed reduntant information from the client agent question 2021-06-22 11:26:45 -10:00
Karl Cardenas 56da24799f docs: removed npm file changes and re-submitted content 2021-06-22 11:14:56 -10:00
mrspanishviking 4715e8ca0e
Apply suggestions from code review
Adding suggestion

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-06-22 10:44:11 -10:00
Matt Keeler 76857dd682
Update 1.10 enterprise upgrade docs. (#10446)
Co-authored-by: Paul Banks <banks@banksco.de>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
2021-06-22 14:39:11 -04:00
trujillo-adam 5137479816 docs: linked license faq to new section about upgrading to 1.10.x; also removed upgrade req details and table in faq 2021-06-22 10:33:11 -07:00
lornasong edc41c9e47
nia/docs 0.2.0
* docs/nia: Add section on upgrading Terraform in CTS

* docs/nia: Add service filter configuration, deprecate tag

* docs/nia: Add version to deprecated note, use path to reference

* docs/nia: catalog-services condition

Co-authored-by: Melissa Kam <mkam@hashicorp.com>
Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com>
2021-06-22 12:49:12 -04:00
trujillo-adam 30ae32b8bf
Update website/content/docs/enterprise/license/faq.mdx
docs: Replaced absolute path to Consul docs with relative path in the license FAQ.

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-06-22 09:09:27 -07:00
R.B. Boyer 24a9402390
docs: mention that service defaults upstream config sections should not contain wildcards (#10451) 2021-06-22 10:57:03 -05:00
trujillo-adam 2c9b8e067f docs: applied feedback about licensing FAQ and upgrade paths 2021-06-21 16:27:16 -07:00
trujillo-adam e0740d2019 docs: updated licensing FAQ to include upgrade paths based on Consul server and client version 2021-06-21 13:21:03 -07:00
Kyle Schochenmaier de558108af
Update health checks docs for tproxy (#10419)
* Update health checks docs for tproxy
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
2021-06-21 13:48:07 -05:00
R.B. Boyer 339e050163
website: this 1.10.0 upgrade table omitted two versions of envoy (#10443) 2021-06-21 13:33:35 -05:00
Christopher Lai 4b53e3767d
Link to Reverse Proxy from Load Balancer 2021-06-19 14:45:18 -07:00
trujillo-adam 9d6d4a6444 docs: updated FAQ to accommodate new requirements prior to upgrading 2021-06-18 14:44:26 -07:00
Daniel Nephin d81f527be8
Merge pull request #9924 from hashicorp/dnephin/cert-expiration-metric
connect: emit a metric for the seconds until root CA expiry
2021-06-18 14:18:55 -04:00
Luke Kysow a7e7c15adf
Fix links to ECS module (#10430) 2021-06-18 09:38:28 -07:00
mrspanishviking 552ed646d2
Merge pull request #10373 from hashicorp/license-faq-docs
docs: adding a faq document in preparation for Consul Enterprise 1.10.0
2021-06-18 05:30:06 -10:00
mrspanishviking 0fcf928999
Update website/content/docs/enterprise/license/overview.mdx
Merged

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-06-17 11:39:24 -10:00
mrspanishviking 5435f2309a
Update website/content/docs/enterprise/license/faq.mdx
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2021-06-16 10:17:56 -10:00
Karl Cardenas 1daf923563 docs: added question pertaining to Consul Kubernetes and Helm chart 2021-06-16 10:08:28 -10:00
Ashwin Venkatesh 325b18ad07 Update k8s license docs to account for license autoload 2021-06-16 14:59:34 -04:00
Karl Cardenas 737f48f723 docs: adding new content for review 2021-06-15 06:02:51 -10:00
Blake Covarrubias 64d122b0a2 docs: Add example of escaping tracing JSON using jq 2021-06-14 16:23:44 -07:00
Blake Covarrubias 26b8e8904b docs: Add note about configurable KV size in FAQ 2021-06-14 16:21:25 -07:00
Daniel Nephin aec7e798b0 Update metric name
and handle the case where there is no active root CA.
2021-06-14 17:01:16 -04:00
Daniel Nephin 1c980e4700 connect: emit a metric for the number of seconds until root CA expiration 2021-06-14 16:57:01 -04:00
Freddy ffb13f35f1
Rename CatalogDestinationsOnly (#10397)
CatalogDestinationsOnly is a passthrough that would enable dialing
addresses outside of Consul's catalog. However, when this flag is set to
true only _connect_ endpoints for services can be dialed.

This flag is being renamed to signal that non-Connect endpoints can't be
dialed by transparent proxies when the value is set to true.
2021-06-14 14:15:09 -06:00
Luke Kysow ac384e2a1f
Update k8s term gateway docs to make address clear (#10389)
Previously if you were to follow these docs and register two external
services, you would set the Address field on the node. The second
registered service would change the address of the node for the first
service.

Now the docs explain the address key and how to register more than one
external service.
2021-06-14 09:15:40 -07:00
Karl Cardenas be72c5f851 docs: updated content in the overview page and faq 2021-06-11 07:46:14 -10:00
mrspanishviking 7688e9e257
Apply suggestions from code review
Applying suggestions

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
2021-06-11 06:55:41 -10:00
Karl Cardenas c3e23c1ec9 docs: added more questions and marking ready for review 2021-06-10 10:16:56 -10:00
Nick Wales 119960211d
Aligns audit log code example (#10371) 2021-06-10 11:41:53 -07:00
R.B. Boyer dbca996c3c
docs: update envoy docs for changes related to xDS v2->v3 and SoTW->Incremental (#10166)
Fixes #10098
2021-06-10 10:59:54 -05:00
Karl Cardenas 97bcee3be6 docs: adding an faq in preperation for Consul Enterprise 1.10.0 2021-06-09 12:08:45 -10:00
Freddy 429f9d8bb8
Add flag for transparent proxies to dial individual instances (#10329) 2021-06-09 14:34:17 -06:00
Daniel Nephin 8b9ec040c3 docs: move streaming docs to blocking query page 2021-06-08 14:17:53 -04:00
Daniel Nephin c19d5d831b docs: try to improve health api doc terminology 2021-06-08 13:10:32 -04:00
Daniel Nephin 61423fbd28 Document streaming on service health endpoint 2021-06-08 13:10:32 -04:00
Daniel Nephin e93e7d0152 docs: Add streaming to api features 2021-06-08 13:10:32 -04:00
Dhia Ayachi 005ad9e46d
generate a single debug file for a long duration capture (#10279)
* debug: remove the CLI check for debug_enabled

The API allows collecting profiles even debug_enabled=false as long as
ACLs are enabled. Remove this check from the CLI so that users do not
need to set debug_enabled=true for no reason.

Also:
- fix the API client to return errors on non-200 status codes for debug
  endpoints
- improve the failure messages when pprof data can not be collected

Co-Authored-By: Dhia Ayachi <dhia@hashicorp.com>

* remove parallel test runs

parallel runs create a race condition that fail the debug tests

* snapshot the timestamp at the beginning of the capture

- timestamp used to create the capture sub folder is snapshot only at the beginning of the capture and reused for subsequent captures
- capture append to the file if it already exist

* Revert "snapshot the timestamp at the beginning of the capture"

This reverts commit c2d03346

* Refactor captureDynamic to extract capture logic for each item in a different func

* snapshot the timestamp at the beginning of the capture

- timestamp used to create the capture sub folder is snapshot only at the beginning of the capture and reused for subsequent captures
- capture append to the file if it already exist

* Revert "snapshot the timestamp at the beginning of the capture"

This reverts commit c2d03346

* Refactor captureDynamic to extract capture logic for each item in a different func

* extract wait group outside the go routine to avoid a race condition

* capture pprof in a separate go routine

* perform a single capture for pprof data for the whole duration

* add missing vendor dependency

* add a change log and fix documentation to reflect the change

* create function for timestamp dir creation and simplify error handling

* use error groups and ticker to simplify interval capture loop

* Logs, profile and traces are captured for the full duration. Metrics, Heap and Go routines are captured every interval

* refactor Logs capture routine and add log capture specific test

* improve error reporting when log test fail

* change test duration to 1s

* make time parsing in log line more robust

* refactor log time format in a const

* test on log line empty the earliest possible and return

Co-authored-by: Freddy <freddygv@users.noreply.github.com>

* rename function to captureShortLived

* more specific changelog

Co-authored-by: Paul Banks <banks@banksco.de>

* update documentation to reflect current implementation

* add test for behavior when invalid param is passed to the command

* fix argument line in test

* a more detailed description of the new behaviour

Co-authored-by: Paul Banks <banks@banksco.de>

* print success right after the capture is done

* remove an unnecessary error check

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>

* upgraded github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57 => v0.0.0-20210601050228-01bbb1931b22

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
Co-authored-by: Paul Banks <banks@banksco.de>
2021-06-07 13:00:51 -04:00
allisaurus 6dbfec50ce
docs: Improve ECS routing example nesting (#10316) 2021-06-07 09:28:06 -07:00
Mark Anderson 1bf3dc5a5f
Docs for Unix Domain Sockets (#10252)
* Docs for Unix Domain Sockets

There are a number of cases where a user might wish to either 1)
expose a service through a Unix Domain Socket in the filesystem
('downstream') or 2) connect to an upstream service by a local unix
domain socket (upstream).
As of Consul (1.10-beta2) we've added new syntax and support to configure
the Envoy proxy to support this
To connect to a service via local Unix Domain Socket instead of a
port, add local_bind_socket_path and optionally local_bind_socket_mode
to the upstream config for a service:
    upstreams = [
      {
         destination_name = "service-1"
         local_bind_socket_path = "/tmp/socket_service_1"
         local_bind_socket_mode = "0700"
	 ...
      }
      ...
    ]
This will cause Envoy to create a socket with the path and mode
provided, and connect that to service-1
The mode field is optional, and if omitted will use the default mode
for Envoy. This is not applicable for abstract sockets. See
https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-pipe
for details
NOTE: These options conflict the local_bind_socket_port and
local_bind_socket_address options. We can bind to an port or we can
bind to a socket, but not both.
To expose a service listening on a Unix Domain socket to the service
mesh use either the 'socket_path' field in the service definition or the
'local_service_socket_path' field in the proxy definition. These
fields are analogous to the 'port' and 'service_port' fields in their
respective locations.
    services {
      name = "service-2"
      socket_path = "/tmp/socket_service_2"
      ...
    }
OR
    proxy {
      local_service_socket_path = "/tmp/socket_service_2"
      ...
    }
There is no mode field since the service is expected to create the
socket it is listening on, not the Envoy proxy.
Again, the socket_path and local_service_socket_path fields conflict
with address/port and local_service_address/local_service_port
configuration entries.
Set up a simple service mesh with dummy services:
socat -d UNIX-LISTEN:/tmp/downstream.sock,fork UNIX-CONNECT:/tmp/upstream.sock
socat -v tcp-l:4444,fork exec:/bin/cat
services {
  name = "sock_forwarder"
  id = "sock_forwarder.1"
  socket_path = "/tmp/downstream.sock"
  connect {
    sidecar_service {
      proxy {
	upstreams = [
	  {
	    destination_name = "echo-service"
	    local_bind_socket_path = "/tmp/upstream.sock"
	    config {
	      passive_health_check {
		interval = "10s"
		max_failures = 42
	      }
	    }
	  }
	]
      }
    }
  }
}
services {
  name = "echo-service"
  port = 4444
  connect = { sidecar_service {} }
Kind = "ingress-gateway"
Name = "ingress-service"
Listeners = [
 {
   Port = 8080
   Protocol = "tcp"
   Services = [
     {
       Name = "sock_forwarder"
     }
   ]
 }
]
consul agent -dev -enable-script-checks -config-dir=./consul.d
consul connect envoy -sidecar-for sock_forwarder.1
consul connect envoy -sidecar-for echo-service -admin-bind localhost:19001
consul config write ingress-gateway.hcl
consul connect envoy -gateway=ingress -register -service ingress-service -address '{{ GetInterfaceIP "eth0" }}:8888' -admin-bind localhost:19002
netcat 127.0.0.1 4444
netcat 127.0.0.1 8080

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

* fixup Unix capitalization

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

* Update website/content/docs/connect/registration/service-registration.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Provide examples in hcl and json

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* One more fixup for docs

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-06-04 18:54:31 -07:00
Matt Keeler af3ffdf4c8
Add license inspect command documentation and changelog (#10351)
Also reformatted another changelog entry.
2021-06-04 14:33:13 -04:00
Matt Keeler c5dc729dda
Follow on to PR 10336 (#10343)
There was some PR feedback that came in just after I merged that other PR. This addresses that feedback.
2021-06-03 12:29:41 -04:00
Paul Ewing 42a51b1a2c
usagemetrics: add cluster members to metrics API (#10340)
This PR adds cluster members to the metrics API. The number of members per
segment are reported as well as the total number of members.

Tested by running a multi-node cluster locally and ensuring the numbers were
correct. Also added unit test coverage to add the new expected gauges to
existing test cases.
2021-06-03 08:25:53 -07:00
Matt Keeler ca423c80b9 Add enterprise v1.10 specific upgrade notes. 2021-06-03 10:48:16 -04:00
Matt Keeler 4222242f1c Add licensing information to snapshot agent docs. 2021-06-03 10:48:16 -04:00
Matt Keeler aeaeec15e8 Add deprecation/removal notices regarding the APIs/CLI commands for licensing that are going away.
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2021-06-03 10:48:16 -04:00
Matt Keeler f3595f5394 Update licensing docs for 1.10 licensing 2021-06-03 10:47:33 -04:00
Matt Keeler 6b7ca99a69 Add licensing telemetry docs. 2021-06-03 10:47:33 -04:00
Blake Covarrubias 2196262eab docs: Clarify set-agent-token token persistence behavior
Clarify that tokens configured via `set-agent-token` will not be
persisted if `acl.enable_token_persistence` is `false`.
2021-05-31 16:08:43 -07:00
Blake Covarrubias 665e052e96 docs: Fix agent token name under ACL Agent Token
Reference the correct name of the agent token in the ACL Agent Token
section for the ACL System docs.
2021-05-31 10:52:15 -07:00
Stanko b130f355ee ui: Fix broken link format in ECS install page 2021-05-27 14:11:04 -07:00
allisaurus 0b52545c01
Add note about new ECS ARN format to ECS docs (#10304)
* docs: Add note about ECS task ARN format to ECS docs
2021-05-27 10:59:28 -07:00
Luke Kysow 78af667ed0
Consul ecs docs (#10288)
* ECS docs
2021-05-26 11:25:06 -07:00
Jono Sosulska 835bf2640f
Update Kubernetes docs to point to install pages. (#10293)
Adds more clear indicators that the collections on the learn.hashicorp.com sites have specific instructions for single node deployments.
Co-Authored by: soonoo <qpseh2m7@gmail.com>
2021-05-25 15:36:09 -04:00
Karl Cardenas 2e952324b1 docs: rename enterprise to Consul enterprise 2021-05-24 13:55:17 -07:00
Jono Sosulska bb07d1a30f
Updating Consul Glossary with more industry standard terms (#10074)
* Update glossary.mdx

1. Update header to the first section to "Consul Vocabulary" since these are the terms used in the context of Consul conversations.
2. Kept the header "Consul Glossary" since these are the terms useful for practitioners in the consul space.
3. Removed interlinking to terms on the same page.

Co-authored-by: Hans Hasselberg <me@hans.io>
Co-authored-by: Swarna Podila <swarnap@users.noreply.github.com>
2021-05-24 15:44:03 -04:00
allisaurus e4aad106c9
docs: fix Amazon EKS service name (#10280) 2021-05-21 15:58:13 -07:00
Sabeen Syed ce958e7218
Docs: Add link for new Cisco TF module (#10268) 2021-05-21 08:48:58 -05:00
Dhia Ayachi e527c191ae docs: Add example ACL policy for snapshot agent
Co-Authored-By: Blake Covarrubias <blake@covarrubi.as>
2021-05-20 14:41:29 -04:00
Paul Banks 8233328e48
Fix doc note since we switched authorization mechanism in 1.9 (#10266) 2021-05-20 16:28:38 +01:00
Dhia Ayachi 7dc78b39c9
docs: update register check docs (closes #6635) (#10261)
Update register check documentation clarify that Id returns as CheckId in the response

Co-Authored-By: Shaker Islam <shaqq@users.noreply.github.com>

Co-authored-by: Shaker Islam <shaqq@users.noreply.github.com>
2021-05-19 20:24:54 -04:00
Karl Cardenas 498a698ffa Merge branch 'master' of github.com:hashicorp/consul into consul-documentation-update 2021-05-17 07:20:06 -07:00
R.B. Boyer ede14b7c54
xds: emit a labeled gauge of connected xDS streams by version (#10243)
Fixes #10099
2021-05-14 13:59:13 -05:00
Luke Kysow 83a6579299
Update k8s fed docs to clarify role of acl token (#10233) 2021-05-13 10:20:12 -07:00
R.B. Boyer 3b50a55533
connect: update supported envoy versions to 1.18.3, 1.17.3, 1.16.4, and 1.15.5 (#10231) 2021-05-12 14:06:06 -05:00
mrspanishviking c59c0b05dd
docs: updated the standard upgrade process
Added a cross-reference link in the upgrade guides.  This resource https://www.consul.io/docs/upgrading/instructions/general-process including specific-version guides for breaking changes and a more detailed upgrade process, but it's not mentioned in the  https://www.consul.io/docs/upgrading#standard-upgrade overview page.
2021-05-12 08:18:06 -07:00
Daniel Nephin f6580400dc docs: document the current state of built-in and native 2021-05-10 16:54:11 -04:00
Joel Watson a1db512e90 Flesh out Raft Protocol Support note 2021-05-10 11:21:05 -05:00
Kim Ngo 5c17bf3d78
docs/nia: simplify api and cli url paths (#10199) 2021-05-06 16:26:31 -05:00
Daniel Nephin 7b5d432121
Merge pull request #10064 from hashicorp/docs-fix-namespace-api-descriptions
docs: fix api-docs namespace descriptions
2021-05-06 15:32:12 -04:00
Andy Assareh 99617a70af
K8s docs: Manual join: add note that kubeconfig not required (#9998)
Per Consul PM, kubeconfig is not required for manual join. I believe this should be clarified in the docs as the current wording refers to the auto join steps above which state kubeconfig is required.
2021-05-06 12:59:25 -06:00
Seth Hoenig 60af6a13ff docs: fix api-docs namespace descriptions
Looks like some copy/paste from ACL docs.
2021-05-06 14:58:08 -04:00
Daniel Nephin 2628974692
Update website/content/commands/config/delete.mdx
Co-authored-by: Jono Sosulska <42216911+jsosulska@users.noreply.github.com>
2021-05-06 14:04:26 -04:00
Daniel Nephin 583850e9d4 docs: remove name field from Mesh config entry
Also document the name of these config entries in the API docs, so that
users know how to query for them.

And fix the name of mesh on the index page.
2021-05-06 13:25:32 -04:00
Paul Banks 3ad754ca7b
Make Raft trailing logs and snapshot timing reloadable (#10129)
* WIP reloadable raft config

* Pre-define new raft gauges

* Update go-metrics to change gauge reset behaviour

* Update raft to pull in new metric and reloadable config

* Add snapshot persistance timing and installSnapshot to our 'protected' list as they can be infrequent but are important

* Update telemetry docs

* Update config and telemetry docs

* Add note to oldestLogAge on when it is visible

* Add changelog entry

* Update website/content/docs/agent/options.mdx

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
2021-05-04 15:36:53 +01:00
Freddy 2ca3f481f8
Only consider virtual IPs for transparent proxies (#10162)
Initially we were loading every potential upstream address into Envoy
and then routing traffic to the logical upstream service. The downside
of this behavior is that traffic meant to go to a specific instance
would be load balanced across ALL instances.

Traffic to specific instance IPs should be forwarded to the original
destination and if it's a destination in the mesh then we should ensure
the appropriate certificates are used.

This PR makes transparent proxying a Kubernetes-only feature for now
since support for other environments requires generating virtual IPs,
and Consul does not do that at the moment.
2021-05-03 14:15:22 -06:00
Frederic Hemberger 9a5a0ba209 docs(discovery/service): Clarify multiple service definitions
Be more explicit that the definition of multiple services only works in config files,
not using the HTTP API.

Ref: https://discuss.hashicorp.com/t/register-multiple-services-via-put-request/
2021-04-30 16:46:02 -07:00
Daniel Nephin 00d3283e93
Merge pull request #10149 from hashicorp/dnephin/config-use-streaming-backend-defualt-true
config: default UseStreamingBackend to true
2021-04-30 16:29:11 -04:00
R.B. Boyer abc1dc0fe9
connect: update supported envoy versions to 1.18.2, 1.17.2, 1.16.3, and 1.15.4 (#10101)
The only thing that needed fixing up pertained to this section of the 1.18.x release notes:

> grpc_stats: the default value for stats_for_all_methods is switched from true to false, in order to avoid possible memory exhaustion due to an untrusted downstream sending a large number of unique method names. The previous default value was deprecated in version 1.14.0. This only changes the behavior when the value is not set. The previous behavior can be used by setting the value to true. This behavior change by be overridden by setting runtime feature envoy.deprecated_features.grpc_stats_filter_enable_stats_for_all_methods_by_default.

For now to maintain status-quo I'm explicitly setting `stats_for_all_methods=true` in all versions to avoid relying upon the default.

Additionally the naming of the emitted metrics for these gRPC requests changed slightly so the integration test assertions for `case-grpc` needed adjusting.
2021-04-29 15:22:03 -05:00
Luigi Tagliamonte 5220699696
Improve doc: add note about address validation (#10123)
* Update website/content/docs/discovery/services.mdx with address field behavior.

Co-authored-by: Jono Sosulska <42216911+jsosulska@users.noreply.github.com>

Co-authored-by: Jono Sosulska <42216911+jsosulska@users.noreply.github.com>
2021-04-29 13:37:50 -04:00
Iryna Shustava 8dffb89131
Implement traffic redirection exclusion based on proxy config and user-provided values (#10134)
* Use proxy outbound port from TransparentProxyConfig if provided
* If -proxy-id is provided to the redirect-traffic command, exclude any listener ports
  from inbound traffic redirection. This includes envoy_prometheus_bind_addr,
  envoy_stats_bind_addr, and the ListenerPort from the Expose configuration.
* Allow users to provide additional inbound and outbound ports, outbound CIDRs
  and additional user IDs to be excluded from traffic redirection.
  This affects both the traffic-redirect command and the iptables SDK package.
2021-04-29 09:21:15 -07:00
Daniel Nephin bb472111fd config: default UseStreamingBackend to true 2021-04-28 18:58:02 -04:00
Freddy 078c40425f
Rename "cluster" config entry to "mesh" (#10127)
This config entry is being renamed primarily because in k8s the name
cluster could be confusing given that the config entry applies across
federated datacenters.

Additionally, this config entry will only apply to Consul as a service
mesh, so the more generic "cluster" name is not needed.
2021-04-28 16:13:29 -06:00
Daniel Nephin 0558586dbd health: use blocking queries for near query parameter 2021-04-27 19:03:16 -04:00
Matt Keeler f7e825afe3
Update changelog and add telemetry docs (#10107) 2021-04-23 16:05:00 -04:00
Paul Banks d717d2cdc4
CLI: Allow snapshot inspect to work on internal raft snapshots directly. (#10089)
* CLI: Add support for reading internal raft snapshots to snapshot inspect

* Add snapshot inspect test for raw state files

* Add changelog entry

* Update .changelog/10089.txt
2021-04-23 16:17:08 +01:00
David Yu b7cc83fde0
docs - Adding json formatting to TProxy HCL examples (#10088)
formatting
2021-04-21 17:17:06 -06:00
Derek Strickland ccb2511ff3
refactor get started links to new tutorial (#10066) 2021-04-20 13:17:50 -04:00
Freddy 8b8c3c1992
Add docs for transparent proxy mode and config (#10038)
Add docs for transparent proxy mode and config

Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2021-04-16 12:50:02 -07:00
Iryna Shustava ba0bc10f09
docs: update helm ref docs and connect docs (#10032)
All k8s connect-related docs now need to mention that we require a Kubernetes service
for all Connect services
2021-04-16 12:49:02 -07:00
Joel Watson fd9e240569 Update upgrade guide from 1.8.4 to 1.8.10 2021-04-15 12:03:24 -05:00
Kent 'picat' Gruber 493f820e9d Add better security warning to docs about the content-type change 2021-04-14 16:36:40 -04:00
Kent 'picat' Gruber d07f57ce67 Update KV docs to note new raw response content-type header 2021-04-14 16:21:03 -04:00
ketzacoatl c8a6fbd994
add consul-haskell to libraries-and-sdks documentation (#9982)
See also https://github.com/alphaHeavy/consul-haskell/issues/40.
2021-04-13 21:06:19 -04:00
Tara Tufano 9deb52e868
add http2 ping health checks (#8431)
* add http2 ping checks

* fix test issue

* add h2ping check to config resources

* add new test and docs for h2ping

* fix grammatical inconsistency in H2PING documentation

* resolve rebase conflicts, add test for h2ping tls verification failure

* api documentation for h2ping

* update test config data with H2PING

* add H2PING to protocol buffers and update changelog

* fix typo in changelog entry
2021-04-09 15:12:10 -04:00
Iryna Shustava 5755c97bc7
cli: Add new `consul connect redirect-traffic` command for applying traffic redirection rules when Transparent Proxy is enabled. (#9910)
* Add new consul connect redirect-traffic command for applying traffic redirection rules when Transparent Proxy is enabled.
* Add new iptables package for applying traffic redirection rules with iptables.
2021-04-09 11:48:10 -07:00
Zachary Shilton 8671762474
website: implement mktg 032 (#9953)
* website: migrate to new nav-data format

* website: clean up unused intro content

* website: remove deprecated sidebar_title from frontmatter

* website: add react-content to fix global style import issue
2021-04-07 15:50:38 -04:00
eddie-rowe 5fe1cc48ff cross-linking for audit logging 2021-04-05 09:35:04 -05:00
Mike Green 68b13f4c70
Docs: add enterprise upgrade link (#9934)
* add enterprise upgrade note
* Update index.mdx
2021-03-29 20:02:42 -04:00
lornasong 8431137c1a
nia/docs 0.1.0 ga (#9946)
* docs/nia: consul compatibilty

* docs/nia: remove beta callouts (#9919)

Co-authored-by: Kim Ngo <6362111+findkim@users.noreply.github.com>
2021-03-29 15:23:10 -04:00
Sabeen Syed 1345b92c73
Add link to TF module tutorial and example TF modules (#9937)
Add link to TF tutorial
Add links to print TF module and template for TF modules
2021-03-28 23:19:31 -05:00
Sabeen Syed c64f3600f0
Add Avi Network, AWS ALB and NS1 TF Registies and GitHub links (#9938)
Add Avi Network GH link
Add AWS ALB TF Registry and GH link
Add NS1 TF Registry and GH link
2021-03-27 01:52:41 -05:00
Daniel Nephin 5d5abedb1f
Merge pull request #9917 from Ranjandas/docs/exec-cmd-acl
Document agent token policy requirement for rexec
2021-03-25 17:49:47 -04:00
danielehc eba632da13
Cross linking Learn tutorials (#9893)
* Cross linking Learn tutorials

* Update website/content/docs/nia/index.mdx

Co-authored-by: Kim Ngo <6362111+findkim@users.noreply.github.com>

* Cross linking Learn tutorials

* Cross linking Learn tutorials

* Add links to doc

Co-authored-by: Kim Ngo <6362111+findkim@users.noreply.github.com>
2021-03-24 18:58:10 +01:00
Ranjandas 7857c5746f Document agent token policy requirement for rexec
The Agent token policy when using rexec should have `write` on "_rexec"
key prefix. Updated the exec command documentation to explicitly state
this requirement.
2021-03-23 15:51:56 +11:00
Jono Sosulska 277de5addc
Update telemetry docs (#9905)
* Fixes #2379-Improve interval explanation in the telemetry doc

* Fixes #4734-Update consul memory metrics

* Fixes #4836-Removed node.deregistration as that isn't in state.go

* Fixes #8986 partially-Trim redundant language

* Fixes #9087-Adds helpful details to telemetry on autopilot

* Fixes #9274-Addresses NaN output in autopilot
2021-03-22 18:47:41 -04:00
Kim Ngo e6cc186d79
docs/nia: Update CTS configuration example to not confuse vault provider with vault config block (#9909) 2021-03-19 16:52:32 -05:00
Iryna Shustava 199a0b0c19
docs: Update Helm reference docs (#9904) 2021-03-19 09:12:49 -07:00
Nitya Dhanushkodi 147628859d
Add metrics documentation (#9848) 2021-03-18 17:20:54 -07:00
woz5999 ea33c390ce update docs and add changelog 2021-03-18 19:02:34 -04:00
Christoph Puhl 11f60c46a3
Removing unnecessary comment (#9890)
Removing unnecessary comment around CRL to avoid confusion, as discussed with @banks
2021-03-18 14:39:25 -04:00
Christopher Broglie f0307c73e5 Add support for configuring TLS ServerName for health checks
Some TLS servers require SNI, but the Golang HTTP client doesn't
include it in the ClientHello when connecting to an IP address. This
change adds a new TLSServerName field to health check definitions to
optionally set it. This fixes #9473.
2021-03-16 18:16:44 -04:00
Luke Kysow a1d5e1fb41
docs: rename SourceAddress to SourceIP (#9878)
SourceAddress was probably renamed to SourceIP but the docs weren't
updated.
2021-03-15 14:39:33 -07:00
Christoph Puhl a11ed1570a Add namespaces to prepared query API docs
Add missing section on creating prepared query for namespaced services
2021-03-15 10:04:53 +01:00
Mike Wickett 8f72c17248 fix: syntax issue 2021-03-11 17:05:21 -05:00
Preetha ccde7e5f8b
Small changes to gossip related telemetry docs (#9846)
Update gossip related telemetry docs to include correct descriptions, and added missing metrics
2021-03-11 14:21:32 -06:00
Freddy d38fa1cbcf
Merge pull request #9869 from DanielMabbett/patch-1
Fix typo in requirements.mdx
2021-03-11 12:49:57 -07:00
Kyle Havlovitz 1e87c7183a
Merge pull request #9672 from hashicorp/ca-force-skip-xc
connect/ca: Allow ForceWithoutCrossSigning for all providers
2021-03-11 11:49:15 -08:00
Freddy 555961e036
Merge pull request #9770 from hashicorp/docs/fix-terminating-gateway-config-entry
Docs: Update terminating-gateway-config-entry
2021-03-11 12:42:20 -07:00
Kyle Havlovitz d62565f368
Merge pull request #9792 from dzeban/kv-import-prefix
command/kv: Add prefix option to kv import command
2021-03-11 09:47:53 -08:00
Daniel Mabbett f923a2d249
Update requirements.mdx 2021-03-11 10:08:53 +00:00
Robert Kuska 6fe45c075f
Add units and types to metrics tables (#9674)
This commits adds units and types to key metrics tables to have
consistent table views of all metrics in telemetry.mdx.

Fixes: https://github.com/hashicorp/consul/issues/9069
2021-03-10 22:36:15 -05:00
Nitya Dhanushkodi 15e8b13891
Add flags to consul connect envoy for metrics merging. (#9768)
Allows setting -prometheus-backend-port to configure the cluster
envoy_prometheus_bind_addr points to.

Allows setting -prometheus-scrape-path to configure which path
envoy_prometheus_bind_addr exposes metrics on.

-prometheus-backend-port is used by the consul-k8s metrics merging feature, to
configure envoy_prometheus_bind_addr to point to the merged metrics
endpoint that combines Envoy and service metrics so that one set of
annotations on a Pod can scrape metrics from the service and it's Envoy
sidecar.

-prometheus-scrape-path is used to allow configurability of the path
where prometheus metrics are exposed on envoy_prometheus_bind_addr.
2021-03-04 16:15:47 -06:00
Ranjandas 851a1b123d Add a sample error message 2021-03-02 12:48:03 +11:00
Ranjandas 9827a02ef6
Update vms-and-kubernetes.mdx 2021-03-02 10:20:24 +11:00
Ranjandas 479d6e6862
Added references to node name 2021-03-02 09:44:35 +11:00
Ranjandas 9c74d6cc3a
Update cert creation instruction for Federation
The Server certificates used for Federation require the node name in the form of `<node>.server.<dc>.<domain>`. Not having this would through `bad tls certificate` error.

* Fixed cert create command
* Added note to create a wildcard cert (like the ones on Kubernetes)
* Fixed numbering
2021-03-02 09:39:46 +11:00
R.B. Boyer 398b766532
xds: default to speaking xDS v3, but allow for v2 to be spoken upon request (#9658)
- Also add support for envoy 1.17.0
2021-02-26 16:23:15 -06:00
Daniel Nephin 6b95e8dfe2
Merge pull request #9188 from hashicorp/dnephin/more-streaming-tests
Add more streaming tests
2021-02-26 12:36:55 -05:00
Daniel Nephin 566efad2e7
Merge pull request #9759 from hashicorp/dnephin/streaming-default-rpc-enabled
streaming: default rpc.enable_streaming to true
2021-02-26 12:08:00 -05:00
Kim Ngo b678eabbf5
nia/docs 0.1.0 beta (#9803)
nia/docs 0.1.0-beta

Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
Co-authored-by: Lorna Song <lorna@hashicorp.com>
Co-authored-by: John Eikenberry <jae@zhar.net>
2021-02-25 16:48:24 -06:00
Daniel Nephin 1156519d97 docs: fix grpc metric names 2021-02-25 14:30:39 -05:00
Daniel Nephin 3aec942b17 streaming: default rpc.enable_streaming to true
So that all servers will start the grpc server used by streaming
2021-02-25 14:06:04 -05:00
Daniel Nephin 5b2300e63f docs: Fix reference to dns_config.use_cache 2021-02-25 13:52:09 -05:00
Blake Covarrubias fa77e9e1f7 docs: Fix code tag displaying on ACL binding rules
Fix indentation of code blocks on ACL binding rules page so that code
fence does not display in JSON output.
2021-02-22 15:18:08 -08:00
R.B. Boyer 3b6ffc447b
xds: remove deprecated usages of xDS (#9602)
Note that this does NOT upgrade to xDS v3. That will come in a future PR.

Additionally:

- Ignored staticcheck warnings about how github.com/golang/protobuf is deprecated.
- Shuffled some agent/xds imports in advance of a later xDS v3 upgrade.
- Remove support for envoy 1.13.x but don't add in 1.17.x yet. We have to wait until the xDS v3 support is added in a follow-up PR.

Fixes #8425
2021-02-22 15:00:15 -06:00
kaitlincarter-hc 4f9b35b2d8
fix typo and add link to Learn (#9799) 2021-02-22 08:32:07 -08:00
Daniel Nephin cb3adec2bf
Merge pull request #9777 from hashicorp/dnephin/remove-some-deprecation
docs: remove a couple deprecations
2021-02-19 13:31:20 -05:00
Alex Dzyoba 098fd1797b command/kv: Add prefix option to kv import command
Currently when data is imported via `consul kv import` it overwrites
keys under the root key. Since `consul kv export` can retrieve data for
the given prefix, i.e. part of the KV tree, importing it under root may
be not what users want.

To mirror prefix behavior from export this PR adds prefix feature to the
import command that adds prefix to all keys that are imported.
2021-02-19 14:07:25 +03:00
Ashwin Venkatesh cd428060f6
Update helm docs for consul-helm v0.30.0 (#9779) 2021-02-17 14:08:35 -05:00
Luke Kysow 2df91c2050
Docs describing migrating to CRDs (#9562)
* Document how users can migrate to CRDs.
* Update documentation for federation with new `ProxyDefaults`
requirement.
* Ensure `controller.enabled: true` is set in our example configs.
* Remove `connect-service-protocol` annotation docs.
2021-02-17 14:01:52 -05:00
Daniel Nephin 9bedb8b364 docs: remove a couple deprecations
These filters can not be reproduced with bexpr just yet.
2021-02-17 13:10:05 -05:00
Paul Banks 9668832506
Add docs for MIME sniffing on metrics endpoint. (#9696)
* Add docs for MIME sniffing on metrics endpoint.

This was added in 1.7.2 last year but I realised we don't document it so it's kinda surprising Prometheus "just works" now.

* Update website/content/api-docs/agent/index.mdx
2021-02-17 10:39:08 +00:00
Christoph Puhl 45a569d935
Update terminating-gateway.mdx
fix crds support reference and adding ACL clarification for linked services.
2021-02-15 14:54:40 +01:00
Eddie Rowe 35be57fb01 nagios vs sensu updates 2021-02-12 10:44:41 -06:00
Daniel Nephin c522f8defd
Merge pull request #9758 from hashicorp/dnephin/fix-streaming-bugs
http: error if near is used with streaming
2021-02-12 10:37:29 -05:00
Preetha 4174bc4330
Add docs section on regenerating expired CA certificates (#9709)
* Updated docs on regenerating built in CA

* review feedback

* Add sentence about expected behavior after update CA endpoint is used.
2021-02-11 15:38:12 -06:00
Daniel Nephin b909088500 http: error if near is used with streaming 2021-02-11 14:10:38 -05:00
R.B. Boyer 6eeccc93ce
connect: update supported envoy point releases to 1.16.2, 1.15.3, 1.14.6, 1.13.7 (#9737) 2021-02-10 13:11:15 -06:00
Derek Strickland 37227f7d11
Crosslink new microservices collection. (#9704) 2021-02-08 13:27:20 -05:00
David Yu 36db3b50e6
docs: fix another broken link to upgrading k8s servers from token rotation page (#9707)
fix another broken link to upgrading k8s servers from token rotation page
2021-02-04 09:44:04 -08:00
David Yu 94389f9619
docs: Small change to fix broken link to k8s upgrade from k8s tls certs page (#9705)
Broken link to k8s server upgrade from tls certs page
2021-02-04 09:13:32 -08:00
Kim Ngo 6b92b778c5
docs/nia: recommend sensitive variables for module authoring (#9692) 2021-02-02 14:57:46 -06:00
Kim Ngo e48a96eac1
docs/nia: Update verbiage around securely configuring providers (#9684)
This reorganizes and flags where and when sensitive information may
be written in plain-text
2021-02-02 13:24:25 -06:00
Mike Morris 504aa7c5fe
website: add release notes for 1.9 (#9189)
* website: initial draft of release notes framework

* website: fixup ref to 1-9-0.mdx

* Update website/pages/docs/release-notes/1-9-0.mdx

* Update website/pages/docs/release-notes/1-9-0.mdx

* website: add draft of 1.9.0 release notes

* website: move release-notes directory from /pages to /content

* Update 1-9-0.mdx

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/release-notes/1-9-0.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-01-29 18:00:32 -05:00
Ashwin Venkatesh 3da918089d
Add docs for TLS Server Certificate rotation for K8S (#9636)
* Add docs for TLS Server Certificate rotation for K8s
2021-01-29 17:13:28 -05:00
Kyle Havlovitz 7dac583863 connect/ca: Allow ForceWithoutCrossSigning for all providers
This allows setting ForceWithoutCrossSigning when reconfiguring the CA
for any provider, in order to forcibly move to a new root in cases where
the old provider isn't reachable or able to cross-sign for whatever
reason.
2021-01-29 13:38:11 -08:00
Luke Kysow b5212fbcc6
Add operations section to k8s notes (#9625)
* Add operations section to k8s notes

* Unify faq/troubleshooting
2021-01-29 11:15:40 -08:00
Kyle Havlovitz b2dc7f7d9b
Merge pull request #9541 from sadedil/patch-1
Add a CLI tool for "Client Libraries & SDKs" page
2021-01-28 10:18:41 -08:00
David Yu b2d00dce7a
docs: Update Compat Matrix for Consul Helm 0.29 (#9657)
* docs: Update Compat Matrix for Consul Helm 0.29

Adding 0.29

* Update compatibility.mdx
2021-01-27 14:39:03 -08:00
Luke Kysow 9f006fdcc8
Document proxy-defaults config for prometheus (#9640) 2021-01-26 17:19:30 -08:00
Jeff Escalante d1db0c2645
fix error in component name on autopilot page (#9638) 2021-01-25 20:00:28 -05:00
Chris Boulton 8a35df81c7
connect: add local_request_timeout_ms to configure local_app http timeouts (#9554) 2021-01-25 13:50:00 -06:00
Iryna Shustava 92b3f7d814
docs: Add k8s troubleshooting docs (hostPort vs hostNetwork) (#9464) 2021-01-22 16:31:37 -08:00
Ashwin Venkatesh 851c44cff5
Merge pull request #9612 from hashicorp/ui-ingress
Update docs with fields for ingress support for consul UI
2021-01-22 15:17:40 -05:00
Ashwin Venkatesh 8b3bbcabbc Update docs with fields for ingress support for consul UI 2021-01-22 12:19:43 -05:00
danielehc 283da85f78
Update index.mdx (#9618) 2021-01-22 18:07:23 +01:00
Mustafa Sadedil d5b9abe761
Remove tool ref from the wrong page 2021-01-21 23:04:50 +03:00
Mustafa Sadedil d5c4418a65
Add new CLI tool to Community Tools Page (kvit) 2021-01-21 23:03:36 +03:00
markblackman eb5c0ebbb3
Note to steer consumers away from unmaintained python-consul (#9544)
* Quick note to steer consumers away from unmaintained python-consul
2021-01-21 11:38:29 -08:00
Mark Lewis ee368e9a00
Update options.mdx (#9578)
MInor typo.
2021-01-18 15:31:39 +00:00
Luke Kysow 10b8090db9
Remove guides that live in learn.hashicorp.com now (#9563) 2021-01-14 08:46:55 -08:00