Pierre Souchay
fab55bee2b
dns: implements prefix lookups for DNS TTL ( #4605 )
...
This will fix https://github.com/hashicorp/consul/issues/4509 and allow forinstance lb-* to match services lb-001 or lb-service-007.
2018-10-19 08:41:04 -07:00
Kyle Havlovitz
c617326470
re-add Connect multi-dc config changes
...
This reverts commit 8bcfbaffb6
.
2018-10-19 08:41:03 -07:00
Jack Pearkes
8bcfbaffb6
Revert "Connect multi-dc config" ( #4784 )
2018-10-11 17:32:45 +01:00
danielehc
40017f5e59
Update creating-certificates.html.md ( #4780 )
...
In case `verify_server_hostname` is set in the configuration, Consul checks the certificate against `server.<datacenter>.<domain>`.
The name suggested by the guide generates errors like the following:
```
2018/10/10 12:42:20 [ERR] consul: Failed to confirm peer status for consul-3: rpc error getting client: failed to get conn: x509: certificate is valid for server.node.consul.labs, localhost, not server.consul.labs. Retrying in 16s...
```
Removing the `node` part from the certificate permits them to work also when that option is set.
2018-10-11 14:23:51 +02:00
Aestek
25f04fbd21
[Security] Add finer control over script checks ( #4715 )
...
* Add -enable-local-script-checks options
These options allow for a finer control over when script checks are enabled by
giving the option to only allow them when they are declared from the local
file system.
* Add documentation for the new option
* Nitpick doc wording
2018-10-11 13:22:11 +01:00
Paul Banks
51c0001aad
[WIP] Initial draft of Sidecar Service and Managed Proxy deprecation docs ( #4752 )
...
* Initial draft of Sidecar Service and Managed Proxy deprecation docs
* Service definition deprecation notices and sidecar service
* gRPC and sidecar service config options; Deprecate managed proxy options
* Envoy Docs: Basic envoy command; envoy getting started/intro
* Remove change that snuck in
* Envoy custom config example
* Add agent/service API docs; deprecate proxy config endpoint
* Misc grep cleanup for managed proxies; capitalize Envoy
* Updates to getting started guide
* Add missing link
* Refactor Envoy guide into a separate guide and add bootstrap reference notes.
* Add limitations to Envoy docs; Highlight no fixes for known managed proxy issues on deprecation page; clarify snake cae stuff; Sidecar Service lifecycle
2018-10-11 10:44:42 +01:00
Pierre Souchay
251156eb68
Added SOA configuration for DNS settings. ( #4714 )
...
This will allow to fine TUNE SOA settings sent by Consul in DNS responses,
for instance to be able to control negative ttl.
Will fix: https://github.com/hashicorp/consul/issues/4713
# Example
Override all settings:
* min_ttl: 0 => 60s
* retry: 600 (10m) => 300s (5 minutes),
* expire: 86400 (24h) => 43200 (12h)
* refresh: 3600 (1h) => 1800 (30 minutes)
```
consul agent -dev -hcl 'dns_config={soa={min_ttl=60,retry=300,expire=43200,refresh=1800}}'
```
Result:
```
dig +multiline @localhost -p 8600 service.consul
; <<>> DiG 9.12.1 <<>> +multiline @localhost -p 8600 service.consul
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36557
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;service.consul. IN A
;; AUTHORITY SECTION:
consul. 0 IN SOA ns.consul. hostmaster.consul. (
1537959133 ; serial
1800 ; refresh (30 minutes)
300 ; retry (5 minutes)
43200 ; expire (12 hours)
60 ; minimum (1 minute)
)
;; Query time: 4 msec
;; SERVER: 127.0.0.1#8600(127.0.0.1)
;; WHEN: Wed Sep 26 12:52:13 CEST 2018
;; MSG SIZE rcvd: 93
```
2018-10-10 15:50:56 -04:00
Kyle Havlovitz
56dc426227
agent: add primary_datacenter and connect replication config options
2018-10-10 12:17:59 -07:00
Kyle Havlovitz
46c829b879
docs: deprecate acl_datacenter and replace it with primary_datacenter
2018-10-10 12:16:47 -07:00
Dan Brown
26c94764b8
Fix retry_join config documentation ( #4757 )
...
'retry_join': source data must be an array or slice, got string
2018-10-05 14:16:02 -04:00
Freddy
95c7098848
Update semaphore guide ( #4661 )
...
* Fill in gaps in semaphore guide
* Update to match that values come back b64 encoded
* Add that the value needs to be decoded
* Remove outdated reference to session1
* Fix some typos
* Clarify what is mean by a session having an active key
* Clarify requirements for lock holders in semaphore guide
2018-10-04 12:06:53 -10:00
Dan Brown
d3b6750c3b
Add Deployment Guide and update links ( #4487 )
...
* Adds Deployment Guide and update links
* Fixes releases link
* Re-organisation of content
* Cuts down "deployment" doc (which should focus on Reference Architecture) by moving raft and performance tuning to the Server Performance page which already covers some of this.
* Moves backups from "deployment" doc (which should focus on Reference Architecture) to "deployment-guide"
* Cleans up some notes and add single DC diagram
* Removes old link to deployment guide from nav
* Corrects minor styling, formatting, and grammar
2018-10-03 11:37:36 -10:00
Matt Keeler
cc8327ed9a
Ensure that errors setting up the DNS servers get propagated back to the shell ( #4598 )
...
Fixes : #4578
Prior to this fix if there was an error binding to ports for the DNS servers the error would be swallowed by the gated log writer and never output. This fix propagates the DNS server errors back to the shell with a multierror.
2018-09-07 10:48:29 -04:00
Geoffrey Grosenbach
72fac5b823
Adds XL machine spec and notes on large deployments ( #4622 )
...
* Adds XL machine spec and notes on large deployments
* Clarifies machine sizes
* Fixes internal links within the document
* Moves datacenter size guidelines to "Single Datacenter" section
2018-08-31 10:41:48 -05:00
Jack Pearkes
c1bf14be30
website: use 127.0.0.1 instead of consul.rocks ( #4523 )
...
By default, the Consul agent listens on the local interface
at port 8500 for API requests. This change makes the API examples
using `curl` copy-pasteable for this default configuration.
2018-08-28 09:07:15 -07:00
Rémi Jouannet
2767ae860b
Update monitoring-telegraf.html.md
2018-08-24 16:48:02 +02:00
Miroslav Bagljas
3c23979afd
Fixes #4483 : Add support for Authorization: Bearer token Header ( #4502 )
...
Added Authorization Bearer token support as per RFC6750
* appended Authorization header token parsing after X-Consul-Token
* added test cases
* updated website documentation to mention Authorization header
* improve tests, improve Bearer parsing
2018-08-17 16:18:42 -04:00
sandstrom
14f19f75a6
Clarify port usage for agents ( #4510 )
2018-08-14 16:10:01 -07:00
Geoffrey Grosenbach
a03512496f
Consul Production Deployment Guide
...
Renames guide to "Production Deployment"
Adds link in sidebar menu.
Implements edits suggested by Consul engineering team.
2018-08-10 11:51:05 -07:00
Geoffrey Grosenbach
5d2855ecda
Remove all mention of Atlas, even in deprecated changelogs
2018-08-03 10:51:18 -07:00
Jeff Escalante
0f12370cfb
a couple more corrections
2018-07-27 19:39:44 -04:00
Jeff Escalante
30d27d8356
fix a couple html errors ( #4456 )
2018-07-26 16:30:24 -07:00
Peter Souter
0888b435ee
Adds Monitoring with Telegraf guide ( #4227 )
...
* Installing Telegraf
* Configuring Telegraf
* Configuring Consul to send metrics to Telegraf
* Important metrics and aggregates
2018-07-23 16:46:43 -07:00
Matt Keeler
d19c7d8882
Merge pull request #4303 from pierresouchay/non_blocking_acl
...
Only send one single ACL cache refresh across network when TTL is over
2018-07-10 08:57:33 -04:00
Pierre Souchay
1e7665c0d5
Updated documentation and adding more test case for async-cache
2018-07-01 23:50:30 +02:00
Pierre Souchay
bfc83ce045
Updated ACL guide
2018-07-01 23:50:30 +02:00
Siva
e281a3f925
Changes made :
...
1. Website
Changed some of the wordings and reorganized the content of the website.
2. Code:
Removed sleep and exit lines from the code.
2018-06-28 21:18:14 -04:00
Siva
7969d16e42
Added guide for Windows Service
2018-06-26 18:23:55 -04:00
mkeeler
6813a99081
Merge remote-tracking branch 'connect/f-connect'
2018-06-25 19:42:51 +00:00
Paul Banks
2a467003a0
Fix some doc typos.
2018-06-25 12:26:21 -07:00
Paul Banks
f0059665bb
Add proxy config reference and Complete TODOs in production guide
2018-06-25 12:26:20 -07:00
Paul Banks
959f0c612c
Fix relative links
2018-06-25 12:26:20 -07:00
Paul Banks
20a6a40216
Link from getting started; note on incremental adoption
2018-06-25 12:26:20 -07:00
Paul Banks
ac0c5c2bfa
Connect production guide draft 1
2018-06-25 12:26:20 -07:00
Paul Banks
b757b5cc48
Initial draft of connect production guide
2018-06-25 12:26:20 -07:00
Matt Keeler
585f0e8113
Merge pull request #4150 from hashicorp/topfunky-patch-1
...
Minor clarification of server nodes
2018-06-20 10:55:45 -04:00
Omar Khawaja
8f66362770
update encryption doc and add guide for creating certificates ( #4238 )
...
* update encryption doc and add guide for creating certificates in consul with cfssl
* add details about CLI and disabling HTTP
* delete $ symbols and add guide elements
* add missing periods and steps heading
2018-06-18 15:25:35 -04:00
Matt Keeler
5286b3843d
Put systemd-resolved in backticks
2018-06-05 10:38:42 -04:00
Matt Keeler
316f0ea729
Mention that PTR queries get sent to all resolvers
2018-06-04 13:56:34 -04:00
Matt Keeler
1db6ab6f39
Update DNS forwarding docs to include how to use with systemd-resolved
2018-06-04 13:43:47 -04:00
Geoffrey Grosenbach
071576c0db
Minor clarification of server nodes
...
In **Node Removal** section, clarify that server nodes are being discussed.
2018-05-23 14:59:31 -07:00
Geoffrey Grosenbach
0c8e77b2a5
Consul production deployment guide
2018-05-11 19:30:13 -07:00
Geoffrey Grosenbach
660673f831
WIP Edits to Consul production deployment guide
2018-05-10 18:18:08 -07:00
Geoffrey Grosenbach
0fa62a8e3c
WIP Consul deployment guide
2018-05-10 17:47:44 -07:00
Jack Pearkes
559d35156a
Merge pull request #3929 from sryabkov/patch-1
...
Highlighting the dead link in documentation
2018-03-19 16:00:32 -07:00
Jack Pearkes
6fb94ff40a
website: clarify where ACL token is set in the UI
2018-03-14 16:50:04 -07:00
Jack Pearkes
c66628a06f
website: add section on securing the UI with ACLs
...
Figured it would be worth documenting due to #3931 .
2018-03-14 16:46:04 -07:00
Jack Pearkes
652e821511
Merge pull request #3884 from rberlind/master
...
Updated Stale Reads section of DNS Caching Guide
2018-03-13 16:56:58 -07:00
Sergei Ryabkov
82d195b695
Highlighting the dead link
...
I am proposing to remove a dead link (https://atlas.hashicorp.com/help/consul/alternatives ). If the page has moved and the new location is known, it would be of course better to update the link.
2018-03-02 18:22:19 -05:00
Paul Banks
e833b535a6
Notes on ACL token storage and permissions
2018-03-02 16:20:11 +00:00
Paul Banks
a216d136fe
Fix a couple of minor typos found in docs.
2018-02-13 16:21:12 +00:00
Roger Berlind
bad4f2f404
Updated Stale Reads section of DNS Caching Guide
...
I updated the content based on discussion with James Phillips in #team-connect on 2/8/2018.
2018-02-12 11:26:10 -05:00
Preetha
6d969d372b
Clarification around locking ( #3853 )
2018-02-01 14:08:06 -06:00
James Phillips
410e96108a
Update external.html.md
2018-01-12 13:23:16 -08:00
Tomas Celaya
36ea244ced
Include a warning about the interaction between `translate_wan_addrs` and `bind_addr` in the Basic WAN guide.
2017-12-14 13:12:04 -08:00
Ivan Smirnov
db1623c44f
Fix syntax error.
...
Running consul 1.0.0, 'consul operator raft' requires 'list-peers' rather than '-list-peers'
2017-11-20 20:17:20 -08:00
James Phillips
d85dfffcae
Update atlas.html.md
2017-11-02 14:16:47 -07:00
Preetha Appan
89b98d2fe2
Update autopilot documentation to mention correct Consul version that defaults raft protocol to 3.
2017-10-19 11:31:29 -05:00
James Phillips
036efc663d
Update sentinel.html.markdown.erb
2017-10-13 12:15:08 -07:00
csawyerYumaed
0f79922795
Update dns forwarding documentation ( #3574 )
...
Add details about setting up macOS to point to consul for services without the headache of dnsmasq, bind, etc.
2017-10-12 14:25:57 -07:00
Frank Schroeder
2191511e9f
doc: drop last references to -retry-join-* options
2017-10-04 19:12:28 +02:00
Preetha Appan
41ec69f71a
Update ACL guide to describe the new list policy for Keys
2017-10-04 06:19:20 -05:00
Preetha Appan
9b3481265a
Fix grammar in containers guide.
2017-09-29 10:37:04 -05:00
Preetha Appan
2c684ebb51
Update containers guide to mention that Consul now handles nodes changing IP addresses.
2017-09-29 10:20:33 -05:00
Preetha Appan
54bb478372
Update sentinel documentation to remove features that are coming in a future release
2017-09-28 21:00:00 -05:00
Alex Dadgar
26dfd4cf16
Fix mispelled words
2017-09-27 11:20:01 -07:00
Michael Stewart
30106fc421
Fix docs/guides/segements sidebar selection.
2017-09-19 16:45:39 -05:00
Preetha Appan
7ca8b3ad8b
Adds documentation for Sentinel integration in Consul Enterprise.
2017-09-19 09:02:53 -05:00
James Phillips
5888d1884f
Update outage.html.md
2017-09-06 21:19:46 -07:00
James Phillips
f872996429
Update segments.html.markdown.erb
2017-09-06 16:42:13 -07:00
James Phillips
9258506dab
Adds simple rate limiting for client agent RPC calls to Consul servers. ( #3440 )
...
* Added rate limiting for agent RPC calls.
* Initializes the rate limiter based on the config.
* Adds the rate limiter into the snapshot RPC path.
* Adds unit tests for the RPC rate limiter.
* Groups the RPC limit parameters under "limits" in the config.
* Adds some documentation about the RPC limiter.
* Sends a 429 response when the rate limiter kicks in.
* Adds docs for new telemetry.
* Makes snapshot telemetry look like RPC telemetry and cleans up comments.
2017-09-01 15:02:50 -07:00
James Phillips
745537fed4
Tweaks network segments guide.
2017-09-01 11:19:39 -07:00
Kyle Havlovitz
40f7508016
Update segment docs
2017-08-31 17:39:57 -07:00
Kyle Havlovitz
00d03f1141
Add doc sections for network segments
2017-08-31 11:19:08 -07:00
Kevin Bidwell
9cae329c27
Added configuration instructions for forwarding DNS queries from Unbound to consul.
2017-08-18 08:45:43 -06:00
Preetha Appan
dc23d55524
Add note about configuring recursors to be able to resolve external services.
2017-08-09 11:13:30 -05:00
James Phillips
ef43044494
Adds a note about not replicating data to FAQ and federation-related spots.
2017-08-04 16:14:39 -07:00
James Phillips
4bee2e49f5
Adds secure introduction for the ACL replication token. ( #3357 )
...
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
Preetha Appan
c3eb1475fb
Fix incorrect punctuation
2017-08-03 16:40:22 -05:00
James Phillips
c0a5ad7903
Adds a new /v1/acl/bootstrap API ( #3349 )
2017-08-02 17:05:18 -07:00
Preetha Appan
82b88cb92d
Minor tweaks, fixed spacing issue with docker run examples
2017-08-01 16:38:34 -05:00
Preetha Appan
7e58245d4d
Address more review comments
2017-08-01 15:25:13 -05:00
Preetha Appan
d4fb271a3d
Added links to new containers guide to navbar and index pages
2017-08-01 11:48:25 -05:00
Preetha Appan
9c7cde36da
Added a section on configuration
2017-08-01 11:36:34 -05:00
Preetha Appan
aa64d4bc61
More tweaks and grammar corrections
2017-08-01 11:13:24 -05:00
Preetha Appan
fb28d552da
More review feedback
2017-08-01 10:38:43 -05:00
Preetha Appan
5dc07f2322
Addressed review comments
2017-07-31 19:56:42 -05:00
Preetha Appan
857a8e200e
Capitalize Consul and Docker throughout
2017-07-31 17:54:03 -05:00
Preetha Appan
d45ceff4b7
First pass at a consul containers guide
2017-07-31 17:19:15 -05:00
James Phillips
9f10566314
Update geo-failover.html.md
2017-07-26 16:42:35 -07:00
James Phillips
44128e5bbb
Update geo-failover.html.md
2017-07-26 15:44:17 -07:00
James Phillips
59b9164142
Adds a geo failover guide using prepared queries. ( #3328 )
2017-07-26 15:40:01 -07:00
James Phillips
496b0bcf07
Adds support for agent-side ACL token management via API instead of config files. ( #3324 )
...
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
James Phillips
6abc5757b1
Tweaks title.
2017-07-18 14:48:38 -07:00
Kyle Havlovitz
689c8bc934
Add UpgradeVersionTag information to docs
2017-07-18 14:01:21 -07:00
James Phillips
cbfb4388d1
Update acl.html.md
2017-07-18 07:44:35 -07:00
James Phillips
37c78e3077
Improves structure of ACL guide.
2017-07-18 07:41:59 -07:00
James Phillips
0c376fb656
Removes a merge conflict marker from the ACL guide.
2017-07-18 07:35:17 -07:00
Charlie Voiselle
6c75e79158
Removed localhost from links ( #3289 )
...
Two links were still referring to localhost. Made them relative and tested.
2017-07-17 19:59:58 -07:00
James Phillips
1791d99a10
Adds new config to make script checks opt-in, updates documentation. ( #3284 )
2017-07-17 11:20:35 -07:00