* updated nav; renamed L7 traffic folder
* Added locality-aware routing to traffic mgmt overview
* Added route to local upstreams topic
* Updated agent configuration reference
* Added locality param to services conf ref
* Added locality param to conf entries
* mentioned traffic management in proxies overview
* added locality-aware to failover overview
* added docs for service rate limiting
* updated service defaults conf entry
* Apply suggestions from code review
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
* updated links and added redirects
---------
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
This PR fixes an issue where upstreams did not correctly inherit the proper
namespace / partition from the parent service when attempting to fetch the
upstream protocol due to inconsistent normalization.
Some of the merge-service-configuration logic would normalize to default, while
some of the proxycfg logic would normalize to match the parent service. Due to
this mismatch in logic, an incorrect service-defaults configuration entry would
be fetched and have its protocol applied to the upstream.
* updated architecture topic
* fixed type in arch diagram filenames
* fixed path to img file
* updated index page - still need to add links
* moved arch and tech specs to reference folder
* moved other ref topics to ref folder
* set up the Deploy folder and TF install topics
* merged secure conf into TF deploy instructions
* moved bind addr and route conf to their own topics
* moved arch and tech specs back to main folder
* update migrate-existing-tasks content
* merged manual deploy content; added serv conf ref
* fixed links
* added procedure for upgrading to dataplanes
* fixed linked reported by checker
* added updates to dataplanes overview page
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
* updated links and added redirects
* removed old architecture content
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
Replaces unicode quotation marks with ASCII quotation marks.
For code examples, this fixes HCL decoding errors that would otherwise
be raised when attempting to read the file.
Remove YAML service registration examples and replace them with JSON.
This is because YAML is not a supported configuration format for the
Consul's agent configuration, nor is it supported by the HTTP API.
This commit replaces the YAML examples with JSON and adds additional
JSON examples where they were missing.
Fixes configuration examples for several Consul Kubernetes CRDs. The
CRDs were missing required fields such as `apiVersion`, `metadata`,
and `spec`.
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
HCL and JSON configuration examples were being displayed in the same
code block. This commit separates the configurations to properly
display them as independent configuration examples.
This commit fixes syntax errors in HCL, JSON, and YAML example
configurations. In some cases, it replaces the code example with the
proper format for the code block.
Also fixes HCL formatting and misc opportunistic updates to codeblock.
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
* adding apigee for ext_authz, minor fix
* adding the Apigee docs to nav
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake.covarrubias@gmail.com>
* addressing feedback
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake.covarrubias@gmail.com>
* added consul and envoy version constraints
* fixed Destination configuraiton and added tproxy requirement
* Apply suggestions from code review
Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
---------
Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
* first commit; reformat PD conf entry
* updated proxies overview page
* added Deploy SM proxy usage and removed reg index
* moved sidecar proxy usage to main proxy folder
* recast sidecar reg page as Deploy sidecar services
* fix typos
* recast SM reg as conf reference- set the sidebar
* add redirects
* fix links
* add PD conf entry usage to appropro pages
* edits to proxy conf ref
* fix links on index page
* example command to write PD conf entry
* updated links to old SM proxy reg page
* updated links to sidecar service reg page
* tryna fix front matter issues
* Apply suggestions from code review
Co-authored-by: Ronald <roncodingenthusiast@users.noreply.github.com>
* added paragraph about SM proxies to overivew
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Ronald <roncodingenthusiast@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* fix broken link caught in weekly report
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
The `grep` command used to obtain the ID for the terminating gateway
role is not reliable in all scenarios. For example, if there is a
similarly named role, the command may return the wrong role ID for the
active terminating gateway instance.
This commit updates the command to use jq to obtain the role ID. If
multiple roles are found, jq will raise an error informing the user
that it cannot reliably determine the role ID.
* replaced ordered list of rate limit ops with flow diagram
* made diagram font bigger
* updated colors for dark mode img
* fixed typo
* recentered dark mode image
* Apply suggestions from code review
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
---------
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* [CC-5719] Add support for builtin global-read-only policy
* Add changelog
* Add read-only to docs
* Fix some minor issues.
* Change from ReplaceAll to Sprintf
* Change IsValidPolicy name to return an error instead of bool
* Fix PolicyList test
* Fix other tests
* Apply suggestions from code review
Co-authored-by: Paul Glass <pglass@hashicorp.com>
* Fix state store test for policy list.
* Fix naming issues
* Update acl/validation.go
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
* Update agent/consul/acl_endpoint.go
---------
Co-authored-by: Paul Glass <pglass@hashicorp.com>
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
Doc guidance for federation with externalServers
Add guidance for proper configuration when joining to a secondary
cluster using WAN fed with external servers also enabled.
Also clarify federation requirements and fix formatting for an
unrelated value.
Update both the Helm chart reference (synced from `consul-k8s`, see
hashicorp/consul-k8s#2583) and the docs on using `externalServers`.
* fix typos and update ecs compat table
* real info for the ecs compat matrix table
* Update website/content/docs/ecs/compatibility.mdx
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
---------
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
* Add FIPS reference to consul enterprise docs
* Update website/content/docs/enterprise/index.mdx
Co-authored-by: David Yu <dyu@hashicorp.com>
* remove support for ecs client (fips)
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
### Description
<!-- Please describe why you're making this change, in plain English.
-->
- Add jwt-provider docs for jwks cluster configuration. The
configuration was added here:
https://github.com/hashicorp/consul/pull/17978
* Docs for dataplane upgrade on k8s
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Static DNS lookups, in addition to explicitly targeting a datacenter,
can target a cluster peer. This was added in 95dc0c7b30 but didn't make the documentation.
The driving function for the change is `parseLocality` here: 0b1299c28d/agent/dns_oss.go (L25)
The biggest change in this is to adjust the standard lookup syntax to tie
`.<datacenter>` to `.dc` as required-together, and to append in the similar `.<cluster-peer>.peer` optional argument, both to A record and SRV record lookups.
Co-authored-by: David Yu <dyu@hashicorp.com>