Commit Graph

923 Commits

Author SHA1 Message Date
Mike Morris 7cb9bfdfa9
website(api-gateway): add common errors page (#12643)
* Adding common errors page for API Gateway

* website(api-gateway): add missing CRDs common error message

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>

* Update website/content/docs/api-gateway/common-errors.mdx

* Additional page editing instructions and formating

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

* Update website/content/docs/api-gateway/common-errors.mdx

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff-Apple <79924108+Jeff-Apple@users.noreply.github.com>
Co-authored-by: Nathan Coleman <nathandanielcoleman@gmail.com>
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-03-30 16:05:00 -04:00
R.B. Boyer e79ce8ab03
xds: adding control of the mesh-wide min/max TLS versions and cipher suites from the mesh config entry (#12601)
- `tls.incoming`: applies to the inbound mTLS targeting the public
  listener on `connect-proxy` and `terminating-gateway` envoy instances

- `tls.outgoing`: applies to the outbound mTLS dialing upstreams from
  `connect-proxy` and `ingress-gateway` envoy instances

Fixes #11966
2022-03-30 13:43:59 -05:00
Matt Keeler 15ddbbc686
Update raft-boltdb to pull in new writeCapacity metric (#12646) 2022-03-30 11:38:44 -04:00
R.B. Boyer ac5bea862a
server: ensure that service-defaults meta is incorporated into the discovery chain response (#12511)
Also add a new "Default" field to the discovery chain response to clients
2022-03-30 10:04:18 -05:00
Mike Morris 885edde8c1
website(api-gateway): add consul namespace to helm install (#12644)
* website: api-gateway helm install consul namespace

To mirror instructions at https://learn.hashicorp.com/tutorials/consul/kubernetes-api-gateway

* website(api-gateway): add notes on where to find available versions

* website(api-gateway): fixup link to more clearly indicate Consul Helm chart releases

* Update website/content/docs/api-gateway/api-gateway-usage.mdx
2022-03-29 17:36:21 -04:00
Michele Degges 535edfa247
[RelAPI Onboarding] Add release API metadata file (#12591) 2022-03-28 13:45:53 -07:00
mrspanishviking 7da80ddbb4
Merge pull request #12595 from hashicorp/k8s-cli-install
docs: add link to k8s cli install page
2022-03-25 14:09:39 -07:00
Luke Kysow c8cdebd9cc
Update consul-enterprise.mdx (#12622) 2022-03-25 13:00:14 -07:00
Mike Morris f8a2ae2606
agent: convert listener config to TLS types (#12522)
* tlsutil: initial implementation of types/TLSVersion

tlsutil: add test for parsing deprecated agent TLS version strings

tlsutil: return TLSVersionInvalid with error

tlsutil: start moving tlsutil cipher suite lookups over to types/tls

tlsutil: rename tlsLookup to ParseTLSVersion, add cipherSuiteLookup

agent: attempt to use types in runtime config

agent: implement b.tlsVersion validation in config builder

agent: fix tlsVersion nil check in builder

tlsutil: update to renamed ParseTLSVersion and goTLSVersions

tlsutil: fixup TestConfigurator_CommonTLSConfigTLSMinVersion

tlsutil: disable invalid config parsing tests

tlsutil: update tests

auto_config: lookup old config strings from base.TLSMinVersion

auto_config: update endpoint tests to use TLS types

agent: update runtime_test to use TLS types

agent: update TestRuntimeCinfig_Sanitize.golden

agent: update config runtime tests to expect TLS types

* website: update Consul agent tls_min_version values

* agent: fixup TLS parsing and compilation errors

* test: fixup lint issues in agent/config_runtime_test and tlsutil/config_test

* tlsutil: add CHACHA20_POLY1305 cipher suites to goTLSCipherSuites

* test: revert autoconfig tls min version fixtures to old format

* types: add TLSVersions public function

* agent: add warning for deprecated TLS version strings

* agent: move agent config specific logic from tlsutil.ParseTLSVersion into agent config builder

* tlsutil(BREAKING): change default TLS min version to TLS 1.2

* agent: move ParseCiphers logic from tlsutil into agent config builder

* tlsutil: remove unused CipherString function

* agent: fixup import for types package

* Revert "tlsutil: remove unused CipherString function"

This reverts commit 6ca7f6f58d268e617501b7db9500113c13bae70c.

* agent: fixup config builder and runtime tests

* tlsutil: fixup one remaining ListenerConfig -> ProtocolConfig

* test: move TLS cipher suites parsing test from tlsutil into agent config builder tests

* agent: remove parseCiphers helper from auto_config_endpoint_test

* test: remove unused imports from tlsutil

* agent: remove resolved FIXME comment

* tlsutil: remove TODO and FIXME in cipher suite validation

* agent: prevent setting inherited cipher suite config when TLS 1.3 is specified

* changelog: add entry for converting agent config to TLS types

* agent: remove FIXME in runtime test, this is covered in builder tests with invalid tls9 value now

* tlsutil: remove config tests for values checked at agent config builder boundary

* tlsutil: remove tls version check from loadProtocolConfig

* tlsutil: remove tests and TODOs for logic checked in TestBuilder_tlsVersion and TestBuilder_tlsCipherSuites

* website: update search link for supported Consul agent cipher suites

* website: apply review suggestions for tls_min_version description

* website: attempt to clean up markdown list formatting for tls_min_version

* website: moar linebreaks to fix tls_min_version formatting

* Revert "website: moar linebreaks to fix tls_min_version formatting"

This reverts commit 38585927422f73ebf838a7663e566ac245f2a75c.

* autoconfig: translate old values for TLSMinVersion

* agent: rename var for translated value of deprecated TLS version value

* Update agent/config/deprecated.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* agent: fix lint issue

* agent: fixup deprecated config test assertions for updated warning

Co-authored-by: Dan Upton <daniel@floppy.co>
2022-03-24 15:32:25 -04:00
Jared Kirschner 9db69653e4
Merge pull request #12602 from hashicorp/jkirschner-hashicorp-patch-1
docs: make gossip threat model more visible
2022-03-23 14:54:17 -04:00
Luke Kysow f1745c25c5
Lkysow/docs updates 2 (#12604)
* Document intermediate_cert_ttl
2022-03-23 10:22:08 -07:00
Jared Kirschner 74b181018b
docs: make gossip threat model more visible 2022-03-23 11:46:56 -04:00
Karl Cardenas d6778f4e63
docs: removed the word page 2022-03-22 15:51:04 -07:00
Karl Cardenas b17b6a462a
docs: add link to k8s cli install page 2022-03-22 15:40:53 -07:00
Jared Kirschner 4f1bfeaf33
Merge pull request #12523 from Petenerd/patch-1
Update install.mdx
2022-03-22 16:43:06 -04:00
Michael Wilkerson 8178c38d9b updated docs 2022-03-21 13:01:39 -07:00
David Yu 15a2204fe4
docs: Correction on rotating gossip key order per DC (#12579)
* docs: Correction on rotating gossip key order per DC
2022-03-18 14:51:11 -07:00
David Yu a1110845df
docs: consul-k8s Change "Consul Connect Service Mesh" to "Consul Service Mesh" (#12577) 2022-03-18 12:31:29 -07:00
David Yu 55e864d125
docs: Consul K8s Overview update (#12575)
* docs: Consul K8s Overview update

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-03-18 12:01:41 -07:00
David Yu 858e05e7d7
docs: Consul Service Mesh overview - rename of title and K8s getting started (#12574)
* Consul Service Mesh overview - rename of title and K8s getting started

* reformat lines
2022-03-18 08:55:57 -07:00
Dan Upton b36d4e16b6
Support per-listener TLS configuration ⚙️ (#12504)
Introduces the capability to configure TLS differently for Consul's
listeners/ports (i.e. HTTPS, gRPC, and the internal multiplexed RPC
port) which is useful in scenarios where you may want the HTTPS or
gRPC interfaces to present a certificate signed by a well-known/public
CA, rather than the certificate used for internal communication which
must have a SAN in the form `server.<dc>.consul`.
2022-03-18 10:46:58 +00:00
Paul Glass 9140d3d1e9
Fix broken link in ECS docs 2022-03-17 14:42:49 -05:00
Jacob ee78b5a380
Update ui-visualization.mdx 2022-03-16 10:08:22 -04:00
mrspanishviking 7180c99960
Revert "[Docs] Agent configuration hierarchy " 2022-03-15 16:13:58 -07:00
trujillo-adam 4151dc097a fixing merge conflicts part 3 2022-03-15 15:25:03 -07:00
trujillo-adam 9cc9122be8 fixed merge conflicts pt2 2022-03-15 14:01:24 -07:00
trujillo-adam 76d55ac2b4 merging new hierarchy for agent configuration 2022-03-14 15:44:41 -07:00
Ashlee M Boyer b9a5e10aea
Merge pull request #12484 from hashicorp/docs-amb-fix-prometheus-link
docs: Fixing Prometheus link in docs/agent/telemetry
2022-03-11 16:37:17 -05:00
Ashlee M Boyer 70ab6215f5 Fixing Prometheus link in docs/agent/telemetry 2022-03-11 12:13:42 -08:00
Karl Cardenas 7d4ee3efae
docs: cleaned up code blocks and added two sentences to the intro 2022-03-10 07:57:39 -07:00
Kyle Schochenmaier d6792f14a3
update docs (#12543) 2022-03-09 13:24:20 -06:00
trujillo-adam c46bdbd600
Merge pull request #12460 from hashicorp/docs-day-acl-improvements
Docs day acl improvements
2022-03-08 19:34:26 -08:00
trujillo-adam b5745c1ac6 few more tweaks 2022-03-08 19:13:33 -08:00
trujillo-adam 4083ce71af
Apply suggestions from code review
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-03-08 16:02:59 -08:00
trujillo-adam 4f76c72c58
Apply suggestions from code review
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
2022-03-08 14:04:46 -08:00
Petenerd 053990097a
Update install.mdx
missing a quote escape
2022-03-04 12:24:23 -05:00
Karl Cardenas 99a50b9ca1
docs: replaced ceiling with the word max 2022-03-04 09:26:13 -07:00
Karl Cardenas 1de64468d9
docs: updated the text based on feedback from PM 2022-03-04 09:21:59 -07:00
Karl Cardenas c8badedbf7
docs: adding text for maximum number of admin partitions 2022-03-04 09:08:33 -07:00
Blake Covarrubias 9a0c2dee60
docs: Update Kubernetes YAML examples in UI visualization (#12419)
* Update Kubernetes related YAML config examples to document supported
syntax in the latest version of the Helm chart.
* Fix syntax in JSON example configs.

Resolves #12403

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-03-03 21:31:57 -08:00
Blake Covarrubias 96b47aee79 docs: Clarify configuration options apply to agent
Recently there have been a handful of GitHub issues and Discuss posts
where users have expected the `consul` CLI to make use of config
options defined in the agent configuration files, and are confused
when it does not honor those config options.

This change clarifies that command-line and configuration file options
documented on the /agent/options page only apply to the Consul agent,
instead of the Consul CLI.
2022-03-03 11:30:20 -08:00
David Yu e6e168b3e6
docs: Envoy 'compatibility' typo (#12513) 2022-03-03 10:50:56 -08:00
David Yu fb18aa5529
docs: bump Envoy for 1.10.x (#12472)
* docs: bump Envoy for 1.10.x

* update security notes and remove previous versions older than n-2

Envoy 1.9.0 and older have last vulnerability.

* Update envoy.mdx

* Update envoy.mdx

* Update envoy.mdx

* Update envoy.mdx

* formatting

* Update website/content/docs/connect/proxies/envoy.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

* Update website/content/docs/connect/proxies/envoy.mdx

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-03-03 10:34:30 -08:00
Petenerd 165089eab2
Update install.mdx
missing comma
2022-03-03 11:37:18 -05:00
David Yu c8865be799
docs: consul-k8s service mesh overview - move verification section (#12500) 2022-03-03 08:11:28 -08:00
Luke Kysow 16085d7eee
Update exported-services.mdx (#12499) 2022-03-02 15:57:58 -08:00
trujillo-adam ed4f66b4d7 added some ACL example use cases to policy section 2022-03-01 16:48:35 -08:00
Eddie Rowe 28c78c52a2 Remove deprecated built-in proxy tutorial reference 2022-03-01 14:35:28 -06:00
trujillo-adam e9a42df7c7 renamed acl-overview to index, fixed formatting, reworded node/service ID intros 2022-03-01 10:03:22 -08:00
trujillo-adam 4331a29f95
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-03-01 09:25:21 -08:00