Nathan Coleman
f42f0fbe5f
Add note about expected status for invalid CertificateRef
2022-06-15 15:46:46 -04:00
R.B. Boyer
201d1458c3
xds: mesh gateways now have their own leaf certificate when involved in a peering ( #13460 )
...
This is only configured in xDS when a service with an L7 protocol is
exported.
They also load any relevant trust bundles for the peered services to
eventually use for L7 SPIFFE validation during mTLS termination.
2022-06-15 14:36:18 -05:00
Jeff Boruszak
343586e847
Update website/data/docs-nav-data.json
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:26:54 -05:00
Jeff Boruszak
611ad5016e
Update website/content/docs/connect/cluster-peering/index.mdx
2022-06-15 14:26:40 -05:00
Jeff Boruszak
40e5d8b0ae
Apply suggestions from code review
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:23:18 -05:00
boruszak
3e21f554ef
Limitations -> Constraints
2022-06-15 14:21:58 -05:00
Jeff Boruszak
e79aa5474f
Apply suggestions from code review
...
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-15 14:19:03 -05:00
boruszak
2bc2f08d1d
typo fix
2022-06-15 14:08:34 -05:00
boruszak
ef4d603972
Switch fronend-service and backend-service
2022-06-15 14:07:56 -05:00
Jeff Boruszak
96fb08ef61
Apply suggestions from code review
2022-06-15 14:04:52 -05:00
Jeff Boruszak
e1277973aa
Apply suggestions from code review
...
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:01:34 -05:00
Jeff Boruszak
fd81c4a412
Apply suggestions from code review
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-06-15 13:56:55 -05:00
boruszak
e1b3cfc9a9
peering_token.json addition
2022-06-15 13:55:53 -05:00
Daniel Upton
72cdb203dc
docs: instructions for interacting with the private gRPC server locally
2022-06-15 18:26:58 +01:00
Riddhi Shah
411edc876b
[OSS] Support merge-central-config option in node services list API ( #13450 )
...
Adds the merge-central-config query param option to the /catalog/node-services/:node-name API,
to get a service definition in the response that is merged with central defaults (proxy-defaults/service-defaults).
Updated the consul connect envoy command to use this option when
retrieving the proxy service details so as to render the bootstrap configuration correctly.
2022-06-15 08:30:31 -07:00
Eric Haberkorn
0a9c1c0649
Lambda Beta Documentation ( #13426 )
...
* Document the `enable_serverless_plugin` Agent Configuration Option (#13372 )
* Initial AWS Lambda documentation (#13245 )
2022-06-15 11:14:16 -04:00
cskh
76855e20a0
Load test, upgrade packer version, fix k6s installation ( #13382 )
...
- fix sg: need remote access to test server
- Give the load generator a name
- Update loadtest hcl filename in readme
- Add terraform init
- Disable access to the server machine by default
2022-06-15 09:29:38 -04:00
Jared Kirschner
2743c1b950
Merge branch 'main' into jkirschner-hashicorp-patch-3
2022-06-15 00:06:40 -04:00
Jared Kirschner
226d089894
Merge pull request #13353 from hashicorp/jkirschner-hashicorp-patch-1
...
docs: show HCP Consul supports CTS enterprise
2022-06-15 00:05:30 -04:00
Jeff Boruszak
993cd2f3bc
Apply suggestions from code review
...
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:34:21 -05:00
Evan Culver
7f8c650d61
connect: Use Envoy 1.22.2 instead of 1.22.1 ( #13444 )
2022-06-14 15:29:41 -07:00
Jeff Boruszak
034861119a
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
...
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:29:30 -05:00
Jeff Boruszak
811674d526
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
2022-06-14 17:28:06 -05:00
Jeff Boruszak
92d655e83d
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
...
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:27:03 -05:00
Jeff Boruszak
f0737c97dd
Update website/content/docs/connect/cluster-peering/index.mdx
...
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:23:07 -05:00
boruszak
3141469ef7
Cluster Peering on Kubernetes page creation
2022-06-14 17:15:14 -05:00
boruszak
d2f0ddf8f6
Nav.json updates
2022-06-14 17:14:34 -05:00
boruszak
b8ad96b516
Removing k8s updates on this branch
2022-06-14 17:12:45 -05:00
boruszak
62d1f949e5
Updated nav.json
2022-06-14 17:01:48 -05:00
Freddy
039cfec840
Merge pull request #13445 from hashicorp/peering/finalize-deletions
2022-06-14 15:58:44 -06:00
boruszak
740246797b
<CodeBlockConfig> fixes
2022-06-14 16:58:07 -05:00
boruszak
c5b5a6ee76
Code Block fixes
2022-06-14 16:55:25 -05:00
freddygv
f3843809da
Avoid deleting peerings marked as terminated.
...
When our peer deletes the peering it is locally marked as terminated.
This termination should kick off deleting all imported data, but should
not delete the peering object itself.
Keeping peerings marked as terminated acts as a signal that the action
took place.
2022-06-14 15:37:09 -06:00
freddygv
6453375ab2
Add leader routine to clean up peerings
...
Once a peering is marked for deletion a new leader routine will now
clean up all imported resources and then the peering itself.
A lot of the logic was grabbed from the namespace/partitions deferred
deletions but with a handful of simplifications:
- The rate limiting is not configurable.
- Deleting imported nodes/services/checks is done by deleting nodes with
the Txn API. The services and checks are deleted as a side-effect.
- There is no "round rate limiter" like with namespaces and partitions.
This is because peerings are purely local, and deleting a peering in
the datacenter does not depend on deleting data from other DCs like
with WAN-federated namespaces. All rate limiting is handled by the
Raft rate limiter.
2022-06-14 15:36:50 -06:00
boruszak
923b7d0db6
Cluster Peering on Kubernetes initial draft
2022-06-14 16:33:29 -05:00
Nathan Coleman
5e9e1fb70f
Indent points specific to xRoute backend references
2022-06-14 17:27:02 -04:00
boruszak
be152b25c4
Cluster Peering on Kubernetes page creation
2022-06-14 16:15:57 -05:00
Evan Culver
ba6136eb42
connect: Update Envoy support matrix to latest patch releases ( #13431 )
2022-06-14 13:19:09 -07:00
Nathan Coleman
975a5e4b1f
Add docs for ReferencePolicy as it applies to Gateways
2022-06-14 15:11:28 -04:00
alex
a0a49ce2a6
peering: intentions list test ( #13435 )
2022-06-14 10:59:53 -07:00
Kyle Schochenmaier
765eb0453f
[docs] update terminating gateway docs for trust store path ( #13432 )
...
* update terminating gateway docs for trust store
* Update website/content/docs/k8s/connect/terminating-gateways.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-14 12:29:33 -05:00
Jeff Boruszak
fb916e999b
Fixing double-ticks `
2022-06-14 10:00:22 -05:00
Jeff Boruszak
c39bf49eab
Added nav data
2022-06-13 17:27:11 -05:00
boruszak
084dc1c6e5
Removing Kubernetes page - will submit separate PR for timing reason
2022-06-13 16:47:47 -05:00
boruszak
b0430df680
Typo fix
2022-06-13 16:42:29 -05:00
boruszak
61f60ceb4f
Create and Manage Peering Connections additional fixes
2022-06-13 16:38:44 -05:00
Sarah Alsmiller
a9c25eb417
light restructureing/fixed some copypasta
2022-06-13 16:16:45 -05:00
boruszak
ebe0f5408d
What is Cluster Peering? additional fixes
2022-06-13 16:06:29 -05:00
Sarah Alsmiller
ba7115a1df
updated referencepolicy to referencegrant, added v0.3.0 upgrade instructions
2022-06-13 16:05:21 -05:00
boruszak
0ddcd78ec1
Create and Manage Peering Connections page
2022-06-13 14:24:02 -05:00