65cb869c5b
proposed language about why there is no <CE>.meta.partition field
2022-01-03 14:40:03 -08:00
2f4fae73d1
Merge branch 'docs/service-mesh-config-entries-add-partitions--1.11.0' of github.com:hashicorp/consul into docs/service-mesh-config-entries-add-partitions--1.11.0
...
updating local with GH comments
2022-01-03 11:32:34 -08:00
5a25979d0b
Apply suggestions from code review
...
typos and minor corrections
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-01-03 11:32:14 -08:00
69c19ca9fc
Fix typo, Layer 7 is application layer not network
2021-12-22 15:13:56 -08:00
885937c14c
Merge branch 'main' of github.com:hashicorp/consul into docs/service-mesh-config-entries-add-partitions--1.11.0
...
pulling main into the this branch
2021-12-22 13:12:08 -08:00
a08f294602
Merge pull request #11859 from hashicorp/docs/service-mesh-gateways-clarification-for-1.11.0
...
clarify mesh gateway docs use cases; include admin partition flow
2021-12-22 11:56:11 -08:00
52f429db26
fixed bad md syntax
2021-12-22 11:40:26 -08:00
e5b3be0597
applied feedback
2021-12-22 11:18:06 -08:00
85e86bd316
updated configuration entry params for admin partitions 1.11
2021-12-20 16:30:39 -08:00
bd011ab7b6
docs: ExportedServices YAML correction ( #11883 )
...
* docs: ExportedServices YAML correction
* Add enterprise alert to CRD index
2021-12-17 11:29:10 -08:00
300daff089
additional clarification on upstream configurations for x-dc and x-partition traffic
2021-12-17 09:46:50 -08:00
40d97ca926
docs: fix ExportedServices typo on example
...
Fix typlo
2021-12-17 09:39:55 -08:00
b272e8517d
add enterprise inline
2021-12-16 20:23:03 -08:00
72412ca910
docs: add exported services to overview
2021-12-16 20:20:11 -08:00
8bcdb6dfa2
docs: ExportedServices CRD typo and change heading for services ( #11845 )
2021-12-15 15:51:24 -08:00
bcfff8fde4
clarify mesh gateway docs use cases; include admin partition flow
2021-12-15 13:11:52 -08:00
f76fc6cabe
docs: Update discovery chain compilation results with partition fields ( #11835 )
2021-12-14 15:37:34 -05:00
f4010065a7
docs: Update exported-services page to include required Name field
2021-12-14 12:10:30 -08:00
131897bff6
Merge pull request #11164 from hashicorp/docs/ingress-sds
...
Document SDS for ingress gateways
2021-12-14 17:32:40 +00:00
e91509383f
Clean up additional refs to partition exports
2021-12-04 15:16:40 -07:00
09cdeae13c
Move exported-services docs based on new name
2021-12-03 17:47:32 -07:00
ed6076db26
Rename partition-exports to exported-services
...
Using a name less tied to partitions gives us more flexibility to use
this config entry in OSS for exports between datacenters/meshes.
2021-12-03 17:47:31 -07:00
1d85afeed4
Reformatting suggestions from review
2021-12-01 15:35:24 +00:00
d5a93d6b88
Apply suggestions from code review
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-12-01 15:13:40 +00:00
46849a63f9
Apply suggestions from code review
...
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-12-01 15:13:40 +00:00
fcfedfdb5d
Add documentation for SDS support in ingress gateways.
2021-12-01 15:13:40 +00:00
b5c8af4580
ui: Add `Service.Partition` as available variable for dashboard urls ( #11654 )
2021-12-01 11:05:57 +00:00
cef938e620
Merge pull request #11558 from hashicorp/docs/admin-partitions-service-exports-configuration-entry
...
Admin partition docs: cross-partition support beta2/3
2021-11-30 11:22:30 -08:00
0fb360211a
addtional feedback; added PartitionExports to CRDs section
2021-11-30 11:18:12 -08:00
632e4bd35c
applied additional feedback
2021-11-29 13:28:05 -08:00
29c791c90e
docs: Notes about WAN Federation when using Vault as Connect CA ( #11143 )
...
* docs: Notes about WAN Federation when using Vault as Connect CA
* Apply suggestions from code review
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
* Update website/content/docs/connect/ca/vault.mdx
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
* Update website/content/docs/connect/ca/vault.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Update website/content/docs/connect/ca/vault.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Update vault.mdx
* Update vault.mdx
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-11-29 12:37:14 -08:00
d4cbe68913
docs: updated proxy page to use new codeblock
2021-11-18 18:17:38 -07:00
0ee456649f
connect: Support auth methods for the vault connect CA provider ( #11573 )
...
* Support vault auth methods for the Vault connect CA provider
* Rotate the token (re-authenticate to vault using auth method) when the token can no longer be renewed
2021-11-18 13:15:28 -07:00
e4d89b4214
fixed typo and added link from partition exports to admin partitions section
2021-11-17 08:50:07 -08:00
6b8225c6f1
fixed bad links
2021-11-16 12:05:18 -08:00
e2ac4c8a30
added link to agent configuration from partition exports in usage section
2021-11-16 10:53:07 -08:00
756e65cbcb
applied freddy's feedback
2021-11-16 10:44:21 -08:00
91e44f488d
Adding partition exports configuraiton entry details, upstream config, acl impact
2021-11-13 18:52:58 -08:00
caf850e135
first commit for cross-partition support - partition exports section
2021-11-11 18:43:57 -08:00
b8e11507b1
Merge pull request #11543 from hashicorp/envoy-token
...
docs: added more information to help endusers with proxies and ACL
2021-11-11 08:37:12 -08:00
f1b4a10c83
Update website/content/docs/connect/proxies/integrate.mdx
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-11-11 08:05:45 -08:00
42ab9e8aa4
Update website/content/docs/connect/ca/vault.mdx
...
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-11-10 13:03:28 -08:00
50ff9e8a6e
docs: added more information to help endusers with proxies and ACL tokens
2021-11-10 08:52:44 -07:00
5644edae5c
docs: added link to the Learn tutorial in Vault CA integration page
2021-11-10 07:30:12 -07:00
5e7eb85f2a
Fix caveat about resolvers operating at L4 ( #11497 )
...
Service resolvers can specify L4 rules such as redirects, or L7 rules such as
hash-based load balancing policies.
2021-11-08 07:11:36 -07:00
efe4b21287
Support Vault Namespaces explicitly in CA config ( #11477 )
...
* Support Vault Namespaces explicitly in CA config
If there is a Namespace entry included in the Vault CA configuration,
set it as the Vault Namespace on the Vault client
Currently the only way to support Vault namespaces in the Consul CA
config is by doing one of the following:
1) Set the VAULT_NAMESPACE environment variable which will be picked up
by the Vault API client
2) Prefix all Vault paths with the namespace
Neither of these are super pleasant. The first requires direct access
and modification to the Consul runtime environment. It's possible and
expected, not super pleasant.
The second requires more indepth knowledge of Vault and how it uses
Namespaces and could be confusing for anyone without that context. It
also infers that it is not supported
* Add changelog
* Remove fmt.Fprint calls
* Make comment clearer
* Add next consul version to website docs
* Add new test for default configuration
* go mod tidy
* Add skip if vault not present
* Tweak changelog text
2021-11-05 11:42:28 -05:00
fdb0ee6093
change vault ca docs to mention root cert ttl config ( #11488 )
...
Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>
2021-11-04 15:44:22 -07:00
9b680b3f81
Add quick-link for users coming from UI ( #11403 )
...
The Consul UI topology view has an icon with the text
"Configure metrics dashboard" that links to this page. Add a notice at
the top of the page that links them directly to the relevant section.
2021-11-03 09:37:30 -07:00
7eb32cdb73
Remove Name/Namespace fields from upstream default ( #11456 )
...
The UpstreamConfig.Defaults field does not support setting Name or
Namespace because the purpose is to apply defaults to all upstreams.
I think this was just missed in the docs since those fields would
error if set under Defaults.
i.e. this is not supported:
```
UpstreamConfig {
Defaults {
Name = "foo"
Namespace = "bar"
# Defaults config here
}
}
```
2021-11-02 14:21:15 -07:00
bec08f4ec3
connect: Add support for Envoy 1.20 ( #11277 )
2021-10-27 18:38:10 -07:00
99ab4f98d4
docs: Mesh gateway requires 1.6.0 *or newer* ( #11333 )
...
* 1.6.0 or newer
* Update website/content/docs/connect/gateways/mesh-gateway/index.mdx
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2021-10-18 17:11:00 -07:00
6c6c75707c
Merge pull request #11037 from hashicorp/docs/mesh-header-manip
...
Document HTTP Header manipulation options added in #10613
2021-10-08 13:11:44 +01:00
3da2fbdc63
Wording improvements from review
2021-10-08 12:26:11 +01:00
9b73e7319d
Merge branch 'main' into eculver/envoy-1.19.1
2021-09-28 15:58:20 -07:00
d9e78cd3e8
Merge pull request #11167 from hashicorp/add-cross-dc-comm-model-visual
...
Improve mesh gateway diagram
2021-09-28 13:19:18 -04:00
98f53e913f
Improve mesh gateway diagram
...
Diagram now shows all possible cross-DC communication models supported by mesh
gateways for both the control and data planes.
2021-09-28 09:56:05 -07:00
1a611f0c1b
Apply suggestions from code review
...
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-28 17:19:13 +01:00
e3248c20c9
agent: Clean up unused built-in proxy config ( #11165 )
2021-09-28 11:29:10 -04:00
020e2692da
Merge pull request #10725 from hashicorp/banks-patch-3
...
Call out the incompatibility of wildcards and L7 permissions
2021-09-28 13:51:41 +01:00
fe92cf7cb6
Document HTTP Header manipulation options added in #10613
2021-09-27 14:46:15 +01:00
f7380461c7
update docs to indicate support for envoy 1.19.1 in Consul 1.11.x
2021-09-22 10:57:22 -07:00
4b966094ff
website: fixup incorrect markdown syntax ( #11015 )
2021-09-13 10:36:34 -04:00
c118e51d5c
Apply suggestions from code review
...
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-09-10 21:29:43 +01:00
fd259db9fb
Document how to make namespace wildcard intentions. ( #10724 )
...
* Update intentions.mdx
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-09-10 21:25:09 +01:00
8d83d27674
connect: update envoy supported versions to latest patch release
...
(#10961 )
Relevant advisory:
https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8h
2021-08-31 10:39:18 -06:00
329ec62582
doc: remove sentence that tproxy works cross-DC with config entries. ( #10885 )
...
It can only work if there is a running service instance in the local DC,
so this is a bit misleading, since failover and redirects are typically
used when there is not an instance in the local DC.
2021-08-23 12:14:28 -07:00
e62b1d05d8
docs: Add common CA config options to provider doc pages ( #10842 )
...
Add the list of common Connect CA configuration options to the
provider-specific CA docs.
Previously these options were only documented under the agent
configuration options. This change makes it so that all supported CA
provider configuration options are available from a single location.
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-08-19 11:18:55 -07:00
97b4fdff0d
Document possible risk w.r.t exposing the admin API in Envoy ( #10817 )
...
Add a section to the Connect Security page which highlights the risks
of exposing Envoy's administration interface outside of localhost.
Resolves #5692
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
2021-08-13 10:05:29 -07:00
8aa89c2c12
docs: Clarify ingress gateway's -address flag ( #10810 )
...
Clarify the function of `-address` flag when instantiating an ingress
gateway.
Resolves #9849
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-08-12 14:56:07 -07:00
8f5e2a440b
docs: remove note on ingress gateway hosts field needing a port number ( #10827 )
...
This was necessary in older versions of Consul, but was obsoleted by
making Consul add the port number itself when constructing the Envoy
configuration.
2021-08-11 16:36:57 -05:00
99b1d8ed8c
docs: Update code blocks across website
...
* Use CodeTabs for examples in multiple formats.
* Ensure correct language on code fences.
* Use CodeBlockConfig for examples with filenames, or which need
highlighted content.
2021-08-11 13:20:03 -07:00
3363da7d35
docs: Add JSON examples to all config entries
...
This commit adds example JSON configs for several config entry
resources were missing examples in this language.
The examples have been updated to use the new CodeTabs resource
instead of the Tab component.
2021-08-10 15:34:28 -07:00
9e348edfaf
Merge branch 'main' into docs-envoy-proxy-breaks-when-enabling-tls
2021-08-09 14:57:29 -07:00
ec7526caaa
Update website/content/docs/connect/proxies/envoy.mdx
...
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-09 13:36:28 -07:00
7d00adb824
Update website/content/docs/connect/proxies/envoy.mdx
...
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-09 13:36:07 -07:00
3fabe18acd
docs: adding env var info, resolves #7926
2021-08-09 13:14:02 -07:00
c5824a834b
Merge pull request #10763 from hashicorp/docs-proxy-integration-improvements
...
general language and readability improvements to proxy integration docs
2021-08-04 14:36:47 -07:00
5913aca502
Applying more feedback from @black and @karl-cardenas-coding
2021-08-04 14:02:42 -07:00
8ec29432d2
Applying feedback from @blake
2021-08-04 11:29:21 -07:00
ee1de179ed
Update website/content/docs/connect/proxies/integrate.mdx
...
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-04 10:44:06 -07:00
31b9058602
general language and readability improvements to proxy integration docs
2021-08-03 15:56:56 -07:00
734fd1949f
docs: Note proxy-defaults can globally set service protocol ( #10649 )
...
Add a note to the docs for the service defaults config entry which
informs users that the service protocol can be configured for all
services using the proxy defaults config entry.
Resolves #8279
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2021-08-02 13:23:58 -07:00
260364bb04
Call out the incompatibility of wildcards and L7 permissions
2021-07-29 11:58:21 +01:00
b408bcfa39
Update vault.mdx ( #10679 )
2021-07-26 09:16:00 -07:00
832896ed11
docs: Fix spelling errors across website
2021-07-19 14:29:54 -07:00
fc411b2313
docs: Update docs to reflect limitation in TProxy when using single Consul DC deployment with multiple k8s clusters ( #10549 )
...
* docs: Update to reflect single Consul DC deployment with multiple k8s clusters
2021-07-08 10:44:29 -07:00
2c4f22a9f0
Merge pull request #10552 from hashicorp/dnephin/ca-remove-rotation-period
...
ca: remove unused RotationPeriod field
2021-07-06 18:49:33 -04:00
5f73de6fbc
Merge pull request #10560 from jkirschner-hashicorp/change-sane-to-reasonable
...
Replace use of 'sane' where appropriate
2021-07-06 11:46:04 -04:00
3a045cca8d
ca: remove unused RotationPeriod field
...
This field was never used. Since it is persisted as part of a map[string]interface{} it
is pretty easy to remove it.
2021-07-05 19:15:44 -04:00
bd536151e1
Replace use of 'sane' where appropriate
...
HashiCorp voice, style, and language guidelines recommend avoiding ableist
language unless its reference to ability is accurate in a particular use.
2021-07-02 12:18:46 -04:00
fa5d627014
Merge pull request #10527 from hashicorp/rename-main-branch
...
Update references to the main branch
2021-06-30 13:07:09 -04:00
68c4c232a1
docs: Document setting dashboard_url on k8s ( #10510 )
...
It's tricky because the `{{` needs to be escaped with Helm.
2021-06-30 09:16:38 -07:00
4d741531b4
Update references to the main branch
...
The main branch is being renamed from master->main. This commit should
update all references to the main branch to the new name.
Co-Authored-By: Mike Morris <mikemorris@users.noreply.github.com>
2021-06-29 17:17:38 -04:00
8dae08e30e
Fix service splitter example weight sum
...
Weight sum must be equal to 100.
2021-06-29 07:01:55 -04:00
7962dd82f1
docs - Adding Mesh as CRD in Consul K8s ( #10459 )
...
* docs - Adding Mesh as CRD in Consul K8s
* Removing extra left brace in ServiceDefaults
2021-06-22 19:18:13 -07:00
1dcdd2516c
Update config entry docs for CRDs ( #10407 )
...
* Update mesh, proxy-defaults and service-defaults docs to properly
document Kubernetes YAML.
Co-authored-by: David Yu <dyu@hashicorp.com>
2021-06-22 16:56:53 -07:00
b72ad40286
docs: upgrading to tproxy (/docs/upgrades/upgrade-specific) ( #10416 )
...
* docs: update tproxy docs
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2021-06-22 16:41:08 -07:00
7494b25c1e
docs: update tproxy docs (/docs/connect/transparent-proxy) ( #10415 )
...
* docs: update tproxy docs
* add examples
* links
2021-06-22 16:29:52 -07:00
d9add7c2c3
docs: Remove beta tag for 1.10 features
...
Remove beta tag for 1.10 features which are now GA.
2021-06-22 16:22:50 -07:00
24a9402390
docs: mention that service defaults upstream config sections should not contain wildcards ( #10451 )
2021-06-22 10:57:03 -05:00
trujillo-adam
trujillo-adam
saurabh-sp-tripathi
David Yu
Chris S. Kim
Kyle Havlovitz
Paul Banks
freddygv
Paul Banks
John Cowen
Karl Cardenas
Iryna Shustava
Freddy
Connor
FFMMM
Luke Kysow
Evan Culver
Andy Assareh
Evan Culver
Jared Kirschner
Jared Kirschner
Kyle MacDonald
Nitya Dhanushkodi
Blake Covarrubias
Chris Piraino
Fabio Lichinchi
Daniel Nephin
R.B. Boyer