* Made changes based on Adams suggestions
* updating list layout in systems integration guide. updating wan federation docs.
* fixing env vars on systems integration page
* fixing h3 to h2 on enterprise license page
* Changed `The following steps will be performed` to `Complete the following steps`
* Replaced `These steps will be repeated for each datacenter` with `Repeat the following steps for each datacenter in the cluster`
* Emphasizing that kv2 secrets only need to be stored once.
* Move the sentence indicating where the vault path maps to the helm chart out of the -> Note callout
* remaining suggestions
* Removing store the secret in Vault from server-tls page
* Making the Bootstrapping the Server PKI Engine sections the same on server-tls and webhook-cert pages
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Updating VAULT_ADDR on systems-integration to get it out of the shell.
* Updating intro paragraph of Overview on systems-integration.mdx to what Adamsuggested.
* Putting the GKE, AKS, AKS info into tabs on the systems integration page.
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Docs - k8s - Webhook Certs on Vault
* Adding webhook certs to data-integration overview page
* marking items as code
* Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Updating prerequisites intro
* Updating prerequisites intro
* Updating `Create a Vault auth roles that link the policy to each Consul on Kubernetes service account that requires access` to `Link the Vault policy to Consul workloads`
* changing `Configure the Vault Kubernetes auth role in the Consul on Kubernetes helm chart` to `Update the Consul on Kubernetes helm chart`.
* Changed `Create a Vault PKI role that establishes the domains that it is allowed to issue certificates for` to `Configure allowed domains for PKI certificates`
* Moved `Create a Vault policy that authorizes the desired level of access to the secret` to the Set up per Consul Datacenter section
* Update website/content/docs/k8s/installation/vault/data-integration/webhook-certs.mdx
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* Moving Overview above Prerequisites. Adding sentence where missing after page title.
* Moving Overview above Prerequisites for webhook certs page.
* fixing the end of the overview section that was not moved.
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* update docs for single-dc-multi-k8s install
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* Adding documentation for WAN Federation with Vault as a secrets backend
* Reformatting systems integration
* fixing spacing and typos
* Fixing link to createFederactionSecret helm chart value
* More revisions in the Systems Integration section
* Systems Integration - fixing brok shell-session and adding paragraph.
* More formatting in data integration section
* Formatting consul config sections
* Fixing verbiage near helm installations.
* Changing refence to dc1 and dc2 to be primary datacenter(dc1) and secondary dataceneter (dc2)
* Apply suggestions from code review
Co-authored-by: Karl Cardenas <kcardenas@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
* fixing missing s in Kubernetes
* Providing reason in Usage section as to why someone would look at the Systems and Data Integration sections of the vault docs
* fixing highlighted linenumbers that got through off by deleting the comment line at the beginning.
* fixing indentation within order lists
* Add a validation step to the next steps section.
* making the data integration sections for dc1 and dc2 symmetrical
* PR Feedback
* Adding images
* Remove confusing references to Systems Integration and Data Integration pages.
* Updating images to be centered
* Removed confusing reference to federation secret.
Co-authored-by: Karl Cardenas <kcardenas@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
* docs: Updating Gossip EncryptionKey Rotation page with Vault use case
* Adding a note to the vault instructions linking to the gossip key encryption using Vault page.
* Correcting Vault guide for storing the rotated gossip key.
* adding $ to shell sessions where it is missing on the gossip rotation page
* adding $ to more shell sessions where it is missing on the gossip rotation page
* k8s docs - ACLs refactor - Updating terminating gateway documentation to call out updating the role rather than the token with the policy
* Modifying role and policy names based on naming convention change.
The list of supported annotations for Consul service mesh were moved
from /docs/k8s/connect to /docs/k8s/annotations-and-labels in PR
#12323.
This commit updates various across the site to point to the new
URL for these annotations.
* Updating helm docs with additionalVault and ACLs refactor funtionality.
* PR Feedback corrections.
- Fix indentation.
- Fix description of secretName and secretKey to be consistent
- Change description of manageACLsRole to be more clear.
- Make the added vault role field descriptions consistent
* PR Feedback - correcting description for adminPartitionsRole
* Fixing broken shell sessions
* Fixing broken shell sessions by changing shell-session tobecloser tocomment marker
Introduces the capability to configure TLS differently for Consul's
listeners/ports (i.e. HTTPS, gRPC, and the internal multiplexed RPC
port) which is useful in scenarios where you may want the HTTPS or
gRPC interfaces to present a certificate signed by a well-known/public
CA, rather than the certificate used for internal communication which
must have a SAN in the form `server.<dc>.consul`.
Thomas Eckert
DanStough
Jared Kirschner
Nitya Dhanushkodi
Ashwin Venkatesh
David Yu
Jeff Boruszak
Iryna Shustava
NicoletaPopoviciu
Ranjandas
John Murret
Kyle Havlovitz
Kyle Schochenmaier
Tu Nguyen
Luke Kysow
Adrian Todorov
Blake Covarrubias
Andrew Stucki
Karl Cardenas
Natalie Smith
Eric Haberkorn
Eric
Bryce Kalow
Dan Upton
mrspanishviking
trujillo-adam