358 Commits

Author SHA1 Message Date
boruszak
2bc2f08d1d typo fix 2022-06-15 14:08:34 -05:00
boruszak
ef4d603972 Switch fronend-service and backend-service 2022-06-15 14:07:56 -05:00
Jeff Boruszak
96fb08ef61
Apply suggestions from code review 2022-06-15 14:04:52 -05:00
Jeff Boruszak
e1277973aa
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-06-15 14:01:34 -05:00
Jeff Boruszak
fd81c4a412
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2022-06-15 13:56:55 -05:00
boruszak
e1b3cfc9a9 peering_token.json addition 2022-06-15 13:55:53 -05:00
Jared Kirschner
2743c1b950
Merge branch 'main' into jkirschner-hashicorp-patch-3 2022-06-15 00:06:40 -04:00
Jeff Boruszak
993cd2f3bc
Apply suggestions from code review
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:34:21 -05:00
Evan Culver
7f8c650d61
connect: Use Envoy 1.22.2 instead of 1.22.1 (#13444) 2022-06-14 15:29:41 -07:00
Jeff Boruszak
034861119a
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2022-06-14 17:29:30 -05:00
Jeff Boruszak
811674d526
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx 2022-06-14 17:28:06 -05:00
Jeff Boruszak
92d655e83d
Update website/content/docs/connect/cluster-peering/create-manage-peering.mdx
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:27:03 -05:00
Jeff Boruszak
f0737c97dd
Update website/content/docs/connect/cluster-peering/index.mdx
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2022-06-14 17:23:07 -05:00
boruszak
3141469ef7 Cluster Peering on Kubernetes page creation 2022-06-14 17:15:14 -05:00
boruszak
b8ad96b516 Removing k8s updates on this branch 2022-06-14 17:12:45 -05:00
boruszak
740246797b <CodeBlockConfig> fixes 2022-06-14 16:58:07 -05:00
boruszak
c5b5a6ee76 Code Block fixes 2022-06-14 16:55:25 -05:00
boruszak
923b7d0db6 Cluster Peering on Kubernetes initial draft 2022-06-14 16:33:29 -05:00
boruszak
be152b25c4 Cluster Peering on Kubernetes page creation 2022-06-14 16:15:57 -05:00
Evan Culver
ba6136eb42
connect: Update Envoy support matrix to latest patch releases (#13431) 2022-06-14 13:19:09 -07:00
Jeff Boruszak
fb916e999b
Fixing double-ticks ` 2022-06-14 10:00:22 -05:00
boruszak
084dc1c6e5 Removing Kubernetes page - will submit separate PR for timing reason 2022-06-13 16:47:47 -05:00
boruszak
b0430df680 Typo fix 2022-06-13 16:42:29 -05:00
boruszak
61f60ceb4f Create and Manage Peering Connections additional fixes 2022-06-13 16:38:44 -05:00
boruszak
ebe0f5408d What is Cluster Peering? additional fixes 2022-06-13 16:06:29 -05:00
boruszak
0ddcd78ec1 Create and Manage Peering Connections page 2022-06-13 14:24:02 -05:00
boruszak
de4f9bcf4a What is Cluster Peering? additional fixes 2022-06-13 13:41:57 -05:00
boruszak
4fd06dff17 What is Cluster Peering? page 2022-06-13 13:31:13 -05:00
boruszak
bb972974cb Initial page creation 2022-06-13 12:58:16 -05:00
Jared Kirschner
a9c3eebd00
docs: correct Vault CA multiple namespace support 2022-06-08 17:50:56 -04:00
Mark Anderson
ce75f486ed yUpdate website/content/docs/connect/ca/vault.mdx
Port some changes that were made to the backport branch but not in the original PR.

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-31 20:22:12 -07:00
Blake Covarrubias
9378880c42
docs: Remove unnecessary use of CodeBlockConfig (#12974)
Remove empty CodeBlockConfig elements. These elements are not
providing any benefit for the enclosed code blocks. This PR removes
the elements so so that the source is easier to read.
2022-05-11 15:37:02 -07:00
Blake Covarrubias
8edee753d1
docs: Fix spelling errors across site (#12973) 2022-05-10 07:28:33 -07:00
Mark Anderson
7eda81d00d
Update website/content/docs/connect/config-entries/mesh.mdx (#12943)
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Signed-off-by: Mark Anderson <manderson@hashicorp.com>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-05-05 10:39:53 -07:00
Mark Anderson
c6ff4ba7d8
Support vault namespaces in connect CA (#12904)
* Support vault namespaces in connect CA

Follow on to some missed items from #12655

From an internal ticket "Support standard "Vault namespace in the
path" semantics for Connect Vault CA Provider"

Vault allows the namespace to be specified as a prefix in the path of
a PKI definition, but our usage of the Vault API includes calls that
don't support a namespaced key. In particular the sys.* family of
calls simply appends the key, instead of prefixing the namespace in
front of the path.

Unfortunately it is difficult to reliably parse a path with a
namespace; only vault knows what namespaces are present, and the '/'
separator can be inside a key name, as well as separating path
elements. This is in use in the wild; for example
'dc1/intermediate-key' is a relatively common naming schema.

Instead we add two new fields: RootPKINamespace and
IntermediatePKINamespace, which are the absolute namespace paths
'prefixed' in front of the respective PKI Paths.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-04 19:41:55 -07:00
Mark Anderson
05dc5a26b7 Docs and changelog edits
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-04 08:50:59 -07:00
Mark Anderson
d7e7cb09dc Add some docs
Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-05-04 08:50:58 -07:00
Blake Covarrubias
54119f3225
docs: Add example Envoy escape hatch configs (#12764)
Add example escape hatch configurations for all supported override
types.
2022-05-02 11:25:59 -07:00
Karl Cardenas
142c0ac419
Apply suggestions from code review
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-04-26 13:12:53 -07:00
Karl Cardenas
e0e2b7b547
docs: updated connect docs and re-deploying missed changes 2022-04-25 10:04:06 -07:00
David Yu
d08b5a1832
docs: remove 1.9.x row in Envoy compatibility matrix (#12828) 2022-04-20 19:35:06 -07:00
Evan Culver
000d0621b4
connect: Add Envoy 1.22 to integration tests, remove Envoy 1.18 (#12805)
Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2022-04-18 09:36:07 -07:00
Evan Culver
881e17fae1
connect: Add Envoy 1.21.1 to support matrix, remove 1.17.4 (#12777) 2022-04-14 10:44:42 -07:00
Natalie Smith
0a51e145c1 docs: simplify agent docs slugs 2022-04-11 17:38:47 -07:00
Natalie Smith
ddae7d18a2 docs: fix external links to agent config pages 2022-04-11 17:38:11 -07:00
R.B. Boyer
25ba9c147a
xds: ensure that all connect timeout configs can apply equally to tproxy direct dial connections (#12711)
Just like standard upstreams the order of applicability in descending precedence:

1. caller's `service-defaults` upstream override for destination
2. caller's `service-defaults` upstream defaults
3. destination's `service-resolver` ConnectTimeout
4. system default of 5s

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-04-07 16:58:21 -05:00
Kyle Havlovitz
6cf22a5cef
Merge pull request #12672 from hashicorp/tgate-san-validation
Respect SNI with terminating gateways and log a warning if it isn't set alongside TLS
2022-04-05 11:15:59 -07:00
Blake Covarrubias
79144dbac6
docs: Update links to K8s service mesh annotations (#12652)
The list of supported annotations for Consul service mesh were moved
from /docs/k8s/connect to /docs/k8s/annotations-and-labels in PR
#12323.

This commit updates various across the site to point to the new
URL for these annotations.
2022-04-04 14:35:07 -07:00
Kyle Havlovitz
1a3b885027 Use the GatewayService SNI field for upstream SAN validation 2022-03-31 13:54:25 -07:00
Kyle Havlovitz
51527907ab Recommend SNI with TLS in the terminating gateway docs 2022-03-31 12:19:16 -07:00