status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. https://www.consul.io
20,198 Commits 445 Branches 179 Tags 481 MiB
Go 65.8%
MDX 16.4%
SCSS 9.4%
JavaScript 4.1%
Handlebars 1.8%
Other 2.4%
Go to file
Derek Menteer 0094dbf312
Fix incorrect protocol for transparent proxy upstreams. (#17894) 
This PR fixes a bug that was introduced in:
https://github.com/hashicorp/consul/pull/16021

A user setting a protocol in proxy-defaults would cause tproxy implicit
upstreams to not honor the upstream service's protocol set in its
`ServiceDefaults.Protocol` field, and would instead always use the
proxy-defaults value.

Due to the fact that upstreams configured with "tcp" can successfully contact
upstream "http" services, this issue was not recognized until recently (a
proxy-defaults with "tcp" and a listening service with "http" would make
successful requests, but not the opposite).

As a temporary work-around, users experiencing this issue can explicitly set
the protocol on the `ServiceDefaults.UpstreamConfig.Overrides`, which should
take precedence.

The fix in this PR removes the proxy-defaults protocol from the wildcard
upstream that tproxy uses to configure implicit upstreams. When the protocol
was included, it would always overwrite the value during discovery chain
compilation, which was not correct. The discovery chain compiler also consumes
proxy defaults to determine the protocol, so simply excluding it from the
wildcard upstream config map resolves the issue.
 		2023-07-05 09:32:10 -05:00
.changelog Fix incorrect protocol for transparent proxy upstreams. (#17894) 2023-07-05 09:32:10 -05:00
.github Revert "Add workflow to verify linux release packages (#17904)" (#17942) 2023-06-28 14:18:53 -06:00
.release Resolves issue-16844 - systemd notify by default (#16845) 2023-06-02 10:04:48 -07:00
acl server: wire up in-process Resource Service (#16978) 2023-04-18 10:03:23 +01:00
agent Fix incorrect protocol for transparent proxy upstreams. (#17894) 2023-07-05 09:32:10 -05:00
api Expose JWKS cluster config through JWTProviderConfigEntry (#17978) 2023-07-04 09:12:06 -04:00
bench
build-support Revert "Add workflow to verify linux release packages (#17904)" (#17942) 2023-06-28 14:18:53 -06:00
command Remove duplicate and unused newDecodeConfigEntry func (#17979) 2023-06-30 09:39:54 -07:00
connect Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
docs Add documentation for remote debugging of integration tests. (#17800) 2023-06-20 15:14:15 +00:00
envoyextensions Update list of Envoy versions (#17546) 2023-06-09 02:37:49 +00:00
grafana add readme outlining how to edit and publish 2021-01-12 14:47:11 -08:00
internal resource: enforce consistent naming of resource types (#17611) 2023-06-26 13:25:14 +01:00
ipaddr Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
lib hoststats: add package for collecting host statistics including cpu memory and disk usage (#17038) 2023-05-30 18:43:29 +00:00
logging Controller Supervision (#17016) 2023-04-25 12:52:35 +01:00
proto Expose JWKS cluster config through JWTProviderConfigEntry (#17978) 2023-07-04 09:12:06 -04:00
proto-public Fix missing BalanceOutboundConnections in v2 catalog. (#17964) 2023-06-29 16:04:21 -05:00
sdk Catalog V2 Container Based Integration Test (#17674) 2023-06-16 16:29:50 -04:00
sentinel Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
service_os Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
snapshot snapshot: some improvments to the snapshot process (#17236) 2023-05-09 15:28:52 -04:00
test Integration test for ext-authz Envoy extension (#17980) 2023-07-04 08:09:17 -07:00
testrpc Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
tlsutil tlsutil: Fix check TLS configuration (#17481) 2023-06-28 09:24:51 -07:00
tools/internal-grpc-proxy Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
troubleshoot Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
types Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
ui ci: remove test-integrations CircleCI workflow (#16928) 2023-04-19 16:19:29 +00:00
version [OSS] Post Consul 1.16 updates (#17606) 2023-06-07 21:46:49 +00:00
website Fix typo (#17198) 2023-07-01 01:55:28 +00:00
.copywrite.hcl Remove UI brand-loader copyright headers as they do not render appropriately (#16835) 2023-03-31 11:29:19 -04:00
.dockerignore
.gitignore Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
.golangci.yml Various bits of cleanup detected when using Go Workspaces (#17462) 2023-06-05 16:08:39 -04:00
CHANGELOG.md Add changelog entry for 1.16.0 (#17987) 2023-06-30 20:29:47 +00:00
Dockerfile Bump Alpine to 3.18 (#17719) 2023-06-14 01:02:05 +00:00
GNUmakefile Reference hashicorp/consul instead of consul for Docker image (#17914) 2023-06-27 23:17:20 +00:00
LICENSE [COMPLIANCE] Update MPL-2.0 LICENSE (#14964) 2022-11-09 12:24:14 -06:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md Fixed broken links referring to tutorials running as local agent (#14954) 2022-10-11 13:01:29 -07:00
buf.work.yaml Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
fixup_acl_move.sh Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
go.mod deps: coredns v1.10.1 (#17912) 2023-06-28 07:53:43 -07:00
go.sum deps: coredns v1.10.1 (#17912) 2023-06-28 07:53:43 -07:00
main.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00

README.md

Consul logo Consul

Docker Pulls Go Report Card

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh - Consul Service Mesh enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections with Transparent Proxy.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website: https://consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.