Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. https://www.consul.io
Go to file
skpratt 202090e5d5
v2 explicit destination traffic permissions (#18823)
* workload identity boilerplate

* notes from discussion with Iryna

* WIP traffic permissions controller poc

* workload identity, traffic permissions validation, errors, types

* traffic permissions mapper framing, traffic permissions controller updates.

* more roughing out of the controller

* cleanup

* controller and mapper logic

* tests

* refactor mapper logic, add tests

* clean up tenancy and integration test stubs

* consolidate mapping

* cleanup cache leak, revert bimapper changes

* address review comments

* test fix and rebase

* use resource helper

---------

Co-authored-by: John Landa <john.landa@hashicorp.com>
2023-09-25 16:50:07 +00:00
.changelog api: add `CheckRegisterOpts` method to Agent API (#18943) 2023-09-25 08:25:02 -07:00
.github do not trigger integration tests (#18948) 2023-09-21 19:10:34 +00:00
.release OSS -> CE (community edition) changes (#18517) 2023-08-22 09:46:03 -05:00
acl Add workload identity ACL rules (#18769) 2023-09-12 17:22:51 -04:00
agent catalog,mesh,auth: Move resource types to the proto-public module (#18935) 2023-09-22 15:50:56 -06:00
api api: add `CheckRegisterOpts` method to Agent API (#18943) 2023-09-25 08:25:02 -07:00
bench
build-support Add protoc generator to emit resource type variables (#18957) 2023-09-21 17:18:47 -04:00
command Add CLI support for json (#18991) 2023-09-22 20:51:18 +00:00
connect [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
docs resource: allow for the ACLs.Read hook to request the entire data payload to perform the authz check (#18925) 2023-09-22 09:53:55 -05:00
envoyextensions feat: remove resource api client from api module (#18984) 2023-09-22 16:32:08 -04:00
grafana grafana: fix a query metrics from ent and add consul version (#18998) 2023-09-25 12:41:13 -04:00
internal v2 explicit destination traffic permissions (#18823) 2023-09-25 16:50:07 +00:00
ipaddr [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
lib OSS -> CE (community edition) changes (#18517) 2023-08-22 09:46:03 -05:00
logging Run copyright after running deep-copy as part of the Makefile/CI (#18741) 2023-09-11 13:50:52 -04:00
proto Allow empty data writes for resources (#18819) 2023-09-15 14:00:23 -05:00
proto-public v2 explicit destination traffic permissions (#18823) 2023-09-25 16:50:07 +00:00
sdk consul operator raft transfer-leader should send the id (#17107) 2023-09-15 14:38:59 -04:00
sentinel OSS -> CE (community edition) changes (#18517) 2023-08-22 09:46:03 -05:00
service_os [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
snapshot [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
test catalog,mesh,auth: Bump versions to v2beta1 (#18930) 2023-09-22 10:51:15 -06:00
test-integ dns token (#17936) 2023-09-20 15:50:06 -06:00
testing/deployer dns token (#17936) 2023-09-20 15:50:06 -06:00
testrpc [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
tlsutil [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
tools/internal-grpc-proxy [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
troubleshoot feat: remove resource api client from api module (#18984) 2023-09-22 16:32:08 -04:00
types [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
ui feat: copy edits for built-in policy alert (#18655) 2023-09-01 13:58:03 -07:00
version [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
website [Docs] Add note to jwt docs to specify the need for ACLs (#18942) 2023-09-22 13:19:57 -04:00
.copywrite.hcl Move ACL templated policies to hcl files (#18853) 2023-09-18 17:10:35 -04:00
.dockerignore
.gitignore add peering_commontopo tests [NET-3700] (#17951) 2023-07-18 16:41:30 -07:00
.golangci.yml dataplane: Allow getting bootstrap parameters when using V2 APIs (#18504) 2023-09-06 16:46:25 -06:00
CHANGELOG.md Fix changelog order (#18918) 2023-09-20 13:42:17 -04:00
Dockerfile [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
Dockerfile-windows Envoy Integration Test Windows (#18007) 2023-07-21 20:26:00 +05:30
LICENSE [COMPLIANCE] License update (#18479) 2023-08-16 09:42:07 -05:00
Makefile Run copyright after running deep-copy as part of the Makefile/CI (#18741) 2023-09-11 13:50:52 -04:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md README - re-order badges and update hub link (#18498) 2023-08-16 18:41:43 -07:00
buf.work.yaml [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
fixup_acl_move.sh [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00
go.mod feat: remove resource api client from api module (#18984) 2023-09-22 16:32:08 -04:00
go.sum NET-4519 Collecting journald logs in "consul debug" bundle (#18797) 2023-09-19 08:46:50 +05:30
main.go [COMPLIANCE] License changes (#18443) 2023-08-11 09:12:13 -04:00

README.md

Consul logo Consul

License: BUSL-1.1 Docker Pulls Go Report Card

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh - Consul Service Mesh enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections with Transparent Proxy.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Dynamic App Configuration - An HTTP API that allows users to store indexed objects within Consul, for storing configuration parameters and application metadata.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website: https://consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.