24e11b511e
The fallback method would still work but it would get into a state where it would let the certificate expire for 10s before getting a new one. And the new one used the less secure RPC endpoint. This is also a pretty large refactoring of the auto encrypt code. I was going to write some tests around the certificate monitoring but it was going to be impossible to get a TestAgent configured in such a way that I could write a test that ran in less than an hour or two to exercise the functionality. Moving the certificate monitoring into its own package will allow for dependency injection and in particular mocking the cache types to control how it hands back certificates and how long those certificates should live. This will allow for exercising the main loop more than would be possible with it coupled so tightly with the Agent. # Conflicts: # agent/agent.go |
||
|---|---|---|
| .circleci | ||
| .github | ||
| acl | ||
| agent | ||
| api | ||
| bench | ||
| build-support | ||
| command | ||
| connect | ||
| contributing | ||
| demo | ||
| internal/go-sso | ||
| ipaddr | ||
| lib | ||
| logging | ||
| sdk | ||
| sentinel | ||
| service_os | ||
| snapshot | ||
| terraform | ||
| test | ||
| testrpc | ||
| tlsutil | ||
| types | ||
| ui-v2 | ||
| vendor | ||
| version | ||
| website | ||
| .dockerignore | ||
| .gitignore | ||
| .golangci.yml | ||
| .hashibot.hcl | ||
| CHANGELOG.md | ||
| GNUmakefile | ||
| INTERNALS.md | ||
| LICENSE | ||
| NOTICE.md | ||
| README.md | ||
| Vagrantfile | ||
| codecov.yml | ||
| go.mod | ||
| go.sum | ||
| main.go | ||
| main_test.go | ||
README.md
Consul 
- Website: https://www.consul.io
- Tutorials: https://learn.hashicorp.com
- Forum: Discuss
Consul is a tool for service discovery and configuration. Consul is distributed, highly available, and extremely scalable.
Consul provides several key features:
-
Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.
-
Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.
-
Service Segmentation/Service Mesh - Consul Connect enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections without being aware of Connect at all.
-
Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.
-
Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.
Consul runs on Linux, Mac OS X, FreeBSD, Solaris, and Windows. A commercial version called Consul Enterprise is also available.
Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.
Quick Start
A few quick start guides are available on the Consul website:
- Standalone binary install: https://learn.hashicorp.com/consul/getting-started/install
- Minikube install: https://learn.hashicorp.com/consul/kubernetes/minikube
- Kubernetes install: https://learn.hashicorp.com/consul/kubernetes/kubernetes-deployment-guide
Documentation
Full, comprehensive documentation is available on the Consul website:
Contributing
Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance.