Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. https://www.consul.io
Go to file
R.B. Boyer 39e4ae25ac
connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428)
This fixes an issue where leaf certificates issued in primary
datacenters using Vault as a Connect CA would be reissued very
frequently (every ~20 seconds) because the logic meant to detect root
rotation was errantly triggering.

The hash of the rootCA was being compared against a hash of the
intermediateCA and always failing. This doesn't apply to the Consul
built-in CA provider because there is no intermediate in use in the
primary DC.

This is reminiscent of #6513
2021-02-08 13:18:51 -06:00
.changelog connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) 2021-02-08 13:18:51 -06:00
.circleci ci: add nightly load testing on master (#9693) 2021-02-03 15:59:37 -05:00
.github ci: escape backticks in github comment for website/ change check (#9711) 2021-02-05 13:48:31 -05:00
acl acl: remove t.Parallel 2020-11-17 12:37:02 -05:00
agent connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) 2021-02-08 13:18:51 -06:00
api Move header methods from config to client 2021-01-20 01:30:54 +00:00
bench Gets benchmarks running again and does a rough pass for 0.7.1. 2016-11-29 13:02:26 -08:00
build-support Allow any supported goos/goarch combination to be built locally 2020-12-29 22:04:19 -06:00
command config: make config.TestLoad_FullConfig use config.Load 2021-01-27 17:51:53 -05:00
connect testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
contributing contrib: Update contributing checklist for config 2021-01-27 17:52:54 -05:00
demo demo: Added udp port forwarding 2018-05-30 13:56:56 +09:00
grafana add readme outlining how to edit and publish 2021-01-12 14:47:11 -08:00
internal state: add a regression test for state store schema 2021-01-15 18:49:55 -05:00
ipaddr Ensure Consul is IPv6 compliant (#5468) 2019-06-04 10:02:38 -04:00
lib lib/mutex: add mutex with TryLock and update vendor 2021-01-25 18:01:47 -05:00
logging testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
proto proto: convert enterprise meta 2020-10-30 14:34:36 -04:00
sdk sdk: read procfs instead of using sysctl command 2020-10-25 00:37:04 +08:00
sentinel Allow users to configure either unstructured or JSON logging (#7130) 2020-01-28 17:50:41 -06:00
service_os Changes made : 2018-06-28 21:18:14 -04:00
snapshot testing: skip slow tests with -short 2020-12-07 13:42:55 -05:00
terraform terraform: remove modules in repo (#5085) 2019-04-04 16:31:43 -07:00
test docs: Update load test documentation and minor clean ups (#9548) 2021-01-15 12:41:06 -06:00
testrpc add testrpc.WaitForServiceIntentions to help unflake tests that manipulate intentions (#8867) 2020-10-07 14:20:25 -05:00
tlsutil Fix main build failing 2021-02-05 17:25:57 -05:00
types Move RPC router from Client/Server and into BaseDeps (#8559) 2020-08-27 11:23:52 -04:00
ui ui: Adds unique-id helper (#9676) 2021-02-02 10:03:46 +00:00
vendor Merge pull request #9302 from hashicorp/dnephin/add-service-3 2021-01-28 16:59:41 -05:00
version changelog: add 1.9.1 entries (#9486) 2021-01-04 11:54:26 -05:00
website Crosslink new microservices collection. (#9704) 2021-02-08 13:27:20 -05:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitignore website: remove netlify artifacts and port missing redirects over to new format (#9601) 2021-01-21 10:16:17 -05:00
.golangci.yml Remove unused return values 2020-06-24 13:00:15 -04:00
.hashibot.hcl hashibot: let hashibot help us more (#7281) 2020-02-19 15:30:27 +01:00
CHANGELOG.md changleog: presense -> presence (#9713) 2021-02-05 17:37:55 -05:00
GNUmakefile connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) 2021-02-08 13:18:51 -06:00
INTERNALS.md Add contributing dir with Config file checklist (#7017) 2020-01-14 12:24:03 +00:00
LICENSE Initial commit 2013-11-04 14:15:27 -08:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md Added docs link to Learn tutorial for Kind. (#8610) 2020-09-11 17:03:35 -04:00
Vagrantfile Adds a basic Linux Vagrant setup, stolen from Nomad. 2017-10-06 08:10:12 -07:00
codecov.yml Update all the references in CI and makefile to the bindata file location 2020-10-01 16:19:10 +01:00
go.mod Merge pull request #9302 from hashicorp/dnephin/add-service-3 2021-01-28 16:59:41 -05:00
go.sum Merge pull request #9302 from hashicorp/dnephin/add-service-3 2021-01-28 16:59:41 -05:00
main.go Add Revision to version CLI output and add JSON support 2020-07-08 16:32:46 -04:00
main_test.go Adding basic CLI infrastructure 2013-12-19 11:22:08 -08:00
package-lock.json Add Algolia indexing to CI 2020-06-29 12:14:43 -04:00

README.md

Consul CircleCI Discuss

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh/Service Segmentation - Consul Connect enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections without being aware of Connect at all.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, Mac OS X, FreeBSD, Solaris, and Windows. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website:

https://www.consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance.