Backport of docs updates - cluster peering and virtual services into release/1.16.x (#18087)

* backport of commit 3ef758cefb * backport of commit f7c54b6ce2 * backport of commit 6b2e88c154 * backport of commit 87dc79fddb * backport of commit 3d9805c133 * backport of commit e76ec0a193 * backport of commit 4b03ba27c1 --------- Co-authored-by: David Yu <dyu@hashicorp.com>
2023-07-11 18:11:53 -05:00 · 2023-07-11 18:11:53 -05:00 · 4ea7c7f631
parent 18c9a87176
commit 4ea7c7f631
4 changed files with 11 additions and 9 deletions
--- a/website/content/docs/k8s/connect/cluster-peering/tech-specs.mdx
+++ b/website/content/docs/k8s/connect/cluster-peering/tech-specs.mdx
@ -41,7 +41,7 @@ Refer to the following example Helm configuration:
 ```yaml
 global:
  name: consul
-  image: "hashicorp/consul:1.14.1"
+  image: "hashicorp/consul:1.16.0"
  peering:
    enabled: true
  tls:
@ -166,4 +166,4 @@ If ACLs are enabled, you must add tokens to grant the following permissions:

 - Grant `service:write` permissions to services that define mesh gateways in their server definition.
 - Grant `service:read` permissions for all services on the partition.
- Grant `mesh:write` permissions to the mesh gateways that participate in cluster peering connections. This permission allows a leaf certificate to be issued for mesh gateways to terminate TLS sessions for HTTP requests.
+- Grant `mesh:write` permissions to the mesh gateways that participate in cluster peering connections. This permission allows a leaf certificate to be issued for mesh gateways to terminate TLS sessions for HTTP requests.
--- a/website/content/docs/k8s/connect/cluster-peering/usage/establish-peering.mdx
+++ b/website/content/docs/k8s/connect/cluster-peering/usage/establish-peering.mdx
@ -48,7 +48,7 @@ After you provision a Kubernetes cluster and set up your kubeconfig file to mana
  $ export CLUSTER2_CONTEXT=<CONTEXT for second Kubernetes cluster>
  ```

-### Update the Helm chart
+### Install Consul using Helm and configure peering over mesh gateways 

 To use cluster peering with Consul on Kubernetes deployments, update the Helm chart with [the required values](/consul/docs/k8s/connect/cluster-peering/tech-specs#helm-requirements). After updating the Helm chart, you can use the `consul-k8s` CLI to apply `values.yaml` to each cluster.

@ -59,7 +59,7 @@ To use cluster peering with Consul on Kubernetes deployments, update the Helm ch
  ```

  ```shell-session
-  $ helm install ${HELM_RELEASE_NAME1} hashicorp/consul --create-namespace --namespace consul --version "1.0.1" --values values.yaml --set global.datacenter=dc1 --kube-context $CLUSTER1_CONTEXT
+  $ helm install ${HELM_RELEASE_NAME1} hashicorp/consul --create-namespace --namespace consul --version "1.2.0" --values values.yaml --set global.datacenter=dc1 --kube-context $CLUSTER1_CONTEXT
  ```

 1. In `cluster-02`, run the following commands:
@ -69,9 +69,11 @@ To use cluster peering with Consul on Kubernetes deployments, update the Helm ch
  ```

  ```shell-session
-  $ helm install ${HELM_RELEASE_NAME2} hashicorp/consul --create-namespace --namespace consul --version "1.0.1" --values values.yaml --set global.datacenter=dc2 --kube-context $CLUSTER2_CONTEXT
+  $ helm install ${HELM_RELEASE_NAME2} hashicorp/consul --create-namespace --namespace consul --version "1.2.0" --values values.yaml --set global.datacenter=dc2 --kube-context $CLUSTER2_CONTEXT
  ```

+1. For both clusters apply the `Mesh` configuration entry values provided in [Mesh Gateway Specifications](/consul/docs/k8s/connect/cluster-peering/tech-specs#mesh-gateway-specifications) to allow establishing peering connections over mesh gateways. 
+
 ### Configure the mesh gateway mode for traffic between services

 In Kubernetes deployments, you can configure mesh gateways to use `local` mode so that a service dialing a service in a remote peer dials the remote mesh gateway instead of the local mesh gateway. To configure the mesh gateway mode so that this traffic always leaves through the local mesh gateway, you can use the `ProxyDefaults` CRD.
@ -452,4 +454,4 @@ For Consul Enterprise, the permissions apply to all imported services in the ser

 Refer to [Reading servers](/consul/docs/connect/config-entries/exported-services#reading-services) in the `exported-services` configuration entry documentation for example rules.

-For additional information about how to configure and use ACLs, refer to [ACLs system overview](/consul/docs/security/acl).
+For additional information about how to configure and use ACLs, refer to [ACLs system overview](/consul/docs/security/acl).
--- a/website/content/docs/k8s/l7-traffic/failover-tproxy.mdx
+++ b/website/content/docs/k8s/l7-traffic/failover-tproxy.mdx
@ -18,7 +18,7 @@ Complete the following steps to configure failover service instances in Consul o

 ## Requirements
 
- `consul-k8s` v1.2.0-beta1 or newer.
+- `consul-k8s` v1.2.0 or newer.
 - Consul service mesh must be enabled. Refer to [How does Consul Service Mesh Work on Kubernetes](/consul/docs/k8s/connect).
 - Proxies must be configured to run in transparent proxy mode. 
 - To query virtual DNS names, you must use Consul DNS.
--- a/website/content/docs/k8s/l7-traffic/route-to-virtual-services.mdx
+++ b/website/content/docs/k8s/l7-traffic/route-to-virtual-services.mdx
@ -20,7 +20,7 @@ Complete the following steps to configure failover service instances in Consul o

 ## Requirements
 
- `consul-k8s` v1.2.0-beta1 or newer.
+- `consul-k8s` v1.2.0 or newer.
 - Consul service mesh must be enabled. Refer to [How does Consul service mesh work on Kubernetes](/consul/docs/k8s/connect).
 - Proxies must be configured to run in transparent proxy mode. 
 - To query virtual DNS names, you must use Consul DNS.
@ -119,4 +119,4 @@ You can query the KubeDNS if the real and virtual services are in the same Kuber
 http://virtual-api.<namespace>.svc.cluster.local
 ```

-Note that you cannot use KubeDNS if a corresponding Kubernetes service and pod do not exist. 
+Note that you cannot use KubeDNS if a corresponding Kubernetes service and pod do not exist.