Commit Graph

7653 Commits (4b528b10a5f1a8f04347a326e567f3bd9848bc0b)

Author SHA1 Message Date
Preetha Appan d77ab91123
Allows disabling WAN federation by setting serf WAN port to -1 2018-03-26 14:21:06 -05:00
Kyle Havlovitz 10bda48a41
Merge pull request #3979 from guidoiaquinti/master
Consolidate logging output
2018-03-26 10:07:20 -07:00
Preetha Appan 7091595595
Update yamux to pick up performance improvements 2018-03-26 08:56:40 -05:00
Jack Pearkes c862148ea2
Merge pull request #3927 from hashicorp/docs-encrypt-key-note
Docs: Clarify encrypt key for WAN joined DCs
2018-03-22 14:16:02 -07:00
Hannah Oppenheimer 996297033d Alphabetizing community tools list 2018-03-22 12:36:42 -05:00
Pierre Souchay 18baff80ae Merge remote-tracking branch 'origin/master' into node_health_should_change_service_index 2018-03-22 13:07:11 +01:00
Pierre Souchay 5fb1b18073 More test cases 2018-03-22 12:41:06 +01:00
Pierre Souchay 39a7b5c20d Added new test regarding checks index 2018-03-22 12:20:25 +01:00
Pierre Souchay dd9efb755a Fixed minor typo in comments
Might fix unstable travis build
2018-03-22 10:30:10 +01:00
Guido Iaquinti 8cd11d5888 Add package name to log output 2018-03-21 15:56:14 +00:00
Jack Pearkes 559d35156a
Merge pull request #3929 from sryabkov/patch-1
Highlighting the dead link in documentation
2018-03-19 16:00:32 -07:00
Paul Banks 7a90a44a71
Note TLS cipher suite support changes 2018-03-19 21:51:14 +00:00
Josh Soref 94835a2715 Spelling (#3958)
* spelling: another

* spelling: autopilot

* spelling: beginning

* spelling: circonus

* spelling: default

* spelling: definition

* spelling: distance

* spelling: encountered

* spelling: enterprise

* spelling: expands

* spelling: exits

* spelling: formatting

* spelling: health

* spelling: hierarchy

* spelling: imposed

* spelling: independence

* spelling: inspect

* spelling: last

* spelling: latest

* spelling: client

* spelling: message

* spelling: minimum

* spelling: notify

* spelling: nonexistent

* spelling: operator

* spelling: payload

* spelling: preceded

* spelling: prepared

* spelling: programmatically

* spelling: required

* spelling: reconcile

* spelling: responses

* spelling: request

* spelling: response

* spelling: results

* spelling: retrieve

* spelling: service

* spelling: significantly

* spelling: specifies

* spelling: supported

* spelling: synchronization

* spelling: synchronous

* spelling: themselves

* spelling: unexpected

* spelling: validations

* spelling: value
2018-03-19 16:56:00 +00:00
Paul Banks 8871ad130d
Merge pull request #3961 from canterberry/docs/tls-cipher-suites
๐Ÿ“ Clarify the list of supported TLS cipher suites
2018-03-19 16:51:14 +00:00
Paul Banks 37c07b3cac
Use master 2018-03-19 16:50:52 +00:00
Paul Banks a8f7681c70
Merge pull request #3962 from canterberry/upgrade/tls-cipher-suites
๐Ÿ”’ Update supported TLS cipher suites
2018-03-19 16:44:33 +00:00
Paul Banks 9e4b10ab6f
Merge pull request #3966 from hashicorp/docs-ui-acls
website: add UI section to ACL guide
2018-03-19 16:40:50 +00:00
Pierre Souchay b6914617d9 Fixed typo in comments 2018-03-19 17:12:08 +01:00
Pierre Souchay 5e974843f1 Refactoring to have clearer code without weird bool 2018-03-19 16:12:54 +01:00
Pierre Souchay a44b9e84b1 [BUGFIX]ย When a node level check is removed, ensure all services of node are notified
Bugfix for https://github.com/hashicorp/consul/pull/3899

When a node level check is removed (example: maintenance),
some watchers on services might have to recompute their state.

If those nodes are performing blocking queries, they have to be notified.
While their state was updated when node-level state did change or was added
this was not the case when the check was removed. This fixes it.
2018-03-19 14:14:03 +01:00
Preetha Appan da2d5304cb
Update CHANGELOG 2018-03-16 09:39:00 -05:00
Preetha Appan 2eed7766a8
cleanup unit test code a bit 2018-03-16 09:36:57 -05:00
Preetha c87699abf2
Merge pull request #3885 from eddsteel/support-options-requests
Support OPTIONS requests
2018-03-16 09:20:16 -05:00
Devin Canterberry 2187ab1e1c
๐ŸŽจ Formatting changes only; convert leading space to tabs 2018-03-15 10:30:38 -07:00
Devin Canterberry 961aea97fe
๐Ÿ“ Prefer brevity at the cost of some ambiguity 2018-03-15 10:25:27 -07:00
Devin Canterberry 7236c95e11
โœ… Match expectation of TLSCipherSuites to values of tls_cipher_suites 2018-03-15 10:19:46 -07:00
Devin Canterberry a61abcd931
๐Ÿ› Formatting changes only; add missing trailing commas 2018-03-15 10:19:46 -07:00
Devin Canterberry c901307a47
๐Ÿ”’ Update supported TLS cipher suites
The list of cipher suites included in this commit are consistent with
the values and precedence in the [Golang TLS documentation](https://golang.org/src/crypto/tls/cipher_suites.go).

> **Note:** Cipher suites with RC4 are still included within the list
> of accepted values for compatibility, but **these cipher suites are
> not safe to use** and should be deprecated with warnings and
> subsequently removed. Support for RC4 ciphers has already been
> removed or disabled by default in many prominent browsers and tools,
> including Golang.
>
> **References:**
>
>  * [RC4 on Wikipedia](https://en.wikipedia.org/wiki/RC4)
>  * [Mozilla Security Blog](https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/)
2018-03-15 10:19:46 -07:00
Devin Canterberry 1db58de366
โคต๏ธ Merge from `master`; no conflicts 2018-03-15 09:13:01 -07:00
Jack Pearkes 6fb94ff40a website: clarify where ACL token is set in the UI 2018-03-14 16:50:04 -07:00
Jack Pearkes c66628a06f website: add section on securing the UI with ACLs
Figured it would be worth documenting due to #3931.
2018-03-14 16:46:04 -07:00
Paul Banks 844a5fe8c0
Call out the service-watch upgrade notice 2018-03-14 11:03:21 +00:00
Jack Pearkes 652e821511
Merge pull request #3884 from rberlind/master
Updated Stale Reads section of DNS Caching Guide
2018-03-13 16:56:58 -07:00
Jack Pearkes 101e1d030e
Merge pull request #3952 from slopeinsb/patch-1
Update index.html.md
2018-03-13 16:07:10 -07:00
Jack Pearkes 4bddecb195
Update CHANGELOG.md 2018-03-13 15:32:37 -07:00
Devin Canterberry 84d650cc4a
๐Ÿ“ Clarify the list of supported TLS cipher suites
Previously, the documentation linked to Golang's source code, which
can drift from the list of cipher suites supported by Consul. Consul
has a hard-coded mapping of string values to Golang cipher suites, so
this is a more direct source of truth to help users understand which
string values are accepted in the `tls_cipher_suites` configuration
value.
2018-03-13 09:25:03 -07:00
Preetha 3ed071b4a6
Merge pull request #3946 from hashicorp/je.fixes
Small Adjustments
2018-03-13 11:15:50 -05:00
randall thomson 3b1a2af8f1
Update index.html.md
update cli commands for consul 1.x
2018-03-09 09:46:37 -08:00
Pierre Souchay aebfcb6767 Fixed minor typo (+ travis tests is unstable) 2018-03-09 18:42:13 +01:00
Pierre Souchay 93fa1f6f49 Optimize size for SRV records, should improve performance a bit
Stricter Unit tests that checks if truncation was OK.
2018-03-09 18:25:29 +01:00
Preetha Appan 0e3c41738d
Update CHANGELOG.md 2018-03-09 07:37:57 -06:00
Preetha 210cfe5ef9
Merge pull request #3940 from pierresouchay/dns_max_size
Allow to control the number of A/AAAA Record returned by DNS
2018-03-09 07:35:32 -06:00
Preetha 251cdb9c24
Some tweaks to the documentation for a_record_limit 2018-03-08 11:23:07 -06:00
Pierre Souchay 57310a6446 Updated documentation as requested by @preetapan 2018-03-08 18:02:40 +01:00
Pierre Souchay d0e45f22df Fixed wrong format of debug msg in unit test 2018-03-08 00:36:17 +01:00
Pierre Souchay ce3f47a75d Performance optimization for services having more than 2k records 2018-03-08 00:26:41 +01:00
Pierre Souchay 7d59249d96 Avoid issue with compression of DNS messages causing overflow 2018-03-07 23:33:41 +01:00
Pierre Souchay 419bf29041 Cleaner Unit tests from suggestions from @preetapan 2018-03-07 18:24:41 +01:00
Pierre Souchay b77fd5ce9d 64000 max limit to DNS messages since there is overhead
Added debug log to give information about truncation.
2018-03-07 16:14:41 +01:00
Pierre Souchay be39fb20cc [BUGFIX] do not break when TCP DNS answer exceeds 64k
It will avoid having discovery broken when having large number
of instances of a service (works with SRV and A* records).

Fixes https://github.com/hashicorp/consul/issues/3850
2018-03-07 10:08:06 +01:00