Commit Graph

93 Commits (7c679c11e616a321c1336d9329dbc06a7fd0a08f)

Author SHA1 Message Date
FFMMM 61bd417a82
plumb thru root cert tll to the aws ca provider (#11449)
* plumb thru root cert ttl to the aws ca provider

Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>

* Update .changelog/11449.txt

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2021-11-04 12:19:08 -07:00
FFMMM 4ddf973a31
add root_cert_ttl option for consul connect, vault ca providers (#11428)
* add root_cert_ttl option for consul connect, vault ca providers

Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* add changelog, pr feedback

Signed-off-by: FFMMM <FFMMM@users.noreply.github.com>

* Update .changelog/11428.txt, more docs

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>

* Update website/content/docs/agent/options.mdx

Co-authored-by: Kyle Havlovitz <kylehav@gmail.com>

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
Co-authored-by: Kyle Havlovitz <kylehav@gmail.com>
2021-11-02 11:02:10 -07:00
Jared Kirschner 0854e1d684
Merge pull request #11348 from kbabuadze/fix-answers-alt-domain
Fix answers for alt domain
2021-10-29 17:09:20 -04:00
Daniel Nephin 4afc24268d tlsutil: only AuthorizerServerConn when VerifyIncomingRPC is true
See github.com/hashicorp/consul/issues/11207

When VerifyIncomingRPC is false the TLS conn will not have the required certificates.
2021-10-27 13:43:25 -04:00
Konstantine a8643339bc describe how alt-domain works in docs 2021-10-26 12:38:13 -04:00
Daniel Nephin 4ae2c8de9d
Merge pull request #11232 from hashicorp/dnephin/acl-legacy-remove-docs
acl: add docs and changelog for the removal of the legacy ACL system
2021-10-25 18:38:00 -04:00
Chris S. Kim c0991f479f
Update docs for tls_cipher_suites (#11070) 2021-10-21 16:41:51 -04:00
Jared Kirschner cd55c0cda3
Merge pull request #11328 from radiantly/ui/feature/allow-${}-style-interpolation
ui: Allow ${ } interpolation for UI Dashboard template URLs
2021-10-20 08:59:02 -04:00
Anirudh H M ffa27a7b09 Single link 2021-10-20 00:25:28 +05:30
radiantly 66c9ef1876
Remove note 2021-10-19 23:22:12 +05:30
radiantly 0e9a7d0cad
Add changelog note and amend docs 2021-10-19 01:08:44 +05:30
radiantly fd51b3e76e
ui: Allow ${} interpolation for template URLs 2021-10-15 15:37:51 +05:30
Anirudh H M dc073b688f Update docs: Mention grafana dashboard 2021-10-12 12:55:44 +05:30
Connor 257d00c908
Merge pull request #11222 from hashicorp/clly/service-mesh-metrics
Start tracking connect service mesh usage metrics
2021-10-11 14:35:03 -05:00
Daniel Nephin b4e3367e63 docs: add notice that legacy ACLs have been removed.
Add changelog

Also remove a metric that is no longer emitted that was missed in a
previous step.
2021-10-05 18:30:22 -04:00
Connor Kelly 024715eb11
Add changelog, website and metric docs
Add changelog to document what changed.
Add entry to telemetry section of the website to document what changed
Add docs to the usagemetric endpoint to help document the metrics in code
2021-10-05 13:34:24 -05:00
trujillo-adam f5108e4683 applied feedback, moved the Lifecycle info to the front 2021-09-30 11:41:37 -07:00
trujillo-adam 0567e2d549 providing additional information about the Consul agent 2021-09-29 16:51:03 -07:00
Daniel Nephin 19040586ce
Merge pull request #11136 from hashicorp/dnephin/acl-resolver-fix-default-authz
acl: fix default Authorizer for down_policy extend-cache/async-cache
2021-09-29 13:45:12 -04:00
Daniel Nephin a53fdd68c8
Merge pull request #11110 from hashicorp/dnephin/acl-legacy-remove-initialize
acl: remove initializeLegacyACL and the rest of the legacy FSM commands
2021-09-29 13:44:30 -04:00
Daniel Nephin 8f754aba14
Merge pull request #10999 from hashicorp/dnephin/revert-config-xds-port
Revert config xds_port
2021-09-29 13:39:15 -04:00
Daniel Nephin 6e1ebd3df7 acl: remove the last of the legacy FSM
Replace it with an implementation that returns an error, and rename some symbols
to use a Deprecated suffix to make it clear.

Also remove the ACLRequest struct, which is no longer referenced.
2021-09-29 12:42:23 -04:00
Daniel Nephin 1502547e38 Revert "Merge pull request #10588 from hashicorp/dnephin/config-fix-ports-grpc"
This reverts commit 74fb650b6b, reversing
changes made to 58bd817336.
2021-09-29 12:28:41 -04:00
Daniel Nephin 0330966315
Merge pull request #11101 from hashicorp/dnephin/acl-legacy-remove-rpc-2
acl: remove legacy ACL.Apply RPC
2021-09-29 12:23:55 -04:00
Daniel Nephin c321879d1e Revert "Merge pull request #10618 from hashicorp/dnephin/docs-add-deprecation-version-grpc-port"
This reverts commit 81bb5f33eb, reversing
changes made to 20feb42d3a.
2021-09-29 12:14:32 -04:00
Daniel Nephin 8d1378cc1d
Merge pull request #10988 from hashicorp/dnephin/acl-legacy-remove-config
acl: isolate deprecated config and warn when they are used
2021-09-29 11:40:14 -04:00
Jared Kirschner 9ef6490533
Merge pull request #10702 from jkirschner-hashicorp/network-segments-docs-enhancements
Network segments docs enhancements
2021-09-28 10:24:05 -04:00
Daniel Nephin 6e4ecfd05b docs: clarify acl down policy 2021-09-23 18:13:39 -04:00
Daniel Nephin 5eafcea4d4 config: Deprecate EnableACLReplication
replaced by ACL.TokenReplication
2021-09-23 15:14:59 -04:00
Daniel Nephin c84867feda acl: remove ACL.Apply
As part of removing the legacy ACL system.
2021-09-22 18:28:08 -04:00
Connor Kelly 59f9f67cc2
Add new telemetry to website
This will add information about the new kv_usage metric to the website
2021-09-20 12:43:40 -05:00
Jared Kirschner 3231709b03 docs: improve network segments agent options docs 2021-09-15 10:00:41 -07:00
Karl Cardenas 2c861a4f4e
docs: fixed identation of warning components 2021-08-30 07:12:30 -07:00
mrspanishviking 763e720ffe
Apply suggestions from code review
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-08-27 07:41:11 -07:00
Karl Cardenas b4f47383fa
docs: added information about a conflict when using auto_config and auto_encrypt 2021-08-25 21:25:18 -07:00
Blake Covarrubias e62b1d05d8
docs: Add common CA config options to provider doc pages (#10842)
Add the list of common Connect CA configuration options to the
provider-specific CA docs.

Previously these options were only documented under the agent
configuration options. This change makes it so that all supported CA
provider configuration options are available from a single location.

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
2021-08-19 11:18:55 -07:00
Olatunde Alex-Oni ad07ed705c Update documentation for enable_key_list_policy
The current suggests the option expects a string of either "enabled" or "disabled" but this results in an error `'acl.enable_key_list_policy' expected type 'bool', got unconvertible type 'string', value: 'enabled'`. Setting to a boolean value resolves this, also had a quick look at the code (d2b58cd0d6/agent/config/runtime.go (L109)) and it suggests this too
2021-08-16 13:10:54 -07:00
Blake Covarrubias 99b1d8ed8c docs: Update code blocks across website
* Use CodeTabs for examples in multiple formats.
* Ensure correct language on code fences.
* Use CodeBlockConfig for examples with filenames, or which need
highlighted content.
2021-08-11 13:20:03 -07:00
Daniel Nephin 8c575445da telemetry: add a metric for agent TLS cert expiry 2021-08-04 13:51:44 -04:00
joshwolfer 63a650028e Update options.mdx
add service config link to description of enable_central_service_config.
2021-08-03 15:36:51 -04:00
Blake Covarrubias 11f1f3fe34 Add OSS changes for specifying audit log permission mode 2021-07-30 09:58:11 -07:00
Daniel Nephin 20537d8952
Update website/content/docs/agent/options.mdx
Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
2021-07-29 12:38:30 -04:00
Daniel Nephin 9f02119314 docs: give better guidance about how to configure the agent TLS CA 2021-07-28 18:22:35 -04:00
Blake Covarrubias a0cd3dd88e
Add DNS recursor strategy option (#10611)
This change adds a new `dns_config.recursor_strategy` option which
controls how Consul queries DNS resolvers listed in the `recursors`
config option. The supported options are `sequential` (default), and
`random`.

Closes #8807

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Priyanka Sengupta <psengupta@flatiron.com>
2021-07-19 15:22:51 -07:00
Blake Covarrubias 832896ed11 docs: Fix spelling errors across website 2021-07-19 14:29:54 -07:00
Daniel Nephin 0ba5d74fcc
Merge pull request #10617 from hashicorp/dnephin/config-add-missing-docs
docs: add config options that were missing
2021-07-15 11:23:32 -04:00
Daniel Nephin 510262b3bb docs: add deprecation version for ports.grpc settings 2021-07-14 17:06:13 -04:00
Daniel Nephin 5581c86597 docs: add config options that were missing
https://github.com/hashicorp/consul/pull/128 added pid_file
https://github.com/hashicorp/consul/pull/1331 added disable_coordinates
2021-07-14 16:51:07 -04:00
Daniel Nephin 74fb650b6b
Merge pull request #10588 from hashicorp/dnephin/config-fix-ports-grpc
config: rename `ports.grpc` to `ports.xds`
2021-07-13 13:11:38 -04:00
Daniel Nephin c48f26b0a6 config: update config settings and flags for ports.xds 2021-07-13 12:31:48 -04:00