Commit Graph

1070 Commits (857a8e200e163a1913d03f211da3926984570154)

Author SHA1 Message Date
Preetha Appan 857a8e200e Capitalize Consul and Docker throughout 2017-07-31 17:54:03 -05:00
Preetha Appan d45ceff4b7 First pass at a consul containers guide 2017-07-31 17:19:15 -05:00
James Phillips 08a8d9f2a7 command/lock: Add -child-exitcode, return 2 on child error (#3329)
* Exit 2 if -child-exit-code and the child returned with an error.
* There is no platform independent way to check the exact return code of
* the child, so on error always return 2.
* Closes #947
* Closes #1503
2017-07-26 22:09:19 -07:00
James Phillips 9f10566314 Update geo-failover.html.md 2017-07-26 16:42:35 -07:00
James Phillips 44128e5bbb Update geo-failover.html.md 2017-07-26 15:44:17 -07:00
James Phillips 59b9164142 Adds a geo failover guide using prepared queries. (#3328) 2017-07-26 15:40:01 -07:00
James Phillips 496b0bcf07 Adds support for agent-side ACL token management via API instead of config files. (#3324)
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
James Phillips 240c40deb8 Update options.html.md 2017-07-24 22:37:12 -07:00
Jon Benson 3117d9ec2b Fix spelling (#3311) 2017-07-20 14:48:45 -07:00
James Phillips 610a67defa Updates consul exec docs to mention ACLs. (#3308)
* Update documentation for consul exec to mention all permissions it needs.

* Removed node write perm, not needed for consul exec

* Converts ACL note into a table like the API docs, adds ACL guide x-ref.
2017-07-20 09:30:08 -07:00
James Phillips 357d00f7d3 Clarifies endpoint blocking in the docs. 2017-07-19 17:14:19 -07:00
James Phillips 6abc5757b1 Tweaks title. 2017-07-18 14:48:38 -07:00
Kyle Havlovitz 689c8bc934
Add UpgradeVersionTag information to docs 2017-07-18 14:01:21 -07:00
James Phillips cbfb4388d1 Update acl.html.md 2017-07-18 07:44:35 -07:00
James Phillips 37c78e3077 Improves structure of ACL guide. 2017-07-18 07:41:59 -07:00
James Phillips 0c376fb656 Removes a merge conflict marker from the ACL guide. 2017-07-18 07:35:17 -07:00
James Phillips 28b747c3c0 Update upgrade-specific.html.md 2017-07-18 07:14:16 -07:00
James Phillips aa9a1ddb88 Update upgrade-specific.html.md 2017-07-18 07:11:59 -07:00
James Phillips a5e85a6f89 Adds a missing newline to the snapshot agent page. 2017-07-17 22:22:50 -07:00
Charlie Voiselle 6c75e79158 Removed localhost from links (#3289)
Two links were still referring to localhost. Made them relative and tested.
2017-07-17 19:59:58 -07:00
James Phillips fc971b65dc Update upgrade-specific.html.md 2017-07-17 14:11:08 -07:00
James Phillips 1791d99a10 Adds new config to make script checks opt-in, updates documentation. (#3284) 2017-07-17 11:20:35 -07:00
James Phillips 74946ddde9 Fixes a broken link. 2017-07-17 00:07:34 -07:00
James Phillips 780e68a753 Changes remote exec KV read to call GetTokenForAgent(). (#3283)
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.

Fixes #3160.

* Fixes remote exec unit test with ACLs.

* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips 1004d0ec0e Adds node read privileges to the acl_agent_master_token. (#3277)
Fixes #3113.
2017-07-16 20:08:26 -07:00
Kyle Havlovitz 090414db15
Add network area TLS setting to docs 2017-07-14 17:06:33 -07:00
Seth Vargo afd83a9705 Add catalog CLI functions (#3204) 2017-07-14 12:45:08 -07:00
James Phillips a5461ce368 Update acl.html.md 2017-07-13 22:40:15 -07:00
James Phillips 0881e46111 Cleans up version 8 ACLs in the agent and the docs. (#3248)
* Moves magic check and service constants into shared structs package.

* Removes the "consul" service from local state.

Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.

* Makes coordinate update ACL log message a warning, similar to other AE warnings.

* Adds much more detailed examples for bootstrapping ACLs.

This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234.
2017-07-13 22:33:47 -07:00
James Phillips 947cc0d5e9 Adds a version note about block_endpoints config. 2017-07-10 13:56:02 -07:00
James Phillips 66edec5dfd Adds the ability to blacklist specific HTTP endpoints. (#3252) 2017-07-10 13:51:25 -07:00
James Phillips da0408c241 Update autopilot.html.md 2017-07-07 14:38:35 -07:00
Seth Rutner 5cef512fa7 Update autopilot.html.md (#3244) 2017-07-07 14:34:59 -07:00
Brian Shumate 7ae25f6c7e DOCS: Add note in Ports Used section (#3241)
- Add note about port 8302 to address #3058
2017-07-07 09:38:56 -07:00
Chris Griggs bd03f8a8ed Update # of ports (#3238)
I counted twice.
2017-07-06 13:50:12 -07:00
James Phillips 224f9dd2c1 Adds links to Lifeguard info. 2017-07-06 12:19:39 -07:00
Frank Schroeder 6dd68f7ad7
Revert "agent: add allowStale option for HTTP API (#3142)"
This reverts commit 1e0fd27a74.
2017-06-27 07:04:55 +02:00
James Phillips a6987c1812 Adds missing tls_skip_verify option to HTTP check example. 2017-06-24 15:37:52 -07:00
James Phillips 6e1ee02689 Update options.html.md 2017-06-24 15:28:23 -07:00
James Phillips 380c8b957d Changes host-based node IDs from opt-out to opt-in. (#3187) 2017-06-24 09:36:53 -07:00
wojtkiewicz 1e0fd27a74
agent: add allowStale option for HTTP API (#3142)
This patch adds an "allowStale" option to the HTTP API
configuration which allows stale reads to provide linear
read scalability.

Fixes #3142
2017-06-22 10:31:13 +02:00
wojtkiewicz 37785028be
agent: add "http_config"
This patch adds an "http_config" object to the config file
and moves the "http_api_response_headers" option there.

"http_api_response_headers" is now deprecated in favor of
"http_config.response_headers"
2017-06-22 10:31:11 +02:00
Preetha Appan c7f35ef2f9 Update documentation and json examples for snapshot agent 2017-06-21 21:15:02 -05:00
Frank Schröder 31a310f551 agent: notify systemd after JoinLAN (#2121)
This patch adds support for notifying systemd via the
NOTIFY_SOCKET by sending 'READY=1' to the socket after
a successful JoinLAN.

Fixes #2121
2017-06-21 06:43:55 +02:00
preetapan 0c2a83e1ec Merge pull request #3154 from hashicorp/issue_2644_redux
Fix stale reads on server startup. Consistent reads will now wait for up to config.RPCHoldTimeout for the server to get past its raft log, before returning an error. Servers that are starting up will eventually catch up. 
This fixes issue #2644
2017-06-20 19:47:12 -05:00
Kyle Havlovitz 5473255f98 Update encryption.html.md 2017-06-16 12:54:25 -07:00
Preetha Appan 72af7b9bc4 Redo bug fix for stale reads on server startup, leveraging RPCHOldtimeout instead of maxQueryTime, plus tests 2017-06-15 22:41:30 -05:00
Kyle Havlovitz 5d99ee80ca Add an option to disable keyring file (#3145)
Also disables keyring file in dev mode.
2017-06-15 15:24:04 -07:00
Preetha Appan ec0cfae5ab Added documentation for new s3 server side encryption 2017-06-08 11:39:10 -07:00
James Phillips bc3b68ba80 Fixes version reference in encryption docs. 2017-06-07 21:31:48 -07:00