Commit Graph

101 Commits (df4c288ba895a014084a328199419f58dc853978)

Author SHA1 Message Date
Luke Kysow 191561e44f
docs: document behaviour of tls.https.verify_outgoing (#20555)
* docs: document behaviour of tls.https.verify_outgoing

At first it's not clear what verify_outgoing would do for the https
listener as it seems like Consul agent's don't make https requests. Upon
further investigation, it's clear that Consul agents do make https
requests in the following scenarios:
- to implement watches
- to perform checks

In the first scenario, this setting is used here:
a1c8d4dd19/agent/config/runtime.go (L1725)

In the second scenario, it's actually the internal_rpc setting that is
used:
a1c8d4dd19/tlsutil/config.go (L903)

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-02-13 09:01:03 -08:00
Mark Campbell-Vincent 27f6fef999
Update cache section for certain API calls (#20464)
* Update cache section for certain API calls

Providing more detail to the cache section to address behavior of API calls using streaming backend. This will help users understand that when '?index' is used and '?cached' is not, caching to servers will be bypassed, causing entry_fetch_max_burst and entry_fetch_rate to not be used in this scenario.

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-02-07 21:09:26 -05:00
cskh 890332cacb
docs: Fix indention of wal object in agent config (#20399) 2024-01-31 11:24:00 -05:00
John Landa 525396651c
DNS token doc updates (#19592)
* DNS token doc updates

Review feedback

Update website/content/commands/acl/set-agent-token.mdx

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

Update dns token doc to link to policy templates

* PR feedback updates
2023-11-13 12:51:49 -07:00
Michael Zalimeni c9f2a6add4
[NET-5916] Update locality-aware routing docs (#19529)
* docs: Update locality-aware routing docs

- Align locality-aware routing documentation to the recommended use of the
feature and incorporate engineer feedback.
- Remove docs for unreleased multi-cluster failover feature.
- Fix minor typos and formatting in examples.

* docs: Fix rate limit docs typo
2023-11-06 15:03:47 -05:00
Derek Menteer 48c4a5b736
Add grpc keepalive configuration. (#19339)
Prior to the introduction of this configuration, grpc keepalive messages were
sent after 2 hours of inactivity on the stream. This posed issues in various
scenarios where the server-side xds connection balancing was unaware that envoy
instances were uncleanly killed / force-closed, since the connections would
only be cleaned up after ~5 minutes of TCP timeouts occurred. Setting this
config to a 30 second interval with a 20 second timeout ensures that at most,
it should take up to 50 seconds for a dead xds connection to be closed.
2023-10-24 08:05:31 -05:00
trujillo-adam a9747dc38c
Docs/ce 470 locality aware (#19071)
* updated nav; renamed L7 traffic folder

* Added locality-aware routing to traffic mgmt overview

* Added route to local upstreams topic

* Updated agent configuration reference

* Added locality param to services conf ref

* Added locality param to conf entries

* mentioned traffic management in proxies overview

* added locality-aware to failover overview

* added docs for service rate limiting

* updated service defaults conf entry

* Apply suggestions from code review

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* updated links and added redirects

---------

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-10-06 12:48:05 -07:00
Ashesh Vidyut 5b3ab2eaed
Fix docs for log file name changes (#18913)
* fix docs

* Update website/content/docs/agent/config/cli-flags.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/agent/config/cli-flags.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/agent/config/cli-flags.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-09-22 19:22:35 +05:30
Blake Covarrubias 17901acd4f
docs: Fix typo in description for server_addresses (#18838)
Change 'If not port' to 'If no port'.

Resolves #18553
2023-09-18 17:14:41 +00:00
trujillo-adam a17f4a0b89
Reformat proxy docs refresh (#18623)
* first commit; reformat PD conf entry

* updated proxies overview page

* added Deploy SM proxy usage and removed reg index

* moved sidecar proxy usage to main proxy folder

* recast sidecar reg page as Deploy sidecar services

* fix typos

* recast SM reg as conf reference- set the sidebar

* add redirects

* fix links

* add PD conf entry usage to appropro pages

* edits to proxy conf ref

* fix links on index page

* example command to write PD conf entry

* updated links to old SM proxy reg page

* updated links to sidecar service reg page

* tryna fix front matter issues

* Apply suggestions from code review

Co-authored-by: Ronald  <roncodingenthusiast@users.noreply.github.com>

* added paragraph about SM proxies to overivew

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Ronald <roncodingenthusiast@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-09-06 16:55:18 -07:00
Tu Nguyen 5af4bbb451
Fix broken links caught in weekly report (#18522)
* fix broken link caught in weekly report

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-08-18 18:54:42 +00:00
Dan Bond b8acd78bfd
docs: specify manual server metadata intervention (#18477) 2023-08-16 08:45:44 -07:00
cui fliter 18a5edd232
docs: Fix some comments (#17118)
Signed-off-by: cui fliter <imcusg@gmail.com>
2023-07-31 10:56:09 -07:00
David Yu e52ea0ee7a
Change docs to say 168h instead of 7d for server_rejoin_age_max (#18154)
### Description

Addresses
https://github.com/hashicorp/consul/pull/17171#issuecomment-1636930705
2023-07-17 16:53:36 +00:00
Fulvio f4b08040fd
Add verify server hostname to tls default (#17155) 2023-07-10 10:34:41 -05:00
Gerard Nguyen 6bc222244f
docs: update config enable_debug (#17866)
* update doc for config enable_debug

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-27 02:19:07 +00:00
Tu Nguyen 862e78f063
Add new Consul 1.16 docs (#17651)
* Merge pull request #5773 from hashicorp/docs/rate-limiting-from-ip-addresses-1.16

updated docs for rate limiting for IP addresses - 1.16

* Merge pull request #5609 from hashicorp/docs/enterprise-utilization-reporting

Add docs for enterprise utilization reporting

* Merge pull request #5734 from hashicorp/docs/envoy-ext-1.16

Docs/envoy ext 1.16

* Merge pull request #5773 from hashicorp/docs/rate-limiting-from-ip-addresses-1.16

updated docs for rate limiting for IP addresses - 1.16

* Merge pull request #5609 from hashicorp/docs/enterprise-utilization-reporting

Add docs for enterprise utilization reporting

* Merge pull request #5734 from hashicorp/docs/envoy-ext-1.16

Docs/envoy ext 1.16

* fix build errors

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-12 10:30:04 -07:00
cskh dd71bb80d6
docs: clarify the behavior of prepending hostname to metrics (#17521)
* docs: clarify the behavior of prepending hostname to metrics

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

---------

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2023-06-05 23:47:26 +00:00
Nick Ethier 44f90132e0
hoststats: add package for collecting host statistics including cpu memory and disk usage (#17038) 2023-05-30 18:43:29 +00:00
John Murret 127eba6d61
docs: update the defaults for request limits (#17437) 2023-05-25 15:00:21 +00:00
Dan Bond 95f462d5f1
agent: prevent very old servers re-joining a cluster with stale data (#17171)
* agent: configure server lastseen timestamp

Signed-off-by: Dan Bond <danbond@protonmail.com>

* use correct config

Signed-off-by: Dan Bond <danbond@protonmail.com>

* add comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* use default age in test golden data

Signed-off-by: Dan Bond <danbond@protonmail.com>

* add changelog

Signed-off-by: Dan Bond <danbond@protonmail.com>

* fix runtime test

Signed-off-by: Dan Bond <danbond@protonmail.com>

* agent: add server_metadata

Signed-off-by: Dan Bond <danbond@protonmail.com>

* update comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* correctly check if metadata file does not exist

Signed-off-by: Dan Bond <danbond@protonmail.com>

* follow instructions for adding new config

Signed-off-by: Dan Bond <danbond@protonmail.com>

* add comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* update comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* Update agent/agent.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* agent/config: add validation for duration with min

Signed-off-by: Dan Bond <danbond@protonmail.com>

* docs: add new server_rejoin_age_max config definition

Signed-off-by: Dan Bond <danbond@protonmail.com>

* agent: add unit test for checking server last seen

Signed-off-by: Dan Bond <danbond@protonmail.com>

* agent: log continually for 60s before erroring

Signed-off-by: Dan Bond <danbond@protonmail.com>

* pr comments

Signed-off-by: Dan Bond <danbond@protonmail.com>

* remove unneeded todo

* agent: fix error message

Signed-off-by: Dan Bond <danbond@protonmail.com>

---------

Signed-off-by: Dan Bond <danbond@protonmail.com>
Co-authored-by: Dan Upton <daniel@floppy.co>
2023-05-15 04:05:47 -07:00
Jeremy Jacobson f334fccb4f
[release/1.15.3] Add cloud stanza documentation (#17311)
* [CC-4856] Add cloud stanza documentation

* Add environment variables to cloud descriptions
2023-05-15 12:52:57 +02:00
Jared Kirschner 166d7a39e8
docs: consistently name Consul service mesh (#17222)
Remove outdated usage of "Consul Connect" instead of Consul service mesh.

The connect subsystem in Consul provides Consul's service mesh capabilities.
However, the term "Consul Connect" should not be used as an alternative to
the name "Consul service mesh".
2023-05-05 13:41:40 -04:00
Hariram Sankaran 71c32b4607
Fix typo on cli-flags.mdx (#16843)
Change "segements" to segments
2023-04-03 10:28:18 -07:00
Eddie Rowe ce6e278d9b
Fix broken links in Consul docs (#16640)
* Fix broken links in Consul docs

* more broken link fixes

* more 404 fixes

* 404 fixes

* broken link fix

---------

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2023-03-24 19:35:34 +00:00
trujillo-adam 23e247d765
Docs/services refactor docs day 122022 (#16103)
* converted main services page to services overview page

* set up services usage dirs

* added Define Services usage page

* converted health checks everything page to Define Health Checks usage page

* added Register Services and Nodes usage page

* converted Query with DNS to Discover Services and Nodes Overview page

* added Configure DNS Behavior usage page

* added Enable Static DNS Lookups usage page

* added the Enable Dynamic Queries DNS Queries usage page

* added the Configuration dir and overview page - may not need the overview, tho

* fixed the nav from previous commit

* added the Services Configuration Reference page

* added Health Checks Configuration Reference page

* updated service defaults configuraiton entry to new configuration ref format

* fixed some bad links found by checker

* more bad links found by checker

* another bad link found by checker

* converted main services page to services overview page

* set up services usage dirs

* added Define Services usage page

* converted health checks everything page to Define Health Checks usage page

* added Register Services and Nodes usage page

* converted Query with DNS to Discover Services and Nodes Overview page

* added Configure DNS Behavior usage page

* added Enable Static DNS Lookups usage page

* added the Enable Dynamic Queries DNS Queries usage page

* added the Configuration dir and overview page - may not need the overview, tho

* fixed the nav from previous commit

* added the Services Configuration Reference page

* added Health Checks Configuration Reference page

* updated service defaults configuraiton entry to new configuration ref format

* fixed some bad links found by checker

* more bad links found by checker

* another bad link found by checker

* fixed cross-links between new topics

* updated links to the new services pages

* fixed bad links in scale file

* tweaks to titles and phrasing

* fixed typo in checks.mdx

* started updating the conf ref to latest template

* update SD conf ref to match latest CT standard

* Apply suggestions from code review

Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com>

* remove previous version of the checks page

* fixed cross-links

* Apply suggestions from code review

Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com>

---------

Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com>
2023-02-28 14:09:56 -08:00
Tu Nguyen ec4a2e18b5
Refactor and move wal docs (#16387)
* Add WAL documentation. Also fix some minor metrics registration details

* Add tests to verify metrics are registered correctly

* refactor and move wal docs

* Updates to the WAL overview page

* updates to enable WAL usage topic

* updates to the monitoring WAL backend topic

* updates for revert WAL topic

* a few tweaks to overview and udpated metadescriptions

* Apply suggestions from code review

Co-authored-by: Paul Banks <pbanks@hashicorp.com>

* make revert docs consistent with enable

* Apply suggestions from code review

Co-authored-by: Paul Banks <pbanks@hashicorp.com>

* address feedback

* address final feedback

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Paul Banks <pbanks@hashicorp.com>
Co-authored-by: trujillo-adam <ajosetru@gmail.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-02-26 19:21:35 -08:00
trujillo-adam 340b562353
Docs/rate limiting 1.15 (#16345)
* Added rate limit section to agent overview, updated headings per style guide

* added GTRL section and overview

* added usage docs for rate limiting 1.15

* added file for initializing rate limits

* added steps for initializing rate limits

* updated descriptions for rate_limits in agent conf

* updated rate limiter-related metrics

* tweaks to agent index

* Apply suggestions from code review

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Co-authored-by: Krastin Krastev <krastin@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Krastin Krastev <krastin@hashicorp.com>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
Co-authored-by: Krastin Krastev <krastin@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2023-02-22 13:02:51 -08:00
Ashlee M Boyer 6e425f7428
docs: Migrate link formats (#15976)
* Adding check-legacy-links-format workflow

* Adding test-link-rewrites workflow

* Updating docs-content-check-legacy-links-format hash

* Migrating links to new format

Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com>
2023-01-25 08:52:43 -08:00
Jared Kirschner 0611726bea
docs: clarify reloadable config option usage (#15957) 2023-01-20 18:42:30 -05:00
Paul Glass f5231b9157
Add new config_file_service_registration token (#15828) 2023-01-10 10:24:02 -06:00
Tu Nguyen 4bbfad8dca
Update links to new get started tutorials (#15154) 2023-01-04 09:58:08 -08:00
trujillo-adam f3f9e54b0d
Docs/network segments tutorial docs conversion (#15829)
* added a NS folder and refactored main page into the overview page

* added NS usage page to NS folder

* updated links to NS docs

* updated nav

* addressed feedback from review
2022-12-19 15:35:05 -08:00
Paul Glass 619032cfcd
Deprecate -join and -join-wan (#15598) 2022-12-14 20:28:25 +00:00
John Murret e027c94b52
adding config for request_limits (#15531)
* server: add placeholder glue for rate limit handler

This commit adds a no-op implementation of the rate-limit handler and
adds it to the `consul.Server` struct and setup code.

This allows us to start working on the net/rpc and gRPC interceptors and
config logic.

* Add handler errors

* Set the global read and write limits

* fixing multilimiter moving packages

* Fix typo

* Simplify globalLimit usage

* add multilimiter and tests

* exporting LimitedEntity

* Apply suggestions from code review

Co-authored-by: John Murret <john.murret@hashicorp.com>

* add config update and rename config params

* add doc string and split config

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* use timer to avoid go routine leak and change the interface

* add comments to tests

* fix failing test

* add prefix with config edge, refactor tests

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* refactor to apply configs for limiters under a prefix

* add fuzz tests and fix bugs found. Refactor reconcile loop to have a simpler logic

* make KeyType an exported type

* split the config and limiter trees to fix race conditions in config update

* rename variables

* fix race in test and remove dead code

* fix reconcile loop to not create a timer on each loop

* add extra benchmark tests and fix tests

* fix benchmark test to pass value to func

* server: add placeholder glue for rate limit handler

This commit adds a no-op implementation of the rate-limit handler and
adds it to the `consul.Server` struct and setup code.

This allows us to start working on the net/rpc and gRPC interceptors and
config logic.

* Set the global read and write limits

* fixing multilimiter moving packages

* add server configuration for global rate limiting.

* remove agent test

* remove added stuff from handler

* remove added stuff from multilimiter

* removing unnecessary TODOs

* Removing TODO comment from handler

* adding in defaulting to infinite

* add disabled status in there

* adding in documentation for disabled mode.

* make disabled the default.

* Add mock and agent test

* addig documentation and missing mock file.

* Fixing test TestLoad_IntegrationWithFlags

* updating docs based on PR feedback.

* Updating Request Limits mode to use int based on PR feedback.

* Adding RequestLimits struct so we have a nested struct in ReloadableConfig.

* fixing linting references

* Update agent/consul/rate/handler.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* Update agent/consul/config.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* removing the ignore of the request limits in JSON.  addingbuilder logic to convert any read rate or write rate less than 0 to rate.Inf

* added conversion function to convert request limits object to handler config.

* Updating docs to reflect gRPC and RPC are rate limit and as a result, HTTP requests are as well.

* Updating values for TestLoad_FullConfig() so that they were different and discernable.

* Updating TestRuntimeConfig_Sanitize

* Fixing TestLoad_IntegrationWithFlags test

* putting nil check in place

* fixing rebase

* removing change for missing error checks.  will put in another PR

* Rebasing after default multilimiter config change

* resolving rebase issues

* updating reference for incomingRPCLimiter to use interface

* updating interface

* Updating interfaces

* Fixing mock reference

Co-authored-by: Daniel Upton <daniel@floppy.co>
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-12-13 13:09:55 -07:00
Eric Haberkorn 4268c1c25c
Remove the `connect.enable_serverless_plugin` agent configuration option (#15710) 2022-12-08 14:46:42 -05:00
Paul Glass 707ca06d79
docs: Fix go-sockaddr links (#15723) 2022-12-08 10:32:37 -06:00
Jared Kirschner d3dede5f8b
docs: add retry_max agent config option (#15487) 2022-11-21 16:16:56 -05:00
Jared Kirschner 124e717d2d
docs: clarify TLS cipher suite config (#15203) 2022-11-19 08:53:27 -05:00
Jared Kirschner f80f9a60b2
docs: clarify -retry-max (#15477) 2022-11-18 18:51:28 -05:00
Derek Menteer 5853710829
Include addresses.grpc_tls in upgrade docs. (#15408) 2022-11-16 14:10:29 -06:00
Kyle Havlovitz f4c3e54b11
auto-config: relax node name validation for JWT authorization (#15370)
* auto-config: relax node name validation for JWT authorization

This changes the JWT authorization logic to allow all non-whitespace,
non-quote characters when validating node names. Consul had previously
allowed these characters in node names, until this validation was added
to fix a security vulnerability with whitespace/quotes being passed to
the `bexpr` library. This unintentionally broke node names with
characters like `.` which aren't related to this vulnerability.

* Update website/content/docs/agent/config/cli-flags.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-14 18:24:40 -06:00
Derek Menteer 931cec42b3
Prevent serving TLS via ports.grpc (#15339)
Prevent serving TLS via ports.grpc

We remove the ability to run the ports.grpc in TLS mode to avoid
confusion and to simplify configuration. This breaking change
ensures that any user currently using ports.grpc in an encrypted
mode will receive an error message indicating that ports.grpc_tls
must be explicitly used.

The suggested action for these users is to simply swap their ports.grpc
to ports.grpc_tls in the configuration file. If both ports are defined,
or if the user has not configured TLS for grpc, then the error message
will not be printed.
2022-11-11 14:29:22 -06:00
malizz b9a9e1219c
update config defaults, add docs (#15302)
* update config defaults, add docs

* update grpc tls port for non-default values

* add changelog

* Update website/content/docs/upgrading/upgrade-specific.mdx

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>

* update logic for setting grpc tls port value

* move default config to default.go, update changelog

* update docs

* Fix config tests.

* Fix linter error.

* Fix ConnectCA tests.

* Cleanup markdown on upgrade notes.

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
Co-authored-by: Derek Menteer <derek.menteer@hashicorp.com>
2022-11-09 09:29:55 -08:00
Jared Kirschner f59483bc9e docs: fix api docs anchor links 2022-10-18 12:53:53 -07:00
Chris S. Kim 29a297d3e9
Refactor client RPC timeouts (#14965)
Fix an issue where rpc_hold_timeout was being used as the timeout for non-blocking queries. Users should be able to tune read timeouts without fiddling with rpc_hold_timeout. A new configuration `rpc_read_timeout` is created.

Refactor some implementation from the original PR 11500 to remove the misleading linkage between RPCInfo's timeout (used to retry in case of certain modes of failures) and the client RPC timeouts.
2022-10-18 15:05:09 -04:00
Dan Upton 328e3ff563
proxycfg: rate-limit delivery of config snapshots (#14960)
Adds a user-configurable rate limiter to proxycfg snapshot delivery,
with a default limit of 250 updates per second.

This addresses a problem observed in our load testing of Consul
Dataplane where updating a "global" resource such as a wildcard
intention or the proxy-defaults config entry could starve the Raft or
Memberlist goroutines of CPU time, causing general cluster instability.
2022-10-14 15:52:00 +01:00
Stuart e2a6028e8e
Fixed broken links referring to tutorials running as local agent (#14954) 2022-10-11 13:01:29 -07:00
Luke Kysow 4638753168
Make defaulting behaviour of connect.enabled clear (#14768) 2022-09-27 13:04:59 -07:00
Jared Kirschner 37d2d41e65 docs: address review feedback 2022-09-20 14:43:17 -07:00