Commit Graph

57 Commits (f4c3e54b113c8c3dc66b57b1a330a3343c222079)

Author SHA1 Message Date
Derek Menteer 931cec42b3
Prevent serving TLS via ports.grpc (#15339)
Prevent serving TLS via ports.grpc

We remove the ability to run the ports.grpc in TLS mode to avoid
confusion and to simplify configuration. This breaking change
ensures that any user currently using ports.grpc in an encrypted
mode will receive an error message indicating that ports.grpc_tls
must be explicitly used.

The suggested action for these users is to simply swap their ports.grpc
to ports.grpc_tls in the configuration file. If both ports are defined,
or if the user has not configured TLS for grpc, then the error message
will not be printed.
2022-11-11 14:29:22 -06:00
Derek Menteer d981fb8d14
Add peering incompatibility warning to upgrade docs. (#15319) 2022-11-10 09:32:31 -06:00
malizz b9a9e1219c
update config defaults, add docs (#15302)
* update config defaults, add docs

* update grpc tls port for non-default values

* add changelog

* Update website/content/docs/upgrading/upgrade-specific.mdx

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>

* Update website/content/docs/agent/config/config-files.mdx

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>

* update logic for setting grpc tls port value

* move default config to default.go, update changelog

* update docs

* Fix config tests.

* Fix linter error.

* Fix ConnectCA tests.

* Cleanup markdown on upgrade notes.

Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
Co-authored-by: Derek Menteer <derek.menteer@hashicorp.com>
2022-11-09 09:29:55 -08:00
Jared Kirschner 1296ce8c4d
Merge pull request #15141 from hashicorp/docs/upgrade-vault-ca-provider-policy-guidance
docs: update Vault CA provider policy guidance
2022-10-24 17:34:43 -04:00
Jared Kirschner 1ac7988541 docs: update Vault CA provider policy guidance 2022-10-24 14:16:51 -07:00
Jared Kirschner 61b60a79e1
Merge pull request #15028 from hashicorp/docs/auto-cert-1-13-2
Update upgrade docs for 1.13.2.
2022-10-24 11:39:29 -04:00
Freddy 94ff34bbe4
Update website/content/docs/upgrading/upgrade-specific.mdx 2022-10-22 15:49:57 -06:00
Freddy 415e4a5012
Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-21 18:12:25 -06:00
Freddy d47006d27e
Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-21 18:12:13 -06:00
freddygv 50709e60d4 Relax start version requirement 2022-10-21 15:27:39 -06:00
Freddy 21c6edcdc7
Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-21 15:15:35 -06:00
Freddy 5944c28dd6
Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-21 15:15:29 -06:00
Freddy 8c6a8f0b28
Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-10-21 15:15:22 -06:00
Jared Kirschner cc843c4be8
Merge pull request #14813 from hashicorp/docs/1-10-upgrade-compatibility-clarification
docs: clarify 1.10 upgrade compatibility
2022-10-21 16:57:23 -04:00
Jared Kirschner db413fcdb8 docs: clarify 1.10 upgrade compatibility 2022-10-21 10:04:52 -07:00
Jared Kirschner f59483bc9e docs: fix api docs anchor links 2022-10-18 12:53:53 -07:00
freddygv ef2127ec51 Fixup links 2022-10-18 10:12:45 -06:00
freddygv 0d4b11c01b Update upgrade docs for 1.13.2.
In 1.13.2 we added a new flag called use_auto_cert to address issues
previously documented in the upgrade guide. Originally there was no way
to disable TLS for gRPC when auto-encrypt was in use, because TLS was
enabled for gRPC due to the presence of auto-encrypt certs.

As of 1.13.2, using auto-encrypt certs as the signal to enable TLS for
gRPC is opt-in only. Meaning that if anyone who had upgraded to 1.13
relied on that side-effect, they now need to explicitly configure it.
2022-10-18 09:43:32 -06:00
Bryce Kalow 6a09b284c9
website: fix broken links (#14943) 2022-10-11 09:58:52 -05:00
Jared Kirschner 2603c0da52 docs: vault ca provider patch upgrade guidance 2022-10-06 16:04:43 -07:00
Bryce Kalow 85c1a33c42
website: content updates for developer (#14419)
Co-authored-by: Ashlee Boyer <ashlee.boyer@hashicorp.com>
Co-authored-by: Ashlee M Boyer <43934258+ashleemboyer@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: HashiBot <62622282+hashibot-web@users.noreply.github.com>
Co-authored-by: Kevin Wang <kwangsan@gmail.com>
2022-09-14 17:45:42 -05:00
Derek Menteer 2721fc9a6e
Improve grpc_tls wording in docs. (#14608)
Improve grpc_tls wording in docs.

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-09-14 15:25:39 -05:00
Derek Menteer ce99ccd390 Add documentation and changelog entry. 2022-08-29 13:43:49 -05:00
Jared Kirschner c201254ae9 docs: add 1.13 upgrade considerations
Adds guidance when upgrading a Consul service mesh deployment to 1.13 and:
- using auto-encrypt or auto-config; or
- the HTTPS port is not enabled on Consul agents
2022-08-18 15:13:21 -07:00
Tu Nguyen 10ee4d42fc Update with more details on 1.13.0 issue 2022-08-11 14:43:27 -07:00
Tu Nguyen 39ec6e4c2b
Apply suggestions from code review
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
2022-08-11 14:40:28 -07:00
Tu Nguyen 605e5052e1 Add upgrade instructions and considerations for Consul 1.13.1 2022-08-11 11:17:17 -07:00
Mike Nomitch 807898a3c2 Updates upgrade docs to clarify Nomad bug is fixed 2022-08-09 15:15:26 -04:00
R.B. Boyer bb4d4040fb
server: ensure peer replication can successfully use TLS over external gRPC (#13733)
Ensure that the peer stream replication rpc can successfully be used with TLS activated.

Also:

- If key material is configured for the gRPC port but HTTPS is not
  enabled now TLS will still be activated for the gRPC port.

- peerstream replication stream opened by the establishing-side will now
  ignore grpc.WithBlock so that TLS errors will bubble up instead of
  being awkwardly delayed or suppressed
2022-07-15 13:15:50 -05:00
alex 07bc22e405
no 1.9 style metrics (#13532)
Signed-off-by: acpana <8968914+acpana@users.noreply.github.com>
2022-06-29 09:46:37 -07:00
Michael Schurter 9acce31237
docs: specify 1.12.0+ent incompat with nomad (#12883)
Due to build changes in Consul 1.12.0 the `+ent` modifier is missing
from the version reported by `/v1/agent/self`.

Nomad looks for the `ent` modifier when determining whether to reconcile
services in non-default namespaces. Without the modifier Nomad will only
end up removing services from the default Consul namespace.
2022-05-16 18:41:13 -04:00
Dan Upton 1bac1544d0
docs: add section to 1.12 upgrade notes about new TLS config style (#12880) 2022-05-11 10:28:52 +01:00
Natalie Smith 0a51e145c1 docs: simplify agent docs slugs 2022-04-11 17:38:47 -07:00
Natalie Smith ddae7d18a2 docs: fix external links to agent config pages 2022-04-11 17:38:11 -07:00
FFMMM 973d2d0f9a
mark disable_compat_1.9 to deprecate in 1.13, change default to true (#12675)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2022-04-01 10:35:56 -07:00
Bryce Kalow 6bf67b7ef4
website: redirect /api to /api-docs (#12660) 2022-03-30 16:16:26 -05:00
mrspanishviking 7180c99960
Revert "[Docs] Agent configuration hierarchy " 2022-03-15 16:13:58 -07:00
trujillo-adam 76d55ac2b4 merging new hierarchy for agent configuration 2022-03-14 15:44:41 -07:00
Blake Covarrubias 59394e4aa2 docs: Avoid redirects by pointing links to new URLs
Avoid HTTP redirects for internal site links by updating old URLs to
point to the new location for the target content.
2022-01-20 08:52:51 -08:00
Matt Keeler 068f708fd9
Updating the docs to point out that 1.10.7 should be used instead of 1.10.6 (#12086) 2022-01-14 12:03:20 -05:00
Matt Keeler 7b5d52257e
Document Consul enterprise 1.10.0-1.10.4 forwards incompatibility with 1.11 (#11978)
Also fixed a broken link in the 1.10.x upgrade instructions.

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2022-01-10 17:18:40 -05:00
R.B. Boyer 04d7efd61c Update website/content/docs/upgrading/upgrade-specific.mdx
Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
2021-12-14 16:22:00 -06:00
R.B. Boyer 4c657cdfda deprecate another endpoint 2021-12-14 16:22:00 -06:00
R.B. Boyer 96390f6cee also update for dns_prefer_namespace deprecation 2021-12-14 16:22:00 -06:00
R.B. Boyer 40a54b7e98 docs: version specific upgrade content for 1.11.0 2021-12-14 16:22:00 -06:00
Evan Culver 61be9371f5
connect: Remove support for Envoy 1.16 (#11354) 2021-10-27 18:51:35 -07:00
Blake Covarrubias 99b1d8ed8c docs: Update code blocks across website
* Use CodeTabs for examples in multiple formats.
* Ensure correct language on code fences.
* Use CodeBlockConfig for examples with filenames, or which need
highlighted content.
2021-08-11 13:20:03 -07:00
Daniel Nephin 4d741531b4 Update references to the main branch
The main branch is being renamed from master->main. This commit should
update all references to the main branch to the new name.

Co-Authored-By: Mike Morris <mikemorris@users.noreply.github.com>
2021-06-29 17:17:38 -04:00
Nitya Dhanushkodi b72ad40286
docs: upgrading to tproxy (/docs/upgrades/upgrade-specific) (#10416)
* docs: update tproxy docs
Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
Co-authored-by: Iryna Shustava <ishustava@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2021-06-22 16:41:08 -07:00
Matt Keeler 76857dd682
Update 1.10 enterprise upgrade docs. (#10446)
Co-authored-by: Paul Banks <banks@banksco.de>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
2021-06-22 14:39:11 -04:00