Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
 
 
 
 
 
 
Go to file
R.B. Boyer 0fa828db76
peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612)
When traversing an exported peered service, the discovery chain
evaluation at the other side may re-route the request to a variety of
endpoints. Furthermore we intend to terminate mTLS at the mesh gateway
for arriving peered traffic that is http-like (L7), so the caller needs
to know the mesh gateway's SpiffeID in that case as well.

The following new SpiffeID values will be shipped back in the peerstream
replication:

- tcp: all possible SpiffeIDs resulting from the service-resolver
        component of the exported discovery chain

- http-like: the SpiffeID of the mesh gateway
2022-06-27 14:37:18 -05:00
.changelog Merge pull request #13481 from hashicorp/envoy-prometheus-tls 2022-06-24 15:36:40 -07:00
.circleci Remove trigger-oss-merge job (#13600) 2022-06-24 13:45:30 -07:00
.github [CI-only] Dev tag update for main (#13541) 2022-06-24 13:45:57 -07:00
.release [CI-only] Support UBI images (#13232) 2022-05-26 09:49:47 -07:00
acl Move ACLResolveResult into acl/resolver package (#13467) 2022-06-17 10:24:43 +01:00
agent peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
api Add leader routine to clean up peerings 2022-06-14 15:36:50 -06:00
bench Gets benchmarks running again and does a rough pass for 0.7.1. 2016-11-29 13:02:26 -08:00
build-support Minor cleanup for build-date script 2022-06-09 17:07:41 -07:00
command command: Add TLS support for envoy prometheus endpoint 2022-06-16 17:53:05 -07:00
connect Fix race during proxy closing (#13283) 2022-05-27 16:52:03 -04:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
docs docs: instructions for interacting with the private gRPC server locally 2022-06-15 18:26:58 +01:00
grafana add readme outlining how to edit and publish 2021-01-12 14:47:11 -08:00
internal internal: port RPC glue changes from Enterprise (#13034) 2022-05-11 15:03:07 -07:00
ipaddr Ensure Consul is IPv6 compliant (#5468) 2019-06-04 10:02:38 -04:00
lib peering: replicate all SpiffeID values necessary for the importing side to do SAN validation (#13612) 2022-06-27 14:37:18 -05:00
logging Add support for merge-central-config query param (#13001) 2022-05-25 13:20:17 -07:00
proto xds: mesh gateways now have their own leaf certificate when involved in a peering (#13460) 2022-06-15 14:36:18 -05:00
proto-public Specify go_package explicitly 2022-05-24 10:22:53 -07:00
sdk add general runstep test helper instead of copying it all over the place (#13013) 2022-05-10 15:25:51 -05:00
sentinel re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
service_os re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
snapshot Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311) 2022-02-14 09:45:45 -08:00
test tests: ensure integration tests show logs from the containers to help debugging (#13593) 2022-06-24 10:26:17 -05:00
testrpc peering: initial sync (#12842) 2022-04-21 17:34:40 -05:00
tlsutil Update go version to 1.18.1 2022-04-18 11:41:10 -04:00
tools/private-grpc-proxy docs: instructions for interacting with the private gRPC server locally 2022-06-15 18:26:58 +01:00
types agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
ui ui: feature-flagged peering mvp (#13425) 2022-06-23 14:16:26 +01:00
version [CI-only] Dev tag update for main (#13541) 2022-06-24 13:45:57 -07:00
website Merge pull request #13611 from hashicorp/prometheus-tls-docs 2022-06-27 09:51:06 -07:00
.dockerignore Update the scripting 2018-06-14 21:42:47 -04:00
.gitignore changelog: snapshot-agent acl token fix for CLI and ENV 2022-04-25 16:46:55 -04:00
.golangci.yml Fix proto lint errors after version bump 2022-05-24 18:44:54 -07:00
CHANGELOG.md Add changelog for 1.13.0-alpha2 2022-06-21 15:07:13 -07:00
Dockerfile [CI-only] Support UBI images (#13232) 2022-05-26 09:49:47 -07:00
GNUmakefile tests: ensure integration tests show logs from the containers to help debugging (#13593) 2022-06-24 10:26:17 -05:00
LICENSE Initial commit 2013-11-04 14:15:27 -08:00
NOTICE.md add copyright notice file 2018-07-09 10:58:26 -07:00
README.md Adjust README header to work in light and dark modes 2022-02-07 16:46:46 -08:00
Vagrantfile Adds a basic Linux Vagrant setup, stolen from Nomad. 2017-10-06 08:10:12 -07:00
fixup_acl_move.sh Fixup script 2 2022-04-05 14:52:43 -07:00
go.mod Update go-grpc/grpc to resolve conection memory leak 2022-06-08 11:29:29 +01:00
go.sum Update go-grpc/grpc to resolve conection memory leak 2022-06-08 11:29:29 +01:00
main.go Refactor some functions for better enterprise use (#13280) 2022-05-30 09:46:55 -04:00

README.md

Consul logo Consul

Docker Pulls Go Report Card

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh/Service Segmentation - Consul Connect enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections without being aware of Connect at all.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website:

https://www.consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.