Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

api-gateway consul ecs kubernetes service-discovery service-mesh vault

Go to file

hc-github-team-consul-core d335aa371e Backport of state: ensure that identical manual virtual IP updates result in not bumping the modify indexes into release/1.20.x (#21969 ) The consul-k8s endpoints controller issues catalog register and manual virtual ip updates without first checking to see if the updates would be effectively not changing anything. This is supposed to be reasonable because the state store functions do the check for a no-op update and should discard repeat updates so that downstream blocking queries watching one of the resources don't fire pointlessly (and CPU wastefully). While this is true for the check/service/node catalog updates, it is not true for the "manual virtual ip" updates triggered by the PUT /v1/internal/service-virtual-ip. Forcing the connect injector pod to recycle while watching some lightly modified FSM code can show that a lot of updates are of the update list of ips from [A] to [A]. Immediately following this stray update you can see a lot of activity in proxycfg and xds packages waking up due to blocking queries triggered by this. This PR skips updates that change nothing both: - at the RPC layer before passing it to raft (ideally) - if the write does make it through raft and get applied to the FSM (failsafe)		2024-11-25 10:18:22 -06:00
.changelog	Backport of state: ensure that identical manual virtual IP updates result in not bumping the modify indexes into release/1.20.x (#21969 )	2024-11-25 10:18:22 -06:00
.github	Backport of Post-release updates for 1.20.0 into release/1.20.x (#21830 )	2024-10-15 16:16:49 +00:00
.release	Backport of Add alpine image cves to suppress list into release/1.20.x (#21970 )	2024-11-22 12:04:37 -06:00
acl	remove v2 tenancy, catalog, and mesh (#21592 )	2024-09-05 08:50:46 -06:00
agent	Backport of state: ensure that identical manual virtual IP updates result in not bumping the modify indexes into release/1.20.x (#21969 )	2024-11-25 10:18:22 -06:00
api	Backport of chore: retain retracted api submodule version into release/1.20.x (#21865 )	2024-10-28 11:03:39 -06:00
bench	Gets benchmarks running again and does a rough pass for 0.7.1.	2016-11-29 13:02:26 -08:00
build-support	Backport of fix spacing of bash scripts into release/1.20.x (#21769 )	2024-09-23 17:51:17 +00:00
command	Backport of [NET-1151 NET-11228] security: Add request normalization and header match options to prevent L7 intentions bypass into release/1.20.x (#21839 )	2024-10-16 16:44:28 +00:00
connect	Retry lint fixes (#19151 )	2023-12-06 12:11:32 -05:00
docs	remove v2 tenancy, catalog, and mesh (#21592 )	2024-09-05 08:50:46 -06:00
envoyextensions	Backport of Update ENVOY_VERSIONS into release/1.20.x (#21822 )	2024-10-25 16:41:27 +00:00
grafana	Backport of Added grafana dashboards into release/1.20.x (#21811 )	2024-10-09 14:08:03 -04:00
grpcmocks/proto-public	v2tenancy: add optional LicenseFeature to type Registration struct (#20673 )	2024-02-20 14:42:31 -06:00
internal	Backport of NET-11737 - sec vulnerability - remediate ability to use bexpr to filter results without ACL read on endpoint into release/1.20.x (#21962 )	2024-11-21 08:45:37 -07:00
ipaddr	[COMPLIANCE] License changes (#18443 )	2023-08-11 09:12:13 -04:00
lib	Backport of state: ensure that identical manual virtual IP updates result in not bumping the modify indexes into release/1.20.x (#21969 )	2024-11-25 10:18:22 -06:00
logging	Trigger the V1 Compat exported-services Controller when V1 Config Entries are Updated (#20456 )	2024-02-02 15:30:04 -05:00
proto	Backport of [NET-1151 NET-11228] security: Add request normalization and header match options to prevent L7 intentions bypass into release/1.20.x (#21839 )	2024-10-16 16:44:28 +00:00
proto-public	remove v2 tenancy, catalog, and mesh (#21592 )	2024-09-05 08:50:46 -06:00
sdk	[NET-8601] security: upgrade vault/api to remove go-jose.v2 (#20910 )	2024-05-04 00:18:51 +00:00
sentinel	Remove old build tags (#19128 )	2023-10-10 10:58:06 -04:00
service_os	Remove old build tags (#19128 )	2023-10-10 10:58:06 -04:00
snapshot	[COMPLIANCE] License changes (#18443 )	2023-08-11 09:12:13 -04:00
test	Backport of [NET-1151 NET-11228] security: Add request normalization and header match options to prevent L7 intentions bypass into release/1.20.x (#21839 )	2024-10-16 16:44:28 +00:00
test-integ	Hard update all 1.3 dataplane to 1.6 (#21728 )	2024-09-13 11:30:25 -05:00
testing/deployer	Hard update all 1.3 dataplane to 1.6 (#21728 )	2024-09-13 11:30:25 -05:00
testrpc	feat(v2): add consul service and workloads to catalog (#20077 )	2024-01-03 15:14:42 -05:00
tlsutil	[Cloud][CC-6925] Updates to pushing server state (#19682 )	2023-12-04 10:25:18 -05:00
tools/internal-grpc-proxy	[COMPLIANCE] License changes (#18443 )	2023-08-11 09:12:13 -04:00
troubleshoot	update version, changelog, and submodules after 1.19.2, 1.18.4, 1.17.7 and 1.15.14 releases (#21676 )	2024-08-28 09:39:12 -06:00
types	[COMPLIANCE] License changes (#18443 )	2023-08-11 09:12:13 -04:00
ui	Backport of [NET-1151 NET-11228] security: Add request normalization and header match options to prevent L7 intentions bypass into release/1.20.x (#21839 )	2024-10-16 16:44:28 +00:00
version	bump version (#21904 )	2024-10-31 14:57:00 +00:00
website	Backport of Docs/CE-749-remove-references-from-consul into release/1.20.x #21916 (#21917 )	2024-11-05 07:30:12 -08:00
.copywrite.hcl	[DO NOT MERGE UNTIL EOY] update year in LICENSE and copywrite files (#19780 )	2024-01-02 08:41:12 -08:00
.dockerignore	Update the scripting	2018-06-14 21:42:47 -04:00
.gitignore	[CE] Misc cleanup for V2 DNS (#20640 )	2024-02-14 12:40:38 -05:00
.go-version	security: Upgrade Go to 1.22.7 (#21705 )	2024-09-10 15:07:05 -07:00
.golangci.yml	Configure linter to forbid use of html/template (#21307 )	2024-06-11 16:17:12 -04:00
.grpcmocks.yaml	In-Memory gRPC (#19942 )	2024-01-12 11:54:07 -05:00
.pre-commit-config.yaml	unhack: add pre-commit guidelines (#19617 )	2023-11-15 10:57:40 -06:00
CHANGELOG.md	update changelogs (#21897 )	2024-10-30 21:03:28 +00:00
Dockerfile	Backport of Upgrade ubi image to 9.4 into release/1.20.x (#21773 )	2024-09-19 20:40:59 +00:00
Dockerfile-windows	Envoy Integration Test Windows (#18007 )	2023-07-21 20:26:00 +05:30
LICENSE	[DO NOT MERGE UNTIL EOY] update year in LICENSE and copywrite files (#19780 )	2024-01-02 08:41:12 -08:00
Makefile	Hard update all 1.3 dataplane to 1.6 (#21728 )	2024-09-13 11:30:25 -05:00
README.md	Update README.md (#19413 )	2023-10-31 08:45:47 -07:00
buf.work.yaml	[COMPLIANCE] License changes (#18443 )	2023-08-11 09:12:13 -04:00
go.mod	Backport of Update JWT to resolve CVE-2024-51744 into release/1.20.x (#21952 )	2024-11-18 20:42:55 +00:00
go.sum	Backport of Update JWT to resolve CVE-2024-51744 into release/1.20.x (#21952 )	2024-11-18 20:42:55 +00:00
main.go	[COMPLIANCE] License changes (#18443 )	2023-08-11 09:12:13 -04:00
scan.hcl	Backport of ci(security-scanner): add support for Red Hat UBI images and fix typo into release/1.20.x (#21913 )	2024-11-04 20:10:31 +00:00

README.md

Consul

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Website: https://www.consul.io
Tutorials: HashiCorp Learn
Forum: Discuss

Consul provides several key features:

Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.
Service Mesh - Consul Service Mesh enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections with Transparent Proxy.
API Gateway - Consul API Gateway manages access to services within Consul Service Mesh, allow users to define traffic and authorization policies to services deployed within the mesh.
Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.
Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.
Dynamic App Configuration - An HTTP API that allows users to store indexed objects within Consul, for storing configuration parameters and application metadata.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Standalone binary install: https://learn.hashicorp.com/collections/consul/get-started-vms
Minikube install: https://learn.hashicorp.com/tutorials/consul/kubernetes-minikube
Kind install: https://learn.hashicorp.com/tutorials/consul/kubernetes-kind
Kubernetes install: https://learn.hashicorp.com/tutorials/consul/kubernetes-deployment-guide
Deploy HCP Consul: https://learn.hashicorp.com/tutorials/consul/hcp-gs-deploy

Documentation

Full, comprehensive documentation is available on the Consul website: https://consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.