Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of DNS token doc updates into release/1.17.x #19618

Merged
merged 139 commits into from
Nov 13, 2023
Merged

Backport of DNS token doc updates into release/1.17.x #19618

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
139 commits
Select commit Hold shift + click to select a range
20d1fb8
server: run the api checks against the path without params (#19205)
rboyer Oct 13, 2023
3d1a606
Clone proto into deepcopy correctly (#19204)
thisisnotashwin Oct 13, 2023
9b0f4b7
chore: update version and nightly CI for 1.17 (#19208)
zalimeni Oct 13, 2023
e94d6ce
mesh: add validation hook to proxy configuration (#19186)
ishustava Oct 13, 2023
2ea33e9
mesh: add more validations to Destinations resource (#19202)
ishustava Oct 13, 2023
105ebfd
catalog, mesh: implement missing ACL hooks (#19143)
ishustava Oct 13, 2023
a7fbd00
NET-5073 - ProxyConfiguration: implement various connection options (…
jmurret Oct 14, 2023
3716b69
Relplat 897 copywrite bot workarounds (#19200)
modrake Oct 16, 2023
6c7d075
mesh: add xRoute ACL hook tenancy tests (#19177)
rboyer Oct 16, 2023
ad17769
resource: enforce lowercase v2 resource names (#19218)
analogue Oct 16, 2023
df8ea43
mesh: add DestinationPolicy ACL hook tenancy tests (#19178)
rboyer Oct 16, 2023
6741392
catalog: add FailoverPolicy ACL hook tenancy test (#19179)
rboyer Oct 16, 2023
dcd5930
docs: Multi-port corrections (#19224)
boruszak Oct 16, 2023
b81c862
Add reason why port 53 is not used by default (#19222)
Oct 16, 2023
4c5a46e
v2tenancy: rename v1alpha1 -> v2beta1 (#19227)
analogue Oct 16, 2023
8eb074e
[NET-5944] security: Update Go version to 1.20.10 and `x/net` to 0.17…
zalimeni Oct 16, 2023
9f4f99c
NET-6097 - sidecar proxy controller - give name to first failover pol…
jmurret Oct 17, 2023
a6c990c
Cc 5545: Upgrade HDS packages and modifiers (#19226)
chris-hut Oct 17, 2023
b78465b
[NET-5810] CE changes for multiple virtual hosts (#19246)
jm96441n Oct 17, 2023
61bd08c
Net 4893- Ensure we're testing all the latest versions of Vault/Nomad…
sophie-gairo Oct 17, 2023
9976e08
docs: Fix example control-plane-request-limit HCL and JSON (#19105)
blake Oct 17, 2023
9b719e6
test: add 1.17 nightly integrations test (#19253)
DanStough Oct 17, 2023
51b58cd
fix expose paths (#19257)
ndhanushkodi Oct 17, 2023
c4d6d4d
docs: Multiport HCP constraint update (#19261)
boruszak Oct 17, 2023
16f0a24
docs: Fix multi-port install (#19262)
Oct 17, 2023
f45be22
Prevent circular dependencies between v2 resources and generate a mer…
erichaberkorn Oct 18, 2023
a94c013
build(docker): always publish full and minor version tags for dev ima…
DanStough Oct 18, 2023
d52ee6a
fix nightly integration test: envoy version and n-2 version (#19286)
huikang Oct 18, 2023
5e517c5
[NET-6221] Ensure LB policy set for locality-aware routing (CE) (#19283)
zalimeni Oct 19, 2023
2bd38d8
fix: allow snake case keys for ip based rate limit config entry (#19277)
JadhavPoonam Oct 19, 2023
e5a49bf
reformatted the JSON schema server conf ref (#19288)
trujillo-adam Oct 19, 2023
dfea3a0
acls,catalog,mesh: properly authorize workload selectors on writes (#…
ishustava Oct 19, 2023
ef27bc2
NET-6239: Temporarily disable verify envoy check (#19299)
NiniOak Oct 19, 2023
681aef3
Update supported Envoy versions (#19276)
cthain Oct 19, 2023
def66dd
mesh: provide missing domain to route configurations in ProxyStateTem…
ndhanushkodi Oct 19, 2023
6ffcf28
enable verify envoy script (#19303)
NiniOak Oct 19, 2023
9d00b13
Vault CA bugfixes (#19285)
Oct 20, 2023
b1871fd
Backout Envoy 1.28.0 (#19306)
cthain Oct 20, 2023
1280f45
added ent to ce downgrade changes (#19311)
aahel Oct 20, 2023
b962d91
skip envoy version check in ci (#19315)
NiniOak Oct 20, 2023
d5c9f11
Tenancy Bridge v2 (#19220)
dhiaayachi Oct 20, 2023
27f649c
remove branch name causing conflicts (#19319)
NiniOak Oct 20, 2023
809bf1d
mesh: ensure route configs are named uniquely per port (#19323)
ishustava Oct 20, 2023
46804c0
[NET-5327] Templated policies api/cli docs (#19270)
roncodingenthusiast Oct 23, 2023
fea35e6
More templated policies docs (#19312)
roncodingenthusiast Oct 23, 2023
62dec7e
Fixing docs to add more templated policies references (#19335)
roncodingenthusiast Oct 23, 2023
ee2f046
Upgrade Consul UI to Node 18 (#19252)
chris-hut Oct 23, 2023
96606d1
resource: default peername to local in list endpoints (#19340)
analogue Oct 23, 2023
48c4a5b
Add grpc keepalive configuration. (#19339)
hashi-derek Oct 24, 2023
12ef115
bump raft-wal version to 0.4.1 (#19314)
dhiaayachi Oct 24, 2023
9775758
NET-5397 - wire up destination golden tests from sidecar-proxy contro…
jmurret Oct 24, 2023
9417fc2
gvk partial inference (#19058)
wangxinyi7 Oct 24, 2023
59d4962
NET-6079 - wire up sidecarproxy golden file inputs into xds controlle…
jmurret Oct 24, 2023
abbf858
NET-6080 - xds controller golden file inputs into xds resources - des…
jmurret Oct 24, 2023
dc00be0
NET-6081 - xds controller golden file inputs into xds resources - sou…
jmurret Oct 24, 2023
e414cbe
Use strict DNS for mesh gateways with hostnames (#19268)
Oct 24, 2023
a7803bd
[NET-6305] xds: Ensure v2 route match and protocol are populated for …
zalimeni Oct 25, 2023
6360c74
Add clarification for route match behavior (#19363)
Oct 25, 2023
6d5c01e
Fix 1.17.x release notes and added templated policies (#19370)
roncodingenthusiast Oct 25, 2023
0fefaa6
docs - release notes (add enterprise label and example of non compati…
Oct 26, 2023
b5023b6
feat: read resource namespace (#19320)
JadhavPoonam Oct 26, 2023
0295b95
Net 5875 - Create the Exported Services Resources (#19117)
absolutelightning Oct 26, 2023
1806bcb
test: add missing tests for list endpoint (#19364)
JadhavPoonam Oct 26, 2023
4096c96
Add enterprise label for rate limiting (#19384)
Oct 26, 2023
3b806d4
test deployer: fix a bug when deploying cluster with various ent imag…
huikang Oct 26, 2023
ea91e58
Stop use of templated-policy and templated-policy-file simultaneously…
roncodingenthusiast Oct 26, 2023
5698353
Resource Hook Pre-Decode Utilities (#18548)
mkeeler Oct 26, 2023
0abd96c
resource: resource service now checks for `v2tenancy` feature flag (#…
analogue Oct 27, 2023
01bfa2c
Fix casing in example yaml config (#19369)
nathancoleman Oct 27, 2023
1a6225a
Delete unused files (#19402)
Oct 27, 2023
f0cf8f2
NET-6294 - v1 Agentless proxycfg datasource errors after v2 changes (…
jmurret Oct 27, 2023
3350a91
increasing unit tests timeout from 10m to 30m (#19423)
jmurret Oct 27, 2023
42647de
[NET-6138] security: Bump `google.golang.org/grpc` to 1.56.3 (CVE-202…
zalimeni Oct 30, 2023
e18901b
Update multi-port examples to remove spec.template.metadata.name (#19…
im2nguyen Oct 30, 2023
4b26ed8
integ test: snapshot mesh frozen bug test (#19435)
huikang Oct 30, 2023
7a5d0a6
docs - Update k8s compat matrix (#19378)
Oct 31, 2023
54717e6
Update README.md (#19413)
Oct 31, 2023
97d92ad
Fix typo in kind for JWT config on API Gateway (#19441)
nathancoleman Oct 31, 2023
ca655ca
NET-5186 Add NET_BIND_SERVICE capability to consul-dataplane requirem…
nathancoleman Oct 31, 2023
65605c5
added redirect for conf entries 1.8.x (#19460)
trujillo-adam Nov 1, 2023
413e2a7
Update docs for service splitter example typo (#19469)
jm96441n Nov 1, 2023
815c52a
Regen expired test certs (#19476)
analogue Nov 2, 2023
bb3d5a1
build: ensure we pull through the hashicorp proxy instead of going di…
rboyer Nov 2, 2023
896d8f5
temporarily disallow L7 traffic permissions (#19322)
skpratt Nov 2, 2023
77e9a50
Source / local_app golden tests to include all protocols. (#19436)
jmurret Nov 2, 2023
8f4c437
[NET-5916] Fix locality-aware routing config and tests (CE) (#19483)
hashi-derek Nov 2, 2023
a72f868
testing/deployer: update deployer to use v2 catalog constructs when r…
rboyer Nov 2, 2023
aaac20f
resource: misc finalizer apis (#19474)
analogue Nov 2, 2023
4b85aa5
testing/deployer: support tproxy in v2 for dataplane (#19094)
rboyer Nov 2, 2023
2bc0bc3
update v2 changelog (#19446)
ndhanushkodi Nov 2, 2023
d94d316
NET-6319 - L7 routes have statePrefix of upstream. and should have a …
jmurret Nov 3, 2023
ef35525
resource: finalizer aware delete endpoint (2 of 5) (#19493)
analogue Nov 3, 2023
fd128f4
build: dependency updates for 1.17.0 (#19453)
DanStough Nov 3, 2023
65592d9
chore: apply enterprise changes that were missed to some testing file…
rboyer Nov 3, 2023
c3c836e
Net-6291/fix/watch resources (#19467)
JadhavPoonam Nov 3, 2023
74daaa5
XDS V1 should not make runs for TCP Disco Chains. (#19496)
jmurret Nov 3, 2023
6f4e037
testing: disable v2 linkage to nodes in integration tests (#19509)
rboyer Nov 3, 2023
395d32e
Shuffle CICD tests to spread worker load. (#19501)
hashi-derek Nov 6, 2023
6baf695
[NET-6459] Fix issue with wanfed lan ip conflicts. (#19503)
hashi-derek Nov 6, 2023
e5948e8
CC-5545: Side Nav (#19342)
Nov 6, 2023
28b1469
fixed typos in redirect for api gateways (#19526)
trujillo-adam Nov 6, 2023
c9f2a6a
[NET-5916] Update locality-aware routing docs (#19529)
zalimeni Nov 6, 2023
90aa83f
[NET-5916] docs: Remove locality proxy startup section (#19534)
zalimeni Nov 6, 2023
38d9428
Ci upgrade test 1 17 (#19536)
huikang Nov 6, 2023
24df835
added 1.17 features to enterprise overview (#19514)
trujillo-adam Nov 6, 2023
5352ff9
Added tenancy tests for WorkloadHealth controller (#19530)
Ganeshrockz Nov 7, 2023
2da7dd0
v2tenancy: register tenancy controller deps (#19531)
analogue Nov 7, 2023
f115cdb
NET-6385 - Static routes that are inlined in listener filters are als…
jmurret Nov 7, 2023
64db2d9
Add kubebuilder annotations to enums (#19454)
thisisnotashwin Nov 7, 2023
a66cb58
test: fix some of the peering topology tests to safely run without te…
rboyer Nov 7, 2023
393f7a4
Fix more test flakes (#19533)
hashi-derek Nov 7, 2023
028f1d8
NET-6390 Initialize MeshGateway proto (#19548)
nathancoleman Nov 7, 2023
1f5aa83
ui: clear peer on home link (#19549)
Nov 7, 2023
4d7754a
test: update makefile to include ways to trigger deployer integration…
rboyer Nov 7, 2023
d203c0a
test: update deployer default images (#19554)
rboyer Nov 7, 2023
20f43d8
test: update certs for 10 year expiry (#19481)
DanStough Nov 7, 2023
6e2a44e
Update enterprise features table with 1.17 features (#19558)
im2nguyen Nov 7, 2023
f2f7235
Fix typo in GatewayClassConfig docs (#19563)
nathancoleman Nov 7, 2023
48d7d4a
docs: Multi-port support for v1.17 GA (#19401)
boruszak Nov 7, 2023
8d6545e
test/deployer: add the method of deregistering services (#19525)
huikang Nov 7, 2023
caaff73
add DeliverLatest as common function for use by Manager and ProxyTrac…
jmurret Nov 7, 2023
7bc2581
Migrate individual resource tests for Discovery Chains to TestAllReso…
jmurret Nov 8, 2023
985aa76
NET 6354 - Add tenancy in Node Health Controller (#19457)
absolutelightning Nov 8, 2023
09f73d1
Migrate individual resource tests for expose paths and checks to Test…
jmurret Nov 8, 2023
a7774a9
Introduce randomized timings and reproducible randomization into cont…
mkeeler Nov 8, 2023
903ff7f
Migrate individual resource tests for custom configuration to TestAll…
jmurret Nov 8, 2023
873b705
Update Helm docs for consul-k8s 1.3.0 (#19581)
nathancoleman Nov 8, 2023
5aff19f
Migrate individual resource tests for JWT Provider to TestAllResource…
jmurret Nov 8, 2023
7de0b45
Fix xds v2 from creating envoy endpoint resources when already inline…
jmurret Nov 8, 2023
a7f3069
test: add a v2 container integration test of xRoute splits (#19570)
rboyer Nov 8, 2023
2296bd5
docs: spike of info about how to use deployer topology tests (#19576)
rboyer Nov 8, 2023
515eed8
Net 6439 (#19517)
absolutelightning Nov 9, 2023
2553d6e
Migrate individual resource tests for Terminating Gateway to TestAllR…
jmurret Nov 9, 2023
4aa95f3
Migrate individual resource tests for Ingress Gateway to TestAllResou…
jmurret Nov 9, 2023
5b581e0
Update links and fix route kind for APIGW JWT Docs (#19585)
jm96441n Nov 9, 2023
1562cb9
DNS token doc updates
johnlanda Oct 6, 2023
9a049ac
backport of commit 1562cb97491a2f468eaad4b900fcf5daa512a713
johnlanda Oct 6, 2023
1d1db4e
Merge 1562cb97491a2f468eaad4b900fcf5daa512a713 into backport/dns-toke…
hc-github-team-consul-core Nov 13, 2023
f731269
backport of commit 400620e10cebdb8bbee9f4c61cd6fd5722cde489
johnlanda Nov 11, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
[NET-5916] Update locality-aware routing docs (#19529) 
* docs: Update locality-aware routing docs

- Align locality-aware routing documentation to the recommended use of the
feature and incorporate engineer feedback.
- Remove docs for unreleased multi-cluster failover feature.
- Fix minor typos and formatting in examples.

* docs: Fix rate limit docs typo
  • Loading branch information
@zalimeni
zalimeni authored Nov 6, 2023
commit c9f2a6add44119f04b21ddde32de8ee52b00c9d5
6 changes: 3 additions & 3 deletions website/content/docs/agent/config/config-files.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1284,9 +1284,9 @@ subsystem that provides Consul's service mesh capabilities.
corresponding to the NIST P-\* curves of the same name.
- `private_key_type = rsa`: `2048, 4096`

- `locality` <EnterpriseAlert inline/>: Specifies a map of configurations that set the region and zone of the Consul agent. When specified on server agents, `locality` applies to all partitions on the server. When specified on clients, `locality` applies to all services registered to the client. Configure this field to enable Consul to route traffic to the nearest physical service instance. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
- `region`: String value that specifies the region where the Consul agent is running. Consul matches this value to regions defined for services in the network. When service agent regions match, Consul is able to prioritize routes between the agent and the service in the same region over healthy service instances in other regions. When multiple healthy service instances are available in the local region, Consul prioritizes services that match the agent's `zone`. You must specify values that are consistent with how regions are defined in your network, for example `us-west-1` for networks in AWS.
- `zone`: String value that specifies the availability zone where the Consul agent is running. Consul matches this value to zones defined for services in the region. When service agent zones match, Consul is able to prioritize routes between the agent and the service in the same zone over healthy service instances in other zones. When multiple healthy service instances are available in the local zone, Consul distributes traffic equally the services. You must specify values that are consistent with how zones are defined in your network, for example `us-west-1a` for networks in AWS.
- `locality` <EnterpriseAlert inline/>: Specifies a map of configurations that set the region and zone of the Consul agent. When specified on server agents, `locality` applies to all partitions on the server. When specified on clients, `locality` applies to all services registered to the client. Configure this field to enable Consul to route traffic to the nearest physical service instance. This field is intended for use primarily with VM and Nomad workloads. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
- `region`: String value that specifies the region where the Consul agent is running. Consul assigns this value to services registered to that agent. When service proxy regions match, Consul is able to prioritize routes between service instances in the same region over instances in other regions. You must specify values that are consistent with how regions are defined in your network, for example `us-west-1` for networks in AWS.
- `zone`: String value that specifies the availability zone where the Consul agent is running. Consul assigns this value to services registered to that agent. When service proxy regions match, Consul is able to prioritize routes between service instances in the same region and zone over instances in other regions and zones. When healthy service instances are available in multiple zones within the most-local region, Consul prioritizes instances that also match the downstream proxy's `zone`. You must specify values that are consistent with how zones are defined in your network, for example `us-west-1a` for networks in AWS.

## DNS and Domain Parameters

Expand Down
45 changes: 6 additions & 39 deletions website/content/docs/connect/config-entries/proxy-defaults.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,7 @@ The following list outlines field hierarchy, language-specific data types, and r
- [`ListenerPort`](#expose-paths): number | `0`
- [`Protocol`](#expose-paths): string | `http`
- [`PrioritizeByLocality`](#prioritizebylocality): map | <EnterpriseAlert inline/>
- [`Mode`](#prioritizebylocality): string | `failover`
- [`FailoverPolicy`](#failoverpolicy): map
- [`Mode`](#failoverpolicy-mode): string
- [`Mode`](#prioritizebylocality): string | `failover`
- [`AccessLogs`](#accesslogs): map
- [`Enabled`](#accesslogs): boolean | `false`
- [`DisableListenerLogs`](#accesslogs): boolean | `false`
Expand Down Expand Up @@ -92,9 +90,7 @@ The following list outlines field hierarchy, language-specific data types, and r
- [`listenerPort`](#spec-expose-paths): number | `0`
- [`protocol`](#spec-expose-paths): string | `http`
- [`prioritizeByLocality`](#prioritizebylocality): map | <EnterpriseAlert inline/>
- [`mode`](#prioritizebylocality): string | `failover`
- [`failoverPolicy`](#spec-failoverpolicy): map
- [`mode`](#spec-failoverpolicy-mode): string
- [`mode`](#prioritizebylocality): string | `failover`
- [`accessLogs`](#spec-accesslogs): map
- [`enabled`](#spec-accesslogs): boolean | `false`
- [`disableListenerLogs`](#spec-accesslogs): boolean | `false`
Expand Down Expand Up @@ -467,29 +463,15 @@ The following table describes the parameters for each map you can define in the

### `PrioritizeByLocality`

Sets a default `mode` for proxies that allows them to prioritize upstream targets that are in the same geographic area. You can specify the following string values for the `mode` field:
Sets a mode for the service that allows instances to prioritize upstream targets that are in the same network region and zone. You can specify the following string values for the `mode` field:

- `failover`: If the upstream target that a service is connected to becomes unreachable, the service prioritizes a healthy upstream with the same `locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
- `failover`: If the upstream targets that a service is connected to become unreachable, the service prioritizes healthy upstream instances with matching `Locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.

#### Values

- Default: None
- Data type: Map

### `FailoverPolicy`

Sets the failover policy `mode` field for all proxies. The failover policy mode defines how Consul directs traffic to failover service instances if the primary instance becomes unreachable. For example, you can direct Consul to send failover traffic to local service instances. Refer to [Failover overview](/consul/docs/connect/manage-traffic/failover) for additional information.

You can specify the following string values for the `mode` field:

- `default`: Envoy sends failover traffic to the first failover target with healthy instances.
- `order-by-locality`: Envoy prioritizes failover targets that are closer to the downstream service. Envoy deterministically orders failover targets that are the same distance from the local proxy.

#### Values

- Default: None
- Data type: Map containing the `mode` field

### `AccessLogs`

Specifies [Envoy access logger](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/observability/access_logging.html?highlight=access%20logs) configurations for all proxies in the service mesh, including gateways. This field also configures access logs on [Envoy's administration interface](https://www.envoyproxy.io/docs/envoy/latest/operations/admin.html?highlight=administration%20logs).
Expand Down Expand Up @@ -710,30 +692,15 @@ The following table describes the parameters for each map you can define in the

### `spec.prioritizeByLocality`

Sets a default `mode` for proxies that allows them to prioritize upstream targets that are in the same geographic area. You can specify the following string values for the `mode` field:
Sets a mode for the service that allows instances to prioritize upstream targets that are in the same network region and zone. You can specify the following string values for the `mode` field:

- `failover`: If the upstream target that a service is connected to becomes unreachable, the service prioritizes a healthy upstream with the same `locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
- `failover`: If the upstream targets that a service is connected to become unreachable, the service prioritizes healthy upstream instances with matching `locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.

#### Values

- Default: None
- Data type: Map


### `spec.failoverPolicy`

Sets the failover policy `mode` field for all proxies. The failover policy mode defines how Consul directs traffic to failover service instances if the primary instance becomes unreachable. For example, you can direct Consul to send failover traffic to local service instances. Refer to [Failover overview](/consul/docs/connect/manage-traffic/failover) for additional information.

You can specify the following string values for the `mode` field:

- `default`: Envoy sends failover traffic to the first failover target with healthy instances.
- `order-by-locality`: Envoy prioritizes failover targets that are closer to the downstream service. Envoy deterministically orders failover targets that are the same distance from the local proxy.

#### Values

- Default: None
- Data type: Map containing the `mode` field

### `spec.accessLogs`

Specifies [Envoy access logger](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/observability/access_logging.html?highlight=access%20logs) configurations for all proxies in the service mesh, including gateways. This field also configures access logs on [Envoy's administration interface](https://www.envoyproxy.io/docs/envoy/latest/operations/admin.html?highlight=administration%20logs).
Expand Down
8 changes: 4 additions & 4 deletions website/content/docs/connect/config-entries/service-defaults.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ BalanceInboundConnections = "exact_balance"
Mode = "<mode for directing traffic>"
RateLimits = {
InstanceLevel = {
RequestsPerScond = <average number of requests allowed to the service per second>
RequestsPerSecond = <average number of requests allowed to the service per second>
RequestsMaxBurst = <max number of concurrent requests allowed to the service>
Routes = [ # Configure RequestsPerSecond and one route matching parameter for each member of the list
{
Expand Down Expand Up @@ -318,7 +318,7 @@ spec:
mode: <mode for directing traffic>
rateLimits:
instanceLevel:
requestsPerScond: <average number of requests allowed to the service per second>
requestsPerSecond: <average number of requests allowed to the service per second>
requestsMaxBurst: <max number of concurrent requests allowed to the service>
routes: # Configure RequestsPerSecond and one route matching parameter for each member of the list
- pathExact: "<limits apply paths that match this value>"
Expand Down Expand Up @@ -409,7 +409,7 @@ spec:
"Mode": "<mode for directing traffic>",
"RateLimits": {
"InstanceLevel": {
"RequestsPerScond": 100,
"RequestsPerSecond": 100,
"RequestsMaxBurst": 200,
"Routes": [
{
Expand Down Expand Up @@ -623,7 +623,7 @@ Map containing a set of request rate limit configurations for instances of the s
- Default: None
- Data type: Map

### `RateLimits{}.InstanceLevel{}.RequestsPerScond`
### `RateLimits{}.InstanceLevel{}.RequestsPerSecond`

Specifies the average number of requests per second allowed to the service. If the [`RequestsMaxBurst`](#ratelimits-instancelevel-requestsmaxburst) parameter is set, the number of requests per second to the service can temporarily exceed the limit specified in the `RequestsPerSecond` up to the value specified in `RequestsMaxBurst`. Internally, this is the refill rate of the token bucket used for rate limiting.

Expand Down
24 changes: 12 additions & 12 deletions website/content/docs/connect/config-entries/service-resolver.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ The following list outlines field hierarchy, language-specific data types, and r
- [`Datacenter`](#redirect-datacenter): string
- [`Peer`](#redirect-peer): string
- [`PrioritizeByLocality`](#prioritizebylocality): map <EnterpriseAlert inline/>
- [`Mode`](#prioritizebylocality): string | `failover`
- [`Mode`](#prioritizebylocality): string | `failover`
- [`Failover`](#failover): map
- [`Service`](#failover-service): string
- [`ServiceSubset`](#failover-servicesubset): string
Expand Down Expand Up @@ -171,7 +171,7 @@ Redirect = {
}

PrioritizeByLocality = {
Mode = "failover"
Mode = "failover"
}

Failover = { ## requires at least one of the following: Service, ServiceSubset, Namespace, Targets, Datacenters, SamenessGroup
Expand All @@ -195,12 +195,12 @@ Failover = { ## requires at least one of the following: Servic

LoadBalancer = {
Policy = "random"
LeastRequestConfig = { ## requires Policy = "least_request"
LeastRequestConfig = { ## requires Policy = "least_request"
ChoiceCount = 2
RingHashConfig = { ## requires Policy = "ring_hash"
MinimumRingSize = 1024
MaximumRingSize = 8192
}
RingHashConfig = { ## requires Policy = "ring_hash"
MinimumRingSize = 1024
MaximumRingSize = 8192
}
HashPolicies = [
{
Expand Down Expand Up @@ -257,7 +257,7 @@ LoadBalancer = {
},
"PrioritizeByLocality" : {
"Mode": "failover"
},
},
"Failover":{ // requires at least one of the following": Service, ServiceSubset, Namespace, Targets, Datacenters, SamenessGroup
"<local=subset-name>":{
"Targets":[
Expand Down Expand Up @@ -552,9 +552,9 @@ Specifies the cluster with an active cluster peering connection at the redirect

### `PrioritizeByLocality`

Sets a mode for the service that allows instances to prioritize upstream targets that are in the same geographic area. You can specify the following string values for the `mode` field:
Sets a mode for the service that allows instances to prioritize upstream targets that are in the same network region and zone. You can specify the following string values for the `mode` field:

- `Failover`: If the upstream target that a service is connected to becomes unreachable, the service prioritizes a healthy upstream with the same `Locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
- `failover`: If the upstream targets that a service is connected to become unreachable, the service prioritizes healthy upstream instances with matching `Locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.

#### Values

Expand Down Expand Up @@ -1023,11 +1023,11 @@ Specifies the cluster with an active cluster peering connection at the redirect
- Default: None
- Data type: String

### `spec.prioritizeByLocality`
### `spec.prioritizeByLocality`

Sets a mode for the service that allows instances to prioritize upstream targets that are in the same geographic area. You can specify the following string values for the `mode` field:
Sets a mode for the service that allows instances to prioritize upstream targets that are in the same network region and zone. You can specify the following string values for the `mode` field:

- `failover`: If the upstream target that a service is connected to becomes unreachable, the service prioritizes a healthy upstream with the same `locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
- `failover`: If the upstream targets that a service is connected to become unreachable, the service prioritizes healthy upstream instances with matching `locality` configuration. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.

#### Values

Expand Down
2 changes: 1 addition & 1 deletion website/content/docs/connect/manage-traffic/failover/index.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,4 +51,4 @@ You can configure a sameness group so that it functions as the default for failo

## Locality-aware routing

By default, Consul balances traffic to all healthy upstream instances in the cluster, even if the instances are in different network regions and zones. You can configure Consul to route requests to upstreams in the same geographic region, which reduces latency and transfer costs. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
By default, Consul balances traffic to all healthy upstream instances in the cluster, even if the instances are in different network regions and zones. You can configure Consul to route requests to upstreams in the same region and zone, which reduces latency and transfer costs. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
2 changes: 1 addition & 1 deletion website/content/docs/connect/manage-traffic/index.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,4 +81,4 @@ Service resolver configuration entries can also process network layer, also call

## Locality-aware routing

By default, Consul balances traffic to all healthy upstream instances in the cluster, even if the instances are in different availability zones. You can configure Consul to route requests to upstreams in the same network zone, which reduces latency and transfer costs. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
By default, Consul balances traffic to all healthy upstream instances in the cluster, even if the instances are in different network regions and zones. You can configure Consul to route requests to upstreams in the same region and zone, which reduces latency and transfer costs. Refer to [Route traffic to local upstreams](/consul/docs/connect/manage-traffic/route-to-local-upstreams) for additional information.
Loading