New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Peering Mesh Gateway Updates for GA #15344
Conversation
Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com>
appropriate destination based on the server name requested. The data within the mTLS session is not decrypted by | ||
the Gateway. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not true for peering.
|
||
## Prerequisites | ||
|
||
To configure mesh gateways for cluster peering, make sure your Consul environment meets the following requirements: | ||
|
||
- Consul version 1.13.0 or newer. | ||
- Consul version 1.14.0 or newer. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think anyone should be using the beta, so I made this the GA version
- A local Consul agent is required to manage mesh gateway configuration. | ||
- [Enable Consul service mesh](/docs/agent/config/config-files#connect-parameters) in all clusters. | ||
- [Enable `peering`](/docs/agent/config/config-files) on all Consul servers. | ||
- Use [Envoy proxies](/docs/connect/proxies/envoy). Envoy is the only proxy with mesh gateway capabilities in Consul. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will be enabled by default in 1.14
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me. This is a big improvement over what we had
website/content/docs/connect/gateways/mesh-gateway/peering-via-mesh-gateways.mdx
Outdated
Show resolved
Hide resolved
…-mesh-gateways.mdx Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
* docs(peering): remove beta references Co-authored-by: hc-github-team-consul-core <github-team-consul-core@hashicorp.com> Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com> Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
* docs(peering): remove beta references Co-authored-by: hc-github-team-consul-core <github-team-consul-core@hashicorp.com> Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com> Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
* docs(peering): remove beta references Co-authored-by: hc-github-team-consul-core <github-team-consul-core@hashicorp.com> Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com> Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
* docs(peering): remove beta references Co-authored-by: hc-github-team-consul-core <github-team-consul-core@hashicorp.com> Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com> Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com> Co-authored-by: Dan Stough <dan.stough@hashicorp.com> Co-authored-by: Eric Haberkorn <erichaberkorn@gmail.com> Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
Description
Follow up to #15340. This branch was based on that one, so all new changes are in the most recent commit.
Adding content for control-plane traffic for peering through mesh gateways. I realized that the concept of mesh gateways was tied pretty strongly to WAN fed in the docs, so I attempted to extract the general mesh gateway content from the specific wan-fed/peering setup.
I don't love some of the organization but hoping we can come back and optimize after the 1.14 release.