Backport of Update lock.mdx (Node Health Check and TTL) into release/1.20.x

[hc-github-team-consul-core]

Backport

This PR is auto-generated from #22258 to be assessed for backporting due to the inclusion of the label backport/1.20.

The below text is copied from the body of the original PR.

---

Overview of commits

• backport commit 692b61f
• backport commit 811f426

Title
Consul lock docs: Clarify node checks & TTL behavior, plus manual session workaround

Description

This PR updates the consul lock command documentation to explain how an ephemeral session is automatically created with node checks (e.g. serfHealth), which can cause the lock’s TTL to be effectively auto-renewed as long as the node is healthy. It also outlines a recommended workaround (manually creating and managing a custom session) for users who need strict TTL enforcement without node checks.

Testing & Reproduction Steps

• No functional code changes – this is a documentation-only update.
• Relevant sections:
  • A new note/section titled “Node Health Checks and TTL Behavior.”
  • Explains that the default session includes node checks, leading to indefinite lock behavior unless manually overridden.
• Validation:
  1. Confirmed that the agent/session_endpoint.go sets NodeChecks to [serfHealth] by default.
  2. Verified that consul lock does not expose a built-in flag for removing node checks.
  3. Tested a scenario in which a user removes node checks by manually calling the session create API, verifying the lock expires after TTL if not renewed.

Links

• GitHub Issue #5205 (related example of locks not releasing after session deletion)

PR Checklist

• updated external-facing docs to clarify node health check behavior
• test coverage not applicable (no code changes)
• not a security concern

---

Overview of commits

• 692b61f - 811f426

[github-team-consul-core-pr-approver]

Auto approved Consul Bot automated PR