What is a consul

Consul is a solution to Service Mesh. Consul is a full-featured control plane with service discovery, configuration, and segmentation capabilities. These functions can be used individually as needed or together to build a complete service grid. Consul requires a data plane and supports both broker and native integration models. Consul comes with a simple built-in proxy so it works out of the box, but also supports third-party proxy integration such as Envoy.

Consul actually addresses the network and security challenges of running microservices and cloud native infrastructures. Consul offers a cloud-native, software-driven routing and segmentation approach. It also brings other benefits, such as troubleshooting, retries, and network visibility.

Said to the above service grid and data plane, the grid is usually said with tiny a segment of grid service, data plane is easy to understand is the software and service request processing data in the framework of the layer, by contrast, the control plane is the software part of the configuration and close the data plane, Consul here will have the effect of the control plane.

Consul’s key features are:

  • Service discovery

    Consul’s clients can register services, such as apis or mysql, and clients can use Consul to discover registered services. With DNS or HTTP, applications can easily find the services they depend on.

  • Health detection

    Consul client can provide any number of health checks that can be relevant to a given service (” Is the Web server returning 200 OK “) or local nodes (” Memory utilization is less than 90% “). You can use this information to monitor the health of the cluster, and the service discovery component can use this information to divert traffic away from malfunctioning hosts.

  • KV storage

    Your application can use Consul’s layered key/value store for a variety of purposes, not limited to dynamic configuration, feature marking, coordination, cluster leader election, and more. Consul provides a simple HTTP API that makes it very easy to use.

  • Secure service communication

    Consul can generate and distribute TLS certificates for services and then establish mutual TLS connections. Intents are used to define which services are allowed to communicate. You can easily manage service segments by changing intentions in real time without complex network topologies and static firewall rules.

  • Multi-data center

Consul out of the box supports multiple data centers. This means that Consul’s users don’t have to worry about building additional layers of abstraction to scale to multiple regions

Consul is designed to be very friendly to the DevOps community and application developers, making it ideal for a modern, flexible infrastructure.

Consul’s basic architecture

Consul is a distributed, highly available system. This section covers the basics, intentionally omitting some unnecessary details, for a quick look at how Consul works.

Each node that serves Consul runs Consul’s agent, which is not needed when it is used to discover services or obtain configured key-value pair data. The agent is responsible for services on the node as well as health checks on the node itself.

The agent communicates with one or more Consul servers. Consul server is where data is stored and replicated. The server itself elects a leader. Although Consul can run on one server, three to five nodes are recommended to avoid data loss in the event of a failure. You are advised to use Consul server cluster for each data center.

The server maintains a directory that is generated by summarizing the data submitted by the agent. The directory maintains a high-level view of the cluster, including which services are available, which nodes run them, health information, and so on.

To discover the underlying components of other services or nodes, you can query any Consul server or any Consul agent. The proxy automatically forwards the query to the server.

Each data center runs a Consul server cluster. When a service discovery or configuration request is made across data centers, the local Consul server forwards the request to the remote data center and returns the results.

The installation of the Consul

In order to facilitate the environment, I use docker for installation. I have tried virtual machines, notebook physical machines and so on before, but docker is not as convenient to install.

  • Obtaining the image File

    docker pull consul

The network is slow, it may take about a few minutes to execute, you can configure the docker mirror to solve the problem, I configured ali mirror

  • Check whether the download is complete

    ➜ docker images -f ‘reference=consul’ REPOSITORY TAG IMAGE ID CREATED SIZE 80f latest 2823bc69f80F 4 weeks ago 120MB

  • Start Consul Server

    ➜ docker run -d p 85:8500 -p 8600:8600/udp agent-server-uI-node = server-1-bootstrap-expect =1 – client = 0.0.0.0

-d: indicates background startup

-p: maps 8500 and 8600 of the local device to 8500 and 8600/ UDP ports of the Docker container

The last line is Consul’s command to start the server

  • Viewing startup Logs

Because it was started in the background just now, you can not see the log situation. You can view it in the following way

➜ docker logs d2806AC2b7e1 docker logs d2806AC2b7e1Copy the code

If you see this log, it indicates that the startup is ok

==> Starting Consul agent... Version: '1.9.1' Node ID: '5cea9bb5-53f2-e71e-1a46-b23f188DA307' Node name: 'server-1' Datacenter: 'dc1' (Segment: '<all>') Server: true (Bootstrap: true) Client Addr: [0.0.0.0] (HTTP: 8500, HTTPS: -1, gRPC: -1, DNS: 8600) Cluster Addr: 172.17.0.2 (LAN: 8301, WAN: 8302) Encrypt: Gossip: false, TLS-outgoing: false, TLS.... ==> Consul agent running! .Copy the code

Now that the server is enabled, a client should be started to connect to the server. There is a question as to how do I know the IP address and port number of the server I am starting. Docker provides a way to execute Consul in container directly.

➜ docker exec D2806AC2b7e1 Consul members Node Address Status Type Build Protocol DC Segment Server -1 172.17.0.2:8301 Alive server 1.9.1 2 dc1 <all>Copy the code

You can also go inside the container directly, using the exec command

Docker exec it d2806ac2b7e1 /bin/sh // Then execute consul membersCopy the code

Docker executes the commands supported in the container in the following ways:

docker exec <container_id> consul members
Copy the code

The IP address of the server is 172.17.0.2:8301

  • Configure the running client

    Docker run –name=test-1 Consul agent-node = client-1-join =172.17.0.2

The following output shows that there is no problem, noting that name refers to the container parameter

==> Starting Consul agent... ==> Joining cluster... Join completed. Synced with 1 initial agents ==> Consul agent running! Version: 'v1.4.4' Node ID: '4b6da3C6-b13F-eba2-2B78-446ffa627633' Node name: 'client-1' Datacenter: 'dc1' (Segment: ") Server: false (Bootstrap: false) Client Addr: [127.0.0.1] (HTTP: 8500, HTTPS: -1, gRPC: -1, DNS: 8600) Cluster Addr: 172.17.0.4 (LAN: 8301, WAN: 8302) Encrypt: Gossip: false, TLS-outgoing: false, TLS-incoming: falseCopy the code

Check whether the client has joined by running consul Members in the container again

docker exec d2806ac2b7e1 consul members
Copy the code

It has been found that there are two, and both states are available

Docker exec D2806AC2b7e1 Consul members Node Address Status Type Build Protocol DC Segment Server -1 172.17.0.2:8301 Alive server 1.9.1 2dc1 <all> client-1 172.17.0.3:8301 Alive client 1.9.1 2dc1 <default>Copy the code

Now that you have a small data center, you can register services or configure data to play with.

You can also view data center configurations on the Web. The default HTTP interface on Consul is port 8500, which provides a UI interface for managing and configuring a data center. Open the figure and click NODES to view the node

Click on the node and you can see the health status of the node, whether the agent is available, and so on

conclusion

Here, we have a brief understanding of Consul, and then we are familiar with Consul’s simple architecture. Then we can conveniently build a simple Consul cluster in Docker, and all of them are available.