Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

consul integration: core service mesh #24

Closed
14 tasks done
noahehall opened this issue Jan 10, 2023 · 0 comments
Closed
14 tasks done

consul integration: core service mesh #24

noahehall opened this issue Jan 10, 2023 · 0 comments

Comments

@noahehall
Copy link
Contributor

noahehall commented Jan 10, 2023
edited
Loading

C

T

  • consul node names should match service names; should fix client retry_join having to ip
  • refactor existing service discovery logic
  • setup envoy
    • ubuntu multi app container
    • alpine multi app container
  • fix & verify service health checks
    • haproxy
    • vault
  • consul envoy + vault
  • consul envoy + haproxy
    • - big bold letters: Sidecar service registrations are only a shorthand for registering multiple services. Consul will not start up or manage the actual proxy processes for you.
      • bootstrap.sh update to start consul + envoy on ubuntu and alpine
  • refactor & agent config review 1
  • verify and setup intentions: haproxy > vault UI
  • add consul-template to multi app containers
    • haproxy
    • vault: actually dont think its needed here, but whatev

A

issue 1: proxy > vault: connection refused
@see hashicorp/nomad#8343

root@1571b2184198:/usr/local/etc/haproxy# consul members
Node        Address            Status  Type    Build   Protocol  DC       Partition  Segment
consul      192.168.96.4:8301  alive   server  1.14.3  2         us-east  default    <all>
core-proxy  192.168.96.3:8301  alive   client  1.14.3  2         us-east  default    <default>
core-vault  192.168.96.2:8301  alive   client  1.14.3  2         us-east  default    <default>

vault: x.x.x.2 
OK 200
  curl https://dev.nirv.ai:8200/v1/sys/health
  curl -k https://core-vault:8200/v1/sys/health
  curl -k https://192.168.96.2:8200/v1/sys/health
  curl -k https://127.0.0.1:8200/v1/sys/health
  


proxy: x.x.x.3 
OK 200
  curl -k https://core-vault:8200/v1/sys/health
  curl -k https://192.168.96.2:8200/v1/sys/health <<<< w00p w00p
  ^ we need to set the server to whatever the sidecar proxy is
  ^ the sidecar will handle balancing requests between X number of service nodes

# w00p w00p
backend lb-vault
    balance roundrobin
    server-template consul-dns 1 "core-vault.service.search:${VAULT_PORT_CUNT}" check ssl verify none maxconn ${PROXY_MAXCONN_PRIV} weight 150 resolvers consul resolve-prefer ipv4 resolve-opts

issue 2: Config validation failed: Multiple private IPv4 addresses found. Please configure one with 'bind' and/or 'advertise'.
@see hashicorp/consul#3897

# think u need to set the advertise_addr
@noahehall noahehall mentioned this issue Jan 16, 2023
Closed
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
nirvai
Status: DEPLOYED
Milestone
No milestone
Development

No branches or pull requests
1 participant
@noahehall