Consul Connect's core strength is its service mesh, which spans and covers both Kubernetes and VMs. Consul traffic management is available for services that might run in VMs and/or in Kubernetes environments. The Consul configuration can be pushed through the Consul CLI or API, or by using Kubernetes jobs. Let's take a look:
- Define an instance of service-defaults for the web service that will use the http protocol:
# Script: 08-service-defaults-web.hcl
kind = "service-defaults"
name = "web"
protocol = "http"
Here, an example of the Consul CLI demonstrates creating Consul primitive service-defaults for the web service. Notice that the web service does not exist yet – we will create that later on.
We can load the L7 configuration using one of the following three methods:
-
- Via the Consul CLI, using a consul config write for Hashicorp Command Language (HCL) or JSON files.
- Through PUT requests to the API for JSON files
- Through a Kubernetes job
For simplicity, we will be using either HCL or JSON files using the Consul CLI.
- The Consul CLI can apply the preceding definition as follows:
$ consul config write 08-service-defaults-web.hcl
- Now, list all the service-defaults registered in Consul:
$ consul config list -kind service-defaults
counting
dashboard
web
- Next, read the web service-defaults configuration entry that we just created:
$ consul config read -kind service-defaults -name web
{
"Kind": "service-defaults",
"Name": "web",
"Protocol": "http",
"MeshGateway": {},
"CreateIndex": 5384,
"ModifyIndex": 5384
}
Next, we will use an API to create a service-defaults configuration. Refer to https://www.consul.io/api/ for detailed documentation on using APIs to manage and configure Consul. We will use the /config path to create service-defaults for the api service.
- Define a JSON configuration to set up an http protocol for the web service:
# Script: 09-service-defaults-api.json
{
"Kind": "service-defaults",
"Name": "api",
"Protocol": "http"
}
- Create service-defaults for the web service so that it can use the http protocol using the Consul REST API:
$ curl -XPUT --data @09-service-defaults-api.json http://localhost:8500/v1/config ; echo
true
- List the web service-defaults that we just created:
$ curl -s http://localhost:8500/v1/config/service-defaults/api | json_reformat
{
"Kind": "service-defaults",
"Name": "api",
"Protocol": "http",
"MeshGateway": {
},
"CreateIndex": 5616,
"ModifyIndex": 5619
}
The preceding examples showed us how to define service-defaults using the Consul CLI and Consul REST APIs. Using the same approach, we will demonstrate the three stages of Consul L7 traffic management for services running in any VM in any data center in any region. These three steps are as follows:
-
- Routing (service-router)
- Splitting (service-splitter)
- Resolution (service-resolver)
Let's assume that we have two versions of a service api for which a Consul primitive called service-resolver has been defined using two subsets, v1 and v2. These subsets will resolve to the respective version of the api service based upon the annotations that have been defined for the Kubernetes service. We will create these later in this chapter.
- The following is an example of a service-resolver for subsets based on the service catalog metadata:
# Script : 10-service-resolver-api.hcl
kind = "service-resolver"
name = "api"
default_subset = "v1"
subsets = {
v1 = {
filter = "Service.Meta.version == 1"
}
v2 = {
filter = "Service.Meta.version == 2"
}
}
- Create a Consul primitive called service-resolver for the api service in order to define subsets v1 and v2:
$ consul config write 10-service-resolver-api.hcl
$ consul config list -kind service-resolver
api
- Note that the sevice-resolver API has been created.
By now, you should have a clear picture of the advantages that Consul provides through its support for the L7 configuration. Next, we will deploy a demo application to demonstrate Consul's traffic splitting and shifting features.