Service Discovery - Consul

This document provides instructions on discovering Consul-based services through Volterra platform.

Overview

Consul is a service networking solution to connect and secure services across any runtime platform and public or private cloud.

Note: For detailed information on Consul, see the official Consul Portal.

Volterra platform supports Consul-based service discovery by using the service catalogue synchronization in Volterra platform. The service discovery type CONSUL and Consul endpoint in connection_info are supported for the Volterra Discovery object.

Setting up Consul-based service discovery for a site includes adding service discovery along with the type as CONSUL and configuring the Consul endpoint.

Prerequisites

The following prerequisites apply:

Hardware

None.

Software

Configuring Consul-based service discovery on Volterra platform requires the following:

  • Valid credentials to login to the Volterra portal
  • Azure Kubernetes Service (AKS) or Amazon Elastic Kubernetes Service (EKS)
  • Consul - External or internal with all Kubernetes services synchronized from AKS or EKS Cluster
  • Helm

Note: Consul endpoint should be reachable from the Volterra Global Controller (GC) or users of the Volterra tenant.

Restrictions

None

Configure Consul Based Service Discovery

Configuring Consul-based service discovery includes performing the following actions:

  • Add and Configure discovery object in Volterra site.
  • Add Consul endpoint to another site or Virtual sites for service discovery.

Get Consul Service Information

To obtain Consul service informatio, perform the following from the terminal of any machine with reachability to AKS or EKS cluster:

  1. Verify that the Consul pods are running.
$ kubectl get pods -n consul
NAME                                           
pod/consul-service-discovery-consul-4dxkg            1/1     Running                    
pod/consul-service-discovery-consul-6wcx2            1/1     Running                    
pod/consul-service-discovery-consul-kcw8l            1/1     Running                    
pod/consul-service-discovery-consul-server-0         1/1     Running                   
pod/consul-service-discovery-consul-sync-catalog-75  1/1     Running    
  
  1. Check the Consul service discovery server details and verify the reachability of the Consul end point from the user of Volterra tenant. This example shows that port 8500 serves the Consul API and loadbalancer service.
 $ kubectl describe svc consul-service-discovery-consul-server-8500 -n consul
 Name:                     consul-service-discovery-consul-server-8500
 Namespace:                consul
 Labels:                   app=consul
                           chart=consul-helm
                           heritage=Tiller
                           release=consul-service-discovery
 Annotations:              kubectl.kubernetes.io/last-applied-configuration:
                             {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{"service.alpha.kubernetes.io/tolerate-unready-endpoints":"true"},"labels":{...
                          service.alpha.kubernetes.io/tolerate-unready-endpoints: true
Selector:                 app=consul,component=server,release=consul-service-discovery
Type:                     LoadBalancer
IP:                       10.100.223.113
LoadBalancer Ingress:     a0ce4fe72bfd011e991980264b88be08-1260362255.eu-west-1.elb.amazonaws.com
Port:                     http  8500/TCP
TargetPort:               8500/TCP
NodePort:                 http  32467/TCP
Endpoints:                192.168.33.163:8500
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

Sample service type for Consul UI.

 Name:                     consul-service-discovery-consul-ui
 Namespace:                consul
 Labels:                   app=consul
                              chart=consul-helm
                              heritage=Tiller
                              release=consul-service-discovery
 Annotations:              <none>
 Selector:                 app=consul,component=server,release=consul-service-discovery
 Type:                     LoadBalancer
 IP:                       10.100.33.220
 LoadBalancer Ingress:     a9592b3e4bfcc11e98d820a7c27b16fb-1945496426.eu-west-1.elb.amazonaws.com
 Port:                     http  80/TCP
 TargetPort:               8500/TCP
 NodePort:                 http  30882/TCP
 Endpoints:                192.168.33.163:8500
 Session Affinity:         None
 External Traffic Policy:  Cluster
 Events:                   <none>
 

Note: The value of the field LoadBalancer Ingress is the URL of the API server to be used in the Volterra Discovery object.

  1. Check the services and nodes from Consul UI. This is optional step.

    Nodes

    Workernodes
    Workernodes

    Services

    Serviceslist
    Serviceslist

  2. Check the services and nodes from Consul CLI. This is optional step.

    Nodes

    
 / # consul members
Node                                          Address              Status  Type    Build  Protocol  DC   Segment
consul-service-discovery-consul-server-0      192.168.33.163:8301  alive   server  1.5.0  2         dc1  <all>
ip-192-168-33-183.eu-west-1.compute.internal  192.168.33.254:8301  alive   client  1.5.0  2         dc1  <default>
ip-192-168-33-94.eu-west-1.compute.internal   192.168.33.145:8301  alive   client  1.5.0  2         dc1  <default>
ip-192-168-34-29.eu-west-1.compute.internal   192.168.34.208:8301  alive   client  1.5.0  2         dc1  <default>

Services

 
 / # consul catalog services
 consul
 consul-service-discovery-consul-dns
 consul-service-discovery-consul-server
 consul-service-discovery-consul-server-8500
 consul-service-discovery-consul-ui
 kubernetes
 kubeview
 matrix-synapse-replication-uswest
 matrix-synapse-uswest
 postgresql-euwest
 postgresql-rs-euwest
 riot-euwest

Add Consul Discovery in Volterra Portal

To add consul service discovery, perform the following:

  1. Log in to the Volterra portal with valid Volterra credentials and change to the System namespace.

VolterraSite
VolterraSite

  1. Select Sites and navigate to Site List.

VolterraSiteList
VolterraSiteList

  1. Select an application gateway associated with the AKS or EKS cluster and registered as a CE. Expand the CE and note down the uid value from the displayed metadata.

Site_ID
Site_ID

Note: The uid represents the Site_ID of the site.

  1. Select Manage, navigate to Site Management, and Discovery.

AddDiscovery
AddDiscovery

  1. Enter the service discovery configuration in JSON or YAML format in the Add discovery form and click Add discovery.

AddDiscoveryJson
AddDiscoveryJson

Refer to the following sample configurations for service discovery:

Sample Configuration in JSON format

{
  "metadata": {
    "name": "eks-agw-sample",
    "namespace": "system",
    "labels": {},
    "annotations": {},
    "description": "",
    "disable": false
  },
  "spec": {
    "where": {
      "site": {
        "ref": [
          {
            "kind": "ves.io.vega.cfg.site.Object",
            "uid": "82c2d334-f2cc-4bf4-a1b2-761180c8babb",
            "tenant": "",
            "namespace": "",
            "name": ""
          }
        ],
        "network_type": "VIRTUAL_NETWORK_SITE_LOCAL"
      }
    },
    "type": "CONSUL",
    "publish_vip": {
      "publish_virtual_ip": true,
      "type": "PUBLISH_SERVICE",
      "subdomain": "",
      "dns_mode": "CORE_DNS",
      "namespace": ""
    },
    "consul": {
      "connection_info": {
        "api_server": "a0ce4fe72bfd011e991980264b88be08-1260362255.eu-west-1.elb.amazonaws.com:8500",
        "tls_info": null
      },
      "scheme": "HTTP",
      "http_basic_auth_info": null
    }
  }
}

Sample Configuration in YAML format

   metadata:
  name: eks-agw-sample
  namespace: system
  labels: {}
  annotations: {}
  description: ""
  disable: false
spec:
  where:
    site:
      ref:
        - kind: ves.io.vega.cfg.site.Object
          uid: 82c2d334-f2cc-4bf4-a1b2-761180c8babb
          tenant: ""
          namespace: ""
          name: ""
      network_type: VIRTUAL_NETWORK_SITE_LOCAL
  type: CONSUL
  publish_vip:
    publish_virtual_ip: true
    type: PUBLISH_SERVICE
    subdomain: ""
    dns_mode: CORE_DNS
    namespace: ""
  consul:
    connection_info:
      api_server: a0ce4fe72bfd011e991980264b88be08-1260362255.eu-west-1.elb.amazonaws.com:8500
      tls_info: null
    scheme: HTTP
    http_basic_auth_info: null
   

Note: The value for field api_server is the URL obtained from the LoadBalancer Ingress field displayed in the Consul output.

  1. Verify from the portal if the discovery object is added to the platform.

    SampleDiscoveryUI
    SampleDiscoveryUI

Result: Successful addition of Consul discovery enables Volterra platform to discover all the services from Consul. Users can add services from AKS or EKS using the created discovery object.

Configure Endpoints to Sites for Service Discovery

To configure the Consul service endpoint to sites, perform the following in the Volterra portal:

  1. Select Manage and navigate to Endpoints. Click Add endpoint and enter the description, port on which the AKS or EKS service is available, and classifier.

Endpoint
Endpoint

Note: Select Site as classifier to add the endpoint to specific sites. In case of adding endpoints to a group of sites, select Virtual site as the classifier.

  1. Select sites or virtual sites from the sites list and click Select site.

Endpoint
Endpoint

Note: Virtual sites created in the shared namespace are accessible in all namespaces of a tenant or they can be created in a specific namespace.

  1. Select endpoint address type as Service info and discovery type as CONSUL. Enter the service name.

AddEndPointFinal
AddEndPointFinal

Note: Service name is the kubernetes Service name on the AKS or EKS cluster mentioned in the <service_name>.<namespace> format.

  1. Click Add endpoint.

References

Note: Update the configuration values as per your service requirement.