Consul + consul agents

3
votes

Help to understand with the launch of consul node and consul agents. I have a virtual machine on which the consul + vault + 2 consul nodes. In VM 3 ip LAN. All this in docker containers. When I try to connect to this consul from another virtual machine. then the agent connects to the first console and can not connect to the other nodes of the consul.

As I understand it, I need to run all 3 consoles nodes on separate ip host virtual machines, that would be able to reach them consul agent. Only how to do this?

I start consul + vault with this docker-compose:

version: "2"
services:
  consul1:
    image: "consul.1.0.1"
    container_name: "consul12"
    hostname: "consul12"
    volumes:
     - ./consul/config:/config/
    ports:
      - "8400:8400"
      - "8500:8500"
      - "8600:53"
      - "8300:8300"
      - "8301:8301"
    command: "agent -config-dir=/config -ui -server -bootstrap-expect 3"
  consul2:
    image: "consul.1.0.1"
    container_name: "consul2"do
    hostname: "consul2"
    volumes:
     - ./consul/config:/config/
    expose:
      - "8400"
      - "8500"
      - "8600"
      - "8300"
      - "8301"
    command: "agent -config-dir=/config -server -join consul1"
    depends_on:
      - consul1
  consul3:
    image: "consul.1.0.1"
    container_name: "consul3"
    hostname: "consul3"
    volumes:
     - ./consul/config:/config/
    expose:
      - "8400"
      - "8500"
      - "8600"
      - "8300"
    command: "agent -config-dir=/config -server -join consul1"
    depends_on:
      - consul1
  vault:
    depends_on:
      - consul1
    image: "vault"
    hostname: "vault"
    links:
      - "consul1:consul1"
    environment:
      VAULT_ADDR: http://127.0.0.1:8200
    ports:
      - "8200:8200"
    volumes:
      - ./vault/tools/wait-for-it.sh:/wait-for-it.sh
      - ./vault/config/vault:/config
      - ./vault/config/vault/policies:/policies
    entrypoint: /wait-for-it.sh -t 20 -h consul1 -p 8500 -s -- vault server -config=/config/with-consul.hcl

and consul settings:

{
"data_dir": "/data",
"client_addr": "0.0.0.0",
"ports": {
    "dns": 53
},
"disable_update_check": true,
"addresses": {
    "https": "0.0.0.0"
  }
}
3
dockernetworkingdocker-composeconsul
Sry, but the other consuls are master ? or these other consul are agents ? - Martin Do Santos

3 Answers

0
votes

First try running with a single consul instance and get this working first. By default docker consul will run in dev mode - no "bootstrap=3" - where the one-to-one port mappings are complete (ie single docker vm to host port, not complicating with consul2, consul3):

"8400:8400" "8500:8500" "8600:53" "8300:8300" "8301:8301"

0
votes

I don't think that by default consul runs in dev mode as @damobrisbane mentioned.

Not sure if you showed consul settings for server or client agent but try the following: specify server: true

use retry_join - instead of join.

Also check out this link for consul bootstrap guide.

0
votes

I did this docker-compose.yml and it works.

version: '3'

services:
  consul_master: 
    image: consul
    environment:
      - CONSUL_LOCAL_CONFIG={"datacenter":"dc_local_001", "server":true,"ui":true,"enable_debug":true,"disable_update_check":true,"primary_datacenter":"dc_local_001","acl":{"enabled":false,"default_policy":"deny","down_policy":"extend-cache", "tokens":{"agent":""}}}
      - CONSUL_BIND_INTERFACE=eth0
    hostname: "consul1"
    ports:
      - "8301:8301"
      - "8400:8400"
      - "8500:8500"
      - "8600:53/udp"
    command: "agent -server -bootstrap -ui -client=0.0.0.0 -bind='{{ GetInterfaceIP \"eth0\" }}'"

  consul_client:
    image: consul
    links:
      - consul_master
    environment:
      - CONSUL_LOCAL_CONFIG={"leave_on_terminate":true, "datacenter":"dc_local_001"}
    depends_on:
      - consul_master
    command: "agent -server -retry-join=consul_master"

This is the example with this docker-compose.

If you have any doubts write me!