Automated Service Discovery using HashiCorp Consul

tmitsuhatatmitsuhata Member, Administrator admin
edited December 2020 in DevOps

This article describes how to use the Thunder ADC integration with HashiCorp Consul for automated application delivery. Thunder ADC directly polls associated services catalog from Consul periodically while serving user traffic for load balancing and application security. When service status changes are detected on the Consul for any reason, Thunder ADC automatically updates server pool configuration accordingly. 

Prerequisites

  • You will need previous experience with Consul and Thunder ADC
  • Consul
    • A single Consul datacenter with the web UI enabled, and the config directory set to /etc/consul.d/.
    • At least two client nodes, each with a local Consul agent that can register the web services and health checks.
    • Refer Consul tutorials for how to get started with Consul.
  • Thunder ADC
    • Thunder ADC (hardware, virtual, bare metal, or container) running ACOS version 5.2.1 or above
    • Get vThunder free trial
  • Topology
    • Two (or more) standard web servers running web (HTTP) service on port 80


Consul Setup

1. Run Consul server agent on a server “devops” using IP 192.168.0.201

[email protected]:~$ nohup consul agent -config-dir /etc/consul.d/ -advertise 192.168.0.201 &

2Run Consul client agent on each web server

Note: Service definition will be added later

[email protected]:~$ nohup consul agent -enable-script-checks -data-dir /tmp/consul -config-dir /etc/consul.d -bind 192.168.0.10 -join 192.168.0.201 &
[email protected]:~$ nohup consul agent -enable-script-checks -data-dir /tmp/consul -config-dir /etc/consul.d -bind 192.168.0.11 -join 192.168.0.201 &


[email protected]:~$ consul members
Node                Address            Status Type   Build Protocol DC  Segment
devops1.a10tme-demo 192.168.0.201:8301 alive  server 1.8.4 2        dc1 <all>
s1.adc-demo         192.168.0.10:8301  alive  client 1.8.4 2        dc1 <default>
s2.adc-demo         192.168.0.11:8301  alive  client 1.8.4 2        dc1 <default>


3. Configure web service for port 80 on both servers by adding web.json file, and then reload the service.

[email protected]:~$ cat /etc/consul.d/web.json
{
 "service": {
   "name": "Web:80",
   "id": "web80-s1",
   "tags": [
     "web-s1"
   ],
   "port": 80,
   "address": "192.168.0.10",
   "check": {
     "http": "http://localhost:80/",
     "interval": "15s"
   }
 }
}

[email protected]:~$ consul reload
Configuration reload triggered

Service status for Web:80


Health check status of web80-s1 service on s1 


Thunder ADC Setup

With the Consul integration, you only need to define service group name and basic virtual server (as known as VIP) configuration for ADC/SLB service. Backend server configuration will be dynamically added based on service catalog provided by Consul.

  • Service-group: Assign a name that should match to the service tag defined on the Consul
  • Virtual-server: Assign VIP name and IP address
slb service-group web-s1 tcp
!
slb virtual-server vip1 10.10.10.1
 port 80 http
   source-nat auto
   service-group web-s1
!

Next, you will configure the Consul integration. In this example, Consul server node has 2 NICs and 10.64.4.201 is on management network and used for communication with Thunder ADC. You can update port number and query interval (health-check-interval) based on your environment.

The service-label should match to the service tag defined on Consul, that is also tied to the slb service-group name configured above. You can also have multiple service labels and get near real-time information of all your web services.

acos-cloud-integration
 ecosystem
   consul
     service-label web-s1
     bootstrap-server-ip 10.64.4.201
     port 8500
     health-check-interval 15
     enable

Verification

Once consul integration is enabled, you will see the SLB configuration is automatically updated based on the service catalog provided by Consul. In this example, two servers are created and added into the service group associated with the service label.

vThunder#show run slb
!Section configuration: 303 bytes
!
slb server s1.a10tme-demo 192.168.0.10
 port 80 tcp
!
slb server s2.a10tme-demo 192.168.0.11
 port 80 tcp
!
slb service-group web-s1 tcp
 member s1.a10tme-demo 80
 member s2.a10tme-demo 80
!
slb virtual-server vip1 10.10.10.1
 port 80 http
   source-nat auto
   service-group web-s1
!


vThunder#sh slb virtual-server bind
Total Number of Virtual Services configured: 2
---------------------------------------------------------------------------------
*Virtual Server :vip1 10.10.10.1     All Up

  +port 80 http ====>web-s1                  State :All Up
       +s1.a10tme-demo:80                        192.168.0.10       State :Up
       +s2.a10tme-demo:80                        192.168.0.11       State :Up


vThunder#sh log
Log Buffer: 30000
Nov 21 2020 05:12:45 Info       [ACOS]:Virtual server vip1 is up
Nov 21 2020 05:12:45 Info       [ACOS]:Service http on virtual server vip1 port 80 is up.
Nov 21 2020 05:12:45 Info       [HMON]:Service-group web-s1 is up.
Nov 21 2020 05:12:44 Info       [HMON]:SLB server s2.a10tme-demo (192.168.0.11) TCP port 80 of group web-s1 is up (health-check).
Nov 21 2020 05:12:44 Info       [HMON]:SLB server s2.a10tme-demo (192.168.0.11) port 80 is up (TCP Verify Connection OK)
Nov 21 2020 05:12:44 Info       [HMON]:SLB server s1.a10tme-demo (192.168.0.10) TCP port 80 of group web-s1 is up (health-check).
Nov 21 2020 05:12:44 Info       [HMON]:SLB server s1.a10tme-demo (192.168.0.10) port 80 is up (TCP Verify Connection OK)
Nov 21 2020 05:12:43 Info       [HMON]:SLB server s2.a10tme-demo (192.168.0.11) is up (ICMP Receive OK)
Nov 21 2020 05:12:43 Info       [HMON]:SLB server s1.a10tme-demo (192.168.0.10) is up (ICMP Receive OK)
Nov 21 2020 05:12:42 Info       [HMON]:SLB server s2.a10tme-demo (192.168.0.11) TCP port 80 of group web-s1 is down (disabled-with-health-check).
Nov 21 2020 05:12:42 Info       [ACOS]:updating internal tcp application(s2.a10tme-demo) with port(80) being updated on all interface
Nov 21 2020 05:12:42 Info       [ACOS]:Port 80 type TCP on server s2.a10tme-demo is created
Nov 21 2020 05:12:42 Info       [ACOS]:Server s2.a10tme-demo is created
Nov 21 2020 05:12:42 Info       [HMON]:SLB server s1.a10tme-demo (192.168.0.10) TCP port 80 of group web-s1 is down (disabled-with-health-check).
Nov 21 2020 05:12:42 Info       [ACOS]:updating internal tcp application(s1.a10tme-demo) with port(80) being updated on all interface
Nov 21 2020 05:12:42 Info       [ACOS]:Port 80 type TCP on server s1.a10tme-demo is created
Nov 21 2020 05:12:42 Info       [ACOS]:Server s1.a10tme-demo is created


Want to watch a demo of the Thunder ADC integration with HashiCorp Consul? Go to a10transcend.com

Tagged:
Sign In or Register to comment.