This repository contains 2 examples of Consul Cluster configurations that works with the recent implementation of ACL in Consul.
The example resides in the following directories:
- single-dc
- multi-dc
The examples are working with and validated on version 1.5.0.
Each directory contains a docker-compose.yml that contains a basic configuration. Each file will create a network where all containers are connected on. All containers have port 8500 and 8600/udp exposed. For the first container, the same ports are open, 2nd container is +1 and 3rd container is +2.
The cluster can be started by executing the docker-compose.sh script. Please make sure that if you start the 2nd cluster that the first cluster is down (Due to opening of ports).
The wdijkerman/consul image is used for the Consul Cluster setup.
This example starts 3 Docker Consul containers named consul-1, consul-2 and consul-3.
The following ACL's are created:
- "agent":
7a59f860-7e6a-0037-52d6-270ee84e4bed - "master":
9a6c723f-2533-2679-4515-654cdb7f96c9
Within the hcl directory, 2 hcl files can be found that contains the configuration for the roles.
This example starts 2 Docker Consul containers named consul-dc1 and consul-dc2. consul-dc1 resides in the dc1 datacenter and consul-dc2 in the dc2 datacenter.
The following ACL's are created:
- "agent":
FD8BCA99-ACE8-4FFE-BDF2-760A9CFAEAAB - "master":
BDDF9C2E-7296-4D80-9CB5-661224D11FD6
ACLs/Tokens are replicated to the secondary datacenters. So you'll have to only create them on the consul-dc1 cluster. These tokens are replicated via an acl with id FA294BBA-8279-4F93-84A2-FCBA61C8298A, which is only configured on the consul-dc2 cluster.
Within the hcl directory, 3 hcl files can be found that contains the configuration for the roles.
This repository is based on the learn.hashicorp.com site and some various other sites.
