The document introduces Marc Cluet, a grumpy engineer and co-founder of Ukon, detailing his extensive experience in DevOps and service management. It provides an overview of Consul, a service discovery system that includes features like DNS publishing, key/value storage, service health checks, and a restful API with encryption capabilities. Additionally, it highlights the functionality of Consul, its architecture, and useful resources and integration tools for configuration management.

1. Marc
Cluet
https://www.flickr.com/photos/kiasog/8734222880

2. Who am I?
Marc
Cluet
(@lynxman)
Grumpy
Engineer
based
in
London
Co-­‐Founder
of
Ukon
Cherry
Head
of
Operations
at
Gluru
17
years
of
experience
as
a
SysAdmin
Founding
member
of
Juju
and
MAAS
while
at
Canonical
Built
a
DevOps
Engineering
Team
at
Rackspace
Been
DevOps’in
for
the
last
5
years

3. Who am I?
http://www.meetup.com/London-­‐DevOps/

4. What is Consul?
https://www.flickr.com/photos/granada_turnier/5768809690/

5. What is Consul?
It’s
a
Service
Discovery
System

6. What is Service Discovery?
Service
Node
A
Service
Publication
Service
Node
B
Service
Node
C

7. What is Service Discovery?
Service
Node
A
Health
Check
Discovery
Agent
Discovery
Agent
Service
Node
B
Health
Check
Service
Publication
Node
A
Node
B

8. Consul Architecture
Client
Consul
Server
Consul
Server
Consul
Server
Client
Client
Client
Consul
Server

9. Consul Architecture
Client
Consul
Server
Consul
Server
Consul
Server
Client
Client
Client
Consul
Server
WAN
Gossip
LAN
Gossip

10. Bender Approved

11. Consul Functionality
https://www.flickr.com/photos/jdhancock/3580515232

12. Consul functionality
It’s
a
service
discovery
system
• Publishes
DNS
• k/v
Storage
• Service
Publication
• Health
Checks
• HTTP
RESTful
API
• With
Encryption!

13. Consul DNS publisher
Port
8600
Use
dnsmasq:
server=/consul/127.0.0.1#8600

14. Consul DNS publisher
service
name:
web
zone:
eu-­‐west-­‐1
<servicename>.service.<zone>.consul
web.service.eu-­‐west-­‐1.consul

15. Consul DNS publisher
node
name:
web01
zone:
eu-­‐west-­‐1
<nodename>.<zone>.consul
web01.eu-­‐west-­‐1.consul

16. Consul DNS publisher
API
FRIENDLY!
/v1/catalog/
/v1/catalog/datacenters/
/v1/catalog/nodes/
/v1/catalog/services/<servicename>
/v1/catalog/service/<name>
/v1/catalog/node/<nodename>

17. k/v Storage
/v1/kv/<key>
GET
PUT
DELETE
Limited
to
256kb
https://www.flickr.com/photos/victoriabernal/6294851265

18. Service Publication
{
"service":
{
"name":
”web",
"tags":
[”my
web"],
"port":
80,
"check":
{
"script":
"/usr/lib/nagios/check_http",
"interval":
"10s"
}
}
}

19. Service Publication
Service
Node
A
Service
Node
B
Service
Node
C
web.service.eu-­‐west-­‐1.consul
10.10.10.10
10.10.10.11
10.10.10.12

20. Service Publication
Service
Node
A
Service
Node
B
Service
Node
C
web.service.eu-­‐west-­‐1.consul
10.10.10.10
10.10.10.11
10.10.10.12

21. Service Publication
Service
Node
A
Service
Node
B
Service
Node
C
web.service.eu-­‐west-­‐1.consul
10.10.10.10
10.10.10.11
10.10.10.12

22. Service Publication
Caveats
• Can
remove
ALL
servers
• Check
needs
to
be
solid

23. Health Checks
{
"check":
{
"id":
"mem-­‐util",
"name":
"Memory
utilization",
"script":
"/usr/local/bin/check_mem.py",
"interval":
"10s"
}
}

24. Health Checks
Caveats
• Can
remove
the
server
and
all
services
• Check
needs
to
be
solid

25. The Monitoring Question
https://www.flickr.com/photos/okeos/110365446

26. HTTP RESTful API
/v1/kv/
/v1/agent/
/v1/catalog/
/v1/health/
/v1/session/
/v1/acl/
/v1/status/

27. Encryption
Separate
encryption
for
different
traffic
• Gossip
Encryption
• RPC
TLS
Encryption
https://www.flickr.com/photos/ideonexus/5175383269

28. Gossip Encryption
KPI
Encryption
$
consul
keygen
cg8StVXbQJ0gPvMd9o7yrg==

29. RPC TLS Encryption

30. Special Mention
consul
watch
-­‐type
[
key
[params]
script
event
services
nodes
checks
]

31. Special Mention
API
Blocking
Queries

32. Useful Resources
https://www.flickr.com/photos/florianric/7263382550

33. Config Mgmt
Puppet
https://forge.puppetlabs.com/KyleAnderson/consul
https://forge.puppetlabs.com/lynxman/hiera_consul
Chef
https://supermarket.chef.io/cookbooks/consul

34. Config Mgmt
Ansible
https://galaxy.ansible.com/list#/roles/2032
https://galaxy.ansible.com/list#/roles/1453
SaltStack
???

35. Hashicorp Tools
EnvConsul
https://github.com/hashicorp/envconsul
Consul
Replicate
https://github.com/hashicorp/consul-­‐replicate
Consul
Template
https://github.com/hashicorp/consul-­‐template

36. Consul Ecosystem
Confd
Consulate
Crypt
Docker
Consul
Registrator
More
at
http://www.consul.io/downloads_tools.html
https://www.flickr.com/photos/tjflex/7646164470

37. DEMO TIME!
https://www.flickr.com/photos/digitizedchaos/3964206549

38. Useful Links
Consul
Documentation
http://www.consul.io/docs/index.html
Consul
Mailing
List
https://groups.google.com/forum/#!forum/consul-­‐tool
Consul
Open
Issues
https://github.com/hashicorp/consul/issues

39. https://www.flickr.com/photos/mikko_luntiala/12691267935
https://www.flickr.com/photos/dullhunk/202872717
@lynxman
http://slideshare.net/lynxmanuk/
https://github.com/lynxman/
https://devroot.org/