Consul¶
New in version 0.1.
Consul is used in the project to coordinate service discovery, specifically using the inbuilt DNS server.
Upgrading¶
New in version 1.0.
Mantl 1.0 includes Consul v0.6.3. If you are running Mantl 0.5.1, you’ll need to run the playbooks/upgrade-consul.yml playbook before reprovisioning your cluster to 1.0 in order to ensure a smooth upgrade.
Upgrades from releases prior to Mantl 0.5.1 have not been tested.
Variables¶
You can use these variables to customize your Consul installation. You’ll typically want to set at least consul_dc, consul_servers_group, and consul_gossip_key. These variables are roughly sorted from most commonly used to least.
- consul_dc¶
If set, consul will advertise this datacenter (default dc1)
- consul_dc_group¶
The group to look in for the local datacenter. Using the Terraform plugins, this should be dc=dcname, and it will default to that with the current datacenter name.
- consul_servers_group¶
Group to configure join IPs from. For example, if this value is consul_servers, IPs will be calculated from the hosts in that group and added to the list of servers to join. Defaults to role=control.
- consul_log_level¶
The level of logging for the Consul agent. The available log levels are “trace”, “debug”, “info”, “warn”, and “err”.
Default: warn
- consul_gossip_key¶
If set, this is used to encrypt gossip communication between nodes. This is unset by default, but you really should set one up. You can get a suitable key (16 bytes of random data encoded in base64) by running openssl rand 16 | base64.
- consul_advertise¶
IP address Consul will advertise as available for other nodes to connect to. Defaults to the value of private_ipv4 (from terraform inventory).
- consul_is_server¶
Whether this node should be a server (true) or an agent (false). (default true)
- consul_bootstrap_expect¶
The number of servers to expect to join the cluster before bootstrapping. This is used in place of a two-phase bootstrap (where one node bootstraps and then restarts as a regular server.) This is set by default to be the number of servers in consul_servers_group, but can be changed where the situation warrants (for example if you have many servers, you may want to set this to be a low number like 3.)
- retry_join¶
Automatically generated by the calculation described in consul_servers_group, but you can override it for custom behavior.
- consul_enable_tls¶
If (true) use TLS to verify the authenticity of servers and clients. (default false)
- consul_ca_file¶
File name of a PEM-encoded certificate authority. Only used when consul_enable_tls is true.
- consul_cert_file¶
File name of a PEM-encoded certificate. Only used when consul_enable_tls is true.
- consul_key_file¶
File name of a PEM-encoded private key. Only used when consul_enable_tls is true.
