Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Ashwin S
    @ashwin-subramanian
    @ado120 definitely agent pods, you should see what is enabled the values.yaml
    Ashwin S
    @ashwin-subramanian
    is there a way to upgrade versions in such a way that you’re running two congruent systems Consul server x and y version, with agents running on same nodes of x and y version and then just switching application logic to move to newer version and decomm old one?
    Florian Egner
    @egnerfl
    Hi all! I'm currently setting up a consul cluster on GCP planed to use instance groups there. To enable rolling updates I need health checks and wondered if there is an api to check the health of a single node inside the cluster/instance group? I found the following health check api https://www.consul.io/api/health.html but since I'm new to consul I'm unsure if this is the right approach. Thanks for your help!
    Smit Jain
    @smitjainsj
    Hey, anybody implemented Consul with TLS/SSL. I am always running into error.
    [ERR] consul: Failed to confirm peer status for orch1.example.com: rpc error getting client: failed to get conn: x509: certificate specifies an incompatible key usage. Retrying in 16s...
    Oct  6 19:37:18 orch1 consul: 2019/10/06 19:37:18 [ERR] consul.rpc: failed to read byte: remote error: tls: bad certificate from=192.168.34.101:36394
    This is my config for SSL generations.
    [ req ]
    distinguished_name = req_distinguished_name
    req_extensions = req_ext
    extendedKeyUsage = serverAuth,clientAuth
    
    [ req_distinguished_name ]
    
    [ req_ext ]
    subjectAltName = @alt_names
    
    [ alt_names ]
    DNS.1 = orch1.example.com
    DNS.2 = server.dc01.consul
    DNS.3 = localhost
    DNS.4 = 127.0.0.1
    Smit Jain
    @smitjainsj
    I think I know the problem here " X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication"
    Ravi Shekhar Jethani
    @rsjethani
    Hi guys, can we have separate addresses for dns and http in consul? AFAIK -client option decides both dns and http addr
    avishaiNB
    @avishaiNB
    @avishaiNB , if it helps anyone version 1.0.1 in cluster mode throw that error, upgrading the version (i tried 1.0.3) solves the issue.
    the error: "[ERR] serf: Rejected coordinate from some_consul_agent: round trip time not in valid range, duration 0s is not a positive value less than 10s".
    Cory Parent
    @goedelsoup
    @rsjethani you can override the client address with the following config block https://www.consul.io/docs/agent/options.html#addresses
    Raphael Philipe Mendes da Silva
    @rapphil
    Hello, is there any tool that integrate with consul to provide layer 4 load balancing?
    Ravi Shekhar Jethani
    @rsjethani
    @goedelsoup thanks!
    Shantanu Gadgil
    @shantanugadgil
    @rapphil Consul native Proxy/Loadbalanacers: Fabio, Traefik (both do L4 and L7 with varying capabilities)
    Chris Stevens
    @stevenscg
    @rapphil +1 for Fabio. A bunch of folks on here run with it and several are contributors to the project.
    Raphael Philipe Mendes da Silva
    @rapphil
    Thanks Chris, I should have read the Fabio documentation carefully. It indeed is a TCP/IP raw proxy as well.
    Chris Stevens
    @stevenscg
    Indeed! Really handy.
    FYI: There are several discussions in here about Fabio for Consul Connect services. That is one of the few limitations in Fabio I have heard about and it's a fairly new one.
    Shantanu Gadgil
    @shantanugadgil
    @rapphil I misread your message and forgot to mention Gobetween.(i dunno why i thought you were asking for L7). Gobetween does L4 only and it configuration wise much much simpler than the other two. https://github.com/yyyar/gobetween
    I would recommend Gobetween highly!!! πŸ‘πŸ»πŸ‘πŸ»πŸ‘πŸ»
    Aaron Hurt
    @leprechau
    @shantanugadgil interesting how you use go-between
    it looks like it’s consul support is pretty static
    Shantanu Gadgil
    @shantanugadgil
    @leprechau Gobetween was the first "consul aware" loadbalancer I actually used (since Jan 2017) and sort of tested it to its limits. ☺️ If you read the "discovery" section of Gobetween on their wiki, it outlines what all supported "backends" exist, Consul being one of the possible backends.
    The L4 feature set of SNI headers in TCP (TLS) is what actually drew me to it over the other two load balancers.
    What Fabio achieves with the "urlprefix" is achieved using "service name" in Gobetween. In my opinion the toml syntax of Gobetween makes much more sense that the "properties" syntax of Fabio. 😁
    Shantanu Gadgil
    @shantanugadgil
    Traefik version 2 has TCP+TLS+SNI support, which only came recently.
    Traefik has a comprehensive admin webui, Fabio has a basic admin webui, Gobetween has no admin webgui (though it has HTTP api support)
    Cory Parent
    @goedelsoup
    is the consul provider for traefik 2 ready yet?
    Joel Comeaux
    @jcomeaux
    @goedelsoup there's a PR for consul catalog support ... containous/traefik#5395 ...looks like it's nearing approval
    Cory Parent
    @goedelsoup
    ah, gorgeous. i'm planning on standardizing on traefik but have been waiting for 2 to be polished and ready.
    Daniel Santos
    @danlsgiga
    I’m moving away from fabio and planning to use caddy... still debating though
    sharath412
    @sharath412
    Is there any monitoring tools for consul agent? We are getting sometimes connection timeout from consul agent.
    Yukeshraja
    @Yukeshraja
    Hi all, Any one installed consul in kubernetes facing multiple issues while doing!! can any help on this??
    Tyndyll
    @tyndyll
    Hi all, does anyone know the cases when writing to the key value store where it might return "false" instead of "true"?
    Shantanu Gadgil
    @shantanugadgil
    @sharath412 you could try enabling telemetry reporting for Consul to mayne get some more ideas?
    Brad Tillman
    @guessmyname
    hello, I'm hoping someone can help us with recovering from a consul outage
    we are trying to use the peers.json but neither version format seems to work
    v3 fails with error panic: failed to apply request: []byte{0x13, 0x81, 0xa8, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x91, 0x89, 0xab, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x0, 0xab, 0x44, 0x61, 0x74, 0x61, 0x
    v2 fails with error Error starting agent: Failed to start Consul server: Failed to start Raft: recovery failed to parse peers.json: json: cannot unmarshal string into Go value of type raft.configEntry
    we are not sure how to proceed
    Brad Tillman
    @guessmyname
    found the cause, needed to remove the raft.db before starting consul
    Daniel Santos
    @danlsgiga
    I have stale and dns cache enabled in all agents and servers... my assumption was that if I lose all my servers the agents would still answer stale cached dns entries until the consul servers are back up. Is there anything specific required to get that?
    Arun Poonia
    @apooniajjn
    hi, I am trying to install a consul server cluster (3 CentOS VM -sitting in same subnet) first time. But it appears my cluster is not coming up. Even though individual node says member is live but i don't see other members on cluster. It throws below error Oct 11 02:41:18 test consul[8544]: agent: failed to sync remote state: No cluster leader Oct 11 02:41:18 test consul: 2019/10/11 02:41:18 [ERR] agent: failed to sync remote state: No cluster leader what I am missing ?
    Shantanu Gadgil
    @shantanugadgil
    Can you provide the server configuration files? Issue is difficult to pinpoint based only on that message.
    Possible issues could be ... open ports? bootstrap_expect option setting.
    ** remove any sensitive info from the config files
    Arun Poonia
    @apooniajjn
    @shantanugadgil looks like encryption key wasn't same in cluster. As soon as I deleted local keys with update and restarted service. It worked. thank you for responding.
    Shantanu Gadgil
    @shantanugadgil
    :+1:
    ikewabo
    @ikewabo
    Can Consul integrate with Azure App Service/Azure Functions? Please
    Please
    Please advise.