Difficulty: Beginner
Estimated Time: 10 minutes

Application Aware Intentions With Consul Service Mesh

In this hands-on lab you will configure and deploy application aware intentions to a pre-existing Consul datacenter.

In this tutorial, you will:

  • Check your environments initial status and configuration
  • Create intentions to permit service communication inside the service mesh
  • Configure an ingress gateway to expose one service outside the mesh
  • Create application aware intentions to enable access only to selected path and resources

Review

In this hands-on lab you configured and deployed application aware intentions to a pre-existing Consul datacenter.

In this tutorial, you:

  • Checked your environments initial status and configuration
  • Created intentions to permit service communication inside the service mesh
  • Configured an ingress gateway and exposed one service outside the mesh
  • Created application aware intentions and enabled access only to selected path and resources

Application aware intentions in Consul service mesh with Envoy

Step 1 of 6

Lab Infrastructure Provisioning

There are a few components that need to be added to the environment; we are adding them now. Wait for the complete message and then move to the next step.

Example Output

 - Install prerequisites
 - Pulling Docker Image
 - Creating Docker volumes
 - Copying configuration files
 - Starting Consul Server
   ...
 - Configuring Operator Node
 - - Setting Consul as DNS
 - - Installing Applications Locally
 - Starting Consul Clients
   ...
 - Starting Ingress Gateway Node
   ...
 - Starting Applications and configuring service mesh
   ...
 - Apply Configuration Entries
   ...
 - Start Ingress Gateway Instance

and concluding with

- Complete! Move on to the next step.

Once this message appears, you are ready to continue.

Configuration files

If you are interested in checking the configuration files that are being used to initialize the environment you can find them inside the config folder in the editor. Here a list of files with a short description.

File Description
agent-server.hcl Server agent config file
agent-client.hcl Client agent config file
svc-api.hcl Service configuration - api
svc-web.hcl Service configuration - web
igw-web.hcl Ingress Gateway configuration - web
config-service-api.hcl Set protocol for api to http
config-service-web.hcl Set protocol for web to http
config-service-counting.hcl Set protocol for counting to http
config-service-dashboard.hcl Set protocol for dashboard to http
config-proxy-defaults.hcl Set protocol for Envoy proxies to http
config-intentions-default.hcl Intention configuration * => * (deny)

You can inspect the full list of configuration files available for the lab with:

tree .

Terminal
tty2
Consul UI
Ingress GW
Frontend