Difficulty: Beginner
Estimated Time: 15 minutes

Consul Connect

In this hands-on lab, you'll start two services and connect them over a TLS encrypted proxy with Consul Connect. Integrating applications with Consul Connect is as easy as talking to a port on localhost.

In this demo, you'll start four processes.

  • The front end will be a demo dashboard web application that displays a number.
  • The backend will be a counting service that serves a JSON feed with a constantly incrementing number.
  • Two consul connect proxies represent the dashboard and counting services so they can communicate securely with each other.

The front end uses websockets to update its user interface every few seconds with fresh data from the backend counting service. It also displays status information so you can see when the connection has been made.

You'll spend most of your time executing commands against our demo applications (dashboard and counting), but Consul works in the background to help services discover each other and connect through encrypted proxies.

We've configured Consul for you and started a single agent, so it's ready to go. Let's get started!

Congratulations!

You've configured Consul Connect by completing the following steps:

  • Configure a backend service to run on a specific port with a name
  • Configure a front-end service to proxy to an upstream service over a local port
  • Manually start a sidecar proxy for each
  • Deny connections by default with an intention
  • Allow specific communication between services with an intention

Continue your education by reading more about Consul Connect at HashiCorp Learn. Detailed documentation is available at consul.io.

Consul Connect

Step 1 of 5

Start the backend counting service

View Consul UI and Launch Counting Service

We're already running Consul for you on a publicly accessible IP address. The Consul web UI runs on port 8500. Visit it in a new tab here:

To start, you'll see a red X next to the counting and dashboard services since neither are running (so both are unhealthy).

Consul Web UI

Now let's start some services. You'll examine the configuration for this service and then start the counting-service on port 9003.

Consul is configured to look for the counting-service on port 9003. You can see the configuration by looking at the configuration file at /etc/consul.d/counting.json.

cat /etc/consul.d/counting.json

There are three important settings here.

  • Consul will look for a service running on port 9003. It will advertise that as the counting service. On a properly configured node, this can be reached as counting.service.consul through DNS.
  • A connect sidecar is defined. This enables proxy communication through Consul Connect but doesn't define any connections right away. The proxy must be manually started, which we will do later.
  • A health check examines the local /health endpoint every second to determine whether the service is healthy and can be exposed to other services.

Now, start the service, specifying PORT as an environment variable.

PORT=9003 counting-service

You can view the output of the counting service at this URL. It's a JSON API with a few keys and values.

Go back to the Consul Web UI. Notice that it automatically updated the counting service which is now healthy.