Difficulty: Beginner
Estimated Time: 15 minutes

Consul Connect

In this hands-on lab, you'll start two services and connect them over a TLS encrypted proxy with Consul Connect. Integrating applications with Consul Connect is as easy as talking to a port on localhost.

The front end will be a demo dashboard web application that displays a number. The backend will be a counting service that serves a JSON feed with a constantly incrementing number.

The front end uses websockets to update its user interface every few seconds with fresh data from the backend counting service.

You'll spend most of your time executing commands against our demo applications (dashboard and counting), but Consul works to help services discover each other and connect through encrypted proxies.

We've configured Consul for you and started a single agent, so it's ready to go. Let's get started!

Congratulations!

You've configured Consul Connect by completing the following steps:

  • Configure a backend service to run on a specific port with a name
  • Configure a front-end service to proxy to an upstream service over a local port
  • Deny connections by default with an intention
  • Allow specific communication between services with an intention

Continue your education by reading more about Consul Connect on the HashiCorp guides.

Don’t stop now! The next scenario will only take about 10 minutes to complete.

Consul Connect

Step 1 of 4

Start the backend counting service

View Consul UI and Launch Counting Service

We're already running Consul for you on a publically accessible IP address. The Consul web UI runs on port 8500. Visit it in a new tab here:

To start, you'll see a red X next to the counting and dashboard services since neither are running (so both are unhealthy).

Consul Web UI

Now let's start some services. Connect to host01. You'll examine the configuration for this service and then start the counting-service on port 9003.

ssh [email protected]

Consul is configured to look for the counting-service on port 9003. You can see the configuration by looking at the configuration file at /etc/consul.d/counting.json.

cat /etc/consul.d/counting.json

There are three important settings here.

  • Consul will look for a service running on port 9003. It will advertise that as the counting service. On a properly configured node, this can be reached as counting.service.consul through DNS.
  • A blank proxy is defined. This enables proxy communication through Consul Connect but doesn't define any connections right away.
  • A health check examines the local /health endpoint every second to determine whether the service is healthy and can be exposed to other services.

Now, start the service, specifying PORT as an environment variable.

PORT=9003 counting-service

You can view the output of the counting service at this URL. It's a simple JSON API.

Now refresh the Consul Web UI. You'll notice that the counting service now shows as healthy.