git2consul setup questions

[paperpunk]

hello,

i am trying to use git2consul and have several questions regarding how to best set it up in the current scenario.

environment setup:

HOST 1: consul server
HOST 2: docker with (consul client + app A)
HOST 3: docker with (consul client + app A)
HOST 4: docker with (consul client + app B)

1. in the above scenario, what is the best way to set up git2consul's docker:
   A. one instance of git2consul for all hosts
   B. each host runs its own git2consul (still only 1 consul server)
   C. something else?

2. documentation says:

git2consul expects to be run on the same node as a Consul agent

does it matter whether it runs on the host with consul server or consul client?

3. if running multiple instances of git2consul, is it possible to overwrite the location where config.json is stored in consul KV?

4. what is the current best practice to follow if running multiple instances of git2consul with the
   same instance of consul in order to avoid overwriting the config with each new instance?

5. what is the config stored in consul's KV used for? in other words, even if
   it does get overwritten by another instance of git2consul, what will be affected?

Thank you!

[davidnewman]

You're asking a question with a lot of assumptions.

From my experience, you only want to have one instance of git2consul for a given set of repos.

For example, let's say you've got the following repositories:

• A
• B
• C

You can have a single instance of git2consul that is configured to monitor all three of the repositories. Or, you could have an instance of git2consul for each one. Or, you could have an instance of git2consul for repos A and B, but a second instance of git2consul for repo C.

All the instances can write to the same Consul cluster. The important part is that you don't have more than one instance that writes to (in the example above) repo A. These would potentially conflict because there is no locking/coordination between the git2consul instances.

You don't technically have to run git2consul on the same host as Consul. You can use configuration to tell git2consul how to connect to Consul since git2consul uses the Consul API. You are just better off from a performance standpoint to run it on the same host as an agent.

Best practice for Consul IN GENERAL is to avoid talking directly to a Consul Server process. So, whether you do it remotely, or on the same host, you should have git2consul talk to a Consul Agent.

As to config storage, I personally prefer to use an external config file..but I realize that may not be an option. If so, the config stored in Consul can be used. It is used for the same purpose as the config file, to drive the behavior of git2consul! The point is that if you want to run git2consul in a docker container, you may not want it using a config file because that would likely mean you'd have to deploy a whole new docker image/container in order to update the configuration. What you could do instead, is just create the git2consul configuration key in the Consul cluster, and use that as the source of configuration data.

[paperpunk]

Thank you for your response, David.

When you say (that you prefer an) external config file, are you referring to a config file stored on the host and mounted inside the container? since I wrote the question, I have discovered the --config_key option which I somehow did not see before, and it answered a lot of my questions.

Do you have experience with running git2consul as a docker image? Specifically interested in setting up access to a non-public github repo. For now I've had to modify the provided Dockerfile to add the rsa key directly to the container, wondering if there is a better way.

Also, do you know of a better way of providing the ACL 'write' token rather than just setting it as an environment variable which can be seen by running docker inspect?

Thank you!