Skip to content

Commit

Permalink
Merge pull request #8 from boruszak/introduction-content
Browse files Browse the repository at this point in the history
Introduction-content
  • Loading branch information
boruszak authored Dec 28, 2024
2 parents d3ab31d + ecc4098 commit ec06a4a
Show file tree
Hide file tree
Showing 98 changed files with 1,309 additions and 3,280 deletions.
21 changes: 21 additions & 0 deletions website/content/docs/architecture/backend.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
layout: docs
page_title: Raft architecture
description: >-
Consul ensures a consistent state using the Raft protocol. A quorum, or a majority of server agents with one leader, agree to state changes before committing to the state log. Learn about the Raft architecture in Consul and its requirements.
---

# Raft architecture

Raft is a consensus algorithm that is based on
[Paxos](https://en.wikipedia.org/wiki/Paxos_%28computer_science%29). Compared
to Paxos, Raft is designed to have fewer states and a simpler, more
understandable algorithm.

## Raft index

How the Raft index works

## Backend

BoltDB / WAL backend
File renamed without changes.
File renamed without changes.
4 changes: 2 additions & 2 deletions website/content/docs/architecture/control-plane/index.mdx
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
---
layout: docs
page_title: Consul Architecture
page_title: onsul control plane architecture
description: >-
Consul datacenters consist of clusters of server agents (control plane) and client agents deployed alongside service instances (data plane). Learn how these components and their different communication methods make Consul possible.
---

# Consul Architecture
# Consul control plane architecture

This topic provides an overview of the Consul architecture. We recommend reviewing the Consul [glossary](/consul/docs/install/glossary) as a companion to this topic to help you become familiar with HashiCorp terms.

Expand Down
File renamed without changes.
37 changes: 37 additions & 0 deletions website/content/docs/architecture/data-plane/index.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
---
layout: docs
page_title: Consul data plane architecture
description: >-
Consul provides features that help you manage your application's data plane. Learn about Consul's data plane, including its architectural components.
---

# Consul data plane architecture

This topic describes Consul's architecture and operations in an application's data plane. Consul can deploy gateways and sidecar proxies to help you secure, observe, and manage application traffic.

For information about the lightweight workload agents Consul uses for container-based applications on Kubernetes and AWS ECS, refer to [Consul data plane](/consul/docs/architecture/control-plane/dataplane).

## Introduction

Consul provides control plane features that help you manage your application's data plane, but it does not run directly in the data plane.

When using Consul for service discovery, no additional components or configurations are required for the data plane.

When using Consul's service mesh features, you can use Consul to create gateways and proxies for service-to-service traffic and to secure user interactions with services.

## Gateways

Gateways secure application traffic between services. There are four kinds of gateways:

- API gateway
- Ingress gateway
- Terminating gateways
- Mesh gateways

## Sidecar proxies

Consul can depoy sidecar proxies so that you can oberve and monitor application traffic.

## Next steps

Learn about [Consul's security architecture](/consul/docs/architecture/security) to learn about the encryption systems and verification protocols Consul uses to secure data plane operations.
File renamed without changes.
File renamed without changes.
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,13 @@ HashiCorp Consul is a service networking solution that enables teams to manage s
> **Hands-on**: Complete the Getting Started tutorials to learn how to deploy Consul:
- [Get Started on Kubernetes](/consul/tutorials/get-started-kubernetes)
- [Get Started on VMs](/consul/tutorials/get-started-vms)
- [HashiCorp Cloud Platform (HCP) Consul](/consul/tutorials/get-started-hcp)
- [HashiCorp Cloud Platform (HCP) Consul Dedicated](/consul/tutorials/get-started-hcp)

## How does Consul work?

Consul provides a _control plane_ that enables you to register, query, and secure services deployed across your network. The control plane is the part of the network infrastructure that maintains a central registry to track services and their respective IP addresses. It is a distributed system that runs on clusters of nodes, such as physical servers, cloud instances, virtual machines, or containers.
Consul provides a _control plane_ that enables you to register, query, and secure services deployed across your network. The control plane is the part of the network infrastructure that maintains a central registry to track services and their respective IP addresses. It is a distributed system that runs on clusters of nodes, such as physical servers, cloud instances, virtual machines, or containers.

Consul interacts with the _data plane_ through proxies. The data plane is the part of the network infrastructure that processes data requests. Refer to [Consul Architecture](/consul/docs/architecture) for details.
Consul interacts with the _data plane_ through proxies. The data plane is the part of the network infrastructure that processes data requests.

![Basic Consul workflow](/img/what-is-consul-overview-diagram.png)

Expand All @@ -29,6 +29,7 @@ The core Consul workflow consists of the following stages:
- **Secure**: After services locate upstreams, Consul ensures that service-to-service communication is authenticated, authorized, and encrypted. Consul service mesh secures microservice architectures with mTLS and can allow or restrict access based on service identities, regardless of differences in compute environments and runtimes.

## Why Consul?

Consul increases application resilience, bolsters uptime, accelerates application deployment, and improves security across service-to-service communications. HashiCorp co-founder and CTO Armon Dadgar explains how Consul solves networking challenges.

<iframe
Expand All @@ -39,9 +40,13 @@ Consul increases application resilience, bolsters uptime, accelerates applicatio
height="315"
></iframe>

To learn more about Consul and how it compares to similar products, refer to [Consul use cases](/consul/docs/use-case).

### Automate service discovery

Adopting a microservices architecture on cloud infrastructure is a critical step toward delivering value at scale, but knowing where healthy services are running on your networks in real time becomes a challenge. Consul automates service discovery by replacing service connections usually handled with load balancers with an identity-based service catalog. The service catalog is a centralized source of truth that you can query through Consul’s DNS server or API. The catalog always knows which services are available, which have been removed, and which services are healthy.
Adopting a microservices architecture on cloud infrastructure is a critical step toward delivering value at scale, but knowing where healthy services are running on your networks in real time becomes a challenge. Consul automates service discovery by replacing service connections usually handled with load balancers with an identity-based service catalog. The [service catalog](/consul/docs/concept/catalog) is a centralized source of truth that you can query through Consul’s DNS server or API. The catalog always knows which services are available, which have been removed, and which services are healthy.

To learn more about Consul's service discovery features and how they compares to similar products, refer to [Consul compared to other DNS tools](/consul/docs/use-case/dns).

### Connect services across runtimes and cloud providers

Expand Down
10 changes: 10 additions & 0 deletions website/content/docs/architecture/security.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
layout: docs
page_title: Consul security architecture
description: >-
Consul
---

# Consul security architecture

HashiCorp Consul
210 changes: 207 additions & 3 deletions website/content/docs/automate/consul-template/index.mdx
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
---
layout: docs
page_title: Consul Template overview
page_title: Consul Template
description: >-
Consul Template is a tool available as a distinct binary that enables dynamic application configuration and secrets rotation for Consul deployments based on Go templates.
---

# Consul Template overview
# Consul Template

This topic provides an overview of the Consul Template tool, which enables a programmatic method for rendering configuration files from a variety of locations, including the Consul KV store. It is an effective workflow option for replacing complicated API queries that often require custom formatting.

Expand All @@ -19,11 +19,215 @@ In a typical scenario, you run `consul-template` as a daemon that fetches the in

The Consul template tool is flexible, it can fit into many different environments and workflows. Depending on the use case, you may have a single `consul-template` instance on a handful of hosts, or you may need to run several instances on every host. Each `consul-template` process can manage multiple unrelated files and removes duplicated information as needed when files share data dependencies.

---
id: dfa8928f-3eea-48cf-b639-8d1e73164c1e
name: Service configuration with Consul Template
short_name: Consul Template
products_used:
- consul
description: >-
Programmatically render configuration files from a variety of locations
including Consul KV with Consul Template
read_time: 10
default_collection_context: consul/developer-configuration
---

The Consul template tool provides a programmatic method for rendering
configuration files from a variety of locations, including Consul KV. It is an
ideal option for replacing complicated API queries that often require custom
formatting.
The template tool is based on Go templates and shares many of the same attributes.

Consul template is a useful tool with several applications. This tutorial will
focus on two of its use cases.

1. _Update configuration files_. The Consul template tool can be used
to update service configuration files. A common use case is managing load
balancer configuration files that need to be updated regularly in a dynamic
infrastructure.

1. _Discover data about the Consul datacenter and service_. It is possible to collect
information about the services in your Consul datacenter. For example, you could
collect a list of all services running on the datacenter or you could discover all
service addresses for the Redis service. Note, this use case has limited
scope for production.

In this tutorial, you will get an introduction on how `consul-template` works,
how to install it, and two use cases.

Before completing this tutorial, you should have some familiarity with
[Consul KV](/consul/tutorials/interactive/get-started-key-value-store)
and [Go templates](https://golang.org/pkg/text/template/).

## Introduction to Consul template

Consul template is a simple, yet powerful tool. When initiated, it reads one or
more template files and queries Consul for all data needed to render them.
Typically, you run `consul-template` as a daemon which will fetch the initial
values and then continue to watch for updates, re-rendering the template
whenever there are relevant changes in the datacenter. You can alternatively use
the `-once` flag to fetch and render the template once which is useful for
testing and setup scripts that are triggered by some other automation for
example a provisioning tool. Finally, the template can also run arbitrary
commands after the update process completes. For example, it can send the HUP
signal to the load balancer service after a configuration change has been made.

The Consul template tool is flexible, it can fit into many different
environments and workflows. Depending on the use-case, you may have a single
`consul-template` instance on a handful of hosts or may need to run several
instances on every host. Each `consul-template` process can manage multiple
unrelated files though and will de-duplicate the fetches as needed if those
files share data dependencies so it can reduce the load on Consul servers to
share where possible.

## Install Consul template

For this tutorial, you will use a local Consul agent in development mode which
can be started with `consul agent -dev`. To quickly set up a local Consul agent,
refer to the getting started [tutorial](/consul/tutorials/get-started-vms/virtual-machine-gs-deploy).
The Consul agent must be running to complete all of the following steps.

The Consul template tool is not included with the Consul binary and will need to
be installed separately. It can be installed from a precompiled binary or
compiled from source. You will be installing the precompiled binary.

First, download the binary from the
[Consul Template releases page](https://releases.hashicorp.com/consul-template/).

```shell-session
$ curl -O https://releases.hashicorp.com/consul-template/0.19.5/consul-template<_version_OS>.tgz
```

Next, extract the binary and move it into your `$PATH`.

```shell-session
$ tar -zxf consul-template<_version_OS>.tgz
```

To compile from source, check the instructions in the
[contributing section in GitHub](https://github.com/hashicorp/consul-template#contributing).

## Use case: Consul KV

In this first use case example, you will render a template that pulls the
HashiCorp address from Consul KV. To do this, you will create a simple template
that contains the HashiCorp address, run `consul-template`, add a value to
Consul KV for HashiCorp's address, and finally view the rendered file.

First, you will need to create a template file `find_address.tpl` to query
Consul's KV store:

<CodeBlockConfig filename="find_address.tpl">

```go
{{ key "/hashicorp/street_address" }}
```

</CodeBlockConfig>

Next, you will run `consul-template` specifying both the template to use and the
file to update.

```shell-session
$ consul-template -template "find_address.tpl:hashicorp_address.txt"
```

The `consul-template` process will continue to run until you kill it with
`CTRL+c`. For now, you will leave it running.

Finally, open a new terminal so you can write data to the key in Consul using
the command line interface.

```shell-session
$ consul kv put hashicorp/street_address "101 2nd St"
Success! Data written to: hashicorp/street_address
```

You can verify the data was written by viewing the `hashicorp_address.txt` file
which will be located in the same directory where `consul-template` was run.

```shell-session
$ cat hashicorp_address.txt
101 2nd St
```

If you update the key `hashicorp/street_address`, you can see the changes to the
file immediately. Go ahead and try `consul kv put hashicorp/street_address "22b Baker ST"`.

You can verify that this simple process can have powerful implications. For
example, it is possible to use this same process for updating your
[HAProxy load balancer configuration](https://github.com/hashicorp/consul-template/blob/master/examples/haproxy.md).

You can now kill the `consul-template` process with `CTRL+c`.

## Use case: discover all services

In this use case example, you will discover all the services running in the
Consul datacenter. To follow along, you use the local development agent from the
previous example.

First, you will need to create a new template `all-services.tpl` to query all
services.

<CodeBlockConfig filename="all-services.tpl">

```go
{{ range services -}}
# {{ .Name }}
{{- range service .Name }}
{{ .Address }}
{{- end }}

{{ end -}}
```

</CodeBlockConfig>

Next, run Consul template specifying the template you just created and the
`-once` flag. The `-once` flag will tell the process to run once and then quit.

```shell-session
$ consul-template -template="all-services.tpl:all-services.txt" -once
```

If you complete this on your local development agent, you should still get the
`consul` service among the results when viewing `all-services.txt`.

```plaintext hideClipboard
# consul
127.0.0.7
```

On a development or production datacenter, you would get a list of all the services.
For example:

```plaintext hideClipboard
# consul
104.131.121.232
# redis
104.131.86.92
104.131.109.224
104.131.59.59
# web
104.131.86.92
104.131.109.224
104.131.59.59
```

## Tutorials

To get started with Consul Template and learn more about how you can use it to configure and manage application deployments, refer to the following tutorials:

- Learn how to programmatically render service configuration in the [Service configuration with Consul Template tutorial](/consul/tutorials/developer-configuration/consul-template).
- Learn how to use Consul and Consul template to automatically update an NGINX configuration file with the latest list of backend servers found by Consul's service discovery in the [Load Balancing with NGINX and Consul Template tutorial](/consul/tutorials/load-balancing/load-balancing-nginx).
- Learn how to use Vault's PKI Secrets Engine to generate and renew dynamic X.509 certificates and then use `consul-template` to rotate your certificates in the [Generate mTLS Certificates for Consul with Vault tutorial](/consul/tutorials/vault-secure/vault-pki-consul-secure-tls).
- Learn how to use Vault to store a gossip encryption key and then use `consul-template` to retrieve and rotate the key automatically in the [Automatically Rotate Gossip Encryption Keys Secured in Vault tutorial](/consul/tutorials/vault-secure/vault-kv-consul-secure-gossip).

## Next steps

In this tutorial, you learned how to set up and use the Consul template tool.
To find additional examples, refer to the examples folder
in [GitHub](https://github.com/hashicorp/consul-template/tree/master/examples).
17 changes: 0 additions & 17 deletions website/content/docs/compare/service-mesh.mdx

This file was deleted.

Loading

0 comments on commit ec06a4a

Please sign in to comment.