Installs and configures Consul.
- CentOS 5.10, 6.5, 7.0
- RHEL 5.10, 6.5, 7.0
- Ubuntu 12.04, 14.04
| Key | Type | Description | Default |
|---|---|---|---|
| ['consul']['version'] | String | Version to install | 0.4.1 |
| ['consul']['base_url'] | String | Base URL for binary downloads | https://dl.bintray.com/mitchellh/consul/ |
| ['consul']['encrypt'] | String | Encryption string for consul cluster. | nil |
| ['consul']['install_method'] | String | Method to install consul with when using default recipe: binary or source | binary |
| ['consul']['install_dir'] | String | Directory to install binary to. | /usr/local/bin |
| ['consul']['service_mode'] | String | Mode to run consul as: bootstrap, cluster, server, or client | bootstrap |
| ['consul'][bootstrap_expect] | String | When bootstrapping a cluster, the number of server nodes to expect. | nil |
| ['consul']['data_dir'] | String | Location to store consul's data in | /var/lib/consul |
| ['consul']['config_dir'] | String | Location to read service definitions from (directoy will be created) | /etc/consul.d |
| ['consul']['servers'] | Array Strings | Consul servers to join | [] |
| ['consul']['bind_addr'] | String | address that should be bound to for internal cluster communications | 0.0.0.0 |
| ['consul']['datacenter'] | String | Name of Datacenter | dc1 |
| ['consul']['domain'] | String | Domain for service lookup dns queries | .consul |
| ['consul']['enable_syslog'] | Boolean | enables logging to syslog | nil |
| ['consul']['log_level'] | String | The level of logging to show after the Consul agent has started. Available: "trace", "debug", "info", "warn", "err" | info |
| ['consul']['node_name'] | String | The name of this node in the cluster | hostname of the machine |
| ['consul']['advertise_addr'] | String | address that we advertise to other nodes in the cluster | Value of bind_addr |
| ['consul']['init_style'] | String | Service init mode for running consul as: init or runit | init |
| ['consul']['service_user'] | String | For runit service: run consul as this user (init uses 'root') | consul |
| ['consul']['service_group'] | String | For runit service: run consul as this group (init uses 'root') | consul |
| ['consul']['bind_interface'] | String | Interface to bind to, such as 'eth1'. Sets bind_addr attribute to the IP of the specified interface if it exists. | nil |
| ['consul']['advertise_interface'] | String | Interface to advertise, such as 'eth1'. Sets advertise_addr attribute to the IP of the specified interface if it exists. | nil |
| ['consul']['extra_params'] | hash | Pass a hash of extra params to the default.json config file | {} |
| ['consul']['encrypt_enabled'] | Boolean | To enable Consul gossip encryption | false |
| ['consul']['verify_incoming'] | Boolean | If set to True, Consul requires that all incoming connections make use of TLS. | false |
| ['consul']['verify_outgoing'] | Boolean | If set to True, Consul requires that all outgoing connections make use of TLS. | false |
| ['consul']['key_file'] | String | The content of PEM encoded private key | nil |
| ['consul']['key_file_path'] | String | Path where the private key is stored on the disk | /etc/consul.d/key.pem |
| ['consul']['ca_file'] | String | nil | |
| ['consul']['ca_file_path'] | String | Path where ca is stored on the disk | /etc/consul.d/ca.pem |
| ['consul']['cert_file'] | String | The content of PEM encoded cert. It should only contain the public key. | nil |
| ['consul']['cert_file_path'] | String | Path where cert is stored on the disk | /etc/consul.d/cert.pem |
| ['consul']['go_max_procs] | Integer | See http://golang.org/pkg/runtime/ | node['cpu']['total'] |
Following attributes, if exist in the encrypted databag, override the node attributes
| Key | Databag item | Type | Description |
|---|---|---|---|
| key_file | ['consul']['encrypt'] | String | The content of PEM encoded private key |
| key_file_{fqdn} | ['consul']['encrypt'] | String | Node's(identified by fqdn) unique PEM encoded private key. If it exists, it will override the databag and node key_file attribute |
| ca_file | ['consul']['encrypt'] | String | The content of PEM encoded ca cert |
| encrypt | ['consul']['encrypt'] | String | Consul Gossip encryption key |
| cert_file | ['consul']['encrypt'] | String | The content of PEM encoded cert |
| cert_file_{fqdn} | ['consul']['encrypt'] | String | Node's(identified by fqdn) unique PEM encoded cert. If it exists, it will override the databag and node cert_file attribute |
| Key | Type | Description | Default |
|---|---|---|---|
| ['consul']['client_address'] | String | Address to bind to | 0.0.0.0 |
| ['consul']['client_interface'] | String | Interface to advertise, such as 'eth1'. Sets advertise_addr attribute to the IP of the specified interface if it exists. | nil |
| ['consul']['ui_dir'] | String | Location to download the UI to | /var/lib/consul/ui |
| ['consul']['serve_ui'] | Boolean | Determines whether the consul service also serve's the UI | false |
This uses the binary installation recipe by default. It also starts consul at boot time.
Include consul::install_binary in your node's run_list:
{
"run_list": [
"recipe[consul::install_binary]"
]
}Include consul::install_source in your node's run_list:
{
"run_list": [
"recipe[consul::install_source]"
]
}This installs the UI into a specified directory.
Include consul::ui in your node's run_list:
{
"run_list": [
"recipe[consul::ui]"
]
}consul_key_watch_def 'key-watch-name' do
key "/key/path"
handler "chef-client"
end
consul_event_watch_def 'event-name' do
handler "chef-client"
end
consul_service_def 'voice1' do
port 5060
tags ['_sip._udp']
notifies :reload, 'service[consul]'
end
consul_service_def 'voice1' do
port 5060
tags ['_sip._udp']
check(
interval: '10s',
script: 'echo ok'
)
notifies :reload, 'service[consul]'
end
consul_service_def 'voice1' do
action :delete
notifies :reload, 'service[consul]'
end
Be sure to notify the Consul resource to restart when your service def changes.
To bootstrap a consul cluster follow the following steps: 0. Make sure that ports 8300-8302 (by default, if you configured differnt ones open those) UDP/TCP are all open.
- Bootstrap a few (preferablly 3 nodes) to be your consul servers, these will be the KV masters.
- Put
node['consul']['servers'] =["Array of the bootstrapped servers ips or dns names"]in your environment. - Apply the consul cookbook to these nodes with
node['consul']['service_mode'] = 'cluster'(I put this in this in a CONSUL_MASTER role). - Let these machines converge, once you can run
consul membersand get a list of all of the servers your ready to move on - Apply the consul cookbook to the rest of your nodes with
node['consul']['service_mode'] = 'client'(I put this in the environment) - Start added services and checks to your cookbooks.
- If you want to get values out of consul to power your chef, curl localhost:8500/v1/kv/key/path?raw in your cookbook.
Created and maintained by John Bellone @johnbellone (jbellone@bloomberg.net) and a growing community of contributors.