How to set up DNS balancing with Consul

HashiCorpwhich provides service discovery, service health checking, load balancing and globally distributed key-value storage.

Installation and configuration

First you need to download the binary file from the site HashiCorp and unpack it. After this, we move the binary file to the system directory so that it is available for executing commands. For example, for Linux:

wget https://releases.hashicorp.com/consul/1.10.0/consul_1.10.0_linux_amd64.zip
unzip consul_1.10.0_linux_amd64.zip
sudo mv consul /usr/local/bin/

After installation, configure the Consul agent. Agent configuration can be done through a config file in JSON or HCL format.

Example of a simple agent configuration:

{
  "datacenter": "dc1",
  "data_dir": "/opt/consul",
  "log_level": "INFO",
  "node_name": "consul-server",
  "server": true,
  "bootstrap_expect": 1,
  "ui": true,
  "bind_addr": "0.0.0.0",
  "client_addr": "0.0.0.0"
}

The configuration file defines the basic parameters of Consul, such as the host name, operating mode (server or client), listening address and data storage folder. After creating the configuration file, you can run Consul with the command consul agent -config-file=consul-config.json.

Registering services in Consul is done by adding configuration files for each service. The files contain information about the service, including its name, port, and status checks.

For example, to register a web service, the config will look like this:

{
  "service": {
    "name": "web",
    "tags": ["http"],
    "port": 80,
    "check": {
      "http": "http://localhost:80/health",
      "interval": "10s"
    }
  }
}

This config registers a service called web, which runs on port 80, and sets a status check that will be performed every 10 seconds. Health check is needed to ensure that only healthy service instances are available for DNS requests.

Consul automatically creates DNS records for each registered service.

For example, if there is a service named “web”, you can perform a DNS query with the following command:

dig @127.0.0.1 -p 8600 web.service.consul

The request will return all IP addresses of healthy web service instances. Consul supports both A and SRV records. A records return instance IP addresses, and SRV records include port information. Example of an SRV request:

dig @127.0.0.1 -p 8600 web.service.consul SRV

With SRV records you can get not only IP addresses, but also the ports on which services operate.

Integration with external load balancers

One of the most common tools for balancing HTTP(S) traffic is NGINX. When combined with Consul, NGINX can dynamically adjust its configurations based on service state data provided by Consul

To integrate NGINX with Consul, we configure NGINX to use DNS queries to Consul to determine available service instances. This can be achieved using special. NGINX configuration directives. For example, you can configure upstream block in the NGINX configuration to use the DNS name provided by Consul. Configuration example:

resolver 127.0.0.1 valid=5s;
upstream web {
    zone web 64k;
    server web.service.consul resolve;
}
server {
    listen 80;
    location / {
        proxy_pass http://web;
        health_check;
    }
}

Directive resolver points to the Consul DNS resolver, which runs on localhost. Directive upstream defines a server pool named web, which is resolved via a DNS query to Consul. Directive proxy_pass tells NGINX to forward requests to this server pool. This way, every time NGINX processes a request, it dynamically resolves the DNS name web.service.consulgetting a list of available service instances.

HAProxy can also be integrated with Consul to dynamically manage a pool of servers. HAProxy supports integration with Consul via DNS queries and can automatically update its configurations based on changes to services registered with Consul.

Example configuration of HAProxy with Consul with directives server-template And resolvers:

resolvers consul
    nameserver dns1 127.0.0.1:8600
    resolve_retries       3
    timeout retry         1s
    hold valid           10s

backend web-backend
    balance roundrobin
    server-template srv 1-3 _web._tcp.service.consul resolvers consul resolve-prefer ipv4

Block resolvers defines the Consul DNS resolver settings. Directive server-template allows you to dynamically create servers in a pool web-backend based on data received from Consul. The configuration allows HAProxy to automatically adapt to changes in the infrastructure, adding or removing servers depending on their state.

Besides NGINX and HAProxy, Consul can be integrated with F5 And Envoy.

Colleagues from OTUS learn more practical tools as part of professional online courses. More details in the catalog.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *