consul-dataplane

module
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 1, 2024 License: MPL-2.0

README

Consul logo Consul Dataplane

Consul Dataplane is a lightweight process that manages Envoy for Consul service mesh workloads.

Consul Dataplane's design removes the need to run Consul client agents. Removing Consul client agents results in the following benefits:

  • Fewer networking requirements: Without client agents, Consul does not require bidirectional network connectivity across multiple protocols to enable gossip communication. Instead, it requires a single gRPC connection to the Consul servers, which significantly simplifies requirements for the operator.
  • Simplified set up: Because there are no client agents to engage in gossip, you do not have to generate and distribute a gossip encryption key to agents during the initial bootstrapping process. Securing agent communication also becomes simpler, with fewer tokens to track, distribute, and rotate.
  • Additional environment and runtime support: Current Consul on Kubernetes deployments require using hostPorts and DaemonSets for client agents, which limits Consul’s ability to be deployed in environments where those features are not supported. As a result, Consul Dataplane supports AWS Fargate and GKE Autopilot.
  • Easier upgrades: With Consul Dataplane, updating Consul to a new version no longer requires upgrading client agents. Consul Dataplane also has better compatibility across Consul server versions, so the process to upgrade Consul servers becomes easier.

Refer to the Documentation for more information on Consul Dataplane.

Note: We take Consul's security and our users' trust seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Development

Build

Binary
make dev
Docker Image
make docker

Testing

Unit Tests
make unit-tests

Extending the Container Image

The official hashicorp/consul-dataplane container image is "distroless" and only includes the bare-minimum runtime dependencies, for greater security.

You may want to add a shell that can be used by the -addresses exec=... flag to resolve Consul servers with a custom script.

Here's an example of how you might do that, copying sh from the busybox image:

FROM hashicorp/consul-dataplane:latest
COPY --from=busybox:uclibc /bin/sh /bin/sh

Releasing

See: engineering docs

Directories

Path Synopsis
cmd
consul-dataplane
internal
bootstrap
mocks/pbdnsmock
mocks/pbresourcemock
pkg
consuldp
dns
dns/mocks
envoy
metrics-cache
version

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.