Consul first steps

Consul first steps
Learning Service Discovery
Configuration Management - Consul First Steps
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
the right I cannot hear me that a better this way all very close nice that makes it exciting variety welcome everyone around the fragment yourself see if there's any seat year as more people coming in so I am here to talk about consul uh thank you very much for the same way Jonathan really vitiated uh so 1st
of all who am my uh why am here and why they think I know anything about this so my name is mark I'm from Barcelona so I'm more used to parting done computing and joking uh I don't body so I'm a grumpy engineer by definition so as sudden I the thing on the right now on the uh I from the company called cherry that when adding too much it's make some money so it's good I hope I can be more about that I am the head of operations of those most of of go Bureau which he's got heading for developers which is nice I working past in a in a bring to our contributed to winter contributed and collective to proper this well of and and II architected where was working for canonical uh something called mouse which is very nice and I helped architects on single dude which I might have to as forgiveness about um I I helped build also double standard Rackspace uh which is very cool now they can use it word their books with what they do I yeah that's primitive of ending there was for 5 years um so apart from doing all
these i.e. I'd like to countries the community because by saying that if I'm here and I'm making money out of the reason I'm having a good time is thanks to everyone in this room and everyone and all the other rooms in this conference as well so I help organize a made up in London call London them up um so if you're in London uh we normally do it every 2nd week of the months uh we try to talk about interesting topics or at all levels of from the basic things like protein so compression management to all the way to that talks like the 1 I gave it falls in los which is abstraction of make the data across different providers uh so yeah it's it's a tough but perhaps because he uh from the mean up so if you want to come forward later you you might get some for a lot of its goods so what is Council so Council created uh by how she called by these very talented guy called me to Hashimoto's that created the company i'm looks like user Gupta stated tasting letters henceforth that see there is a lot of for consul and castle in intelligences services covering system so it helps you discover all your stuff right you especially when you're working in in the cloud or in any kind of environment it mutates all the time in the 1 to be editing and touching and retouching all the time where you services are seen it something like this that ultimately discover them from you and give you an easy way to access the so 4 people here
that have a news service covering before uh which I hope will be just 1 or 2 of you tops and this is how it works you have different services providing the same the same story different as providing the same services on all of them then published to emit the framework of so schools so this publication and that can be browsed and queried by everyone around and to know exactly which machines so servers a which uh containers of all the ones that have these if you want to produce a bit more in depth just to be all so you
have in reality we you have these societies running the notes which is chaired by a health check really find just to make certain that you're a service that is for any reason not rights and if they have 6 passes the 8 then it goes to the skull reagents uh this is who is responsible for publishing these into the service publication service anomaly if you want to have a good manners in good behaviors and the discovery engine will also tried to takes on follow all that the discovery uh agents so they keep a quorum and they know where all of them are because if 1 of them goes down for any reason that you want to know what happens with that node which is about things so how does this translating consul so in income
so the way you use translated is that you have a set of service are called the Council's service an EDI service maintain a quorum right so it's the same quorum as as 1 with anything else they meaning the recommended these 3 there's a knowledge about the Branson areas you can always wanted to but you mind is may vary I I don't really recommend that and those 3 talk amongst themselves to share all the demethylating information that as they have and they choose to the there amongst themselves which can change at any point in time and then you have for your clients that consume all the information and is claimed seat on every single notes that you half on your on your platform and let's say that you have enough money all you like to be in different geographical regions that you want to have that same thing again another your article written right so you have again another set of consul servers and how the they communicate so the way they communicate these as to uh 1 gossip so this 2 different cells of gossip gossip is a protocol uh that there was created for so and it's a it's set standard protocol of communicating events across a space on inside your datacenter space Ilango see because you have a look and they were very fast you can communicate anything you want whereas uh for communicating with other data centers use 1 goes it with then passing mind all the time or the latency that you inject between 2 different datasets and I really like this it's it's
very cold and then and the process will yeah
so I'll go leave it more in depth of uh what kind of functionality consul gives to you
so it gives you all these things and all these different things uh can also be provided by the tools so the for example at the key-value stores a house it's actually strongly consistent key-value storage but it's not something that you call circuit with the uh it publishes the as for you which you could do if you have to keep the and to keep a doesn't expression in your face they a service uh it does health checks like your monitoring will do on it exposes all of these 3 nations be RESTful API which I really like because I who doesn't like Jason here I am it doesn't have these on top with encryption which is great because I don't trust anyone so I'll go 1 by 1 not to bore you so try to go as fast as possible of the Council there's provider listens and a very with port 80 600 uh it it exposes all the different services and the different node so mostly the older couple that Council has and if you're like me and place into you the 1 to quarry for 600 that you can use the is mask uh which uh as suggested by God's restaurant thank you very much but but you can use other line into DNS mask in every single local machine and you will have the dot consul region which is what kinds of explosives as you in your local DNS queries which is neat so how does this translate so let's say we have a service a school Web used to be creative on during his own in this case I mean Amazon uh so is the audience on you West 1 so the Council will fill in the gaps uh the fact that there's a name and Z so you will look for a service call Web don't service the US 1 causal which is very good because you wanted always that service Web on that data center which uh can differ from another they send that you can look into and it will always give you the least Aaron robin least of all the nodes and all the eyepiece that provide a service and the same happened for the nodes the so you all the nodes in Council half and unique name and the only thing his own as well so you can query all the different as something which I how find looking at it this way so you don't have to do all these things I used to the last publishing uh secret the Amazonian my provider of choice so I can query my service all of this is provided by Council which is nice on all of these things that the DNS provides are also provided by the API with even more that which is amazing so you can acquire the V 1 catalog and point of the of the API which we'll look at later and if you download the presentation later you can try all of these different ones some of them were can give you a transformation it also
has a key value storage there and this is incredibly important because if you have my around to last in it was more random a presentation about the lack of coherency of metadata across different providers these kind of cells that but these key-value stories uh strongly consistent so you can rely on its on idea and it hasn't fail the missile so about good and you can include any kind of information you 1 in any kind of structure you answers and the legs of keeper we thought all the horrible Python libraries and the only thing is that is limited to its gives limited 256 kilobytes and that's only because have someone in the menus try to use a counselor says uh as an S 3 7 these really and the loading files and which can be done but it's not the best there yet sorry the this the value the yes I guess if we were thinking about it was about data so the next thing is a service fornication so
this is the way you can't you service in order to publish it you cannot but as all of this is in the key you can add taxes well so you can start your service so you can look at the difference so there was a self-service inside the same service uh if you want to that in many ways which is very helpful to define the port as well which will be expressed through the API so you can recover the API and injured got bored metadata into your text on you can put a simple have text rate at which in this case will run every 10 seconds so what this scribble there is that it will run and if it's a if it's OK every 10 seconds he was a service great service circuit any wiki publishing that service so an example of that would be all in famous web service we have it on 3 service all of them are passing everything school but I decide to of great PHP yeah I know I use PHP sorry but I decide to break his piece I have to stop the patching 1 of the service but I don't tell Council because and just like that and lazy and grumpy so when that happens in less than 10 seconds consul will discover that that service is not available anymore because the check will not pass and it will remove that IP from the list of high piece in the wrong but in the wrong road inquiry and then when I finished reading PHP and I'm happy about that I started again and in less than 10 seconds huh 7 we'll come back to life which is made I really like that and it makes me more lazy this some vendors to these the the
Council doesn't have a minimum number of service that can run a service so if you go from laser to lazier you can have no service literally and that happened to me once puppets um so also you checks need to be solids so you say that this is the check needs to run in 10 seconds every 10 seconds you run the check please make sure that this is the check itself runs in less than 10 seconds nature because otherwise it's fun said the same goes for
the health checks so the distinction in console between services health checks and health checks is that the health take itself just text the is the general health of the machine so it's not related to an associated published just takes mission often of these skin of memory but the CP is not melting stuff like that so and it follows exactly the same configuration parameters right you have a maybe you put it the name you run your script and you say they'd runs every 10 seconds which is great checks admission is healthy but also again the house
caveats and 1 of them I discovered myself I wanted to run everything through counseling include every single check another problem is that I Running Amazon because either know better and uh I have a check the checks for that these guys animism so could here 1 is what happens when you try to ensure the sky ionomycin it doesn't work you so I discovered that the hard way when half of my service relinquish themselves from duty
and this ring is the monitoring question so this 2 schools of thought here um this people like uh how she got themselves that use Gauss so as a general health check as well and the use of the the monitoring patterns of consul itself with with page 2 we wake in the middle of the nite which is nice and my cities go reasoning something needs its wake up so and this other people that once more Sherman and 1 to have also monitoring pass on top of the you do whichever way you want an per depends on how a trustee you of uh having 1 monitoring system of 2 monitoring systems but me personally I run consul uncensored and both of them page me beach uh when the platform goes down a serious again the the so instead
said I will go faster that because I only have half an hour and a half of m of console error publishers everything's through a RESTful API and where 19 B 1 has you can see it but it is all kind of information way too much information I wouldn't say it gives you the flexibility to consult all these aren't inject all these metadata to different processes and services is just amazing so if you a look later at these uh just tell you keep these for the key-value agent are queries again against you look a legend in your local machine the the everything that Consul knows about everyone in the data center health is all about the health checks session is about you current session so you can even run sessions inside consonant and embody they them if they the changes and based on status are self-explanatory pretty much so in order to run all
of these uh consul also provides way of providing encryption so I would say it's quite smart that induces encryption in 2 different ways so it includes the gossip protocol separated from the all the rest of focus operations stroppy C so in order to include the gossip protocol induces a
KPI encryption so the and counsel itself provides a key generator for that's just ensure that you you're not messing up like me because and clumsy like that and you just type Council Cajun it would give you need key and these will be used to could encrypt all the communications across a cluster of consul service and for all the rest of operations you want to be a bit more on would say a bit nicer so you can use obviously uh and you can see you still less and above all the which is nice it supported everyone knows about it yeah and it's good I I tried by the way try to find a mission that was hilarious on and creatures like but I only find boring diagrams so I'm sorry the so this is pretty much what Council gives you so on top of these uh I would say this a special mention that I would like to say is that you start thinking about all the things that Council convinced of having a baby is some good some bad some horrible worst mine and and then a 1 of the things that Council provides is 1 single consul watch so you start having all these metadata and all these things that change because you service polishing changes so and you want to start doing things like what happens if I lose 1 of the servants do I want to execute the script and that of the 41 students say run monitoring described that pages me if there's less than to servicing and 1 service because they want to make certain that if there is no service serving that on and these woken up by it you can do that so In order to do that this this comment so it just runs to the men in the masses itself and you specify what kind of a key the 1 from the API the 1 an event key-value stores service no the Czech and you can add the parameters belonging to each 1 of 2 types and then at the end what can a screed Willie drawn if the condition happens if that changes and do Dusty's you think a good feature there which is the API rock inquiries and you can use these yourself as well so if you want to implement a dire calls to the API you can actually implement a year looking query a request that will sit there for in an amount of seconds it phi waiting for a change and this is all the function the from consul that I want to stress that is also where the light which is very nice and I didn't bother to added to his so I'm sorry so useful
resources so all of this is very needs it's called I want to be able to use it but I'm already running share of CFA engine an incredible array of past scripts whatever you want and I went into integrate that that so In order to do that you can
use these resources again and you don't know the presentation later you can just click through them and this very very good support from both parties and chef so if you go to the shops supermarkets there's an incredibly good and I've included the mean incredibly good well documented which is rare model for Council there and in the air in the puppet for which there is a model to configure consul made by calendars and and there's another model to connect your higher metadata to Council which I wrote myself just because a set I II really like connecting all these different metadata service this also couple mothers from civil I have tried both of them and they can decide which 1 of them I like more so I just but the link to both of them here and you choose on I tried really hard to find something for stuck I didn't find it so if if you can give media the euro later so where can look at it I would just but in this presentation on top of all of these is also lecture tools and some of them provided by Haji? of themselves so 1 of them is cool and consul which publishes the environment variables with their metadata that you can get from Council so whenever you run a shell script or something similar you can start recovering all these metadata from from Kosslyn Pelagius scrape a properly prime with that this Council replicators well with serves to replicate all the data across uh so it's it's for crossing center replication the the and consultation plate which does something similar to count the similar in some ways different but similar that which is that if the stores templates of your cooperation files it leases using API Rick inquiries the Council and if something changes it will repopulate template and restore the service and this is very useful for something like in genetics where if you want to publish IP piece of your back and so you different services and 1 of them goes down you 1 that to be a refresh as fast as possible so this is a very good tool for that and apart from she called this all the people
doing very cool stuff and so as it can't be that far vacancy Hazlitt does the same thing but can't for consul 142 DCT this and consulate as well which is a python library so you combine your Python programs to this this script that increase in the config remedies new keyboardist or because you don't want to keep your boss was in the clear right that there's a docket consul in which he suffered poetry it helps using consul to manage your docker containers and there's a car considering straighten which have you reuse the services that I run by a doctor by that containers set all of them are very nice it's very well integrated with darker uh even if there was a chorus favors more ETC the income the and feed just because they have I we I would say that with more of at their hands in it yeah so all right Wiedemann
hopefully won't crush the understanding you if 10 it might that so there
we go so a very conciliatory it's way too small you the back and see pari the proper it has been repeatedly that yeah the core of the everyone always managers trying 5 my failed for someone but but in the 2nd thing that and so on that what happens when static States attorney crashing down its 1 tha
as the thank you all right so the now I we just need to get my script the so i already but I to movies because I don't trust the unit would force them so I already di disappeared and the so I already at start up these so you can the from I get help it's a set of 4 uh uh machines running in vagrant 3 of them a council service using very little memory annotation and you and 1 of them is a cervical web so I'm going to situation into the web server maybe if I go to the right directory that could work I think the the there kind they so well as what happens with them was right I would say let's try them at this time label and crash how should I know better OK I think of connected were so the MS is giving me the finger initially so all right so I give up on the limit see I tell you would crash so it it's a bringing them that if you the letters from you have in the readme and you have all the step that I would actually have done so if you replace values yourself and imagine that actually happened here that would be amazing so if you want to know more
about these I would be my favorite places to go and the council the commendation is incredibly good barrier Montaigne's which is rare in a in a committed project amazing realized that the Council mailing list has it doesn't have too much traffic so don't worry it's not like the Chevy users 1 all the properties is 1 that I schemes through because I can't read every single e-mail this when you can actually read them in it's fine and the open issues for causal just in case something doesn't really work the way you wanted all like me that span is like you said than these works this way you can go there and to give somebody else a lot about the and that's it I can't believe I
actually finished on time so any questions you may have l and the presentation is a really happens lighter because I already from home but the give help might give have is there so you can download to them that didn't work and if you want to read my blog posts that's my blog as well so thank you and Questions and any questions come on yes the the yes and that the over here yes so the question was if everything's interested so yeah M. D. communication between the service to ensure that their life that's true gossip so this is speaking I for encryption and it is all the other operations that you do that because uh and ABC operations that Council support that requires uh I would say is a cell last and creating your CA and stuff like that the everything's encryption and you can always talk to your local consul agent uh in unencrypted way you want because crude Christmas local host anyway uh the end it works the the so the question is that if you come and securing trips uh uh keys and body is yes you can you need to use the a concentrator that I showed before so what you do is that do find it's kind of I would say the chicken and the egg called the you inject a carrier KPI key securing other than trip something in a way that they can see the KPI key so it's it's kind of chicken and the egg but the way do do it is that you you starting to call your communications you can use a KPI you can use all the stuff and say you should keep the key secure as usual yes how the I yes yeah so the question is what you said that they're all these different tags that there where they run and how you can see all of them through the UI so there's different ways the series if the de Margerie would you could see that this this thing called the Council Monitor that we just throw a stream of events and they will tell you everything authentic passes of so you can do that if you like common minus myself but it will also show in the on the UI the yet on w censored soldiers because they use sensor before use causal so it's just me that I can I can't just let go of sensor right yes more questions here we have the so the question is that if the um is the API is the earth is the Polish API will actually allow you to inject services yourself yeah you yeah yeah the thank yeah so you can add a information apart from that I don't know but I will when I need to do that what it is that a user key-value store because everything's written anyway in the key-value store just need to look into different tribes branch of the key values in a certain way but yet you could add that extra information if you want to right the more questions yes um is the question is if you back of the state of your of your T. soaring consul at you could and use giving greater the for another project thank you but is I would say it's not really necessary strongly consistent so it exists in every single mode so the only way to this information is to kill every single 1 of your nose yes what relation all this so what are the connections between my mother later told that my metadata around modern sort alias last year and these so because the connections is that the last year was complaining the whining here about the lack of coherency between different systems of public expresses a metadata I'm is isn't if you run every machine all or dark exposes the metadata but is nobody that gets all the metadata Tibetan coherent are because that creates these big brass and I will you need to look at the method in 5 different places which is not so these cells that will bit but units you still need to do the extra effort use the to the the extra effort to um to go in inject this into the Q values so so it's halfway there in they the are not the yeah alright last question yes at the time of the year you can that the yeah the the the like the but you so the question is what is the performance of causal if it works properly and you can stress about medicine continuous CPU the answer is that so far I have abusive to death on the Carson really consumed almost anything because it's all reasoning go which it does a very good straining and memory management so I said well I run looking queries that have been very heavy and the system has not been suffered from like any other questions you can find me in the thinking