Join Log in
Score:0
uday avatar Server

consul routing is not happening, how to fix that?

ke flag
uday

My deployment and other yaml files for a sample app in consul: link The routing is not happening.

Could anyone please check them and suggest what need to be fixed.

The traffic is not entering the app at all.

The steps I followed to install consul:

I have installed consul on kubernetes (docker desktop) using this link.

git clone https://github.com/hashicorp/learn-consul-kubernetes.git
cd learn-consul-kubernetes/service-mesh/deploy

helm repo add hashicorp https://helm.releases.hashicorp.com
helm repo update
helm install -f config.yaml consul hashicorp/consul --version "0.31.1"

the config file is in the repo folder: learn-consul-kubernetes/service-mesh/deploy

config.yaml

global:
  name: consul
  datacenter: dc1
  image: hashicorp/consul:1.9.7
  imageEnvoy: envoyproxy/envoy:v1.16.4
  metrics:
    enabled: true
    enableAgentMetrics: true
server:
  replicas: 1
ui:
  enabled: true
connectInject:
  enabled: true
  default: true
controller:
  enabled: true
prometheus:
  enabled: true
grafana:
  enabled: true

And the pods created:

 kubectl get pods --selector app=consul
    PS D:\consul\learn-consul-kubernetes\service-mesh\deploy> kubectl get pods --selector app=consul
    NAME                                                          READY   STATUS    RESTARTS   AGE
    consul-6lf6k                                                  1/1     Running   0          4h44m
    consul-connect-injector-webhook-deployment-86759499c6-st7jj   1/1     Running   0          4h44m
    consul-controller-5788b8f6c7-z4vmt                            1/1     Running   0          4h44m
    consul-server-0                                               1/1     Running   0          4h44m
    consul-webhook-cert-manager-5745cbb9d-7qft2                   1/1     Running   0          4h44m

to access this consul-ui:

kubectl port-forward service/consul-ui 18500:80 --address 0.0.0.0

And able to access: http://localhost:18500/

consul server members:

PS D:\consul\learn-consul-kubernetes\service-mesh> kubectl exec -it consul-server-0 -- consul members
Node             Address         Status  Type    Build  Protocol  DC   Segment
consul-server-0  10.1.0.13:8301  alive   server  1.9.7  2         dc1  <all>
docker-desktop   10.1.0.10:8301  alive   client  1.9.7  2         dc1  <default>

Applied zero trust in network:

kubectl apply -f "D:\consul\learn-consul-kubernetes\service-mesh\zero-trust-network\deny-all.yaml"

apiVersion: consul.hashicorp.com/v1alpha1
kind: ServiceIntentions
metadata:
  name: deny-all
spec:
  destination:
    name: '*'
  sources:
    - name: '*'
      action: deny

Accessing consul-ui using:

kubectl port-forward service/consul-ui 18500:80 --address 0.0.0.0

http://localhost:18500/ui/dc1/intentions The intentions so far: zero intentions

Now, zero intentions are created, I will deploy a sample app.

PS D:\consul\learn-consul-kubernetes\service-mesh\onlytext\consul-testing\static-app2> 

kubectl apply -f .

ingressgateway.consul.hashicorp.com/ingress-gateway created
servicedefaults.consul.hashicorp.com/static created
serviceintentions.consul.hashicorp.com/static created
service/static-server2 created
serviceaccount/static created
deployment.apps/static-deployment created

Now, the deployed app is not connecting with ingress. Can you please suggest how to fix this?

161
0 + 12
Mikołaj Głodziak avatar
id flag
Mikołaj Głodziak
What does it mean "The routing is not happening"? Do you have some errors? If yes - which? Any logs? Please describe this situation.
0
Reply
uday avatar
ke flag
uday
which logs? pod logs of the application? It is not routing at all, that's why I gave the complete yaml files set related to consul. Please check them once
0
Reply
Mikołaj Głodziak avatar
id flag
Mikołaj Głodziak
Unfortunately, the yaml files you provided will not help. In order for me to reproduce the problem, you need to describe step by step how you set up the cluster and what you did on it. Please also explain what you mean by "The routing is not happening". You write that "The traffic is not entering the app at all". How do you know that? I am asking for logs, because they can help to solve the problem. For example, your server logs, or some pod logs? Please run `kubectl describe pods` and attach output to the question.
0
Reply
uday avatar
ke flag
uday
The above is just a sample app, any one can download it and and check. And it is accessible using Loadbalancer type service, so no issue with pods/deployment. So checking the application pods is useless. Mostly the issue with configuration only, so asking to check the yaml files whether they are correct or not.
0
Reply
Mikołaj Głodziak avatar
id flag
Mikołaj Głodziak
I know I can download and check. But how? How did you set up the cluster? Do you use bare metal or some cloud providor? What version of Kubernetes are you using? All of these can make a difference when it comes to checking. Especially since I don't know what to check. You didn't say what exactly isn't working where the problem is. Now you mention some LoadBalancer. Where did he come from? Useless is playing your application on a different environment than yours currently have.
0
Reply
Mikołaj Głodziak avatar
id flag
Mikołaj Głodziak
If you want anyone to be able to help you, please write exactly what you did. What exactly did you run on the cluster, and in what order. What is the current and expected result. How should your application be available? What happened during the deploy? Look at this site: https://stackoverflow.com/help/minimal-reproducible-example
0
Reply
uday avatar
ke flag
uday
I had read the rules, thanks for sharing it again. There is no point in sharing the complete cluster logs when there is no issue with application. I meantioned LoadBalancer because you asked how did I confirm whether traffic entered to my traffic or not. And the service mesh is not specific to any cluster, it can work on any kubernetes implementation, sadly I can't argue more on that, you are an expert in this kubernetes.
0
Reply
uday avatar
ke flag
uday
I have tested my app in both aks and eks, same issue both sides. That's why I shared the complete yaml set but still you are asking what I have tried. Let me know what logs you need exactly. I will add the describe pods in the question in few minutes.
0
Reply
Mikołaj Głodziak avatar
id flag
Mikołaj Głodziak
I am asking what you tried to try to recreate the situation. You should describe step by step what you did in the cluster, ie what you installed, how. Please write step by step how you started the application. In what order did you execute the commands. How did you start the consul service? Without it, your yaml can't work. Please also tell me what your problem looks like. Are you getting any error?
0
Reply
uday avatar
ke flag
uday
I added the details, can you check that please
0
Reply
in flag
Blake Covarrubias
Could you please provide the YAML files for static-app2, or a link to where we can view these files? It would be helpful to review those configurations so that we can better help you debug this issue.
0
Reply
uday avatar
ke flag
uday
https://github.com/thunderbirds-2021/consul-testing/tree/main/static-app2 if you come one folder back, I pasted static-app default one also there
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.