luxolus/open-consul
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity

docs: Clarify serf_lan/retry_join behavior with network segments (#10386)

Browse source 
* docs: Add info on using cloud auto-join with Network Segments

Resolves hashicorp/go-discover#57

* Add note about joining network segments

Specifically call out that agents can be configured to join a network
segment by either specifying the Serf LAN port in the join address,
changing the agent's default Serf LAN port by configuring
`ports.serf_lan`, or specifying the port in the `-serf-lan-port`
command line flag.

Resolves #9972
This commit is contained in:
Blake Covarrubias 2021-06-29 10:57:33 -07:00 committed by GitHub
parent 351c5e350d
commit 50fba03268
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 70 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
website/content/docs/agent/options.mdx
View file

@ -307,8 +307,11 @@ The options below are all specified on the command-line.
specify multiple agents to join. The value can contain IPv4, IPv6, or DNS specify multiple agents to join. The value can contain IPv4, IPv6, or DNS
addresses. In Consul 1.1.0 and later this can be set to a addresses. In Consul 1.1.0 and later this can be set to a
[go-sockaddr](https://godoc.org/github.com/hashicorp/go-sockaddr/template) [go-sockaddr](https://godoc.org/github.com/hashicorp/go-sockaddr/template)
template. If Consul is running on the non-default Serf LAN port, this must be template. If Consul is running on the non-default Serf LAN port, the port must
specified as well. IPv6 must use the "bracketed" syntax. If multiple values be specified in the join address, or configured as the agent's default Serf port
using the [`ports.serf_lan`](#serf_lan_port) configuration option or
[`-serf-lan-port`](#_serf_lan_port) command line flag.
IPv6 must use the "bracketed" syntax. If multiple values
are given, they are tried and retried in the order listed until the first are given, they are tried and retried in the order listed until the first
succeeds. Here are some examples: succeeds. Here are some examples:
@ -322,6 +325,11 @@ The options below are all specified on the command-line.
$ consul agent -retry-join "10.0.4.67" $ consul agent -retry-join "10.0.4.67"
``` ```
```shell
# Using a non-default Serf LAN port
$ consul agent -retry-join "192.0.2.10:8304"
```
```shell ```shell
# Using IPv6 # Using IPv6
$ consul agent -retry-join "[::1]:8301" $ consul agent -retry-join "[::1]:8301"
@ -1719,8 +1727,9 @@ bind_addr = "{{ GetPrivateInterfaces | include \"network\" \"10.0.0.0/8\" | attr
in `-dev` mode. Currently gRPC is only used to expose Envoy xDS API to Envoy in `-dev` mode. Currently gRPC is only used to expose Envoy xDS API to Envoy
proxies. proxies.
- `serf_lan` ((#serf_lan_port)) - The Serf LAN port. Default 8301. TCP - `serf_lan` ((#serf_lan_port)) - The Serf LAN port. Default 8301. TCP
and UDP. and UDP. Equivalent to the [`-serf-lan-port` command line flag](#_serf_lan_port).
- `serf_wan` ((#serf_wan_port)) - The Serf WAN port. Default 8302. Set - `serf_wan` ((#serf_wan_port)) - The Serf WAN port. Default 8302.
Equivalent to the [`-serf-wan-port` command line flag](#_serf_wan_port). Set
to -1 to disable. **Note**: this will disable WAN federation which is not recommended. to -1 to disable. **Note**: this will disable WAN federation which is not recommended.
Various catalog and WAN related endpoints will return errors or empty results. Various catalog and WAN related endpoints will return errors or empty results.
TCP and UDP. TCP and UDP.

57
website/content/docs/install/cloud-auto-join.mdx
View file

@ -33,6 +33,63 @@ or via a configuration file:
} }
``` ```
## Auto-join with Network Segments <EnterpriseAlert inline />
In order to use cloud auto-join with [Network Segments](/docs/enterprise/network-segments),
you must reconfigure the Consul agent's Serf LAN port to match that of the
segment you wish to join.
For example, given the following segment configuration on the server agents:
```hcl
# server-config.hcl
segments = [
{
name = "alpha"
bind = "{{GetPrivateIP}}"
advertise = "{{GetPrivateIP}}"
port = 8303
},
{
name = "beta"
bind = "{{GetPrivateIP}}"
advertise = "{{GetPrivateIP}}"
port = 8304
}
]
```
A Consul client agent wishing to join the "alpha" segment would need to be configured
to use port `8303` as its Serf LAN port prior to attempting to join the cluster.
<Tabs>
<Tab heading="Agent configuration">
The following example configuration overrides the default Serf LAN port using the
[`ports.serf_lan`](/docs/agent/options#serf_lan_port) configuration option.
```hcl
# client-config.hcl
ports {
serf_lan = 8303
}
```
</Tab>
<Tab heading="Command-line flag">
The following example overrides the default Serf LAN port using the
[`-serf-lan-port`](/docs/agent/options#_serf_lan_port) command line flag.
```shell
$ consul agent -serf-lan-port=8303 -retry-join "provider=..."
```
</Tab>
</Tabs>
## Provider-specific configurations
The cloud provider-specific configurations are detailed below. This can be The cloud provider-specific configurations are detailed below. This can be
combined with static IP or DNS addresses or even multiple configurations combined with static IP or DNS addresses or even multiple configurations
for different providers. for different providers.