c0780ef3e9
* converted main services page to services overview page * set up services usage dirs * added Define Services usage page * converted health checks everything page to Define Health Checks usage page * added Register Services and Nodes usage page * converted Query with DNS to Discover Services and Nodes Overview page * added Configure DNS Behavior usage page * added Enable Static DNS Lookups usage page * added the Enable Dynamic Queries DNS Queries usage page * added the Configuration dir and overview page - may not need the overview, tho * fixed the nav from previous commit * added the Services Configuration Reference page * added Health Checks Configuration Reference page * updated service defaults configuraiton entry to new configuration ref format * fixed some bad links found by checker * more bad links found by checker * another bad link found by checker * converted main services page to services overview page * set up services usage dirs * added Define Services usage page * converted health checks everything page to Define Health Checks usage page * added Register Services and Nodes usage page * converted Query with DNS to Discover Services and Nodes Overview page * added Configure DNS Behavior usage page * added Enable Static DNS Lookups usage page * added the Enable Dynamic Queries DNS Queries usage page * added the Configuration dir and overview page - may not need the overview, tho * fixed the nav from previous commit * added the Services Configuration Reference page * added Health Checks Configuration Reference page * updated service defaults configuraiton entry to new configuration ref format * fixed some bad links found by checker * more bad links found by checker * another bad link found by checker * fixed cross-links between new topics * updated links to the new services pages * fixed bad links in scale file * tweaks to titles and phrasing * fixed typo in checks.mdx * started updating the conf ref to latest template * update SD conf ref to match latest CT standard * Apply suggestions from code review Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com> * remove previous version of the checks page * fixed cross-links * Apply suggestions from code review Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com> --------- Co-authored-by: Eddie Rowe <74205376+eddie-rowe@users.noreply.github.com>
176 lines
6.5 KiB
Plaintext
176 lines
6.5 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Register a Service Mesh Proxy in a Service Registration
|
|
description: >-
|
|
You can register a service instance and its sidecar proxy at the same time. Learn about default settings, customizable parameters, limitations, and lifecycle behaviors of the sidecar proxy.
|
|
---
|
|
|
|
# Register a Service Mesh Proxy in a Service Registration
|
|
|
|
This topic describes how to declare a proxy as a _sidecar_ proxy.
|
|
Sidecar proxies run on the same node as the single service instance that they handle traffic for.
|
|
They may be on the same VM or running as a separate container in the same network namespace.
|
|
|
|
## Configuration
|
|
|
|
Add the `connect.sidecar_service` block to your service definition file and specify the parameters to configure sidecar proxy behavior. The `sidecar_service` block is a service definition that can contain most regular service definition fields. Refer to [Limitations](#limitations) for information about unsupported service definition fields for sidecar proxies.
|
|
|
|
Consul treats sidecar proxy service definitions as a root-level service definition. All fields are optional in nested
|
|
definitions, which default to opinionated settings that are intended to reduce burden of setting up a sidecar proxy.
|
|
|
|
## Minimal Example
|
|
|
|
To register a service instance with a sidecar, all that's needed is:
|
|
|
|
```json
|
|
{
|
|
"service": {
|
|
"name": "web",
|
|
"port": 8080,
|
|
"connect": { "sidecar_service": {} }
|
|
}
|
|
}
|
|
```
|
|
|
|
This will register the `web` service as normal, but will also register another
|
|
[proxy service](/consul/docs/connect/proxies) with defaults values used.
|
|
|
|
The above expands out to be equivalent to the following explicit service
|
|
definitions:
|
|
|
|
```json
|
|
{
|
|
"services": [
|
|
{
|
|
"name": "web",
|
|
"port": 8080
|
|
},
|
|
{
|
|
"name": "web-sidecar-proxy",
|
|
"port": 20000,
|
|
"kind": "connect-proxy",
|
|
"checks": [
|
|
{
|
|
"Name": "Connect Sidecar Listening",
|
|
"TCP": "127.0.0.1:20000",
|
|
"Interval": "10s"
|
|
},
|
|
{
|
|
"name": "Connect Sidecar Aliasing web",
|
|
"alias_service": "web"
|
|
}
|
|
],
|
|
"proxy": {
|
|
"destination_service_name": "web",
|
|
"destination_service_id": "web",
|
|
"local_service_address": "127.0.0.1",
|
|
"local_service_port": 8080
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
Details on how the defaults are determined are [documented
|
|
below](#sidecar-service-defaults).
|
|
|
|
-> **Note:** Sidecar service registrations are only a shorthand for registering
|
|
multiple services. Consul will not start up or manage the actual proxy processes
|
|
for you.
|
|
|
|
## Overridden Example
|
|
|
|
The following example shows a service definition where some fields are
|
|
overridden to customize the proxy configuration.
|
|
|
|
```json
|
|
{
|
|
"name": "web",
|
|
"port": 8080,
|
|
"connect": {
|
|
"sidecar_service": {
|
|
"proxy": {
|
|
"upstreams": [
|
|
{
|
|
"destination_name": "db",
|
|
"local_bind_port": 9191
|
|
}
|
|
],
|
|
"config": {
|
|
"handshake_timeout_ms": 1000
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
This example customizes the [proxy
|
|
upstreams](/consul/docs/connect/registration/service-registration#upstream-configuration-reference)
|
|
and some [built-in proxy
|
|
configuration](/consul/docs/connect/proxies/built-in).
|
|
|
|
## Sidecar Service Defaults
|
|
|
|
The following fields are set by default on a sidecar service registration. With
|
|
[the exceptions noted](#limitations) any field may be overridden explicitly in
|
|
the `connect.sidecar_service` definition to customize the proxy registration.
|
|
The "parent" service refers to the service definition that embeds the sidecar
|
|
proxy.
|
|
|
|
- `id` - ID defaults to being `<parent-service-id>-sidecar-proxy`. This can't
|
|
be overridden as it is used to [manage the lifecycle](#lifecycle) of the
|
|
registration.
|
|
- `name` - Defaults to being `<parent-service-name>-sidecar-proxy`.
|
|
- `tags` - Defaults to the tags of the parent service.
|
|
- `meta` - Defaults to the service metadata of the parent service.
|
|
- `port` - Defaults to being auto-assigned from a configurable
|
|
range specified by [`sidecar_min_port`](/consul/docs/agent/config/config-files#sidecar_min_port)
|
|
and [`sidecar_max_port`](/consul/docs/agent/config/config-files#sidecar_max_port).
|
|
- `kind` - Defaults to `connect-proxy`. This can't be overridden currently.
|
|
- `check`, `checks` - By default we add a TCP check on the local address and
|
|
port for the proxy, and a [service alias
|
|
check](/consul/docs/services/usage/checks#alias-checks) for the parent service. If either
|
|
`check` or `checks` fields are set, only the provided checks are registered.
|
|
- `proxy.destination_service_name` - Defaults to the parent service name.
|
|
- `proxy.destination_service_id` - Defaults to the parent service ID.
|
|
- `proxy.local_service_address` - Defaults to `127.0.0.1`.
|
|
- `proxy.local_service_port` - Defaults to the parent service port.
|
|
|
|
## Limitations
|
|
|
|
The following fields are not supported in the `connect.sidecar_service` block:
|
|
|
|
- `id` - Sidecar services get an ID assigned and it is an error to override
|
|
this. This ensures the agent can correctly deregister the sidecar service
|
|
later when the parent service is removed.
|
|
- `kind` - Kind defaults to `connect-proxy` and there is currently no way to
|
|
unset this to make the registration be for a regular non-connect-proxy
|
|
service.
|
|
- `connect.sidecar_service` - Service definitions can't be nested recursively.
|
|
- `connect.native` - Currently the `kind` is fixed to `connect-proxy` and it's
|
|
an error to register a `connect-proxy` that is also Connect-native.
|
|
|
|
## Lifecycle
|
|
|
|
Sidecar service registration is mostly a configuration syntax helper to avoid
|
|
adding lots of boiler plate for basic sidecar options, however the agent does
|
|
have some specific behavior around their lifecycle that makes them easier to
|
|
work with.
|
|
|
|
The agent fixes the ID of the sidecar service to be based on the parent
|
|
service's ID. This enables the following behavior.
|
|
|
|
- A service instance can _only ever have one_ sidecar service registered.
|
|
- When re-registering via API or reloading from configuration file:
|
|
- If something changes in the nested sidecar service definition, the change
|
|
will _update_ the current sidecar registration instead of creating a new
|
|
one.
|
|
- If a service registration removes the nested `sidecar_service` then the
|
|
previously registered sidecar for that service will be deregistered
|
|
automatically.
|
|
- When reloading the configuration files, if a service definition changes its
|
|
ID, then a new service instance _and_ a new sidecar instance will be
|
|
registered. The old ones will be removed since they are no longer found in
|
|
the config files.
|