den-is/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Everything should be in one directory root.
Except services: they should be in consul.d directory located in same root.
ACL should be uploaded via UI or appropriate API call.
With that setup you can have consul binary on your host machine, in $PATH and execute commands normally (dc1, a1 - is connection server)
docker-compose up
docker-compose exec a1 ip a
docker-compose restart a1[a2,a3,b1,b2,b3,...]
docker-compose exec b1 join -wan a1
docker-compose down

http://localhost:8500/ui

  
## anonymous_acl
event "" {
  policy = "read"
}
node "" {
  policy = "read"
}
service "" {
  policy = "read"
}

## client_conf_dc1.json
{
    "server": false,
    "datacenter": "dc1",
    "data_dir": "/consul/data",
    "encrypt": "THepjzFN8bBnX8Ms0hUPew==",
    "client_addr": "0.0.0.0",
    "log_level": "TRACE",
    "acl_datacenter": "dc1",
    "acl_token": "fc8025dc-ab74-717c-3849-eb17277a6e68"
}

## client_conf_dc2.json
{
    "server": false,
    "datacenter": "dc2",
    "data_dir": "/consul/data",
    "encrypt": "THepjzFN8bBnX8Ms0hUPew==",
    "client_addr": "0.0.0.0",
    "log_level": "TRACE",
    "acl_datacenter": "dc1",
    "acl_token": "fc8025dc-ab74-717c-3849-eb17277a6e68"
}

## docker-compose.yml
# Starts two Consul clusters.
# Cluster "DC1", in network "net_dc1", with nodes a1, a2, a3.
# Cluster "DC2", in network "net_dc2", with nodes b1, b2, b3.
# consul 0.8.5+
# join over wan happens manually. with `docker exec b1 consul join -wan a1`, or adding `join_wan` into appropriate DCs server config
version: "2"
services:
  a1:
    image: consul
    command: agent -config-dir=/consul/config -node=srv_a1 -advertise=10.0.1.2 -advertise-wan=10.0.2.5
    ports:
      # For communications from host machine
      # http://localhost:8500/ui
      - "8500:8500"     # HTTP
      - "8600:8600"     # DNS
      - "8600:8600/udp" # DNS
    volumes:
      - ./server_conf_dc1.json:/consul/config/config.json
    networks:
      net_dc1:
        ipv4_address: 10.0.1.2
      net_dc2:
        ipv4_address: 10.0.2.5
  a2:
    image: consul
    command: agent -config-dir=/consul/config -node=srv_a2 -advertise=10.0.1.3 -advertise-wan=10.0.2.6 -join=a1
    volumes:
      - ./server_conf_dc1.json:/consul/config/config.json
    depends_on:
      - a1
    networks:
      net_dc1:
        ipv4_address: 10.0.1.3
      net_dc2:
        ipv4_address: 10.0.2.6
  a3:
    image: consul
    command: agent -config-dir=/consul/config -node=client_a1 -join=a2
    volumes:
      - ./client_conf_dc1.json:/consul/config/config.json
      - ./consul.d/web.json:/consul/config/web.json
    depends_on:
      - a2
    networks:
      net_dc1:
        ipv4_address: 10.0.1.4
  b1:
    image: consul
    command: agent -config-dir=/consul/config -node=srv_b1 -advertise=10.0.2.2 -advertise-wan=10.0.1.5
    volumes:
      - ./server_conf_dc2.json:/consul/config/config.json
    networks:
      net_dc1:
        ipv4_address: 10.0.1.5
      net_dc2:
        ipv4_address: 10.0.2.2
  b2:
    image: consul
    command: agent -config-dir=/consul/config -node=srv_b2 -advertise=10.0.2.3 -advertise-wan=10.0.1.6 -join=b1
    volumes:
      - ./server_conf_dc2.json:/consul/config/config.json
    depends_on:
      - b1
    networks:
      net_dc1:
        ipv4_address: 10.0.1.6
      net_dc2:
        ipv4_address: 10.0.2.3
  b3:
    image: consul
    command: agent -config-dir=/consul/config -node=client_b1 -join=b2
    volumes:
      - ./client_conf_dc2.json:/consul/config/config.json
      - ./consul.d/web_2.json:/consul/config/web.json
    depends_on:
      - b2
    networks:
      net_dc2:
        ipv4_address: 10.0.2.4

networks:
  net_dc1:
    ipam:
      driver: default
      config:
      - subnet: 10.0.1.0/24
        gateway: 10.0.1.1
  net_dc2:
    ipam:
      driver: default
      config:
      - subnet: 10.0.2.0/24
        gateway: 10.0.2.1

## seerver_agent_nodes_acl
agent "" {
  policy = "write"
}
node "" {
  policy = "write"
}
service "" {
  policy = "write"
}
operator = "write"

## server_conf_dc1.json
{
    "server": true,
    "bootstrap_expect": 2,
    "datacenter": "dc1",
    "data_dir": "/consul/data",
    "encrypt": "THepjzFN8bBnX8Ms0hUPew==",
    "client_addr": "0.0.0.0",
    "log_level": "TRACE",
    "ui": true,
    "acl_datacenter": "dc1",
    "acl_default_policy": "allow",
    "acl_down_policy": "allow",
    "acl_master_token": "b0ab1a1d-d771-4a50-bc70-aa8cc0a2aaad",
    "acl_token": "fc8025dc-ab74-717c-3849-eb17277a6e68"
}

## server_conf_dc2.json
{
    "server": true,
    "bootstrap_expect": 2,
    "datacenter": "dc2",
    "data_dir": "/consul/data",
    "encrypt": "THepjzFN8bBnX8Ms0hUPew==",
    "client_addr": "0.0.0.0",
    "log_level": "TRACE",
    "ui": true,
    "acl_datacenter": "dc1",
    "acl_default_policy": "allow",
    "acl_down_policy": "allow",
    "acl_token": "fc8025dc-ab74-717c-3849-eb17277a6e68"
}
	event "" {
	policy = "read"
	}
	node "" {
	policy = "read"
	}
	service "" {
	policy = "read"
	}
	{
	"server": false,
	"datacenter": "dc1",
	"data_dir": "/consul/data",
	"encrypt": "THepjzFN8bBnX8Ms0hUPew==",
	"client_addr": "0.0.0.0",
	"log_level": "TRACE",
	"acl_datacenter": "dc1",
	"acl_token": "fc8025dc-ab74-717c-3849-eb17277a6e68"
	}
	{
	"server": false,
	"datacenter": "dc2",
	"data_dir": "/consul/data",
	"encrypt": "THepjzFN8bBnX8Ms0hUPew==",
	"client_addr": "0.0.0.0",
	"log_level": "TRACE",
	"acl_datacenter": "dc1",
	"acl_token": "fc8025dc-ab74-717c-3849-eb17277a6e68"
	}
	# Starts two Consul clusters.
	# Cluster "DC1", in network "net_dc1", with nodes a1, a2, a3.
	# Cluster "DC2", in network "net_dc2", with nodes b1, b2, b3.
	# consul 0.8.5+
	# join over wan happens manually. with `docker exec b1 consul join -wan a1`, or adding `join_wan` into appropriate DCs server config
	version: "2"
	services:
	a1:
	image: consul
	command: agent -config-dir=/consul/config -node=srv_a1 -advertise=10.0.1.2 -advertise-wan=10.0.2.5
	ports:
	# For communications from host machine
	# http://localhost:8500/ui
	- "8500:8500" # HTTP
	- "8600:8600" # DNS
	- "8600:8600/udp" # DNS
	volumes:
	- ./server_conf_dc1.json:/consul/config/config.json
	networks:
	net_dc1:
	ipv4_address: 10.0.1.2
	net_dc2:
	ipv4_address: 10.0.2.5
	a2:
	image: consul
	command: agent -config-dir=/consul/config -node=srv_a2 -advertise=10.0.1.3 -advertise-wan=10.0.2.6 -join=a1
	volumes:
	- ./server_conf_dc1.json:/consul/config/config.json
	depends_on:
	- a1
	networks:
	net_dc1:
	ipv4_address: 10.0.1.3
	net_dc2:
	ipv4_address: 10.0.2.6
	a3:
	image: consul
	command: agent -config-dir=/consul/config -node=client_a1 -join=a2
	volumes:
	- ./client_conf_dc1.json:/consul/config/config.json
	- ./consul.d/web.json:/consul/config/web.json
	depends_on:
	- a2
	networks:
	net_dc1:
	ipv4_address: 10.0.1.4
	b1:
	image: consul
	command: agent -config-dir=/consul/config -node=srv_b1 -advertise=10.0.2.2 -advertise-wan=10.0.1.5
	volumes:
	- ./server_conf_dc2.json:/consul/config/config.json
	networks:
	net_dc1:
	ipv4_address: 10.0.1.5
	net_dc2:
	ipv4_address: 10.0.2.2
	b2:
	image: consul
	command: agent -config-dir=/consul/config -node=srv_b2 -advertise=10.0.2.3 -advertise-wan=10.0.1.6 -join=b1
	volumes:
	- ./server_conf_dc2.json:/consul/config/config.json
	depends_on:
	- b1
	networks:
	net_dc1:
	ipv4_address: 10.0.1.6
	net_dc2:
	ipv4_address: 10.0.2.3
	b3:
	image: consul
	command: agent -config-dir=/consul/config -node=client_b1 -join=b2
	volumes:
	- ./client_conf_dc2.json:/consul/config/config.json
	- ./consul.d/web_2.json:/consul/config/web.json
	depends_on:
	- b2
	networks:
	net_dc2:
	ipv4_address: 10.0.2.4

	networks:
	net_dc1:
	ipam:
	driver: default
	config:
	- subnet: 10.0.1.0/24
	gateway: 10.0.1.1
	net_dc2:
	ipam:
	driver: default
	config:
	- subnet: 10.0.2.0/24
	gateway: 10.0.2.1
	agent "" {
	policy = "write"
	}
	node "" {
	policy = "write"
	}
	service "" {
	policy = "write"
	}
	operator = "write"
	{
	"server": true,
	"bootstrap_expect": 2,
	"datacenter": "dc1",
	"data_dir": "/consul/data",
	"encrypt": "THepjzFN8bBnX8Ms0hUPew==",
	"client_addr": "0.0.0.0",
	"log_level": "TRACE",
	"ui": true,
	"acl_datacenter": "dc1",
	"acl_default_policy": "allow",
	"acl_down_policy": "allow",
	"acl_master_token": "b0ab1a1d-d771-4a50-bc70-aa8cc0a2aaad",
	"acl_token": "fc8025dc-ab74-717c-3849-eb17277a6e68"
	}