-
Notifications
You must be signed in to change notification settings - Fork 0
/
consul_client.sh
55 lines (48 loc) · 1.44 KB
/
consul_client.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
sudo cat << EOF > /etc/consul.d/config.hcl
# agent-server-secure.hcl
# Data Persistence
data_dir = "/etc/data/consul"
# Logging
log_level = "DEBUG"
# Enable service mesh
connect {
enabled = true
}
datacenter = "local"
retry_join = ["10.0.0.2","10.0.0.3","10.0.0.4"]
# Addresses and ports
addresses {
grpc = "$2"
https = "0.0.0.0"
dns = "0.0.0.0"
http = "0.0.0.0"
}
bind_addr = "$2"
ports {
grpc_tls = 8502
http = 8500
https = 8443
dns = 8600
}
# DNS recursors
recursors = ["1.1.1.1"]
# Disable script checks
enable_script_checks = false
# Enable local script checks
enable_local_script_checks = true
# bootstrap_expect = $3
EOF
rm -f /vagrant/tls/consul/local-server-consul-0.pem /vagrant/tls/consul/local-server-consul-0-key.pem
sudo rm -rf /etc/consul.d/tls.hcl
# mkdir /vagrant/tls/
# mkdir /vagrant/tls/consul/
# cd /vagrant/tls/consul/;[ -e /vagrant/tls/consul/consul-agent-ca.pem ] || consul tls ca create
# cd /vagrant/tls/consul/;[ -e /vagrant/tls/consul/consul-agent-ca-key.pem ] || consul tls ca create
# mkdir /etc/consul.d/tls/
# cd /etc/consul.d/tls; consul tls cert create -dc local -server -ca /vagrant/tls/consul/consul-agent-ca.pem -key /vagrant/tls/consul/consul-agent-ca-key.pem
sudo chown consul:consul /etc/consul.d/config.hcl
# sudo chown -R consul:consul /etc/consul.d/tls
mv /etc/consul.d/consul.service /etc/systemd/system/consul.service
sudo systemctl daemon-reload
sudo systemctl enable consul
sudo systemctl start consul