Consul on Kubernetes
A robust service mesh for discovering and securely connecting applications on Kubernetes.
Overview
Kubernetes and service mesh tend to go hand and hand. Organizations that adopt Kubernetes are looking for a way to automate, secure, and observe the connections between pods and clusters. Consul and Kubernetes provide a scalable and highly resilient platform for microservices. Consul supports any Kubernetes runtime including hosted solutions like EKS, AKS, GKE, and OpenShift.
Need help managing Consul on AWS? HCP Consul supports Amazon Elastic Kubernetes Service (EKS). Get started today.
Challenges
Multi-cluster
Organizations typically prefer to utilize a more distributed model for Kubernetes deployments. Rather than maintain a single cluster, they connect multiple environments for testing, staging, and production purposes.
Connecting Kubernetes to non-Kubernetes
Creating consistency when connecting Kubernetes to non-Kubernetes environments can be challenging, workflows need additional automation to accommodate many virtual machines or containers.
Securing Kubernetes networking
Securing Kubernetes networking with multiple layers of network policies can be challenging. Organizations need to apply policies at both the application layer and network layer to ensure consistent security.
Kubernetes monitoring
Obtaining insights into what's happening inside the cluster and the overall health of the cluster. In addition, security issues and vulnerabilities need to be properly tracked.
Why Consul on Kubernetes
Multi-platform
Support both Kubernetes and non-Kubernetes workloads on any runtime
Why it matters
You can connect almost any application to any runtime. Consul supports virtual machines and containers across just about any platform.
Features
- Run thousands of nodes with low latency
- Support any Kubernetes distribution
- Work across Kubernetes & non-Kubernetes Environments
Kube-native workflow
Use Consul’s Custom Resource Definitions (CRDs) to interact with Kubernetes
Why it matters
Reduce Application deployment times using a workflows not technologies approach and Kube native tools instead of manual scripts
Features
- Layer 7 Traffic
- Ingress/Egress through Gateways
- Custom Resource Definitions
Observable
Use built in UI and enable Kubernetes metrics via helm configuration
Why it matters
Provide enhanced observability using Kubernetes tools or use third party solutions to monitor Kubernetes performance
Features
- Built in UI metrics
- APM integrations (Prometheus, Datadog, etc.)
Secure
Offload security concerns from applications based on application security policies. With HCP, security is enabled by default.
Why it matters
You can connect almost any application to any runtime. Consul supports virtual machines and containers across just about any platform.
Features
- Encryption & Authorization (mTLS) using certificates for service identity
- Access Controls (ACLs) & Namespaces
- Automated Certificate Management & Rotation
Ways to get started
Tutorials
Setup Consul service mesh to get experience deploying service sidecar proxies and securing service with mTLS.
Secure Consul on Kubernetes using gossip encryption, TLS certificates, Access Control Lists, and Consul intentions.
Collect and visualize layer 7 metrics from services in your Kubernetes cluster using Consul service mesh, Prometheus, and Grafana.
Documentation
Consul offers an official Helm chart for quickly deploying and upgrading Consul on Kubernetes.
Use Consul’s Terraform provider for deploying and maintaining Consul agents across both Kubernetes and non-Kubernetes environments.