consul-k8s icon indicating copy to clipboard operation
consul-k8s copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Enquiry about installing consul

Open ForcemCS opened this issue 8 months ago • 0 comments

I want to use consul as a backend for vault, my consul and vault are in the same k8s cluster (small amount of users), will the following config file cause problems The values.yaml file for consul is as follows:

# Contains values that affect multiple components of the chart.
global:
  # The main enabled/disabled setting.
  # If true, servers, clients, Consul DNS and the Consul UI will be enabled.
  enabled: true
  # The prefix used for all resources created in the Helm chart.
  name: consul
  # The consul image version.
  #image: hashicorp/consul:1.16.0
  # The name of the datacenter that the agents should register as.
  datacenter: dc1-local
  # Enables TLS across the cluster to verify authenticity of the Consul servers and clients.
  tls:
    enabled: true
  # Enables ACLs across the cluster to secure access to data and APIs.
  acls:
    # If true, automatically manage ACL tokens and policies for all Consul components.
    manageSystemACLs: true
  # Exposes Prometheus metrics for the Consul service mesh and sidecars.
  metrics:
    enabled: true
    # Enables Consul servers and clients metrics.
    enableAgentMetrics: true
    # Configures the retention time for metrics in Consul servers and clients.
    agentMetricsRetentionTime: "1m"
# Configures values that configure the Consul server cluster.
resources:
  limits:
    memory: '2G'
    cpu: '2000m'
client:
  enabled: true
server:
  enabled: true
  # The number of server agents to run. This determines the fault tolerance of the cluster.
  replicas: 3
  #使用本地的存储类
  storageClass: local-storage-consul 
# Contains values that configure the Consul UI.
ui:
  enabled: true
  # Defines the type of service created for the Consul UI (e.g. LoadBalancer, ClusterIP, NodePort).
  # NodePort is primarily used for local deployments.
  service:
    type: NodePort
  # Enables displaying metrics in the Consul UI.
  metrics:
    enabled: true
    # The metrics provider specification.
    provider: "prometheus"
    # The URL of the prometheus metrics server.
    baseURL: http://prometheus-k8s.monitoring.svc.cluster.local
# Configures and installs the automatic Consul Connect sidecar injector.
connectInject:
  enabled: true
    # Enables metrics for Consul Connect sidecars.
  metrics:
    defaultEnabled: true
  #要在特定的名称空间启用服务网格,必须设置此参数
  default: true
  namespaceSelector: |
    matchLabels:
      connect-inject : enabled
  cni:
    enabled: true
    logLevel: info
    cniBinDir: "/opt/cni/bin"
    cniNetDir: "/etc/cni/net.d"

ForcemCS avatar Jun 14 '24 03:06 ForcemCS