Ansible module to distribute consul

Hi :slight_smile:
I tried to search online for a reliable and updated ansible role or collection to distribute consul agents and servers, but with no luck.
Most of the repos or ansible-galaxy collections and roles are old…
I have various Linux operating systems (windows can be part of the module as well).
I wonder if there is any good solution for me to distribute consul servers and agents?

I’m not aware of any, which don’t require you to build a fair amount of automation yourself.

I would actively recommend against using Ansible to manage a production Consul server cluster, as it makes it irritatingly difficult to do operations which iterate through the nodes of a cluster, performing appropriate health checks and waiting for the cluster to adapt to nodes e.g. restarting and rejoining the cluster, before proceeding.

Instead I’d automate such things in Python or a similar general purpose programming language to keep full control over the order of operations and tests, to ensure least-downtime operations.

Ok thanks.
What about consul agents?
How do you suggest to deploy it to an existing instances?

Personally? I’d just rewrite the relevant automation from scratch to fit in with the prevailing practices at whichever employer required it. If you think that’s mad, then consider that a Consul agent is pretty simple to deploy:

  • A single binary executable
  • A single configuration file
  • A data directory to store local state
  • Startup/shutdown integration with the OS service manager
  • Logging configuration

All of the slightly complicated bits here:

  • Where do you get the binary from
  • What exactly should be in the config file
  • How to integrate with the OS service manager
  • What happens to the logs
  • Only if the organization wants it, secure creation and registration of per-agent distinct credentials for communicating with the Consul cluster

are also the things that generally have to be customised to fit in with a particular organization’s preferred practices anyway.

1 Like

I have a shell script that covers what you are saying, but i am not sure how to deploy it, i thought to do it with ansible playbook, because i can see where exactly it fails if it will.
I wonder how to deploy the consul agent to an existing instances?

If you say so… in my experience, reading shell script output in ansible-playbook output is quite a chore, because it mangles all the newlines, or hides it completely.

That appears to be a general sysadmin / machine orchestration question, not specific to Consul? In which case, it’s hugely broad, and heavily dependent on your organization’s existing practices and policies - so my only possible answer is: Whatever works best in your environment.

I personally use the ansible-community/ansible-consul role to manage my home environment. (Note that this is not officially endorsed by HashiCorp.)

It hasn’t had a formal release in over a year, but it is still being maintained and commits are being made to the repo. I recommend installing a recent version from the master branch as shown here.