Pretty basic question but I’m not sure the best way to handle it.
I have some nodes that are multi-homed that I don’t want consul to participate on the second interface.
Reading the documentation using the agent bind_addr parameter will allow me to set the address consul with bind to which is great.
For example I set
bind_addr":“192.168.100.2”,
forcing consul to just bind to the interface with 192.168.100.2 address
This I thought solved my problem, until I realised that consul was now no longer running on 127.0.0.1 which means some of the consul tools and commands no longer work (and actually some functionality breaks)
as you can see list-peers wants to use 127.0.0.1 which fails correctly as it’s not bound to 127.0.0.1
I thought I’d be able to do something like comma separate a bind list, but the documentation says
‘This parameter can be set to a go-sockaddr template that resolves to a single address.’
suggesting it only supports a single address, so the only way I can get this working is to with remove the parameter (which binds it to all interfaces) or not have it listen on 127.0.0.1 which breaks things
I can think of sloppy work arounds such as bind to all and firewall off the unwanted interfaces but this seems a poor solution.
Is there a way to define interfaces consul listens on and include 127.0.0.1 ?
@ikonia, you can configure the client_addr parameter to bind Consul’s HTTP and DNS servers to multiple network addresses. Here’s an example that will bind to the loopback and server’s private IP.
I may have misunderstood the parameters then, (thank you).
what’s the point of ‘bind_addr’ if client_addr actually sets what interfaces/addresses the service listening on ?
one of my multi-homed interfaces has a public interface, so not exposing or having services like consul which are not needed removed from the public interface is just good practice.
is bind_addr actually usable then if you need to wildcard to allow consul to actually work properly ?
The bind_addr is the address that Consul should use and bound to for internal Cluster communication between the Consul agents. This includes the ports used by the Cluster Internal RPC and the Serf WAN and LAN ports. They can only be assigned one IP address.