I am running a sidecar that is running an envoy proxy that is configured to route to the main task. I also configured traefik on the job using consul connect. I want to configure traefik route to the sidecar and sidecar to the main task. Is this something feasible?
This is interesting. Would you mind to share some basic configs to help people to reproduce your behavior and give you a solution? I will try myself when I have some spare time today or tomorrow.
Hello Hector, please find below the minimized configuration. The following conf is resulting traefik routing traffic directly to the main task
{
"job": {
"node_1": {
"constraint": [
{
"attribute": "${node.class}",
"operator": "=",
"value": "ng"
}
],
"datacenters": [
"eu-central-1"
],
"group": {
"node_1": {
"count": 1,
"network": {
"dns": {
"servers": [
"<ip address>"
]
},
"mode": "bridge",
"port": {
"node_1": {
"static": 50053,
"to": 50053
}
}
},
"service": [
{
"address_mode": "auto",
"connect": [
{
"sidecar_service": [
{
"proxy": [
{
"config": {
"envoy_cluster_json": {
"connect_timeout": "5s",
"type": "STATIC",
"http2_protocol_options": {},
"lb_policy": "round_robin",
"load_assignment": {
"cluster_name": "node_service",
"endpoints": [
{
"lb_endpoints": [
{
"endpoint": {
"address": {
"socket_address": {
"address": "127.0.0.1",
"port_value": 50053
}
}
}
}
]
}
]
}
},
"envoy_listener_json": {
"address": {
"socket_address": {
"address": "0.0.0.0",
"port_value": 50053
}
},
"filter_chains": [
{
"filters": [
{
"name": "envoy.filters.network.http_connection_manager",
"typed_config": {
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager",
"codec_type": "auto",
"stat_prefix": "ingress_grpc",
"route_config": {
"virtual_hosts": [
{
"name": "node",
"domains": [
"*"
],
"routes": [
{
"match": {
"prefix": "/"
},
"route": {
"cluster": "node_service",
"max_stream_duration": {
"grpc_timeout_header_max": "0s"
}
}
}
]
}
],
"cors": {
"allow_origin_string_match": {
"suffix": "*"
},
"allow_methods": "GET, PUT, DELETE, POST, OPTIONS",
"allow_headers": "keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,custom-header-1,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout,request-nonce,did,did-key-id,did-signature,public-key,signature,trace-id,prism-auth-token",
"max_age": "1728000",
"expose_headers": "grpc-status,grpc-message,userid,userId"
}
},
"http_filters": [
{
"name": "envoy.filters.http.grpc_web",
"typed_config": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.grpc_web.v3.GrpcWeb"
}
},
{
"name": "envoy.filters.http.cors",
"typed_config": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.cors.v3.Cors"
}
},
{
"name": "envoy.filters.http.router",
"typed_config": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
},
{
"name": "envoy.filters.http.grpc_stats"
}
]
}
}
]
}
]
}
}
}
],
"tags": [
"dummy"
]
}
]
}
],
"name": "ng-node_1",
"port": "50053",
"tags": [
"${NOMAD_ALLOC_ID}",
"ng",
"ingress",
"traefik.enable=true",
"traefik.http.routers.ng-node_1.rule=Host(`node_1.com`)",
"traefik.http.routers.ng-node_1.entrypoints=ng-node_1",
"traefik.http.routers.ng-node_1.tls=true",
"traefik.http.routers.ng-node_1.tls.certresolver=acme",
"traefik.http.services.ng-node_1.loadbalancer.server.scheme=h2c"
]
}
],
"task": {
"node_1": {
"config": {
"command": "/usr/local/openjdk-11/bin/java",
"image": "<image>"
},
"driver": "docker",
"kill_signal": "SIGTERM",
"kill_timeout": "1m0s",
"resources": {
"cpu": 5000,
"memory": 2048
},
"template": [
{
"change_mode": "restart",
"data": "<some data>",
"destination": "/secrets/env.sh",
"env": true,
"left_delimiter": "{{",
"perms": "0644",
"right_delimiter": "}}",
"splay": "5s"
}
],
"vault": {
"change_mode": "noop",
"env": true,
"policies": [
"db-sync",
"node_1",
"wallet"
]
}
},
"vector": {
"config": {
"args": [
"--config",
"/local/vector/default.json"
],
"image": "registry.ci.iog.io/vector:a21vmrlf0x585lsgdpf4ks6y6p5s7sx3"
},
"driver": "docker",
"lifecycle": {
"sidecar": true
},
"template": [
"some template"
]
}
}
}
},
"id": "node_1",
"migrate": {
"health_check": "checks",
"healthy_deadline": "8m20s",
"max_parallel": 1,
"min_healthy_time": "10s"
},
"namespace": "ng",
"priority": 50,
"reschedule": {
"delay": "30s",
"delay_function": "exponential",
"max_delay": "1h0m0s",
"unlimited": true
},
"spread": [
{
"attribute": "${node.datacenter}"
}
],
"type": "service",
"update": {
"health_check": "checks",
"healthy_deadline": "5m0s",
"max_parallel": 1,
"min_healthy_time": "10s",
"progress_deadline": "10m0s",
"stagger": "30s"
}
}
}
}
Thanks! What a huge job declaration! haha .hcl are much better in my opinion, .json files are too verbose.
I will have a look to this tonight, let’s see if I contribute to the solution. 
We are actually using Nix to define this… I copied this from the output file Nix generates and it turns out to be json 
Thank you in advance for making time for this!
I haven’t forgot this ! I have been busy lately, and it’s not easy to reproduce the environment. I am in progress. Did you make any improvement ?
No i didn’t. I tried passing a service name for the side car so that i can configure traefik to use it as a service but looks like we can’t give names to sidecars.