Nelson
1
Hello,
I have two services that manage their own configuration and tags (patroni and vault).
e.g. patroni service:
$ curl "http://127.0.0.1:8500/v1/catalog/services"
{"consul":[],"patroni":["replica","master","primary"],"rabbitmq":[],"vault":["active","initialized","standby"]}
$ curl "http://127.0.0.1:8500/v1/agent/services"
{"patroni/master":{"ID":"patroni/master","Service":"patroni","Tags":["master","primary"],"Meta":{},"Port":5432,"Address":"master.node.consul","Weights":{"Passing":1,"Warning":1},"EnableTagOverride":true,"Datacenter":"dc1"}}
But none of my dns requests using tags works like it should.
$ dig patroni.service.consul srv +short
1 1 5432 slave-2.node.consul.
1 1 5432 slave-1.node.consul.
1 1 5432 master.node.consul.
$ dig primary.patroni.service.consul srv +short
1 1 5432 slave-2.node.consul.
1 1 5432 master.node.consul.
1 1 5432 slave-1.node.consul.
$ dig active.vault.service.consul srv +short
1 1 8200 orchestrator-2.node.consul.
1 1 8200 orchestrator-1.node.consul.
1 1 8200 orchestrator-3.node.consul.
Am I missing something ? Here is my configuration:
# consul.conf
advertise_addr = "..."
bootstrap_expect = 3
client_addr = "0.0.0.0"
data_dir = "/consul/data"
node_name = "orchestrator-1"
retry_join = [
...
]
server = true
auto_encrypt {
allow_tls = true
}
tls {
defaults {
ca_file = "/etc/certs/rootCA.pem"
cert_file = "/etc/certs/orchestrator-1.pem"
key_file = "/etc/certs/orchestrator-1.key"
verify_incoming = true
verify_outgoing = true
verify_server_hostname = true
}
}
enable_agent_tls_for_checks = true
ui_config = {
enabled = true
}
blake
2
@Nelson, what version of Consul are you using?
There was a regression in a recent release that caused tags to be ignored when performing DNS lookups.
This was fixed in Consul 1.18.3 and Consul 1.19.1.
Nelson
3
That was it ! I updated from version 1.19 to 1.19.1.
Thank you very much.
system
Closed
4
This topic was automatically closed 62 days after the last reply. New replies are no longer allowed.