Services like Elasticsearch can use DNS names to support discovery and cluster formation. Without Consul Connect, I can register each Elasticsearch instance in Consul (e.g. elasticsearch-master) with tags unique for each node (e.g. elasticsearch-master-${NOMAD_ALLOC_INDEX}), then supply Elasticsearch with the DNS names for all members of the cluster (e.g. elasticsearch-master-0.elasticsearch-master.service.consul,elasticsearch-master-0.elasticsearch-master.service.consul). Elasticsearch is able to use Consul DNS and service tags to find all members and bootstrap the cluster.
However, when I try to use Consul Connect by adding:
connect {
sidecar_service {
proxy {
transparent_proxy {}
}
}
}
to the service stanza and replacing “.service.” with “.virtual.”, the nodes aren’t able to find each other and bootstrap.
Is this behavior not actually possible? That is, is it possible to register multiple identical services (same name) and allow them to discover each other through the Envoy proxy? Or is the Envoy proxy inbound only and not peer to peer? Hoping this makes sense!