How do you force the Envoy sidecar to listen on a specific interface?

zllovesuki · March 5, 2022, 1:13pm

Following the start guide (Consul Service Mesh | Nomad by HashiCorp) here works great. However, in my proposed setup, all nomad nodes have a Wireguard mesh overlay (access to default interface is blocked), and I would like the count-api's sidecar to listen on the Wireguard interface instead of the default interface. Is that a possible configuration?

ahjohannessen · March 6, 2022, 12:35pm

I think what you are looking for is this:

For instance:

client {
  host_network "wireguard" {
    cidr = "192.168.4.33/32"
  }
}

and then use that in your spec:

    network {
      mode = "bridge"
      port "inbound" {
        …
        host_network = "wireguard"
      }
    }

Topic		Replies	Views
Getting to grips with sidecar_service, consul and service mesh Nomad connect , consul	0	445	May 3, 2022
Bind envoy sidecar task to a non public interface Nomad connect , consul	0	257	December 7, 2022
Consul Connect jobs unable to talk to sidecar Nomad	3	8723	January 18, 2021
Is it possible to set envoy as default proxy for Consul sidecars? Consul connect , consul-nomad	2	594	November 11, 2021
New Learn Tutorials: Get Started with Service Mesh Observability and Traffic Management Consul k8s	4	695	November 4, 2021

How do you force the Envoy sidecar to listen on a specific interface?

Related topics