mTLS between cluster application nodes using consul service mesh

ashwinkupatkar · March 15, 2022, 5:56pm

Hello guys,

How do we use consul service mesh for clustered applications ?

Meaning to say i have kafka broker nodes which are connected to it each other using the configuration as BROKER_LIST=node1:port,node2:port,node3:port

How do we implement mTLS between these peer nodes using consul service mesh ?

blake · March 15, 2022, 7:53pm

Hi @ashwinkupatkar,

Are you using Consul service mesh on Kubernetes?

If so, you should be able to use transparent proxy, headless services, and dialed directly enabled in order to enable this type of communication between peer nodes. See https://www.consul.io/docs/connect/transparent-proxy#headless-services for more info.

ashwinkupatkar · March 16, 2022, 10:28pm

Hi @blake, I have the application setup on a vm infrastructure. How do i use transparent proxy on a vm based environment ? Few examples might help.

blake · March 16, 2022, 10:30pm

The following thread has links to some unofficial resources for running tproxy on VMs. That deployment model currently only supports a single Envoy proxy per VM.

I recently resumed my exploration for running multiple proxies on a single VM. I’m hoping to have a solution soon, and will update the my GitHub repo with those examples.

ashwinkupatkar · March 16, 2022, 10:43pm

Sure @blake I will go through the discussion and get back. Thanks again.

Topic		Replies	Views
Does consul Transparent Proxy supported in VM service mesh? Consul connect	13	2134	April 14, 2023
Query regarding Transparent proxy usage Consul connect	3	585	December 16, 2021
Consul Connect, Federation, and TCP/ZeroMQ Consul connect	1	415	August 4, 2023
Consul api-gateway with vm Consul	1	298	November 30, 2022
Issue on mesh gateway (Vm) on wan federated consul cluster (k8s<->vm) Consul k8s , helm , consul	7	754	November 16, 2022

mTLS between cluster application nodes using consul service mesh

Related topics