Need some help understanding how to access services by name from outside Consul

Hi:

I am doing a research piece on Consul at the detailed technical level. I need some help understanding how to access a service registered by name in Consul from outside of Consul. For example, let’s say I register a service, dogs.service.consul that binds to the public IP address and port according to my definition, IP = 1.2.3.4 and port = 9123. I am bit mystified as to how to access this service using something like, curl http://dogs.service.consul from out on the internet.

I admit I must be missing some basic understanding of Consul. If so, I welcome any education that can be thrown my way. Also, I never expect anybody to help me out for free. Thanks in advance.

Hi Bob.

The answer depends on what is meant by “outside of Consul”. In general, Consul service discovery is meant to only be utilized by other services within the routable network, not as the service discovery mechanism for a client out on the internet.

Within the routable network, dogs.service.consul can be resolved by another service via DNS as long as that service has the Consul DNS interface within its DNS resolution path. This DNS Interface documentation goes into more detail about how that can potentially work.

Hope that answered the question, and please let us know if you have any more.

Thank you!

So, to make sure I understand things correctly, if I am writing an application that is running out on the internet and needs to get at dog.service.consul, I need to do the following:

• Query the Consul server to get the IP address of dog.service.consul. The way I locate the Consul server is according to the IP address the server is bound to.
• Inspect the response from the Consul server to get the IP address of dog.service.consul as declared in the service definition of dog.service.consul
• Make an http call to the IP address associated with dog.service.consul

Tell me please, is my understanding correct?

Yes that is essentially correct. The method of querying could be either DNS or HTTP in this case.

An example using DNS might be:

An application running at dog.service.consul, with 3 backing instances of IP address 10.0.0.2, 10.0.0.3, and 10.0.0.4. The instance at 10.0.0.3 has crashed and is currently down.

Running a query like curl http://dogs.service.consul/bark (as long as Consul DNS was forwarded correctly) would result in:

  1. The curl client contacting the Consul server to resolve dogs.service.consul
  2. Consul will check for services associated to dogs.service.consul, and find the 3 backing IP addresses
  3. Consul DNS will return only the healthy instances, 10.0.0.2 and 10.0.0.4 in the DNS response
  4. The curl client will receive the DNS response and pick one of the two healthy IP addresses to send the HTTP request to.

My understanding is getting close. The missing part for me understanding how the curl client knows about http://dogs.service.consul/. Wouldn’t dogs.service.consul need to be known to a generally available DNS server on the internet?

Yes it would. It is not recommended to expose Consul DNS to the outside internet. However, inside the network, the DNS request can be forwarded in various ways. Please see the Forward DNS guide for more details on that.

Chris:

Thank you so much for your patience and generosity.

Bob