Hi Team,
We have a lot of services running which are accessible through REST API calls. Those calls are authenticated using Basic Auth. We also use HTTPS protocol. These services are docker containers, proxied by Traefik on each node separately and located in customer environment. Consul Server is installed in centrally in our environment in K8S. We are going to use Consul Catalog for dynamic targets discovery in Prometheus.
For example, https://example-service or https://example-service/metrics
We want to include these external services into Consul Catalog via API calls to /agent/service/register or /catalog/register endpoints. But after some days of investigating and tests, it looks like there are no ways to use HTTPS and Basic Auth into the JSON Request Body. Only services with plain HTTP and without basic auth are working as expected. I saw several related questions at stackoverflow, but all of them without answers.
-
Is it possible to register services to Consul, which is protected via HTTPS and basic auth?
-
Are there any other architectural decisions how to securely include standalone protected services to Consul Catalog?
Thanks in advance.