Remotely update service tags on client node

I want to update tag value in client node config files. I do it manually by SSHing the node and updating the tag value. I want to automate this tag value updation. How can I achieve this?

You could use a configuration management system like Puppet, Chef or SaltStack to manage your node configurations.

Thanks for the response @Wolfsrudel
I am already using Puppet but what I want to do is automated load testing. For that I am writing a script which will change the tag value and load on the box (application server). On each change, it will check the logs and resource utilisation of that box.
So that’s why I want to change it without SSH. I tried some api calls like
curl --request PUT --data @payload.json http://127.0.0.1:8500/v1/agent/service/register\?replace-existing-checks\=true -v
to update the configuration but this does it on server only. On client ip, 8500 is blocked by default and not used for this purpose.

Hi @xyphanajay - Thanks for the detailed breakdown of what you’re trying to accomplish.

Can you please post the content of payload.json with any sensitive information removed/redacted? Is this the service definition for the service you are trying to change?

When Consul agent starts up, it loads the config on the host and stores it in memory. In the event that the config file is changed on the host, consul agent needs to be reloaded to get the new config.

I’m going to set up a cluster and will get back to you to see if I can replicate this - in the meantime, some additional details around what’s being sent and what you’re seeing would be great!

1 Like

@xyphanajay Take a look at the enable_tag_override parameter available for service definitions. It may provide the functionality you’re looking for.

1 Like

@jsosulska thank you for replying. Let me elaborate whole thing that I am doing.
Step 1: Run a consul server with no config file

consul agent -server -ui -node=serv-1 -data-dir=./ -bootstrap-expect=1 -client=0.0.0.0 -advertise=172.16.xx.67 -enable-script-checks

Step 2: Run consul client agent with a config file

consul agent -node=cli-1 -data-dir=./ -join=172.16.xx.67 -bind=172.16.xx.39 -config-file=file.json

file.json

{
“service”: {
“address”: “172.16.xx.39”,
“checks”: [{
“Args”: [“health checks”],
“interval”: “10s”
}],
“id” : “cli_id”,
“name” : “client”,
“port” : 8080,
“tags” : ["‘24’"]
}
}

Step 3: Registering service via api call link

curl --request PUT --data @payload.json http://172.16.xx.67:8500/v1/agent/service/register?replace-existing-checks=true

payload.json

{
“address” : “172.16.xx.39”,
“checks”: [{
“Args”: [“curl”, “localhost”],
“interval”: “10s”
}],
“id”:“cli_id”,
“name”: “client”,
“port”: 8080,
“tags”: ["‘12’"]
}

Results: It registers a service on the server with IP address of client on it.
Wanted to achieve: To register or update a service on the client, i.e. update the tag value from 24 to 12.
Now please help me what wrong I am doing in this. Thanks.

Update: I run consul client agent with -client=172.16.xx.39, i.e. mentioned it’s own ip as client.

consul agent -node=c1 -data-dir=./data -bind=172.16.xx.39 -config-file=file.json -enable-script-checks -join=172.16.xx.67 -client=172.16.xx.39

And called with api but on client ip, i.e. 172.16.xx.39.

curl --request PUT --data @payload.json 172.16.xx.39:8500/v1/agent/service/register?replace-existing-checks=true -v

It worked but if I want to do it on AWS EC2 or a system with dynamic ip address allocation to consul client agents, i wont be able to do this.

It’s registering service on the consul server, what I want is to register or update service tags on client.
I’ll try to put tag override and let you know if it works. Hope it works.

Update: It didn’t work as expected. I added enable_tag_override=false in config file of client, still registering (updating) service on server. Same with enable_tag_override=true.

Hi @xyphanajay,
Thanks for that run down! Definitely very detailed, and helps us debug better!

To update the tags, you will use the catalog endpoint. The reason for using the catalog endpoint is that agent endpoints only query the local agent. They do not query the catalog. When you called agent/register on the server, it’s registering the service locally first, then attempting to push it to the catalog, and likely failing due to the conflicting service ID.

First, add enable_tag_override: true in your service configuration file file.json. This allows tags for that service to be updated directly in the catalog. You can read more about it here

Then, update the service tags from the /catalog/register API endpoint. The payload should contain the full service definition with updated tags, as well as the client node’s information like the datacenter, node name, and address. This maps to step 3 in your previous post.

Last, query the catalog to confirm the tags changed.

Additional Info:
By editing the registration in the catalog directly, the tag update can be done by any agent in the datacenter. To get the latest tags from the catalog you will need to query an endpoint such as /catalog/service or /health/service.
Looking forward to hearing your experiences with updating tags centrally.

A more in depth description of the anti-entropy model can be found here.

1 Like