Context: We are deploying consul across three data centers. These data centers are setup using Terraform, using images/snapshots built by Packer. Eventually we aim to have Consul service mesh gateways bewteen the data centers, with an ingress and egress gateway
For configuration of Consul itself, best practice (from what we can tell), is to bake configuration into the images (using Packer). We are happy to be corrected on this.
Our main uncertainty right now is how to best manage (internal) services, specifically their configuration files. Our current understanding is the Terraform Consul resources uses the Consul catalog, so are suitable only for external services.
We note that Terraform is deprecating provisioners other than the remote and local exec resources. So it seems that providing them via Chef/Ansible/scripts during Terraform provisioning is likely not the right approach. Is that correct?
Is best practice to bake Consul service configuration files with Packer?
Some other mechanism we haven’t encountered or thought of?