Hello,
Im trying to study Consul Connect on ,non" k8s infra , and I did setup 3 node Consul cluster, and register mysql and postgres services as consul agent.
Postgres is master/slave configuration so agent in DNS see only proper working IP
dig postgres.service.consul +short
192.168.95.5
dig postgres.service.consul SRV +short
1 1 5432 c0a80c75.addr.eu-dom.consul.
and I in other service like nginx registered upstreams to be able to reach this postgres via 127.0.0.1 5444 tcp port using mesh, and connection ± works but entering postgres without password … ( no idea how ? ) and not pointing to this 192.168.95.5 IP only but to all 3 nodes , even if 2 nodes are registered as critical
psql -U postgres -h 127.0.0.1 -p 5444
psql (12.11 (Ubuntu 12.11-0ubuntu0.20.04.1), server 12.10 (Ubuntu 2:12.10-3.focal))
Type “help” for help.
postgres=#
services {
id = “nginx”
name = “nginx”
tags = [
“nginx”
]
address = “192.168.13.190”
port = 443
checks = [
{
args = [ “/etc/consul.d/scripts/check-nginx.sh” ]
interval = “10s”
timeout = “15s”
}
]
connect {
sidecar_service {
port = 20000
check {
name = “Connect Envoy Sidecar”
tcp = “192.168.13.190:20000”
interval = “10s”
}
proxy {
upstreams {
destination_name = “mysql”
local_bind_address = “127.0.0.1”
local_bind_port = 3306
config {
protocol = “tcp”
}
}
upstreams {
destination_name = “postgres”
local_bind_address = “127.0.0.1”
local_bind_port = 5444
config {
protocol = “tcp”
}
}
config {
protocol = “tcp”
envoy_prometheus_bind_addr = “0.0.0.0:9102”
}
}
}
}
}
probably I do not understand something about Consul, can you advice ?
Best regards