i have 2 k8s consul cluster
aks (primary) <-> eks(second)
it’s ok
but i want to made vm consul cluster and join k8s cluster
i dont’ know how can i solve this problems!!!
vm-datacenter hostname consul-vm
consul tls cert create -server -dc=vm-datacenter -node consul-vm
------server config----------
{
“advertise_addr”: “50.14.43.173”, #vm public , private ip was same result
“addresses”: {
“https”: “0.0.0.0”
},
“bind_addr”: “0.0.0.0”,
“bootstrap_expect”: 1,
“client_addr”: “0.0.0.0”,
“datacenter”: “vm-datacenter”,
“data_dir”: “/var/lib/consul”,
“domain”: “consul”,
“enable_script_checks”: true,
“dns_config”: {
“enable_truncate”: true,
“only_passing”: true
},
“cert_file”: “/home/adminuser/vm-datacenter-server-consul-0.pem”,
“key_file”: “/home/adminuser/vm-datacenter-server-consul-0-key.pem”,
“ca_file”: “/home/adminuser/consul-agent-ca.pem”,
“primary_gateways”: [“50.14.37.159:443”], # aks
“enable_syslog”: true,
“enable_central_service_config”: true,
“primary_datacenter”: “aks-datacenter”,
“connect”: {
“enabled”: true,
“enable_mesh_gateway_wan_federation”: true
},
"verify_incoming": true,
"verify_outgoing": true,
"verify_server_hostname": true,
"ports": {
"https": 8501,
"http": 8500,
"dns": 53,
"grpc": 8502
},
"leave_on_terminate": true,
"log_level": "INFO",
"rejoin_after_leave": true,
"retry_join": [
"consul-vm"
],
"server": true,
"retry_join": [
"consul-vm"
],
"ui_config": {
"enabled": true
}
}
—for secondary --eks #10.0.0.5 is private ip of consul-vm
consul connect envoy -mesh-gateway -register
-service “secondary-primary”
-address 10.0.0.5:443
-wan-address 50.14.43.173:8443 -admin-bind 127.0.0.1:19005
-grpc-addr=https://127.0.0.1:8502
-ca-file=/home/adminuser/consul-agent-ca.pem
- consul members -wan
Node Address Status Type Build Protocol DC Segment
consul-server-0.aks-datacenter 10.244.1.15:8302 failed server 1.9.4 2 aks-datacenter
consul-server-0.eks-datacenter 192.168.231.4:8302 alive server 1.9.4 2 eks-datacenter
consul-vm.vm-datacenter 10.0.0.5:8302 alive server 1.9.4 2 vm-datacenter
– consul monitor----------
1-06-14T14:32:03.253Z [WARN] agent.server.rpc: RPC request to DC is currently failing as no server can be reached: datacenter=eks-datacenter
2021-06-14T14:32:04.742Z [INFO] agent.server.memberlist.wan: memberlist: Suspect consul-server-0.aks-datacenter has failed, no acks received
2021-06-14T14:32:05.056Z [WARN] agent: Check socket connection failed: check=service:secondary-primary error=“dial tcp 10.0.0.5:443: connect: connection refused”
2021-06-14T14:32:05.056Z [WARN] agent: Check is now critical: check=service:secondary-primary
2021-06-14T14:32:05.242Z [ERROR] agent.server.memberlist.wan: memberlist: Failed to send gossip to 192.168.231.4:8302: Remote DC has no server currently reachable
2021-06-14T14:32:05.742Z [ERROR] agent.server.memberlist.wan: memberlist: Failed to send gossip to 192.168.231.4:8302: Remote DC has no server currently reachable
2021-06-14T14:32:07.750Z [WARN] agent.server.rpc: RPC request to DC is currently failing as no server can be reached: datacenter=eks-datacenter
2021-06-14T14:32:09.742Z [ERROR] agent.server.memberlist.wan: memberlist: Failed to send ping: Remote DC has no server currently reachable
2021-06-14T14:32:11.126Z [WARN] agent.server.rpc: RPC request to DC is currently failing as no server can be reached: datacenter=eks-datacenter
2021-06-14T14:32:11.971Z [ERROR] agent.server.memberlist.wan: memberlist: Push/Pull with consul-server-0.eks-datacenter failed: Remote DC has no server currently reachable
2021-06-14T14:32:14.659Z [WARN] agent.server.rpc: RPC request to DC is currently failing as no server can be reached: datacenter=eks-datacenter
2021-06-14T14:32:15.057Z [WARN] agent: Check socket connection failed: check=service:secondary-primary error=“dial tcp 10.0.0.5:443: connect: connection refused”
2021-06-14T14:32:15.057Z [WARN] agent: Check is now critical: check=service:secondary-primary
2021-06-14T14:32:17.595Z [WARN] agent.server.rpc: RPC request to DC is currently failing as no server can be reached: datacenter=eks-datacenter
2021-06-14T14:32:17.742Z [ERROR] agent.server.memberlist.wan: memberlist: Failed to send indirect ping: Remote DC has no server currently reachable
2021-06-14T14:32:21.703Z [WARN] agent.server.rpc: RPC request to DC is currently failing as no server can be reached: datacenter=eks-datacenter
2021-06-14T14:32:25.057Z [WARN] agent: Check socket connection failed: check=service:secondary-primary error=“dial tcp 10.0.0.5:443: connect: connection refused”
2021-06-14T14:32:25.057Z [WARN] agent: Check is now critical: check=service:secondary-primary