我的书签
添加书签
移除书签Define services
This topic describes how to define services so that they can be discovered by other services. Refer to Services Overview for additional information.
Overview
You must tell Consul about the services deployed to your network if you want them to be discoverable. You can define services in a configuration file or send the service definition parameters as a payload to the /agent/service/register API endpoint. Refer to Register Services and Health Checks for details about how to register services with Consul.
You can define multiple services individually using service blocks or group multiple services into the same services configuration block. Refer to Define multiple services in a single file for additional information.
If Consul service mesh is enabled in your network, you can use the service defaults configuration entry to specify default global values for services. The configuration entry lets you define common service parameter, such as upstreams, namespaces, and partitions. Refer to Define service defaults for additional information.
Requirements
The core service discovery features are available in all versions of Consul.
Service defaults
To use the service defaults configuration entry, verify that your installation meets the following requirements:
- Consul 1.5.0+
- Consul 1.8.4+ is required to use the
ServiceDefaultscustom resource on Kubernetes
ACLs
If ACLs are enabled, resources in your network must present a token with service:read access to read a service defaults configuration entry.
You must also present a token with service:write access to create, update, or delete a service defaults configuration entry.
Service configurations must also contain and present an ACL token to perform anti-entropy syncs and deregistration operations. Refer to Modify anti-entropy synchronozation for additional information.
On Consul Enterprise, you can register services with specific namespaces if the services’ ACL tokens are scoped to the namespace. Services registered with a service definition do not inherit the namespace associated with the ACL token specified in the token field. The namespace and the token parameters must be included in the service definition for the service to be registered to the namespace that the ACL token is scoped to.
Define a service
Create a file for your service configurations and add a service block. The service block contains the parameters that configure various aspects of the service, including how it is discovered by other services in the network. The only required parameter is name. Refer to Service Definition Reference for details about the configuration options.
For Kubernetes environments, you can enable the connectInject configuration in your Consul Helm chart so that Consul automatically adds a sidecar to each of your pods. Consul uses the Kubernetes Service definition as a reference.
The following example defines a service named redis that is available on port 80. By default, the service has the IP address of the agent node.
service.hcl
service {name = "redis"id = "redis"port = 80tags = ["primary"]meta = {custom_meta_key = "custom_meta_value"}tagged_addresses = {lan = {address = "192.168.0.55"port = 8000}wan = {address = "198.18.0.23"port = 80}}}
service.json
{"service": [{"id": "redis","meta": [{"custom_meta_key": "custom_meta_value"}],"name": "redis","port": 80,"tagged_addresses": [{"lan": [{"address": "192.168.0.55","port": 8000}],"wan": [{"address": "198.18.0.23","port": 80}]}],"tags": ["primary"]}]}
service.yaml
service:- id: redismeta:- custom_meta_key: custom_meta_valuename: redisport: 80tagged_addresses:- lan:- address: 192.168.0.55port: 8000wan:- address: 198.18.0.23port: 80tags:- primary
Health checks
You can add a check or checks block to your service configuration to define one or more health checks that monitor the health of your services. Refer to Define Health Checks for additional information.
Register a service
You can register your service using the consul services command or by calling the /agent/services API endpoint. Refer to Register Services and Health Checks for details.
Define service defaults
If Consul service mesh is enabled in your network, you can define default values for services in your mesh by creating and applying a service-defaults configuration entry containing. Refer to Service Mesh Configuration Overview for additional information.
Create a file for the configuration entry and specify the required fields. If you are authoring service-defaults in HCL or JSON, the Kind and Name fields are required. On Kubernetes, the apiVersion, kind, and metadata.name fields are required. Refer to Service Defaults Reference for details about the configuration options.
If you use Consul Enterprise, you can also specify the Namespace and Partition fields to apply the configuration to services in a specific namespace or partition. For Kubernetes environments, the configuration entry is always created in the same partition as the Kubernetes cluster.
Consul OSS example
The following example instructs services named counting to send up to 512 concurrent requests to a mesh gateway:
Kind = "service-defaults"Name = "counting"UpstreamConfig = {Defaults = {MeshGateway = {Mode = "local"}Limits = {MaxConnections = 512MaxPendingRequests = 512MaxConcurrentRequests = 512}}Overrides = [{Name = "dashboard"MeshGateway = {Mode = "remote"}}]}
apiVersion: consul.hashicorp.com/v1alpha1kind: ServiceDefaultsmetadata:name: countingspec:upstreamConfig:defaults:meshGateway:mode: locallimits:maxConnections: 512maxPendingRequests: 512maxConcurrentRequests: 512overrides:- name: dashboardmeshGateway:mode: remote
{"Kind": "service-defaults","Name": "counting","UpstreamConfig": {"Defaults": {"MeshGateway": {"Mode": "local"},"Limits": {"MaxConnections": 512,"MaxPendingRequests": 512,"MaxConcurrentRequests": 512}},"Overrides": [{"Name": "dashboard","MeshGateway": {"Mode": "remote"}}]}}
Consul Enterprise example
The following example instructs services named counting in the prod namespace to send up to 512 concurrent requests to a mesh gateway:
Kind = "service-defaults"Name = "counting"Namespace = "prod"UpstreamConfig = {Defaults = {MeshGateway = {Mode = "local"}Limits = {MaxConnections = 512MaxPendingRequests = 512MaxConcurrentRequests = 512}}Overrides = [{Name = "dashboard"MeshGateway = {Mode = "remote"}}]}
apiVersion: consul.hashicorp.com/v1alpha1kind: ServiceDefaultsmetadata:name: countingnamespace: prodspec:upstreamConfig:defaults:meshGateway:mode: locallimits:maxConnections: 512maxPendingRequests: 512maxConcurrentRequests: 512overrides:- name: dashboardmeshGateway:mode: remote
{"Kind": "service-defaults","Name": "counting","Namespace" : "prod","UpstreamConfig": {"Defaults": {"MeshGateway": {"Mode": "local"},"Limits": {"MaxConnections": 512,"MaxPendingRequests": 512,"MaxConcurrentRequests": 512}},"Overrides": [{"Name": "dashboard","MeshGateway": {"Mode": "remote"}}]}}
Apply service defaults
You can apply your service-defaults configuration entry using the consul config command or by calling the /config API endpoint. In Kubernetes environments, apply the service-defaults custom resource definitions (CRD) to implement and manage Consul configuration entries.
Refer to the following topics for details about applying configuration entries:
Define multiple services in a single file
The services block contains an array of service objects. It is a wrapper that enables you to define multiple services in the service definition and instruct Consul to expect more than just a single service configuration. As a result, you can register multiple services in a single consul services register command. Note that the /agent/service/register API endpoint does not support the services parameter.
In the following example, the service definition configures an instance of the redis service tagged as primary running on port 6000. It also configures an instance of the service tagged as secondary running on port 7000.
Multiple Service Definitions
Multiple Service Definitions
redis-services.hcl
services {id = "red0"name = "redis"tags = ["primary"]address = ""port = 6000checks = [{args = ["/bin/check_redis", "-p", "6000"]interval = "5s"timeout = "20s"}]}services {id = "red1"name = "redis"tags = ["delayed","secondary"]address = ""port = 7000checks = [{args = ["/bin/check_redis", "-p", "7000"]interval = "30s"timeout = "60s"}]}
redis-services.json
{"services": [{"id": "red0","name": "redis","tags": ["primary"],"address": "","port": 6000,"checks": [{"args": ["/bin/check_redis", "-p", "6000"],"interval": "5s","timeout": "20s"}]},{"id": "red1","name": "redis","tags": ["delayed","secondary"],"address": "","port": 7000,"checks": [{"args": ["/bin/check_redis", "-p", "7000"],"interval": "30s","timeout": "60s"}]},...]}
Modify anti-entropy synchronization
By default, the Consul agent uses anti-entropy mechanisms to maintain information about services and service health, and synchronize local states with the Consul catalog. You can enable the enable_tag_override option in the service configuration, which lets external agents change the tags for a service. This can be useful in situations where an external monitoring service needs to be the source of truth for tag information. Refer Anti-entropy for details.
Add the enable_tag_override option to the service block and set the value to true:
service {## ...enable_tag_override = true## ...}
"service": {## ..."enable_tag_override": true,## ...}
This configuration only applies to the locally registered service. Nodes that register the same service apply the enable_tag_override and other service configurations independently. The tags for a service registered on one node update are not affected by operations performed on services with the same name registered on other nodes.
Refer to enable_tag_override for additional configuration information.
Services in service mesh environments
Defining services for service mesh environments on virtual machines and in Kubernetes requires a different workflow.
Define service mesh proxies
You can register services to function as service mesh or sidecar proxies so that they can facilitate communication between other services across your network. Refer to Service Mesh Proxy Overview for additional information.
Define services in Kubernetes
You can enable the services running in Kubernetes and Consul to sync automatically. Doing so ensures that Kubernetes services are available to Consul agents and services in Consul can be available as first-class Kubernetes services. Refer to Service Sync for Consul on Kubernetes for details.
