Skip to content

Explore other options for running the consul agent in Kubernetes

Currently we run a standard client configuration of consul in our Kubernetes clusters. We are seeing some awkward behavior related to service discover for our rails applications: gitlab-org/gitlab#271575 (closed)

Utilize this issue to explore other methods of running Consul. There are two primary items identified, though more may be available:

  1. Instead of using a Service endpoint, could we switch to using the hostNetwork
  2. Determine if we can leverage consul's ability to inject its knowledge into Kubernetes, which should provide us with the ability to leverage kube-dns for lookups instead of consul
  3. sidecar?
  4. removing the client from Kubernetes and using the consul cluster itself?
  5. ...

All options need to be vetted and explored to determine security implications, configuration management and rotation into this service without an outage, etc.