We are pleased to announce the new HashiCorp Consul Service (HCS) on Azure, which is now in private beta. HCS on Azure enables Microsoft Azure customers to natively provision HashiCorp-managed Consul clusters in any Azure region directly through the Azure Marketplace. As a fully managed service, HCS on Azure lowers the barrier to entry for an organization to leverage Consul for service discovery or service mesh across a mix of VM, hybrid/on-premises, and Kubernetes environments while offloading the operational burden to the site reliability engineering (SRE) experts at HashiCorp. Azure-native identity and billing integrations enable an organization to adopt Consul without introducing any additional administrative burden.
» HashiCorp Consul: Multi-Cloud Service Networking Platform
Consul’s service networking capabilities enable an organization to connect and secure services across any runtime platform or public cloud provider. HCS on Azure enables users to more easily leverage Consul’s key capabilities, including:
Service Discovery: Provide a service registry with integrated health checking to enable any service to discover and be discovered by other services
Service Mesh: Simplify service networking by shifting core functionality from centralized middleware to the end points. Consul’s service mesh functions include:
Dynamic Traffic Management: Enable advanced traffic management to support different deployment strategies and improve application resiliency
Service Segmentation: Encrypt communications and control access across services with mutual TLS and a native Envoy integration.
Observability: Enable networking metric collection to provide insights into application behavior and performance without code modifications
Mesh Gateway: Route traffic transparently and securely across Azure regions, private data centers, and runtime environments like AKS, Azure Stack, and HashiCorp Nomad.
» HCS on Azure: How Does it Work?
HCS on Azure leverages the Azure Managed Applications platform to enable a user to natively provision Consul through the Azure console, while interfacing with the HCS control plane behind the scenes to perform the deployment and carry out all necessary operational tasks:
After subscribing to HCS on Azure within the Azure Marketplace, a user can create a Consul cluster by just selecting a few options to indicate the desired Azure region, Consul version, and network details:
Once the user initiates a cluster creation, the HCS control plane will be notified. The integration with the Azure Marketplace allows HCS to provision Consul servers directly into a resource group in the user's Azure subscription:
After the provisioning step completes, any authorized user can view and interact with Consul via the standard Consul Web UI within the Azure console:
Workflows to support backups, monitoring, federation, access control, and TLS encryption will be detailed in a future publication when HCS on Azure becomes generally available.
» Benefits for Azure Customers
HCS on Azure enables any organization that runs at least part of its infrastructure in Azure to adopt Consul with a minimum of operational overhead, which in turn enables it to increasingly focus resources on the applications and workloads that are the primary concern of the business. Integrations with Azure identity and billing systems enable a seamless Azure-native experience for existing customers, allowing them to harness HashiCorp’s operational expertise without adding any additional administrative complexity. These advantages apply to single region VM-based Azure environments in need of basic Service Discovery as well as more complex multi-environment scenarios that require Service Mesh-related features like dynamic traffic routing and service segmentation.
Consul’s Mesh Gateway feature can be particularly beneficial to users that are running multiple Kubernetes or AKS environments, enabling multi-cluster service discovery and request routing. Mesh Gateway enables secure traffic routing across environments based on the service-level identity rather the IP address. This effectively flattens the network and renders the per-environment IP address management strategy irrelevant. This pattern applies equally to any mix of VM, hybrid/on-premises, and Kubernetes environments. Kubernetes-based deployments also benefit from Consul’s support for the Microsoft Service Mesh Interface, which enables a user to define Consul Connect intentions in a custom Kubernetes resource that can be directly managed with kubectl or Helm.
» Next Steps
HCS on Azure is currently in private beta. If you are interested in participating in the private beta, you can sign up here. To sign up for status updates and to be notified as HCS develops, please visit the HCS on Azure landing page. If you are new to HashiCorp Consul, please visit the Consul Learn Documentation to get started!