Configuring Third-Party Load Balancers with Consul: NGINX, HAProxy, F5
In a monolithic environment manually configuring load balancers is fairly straightforward, but as you transition to dynamic infrastructure or microservices, it becomes more painful. Suddenly instead of having as many static IP addresses as you have application instances, you are faced with tens, hundreds, or thousands of IP addresses per service, which change on the order of days, or even hours. This situation is impossible to maintain manually, but Consul can automate it.
Consul can dynamically configure third-party load balancers with a list of IPs for each service and update that list automatically. We currently have documented integration examples for NGINX, HAProxy, and F5, each of which demonstrates a different method of integration.
Consul’s flexibility makes it possible to configure most applications, including load balancers, with service discovery data as well as key-value data. Let’s look at some examples of our load balancer integrations.
» NGINX integration using Consul Template
Consul Template is a tool based on Go templates that takes an input file, populates it with data from Consul, outputs an application configuration file when that data changes, and can execute an arbitrary command to trigger its target service to reload the configuration.
Consul Template can update NGINX configuration with the list of IP addresses for a given service. You can also use it to update other configuration stored in Consul as key-value pairs. Try out our NGINX integration by following the Learn guide.
Load Balancing with NGINX and Consul Template
NGINX Plus has direct integration with Consul DNS and doesn’t require running Consul Template. Keep an eye out for the guide, coming soon.
» HAProxy Native Integration with Consul DNS
HAProxy version 1.8+ (LTS) includes server-template, which lets users specify placeholder backend servers to populate HAProxy’s load balancing pools. Server-template can use Consul as one of these backend servers, requesting SRV records from Consul DNS. Follow the below guide to try out the HAProxy integration.
Load Balancing with HAProxy Service Discovery Integration
» F5 BIG-IP Integration with Consul’s HTTP API via AS3
F5 BIG-IP is an application service platform that offers sophisticated load balancing and traffic visibility, among other features. Application Services 3 (AS3) is an extension to BIG-IP that makes programmatic API calls to other services. In this case, AS3 queries the Consul HTTP API for service instances on a set interval and uses the returned IP addresses to update BIG-IP’s instance pool. Consul is designed for programmatic interaction and you access almost all of its functionality via the HTTP API.
Explore the integration by following our step-by-step command line guide, or if you aren’t ready to try it out yourself, watch the included webinar recording.
Load Balancing with F5 and Consul
» Learn More
As you can see, Consul integrates with a wide range of load balancers and offers a number of interfaces for application integration. If you’d like to configure a service using data from Consul, the easiest place to start is with Consul Template. For the richest experience, the HTTP API is documented here.
Sign up for the latest HashiCorp news
More blog posts like this one
HashiCorp at AWS re:Invent: Your blueprint to cloud success
If you’re attending AWS re:Invent in Las Vegas, Dec. 2 - Dec. 6th, visit us for breakout sessions, expert talks, and product demos to learn how to take a unified approach to Infrastructure and Security Lifecycle Management.
Consul 1.20 improves multi-tenancy, metrics, and OpenShift deployment
HashiCorp Consul 1.20 is a significant upgrade for the Kubernetes operator and developer experience, including better multi-tenant service discovery, catalog registration metrics, and secure OpenShift integration.
New SLM offerings for Vault, Boundary, and Consul at HashiConf 2024 make security easier
The latest Security Lifecycle Management (SLM) features from HashiCorp Vault, Boundary, and Consul help organizations offer a smoother path to better security practices for developers.