Recently, we released a set of new hands-on tutorials for deploying and using the HashiCorp Consul service mesh capabilities on Kubernetes. In the series you'll learn how to:
- Use the service mesh features and benefits of Consul.
- Configure and deploy Consul with the official Helm chart.
- Deploy microservices into the Consul service mesh.
- Secure service-to-service communication with sidecar proxies and intentions.
» Consul service mesh introduction
Microservices architectures and cloud infrastructures offer new approaches and complications to networking. Consul's service mesh solution makes no assumptions about the underlying network and uses a software approach with a focus on simplicity and broad compatibility which allows you to more easily address the new networking complication.
The two main feature sets that reduce networking complexity are service discovery and deployment of applications into a zero-trust network.
» Secure service-to-service communication
Consul service mesh allows you to deploy applications into a zero-trust network. A zero-trust network is a network where nothing is trusted automatically: all connections must be verified and authorized.
Securing applications in Consul's service mesh to create a zero-trust network is a two-step process. The first is to deploy service sidecar proxies with each service. The sidecar proxies ensure that the communication between your services is automatically verified and encrypted using mutual TLS (mTLS). The second step is to ensure all connections are authorized by creating Consul intentions. Intentions define service-to-service communication permission by service name.
» What's next?
Try the new HashiCorp Learn guides on a local Kubernetes cluster.