Today we are pleased to announce the re-launching of the HashiCorp Consul on AWS Quick Start Guide. AWS Quick Start guides are built by AWS solutions architects and partners to help users deploy technologies on AWS, based on AWS best practices for security and high availability. The Consul guide helps users learn and implement an open-source Consul cluster in an AWS environment. This guide has been updated to include the latest version of Consul and incorporates important features that have been added since the previous version of this guide was published. In this blog, we’ll explain which features have been added to the guide and the benefits they provide.
» ACM Private CA for Load Balancers Support
Consul’s 1.7 release included support for the AWS Certificate Manager (ACM) Private Certificate Authority. Consul users now have the ability to leverage ACM Private CA as its Certificate Authority provider for providing and managing root and intermediate certificates for performing certificate signing operations. In the case of this guide, users will secure incoming traffic to the VPC through a Classic Load Balancer, deployed with the guide, with a certificate from ACM Private CA. If users have another trusted Certificate Authority that they are using, there is also an option to provide a different Secure Sockets Layer (SSL). Implementing this trusted connection point is a critical component of enabling AWS’s autoscaling capabilities.
» Consul Autopilot Feature
Consul’s Autopilot feature enables users to automate the management of their Consul servers. It provides cleanup of older, unused servers, monitors the state of the Raft cluster, and introduces new, stable servers, as needed. The Consul configuration that is deployed with this guide has been updated to include Autopilot being enabled by default with set configurations for server clean up, stabilization, redundancy zones, and health checking. These configurations can be updated via the
set-config subcommand once the Consul cluster has been configured.
» Consul Connect Service Mesh
Consul’s service mesh capabilities were introduced in the 1.2 release. Since that time, there have been many improvements to Consul that have enabled it to become a robust service mesh provider. By default in this guide, Consul Connect has been enabled to make it easier for users to start using the capabilities of Connect service mesh immediately. However, while the Connect feature has been enabled, services still need to be registered with Consul’s proxies in order to implement intentions for controlling service-to-service traffic. For more information about Connect service mesh, read the documentation or follow the Learn guides.
These guides were completed thanks to the collaboration we had with the Quick Start team at AWS. They make it simple for users to get started using Consul for the first time or for deploying it into their existing environment. The goal for updating these guides is to ensure that users are aware of the latest features that Consul is offering. To get started using this guide, visit the Quick Start page.
For more information about Consul, please visit our product page.