Secure Consul and Registered Services on Kubernetes
Recently, we released a new hands-on tutorial for Securing Consul and Registered Services on Kubernetes using the official HashiCorp Consul Helm chart for Kubernetes.
In this tutorial, you will:
- Review the types of Consul service mesh traffic
- Install an unsecured Consul service mesh on Kubernetes for development or debugging
- Verify that gossip encryption, TLS, and ACLs are not enabled
- Upgrade the installation to enable gossip encryption, TLS, and ACLs
- Verify that gossip encryption, TLS, and ACLs are enabled
- Deploy two example services to the service mesh
- Configure zero-trust networking using Consul intentions
»HashiCorp Consul with Kubernetes
Consul has a set of features to support first-class integration with Kubernetes. The official Helm Chart simplifies the deployment and maintenance of Consul on Kubernetes. The gossipEncryption, enableAutoEncrypt, and manageSystemACLs features along with Consul intentions, enable a low touch security configuration process.
In addition to enhanced features, the integration extends the scalability and simplicity of Consul to Kubernetes. Consul is a universal service mesh that can securely connect services within and beyond Kubernetes, creating a seamless experience.
»What’s next
Try the new HashiCorp Learn tutorial on a local Kubernetes cluster.
Sign up for the latest HashiCorp news
More blog posts like this one
Introducing The Infrastructure Cloud
Do cloud right with The Infrastructure Cloud from HashiCorp. Unlock developer potential while controlling cloud costs and risk.
A blueprint for cloud success with HashiCorp at Google Cloud Next
A recap of HashiCorp infrastructure and security news and developments from Google Cloud Next, from scaling infrastructure as code to fighting secrets sprawl and more.
Seamlessly migrate from Consul service discovery to service mesh
Try this example method for transitioning from Consul service discovery to service mesh without affecting uptimes or development teams.