Connecting Services in an Azure Hub and Spoke topology with HashiCorp Consul Service on Azure
Aug 31, 2020
Learn how managed Consul on Azure (HCS) pairs well with the Azure Hub and Spoke topology pre-made setup.
- Joseph ColandroSr. Solutions Engineer
Patterns are beginning to emerge for how large enterprises are architecting cloud networking. The hub and spoke topology from the ancient days of layer 2 network design has made a resurgence and is a very common deployment pattern. It’s often recommended by Microsoft Azure solutions architects to simplify how you connect applications, shared services, and users in Azure.
The challenge for the network operators becomes how to securely enable spoke to spoke communication or spoke to shared services within the hub while maintaining the required isolation of each spoke. Typically this would have to be accomplished via firewall rules within the hub and routes on the VNG, leading to many of the same challenges faced in on-prem networking services- extended time to make changes to the network or implement new patterns.
Consul & Hub + Spoke
HashiCorp Consul provides an elegant solution for connecting services, both VM-based and in Kubernetes, across typical network boundaries. This becomes even simpler with the introduction of the HashiCorp Consul Service (HCS), a managed service for Consul Enterprise, delivered natively from Microsoft Azure Cloud. In this webinar, you'll see how HCS can connect services across a typical Azure hub and spoke network topology including AKS clusters and VM-based applications.
For a written overview of this webinar's first half, read the companion blog: HashiCorp Consul Service for Azure in Hub and Spoke Topologies
0:00 — The Value of Consul
8:40 — The Azure Hub and Spoke Network Architecture
13:45 — Intro to HashiCorp Consul Service (HCS) on Azure
22:06 — Demo: Connecting Services in an Azure Hub and Spoke topology with HCS
32:12 — Live Q&A
- Is the HCS Consul service planning to be available within Oracle Cloud?
- Is there any other way to authenticate with Consul other than ACL tokens?
- What is the latency effect of routing traffic through proxies?
- How are the certs managed within mTLS — automatically for expiry and refresh?
- What is the deployment process for the HCS cluster?