Kubernetes multi data centre with consul
Install:
- Go
- CloudFlare's SSL ToolKit (
cfsslandcfssljson) - Consul
Once installed, create a workspace, configure the GOPATH and add the workspace's bin folder to your system path:
$ mkdir $HOME/go
$ export GOPATH=$HOME/go
$ export PATH=$PATH:$GOPATH/bin
Next, install the SSL ToolKit:
$ go get -u github.com/cloudflare/cfssl/cmd/cfssl
$ go get -u github.com/cloudflare/cfssl/cmd/cfssljson
Create a Certificate Authority:
$ cfssl gencert -initca certs/config/ca-csr.json | cfssljson -bare certs/caCreate the private keys and TLS certificates:
$ cfssl gencert \
-ca=certs/ca.pem \
-ca-key=certs/ca-key.pem \
-config=certs/config/ca-config.json \
-profile=default \
certs/config/consul-csr.json | cfssljson -bare certs/consulYou should now see the following PEM files within the "certs" directory:
ca-key.pem
ca.pem
consul-key.pem
consul.pem
Spin up Consul on Kubernetes:
$ sh create.shForward the port to the local machine for consul:
$ kubectl -n vault port-forward consul-1 8500:8500