HashiCorp-managed cluster overview
This topic provides an overview for using HashiCorp-managed server clusters in your Consul deployment.
For more information about HashiCorp-managed clusters and how they differ from self-managed clusters, refer to cluster management.
Introduction
Creating a HashiCorp-managed cluster simplifies the overall process of bootstrapping Consul servers. Additional cluster maintenance operations are also simplified through the HCP Consul UI. The HCP platform automates the following parts of a cluster's lifecycle:
- Generating and distributing a gossip key between servers
- Starting the certificate authority and distributing TLS certificates to servers
- Bootstrapping the ACL system and saving tokens to a secure Vault environment
- Rotating expired TLS certificates after expiration
- Upgrading servers to new versions of Consul
Workflow
To get started with HashiCorp-managed clusters, complete the following tasks in order:
- Create an HVN and connect it to your cloud environment. This task prepares your network so that you can establish communication between the Consul servers, which are hosted in a HashiCorp-managed environment, and your services, which are hosted in a user-managed environment. Refer to Create and Manage an HVN for more information.
- Use HCP Consul to create a HashiCorp-managed cluster. You can choose between using a guided UI workflow or generating an end-to-end Terraform configuration.
- Get credentials and URLs to access the cluster. HCP generates an admin token that you can use to view the Consul UI or make calls to the Consul HTTP API.
- Depending on whether you use VMs or Kubernetes, deploy Consul clients or deploy Consul dataplanes and register your services with the cluster.
- Create and apply service intentions to secure communication in the service mesh. For additional guidance, refer to Create and manage intentions in the Consul documentation.
Next steps
After you deploy HashiCorp-managed clusters and register services with them, consider taking the following actions in HCP Consul:
- Link a self-managed cluster to HCP Consul so that information about HashiCorp-managed and self-managed clusters are available from a central location. Linking a self-managed cluster is not required to use other HCP Consul features.
- Extend your network's service mesh by creating WAN federation or cluster peering connections between clusters. These operations can prepare your services to failover to other clusters in the event of an outage.
- Use HCP Consul Central to monitor your network and get additional insights into the state of your clusters and their registered services. HCP Consul automatically deploys a telemetry collector when you create a HashiCorp-managed cluster, providing observability into server and proxy operations.
Guidance
The following resources are available to help you use HashiCorp-managed clusters.
Concepts and reference
- Cluster management explains the difference between HashiCorp-managed clusters and self-managed clusters.
- Cluster tiers explains how the tier you select when creating a HashiCorp-managed cluster determines its multi-cloud functionality.
- Cluster configuration reference provides reference information about cluster properties, including the ports HashiCorp-managed clusters listen on.
Tutorials
- Deploy HCP Consul demonstrates the end-to-end deployment for a development tier cluster using the automated Terraform workflow.
- The following tutorials demonstrate the process to create an HVN and connect it to your cloud environment:
- The following tutorials demonstrate the process to deploy clients for services running on virtual machines:
- The following tutorials demonstrate the process to deploy dataplanes for services running on Kubernetes using Terraform:
- The following tutorials demonstrate the process to connect to services running in a Kubernetes using Helm: