Adding Telemetry Logging, TLS for UI and RPC Encryption to Consul

This article follows my last post on Installing a Production Ready Consul cluster. This article will touch on Adding SSL/TLS to the Consul api/ui, telemetry backend and encrypting RPC traffic.

Consul’s telemetry function collects various runtime metrics in regards to the performance of various libraries and subsystems. The metrics are aggregated on a ten second interval and have a one minute retention. These metrics can be used for debugging or getting a better view of what Consul is doing.

Continue reading Adding Telemetry Logging, TLS for UI and RPC Encryption to Consul

Installing a production HA Consul cluster

HashiCorp’s Consul is a tool for discovering and configuring services in your infrastructure.  It can provide Service Discovery, Health Checking, Key/Value Store and Multi-Datacenter support.

Consul is a distributed, highly available system.  Consul runs agents of systems providing services to consul.

Continue reading Installing a production HA Consul cluster

Managing EC2 Security Groups with SaltStack and Python Part 1

This is the first in a series of posts related to automating the management and auditing of AWS EC2 Security Groups.  This first post will cover how to use SaltStack state files to maintain your security group rules.  In the second post, we will use python to populate a database that contains instances. groups, rules and their associations.  In the final post, we will create a CLI that will allow you to add/remove rules to security groups and it will push all changes to AWS.

Assumptions

I assume you already have a salt master server setup and understand the basics of using Saltstack.  It is beyond the scope of this series of posts to cover installing and/or configuring a salt master.  If you have not done this yet or need some additional info on using SaltStack, please visit their official Walk-through.

Continue reading Managing EC2 Security Groups with SaltStack and Python Part 1