# Copyright (c) HashiCorp, Inc. # SPDX-License-Identifier: MPL-2.0 # Full configuration options can be found at https://www.consul.io/docs/agent/config # datacenter # This flag controls the datacenter in which the agent is running. If not provided, # it defaults to "dc1". Consul has first-class support for multiple datacenters, but # it relies on proper configuration. Nodes in the same datacenter should be on a # single LAN. #datacenter = "my-dc-1" # data_dir # This flag provides a data directory for the agent to store state. This is required # for all agents. The directory should be durable across reboots. This is especially # critical for agents that are running in server mode as they must be able to persist # cluster state. Additionally, the directory must support the use of filesystem # locking, meaning some types of mounted folders (e.g. VirtualBox shared folders) may # not be suitable. data_dir = "/opt/consul" # client_addr # The address to which Consul will bind client interfaces, including the HTTP and DNS # servers. By default, this is "127.0.0.1", allowing only loopback connections. In # Consul 1.0 and later this can be set to a space-separated list of addresses to bind # to, or a go-sockaddr template that can potentially resolve to multiple addresses. #client_addr = "0.0.0.0" # ui # Enables the built-in web UI server and the required HTTP routes. This eliminates # the need to maintain the Consul web UI files separately from the binary. # Version 1.10 deprecated ui=true in favor of ui_config.enabled=true #ui_config{ # enabled = true #} # server # This flag is used to control if an agent is in server or client mode. When provided, # an agent will act as a Consul server. Each Consul cluster must have at least one # server and ideally no more than 5 per datacenter. All servers participate in the Raft # consensus algorithm to ensure that transactions occur in a consistent, linearizable # manner. Transactions modify cluster state, which is maintained on all server nodes to # ensure availability in the case of node failure. Server nodes also participate in a # WAN gossip pool with server nodes in other datacenters. Servers act as gateways to # other datacenters and forward traffic as appropriate. #server = true # Bind addr # You may use IPv4 or IPv6 but if you have multiple interfaces you must be explicit. #bind_addr = "[::]" # Listen on all IPv6 #bind_addr = "0.0.0.0" # Listen on all IPv4 # # Advertise addr - if you want to point clients to a different address than bind or LB. #advertise_addr = "127.0.0.1" # Enterprise License # As of 1.10, Enterprise requires a license_path and does not have a short trial. #license_path = "/etc/consul.d/consul.hclic" # bootstrap_expect # This flag provides the number of expected servers in the datacenter. Either this value # should not be provided or the value must agree with other servers in the cluster. When # provided, Consul waits until the specified number of servers are available and then # bootstraps the cluster. This allows an initial leader to be elected automatically. # This cannot be used in conjunction with the legacy -bootstrap flag. This flag requires # -server mode. #bootstrap_expect=3 # encrypt # Specifies the secret key to use for encryption of Consul network traffic. This key must # be 32-bytes that are Base64-encoded. The easiest way to create an encryption key is to # use consul keygen. All nodes within a cluster must share the same encryption key to # communicate. The provided key is automatically persisted to the data directory and loaded # automatically whenever the agent is restarted. This means that to encrypt Consul's gossip # protocol, this option only needs to be provided once on each agent's initial startup # sequence. If it is provided after Consul has been initialized with an encryption key, # then the provided key is ignored and a warning will be displayed. #encrypt = "..." # retry_join # Similar to -join but allows retrying a join until it is successful. Once it joins # successfully to a member in a list of members it will never attempt to join again. # Agents will then solely maintain their membership via gossip. This is useful for # cases where you know the address will eventually be available. This option can be # specified multiple times to specify multiple agents to join. The value can contain # IPv4, IPv6, or DNS addresses. In Consul 1.1.0 and later this can be set to a go-sockaddr # template. If Consul is running on the non-default Serf LAN port, this must be specified # as well. IPv6 must use the "bracketed" syntax. If multiple values are given, they are # tried and retried in the order listed until the first succeeds. Here are some examples: #retry_join = ["consul.domain.internal"] #retry_join = ["10.0.4.67"] #retry_join = ["[::1]:8301"] #retry_join = ["consul.domain.internal", "10.0.4.67"] # Cloud Auto-join examples: # More details - https://www.consul.io/docs/agent/cloud-auto-join #retry_join = ["provider=aws tag_key=... tag_value=..."] #retry_join = ["provider=azure tag_name=... tag_value=... tenant_id=... client_id=... subscription_id=... secret_access_key=..."] #retry_join = ["provider=gce project_name=... tag_value=..."]