consul/website/content/docs/enterprise/index.mdx

151 lines
11 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: docs
page_title: Consul Enterprise
description: >-
Consul Enterprise is a paid offering that extends Consuls open source functions to support large and complex deployments. Learn about scaling infrastructure, simplifying operations, and making networks more resilient with Enterprise.
---
# Consul Enterprise
[Consul Enterprise](https://www.hashicorp.com/products/consul/)
features address the organizational complexities of collaboration, operations, scale, and governance.
If you have purchased or wish to try out Consul Enterprise,
refer to [how to access Consul Enterprise](#access-consul-enterprise).
## Enterprise Features
The following features are [available in several forms of Consul Enterprise](#consul-enterprise-feature-availability).
### Multi-Tenancy
- [Admin Partitions](/docs/enterprise/admin-partitions): Define administrative boundaries between tenants within a single Consul datacenter
- [Namespaces](/docs/enterprise/namespaces): Define resource boundaries within a single admin partition for further organizational flexibility
### Resiliency
- [Automated Backups](/docs/enterprise/backups): Configure the automatic backup of Consul state
- [Redundancy Zones](/docs/enterprise/redundancy): Deploy backup voting Consul servers to efficiently improve Consul fault tolerance
### Scalability
- [Read Replicas](/docs/enterprise/read-scale): Deploy non-voting Consul servers to enhance the scalability of read requests
### Operational Simplification
- [Automated Upgrades](/docs/enterprise/upgrades): Ease upgrades by automating the transition from existing to newly deployed Consul servers
- [Consul-Terraform-Sync Enterprise](/docs/nia/enterprise): Leverage the enhanced network infrastructure automation capabilities of the enterprise version of Consul-Terraform-Sync
### Complex Network Topology Support
- [Network Areas](/docs/enterprise/federation): Support complex network topologies between federated Consul datacenters with pairwise federation rather than full mesh federation
- [Network Segments](/docs/enterprise/network-segments): Support complex network topologies within a Consul datacenter by enforcing boundaries in Consul client gossip traffic
### Governance
- [OIDC Auth Method](/docs/security/acl/auth-methods/oidc): Manage user access to Consul through an OIDC identity provider instead of Consul ACL tokens directly
- [Audit Logging](/docs/enterprise/audit-logging): Understand Consul access and usage patterns by reviewing access to the Consul HTTP API
- [Sentinel for KV](/docs/enterprise/sentinel): Policy-as-code framework for defining advanced key-value storage access control policies
## Access Consul Enterprise
The method of accessing Consul Enterprise and its features depends on the whether using
HashiCorp Cloud Platform or self-managed Consul.
### HCP Consul
No action is required to access Consul Enterprise in a
[HashiCorp Cloud Platform](https://cloud.hashicorp.com/products/consul) installation.
You can try out HCP Consul for free. Refer to the
[HCP Consul product page](https://cloud.hashicorp.com/products/consul) for more details.
### Self-Managed Consul
To access Consul Enterprise in a self-managed installation,
[apply a purchased license](/docs/enterprise/license/overview)
to the Consul Enterprise binary that grants access to the desired features.
You can also try out Consul Enterprise before purchasing by
[requesting a 30-day trial license](https://www.hashicorp.com/products/consul/trial).
## Consul Enterprise Feature Availability
The Consul Enterprise features that are available depend on your license and the runtimes you use in your deployment.
### Feature availability by license
Available Enterprise features per Consul form and license include:
| Feature | [HashiCorp Cloud Platform (HCP) Consul] | [Consul Enterprise] | Legacy Consul Enterprise (module-based) |
| -------------------------------------------------------- | --------------------------------------- | ------------------- | ------------------------------------------------- |
| Consul servers as a managed service | Yes | No (self-managed) | No (self-managed) |
| [Admin Partitions](/docs/enterprise/admin-partitions) | All tiers | Yes | With Governance and Policy module |
| [Audit Logging](/docs/enterprise/audit-logging) | Standard tier and above | Yes | With Governance and Policy module |
| [Automated Server Backups](/docs/enterprise/backups) | All tiers | Yes | Yes |
| [Automated Server Upgrades](/docs/enterprise/upgrades) | All tiers | Yes | Yes |
| [Consul-Terraform-Sync Enterprise](/docs/nia/enterprise) | All tiers | Yes | Yes |
| [Enhanced Read Scalability](/docs/enterprise/read-scale) | No | Yes | With Global Visibility, Routing, and Scale module |
| [Namespaces](/docs/enterprise/namespaces) | All tiers | Yes | With Governance and Policy module |
| [Network Areas](/docs/enterprise/federation) | No | Yes | With Global Visibility, Routing, and Scale module |
| [Network Segments](/docs/enterprise/network-segments) | No | Yes | With Global Visibility, Routing, and Scale module |
| [OIDC Auth Method](/docs/security/acl/auth-methods/oidc) | No | Yes | Yes |
| [Redundancy Zones](/docs/enterprise/redundancy) | Not applicable | Yes | With Global Visibility, Routing, and Scale module |
| [Sentinel for KV](/docs/enterprise/sentinel) | All tiers | Yes | With Governance and Policy module |
[HashiCorp Cloud Platform (HCP) Consul]: https://cloud.hashicorp.com/products/consul
[Consul Enterprise]: https://www.hashicorp.com/products/consul/
### Feature availability by runtime
Consul Enterprise feature availability can change depending on your server and client agent runtimes.
<Tabs>
<Tab heading="Server Runtime: VMs">
| Enterprise Feature | VM Client | K8s Client | ECS Client |
| ----------------------------------------------------------------------- | :-------: | :--------: | :--------: |
| [Admin Partitions](/consul/docs/enterprise/admin-partitions) | &#9989; | &#9989; | &#9989; |
| [Audit Logging](/consul/docs/enterprise/audit-logging) | &#9989; | &#9989; | &#9989; |
| [Automated Server Backups](/consul/docs/enterprise/backups) | &#9989; | &#9989; | &#9989; |
| [Automated Server Upgrades](/consul/docs/enterprise/upgrades) | &#9989; | &#9989; | &#9989; |
| [Enhanced Read Scalability](/consul/docs/enterprise/read-scale) | &#9989; | &#9989; | &#9989; |
| [Namespaces](/consul/docs/enterprise/namespaces) | &#9989; | &#9989; | &#9989; |
| [Network Areas](/consul/docs/enterprise/federation) | &#9989; | &#9989; | &#9989; |
| [Network Segments](/consul/docs/enterprise/network-segments) | &#9989; | &#10060; | &#10060; |
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | &#9989; | &#9989; | &#9989; |
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | &#9989; | &#9989; | &#9989; |
| [Sentinel ](/consul/docs/enterprise/sentinel) | &#9989; | &#9989; | &#9989; |
</Tab>
<Tab heading="Server Runtime: Kubernetes">
| Enterprise Feature | VM Client | K8s Client | ECS Client |
| ----------------------------------------------------------------------- | :-------: | :--------: | :--------: |
| [Admin Partitions](/consul/docs/enterprise/admin-partitions) | &#9989; | &#9989; | &#10060; |
| [Audit Logging](/consul/docs/enterprise/audit-logging) | &#9989; | &#9989; | &#10060; |
| [Automated Server Backups](/consul/docs/enterprise/backups) | &#9989; | &#9989; | &#10060; |
| [Automated Server Upgrades](/consul/docs/enterprise/upgrades) | &#10060; | &#10060; | &#10060; |
| [Enhanced Read Scalability](/consul/docs/enterprise/read-scale) | &#10060; | &#10060; | &#10060; |
| [Namespaces](/consul/docs/enterprise/namespaces) | &#9989; | &#9989; | &#10060; |
| [Network Areas](/consul/docs/enterprise/federation) | &#9989; | &#9989; | &#10060; |
| [Network Segments](/consul/docs/enterprise/network-segments) | &#10060; | &#10060; | &#10060; |
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | &#9989; | &#9989; | &#10060; |
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | &#10060; | &#10060; | &#10060; |
| [Sentinel ](/consul/docs/enterprise/sentinel) | &#9989; | &#9989; | &#10060; |
</Tab>
<Tab heading ="Server Runtime: HCP">
| Enterprise Feature | VM Client | K8s Client | ECS Client |
| ----------------------------------------------------------------------- | :-------: | :--------: | :--------: |
| [Admin Partitions](/consul/docs/enterprise/admin-partitions) | &#9989; | &#9989; | &#9989; |
| [Audit Logging](/consul/docs/enterprise/audit-logging) | &#9989; | &#9989; | &#9989; |
| [Automated Server Backups](/consul/docs/enterprise/backups) | &#9989; | &#9989; | &#9989; |
| [Automated Server Upgrades](/consul/docs/enterprise/upgrades) | &#9989; | &#9989; | &#9989; |
| [Enhanced Read Scalability](/consul/docs/enterprise/read-scale) | &#10060; | &#10060; | &#10060; |
| [Namespaces](/consul/docs/enterprise/namespaces) | &#9989; | &#9989; | &#9989; |
| [Network Areas](/consul/docs/enterprise/federation) | &#10060; | &#10060; | &#10060; |
| [Network Segments](/consul/docs/enterprise/network-segments) | &#10060; | &#10060; | &#10060; |
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | &#10060; | &#10060; | &#10060; |
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | n/a | n/a | n/a |
| [Sentinel ](/consul/docs/enterprise/sentinel) | &#9989; | &#9989; | &#9989; |
</Tab>
</Tabs>