mirror of
https://github.com/status-im/consul.git
synced 2025-01-24 12:40:17 +00:00
d0cd720ea9
* docs/nia: scheduled tasks Add basic scheduled task documentation * Add source input documentation Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com> * Fix some links * Update Optional Input Variables section * Apply suggestions from code review Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com> * Add source input documentation Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com> * updated docs with new "source input" terminology where necessary * Apply suggestions from code review applied Karl's recommendations Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> * addressed code review comments - added rendered input examples to terraform-modules.mdx - added hyperlinks to terraform-modules.mdx in configuration.mdx - re-worded initial description of Services Source Input in terraform-modules.mdx * addressed code review comments - fixed spacing of regexp parameter for services source input - reworded description of source input in terraform-modules.mdx * Update from feedback - Add "currently" to clarify source input is currently only supported with schedule condition - Reword inspect mode behavaior for scheduled tasks Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com> Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com> Co-authored-by: Michael Wilkerson <mwilkerson@hashicorp.com> Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
61 lines
2.6 KiB
Plaintext
61 lines
2.6 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Architecture
|
|
description: >-
|
|
Consul-Terraform-Sync Architecture
|
|
---
|
|
|
|
# Consul-Terraform-Sync Architecture
|
|
|
|
Consul-Terraform-Sync is a service-oriented tool for managing
|
|
network infrastructure near real-time. Consul-Terraform-Sync runs as a daemon
|
|
and integrates the network topology maintained by your Consul cluster with your
|
|
network infrastructure to dynamically secure and connect services.
|
|
|
|
## 10,000 Foot View
|
|
|
|
[![Consul-Terraform-Sync Architecture](/img/nia-highlevel-diagram.svg)](/img/nia-highlevel-diagram.svg)
|
|
|
|
The diagram shows Consul-Terraform-Sync monitoring the Consul service catalog
|
|
for updates and utilizing Terraform to update the state of the infrastructure.
|
|
|
|
There are two principal aspects of Sync to know about corresponding to the
|
|
lines to Consul and Terraform in the diagram above. The line to Consul
|
|
represents the Watchers monitoring the state of Consul's service catalog (and
|
|
possibly KV store) while the line to Terraform represents tasks being run to
|
|
update the infrastructure.
|
|
|
|
## Watcher and Views
|
|
|
|
Consul-Terraform-Sync monitors Consul for updates utilizing Consul's [Blocking
|
|
Queries](/api-docs/features/blocking) whenever supported, falling back on
|
|
polling when not. The watcher maintains a separate thread (known internally as
|
|
a view) for each value monitored, running any tasks that depend on that watched
|
|
value whenever it's updated. Say, for example, running a task to update a
|
|
proxy when an instance goes unhealthy.
|
|
|
|
## Tasks
|
|
|
|
A task is the action triggered by the updated data monitored in Consul. It
|
|
takes the dynamic service data and translates it into a call to the
|
|
infrastructure application to configure it with the updates. It uses a driver
|
|
to push out these updates, the initial driver being a local Terraform run. An
|
|
example of a task is to automate a firewall security policy rule with
|
|
discovered IP addresses for a set of Consul services.
|
|
|
|
## Drivers
|
|
|
|
A driver encapsulates the resources required to communicate the updates to the
|
|
network infrastructure. The following [drivers](/docs/nia/network-drivers#terraform) are supported:
|
|
|
|
- Terraform driver
|
|
- Terraform Cloud driver<EnterpriseAlert inline />
|
|
|
|
Each driver includes a set of providers that [enables support](/docs/nia/terraform-modules) for a wide variety of infrastructure applications.
|
|
|
|
## Security Guidelines
|
|
|
|
The [Secure Consul-Terraform-Sync for Production](https://learn.hashicorp.com/tutorials/consul/consul-terraform-sync-secure?utm_source=WEBSITE&utm_medium=WEB_IO&utm_offer=ARTICLE_PAGE&utm_content=DOCS)
|
|
tutorial contains a checklist of best practices to secure your
|
|
Consul-Terraform-Sync installation for a production environment.
|