Add TLS support for Consul discovery + refactoring #405

Merged
lx merged 5 commits from consul-tls into main 2022-10-18 20:20:55 +00:00
3 changed files with 8 additions and 8 deletions
Showing only changes of commit 8bc5caf7aa - Show all commits

View file

@ -33,7 +33,7 @@ bootstrap_peers = [
[consul_discovery]
consul_host = "consul.service"
consul_http_addr = "http://127.0.0.1:8500"
service_name = "garage-daemon"
ca_cert = "/etc/consul/consul-ca.crt"
client_cert = "/etc/consul/consul-client.crt"
@ -306,9 +306,9 @@ Garage supports discovering other nodes of the cluster using Consul. For this
to work correctly, nodes need to know their IP address by which they can be
reached by other nodes of the cluster, which should be set in `rpc_public_addr`.
### `consul_host` and `service_name`
### `consul_http_addr` and `service_name`
The `consul_host` parameter should be set to the full HTTP(S) address of the Consul server.
The `consul_http_addr` parameter should be set to the full HTTP(S) address of the Consul server.
### `service_name`

View file

@ -100,8 +100,8 @@ impl ConsulDiscovery {
pub async fn get_consul_nodes(&self) -> Result<Vec<(NodeID, SocketAddr)>, ConsulError> {
let url = format!(
"http://{}/v1/catalog/service/{}",
self.config.consul_host, self.config.service_name
"{}/v1/catalog/service/{}",
self.config.consul_http_addr, self.config.service_name
);
let http = self.client.get(&url).send().await?;
@ -158,7 +158,7 @@ impl ConsulDiscovery {
},
};
let url = format!("http://{}/v1/catalog/register", self.config.consul_host);
let url = format!("{}/v1/catalog/register", self.config.consul_http_addr);
let http = self.client.put(&url).json(&advertisement).send().await?;
http.error_for_status()?;

View file

@ -128,8 +128,8 @@ pub struct AdminConfig {
#[derive(Deserialize, Debug, Clone)]
pub struct ConsulDiscoveryConfig {
/// Consul host to connect to to discover more peers
pub consul_host: String,
/// Consul http or https address to connect to to discover more peers
pub consul_http_addr: String,
/// Consul service name to use
pub service_name: String,
/// CA TLS certificate to use when connecting to Consul