Securing Consul Server Nodes

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this lab you will be tasked with enabling encryption between the 3 provided Consul server agents. These supplied servers are already configured as server agents and will already be in a cluster. Your task is to enable the encryption between the 3 nodes and test to ensure the encryption is working and the agents can all see each other in the cluster.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Check and Ensure All Agents Are Part of the Same Cluster
  1. Use a command such as consul members to ensure that all the agents provided are connected and part of the same cluster.
Configure All the Server Agents to Use Gossip Encryption
  1. Create a key for use with the gossip encryption.
  2. Configure all the Consul server agents to use this key.
  3. Restart all the Consul server agents.
Test All the Consul Servers to Ensure Encryption Is Being Used
  1. Check the logs to ensure the encryption is being used.

Additional Resources

You have 3 servers running the Consul agent in server mode and you noticed that none of them are using gossip to encrypt their communications between each other.

You know this should be enabled for all the Consul agents in your datacenter, so you intend to fix this and make it secure.

You will go to each of the servers and do what is required to enable the gossip encryption for their communications.

One this has been completed, you should check to ensure it is working by using a consul command that can give you this information.

If one or more of the agents are not using gossip, you will need to troubleshoot the cause.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?