cdist-type__consul_agent - Manage the consul agent
Configure and manage the consul agent.
- acl-datacenter
- only used by servers. This designates the datacenter which is
authoritative for ACL information.
- acl-default-policy
- either "allow" or "deny"; defaults to
"allow". The default policy controls the behavior of a token
when there is no matching rule.
- acl-down-policy
- either "allow", "deny" or "extend-cache";
"extend-cache" is the default.
- acl-master-token
- only used for servers in the acl_datacenter. This token will be created
with management-level permissions if it does not exist. It allows
operators to bootstrap the ACL system with a token ID that is
well-known.
- acl-token
- when provided, the agent will use this token when making requests to the
Consul servers.
- acl-ttl
- used to control Time-To-Live caching of ACLs.
- bind-addr
- sets the bind address for cluster communication
- bootstrap-expect
- sets server to expect bootstrap mode
- ca-file-source
- path to a PEM encoded certificate authority file which will be uploaded
and configure using the ca_file config option.
- cert-file-source
- path to a PEM encoded certificate file which will be uploaded and
configure using the cert_file config option.
- client-addr
- sets the address to bind for client access
- datacenter
- datacenter of the agent
- encrypt
- provides the gossip encryption key
- group
- the primary group for the agent
- json-config
- path to a partial json config file without leading { and trailing }. If
json-config is '-' (dash), take what was written to stdin as the file
content.
- key-file-source
- path to a PEM encoded private key file which will be uploaded and
configure using the key_file config option.
- node-name
- name of this node. Must be unique in the cluster
- retry-join
- address to attempt joining every retry_interval until at least one join
works. Can be specified multiple times.
- user
- the user to run the agent as
- state
- if the agent is 'present' or 'absent'. Defaults to 'present'. Currently
state=absent is not working due to some dependency issues.
# configure as server, bootstrap and rejoin
hostname="$(cat "$__global/explorer/hostname")"
__consul_agent \
--datacenter dc1 \
--node-name "${hostname%%.*}" \
--disable-update-check \
--server \
--rejoin-after-leave \
--bootstrap-expect 3 \
--retry-join consul-01 \
--retry-join consul-02 \
--retry-join consul-03
# configure as server, bootstrap and rejoin with ssl support
hostname="$(cat "$__global/explorer/hostname")"
__consul_agent \
--datacenter dc1 \
--node-name "${hostname%%.*}" \
--disable-update-check \
--server \
--rejoin-after-leave \
--bootstrap-expect 3 \
--retry-join consul-01 \
--retry-join consul-02 \
--retry-join consul-03 \
--ca-file-source /path/to/ca.pem \
--cert-file-source /path/to/cert.pem \
--key-file-source /path/to/key.pem \
--verify-incoming \
--verify-outgoing
# configure as client and try joining existing cluster
__consul_agent \
--datacenter dc1 \
--node-name "${hostname%%.*}" \
--disable-update-check \
--retry-join consul-01 \
--retry-join consul-02 \
--retry-join consul-03
consul documentation at:
<http://www.consul.io/docs/agent/options.html>.
Steven Armstrong <steven-cdist--@--armstrong.cc>
Copyright (C) 2015 Steven Armstrong. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.