Secure Service Communication with Consul Service Mesh and Envoy

Question 1

In addition to securing your services, Consul service mesh can also intercept_and surface it to _.

Answer 1

data about service-to-service communications

monitoring tools

Question 2

What is the sidecar pattern?

Answer 2

Is when you build all the peripheral tasks aside your application. So this can be maintained separately and connect to the application.

Question 3

Intentions define _ in the service mesh and are used to _. The default intention behavior is defined by thedefault ACL policy.

Answer 3

access control for services

control which services may establish connections

Question 4

Create a intention between dashboard and counting

Answer 4

consul intention create dashboard counting

Question 5

Start the built-in sidecar proxy for the counting service.

Answer 5

consul connect proxy -sidecar-for counting-1 > counting-proxy.log &

Question 6

Start the built-in sidecar proxy for the dashboard service.

Answer 6

consul connect proxy -sidecar-for dashboard > dashboard-proxy.log &

Question 7

First, deny theDashboardservice access to theCountingservice.

Answer 7

consul intention create -deny -replace dashboard counting

Question 8

restore communication between the services

Answer 8

consul intention create -allow -replace dashboard counting

Question 9

Delete the intention from Consul.

Answer 9

consul intention delete dashboard counting

Question 10

Deregister the counting service.

Answer 10

consul services deregister counting.hcl

Question 11

Deregister the dashboard service.

Answer 11

consul services deregister dashboard.hcl