cdist-type__consul_agent(7)

1CDIST-TYPE__CONSUL_AGENT(7)          cdist         CDIST-TYPE__CONSUL_AGENT(7)
2
3
4

NAME

6       cdist-type__consul_agent - Manage the consul agent
7

DESCRIPTION

9       Configure and manage the consul agent.
10

REQUIRED PARAMETERS

12       None.
13

OPTIONAL PARAMETERS

15       acl-datacenter
16              only  used  by  servers. This designates the datacenter which is
17              authoritative for ACL information.
18
19       acl-default-policy
20              either "allow" or "deny"; defaults to "allow". The default  pol‐
21              icy  controls  the behavior of a token when there is no matching
22              rule.
23
24       acl-down-policy
25              either "allow", "deny" or "extend-cache"; "extend-cache" is  the
26              default.
27
28       acl-master-token
29              only  used for servers in the acl_datacenter. This token will be
30              created with management-level permissions if it does not  exist.
31              It  allows operators to bootstrap the ACL system with a token ID
32              that is well-known.
33
34       acl-token
35              when provided,  the  agent  will  use  this  token  when  making
36              requests to the Consul servers.
37
38       acl-ttl
39              used to control Time-To-Live caching of ACLs.
40
41       bind-addr
42              sets the bind address for cluster communication
43
44       bootstrap-expect
45              sets server to expect bootstrap mode
46
47       ca-file-source
48              path  to  a PEM encoded certificate authority file which will be
49              uploaded and configure using the ca_file config option.
50
51       cert-file-source
52              path to a PEM encoded certificate file which  will  be  uploaded
53              and configure using the cert_file config option.
54
55       client-addr
56              sets the address to bind for client access
57
58       datacenter
59              datacenter of the agent
60
61       encrypt
62              provides the gossip encryption key
63
64       group  the primary group for the agent
65
66       json-config
67              path  to a partial json config file without leading { and trail‐
68              ing }.  If json-config is '-' (dash), take what was  written  to
69              stdin as the file content.
70
71       key-file-source
72              path  to  a  PEM encoded private key file which will be uploaded
73              and configure using the key_file config option.
74
75       node-name
76              name of this node. Must be unique in the cluster
77
78       retry-join
79              address to attempt joining every retry_interval until  at  least
80              one join works.  Can be specified multiple times.
81
82       user   the user to run the agent as
83
84       state  if  the  agent  is 'present' or 'absent'. Defaults to 'present'.
85              Currently state=absent is not working  due  to  some  dependency
86              issues.
87

BOOLEAN PARAMETERS

89       disable-remote-exec
90              disables  support  for  remote  execution. When set to true, the
91              agent will ignore any incoming remote exec requests.
92
93       disable-update-check
94              disables automatic checking for security bulletins and new  ver‐
95              sion releases
96
97       leave-on-terminate
98              gracefully leave cluster on SIGTERM
99
100       rejoin-after-leave
101              rejoin the cluster using the previous state after leaving
102
103       server used to control if an agent is in server or client mode
104
105       enable-syslog
106              enables logging to syslog
107
108       verify-incoming
109              enforce  the  use  of  TLS and verify a client's authenticity on
110              incoming connections
111
112       verify-outgoing
113              enforce the use of TLS and verify the peers authenticity on out‐
114              going connections
115

EXAMPLES

117          # configure as server, bootstrap and rejoin
118          hostname="$(cat "$__global/explorer/hostname")"
119          __consul_agent \
120             --datacenter dc1 \
121             --node-name "${hostname%%.*}" \
122             --disable-update-check \
123             --server \
124             --rejoin-after-leave \
125             --bootstrap-expect 3 \
126             --retry-join consul-01 \
127             --retry-join consul-02 \
128             --retry-join consul-03
129
130          # configure as server, bootstrap and rejoin with ssl support
131          hostname="$(cat "$__global/explorer/hostname")"
132          __consul_agent \
133             --datacenter dc1 \
134             --node-name "${hostname%%.*}" \
135             --disable-update-check \
136             --server \
137             --rejoin-after-leave \
138             --bootstrap-expect 3 \
139             --retry-join consul-01 \
140             --retry-join consul-02 \
141             --retry-join consul-03 \
142             --ca-file-source /path/to/ca.pem \
143             --cert-file-source /path/to/cert.pem \
144             --key-file-source /path/to/key.pem \
145             --verify-incoming \
146             --verify-outgoing
147
148          # configure as client and try joining existing cluster
149          __consul_agent \
150             --datacenter dc1 \
151             --node-name "${hostname%%.*}" \
152             --disable-update-check \
153             --retry-join consul-01 \
154             --retry-join consul-02 \
155             --retry-join consul-03
156

AUTHORS

162       Steven Armstrong <steven-cdist--@--armstrong.cc>
163

COPYING

165       Copyright (C) 2015 Steven Armstrong. You  can  redistribute  it  and/or
166       modify  it  under  the  terms of the GNU General Public License as pub‐
167       lished by the  Free  Software  Foundation,  either  version  3  of  the
168       License, or (at your option) any later version.
169

COPYRIGHT

171       ungleich GmbH 2019
172
173
174
175
1766.3.0                            Dec 12, 2019      CDIST-TYPE__CONSUL_AGENT(7)