Can I effectively use Consul for my use case : highly distributed IOT application
568 views
Skip to first unread message
Nirmal Thacker
Jun 14, 2017, 4:04:08 PM6/14/17
to Consul
Hi
I'm evaluating Consul for the following requirements I have in my application:
1. Health monitoring and alerting for IOT devices geographically distributed
2. Dynamic configuration for these devices
Consul appears to be a great fit, given it does these two really well when I integrate consul-alert and envconsul.
I intend to have 3-5 consul servers in the cloud (Google Cloud for instance) and the devices, running as consul clients. Consul servers additionally have consul-alert daemon running and all consul clients run the target proc wrapped with envconsul for the second requirement.
However the difficulty in visualizing this is in the networking complexity:
1. Running consul servers on a public IP seems like a bad idea - or is it acceptable ? What sort of security issues must I be aware about?
2. Does having my consul servers and consul clients on a VPN help?
3. Is consul the right tool for this setup? What other alternatives could deliver my requirements for my environment?
Thanks
Nirmal
I'm evaluating Consul for the following requirements I have in my application:
1. Health monitoring and alerting for IOT devices geographically distributed
2. Dynamic configuration for these devices
Consul appears to be a great fit, given it does these two really well when I integrate consul-alert and envconsul.
I intend to have 3-5 consul servers in the cloud (Google Cloud for instance) and the devices, running as consul clients. Consul servers additionally have consul-alert daemon running and all consul clients run the target proc wrapped with envconsul for the second requirement.
However the difficulty in visualizing this is in the networking complexity:
1. Running consul servers on a public IP seems like a bad idea - or is it acceptable ? What sort of security issues must I be aware about?
2. Does having my consul servers and consul clients on a VPN help?
3. Is consul the right tool for this setup? What other alternatives could deliver my requirements for my environment?
Thanks
Nirmal
James Phillips
Jun 24, 2017, 6:40:35 PM6/24/17
to consu...@googlegroups.com
> 3. Is consul the right tool for this setup?
Hi, Consul probably isn't a good fit for this use case as the gossip
protocol expects to have a pretty good local network between all of
the agents in a cluster, and the agents need to be in a full mesh
because any agent can probe any other agent. Having devices all over
the world would definitely break that assumption (and the timing
assumptions) built into Consul, so I think your cluster would see a
lot of node health flapping. This is pretty baked into Consul's
design, so it would be hard to work w/o that.
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/consul/issues
> IRC: #consul on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Consul" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to consul-tool...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/consul-tool/ea65f8e8-a569-43aa-9034-d0c2450a9725%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Nirmal Thacker
Jun 24, 2017, 10:33:52 PM6/24/17
to Consul
Thanks for responding James.
I intend to deploy consul over tinc (http://tinc-vpn.org/), a meshed VPN that can enable the gossip protocol to occur between consul clients, directly. Would that address some of the timing assumptions in Consul?
Nirmal
I intend to deploy consul over tinc (http://tinc-vpn.org/), a meshed VPN that can enable the gossip protocol to occur between consul clients, directly. Would that address some of the timing assumptions in Consul?
Nirmal
Tyler Rivera
Jul 28, 2017, 7:29:59 AM7/28/17
to Consul
Nirmal, if you haven't already, it might be worthwhile to look into using an MQTT broker to facilitate such a distributed system. This is core to both Google and AWS IoT platforms.
Nirmal Thacker
Jul 28, 2017, 12:24:47 PM7/28/17
to Consul
Hi Tyler,
Thanks for responding and sharing MQTT.
With MQTT can I build an alerting system that is time sensitive like Consul does? For instance in Consul, we can configure health check scripts that run every so often and failed health checks can be tied into alerts and metrics using consul-alerts. So how would one do that using an MQTT system? As I understand it, the IOT devices themselves can frequently publish their health check to the broker, but how does a subscriber determine alerting if it hasn't heard from a device?
Thanks!
Nirmal
Thanks for responding and sharing MQTT.
With MQTT can I build an alerting system that is time sensitive like Consul does? For instance in Consul, we can configure health check scripts that run every so often and failed health checks can be tied into alerts and metrics using consul-alerts. So how would one do that using an MQTT system? As I understand it, the IOT devices themselves can frequently publish their health check to the broker, but how does a subscriber determine alerting if it hasn't heard from a device?
Thanks!
Nirmal
Tyler Rivera
Jul 29, 2017, 1:58:08 PM7/29/17
to Consul
This is probably outside the scope of this group, MQTT is simply a pub/sub broker. Many people will subscribe to a topic on MQTT and build alerting systems based on the messages they see on that topic.
Reply all
Reply to author
Forward
0 new messages