kelseyhightower/consul-on-kubernetes — explained in plain English
Analysis updated 2026-07-18 · repo last pushed 2018-11-04
Stand up a resilient Consul cluster on Kubernetes for service discovery across microservices.
Let containers dynamically discover each other's addresses instead of hardcoding IPs.
Learn how to generate and manage encryption certificates for secure internal cluster traffic.
Verify cluster health using Consul's web UI via kubectl port-forwarding.
| kelseyhightower/consul-on-kubernetes | lenucksi/aur-malware-check | pyenv/pyenv-virtualenvwrapper | |
|---|---|---|---|
| Stars | 598 | 652 | 678 |
| Language | Shell | Shell | Shell |
| Last pushed | 2018-11-04 | — | 2017-08-20 |
| Maintenance | Dormant | — | Dormant |
| Setup difficulty | hard | — | easy |
| Complexity | 4/5 | — | 2/5 |
| Audience | ops devops | ops devops | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires an existing Kubernetes 1.11+ cluster plus kubectl, cfssl, and consul CLI tools.
Consul-on-Kubernetes is a step-by-step tutorial that teaches you how to run a three-node Consul cluster on Kubernetes. Consul is a tool for service discovery and health checking, meaning it helps the different parts of an application find each other and know which services are up or down. Running it on Kubernetes adds resilience, so if one node fails, the others keep things running. The tutorial walks you through generating encryption certificates to secure communication between Consul members, creating a shared encryption key for internal "gossip" traffic, and storing all of that in Kubernetes as secrets. You then deploy three Consul instances that form a cluster, each one starting up in sequence. Once running, you can verify the cluster is healthy by checking member status or opening Consul's built-in web UI via a local port-forward. This project is aimed at platform engineers or developers who already have a Kubernetes cluster and want to add Consul for service discovery. A practical scenario: you have a microservices application spread across multiple containers, and you need each service to dynamically discover where the others are without hardcoding IP addresses. This tutorial gets that infrastructure stood up with encrypted internal communication. The project is essentially a collection of shell commands and configuration files rather than a standalone application. It assumes comfort with command-line tools like kubectl, cfssl, and consul, and requires Kubernetes 1.11 or later. Everything is done manually step by step, which makes it educational but less automated than a one-click deployment solution. A cleanup script is included to tear down everything you created.
A step-by-step tutorial for manually deploying a secure, three-node Consul service discovery cluster on Kubernetes.
Mainly Shell. The stack also includes Kubernetes, Consul, Shell.
Dormant — no commits in 2+ years (last push 2018-11-04).
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
double-check against the repo, no cap.