docker network create consuldocker-compose -f docker-compose-dc1.yml up
docker-compose -f docker-compose-dc2.yml up
docker-compose exec consul-dc2-node1 consul join -wan consul-dc1-node1生成管理令牌
consul acl bootstrapAccessorID: ***
SecretID: ***
Description: Bootstrap Token (Global Management)
Local: false
Create Time:
Policies:
00000000-0000-0000-0000-000000000001 - global-management
将令牌 SecretID 保存到环境变量 MANAGEMENT_TOKEN
export MANAGEMENT_TOKEN=xxxSERVICE_POLICY_ID=$(curl --request PUT --header "X-Consul-Token: $MANAGEMENT_TOKEN" \
--data '{
"Name": "service-policy",
"Description": "Grants read/write access to all service",
"Rules": "service_prefix \"\" { policy = \"read\"} service_prefix \"\" { policy = \"write\"}",
"Datacenters": ["dc1"]
}
' "http://localhost:8500/v1/acl/policy?name=service-policy" | jq -r .ID)
echo "Service Policy ID: $SERVICE_POLICY_ID"SERVICE_TOKEN=$(curl --request PUT --header "X-Consul-Token: $MANAGEMENT_TOKEN" \
--data '{
"Description": "service-token",
"Policies": [
{
"Name": "service-policy"
}
]
}' http://localhost:8500/v1/acl/token | jq -r .SecretID)
echo "Service Token: $SERVICE_TOKEN"curl --request PUT --header "X-Consul-Token: $SERVICE_TOKEN" \
--data '{"id":"test","name":"test","address":"127.0.0.0","port":80,"tags":[]}' http://localhost:8500/v1/agent/service/register