Description HashiCorp Consul Kubernetes integration container providing service mesh, service discovery, and network security automation capabilities for Kubernetes clusters. Features automated service networking, zero-trust security, and multi-cluster service mesh functionality for enterprise environments.
Key Features Core capabilities and strengths of this container
Native Kubernetes integration with service mesh capabilities Automated service discovery and load balancing Zero-trust network security automation Multi-cluster federation support Common Use Cases Typical scenarios where this container excels
Kubernetes service mesh implementation Multi-cluster service discovery Zero-trust network security Microservices connectivity management Pull Latest Image Download the container image from the registry
docker pull clnstrt-images.clnstrt.dev/$ORGANIZATION/consul-k8s:latestdocker pull clnstrt-images.clnstrt.dev/$ORGANIZATION/consul-k8s:1.2.0Basic Run Run the container with basic configuration
bash docker run -it --name consul-k8s clnstrt-images.clnstrt.dev/$ORGANIZATION/consul-k8s:latestProduction Deployment Deploy with production security settings
bash docker run -d --name consul-k8s-prod \
--read-only \
--security-opt=no-new-privileges \
--user 100:100 \
clnstrt-images.clnstrt.dev/$ORGANIZATION/consul-k8s:latestVolume Mount Mount local directory for persistent data
bash docker run -v $(pwd)/consul-data:/consul/data clnstrt-images.clnstrt.dev/$ORGANIZATION/consul-k8s:latestPort Forwarding Run with custom port mappings
bash docker run -p 8500:8500 -p 8600:8600/udp clnstrt-images.clnstrt.dev/$ORGANIZATION/consul-k8s:latestEnvironment Variables Configuration options available through environment variables
CONSUL_HTTP_ADDR Consul HTTP API address http://localhost:8500CONSUL_DATACENTER Consul datacenter name dc1CONSUL_ALLOW_PRIVILEGED_PORTS Enable privileged ports access false
CONSUL_CLIENT_CERT Client certificate file path Security Best Practices Recommended security configurations and practices
Enable TLS encryption for all communication Implement ACL tokens for access control Use dedicated service accounts Configure proper network policies Regular security updates and patches Enable audit logging Kubernetes Security Context Recommended security context for Kubernetes deployments
yaml securityContext:
runAsNonRoot: true
runAsUser: 100
runAsGroup: 100
fsGroup: 100
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
Documentation Resources Essential links and resources for further information