Create a complete Hashicorp Cluster - Vault, Nomad and Consul
Projects | Links:
Project to install the clusters of Vault, Consul and Nomad on AWS in a programmatic and repeatable way.
Many existing solutions for setting up Hashicorp clusters are either incomplete or no longer actively maintained. After encountering inconsistencies and outdated features in these solutions, I’ve decided to create a series of posts detailing the process of building this environment from scratch on AWS, including all necessary configuration dependencies.
The journey begins with defining the environment and utilizing Terraform to establish the network infrastructure, generate security keys, and create servers. This approach also allows us to dismantle the entire setup efficiently when needed. Following this, we will proceed to install and configure the software using Ansible, starting with Vault, then Consul, and finally Nomad.
Given that we are constructing a production cluster, we aim to adhere to current best practices in security and configuration, particularly leveraging Vault for enhanced security measures1. Additionally will design this expecting it will at some point in the future be executed by a CI/CD pipeline.
As I progress through each stage, I will update this post with links to the detailed guides:
- Starting with Environments & Servers - Building a HashiCorp Cluster (Part 1)
- Configure Vault - Building a HashiCorp Cluster (Part 2)
- Configure Consul - Building a HashiCorp Cluster (Part 3)
- Configure Nomad - Building a HashiCorp Cluster (Part 4)
- Tying it all together - Building a HashiCorp Cluster (Part 5)
Pre-Requisites
- AWS Account
- Command-line installed and configured for AWS
- AWS credentials file configured
~/.aws/credentials
While we are not adhering strictly to server sizing guidelines due to the minimal load expected and cost considerations, we will maintain a minimum of three servers as recommended for production workloads. ↩︎