Introduction
As specified in this article, with Consul Enterprise 1.7.0+, data for different users or teams can be isolated from each other with the use of namespaces. Namespaces help reduce operational challenges by removing restrictions around uniqueness of resource names across distinct teams, and enable operators to provide self-service through delegation of administrative privileges.
For more information on how to use namespaces with Consul Enterprise please review the following tutorials:
- Register and Discover Services within Namespaces- Register multiple services within different namespaces in Consul.
- Setup Secure Namespaces- Secure resources within a namespace and delegate namespace ACL rights via ACL tokens.
Scenarios
Config Files
It is important to specify the correct enterprise image version when building helm charts or any other config that requires to specify a consul image. See examples below:
Consul helm chart
global:
enableConsulNamespaces: true
tls:
enabled: true
image: hashicorp/consul-enterprise:1.14.0-ent
adminPartitions:
enabled: true
acls:
manageSystemACLs: true
enterpriseLicense:
secretName: license
secretKey: key
meshGateway:
enabled: true
Mesh-task for HCP Consul with ECS
variable "consul_image" {
description = "Consul Docker image."
type = string
default = "public.ecr.aws/hashicorp/consul-enterprise:1.12.7+ent"
}
For CLI Use
Recommendation
When using namespaces we need to be aware this feature requires HashiCorp Cloud Platform (HCP) or self-managed Consul Enterprise. Refer to the enterprise feature matrix for additional information.