How to access externally to consul UI

Question

How can I access to consul UI externally?

I want to access consul UI writing

<ANY_MASTER_OR_SLAVE_NODE_IP>:8500

I have try doing a ssh tunnel to acces: ssh -N -f -L 8500:localhost:8500 root@172.16.8.194

Then if I access http://localhost:8500 It works, but it is not what I want. I need to access externally, without ssh tunnel.

My config.json file is the next:

{
"bind_addr":"172.16.8.216",
"server": false,
"datacenter": "nyc2",
"data_dir": "/var/consul",
"ui_dir": "/home/ikerlan/dist",
"log_level": "INFO",
"enable_syslog": true,
"start_join": ["172.16.8.211","172.16.8.212","172.16.8.213"]
}

Any help? Thanks

ahus1 · Accepted Answer · 2016-02-09T17:32:57.427

62

Add

{
  "client_addr": "0.0.0.0"
}

to your configuration or add the option -client 0.0.0.0 to the command line of consul to make your Web UI accessible from the outside (see the docs for more information).

Please note that this will also make your Consul REST API accessible from the outside. Depending on your environment you might want to activate Consul's ACLs to restrict access.

edited Feb 09 '16 at 17:32

answered Feb 08 '16 at 18:26

ahus1

5,782
24
42

1

If I add "client_addr":"0.0.0.0" to my configuration the client go out of the cluster, and when I run consul members on the client: "Error connecting to Consul agent: dial tcp 127.0.0.1:8400: connection refused". If I run -client 0.0.0.0 on my command line: "-client: command not found" What could be the problem? @ahus1 – Asier Gomez Feb 09 '16 at 16:53
1

@Asier I have updated the description. If your client goes out of the cluster, please have a look at consul log file. Maybe there is a syntax error in your configuration. the `-client` option needs to be part of the command line of your consul executable. Please have a look at the referenced consul documentation. I also updated the answer to make it more explicit. – ahus1 Feb 09 '16 at 17:34
I take the line "client_addr":"0.0.0.0" to my config.json file, and if I have this configuration the node cant connect with the others, I have a error when I execute consul members. Sure that the unique configuration I have to do is edit the config.json and insert this line? Thanks @ahus1 – Asier Gomez Feb 12 '16 at 16:14
For the clients to connect to each consul will bind an interface with a private IP address. You can manually select the IP address with the `bind` parameter. By default this IP address is advertised to the other clients, but you can override this with the `advertise` configuration parameter. Please see here https://github.com/ahus1/saltconsul-examples for a full setup of consul with Salt and either Vagrant or Digital Ocean. See cheatsheet.adoc for a fast track. – ahus1 Feb 13 '16 at 11:25
I have add the IP with the bind parameter, as you can see in the description there was my config.json. My problem is that if add the next line client_addr":"0.0.0.0" to my config.json it fails. @ahus1 – Asier Gomez Feb 15 '16 at 13:43
THANK YOU! That was not obvious from the documentation! – pmckeown Dec 21 '17 at 20:10

nhanpt · Answer 2 · 2016-04-06T07:54:47.480

5

You can use socat in this case.

socat -d -d TCP-L:8500,bind=172.16.93.128,fork TCP:localhost:8500 &

where 172.16.93.12 is my IP.

edited Apr 06 '16 at 07:54

answered Apr 06 '16 at 07:34

nhanpt

51
1
4

score 4 · Answer 3 · edited Sep 10 '18 at 14:09

4

Finally I find the solution. Add to the config file with the bind addr that is the IP of the machine, and the client_addr that is the hosts he listen to. So I use 0.0.0.0 to listen to all the IPs.

"bind_addr":"<machine-ip>",
"client_addr":"0.0.0.0",

edited Sep 10 '18 at 14:09

Community

1
1

answered Feb 18 '16 at 17:32

Asier Gomez

6,034
18
52
105

score 4 · Answer 4 · answered Nov 21 '17 at 17:02

4

I run it as a docker image, i gave

docker pull consul

docker run -p 8500:8500 consul

and i am able to access the consul ui at http://<hostname>:8500/ui

answered Nov 21 '17 at 17:02

Mohammed Rafeeq

2,586
25
26

score 2 · Answer 5 · answered Feb 06 '16 at 14:12

2

I don't have hands-on experience with Consul yet, but here are a few tips:

Run sudo netstat -peanut | grep :8500 and check if Consul is bound to 0.0.0.0 or an explicit ip. Should check docs if this is configurable.
On each node install Squid, Nginx or any other software which can act as a HTTP proxy

answered Feb 06 '16 at 14:12

NikoNyrh

3,578
2
18
32

If I run "sudo netstat -peanut | grep :8500" I can see: tcp 0 0 127.0.0.1:8500 0.0.0.0:* LISTEN, Is not anyway to do without installing Nginx or other packages? Thanks @NikoNyrh – Asier Gomez Feb 09 '16 at 16:55
ahus1 seems to know the docs better, you should get it configured that it isn't bound on `127.0.0.1` because then it won't accept external connections. – NikoNyrh Feb 09 '16 at 17:07

score 0 · Answer 6 · answered Feb 01 '16 at 14:24

0

No way to get User Interface if ther no user interface ) Classic UI its some stack of Desktop Environment(x-term....), so before get, you need install it on node

answered Feb 01 '16 at 14:24

AlexS

96
1
3

I have install the User Inteface, I can acces it with a ssh tunnel, but I want to access without ssh tunnel, writting http://172.16.8.194:8500 – Asier Gomez Feb 01 '16 at 14:30

How to access externally to consul UI

6 Answers6

Linked