consul VS Caddy

Consul, HashiCorp's distributed system tool, isn't just a one-trick pony for service discovery—it's a Swiss Army knife that also handles configuration management and network segmentation.

I had a distaste for Nomad before the rug pull[1], but hopefully no serious person would voluntarily choose Nomad after that stunt. Doubly so that going with the Nomad ecosystem mandates self-hosting as one cannot $(aws elastic-nomad create-cluster). I was similarly surprised that HashiCorp didn't even offer "you pay for compute but we will administer your control plane" since both the "community" and the "enterprise" links from the front page both say "self-managed"

I will be super curious to see if IBM Cloud actually does ship $(ibm-cloud-cli create-nomad)

1: I also didn't realize they rug pulled Consul, too; that's just cruel https://github.com/hashicorp/consul/blob/v1.20.5/LICENSE

No need for NGINX reloads: Since NGINX queries the Consul Go API client for healthy services on each request, there’s no need to reload NGINX whenever a service moves between nodes or when new instances are added.

When a backend starts or stops, something needs to update, whether it’s Consul, kube-proxy, ELB, or otherwise. To stop a worker without incurring failures, you need to prevent the load balancer from sending new requests and then finishing existing ones.

Consul - To set up secure network communication via mTLS, service location and certificate issuance

Hashicorp Consul

The JHipster scaffolded sample application has a gateway application and two microservices. It uses Consul for service discovery and centralized configuration.

Service Discovery: Microservices need to discover and communicate with each other dynamically. Service discovery tools like etcd, Consul, or Kubernetes built-in service discovery mechanisms help locate and connect to microservices running on different nodes within the infrastructure.

After some research and testing, I landed on using Consul and Fabio as the demo infrastructure. Of course, there is a myriad of other options to accomplish this task, but because of the low configuration and ease of use, I was impressed with this pairing. Both projects are mature and well-supported, and very flexible--just because you can run them with low configuration, doesn't mean you have to. I wanted to keep this demo constrained, but the exercise did get me excited about exploring things further: circuit breakers, traffic splitting, and more complex service meshes.

Caddy: web server with automatic HTTPS

Caddy

This single record will suffice as we will be using a reverse proxy to map each of our application. For the reverse proxy solution, we will be using Caddy, particularly xcaddy.

It looks nice and friendly, but for developers I can recommend exploring caddy[1] or nginx[2]. It's a useful technology to have worked with, even if they're ultimately only used for proxying analytics.

[1] https://caddyserver.com/

I began to self-host a Minecraft server using Crafty Controller, an Excalidraw instance, Docmost to replace Notion, Plane to replace Jira, and Penpot to replace Figma. To be able to access them from the internet, I used Nginx Proxy Manager to set up reverse proxies with SSL. You can use Traefik or Caddy instead, but I enjoyed the ease-of-use of NPM. For a dashboard solution, I started with Homarr, but later switched to Homepage because I'm apparently incapable of making a decision and sticking with it.

This approach offers a level of customizability similar to what xcaddy does for the Caddy server, eliminating the complexities associated with writing Rhai scripts to customize a precompiled binary, as is the case with the Apollo Router.

Caddy is a server written in Go programming language, known to be easy peasy to configure (Unlike configuring Nginx), and it also includes https by default.

Caddy is the ultimate web server anyone should be using. This is true for production as well as for local development. It is very fast, and by default obtains and renews SSL certificates automatically. This is useful for when you want to test certain website feature that is only allowed when they're accessed with HTTPS. You get free TLS for all your subdomains, and it does that in a scalable way.