This repo contains a simple example of Consul cluster in Multi-DC - Multi-Cloud Deployment with AWS client VPN (with mutual authentication) for secure connection to the both DCs.

AWS VPC

This module will create VPC in AWS region "us-east-1"

AWS Client VPN

This module will create AWS Client VPN

AWS EC2 (Consul servers)

This module will create a needed number of Consul server

AWS IPsec VPN

This module will create a VPN connection between AWS and GCP.

• You must add "GCP External IP address - Reserved static address" into the *.tfvars, please check the example.tfvars

Prerequisites

• Terraform
• AWS Account
• Basic Consul knowledge
• GCP Account

Prepare you own AWS AMIs with Packer

• AWS PACKER-CONSUL-SERVER
• AWS PACKER-CONSUL-CLIENT

Prepare you own GCP Image with Packer

• GCP PACKER-CONSUL-SERVER

Clone the repo

git clone https://github.com/chavo1/aws-gcp-consul-multi-dc.git
cd aws-gcp-consul-multi-dc
terraform init
terraform apply

• After the deployment Terraform will generate a file into the root directory "config-cvpn.ovpn". So you can use it to connect to the environment in both DCs with AWS Client VPN.
• VPN client depend on your choice, in my case I use tunnelblick.

AWS EC2 (Consul clients) deployment.

After deploying the Infra and Consul servers is time for Consul clients.

• | To spin up the client agents we use Terraform Local Backend - we just reference the data.

For AWS go to the consul_client_dc1, setup a needed count for the clients in the main.tf file.

terraform init
terraform apply 

We can continue with Consul servers - GCP deployment.

• Go to the "gcp-aws-vpn-servers"

terraform init
terraform apply 

We are ready for Consul clients - GCP deployment.

• Go to the "consul-client-gcp"

terraform init
terraform apply