Deploy a Production-Ready Consul Service Mesh on Kubernetes with Helm

In the cloud-native era, service discovery and configuration management are crucial for microservice architectures. HashiCorp Consul offers powerful service discovery, health checks, KV store, and secure communication, making it a popular choice.

This article guides you step-by-step to deploy a production-level Consul cluster on Kubernetes with Helm, from environment preparation to deployment and verification.

Prerequisites

Kubernetes cluster is available

StorageClass is available

Ingress Controller is available

Deploy Consul

1. Download the Helm chart on an external host and push it to your Harbor registry:

$ helm repo add hashicorp https://helm.releases.hashicorp.com --force-update
"hashicorp" has been added to your repositories

$ helm pull hashicorp/consul --version 1.6.5

$ helm push consul-1.6.5.tgz oci://core.jiaxzeng.com/plugins
Pushed: core.jiaxzeng.com/plugins/consul:1.6.5
Digest: sha256:1467cb760e3139d6febd2f302302fcdb039fdff9e475da884311df8ef97f26b3

2. On the Kubernetes node, pull and extract the chart:

$ sudo helm pull oci://core.jiaxzeng.com/plugins/consul --version 1.6.5 --untar --untardir /etc/kubernetes/addons/
Pulled: core.jiaxzeng.com/plugins/consul:1.6.5
Digest: sha256:1467cb760e3139d6febd2f302302fcdb039fdff9e475da884311df8ef97f26b3

3. Create the Consul values file (consul-value.yaml):

global:
  name: consul
  image: core.jiaxzeng.com/library/consul/consul:1.20.6
  imageK8S: core.jiaxzeng.com/library/consul/consul-k8s-control-plane:1.6.5
  acls:
    manageSystemACLs: true
  metrics:
    enabled: true

server:
  replicas: 3
  storage: "10Gi"
  storageClass: "longhorn"
  resources:
    requests:
      memory: 200Mi
      cpu: 100m
    limits:
      memory: 200Mi
      cpu: 100m

ui:
  ingress:
    enabled: true
    ingressClassName: nginx
    annotations: |
      cert-manager.io/cluster-issuer: ca-cluster-issuer
    hosts:
    - host: consul.jiaxzeng.com
    tls:
    - hosts:
      - consul.jiaxzeng.com
      secretName: consul.jiaxzeng.com-tls

4. Install the Consul chart:

$ helm -n consul upgrade --install --create-namespace consul -f consul-value.yaml /etc/kubernetes/addons/consul
Release "consul" does not exist. Installing it now.
NAME: consul
LAST DEPLOYED: Fri Jun 27 16:38:41 2025
NAMESPACE: consul
STATUS: deployed
REVISION: 1

# Additional notes omitted for brevity

Verify the Service

1. Check that the pods are running:

$ k -n consul get all
NAME                                      READY   STATUS    RESTARTS   AGE
pod/consul-connect-injector-...           1/1     Running   0          14m
pod/consul-server-0                       1/1     Running   0          14m
pod/consul-server-1                       1/1     Running   0          14m
pod/consul-server-2                       1/1     Running   0          14m
... (additional output omitted) ...

2. Access the Consul UI in a browser (e.g., https://consul.jiaxzeng.com/ui).

Conclusion

As enterprises continue investing in cloud-native technologies, automated and standardized service deployment becomes a core operational capability. This guide helps you successfully deploy Consul on Kubernetes, providing a solid foundation for your microservice architecture.