From aab7efb5c3a85c7acdf66453750c61d30eed4fc9 Mon Sep 17 00:00:00 2001 From: Adrian Cowan Date: Tue, 29 Apr 2025 20:14:58 +1000 Subject: [PATCH] Change routing to use subdomains --- 2-nomad-config/hello-world.nomad | 4 +- 2-nomad-config/terraform.tfstate | 14 ++--- 2-nomad-config/terraform.tfstate.backup | 18 +++---- 2-nomad-config/traefik.nomad | 69 +++++++++++++++++++------ 2-nomad-config/webapp.nomad | 2 +- 5 files changed, 69 insertions(+), 38 deletions(-) diff --git a/2-nomad-config/hello-world.nomad b/2-nomad-config/hello-world.nomad index e19e619..59450f0 100644 --- a/2-nomad-config/hello-world.nomad +++ b/2-nomad-config/hello-world.nomad @@ -12,9 +12,7 @@ job "hello-world" { tags = [ "traefik.enable=true", - "traefik.http.routers.hello.rule=PathPrefix(`/hello`)", - "traefik.http.middlewares.strip-hello.stripPrefix.prefixes=/hello", - "traefik.http.routers.hello.middlewares=strip-hello", + "traefik.http.routers.hello.rule=Host(`hello.othrayte.one`)", ] check { diff --git a/2-nomad-config/terraform.tfstate b/2-nomad-config/terraform.tfstate index 2b5579f..02895b3 100644 --- a/2-nomad-config/terraform.tfstate +++ b/2-nomad-config/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.11.4", - "serial": 87, + "serial": 129, "lineage": "15e0900c-88bc-9754-4600-e3977d018ba0", "outputs": {}, "resources": [ @@ -25,9 +25,9 @@ "detach": true, "hcl2": [], "id": "hello-world", - "jobspec": "job \"hello-world\" {\n group \"servers\" {\n network {\n port \"www\" {\n to = -1\n }\n }\n\n service {\n name = \"hello-world\"\n port = \"www\"\n \n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.hello.rule=PathPrefix(`/hello`)\",\n \"traefik.http.middlewares.strip-hello.stripPrefix.prefixes=/hello\",\n \"traefik.http.routers.hello.middlewares=strip-hello\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"www\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n \n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}", + "jobspec": "job \"hello-world\" {\n group \"servers\" {\n network {\n port \"www\" {\n to = -1\n }\n }\n\n service {\n name = \"hello-world\"\n port = \"www\"\n \n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.hello.rule=Host(`hello.othrayte.one`)\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"www\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n \n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}", "json": null, - "modify_index": "1989", + "modify_index": "8229", "name": "hello-world", "namespace": "default", "policy_override": null, @@ -78,9 +78,9 @@ "detach": true, "hcl2": [], "id": "traefik", - "jobspec": "job \"traefik\" {\n group \"traefik\" {\n network {\n port \"http\" {\n static = 80\n }\n\n port \"api\" {\n static = 8081\n }\n }\n\n service {\n name = \"traefik\"\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"http\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n\n task \"traefik\" {\n driver = \"docker\"\n\n config {\n image = \"traefik:v3.3\"\n network_mode = \"host\"\n\n volumes = [\n \"local/traefik.toml:/etc/traefik/traefik.toml\",\n ]\n }\n\n template {\n data = \u003c\u003cEOF\n[entryPoints]\n [entryPoints.http]\n address = \":80\"\n [entryPoints.traefik]\n address = \":8081\"\n\n[api]\n dashboard = true\n insecure = true\n\n# Enable Consul Catalog configuration backend.\n[providers.consulCatalog]\n prefix = \"traefik\"\n exposedByDefault = false\n\n [providers.consulCatalog.endpoint]\n address = \"127.0.0.1:8500\"\n scheme = \"http\"\nEOF\n\n destination = \"local/traefik.toml\"\n }\n\n resources {\n cpu = 100\n memory = 128\n }\n }\n }\n}\n", + "jobspec": "job \"traefik\" {\n group \"traefik\" {\n network {\n port \"http\" {\n static = 80\n }\n\n port \"api\" {\n static = 8081\n }\n }\n\n service {\n name = \"traefik\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.traefik.rule=Host(`traefik.othrayte.one`)\",\n \"traefik.http.routers.traefik.service=traefik\",\n \"traefik.http.services.traefik.loadbalancer.server.port=8081\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"http\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n\n task \"traefik\" {\n driver = \"docker\"\n\n config {\n image = \"traefik:v3.3\"\n network_mode = \"host\"\n\n volumes = [\n \"local/traefik.yml:/etc/traefik/traefik.yml\",\n \"local/configs/:/etc/traefik/configs/\",\n ]\n }\n\n template {\n data = \u003c\u003cEOF\nentryPoints:\n http:\n address: \":80\"\n traefik:\n address: \":8081\"\n\napi:\n dashboard: true\n insecure: true\n\nproviders:\n file:\n directory: \"/etc/traefik/configs/\"\n\n consulCatalog:\n prefix: \"traefik\"\n exposedByDefault: false\n endpoint:\n address: \"127.0.0.1:8500\"\n scheme: \"http\"\nEOF\n\n destination = \"local/traefik.yml\"\n }\n\n template {\n data = \u003c\u003cEOF\nhttp:\n routers:\n nomadui:\n rule: \"Host(`nomad.othrayte.one`)\"\n service: nomadui\n consului:\n rule: \"Host(`consul.othrayte.one`)\"\n service: consului\n\n services:\n nomadui:\n loadBalancer:\n servers:\n - url: \"http://127.0.0.1:4646\"\n consului:\n loadBalancer:\n servers:\n - url: \"http://127.0.0.1:8500\"\nEOF\n\n destination = \"local/configs/nomad.yml\"\n }\n\n resources {\n cpu = 100\n memory = 128\n }\n }\n }\n}\n", "json": null, - "modify_index": "8173", + "modify_index": "8496", "name": "traefik", "namespace": "default", "policy_override": null, @@ -133,9 +133,9 @@ "detach": true, "hcl2": [], "id": "demo-webapp", - "jobspec": "job \"demo-webapp\" {\n group \"demo\" {\n count = 3\n\n network {\n port \"http\"{\n to = -1\n }\n }\n\n service {\n name = \"demo-webapp\"\n port = \"http\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.http.rule=Path(`/myapp`)\",\n ]\n\n check {\n type = \"http\"\n path = \"/\"\n interval = \"2s\"\n timeout = \"2s\"\n }\n }\n\n task \"server\" {\n env {\n PORT = \"${NOMAD_PORT_http}\"\n NODE_IP = \"${NOMAD_IP_http}\"\n }\n\n driver = \"docker\"\n\n config {\n image = \"hashicorp/demo-webapp-lb-guide\"\n ports = [\"http\"]\n }\n }\n }\n}", + "jobspec": "job \"demo-webapp\" {\n group \"demo\" {\n count = 3\n\n network {\n port \"http\"{\n to = -1\n }\n }\n\n service {\n name = \"demo-webapp\"\n port = \"http\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.http.rule=Host(`demo-webapp.othrayte.one`)\",\n ]\n\n check {\n type = \"http\"\n path = \"/\"\n interval = \"2s\"\n timeout = \"2s\"\n }\n }\n\n task \"server\" {\n env {\n PORT = \"${NOMAD_PORT_http}\"\n NODE_IP = \"${NOMAD_IP_http}\"\n }\n\n driver = \"docker\"\n\n config {\n image = \"hashicorp/demo-webapp-lb-guide\"\n ports = [\"http\"]\n }\n }\n }\n}", "json": null, - "modify_index": "1847", + "modify_index": "8396", "name": "demo-webapp", "namespace": "default", "policy_override": null, diff --git a/2-nomad-config/terraform.tfstate.backup b/2-nomad-config/terraform.tfstate.backup index 60c7e67..321ff86 100644 --- a/2-nomad-config/terraform.tfstate.backup +++ b/2-nomad-config/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.11.4", - "serial": 85, + "serial": 127, "lineage": "15e0900c-88bc-9754-4600-e3977d018ba0", "outputs": {}, "resources": [ @@ -25,9 +25,9 @@ "detach": true, "hcl2": [], "id": "hello-world", - "jobspec": "job \"hello-world\" {\n group \"servers\" {\n network {\n port \"www\" {\n to = -1\n }\n }\n\n service {\n name = \"hello-world\"\n port = \"www\"\n \n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.hello.rule=PathPrefix(`/hello`)\",\n \"traefik.http.middlewares.strip-hello.stripPrefix.prefixes=/hello\",\n \"traefik.http.routers.hello.middlewares=strip-hello\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"www\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n \n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}", + "jobspec": "job \"hello-world\" {\n group \"servers\" {\n network {\n port \"www\" {\n to = -1\n }\n }\n\n service {\n name = \"hello-world\"\n port = \"www\"\n \n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.hello.rule=Host(`hello.othrayte.one`)\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"www\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n \n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}", "json": null, - "modify_index": "1989", + "modify_index": "8229", "name": "hello-world", "namespace": "default", "policy_override": null, @@ -70,9 +70,7 @@ "schema_version": 0, "attributes": { "allocation_ids": [], - "datacenters": [ - "*" - ], + "datacenters": [], "deployment_id": null, "deployment_status": null, "deregister_on_destroy": true, @@ -80,9 +78,9 @@ "detach": true, "hcl2": [], "id": "traefik", - "jobspec": "job \"traefik\" {\n group \"traefik\" {\n network {\n port \"http\" {\n static = 8080\n }\n\n port \"api\" {\n static = 8081\n }\n }\n\n service {\n name = \"traefik\"\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"http\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n\n task \"traefik\" {\n driver = \"docker\"\n\n config {\n image = \"traefik:v3.3\"\n network_mode = \"host\"\n\n volumes = [\n \"local/traefik.toml:/etc/traefik/traefik.toml\",\n ]\n }\n\n template {\n data = \u003c\u003cEOF\n[entryPoints]\n [entryPoints.http]\n address = \":8080\"\n [entryPoints.traefik]\n address = \":8081\"\n\n[api]\n dashboard = true\n insecure = true\n\n# Enable Consul Catalog configuration backend.\n[providers.consulCatalog]\n prefix = \"traefik\"\n exposedByDefault = false\n\n [providers.consulCatalog.endpoint]\n address = \"127.0.0.1:8500\"\n scheme = \"http\"\nEOF\n\n destination = \"local/traefik.toml\"\n }\n\n resources {\n cpu = 100\n memory = 128\n }\n }\n }\n}\n", + "jobspec": "job \"traefik\" {\n group \"traefik\" {\n network {\n port \"http\" {\n static = 80\n }\n\n port \"api\" {\n static = 8081\n }\n }\n\n service {\n name = \"traefik\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.traefik.rule=Host(`traefik.othrayte.one`)\",\n \"traefik.http.routers.traefik.service=dashboard@internal\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"http\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n\n task \"traefik\" {\n driver = \"docker\"\n\n config {\n image = \"traefik:v3.3\"\n network_mode = \"host\"\n\n volumes = [\n \"local/traefik.yml:/etc/traefik/traefik.yml\",\n \"local/configs/:/etc/traefik/configs/\",\n ]\n }\n\n template {\n data = \u003c\u003cEOF\nentryPoints:\n http:\n address: \":80\"\n traefik:\n address: \":8081\"\n\napi:\n dashboard: true\n insecure: true\n\nproviders:\n file:\n directory: \"/etc/traefik/configs/\"\n\n consulCatalog:\n prefix: \"traefik\"\n exposedByDefault: false\n endpoint:\n address: \"127.0.0.1:8500\"\n scheme: \"http\"\nEOF\n\n destination = \"local/traefik.yml\"\n }\n\n template {\n data = \u003c\u003cEOF\nhttp:\n routers:\n nomadui:\n rule: \"Host(`nomad.othrayte.one`)\"\n service: nomadui\n consului:\n rule: \"Host(`consul.othrayte.one`)\"\n service: consului\n\n services:\n nomadui:\n loadBalancer:\n servers:\n - url: \"http://127.0.0.1:4646\"\n consului:\n loadBalancer:\n servers:\n - url: \"http://127.0.0.1:8500\"\nEOF\n\n destination = \"local/configs/nomad.yml\"\n }\n\n resources {\n cpu = 100\n memory = 128\n }\n }\n }\n}\n", "json": null, - "modify_index": "1509", + "modify_index": "8482", "name": "traefik", "namespace": "default", "policy_override": null, @@ -135,9 +133,9 @@ "detach": true, "hcl2": [], "id": "demo-webapp", - "jobspec": "job \"demo-webapp\" {\n group \"demo\" {\n count = 3\n\n network {\n port \"http\"{\n to = -1\n }\n }\n\n service {\n name = \"demo-webapp\"\n port = \"http\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.http.rule=Path(`/myapp`)\",\n ]\n\n check {\n type = \"http\"\n path = \"/\"\n interval = \"2s\"\n timeout = \"2s\"\n }\n }\n\n task \"server\" {\n env {\n PORT = \"${NOMAD_PORT_http}\"\n NODE_IP = \"${NOMAD_IP_http}\"\n }\n\n driver = \"docker\"\n\n config {\n image = \"hashicorp/demo-webapp-lb-guide\"\n ports = [\"http\"]\n }\n }\n }\n}", + "jobspec": "job \"demo-webapp\" {\n group \"demo\" {\n count = 3\n\n network {\n port \"http\"{\n to = -1\n }\n }\n\n service {\n name = \"demo-webapp\"\n port = \"http\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.http.rule=Host(`demo-webapp.othrayte.one`)\",\n ]\n\n check {\n type = \"http\"\n path = \"/\"\n interval = \"2s\"\n timeout = \"2s\"\n }\n }\n\n task \"server\" {\n env {\n PORT = \"${NOMAD_PORT_http}\"\n NODE_IP = \"${NOMAD_IP_http}\"\n }\n\n driver = \"docker\"\n\n config {\n image = \"hashicorp/demo-webapp-lb-guide\"\n ports = [\"http\"]\n }\n }\n }\n}", "json": null, - "modify_index": "1847", + "modify_index": "8396", "name": "demo-webapp", "namespace": "default", "policy_override": null, diff --git a/2-nomad-config/traefik.nomad b/2-nomad-config/traefik.nomad index b3c84b3..d35a08b 100644 --- a/2-nomad-config/traefik.nomad +++ b/2-nomad-config/traefik.nomad @@ -13,6 +13,13 @@ job "traefik" { service { name = "traefik" + tags = [ + "traefik.enable=true", + "traefik.http.routers.traefik.rule=Host(`traefik.othrayte.one`)", + "traefik.http.routers.traefik.service=traefik", + "traefik.http.services.traefik.loadbalancer.server.port=8081", + ] + check { name = "alive" type = "tcp" @@ -30,33 +37,61 @@ job "traefik" { network_mode = "host" volumes = [ - "local/traefik.toml:/etc/traefik/traefik.toml", + "local/traefik.yml:/etc/traefik/traefik.yml", + "local/configs/:/etc/traefik/configs/", ] } template { data = <