diff --git a/1-nixos-node/configuration.nix b/1-nixos-node/configuration.nix
index 759b0e7..0828eaf 100644
--- a/1-nixos-node/configuration.nix
+++ b/1-nixos-node/configuration.nix
@@ -38,6 +38,7 @@
enableDocker = true;
dropPrivileges = false;
settings = {
+ datacenter = "jaglan-beta";
server = {
enabled = true;
bootstrap_expect = 1;
@@ -47,6 +48,18 @@
};
};
};
+ consul = {
+ enable = true;
+ webUi = true;
+ interface.bind = "tailscale0"; # Bind to the Tailscale interface
+ interface.advertise = "tailscale0"; # Advertise the Tailscale interface
+ extraConfig = {
+ bootstrap_expect = 1;
+ server = true;
+ client_addr = "127.0.0.1 100.79.223.55";
+ datacenter = "jaglan-beta";
+ };
+ };
openssh = {
enable = true;
settings.PermitRootLogin = "yes";
diff --git a/1-nixos-node/terraform.tfstate b/1-nixos-node/terraform.tfstate
index d1f77d7..4ccd92f 100644
--- a/1-nixos-node/terraform.tfstate
+++ b/1-nixos-node/terraform.tfstate
@@ -1,7 +1,7 @@
{
"version": 4,
"terraform_version": "1.11.4",
- "serial": 19,
+ "serial": 58,
"lineage": "db7dcf21-a255-0ec4-c8b8-d4a7559b3768",
"outputs": {},
"resources": [
@@ -14,9 +14,9 @@
{
"schema_version": 0,
"attributes": {
- "id": "2789544025373353248",
+ "id": "4356981667558216389",
"triggers": {
- "configuration_content": "{ config, lib, pkgs, ... }:\n{\n imports =\n [ # Include the results of the hardware scan.\n ./hardware-configuration.nix\n ];\n\n nixpkgs.config.allowUnfree = true;\n\n # Use the systemd-boot EFI boot loader.\n boot.loader.systemd-boot.enable = true;\n boot.loader.efi.canTouchEfiVariables = true;\n\n networking.hostName = \"jaglan-beta-m01\"; # Define your hostname.\n\n time.timeZone = \"Australia/Melbourne\";\n\n # List packages installed in system profile. To search, run:\n # $ nix search wget\n # environment.systemPackages = with pkgs; [\n # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.\n # wget\n # ];\n\n # Some programs need SUID wrappers, can be configured further or are\n # started in user sessions.\n # programs.mtr.enable = true;\n # programs.gnupg.agent = {\n # enable = true;\n # enableSSHSupport = true;\n # };\n\n # List services that you want to enable:\n services = {\n tailscale.enable = true;\n nomad = {\n enable = true;\n enableDocker = true;\n dropPrivileges = false;\n settings = {\n server = {\n enabled = true;\n bootstrap_expect = 1;\n };\n client = {\n enabled = true;\n };\n };\n };\n openssh = {\n enable = true;\n settings.PermitRootLogin = \"yes\";\n };\n };\n\n # Fix issue where nomad needs alloc_mounts to be writable\n systemd.tmpfiles.rules = [\n \"d /var/lib/alloc_mounts 0755 root root -\"\n ];\n\n # Open ports in the firewall. 464X are the default ports for Nomad.\n networking.firewall.allowedTCPPorts = [ 4646 4647 4648 ];\n\n # Copy the NixOS configuration file and link it from the resulting system\n # (/run/current-system/configuration.nix). This is useful in case you\n # accidentally delete configuration.nix.\n system.copySystemConfiguration = true;\n\n # Defines the initial NixOS version for compatibility with older application data.\n # Do NOT change this value after installation without careful consideration.\n system.stateVersion = \"24.11\"; # Did you read the comment?\n}\n"
+ "configuration_content": "{ config, lib, pkgs, ... }:\n{\n imports =\n [ # Include the results of the hardware scan.\n ./hardware-configuration.nix\n ];\n\n nixpkgs.config.allowUnfree = true;\n\n # Use the systemd-boot EFI boot loader.\n boot.loader.systemd-boot.enable = true;\n boot.loader.efi.canTouchEfiVariables = true;\n\n networking.hostName = \"jaglan-beta-m01\"; # Define your hostname.\n\n time.timeZone = \"Australia/Melbourne\";\n\n # List packages installed in system profile. To search, run:\n # $ nix search wget\n # environment.systemPackages = with pkgs; [\n # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.\n # wget\n # ];\n\n # Some programs need SUID wrappers, can be configured further or are\n # started in user sessions.\n # programs.mtr.enable = true;\n # programs.gnupg.agent = {\n # enable = true;\n # enableSSHSupport = true;\n # };\n\n # List services that you want to enable:\n services = {\n tailscale.enable = true;\n nomad = {\n enable = true;\n enableDocker = true;\n dropPrivileges = false;\n settings = {\n datacenter = \"jaglan-beta\";\n server = {\n enabled = true;\n bootstrap_expect = 1;\n };\n client = {\n enabled = true;\n };\n };\n };\n consul = {\n enable = true;\n webUi = true;\n interface.bind = \"tailscale0\"; # Bind to the Tailscale interface\n interface.advertise = \"tailscale0\"; # Advertise the Tailscale interface\n extraConfig = {\n bootstrap_expect = 1;\n server = true;\n client_addr = \"127.0.0.1 100.79.223.55\";\n datacenter = \"jaglan-beta\";\n };\n };\n openssh = {\n enable = true;\n settings.PermitRootLogin = \"yes\";\n };\n };\n\n # Fix issue where nomad needs alloc_mounts to be writable\n systemd.tmpfiles.rules = [\n \"d /var/lib/alloc_mounts 0755 root root -\"\n ];\n\n # Open ports in the firewall. 464X are the default ports for Nomad.\n networking.firewall.allowedTCPPorts = [ 4646 4647 4648 ];\n\n # Copy the NixOS configuration file and link it from the resulting system\n # (/run/current-system/configuration.nix). This is useful in case you\n # accidentally delete configuration.nix.\n system.copySystemConfiguration = true;\n\n # Defines the initial NixOS version for compatibility with older application data.\n # Do NOT change this value after installation without careful consideration.\n system.stateVersion = \"24.11\"; # Did you read the comment?\n}\n"
}
},
"sensitive_attributes": []
diff --git a/1-nixos-node/terraform.tfstate.backup b/1-nixos-node/terraform.tfstate.backup
index c1b3a10..dfb9b08 100644
--- a/1-nixos-node/terraform.tfstate.backup
+++ b/1-nixos-node/terraform.tfstate.backup
@@ -1,7 +1,7 @@
{
"version": 4,
"terraform_version": "1.11.4",
- "serial": 16,
+ "serial": 55,
"lineage": "db7dcf21-a255-0ec4-c8b8-d4a7559b3768",
"outputs": {},
"resources": [
@@ -14,9 +14,9 @@
{
"schema_version": 0,
"attributes": {
- "id": "3103386327037898205",
+ "id": "971598338822699043",
"triggers": {
- "configuration_content": "{ config, lib, pkgs, ... }:\n{\n imports =\n [ # Include the results of the hardware scan.\n ./hardware-configuration.nix\n ];\n\n nixpkgs.config.allowUnfree = true;\n\n # Use the systemd-boot EFI boot loader.\n boot.loader.systemd-boot.enable = true;\n boot.loader.efi.canTouchEfiVariables = true;\n\n networking.hostName = \"jaglan-beta-m01\"; # Define your hostname.\n\n time.timeZone = \"Australia/Melbourne\";\n\n # List packages installed in system profile. To search, run:\n # $ nix search wget\n # environment.systemPackages = with pkgs; [\n # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.\n # wget\n # ];\n\n # Some programs need SUID wrappers, can be configured further or are\n # started in user sessions.\n # programs.mtr.enable = true;\n # programs.gnupg.agent = {\n # enable = true;\n # enableSSHSupport = true;\n # };\n\n # List services that you want to enable:\n\n services.tailscale.enable = true;\n services.nomad = {\n enable = true;\n enableDocker = true;\n dropPrivileges = false;\n settings = {\n server = {\n enabled = true;\n bootstrap_expect = 1;\n };\n client = {\n enabled = true;\n };\n };\n };\n # Fix issue where nomad needs alloc_mounts to be writable\n systemd.tmpfiles.rules = [\n \"d /var/lib/alloc_mounts 0755 root root -\"\n ];\n\n # Enable the OpenSSH daemon.\n services.openssh.enable = true;\n services.openssh.settings.PermitRootLogin = \"yes\";\n\n # Open ports in the firewall. 464X are the default ports for Nomad.\n networking.firewall.allowedTCPPorts = [ 4646 4647 4648 ];\n\n # Copy the NixOS configuration file and link it from the resulting system\n # (/run/current-system/configuration.nix). This is useful in case you\n # accidentally delete configuration.nix.\n system.copySystemConfiguration = true;\n\n # Defines the initial NixOS version for compatibility with older application data.\n # Do NOT change this value after installation without careful consideration.\n system.stateVersion = \"24.11\"; # Did you read the comment?\n}\n"
+ "configuration_content": "{ config, lib, pkgs, ... }:\n{\n imports =\n [ # Include the results of the hardware scan.\n ./hardware-configuration.nix\n ];\n\n nixpkgs.config.allowUnfree = true;\n\n # Use the systemd-boot EFI boot loader.\n boot.loader.systemd-boot.enable = true;\n boot.loader.efi.canTouchEfiVariables = true;\n\n networking.hostName = \"jaglan-beta-m01\"; # Define your hostname.\n\n time.timeZone = \"Australia/Melbourne\";\n\n # List packages installed in system profile. To search, run:\n # $ nix search wget\n # environment.systemPackages = with pkgs; [\n # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.\n # wget\n # ];\n\n # Some programs need SUID wrappers, can be configured further or are\n # started in user sessions.\n # programs.mtr.enable = true;\n # programs.gnupg.agent = {\n # enable = true;\n # enableSSHSupport = true;\n # };\n\n # List services that you want to enable:\n services = {\n tailscale.enable = true;\n nomad = {\n enable = true;\n enableDocker = true;\n dropPrivileges = false;\n settings = {\n datacenter = \"jaglan-beta\";\n server = {\n enabled = true;\n bootstrap_expect = 1;\n };\n client = {\n enabled = true;\n };\n };\n };\n consul = {\n enable = true;\n webUi = true;\n interface.bind = \"tailscale0\"; # Bind to the Tailscale interface\n interface.advertise = \"tailscale0\"; # Advertise the Tailscale interface\n extraConfig = {\n bootstrap_expect = 1;\n server = true;\n client_addr = \"100.79.223.55\";\n datacenter = \"jaglan-beta\";\n };\n };\n openssh = {\n enable = true;\n settings.PermitRootLogin = \"yes\";\n };\n };\n\n # Fix issue where nomad needs alloc_mounts to be writable\n systemd.tmpfiles.rules = [\n \"d /var/lib/alloc_mounts 0755 root root -\"\n ];\n\n # Open ports in the firewall. 464X are the default ports for Nomad.\n networking.firewall.allowedTCPPorts = [ 4646 4647 4648 ];\n\n # Copy the NixOS configuration file and link it from the resulting system\n # (/run/current-system/configuration.nix). This is useful in case you\n # accidentally delete configuration.nix.\n system.copySystemConfiguration = true;\n\n # Defines the initial NixOS version for compatibility with older application data.\n # Do NOT change this value after installation without careful consideration.\n system.stateVersion = \"24.11\"; # Did you read the comment?\n}\n"
}
},
"sensitive_attributes": []
diff --git a/2-nomad-config/hello-world.nomad b/2-nomad-config/hello-world.nomad
new file mode 100644
index 0000000..e19e619
--- /dev/null
+++ b/2-nomad-config/hello-world.nomad
@@ -0,0 +1,63 @@
+job "hello-world" {
+ group "servers" {
+ network {
+ port "www" {
+ to = -1
+ }
+ }
+
+ service {
+ name = "hello-world"
+ port = "www"
+
+ tags = [
+ "traefik.enable=true",
+ "traefik.http.routers.hello.rule=PathPrefix(`/hello`)",
+ "traefik.http.middlewares.strip-hello.stripPrefix.prefixes=/hello",
+ "traefik.http.routers.hello.middlewares=strip-hello",
+ ]
+
+ check {
+ name = "alive"
+ type = "tcp"
+ port = "www"
+ interval = "10s"
+ timeout = "2s"
+ }
+ }
+
+
+ # Tasks are individual units of work that are run by Nomad.
+ task "web" {
+ # This particular task starts a simple web server within a Docker container
+ driver = "docker"
+
+ config {
+ image = "busybox:1"
+ command = "httpd"
+ args = ["-v", "-f", "-p", "${NOMAD_PORT_www}", "-h", "/local"]
+ ports = ["www"]
+ }
+
+ template {
+ data = <<-EOF
+ Hello, Nomad!
+
+ - Task: {{env "NOMAD_TASK_NAME"}}
+ - Group: {{env "NOMAD_GROUP_NAME"}}
+ - Job: {{env "NOMAD_JOB_NAME"}}
+ - Metadata value for foo: {{env "NOMAD_META_foo"}}
+ - Currently running on port: {{env "NOMAD_PORT_www"}}
+
+ EOF
+ destination = "local/index.html"
+ }
+
+ # Specify the maximum resources required to run the task
+ resources {
+ cpu = 50
+ memory = 64
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/2-nomad-config/services.tf b/2-nomad-config/services.tf
index f78c9ea..cf68ba5 100644
--- a/2-nomad-config/services.tf
+++ b/2-nomad-config/services.tf
@@ -3,55 +3,14 @@ provider "nomad" {
address = "http://jaglan-beta-m01:4646"
}
-# Define a Nomad job for a Hello World service
-resource "nomad_job" "app" {
- jobspec = <Hello, Nomad!
-
- - Task: {{env "NOMAD_TASK_NAME"}}
- - Group: {{env "NOMAD_GROUP_NAME"}}
- - Job: {{env "NOMAD_JOB_NAME"}}
- - Metadata value for foo: {{env "NOMAD_META_foo"}}
- - Currently running on port: {{env "NOMAD_PORT_www"}}
-
- EOF
- destination = "local/index.html"
- }
-
- # Specify the maximum resources required to run the task
- resources {
- cpu = 50
- memory = 64
- }
- }
- }
+resource "nomad_job" "hello_world" {
+ jobspec = file("hello-world.nomad")
+}
+
+resource "nomad_job" "traefik" {
+ jobspec = file("traefik.nomad")
+}
+
+resource "nomad_job" "webapp" {
+ jobspec = file("webapp.nomad")
}
-EOT
-}
\ No newline at end of file
diff --git a/2-nomad-config/terraform.tfstate b/2-nomad-config/terraform.tfstate
index bfc9b36..30f5e42 100644
--- a/2-nomad-config/terraform.tfstate
+++ b/2-nomad-config/terraform.tfstate
@@ -1,14 +1,14 @@
{
"version": 4,
"terraform_version": "1.11.4",
- "serial": 13,
+ "serial": 84,
"lineage": "15e0900c-88bc-9754-4600-e3977d018ba0",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "nomad_job",
- "name": "app",
+ "name": "hello_world",
"provider": "provider[\"registry.terraform.io/hashicorp/nomad\"]",
"instances": [
{
@@ -23,9 +23,9 @@
"detach": true,
"hcl2": [],
"id": "hello-world",
- "jobspec": "job \"hello-world\" {\n group \"servers\" {\n network {\n port \"www\" {\n to = 8002\n }\n }\n\n service {\n provider = \"nomad\"\n port = \"www\"\n }\n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}\n",
+ "jobspec": "job \"hello-world\" {\n group \"servers\" {\n network {\n port \"www\" {\n to = -1\n }\n }\n\n service {\n name = \"hello-world\"\n port = \"www\"\n \n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.hello.rule=PathPrefix(`/hello`)\",\n \"traefik.http.middlewares.strip-hello.stripPrefix.prefixes=/hello\",\n \"traefik.http.routers.hello.middlewares=strip-hello\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"www\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n \n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}",
"json": null,
- "modify_index": "1144",
+ "modify_index": "1989",
"name": "hello-world",
"namespace": "default",
"policy_override": null,
@@ -57,6 +57,116 @@
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsInVwZGF0ZSI6MzAwMDAwMDAwMDAwfX0="
}
]
+ },
+ {
+ "mode": "managed",
+ "type": "nomad_job",
+ "name": "traefik",
+ "provider": "provider[\"registry.terraform.io/hashicorp/nomad\"]",
+ "instances": [
+ {
+ "schema_version": 0,
+ "attributes": {
+ "allocation_ids": [],
+ "datacenters": [
+ "*"
+ ],
+ "deployment_id": null,
+ "deployment_status": null,
+ "deregister_on_destroy": true,
+ "deregister_on_id_change": true,
+ "detach": true,
+ "hcl2": [],
+ "id": "traefik",
+ "jobspec": "job \"traefik\" {\n group \"traefik\" {\n network {\n port \"http\" {\n static = 8080\n }\n\n port \"api\" {\n static = 8081\n }\n }\n\n service {\n name = \"traefik\"\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"http\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n\n task \"traefik\" {\n driver = \"docker\"\n\n config {\n image = \"traefik:v3.3\"\n network_mode = \"host\"\n\n volumes = [\n \"local/traefik.toml:/etc/traefik/traefik.toml\",\n ]\n }\n\n template {\n data = \u003c\u003cEOF\n[entryPoints]\n [entryPoints.http]\n address = \":8080\"\n [entryPoints.traefik]\n address = \":8081\"\n\n[api]\n dashboard = true\n insecure = true\n\n# Enable Consul Catalog configuration backend.\n[providers.consulCatalog]\n prefix = \"traefik\"\n exposedByDefault = false\n\n [providers.consulCatalog.endpoint]\n address = \"127.0.0.1:8500\"\n scheme = \"http\"\nEOF\n\n destination = \"local/traefik.toml\"\n }\n\n resources {\n cpu = 100\n memory = 128\n }\n }\n }\n}\n",
+ "json": null,
+ "modify_index": "1509",
+ "name": "traefik",
+ "namespace": "default",
+ "policy_override": null,
+ "purge_on_destroy": null,
+ "read_allocation_ids": false,
+ "region": "global",
+ "rerun_if_dead": false,
+ "status": "running",
+ "task_groups": [
+ {
+ "count": 1,
+ "meta": {},
+ "name": "traefik",
+ "task": [
+ {
+ "driver": "docker",
+ "meta": {},
+ "name": "traefik",
+ "volume_mounts": []
+ }
+ ],
+ "volumes": []
+ }
+ ],
+ "timeouts": null,
+ "type": "service"
+ },
+ "sensitive_attributes": [],
+ "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsInVwZGF0ZSI6MzAwMDAwMDAwMDAwfX0="
+ }
+ ]
+ },
+ {
+ "mode": "managed",
+ "type": "nomad_job",
+ "name": "webapp",
+ "provider": "provider[\"registry.terraform.io/hashicorp/nomad\"]",
+ "instances": [
+ {
+ "schema_version": 0,
+ "attributes": {
+ "allocation_ids": [],
+ "datacenters": [
+ "*"
+ ],
+ "deployment_id": null,
+ "deployment_status": null,
+ "deregister_on_destroy": true,
+ "deregister_on_id_change": true,
+ "detach": true,
+ "hcl2": [],
+ "id": "demo-webapp",
+ "jobspec": "job \"demo-webapp\" {\n group \"demo\" {\n count = 3\n\n network {\n port \"http\"{\n to = -1\n }\n }\n\n service {\n name = \"demo-webapp\"\n port = \"http\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.http.rule=Path(`/myapp`)\",\n ]\n\n check {\n type = \"http\"\n path = \"/\"\n interval = \"2s\"\n timeout = \"2s\"\n }\n }\n\n task \"server\" {\n env {\n PORT = \"${NOMAD_PORT_http}\"\n NODE_IP = \"${NOMAD_IP_http}\"\n }\n\n driver = \"docker\"\n\n config {\n image = \"hashicorp/demo-webapp-lb-guide\"\n ports = [\"http\"]\n }\n }\n }\n}",
+ "json": null,
+ "modify_index": "1847",
+ "name": "demo-webapp",
+ "namespace": "default",
+ "policy_override": null,
+ "purge_on_destroy": null,
+ "read_allocation_ids": false,
+ "region": "global",
+ "rerun_if_dead": false,
+ "status": "running",
+ "task_groups": [
+ {
+ "count": 3,
+ "meta": {},
+ "name": "demo",
+ "task": [
+ {
+ "driver": "docker",
+ "meta": {},
+ "name": "server",
+ "volume_mounts": []
+ }
+ ],
+ "volumes": []
+ }
+ ],
+ "timeouts": null,
+ "type": "service"
+ },
+ "sensitive_attributes": [],
+ "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsInVwZGF0ZSI6MzAwMDAwMDAwMDAwfX0="
+ }
+ ]
}
],
"check_results": null
diff --git a/2-nomad-config/terraform.tfstate.backup b/2-nomad-config/terraform.tfstate.backup
index 35a4f72..aba870b 100644
--- a/2-nomad-config/terraform.tfstate.backup
+++ b/2-nomad-config/terraform.tfstate.backup
@@ -1,14 +1,67 @@
{
"version": 4,
"terraform_version": "1.11.4",
- "serial": 11,
+ "serial": 82,
"lineage": "15e0900c-88bc-9754-4600-e3977d018ba0",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "nomad_job",
- "name": "app",
+ "name": "hello_world",
+ "provider": "provider[\"registry.terraform.io/hashicorp/nomad\"]",
+ "instances": [
+ {
+ "schema_version": 0,
+ "attributes": {
+ "allocation_ids": [],
+ "datacenters": [],
+ "deployment_id": null,
+ "deployment_status": null,
+ "deregister_on_destroy": true,
+ "deregister_on_id_change": true,
+ "detach": true,
+ "hcl2": [],
+ "id": "hello-world",
+ "jobspec": "job \"hello-world\" {\n group \"servers\" {\n network {\n port \"www\" {\n to = -1\n }\n }\n\n service {\n name = \"hello-world\"\n port = \"www\"\n \n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.hello.rule=PathPrefix(`/hello`)\",\n \"traefik.http.middlewares.strip-hello.stripPrefix.prefixes=/hello\",\n \"traefik.http.routers.foo.middlewares=strip-hello\",\n ]\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"www\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n \n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}",
+ "json": null,
+ "modify_index": "1981",
+ "name": "hello-world",
+ "namespace": "default",
+ "policy_override": null,
+ "purge_on_destroy": null,
+ "read_allocation_ids": false,
+ "region": "global",
+ "rerun_if_dead": false,
+ "status": "running",
+ "task_groups": [
+ {
+ "count": 1,
+ "meta": {},
+ "name": "servers",
+ "task": [
+ {
+ "driver": "docker",
+ "meta": {},
+ "name": "web",
+ "volume_mounts": []
+ }
+ ],
+ "volumes": []
+ }
+ ],
+ "timeouts": null,
+ "type": "service"
+ },
+ "sensitive_attributes": [],
+ "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsInVwZGF0ZSI6MzAwMDAwMDAwMDAwfX0="
+ }
+ ]
+ },
+ {
+ "mode": "managed",
+ "type": "nomad_job",
+ "name": "traefik",
"provider": "provider[\"registry.terraform.io/hashicorp/nomad\"]",
"instances": [
{
@@ -24,32 +77,87 @@
"deregister_on_id_change": true,
"detach": true,
"hcl2": [],
- "id": "hello-world",
- "jobspec": "job \"hello-world\" {\n # Specifies the datacenter where this job should be run\n # This can be omitted and it will default to [\"*\"]\n datacenters = [\"*\"]\n\n meta {\n # User-defined key/value pairs that can be used in your jobs.\n # You can also use this meta block within Group and Task levels.\n foo = \"bar\"\n }\n\n # A group defines a series of tasks that should be co-located\n # on the same client (host). All tasks within a group will be\n # placed on the same host.\n group \"servers\" {\n\n # Specifies the number of instances of this group that should be running.\n # Use this to scale or parallelize your job.\n # This can be omitted and it will default to 1.\n count = 1\n\n network {\n port \"www\" {\n to = 8002\n }\n }\n\n service {\n provider = \"nomad\"\n port = \"www\"\n }\n\n # Tasks are individual units of work that are run by Nomad.\n task \"web\" {\n # This particular task starts a simple web server within a Docker container\n driver = \"docker\"\n\n config {\n image = \"busybox:1\"\n command = \"httpd\"\n args = [\"-v\", \"-f\", \"-p\", \"${NOMAD_PORT_www}\", \"-h\", \"/local\"]\n ports = [\"www\"]\n }\n\n template {\n data = \u003c\u003c-EOF\n \u003ch1\u003eHello, Nomad!\u003c/h1\u003e\n \u003cul\u003e\n \u003cli\u003eTask: {{env \"NOMAD_TASK_NAME\"}}\u003c/li\u003e\n \u003cli\u003eGroup: {{env \"NOMAD_GROUP_NAME\"}}\u003c/li\u003e\n \u003cli\u003eJob: {{env \"NOMAD_JOB_NAME\"}}\u003c/li\u003e\n \u003cli\u003eMetadata value for foo: {{env \"NOMAD_META_foo\"}}\u003c/li\u003e\n \u003cli\u003eCurrently running on port: {{env \"NOMAD_PORT_www\"}}\u003c/li\u003e\n \u003c/ul\u003e\n EOF\n destination = \"local/index.html\"\n }\n\n # Specify the maximum resources required to run the task\n resources {\n cpu = 50\n memory = 64\n }\n }\n }\n}\n",
+ "id": "traefik",
+ "jobspec": "job \"traefik\" {\n group \"traefik\" {\n network {\n port \"http\" {\n static = 8080\n }\n\n port \"api\" {\n static = 8081\n }\n }\n\n service {\n name = \"traefik\"\n\n check {\n name = \"alive\"\n type = \"tcp\"\n port = \"http\"\n interval = \"10s\"\n timeout = \"2s\"\n }\n }\n\n task \"traefik\" {\n driver = \"docker\"\n\n config {\n image = \"traefik:v3.3\"\n network_mode = \"host\"\n\n volumes = [\n \"local/traefik.toml:/etc/traefik/traefik.toml\",\n ]\n }\n\n template {\n data = \u003c\u003cEOF\n[entryPoints]\n [entryPoints.http]\n address = \":8080\"\n [entryPoints.traefik]\n address = \":8081\"\n\n[api]\n dashboard = true\n insecure = true\n\n# Enable Consul Catalog configuration backend.\n[providers.consulCatalog]\n prefix = \"traefik\"\n exposedByDefault = false\n\n [providers.consulCatalog.endpoint]\n address = \"127.0.0.1:8500\"\n scheme = \"http\"\nEOF\n\n destination = \"local/traefik.toml\"\n }\n\n resources {\n cpu = 100\n memory = 128\n }\n }\n }\n}\n",
"json": null,
- "modify_index": "1133",
- "name": "hello-world",
+ "modify_index": "1509",
+ "name": "traefik",
"namespace": "default",
"policy_override": null,
"purge_on_destroy": null,
"read_allocation_ids": false,
"region": "global",
"rerun_if_dead": false,
- "status": "pending",
+ "status": "running",
"task_groups": [
{
"count": 1,
"meta": {},
- "name": "servers",
+ "name": "traefik",
"task": [
{
"driver": "docker",
"meta": {},
- "name": "web",
- "volume_mounts": null
+ "name": "traefik",
+ "volume_mounts": []
}
],
- "volumes": null
+ "volumes": []
+ }
+ ],
+ "timeouts": null,
+ "type": "service"
+ },
+ "sensitive_attributes": [],
+ "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsInVwZGF0ZSI6MzAwMDAwMDAwMDAwfX0="
+ }
+ ]
+ },
+ {
+ "mode": "managed",
+ "type": "nomad_job",
+ "name": "webapp",
+ "provider": "provider[\"registry.terraform.io/hashicorp/nomad\"]",
+ "instances": [
+ {
+ "schema_version": 0,
+ "attributes": {
+ "allocation_ids": [],
+ "datacenters": [
+ "*"
+ ],
+ "deployment_id": null,
+ "deployment_status": null,
+ "deregister_on_destroy": true,
+ "deregister_on_id_change": true,
+ "detach": true,
+ "hcl2": [],
+ "id": "demo-webapp",
+ "jobspec": "job \"demo-webapp\" {\n group \"demo\" {\n count = 3\n\n network {\n port \"http\"{\n to = -1\n }\n }\n\n service {\n name = \"demo-webapp\"\n port = \"http\"\n\n tags = [\n \"traefik.enable=true\",\n \"traefik.http.routers.http.rule=Path(`/myapp`)\",\n ]\n\n check {\n type = \"http\"\n path = \"/\"\n interval = \"2s\"\n timeout = \"2s\"\n }\n }\n\n task \"server\" {\n env {\n PORT = \"${NOMAD_PORT_http}\"\n NODE_IP = \"${NOMAD_IP_http}\"\n }\n\n driver = \"docker\"\n\n config {\n image = \"hashicorp/demo-webapp-lb-guide\"\n ports = [\"http\"]\n }\n }\n }\n}",
+ "json": null,
+ "modify_index": "1847",
+ "name": "demo-webapp",
+ "namespace": "default",
+ "policy_override": null,
+ "purge_on_destroy": null,
+ "read_allocation_ids": false,
+ "region": "global",
+ "rerun_if_dead": false,
+ "status": "running",
+ "task_groups": [
+ {
+ "count": 3,
+ "meta": {},
+ "name": "demo",
+ "task": [
+ {
+ "driver": "docker",
+ "meta": {},
+ "name": "server",
+ "volume_mounts": []
+ }
+ ],
+ "volumes": []
}
],
"timeouts": null,
diff --git a/2-nomad-config/traefik.nomad b/2-nomad-config/traefik.nomad
new file mode 100644
index 0000000..4a75af0
--- /dev/null
+++ b/2-nomad-config/traefik.nomad
@@ -0,0 +1,68 @@
+job "traefik" {
+ group "traefik" {
+ network {
+ port "http" {
+ static = 8080
+ }
+
+ port "api" {
+ static = 8081
+ }
+ }
+
+ service {
+ name = "traefik"
+
+ check {
+ name = "alive"
+ type = "tcp"
+ port = "http"
+ interval = "10s"
+ timeout = "2s"
+ }
+ }
+
+ task "traefik" {
+ driver = "docker"
+
+ config {
+ image = "traefik:v3.3"
+ network_mode = "host"
+
+ volumes = [
+ "local/traefik.toml:/etc/traefik/traefik.toml",
+ ]
+ }
+
+ template {
+ data = <