2024-07-19 21:32:24 +00:00
|
|
|
---
|
|
|
|
# defaults file for hashicorp_nomad
|
|
|
|
|
|
|
|
nomad_version: "latest"
|
|
|
|
nomad_start_service: true
|
|
|
|
nomad_config_dir: "/etc/nomad.d"
|
|
|
|
nomad_data_dir: "/opt/nomad"
|
|
|
|
nomad_certs_dir: "{{ nomad_config_dir }}/tls"
|
|
|
|
nomad_logs_dir: "/var/log/nomad"
|
|
|
|
|
|
|
|
nomad_extra_files: false
|
|
|
|
nomad_extra_files_list: []
|
|
|
|
|
|
|
|
nomad_env_variables: {}
|
|
|
|
|
|
|
|
#######################
|
|
|
|
# extra configuration #
|
|
|
|
#######################
|
|
|
|
|
|
|
|
# You should prioritize adding configuration
|
|
|
|
# to the configuration entries below, this
|
|
|
|
# option should be used to add pieces of configuration not
|
|
|
|
# available through standard variables.
|
|
|
|
|
|
|
|
nomad_extra_configuration: {}
|
|
|
|
|
|
|
|
###########
|
|
|
|
# general #
|
|
|
|
###########
|
|
|
|
|
|
|
|
nomad_region: global
|
|
|
|
nomad_datacenter: dc1
|
|
|
|
|
|
|
|
#########################
|
|
|
|
# address configuration #
|
|
|
|
#########################
|
|
|
|
|
|
|
|
nomad_bind_addr: "0.0.0.0"
|
|
|
|
nomad_advertise_addr: "{{ ansible_default_ipv4.address }}"
|
|
|
|
nomad_address_configuration:
|
|
|
|
bind_addr: "{{ nomad_bind_addr }}"
|
|
|
|
addresses:
|
|
|
|
http: "{{ nomad_advertise_addr }}"
|
|
|
|
rpc: "{{ nomad_advertise_addr }}"
|
|
|
|
serf: "{{ nomad_advertise_addr }}"
|
|
|
|
advertise:
|
|
|
|
http: "{{ nomad_advertise_addr }}"
|
|
|
|
rpc: "{{ nomad_advertise_addr }}"
|
|
|
|
serf: "{{ nomad_advertise_addr }}"
|
|
|
|
ports:
|
|
|
|
http: 4646
|
|
|
|
rpc: 4647
|
|
|
|
serf: 4648
|
|
|
|
|
|
|
|
###########################
|
|
|
|
# autopilot configuration #
|
|
|
|
###########################
|
|
|
|
|
|
|
|
nomad_autopilot_configuration: {}
|
|
|
|
|
|
|
|
#######################
|
|
|
|
# leave configuration #
|
|
|
|
#######################
|
|
|
|
|
|
|
|
nomad_leave_on_interrupt: false
|
|
|
|
nomad_leave_on_terminate: false
|
|
|
|
|
|
|
|
########################
|
|
|
|
# server configuration #
|
|
|
|
########################
|
|
|
|
|
|
|
|
nomad_enable_server: true
|
|
|
|
nomad_server_bootstrap_expect: 1
|
|
|
|
nomad_server_configuration:
|
|
|
|
enabled: "{{ nomad_enable_server }}"
|
|
|
|
data_dir: "{{ nomad_data_dir }}/server"
|
|
|
|
encrypt: "{{ 'mysupersecretgossipencryptionkey'|b64encode }}"
|
|
|
|
server_join:
|
|
|
|
retry_join:
|
|
|
|
- "{{ ansible_default_ipv4.address }}"
|
|
|
|
|
|
|
|
##############################
|
|
|
|
# client configuration #
|
|
|
|
##############################
|
|
|
|
|
|
|
|
nomad_enable_client: false
|
|
|
|
nomad_client_configuration:
|
|
|
|
enabled: "{{ nomad_enable_client }}"
|
|
|
|
state_dir: "{{ nomad_data_dir }}/client"
|
2024-07-22 20:47:58 +00:00
|
|
|
cni_path: "/opt/cni/bin"
|
2024-07-19 21:32:24 +00:00
|
|
|
bridge_network_name: nomad
|
|
|
|
bridge_network_subnet: "172.26.64.0/20"
|
|
|
|
|
|
|
|
####################
|
|
|
|
# ui configuration #
|
|
|
|
####################
|
|
|
|
|
|
|
|
nomad_ui_configuration:
|
|
|
|
enabled: "{{ nomad_enable_server }}"
|
|
|
|
|
|
|
|
#########################
|
|
|
|
# drivers configuration #
|
|
|
|
#########################
|
|
|
|
|
|
|
|
nomad_driver_enable_docker: true
|
|
|
|
nomad_driver_enable_podman: false
|
|
|
|
nomad_driver_enable_raw_exec: false
|
|
|
|
nomad_driver_enable_java: false
|
|
|
|
nomad_driver_enable_qemu: false
|
|
|
|
|
|
|
|
nomad_driver_configuration:
|
|
|
|
raw_exec:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
nomad_driver_extra_configuration: {}
|
|
|
|
|
|
|
|
###########
|
|
|
|
# logging #
|
|
|
|
###########
|
|
|
|
|
|
|
|
nomad_log_level: info
|
|
|
|
nomad_enable_log_to_file: false
|
|
|
|
nomad_log_to_file_configuration:
|
|
|
|
log_file: "{{ nomad_logs_dir }}/nomad.log"
|
|
|
|
log_rotate_duration: 24h
|
|
|
|
log_rotate_max_files: 30
|
|
|
|
|
|
|
|
#####################
|
|
|
|
# ACL configuration #
|
|
|
|
#####################
|
|
|
|
|
|
|
|
nomad_acl_configuration:
|
|
|
|
enabled: false
|
|
|
|
token_ttl: 30s
|
|
|
|
policy_ttl: 60s
|
|
|
|
role_ttl: 60s
|
|
|
|
|
|
|
|
################
|
|
|
|
# internal tls #
|
|
|
|
################
|
|
|
|
|
|
|
|
nomad_enable_tls: false
|
|
|
|
nomad_tls_configuration:
|
|
|
|
http: true
|
|
|
|
rpc: true
|
|
|
|
ca_file: "/etc/ssl/certs/ca-certificates.crt"
|
|
|
|
cert_file: "{{ nomad_certs_dir }}/cert.pem"
|
|
|
|
key_file: "{{ nomad_certs_dir }}/key.pem"
|
|
|
|
verify_server_hostname: true
|
|
|
|
|
|
|
|
nomad_certificates_extra_files_dir:
|
|
|
|
[]
|
|
|
|
# - src: ""
|
|
|
|
# dest: "{{ nomad_certs_dir }}"
|
|
|
|
|
|
|
|
###########################
|
|
|
|
# telemetry configuration #
|
|
|
|
###########################
|
|
|
|
|
|
|
|
nomad_telemetry_configuration:
|
|
|
|
collection_interval: 10s
|
|
|
|
disable_hostname: false
|
|
|
|
use_node_name: false
|
|
|
|
publish_allocation_metrics: false
|
|
|
|
publish_node_metrics: false
|
|
|
|
prefix_filter: []
|
|
|
|
disable_dispatched_job_summary_metrics: false
|
|
|
|
prometheus_metrics: false
|
|
|
|
|
|
|
|
######################
|
|
|
|
# consul integration #
|
|
|
|
######################
|
|
|
|
|
|
|
|
nomad_enable_consul_integration: false
|
|
|
|
nomad_consul_integration_configuration:
|
|
|
|
address: "127.0.0.1:8500"
|
|
|
|
auto_advertise: true
|
|
|
|
ssl: false
|
|
|
|
token: ""
|
|
|
|
tags: []
|
|
|
|
|
|
|
|
nomad_consul_integration_tls_configuration:
|
|
|
|
ca_file: "/etc/ssl/certs/ca-certificates.crt"
|
|
|
|
|
|
|
|
nomad_consul_integration_server_configuration:
|
|
|
|
server_auto_join: true
|
|
|
|
|
|
|
|
nomad_consul_integration_client_configuration:
|
|
|
|
client_auto_join: true
|
|
|
|
grpc_address: "127.0.0.1:8502"
|
|
|
|
|
|
|
|
nomad_consul_integration_client_tls_configuration:
|
|
|
|
grpc_ca_file: "/etc/ssl/certs/ca-certificates.crt"
|
|
|
|
|
|
|
|
############################
|
|
|
|
# nomad vault integration #
|
|
|
|
############################
|
|
|
|
|
|
|
|
nomad_enable_vault_integration: false
|
|
|
|
nomad_vault_integration_configuration: {}
|