Bertrand Lanson
54a86d7af3
All checks were successful
development / Check commit compliance (push) Successful in 25s
14 KiB
14 KiB
📃 Role overview
nomad
Description: Install and configure hashicorp nomad for debian-based distros.
| Field | Value |
|---|---|
| Readme update | 26/08/2024 |
Defaults
These are static variables with lower priority
File: defaults/main.yml
| Var | Type | Value | Required | Title |
|---|---|---|---|---|
| nomad_version | str | latest |
n/a | n/a |
| nomad_start_service | bool | True |
n/a | n/a |
| nomad_config_dir | str | /etc/nomad.d |
n/a | n/a |
| nomad_data_dir | str | /opt/nomad |
n/a | n/a |
| nomad_certs_dir | str | {{ nomad_config_dir }}/tls |
n/a | n/a |
| nomad_logs_dir | str | /var/log/nomad |
n/a | n/a |
| nomad_extra_files | bool | False |
n/a | n/a |
| nomad_extra_files_list | list | [] |
n/a | n/a |
| nomad_env_variables | dict | {} |
n/a | n/a |
| nomad_extra_configuration | dict | {} |
n/a | n/a |
| nomad_region | str | global |
n/a | n/a |
| nomad_datacenter | str | dc1 |
n/a | n/a |
| nomad_bind_addr | str | 0.0.0.0 |
n/a | n/a |
| nomad_advertise_addr | str | {{ ansible_default_ipv4.address }} |
n/a | n/a |
| nomad_address_configuration | dict | {'bind_addr': '{{ nomad_bind_addr }}', 'addresses': {'http': '{{ nomad_advertise_addr }}', 'rpc': '{{ nomad_advertise_addr }}', 'serf': '{{ nomad_advertise_addr }}'}, 'advertise': {'http': '{{ nomad_advertise_addr }}', 'rpc': '{{ nomad_advertise_addr }}', 'serf': '{{ nomad_advertise_addr }}'}, 'ports': {'http': 4646, 'rpc': 4647, 'serf': 4648}} |
n/a | n/a |
| nomad_autopilot_configuration | dict | {} |
n/a | n/a |
| nomad_leave_on_interrupt | bool | False |
n/a | n/a |
| nomad_leave_on_terminate | bool | False |
n/a | n/a |
| nomad_enable_server | bool | True |
n/a | n/a |
| nomad_server_bootstrap_expect | int | 1 |
n/a | n/a |
| nomad_server_configuration | dict | {'enabled': '{{ nomad_enable_server }}', 'data_dir': '{{ nomad_data_dir }}/server', 'encrypt': "{{ 'mysupersecretgossipencryptionkey'|b64encode }}", 'server_join': {'retry_join': ['{{ ansible_default_ipv4.address }}']}} |
n/a | n/a |
| nomad_enable_client | bool | False |
n/a | n/a |
| nomad_client_configuration | dict | {'enabled': '{{ nomad_enable_client }}', 'state_dir': '{{ nomad_data_dir }}/client', 'cni_path': '/opt/cni/bin', 'bridge_network_name': 'nomad', 'bridge_network_subnet': '172.26.64.0/20'} |
n/a | n/a |
| nomad_ui_configuration | dict | {'enabled': '{{ nomad_enable_server }}'} |
n/a | n/a |
| nomad_driver_enable_docker | bool | True |
n/a | n/a |
| nomad_driver_enable_podman | bool | False |
n/a | n/a |
| nomad_driver_enable_raw_exec | bool | False |
n/a | n/a |
| nomad_driver_enable_java | bool | False |
n/a | n/a |
| nomad_driver_enable_qemu | bool | False |
n/a | n/a |
| nomad_driver_configuration | dict | {'raw_exec': {'enabled': False}} |
n/a | n/a |
| nomad_driver_extra_configuration | dict | {} |
n/a | n/a |
| nomad_log_level | str | info |
n/a | n/a |
| nomad_enable_log_to_file | bool | False |
n/a | n/a |
| nomad_log_to_file_configuration | dict | {'log_file': '{{ nomad_logs_dir }}/nomad.log', 'log_rotate_duration': '24h', 'log_rotate_max_files': 30} |
n/a | n/a |
| nomad_acl_configuration | dict | {'enabled': False, 'token_ttl': '30s', 'policy_ttl': '60s', 'role_ttl': '60s'} |
n/a | n/a |
| nomad_enable_tls | bool | False |
n/a | n/a |
| nomad_tls_configuration | dict | {'http': True, 'rpc': True, 'ca_file': '/etc/ssl/certs/ca-certificates.crt', 'cert_file': '{{ nomad_certs_dir }}/cert.pem', 'key_file': '{{ nomad_certs_dir }}/key.pem', 'verify_server_hostname': True} |
n/a | n/a |
| nomad_certificates_extra_files_dir | list | [] |
n/a | n/a |
| nomad_telemetry_configuration | dict | {'collection_interval': '10s', 'disable_hostname': False, 'use_node_name': False, 'publish_allocation_metrics': False, 'publish_node_metrics': False, 'prefix_filter': [], 'disable_dispatched_job_summary_metrics': False, 'prometheus_metrics': False} |
n/a | n/a |
| nomad_enable_consul_integration | bool | False |
n/a | n/a |
| nomad_consul_integration_configuration | dict | {'address': '127.0.0.1:8500', 'auto_advertise': True, 'ssl': False, 'token': '', 'tags': []} |
n/a | n/a |
| nomad_consul_integration_tls_configuration | dict | {'ca_file': '/etc/ssl/certs/ca-certificates.crt'} |
n/a | n/a |
| nomad_consul_integration_server_configuration | dict | {'server_auto_join': True} |
n/a | n/a |
| nomad_consul_integration_client_configuration | dict | {'client_auto_join': True, 'grpc_address': '127.0.0.1:8502'} |
n/a | n/a |
| nomad_consul_integration_client_tls_configuration | dict | {'grpc_ca_file': '/etc/ssl/certs/ca-certificates.crt'} |
n/a | n/a |
| nomad_enable_vault_integration | bool | False |
n/a | n/a |
| nomad_vault_integration_configuration | dict | {} |
n/a | n/a |
Vars
These are variables with higher priority
File: vars/main.yml
| Var | Type | Value | Required | Title |
|---|---|---|---|---|
| nomad_user | str | nomad |
n/a | n/a |
| nomad_group | str | nomad |
n/a | n/a |
| nomad_binary_path | str | /usr/local/bin/nomad |
n/a | n/a |
| nomad_deb_architecture_map | dict | {'x86_64': 'amd64', 'aarch64': 'arm64', 'armv7l': 'arm', 'armv6l': 'arm'} |
n/a | n/a |
| nomad_architecture | str | {{ nomad_deb_architecture_map[ansible_architecture] | default(ansible_architecture) }} |
n/a | n/a |
| nomad_service_name | str | nomad |
n/a | n/a |
| nomad_github_api | str | https://api.github.com/repos |
n/a | n/a |
| nomad_github_project | str | hashicorp/nomad |
n/a | n/a |
| nomad_github_url | str | https://github.com |
n/a | n/a |
| nomad_repository_url | str | https://releases.hashicorp.com/nomad |
n/a | n/a |
| nomad_configuration | dict | {'datacenter': '{{ nomad_datacenter }}', 'region': '{{ nomad_region }}', 'data_dir': '{{ nomad_data_dir }}', 'leave_on_interrupt': '{{ nomad_leave_on_interrupt }}', 'leave_on_terminate': '{{ nomad_leave_on_terminate }}', 'acl': '{{ nomad_acl_configuration }}', 'server': '{{ nomad_server_configuration }}', 'client': '{{ nomad_client_configuration }}', 'ui': '{{ nomad_ui_configuration }}', 'log_level': '{{ nomad_log_level }}'} |
n/a | n/a |
| nomad_configuration_string | str | <multiline value> |
n/a | n/a |
Tasks
File: tasks/recursive_copy_extra_dirs.yml
| Name | Module | Has Conditions |
|---|---|---|
| Nomad | Ensure destination directory exists | ansible.builtin.file | False |
| Nomad | Create extra directory sources | ansible.builtin.file | True |
| Nomad | Template extra directory sources | ansible.builtin.template | True |
File: tasks/merge_variables.yml
| Name | Module | Has Conditions |
|---|---|---|
| Nomad | Merge stringified configuration | vars | False |
| Nomad | Merge addresses configuration | vars | False |
| Nomad | Merge consul integration configuration | block | True |
| Nomad | Merge consul tls configuration | block | True |
| Nomad | Merge consul default client configuration | vars | False |
| Nomad | Merge consul configuration for nomad servers | block | True |
| Nomad | Merge consul default server configuration | vars | False |
| Nomad | Merge consul configuration for nomad clients | block | True |
| Nomad | Merge consul default client configuration | vars | False |
| Nomad | Merge consul tls client configuration | vars | True |
| Nomad | Merge consul block into main configuration | vars | False |
| Nomad | Merge TLS configuration | block | True |
| Nomad | Merge TLS configuration | vars | False |
| Nomad | Add certificates directory to extra_files_dir | ansible.builtin.set_fact | False |
| Nomad | Merge plugin configuration | vars | True |
| Nomad | Merge extra configuration settings | vars | False |
| Nomad | Merge log to file configuration | vars | True |
| Nomad | Merge telemetry configuration | vars | False |
File: tasks/main.yml
| Name | Module | Has Conditions |
|---|---|---|
| Nomad | Set reload-check & restart-check variable | ansible.builtin.set_fact | False |
| Nomad | Import merge_variables.yml | ansible.builtin.include_tasks | False |
| Nomad | Import prerequisites.yml | ansible.builtin.include_tasks | False |
| Nomad | Import install.yml | ansible.builtin.include_tasks | False |
| Nomad | Import configure.yml | ansible.builtin.include_tasks | False |
| Nomad | Populate service facts | ansible.builtin.service_facts | False |
| Nomad | Set restart-check variable | ansible.builtin.set_fact | True |
| Nomad | Enable service: {{ nomad_service_name }} | ansible.builtin.service | False |
| Nomad | Reload systemd daemon | ansible.builtin.systemd | True |
| Nomad | Start service: {{ nomad_service_name }} | ansible.builtin.service | True |
File: tasks/install.yml
| Name | Module | Has Conditions |
|---|---|---|
| Nomad | Get latest release of nomad | block | True |
| Nomad | Get latest nomad release from github api | ansible.builtin.uri | False |
| Nomad | Set wanted nomad version to latest tag | ansible.builtin.set_fact | False |
| Nomad | Set wanted nomad version to {{ nomad_version }} | ansible.builtin.set_fact | True |
| Nomad | Get current nomad version | block | False |
| Nomad | Stat nomad version file | ansible.builtin.stat | False |
| Nomad | Get current nomad version | ansible.builtin.slurp | True |
| Nomad | Download and install nomad binary | block | True |
| Nomad | Set nomad package name to download | ansible.builtin.set_fact | False |
| Nomad | Download checksum file for nomad archive | ansible.builtin.get_url | False |
| Nomad | Extract correct checksum from checksum file | ansible.builtin.command | False |
| Nomad | Parse the expected checksum | ansible.builtin.set_fact | False |
| Nomad | Download nomad binary archive | ansible.builtin.get_url | False |
| Nomad | Create temporary directory for archive decompression | ansible.builtin.file | False |
| Nomad | Unpack nomad archive | ansible.builtin.unarchive | False |
| Nomad | Copy nomad binary to {{ nomad_binary_path }} | ansible.builtin.copy | False |
| Nomad | Update nomad version file | ansible.builtin.copy | False |
| Nomad | Set restart-check variable | ansible.builtin.set_fact | False |
| Nomad | Cleanup temporary directory | ansible.builtin.file | False |
| Nomad | Copy systemd service file for nomad | ansible.builtin.template | False |
| Nomad | Set reload-check & restart-check variable | ansible.builtin.set_fact | True |
File: tasks/prerequisites.yml
| Name | Module | Has Conditions |
|---|---|---|
| Nomad | Create group {{ nomad_group }} | ansible.builtin.group | False |
| Nomad | Create user {{ nomad_user }} | ansible.builtin.user | False |
| Nomad | Create directory {{ nomad_config_dir }} | ansible.builtin.file | False |
| Nomad | Create directory {{ nomad_data_dir }} | ansible.builtin.file | False |
| Nomad | Create directory {{ nomad_certs_dir }} | ansible.builtin.file | False |
| Nomad | Create directory {{ nomad_logs_dir }} | ansible.builtin.file | True |
File: tasks/configure.yml
| Name | Module | Has Conditions |
|---|---|---|
| Nomad | Create nomad.env | ansible.builtin.template | False |
| Nomad | Copy nomad.json template | ansible.builtin.template | False |
| Nomad | Set restart-check variable | ansible.builtin.set_fact | True |
| Nomad | Copy extra configuration files | block | True |
| Nomad | Get extra file types | ansible.builtin.stat | False |
| Nomad | Set list for file sources | vars | True |
| Nomad | Set list for directory sources | vars | True |
| Nomad | Template extra file sources | ansible.builtin.template | True |
| Nomad | Template extra directory sources | ansible.builtin.include_tasks | True |
Author Information
Bertrand Lanson
License
license (BSD, MIT)
Minimum Ansible Version
2.10
Platforms
- Ubuntu: ['focal', 'jammy', 'noble']
- Debian: ['bullseye', 'bookworm']