diff --git a/roles/nomad/defaults/main.yml b/roles/nomad/defaults/main.yml index e1e4b92..a086418 100644 --- a/roles/nomad/defaults/main.yml +++ b/roles/nomad/defaults/main.yml @@ -16,10 +16,37 @@ nomad_user: "{{ nomad_client_enabled | ternary('root', 'nomad') }}" # List of nomad servers (not clients !) nomad_servers: [] -# Should client be enabled -nomad_client_enabled: "{{ (inventory_hostname in nomad_servers) | ternary(False, True) }}" -# Should server be enabled -nomad_server_enabled: "{{ (inventory_hostname in nomad_servers) | ternary(True, False) }}" + +# Client related settings +nomad_client: + # Should client be enabled + enabled: "{{ (inventory_hostname in nomad_servers) | ternary(False, True) }}" + # hostçvolumes: + # - name: mysql + # path: /data/mysql + # read_only: False + host_volumes: [] + +# Server related settings +nomad_server: + # Should server be enabled + enabled: "{{ (inventory_hostname in nomad_servers) | ternary(True, False) }}" + # Expected number of servers to bootstrap the cluster. The default is to wait for all the servers + # listed in nomad_servers to be ready, and then to do the bootstrap + bootstrap_expect: "{{ nomad_servers | length }}" + # Encryption key to use to encrypt inter-server communications + # You can generate one with nomad operator keygen command. It must be the same + # on all the servers of the cluster. If not defined (the default), the trafic will + # not be encrypted + # encrypt: NVlG6VKgsTbMim041S5nbWmmaQKS7YchV+9G3XxcZDs= + +# ui related settings +nomad_ui: + enabled: True + # Consul and vault optional URL. This is just to add a shortcut in Nomad's UI + # consul_ui: https://consul.example.org + # vault_ui: https://vault.example.org + # Log level of the daemon nomad_log_level: INFO diff --git a/roles/nomad/handlers/main.yml b/roles/nomad/handlers/main.yml index 34f89ac..008dc03 100644 --- a/roles/nomad/handlers/main.yml +++ b/roles/nomad/handlers/main.yml @@ -3,6 +3,7 @@ - name: restart nomad service: name=nomad state=restarted when: nomad_service_started is not defined or not nomad_service_started.changed + throttle: 1 - name: reload nomad service: name=nomad state=reloaded diff --git a/roles/nomad/templates/nomad.hcl.j2 b/roles/nomad/templates/nomad.hcl.j2 index 9a7f0ee..ec49052 100644 --- a/roles/nomad/templates/nomad.hcl.j2 +++ b/roles/nomad/templates/nomad.hcl.j2 @@ -1,6 +1,7 @@ data_dir = "{{ nomad_root_dir }}/data" log_level = "{{ nomad_log_level }}" bind_addr = "0.0.0.0" + advertise { {% for service in nomad_services.keys() | list %} {% if nomad_services[service].advertise is defined %} @@ -8,27 +9,60 @@ advertise { {% endif %} {% endfor %} } + ports { {% for service in nomad_services.keys() | list %} {{ service }} = {{ nomad_services[service].port }} {% endfor %} } + +{% if nomad_server.enabled %} server { - enabled = {{ nomad_server_enabled | ternary('true','false') }} - bootstrap_expect = {{ nomad_servers | length }} + enabled = true + bootstrap_expect = {{ nomad_server.bootstrap_expect }} +{% if nomad_server.encrypt is defined %} + encrypt = "{{ nomad_server.encrypt }}" +{% endif %} server_join { retry_join = [ -{% for server in consul_servers %} +{% for server in nomad_servers %} "{{ server }}", {% endfor %} ] } } + +{% if nomad_client.enabled %} client { - enabled = {{ nomad_client_enabled | ternary('true','false') }} + enabled = true servers = [ -{% for server in consul_servers %} +{% for server in nomad_servers %} "{{ server }}", {% endfor %} ] +{% for volume in nomad_client.host_volumes %} + host_volume "{{ volume.name }}" { + path = "{{ volume.path }}" +{% if volume.read_only is defined %} + read_only = "{{ volume.read_only | ternary('true', 'false') }} +{% endif %} + } +{% endfor %} } +{% endif %} + +{% if nomad_ui.enabled %} +ui { + enabled = true +{% if nomad_ui.consul_ui is defined %} + consul { + ui_url = "{{ nomad_ui.consul_ui }}" + } +{% endif %} +{% if nomad_ui.vault_ui is defined %} + vault { + ui_url = "{{ nomad_ui.vault_ui }}" + } +{% endif %} +} +{% endif %}