Add ability to add actions and schedule them for services
This commit is contained in:
parent
9d7a8029c1
commit
8641bd50e1
@ -14,6 +14,7 @@ resource "nomad_job" "service" {
|
|||||||
constraints = var.constraints
|
constraints = var.constraints
|
||||||
docker_devices = var.docker_devices
|
docker_devices = var.docker_devices
|
||||||
user = var.user
|
user = var.user
|
||||||
|
actions = var.actions
|
||||||
|
|
||||||
service_port = var.service_port
|
service_port = var.service_port
|
||||||
service_port_static = var.service_port_static
|
service_port_static = var.service_port_static
|
||||||
@ -245,3 +246,33 @@ module "oidc_client" {
|
|||||||
task = var.name
|
task = var.name
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Action cron jobs
|
||||||
|
resource "nomad_job" "action_cron" {
|
||||||
|
for_each = tomap({ for action in var.actions : action.name => action if action.cron != null })
|
||||||
|
jobspec = templatefile("${path.module}/service_scheduled.nomad", {
|
||||||
|
name = var.name
|
||||||
|
action_name = each.value.name
|
||||||
|
action_cron = each.value.cron
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "nomad_acl_policy" "action_cron_workload_policy" {
|
||||||
|
for_each = resource.nomad_job.action_cron
|
||||||
|
|
||||||
|
name = "service-action-${each.value.id}"
|
||||||
|
description = "Give custom service cron actions access to execute actions."
|
||||||
|
rules_hcl = <<EOH
|
||||||
|
namespace "default" {
|
||||||
|
capabilities = [
|
||||||
|
"list-jobs",
|
||||||
|
"read-job",
|
||||||
|
"alloc-exec",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
EOH
|
||||||
|
|
||||||
|
job_acl {
|
||||||
|
job_id = each.value.id
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
35
services/service/service_scheduled.nomad
Normal file
35
services/service/service_scheduled.nomad
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
job "${name}-${action_name}" {
|
||||||
|
region = "global"
|
||||||
|
datacenters = ["dc1"]
|
||||||
|
|
||||||
|
type = "batch"
|
||||||
|
|
||||||
|
periodic {
|
||||||
|
cron = "${action_cron}"
|
||||||
|
}
|
||||||
|
|
||||||
|
group "main" {
|
||||||
|
task "${action_name}" {
|
||||||
|
driver = "docker"
|
||||||
|
|
||||||
|
config {
|
||||||
|
image = "hashicorp/nomad:$${attr.nomad.version}"
|
||||||
|
args = [
|
||||||
|
"job",
|
||||||
|
"action",
|
||||||
|
"-job",
|
||||||
|
"${name}",
|
||||||
|
"-group",
|
||||||
|
"${name}",
|
||||||
|
"-task",
|
||||||
|
"${name}",
|
||||||
|
"${action_name}"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
identity {
|
||||||
|
env = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -185,6 +185,14 @@ job "${name}" {
|
|||||||
%{~ endfor ~}
|
%{~ endfor ~}
|
||||||
}
|
}
|
||||||
%{~ endif ~}
|
%{~ endif ~}
|
||||||
|
%{~ for action in actions }
|
||||||
|
action "${action.name}" {
|
||||||
|
command = "${action.command}"
|
||||||
|
%{~ if length(action.args) > 0 ~}
|
||||||
|
args = ${jsonencode(action.args)}
|
||||||
|
%{~ endif ~}
|
||||||
|
}
|
||||||
|
%{~ endfor ~}
|
||||||
%{~ for volume in host_volumes }
|
%{~ for volume in host_volumes }
|
||||||
volume_mount {
|
volume_mount {
|
||||||
volume = "${volume.name}"
|
volume = "${volume.name}"
|
||||||
|
|||||||
@ -284,6 +284,17 @@ variable "use_wesher" {
|
|||||||
default = true
|
default = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "actions" {
|
||||||
|
description = "Nomad actions that should be part of the main task"
|
||||||
|
type = list(object({
|
||||||
|
name = string
|
||||||
|
command = string
|
||||||
|
args = optional(list(string))
|
||||||
|
cron = optional(string)
|
||||||
|
}))
|
||||||
|
default = []
|
||||||
|
}
|
||||||
|
|
||||||
variable "service_check" {
|
variable "service_check" {
|
||||||
description = "Health check for main ingress service"
|
description = "Health check for main ingress service"
|
||||||
type = object({
|
type = object({
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user