Add ability to add actions and schedule them for services

This commit is contained in:
IamTheFij 2024-10-02 11:26:57 -07:00
parent 9d7a8029c1
commit 8641bd50e1
4 changed files with 85 additions and 0 deletions

View File

@ -14,6 +14,7 @@ resource "nomad_job" "service" {
constraints = var.constraints constraints = var.constraints
docker_devices = var.docker_devices docker_devices = var.docker_devices
user = var.user user = var.user
actions = var.actions
service_port = var.service_port service_port = var.service_port
service_port_static = var.service_port_static service_port_static = var.service_port_static
@ -245,3 +246,33 @@ module "oidc_client" {
task = var.name task = var.name
} }
} }
# Action cron jobs
resource "nomad_job" "action_cron" {
for_each = tomap({ for action in var.actions : action.name => action if action.cron != null })
jobspec = templatefile("${path.module}/service_scheduled.nomad", {
name = var.name
action_name = each.value.name
action_cron = each.value.cron
})
}
resource "nomad_acl_policy" "action_cron_workload_policy" {
for_each = resource.nomad_job.action_cron
name = "service-action-${each.value.id}"
description = "Give custom service cron actions access to execute actions."
rules_hcl = <<EOH
namespace "default" {
capabilities = [
"list-jobs",
"read-job",
"alloc-exec",
]
}
EOH
job_acl {
job_id = each.value.id
}
}

View File

@ -0,0 +1,35 @@
job "${name}-${action_name}" {
region = "global"
datacenters = ["dc1"]
type = "batch"
periodic {
cron = "${action_cron}"
}
group "main" {
task "${action_name}" {
driver = "docker"
config {
image = "hashicorp/nomad:$${attr.nomad.version}"
args = [
"job",
"action",
"-job",
"${name}",
"-group",
"${name}",
"-task",
"${name}",
"${action_name}"
]
}
identity {
env = true
}
}
}
}

View File

@ -185,6 +185,14 @@ job "${name}" {
%{~ endfor ~} %{~ endfor ~}
} }
%{~ endif ~} %{~ endif ~}
%{~ for action in actions }
action "${action.name}" {
command = "${action.command}"
%{~ if length(action.args) > 0 ~}
args = ${jsonencode(action.args)}
%{~ endif ~}
}
%{~ endfor ~}
%{~ for volume in host_volumes } %{~ for volume in host_volumes }
volume_mount { volume_mount {
volume = "${volume.name}" volume = "${volume.name}"

View File

@ -284,6 +284,17 @@ variable "use_wesher" {
default = true default = true
} }
variable "actions" {
description = "Nomad actions that should be part of the main task"
type = list(object({
name = string
command = string
args = optional(list(string))
cron = optional(string)
}))
default = []
}
variable "service_check" { variable "service_check" {
description = "Health check for main ingress service" description = "Health check for main ingress service"
type = object({ type = object({