Clean up comments in setup cluster playbook
This commit is contained in:
parent
ecbd9626e8
commit
bd1280b970
@ -354,9 +354,6 @@
|
||||
|
||||
# Create networks for binding task ports
|
||||
nomad_host_networks:
|
||||
# - name: public
|
||||
# interface: eth0
|
||||
# reserved_ports: "22"
|
||||
- name: nomad-bridge
|
||||
interface: nomad
|
||||
reserved_ports: "22"
|
||||
@ -368,13 +365,17 @@
|
||||
nomad_acl_enabled: true
|
||||
|
||||
# Enable vault integration
|
||||
# HACK: Only talk to local Vault for now because it doesn't have HTTPS
|
||||
# TODO: Would be really great to hvae this over https and point to vault.consul.service
|
||||
# nomad_vault_address: "https://vault.service.consul:8200"
|
||||
# Right now, each node only talks to it's local Vault, so if that node is rebooted and
|
||||
# that vault is sealed, it will not have access to vault. This is a problem if a node
|
||||
# must reboot.
|
||||
nomad_vault_address: "http://127.0.0.1:8200"
|
||||
# TODO: This fails on first run because the Nomad-Vault integration can't be set up
|
||||
# until Nomad has started. Could maybe figure out if ACLs have been set up and leave
|
||||
# these out until the later play, maybe just bootstrap the nomad-cluster role in Vault
|
||||
# befor Nomad is set up
|
||||
# nomad_vault_address: "http://vault.service.consul:8200"
|
||||
# Only talk to local Vault for now because it doesn't have HTTPS
|
||||
nomad_vault_address: "http://127.0.0.1:8200"
|
||||
nomad_vault_create_from_role: "nomad-cluster"
|
||||
# TODO: (security) Probably want to restict this to a narrower scoped token
|
||||
nomad_vault_enabled: "{{ root_token is defined }}"
|
||||
|
Loading…
Reference in New Issue
Block a user