hjess/LifeFaq
1
0
Fork 0
generated from hjess/PythonTemplateProject
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Nomad stuff
Some checks are pending
Build, Push, and Deploy to Nomad / docker-nomad (push) Waiting to run
Details

Browse Source
This commit is contained in:
Henrik Jess Nielsen
2025-10-05 15:53:10 +02:00
parent 6e97805eea
commit 0747579dcf
9 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
Depriced/README-nomad-job.md Normal file
View File

@@ -0,0 +1,88 @@
### **Top-Level Job Configuration**
#### `job`
- **Purpose**: Defines the Nomad job.
- **Attributes**:
- `region`: Specifies the Nomad region where the job should run. [Reference: Nomad Regions](https://developer.hashicorp.com/nomad/docs/regions)
- `datacenters`: Lists the datacenters in which the job is eligible to run. [Reference: Job Placement](https://developer.hashicorp.com/nomad/docs/job-specification/datacenters)
- `type`: Defines the job type (`service` in this case). Service jobs are typically long-running. [Reference: Job Types](https://developer.hashicorp.com/nomad/docs/job-specification/job)
---
### **Update Block**
#### `update`
- **Purpose**: Specifies rolling update strategy for service jobs.
- **Attributes**:
- `stagger`: Time between starting updates for each allocation.
- `max_parallel`: Number of allocations to update simultaneously.
- `progress_deadline`: Time to wait for a deployment to progress before failing.
- [Reference: Update Stanza](https://developer.hashicorp.com/nomad/docs/job-specification/update)
---
### **Group Configuration**
#### `group`
- **Purpose**: Defines a group of tasks that should be placed together on the same node.
- **Attributes**:
- `count`: Number of task groups to run.
- [Reference: Task Group](https://developer.hashicorp.com/nomad/docs/job-specification/group)
---
### **Network Configuration**
#### `network`
- **Purpose**: Specifies networking requirements for the task group.
- **Attributes**:
- `port`: Defines a named port mapping for the task group.
- `to`: Specifies the internal port the application listens to within the container.
- [Reference: Network Stanza](https://developer.hashicorp.com/nomad/docs/job-specification/network)
---
### **Consul Integration**
#### `service`
- **Purpose**: Registers the service with Consul for discovery.
- **Attributes**:
- `provider`: Specifies the service discovery provider (`consul`).
- `name`: The name of the service in Consul.
- `port`: References the named port defined in the `network` block.
- `tags`: Metadata tags to annotate the service (e.g., for routing in Traefik).
- `check`: Defines health check parameters for the service.
- `name`: Name of the health check.
- `type`: Health check type (`tcp` in this case).
- `interval`: Frequency of the health check.
- `timeout`: Maximum duration for the health check.
- [Reference: Consul Service Stanza](https://developer.hashicorp.com/nomad/docs/job-specification/service)
---
### **Task Configuration**
#### `task`
- **Purpose**: Defines a single executable unit of work.
- **Attributes**:
- `driver`: Specifies the driver (`docker` in this case).
- `config`: Driver-specific configuration.
- `image`: Docker image for the task.
- `ports`: References the named port defined in the `network` block.
- `env`: Sets environment variables for the task.
- `resources`: Specifies resource requirements for the task.
- `cpu`: CPU allocation in MHz.
- `memory`: Memory allocation in MB.
- [Reference: Task Stanza](https://developer.hashicorp.com/nomad/docs/job-specification/task)
---
### **Dynamic Port Allocation**
#### `${NOMAD_PORT_<port-label>}`
- **Purpose**: Refers to the dynamically allocated host port mapped to the internal container port.
- **Usage**: This is used in the `env` and `tags` sections to dynamically configure the application and Consul registration.
- [Reference: Port Variables](https://developer.hashicorp.com/nomad/docs/runtime/environment#ports)
---
### **Key Takeaways**
1. This job defines a **service** that runs as a Docker container, listens on a dynamically assigned port, and registers itself in **Consul** for service discovery.
2. The `network` stanza ensures that Nomad assigns a dynamic host port, while the `${NOMAD_PORT_<port-label>}` variable is used to pass this information to the container and Consul.
3. The `update` stanza ensures smooth rolling updates for the service.
For further details and advanced configurations, refer to the [Nomad Job Specification Documentation](https://developer.hashicorp.com/nomad/docs/job-specification).

63
Depriced/main.yml.tmpl Normal file
View File

@@ -0,0 +1,63 @@
name: Build, Push, and Deploy to Nomad
on:
push:
branches:
- main
jobs:
docker-nomad:
runs-on: self-hosted
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Log in to Container Registry
run: echo ${{ secrets.password }} | docker login registry.i80.dk -u ${{ secrets.username }} --password-stdin
- name: Build Docker Image
run: |
COMMIT_HASH=$(git rev-parse --short HEAD)
docker build -t registry.i80.dk/gitea/[[PROJECT_NAME]]:latest -t registry.i80.dk/gitea/[[PROJECT_NAME]]:${COMMIT_HASH} .
- name: Push Docker Image
run: |
COMMIT_HASH=$(git rev-parse --short HEAD)
echo "registry.i80.dk/gitea/[[PROJECT_NAME]]:latest"
echo "registry.i80.dk/gitea/[[PROJECT_NAME]]:${COMMIT_HASH}"
docker push registry.i80.dk/gitea/[[PROJECT_NAME]]:${COMMIT_HASH}
docker push registry.i80.dk/gitea/[[PROJECT_NAME]]:latest
- name: Validate Nomad Job
env:
NOMAD_ADDR: https://nomad.i80.dk
run: nomad job validate .gitea/workflows/nomad-job.hcl
# - name: Stop old deployment
# env:
# NOMAD_ADDR: https://nomad.i80.dk
# run: nomad job stop -purge -no-shutdown-delay [[PROJECT_NAME]]
# continue-on-error: true
- name: Apply Nomad Job
env:
NOMAD_ADDR: https://nomad.i80.dk
run: nomad job run .gitea/workflows/nomad-job.hcl
- name: Update Nginx Configuration
run: ssh runner@nomad sudo /opt/nginx_updater/venv/bin/python3 /opt/nginx_updater/nginx_updater.py [[PROJECT_NAME]]
- name: Update Forwarder Configuration
run: ssh runner@nomad sudo /opt/nginx_updater/venv/bin/python3 /opt/nginx_updater/update_forwarder.py [[PROJECT_NAME]]
# - name: Restart Nomad Job
# env:
# NOMAD_ADDR: https://nomad.i80.dk
# run: |
# nomad job stop [[PROJECT_NAME]]
# sleep 5 # Optional: Wait to ensure the old allocation is stopped
# nomad job run .gitea/workflows/nomad-job.hcl

61
Depriced/nomad-blue.hcl Normal file
View File

@@ -0,0 +1,61 @@
job "lifefaq-blue" {
region = "global"
datacenters = ["dc1"]
type = "service"
update {
stagger = "60s"
max_parallel = 1
progress_deadline = "6m"
}
group "lifefaq-blue-group" {
count = 1
network {
port "port-app" {
to = 9210 # Internal application port
}
}
# Register the service with Consul
service {
provider = "consul"
name = "lifefaq-blue"
port = "port-app"
# Traefik-specific tags for routing
tags = [
"PORT=${NOMAD_PORT_port-app}"
]
# Define a health check using TCP
check {
name = "tcp_check"
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
task "lifefaq-blue-task" {
driver = "docker"
config {
image = "registry.i80.dk/gitea/lifefaq:latest"
ports = ["port-app"]
}
env {
APP_ENV = "production"
PORT = "${NOMAD_PORT_port-app}"
}
resources {
cpu = 250
memory = 80
}
}
}
}

59
Depriced/nomad-job-blue.hcl Normal file
View File

@@ -0,0 +1,59 @@
job "lifefaq-blue" {
region = "global"
datacenters = ["dc1"]
type = "service"
update {
stagger = "60s"
max_parallel = 1
canary = 1
auto_revert = true
auto_promote = true
progress_deadline = "6m"
}
group "lifefaq-group" {
count = 1
network {
port "port-app" {
to = 9210
}
}
service {
provider = "consul"
name = "lifefaq"
port = "port-app"
tags = [
"blue",
"PORT=${NOMAD_PORT_port-app}"
]
check {
name = "tcp_check"
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
task "lifefaq-task" {
driver = "docker"
config {
image = "registry.i80.dk/gitea/lifefaq:blue"
ports = ["port-app"]
}
env {
APP_ENV = "production"
PORT = "${NOMAD_PORT_port-app}"
}
resources {
cpu = 250
memory = 80
}
}
}
}

59
Depriced/nomad-job-canary.hcl Normal file
View File

@@ -0,0 +1,59 @@
job "lifefaq-canary" {
region = "global"
datacenters = ["dc1"]
type = "service"
update {
stagger = "60s"
max_parallel = 1
canary = 1
auto_revert = true
auto_promote = true
progress_deadline = "6m"
}
group "lifefaq-group" {
count = 1
network {
port "port-app" {
to = 9210
}
}
service {
provider = "consul"
name = "lifefaq"
port = "port-app"
tags = [
"canary",
"PORT=${NOMAD_PORT_port-app}"
]
check {
name = "tcp_check"
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
task "lifefaq-task" {
driver = "docker"
config {
image = "registry.i80.dk/gitea/lifefaq:${COMMIT_HASH}"
ports = ["port-app"]
}
env {
APP_ENV = "production"
PORT = "${NOMAD_PORT_port-app}"
}
resources {
cpu = 250
memory = 80
}
}
}
}

59
Depriced/nomad-job-green.hcl Normal file
View File

@@ -0,0 +1,59 @@
job "lifefaq-green" {
region = "global"
datacenters = ["dc1"]
type = "service"
update {
stagger = "60s"
max_parallel = 1
canary = 1
auto_revert = true
auto_promote = true
progress_deadline = "6m"
}
group "lifefaq-group" {
count = 1
network {
port "port-app" {
to = 9210
}
}
service {
provider = "consul"
name = "lifefaq"
port = "port-app"
tags = [
"green",
"PORT=${NOMAD_PORT_port-app}"
]
check {
name = "tcp_check"
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
task "lifefaq-task" {
driver = "docker"
config {
image = "registry.i80.dk/gitea/lifefaq:green"
ports = ["port-app"]
}
env {
APP_ENV = "production"
PORT = "${NOMAD_PORT_port-app}"
}
resources {
cpu = 250
memory = 80
}
}
}
}

60
Depriced/nomad-job.hcl.tmpl Normal file
View File

@@ -0,0 +1,60 @@
job "[[PROJECT_NAME]]" {
region = "global"
datacenters = ["dc1"]
type = "service"
update {
stagger = "60s"
max_parallel = 1
progress_deadline = "6m"
}
group "[[PROJECT_NAME]]-group" {
count = 1
network {
port "port-app" {
to = [[PORT]] # Internal application port
}
}
# Register the service with Consul
service {
provider = "consul"
name = "[[PROJECT_NAME]]"
port = "port-app"
# Traefik-specific tags for routing
tags = [
"PORT=${NOMAD_PORT_port-app}"
]
# Define a health check using TCP
check {
name = "tcp_check"
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
task "[[PROJECT_NAME]]-task" {
driver = "docker"
config {
image = "registry.i80.dk/gitea/[[PROJECT_NAME]]:latest"
ports = ["port-app"]
}
env {
APP_ENV = "production"
PORT = "${NOMAD_PORT_port-app}"
}
resources {
cpu = 250
memory = 80
}
}
}
}

81
Depriced/waypoint.hcl Normal file
View File

@@ -0,0 +1,81 @@
project = "lifefaq"
app "lifefaq" {
build {
use "docker" {
image = "registry.i80.dk/gitea/lifefaq:latest"
}
}
deploy {
use "nomad" {
job = <<EOT
job "lifefaq" {
region = "global"
datacenters = ["dc1"]
type = "service"
update {
stagger = "60s"
max_parallel = 1
canary = 1
auto_revert = true
auto_promote = true
progress_deadline = "6m"
}
group "lifefaq-group" {
count = 1
network {
port "port-app" {
to = 9210 # Internal application port
}
}
service {
provider = "consul"
name = "lifefaq"
port = "port-app"
tags = [
"PORT=${NOMAD_PORT_port-app}"
]
check {
name = "tcp_check"
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
task "lifefaq-task" {
driver = "docker"
config {
image = "registry.i80.dk/gitea/lifefaq:latest"
ports = ["port-app"]
}
env {
APP_ENV = "production"
PORT = "${NOMAD_PORT_port-app}"
}
resources {
cpu = 250
memory = 80
}
}
}
}
EOT
}
}
release {
use "nomad" {
strategy = "bluegreen"
}
}