Alex
a21493745d
Diplonat update prevents unnecessary flapping of autodiscovered ip addresses, which was the cause of useless restarts of the garage daemon. But in principle we want Garage to be restarted if the ipv6 address changes as it indicates changes in the network.
69 lines
1.5 KiB
HCL
69 lines
1.5 KiB
HCL
job "core-diplonat" {
|
|
datacenters = ["neptune", "scorpio", "bespin"]
|
|
type = "system"
|
|
priority = 90
|
|
|
|
update {
|
|
max_parallel = 2
|
|
stagger = "1m"
|
|
}
|
|
|
|
group "diplonat" {
|
|
task "diplonat" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "lxpz/amd64_diplonat:7"
|
|
network_mode = "host"
|
|
readonly_rootfs = true
|
|
privileged = true
|
|
volumes = [
|
|
"secrets:/etc/diplonat",
|
|
]
|
|
}
|
|
|
|
restart {
|
|
interval = "5m"
|
|
attempts = 10
|
|
delay = "15s"
|
|
mode = "delay"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/consul/consul.crt\" }}"
|
|
destination = "secrets/consul.crt"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/consul/consul-client.crt\" }}"
|
|
destination = "secrets/consul-client.crt"
|
|
}
|
|
|
|
template {
|
|
data = "{{ key \"secrets/consul/consul-client.key\" }}"
|
|
destination = "secrets/consul-client.key"
|
|
}
|
|
|
|
template {
|
|
data = <<EOH
|
|
DIPLONAT_REFRESH_TIME=60
|
|
DIPLONAT_EXPIRATION_TIME=300
|
|
DIPLONAT_CONSUL_NODE_NAME={{ env "attr.unique.hostname" }}
|
|
DIPLONAT_CONSUL_URL=https://consul.service.prod.consul:8501
|
|
DIPLONAT_CONSUL_TLS_SKIP_VERIFY=true
|
|
DIPLONAT_CONSUL_CLIENT_CERT=/etc/diplonat/consul-client.crt
|
|
DIPLONAT_CONSUL_CLIENT_KEY=/etc/diplonat/consul-client.key
|
|
RUST_LOG=debug
|
|
EOH
|
|
destination = "secrets/env"
|
|
env = true
|
|
}
|
|
|
|
resources {
|
|
memory = 100
|
|
memory_max = 200
|
|
}
|
|
}
|
|
}
|
|
}
|