job "telemetry-system" { datacenters = ["neptune"] type = "system" group "elasticsearch" { network { port "elastic" { static = 9200 } port "elastic_internal" { static = 9300 } } task "elastic" { driver = "docker" config { image = "docker.elastic.co/elasticsearch/elasticsearch:8.2.0" network_mode = "host" volumes = [ "/mnt/ssd/telemetry/es_data:/usr/share/elasticsearch/data", "secrets/elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12", ] ports = [ "elastic", "elastic_internal" ] sysctl = { #"vm.max_map_count" = "262144", } ulimit = { memlock = "9223372036854775807:9223372036854775807", } } user = "1000" resources { memory = 1500 cpu = 500 } template { data = "{{ key \"secrets/telemetry/elasticsearch/elastic-certificates.p12\" }}" destination = "secrets/elastic-certificates.p12" } template { data = <