diff --git a/command/agent/config-test-fixtures/basic.hcl b/command/agent/config-test-fixtures/basic.hcl
index f5f1380e0..11a9e3f89 100644
--- a/command/agent/config-test-fixtures/basic.hcl
+++ b/command/agent/config-test-fixtures/basic.hcl
@@ -96,6 +96,7 @@ consul {
ca_file = "/path/to/ca/file"
cert_file = "/path/to/cert/file"
key_file = "/path/to/key/file"
- server_auto_join = true
- client_auto_join = true
+ server_auto_join = false
+ client_auto_join = false
+ auto_advertise = false
}
diff --git a/command/agent/config.go b/command/agent/config.go
index 59259f7e2..dc43217b3 100644
--- a/command/agent/config.go
+++ b/command/agent/config.go
@@ -394,6 +394,8 @@ func DefaultConfig() *Config {
ServerServiceName: "nomad",
ClientServiceName: "nomad-client",
AutoAdvertise: true,
+ ServerAutoJoin: true,
+ ClientAutoJoin: true,
Timeout: 5 * time.Second,
},
Client: &ClientConfig{
diff --git a/command/agent/config_parse_test.go b/command/agent/config_parse_test.go
index 2e74e50ee..d93443058 100644
--- a/command/agent/config_parse_test.go
+++ b/command/agent/config_parse_test.go
@@ -113,8 +113,9 @@ func TestConfig_Parse(t *testing.T) {
CAFile: "/path/to/ca/file",
CertFile: "/path/to/cert/file",
KeyFile: "/path/to/key/file",
- ServerAutoJoin: true,
- ClientAutoJoin: true,
+ ServerAutoJoin: false,
+ ClientAutoJoin: false,
+ AutoAdvertise: false,
},
HTTPAPIResponseHeaders: map[string]string{
"Access-Control-Allow-Origin": "*",
diff --git a/nomad/structs/config/consul.go b/nomad/structs/config/consul.go
index c83eae7aa..4edbf4855 100644
--- a/nomad/structs/config/consul.go
+++ b/nomad/structs/config/consul.go
@@ -35,7 +35,7 @@ type ConsulConfig struct {
// Timeout is used by Consul HTTP Client
Timeout time.Duration `mapstructure:"timeout"`
- // Token is used to provide a per-request ACL token.This options overrides
+ // Token is used to provide a per-request ACL token. This options overrides
// the agent's default token
Token string `mapstructure:"token"`
diff --git a/website/source/docs/agent/config.html.md b/website/source/docs/agent/config.html.md
index 4df2895d4..efa755493 100644
--- a/website/source/docs/agent/config.html.md
+++ b/website/source/docs/agent/config.html.md
@@ -67,6 +67,11 @@ client {
}
}
+consul {
+ # Consul's HTTP Address
+ address = "1.2.3.4:8500"
+}
+
atlas {
infrastructure = "hashicorp/mars"
token = "atlas.v1.AFE84330943"
@@ -170,6 +175,11 @@ nodes, unless otherwise specified:
reachable from all server nodes. It is not required that clients can reach
this address.
+* `consul`: The `consul` configuration block changes how Nomad interacts with
+ Consul. Nomad can automatically advertise Nomad services via Consul, and can
+ automatically bootstrap itself using Consul. For more details see the [`consul`
+ section](#consul_options).
+
* `telemetry`: Used to control how the Nomad agent exposes telemetry data to
external metrics collection servers. This is a key/value mapping and supports
the following keys:
@@ -209,6 +219,97 @@ nodes, unless otherwise specified:
}
```
+* `atlas`: See the [`atlas` options](#atlas_options) for more details.
+
+## Consul Options
+
+The following options are used to configure [Consul](https://www.consul.io)
+integration and are entirely optional.
+
+* `consul`: The top-level config key used to contain all Consul-related
+ configuration options. The value is a key/value map which supports the
+ following keys:
+
+ * `address`: The address to the local Consul agent given in the format of
+ `host:port`. Defaults to `127.0.0.1:8500`, which is the same as the Consul
+ default HTTP address.
+
+ * `token`: Token is used to provide a per-request ACL token. This options
+ overrides the Consul Agent's default token.
+
+ * `auth`: The auth information to use for http access to the Consul Agent
+ given as `username:password`.
+
+ * `ssl`: This boolean option sets the transport scheme to talk to the Consul
+ Agent as `https`. Defaults to `false`.
+
+ * `verify_ssl`: This option enables SSL verification when the transport
+ scheme for the Consul API client is `https`. Defaults to `true`.
+
+ * `ca_file`: Optional path to the CA certificate used for Consul
+ communication, defaults to the system bundle if not specified.
+
+ * `cert_file`: The path to the certificate used for Consul communication. If
+ this is set then you need to also set `key_file`.
+
+ * `key_file`: The path to the private key used for Consul communication. If
+ this is set then you need to also set `cert_file`.
+
+ * `server_service_name`: The name of the service that Nomad registers servers
+ with. Defaults to `nomad`.
+
+ * `client_service_name`: The name of the service that Nomad registers clients
+ with. Defaults to `nomad-client`.
+
+ * `auto_advertise`: When enabled Nomad advertises its services to Consul. The
+ services are named according to `server_service_name` and
+ `client_service_name`. Nomad Servers and Clients advertise their respective
+ services, each tagged appropriately with either `http` or `rpc` tag. Nomad
+ Servers also advertise a `serf` tagged service. Defaults to `true`.
+
+ * `server_auto_join`: Servers will automatically discover and join other
+ Nomad Servers by searching for the Consul service name defined in the
+ `server_service_name` option. This search only happens if the Server does
+ not have a leader. Defaults to `true`.
+
+ * `client_auto_join`: Client will automatically discover Servers in the
+ Client's region by searching for the Consul service name defined in the
+ `server_service_name` option. The search occurs if the Client is not
+ registered with any Servers or it is unable to heartbeat to the leader of
+ the region, in which case it may be partitioned and searches for other
+ Servers. Defaults to `true`
+
+When `server_auto_join`, `client_auto_join` and `auto_advertise` are all
+enabled, which is by default, and Consul is available, the Nomad cluster will
+self-bootstrap.
+
+## Atlas Options
+
+**NOTE**: Nomad integration with Atlas is awaiting release of Atlas features
+for Nomad support. Nomad currently only validates configuration options for
+Atlas but does not use them.
+See [#183](https://github.com/hashicorp/nomad/issues/183) for more details.
+
+The following options are used to configure [Atlas](https://atlas.hashicorp.com)
+integration and are entirely optional.
+
+* `atlas`: The top-level config key used to contain all Atlas-related
+ configuration options. The value is a key/value map which supports the
+ following keys:
+
+ * `infrastructure`: The Atlas infrastructure name to
+ connect this agent to. This value should be of the form
+ `/`, and requires a valid [token](#token) authorized on
+ the infrastructure.
+ * `token`: The Atlas token to use for authentication. This
+ token should have access to the provided [infrastructure](#infrastructure).
+ * `join`: A boolean indicating if the auto-join feature of
+ Atlas should be enabled. Defaults to `false`.
+ * `endpoint`: The address of the Atlas instance to connect to. Defaults to the
+ public Atlas endpoint and is only used if both
+ [infrastructure](#infrastructure) and [token](#token) are provided.
+
+
## Server-specific Options
The following options are applicable to server agents only and need not be
@@ -328,30 +429,13 @@ configured on server nodes.
to reserve on all fingerprinted network devices. Ranges can be
specified by using a hyphen separated the two inclusive ends.
-### Client Options Map
+### Client Options Map
The following is not an exhaustive list of options that can be passed to the
Client, but rather the set of options that configure the Client and not the
drivers. To find the options supported by an individual driver, see the drivers
documentation [here](/docs/drivers/index.html)
-* `consul.address`: The address to the local Consul agent given in the format of
- `host:port`. The default is the same as the Consul default address,
- `127.0.0.1:8500`.
-
-* `consul.token`: Token is used to provide a per-request ACL token.This options
- overrides the agent's default token
-
-* `consul.auth`: The auth information to use for http access to the Consul
- Agent.
-
-* `consul.ssl`: This boolean option sets the transport scheme to talk to the Consul
- Agent as `https`. This option is unset by default and so the default transport
- scheme for the consul api client is `http`.
-
-* `consul.verifyssl`: This option enables SSL verification when the transport
- scheme for the Consul API client is `https`. This is set to true by default.
-
* `driver.whitelist`: A comma separated list of whitelisted drivers (e.g.
"docker,qemu"). If specified, drivers not in the whitelist will be disabled.
If the whitelist is empty, all drivers are fingerprinted and enabled where
@@ -387,33 +471,7 @@ documentation [here](/docs/drivers/index.html)
If specified, fingerprinters not in the whitelist will be disabled. If the
whitelist is empty, all fingerprinters are used.
-## Atlas Options
-
-**NOTE**: Nomad integration with Atlas is awaiting release of Atlas features
-for Nomad support. Nomad currently only validates configuration options for
-Atlas but does not use them.
-See [#183](https://github.com/hashicorp/nomad/issues/183) for more details.
-
-The following options are used to configure [Atlas](https://atlas.hashicorp.com)
-integration and are entirely optional.
-
-* `atlas`: The top-level config key used to contain all Atlas-related
- configuration options. The value is a key/value map which supports the
- following keys:
-
- * `infrastructure`: The Atlas infrastructure name to
- connect this agent to. This value should be of the form
- `/`, and requires a valid [token](#token) authorized on
- the infrastructure.
- * `token`: The Atlas token to use for authentication. This
- token should have access to the provided [infrastructure](#infrastructure).
- * `join`: A boolean indicating if the auto-join feature of
- Atlas should be enabled. Defaults to `false`.
- * `endpoint`: The address of the Atlas instance to connect to. Defaults to the
- public Atlas endpoint and is only used if both
- [infrastructure](#infrastructure) and [token](#token) are provided.
-
-## Command-line Options
+## Command-line Options
A subset of the available Nomad agent configuration can optionally be passed in
via CLI arguments. The `agent` command accepts the following arguments:
diff --git a/website/source/docs/jobspec/servicediscovery.html.md b/website/source/docs/jobspec/servicediscovery.html.md
index ca18cfef3..00b0752b9 100644
--- a/website/source/docs/jobspec/servicediscovery.html.md
+++ b/website/source/docs/jobspec/servicediscovery.html.md
@@ -20,37 +20,8 @@ Nomad does not currently run Consul for you.
## Configuration
-* `consul.address`: This is a Nomad client configuration which can be used to
- override the default Consul Agent HTTP port that Nomad uses to connect to
- Consul. The default for this is `127.0.0.1:8500`.
-
-* `consul.token`: Token is used to provide a per-request ACL token.This options
- overrides the agent's default token
-
-* `consul.auth`: The auth information to use for http access to the Consul
- Agent.
-
-* `consul.ssl`: This boolean option sets the transport scheme to talk to the Consul
- Agent as `https`. This option is unset by default and so the default transport
- scheme for the consul api client is `http`.
-
-* `consul.verifyssl`: This option enables SSL verification when the transport
- scheme for the Consul API client is `https`. This is set to true by default.
-
-* `consul.tls_ca_file`: The path to the CA certificate used for Consul communication.
- Set accordingly to the
- [ca_file](https://www.consul.io/docs/agent/options.html#ca_file) setting in
- Consul.
-
-* `consul.tls_cert_file`: The path to the certificate for Consul communication. Set
- accordingly
- [cert_file](https://www.consul.io/docs/agent/options.html#cert_file) in
- Consul.
-
-* `consul.tls_key_file`: The path to the private key for Consul communication.
- Set accordingly to the
- [key_file](https://www.consul.io/docs/agent/options.html#key_file) setting in
- Consul.
+To configure Consul integration please see the Agent's configuration
+[here](/docs/agent/config.html#consul_options).
## Service Definition Syntax