luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-nomad/e2e/terraform/nomad.tf
Tim Gross 566dae7b19
e2e: add flag to bootstrap Nomad ACLs (#8961) 
Adds a `nomad_acls` flag to our Terraform stack that bootstraps Nomad ACLs via
a `local-exec` provider. There's no way to set the `NOMAD_TOKEN` in the Nomad
TF provider if we're bootstrapping in the same Terraform stack, so instead of
using `resource.nomad_acl_token`, we also bootstrap a wide-open anonymous
policy. The resulting management token is exported as an environment var with
`$(terraform output environment)` and tests that want stricter ACLs will be
able to write them using that token.

This should also provide a basis to do similar work with Consul ACLs in the
future.
2020-09-28 09:22:36 -04:00

104 lines
3.8 KiB
HCL
Raw Blame History

module "nomad_server" {
source = "./provision-nomad"
depends_on = [aws_instance.server]
count = var.server_count
platform = "linux_amd64"
profile = var.profile
role = "server"
index = count.index
# The specific version of Nomad deployed will default to whichever one of
# nomad_sha, nomad_version, or nomad_local_binary is set, but if you want to
# deploy multiple versions you can use the nomad_*_server variables to
# provide a list of builds
nomad_version = count.index < length(var.nomad_version_server) ? var.nomad_version_server[count.index] : var.nomad_version
nomad_sha = count.index < length(var.nomad_sha_server) ? var.nomad_sha_server[count.index] : var.nomad_sha
nomad_local_binary = count.index < length(var.nomad_local_binary_server) ? var.nomad_local_binary_server[count.index] : var.nomad_local_binary
nomad_enterprise = var.nomad_enterprise
nomad_acls = var.nomad_acls
connection = {
type = "ssh"
user = "ubuntu"
host = "${aws_instance.server[count.index].public_ip}"
port = 22
private_key = "${path.root}/keys/${local.random_name}.pem"
}
}
# TODO: split out the different Linux targets (ubuntu, centos, arm, etc.) when
# they're available
module "nomad_client_linux" {
source = "./provision-nomad"
depends_on = [aws_instance.client_linux]
count = var.client_count
platform = "linux_amd64"
profile = var.profile
role = "client-linux"
index = count.index
# The specific version of Nomad deployed will default to whichever one of
# nomad_sha, nomad_version, or nomad_local_binary is set, but if you want to
# deploy multiple versions you can use the nomad_*_client_linux
# variables to provide a list of builds
nomad_version = count.index < length(var.nomad_version_client_linux) ? var.nomad_version_client_linux[count.index] : var.nomad_version
nomad_sha = count.index < length(var.nomad_sha_client_linux) ? var.nomad_sha_client_linux[count.index] : var.nomad_sha
nomad_local_binary = count.index < length(var.nomad_local_binary_client_linux) ? var.nomad_local_binary_client_linux[count.index] : var.nomad_local_binary
nomad_enterprise = var.nomad_enterprise
nomad_acls = false
connection = {
type = "ssh"
user = "ubuntu"
host = "${aws_instance.client_linux[count.index].public_ip}"
port = 22
private_key = "${path.root}/keys/${local.random_name}.pem"
}
}
# TODO: split out the different Windows targets (2016, 2019) when they're
# available
module "nomad_client_windows" {
source = "./provision-nomad"
depends_on = [aws_instance.client_windows]
count = var.windows_client_count
platform = "windows_amd64"
profile = var.profile
role = "client-windows"
index = count.index
# The specific version of Nomad deployed will default to whichever one of
# nomad_sha, nomad_version, or nomad_local_binary is set, but if you want to
# deploy multiple versions you can use the nomad_*_client_windows
# variables to provide a list of builds
nomad_version = count.index < length(var.nomad_version_client_windows) ? var.nomad_version_client_windows[count.index] : var.nomad_version
nomad_sha = count.index < length(var.nomad_sha_client_windows) ? var.nomad_sha_client_windows[count.index] : var.nomad_sha
# if nomad_local_binary is in use, you must pass a nomad_local_binary_client_windows!
nomad_local_binary = count.index < length(var.nomad_local_binary_client_windows) ? var.nomad_local_binary_client_windows[count.index] : ""
nomad_enterprise = var.nomad_enterprise
nomad_acls = false
connection = {
type = "ssh"
user = "Administrator"
host = "${aws_instance.client_windows[count.index].public_ip}"
port = 22
private_key = "${path.root}/keys/${local.random_name}.pem"
}
}
Reference in a new issue View git blame Copy permalink