open-nomad/command/agent/testdata/basic.json
Seth Hoenig f030a22c7c command, docs: create and document consul token configuration for connect acls (gh-6716)
This change provides an initial pass at setting up the configuration necessary to
enable use of Connect with Consul ACLs. Operators will be able to pass in a Consul
Token through `-consul-token` or `$CONSUL_TOKEN` in the `job run` and `job revert`
commands (similar to Vault tokens).

These values are not actually used yet in this changeset.
2020-01-31 19:02:53 -06:00

316 lines
6.8 KiB
JSON

{
"acl": [
{
"enabled": true,
"policy_ttl": "60s",
"replication_token": "foobar",
"token_ttl": "60s"
}
],
"addresses": [
{
"http": "127.0.0.1",
"rpc": "127.0.0.2",
"serf": "127.0.0.3"
}
],
"advertise": [
{
"rpc": "127.0.0.3",
"serf": "127.0.0.4"
}
],
"autopilot": [
{
"cleanup_dead_servers": true,
"disable_upgrade_migration": true,
"enable_custom_upgrades": true,
"enable_redundancy_zones": true,
"last_contact_threshold": "12705s",
"max_trailing_logs": 17849,
"server_stabilization_time": "23057s"
}
],
"bind_addr": "192.168.0.1",
"client": [
{
"alloc_dir": "/tmp/alloc",
"chroot_env": [
{
"/opt/myapp/bin": "/bin",
"/opt/myapp/etc": "/etc"
}
],
"client_max_port": 2000,
"client_min_port": 1000,
"cpu_total_compute": 4444,
"disable_remote_exec": true,
"enabled": true,
"gc_disk_usage_threshold": 82,
"gc_inode_usage_threshold": 91,
"gc_interval": "6s",
"gc_max_allocs": 50,
"gc_parallel_destroys": 6,
"host_volume": [
{
"tmp": [
{
"path": "/tmp"
}
]
}
],
"max_kill_timeout": "10s",
"meta": [
{
"baz": "zip",
"foo": "bar"
}
],
"network_interface": "eth0",
"network_speed": 100,
"no_host_uuid": false,
"node_class": "linux-medium-64bit",
"options": [
{
"baz": "zip",
"foo": "bar"
}
],
"reserved": [
{
"cpu": 10,
"disk": 10,
"memory": 10,
"reserved_ports": "1,100,10-12"
}
],
"server_join": [
{
"retry_interval": "15s",
"retry_join": [
"1.1.1.1",
"2.2.2.2"
],
"retry_max": 3
}
],
"servers": [
"a.b.c:80",
"127.0.0.1:1234"
],
"state_dir": "/tmp/client-state",
"stats": [
{
"collection_interval": "5s",
"data_points": 35
}
]
}
],
"consul": [
{
"address": "127.0.0.1:9500",
"allow_unauthenticated": true,
"auth": "username:pass",
"auto_advertise": true,
"ca_file": "/path/to/ca/file",
"cert_file": "/path/to/cert/file",
"checks_use_advertise": true,
"client_auto_join": true,
"client_http_check_name": "nomad-client-http-health-check",
"client_service_name": "nomad-client",
"key_file": "/path/to/key/file",
"server_auto_join": true,
"server_http_check_name": "nomad-server-http-health-check",
"server_rpc_check_name": "nomad-server-rpc-health-check",
"server_serf_check_name": "nomad-server-serf-health-check",
"server_service_name": "nomad",
"ssl": true,
"token": "token1",
"verify_ssl": true
}
],
"data_dir": "/tmp/nomad",
"datacenter": "dc2",
"disable_anonymous_signature": true,
"disable_update_check": true,
"enable_debug": true,
"enable_syslog": true,
"http_api_response_headers": [
{
"Access-Control-Allow-Origin": "*"
}
],
"leave_on_interrupt": true,
"leave_on_terminate": true,
"log_file": "/var/log/nomad.log",
"log_json": true,
"log_level": "ERR",
"name": "my-web",
"plugin": [
{
"docker": [
{
"args": [
"foo",
"bar"
],
"config": [
{
"foo": "bar",
"nested": [
{
"bam": 2
}
]
}
]
}
]
},
{
"exec": [
{
"config": [
{
"foo": true
}
]
}
]
}
],
"plugin_dir": "/tmp/nomad-plugins",
"ports": [
{
"http": 1234,
"rpc": 2345,
"serf": 3456
}
],
"region": "foobar",
"sentinel": [
{
"import": [
{
"foo": [
{
"args": [
"a",
"b",
"c"
],
"path": "foo"
}
]
},
{
"bar": [
{
"args": [
"x",
"y",
"z"
],
"path": "bar"
}
]
}
]
}
],
"server": [
{
"authoritative_region": "foobar",
"bootstrap_expect": 5,
"data_dir": "/tmp/data",
"deployment_gc_threshold": "12h",
"enabled": true,
"enabled_schedulers": [
"test"
],
"encrypt": "abc",
"eval_gc_threshold": "12h",
"heartbeat_grace": "30s",
"job_gc_interval": "3m",
"job_gc_threshold": "12h",
"max_heartbeats_per_second": 11,
"min_heartbeat_ttl": "33s",
"node_gc_threshold": "12h",
"non_voting_server": true,
"num_schedulers": 2,
"protocol_version": 3,
"raft_protocol": 3,
"redundancy_zone": "foo",
"rejoin_after_leave": true,
"retry_interval": "15s",
"retry_join": [
"1.1.1.1",
"2.2.2.2"
],
"retry_max": 3,
"server_join": [
{
"retry_interval": "15s",
"retry_join": [
"1.1.1.1",
"2.2.2.2"
],
"retry_max": 3
}
],
"start_join": [
"1.1.1.1",
"2.2.2.2"
],
"upgrade_version": "0.8.0"
}
],
"syslog_facility": "LOCAL1",
"telemetry": [
{
"backwards_compatible_metrics": true,
"collection_interval": "3s",
"disable_hostname": true,
"disable_tagged_metrics": true,
"prometheus_metrics": true,
"publish_allocation_metrics": true,
"publish_node_metrics": true,
"statsd_address": "127.0.0.1:2345",
"statsite_address": "127.0.0.1:1234"
}
],
"tls": [
{
"ca_file": "foo",
"cert_file": "bar",
"http": true,
"key_file": "pipe",
"rpc": true,
"rpc_upgrade_mode": true,
"tls_cipher_suites": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"tls_min_version": "tls12",
"tls_prefer_server_cipher_suites": true,
"verify_https_client": true,
"verify_server_hostname": true
}
],
"vault": [
{
"address": "127.0.0.1:9500",
"allow_unauthenticated": true,
"ca_file": "/path/to/ca/file",
"ca_path": "/path/to/ca",
"cert_file": "/path/to/cert/file",
"create_from_role": "test_role",
"enabled": false,
"key_file": "/path/to/key/file",
"task_token_ttl": "1s",
"tls_server_name": "foobar",
"tls_skip_verify": true,
"token": "12345"
}
]
}