Closed Ranjandas closed 4 months ago
EugenKon
commented
5 months ago Great job, man! Can you review submit-job capability? It looks like there should be write policy to be ably to submit, but I am not familiar with Nomad's ACL.
Related: https://github.com/hashicorp/learn-nomad-cluster-setup/issues/28
david-yu
commented
5 months ago @tunzor Could you take over the PR from here and help get this PR merged? Thank you!
tunzor
commented
5 months ago @Ranjandas I figured out a way around updating the anonymous policy by adding the agent token to the Consul client configuration but couldn't add the suggestions to this PR so I opened another one that includes your other changes.
Can you double check PR #29 and make sure it's complete? I've tested it and DNS lookups work as they should but feel free to test it out if you like.
tunzor
commented
4 months ago Closing this PR as the changes have been merged as part of #29, thank you very much for your contributions!
This is a combination of multiple PRs (#23, #24, #25)
In addition to the PRs, here are two additional changes:
alloc-execpermission.23
The Ubuntu Xenial image is not available anymore officially from Canonical on AWS (except the Pro versions).
The following changes were introduced as part of the AMI change:
ipcommand instead ofifconfig(deprecated)Introduced a system-resolved drop-in for Consul DNS access and stopped Consul from listening on port 53. This is because systemd-resolved already binds to port 53, and Consul won't start.
The drop-in configuration also listens on the Docker bridge IP so that Nomad tasks can resolve Consul DNS names by overriding DNS by pointing to the Docker bridge IP
jqandredis-toolsinstallation were failingIn addition,
packer {}block was added so thatpacker initinstalls the required plugins for thebuildto work.Fixes the following issues:
24
Update the anonymous token policy so that the Consul DNS resolution works out of the box.
25
zone_patternforretry_joinfor faster discovery in GCP