2 # The "region" parameter specifies the region in which to execute the job.
3 # If omitted, this inherits the default region name of "global".
6 # The "datacenters" parameter specifies the list of datacenters which should
7 # be considered when placing this task. This must be provided.
8 datacenters = [ "yul1" ]
10 # The "type" parameter controls the type of job, which impacts the scheduler's
11 # decision on placement. This configuration is optional and defaults to
12 # "service". For a full list of job types and their differences, please see
13 # the online documentation.
15 # For more information, please see the online documentation at:
17 # https://www.nomadproject.io/docs/jobspec/schedulers.html
22 # The "max_parallel" parameter specifies the maximum number of updates to
23 # perform in parallel. In this case, this specifies to update a single task
27 # The "min_healthy_time" parameter specifies the minimum time the allocation
28 # must be in the healthy state before it is marked as healthy and unblocks
29 # further allocations from being updated.
30 min_healthy_time = "10s"
32 # The "healthy_deadline" parameter specifies the deadline in which the
33 # allocation must be marked as healthy after which the allocation is
34 # automatically transitioned to unhealthy. Transitioning to unhealthy will
35 # fail the deployment and potentially roll back the job if "auto_revert" is
37 healthy_deadline = "3m"
39 # The "progress_deadline" parameter specifies the deadline in which an
40 # allocation must be marked as healthy. The deadline begins when the first
41 # allocation for the deployment is created and is reset whenever an allocation
42 # as part of the deployment transitions to a healthy state. If no allocation
43 # transitions to the healthy state before the progress deadline, the
44 # deployment is marked as failed.
45 progress_deadline = "10m"
47 # The "auto_revert" parameter specifies if the job should auto-revert to the
48 # last stable job on deployment failure. A job is marked as stable if all the
49 # allocations as part of its deployment were marked healthy.
52 # The "canary" parameter specifies that changes to the job that would result
53 # in destructive updates should create the specified number of canaries
54 # without stopping any previous allocations. Once the operator determines the
55 # canaries are healthy, they can be promoted which unblocks a rolling update
56 # of the remaining allocations at a rate of "max_parallel".
58 # Further, setting "canary" equal to the count of the task group allows
59 # blue/green deployments. When the job is updated, a full set of the new
60 # version is deployed and upon promotion the old version is stopped.
64 # The "group" stanza defines a series of tasks that should be co-located on
65 # the same Nomad client. Any task within a group will be placed on the same
68 # For more information and examples on the "group" stanza, please see
69 # the online documentation at:
71 # https://www.nomadproject.io/docs/job-specification/group.html
73 group "prod-group1-nginx" {
74 # The "count" parameter specifies the number of the task groups that should
75 # be running under this group. This value must be non-negative and defaults
79 # All groups in this job should be scheduled on different hosts.
81 operator = "distinct_hosts"
85 # Prioritize one node.
87 attribute = "${attr.unique.hostname}"
92 # https://www.nomadproject.io/docs/job-specification/volume
93 volume "prod-volume1-storage" {
96 source = "prod-volume-data1-1"
99 # The "task" stanza creates an individual unit of work, such as a Docker
100 # container, web application, or batch processing.
102 # For more information and examples on the "task" stanza, please see
103 # the online documentation at:
105 # https://www.nomadproject.io/docs/job-specification/task.html
107 task "prod-task1-nginx" {
108 # The "driver" parameter specifies the task driver that should be used to
113 volume = "prod-volume1-storage"
114 destination = "/data/"
118 # The "config" stanza specifies the driver configuration, which is passed
119 # directly to the driver to start the task. The details of configurations
120 # are specific to each driver, so please see specific driver
121 # documentation for more information.
123 image = "nginx:stable"
124 dns_servers = [ "${attr.unique.network.ip-address}" ]
130 "/etc/consul.d/ssl/consul.pem:/etc/ssl/certs/nginx-cert.pem",
131 "/etc/consul.d/ssl/consul-key.pem:/etc/ssl/private/nginx-key.pem",
132 "custom/logs.conf:/etc/nginx/conf.d/logs.conf",
133 "custom/docs.conf:/etc/nginx/conf.d/docs.conf"
137 # The "template" stanza instructs Nomad to manage a template, such as
138 # a configuration file or script. This template can optionally pull data
139 # from Consul or Vault to populate runtime configuration data.
141 # For more information and examples on the "template" stanza, please see
142 # the online documentation at:
144 # https://www.nomadproject.io/docs/job-specification/template.html
149 listen 443 ssl default_server;
150 server_name logs.nginx.service.consul;
151 keepalive_timeout 70;
152 ssl_session_cache shared:SSL:10m;
153 ssl_session_timeout 10m;
154 ssl_protocols TLSv1.2;
155 ssl_prefer_server_ciphers on;
156 ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
157 ssl_certificate /etc/ssl/certs/nginx-cert.pem;
158 ssl_certificate_key /etc/ssl/private/nginx-key.pem;
160 root /data/logs.fd.io;
163 autoindex_exact_size on;
164 autoindex_format html;
165 autoindex_localtime off;
167 location ~ \.(html.gz)$ {
168 root /data/logs.fd.io;
169 add_header Content-Encoding gzip;
170 add_header Content-Type text/html;
172 location ~ \.(txt.gz|log.gz)$ {
173 root /data/logs.fd.io;
174 add_header Content-Encoding gzip;
175 add_header Content-Type text/plain;
177 location ~ \.(xml.gz)$ {
178 root /data/logs.fd.io;
179 add_header Content-Encoding gzip;
180 add_header Content-Type application/xml;
184 destination = "custom/logs.conf"
190 server_name docs.nginx.service.consul;
191 keepalive_timeout 70;
192 ssl_session_cache shared:SSL:10m;
193 ssl_session_timeout 10m;
194 ssl_protocols TLSv1.2;
195 ssl_prefer_server_ciphers on;
196 ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
197 ssl_certificate /etc/ssl/certs/nginx-cert.pem;
198 ssl_certificate_key /etc/ssl/private/nginx-key.pem;
200 root /data/docs.fd.io;
201 index index.html index.htm;
205 destination = "custom/docs.conf"
208 # The service stanza instructs Nomad to register a service with Consul.
210 # For more information and examples on the "task" stanza, please see
211 # the online documentation at:
213 # https://www.nomadproject.io/docs/job-specification/service.html
218 tags = [ "docs", "logs" ]
221 # The "resources" stanza describes the requirements a task needs to
222 # execute. Resource requirements include memory, network, cpu, and more.
223 # This ensures the task will execute on a machine that contains enough
226 # For more information and examples on the "resources" stanza, please see
227 # the online documentation at:
229 # https://www.nomadproject.io/docs/job-specification/resources.html