democratic_csi/node.nomad.hcl

job "[[ .instance ]]-node" {

[[ $c := merge .democratic_csi.node .democratic_csi . -]]

  type        = "system"

[[- template "common/job_start" $c ]]

[[- range $proto := coll.Slice "iscsi" "nfs" ]]

  group "[[ $proto ]]-node" {

[[ template "common/constraints" $c ]]

    service {
      name = "[[ $.instance ]]-[[ $proto ]]-node[[ $.consul.suffix ]]"
[[ template "common/service_meta" $c ]]
    }

    restart {
      interval         = "5m"
      attempts         = 30
      delay            = "10s"
      mode             = "delay"
    }

[[- if eq $proto "iscsi" ]]
  [[- template "common/volumes" $.democratic_csi.node.volumes ]]
[[- end ]]

    task "[[ $proto ]]-node" {

      driver = "[[ $c.nomad.driver ]]"

      config {
        image = "[[ $c.image ]]"

        args = [
          "--csi-version=1.5.0",
          # must match the csi_plugin.id attribute below
          "--csi-name=[[ $.democratic_csi.plugin_id ]].[[ $proto ]]",
          "--driver-config-file=/secrets/config.yml",
          "--log-level=info",
          "--csi-mode=node",
          "--server-socket=/csi/csi.sock",
        ]

        # node plugins must run as privileged jobs because they
        # mount disks to the host
        userns_mode  = "host"
        privileged   = true
        ipc_mode     = "host"
        network_mode = "host"
      }

      env {
        CSI_NODE_ID = "${attr.unique.hostname}"
      }

[[ template "common/file_env" $c ]]

      template {
        data        =<<_EOF
[[ tmpl.Exec (printf "democratic_csi/%s/node.yml.tpl" $proto) $c ]]
_EOF
        destination = "secrets/config.yml"
      }

      csi_plugin {
        # must match --csi-name arg
        id        = "[[ $.democratic_csi.plugin_id ]].[[ $proto ]]"
        type      = "node"
        mount_dir = "/csi"
      }

[[- if eq $proto "iscsi" ]]
      volume_mount {
        volume           = "host_root"
        destination      = "/host"
        propagation_mode = "bidirectional"
      }

      volume_mount {
        volume      = "host_run_udev"
        destination = "/run/udev"
      }
[[- end ]]

[[ template "common/resources" $c ]]
    }
  }
[[- end ]]
}

# vim: syntax=hcl