68 lines
1.6 KiB
HCL
68 lines
1.6 KiB
HCL
job "democratic-csi-controller" {
|
|
|
|
datacenters = [[ .nomad.datacenters | toJSON ]]
|
|
|
|
[[- range $proto := slice "iscsi" "nfs" ]]
|
|
group "[[ $proto ]]" {
|
|
|
|
count = [[ .democratic_csi.controller.count ]]
|
|
|
|
task "iscsi-controller" {
|
|
|
|
driver = [[ .democratic_csi.controller.driver | toJSON ]]
|
|
|
|
env {
|
|
NODE_EXTRA_CA_CERTS = "/local/ca.crt"
|
|
}
|
|
|
|
vault {
|
|
policies = ["democratic-csi[[ .env.suffix ]]"]
|
|
}
|
|
|
|
config {
|
|
image = [[ .democratic_csi.image | toJSON ]]
|
|
|
|
args = [
|
|
"--csi-version=1.5.0",
|
|
"--csi-name=org.democratic-csi.[[ $proto ]]",
|
|
"--driver-config-file=/secrets/config.yml",
|
|
"--log-level=info",
|
|
"--csi-mode=controller",
|
|
"--server-socket=/csi/csi.sock"
|
|
]
|
|
|
|
network_mode = "host"
|
|
privileged = true
|
|
userns_mode = "host"
|
|
}
|
|
|
|
template {
|
|
data =<<_EOF
|
|
[[ tmpl.Exec (printf "democaratic_csi/%s/controller.yml.tpl" $proto) . ]]
|
|
_EOF
|
|
destination = "secrets/config.yml"
|
|
}
|
|
|
|
# Load vault root CA into the trust store
|
|
template {
|
|
data = <<-EOF
|
|
{{ with secret "[[ .env.suffix ]]pki/root/cert/ca" }}{{ .Data.certificate }}{{ end }}
|
|
EOF
|
|
destination = "local/ca.crt"
|
|
}
|
|
|
|
csi_plugin {
|
|
# must match --csi-name arg
|
|
id = "org.democratic-csi.[[ $proto ]]"
|
|
type = "controller"
|
|
mount_dir = "/csi"
|
|
}
|
|
|
|
[[ template "common/resources.tpl" .democratic_csi.controller.resources ]]
|
|
}
|
|
}
|
|
[[- end ]]
|
|
}
|
|
|
|
# vim: syntax=hcl
|