mariadb/example/mariadb.nomad.hcl

220 lines
3.8 KiB
HCL
Raw Normal View History

2024-01-05 14:30:24 +01:00
job "mariadb" {
2024-01-31 14:06:09 +01:00
2024-01-05 14:30:24 +01:00
datacenters = ["dc1"]
2024-02-16 10:55:21 +01:00
region = "global"
2024-01-05 14:30:24 +01:00
2024-03-28 23:11:42 +01:00
2024-01-05 14:30:24 +01:00
group "server" {
network {
mode = "bridge"
}
2024-01-19 23:31:41 +01:00
volume "data" {
2024-01-05 14:30:24 +01:00
source = "mariadb-data"
2024-01-19 23:31:41 +01:00
type = "csi"
2024-01-05 14:30:24 +01:00
access_mode = "single-node-writer"
attachment_mode = "file-system"
per_alloc = true
}
2024-01-19 23:31:41 +01:00
2024-01-05 14:30:24 +01:00
service {
name = "mariadb"
port = 3306
connect {
sidecar_service {
disable_default_tcp_check = true
}
sidecar_task {
2024-01-31 14:06:09 +01:00
config {
args = [
"-c",
"${NOMAD_SECRETS_DIR}/envoy_bootstrap.json",
"-l",
"${meta.connect.log_level}",
"--concurrency",
"${meta.connect.proxy_concurrency}",
"--disable-hot-restart"
]
}
2024-01-05 14:30:24 +01:00
resources {
cpu = 50
memory = 64
}
}
}
check {
name = "alive"
type = "script"
task = "mariadb"
command = "mysqladmin"
args = [
"ping"
]
timeout = "10s"
interval = "5s"
}
2024-01-31 14:06:09 +01:00
tags = [
]
2024-01-05 14:30:24 +01:00
}
# Run mysql_upgrade
task "upgrade" {
driver = "docker"
lifecycle {
hook = "poststart"
}
config {
2024-03-05 14:50:33 +01:00
image = "danielberteaud/mariadb:24.3-1"
2024-01-05 14:30:24 +01:00
pids_limit = 100
command = "/local/mysql_upgrade.sh"
}
2024-01-19 23:31:41 +01:00
2024-01-05 14:30:24 +01:00
vault {
policies = ["mariadb"]
env = false
disable_file = true
2024-02-11 22:50:46 +01:00
change_mode = "noop"
2024-01-05 14:30:24 +01:00
}
2024-01-19 23:31:41 +01:00
2024-01-05 14:30:24 +01:00
template {
data = <<_EOT
[client]
user = root
host = 127.0.0.1
2024-03-05 14:50:33 +01:00
password = {{ with secret "kv/service/mariadb" }}{{ .Data.data.root_pwd }}{{ end }}
2024-01-05 14:30:24 +01:00
_EOT
destination = "secrets/.my.cnf"
uid = 100100
gid = 100101
perms = 640
}
template {
data = <<_EOT
#!/bin/sh
set -euo pipefail
HOME=/secrets
COUNT=0
while true; do
if mysqladmin ping; then
echo "MariaDB is ready, running mysql_upgrade"
mysql_upgrade
exit 0
fi
echo "MariaDB not ready yet, waiting a bit more"
COUNT=$((COUNT+1))
sleep 1
done
_EOT
destination = "local/mysql_upgrade.sh"
perms = 755
}
volume_mount {
2024-01-19 23:31:41 +01:00
volume = "data"
2024-01-05 14:30:24 +01:00
destination = "/data"
}
resources {
cpu = 10
memory = 32
memory_max = 64
}
}
task "mariadb" {
driver = "docker"
leader = true
kill_timeout = "5m"
config {
2024-03-05 14:50:33 +01:00
image = "danielberteaud/mariadb:24.3-1"
2024-01-05 14:30:24 +01:00
volumes = [
"secrets/:/etc/my.cnf.d",
"secrets/my.conf:/var/lib/mysql/.my.cnf:ro",
]
pids_limit = 300
#readonly_rootfs = true
}
2024-01-19 23:31:41 +01:00
2024-01-05 14:30:24 +01:00
vault {
policies = ["mariadb"]
env = false
disable_file = true
2024-02-11 22:50:46 +01:00
change_mode = "noop"
2024-01-05 14:30:24 +01:00
}
2024-01-19 23:31:41 +01:00
2024-01-05 14:30:24 +01:00
env {
MYSQL_CONF_11_bind-address = "127.0.0.1"
LANG = "fr_FR.utf8"
TZ = "Europe/Paris"
}
template {
data = <<_EOT
2024-03-05 14:50:33 +01:00
{{ with secret "kv/service/mariadb" }}
2024-01-05 14:30:24 +01:00
MYSQL_ROOT_PASSWORD={{ .Data.data.root_pwd }}
{{ end }}
_EOT
destination = "secrets/mariadb.env"
uid = 100000
gid = 100000
perms = 400
env = true
}
template {
data = <<_EOT
[client]
user = root
2024-03-05 14:50:33 +01:00
password = {{ with secret "kv/service/mariadb" }}{{ .Data.data.root_pwd }}{{ end }}
2024-01-05 14:30:24 +01:00
_EOT
destination = "secrets/my.conf"
uid = 100100
gid = 100101
perms = 640
}
volume_mount {
2024-01-19 23:31:41 +01:00
volume = "data"
2024-01-05 14:30:24 +01:00
destination = "/data"
}
2024-01-31 14:06:09 +01:00
2024-01-05 14:30:24 +01:00
resources {
cpu = 1000
memory = 512
}
}
}
}