Nomad,Consul and Podman assistance

Nomad
1

Hi,
Just wondering if anyone is using nomad and podman on a host.
i am using podman driver and if i use an image it works.

if we use consul using the raw_exec driver it works as well.
however the scenario i have is consul needs to discover the services in podman containers and the rootful podman networking provides ip of 10.0.88.0 network which consul on the host can’t see is there a way for consul to discover the podman images in the podman network?
If anyone has done this much appreciated if they can share their thoughts

2

Hi @KK123 :wave:

Would you be able to provide a sample job of what you are trying to do?

That will help us better understand the issue :slightly_smiling_face:

3

Hi @lgfa29 thanks for the reply

Test job and using podman driver

job "http-echo-dynamic-service" {
  datacenters = ["dc1"]
  group "echo" {
    count = 3
    task "server" {
      driver = "podman"
      config {
        image = "hashicorp/http-echo:latest"
        args  = [
          "-listen", ":${NOMAD_PORT_http}",
          "-text", "Hello and welcome to ${NOMAD_IP_http} running on port ${NOMAD_PORT_http}",
        ]
      }
      resources {
        network {
          mbits = 10
          port "http" {
		     to = 80
		  }
        }
      }
      service {
        name = "http-echo"
        port = "http"
        tags = [
          "urlprefix-/http-echo",
        ]
        check {
          type     = "http"
          path     = "/health"
          interval = "2s"
          timeout  = "2s"
        }
      }
    }
  }
}

I have consul installed using raw_exec driver on the host and working.
When i run the sample job and check the task from nomad web console i see
consul_services: unable to get address for service "http-echo": invalid port label "http": port labels in driver address_mode must be numeric or in the driver's port map

What would i need to change in the job to get consul to discover the service?
Appreciate your assistance.

4

Managed to run this with docker in consul with nomad successfully.
if anyone has had luck with podman, consul and nomad please let me know thank you.

5

Defining network within resources was deprecated in Nomad v0.12. Docker still works for backwards compatibility, but Podman is a new task driver, so it’s not supported.

You will also need to map your group port to your task using the ports task config.

So update your job like this:

job "http-echo-dynamic-service" {
  datacenters = ["dc1"]
  group "echo" {
    count = 3
    task "server" {
      driver = "podman"
      config {
        image = "hashicorp/http-echo:latest"
        args  = [
          "-listen", ":${NOMAD_PORT_http}",
          "-text", "Hello and welcome to ${NOMAD_IP_http} running on port ${NOMAD_PORT_http}",
        ]
+       ports = ["http"]
      }
-     resources {
-       network {
-         mbits = 10
-         port "http" {
-		     to = 80
-		  }
-       }
     }
+   network {
+     port "http" {
+       to = 80
+     }
+   }
      service {
        name = "http-echo"
        port = "http"
        tags = [
          "urlprefix-/http-echo",
        ]
        check {
          type     = "http"
          path     = "/health"
          interval = "2s"
          timeout  = "2s"
        }
      }
    }
  }
}

See if it works now :slightly_smiling_face:

6

@lgfa29 thank you very much it works

1 Like