Nomad,Consul and Podman assistance

Hi,
Just wondering if anyone is using nomad and podman on a host.
i am using podman driver and if i use an image it works.

if we use consul using the raw_exec driver it works as well.
however the scenario i have is consul needs to discover the services in podman containers and the rootful podman networking provides ip of 10.0.88.0 network which consul on the host can’t see is there a way for consul to discover the podman images in the podman network?
If anyone has done this much appreciated if they can share their thoughts

Hi @KK123 :wave:

Would you be able to provide a sample job of what you are trying to do?

That will help us better understand the issue :slightly_smiling_face:

Hi @lgfa29 thanks for the reply

Test job and using podman driver

job "http-echo-dynamic-service" {
  datacenters = ["dc1"]
  group "echo" {
    count = 3
    task "server" {
      driver = "podman"
      config {
        image = "hashicorp/http-echo:latest"
        args  = [
          "-listen", ":${NOMAD_PORT_http}",
          "-text", "Hello and welcome to ${NOMAD_IP_http} running on port ${NOMAD_PORT_http}",
        ]
      }
      resources {
        network {
          mbits = 10
          port "http" {
		     to = 80
		  }
        }
      }
      service {
        name = "http-echo"
        port = "http"
        tags = [
          "urlprefix-/http-echo",
        ]
        check {
          type     = "http"
          path     = "/health"
          interval = "2s"
          timeout  = "2s"
        }
      }
    }
  }
}

I have consul installed using raw_exec driver on the host and working.
When i run the sample job and check the task from nomad web console i see
consul_services: unable to get address for service "http-echo": invalid port label "http": port labels in driver address_mode must be numeric or in the driver's port map

What would i need to change in the job to get consul to discover the service?
Appreciate your assistance.

Managed to run this with docker in consul with nomad successfully.
if anyone has had luck with podman, consul and nomad please let me know thank you.

Defining network within resources was deprecated in Nomad v0.12. Docker still works for backwards compatibility, but Podman is a new task driver, so it’s not supported.

You will also need to map your group port to your task using the ports task config.

So update your job like this:

job "http-echo-dynamic-service" {
  datacenters = ["dc1"]
  group "echo" {
    count = 3
    task "server" {
      driver = "podman"
      config {
        image = "hashicorp/http-echo:latest"
        args  = [
          "-listen", ":${NOMAD_PORT_http}",
          "-text", "Hello and welcome to ${NOMAD_IP_http} running on port ${NOMAD_PORT_http}",
        ]
+       ports = ["http"]
      }
-     resources {
-       network {
-         mbits = 10
-         port "http" {
-		     to = 80
-		  }
-       }
     }
+   network {
+     port "http" {
+       to = 80
+     }
+   }
      service {
        name = "http-echo"
        port = "http"
        tags = [
          "urlprefix-/http-echo",
        ]
        check {
          type     = "http"
          path     = "/health"
          interval = "2s"
          timeout  = "2s"
        }
      }
    }
  }
}

See if it works now :slightly_smiling_face:

@lgfa29 thank you very much it works

1 Like