I have a cluster set up with ACL enabled. I also have a traefik job that looks like this (redacted some parts for brevity):
job "traefik" {
group "traefik" {
service {
name = "traefik"
provider = "nomad"
}
task "traefik" {
driver = "docker"
config {
image = "traefik:v2.10.7"
network_mode = "host"
args = [
"--api.dashboard=true",
"--api.insecure=true",
"--entrypoints.web.address=:${NOMAD_PORT_http}",
"--entrypoints.traefik.address=:${NOMAD_PORT_admin}",
"--providers.nomad=true",
"--providers.nomad.exposedByDefault=false",
"--providers.nomad.endpoint.address=http://10.0.0.3:4646/",
"--providers.nomad.endpoint.token=<token>"
]
}
}
}
}
Since my cluster has ACL enabled, Traefik needs a Nomad token to do service discovery. I made a new token for Traefik to use and added it as a variable with the path nomad/jobs/traefik
and the name NOMAD_TOKEN
.
When I hard-code this token into traefik’s jobspec, everything works great. But I’m not sure how to grab this Nomad variable and insert it into --providers.nomad.endpoint.token
when I submit my job.
I think I might need to use a template block, but I’m not sure how to use a template block to add to the args
array?