Hi @jrasell
thanks for the reply … I saw the interpolation, but … I’m unsure … how to replace the IP/Port. I was thinking, to export the values to a file and reread them. I red, that I can’t export variables in task1 and read them in task2.
The point is: The app (Django / Gunicorn) and the Nginx builds always a pair, because of the static files they share (thats why they are in the same group (learned last week …)
It works perfectly, if you just have one pair running. But in case, I want to scale, the value for Nginx where to find its “upstream”, is not updated. I have an ENV, called API
and it holds the IP and port to the Gunicorn App, like this:
root@fra-test-nomad-02:[~]: docker exec -it nginx-75596968-bb42-8ebc-2044-13f88db00748 env | grep API
API=172.16.0.103:26867
It gets this info, from Consul and the template stanza, which I copied from the Wordpress example. So it’s clear, why it happens, because the Wordpress example uses a single DB
But, If I scale it ~n times, it will always sends the requests to the first Gunicorn, what’s wrong. I need to update the API variable to the IP/Port from the Gunicorn — no idea how to name it in english – for which the Nginx shares the files on the ${NOMAD_ALLOC_DIR}
, so that I have a pair again.
I hope, I was able to explain it
The complete job:
job "backoffice_gunicorn" {
# For our secrets
vault {
policies = ["access-tables"]
}
# We want it on fra-test
datacenters = ["fra-test"]
group "backoffice" {
network {
port "api" { to = 8000 }
port "https" { to = 443 }
}
ephemeral_disk {
migrate = false
size = 300
sticky = false
}
service {
name = "django"
tags = ["backoffice","django"]
port = "api"
check {
type = "tcp"
port = "api"
interval = "10s"
timeout = "2s"
}
}
service {
name = "nginx"
tags = ["backoffice","nginx"]
port = "api"
check {
type = "tcp"
port = "https"
interval = "10s"
timeout = "2s"
}
}
task "django-collectstatic" {
lifecycle {
hook = "prestart"
sidecar = false
}
driver = "docker"
template {
data = <<EOH
{{key "nomad/backoffice/environment"}}
EOH
destination = "local/env"
env = true
}
template {
data = <<EOH
{{with secret "kv/docker/nomad/backoffice/secrets"}}
{{range $key, $value := .Data.data}}
{{$key}}={{$value}}{{end}}
{{end}}
EOH
destination = "secrets/file.env"
env = true
}
config {
image = "fra-test-harbor.example.local/testing/backoffice/test:latest"
ports = ["api"]
entrypoint = [ "./docker-entrypoint.sh", "collectstatic" ]
force_pull = true
volumes = [ "${NOMAD_ALLOC_DIR}/data/backoffice/static:/app/static"]
auth {
username = "robot$devops"
password = "secret"
}
}
resources {
cpu = 1000
memory = 256
}
}
task "django" {
driver = "docker"
template {
data = <<EOH
{{key "nomad/backoffice/environment"}}
EOH
destination = "local/env"
env = true
}
template {
data = <<EOH
{{with secret "kv/docker/nomad/backoffice/secrets"}}
{{range $key, $value := .Data.data}}
{{$key}}={{$value}}{{end}}
{{end}}
EOH
destination = "secrets/file.env"
env = true
}
config {
image = "fra-test-harbor.example.local/testing/backoffice/test:latest"
ports = ["api"]
volumes = [ "${NOMAD_ALLOC_DIR}/data/backoffice/static:/app/static"]
auth {
username = "robot$devops"
password = "secret"
}
}
resources {
cpu = 1000
memory = 256
}
}
task "nginx" {
driver = "docker"
template {
data = <<EOH
{{- if service "django" -}}
{{- with index (service "django") 0 -}}
API={{ .Address }}:{{ .Port }}
{{- end -}}
{{- end }}
EOH
destination = "local/envvars.txt"
env = true
}
template {
data = <<EOH
{{key "nomad/backoffice/environment"}}
EOH
destination = "local/env"
env = true
}
template {
data = "{{ with secret \"kv/docker/nomad/certs\" }}{{.Data.data.key}}{{end}}"
destination = "certs/server.key"
change_mode = "restart"
perms = "0644"
splay = "1m"
}
template {
data = "{{ with secret \"kv/docker/nomad/certs\" }}{{.Data.data.crt}}{{end}}"
destination = "certs/server.crt"
change_mode = "restart"
perms = "0644"
splay = "1m"
}
template {
data = "{{ with secret \"kv/docker/nomad/certs\" }}{{.Data.data.dh}}{{end}}"
destination = "certs/dh.pem"
change_mode = "restart"
perms = "0400"
splay = "1m"
}
config {
image = "fra-test-harbor.example.local/testing/backoffice/nginx:latest"
ports = ["https"]
volumes = [
"${NOMAD_ALLOC_DIR}/data/backoffice/static:/home/app/static/",
"certs/:/certs"
]
auth {
username = "robot$devops"
password = "secret"
}
}
resources {
cpu = 1000
memory = 256
}
}
}
}