commit 1c3d25176225ba56857ac0a2e5ad4eb63ec58996
parent dad5b0dade274391bab6d4ccadfa6de0cd2b61f0
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date: Sat, 27 Jul 2024 19:54:10 +0200
fix(nomad): remove chroot_env
The exec driver has really funny behavior and refuses to start, when the
chroot env is modified in this way. Remove it to run with the defaults.
Idea - hack the limitation of no access to `/opt` in exec tasks with a
post task (`raw_exec`).
Diffstat:
1 file changed, 1 insertion(+), 15 deletions(-)
diff --git a/nomad.sh b/nomad.sh
@@ -146,20 +146,6 @@ client {
# memory to reserve, in MB
memory = 256
}
-
- # Allow to chroot the /opt directory to renew bao tls certificates:
- # https://developer.hashicorp.com/nomad/docs/configuration/client#chroot_env-parameters
- chroot_env {
- "/bin" = "/bin"
- "/etc" = "/etc"
- "/lib" = "/lib"
- "/lib32" = "/lib32"
- "/lib64" = "/lib64"
- "/run/resolvconf" = "/run/resolvconf"
- "/sbin" = "/sbin"
- "/usr" = "/usr"
- "/opt" = "/opt"
- }
}
tls {
@@ -233,7 +219,7 @@ fi # endif NOMAD_CLIENT
cat << EOF >> "/home/${USERNAME}/.bashrc"
complete -C /usr/bin/nomad nomad
-export NOMAD_ADDR=https://localhost:4646
+export NOMAD_ADDR=https://127.0.0.1:4646
export NOMAD_CACERT=$TLS_DIR/nomad-agent-ca.pem
export NOMAD_CLIENT_CERT=$TLS_DIR/dc1-cli-nomad.pem
export NOMAD_CLIENT_KEY=$TLS_DIR/dc1-cli-nomad-key.pem
