[英]Running a nomad job for a docker container that Traefik can find
I'm currently running a docker container with Traefik as the load balancer using the following docker-compose file:我目前正在使用以下 docker-compose 文件运行以 Traefik 作为负载均衡器的 docker 容器:
services:
loris:
image: bdlss/loris-grok-docker
labels:
- traefik.http.routers.loris.rule=Host(`loris.my_domain`)
- traefik.http.routers.loris.tls=true
- traefik.http.routers.loris.tls.certresolver=lets-encrypt
- traefik.port=80
networks:
- web
It is working fairly well.它运作良好。 As part of one my first attempts using Nomad, I simply want to be able to start this container using a nomad job
loris.nomad
instead of using the docker-compose file.作为我第一次尝试使用 Nomad 的一部分,我只是希望能够使用 nomad 作业
loris.nomad
而不是使用 docker-compose 文件来启动这个容器。
The Docker container 'Labels' and the 'Network' identification are quite important for Traefik to do the dynamic routing. Docker 容器“标签”和“网络”标识对于 Traefik 进行动态路由非常重要。
My question is : where can I put this "label" information and "network" information in the loris.nomad
file so that it starts the container in the same way that the docker-compose
file currently does.我的问题是:我在哪里可以将这个“标签”信息和“网络”信息放在
loris.nomad
文件中,以便它以与docker-compose
文件当前相同的方式启动容器。
I've tried putting this information in the task.config
stanza but this doesn't work and I'm having trouble following the documentation.我已尝试将此信息放在
task.config
节中,但这不起作用,而且我在遵循文档时遇到了麻烦。 I've seen examples where an additional "service" stanza has been added, but I"m still not sure.我已经看到添加了附加“服务”节的示例,但我仍然不确定。
Here's the basics of that nomad file I want to modify.这是我要修改的游牧文件的基础知识。
# loris.nomad
job "loris" {
datacenters = ["dc1"]
group "loris" {
network {
port "http" {
to = 5004
}
task "loris" {
driver = "docker"
config {
image = "bdlss/loris-openjpeg-docker"
ports = ["http"]
}
resources {
cpu = 500
memory = 512
}
}
}
}
Any advice is much appreciated.非常感谢任何建议。
Well, the most appropriate option for running traefik in nomad and load-balance between containers is using consul catalog (required for service discovery).好吧,在 nomad 中运行 traefik 和容器之间的负载平衡的最合适的选项是使用consul 目录(服务发现所必需的)。
For this to run you have to confgure the consule connection when you start nomad.为此,您必须在启动 nomad 时配置consule 连接。 If you like to test things out locally you can do this by simply running
sudo nomad agent -dev-connect
.如果您想在本地进行测试,只需运行
sudo nomad agent -dev-connect
即可。 Consul can be started with consul agent -dev -client="0.0.0.0"
. Consul 可以通过
consul agent -dev -client="0.0.0.0"
启动。
Now you can simply provide your traefik configuration using tags as it is shown here .现在您可以简单地使用标签提供您的 traefik 配置,如此处所示。
If you really need (which will cause issues in a clustered setup for sure) to run traefik in nomad with docker provider you can do the following:如果您确实需要(这肯定会导致集群设置出现问题)使用 docker 提供程序在 nomad 中运行 traefik,您可以执行以下操作:
First you need to enable host path mounting in the docker plugin.首先,您需要在 docker 插件中启用主机路径挂载。 See this and this .
看到这个和这个。 You can place your configuration in an extra file like extra.hcl which looks like this:
您可以将配置放在一个额外的文件中,例如extra.hcl ,如下所示:
plugin "docker" {
config {
volumes {
enabled = true
}
}
}
Now you can start nomad with this extra setting sudo nomad agent -dev-connect -config=extra.hcl
.现在您可以使用这个额外的设置
sudo nomad agent -dev-connect -config=extra.hcl
来启动 nomad。 Now you can provide your traefik settings in the config/labels block, like (full):现在您可以在config/labels块中提供您的 traefik 设置,例如(完整):
job "traefik" {
region = "global"
datacenters = ["dc1"]
type = "service"
group "traefik" {
count = 1
task "traefik" {
driver = "docker"
config {
image = "traefik:v2.3"
//network_mode = "host"
volumes = [
"local/traefik.yaml:/etc/traefik/traefik.yaml",
"/var/run/docker.sock:/var/run/docker.sock"
]
labels {
traefik.enable = true
traefik.http.routers.from-docker.rule = "Host(`docker.loris.mydomain`)"
traefik.http.routers.from-docker.entrypoints = "web"
traefik.http.routers.from-docker.service = "api@internal"
}
}
template {
data = <<EOF
log:
level: DEBUG
entryPoints:
traefik:
address: ":8080"
web:
address: ":80"
api:
dashboard: true
insecure: true
accessLog: {}
providers:
docker:
exposedByDefault: false
consulCatalog:
prefix: "traefik"
exposedByDefault: false
endpoint:
address: "10.0.0.20:8500"
scheme: "http"
datacenter: "dc1"
EOF
destination = "local/traefik.yaml"
}
resources {
cpu = 100
memory = 128
network {
mbits = 10
port "http" {
static = 80
}
port "traefik" {
static = 8080
}
}
}
service {
name = "traefik"
tags = [
"traefik.enable=true",
"traefik.http.routers.from-consul.rule=Host(`consul.loris.mydomain`)",
"traefik.http.routers.from-consul.entrypoints=web",
"traefik.http.routers.from-consul.service=api@internal"
]
check {
name = "alive"
type = "tcp"
port = "http"
interval = "10s"
timeout = "2s"
}
}
}
}
}
(There might be a setting to bind to 0.0.0.0
I defined those domains in my /etc/hosts
to point to my main interface IP). (可能有一个绑定到
0.0.0.0
的设置,我在/etc/hosts
中定义了这些域以指向我的主接口 IP)。
You can test it with this modified webapp spec (I didn't figure out how to map ports correctly, like container:80 -> host:<random>
, but I think it is enough to show how complicated it gets:)):您可以使用此修改后的 webapp 规范对其进行测试(我不知道如何正确连接 map 端口,例如
container:80 -> host:<random>
,但我认为这足以说明它变得多么复杂:)):
job "demo-webapp" {
datacenters = ["dc1"]
group "demo" {
count = 3
task "server" {
env {
// "${NOMAD_PORT_http}"
PORT = "80"
NODE_IP = "${NOMAD_IP_http}"
}
driver = "docker"
config {
image = "hashicorp/demo-webapp-lb-guide"
labels {
traefik.enable = true
traefik.http.routers.webapp-docker.rule = "Host(`docker.loris.mydomain`) && Path(`/myapp`)"
traefik.http.services.webapp-docker.loadbalancer.server.port = 80
}
}
resources {
network {
// Used for docker provider
mode ="bridge"
mbits = 10
port "http"{
// Used for docker provider
to = 80
}
}
}
service {
name = "demo-webapp"
port = "http"
tags = [
"traefik.enable=true",
"traefik.http.routers.webapp-consul.rule=Host(`consul.loris.mydomain`) && Path(`/myapp`)",
]
check {
type = "http"
path = "/"
interval = "2s"
timeout = "2s"
}
}
}
}
}
I hope this somehow answers your question.我希望这能以某种方式回答你的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.