Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deployNomadJob analog to deployTerraform #615

Closed
blaggacao opened this issue Sep 23, 2021 · 9 comments
Closed

deployNomadJob analog to deployTerraform #615

blaggacao opened this issue Sep 23, 2021 · 9 comments
Labels
help wanted Will be solved only if someone contributes it

Comments

@blaggacao
Copy link
Contributor

  1. https://www.nomadproject.io/docs/commands/job/plan
  2. https://www.nomadproject.io/docs/commands/job/run

Anything I need to know before getting my hands dirty?
@kamadorueda
Copy link
Contributor

Anything I need to know before getting my hands dirty?

You can inspire on: #616
I'll be adding docs soon

if nomad has a custom authorization/configuration, making a secretsForNomadFromEnv can help you reuse code

@kamadorueda
Copy link
Contributor

Does nomad will be running Makes jobs? or arbitrary jobs?

computeOnXXX is meant for running a makes command on XXX provider,

if nomad's plan and run are more like terraform, then testNomad (plan) and deployNomad (run) are more meaningful

@kamadorueda
Copy link
Contributor

In any case, thanks for contributing this feature!
you can implement it as it best suits your needs today

if in the future someone else (or even us) want to use it,
then they/we will contribute the generalizations

@blaggacao
Copy link
Contributor Author

Looks like there can also be parametrization with:

@blaggacao
Copy link
Contributor Author

computeOnXXX that might come in handy once terraform needs to talk to remote APIs that are only accessible from within a deployment: eg. database engine seeding, rabbitMQ seeding, kv-store seeding

@kamadorueda kamadorueda added enhancement help wanted Will be solved only if someone contributes it labels Sep 28, 2021
@blaggacao
Copy link
Contributor Author

I'm on this one.

As for the modules & related to #619 :

  • The entire hashicorp stack can consume json wherever hcl is accepted
  • Hence we can define jobs & (above all) job trees per namespace with nix
  • Hence, I'm musing about some sort of "wrapper" module that can auto-create a makes job-tree off a specifically shaped & nested input attrs.
{
  dev = { backend = {}; frontend = {}; ... };
  staging = {};
  prod = {};
}

producing ...

/deploy/dev/backend
/deploy/dev/frontend
...

@blaggacao
Copy link
Contributor Author

blaggacao commented Oct 4, 2021
edited
Loading

And here is another gotcha, to manage consul (config) & vault (secrets) declarative, nomad does not have the same primitives as k8s.

  • app config & app secrets (k8s ConfigMap & Secret) can be handled with terraform & the consul & vault provider (secrets coming from sops).
    • terraforming secrets is highly sensitive as they would be stored in clear text in the state file
    • tentative solution: handle state files in vault — maybe the vault provider doesn't strictly need to persist a statefile, though → tempfile & cleanup
  • app initialization such as create database user, rabbit mq user, etc. (no equivalent in k8s — usually done by the entry-point) can be handled via terraform but only after the jobs have been applied and the services are running.
  • to proxy into the protected network to reach those (not necessarily public) endpoints, something like https://www.boundaryproject.io/ might be useful

blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 7, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy job
c349538 
- Add nomad deploy job
- Hashicorp's `hcl` parser can read plain `json`, as well, hence
  jobs can be defined in `json`, or `nix` rendered to `json`
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 7, 2021
@blaggacao
feat(build): fluidattacks#615 make nomad secrets
6c332ee 
- Capture nomad secrets from env variables
- Analog to terraform
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 7, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy module
c0a561a 
- Encapsulate nomad deploy as module
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 11, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy job
4f91bb1 
- Add nomad deploy job
- Hashicorp's `hcl` parser can read plain `json`, as well, hence
  jobs can be defined in `json`, or `nix` rendered to `json`
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 11, 2021
@blaggacao
feat(build): fluidattacks#615 make nomad secrets
0df4d77 
- Capture nomad secrets from env variables
- Analog to terraform
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 11, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy module
ecf6ba4 
- Encapsulate nomad deploy as module
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy job
95acba9 
- Add nomad deploy job
- Hashicorp's `hcl` parser can read plain `json`, as well, hence
  jobs can be defined in `json`, or `nix` rendered to `json`
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 make nomad secrets
266c7a6 
- Capture nomad secrets from env variables
- Analog to terraform
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy module
d834344 
- Encapsulate nomad deploy as module
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy job
79de2a8 
- Add nomad deploy job
- Hashicorp's `hcl` parser can read plain `json`, as well, hence
  jobs can be defined in `json`, or `nix` rendered to `json`
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 make nomad secrets
e4f73c4 
- Capture nomad secrets from env variables
- Analog to terraform
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy module
4daea30 
- Encapsulate nomad deploy as module
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy ns module
937ac0a 
- Generate deploy tasks for an entire deploy job tree.
@blaggacao blaggacao mentioned this issue Oct 12, 2021
Closed
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy job
f0d45dc 
- Add nomad deploy job
- Hashicorp's `hcl` parser can read plain `json`, as well, hence
  jobs can be defined in `json`, or `nix` rendered to `json`
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 make nomad secrets
9a07d4c 
- Capture nomad secrets from env variables
- Analog to terraform
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy module
00e7dce 
- Encapsulate nomad deploy as module
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 12, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy ns module
6ea55c6 
- Generate deploy tasks for an entire deploy job tree.
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 25, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy job
3ccf168 
- Add nomad deploy job
- Hashicorp's `hcl` parser can read plain `json`, as well, hence
  jobs can be defined in `json`, or `nix` rendered to `json`
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 25, 2021
@blaggacao
feat(build): fluidattacks#615 make nomad secrets
0ddc790 
- Capture nomad secrets from env variables
- Analog to terraform
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 25, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy module
f53e039 
- Encapsulate nomad deploy as module
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 25, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy ns module
4127261 
- Generate deploy tasks for an entire deploy job tree.
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 25, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy docs
ef82ddd 
- Add docs to the readme
@blaggacao blaggacao mentioned this issue Oct 25, 2021
Merged
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 26, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy ns module
6212dbb 
- Generate deploy tasks for an entire deploy job tree.
blaggacao added a commit to input-output-hk/makes that referenced this issue Oct 26, 2021
@blaggacao
feat(build): fluidattacks#615 nomad deploy docs
b7df356 
- Add docs to the readme
@dsalaza4
Copy link
Contributor

@blaggacao Are you currently using this builtin?

@blaggacao
Copy link
Contributor Author

Nope, we can close this. 🤝

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Will be solved only if someone contributes it
Projects
Makes Roadmap
Status: Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@blaggacao @dsalaza4 @kamadorueda