Mostly a proof of concept that connects all the HashiCorp projects together inside of docker. Why? Because having a safe and secure production cluster shouldn't require a hard way.
- ghcr.io/mjpitz/hashistack
- Tags:
latest,latest-alpine,latest-dind - Architectures:
amd64,arm64
- Tags:
- ghcr.io/mjpitz/nomad
- Tags:
latest,latest-alpine,latest-dind - Architectures:
amd64,arm64
- Tags:
- Consul
- HA
- Add a serf gossip key
- ACLs
- TLS Certificates
- Vault
- HA
- TLS Certificates
- Nomad
- HA
- Add a serf gossip key
- Nomad's serf configuration is used to communicate over a WAN
- Enable consul connect integration
- Enable vault secret integration
- ACLs
- TLS Certificates
- Workers
- Support docker-in-docker
- Support JDK
- Embedded consul agent
- Embedded nomad client
- TLS Certificates
The default docker-compose.yaml file deploys a single, all-in-one container. The docker-compose-ha.yaml file uses
the same image, but deploys each component separately according to the various HashiCorp reference architecture
documents. Currently, this spins up a single datacenter, but Nomad is designed to run over a WAN and operate against
multiple datacenters.
docker compose upOnce all the containers are running, you should be able to access their UI in the browser. Note, these ports are currently unavailable for the HA configuration. To access the associated UI, you will need to look up the port mapping.
- Consul: http://localhost:8500
- Vault: http://localhost:8200
- Nomad: http://localhost:4646
The ghcr.io/mjpitz/hashistack container image accepts an EXTRA_PACKAGES environment variable that allows additional
alpine packages to be installed. The value must be a space-separated list of package names. For example openjdk11 will
install openjdk version 11 prior to running the enabled processes.