Skip to content

Commit

Permalink
feat(minio): simple (#41)
Browse files Browse the repository at this point in the history
fix(loki): add vault stanza
fix(loki): remove all env vars, use only vault secrets
fix(loki): send correct signal to loki to restart on secrets change
feat(minio): add a single-node-multi-drive configuration with vault credentials

Signed-off-by: Bruce Becker <brucellino@protonmail.com>
  • Loading branch information
brucellino authored Jun 26, 2023
1 parent f2d5ad9 commit 31d5266
Showing 1 changed file with 129 additions and 0 deletions.
129 changes: 129 additions & 0 deletions minio-simple.nomad
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
variable "minio_storage_size"{
description = "Size of the minio storage"
type = number
// default = 10737418204
default = "10"
}

job "minio" {
vault {
policies = ["read-only"]
}
meta {
auto-backup = true
backup-schedule = "@daily"
backup-target-db = "postgres"
}
datacenters = ["dc1"]
type = "service"

constraint {
distinct_hosts = true
}

constraint {
attribute = "${attr.unique.hostname}"
value = "sense"
operator = "=="
}

group "server-1" {
network {
port "api" {}

port "console" {}

port "broker" {}
}

task "server" {
driver = "raw_exec"
artifact {
source = "https://dl.min.io/server/minio/release/linux-arm64/minio"
destination = "${NOMAD_ALLOC_DIR}/minio"
mode = "file"
options {
checksum = "sha256:8789568665b4deda376e52f19bc85ca847a8644564446780b948961a7d5655cf"
}
}

config {
command = "${NOMAD_ALLOC_DIR}/minio"
args = [
"server",
"--address=${NOMAD_ADDR_api}",
"${MINIO_VOLUMES}",
"--console-address=${NOMAD_ADDR_console}"
]
}

template {
data = <<EOH
MINIO_ROOT_USER="{{ with secret "hashiatho.me-v2/minio" }} {{ ".Data.data.root_username" }}{{ end }}"
MINIO_ROOT_PASSWORD="{{ with secret "hashiatho.me-v2/minio" }} {{ ".Data.data.root_password" }}{{ end }}"
EOH
destination = "secrets/config.env"
env = true
}

env {
MINIO_SERVER_URL="http://${NOMAD_ADDR_api}"
MINIO_VOLUMES="http://${NOMAD_IP_api}/minio{1...4}"
MINIO_DIRECTORIES="/minio{1...4}"
MINIO_OPTS="--address ${NOMAD_ADDR_api} --console-address ${NOMAD_ADDR_console}"
// MINIO_NOTIFY_REDIS_ENABLE_PRIMARY = "on"
// MINIO_NOTIFY_REDIS_REDIS_ADDRESS_PRIMARY = "http://redis-cache.service.consul:6379"
// MINIO_NOTIFY_REDIS_KEY_PRIMARY="bucketevents"
// MINIO_NOTIFY_REDIS_FORMAT_PRIMARY="namespace"
// MINIO_NOTIFY_REDIS_ENABLE_SECONDARY="on"
// MINIO_NOTIFY_REDIS_REDIS_ADDRESS_SECONDARY="https://redis-cache.service.consul:6379"
// MINIO_NOTIFY_REDIS_KEY_SECONDARY="bucketevents"
// MINIO_NOTIFY_REDIS_FORMAT_SECONDARY="namespace"
}

resources {
cpu = 1200
memory = 512
}

constraint {
attribute = "${attr.unique.storage.bytesfree}"
operator = ">="
value = "${var.minio_storage_size}"
}

service {
tags = ["minio", "s3", "api", "urlprefix-/buckets"]
port = "api"
name = "minio-api"
check {
name = "mino-healthy"
type = "http"
port = "api"
method = "GET"
interval = "60s"
timeout = "5s"
path = "/minio/health/live"

check_restart {
limit = 2
grace = "10s"
}
}
}

service {
tags = ["minio", "s3", "console", "urlprefix-/minio-console redirect=9001,http://console.minio-console.service.consul"]
port = "console"
name = "minio-console"
check {
name = "console-ready"
type = "tcp"
port = "console"
interval = "60s"
timeout = "5s"
}
}
}
}
}

0 comments on commit 31d5266

Please sign in to comment.