~damien/infrastructure

ae6cae9679736af034c2b21fe2f5e3dd290739db — Damien Radtke 7 months ago 022109c
Add healthcheck provisioner to Nomad clients
2 files changed, 34 insertions(+), 0 deletions(-)

A scripts/healthcheck-nomad.sh
M terraform/nomad-client/main.tf
A scripts/healthcheck-nomad.sh => scripts/healthcheck-nomad.sh +18 -0
@@ 0,0 1,18 @@
#!/usr/bin/env bash

while true; do
	leader="$(curl \
		--silent \
		--show-error \
		--fail \
		--cacert /etc/ssl/nomad/ca.pem \
		--cert /etc/ssl/nomad/cli.pem \
		--key /etc/ssl/nomad/cli-key.pem \
		https://localhost:4646/v1/status/leader)"
	if [[ $? -eq 0 ]]; then
		echo "Found leader: ${leader}"
		exit 0
	fi
	echo "No leader found, sleeping and trying again: ${leader}"
	sleep 2
done

M terraform/nomad-client/main.tf => terraform/nomad-client/main.tf +16 -0
@@ 148,6 148,13 @@ resource "linode_instance" "clients" {
    source      = "../scripts/issue-cert.sh"
  }

  // healthcheck script
  provisioner "file" {
    connection { host = split("/", self.ipv6)[0] }
    destination = "/usr/local/bin/healthcheck-nomad.sh"
    source      = "../scripts/healthcheck-nomad.sh"
  }

  // Consul certificate authority
  provisioner "file" {
    connection { host = split("/", self.ipv6)[0] }


@@ 250,6 257,15 @@ resource "linode_instance" "clients" {
    inline = local.extra_provisions_for_class
  }

  // run healthcheck script to ensure the node comes up
  provisioner "remote-exec" {
    connection { host = split("/", self.ipv6)[0] }
    inline = [
      "chmod +x /usr/local/bin/healthcheck-nomad.sh",
      "/usr/local/bin/healthcheck-nomad.sh",
    ]
  }

  // disable further root ssh
  provisioner "remote-exec" {
    connection { host = split("/", self.ipv6)[0] }