{"id":6159,"date":"2022-08-22T14:50:50","date_gmt":"2022-08-22T05:50:50","guid":{"rendered":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6159"},"modified":"2022-08-22T14:50:50","modified_gmt":"2022-08-22T05:50:50","slug":"nomad-server-%ea%b5%ac%ec%84%b1","status":"publish","type":"post","link":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6159","title":{"rendered":"Nomad server \uad6c\uc131"},"content":{"rendered":"

Nomad server \uad6c\uc131<\/h1>\n

\ud30c\uc77c \ubcf5\uc0ac<\/h2>\n
mkdir ..\/nomad_server_cluster\ncd ..\/nomad_server_cluster\/\n\ncp ..\/consul_server_cluster\/variables.tf .\/\ncp ..\/consul_server_cluster\/private.tf .\/<\/code><\/pre>\n
\ud30c\uc77c\uc0dd\uc131<\/h2>\n
vi templates.tf\n-----------------------------\ndata "template_file" "user_data_nomad_server" {\n  \/\/ template = file("${path.module}\/files\/user-data-nomad-server.sh")\n\n  vars = {\n    server_count  = var.server_count\n    region        = var.region\n    retry_join    = var.retry_join\n  }\n}\n\ndata "aws_security_group" "consul_lb" {\n  name = "${var.stack_name}-consul-lb"\n}\n-----------------------------<\/code><\/pre>\n
vi sg.tf\n-----------------------------\ndata "aws_vpc" "default" {\n  default = true\n}\n\nresource "aws_security_group_rule" "server_to_consul_ingress" {\n  type        = "ingress"\n  from_port   = 1\n  to_port     = 65535\n  protocol    = "tcp"\n  security_group_id = data.aws_security_group.consul_lb.id\n  source_security_group_id = aws_security_group.server_lb.id\n}\n\nresource "aws_security_group" "server_lb" {\n  name   = "${var.stack_name}-server-lb"\n  vpc_id = data.aws_vpc.default.id\n\n  ingress {\n    from_port   = 22\n    to_port     = 22\n    protocol    = "tcp"\n    cidr_blocks = var.my_ip\n  }\n\n  # Nomad HTTP API & UI.\n  ingress {\n    from_port   = 4646\n    to_port     = 4648\n    protocol    = "tcp"\n    cidr_blocks = var.my_ip\n  }\n\n  # Consul HTTP API & UI.\n  ingress {\n    from_port   = 8300\n    to_port     = 8600\n    protocol    = "tcp"\n    cidr_blocks = var.my_ip\n  }\n\n  egress {\n    from_port   = 0\n    to_port     = 0\n    protocol    = "-1"\n    cidr_blocks = ["0.0.0.0\/0"]\n  }\n}\n\nresource "aws_security_group_rule" "consul_to_server_ingress" {\n  type        = "ingress"\n  from_port   = 1\n  to_port     = 65535\n  protocol    = "tcp"\n  security_group_id = aws_security_group.server_lb.id\n  source_security_group_id = data.aws_security_group.consul_lb.id\n}\n\nresource "aws_security_group_rule" "server_to_server_ingress" {\n  type        = "ingress"\n  from_port   = 1\n  to_port     = 65535\n  protocol    = "tcp"\n  security_group_id = aws_security_group.server_lb.id\n  source_security_group_id = aws_security_group.server_lb.id\n}\n-----------------------------<\/code><\/pre>\n
vi main.tf\n-----------------------------\nprovider "aws" {\n  region  = var.region\n}\n\nresource "aws_instance" "nomad_server" {\n  ami                    = var.ami\n  instance_type          = var.server_instance_type\n  key_name               = var.key_name\n  vpc_security_group_ids = [aws_security_group.server_lb.id]\n  count                  = var.server_count\n  \/\/ iam_instance_profile   = aws_iam_instance_profile.nomad_server.name\n\n  tags = {\n    Name           = "${var.stack_name}-nomad_server-${count.index + 1}"\n    ConsulAutoJoin = "auto-join"\n    OwnerName      = var.owner_name\n    OwnerEmail     = var.owner_email\n  }\n\n  root_block_device {\n    volume_type           = "gp2"\n    volume_size           = var.root_block_device_size\n    delete_on_termination = "true"\n  }\n\n  \/\/ user_data            = data.template_file.user_data_nomad_server.rendered\n}\n-----------------------------<\/code><\/pre>\n
\uc11c\ubc84 \uc778\uc2a4\ud134\uc2a4\uac00 \uc0dd\uc131\ub429\ub2c8\ub2e4.
\n\uc544\uc9c1\uc740 Nomad server \ub294 \uc791\ub3d9\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/p>\n
terraform init\nterraform validate\nterraform plan\n\nterraform apply\nterraform show\nterraform destroy<\/code><\/pre>\n
Nomad server \uc124\uc815<\/h2>\n
mkdir files\nvi files\/user-data-nomad-server.sh\n-----------------------------\n#!\/bin\/bash\n\nset -e\n\nsudo mkdir -p \/ops\ncd \/ops\/\n\nsudo wget https:\/\/github.com\/skyer9\/TerraformOnAws\/raw\/main\/files\/setup.sh\nsudo wget https:\/\/github.com\/skyer9\/TerraformOnAws\/raw\/main\/files\/net.sh\nsudo wget https:\/\/github.com\/skyer9\/TerraformOnAws\/raw\/main\/files\/consul-client.hcl\nsudo wget https:\/\/github.com\/skyer9\/TerraformOnAws\/raw\/main\/files\/consul.service\nsudo wget https:\/\/github.com\/skyer9\/TerraformOnAws\/raw\/main\/files\/nomad-server.sh\nsudo wget https:\/\/github.com\/skyer9\/TerraformOnAws\/raw\/main\/files\/nomad-server.hcl\nsudo wget https:\/\/github.com\/skyer9\/TerraformOnAws\/raw\/main\/files\/nomad-server.service\n\nsudo chmod +x \/ops\/setup.sh\nsudo chmod +x \/ops\/net.sh\nsudo chmod +x \/ops\/nomad-server.sh\n\nsudo bash -c "\/ops\/nomad-server.sh \\"${server_count}\\" \\"${retry_join}\\""\n# rm -rf \/ops\/\n-----------------------------<\/code><\/pre>\n
vi iam.tf\n-----------------------------\nresource "aws_iam_instance_profile" "nomad_server" {\n  name_prefix = var.stack_name\n  role        = aws_iam_role.nomad_server.name\n}\n\nresource "aws_iam_role" "nomad_server" {\n  name_prefix        = var.stack_name\n  assume_role_policy = data.aws_iam_policy_document.nomad_server_assume.json\n}\n\nresource "aws_iam_role_policy" "nomad_server" {\n  name   = "nomad-server"\n  role   = aws_iam_role.nomad_server.id\n  policy = data.aws_iam_policy_document.nomad_server.json\n}\n\ndata "aws_iam_policy_document" "nomad_server_assume" {\n  statement {\n    effect  = "Allow"\n    actions = ["sts:AssumeRole"]\n\n    principals {\n      type        = "Service"\n      identifiers = ["ec2.amazonaws.com"]\n    }\n  }\n}\n\ndata "aws_iam_policy_document" "nomad_server" {\n  statement {\n    effect = "Allow"\n\n    actions = [\n      "ec2:DescribeInstances",\n      "ec2:DescribeTags",\n      "autoscaling:DescribeAutoScalingGroups",\n    ]\n\n    resources = ["*"]\n  }\n}\n-----------------------------<\/code><\/pre>\n
vi templates.tf\n-----------------------------\ndata "template_file" "user_data_nomad_server" {\n  template = file("${path.module}\/files\/user-data-nomad-server.sh")\n  \/\/ ......\n}\n-----------------------------<\/code><\/pre>\n
vi main.tf\n-----------------------------\nprovider "aws" {\n  region  = var.region\n}\n\nresource "aws_instance" "nomad_server" {\n  iam_instance_profile   = aws_iam_instance_profile.nomad_server.name\n  user_data            = data.template_file.user_data_nomad_server.rendered\n  \/\/ ......\n}\n-----------------------------<\/code><\/pre>\n
terraform validate\nterraform plan\n\nterraform apply\nterraform show\nterraform destroy<\/code><\/pre>\n
http:\/\/<\uc11c\ubc84 \uc544\uc774\ud53c>:4646\/ \uc5d0 \uc811\uc18d\ud558\uc5ec \ud655\uc778\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"
Nomad server \uad6c\uc131 \ud30c\uc77c \ubcf5\uc0ac mkdir ..\/nomad_server_cluster cd ..\/nomad_server_cluster\/ cp ..\/consul_server_cluster\/variables.tf .\/ cp ..\/consul_server_cluster\/private.tf .\/ \ud30c\uc77c\uc0dd\uc131 vi templates.tf —————————– data "template_file" "user_data_nomad_server" { \/\/ template = file("${path.module}\/files\/user-data-nomad-server.sh") vars = { server_count = var.server_count region = var.region retry_join = var.retry_join } } data "aws_security_group" "consul_lb" { name = "${var.stack_name}-consul-lb" } —————————– vi sg.tf —————————– data "aws_vpc"\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31],"tags":[],"class_list":["post-6159","post","type-post","status-publish","format-standard","hentry","category-nomad"],"_links":{"self":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6159","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6159"}],"version-history":[{"count":1,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6159\/revisions"}],"predecessor-version":[{"id":6160,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6159\/revisions\/6160"}],"wp:attachment":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6159"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6159"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6159"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}