Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature : Support Nomad Task API #3

Open
henrikjohansen opened this issue Jun 4, 2024 · 3 comments
Open

Feature : Support Nomad Task API #3

henrikjohansen opened this issue Jun 4, 2024 · 3 comments

Comments

@henrikjohansen
Copy link

henrikjohansen commented Jun 4, 2024
edited
Loading

Nomad's Task API provides every task managed by Nomad with a Unix Domain Socket (UDS) to access the local agent's HTTP API. Regardless of agent configuration the Task API does not require mTLS, but always requires authentication.

This would make it much easier when working with an mTLS enabled cluster 😇 and IIRC only requires a newer version of the Nomad API client.

https://developer.hashicorp.com/nomad/api-docs/task-api
hashicorp/nomad#16872
@apollo13
Copy link
Contributor

@henrikjohansen My PR #4 should provide support for what you requested. I haven't tested it on a cluster yet, but maybe you can build the docker file and test it?

blinkinglight added a commit that referenced this issue Aug 15, 2024
@blinkinglight
Merge pull request #4 from apollo13/nomad-client-uds-support
1ee763b 
Upgrade nomad api package to support unix domain sockets. Fixes #3
@blinkinglight
Copy link
Contributor

blinkinglight commented Aug 15, 2024
edited
Loading

you could try this build from main branch ghcr.io/ituoga/coredns-nomad:main

@blinkinglight blinkinglight reopened this Aug 15, 2024
@henrikjohansen
Copy link
Author

@blinkinglight Something seems off, running the above image I get unsupported protocol scheme "unix" ...

service.nomad.:1053
CoreDNS-1.11.3
linux/amd64, go1.21.13, c742ec03f-dirty
[DEBUG] plugin/nomad: Looking up record for svc: dns namespace: default
[ERROR] plugin/nomad: getClientfailed querying self endpoint: Get "unix:///v1/agent/self?namespace=platform®ion=global": unsupported protocol scheme "unix"
[INFO] 172.19.92.116:64739 - 57057 "A IN dns.default.service.nomad. udp 54 false 4096" NOERROR qr,aa,rd 43 0.00034716s

The corresponding Corefile is :

service.nomad.:1053 {
    errors
    debug
    health
    log
    nomad {
      zone service.nomad
      address unix:///secrets/api.sock
      ttl 10
    }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@blinkinglight @apollo13 @henrikjohansen