Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to apply allow_caps to Docker config under nomad_plugins #127

Open
bradleydwyer opened this issue May 18, 2021 · 1 comment
Open

Unable to apply allow_caps to Docker config under nomad_plugins #127

bradleydwyer opened this issue May 18, 2021 · 1 comment
Labels
help wanted

Comments

@bradleydwyer
Copy link

Was just trying to add the a capability to the Docker plugin (in my case, NET_ADMIN) and noticed that the generated client.hcl isn't accepted by Nomad on startup.

Given the Ansible YAML config of:

nomad_plugins:
  docker:
    config:
      allow_caps: ["NET_ADMIN"]

The generated HCL is (that Nomad rejects):

plugin "docker" {
    config {
        allow_caps = ['net_admin']
    }
}

Where I would have expected (and Nomad happily starts with):

plugin "docker" {
    config {
        allow_caps = ["NET_ADMIN"]
    }
}

I also tried a list format for the YAML

nomad_plugins:
  docker:
    config:
      allow_caps:
      - "NET_ADMIN"

But it had the same output.

I presume the lowercase originates from

ansible-nomad/templates/client.hcl.j2

Line 74 in a1853f1

{{ key | indent(count*width, first=True) }} = {% if value is string %}"{{ value }}"{% else %}{{ value | string | lower }}{% endif %}
and I'm happy to change it, but I'm not sure why it's there in the first place, so I'm a little hesitant to just go changing it to solve my specific problem.
@bradleydwyer
Copy link
Author

bradleydwyer commented May 18, 2021
edited

As a possible fix, but not well tested:

{{ key | indent(count*width, first=True) }} = {% if value is string %}"{{ value }}"{% elif value is iterable and (value is not string and value is not mapping) -%}[{% set comma = joiner(",") %}{% for item in value %}{{ comma() }}"{{ item | string }}"{% endfor %}]{% else %}{{ value | string | lower }}{% endif %}

Replacing L74 from client.hcl.j2

Can submit a pull request if you think it's a valid fix. It seems to resolve my issue and doesn't appear to break other items I currently use in the docker config section - but I wouldn't call it well tested at all.

Pull request is #128

Rendanic added a commit to Rendanic/ansible-nomad that referenced this issue Jan 30, 2022
@Rendanic
fix yaml list in nomad_plugins
eb36930 
There is no simple solution for converting yaml to hcl2. This is a work
arround until a real converter is availible.

This is related to ansible-community#127.
Rendanic added a commit to Rendanic/ansible-nomad that referenced this issue Jan 30, 2022
@Rendanic
fix yaml list in nomad_plugins
f354a68 
There is no simple solution for converting yaml to hcl2. This is a work
arround until a real converter is availible.

This is related to ansible-community#127.

Signed-off-by: Thorsten Bruhns <thorsten.bruhns@googlemail.com>
Rendanic added a commit to Rendanic/ansible-nomad that referenced this issue Jan 30, 2022
@Rendanic
fix yaml list in nomad_plugins
38c5355 
There is no simple solution for converting yaml to hcl2. This is a work
arround until a real converter is availible.

This is related to ansible-community#127.
@Rendanic Rendanic mentioned this issue Jan 30, 2022
Merged
lanefu pushed a commit that referenced this issue Jan 30, 2022
@Rendanic
fix yaml list in nomad_plugins (#152)
92d4e33 
There is no simple solution for converting yaml to hcl2. This is a work
arround until a real converter is availible.

This is related to #127.
ctorrisi added a commit to ctorrisi/ansible-nomad that referenced this issue Aug 31, 2022
@ctorrisi @blmhemu
@hbollamreddiarkin @paladin-devops @ppacher @kevinschoonover @firke @DaazKu @kedai @Rendanic
merge master (#1)
d3ed785 
* Upgrade nomad, podman driver. Added many features. (ansible-community#131)

* Update main.yml

* Added host networks

* Added README and exmaple for host networks

* Fixed README for host nets

* Upgraded nomad_version

* Updated readme

* Update README.md

* Update client.hcl.j2

* Added cni support

* Added cni dir creation

* Fixed archiving

* updated readme with cni

* Updated copy

* Added tls

* Fixed a bug

* Fixed a bug

* Fixed a bug

* Added tls copy support

* Added readme

* Minor formatting

* Added new line at end of defaults

* Fixed multiple vars

* Fixed vars

* Fixed vars bug giving appended path

* Updated podman to 0.3.0

* Added tls consul support

* Added readme

* Added ssl consul

Co-authored-by: Hemanth Bollamreddi <hbollamreddi@vmware.com>

* Add support for Photon 4 (ansible-community#137)

* Add VMware Photon OS as a valid OS distro.

* Add VMware Photon OS vars file.

* Modified OS package installation for Photon.

Co-authored-by: josephrajewski <joseph.rajewski@johnstonhowse.com>

* Set become:false when deleting local gossip key (ansible-community#142)

The local gossip encryption key at `/tmp/nomad_raw.key` is created using `become: false`. However, during cleanup (`Delete gossip encryption key`) `become: false` is missing and might cause issues becoming root on localhost if sudo asks for a password.

This PR fixes this by addind `become: false` to the respective task in get_gossip_key.yml

* use ansible 'version' check in nomad_telemetry (ansible-community#130)

* Fixes custom RPC port for client. (ansible-community#138)

* Fixes custom RPC port for client.

* Always restart service - does not restart by default on reboot.

* Allow to configure communication from Nomad to Consul over TLS (ansible-community#129)

- Add TLS related variables to defaults/main.yml
- Update base template
- Update REAME.md with new variables

* Removed duplicates ssl config in base.hcl.j2 (ansible-community#148)

* Removed duplicates ssl config in base.hcl.j2

* Removed duplicates in README.md and defaults/main.yml as mentioned by [Blefish](https://github.com/Blefish)

Co-authored-by: bakhtiar.hamid <bakhtiar.hamid@paynet.my>

* fix yaml list in nomad_plugins (ansible-community#152)

There is no simple solution for converting yaml to hcl2. This is a work
arround until a real converter is availible.

This is related to ansible-community#127.

Co-authored-by: Hemanth Bollamreddi <blmhemu@gmail.com>
Co-authored-by: Hemanth Bollamreddi <hbollamreddi@vmware.com>
Co-authored-by: Joe <83741749+paladin-devops@users.noreply.github.com>
Co-authored-by: josephrajewski <joseph.rajewski@johnstonhowse.com>
Co-authored-by: Patrick Pacher <patrick.pacher@gmail.com>
Co-authored-by: Kevin Schoonover <schoonoverkevinm@gmail.com>
Co-authored-by: firke <edvards.sedols@gmail.com>
Co-authored-by: Alexandre Chouinard <Daazku@gmail.com>
Co-authored-by: kedai <kedai@kedai.com.my>
Co-authored-by: bakhtiar.hamid <bakhtiar.hamid@paynet.my>
Co-authored-by: Thorsten Bruhns <Rendanic@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bradleydwyer @lanefu