diff --git a/command/agent/config.go b/command/agent/config.go index 6137ea4f0..76079483d 100644 --- a/command/agent/config.go +++ b/command/agent/config.go @@ -82,6 +82,10 @@ type Config struct { // AtlasConfig is used to configure Atlas Atlas *AtlasConfig `mapstructure:"atlas"` + // ConsulConfig is used to configure Consul clients and register the nomad + // server and client services with Consul + ConsulConfig *ConsulConfig `mapstructure:"consul"` + // NomadConfig is used to override the default config. // This is largly used for testing purposes. NomadConfig *nomad.Config `mapstructure:"-" json:"-"` @@ -124,6 +128,53 @@ type AtlasConfig struct { Endpoint string `mapstructure:"endpoint"` } +// ConsulConfig is used to configure Consul clients and register the nomad +// server and client services with Consul +type ConsulConfig struct { + + // ServerServiceName is the name of the service that Nomad uses to register + // servers with Consul + ServerServiceName string `mapstructure:"server_service_name"` + + // ClientServiceName is the name of the service that Nomad uses to register + // clients with Consul + ClientServiceName string `mapstructure:"client_service_name"` + + // Addr is the address of the local Consul agent + Addr string `mapstructure:"addr"` + + // Token is used to provide a per-request ACL token.This options overrides + // the agent's default token + Token string `mapstructure:"token"` + + // Auth is the information to use for http access to Consul agent + Auth string `mapstructure:"auth"` + + // EnableSSL sets the transport scheme to talk to the Consul agent as https + EnableSSL bool `mapstructure:"ssl"` + + // VerifySSL enables or disables SSL verification when the transport scheme + // for the consul api client is https + VerifySSL bool `mapstructure:"verify_ssl"` + + // CAFile is the path to the ca certificate used for Consul communication + CAFile string `mapstructure:"ca_file"` + + // CertFile is the path to the certificate for Consul communication + CertFile string `mapstructure:"cert_file"` + + // KeyFile is the path to the private key for Consul communication + KeyFile string `mapstructure:"key_file"` + + // ServerAutoJoin enables Nomad servers to find peers by querying Consul and + // joining them + ServerAutoJoin bool `mapstructure:"server_auto_join"` + + // ClientAutoJoin enables Nomad servers to find addresses of Nomad servers + // and register with them + ClientAutoJoin bool `mapstructure:"client_auto_join"` +} + // ClientConfig is configuration specific to the client mode type ClientConfig struct { // Enabled controls if we are a client diff --git a/command/agent/config_parse.go b/command/agent/config_parse.go index 99bd06f07..9e64b4026 100644 --- a/command/agent/config_parse.go +++ b/command/agent/config_parse.go @@ -90,6 +90,7 @@ func parseConfig(result *Config, list *ast.ObjectList) error { "disable_update_check", "disable_anonymous_signature", "atlas", + "consul", "http_api_response_headers", } if err := checkHCLKeys(list, valid); err != nil { @@ -109,6 +110,7 @@ func parseConfig(result *Config, list *ast.ObjectList) error { delete(m, "server") delete(m, "telemetry") delete(m, "atlas") + delete(m, "consul") delete(m, "http_api_response_headers") // Decode the rest @@ -165,6 +167,13 @@ func parseConfig(result *Config, list *ast.ObjectList) error { } } + // Parse the consul config + if o := list.Filter("consul"); len(o.Items) > 0 { + if err := parseConsulConfig(&result.ConsulConfig, o); err != nil { + return multierror.Prefix(err, "consul ->") + } + } + // Parse out http_api_response_headers fields. These are in HCL as a list so // we need to iterate over them and merge them. if headersO := list.Filter("http_api_response_headers"); len(headersO.Items) > 0 { @@ -530,6 +539,47 @@ func parseAtlas(result **AtlasConfig, list *ast.ObjectList) error { return nil } +func parseConsulConfig(result **ConsulConfig, list *ast.ObjectList) error { + list = list.Elem() + if len(list.Items) > 1 { + return fmt.Errorf("only one 'consul' block allowed") + } + + // Get our consul object + listVal := list.Items[0].Val + + // Check for invalid keys + valid := []string{ + "server_service_name", + "client_service_name", + "addr", + "token", + "auth", + "ssl", + "verify_ssl", + "ca_file", + "cert_file", + "key_file", + } + + if err := checkHCLKeys(listVal, valid); err != nil { + return err + } + + var m map[string]interface{} + if err := hcl.DecodeObject(&m, listVal); err != nil { + return err + } + + var consulConfig ConsulConfig + if err := mapstructure.WeakDecode(m, &consulConfig); err != nil { + return err + } + + *result = &consulConfig + return nil +} + func checkHCLKeys(node ast.Node, valid []string) error { var list *ast.ObjectList switch n := node.(type) {