Clean up repository: remove backup files and reorganize infrastructure components

components/vault/README.md

@@ -0,0 +1,7 @@
+# Vault 配置
+
+## Jobs
+
+- `vault-cluster-exec.nomad` - Vault 集群 (exec 驱动)
+- `vault-cluster-podman.nomad` - Vault 集群 (podman 驱动)  
+- `vault-dev-warden.nomad` - Vault 开发环境

components/vault/jobs/vault-cluster-exec.nomad

@@ -39,8 +39,14 @@ job "vault-cluster-exec" {
 
       template {
         data = <<EOH
-storage "file" {
-  path = "/opt/nomad/data/vault/data"
+storage "consul" {
+  address = "{{ with nomadService "consul" }}{{ range . }}{{ if contains .Tags "http" }}{{ .Address }}:{{ .Port }}{{ end }}{{ end }}{{ end }}"
+  path    = "vault/"
+  # Consul服务发现配置
+  service {
+    name = "vault"
+    tags  = ["vault"]
+  }
 }
 
 listener "tcp" {
@@ -58,20 +64,12 @@ disable_mlock = true
 disable_sealwrap = true
 disable_cache = false
 
-# 配置consul连接
-consul {
-  address = "127.0.0.1:8500"
-  path    = "vault/"
-  # 注意：可能需要配置token
-  # token   = "your-consul-token"
-}
+# 启用原始日志记录
+enable_raw_log = true
 
-# 配置consul连接
-consul {
-  address = "127.0.0.1:8500"
-  path    = "vault/"
-  # 注意：可能需要配置token
-  # token   = "your-consul-token"
+# 集成Nomad服务发现
+service_registration {
+  enabled = true
 }
 EOH
         destination = "/opt/nomad/data/vault/config/vault.hcl"
@@ -100,14 +98,7 @@ EOH
   group "vault-ash3c" {
     count = 1
 
-    # 显式指定consul版本要求，覆盖自动约束
-    constraint {
-      attribute = "${attr.consul.version}"
-      operator = "version"
-      value = ">= 1.0.0"
-    }
-    
-    # 添加一个总是满足的约束来确保调度
+    # 移除对consul版本的约束，使用driver约束替代
     constraint {
       attribute = "${driver.exec}"
       operator = "="
@@ -141,8 +132,14 @@ EOH
 
       template {
         data = <<EOH
-storage "file" {
-  path = "/opt/nomad/data/vault/data"
+storage "consul" {
+  address = "{{ with nomadService "consul" }}{{ range . }}{{ if contains .Tags "http" }}{{ .Address }}:{{ .Port }}{{ end }}{{ end }}{{ end }}"
+  path    = "vault/"
+  # Consul服务发现配置
+  service {
+    name = "vault"
+    tags  = ["vault"]
+  }
 }
 
 listener "tcp" {
@@ -159,6 +156,14 @@ disable_mlock = true
 # 添加更多配置来解决权限问题
 disable_sealwrap = true
 disable_cache = false
+
+# 启用原始日志记录
+enable_raw_log = true
+
+# 集成Nomad服务发现
+service_registration {
+  enabled = true
+}
 EOH
         destination = "/opt/nomad/data/vault/config/vault.hcl"
       }
@@ -186,14 +191,7 @@ EOH
   group "vault-warden" {
     count = 1
 
-    # 显式指定consul版本要求，覆盖自动约束
-    constraint {
-      attribute = "${attr.consul.version}"
-      operator = "version"
-      value = ">= 1.0.0"
-    }
-    
-    # 添加一个总是满足的约束来确保调度
+    # 移除对consul版本的约束，使用driver约束替代
     constraint {
       attribute = "${driver.exec}"
       operator = "="
@@ -227,8 +225,14 @@ EOH
 
       template {
         data = <<EOH
-storage "file" {
-  path = "/opt/nomad/data/vault/data"
+storage "consul" {
+  address = "{{ with nomadService "consul" }}{{ range . }}{{ if contains .Tags "http" }}{{ .Address }}:{{ .Port }}{{ end }}{{ end }}{{ end }}"
+  path    = "vault/"
+  # Consul服务发现配置
+  service {
+    name = "vault"
+    tags  = ["vault"]
+  }
 }
 
 listener "tcp" {
@@ -245,6 +249,14 @@ disable_mlock = true
 # 添加更多配置来解决权限问题
 disable_sealwrap = true
 disable_cache = false
+
+# 启用原始日志记录
+enable_raw_log = true
+
+# 集成Nomad服务发现
+service_registration {
+  enabled = true
+}
 EOH
         destination = "/opt/nomad/data/vault/config/vault.hcl"
       }