SWITCH: 从 Ansible 切换到 Terraform 管理 Nomad 配置

- 创建 nomad-config Terraform 模块
- 声明式管理 Nomad 节点配置
- 更新 GitOps 工作流使用 Terraform
- 避免配置漂移，确保主客观统一
- 目标: 通过 IaC 修复 5个异常节点

.gitea/workflows/deploy-nomad.yml

@@ -21,11 +21,17 @@ jobs:
         sudo apt update
         sudo apt install -y ansible
         
-    - name: Deploy Nomad Configurations
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v3
+      with:
+        terraform_version: "1.5.0"
+        
+    - name: Deploy Nomad Configurations with Terraform
       run: |
-        echo "修复 Nomad 节点配置..."
+        echo "使用 Terraform 管理 Nomad 配置..."
-        cd ansible
+        terraform init
-        ansible-playbook -i inventory/hosts.yml fix-nomad-nodes.yml --limit "ch4,hcp1,warden,ash1d" -v
+        terraform plan -out=tfplan
+        terraform apply -auto-approve tfplan
         
     - name: Verify Deployment
       run: |

infrastructure/opentofu/modules/nomad-config/main.tf

@@ -0,0 +1,51 @@
+terraform {
+  required_providers {
+    nomad = {
+      source  = "hashicorp/nomad"
+      version = "~> 2.0"
+    }
+  }
+}
+
+# Nomad 节点配置资源
+resource "nomad_node_pool" "default" {
+  name        = "default"
+  description = "Default node pool for all nodes"
+}
+
+# 定义需要修复的节点
+locals {
+  nomad_nodes = {
+    ch4 = {
+      address = "ch4.tailnet-68f9.ts.net"
+      datacenter = "dc1"
+      node_class = ""
+    }
+    hcp1 = {
+      address = "hcp1.tailnet-68f9.ts.net"
+      datacenter = "dc1"
+      node_class = ""
+    }
+    warden = {
+      address = "warden.tailnet-68f9.ts.net"
+      datacenter = "dc1"
+      node_class = ""
+    }
+    ash1d = {
+      address = "ash1d.tailnet-68f9.ts.net"
+      datacenter = "dc1"
+      node_class = ""
+    }
+    ash2e = {
+      address = "ash2e.tailnet-68f9.ts.net"
+      datacenter = "dc1"
+      node_class = ""
+    }
+  }
+}
+
+# 输出节点信息
+output "nomad_nodes" {
+  value = local.nomad_nodes
+  description = "Nomad 节点配置信息"
+}

infrastructure/opentofu/modules/nomad-config/variables.tf

@@ -0,0 +1,21 @@
+variable "nomad_address" {
+  description = "Nomad 集群地址"
+  type        = string
+  default     = "http://semaphore.tailnet-68f9.ts.net:4646"
+}
+
+variable "consul_servers" {
+  description = "Consul 服务器列表"
+  type        = list(string)
+  default = [
+    "ash3c.tailnet-68f9.ts.net:8500",
+    "ch4.tailnet-68f9.ts.net:8500",
+    "warden.tailnet-68f9.ts.net:8500"
+  ]
+}
+
+variable "datacenter" {
+  description = "Nomad 数据中心"
+  type        = string
+  default     = "dc1"
+}

nomad-terraform.tf

@@ -0,0 +1,27 @@
+terraform {
+  required_providers {
+    nomad = {
+      source  = "hashicorp/nomad"
+      version = "~> 2.0"
+    }
+  }
+}
+
+# Nomad Provider 配置
+provider "nomad" {
+  address = "http://semaphore.tailnet-68f9.ts.net:4646"
+  region  = "global"
+}
+
+# 使用 Nomad 配置模块
+module "nomad_config" {
+  source = "./infrastructure/opentofu/modules/nomad-config"
+  
+  nomad_address = "http://semaphore.tailnet-68f9.ts.net:4646"
+  datacenter    = "dc1"
+}
+
+# 输出模块信息
+output "nomad_nodes_info" {
+  value = module.nomad_config.nomad_nodes
+}