datacenter = "{{ nomad_datacenter }}" data_dir = "/opt/nomad/data" plugin_dir = "/opt/nomad/plugins" log_level = "INFO" name = "{{ inventory_hostname }}" bind_addr = "{{ inventory_hostname }}.tailnet-68f9.ts.net" addresses { http = "{{ inventory_hostname }}.tailnet-68f9.ts.net" rpc = "{{ inventory_hostname }}.tailnet-68f9.ts.net" serf = "{{ inventory_hostname }}.tailnet-68f9.ts.net" } advertise { http = "{{ inventory_hostname }}.tailnet-68f9.ts.net:4646" rpc = "{{ inventory_hostname }}.tailnet-68f9.ts.net:4647" serf = "{{ inventory_hostname }}.tailnet-68f9.ts.net:4648" } ports { http = 4646 rpc = 4647 serf = 4648 } server { enabled = false } client { enabled = true network_interface = "tailscale0" # Consul 服务器地址 servers = [ {% for server in consul_servers %} "{{ server.split(':')[0] }}:4647"{{ ',' if not loop.last else '' }} {% endfor %} ] # 配置 host volumes host_volume "fnsync" { path = "/mnt/fnsync" read_only = false } host_volume "vault-storage" { path = "/opt/nomad/data/vault-storage" read_only = false } # 驱动配置 options { "driver.raw_exec.enable" = "1" "driver.exec.enable" = "1" } # 节点元数据 meta { consul = "true" consul_version = "1.21.5" node_type = "client" } # 垃圾清理策略 gc_interval = "5m" gc_disk_usage_threshold = 80 gc_inode_usage_threshold = 70 } plugin "nomad-driver-podman" { config { socket_path = "unix:///run/podman/podman.sock" volumes { enabled = true } } } consul { address = "{{ consul_servers | join(',') }}" server_service_name = "nomad" client_service_name = "nomad-client" auto_advertise = true server_auto_join = false client_auto_join = true } vault { enabled = true address = "http://master.tailnet-68f9.ts.net:8200,http://ash3c.tailnet-68f9.ts.net:8200,http://warden.tailnet-68f9.ts.net:8200" token = "hvs.A5Fu4E1oHyezJapVllKPFsWg" create_from_role = "nomad-cluster" tls_skip_verify = true } telemetry { collection_interval = "1s" disable_hostname = false prometheus_metrics = true publish_allocation_metrics = true publish_node_metrics = true }