job "consul-cluster" { datacenters = ["dc1"] type = "service" # 确保在指定的节点上运行 constraint { attribute = "${node.unique.name}" operator = "regexp" value = "(hcs|master|ash3c)" } group "consul-servers" { count = 3 # 每个节点只运行一个 Consul 实例 constraint { operator = "distinct_hosts" value = "true" } # 网络配置 network { mode = "host" port "http" { static = 8500 } port "rpc" { static = 8300 } port "serf_lan" { static = 8301 } port "serf_wan" { static = 8302 } port "grpc" { static = 8502 } } # 持久化存储 volume "consul-data" { type = "host" read_only = false source = "consul-data" } task "consul" { driver = "podman" volume_mount { volume = "consul-data" destination = "/consul/data" read_only = false } config { image = "docker.io/hashicorp/consul:1.17" ports = ["http", "rpc", "serf_lan", "serf_wan", "grpc"] args = [ "agent", "-server", "-bootstrap-expect=3", "-datacenter=dc1", "-data-dir=/consul/data", "-log-level=INFO", "-node=${node.unique.name}", "-bind=${NOMAD_IP_serf_lan}", "-client=0.0.0.0", "-retry-join=100.84.197.26", "-retry-join=100.117.106.136", "-retry-join=100.116.80.94", "-ui-config-enabled=true", "-connect-enabled=true" ] } # 环境变量 env { CONSUL_ALLOW_PRIVILEGED_PORTS = "true" } # 资源配置 resources { cpu = 500 memory = 512 } # 健康检查 service { name = "consul" port = "http" tags = [ "consul", "server", "${node.unique.name}" ] check { type = "http" path = "/v1/status/leader" interval = "10s" timeout = "3s" } } # 重启策略 restart { attempts = 3 interval = "30m" delay = "15s" mode = "fail" } } } }