Basic example for the module. Per default the module will be deployed in us-east-1 (virginia).

Deploy the infrastructure

# terraform init &&\
# terraform plan -out cos.plan -var deploy_profile=<your-profile> -var ami_id=<ami_with_nomad_consul_docker> &&\
# terraform apply "cos.plan"

# on playground
terraform init &&\
terraform plan -out cos.plan -var deploy_profile=playground -var ami_id=ami-004a32b425845383a &&\
terraform apply "cos.plan"

Now you can either configure your shell using the script by calling:

source ./

Or you follow the preceding instructions.

Setup helper scripts

script_dir=$(pwd)/../helper && export PATH=$PATH:$script_dir &&\
export AWS_PROFILE=playground


Configure and check nomad

# Set the NOMAD_ADDR env variable
nomad_dns=$(terraform output nomad_ui_alb_dns) &&\
export NOMAD_ADDR=http://$nomad_dns &&\
echo ${NOMAD_ADDR}

Wait until the nomad nodes are available

# wait for servers and clients &&\

(Optional) Show some commands


(Optional) Configure and check consul

# Set the CONSUL_HTTP_ADDR env variable
consul_dns=$(terraform output consul_ui_alb_dns) &&\
export CONSUL_HTTP_ADDR=http://$consul_dns &&\

(Optional) Wait until the consul nodes are available

# wait for servers and clients
## TBD

(Optional) Watch for services to be registered at consul

# watch ping-service
watch -x consul watch -service=ping-service -type=service

# watch fabio
watch -x consul watch -service=fabio -type=service

Deploy sample services


# 1. Deploy fabio
nomad run $job_dir/fabio.nomad

# 2. Deploy ping_service
nomad run $job_dir/ping_service.nomad

Open UI's

xdg-open $( | awk '/consul/ {print $3}') &&\
xdg-open $( | awk '/nomad/ {print $3}') &&\
xdg-open $( | awk '/fabio/ {print $3}')

Test the service

# call the service over loadbalancer
ingress_alb_dns=$(terraform output ingress_alb_dns) &&\
watch -x curl -s http://$ingress_alb_dns/ping

Destroy the infrastructure

# terraform destroy -var deploy_profile=<your-profile>

# on playground
terraform destroy -var deploy_profile=playground

(Optional) Enable SSH access to instances

Connect to the bastion using sshuttle

# call


Network Setup

Nomad architecture root-example

Datacenter Configuration

  Datacenter Configuration

  • Describe to configuration of the different nomad datacenters.


No images found for AMI

If you see the following error, then you don't have the AMI which is referenced available in your account.

module.nomad-infra.module.dc-backoffice.module.data_center.aws_launch_configuration.launch_configuration: 1 error occurred:
aws_launch_configuration.launch_configuration: No images found for AMI ami-02d24827dece83bef

To solve this issue you have to build it and to reference the newly built AMI in the example.

Build the AMI

How to do this see paragraph Build the AMI using Packer in modules/ami2/

output of ami creation

Reference the AMI in root-example

Open the file and there replace the value of the field default for variables nomad_ami_id_clients and nomad_ami_id_servers with the id of the ami that was just created with packer.

reference the ami

MalformedCertificate: Certificate is no longer valid

If the used certificate is not valid any more you will receive the following (or similar) error.

aws_iam_server_certificate.certificate_alb: 1 error occurred:
aws_iam_server_certificate.certificate_alb: Error uploading server certificate, error: MalformedCertificate: Certificate is no longer valid. The 'Not After' date restriction on the certificate has passed.

To solve this issue a new certificate has to be created.

Create the self signed Certificate

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes

Then copy the content of cert.pem into the field certificate_body of the file And copy the content of key.pem into the field private_key of the file


Simplified AMI Usage

This example uses the same AMI for the nomad servers, clients and the consul servers.