mutablelogic · djthorpe · Jan 25, 2024 · Jan 25, 2024 · Jan 25, 2024
diff --git a/README.md b/README.md
@@ -20,7 +20,6 @@ provider "nomad" {
 }
 ```
 
-
 ## coredns
 
 DNS server which could be used to resolve nomad services into dns records
@@ -30,34 +29,32 @@ DNS server which could be used to resolve nomad services into dns records
    * [Nomad Job](coredns/nomad/coredns.hcl)
 
 TODO:
-  * [ ] In progress
-  * [ ] Add nomad plugin
   * [ ] All nomad jobs will need to use the coredns service as a dns_server option
 
-## nginx
+## grafana
 
-Web server and reverse proxy, which can be placed on several nodes
+grafana is a database server
 
-   * [Documentation](https://nginx.org/en/)
-   * [Terraform Example](examples/nginx.tf)
-   * [Nomad Job](nginx/nomad/nginx.hcl)
+   * [Documentation](https://grafana.com/docs/grafana/latest/)
+   * [Terraform Example](examples/grafana.tf)
+   * [Nomad Job](grafana/nomad/grafana.hcl)
 
 TODO:
-  * [ ] In progress
-  * [ ] Add TLS certificate support
-  * [ ] Not sure how we can integrate with nomad services
+  * [ ] LDAP integration
+  * [ ] Add TLS support
+  * [ ] Data source provisioning
+  * [ ] Dashboard provisioning
 
-## seaweedfs
+## InfluxDB
 
-Cluster filesystem, which can be spread across multiple nodes.
+Time-series database, which can be placed on several nodes
 
-   * [Documentation](https://github.com/seaweedfs/seaweedfs)
-   * [Terraform Example](examples/seaweedfs.tf)
-   * [Nomad Job](seaweedfs/nomad/seaweedfs.hcl)
+   * [Documentation](https://docs.influxdata.com/influxdb/v2/)
+   * [Terraform Example](examples/influxdb.tf)
+   * [Nomad Job](influxdb/nomad/influxdb.hcl)
 
 TODO:
-  * [ ] In progress
-  * [ ] A lot of testing is needed
+  * [ ] Add TLS support
 
 ## mosquitto
 
@@ -70,6 +67,19 @@ MQTT broker, which can be placed on several nodes
 TODO:
   * [ ] Add TLS support
 
+## nginx
+
+Web server and reverse proxy, which can be placed on several nodes
+
+   * [Documentation](https://nginx.org/en/)
+   * [Terraform Example](examples/nginx.tf)
+   * [Nomad Job](nginx/nomad/nginx.hcl)
+
+TODO:
+  * [ ] In progress
+  * [ ] Add TLS certificate support
+  * [ ] Not sure how we can integrate with nomad services
+
 ## OpenLDAP
 
 OpenLDAP server, which can be placed on several nodes
@@ -79,36 +89,33 @@ OpenLDAP server, which can be placed on several nodes
    * [Nomad Job](openldap/nomad/openldap.hcl)
 
 TODO:
+  * [ ] In progress
   * [ ] Add TLS support
   * [ ] Add replication support 
   * [ ] Add custom schema support
 
-## InfluxDB
+## PostgreSQL
 
-Time-series database, which can be placed on several nodes
+PostgreSQL is a database server
 
-   * [Documentation](https://docs.influxdata.com/influxdb/v2/)
-   * [Terraform Example](examples/influxdb.tf)
-   * [Nomad Job](influxdb/nomad/influxdb.hcl)
+   * [Documentation](https://www.postgresql.org/)
+   * [Terraform Example](examples/postgresql.tf)
+   * [Nomad Job](postgresql/nomad/postgresql.hcl)
 
 TODO:
-  * [ ] Add TLS support
-
-## telegraf
+  * [ ] LDAP integration
 
-Time-series metrics collector, which can be placed on several nodes
+## seaweedfs
 
-   * [Documentation](https://docs.influxdata.com/telegraf/v1/)
-   * [Terraform Example](examples/telegraf.tf)
-   * [Nomad Job](telegraf/nomad/telegraf.hcl)
+Cluster filesystem, which can be spread across multiple nodes.
 
-When setting up your configuration with inputs and outputs, each value needs
-to be JSON encoded, so that the configuration can be passed as a map of strings,
-as Terraform does not support maps of more than one type. See the terraform
-example above for a demonstration of this.
+   * [Documentation](https://github.com/seaweedfs/seaweedfs)
+   * [Terraform Example](examples/seaweedfs.tf)
+   * [Nomad Job](seaweedfs/nomad/seaweedfs.hcl)
 
 TODO:
-  * [ ] Add processors support
+  * [ ] In progress
+  * [ ] A lot of testing is needed
 
 ## semaphore
 
@@ -122,29 +129,18 @@ TODO:
   * [ ] In progress
   * [ ] LDAP integration
 
-## PostgreSQL
-
-PostgreSQL is a database server
-
-   * [Documentation](https://www.postgresql.org/)
-   * [Terraform Example](examples/postgresql.tf)
-   * [Nomad Job](postgresql/nomad/postgresql.hcl)
-
-TODO:
-  * [ ] LDAP integration
-
+## telegraf
 
-## grafana
+Time-series metrics collector, which can be placed on several nodes
 
-grafana is a database server
+   * [Documentation](https://docs.influxdata.com/telegraf/v1/)
+   * [Terraform Example](examples/telegraf.tf)
+   * [Nomad Job](telegraf/nomad/telegraf.hcl)
 
-   * [Documentation](https://grafana.com/docs/grafana/latest/)
-   * [Terraform Example](examples/grafana.tf)
-   * [Nomad Job](grafana/nomad/grafana.hcl)
+When setting up your configuration with inputs and outputs, each value needs
+to be JSON encoded, so that the configuration can be passed as a map of strings,
+as Terraform does not support maps of more than one type. See the terraform
+example above for a demonstration of this.
 
 TODO:
-  * [ ] LDAP integration
-  * [ ] Add TLS support
-  * [ ] Data source provisioning
-  * [ ] Dashboard provisioning
-
+  * [ ] Add processors support
diff --git a/_examples/coredns.tf b/_examples/coredns.tf
@@ -3,11 +3,15 @@ module "coredns" {
   source = "github.com/mutablelogic/tf-nomad//coredns"
 
   // Required parameters
-  dc        = local.datacenter // Nomad datacenter for the cluster
-  namespace = local.namespace  // Nomad namespace for the cluster
+  dc          = local.datacenter  // Nomad datacenter for the cluster
+  namespace   = local.namespace   // Nomad namespace for the cluster
+  nomad_addr  = local.nomad_addr  // Address of the Nomad server
+  nomad_token = local.nomad_token // Token for the Nomad server
 
   // Optional parameters
-  enabled = true
-  hosts   = ["cm3"] // Host constraint for the job
-  port    = 53      // Port to expose for plaintext connections
+  enabled   = true
+  hosts     = ["cm3"] // Host constraint for the job
+  port      = 53      // Port to expose for plaintext connections
+  cache_ttl = 30      // Cache TTL in seconds
+  dns_zone  = "nomad" // DNS zone to serve
 }
diff --git a/coredns/config/Corefile b/coredns/config/Corefile
@@ -1,5 +1,15 @@
-.:53 {
-    forward . 8.8.8.8 9.9.9.9
+{{ env "DNS_ZONE" }} {
+    nomad {
+        address {{ env "NOMAD_ADDR" }}
+        token {{ env "NOMAD_TOKEN" }}
+        ttl {{ env "CACHE_TTL" }}
+    }
+    cache {{ env "CACHE_TTL" }}
+    errors
     log
+}
+
+. {
+    forward . /etc/resolv.conf
     errors
 }
diff --git a/coredns/input.tf b/coredns/input.tf
@@ -18,8 +18,8 @@ variable "enabled" {
 
 variable "docker_tag" {
   type        = string
-  description = "Version of the docker image to use, defaults to latest"
-  default     = "latest"
+  description = "Version of the docker image to use, defaults to v1.11.1"
+  default     = "v1.11.1"
 }
 
 variable "hosts" {
@@ -30,6 +30,29 @@ variable "hosts" {
 
 variable "port" {
   type        = number
-  description = "Port to expose plaintext service"
+  description = "Port to expose DNS service"
   default     = 53
 }
+
+variable "nomad_addr" {
+  description = "Nomad address url for service discovery (required)"
+  type        = string
+}
+
+variable "nomad_token" {
+  description = "Nomad authentication token"
+  type        = string
+  default     = ""
+}
+
+variable "cache_ttl" {
+  description = "Number of seconds to cache service discovery results"
+  type        = number
+  default     = 30
+}
+
+variable "dns_zone" {
+  type        = string
+  description = "DNS lookup zone (service.namespace.zone.)"
+  default     = "nomad"
+}
diff --git a/coredns/locals.tf b/coredns/locals.tf
@@ -1,5 +1,5 @@
 
 locals {
-    docker_image = "coredns/coredns:${var.docker_tag}"
+    docker_image = "ghcr.io/mutablelogic/coredns-nomad:${var.docker_tag}"
     docker_always_pull = var.docker_tag == "latest" ? true : false
 }
diff --git a/coredns/main.tf b/coredns/main.tf
@@ -13,6 +13,10 @@ resource "nomad_job" "coredns" {
       hosts              = jsonencode(var.hosts)
       port               = var.port
       corefile           = file("${path.module}/config/Corefile")
+      nomad_addr         = var.nomad_addr
+      nomad_token        = var.nomad_token
+      cache_ttl          = var.cache_ttl
+      dns_zone           = var.dns_zone
     }
   }
 }
diff --git a/coredns/nomad/coredns.hcl b/coredns/nomad/coredns.hcl
@@ -46,10 +46,33 @@ variable "port" {
 }
 
 variable "corefile" {
-  description = "Configuration file for coredns"
+  description = "Configuration file for coredns (required)"
   type        = string
 }
 
+variable "nomad_addr" {
+  description = "Nomad address url for service discovery (required)"
+  type        = string
+}
+
+variable "nomad_token" {
+  description = "Nomad authentication token"
+  type        = string
+  default     = ""
+}
+
+variable "cache_ttl" {
+  description = "Number of seconds to cache service discovery results"
+  type        = number
+  default     = 30
+}
+
+variable "dns_zone" {
+  description = "DNS lookup zone"
+  type        = string
+  default     = "nomad"
+}
+
 ///////////////////////////////////////////////////////////////////////////////
 // LOCALS
 
@@ -111,11 +134,18 @@ job "coredns" {
         data        = var.corefile
       }
 
+      env {
+        NOMAD_ADDR  = var.nomad_addr
+        NOMAD_TOKEN = var.nomad_token
+        CACHE_TTL   = var.cache_ttl
+        DNS_ZONE    = var.dns_zone
+      }
+
       config {
         image      = var.docker_image
         force_pull = var.docker_always_pull
         ports      = ["dns"]
-        args       = ["-conf", local.core_file]
+        args       = ["coredns", "-conf", local.core_file]
       }
 
     } // task "daemon"