github.com/Ilhicas/nomad@v1.0.4-0.20210304152020-e86851182bc3/website/content/docs/job-specification/connect.mdx (about) 1 --- 2 layout: docs 3 page_title: connect Stanza - Job Specification 4 sidebar_title: connect 5 description: The "connect" stanza allows specifying options for Consul Connect integration 6 --- 7 8 # `connect` Stanza 9 10 <Placement groups={['job', 'group', 'service', 'connect']} /> 11 12 The `connect` stanza allows configuring various options for 13 [Consul Connect](/docs/integrations/consul-connect). It is 14 valid only within the context of a service definition at the task group 15 level. For using `connect` when Consul ACLs are enabled, be sure to read through 16 the [Secure Nomad Jobs with Consul Connect](https://learn.hashicorp.com/tutorials/nomad/consul-service-mesh) 17 guide. 18 19 ```hcl 20 job "countdash" { 21 datacenters = ["dc1"] 22 23 group "api" { 24 network { 25 mode = "bridge" 26 } 27 28 service { 29 name = "count-api" 30 port = "9001" 31 32 connect { 33 sidecar_service {} 34 } 35 } 36 37 task "web" { 38 driver = "docker" 39 40 config { 41 image = "hashicorpnomad/counter-api:v3" 42 } 43 } 44 } 45 } 46 ``` 47 48 ## `connect` Parameters 49 50 Used to configure a connect service. Only one of `native`, `sidecar_service`, 51 or `gateway` may be realized per `connect` block. 52 53 - `native` - `(bool: false)` - This is used to configure the service as supporting 54 [Connect Native](https://www.consul.io/docs/connect/native) applications. 55 56 - `sidecar_service` - <code>([sidecar_service][]: nil)</code> - This is used to 57 configure the sidecar service created by Nomad for Consul Connect. 58 59 - `sidecar_task` - <code>([sidecar_task][]:nil)</code> - This modifies the 60 task configuration of the Envoy proxy created as a sidecar or gateway. 61 62 - `gateway` - <code>([gateway][]:nil)</code> - This is used to configure the 63 gateway service created by Nomad for Consul Connect. 64 65 ## `connect` Examples 66 67 ### Using Connect Native 68 69 The following example is a minimal service stanza for a 70 [Consul Connect Native](https://www.consul.io/docs/connect/native) 71 application implemented by a task named `generate`. 72 73 ```hcl 74 service { 75 name = "uuid-api" 76 port = "${NOMAD_PORT_api}" 77 task = "generate" 78 79 connect { 80 native = true 81 } 82 } 83 ``` 84 85 ### Using Sidecar Service 86 87 The following example is a minimal connect stanza with defaults and is 88 sufficient to start an Envoy proxy sidecar for allowing incoming connections 89 via Consul Connect. 90 91 ```hcl 92 connect { 93 sidecar_service {} 94 } 95 ``` 96 97 The following example includes specifying [`upstreams`][upstreams]. 98 99 ```hcl 100 connect { 101 sidecar_service { 102 proxy { 103 upstreams { 104 destination_name = "count-api" 105 local_bind_port = 8080 106 } 107 } 108 } 109 } 110 ``` 111 112 The following is the complete `countdash` example. It includes an API service 113 and a frontend Dashboard service which connects to the API service as a Connect 114 upstream. Once running, the dashboard is accessible at `localhost:9002`. 115 116 ```hcl 117 job "countdash" { 118 datacenters = ["dc1"] 119 120 group "api" { 121 network { 122 mode = "bridge" 123 } 124 125 service { 126 name = "count-api" 127 port = "9001" 128 129 connect { 130 sidecar_service {} 131 } 132 133 check { 134 expose = true 135 type = "http" 136 name = "api-health" 137 path = "/health" 138 interval = "10s" 139 timeout = "3s" 140 } 141 } 142 143 task "web" { 144 driver = "docker" 145 146 config { 147 image = "hashicorpnomad/counter-api:v3" 148 } 149 } 150 } 151 152 group "dashboard" { 153 network { 154 mode = "bridge" 155 156 port "http" { 157 static = 9002 158 to = 9002 159 } 160 } 161 162 service { 163 name = "count-dashboard" 164 port = "9002" 165 166 connect { 167 sidecar_service { 168 proxy { 169 upstreams { 170 destination_name = "count-api" 171 local_bind_port = 8080 172 } 173 } 174 } 175 } 176 } 177 178 task "dashboard" { 179 driver = "docker" 180 181 env { 182 COUNTING_SERVICE_URL = "http://${NOMAD_UPSTREAM_ADDR_count_api}" 183 } 184 185 config { 186 image = "hashicorpnomad/counter-dashboard:v3" 187 } 188 } 189 } 190 } 191 ``` 192 193 ### Using a Gateway 194 195 The following is an example service stanza for creating and using a connect ingress 196 gateway. It includes a gateway service definition and an api service fronted by 197 the gateway. Once running, the gateway can be used to reach the api service by first 198 looking up the gateway Consul DNS address, e.g. 199 200 ``` 201 curl $(dig +short @127.0.0.1 -p 8600 uuid-api.ingress.dc1.consul. ANY):8080 202 ``` 203 204 ```hcl 205 job "ingress-demo" { 206 207 datacenters = ["dc1"] 208 209 group "ingress-group" { 210 211 network { 212 mode = "bridge" 213 port "inbound" { 214 static = 8080 215 to = 8080 216 } 217 } 218 219 service { 220 name = "my-ingress-service" 221 port = "8080" 222 223 connect { 224 gateway { 225 ingress { 226 listener { 227 port = 8080 228 protocol = "tcp" 229 service { 230 name = "uuid-api" 231 } 232 } 233 } 234 } 235 } 236 } 237 } 238 } 239 ``` 240 241 ### Limitations 242 243 [gateway]: /docs/job-specification/gateway 244 [gh-7221]: https://github.com/hashicorp/nomad/issues/7221 245 [group]: /docs/job-specification/group 'Nomad group Job Specification' 246 [interpolation]: /docs/runtime/interpolation 'Nomad interpolation' 247 [job]: /docs/job-specification/job 'Nomad job Job Specification' 248 [native]: https://www.consul.io/docs/connect/native 249 [service_task]: /docs/job-specification/service#task-1 'Nomad service task' 250 [sidecar_service]: /docs/job-specification/sidecar_service 'Nomad sidecar service Specification' 251 [sidecar_task]: /docs/job-specification/sidecar_task 'Nomad sidecar task config Specification' 252 [task]: /docs/job-specification/task 'Nomad task Job Specification' 253 [upstreams]: /docs/job-specification/upstreams 'Nomad sidecar service upstreams Specification'