github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/website/content/docs/job-specification/connect.mdx (about) 1 --- 2 layout: docs 3 page_title: connect Stanza - Job Specification 4 description: The "connect" stanza allows specifying options for Consul Connect integration 5 --- 6 7 # `connect` Stanza 8 9 <Placement groups={['job', 'group', 'service', 'connect']} /> 10 11 The `connect` stanza allows configuring various options for 12 [Consul Connect](/docs/integrations/consul-connect). It is 13 valid only within the context of a service definition at the task group 14 level. For using `connect` when Consul ACLs are enabled, be sure to read through 15 the [Secure Nomad Jobs with Consul Connect](https://learn.hashicorp.com/tutorials/nomad/consul-service-mesh) 16 guide. 17 18 ```hcl 19 job "countdash" { 20 datacenters = ["dc1"] 21 22 group "api" { 23 network { 24 mode = "bridge" 25 } 26 27 service { 28 name = "count-api" 29 port = "9001" 30 31 connect { 32 sidecar_service {} 33 } 34 } 35 36 task "web" { 37 driver = "docker" 38 39 config { 40 image = "hashicorpdev/counter-api:v3" 41 } 42 } 43 } 44 } 45 ``` 46 47 ## `connect` Parameters 48 49 Used to configure a connect service. Only one of `native`, `sidecar_service`, 50 or `gateway` may be realized per `connect` block. 51 52 - `native` - `(bool: false)` - This is used to configure the service as supporting 53 [Connect Native](https://developer.hashicorp.com/consul/docs/connect/native) applications. 54 55 - `sidecar_service` - <code>([sidecar_service][]: nil)</code> - This is used to 56 configure the sidecar service created by Nomad for Consul Connect. 57 58 - `sidecar_task` - <code>([sidecar_task][]:nil)</code> - This modifies the 59 task configuration of the Envoy proxy created as a sidecar or gateway. 60 61 - `gateway` - <code>([gateway][]:nil)</code> - This is used to configure the 62 gateway service created by Nomad for Consul Connect. 63 64 ## `connect` Examples 65 66 ### Using Connect Native 67 68 The following example is a minimal service stanza for a 69 [Consul Connect Native](https://developer.hashicorp.com/consul/docs/connect/native) 70 application implemented by a task named `generate`. 71 72 ```hcl 73 service { 74 name = "uuid-api" 75 port = "${NOMAD_PORT_api}" 76 task = "generate" 77 78 connect { 79 native = true 80 } 81 } 82 ``` 83 84 ### Using Sidecar Service 85 86 The following example is a minimal connect stanza with defaults and is 87 sufficient to start an Envoy proxy sidecar for allowing incoming connections 88 via Consul Connect. 89 90 ```hcl 91 connect { 92 sidecar_service {} 93 } 94 ``` 95 96 The following example includes specifying [`upstreams`][upstreams]. 97 98 ```hcl 99 connect { 100 sidecar_service { 101 proxy { 102 upstreams { 103 destination_name = "count-api" 104 local_bind_port = 8080 105 } 106 } 107 } 108 } 109 ``` 110 111 The following is the complete `countdash` example. It includes an API service 112 and a frontend Dashboard service which connects to the API service as a Connect 113 upstream. Once running, the dashboard is accessible at `localhost:9002`. 114 115 ```hcl 116 job "countdash" { 117 datacenters = ["dc1"] 118 119 group "api" { 120 network { 121 mode = "bridge" 122 } 123 124 service { 125 name = "count-api" 126 port = "9001" 127 128 connect { 129 sidecar_service {} 130 } 131 132 check { 133 expose = true 134 type = "http" 135 name = "api-health" 136 path = "/health" 137 interval = "10s" 138 timeout = "3s" 139 } 140 } 141 142 task "web" { 143 driver = "docker" 144 145 config { 146 image = "hashicorpdev/counter-api:v3" 147 } 148 } 149 } 150 151 group "dashboard" { 152 network { 153 mode = "bridge" 154 155 port "http" { 156 static = 9002 157 to = 9002 158 } 159 } 160 161 service { 162 name = "count-dashboard" 163 port = "9002" 164 165 connect { 166 sidecar_service { 167 proxy { 168 upstreams { 169 destination_name = "count-api" 170 local_bind_port = 8080 171 } 172 } 173 } 174 } 175 } 176 177 task "dashboard" { 178 driver = "docker" 179 180 env { 181 COUNTING_SERVICE_URL = "http://${NOMAD_UPSTREAM_ADDR_count_api}" 182 } 183 184 config { 185 image = "hashicorpdev/counter-dashboard:v3" 186 } 187 } 188 } 189 } 190 ``` 191 192 ### Using a Gateway 193 194 The following is an example service stanza for creating and using a connect ingress 195 gateway. It includes a gateway service definition and an api service fronted by 196 the gateway. Once running, the gateway can be used to reach the api service by first 197 looking up the gateway Consul DNS address, e.g. 198 199 ``` 200 curl $(dig +short @127.0.0.1 -p 8600 uuid-api.ingress.dc1.consul. ANY):8080 201 ``` 202 203 ```hcl 204 job "ingress-demo" { 205 206 datacenters = ["dc1"] 207 208 group "ingress-group" { 209 210 network { 211 mode = "bridge" 212 port "inbound" { 213 static = 8080 214 to = 8080 215 } 216 } 217 218 service { 219 name = "my-ingress-service" 220 port = "8080" 221 222 connect { 223 gateway { 224 ingress { 225 listener { 226 port = 8080 227 protocol = "tcp" 228 service { 229 name = "uuid-api" 230 } 231 } 232 } 233 } 234 } 235 } 236 } 237 } 238 ``` 239 240 ### Limitations 241 242 [gateway]: /docs/job-specification/gateway 243 244 [gh-7221]: https://github.com/hashicorp/nomad/issues/7221 245 246 [group]: /docs/job-specification/group "Nomad group Job Specification" 247 248 [interpolation]: /docs/runtime/interpolation "Nomad interpolation" 249 250 [job]: /docs/job-specification/job "Nomad job Job Specification" 251 252 [native]: https://developer.hashicorp.com/consul/docs/connect/native 253 254 [service_task]: /docs/job-specification/service#task-1 "Nomad service task" 255 256 [sidecar_service]: /docs/job-specification/sidecar_service "Nomad sidecar service Specification" 257 258 [sidecar_task]: /docs/job-specification/sidecar_task "Nomad sidecar task config Specification" 259 260 [task]: /docs/job-specification/task "Nomad task Job Specification" 261 262 [upstreams]: /docs/job-specification/upstreams "Nomad sidecar service upstreams Specification"