HashiConf 2024 Now streaming live from Boston! Attend for free
Nomad
Nomad Home

Pot Task Driver

Name: pot

The Pot task driver provides an interface for using pot for dynamically running applications inside a FreeBSD Jail. You can download the external nomad-pot-driver here.

Task Configuration

task "nginx-pot" {
    driver = "pot"

    config {
      image = "https://pot-registry.zapto.org/registry/"
      pot = "FBSD120-nginx"
      tag = "1.0"
      command = "nginx"
      args = [
        "-g 'daemon off;'"
      ]
      network_mode = "public-bridge"
      port_map = {
        http = "80"
      }
      copy = [
        "/root/index.html:/usr/local/www/nginx-dist/index.html",
        "/root/nginx.conf:/usr/local/etc/nginx/nginx.conf"
      ]
      mount = [
        "/tmp/test:/root/test",
      ]
      mount_read_only = [
        "/tmp/test2:/root/test2"
      ]
      extra_hosts = [
        "artifactory.yourdomain.com:192.168.0.1",
        "mail.yourdomain.com:192.168.0.2"
      ]
   }
}

The pot task driver supports the following parameters:

  • image - The url for the http registry from where to get the image.

  • pot - Name of the image in the registry.

  • tag - Version of the image.

  • command - Command that is going to be executed once the jail is started.

  • args - (Optional) List of options for the command executed on the command argument.

  • network_mode - (Optional) Defines the network mode of the pot. Default: "public-bridge"

    Possible values are:

    "public-bridge" pot creates an internal virtual network with a NAT table where all traffic is going to be sent.

    "host" pot bounds the jail directly to a host port.

  • port_map - (Optional) Sets the port on which the application is listening inside of the jail. If not set, the application will inherit the port configuration from the image.

  • copy - (Optional) Copies a file from the host machine to the pot jail in the given directory.

  • mount - (Optional) Mounts a read/write folder from the host machine to the pot jail.

  • mount_read_only - (Optional) Mounts a read only directory inside the pot jail.

  • extra_hosts - (Optional) A list of hosts, given as host:IP, to be added to /etc/hosts

Client Requirements

pot Task Driver requires the following:

  • 64-bit FreeBSD 12.0-RELEASE host .
  • The FreeBSD's Nomad binary (available as a package).
  • The pot-task-driver binary placed in the plugin_dir directory.
  • Installing pot and following the install guide.
  • Webserver from where to serve the images. (simple file server)
  • Following lines need to be included in your rc.conf
nomad_user="root"
nomad_env="PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/sbin:/bin"