There are some good ansible playbooks on GitHub for nomad, consul and vault. I p... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

alephu5 on July 22, 2021 | parent | context | favorite | on: Kubernetes is our generation's Multics

There are some good ansible playbooks on GitHub for nomad, consul and vault. I personally don't use vault because it's overkill for the proeuct in working on at the moment.

To avoid the pain of managing a CA and passing out certificates for TLS between services, I use a wireguard mesh and bind nomad, consul and vault to these wg interfaces. This includes all the chatter of these components, as well as the services I deploy with nomad. It's configured such that any job can join the "private" wireguard network or "public" internet gateway.

It takes a few days to set up, but it's very easy to manage.

nsomaru on July 22, 2021 [–]

Do you have somewhere to point me to set things up in this configuration?

I’m a freelancer that hosts client stuff and I need something between “SSH into server” and “kubernetes.”

No, I never did buy the docker hype. Seem to be doing okay.

cpach on July 22, 2021 | [–]

Have you looked into Fly.io or AWS Fargate?

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact