Skip to content

Instantly share code, notes, and snippets.

@GusAntoniassi
Last active July 12, 2024 14:53
Show Gist options
  • Save GusAntoniassi/5ad2046324d009a9aaf89b662a0ebf79 to your computer and use it in GitHub Desktop.
Save GusAntoniassi/5ad2046324d009a9aaf89b662a0ebf79 to your computer and use it in GitHub Desktop.
How to install Hashicorp Nomad on aarch64 Alpine Linux (Moto G6 / PostmarketOS)

How to install Hashicorp Nomad on aarch64 Alpine Linux (Moto G6 / PostmarketOS)

Since as of now there is no binary release for Hashicorp Nomad in aarch64, we'll have to compile it from scratch.

PostmarketOS configuration

As of now, the mainline kernel that motorola-ali uses comes with a couple of netfilter extensions disabled, and we'll have to enable them for the CNI plugins that Nomad uses.

Edit the kernel kconfig with:

pmbootstrap kconfig edit linux-postmarketos-qcom-msm8953-6.9.1-r1

Navigate to Networking Support -> Networking Options -> Network packet filtering framework (Netfilter) -> Core Netfilter Configuration -> Netfilter Xtables support (required for ip_tables) and enable:

  • "comment" match support
  • "mark" match support
  • "multiport" Multiple port match support

Save your changes and exit. Compile the kernel with:

pmbootstrap build --force linux-postmarketos-qcom-msm8953

Install the packages to chroot with:

pmbootstrap install

Then proceed to flash the compiled kernel to the device following these instructions. Note this will format the device so you'll have to do USB forwarding and Wi-Fi configuration again.

Install Docker

sudo apk add docker
sudo rc-service docker start
sudo rc-service add docker

Install dependencies

sudo apk add --update git linux-headers bash binutils build-base

Install Golang

sudo apk add go
echo 'if [ -d "$HOME/go" ] ; then
  export PATH="$PATH:$HOME/go/bin"
  export GOPATH="$HOME/go"
fi' | sudo tee /etc/profile.d/golang.sh
mkdir ~/go
source /etc/profile

Compile Nomad from source

mkdir -p $GOPATH/src/github.com/hashicorp && cd $_
git clone https://github.com/hashicorp/nomad.git
cd nomad
make bootstrap
make dev
sudo ln -s $PWD/bin/nomad /usr/local/bin/

Network configuration

Follow the HashiCorp documentation for installing CNI plugins and configuring bridge network.

Disabling nftables (firewall)

This is optional, if you'd like to use nftables you'll have to configure firewall rules for the server and UI ports, and also any running containers if you'd like to use the device as a client.

sudo nft flush ruleset
sudo rc-service nftables stop
sudo rc-update del nftables default

Running Nomad as a service

Since Alpine uses OpenRC to manage services, we'll have to create an /etc/init.d/nomad file with the following contents:

#!/sbin/openrc-run

name=$RC_SVCNAME
cfgfile="/etc/$RC_SVCNAME/$RC_SVCNAME.conf"
command="/usr/local/bin/nomad"
command_args="agent -config /etc/nomad/server.hcl -bind=$(/sbin/ifconfig wlan0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}')"
command_user="root"

NOMAD_LOGFILE="${NOMAD_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
NOMAD_ERRFILE="${NOMAD_ERRFILE:-${NOMAD_LOGFILE}}"
NOMAD_OUTFILE="${NOMAD_OUTFILE:-${NOMAD_LOGFILE}}"
if [ "$NOMAD_ERRFILE" = "$NOMAD_OUTFILE" ]; then
	LOGPROXY_OPTS="$LOGPROXY_OPTS -m"
fi
export \
	LOGPROXY_CHMOD="${LOGPROXY_CHMOD:-0644}" \
	LOGPROXY_LOG_DIRECTORY="${LOGPROXY_LOG_DIRECTORY:-/var/log}" \
	LOGPROXY_ROTATION_SIZE="${LOGPROXY_ROTATION_SIZE:-104857600}" \
	LOGPROXY_ROTATION_TIME="${LOGPROXY_ROTATION_TIME:-86400}" \
	LOGPROXY_ROTATION_SUFFIX="${LOGPROXY_ROTATION_SUFFIX:-.%Y%m%d%H%M%S}" \
	LOGPROXY_ROTATED_FILES="${LOGPROXY_ROTATE_FILES:-5}"

output_logger="log_proxy $LOGPROXY_OPTS $NOMAD_OUTFILE"
error_logger="log_proxy $LOGPROXY_OPTS $NOMAD_ERRFILE"

pidfile="/run/$RC_SVCNAME/$RC_SVCNAME.pid"
start_stop_daemon_args=""
command_background="yes"

depend() {
        need net
}

start_pre() {
        checkpath --directory --owner $command_user:$command_user --mode 0775 \
                /run/$RC_SVCNAME /var/log/$RC_SVCNAME
}

Make it executable with:

sudo chmod +x /etc/init.d/nomad

This init file is configured to look up a configuration file at /etc/nomad/server.hcl. This is the file contents:

log_level = "DEBUG"

# Setup data dir

data_dir = "/var/lib/nomad"

server {
  enabled = true
  bootstrap_expect = 1
}

You can also replace it with a client.hcl file if you'd like to run the device as a Nomad client.

Start the server with:

sudo rc-service nomad start

Check logs at /var/log/nomad.log for troubleshooting. If everything goes well, you should be able to access the Nomad UI at http://YOUR_SERVER_IP:4646

After all is done, you can enable it to start at boot:

sudo rc-update add nomad
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment