Nomad¶
_
Umfassende HashiCorp Nomad Befehle und Workflows für Workload-Orchestrierung, Job-Scheduling und Cluster-Management.
Installation und Inbetriebnahme
| Command | Description |
|---|---|
| INLINE_CODE_9 | Show Nomad version |
| INLINE_CODE_10 | Start development agent |
| INLINE_CODE_11 | Start with configuration |
| INLINE_CODE_12 | List server members |
| INLINE_CODE_13 | List client nodes |
| _ | |
| Job Management |
Job Operationen_TABLE_67___¶
Job Planung und Validierung¶
| Command | Description |
|---|---|
| INLINE_CODE_19 | Plan job changes |
| INLINE_CODE_20 | Validate job file |
| INLINE_CODE_21 | Inspect job configuration |
| INLINE_CODE_22 | Show job history |
| _ | |
| ### Job Scaling | |
| Command | Description |
| --------- | ------------- |
| INLINE_CODE_23 | Scale job to 5 instances |
| INLINE_CODE_24 | Scale specific group |
| _ | |
| Verwaltung der Standorte |
Allocation Operations¶
| Command | Description |
|---|---|
| INLINE_CODE_25 | List allocations |
| INLINE_CODE_26 | Show allocation details |
| INLINE_CODE_27 | Show allocation logs |
| INLINE_CODE_28 | Follow allocation logs |
| INLINE_CODE_29 | Execute command in allocation |
Allocation Debugging¶
| Command | Description |
|---|---|
| INLINE_CODE_30 | List allocation files |
| INLINE_CODE_31 | Read allocation file |
| INLINE_CODE_32 | Restart allocation |
| INLINE_CODE_33 | Stop allocation |
? Node Management
Node Operationen_TABLE_72__¶
Node Maintenance¶
| Command | Description |
|---|---|
| INLINE_CODE_39 | Drain with deadline |
| INLINE_CODE_40 | Cancel drain |
| INLINE_CODE_41 | Set node metadata |
Namespace Management
| Command | Description |
|---|---|
| INLINE_CODE_42 | List namespaces |
| INLINE_CODE_43 | Show namespace details |
| INLINE_CODE_44 | Create namespace |
| INLINE_CODE_45 | Delete namespace |
| _ | |
| ACL Management |
ACL Operations¶
| Command | Description |
|---|---|
| INLINE_CODE_46 | Bootstrap ACL system |
| INLINE_CODE_47 | Create token |
| INLINE_CODE_48 | List tokens |
| INLINE_CODE_49 | Show token details |
ACL Policies¶
| Command | Description |
|---|---|
| INLINE_CODE_50 | Create/update policy |
| INLINE_CODE_51 | List policies |
| INLINE_CODE_52 | Show policy details |
Überwachung und Debugging
System Information¶
| Command | Description |
|---|---|
| INLINE_CODE_53 | List Raft peers |
| INLINE_CODE_54 | Create snapshot |
| INLINE_CODE_55 | Restore snapshot |
| _ | |
| ### Monitoring | |
| Command | Description |
| --------- | ------------- |
| INLINE_CODE_56 | Stream logs |
| INLINE_CODE_57 | Debug level logs |
| INLINE_CODE_58 | Show cluster status |
Beispiele für Job-Spezifikation
Basic Web Service¶
```hcl job "web" \\{ datacenters = ["dc1"] type = "service"
group "web" \\{ count = 3
network \\\\{
port "http" \\\\{
static = 8080
\\\\}
\\\\}
service \\\\{
name = "web"
port = "http"
check \\\\{
type = "http"
path = "/health"
interval = "10s"
timeout = "2s"
\\\\}
\\\\}
task "server" \\\\{
driver = "docker"
config \\\\{
image = "nginx:latest"
ports = ["http"]
\\\\}
resources \\\\{
cpu = 100
memory = 128
\\\\}
\\\\}
\\} \\} ```_
Batch Job¶
```hcl job "batch-job" \\{ datacenters = ["dc1"] type = "batch"
group "processing" \\{ count = 1
task "process" \\\\{
driver = "docker"
config \\\\{
image = "alpine:latest"
command = "sh"
args = ["-c", "echo 'Processing data...' && sleep 30"]
\\\\}
resources \\\\{
cpu = 200
memory = 256
\\\\}
\\\\}
\\} \\} ```_
Periodischer Job¶
```hcl job "backup" \\{ datacenters = ["dc1"] type = "batch"
periodic \\{ cron = "0 2 * * *" prohibit_overlap = true \\}
group "backup" \\{ task "backup-task" \\{ driver = "docker"
config \\\\{
image = "backup-tool:latest"
command = "/backup.sh"
\\\\}
resources \\\\{
cpu = 100
memory = 256
\\\\}
\\\\}
\\} \\} ```_
System Job¶
```hcl job "monitoring" \\{ datacenters = ["dc1"] type = "system"
group "monitoring" \\{ task "node-exporter" \\{ driver = "docker"
config \\\\{
image = "prom/node-exporter:latest"
network_mode = "host"
pid_mode = "host"
\\\\}
resources \\\\{
cpu = 50
memory = 64
\\\\}
\\\\}
\\} \\} ```_
Beispiele für die Konfiguration
Server Konfiguration¶
```hcl datacenter = "dc1" data_dir = "/opt/nomad/data" log_level = "INFO" bind_addr = "0.0.0.0"
server \\{ enabled = true bootstrap_expect = 3
server_join \\{ retry_join = ["10.0.1.10", "10.0.1.11", "10.0.1.12"] \\} \\}
consul \\{ address = "127.0.0.1:8500" \\}
vault \\{ enabled = true address = "https://vault.service.consul:8200" \\}
acl \\{ enabled = true \\}
ui \\{ enabled = true \\} ```_
Client Configuration¶
```hcl datacenter = "dc1" data_dir = "/opt/nomad/data" log_level = "INFO" bind_addr = "0.0.0.0"
client \\{ enabled = true
server_join \\{ retry_join = ["10.0.1.10", "10.0.1.11", "10.0.1.12"] \\}
node_class = "compute"
meta \\{ "type" = "worker" "zone" = "us-east-1a" \\} \\}
plugin "docker" \\{ config \\{ allow_privileged = true volumes \\{ enabled = true \\} \\} \\}
consul \\{ address = "127.0.0.1:8500" \\}
vault \\{ enabled = true address = "https://vault.service.consul:8200" \\} ```_
Erweiterte Eigenschaften
Constraints and Affinities¶
```hcl job "web" \\{ constraint \\{ attribute = "$\\{attr.kernel.name\\}" value = "linux" \\}
affinity \\{ attribute = "$\\{node.class\\}" value = "compute" weight = 100 \\}
group "web" \\{ constraint \\{ attribute = "$\\{meta.zone\\}" value = "us-east-1a" \\}
# ... rest of group configuration
\\} \\} ```_
Volume Management¶
```hcl job "database" \\{ group "db" \\{ volume "data" \\{ type = "host" source = "mysql_data" read_only = false \\}
task "mysql" \\\\{
driver = "docker"
volume_mount \\\\{
volume = "data"
destination = "/var/lib/mysql"
\\\\}
config \\\\{
image = "mysql:8.0"
\\\\}
\\\\}
\\} \\} ```_
Service Discovery Integration¶
```hcl job "api" \\{ group "api" \\{ service \\{ name = "api" port = "http"
tags = [
"api",
"v1.0",
"traefik.enable=true",
"traefik.http.routers.api.rule=Host(`api.example.com`)"
]
check \\\\{
type = "http"
path = "/health"
interval = "10s"
timeout = "2s"
\\\\}
connect \\\\{
sidecar_service \\\\{
proxy \\\\{
upstreams \\\\{
destination_name = "database"
local_bind_port = 5432
\\\\}
\\\\}
\\\\}
\\\\}
\\\\}
\\} \\} ```_
oder Best Practices
Job Design¶
ANHANG Resource Allocation: Setzen Sie entsprechende CPU- und Speichergrenzen 2. Gesundheitschecks*: Durchführung umfassender Gesundheitskontrollen 3. **Graceful Shutdown: Schalten Sie SIGTERM Signale richtig 4. Logging: Verwenden Sie strukturiertes Protokoll mit den richtigen Ebenen 5. ** Konfiguration*: Vorlagen und Umgebungsvariablen verwenden
Cluster Management¶
ANHANG High Availability*: Mehrere Serverknoten bereitstellen 2. **Backup-Strategie*: Regelmäßige Snapshots und Backups 3. **Monitoring: Überwachung von Cluster-Gesundheit und Jobstatus 4. Kapazitätsplanung*: Plan für Ressourcenanforderungen 5. **Sicherheit: ACL aktivieren und TLS verwenden
Operationen¶
ANHANG Rolling-Updates*: Verwenden Sie Update-Strategien für Null-Downtime 2. **Kanzleien: Teständerungen mit Kanarieneinsätzen 3. ** Ressourcenüberwachung***: Ressourcennutzung überwachen 4. Log Aggregation: Zentrale Protokollsammlung 5. Alerting: Alarme für kritische Fragen einrichten
Sicherheit¶
ANHANG ACL Richtlinien: Mindestberechtigungszugriff 2. Network Security: Dienstnetz für sichere Kommunikation verwenden 3. Secrets Management*: Integrieren mit Tresor für Geheimnisse 4. **Image Security: Scannen von Containerbildern für Schwachstellen 5. **Audit Logging*: Auditprotokoll aktivieren für Compliance