kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-06 10:25:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

docs: task driver resource isolation & security

Browse Source
This commit is contained in:
Jamie Finnigan
2019-09-03 15:19:46 -07:00
parent 40368d2c63
commit 826cb27c98
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
website/source/docs/drivers/index.html.md
View File

@@ -29,6 +29,15 @@ used in, and the resource isolation mechanisms available.
For details on authoring a task driver plugin, please refer to the [plugin
authoring guide][plugin_guide].
Task driver resource isolation is intended to provide a degree of separation of
Nomad client CPU / memory / storage between tasks. Resource isolation
effectiveness is dependent upon individual task driver implementations and
underlying client operating systems. Task drivers do include various security-
related controls, but the Nomad client to task interface should not be
considered a security boundary. See the [access control guide][acl_guide] for
more information on how to protect Nomad cluster operations.
[plugin]: /docs/configuration/plugin.html
[docker_plugin]: /docs/drivers/docker.html#client-requirements
[plugin_guide]: /docs/internals/plugins/index.html
[acl_guide]: https://www.nomadproject.io/guides/security/acl.html