kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-03 08:55:43 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2af30fb441ff7e64789eeaec984334749daeeddc
nomad/website/source/docs/drivers/raw_exec.html.md
Omar Khawaja cca1c9ccb6 add plugin content (docs) (#5186) 
* call out pluggable drivers in task drivers section and link/add info to plugin stanza

* fix hyphenation

* removing page and nav that tells users drivers are not pluggable

* show new syntax for configuring raw_exec plugin on client

* enabled option value for raw_exec is boolean

* add plugin options section and mark client options as soon to be deprecated

* fix typos

* add plugin options for rkt task drivers and place deprecation warning in client options

* add some plugin options with plugin configuration example + mark client options as soon to be deprecated

* modify deprecation warning

* replace colon with - for options

* add docker plugin options

* update links within docker task driver to point to plugin options

* fix typo and clarify config options for lxc task driver

* replace raw_exec plugin syntax example with docker example

* create external section

* restructure lxc docs and add backward incompatibility warning

* update lxc driver doc

* add redirect for lxc driver doc

* call out plugin options and mark client config options for drivers as deprecated

* add placeholder for lxc driver binary download

* update data_dir/plugins reference with plugin_dir reference

* Update website/source/docs/external/lxc.html.md

Co-Authored-By: Omar-Khawaja <Omar-Khawaja@users.noreply.github.com>

* corrections

* remove lxc from built-in drivers navigation

* reorganize doc structure and fix redirect

* add detail about 0.9 changes

* implement suggestions/fixes

* removed extraneous punctuation

* add official lxc driver link
2019-01-29 15:53:05 -05:00

146 lines
4.1 KiB
Markdown
Raw Blame History

---
layout: "docs"
page_title: "Drivers: Raw Exec"
sidebar_current: "docs-drivers-raw-exec"
description: |-
The Raw Exec task driver simply fork/execs and provides no isolation.
---
# Raw Fork/Exec Driver
Name: `raw_exec`
The `raw_exec` driver is used to execute a command for a task without any
isolation. Further, the task is started as the same user as the Nomad process.
As such, it should be used with extreme care and is disabled by default.
## Task Configuration
```hcl
task "webservice" {
driver = "raw_exec"
config {
command = "my-binary"
args = ["-flag", "1"]
}
}
```
The `raw_exec` driver supports the following configuration in the job spec:
* `command` - The command to execute. Must be provided. If executing a binary
that exists on the host, the path must be absolute. If executing a binary that
is downloaded from an [`artifact`](/docs/job-specification/artifact.html), the
path can be relative from the allocation's root directory.
* `args` - (Optional) A list of arguments to the `command`. References
to environment variables or any [interpretable Nomad
variables](/docs/runtime/interpolation.html) will be interpreted before
launching the task.
## Examples
To run a binary present on the Node:
```
task "example" {
driver = "raw_exec"
config {
# When running a binary that exists on the host, the path must be absolute/
command = "/bin/sleep"
args = ["1"]
}
}
```
To execute a binary downloaded from an [`artifact`](/docs/job-specification/artifact.html):
```
task "example" {
driver = "raw_exec"
config {
command = "name-of-my-binary"
}
artifact {
source = "https://internal.file.server/name-of-my-binary"
options {
checksum = "sha256:abd123445ds4555555555"
}
}
}
```
## Client Requirements
The `raw_exec` driver can run on all supported operating systems. For security
reasons, it is disabled by default. To enable raw exec, the Nomad client
configuration must explicitly enable the `raw_exec` driver in the plugin's options:
```
plugin "raw_exec" {
config {
enabled = true
}
}
```
Prior to Nomad 0.9, the client configuration would look like this (this syntax
will soon be deprecated):
```
client {
options = {
"driver.raw_exec.enable" = "1"
}
}
```
## Plugin Options
* `enabled` - Specifies whether the driver should be enabled or disabled.
Defaults to `false`.
* `no_cgroups` - Specifies whether the driver should not use
cgroups to manage the process group launched by the driver. By default,
cgroups are used to manage the process tree to ensure full cleanup of all
processes started by the task. The driver only uses cgroups when Nomad is
launched as root, on Linux and when cgroups are detected.
## Client Options
~> Note: client configuration options will soon be deprecated. Please use
[plugin options][plugin-options] instead. See the [plugin stanza][plugin-stanza] documentation for more information.
* `driver.raw_exec.enable` - Specifies whether the driver should be enabled or
disabled. Defaults to `false`.
* `driver.raw_exec.no_cgroups` - Specifies whether the driver should not use
cgroups to manage the process group launched by the driver. By default,
cgroups are used to manage the process tree to ensure full cleanup of all
processes started by the task. The driver only uses cgroups when Nomad is
launched as root, on Linux and when cgroups are detected.
## Client Attributes
The `raw_exec` driver will set the following client attributes:
* `driver.raw_exec` - This will be set to "1", indicating the driver is available.
## Resource Isolation
The `raw_exec` driver provides no isolation.
If the launched process creates a new process group, it is possible that Nomad
will leak processes on shutdown unless the application forwards signals
properly. Nomad will not leak any processes if cgroups are being used to manage
the process tree. Cgroups are used on Linux when Nomad is being run with
appropriate privileges, the cgroup system is mounted and the operator hasn't
disabled cgroups for the driver.
[plugin-options]: #plugin-options
[plugin-stanza]: /docs/configuration/plugin.html
Reference in New Issue View Git Blame Copy Permalink