kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-04 09:25:46 +03:00
Code Issues Packages Projects Releases Wiki Activity
25,789 Commits 1 Branch 0 Tags
6d806a993465ad566d0c3e56bb24c57d45321d8d
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Tim Gross 6d806a9934 services: fix data integrity errors for Nomad native services (#20590) 
This changeset fixes three potential data integrity issues between allocations
and their Nomad native service registrations.

* When a node is marked down because it missed heartbeats, we remove Vault and
  Consul tokens (for the pre-Workload Identity workflows) after we've written
  the node update to Raft. This is unavoidably non-transactional because the
  Consul and Vault servers aren't in the same Raft cluster as Nomad itself. But
  we've unnecessarily mirrored this same behavior to deregister Nomad
  services. This makes it possible for the leader to successfully write the node
  update to Raft without removing services.

  To address this, move the delete into the same Raft transaction. One minor
  caveat with this approach is the upgrade path: if the leader is upgraded first
  and a node is marked down during this window, older followers will have stale
  information until they are also upgraded. This is unavoidable without
  requiring the leader to unconditionally make an extra Raft write for every
  down node until 2 LTS versions after Nomad 1.8.0. This temporary reduction in
  data integrity for stale reads seems like a reasonable tradeoff.

* When an allocation is marked client-terminal from the client in
  `UpdateAllocsFromClient`, we have an opportunity to ensure data integrity by
  deregistering services for that allocation.

* When an allocation is deleted during eval garbage collection, we have an
  opportunity to ensure data integrity by deregistering services for that
  allocation. This is a cheap no-op if the allocation has been previously marked
  client-terminal.

This changeset does not address client-side retries for the originally reported
issue, which will be done in a separate PR.

Ref: https://github.com/hashicorp/nomad/issues/16616
2024-05-15 11:56:07 -04:00
.changelog
services: fix data integrity errors for Nomad native services (#20590)
2024-05-15 11:56:07 -04:00
.github
github: fix lint action check with install-vault descriptions. (#20547)
2024-05-13 09:54:41 +01:00
.release
Prepare for next release
2024-05-07 07:06:12 +00:00
.semgrep
acl: remove remaining unused nil ACL object handling (#20456)
2024-04-18 14:34:17 -04:00
.tours
Make number of scheduler workers reloadable (#11593)
2022-01-06 11:56:13 -05:00
acl
auth: use ACLsDisabledACL when ACLs are disabled (#18754)
2023-10-16 09:30:24 -04:00
api
connect: support volume_mount blocks for sidecar task overrides (#20575)
2024-05-14 12:49:37 -04:00
ci
Add OOM detection for exec driver (#19563)
2024-01-03 09:50:27 -06:00
client
client: mount shared alloc dir as nobody (#20589)
2024-05-15 10:43:30 -05:00
command
connect: support volume_mount blocks for sidecar task overrides (#20575)
2024-05-14 12:49:37 -04:00
contributing
checklist: remove steps for openapi for rpc (#20515)
2024-05-02 08:53:45 -05:00
demo
license: fix some imports of BUSL-1.1 in MPL-2.0 (#19832)
2024-01-29 12:04:12 -05:00
dev
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
drivers
[gh-6980] Client: clean up old allocs before running new ones using the exec task driver. (#20500)
2024-05-14 09:51:27 +02:00
e2e
client: expose network namespace CNI config as task env vars. (#11810)
2024-05-14 09:02:06 +01:00
helper
core: do not create evaluations within batch deregister endpoint. (#20510)
2024-05-07 07:39:13 +01:00
integrations
docs: fix Grafana doc breaking link (#18988)
2023-11-03 14:31:37 +00:00
internal/testing/apitests
auth: add new optional OIDCDisableUserInfo setting for OIDC auth provider (#19566)
2024-01-09 13:41:46 -05:00
jobspec
transparent proxy: add jobspec support (#20144)
2024-04-04 17:01:07 -04:00
jobspec2
copywrite: fix and add copywrite config enterprise comments. (#19590)
2024-01-03 08:58:53 +00:00
lib
deps: purge use of old x/exp packages (#20373)
2024-04-12 08:29:00 -05:00
nomad
services: fix data integrity errors for Nomad native services (#20590)
2024-05-15 11:56:07 -04:00
plugins
client: fixup how alloc mounts directory are setup (#20463)
2024-04-26 07:29:52 -05:00
scheduler
test: remove spurious print statements (#20503)
2024-05-01 09:47:56 -07:00
scripts
build: upgrade to go1.22 (#20066)
2024-03-06 09:54:04 -06:00
terraform
docs: add missing copyright headers in Terraform examples (#20412)
2024-04-16 15:21:03 -04:00
testutil
CSI: include volume namespace in staging path (#20532)
2024-05-13 11:24:09 -04:00
tools
Fix WorkloadIdentity.TTL handling, jobspec2 testing, and hcl1 vs 2 parsing (#19024)
2023-11-08 09:01:16 -08:00
ui
Adds the token name to the Profile link in the top nav (#20539)
2024-05-08 12:33:58 -04:00
version
Prepare for next release
2024-05-07 07:06:12 +00:00
website
connect: support volume_mount blocks for sidecar task overrides (#20575)
2024-05-14 12:49:37 -04:00
.copywrite.hcl
copywrite: fix and add copywrite config enterprise comments. (#19590)
2024-01-03 08:58:53 +00:00
.git-blame-ignore-revs
add copywrite headers commit to ignore-revs config file (#17037)
2023-05-01 10:57:43 -04:00
.gitattributes
Remove invalid gitattributes
2018-02-14 14:47:43 -08:00
.gitignore
git: ignore .fleet directory (#16144)
2023-02-13 07:39:30 -06:00
.go-version
build: upgrade to go1.22 (#20066)
2024-03-06 09:54:04 -06:00
.golangci.yml
update go1.21 (#18184)
2023-08-14 08:43:27 -05:00
.semgrepignore
build: disable semgrep on structs.go for now
2022-02-01 10:09:49 -06:00
build_linux_arm.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
CHANGELOG-unsupported.md
Merge release 1.7.0 files
2023-12-07 16:48:19 +01:00
CHANGELOG.md
Prepare release 1.8.0-beta.1
2024-05-07 09:01:15 +02:00
CODEOWNERS
build: update deprecated GitHub Actions (#17218)
2023-05-17 08:57:28 -04:00
Dockerfile
add LICENSE to release artifacts (#20345)
2024-04-12 10:57:15 -05:00
GNUmakefile
Post 1.7.7 release (#20421)
2024-04-17 10:44:32 +02:00
go.mod
deps: vendor containernetworking/plugins functions for net NS utils (#20556)
2024-05-13 09:10:16 -04:00
go.sum
deps: vendor containernetworking/plugins functions for net NS utils (#20556)
2024-05-13 09:10:16 -04:00
LICENSE
move license to 2024
2023-12-01 12:26:27 -08:00
main_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
main.go
template: sandbox template rendering
2024-02-08 10:40:24 -05:00
README.md
docs: update all URLs to developer.hashicorp.com (#16247)
2023-10-24 11:00:11 -04:00
Vagrantfile
dev: make cni, consul, dev, docker, and vault scripts Lima compat. (#16689)
2023-03-28 16:21:14 +01:00

README.md

Nomad License: BUSL-1.1 Discuss

HashiCorp Nomad logo

Nomad is a simple and flexible workload orchestrator to deploy and manage containers (docker, podman), non-containerized applications (executable, Java), and virtual machines (qemu) across on-prem and clouds at scale.

Nomad is supported on Linux, Windows, and macOS. A commercial version of Nomad, Nomad Enterprise, is also available.

Nomad provides several key features:

  • Deploy Containers and Legacy Applications: Nomads flexibility as an orchestrator enables an organization to run containers, legacy, and batch applications together on the same infrastructure. Nomad brings core orchestration benefits to legacy applications without needing to containerize via pluggable task drivers.

  • Simple & Reliable: Nomad runs as a single binary and is entirely self contained - combining resource management and scheduling into a single system. Nomad does not require any external services for storage or coordination. Nomad automatically handles application, node, and driver failures. Nomad is distributed and resilient, using leader election and state replication to provide high availability in the event of failures.

  • Device Plugins & GPU Support: Nomad offers built-in support for GPU workloads such as machine learning (ML) and artificial intelligence (AI). Nomad uses device plugins to automatically detect and utilize resources from hardware devices such as GPU, FPGAs, and TPUs.

  • Federation for Multi-Region, Multi-Cloud: Nomad was designed to support infrastructure at a global scale. Nomad supports federation out-of-the-box and can deploy applications across multiple regions and clouds.

  • Proven Scalability: Nomad is optimistically concurrent, which increases throughput and reduces latency for workloads. Nomad has been proven to scale to clusters of 10K+ nodes in real-world production environments.

  • HashiCorp Ecosystem: Nomad integrates seamlessly with Terraform, Consul, Vault for provisioning, service discovery, and secrets management.

Quick Start

Testing

See Developer: Getting Started for instructions on setting up a local Nomad cluster for non-production use.

Optionally, find Terraform manifests for bringing up a development Nomad cluster on a public cloud in the terraform directory.

Production

See Developer: Nomad Reference Architecture for recommended practices and a reference architecture for production deployments.

Documentation

Full, comprehensive documentation is available on the Nomad website: https://developer.hashicorp.com/nomad/docs

Guides are available on HashiCorp Developer.

Roadmap

A timeline of major features expected for the next release or two can be found in the Public Roadmap.

This roadmap is a best guess at any given point, and both release dates and projects in each release are subject to change. Do not take any of these items as commitments, especially ones later than one major release away.

Contributing

See the contributing directory for more developer documentation.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 380 MiB
Languages
Go 76.9%
MDX 11%
JavaScript 8.2%
Handlebars 1.7%
HCL 1.4%
Other 0.7%