kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-09 03:45:41 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
b286a8ee9cabb1dced8e6be7c3b60ff869cbca09
nomad/website/content/docs/govern/namespaces.mdx
Aimee Ukasick 53b083b8c5 Docs: Nomad IA (#26063) 
* Move commands from docs to its own root-level directory

* temporarily use modified dev-portal branch with nomad ia changes

* explicitly clone nomad ia exp branch

* retrigger build, fixed dev-portal broken build

* architecture, concepts and get started individual pages

* fix get started section destinations

* reference section

* update repo comment in website-build.sh to show branch

* docs nav file update capitalization

* update capitalization to force deploy

* remove nomad-vs-kubernetes dir; move content to what is nomad pg

* job section

* Nomad operations category, deploy section

* operations category, govern section

* operations - manage

* operations/scale; concepts scheduling fix

* networking

* monitor

* secure section

* remote auth-methods folder and move up pages to sso; linkcheck

* Fix install2deploy redirects

* fix architecture redirects

* Job section: Add missing section index pages

* Add section index pages so breadcrumbs build correctly

* concepts/index fix front matter indentation

* move task driver plugin config to new deploy section

* Finish adding full URL to tutorials links in nav

* change SSO to Authentication in nav and file system

* Docs NomadIA: Move tutorials into NomadIA branch (#26132)

* Move governance and policy from tutorials to docs

* Move tutorials content to job-declare section

* run jobs section

* stateful workloads

* advanced job scheduling

* deploy section

* manage section

* monitor section

* secure/acl and secure/authorization

* fix example that contains an unseal key in real format

* remove images from sso-vault

* secure/traffic

* secure/workload-identities

* vault-acl change unseal key and root token in command output sample

* remove lines from sample output

* fix front matter

* move nomad pack tutorials to tools

* search/replace /nomad/tutorials links

* update acl overview with content from deleted architecture/acl

* fix spelling mistake

* linkcheck - fix broken links

* fix link to Nomad variables tutorial

* fix link to Prometheus tutorial

* move who uses Nomad to use cases page; move spec/config shortcuts

add dividers

* Move Consul out of Integrations; move namespaces to govern

* move integrations/vault to secure/vault; delete integrations

* move ref arch to docs; rename Deploy Nomad back to Install Nomad

* address feedback

* linkcheck fixes

* Fixed raw_exec redirect

* add info from /nomad/tutorials/manage-jobs/jobs

* update page content with newer tutorial

* link updates for architecture sub-folders

* Add redirects for removed section index pages. Fix links.

* fix broken links from linkcheck

* Revert to use dev-portal main branch instead of nomadIA branch

* build workaround: add intro-nav-data.json with single entry

* fix content-check error

* add intro directory to get around Vercel build error

* workound for emtpry directory

* remove mdx from /intro/ to fix content-check and git snafu

* Add intro index.mdx so Vercel build should work

---------

Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
2025-07-08 19:24:52 -05:00

145 lines
4.2 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: Create and use namespaces
description: |-
Segment jobs and their associated objects from the jobs of other users of
the cluster using Nomad namespaces.
---
# Create and use namespaces
Nomad has support for namespaces, which allow jobs and their
associated objects to be segmented from each other and other users of the
cluster.
Nomad places all jobs and their derived objects into namespaces. These include
jobs, allocations, deployments, and evaluations.
Nomad does not namespace objects that are shared across multiple namespaces.
This includes nodes, [ACL policies][acls], [Sentinel policies], and
[quota specifications][quotas].
In this guide, you'll create and manage a namespace with the CLI. After creating
the namespace, you then learn how to deploy and manage a job within that
namespace. Finally, you practice securing the namespace.
## Create and view a namespace
You can manage namespaces with the `nomad namespace` subcommand.
Create the namespace of a cluster.
```shell-session
$ nomad namespace apply -description "QA instances of webservers" web-qa
Successfully applied namespace "web-qa"!
```
List the namespaces of a cluster.
```shell-session
$ nomad namespace list
Name Description
default Default shared namespace
api-prod Production instances of backend API servers
api-qa QA instances of backend API servers
web-prod Production instances of webservers
web-qa QA instances of webservers
```
## Run a job in a namespace
To run a job in a specific namespace, annotate the job with the `namespace`
parameter. If omitted, the job will be run in the `default` namespace. Below is
an example of running the job in the newly created `web-qa` namespace:
```hcl
job "rails-www" {
## Run in the QA environments
namespace = "web-qa"
## Only run in one datacenter when QAing
datacenters = ["us-west1"]
# ...
}
```
## Use namespaces in the CLI and UI
### Nomad CLI
When using commands that operate on objects that are namespaced, the namespace
can be specified either with the flag `-namespace` or read from the
`NOMAD_NAMESPACE` environment variable.
Request job status using the `-namespace` flag.
```shell-session
$ nomad job status -namespace=web-qa
ID Type Priority Status Submit Date
rails-www service 50 running 09/17/17 19:17:46 UTC
```
Export the `NOMAD_NAMESPACE` environment variable.
```shell-session
$ export NOMAD_NAMESPACE=web-qa
```
Use the exported environment variable to request job status.
```shell-session
$ nomad job status
ID Type Priority Status Submit Date
rails-www service 50 running 09/17/17 19:17:46 UTC
```
### Nomad UI
The Nomad UI provides a drop-down menu to allow operators to select the
namespace that they would like to control. The drop-down will appear once there
are namespaces defined. It is located in the top section of the left-hand column
of the interface under the "WORKLOAD" label.
[![An image of the Nomad UI showing the location of the namespace drop-down.
The drop-down is open showing the "Default Namespace" option and an option for a
"web-qa" namespace.][img_ui_ns_dropdown]][img_ui_ns_dropdown]
## Secure a namespace
Access to namespaces can be restricted using [ACLs]. As an example, you could
create an ACL policy that allows full access to the QA environment for the web
namespaces but restrict the production access by creating the following policy:
```hcl
# Allow read only access to the production namespace
namespace "web-prod" {
policy = "read"
}
# Allow writing to the QA namespace
namespace "web-qa" {
policy = "write"
}
```
## Consul namespaces <EnterpriseAlert inline/>
@include 'consul-namespaces.mdx'
Refer to the [Consul networking integration
guide](/nomad/docs/networking/consul) for Consul integration instructions.
## Resources
For specific details about working with namespaces, consult the [namespace
commands] and [HTTP API] documentation.
[acls]: /nomad/tutorials/access-control
[http api]: /nomad/api-docs/namespaces
[img_ui_ns_dropdown]: /img/govern/nomad-ui-namespace-dropdown.png
[namespace commands]: /nomad/commands/namespace
[quotas]: /nomad/docs/govern/resource-quotas
[sentinel policies]: /nomad/docs/govern/sentinel
Reference in New Issue View Git Blame Copy Permalink