Start of docs for group level service and network stanza.
This commit is contained in:
parent
37a1b8ed2c
commit
3367da4d1f
|
@ -4,12 +4,20 @@ page_title: "network Stanza - Job Specification"
|
||||||
sidebar_current: "docs-job-specification-network"
|
sidebar_current: "docs-job-specification-network"
|
||||||
description: |-
|
description: |-
|
||||||
The "network" stanza specifies the networking requirements for the task,
|
The "network" stanza specifies the networking requirements for the task,
|
||||||
including the minimum bandwidth and port allocations.
|
including the minimum bandwidth and port allocations. The network stanza
|
||||||
|
can be specified at the task group level to enable all tasks in the task
|
||||||
|
group to share the same network namespace.
|
||||||
---
|
---
|
||||||
|
|
||||||
# `network` Stanza
|
# `network` Stanza
|
||||||
|
|
||||||
<table class="table table-bordered table-striped">
|
<table class="table table-bordered table-striped">
|
||||||
|
<tr>
|
||||||
|
<th width="120">Placement</th>
|
||||||
|
<td>
|
||||||
|
<code>job -> group -> **network**</code>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<th width="120">Placement</th>
|
<th width="120">Placement</th>
|
||||||
<td>
|
<td>
|
||||||
|
@ -25,6 +33,15 @@ and services. Because you don't know in advance what host your job will be
|
||||||
provisioned on, Nomad will provide your tasks with network configuration when
|
provisioned on, Nomad will provide your tasks with network configuration when
|
||||||
they start up.
|
they start up.
|
||||||
|
|
||||||
|
Nomad 0.10 enables support for the `network` stanza at the task group level. When
|
||||||
|
the `network` stanza is defined at the group level with `bridge` as the networking mode,
|
||||||
|
all tasks in the task group share the same network namespace. This is a prerequisite for
|
||||||
|
[Consul Connect](/guides/integrations/consul-connect/index.html). Tasks running within a
|
||||||
|
network namespace are not visible to applications outside the namespace on the same host.
|
||||||
|
This allows [Connect][] enabled applications to bind only to localhost within the shared network stack,
|
||||||
|
and use the proxy for ingress and egress traffic.
|
||||||
|
|
||||||
|
|
||||||
Note that this document only applies to services that want to _listen_ on a
|
Note that this document only applies to services that want to _listen_ on a
|
||||||
port. Batch jobs or services that only make outbound connections do not need to
|
port. Batch jobs or services that only make outbound connections do not need to
|
||||||
allocate ports, since they will use any available interface to make an outbound
|
allocate ports, since they will use any available interface to make an outbound
|
||||||
|
@ -57,10 +74,17 @@ job "docs" {
|
||||||
- `port` <code>([Port](#port-parameters): nil)</code> - Specifies a TCP/UDP port
|
- `port` <code>([Port](#port-parameters): nil)</code> - Specifies a TCP/UDP port
|
||||||
allocation and can be used to specify both dynamic ports and reserved ports.
|
allocation and can be used to specify both dynamic ports and reserved ports.
|
||||||
|
|
||||||
|
- `mode` `(string: "host")- Mode of the network. The following modes are available:
|
||||||
|
- “none” - Task group will have an isolated network without any network interfaces.
|
||||||
|
- “bridge” - Task group will have an isolated network namespace with an interface that is bridged with the host
|
||||||
|
- “host” - Each task will join the host network namespace and a shared network namespace is not created.
|
||||||
|
This matches the current behavior in Nomad 0.9
|
||||||
|
|
||||||
### `port` Parameters
|
### `port` Parameters
|
||||||
|
|
||||||
- `static` `(int: nil)` - Specifies the static TCP/UDP port to allocate. If omitted, a dynamic port is chosen. We **do not recommend** using static ports, except
|
- `static` `(int: nil)` - Specifies the static TCP/UDP port to allocate. If omitted, a dynamic port is chosen. We **do not recommend** using static ports, except
|
||||||
for `system` or specialized jobs like load balancers.
|
for `system` or specialized jobs like load balancers.
|
||||||
|
- `to` `(string:nil)` - Applicable when using "bridge" mode to configure port to map to inside the task's network namespace.
|
||||||
|
|
||||||
The label assigned to the port is used to identify the port in service
|
The label assigned to the port is used to identify the port in service
|
||||||
discovery, and used in the name of the environment variable that indicates
|
discovery, and used in the name of the environment variable that indicates
|
||||||
|
@ -167,6 +191,25 @@ When the task is started, it is passed an additional environment variable named
|
||||||
`NOMAD_HOST_PORT_http` which indicates the host port that the HTTP service is
|
`NOMAD_HOST_PORT_http` which indicates the host port that the HTTP service is
|
||||||
bound to.
|
bound to.
|
||||||
|
|
||||||
|
### Bridge Mode
|
||||||
|
|
||||||
|
The following example is a group level network stanza that uses bridge mode
|
||||||
|
and port mapping.
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
network {
|
||||||
|
mode = "bridge"
|
||||||
|
port "http" {
|
||||||
|
static = 9002
|
||||||
|
to = 9002
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
[docker-driver]: /docs/drivers/docker.html "Nomad Docker Driver"
|
[docker-driver]: /docs/drivers/docker.html "Nomad Docker Driver"
|
||||||
[qemu-driver]: /docs/drivers/qemu.html "Nomad QEMU Driver"
|
[qemu-driver]: /docs/drivers/qemu.html "Nomad QEMU Driver"
|
||||||
|
[Connect]: /docs/job-specification/connect.html "Nomad Consul Connect Integration"
|
||||||
|
|
||||||
|
### Limitations
|
||||||
|
|
||||||
|
Only one `network` stanza can be specified, when it is defined at the task group level.
|
|
@ -16,6 +16,11 @@ description: |-
|
||||||
<code>job -> group -> task -> **service**</code>
|
<code>job -> group -> task -> **service**</code>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<th width="120">Placement</th>
|
||||||
|
<td>
|
||||||
|
<code>job -> group -> **service**</code>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
The `service` stanza instructs Nomad to register the task as a service using the
|
The `service` stanza instructs Nomad to register the task as a service using the
|
||||||
|
@ -71,6 +76,9 @@ configuration to integrate Nomad with service discovery, please see the
|
||||||
must take to configure Nomad. Simply adding this configuration to your job file
|
must take to configure Nomad. Simply adding this configuration to your job file
|
||||||
does not automatically enable service discovery.
|
does not automatically enable service discovery.
|
||||||
|
|
||||||
|
Nomad 0.10 also allows specifying the `service` stanza at the task group level.
|
||||||
|
This enables services in the same task group to opt into [Consul Connect][] integration.
|
||||||
|
|
||||||
## `service` Parameters
|
## `service` Parameters
|
||||||
|
|
||||||
- `check` <code>([Check](#check-parameters): nil)</code> - Specifies a health
|
- `check` <code>([Check](#check-parameters): nil)</code> - Specifies a health
|
||||||
|
@ -628,3 +636,4 @@ system of a task for that driver.</small>
|
||||||
[network]: /docs/job-specification/network.html "Nomad network Job Specification"
|
[network]: /docs/job-specification/network.html "Nomad network Job Specification"
|
||||||
[qemu]: /docs/drivers/qemu.html "Nomad qemu Driver"
|
[qemu]: /docs/drivers/qemu.html "Nomad qemu Driver"
|
||||||
[restart_stanza]: /docs/job-specification/restart.html "restart stanza"
|
[restart_stanza]: /docs/job-specification/restart.html "restart stanza"
|
||||||
|
[Connect]: /docs/job-specification/connect.html "Nomad Consul Connect Integration"
|
||||||
|
|
Loading…
Reference in a new issue