luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity

docs: expand explanation of task driver capabilities (#8485)

Browse source
This commit is contained in:
Tim Gross 2020-07-22 12:14:20 -04:00 committed by GitHub
parent e5b43b2323
commit 77f4189cd2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 61 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
website/pages/docs/drivers/docker.mdx
View file

@ -629,16 +629,15 @@ through Nomad plugins or dynamic job configuration.
## Capabilities ## Capabilities
The `docker` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error) The `docker` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error).
| Feature | Implementation | | Feature | Implementation |
| --- | --- | | --- | --- |
| SendSignals | true | | `nomad alloc signal` | true |
| Exec | true | | `nomad alloc exec` | true |
| FSIsolation | image | | filesystem isolation | image |
| NetIsolationModes | host, group, task | | network isolation | host, group, task |
| MustInitiateNetwork | true | | volume mounting | all |
| MountConfigs | all |
## Client Requirements ## Client Requirements

13
website/pages/docs/drivers/exec.mdx
View file

@ -79,16 +79,15 @@ task "example" {
## Capabilities ## Capabilities
The `exec` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error) The `exec` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error).
| Feature | Implementation | | Feature | Implementation |
| --- | --- | | --- | --- |
| SendSignals | true | | `nomad alloc signal` | true |
| Exec | true | | `nomad alloc exec` | true |
| FSIsolation | chroot | | filesystem isolation | chroot |
| NetIsolationModes | host, group | | network isolation | host, group |
| MustInitiateNetwork | false | | volume mounting | all |
| MountConfigs | all |
## Client Requirements ## Client Requirements

12
website/pages/docs/drivers/java.mdx
View file

@ -99,15 +99,15 @@ task "web" {
## Capabilities ## Capabilities
The `java` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error) The `java` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error).
| Feature | Implementation | | Feature | Implementation |
| --- | --- | | --- | --- |
| SendSignals | false | | `nomad alloc signal` | false |
| Exec | false | | `nomad alloc exec` | false |
| FSIsolation | none, chroot (only for linux) | | filesystem isolation | none, chroot (only for linux) |
| NetIsolationModes | host, group | | network isolation | host, group |
| MountConfigs | none, all (only for linux) | | volume mounting | none, all (only for linux) |
## Client Requirements ## Client Requirements

12
website/pages/docs/drivers/qemu.mdx
View file

@ -103,15 +103,15 @@ task "virtual" {
## Capabilities ## Capabilities
The `qemu` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error) The `qemu` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error).
| Feature | Implementation | | Feature | Implementation |
| --- | --- | | --- | --- |
| SendSignals | false | | `nomad alloc signal` | false |
| Exec | false | | `nomad alloc exec` | false |
| FSIsolation | image | | filesystem isolation | image |
| NetIsolationModes | none | | network isolation | none |
| MountConfigs | none | | volume mounting | none |
## Client Requirements ## Client Requirements

12
website/pages/docs/drivers/raw_exec.mdx
View file

@ -75,15 +75,15 @@ task "example" {
## Capabilities ## Capabilities
The `raw_exec` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error) The `raw_exec` driver implements the following [capabilities](/docs/internals/plugins/task-drivers#capabilities-capabilities-error).
| Feature | Implementation | | Feature | Implementation |
| --- | --- | | --- | --- |
| SendSignals | true | | `nomad alloc signal` | true |
| Exec | true | | `nomad alloc exec` | true |
| FSIsolation | none | | filesystem isolation | none |
| NetIsolationModes | host, group | | network isolation | host, group |
| MountConfigs | none | | volume mounting | none |
## Client Requirements ## Client Requirements

40
website/pages/docs/internals/plugins/task-drivers.mdx
View file

@ -47,32 +47,54 @@ Capabilities define what features the driver implements. Example:
```go ```go
Capabilities { Capabilities {
// Does the driver support sending OS signals to the task? // Does the driver support sending OS signals to the task? This capability
// is used by 'nomad alloc signal'.
SendSignals: true, SendSignals: true,
// Does the driver support executing a command within the task execution // Does the driver support executing a command within the task execution
// environment? // environment? This capability is used by 'nomad alloc exec'.
Exec: true, Exec: true,
// What filesystem isolation is supported by the driver. Options include // What filesystem isolation is supported by the driver. Options include
// FSIsolationImage, FSIsolationChroot, and FSIsolationNone // FSIsolationImage, FSIsolationChroot, and FSIsolationNone. See below for
// more details.
FSIsolation: FSIsolationImage, FSIsolation: FSIsolationImage,
// NetIsolationModes lists the set of isolation modes supported by the driver. // NetIsolationModes lists the set of isolation modes supported by the
// Options include NetIsolationModeHost, NetIsolationModeGroup, // driver. Options include NetIsolationModeHost, NetIsolationModeGroup,
// NetIsolationModeTask, and NetIsolationModeNone. // NetIsolationModeTask, and NetIsolationModeNone. See below for more
// details.
NetIsolationModes []NetIsolationMode NetIsolationModes []NetIsolationMode
// MustInitiateNetwork tells Nomad that the driver must create the network // MustInitiateNetwork tells Nomad that the driver must create the network
// namespace and that the CreateNetwork and DestroyNetwork RPCs are implemented. // namespace and that the CreateNetwork and DestroyNetwork RPCs are
// implemented.
MustInitiateNetwork bool MustInitiateNetwork bool
// MountConfigs tells Nomad which mounting config options the driver // MountConfigs tells Nomad which mounting config options the driver
// supports. This is used to check whether mounting host volumes or CSI // supports. This is used to check whether mounting host volumes or CSI
// volumes is allowed. Options include MountConfigSupportAll (default), // volumes is allowed. Options include MountConfigSupportAll (default), or
// or MountConfigSupportNone. // MountConfigSupportNone.
MountConfigs MountConfigSupport MountConfigs MountConfigSupport
} }
``` ```
The file system isolation options are:
- `FSIsolationImage`: The task driver isolates tasks as machine images.
- `FSIsolationChroot`: The task driver isolates tasks with `chroot` or
`pivot_root`.
- `FSIsolationNone`: The task driver has no filesystem isolation.
The network isolation modes are:
- `NetIsolationModeHost`: The task driver supports disabling network isolation
and using thre host network.
- `NetIsolationModeGroup`: The task driver supports using the task group
network namespace.
- `NetIsolationModeTask`: The task driver supports isolating the network to
just the task.
- `NetIsolationModeNone`: There is no network to isolate. This is used for
task that the client manages remotely.
### `Fingerprint(context.Context) (<-chan *Fingerprint, error)` ### `Fingerprint(context.Context) (<-chan *Fingerprint, error)`
This function is called by the client when the plugin is started. It allows the This function is called by the client when the plugin is started. It allows the