Merge pull request #5804 from hashicorp/yishan/revised-enterprise-docs
Revised Nomad Enterprise page
This commit is contained in:
Yishan Lin
GitHub
commit
cd8fc7c983
|
|
@ -217,3 +217,22 @@
|
|||
/guides/operations/upgrade/ /guides/upgrade/index.html
|
||||
/guides/operations/upgrade/index.html /guides/upgrade/index.html
|
||||
/guides/operations/upgrade/upgrade-specific.html /guides/upgrade/upgrade-specific.html
|
||||
|
||||
# Enterprise
|
||||
|
||||
# Reorganized Enterprise into single pager
|
||||
/docs/enterprise/namespaces /docs/enterprise/index.html#namespaces
|
||||
/docs/enterprise/namespaces/ /docs/enterprise/index.html#namespaces
|
||||
/docs/enterprise/namespaces/index.html /docs/enterprise/index.html#namespaces
|
||||
/docs/enterprise/quotas /docs/enterprise/index.html#resource-quotas
|
||||
/docs/enterprise/quotas/ /docs/enterprise/index.html#resource-quotas
|
||||
/docs/enterprise/quotas/index.html /docs/enterprise/index.html#resource-quotas
|
||||
/docs/enterprise/preemption /docs/enterprise/index.html#preemption
|
||||
/docs/enterprise/preemption/ /docs/enterprise/index.html#preemption
|
||||
/docs/enterprise/preemption/index.html /docs/enterprise/index.html#preemption
|
||||
/docs/enterprise/sentinel /docs/enterprise/index.html#sentinel-policies
|
||||
/docs/enterprise/sentinel/ /docs/enterprise/index.html#sentinel-policies
|
||||
/docs/enterprise/sentinel/index.html /docs/enterprise/index.html#sentinel-policies
|
||||
/docs/enterprise/autopilot /docs/enterprise/index.html#nomad-enterprise-platform
|
||||
/docs/enterprise/autopilot/ /docs/enterprise/index.html#nomad-enterprise-platform
|
||||
/docs/enterprise/autopilot/index.html /docs/enterprise/index.html#nomad-enterprise-platform
|
||||
|
|
|
|||
|
|
@ -1,45 +0,0 @@
|
|||
---
|
||||
layout: "docs"
|
||||
page_title: "Nomad Enterprise Advanced Autopilot"
|
||||
sidebar_current: "docs-enterprise-autopilot"
|
||||
description: |-
|
||||
Nomad Enterprise supports Advanced Autopilot capabilities which enable fully
|
||||
automated server upgrades, higher throughput for reads and scheduling, and hot
|
||||
server failover on a per availability zone basis.
|
||||
---
|
||||
|
||||
# Nomad Enterprise Advanced Autopilot
|
||||
|
||||
[Nomad Enterprise](https://www.hashicorp.com/go/nomad-enterprise) supports Advanced Autopilot capabilities which enable fully
|
||||
automated server upgrades, higher throughput for reads and scheduling, and hot
|
||||
server failover on a per availability zone basis. See the sections below for
|
||||
additional details on each of these capabilities.
|
||||
|
||||
* **Automated Upgrades:** Advanced Autopilot enables an upgrade pattern that
|
||||
allows operators to deploy a complete cluster of new servers and then simply wait
|
||||
for the upgrade to complete. As the new servers join the cluster, server
|
||||
introduction logic checks the version of each Nomad server. If the version is
|
||||
higher than the version on the current set of voters, it will avoid promoting
|
||||
the new servers to voters until the number of new servers matches the number of
|
||||
existing servers at the previous version. Once the numbers match, Autopilot will
|
||||
begin to promote new servers and demote old ones.
|
||||
|
||||
* **Enhanced Read Scalability:** With Advanced Autopilot, servers can be
|
||||
explicitly marked as non-voters. Non-voters will receive the replication stream
|
||||
but will not take part in quorum (required by the leader before log entries can
|
||||
be committed). Adding explicit non-voters will scale reads and scheduling without
|
||||
impacting write latency.
|
||||
|
||||
* **Redundancy Zones:** Advanced Autopilot redundancy zones make it possible to
|
||||
have more servers than availability zones. For example, in an environment with
|
||||
three availability zones it's now possible to run one voter and one non-voter in
|
||||
each availability zone, for a total of six servers. If an availability zone is
|
||||
completely lost, only one voter will be lost, so the cluster remains available.
|
||||
If a voter is lost in an availability zone, Autopilot will promote the non-voter
|
||||
to voter automatically, putting the hot standby server into service quickly.
|
||||
|
||||
See the [Nomad Autopilot Guide](/guides/operations/autopilot.html)
|
||||
for a comprehensive overview of Nomad's open source and enterprise Autopilot features.
|
||||
|
||||
Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or
|
||||
request a trial of Nomad Enterprise.
|
||||
|
|
@ -9,24 +9,55 @@ description: |-
|
|||
|
||||
# Nomad Enterprise
|
||||
|
||||
[Nomad Enterprise](https://www.hashicorp.com/go/nomad-enterprise) adds collaboration,
|
||||
operational, and governance capabilities to Nomad. Namespaces allow multiple
|
||||
teams to safely use a shared multi-region deployment. With Resource Quotas,
|
||||
operators can limit resource consumption across teams or projects. Sentinel
|
||||
policies enable enforcement of arbitrary fine-grained policies on job submission.
|
||||
Preemption capabilities enable the scheduler to temporarily evict lower priority
|
||||
allocations for service and batch jobs so that higher priority allocations can be placed.
|
||||
Advanced Autopilot capabilities enable automated server upgrades, enhanced scalability
|
||||
for reads and scheduling, and hot server failover on a per availability zone basis. See the
|
||||
links below for a detailed overview of each feature.
|
||||
Nomad Enterprise adds collaboration, operational, and governance capabilities to Nomad. Nomad Enterprise is available as a base Platform package with an optional Governance & Policy add-on module.
|
||||
|
||||
- [Namespaces](/docs/enterprise/namespaces/index.html)
|
||||
- [Resource Quotas](/docs/enterprise/quotas/index.html)
|
||||
- [Sentinel Policies](/docs/enterprise/sentinel/index.html)
|
||||
- [Preemption](/docs/enterprise/preemption/index.html)
|
||||
- [Advanced Autopilot](/docs/enterprise/autopilot/index.html)
|
||||
Please navigate the sub-sections for more information about each package and its features in detail.
|
||||
|
||||
Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or request a trial
|
||||
## Nomad Enterprise Platform
|
||||
Nomad Enterprise Platform enables operators to easily upgrade Nomad as well as enhances performance and availability through Advanced Autopilot features such as Automated Upgrades, Enhanced Read Scalability, and Redundancy Zones.
|
||||
|
||||
### Automated Upgrades
|
||||
Automated Upgrades allows operators to deploy a complete cluster of new servers and then simply wait for the upgrade to complete. As the new servers join the cluster, server logic checks the version of each Nomad server node. If the version is higher than the version on the current set of voters, it will avoid promoting the new servers to voters until the number of new servers matches the number of existing servers at the previous version. Once the numbers match, Nomad will begin to promote new servers and demote old ones.
|
||||
|
||||
See the [Autopilot - Upgrade Migrations](https://www.nomadproject.io/guides/operations/autopilot.html#upgrade-migrations) documentation for a thorough overview.
|
||||
|
||||
### Enhanced Read Scalability
|
||||
This feature enables an operator to introduce non-voting server nodes to a Nomad cluster. Non-voting servers will receive the replication stream but will not take part in quorum (required by the leader before log entries can be committed). Adding explicit non-voters will scale reads and scheduling without impacting write latency.
|
||||
|
||||
See the [Autopilot - Read Scalability](https://www.nomadproject.io/guides/operations/autopilot.html#server-read-and-scheduling-scaling) documentation for a thorough overview.
|
||||
|
||||
### Redundancy Zones
|
||||
Redundancy Zones enables an operator to deploy a non-voting server as a hot standby server on a per availability zone basis. For example, in an environment with three availability zones an operator can run one voter and one non-voter in each availability zone, for a total of six servers. If an availability zone is completely lost, only one voter will be lost, so the cluster remains available. If a voter is lost in an availability zone, Nomad will promote the non-voter to a voter automatically, putting the hot standby server into service quickly.
|
||||
|
||||
See the [Autopilot - Redundancy Zones](https://www.nomadproject.io/guides/operations/autopilot.html#redundancy-zones) documentation for a thorough overview.
|
||||
|
||||
## Governance & Policy
|
||||
Governance & Policy features are part of an add-on module that enables an organization to securely operate Nomad at scale across multiple teams through features such as Namespaces, Resource Quotas, Sentinel Policies, and Preemption.
|
||||
|
||||
### Namespaces
|
||||
Namespaces enable multiple teams to safely use a shared multi-region Nomad environment and reduce cluster fleet size. In Nomad Enterprise, a shared cluster can be partitioned into multiple namespaces which allow jobs and their associated objects to be isolated from each other and other users of the cluster.
|
||||
|
||||
Namespaces enhance the usability of a shared cluster by isolating teams from the jobs of others, by providing fine grain access control to jobs when coupled with ACLs, and by preventing bad actors from negatively impacting the whole cluster.
|
||||
|
||||
See the [Namespaces Guide](https://www.nomadproject.io/docs/enterprise/namespaces/index.html) for a thorough overview.
|
||||
|
||||
### Resource Quotas
|
||||
Resource Quotas enable an operator to limit resource consumption across teams or projects to reduce waste and align budgets. In Nomad Enterprise, operators can define quota specifications and apply them to namespaces. When a quota is attached to a namespace, the jobs within the namespace may not consume more resources than the quota specification allows.
|
||||
|
||||
This allows operators to partition a shared cluster and ensure that no single actor can consume the whole resources of the cluster.
|
||||
|
||||
See the [Resource Quotas Guide](https://www.nomadproject.io/docs/enterprise/quotas/index.html) for a thorough overview.
|
||||
|
||||
### Sentinel Policies
|
||||
In Nomad Enterprise, operators can create Sentinel policies for fine-grained policy enforcement. Sentinel policies build on top of the ACL system and allow operators to define policies such as disallowing jobs to be submitted to production on Fridays or only allowing users to run jobs that use pre-authorized Docker images. Sentinel policies are defined as code, giving operators considerable flexibility to meet compliance requirements.
|
||||
|
||||
See the [Sentinel Policies Guide](https://www.nomadproject.io/guides/governance-and-policy/sentinel/sentinel-policy.html) for a thorough overview.
|
||||
|
||||
### Preemption
|
||||
When a Nomad cluster is at capacity for a given set of placement constraints, any allocations that result from a newly scheduled service or batch job will remain in the pending state until sufficient resources become available - regardless of the defined priority.
|
||||
|
||||
Preemption enables Nomad's scheduler to automatically evict lower priority allocations of service and batch jobs so that allocations from higher priority jobs can be placed. This behavior ensures that critical workloads can run when resources are limited or when partial outages require workloads to be rescheduled across a smaller set of client nodes.
|
||||
|
||||
## Try Nomad Enterprise
|
||||
Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or request a trial
|
||||
of Nomad Enterprise.
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,26 +0,0 @@
|
|||
---
|
||||
layout: "docs"
|
||||
page_title: "Nomad Enterprise Namespaces"
|
||||
sidebar_current: "docs-enterprise-namespaces"
|
||||
description: |-
|
||||
Nomad Enterprise provides support for namespaces, which allows jobs and their
|
||||
associated objects to be segmented from each other and other users of the
|
||||
cluster.
|
||||
---
|
||||
|
||||
# Nomad Enterprise Namespaces
|
||||
|
||||
In [Nomad Enterprise](https://www.hashicorp.com/go/nomad-enterprise), a shared
|
||||
cluster can be partitioned into [namespaces](/guides/governance-and-policy/namespaces.html) which allows
|
||||
jobs and their associated objects to be isolated from each other and other users
|
||||
of the cluster.
|
||||
|
||||
Namespaces enhance the usability of a shared cluster by isolating teams from the
|
||||
jobs of others, provide fine grain access control to jobs when coupled with
|
||||
[ACLs](/guides/security/acl.html), and can prevent bad actors from negatively impacting
|
||||
the whole cluster when used in conjunction with
|
||||
[resource quotas](/guides/governance-and-policy/quotas.html). See the
|
||||
[Namespaces Guide](/guides/governance-and-policy/namespaces.html) for a thorough overview.
|
||||
|
||||
Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or
|
||||
request a trial of Nomad Enterprise.
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
---
|
||||
layout: "docs"
|
||||
page_title: "Nomad Enterprise Preemption"
|
||||
sidebar_current: "docs-enterprise-preemption"
|
||||
description: |-
|
||||
Nomad Enterprise preemption capabilities enable the scheduler to temporarily
|
||||
evict lower priority allocations for service and batch jobs so that
|
||||
higher priority allocations can be placed.
|
||||
---
|
||||
|
||||
# Nomad Enterprise Preemption
|
||||
|
||||
When a Nomad cluster is at capacity for a given set of placement constraints, any allocations
|
||||
that result from a newly scheduled service or batch job will remain in the pending state until
|
||||
sufficient resources become available - regardless of the defined priority.
|
||||
|
||||
[Preemption](/docs/internals/scheduling/preemption.html) capabilities in
|
||||
[Nomad Enterprise](https://www.hashicorp.com/go/nomad-enterprise) enable the scheduler to temporarily
|
||||
evict lower [priority](/docs/job-specification/job.html#priority) allocations from service and
|
||||
batch jobs so that the allocations from higher priority jobs can be placed. This behavior
|
||||
ensures that critical workloads can run when resources are limited or when partial outages require
|
||||
workloads to be rescheduled across a smaller set of client nodes.
|
||||
|
||||
See the [Preemption internals documentation](/docs/internals/scheduling/preemption.html) for a
|
||||
more detailed overview. Preemption for service and batch jobs can be enabled using the [scheduler config API endpoint](/api/operator.html#update-scheduler-configuration).
|
||||
|
||||
Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or
|
||||
request a trial of Nomad Enterprise.
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
---
|
||||
layout: "docs"
|
||||
page_title: "Nomad Enterprise Resource Quotas"
|
||||
sidebar_current: "docs-enterprise-quotas"
|
||||
description: |-
|
||||
Nomad Enterprise provides support for applying resource quotas to namespaces
|
||||
which restricts the overall resources that jobs within the namespace are
|
||||
allowed to consume.
|
||||
---
|
||||
|
||||
# Nomad Enterprise Resource Quotas
|
||||
|
||||
In [Nomad Enterprise](https://www.hashicorp.com/go/nomad-enterprise), operators can
|
||||
define [quota specifications](/guides/governance-and-policy/quotas.html) and apply them to namespaces.
|
||||
When a quota is attached to a namespace, the jobs within the namespace may not
|
||||
consume more resources than the quota specification allows.
|
||||
|
||||
This allows operators to partition a shared cluster and ensure that no single
|
||||
actor can consume the whole resources of the cluster. See the
|
||||
[Resource Quotas Guide](/guides/governance-and-policy/quotas.html) for more details.
|
||||
|
||||
Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or
|
||||
request a trial of Nomad Enterprise.
|
||||
|
|
@ -1,36 +0,0 @@
|
|||
---
|
||||
layout: "docs"
|
||||
page_title: "Nomad Enterprise Sentinel Policy Enforcement"
|
||||
sidebar_current: "docs-enterprise-sentinel"
|
||||
description: |-
|
||||
Nomad Enterprise provides support for policy enforcement using Sentinel.
|
||||
---
|
||||
|
||||
# Nomad Enterprise Sentinel Policy Enforcement
|
||||
|
||||
In [Nomad Enterprise](https://www.hashicorp.com/go/nomad-enterprise), operators can
|
||||
create [Sentinel policies](/guides/governance-and-policy/sentinel/sentinel-policy.html) for fine-grained policy
|
||||
enforcement. Sentinel policies build on top of the ACL system and allow operators to define
|
||||
policies such as disallowing jobs to be submitted to production on
|
||||
Fridays. These extremely rich policies are defined as code. For example, to
|
||||
restrict jobs to only using the Docker driver, the operator would define and apply
|
||||
the following policy:
|
||||
|
||||
```
|
||||
# Only allows Docker based tasks
|
||||
main = rule { all_drivers_docker }
|
||||
|
||||
# all_drivers_docker checks that all the drivers in use are Docker
|
||||
all_drivers_docker = rule {
|
||||
all job.task_groups as tg {
|
||||
all tg.tasks as task {
|
||||
task.driver is "docker"
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
See the [Sentinel Policies Guide](/guides/governance-and-policy/sentinel/sentinel-policy.html) for additional details and examples.
|
||||
|
||||
Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or
|
||||
request a trial of Nomad Enterprise.
|
||||
|
|
@ -8,6 +8,7 @@ description: |-
|
|||
|
||||
# Nomad Operations
|
||||
|
||||
The Nomad Operations guides section provides best practices and guidance for
|
||||
operating Nomad in a real-world production setting. Please navigate the
|
||||
appropriate sub-sections for more information.
|
||||
The Nomad Operations guides section provides best practices and guidance for
|
||||
operating Nomad in a real-world production setting.
|
||||
|
||||
Please navigate the appropriate sub-sections for more information.
|
||||
|
|
|
|||
|
|
@ -529,20 +529,26 @@
|
|||
<li<%= sidebar_current("docs-enterprise") %>>
|
||||
<a href="/docs/enterprise/index.html">Nomad Enterprise</a>
|
||||
<ul class="nav">
|
||||
<li<%= sidebar_current("docs-enterprise-upgrades") %>>
|
||||
<a href="/docs/enterprise/index.html#automated-upgrades">Automated Upgrades</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-enterprise-scalability") %>>
|
||||
<a href="/docs/enterprise/index.html#enhanced-read-scalability">Enhanced Read Scalability</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-enterprise-redundancy") %>>
|
||||
<a href="/docs/enterprise/index.html#redundancy-zones">Redundancy Zones</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-enterprise-namespaces") %>>
|
||||
<a href="/docs/enterprise/namespaces/index.html">Namespaces</a>
|
||||
<a href="/docs/enterprise/index.html#namespaces">Namespaces</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-enterprise-quotas") %>>
|
||||
<a href="/docs/enterprise/quotas/index.html">Resource Quotas</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-enterprise-sentinel") %>>
|
||||
<a href="/docs/enterprise/sentinel/index.html">Sentinel Policies</a>
|
||||
<a href="/docs/enterprise/index.html#resource-quotas">Resource Quotas</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-enterprise-preemption") %>>
|
||||
<a href="/docs/enterprise/preemption/index.html">Preemption</a>
|
||||
<a href="/docs/enterprise/index.html#preemption">Preemption</a>
|
||||
</li>
|
||||
<li<%= sidebar_current("docs-enterprise-autopilot") %>>
|
||||
<a href="/docs/enterprise/autopilot/index.html">Advanced Autopilot</a>
|
||||
<li<%= sidebar_current("docs-enterprise-sentinel") %>>
|
||||
<a href="/docs/enterprise/index.html#sentinel-policies">Sentinel Policies</a>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
|
|
|
|||
Loading…
Reference in New Issue