luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-nomad/website/pages/docs/autoscaling/plugins/target.mdx
Ryan Oaks 536aab271d Format docs website code and mdx
2020-10-02 13:31:40 -04:00

160 lines
4.8 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: Target
sidebar_title: Target
description: Target plugins determine where the resource to be autoscaled is located.
---
# Target Plugins
Target Plugins determine where the resource to be autoscaled is located. All
target plugins support the `dry-run` policy config parameter which allows a policy
to be evaluated, but will noop any suggested changes.
## Nomad Task Group Target
The Nomad task group target indicates the scalable resource is a Nomad job
running on a Nomad cluster.
### Agent Configuration Options
The Nomad target is automatically launched by the Nomad Autoscaler and so the
following setup is optional.
```hcl
target "nomad" {
driver = "nomad"
}
```
### Policy Configuration Options
If using the [Nomad job specification scaling stanza][nomad_scaling_stanza] to
configure the scaling policy, the following section can be omitted as Nomad will
populate them on job submission.
```hcl
check {
...
target "nomad" {
Job = "example"
Group = "cache"
}
...
```
- `job` `(string: "")` - The job identifier which contains the task group to
scale as defined within the job specification [`job` stanza][nomad_job_stanza].
- `group` `(string: "")` - The name of the task group to scale as defined in the
job specification [`group` stanza][nomad_group_stanza].
## AWS AutoScaling Group Target
The AWS ASG target plugin allows for the scaling of the Nomad cluster clients
via manipulating [AWS AutoScaling Groups][aws_autoscaling].
### Agent Configuration Options
To use the AWS ASG target plugin, the agent configuration needs to be populated
with the appropriate target block. Authentication to the AWS API can be supplied
in a number of ways including EC2 instance roles. It is recommended, if possible
to use the [Vault AWS Secrets engine][vault_aws_backend] for supplying access
credentials to the plugin. Credentials should be injected into the configuration
via a template rather than as environment variables. This ensures the credentials
are passed only to the plugin, rather than being available for all plugins and
the agent process.
The IAM policy required for the AWS ASG plugin to function properly is detailed
below.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"ec2:TerminateInstances",
"ec2:DescribeInstanceStatus",
"autoscaling:UpdateAutoScalingGroup",
"autoscaling:DetachInstances",
"autoscaling:DescribeScalingActivities",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:CreateOrUpdateTags"
],
"Resource": "*"
}
]
}
```
```hcl
target "aws-asg" {
driver = "aws-asg"
config = {
aws_region = "eu-west-3"
aws_access_key_id = "AKIAIOSFODNN7EXAMPLE"
aws_secret_key_id = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
}
}
```
When using a Nomad cluster with ACLs enabled, the plugin will require an ACL token which provides
the following permissions:
```hcl
node {
policy = "write"
}
```
- `aws_region` `(string: "us-east-1")` - The [AWS region][aws_region] identifier
to connect to and where resources should be managed.
- `aws_access_key_id` `(string: "")` - The AWS access key ID used to authenticate
with the AWS API.
- `aws_secret_key_id` `(string: "")` - The AWS secret key ID used to authenticate
with the AWS API.
- `aws_session_token` `(string: "")` - The AWS session token used to authenticate
with the AWS API.
### Policy Configuration Options
```hcl
check {
...
target "aws-asg" {
aws_asg_name = "hashistack-client-asg"
node_class = "hashistack"
node_drain_deadline = "5m"
node_purge = "true"
}
...
```
- `aws_asg_name` `(string: <required>)` - The name of the AWS AutoScaling Group to
interact with when performing scaling actions.
- `node_class` `(string: <required>)` - The Nomad [client node class][nomad_node_class]
identifier used to group nodes into a pool of resource.
- `node_drain_deadline` `(duration: "15m")` The Nomad [drain deadline][nomad_node_drain_deadline]
to use when performing node draining actions.
- `node_purge` `(bool: "false")` A boolean flag to determine whether Nomad clients should
be [purged][nomad_node_purge] when performing scale in actions.
[nomad_node_class]: /docs/configuration/client#node_class
[nomad_node_drain_deadline]: /api-docs/nodes#deadline
[nomad_scaling_stanza]: /docs/job-specification/scaling
[nomad_group_stanza]: /docs/job-specification/group#group-stanza
[nomad_job_stanza]: /docs/job-specification/job#job-stanza
[aws_region]: https://aws.amazon.com/about-aws/global-infrastructure/regions_az/
[aws_autoscaling]: https://aws.amazon.com/autoscaling/
[vault_aws_backend]: https://www.vaultproject.io/docs/secrets/aws
[nomad_node_purge]: /api-docs/nodes#purge-node
Reference in a new issue View git blame Copy permalink