简介

Nomad 是 HashiCorp 公司开源的一款分布式任务调度系统,类似于 Kubernetes,但功能相对简单,适合中小型项目。Nomad 的部署方式有多种,包括单机部署、集群部署等。本文将介绍如何在单机部署 Nomad。

环境准备

在开始部署之前,需要准备以下环境:

  • 一台服务器,可以是物理机、虚拟机或云服务器。
  • 安装 Docker,用于运行 Nomad 容器。

部署步骤

  1. 下载 Nomad
# 设置 Nomad 版本
export NOMAD_VERSION="1.1.0"

# 下载 Nomad
curl --silent --remote-name https://releases.hashicorp.com/nomad/${NOMAD_VERSION}/nomad_${NOMAD_VERSION}_linux_amd64.zip
  1. 安装 Nomad
# 解压 Nomad
unzip nomad_${NOMAD_VERSION}_linux_amd64.zip

# 设置 Nomad 权限
sudo chown root:root nomad

# 移动 Nomad 到 /usr/local/bin 目录
sudo mv nomad /usr/local/bin/

# 检查 Nomad 版本
nomad version

# 安装 Nomad 自动补全
nomad -autocomplete-install
complete -C /usr/local/bin/nomad nomad

# 创建 Nomad 数据目录
sudo mkdir --parents /opt/nomad

# 创建一个非特权用户 Nomad 来运行 Nomad 服务(因为本文是单机安装,所以不需要,客户端需要以root运行)
# sudo useradd --system --home /etc/nomad.d --shell /bin/false nomad
  1. 配置 systemd
sudo vim /etc/systemd/system/nomad.service

[Unit]
Description=Nomad
Documentation=https://www.nomadproject.io/docs/
Wants=network-online.target
After=network-online.target

# When using Nomad with Consul it is not necessary to start Consul first. These
# lines start Consul before Nomad as an optimization to avoid Nomad logging
# that Consul is unavailable at startup.
#Wants=consul.service
#After=consul.service

[Service]

# Nomad server should be run as the nomad user. Nomad clients
# should be run as root
# 单节点运行既是服务求优势客户端,所以这里使用root
User=root
Group=root

ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d
KillMode=process
KillSignal=SIGINT
LimitNOFILE=65536
LimitNPROC=infinity
Restart=on-failure
RestartSec=2

## Configure unit start rate limiting. Units which are started more than
## *burst* times within an *interval* time span are not permitted to start any
## more. Use `StartLimitIntervalSec` or `StartLimitInterval` (depending on
## systemd version) to configure the checking interval and `StartLimitBurst`
## to configure how many starts per interval are allowed. The values in the
## commented lines are defaults.

# StartLimitBurst = 5

## StartLimitIntervalSec is used for systemd versions >= 230
# StartLimitIntervalSec = 10s

## StartLimitInterval is used for systemd versions < 230
# StartLimitInterval = 10s

TasksMax=infinity
OOMScoreAdjust=-1000

[Install]
WantedBy=multi-user.target
  1. 配置 Nomad

创建配置文件目录

sudo mkdir --parents /etc/nomad.d

# 设置权限
sudo chmod 700 /etc/nomad.d

通用配置文件

sudo touch /etc/nomad.d/nomad.hcl

datacenter = "dc1"
data_dir = "/opt/nomad"
acl {   # 启用ACL权限控制
  enabled = true
}

服务器配置文件

sudo touch /etc/nomad.d/server.hcl

server {
  enabled = true
  # bootstrap_expect = 3 需要与服务器数量一致,因为是单机所以注释掉。
  # server_join {   单机版可以注释掉。
  #  retry_join     = [ "1.1.1.1", "2.2.2.2" ]
  #  retry_max      = 3
  #  retry_interval = "15s"
  #}
}

客户端配置文件

sudo touch /etc/nomad.d/client.hcl

client {
  enabled = true
  # servers = ["1.2.3.4:4647", "5.6.7.8:4647"] 服务器地址配置,单机版可以注释
}
  1. 获取ACL bootstrap令牌
nomad acl bootstrap

Accessor ID  = 5b7fd453-d3f7-6814-81dc-fcfe6daedea5
Secret ID    = 9184ec35-65d4-9258-61e3-0c066d0a45c5
Name         = Bootstrap Token
Type         = management
Global       = true
Policies     = n/a
Create Time  = 2017-09-11 17:38:10.999089612 +0000 UTC
Create Index = 7
Modify Index = 7
  1. 启用 TLS 加密

参考启用 TLS 加密

感觉单机版可以不用配置

  1. 启动 Nomad
sudo systemctl enable nomad

sudo systemctl start nomad

sudo systemctl status nomad

使用示例

  1. 访问ui界面
http://127.0.0.1:4646

  1. 使用Bootstrap Token进行身份认证

  2. 创建hello-worldjob

job "hello-world" {
  # Specifies the datacenter where this job should be run
  # This can be omitted and it will default to ["*"]
  datacenters = ["*"]

  meta {
    # User-defined key/value pairs that can be used in your jobs.
    # You can also use this meta block within Group and Task levels.
    foo = "bar"
  }

  # A group defines a series of tasks that should be co-located
  # on the same client (host). All tasks within a group will be
  # placed on the same host.
  group "servers" {

    # Specifies the number of instances of this group that should be running.
    # Use this to scale or parallelize your job.
    # This can be omitted and it will default to 1.
    count = 1

    network {
      port "www" {
        static = 8001  # 配置固定端口,如果没有配置会随机生成一个端口。
        to = 8001
      }
    }

    service {
      provider = "nomad"
      port     = "www"
    }

    # Tasks are individual units of work that are run by Nomad.
    task "web" {
      # This particular task starts a simple web server within a Docker container
      driver = "docker"

      config {
        image   = "busybox:1"
        command = "httpd"
        args    = ["-v", "-f", "-p", "${NOMAD_PORT_www}", "-h", "/local"]
        ports   = ["www"]
      }

      template {
        data        = <<-EOF
                      <h1>Hello, Nomad!</h1>
                      <ul>
                        <li>Task: </li>
                        <li>Group: </li>
                        <li>Job: </li>
                        <li>Metadata value for foo: </li>
                        <li>Currently running on port: </li>
                      </ul>
                      EOF
        destination = "local/index.html"
      }

      # Specify the maximum resources required to run the task
      resources {
        cpu    = 50
        memory = 16
      }
    }
  }
}