Instruqt Labs (beta)
  • Instruqt
  • Getting started
    • Setting up Version Control
    • Install Instruqt CLI
    • Creating your first lab
    • Configuration basics
    • Exploring the lab configuration
    • Adding your first chapter
    • Configuring sandboxes
    • Adding quizzes
    • Adding tasks and gating content
    • Finishing up
  • Documentation
    • Writing Lab Content
      • Project Structure
      • Markdown and Components
    • Integrations
      • Version Control
    • Lab reference
      • Content
        • Lab
        • Page
        • Activities
          • Task
          • Quiz
            • Multiple Choice
            • Single Choice
            • Text Answer
            • Numeric Answer
        • Layout
        • Tabs
          • Terminal
          • Service
          • Editor
          • External Website
          • Note
      • Sandbox
        • Containers
          • Container
          • Sidecar Container
        • Kubernetes
          • Cluster
          • Config
          • Helm
        • Nomad
          • Cluster
          • Job
        • Networking
          • Network
          • Ingress
        • Cloud Accounts
          • AWS
          • Azure
          • Google Cloud
        • Terraform
        • Template
        • Exec
        • Copy
        • Certificates
          • Root
          • Leaf
        • Random
          • Number
          • ID
          • UUID
          • Password
          • Creature
      • Functions
    • Tools
      • Instruqt CLI
    • Glossary
Powered by GitBook
On this page
  • NomadCluster
  • Image
  • NetworkAttachment
  • Port
  • PortRange
  • Volume
  • Config
  • DockerConfig
  • Examples
Edit on GitHub
Export as PDF
  1. Documentation
  2. Lab reference
  3. Sandbox
  4. Nomad

Cluster

NomadCluster

The nomad_cluster resource allows you to create Nomad clusters as Docker containers. Clusters can either be a single node combined server and client, or comprised of a dedicated server and client nodes.


resource "nomad_cluster" "name" {
  ...
}

Image Caching

Nomad clusters do not share the local machines Docker image cache. Each node in a cluster has it's own unqiue cache.

To save bandwidth all containers launched in the Nomad cluster pulled through an image cache that runs in Docker. After the first pull all images are subsequently pulled from the image cache not the public internet. This cache is global to all Nomad and Kubernetes clusters created with Jumppad.

For more information on the image cache see the container_registry resource.

Attributes

Attribute
Description

Additional volume to mount to the server and client nodes.

Network attaches the container to an existing network defined in a separate stanza. This block can be specified multiple times to attach the container to multiple networks.

A `port_range` stanza allows you to expose a range of container ports on the local network or host. This stanza can be specified multiple times.

The following example would create 11 ports from 80 to 90 (inclusive) and expose them to the host machine.

A `port` stanza allows you to expose container ports on the local network or host. This stanza can be specified multiple times.

Docker image in the local Docker image cache to copy to the cluster on creation. This image is added to the Nomad clients docker cache enabling jobs to use images that may not be in the local registry.

Changes to copied images are automatically tracked. Should the image change running jumppad up would push any changes to the cluster automatically.

Datacenter datacenter type: string

Nomad datacenter for the clients, defaults to `dc1`

Image defines a Docker image to use when creating the container. By default the nomad cluster resource will be created using the latest container image.

ClientConfig client_config type: string

Path to a file containing custom Nomad client config to use when creating the server. Note: This file is added to both server and clients nodes.

This file extends the default client config and is mounted at the path /etc/nomad.d/client_user_config.hcl

ServerConfig server_config type: string

Path to a file containing custom Nomad server config to use when creating the server. Note: This is only added to server nodes.

This file extends the default server configuration and is mounted at the path /etc/nomad.d/server_user_config.hcl on server nodes.

Environment environment type: map[string]string

An environment map allows you to set environment variables in the container.

ClientNodes client_nodes type: int

Number of client nodes to create, if set to `0` a combined server and client will be created. If greater than `0`, the system will create a dedicated server with `n` clients. `client_nodes` can be updated, if the value changes and the configuration is applied again, it will attempt to nondestructively scale the cluster.

ConsulConfig consul_config type: string

Path to a file containing custom Consul agent config to use when creating the client.

Specifies the configuration for the Nomad cluster.

APIPort api_port type: int

Port to expose the Nomad API on the host. By default this uses the standard nomad port 4646; however, if you are running multiple nomad instances you will need to override this value.

ExternalIP external_ip type: string

Local IP address of the Nomad server, this property can be used to set the NOAMD_ADDR on the Jumppad client.

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.

Attribute
Description

Meta ID meta.id string

The full ID of the resource e.g. `resource.type.name`. This is computed from the full resource path:

Meta Type meta.type string

The type of the resource. This taken from the type label of the resource definition.

Meta Name meta.name string

The name of the resource. This taken from the name label of the resource definition.

ConnectorPort connector_port type: int

The port where the Jumppad connector is exposed to the host, this property is requied by the ingress resource and is not generally needed when building blueprints.

ConfigDir config_dir type: string

Local directory where the server and client configuration is stored.

ServerContainerName server_container_name type: string

The fully qualified resource name for the Nomad server, this value can be used to address the server from the Docker network. It is also the name of the Docker container.

ClientContainerName client_container_name type: []string

The fully qualified resource names for the Nomad clients, this value can be used to address the client from the Docker network. It is also the name of the Docker container.

When client_nodes is set to 0 this property will have no value.


Image

Image defines a Docker image used when creating this container. An Image can be stored in a public or a private repository.


container {
  image {
    ...
  }
}

Attributes

Attribute
Description

Name name required type: string

Name of the image to use when creating the container, can either be the full canonical name or short name for Docker official images. e.g. `consul:v1.6.1` or `docker.io/consul:v1.6.1`.

Username username type: string

Username to use when connecting to a private image repository

Password password type: string

Password to use when connecting to a private image repository, for both username and password interpolated environment variables can be used in place of static values.

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.

Attribute
Description

ID id type: string

ID is the unique identifier for the image, this is independent of tag and changes each time the image is built. An image that has been tagged multiple times also shares the same ID. ID string `hcl:"id,optional" json:"id,omitempty"`


NetworkAttachment

Network attachment defines a network to which the container is attached.


network {
  ...
}

Attributes

Attribute
Description

ID id required type: string

ID of the network to attach the container to, specified in reference format. e.g. to attach to a network called `cloud`.

IPAddress ip_address type: string

Static IP address to assign container for the network, the ip address must be within range defined by the network subnet. If this parameter is omitted an IP address will be automatically assigned.

Aliases aliases type: []string

Aliases allow alternate names to specified for the container. Aliases can be used to reference a container across the network, the container will respond to ping and other network resolution using the primary assigned name `[name].container.shipyard.run` and the aliases.

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.

Attribute
Description

Name name type: string

Name will equal the name of the network as created by jumppad.

AssignedAddress assigned_address type: string

`assigned_address` will equal the assigned IP address for the network. This will equal ip_address if set; otherwise, this is the automatically assigned IP address.


Port

A port stanza defines host to container communications


container {
  port {
    ...
  }
}

Attributes

Attribute
Description

Local local required type: string

The local port in the container.

Host host type: string

The host port to map the local port to.

Protocol protocol type: string

The protocol to use when exposing the port, can be "tcp", or "udp".

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.


PortRange

A port_range stanza defines host to container communications by exposing a range of ports for the container.


container {
  port_range {
    ...
  }
}

Attributes

Attribute
Description

Range range required type: string

The port range to expose, e.g, `8080-8082` would expose the ports `8080`, `8081`, `8082`.

EnableHost enable_host type: bool

Expose the port range on the host.

Protocol protocol type: string

The protocol to use when exposing the port, can be "tcp", or "udp".

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.


Volume

A volume type allows the specification of an attached volume.


container {
  volume {
    ...
  }
}

Attributes

Attribute
Description

Source source required type: string

The source volume to mount in the container, can be specified as a relative `./` or absolute path `/usr/local/bin`. Relative paths are relative to the file declaring the container.

Destination destination required type: string

The destination in the container to mount the volume to, must be an absolute path.

Type type type: string

The type of the mount, can be one of the following values:

  • bind: bind the source path to the destination path in the container

  • volume: source is a Docker volume

  • tmpfs: create a temporary filesystem

ReadOnly read_only type: bool

Whether or not the volume is read only.

BindPropagation bind_propagation type: string

Configures bind propagation for Docker volume mounts, only applies to bind mounts, can be one of the following values:

  • shared

  • slave

  • private

  • rslave

  • rprivate

For more information please see the Docker documentation https://docs.docker.com/storage/bind-mounts/#configure-bind-propagation

BindPropagationNonRecursive bind_propagation_non_recursive type: bool

Configures recursiveness of the bind mount.

By default Docker mounts with the equivalent of mount --rbind meaning that mounts below the the source directory are visible in the container. or instance running docker run --rm --mount type=bind,src=/,target=/host,readonly busybox will make /run of the host available as/host/run in the container. To make matters even worse it will be writable (since only the toplevel bind is set readonly, not the children).

If bind_propagation_non_recursive is set to true then the container will only see an empty /host/run, meaning thetmpfs which is typically mounted to /run on the host is not propagated into the container.

SelinuxRelabel selinux_relabel type: string

Configures Selinux relabeling for the container (usually specified as :z or :Z) and can be one of the following values:

  • shared (Equivalent to :z)

  • private (Equivalent to :Z)

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.


Config


resource "nomad_cluster" "dev" {
  config {
    ...
  }
}

Attributes

Attribute
Description

Specifies configuration for the Docker driver.

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.


DockerConfig


resource "nomad_cluster" "dev" {
  config {
    docker {
      ...
    }
  }
}

Attributes

Attribute
Description

NoProxy no_proxy type: []string

NoProxy is a list of docker registires that should be excluded from the image cache

InsecureRegistries insecure_registries type: []string

InsecureRegistries is a list of docker registries that should be treated as insecure

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.

Examples

Minimal Example


resource "network" "cloud" {
  subnet = "10.10.0.0/16"
}

resource "nomad_cluster" "dev" {
  network {
    id = resource.network.cloud.meta.id
  }
}

Full Example


resource "network" "cloud" {
  subnet = "10.10.0.0/16"
}

resource "nomad_cluster" "dev" {
  client_nodes=3

  network {
    id = resource.network.cloud.meta.id
  }
}

resource "nomad_job" "example_1" {
  cluster = resource.nomad_cluster.dev

  paths = ["./app_config/example1.nomad"]

  health_check {
    timeout    = "60s"
    nomad_jobs = ["example_1"]
  }
}

resource "ingress" "fake_service_1" {
  port = 19090

  target {
    resource   = resource.nomad_cluster.dev
    named_port = "http"

    config = {
      job   = "example_1"
      group = "fake_service"
      task  = "fake_service"
    }
  }
}
PreviousNomadNextJob

Last updated 1 month ago

Volumes volume required type: block

Networks network required type: block

PortRanges port_range required type: block

Ports port required type: block

CopyImages copy_image required type: block

Image image type: block

Config config type: block

DockerConfig docker type: block

volume {
  source = "./mydirectory"
  destination = "/path_in_container"
}
network {
  id = resource.network.main.meta.id
}
port {
  range       = "80-90"
  enable_host = true
}
port {
  local = 80
  host  = 8080
}
copy_image {
  name = "mylocalimage:versoin"
}
datacenter = "east"
image {
  name = "example/nomad:latest"
}
client_config = <<-EOF
client {
  enabled = true
  server_join {
    retry_join = ["%s"]
  }
}

plugin "raw_exec" {
  config {
    enabled = true
  }
}
EOF
server_config = <<-EOF
server {
  enabled = true
  bootstrap_expect = 1
}

client {
  enabled = true
  meta {
    node_type = "server"
  }
}

plugin "raw_exec" {
  config {
    enabled = true
  }
}
EOF
environment = {
  something   = "PATH"
  other = "/usr/local/bin"
}
client_nodes = 3
consul_config = "./files/consul/config.hcl"
config {
  docker {
    no_proxy            = ["insecure.container.local.jmpd.in"]
    insecure_registries = ["insecure.container.local.jmpd.in:5003"]
  }
}
api_port = 14646
output "NOMAD_ADDR" {
  value = "http://${resource.nomad_cluster.dev.external_ip}:${resource.nomad_cluster.dev.api_port}"
}
// given the following resource
resource "container" "ubuntu" {
  ...
}

// the resulting id will be
resource.container.ubuntu
// given the following resource
resource "container" "ubuntu" {
  ...
}

// the resulting type will be
container
// given the following resource
resource "container" "ubuntu" {
  ...
}

// the resulting name will be
ubuntu
server.name.nomad-cluster.local.jmpd.in
[
  "abse42wsdff.client.name.nomad-cluster.local.jmpd.in",
  "kjdf23123.client.name.nomad-cluster.local.jmpd.in",
  "123dfkjs.client.name.nomad-cluster.local.jmpd.in",
]
name = "redis:latest"
username = "my_username"
password = "my_password"
id = resource.network.main.meta.id
ip_address = "10.0.5.24"
aliases = [
  "alt1.container.local.jmpd.in",
  "alt2.container.local.jmpd.in"
]
local = 80
host = 8080
protocol = "tcp"
range = "8080-8082"
enable_host = true
protocol = "tcp"
source = "./files/nginx"
destination = "/etc/nginx"
type = "bind"
read_only = true
bind_propagation = "shared"
bind_propagation_non_recursive = true
selinux_relabel = "shared"
docker {
  no_proxy            = ["insecure.container.local.jmpd.in"]
  insecure_registries = ["insecure.container.local.jmpd.in:5003"]
}
no_proxy = ["insecure.container.local.jmpd.in"]
insecure_registries = ["insecure.container.local.jmpd.in:5003"]
Volume
NetworkAttachment
PortRange
Port
Image
Image
Config
DockerConfig