github.com/hspak/nomad@v0.7.2-0.20180309000617-bc4ae22a39a5/website/source/docs/agent/configuration/client.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "client Stanza - Agent Configuration" 4 sidebar_current: "docs-agent-configuration-client" 5 description: |- 6 The "client" stanza configures the Nomad agent to accept jobs as assigned by 7 the Nomad server, join the cluster, and specify driver-specific configuration. 8 --- 9 10 # `client` Stanza 11 12 <table class="table table-bordered table-striped"> 13 <tr> 14 <th width="120">Placement</th> 15 <td> 16 <code>**client**</code> 17 </td> 18 </tr> 19 </table> 20 21 The `client` stanza configures the Nomad agent to accept jobs as assigned by 22 the Nomad server, join the cluster, and specify driver-specific configuration. 23 24 ```hcl 25 client { 26 enabled = true 27 servers = ["1.2.3.4:4647", "5.6.7.8:4647"] 28 } 29 ``` 30 31 ## `client` Parameters 32 33 - `alloc_dir` `(string: "[data_dir]/alloc")` - Specifies the directory to use 34 for allocation data. By default, this is the top-level 35 [data_dir](/docs/agent/configuration/index.html#data_dir) suffixed with 36 "alloc", like `"/opt/nomad/alloc"`. This must be an absolute path 37 38 - `chroot_env` <code>([ChrootEnv](#chroot_env-parameters): nil)</code> - 39 Specifies a key-value mapping that defines the chroot environment for jobs 40 using the Exec and Java drivers. 41 42 - `enabled` `(bool: false)` - Specifies if client mode is enabled. All other 43 client configuration options depend on this value. 44 45 - `max_kill_timeout` `(string: "30s")` - Specifies the maximum amount of time a 46 job is allowed to wait to exit. Individual jobs may customize their own kill 47 timeout, but it may not exceed this value. 48 49 - `meta` `(map[string]string: nil)` - Specifies a key-value map that annotates 50 with user-defined metadata. 51 52 - `network_interface` `(string: varied)` - Specifies the name of the interface 53 to force network fingerprinting on. When run in dev mode, this defaults to the 54 loopback interface. When not in dev mode, the interface attached to the 55 default route is used. All IP addresses except those scoped local for IPV6 on 56 the chosen interface are fingerprinted. The scheduler chooses from those IP 57 addresses when allocating ports for tasks. 58 59 - `network_speed` `(int: 0)` - Specifies an override for the network link speed. 60 This value, if set, overrides any detected or defaulted link speed. Most 61 clients can determine their speed automatically, and thus in most cases this 62 should be left unset. 63 64 - `cpu_total_compute` `(int: 0)` - Specifies an override for the total CPU 65 compute. This value should be set to `# Cores * Core MHz`. For example, a 66 quad-core running at 2 GHz would have a total compute of 8000 (4 * 2000). Most 67 clients can determine their total CPU compute automatically, and thus in most 68 cases this should be left unset. 69 70 - `node_class` `(string: "")` - Specifies an arbitrary string used to logically 71 group client nodes by user-defined class. This can be used during job 72 placement as a filter. 73 74 - `options` <code>([Options](#options-parameters): nil)</code> - Specifies a 75 key-value mapping of internal configuration for clients, such as for driver 76 configuration. 77 78 - `reserved` <code>([Reserved](#reserved-parameters): nil)</code> - Specifies 79 that Nomad should reserve a portion of the node's resources from receiving 80 tasks. This can be used to target a certain capacity usage for the node. For 81 example, 20% of the node's CPU could be reserved to target a CPU utilization 82 of 80%. 83 84 - `servers` `(array<string>: [])` - Specifies an array of addresses to the Nomad 85 servers this client should join. This list is used to register the client with 86 the server nodes and advertise the available resources so that the agent can 87 receive work. This may be specified as an IP address or DNS, with or without 88 the port. If the port is omitted, the default port of `4647` is used. 89 90 - `state_dir` `(string: "[data_dir]/client")` - Specifies the directory to use 91 to store client state. By default, this is - the top-level 92 [data_dir](/docs/agent/configuration/index.html#data_dir) suffixed with 93 "client", like `"/opt/nomad/client"`. This must be an absolute path. 94 95 - `gc_interval` `(string: "1m")` - Specifies the interval at which Nomad 96 attempts to garbage collect terminal allocation directories. 97 98 - `gc_disk_usage_threshold` `(float: 80)` - Specifies the disk usage percent which 99 Nomad tries to maintain by garbage collecting terminal allocations. 100 101 - `gc_inode_usage_threshold` `(float: 70)` - Specifies the inode usage percent 102 which Nomad tries to maintain by garbage collecting terminal allocations. 103 104 - `gc_max_allocs` `(int: 50)` - Specifies the maximum number of allocations 105 which a client will track before triggering a garbage collection of terminal 106 allocations. This will *not* limit the number of allocations a node can run at 107 a time, however after `gc_max_allocs` every new allocation will cause terminal 108 allocations to be GC'd. 109 110 - `gc_parallel_destroys` `(int: 2)` - Specifies the maximum number of 111 parallel destroys allowed by the garbage collector. This value should be 112 relatively low to avoid high resource usage during garbage collections. 113 114 - `no_host_uuid` `(bool: true)` - By default a random node UUID will be 115 generated, but setting this to `false` will use the system's UUID. Before 116 Nomad 0.6 the default was to use the system UUID. 117 118 ### `chroot_env` Parameters 119 120 Drivers based on [isolated fork/exec](/docs/drivers/exec.html) implement file 121 system isolation using chroot on Linux. The `chroot_env` map allows the chroot 122 environment to be configured using source paths on the host operating system. 123 The mapping format is: 124 125 ```text 126 source_path -> dest_path 127 ``` 128 129 The following example specifies a chroot which contains just enough to run the 130 `ls` utility: 131 132 ```hcl 133 client { 134 chroot_env { 135 "/bin/ls" = "/bin/ls" 136 "/etc/ld.so.cache" = "/etc/ld.so.cache" 137 "/etc/ld.so.conf" = "/etc/ld.so.conf" 138 "/etc/ld.so.conf.d" = "/etc/ld.so.conf.d" 139 "/lib" = "/lib" 140 "/lib64" = "/lib64" 141 } 142 } 143 ``` 144 145 When `chroot_env` is unspecified, the `exec` driver will use a default chroot 146 environment with the most commonly used parts of the operating system. Please 147 see the [Nomad `exec` driver documentation](/docs/drivers/exec.html#chroot) for 148 the full list. 149 150 ### `options` Parameters 151 152 The following is not an exhaustive list of options for only the Nomad 153 client. To find the options supported by each individual Nomad driver, please 154 see the [drivers documentation](/docs/drivers/index.html). 155 156 - `"driver.whitelist"` `(string: "")` - Specifies a comma-separated list of 157 whitelisted drivers . If specified, drivers not in the whitelist will be 158 disabled. If the whitelist is empty, all drivers are fingerprinted and enabled 159 where applicable. 160 161 ```hcl 162 client { 163 options = { 164 "driver.whitelist" = "docker,qemu" 165 } 166 } 167 ``` 168 169 - `"driver.blacklist"` `(string: "")` - Specifies a comma-separated list of 170 blacklisted drivers . If specified, drivers in the blacklist will be 171 disabled. 172 173 ```hcl 174 client { 175 options = { 176 "driver.blacklist" = "docker,qemu" 177 } 178 } 179 ``` 180 181 - `"env.blacklist"` `(string: see below)` - Specifies a comma-separated list of 182 environment variable keys not to pass to these tasks. Nomad passes the host 183 environment variables to `exec`, `raw_exec` and `java` tasks. If specified, 184 the defaults are overridden. If a value is provided, **all** defaults are 185 overridden (they are not merged). 186 187 ```hcl 188 client { 189 options = { 190 "env.blacklist" = "MY_CUSTOM_ENVVAR" 191 } 192 } 193 ``` 194 195 The default list is: 196 197 ```text 198 CONSUL_TOKEN 199 VAULT_TOKEN 200 AWS_ACCESS_KEY_ID 201 AWS_SECRET_ACCESS_KEY 202 AWS_SESSION_TOKEN 203 GOOGLE_APPLICATION_CREDENTIALS 204 ``` 205 206 - `"user.blacklist"` `(string: see below)` - Specifies a comma-separated 207 blacklist of usernames for which a task is not allowed to run. This only 208 applies if the driver is included in `"user.checked_drivers"`. If a value is 209 provided, **all** defaults are overridden (they are not merged). 210 211 ```hcl 212 client { 213 options = { 214 "user.blacklist" = "root,ubuntu" 215 } 216 } 217 ``` 218 219 The default list is: 220 221 ```text 222 root 223 Administrator 224 ``` 225 226 - `"user.checked_drivers"` `(string: see below)` - Specifies a comma-separated 227 list of drivers for which to enforce the `"user.blacklist"`. For drivers using 228 containers, this enforcement is usually unnecessary. If a value is provided, 229 **all** defaults are overridden (they are not merged). 230 231 ```hcl 232 client { 233 options = { 234 "user.checked_drivers" = "exec,raw_exec" 235 } 236 } 237 ``` 238 239 The default list is: 240 241 ```text 242 exec 243 qemu 244 java 245 ``` 246 247 - `"fingerprint.whitelist"` `(string: "")` - Specifies a comma-separated list of 248 whitelisted fingerprinters. If specified, any fingerprinters not in the 249 whitelist will be disabled. If the whitelist is empty, all fingerprinters are 250 used. 251 252 ```hcl 253 client { 254 options = { 255 "fingerprint.whitelist" = "network" 256 } 257 } 258 ``` 259 260 - `"fingerprint.blacklist"` `(string: "")` - Specifies a comma-separated list of 261 blacklisted fingerprinters. If specified, any fingerprinters in the blacklist 262 will be disabled. 263 264 ```hcl 265 client { 266 options = { 267 "fingerprint.blacklist" = "network" 268 } 269 } 270 ``` 271 272 - `"fingerprint.network.disallow_link_local"` `(string: "false")` - Specifies 273 whether the network fingerprinter should ignore link-local addresses in the 274 case that no globally routable address is found. The fingerprinter will always 275 prefer globally routable addresses. 276 277 ```hcl 278 client { 279 options = { 280 "fingerprint.network.disallow_link_local" = "true" 281 } 282 } 283 ``` 284 285 ### `reserved` Parameters 286 287 - `cpu` `(int: 0)` - Specifies the amount of CPU to reserve, in MHz. 288 289 - `memory` `(int: 0)` - Specifies the amount of memory to reserve, in MB. 290 291 - `disk` `(int: 0)` - Specifies the amount of disk to reserve, in MB. 292 293 - `reserved_ports` `(string: "")` - Specifies a comma-separated list of ports to 294 reserve on all fingerprinted network devices. Ranges can be specified by using 295 a hyphen separated the two inclusive ends. 296 297 ## `client` Examples 298 299 ### Common Setup 300 301 This example shows the most basic configuration for a Nomad client joined to a 302 cluster. 303 304 ```hcl 305 client { 306 enabled = true 307 servers = ["1.2.3.4:4647", "5.6.7.8:4647"] 308 } 309 ``` 310 311 ### Reserved Resources 312 313 This example shows a sample configuration for reserving resources to the client. 314 This is useful if you want to allocate only a portion of the client's resources 315 to jobs. 316 317 ```hcl 318 client { 319 enabled = true 320 321 reserved { 322 cpu = 500 323 memory = 512 324 disk = 1024 325 reserved_ports = "22,80,8500-8600" 326 } 327 } 328 ``` 329 330 ### Custom Metadata, Network Speed, and Node Class 331 332 This example shows a client configuration which customizes the metadata, network 333 speed, and node class. 334 335 ```hcl 336 client { 337 enabled = true 338 network_speed = 500 339 node_class = "prod" 340 341 meta { 342 "owner" = "ops" 343 } 344 } 345 ```