github.com/iqoqo/nomad@v0.11.3-0.20200911112621-d7021c74d101/website/pages/docs/enterprise/index.mdx (about)

     1  ---
     2  layout: docs
     3  page_title: Nomad Enterprise
     4  sidebar_title: Nomad Enterprise
     5  description: >-
     6    Nomad Enterprise adds operations, collaboration, and governance capabilities
     7    to Nomad.
     8  
     9    Features include Namespaces, Resource Quotas, Sentinel Policies, and Advanced
    10    Autopilot.
    11  ---
    12  
    13  # Nomad Enterprise
    14  
    15  Nomad Enterprise adds collaboration, operational, and governance capabilities to Nomad. Nomad Enterprise is available as a base Platform package with an optional Governance & Policy add-on module.
    16  
    17  Please navigate the sub-sections for more information about each package and its features in detail.
    18  
    19  ## Nomad Enterprise Platform
    20  
    21  Nomad Enterprise Platform enables operators to easily upgrade Nomad as well as enhances performance and availability through Advanced Autopilot features such as Automated Upgrades, Enhanced Read Scalability, and Redundancy Zones.
    22  
    23  ### Automated Upgrades
    24  
    25  Automated Upgrades allows operators to deploy a complete cluster of new servers and then simply wait for the upgrade to complete. As the new servers join the cluster, server logic checks the version of each Nomad server node. If the version is higher than the version on the current set of voters, it will avoid promoting the new servers to voters until the number of new servers matches the number of existing servers at the previous version. Once the numbers match, Nomad will begin to promote new servers and demote old ones.
    26  
    27  See the [Autopilot - Upgrade Migrations](https://learn.hashicorp.com/nomad/operating-nomad/autopilot#upgrade-migrations) documentation for a thorough overview.
    28  
    29  ### Enhanced Read Scalability
    30  
    31  This feature enables an operator to introduce non-voting server nodes to a Nomad cluster. Non-voting servers will receive the replication stream but will not take part in quorum (required by the leader before log entries can be committed). Adding explicit non-voters will scale reads and scheduling without impacting write latency.
    32  
    33  See the [Autopilot - Read Scalability](https://learn.hashicorp.com/nomad/operating-nomad/autopilot#server-read-and-scheduling-scaling) documentation for a thorough overview.
    34  
    35  ### Redundancy Zones
    36  
    37  Redundancy Zones enables an operator to deploy a non-voting server as a hot standby server on a per availability zone basis. For example, in an environment with three availability zones an operator can run one voter and one non-voter in each availability zone, for a total of six servers. If an availability zone is completely lost, only one voter will be lost, so the cluster remains available. If a voter is lost in an availability zone, Nomad will promote the non-voter to a voter automatically, putting the hot standby server into service quickly.
    38  
    39  See the [Autopilot - Redundancy Zones](https://learn.hashicorp.com/nomad/operating-nomad/autopilot#redundancy-zones) documentation for a thorough overview.
    40  
    41  ## Governance & Policy
    42  
    43  Governance & Policy features are part of an add-on module that enables an organization to securely operate Nomad at scale across multiple teams through features such as Audit Logging, Namespaces, Resource Quotas, Sentinel Policies, and Preemption.
    44  
    45  ### Audit Logging
    46  
    47  Secure clusters with enhanced risk management and operational traceability to fulfill compliance requirements. This Enterprise feature provides administrators with a complete set of records for all user-issued actions in Nomad.
    48  
    49  With Audit Logging, enterprises can now proactively identify access anomalies, ensure enforcement of their security policies, and diagnose cluster behavior by viewing preceding user operations.  Designed as an HTTP API based audit logging system, each audit event is captured with relevant request and response information in a JSON format that is easily digestibile and familiar to operators.
    50  
    51  See the [Audit Logging Documentation](/docs/configuration/audit) for a  thorough overview.
    52  
    53  ### Namespaces
    54  
    55  Namespaces enable multiple teams to safely use a shared multi-region Nomad environment and reduce cluster fleet size. In Nomad Enterprise, a shared cluster can be partitioned into multiple namespaces which allow jobs and their associated objects to be isolated from each other and other users of the cluster.
    56  
    57  Namespaces enhance the usability of a shared cluster by isolating teams from the jobs of others, by providing fine grain access control to jobs when coupled with ACLs, and by preventing bad actors from negatively impacting the whole cluster.
    58  
    59  See the [Namespaces Guide](https://learn.hashicorp.com/nomad/governance-and-policy/namespaces) for a thorough overview.
    60  
    61  ### Resource Quotas
    62  
    63  Resource Quotas enable an operator to limit resource consumption across teams or projects to reduce waste and align budgets. In Nomad Enterprise, operators can define quota specifications and apply them to namespaces. When a quota is attached to a namespace, the jobs within the namespace may not consume more resources than the quota specification allows.
    64  
    65  This allows operators to partition a shared cluster and ensure that no single actor can consume the whole resources of the cluster.
    66  
    67  See the [Resource Quotas Guide](https://learn.hashicorp.com/nomad/governance-and-policy/quotas) for a thorough overview.
    68  
    69  ### Sentinel Policies
    70  
    71  In Nomad Enterprise, operators can create Sentinel policies for fine-grained policy enforcement. Sentinel policies build on top of the ACL system and allow operators to define policies such as disallowing jobs to be submitted to production on Fridays or only allowing users to run jobs that use pre-authorized Docker images. Sentinel policies are defined as code, giving operators considerable flexibility to meet compliance requirements.
    72  
    73  See the [Sentinel Policies Guide](https://learn.hashicorp.com/nomad/governance-and-policy/sentinel) for a thorough overview.
    74  
    75  ### Preemption
    76  
    77  When a Nomad cluster is at capacity for a given set of placement constraints, any allocations that result from a newly scheduled service or batch job will remain in the pending state until sufficient resources become available - regardless of the defined priority.
    78  
    79  Preemption enables Nomad's scheduler to automatically evict lower priority allocations of service and batch jobs so that allocations from higher priority jobs can be placed. This behavior ensures that critical workloads can run when resources are limited or when partial outages require workloads to be rescheduled across a smaller set of client nodes.
    80  
    81  ## Try Nomad Enterprise
    82  
    83  Click [here](https://www.hashicorp.com/go/nomad-enterprise) to set up a demo or request a trial
    84  of Nomad Enterprise.