github.com/maier/nomad@v0.4.1-0.20161110003312-a9e3d0b8549d/website/source/docs/agent/configuration/client.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "client Stanza - Agent Configuration" 4 sidebar_current: "docs-agent-configuration-client" 5 description: |- 6 The "client" stanza configures the Nomad agent to accept jobs as assigned by 7 the Nomad server, join the cluster, and specify driver-specific configuration. 8 --- 9 10 # `client` Stanza 11 12 <table class="table table-bordered table-striped"> 13 <tr> 14 <th width="120">Placement</th> 15 <td> 16 <code>**client**</code> 17 </td> 18 </tr> 19 </table> 20 21 The `client` stanza configures the Nomad agent to accept jobs as assigned by 22 the Nomad server, join the cluster, and specify driver-specific configuration. 23 24 ```hcl 25 client { 26 enabled = true 27 servers = ["1.2.3.4:4647", "5.6.7.8:4647"] 28 } 29 ``` 30 31 ## `client` Parameters 32 33 - `alloc_dir` `(string: "[data_dir]/alloc")` - Specifies the directory to use 34 for allocation data. By default, this is the top-level 35 [data_dir](/docs/agent/configuration/index.html#data_dir) suffixed with 36 "alloc", like `"/opt/nomad/alloc"`. This must be an absolute path 37 38 - `chroot_env` <code>([ChrootEnv](#chroot_env-parameters): nil)</code> - 39 Specifies a key-value mapping that defines the chroot environment for jobs 40 using the Exec and Java drivers. 41 42 - `enabled` `(bool: false)` - Specifies if client mode is enabled. All other 43 client configuration options depend on this value. 44 45 - `max_kill_timeout` `(string: "30s")` - Specifies the maximum amount of time a 46 job is allowed to wait to exit. Individual jobs may customize their own kill 47 timeout, but it may not exceed this value. 48 49 - `meta` <code>([Meta][]: nil)</code> - Specifies a key-value map that annotates 50 with user-defined metadata. 51 52 - `network_interface` `(string: "lo | lo0")` - Specifies the name of the 53 interface to force network fingerprinting on. This defaults to the loopback 54 interface. 55 56 - `network_speed` `(int: 100)` - Specifies the default link speed of network 57 interfaces, in megabits. Most clients can determine their speed automatically, 58 but will fallback to this value if they cannot. 59 60 - `node_class` `(string: "")` - Specifies an arbitrary string used to logically 61 group client nodes by user-defined class. This can be used during job 62 placement as a filter. 63 64 - `options` <code>([Options](#options-parameters): nil)</code> - Specifies a 65 key-value mapping of internal configuration for clients, such as for driver 66 configuration. 67 68 - `reserved` <code>([Reserved](#reserved-parameters): nil)</code> - Specifies 69 that Nomad should reserve a portion of the node's resources from receiving 70 tasks. This can be used to target a certain capacity usage for the node. For 71 example, 20% of the node's CPU could be reserved to target a CPU utilization 72 of 80%. 73 74 - `servers` `(array<string>: [])` - Specifies an array of addresses to the Nomad 75 servers this client should join. This list is used to register the client with 76 the server nodes and advertise the available resources so that the agent can 77 receive work. This may be specified as an IP address or DNS, with or without 78 the port. If the port is omitted, the default port of `4647` is used. 79 80 - `state_dir` `(string: "[data_dir]/client")` - Specifies the directory to use 81 to store client state. By default, this is - the top-level 82 [data_dir](/docs/agent/configuration/index.html#data_dir) suffixed with 83 "client", like `"/opt/nomad/client"`. This must be an absolute path. 84 85 ### `chroot_env` Parameters 86 87 Drivers based on [isolated fork/exec](/docs/drivers/exec.html) implement file 88 system isolation using chroot on Linux. The `chroot_env` map allows the chroot 89 environment to be configured using source paths on the host operating system. 90 The mapping format is: 91 92 ```text 93 source_path -> dest_path 94 ``` 95 96 The following example specifies a chroot which contains just enough to run the 97 `ls` utility: 98 99 ```hcl 100 client { 101 chroot_env { 102 "/bin/ls" = "/bin/ls" 103 "/etc/ld.so.cache" = "/etc/ld.so.cache" 104 "/etc/ld.so.conf" = "/etc/ld.so.conf" 105 "/etc/ld.so.conf.d" = "/etc/ld.so.conf.d" 106 "/lib" = "/lib" 107 "/lib64" = "/lib64" 108 } 109 } 110 ``` 111 112 When `chroot_env` is unspecified, the `exec` driver will use a default chroot 113 environment with the most commonly used parts of the operating system. Please 114 see the [Nomad `exec` driver documentation](/docs/drivers/exec.html#chroot) for 115 the full list. 116 117 ### `options` Parameters 118 119 The following is not an exhaustive list of options for only the Nomad 120 client. To find the options supported by each individual Nomad driver, please 121 see the [drivers documentation](/docs/drivers/index.html). 122 123 - `"driver.whitelist"` `(string: "")` - Specifies a comma-separated list of 124 whitelisted drivers . If specified, drivers not in the whitelist will be 125 disabled. If the whitelist is empty, all drivers are fingerprinted and enabled 126 where applicable. 127 128 ```hcl 129 client { 130 options = { 131 "driver.whitelist" = "docker,qemu" 132 } 133 } 134 ``` 135 136 - `"driver.blacklist"` `(string: "")` - Specifies a comma-separated list of 137 blacklisted drivers . If specified, drivers in the blacklist will be 138 disabled. 139 140 ```hcl 141 client { 142 options = { 143 "driver.blacklist" = "docker,qemu" 144 } 145 } 146 ``` 147 148 - `"env.blacklist"` `(string: see below)` - Specifies a comma-separated list of 149 environment variable keys not to pass to these tasks. Nomad passes the host 150 environment variables to `exec`, `raw_exec` and `java` tasks. If specified, 151 the defaults are overridden. If a value is provided, **all** defaults are 152 overridden (they are not merged). 153 154 ```hcl 155 client { 156 options = { 157 "env.blacklist" = "MY_CUSTOM_ENVVAR" 158 } 159 } 160 ``` 161 162 The default list is: 163 164 ```text 165 CONSUL_TOKEN 166 VAULT_TOKEN 167 ATLAS_TOKEN 168 AWS_ACCESS_KEY_ID 169 AWS_SECRET_ACCESS_KEY 170 AWS_SESSION_TOKEN 171 GOOGLE_APPLICATION_CREDENTIALS 172 ``` 173 174 - `"user.blacklist"` `(string: see below)` - Specifies a comma-separated 175 blacklist of usernames for which a task is not allowed to run. This only 176 applies if the driver is included in `"user.checked_drivers"`. If a value is 177 provided, **all** defaults are overridden (they are not merged). 178 179 ```hcl 180 client { 181 options = { 182 "user.blacklist" = "root,ubuntu" 183 } 184 } 185 ``` 186 187 The default list is: 188 189 ```text 190 root 191 Administrator 192 ``` 193 194 - `"user.checked_drivers"` `(string: see below)` - Specifies a comma-separated 195 list of drivers for which to enforce the `"user.blacklist"`. For drivers using 196 containers, this enforcement is usually unnecessary. If a value is provided, 197 **all** defaults are overridden (they are not merged). 198 199 ```hcl 200 client { 201 options = { 202 "user.checked_drivers" = "exec,raw_exec" 203 } 204 } 205 ``` 206 207 The default list is: 208 209 ```text 210 exec 211 qemu 212 java 213 ``` 214 215 - `"fingerprint.whitelist"` `(string: "")` - Specifies a comma-separated list of 216 whitelisted fingerprinters. If specified, any fingerprinters not in the 217 whitelist will be disabled. If the whitelist is empty, all fingerprinters are 218 used. 219 220 ```hcl 221 client { 222 options = { 223 "fingerprint.whitelist" = "network" 224 } 225 } 226 ``` 227 228 - `"fingerprint.blacklist"` `(string: "")` - Specifies a comma-separated list of 229 blacklisted fingerprinters. If specified, any fingerprinters in the blacklist 230 will be disabled. 231 232 ```hcl 233 client { 234 options = { 235 "fingerprint.blacklist" = "network" 236 } 237 } 238 ``` 239 240 ### `reserved` Parameters 241 242 - `cpu` `(int: 0)` - Specifies the amount of CPU to reserve, in MHz. 243 244 - `memory` `(int: 0)` - Specifies the amount of memory to reserve, in MB. 245 246 - `disk` `(int: 0)` - Specifies the amount of disk to reserve, in MB. 247 248 - `reserved_ports` `(string: "")` - Specifies a comma-separated list of ports to 249 reserve on all fingerprinted network devices. Ranges can be specified by using 250 a hyphen separated the two inclusive ends. 251 252 ## `client` Examples 253 254 ### Common Setup 255 256 This example shows the most basic configuration for a Nomad client joined to a 257 cluster. 258 259 ```hcl 260 client { 261 enabled = true 262 servers = ["1.2.3.4:4647", "5.6.7.8:4647"] 263 } 264 ``` 265 266 ### Reserved Resources 267 268 This example shows a sample configuration for reserving resources to the client. 269 This is useful if you want to allocate only a portion of the client's resources 270 to jobs. 271 272 ```hcl 273 client { 274 enabled = true 275 276 reserved { 277 cpu = 500 278 memory = 512 279 disk = 1024 280 reserved_ports = "22,80,8500-8600" 281 } 282 } 283 ``` 284 285 ### Custom Metadata, Network Speed, and Node Class 286 287 This example shows a client configuration which customizes the metadata, network 288 speed, and node class. 289 290 ```hcl 291 client { 292 enabled = true 293 network_speed = 500 294 node_class = "prod" 295 296 meta { 297 "owner" = "ops" 298 } 299 } 300 ``` 301 302 [meta]: /docs/job-specification/meta.html "Nomad meta Job Specification"