github.com/smintz/nomad@v0.8.3/website/source/docs/agent/configuration/index.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "Agent Configuration" 4 sidebar_current: "docs-agent-configuration" 5 description: |- 6 Learn about the configuration options available for the Nomad agent. 7 --- 8 9 # Agent Configuration 10 11 Nomad agents have a variety of parameters that can be specified via 12 configuration files or command-line flags. Configuration files are written in 13 [HCL][hcl]. Nomad can read and combine parameters from multiple configuration 14 files or directories to configure the Nomad agent. 15 16 ## Load Order and Merging 17 18 The Nomad agent supports multiple configuration files, which can be provided 19 using the `-config` CLI flag. The flag can accept either a file or folder: 20 21 ```shell 22 $ nomad agent -config=server.conf -config=/etc/nomad -config=extra.json 23 ``` 24 25 This will load configuration from `server.conf`, from `.hcl` and `.json` files 26 under `/etc/nomad`, and finally from `extra.json`. Files are loaded and merged 27 in lexicographical order. Directories are not loaded recursively. 28 29 As each file is processed, its contents are merged into the existing 30 configuration. When merging, any non-empty values from the latest config file 31 will append or replace parameters in the current configuration. An empty value 32 means `""` for strings, `0` for integer or float values, and `false` for 33 booleans. Since empty values are ignored you cannot disable an parameter like 34 `server` mode once you've enabled it. 35 36 Here is an example Nomad agent configuration that runs in both client and server 37 mode. 38 39 ```hcl 40 data_dir = "/var/lib/nomad" 41 42 bind_addr = "0.0.0.0" # the default 43 44 advertise { 45 # Defaults to the first private IP address. 46 http = "1.2.3.4" 47 rpc = "1.2.3.4" 48 serf = "1.2.3.4:5648" # non-default ports may be specified 49 } 50 51 server { 52 enabled = true 53 bootstrap_expect = 3 54 } 55 56 client { 57 enabled = true 58 network_speed = 10 59 options { 60 "driver.raw_exec.enable" = "1" 61 } 62 } 63 64 consul { 65 address = "1.2.3.4:8500" 66 } 67 68 ``` 69 70 ~> Note that it is strongly recommended **not** to operate a node as both 71 `client` and `server`, although this is supported to simplify development and 72 testing. 73 74 ## General Parameters 75 76 - `acl` <code>([ACL][acl]: nil)</code> - Specifies configuration which is specific to ACLs. 77 78 - `addresses` `(Addresses: see below)` - Specifies the bind address for 79 individual network services. Any values configured in this stanza take 80 precedence over the default [bind_addr](#bind_addr). 81 The values support [go-sockaddr/template format][go-sockaddr/template]. 82 83 - `http` - The address the HTTP server is bound to. This is the most common 84 bind address to change. 85 86 - `rpc` - The address to bind the internal RPC interfaces to. Should be 87 exposed only to other cluster members if possible. 88 89 - `serf` - The address used to bind the gossip layer to. Both a TCP and UDP 90 listener will be exposed on this address. Should be exposed only to other 91 cluster members if possible. 92 93 - `advertise` `(Advertise: see below)` - Specifies the advertise address for 94 individual network services. This can be used to advertise a different address 95 to the peers of a server or a client node to support more complex network 96 configurations such as NAT. This configuration is optional, and defaults to 97 the bind address of the specific network service if it is not provided. Any 98 values configured in this stanza take precedence over the default 99 [bind_addr](#bind_addr). 100 101 If the bind address is `0.0.0.0` then the address 102 private IP found is advertised. You may advertise an alternate port as well. 103 The values support [go-sockaddr/template format][go-sockaddr/template]. 104 105 - `http` - The address to advertise for the HTTP interface. This should be 106 reachable by all the nodes from which end users are going to use the Nomad 107 CLI tools. 108 109 - `rpc` - The address advertised to Nomad client nodes. This allows 110 advertising a different RPC address than is used by Nomad Servers such that 111 the clients can connect to the Nomad servers if they are behind a NAT. 112 113 - `serf` - The address advertised for the gossip layer. This address must be 114 reachable from all server nodes. It is not required that clients can reach 115 this address. Nomad servers will communicate to each other over RPC using 116 the advertised Serf IP and advertised RPC Port. 117 118 - `bind_addr` `(string: "0.0.0.0")` - Specifies which address the Nomad 119 agent should bind to for network services, including the HTTP interface as 120 well as the internal gossip protocol and RPC mechanism. This should be 121 specified in IP format, and can be used to easily bind all network services to 122 the same address. It is also possible to bind the individual services to 123 different addresses using the [addresses](#addresses) configuration option. 124 Dev mode (`-dev`) defaults to localhost. 125 The value supports [go-sockaddr/template format][go-sockaddr/template]. 126 127 - `client` <code>([Client][client]: nil)</code> - Specifies configuration which is specific to the Nomad client. 128 129 - `consul` <code>([Consul][consul]: nil)</code> - Specifies configuration for 130 connecting to Consul. 131 132 - `datacenter` `(string: "dc1")` - Specifies the data center of the local agent. 133 All members of a datacenter should share a local LAN connection. 134 135 - `data_dir` `(string: required)` - Specifies a local directory used to store 136 agent state. Client nodes use this directory by default to store temporary 137 allocation data as well as cluster information. Server nodes use this 138 directory to store cluster state, including the replicated log and snapshot 139 data. This must be specified as an absolute path. 140 141 - `disable_anonymous_signature` `(bool: false)` - Specifies if Nomad should 142 provide an anonymous signature for de-duplication with the update check. 143 144 - `disable_update_check` `(bool: false)` - Specifies if Nomad should not check for updates and security bulletins. 145 146 - `enable_debug` `(bool: false)` - Specifies if the debugging HTTP endpoints 147 should be enabled. These endpoints can be used with profiling tools to dump 148 diagnostic information about Nomad's internals. 149 150 - `enable_syslog` `(bool: false)` - Specifies if the agent should log to syslog. 151 This option only works on Unix based systems. 152 153 - `http_api_response_headers` `(map<string|string>: nil)` - Specifies 154 user-defined headers to add to the HTTP API responses. 155 156 - `leave_on_interrupt` `(bool: false)` - Specifies if the agent should 157 gracefully leave when receiving the interrupt signal. By default, the agent 158 will exit forcefully on any signal. 159 160 - `leave_on_terminate` `(bool: false)` - Specifies if the agent should 161 gracefully leave when receiving the terminate signal. By default, the agent 162 will exit forcefully on any signal. 163 164 - `log_level` `(string: "INFO")` - Specifies the verbosity of logs the Nomad 165 agent will output. Valid log levels include `WARN`, `INFO`, or `DEBUG` in 166 increasing order of verbosity. 167 168 - `name` `(string: [hostname])` - Specifies the name of the local node. This 169 value is used to identify individual agents. When specified on a server, the 170 name must be unique within the region. 171 172 - `ports` `(Port: see below)` - Specifies the network ports used for different 173 services required by the Nomad agent. 174 175 - `http` - The port used to run the HTTP server. 176 177 - `rpc` - The port used for internal RPC communication between 178 agents and servers, and for inter-server traffic for the consensus algorithm 179 (raft). 180 181 - `serf` - The port used for the gossip protocol for cluster 182 membership. Both TCP and UDP should be routable between the server nodes on 183 this port. 184 185 The default values are: 186 187 ```hcl 188 ports { 189 http = 4646 190 rpc = 4647 191 serf = 4648 192 } 193 ``` 194 195 - `region` `(string: "global")` - Specifies the region the Nomad agent is a 196 member of. A region typically maps to a geographic region, for example `us`, 197 with potentially multiple zones, which map to [datacenters](#datacenter) such 198 as `us-west` and `us-east`. 199 200 - `sentinel` <code>([Sentinel][sentinel]: nil)</code> - Specifies configuration for Sentinel policies. 201 202 - `server` <code>([Server][server]: nil)</code> - Specifies configuration which is specific to the Nomad server. 203 204 - `syslog_facility` `(string: "LOCAL0")` - Specifies the syslog facility to write to. This has no effect unless `enable_syslog` is true. 205 206 - `tls` <code>([TLS][tls]: nil)</code> - Specifies configuration for TLS. 207 208 - `vault` <code>([Vault][vault]: nil)</code> - Specifies configuration for 209 connecting to Vault. 210 211 ## Examples 212 213 ### Custom Region and Datacenter 214 215 This example shows configuring a custom region and data center for the Nomad 216 agent: 217 218 ```hcl 219 region = "europe" 220 datacenter = "ams" 221 ``` 222 223 ### Enable CORS 224 225 This example shows how to enable CORS on the HTTP API endpoints: 226 227 ```hcl 228 http_api_response_headers { 229 "Access-Control-Allow-Origin" = "*" 230 } 231 ``` 232 233 [hcl]: https://github.com/hashicorp/hcl "HashiCorp Configuration Language" 234 [go-sockaddr/template]: https://godoc.org/github.com/hashicorp/go-sockaddr/template 235 [consul]: /docs/agent/configuration/consul.html "Nomad Agent consul Configuration" 236 [vault]: /docs/agent/configuration/vault.html "Nomad Agent vault Configuration" 237 [tls]: /docs/agent/configuration/tls.html "Nomad Agent tls Configuration" 238 [client]: /docs/agent/configuration/client.html "Nomad Agent client Configuration" 239 [sentinel]: /docs/agent/configuration/sentinel.html "Nomad Agent sentinel Configuration" 240 [server]: /docs/agent/configuration/server.html "Nomad Agent server Configuration" 241 [acl]: /docs/agent/configuration/acl.html "Nomad Agent ACL Configuration"