SlideShare a Scribd company logo

10 things i learned building nomad-packs

Bram Vogelaar
Bram Vogelaar

This document discusses Nomad packs, which are a templating and packaging tool for easily deploying popular applications to Nomad. Key points include: - Nomad packs use HashiCorp Configuration Language (HCL) templates and Go template syntax to define jobs. - Pack structure includes templates, variables, metadata, and output files. Common patterns can be abstracted and reused across packs. - Packs can be run via the nomad-pack CLI and support variables, registries for finding packs, and CI/CD workflows. - The author discusses ideas for the future including pre-commit hooks, locals support, meta packages, and dependency health checks.

Technology
1 of 26
Download to read offline
10 things i learned building Nomad packs Bram Vogelaar @attachmentgenie
Confidential and Proprietary ~ ❯ whoami => Bram Vogelaar • Used to be a Molecular Biologist • Then became a Dev, now an Ops • Currently Cloud Engineer @ The Factory • Amsterdam HUG organizer
Confidential and Proprietary Nomad • Open-source tool for dynamic workload scheduling • Batch, containerized, and non-containerized applications. • Has native Consul and Vault integrations. • Has token based access setup. • Jobs written in (H)ashiCorp (C)onfiguration (L)anguage https://www.nomadproject.io/
Confidential and Proprietary Nomad Job Structure job "lorem-ipsum" { group ”frontend" { network { port "http" { to = ”3000” } } service { name = ”lorem" port. = ”http" } task "server" { driver = "docker" config { image = ”cicero/lorem-ipsum:v1.0.0" ports = ["http"] } } }
Confidential and Proprietary Surprisingly Dynamic job "lorem-ipsum" { group ”frontend" { network { port "http" { to = ”3000” } } service { name = ”lorem" port. = ”http" } task "server" { driver = "docker" config { image = ”cicero/lorem-ipsum:v1.0.0" ports = ["http"] } } }
Confidential and Proprietary Incredibly Dynamic ● Data Centers ● Region ● Namespace ● Constraints ● Count ● Restart Configuration ● Network ● Volumes ● Service Checks ● Consul Connect ● Resource Limits ● Artifacts ● Templates ● Autoscaler Configuration
Confidential and Proprietary UX Pyramid
Confidential and Proprietary Nomad Pack • Templating and Packaging tool • Easily deploy popular applications to Nomad • Re-use common patterns across internal applications • Find and share job definitions with the Nomad community • Jobs written in (H)ashiCorp (C)onfiguration (L)anguage • Templates are written using Go Template Syntax. • Nightlies only right now! https://github.com/hashicorp/nomad-pack
Confidential and Proprietary Pack Registries $ nomad-pack registry list $ nomad-pack registry add o11y https://github.com/attachmentgenie/nomad-pack-o11y-registry $ nomad-pack run grafana --var job_name=dashboard --registry=o11y $ nomad-pack run packs/grafana -f vars/grafana.hcl –f vars/lab.hcl https://github.com/hashicorp/nomad-pack-o11y-registry
Confidential and Proprietary Default Registry $ nomad-pack registry list PACK NAME | REF | METADATA VERSION | REGISTRY | REGISTRY URL -----------------------------+--------+------------------+-----------------+----------------------------- alertmanager | latest | 0.0.1 | default | github.com/hashicorp aws_efs_csi | latest | 0.0.1 | default | github.com/hashicorp mkdir –p $HOME/.nomad/packs/default on offline systems!
Confidential and Proprietary Pack Structure lorem-ipsum ❯ tree |-- CHANGELOG.md |-- README.md |-- metadata.hcl |-- outputs.tpl |-- templates | |-- _helpers.tpl | `-- lorem-ipsum.nomad.tpl `-- variables.hcl 1 directory, 7 files
Confidential and Proprietary metadata.hcl app { url = "https://grafana.com/" author = "Grafana Labs" } pack { name = "grafana" description = "Grafana is a multi-platform open source analytics and interactive visualization tool." url = "https://github.com/attachmentgenie/nomad-pack-o11y-registry/grafana" version = "0.1.0" }
Confidential and Proprietary variables.hcl variable "datacenters" { description = "A list of datacenters in the region which are eligible for task placement" type = list(string) default = [“dc1”] } Variable “resources” { description = “The resource to assign to the Grafana service task” type = object({ cpu = number memory = number }) default = { cpu = 200, memory = 256 } }
Confidential and Proprietary Pack Templates $ cat packs/grafana/templates/grafana.nomad.tpl …. datacenters = [[ .my.datacenters | toStringList ]] … resources { cpu = [[ .my.grafana_resources.cpu ]] memory = [[ .my.grafana_resources.memory ]] } … https://github.com/hashicorp/nomad-pack-community-registry
Confidential and Proprietary CI-CD $ nomad-pack plan packs/loki --var version=vX.Y.Z -f vars/loki.hcl +/- Job: "loki" + VaultToken: "s.IJcEJqpsCkGU0mfY3GmnCLSd" +/- Task Group: "loki" (1 create, 2 in-place update) +/- Count: "2" => "3" (forces create) Task: "connect-proxy-loki" Task: "server" » Scheduler dry-run: - All tasks successfully allocated. Plan succeeded $ nomad-pack nomad-pack run packs/loki --var version=vX.Y.Z -f vars/loki.hcl
Confidential and Proprietary CI-CD Paranoid Version $ nomad-pack render packs/loki --var version=vX.Y.Z -f vars/loki.hcl -o $WORKSPACE/render $ nomad run $WORKSPACE/render/loki/loki.nomad https://github.com/marketplace/actions/setup-hashicorp-nomad-pack
Confidential and Proprietary Nomad UI
Confidential and Proprietary Helper template $ cat packs/grafana/templates/grafana.nomad.tpl job [[ template "job_name" . ]] { [[ template "region" . ]] [[ template "namespace" . ]] …. $ cat packs/grafana/templates/_helpers.tpl … [[- define "job_name" -]] [[- if eq .grafana.job_name "" -]] [[- .nomad_pack.pack.name | quote -]] [[- else -]] [[- .grafana.job_name | quote -]] [[- end -]] [[- end -]] …
Confidential and Proprietary Abstracting away boring repetitive bits $ cat packs/grafana/templates/_helpers.tpl … [[ define "resources" -]] [[- $resources := . ]] resources { cpu = [[ $resources.cpu ]] memory = [[ $resources.memory ]] } [[- end ]] … $ cat packs/grafana/templates/grafana.nomad.tpl … [[ template " resources " . ]] …
Confidential and Proprietary Abstracting away boring repetitive bits $ cat packs/grafana/templates/_resources.tpl … [[ define "resources" -]] [[- $resources := . ]] resources { cpu = [[ $resources.cpu ]] memory = [[ $resources.memory ]] } [[- end ]] … $ cat packs/grafana/templates/grafana.nomad.tpl … [[ template " resources " . ]] …
Confidential and Proprietary Abstracting away boring repetitive bits $ cat packs/grafana/metadata.hcl … dependency ”hashitalks_helpers" { name = "hashitalks_helpers" source = "https://github.com/attachmentgenie/hashitalks-registry/helpers" } $ cat packs/grafana/templates/grafana.nomad.tpl … [[ template "hashitalks_helpers .resources" . ]] …
Confidential and Proprietary Wishlist: pre-commit-nomad Currently no clear alternatives/equivalents for: Terraform_docs Terraform_fmt Terraform_tflint Terraform_validate Terrascan
Confidential and Proprietary Wishlist: Locals network { mode = "bridge" port "mysql" { to = 3306 <- local.mysql_port } } [[ if .my.register_consul_service ]] service { name = "[[ .my.consul_service_name ]]" tags = [[ .my.consul_service_tags | toStringList ]] port = "mysql" connect { sidecar_service { tags = [""] proxy { local_service_port = 3306 <- local.mysql_port …
Confidential and Proprietary Wishlist: Meta package support $ cat deploy.sh #!/bin/bash set -e nomad-pack run minio -f vars/minio.hcl -f vars/lab.hcl --registry=attachmentgenie nomad-pack run packs/loki -f vars/loki.hcl -f vars/lab.hcl nomad-pack run packs/mimir -f vars/mimir.hcl -f vars/lab.hcl nomad-pack run packs/phlare -f vars/phlare.hcl -f vars/lab.hcl nomad-pack run packs/tempo -f vars/tempo.hcl -f vars/lab.hcl nomad-pack run packs/grafana -f vars/grafana.hcl -f vars/lab.hcl nomad-pack run redis -f vars/redis.hcl -f vars/lab.hcl --registry=attachmentgenie nomad-pack run packs/grafana_oncall -f vars/grafana_oncall.hcl -f vars/lab.hcl nomad-pack run packs/prometheus -f vars/prometheus.hcl -f vars/lab.hcl nomad-pack run packs/promlens -f vars/promlens.hcl -f vars/lab.hcl
Confidential and Proprietary Wishlist: Dependency health checks $ cat deploy.sh #!/bin/bash set -e export NOMAD_ADDR=http://192.168.1.30:4646/ui/jobs wait-for-url() { echo "Testing $1" timeout -s TERM 45 bash -c 'while [[ "$(curl -s -o /dev/null -L -w ''%{http_code}'' ${0})" != "200" ]]; do echo "Waiting for ${0}" && sleep 2; done' ${1} echo "OK!" } nomad-pack run minio -f vars/minio.hcl -f vars/lab.hcl --registry=attachmentgenie wait-for-url https://s3.teambla.dev/minio/health/live nomad-pack run packs/loki -f vars/loki.hcl -f vars/lab.hcl
Questions Before Takeoff? bram@attachmentgenie.com @attachmentgenie https://www.slideshare.net/attachmentgenie

Recommended

Easy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp NomadEasy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp Nomad
Bram Vogelaar
 
10 things I learned building Nomad packs
10 things I learned building Nomad packs10 things I learned building Nomad packs
10 things I learned building Nomad packs
Bram Vogelaar
 
Uncomplicated Nomad
Uncomplicated NomadUncomplicated Nomad
Uncomplicated Nomad
Bram Vogelaar
 
CICD using jenkins and Nomad
CICD using jenkins and NomadCICD using jenkins and Nomad
CICD using jenkins and Nomad
Bram Vogelaar
 
Consul
ConsulConsul
Consul
Ariel Moskovich
 
Observability with Consul Connect
Observability with Consul ConnectObservability with Consul Connect
Observability with Consul Connect
Bram Vogelaar
 
Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)
Marco Pas
 
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 

Recommended

Easy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp NomadEasy Cloud Native Transformation using HashiCorp Nomad
Easy Cloud Native Transformation using HashiCorp Nomad
Bram Vogelaar
 
10 things I learned building Nomad packs
10 things I learned building Nomad packs10 things I learned building Nomad packs
10 things I learned building Nomad packs
Bram Vogelaar
 
Uncomplicated Nomad
Uncomplicated NomadUncomplicated Nomad
Uncomplicated Nomad
Bram Vogelaar
 
CICD using jenkins and Nomad
CICD using jenkins and NomadCICD using jenkins and Nomad
CICD using jenkins and Nomad
Bram Vogelaar
 
Consul
ConsulConsul
Consul
Ariel Moskovich
 
Observability with Consul Connect
Observability with Consul ConnectObservability with Consul Connect
Observability with Consul Connect
Bram Vogelaar
 
Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)
Marco Pas
 
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 
OpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - MasakariOpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - Masakari
masahito12
 
Securing Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp VaultSecuring Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp Vault
Bram Vogelaar
 
Prometheus and Grafana
Prometheus and GrafanaPrometheus and Grafana
Prometheus and Grafana
Lhouceine OUHAMZA
 
Introduction to Prometheus
Introduction to PrometheusIntroduction to Prometheus
Introduction to Prometheus
Julien Pivotto
 
Distributed tracing using open tracing &amp; jaeger 2
Distributed tracing using open tracing &amp; jaeger 2Distributed tracing using open tracing &amp; jaeger 2
Distributed tracing using open tracing &amp; jaeger 2
Chandresh Pancholi
 
Advanced Postgres Monitoring
Advanced Postgres MonitoringAdvanced Postgres Monitoring
Advanced Postgres Monitoring
Denish Patel
 
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdfOSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
NETWAYS
 
Ninja
NinjaNinja
Ninja
Ji Hun Kim
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomad
Bram Vogelaar
 
Grafana Loki: like Prometheus, but for Logs
Grafana Loki: like Prometheus, but for LogsGrafana Loki: like Prometheus, but for Logs
Grafana Loki: like Prometheus, but for Logs
Marco Pracucci
 
Introduction to Apache ActiveMQ Artemis
Introduction to Apache ActiveMQ ArtemisIntroduction to Apache ActiveMQ Artemis
Introduction to Apache ActiveMQ Artemis
Yoshimasa Tanabe
 
OpenStack Kolla Introduction
OpenStack Kolla IntroductionOpenStack Kolla Introduction
OpenStack Kolla Introduction
Daneyon Hansen
 
Monitoring with Prometheus
Monitoring with PrometheusMonitoring with Prometheus
Monitoring with Prometheus
Shiao-An Yuan
 
Using Ansible at Scale to Manage a Public Cloud
Using Ansible at Scale to Manage a Public CloudUsing Ansible at Scale to Manage a Public Cloud
Using Ansible at Scale to Manage a Public Cloud
Jesse Keating
 
FreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxFreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of Linux
Julian Catrambone
 
Observability; a gentle introduction
Observability; a gentle introductionObservability; a gentle introduction
Observability; a gentle introduction
Bram Vogelaar
 
Getting Started with Consul
Getting Started with ConsulGetting Started with Consul
Getting Started with Consul
Ramit Surana
 
Jfrog artifactory artifact management c tamilmaran presentation - copy
Jfrog artifactory artifact management c tamilmaran presentation - copyJfrog artifactory artifact management c tamilmaran presentation - copy
Jfrog artifactory artifact management c tamilmaran presentation - copy
TAMILMARAN C
 
Easy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with NomadEasy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with Nomad
Bram Vogelaar
 
Nginx Essential
Nginx EssentialNginx Essential
Nginx Essential
Gong Haibing
 
Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache Ambari
Alejandro Fernandez
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and Ops
Mykyta Protsenko
 

More Related Content

What's hot

Securing Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp VaultSecuring Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp Vault
Bram Vogelaar
 
Advanced Postgres Monitoring
Advanced Postgres MonitoringAdvanced Postgres Monitoring
Advanced Postgres Monitoring
Denish Patel
 
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdfOSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
NETWAYS
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomad
Bram Vogelaar
 
Grafana Loki: like Prometheus, but for Logs
Grafana Loki: like Prometheus, but for LogsGrafana Loki: like Prometheus, but for Logs
Grafana Loki: like Prometheus, but for Logs
Marco Pracucci
 
FreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxFreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of Linux
Julian Catrambone
 
Observability; a gentle introduction
Observability; a gentle introductionObservability; a gentle introduction
Observability; a gentle introduction
Bram Vogelaar
 

What's hot (20)

OpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - MasakariOpenStackユーザ会資料 - Masakari
OpenStackユーザ会資料 - Masakari
 
Securing Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp VaultSecuring Prometheus exporters using HashiCorp Vault
Securing Prometheus exporters using HashiCorp Vault
 
Prometheus and Grafana
Prometheus and GrafanaPrometheus and Grafana
Prometheus and Grafana
 
Introduction to Prometheus
Introduction to PrometheusIntroduction to Prometheus
Introduction to Prometheus
 
Distributed tracing using open tracing &amp; jaeger 2
Distributed tracing using open tracing &amp; jaeger 2Distributed tracing using open tracing &amp; jaeger 2
Distributed tracing using open tracing &amp; jaeger 2
 
Advanced Postgres Monitoring
Advanced Postgres MonitoringAdvanced Postgres Monitoring
Advanced Postgres Monitoring
 
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdfOSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
OSMC 2022 | OpenTelemetry 101 by Dotan Horovit s.pdf
 
Ninja
NinjaNinja
Ninja
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomad
 
Grafana Loki: like Prometheus, but for Logs
Grafana Loki: like Prometheus, but for LogsGrafana Loki: like Prometheus, but for Logs
Grafana Loki: like Prometheus, but for Logs
 
Introduction to Apache ActiveMQ Artemis
Introduction to Apache ActiveMQ ArtemisIntroduction to Apache ActiveMQ Artemis
Introduction to Apache ActiveMQ Artemis
 
OpenStack Kolla Introduction
OpenStack Kolla IntroductionOpenStack Kolla Introduction
OpenStack Kolla Introduction
 
Monitoring with Prometheus
Monitoring with PrometheusMonitoring with Prometheus
Monitoring with Prometheus
 
Using Ansible at Scale to Manage a Public Cloud
Using Ansible at Scale to Manage a Public CloudUsing Ansible at Scale to Manage a Public Cloud
Using Ansible at Scale to Manage a Public Cloud
 
FreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of LinuxFreeIPA - Attacking the Active Directory of Linux
FreeIPA - Attacking the Active Directory of Linux
 
Observability; a gentle introduction
Observability; a gentle introductionObservability; a gentle introduction
Observability; a gentle introduction
 
Getting Started with Consul
Getting Started with ConsulGetting Started with Consul
Getting Started with Consul
 
Jfrog artifactory artifact management c tamilmaran presentation - copy
Jfrog artifactory artifact management c tamilmaran presentation - copyJfrog artifactory artifact management c tamilmaran presentation - copy
Jfrog artifactory artifact management c tamilmaran presentation - copy
 
Easy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with NomadEasy Cloud Native Transformation with Nomad
Easy Cloud Native Transformation with Nomad
 
Nginx Essential
Nginx EssentialNginx Essential
Nginx Essential
 

Similar to 10 things i learned building nomad-packs

Puppet at Pinterest
Puppet at PinterestPuppet at Pinterest
Puppet at Pinterest
Puppet
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
NETWAYS
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
Lindsay Holmwood
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpreso
ke4qqq
 
Infrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStackInfrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStack
ke4qqq
 

Similar to 10 things i learned building nomad-packs (20)

Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache Ambari
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and Ops
 
Puppet at Pinterest
Puppet at PinterestPuppet at Pinterest
Puppet at Pinterest
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
 
Declarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformDeclarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with Terraform
 
파이썬 개발환경 구성하기의 끝판왕 - Docker Compose
파이썬 개발환경 구성하기의 끝판왕 - Docker Compose파이썬 개발환경 구성하기의 끝판왕 - Docker Compose
파이썬 개발환경 구성하기의 끝판왕 - Docker Compose
 
Puppet
PuppetPuppet
Puppet
 
Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache Ambari
 
Ansible
AnsibleAnsible
Ansible
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipeline
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
 
Incrementalism: An Industrial Strategy For Adopting Modern Automation
Incrementalism: An Industrial Strategy For Adopting Modern AutomationIncrementalism: An Industrial Strategy For Adopting Modern Automation
Incrementalism: An Industrial Strategy For Adopting Modern Automation
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpreso
 
Deploying Plone and Volto, the Hard Way
Deploying Plone and Volto, the Hard WayDeploying Plone and Volto, the Hard Way
Deploying Plone and Volto, the Hard Way
 
Puppet and Apache CloudStack
Puppet and Apache CloudStackPuppet and Apache CloudStack
Puppet and Apache CloudStack
 
Infrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStackInfrastructure as code with Puppet and Apache CloudStack
Infrastructure as code with Puppet and Apache CloudStack
 
Streamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache AmbariStreamline Hadoop DevOps with Apache Ambari
Streamline Hadoop DevOps with Apache Ambari
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
 
Our Puppet Story (GUUG FFG 2015)
Our Puppet Story (GUUG FFG 2015)Our Puppet Story (GUUG FFG 2015)
Our Puppet Story (GUUG FFG 2015)
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013
 

More from Bram Vogelaar

Cost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB worldCost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB world
Bram Vogelaar
 
Scraping metrics for fun and profit
Scraping metrics for fun and profitScraping metrics for fun and profit
Scraping metrics for fun and profit
Bram Vogelaar
 
Running Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and WaypointRunning Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and Waypoint
Bram Vogelaar
 
Running trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and WaypointRunning trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and Waypoint
Bram Vogelaar
 
Gamification of Chaos Testing
Gamification of Chaos TestingGamification of Chaos Testing
Gamification of Chaos Testing
Bram Vogelaar
 
High Available Drupal
High Available DrupalHigh Available Drupal
High Available Drupal
Bram Vogelaar
 

More from Bram Vogelaar (20)

Cost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB worldCost reconciliation in a post CMDB world
Cost reconciliation in a post CMDB world
 
Self scaling Multi cloud nomad workloads
Self scaling Multi cloud nomad workloadsSelf scaling Multi cloud nomad workloads
Self scaling Multi cloud nomad workloads
 
Scraping metrics for fun and profit
Scraping metrics for fun and profitScraping metrics for fun and profit
Scraping metrics for fun and profit
 
Running Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and WaypointRunning Trusted Payload with Nomad and Waypoint
Running Trusted Payload with Nomad and Waypoint
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stack
 
Running trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and WaypointRunning trusted payloads with Nomad and Waypoint
Running trusted payloads with Nomad and Waypoint
 
Gamification of Chaos Testing
Gamification of Chaos TestingGamification of Chaos Testing
Gamification of Chaos Testing
 
Puppet and the HashiStack
Puppet and the HashiStackPuppet and the HashiStack
Puppet and the HashiStack
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stack
 
Creating Reusable Puppet Profiles
Creating Reusable Puppet ProfilesCreating Reusable Puppet Profiles
Creating Reusable Puppet Profiles
 
Gamification of Chaos Testing
Gamification of Chaos TestingGamification of Chaos Testing
Gamification of Chaos Testing
 
Testing your infrastructure with litmus
Testing your infrastructure with litmusTesting your infrastructure with litmus
Testing your infrastructure with litmus
 
Devops its not about the tooling
Devops its not about the toolingDevops its not about the tooling
Devops its not about the tooling
 
High Available Drupal
High Available DrupalHigh Available Drupal
High Available Drupal
 
Over engineering your personal website
Over engineering your personal websiteOver engineering your personal website
Over engineering your personal website
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suite
 
Puppet and the HashiCorp Suite
Puppet and the HashiCorp SuitePuppet and the HashiCorp Suite
Puppet and the HashiCorp Suite
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suite
 
testing for people who hate testing
testing for people who hate testingtesting for people who hate testing
testing for people who hate testing
 
Terraform for fun and profit
Terraform for fun and profitTerraform for fun and profit
Terraform for fun and profit
 

Recently uploaded

Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
Syngulon
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 

Recently uploaded (20)

IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
THE BEST IPTV in GERMANY for 2024: IPTVreel
THE BEST IPTV in GERMANY for 2024: IPTVreelTHE BEST IPTV in GERMANY for 2024: IPTVreel
THE BEST IPTV in GERMANY for 2024: IPTVreel
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 

10 things i learned building nomad-packs

  • 1. 10 things i learned building Nomad packs Bram Vogelaar @attachmentgenie
  • 2. Confidential and Proprietary ~ ❯ whoami => Bram Vogelaar • Used to be a Molecular Biologist • Then became a Dev, now an Ops • Currently Cloud Engineer @ The Factory • Amsterdam HUG organizer
  • 3. Confidential and Proprietary Nomad • Open-source tool for dynamic workload scheduling • Batch, containerized, and non-containerized applications. • Has native Consul and Vault integrations. • Has token based access setup. • Jobs written in (H)ashiCorp (C)onfiguration (L)anguage https://www.nomadproject.io/
  • 4. Confidential and Proprietary Nomad Job Structure job "lorem-ipsum" { group ”frontend" { network { port "http" { to = ”3000” } } service { name = ”lorem" port. = ”http" } task "server" { driver = "docker" config { image = ”cicero/lorem-ipsum:v1.0.0" ports = ["http"] } } }
  • 5. Confidential and Proprietary Surprisingly Dynamic job "lorem-ipsum" { group ”frontend" { network { port "http" { to = ”3000” } } service { name = ”lorem" port. = ”http" } task "server" { driver = "docker" config { image = ”cicero/lorem-ipsum:v1.0.0" ports = ["http"] } } }
  • 6. Confidential and Proprietary Incredibly Dynamic ● Data Centers ● Region ● Namespace ● Constraints ● Count ● Restart Configuration ● Network ● Volumes ● Service Checks ● Consul Connect ● Resource Limits ● Artifacts ● Templates ● Autoscaler Configuration
  • 8. Confidential and Proprietary Nomad Pack • Templating and Packaging tool • Easily deploy popular applications to Nomad • Re-use common patterns across internal applications • Find and share job definitions with the Nomad community • Jobs written in (H)ashiCorp (C)onfiguration (L)anguage • Templates are written using Go Template Syntax. • Nightlies only right now! https://github.com/hashicorp/nomad-pack
  • 9. Confidential and Proprietary Pack Registries $ nomad-pack registry list $ nomad-pack registry add o11y https://github.com/attachmentgenie/nomad-pack-o11y-registry $ nomad-pack run grafana --var job_name=dashboard --registry=o11y $ nomad-pack run packs/grafana -f vars/grafana.hcl –f vars/lab.hcl https://github.com/hashicorp/nomad-pack-o11y-registry
  • 10. Confidential and Proprietary Default Registry $ nomad-pack registry list PACK NAME | REF | METADATA VERSION | REGISTRY | REGISTRY URL -----------------------------+--------+------------------+-----------------+----------------------------- alertmanager | latest | 0.0.1 | default | github.com/hashicorp aws_efs_csi | latest | 0.0.1 | default | github.com/hashicorp mkdir –p $HOME/.nomad/packs/default on offline systems!
  • 11. Confidential and Proprietary Pack Structure lorem-ipsum ❯ tree |-- CHANGELOG.md |-- README.md |-- metadata.hcl |-- outputs.tpl |-- templates | |-- _helpers.tpl | `-- lorem-ipsum.nomad.tpl `-- variables.hcl 1 directory, 7 files
  • 12. Confidential and Proprietary metadata.hcl app { url = "https://grafana.com/" author = "Grafana Labs" } pack { name = "grafana" description = "Grafana is a multi-platform open source analytics and interactive visualization tool." url = "https://github.com/attachmentgenie/nomad-pack-o11y-registry/grafana" version = "0.1.0" }
  • 13. Confidential and Proprietary variables.hcl variable "datacenters" { description = "A list of datacenters in the region which are eligible for task placement" type = list(string) default = [“dc1”] } Variable “resources” { description = “The resource to assign to the Grafana service task” type = object({ cpu = number memory = number }) default = { cpu = 200, memory = 256 } }
  • 14. Confidential and Proprietary Pack Templates $ cat packs/grafana/templates/grafana.nomad.tpl …. datacenters = [[ .my.datacenters | toStringList ]] … resources { cpu = [[ .my.grafana_resources.cpu ]] memory = [[ .my.grafana_resources.memory ]] } … https://github.com/hashicorp/nomad-pack-community-registry
  • 15. Confidential and Proprietary CI-CD $ nomad-pack plan packs/loki --var version=vX.Y.Z -f vars/loki.hcl +/- Job: "loki" + VaultToken: "s.IJcEJqpsCkGU0mfY3GmnCLSd" +/- Task Group: "loki" (1 create, 2 in-place update) +/- Count: "2" => "3" (forces create) Task: "connect-proxy-loki" Task: "server" » Scheduler dry-run: - All tasks successfully allocated. Plan succeeded $ nomad-pack nomad-pack run packs/loki --var version=vX.Y.Z -f vars/loki.hcl
  • 16. Confidential and Proprietary CI-CD Paranoid Version $ nomad-pack render packs/loki --var version=vX.Y.Z -f vars/loki.hcl -o $WORKSPACE/render $ nomad run $WORKSPACE/render/loki/loki.nomad https://github.com/marketplace/actions/setup-hashicorp-nomad-pack
  • 18. Confidential and Proprietary Helper template $ cat packs/grafana/templates/grafana.nomad.tpl job [[ template "job_name" . ]] { [[ template "region" . ]] [[ template "namespace" . ]] …. $ cat packs/grafana/templates/_helpers.tpl … [[- define "job_name" -]] [[- if eq .grafana.job_name "" -]] [[- .nomad_pack.pack.name | quote -]] [[- else -]] [[- .grafana.job_name | quote -]] [[- end -]] [[- end -]] …
  • 19. Confidential and Proprietary Abstracting away boring repetitive bits $ cat packs/grafana/templates/_helpers.tpl … [[ define "resources" -]] [[- $resources := . ]] resources { cpu = [[ $resources.cpu ]] memory = [[ $resources.memory ]] } [[- end ]] … $ cat packs/grafana/templates/grafana.nomad.tpl … [[ template " resources " . ]] …
  • 20. Confidential and Proprietary Abstracting away boring repetitive bits $ cat packs/grafana/templates/_resources.tpl … [[ define "resources" -]] [[- $resources := . ]] resources { cpu = [[ $resources.cpu ]] memory = [[ $resources.memory ]] } [[- end ]] … $ cat packs/grafana/templates/grafana.nomad.tpl … [[ template " resources " . ]] …
  • 21. Confidential and Proprietary Abstracting away boring repetitive bits $ cat packs/grafana/metadata.hcl … dependency ”hashitalks_helpers" { name = "hashitalks_helpers" source = "https://github.com/attachmentgenie/hashitalks-registry/helpers" } $ cat packs/grafana/templates/grafana.nomad.tpl … [[ template "hashitalks_helpers .resources" . ]] …
  • 22. Confidential and Proprietary Wishlist: pre-commit-nomad Currently no clear alternatives/equivalents for: Terraform_docs Terraform_fmt Terraform_tflint Terraform_validate Terrascan
  • 23. Confidential and Proprietary Wishlist: Locals network { mode = "bridge" port "mysql" { to = 3306 <- local.mysql_port } } [[ if .my.register_consul_service ]] service { name = "[[ .my.consul_service_name ]]" tags = [[ .my.consul_service_tags | toStringList ]] port = "mysql" connect { sidecar_service { tags = [""] proxy { local_service_port = 3306 <- local.mysql_port …
  • 24. Confidential and Proprietary Wishlist: Meta package support $ cat deploy.sh #!/bin/bash set -e nomad-pack run minio -f vars/minio.hcl -f vars/lab.hcl --registry=attachmentgenie nomad-pack run packs/loki -f vars/loki.hcl -f vars/lab.hcl nomad-pack run packs/mimir -f vars/mimir.hcl -f vars/lab.hcl nomad-pack run packs/phlare -f vars/phlare.hcl -f vars/lab.hcl nomad-pack run packs/tempo -f vars/tempo.hcl -f vars/lab.hcl nomad-pack run packs/grafana -f vars/grafana.hcl -f vars/lab.hcl nomad-pack run redis -f vars/redis.hcl -f vars/lab.hcl --registry=attachmentgenie nomad-pack run packs/grafana_oncall -f vars/grafana_oncall.hcl -f vars/lab.hcl nomad-pack run packs/prometheus -f vars/prometheus.hcl -f vars/lab.hcl nomad-pack run packs/promlens -f vars/promlens.hcl -f vars/lab.hcl
  • 25. Confidential and Proprietary Wishlist: Dependency health checks $ cat deploy.sh #!/bin/bash set -e export NOMAD_ADDR=http://192.168.1.30:4646/ui/jobs wait-for-url() { echo "Testing $1" timeout -s TERM 45 bash -c 'while [[ "$(curl -s -o /dev/null -L -w ''%{http_code}'' ${0})" != "200" ]]; do echo "Waiting for ${0}" && sleep 2; done' ${1} echo "OK!" } nomad-pack run minio -f vars/minio.hcl -f vars/lab.hcl --registry=attachmentgenie wait-for-url https://s3.teambla.dev/minio/health/live nomad-pack run packs/loki -f vars/loki.hcl -f vars/lab.hcl