SLIDE 1
Nomad
HASHICORP
HASHICORP
Armon Dadgar
@armon
Nomad HASHICORP Armon Dadgar @armon HASHICORP HASHICORP Cluster - - PowerPoint PPT Presentation
Nomad HASHICORP Armon Dadgar @armon HASHICORP HASHICORP Cluster - - PowerPoint PPT Presentation
Nomad HASHICORP Armon Dadgar @armon HASHICORP HASHICORP Cluster Manager Scheduler Nomad HASHICORP Cluster Manager Scheduler Nomad HASHICORP Schedulers map a set of work to a set of resources HASHICORP Work (Input) Resources Web
SLIDE 2
SLIDE 3
SLIDE 4
HASHICORP
SLIDE 5
Nomad
HASHICORP
Cluster Manager Scheduler
SLIDE 6
Nomad
HASHICORP
Cluster Manager Scheduler
SLIDE 7
HASHICORP
Schedulers map a set of work to a set of resources
SLIDE 8
HASHICORP
CPU Scheduler
Web Server -Thread 1 CPU - Core 1 CPU - Core 2 Web Server -Thread 2 Redis -Thread 1 Kernel -Thread 1
Work (Input) Resources
CPU Scheduler
SLIDE 9
HASHICORP
CPU Scheduler
Web Server -Thread 1 CPU - Core 1 CPU - Core 2 Web Server -Thread 2 Redis -Thread 1 Kernel -Thread 1
Work (Input) Resources
CPU Scheduler
SLIDE 10
HASHICORP
Schedulers In the Wild
Type Work Resources CPU Scheduler Threads Physical Cores AWS EC2 / OpenStack Nova Virtual Machines Hypervisors Hadoop YARN MapReduce Jobs Client Nodes Cluster Scheduler Applications Servers
SLIDE 11
HASHICORP
Advantages
Higher Resource Utilization Decouple Work from Resources Better Quality of Service
SLIDE 12
HASHICORP
Advantages
Bin Packing Over-Subscription Job Queueing Higher Resource Utilization Decouple Work from Resources Better Quality of Service
SLIDE 13
HASHICORP
Advantages
Abstraction API Contracts Standardization Higher Resource Utilization Decouple Work from Resources Better Quality of Service
SLIDE 14
HASHICORP
Advantages
Priorities Resource Isolation Pre-emption Higher Resource Utilization Decouple Work from Resources Better Quality of Service
SLIDE 15
HASHICORP
SLIDE 16
Nomad
HASHICORP
SLIDE 17
Nomad
HASHICORP
Cluster Scheduler Easily Deploy Applications Operationally Simple Built for Scale
SLIDE 18
job "redis" { datacenters = ["us-east-1"] task "redis" { driver = "docker" config { image = "redis:latest" } resources { cpu = 500 # Mhz memory = 256 # MB network { mbits = 10 dynamic_ports = ["redis"] } } } }
example.nomad
SLIDE 19
HASHICORP
Job Specification
Declares what to run
SLIDE 20
HASHICORP
Job Specification
Nomad determines where and manages how to run
SLIDE 21
HASHICORP
Job Specification
Nomad abstracts work from resources
SLIDE 22
HASHICORP
Containerized Virtualized Standalone
Docker Rkt Windows Server Containers Qemu / KVM Hyper-V Xen Java Jar Static Binaries C#
SLIDE 23
Nomad
HASHICORP
Declarative Job Specification Infrastructure-As-Code Removes Imperative Logic External Dependencies?
SLIDE 24
Nomad
HASHICORP
Service Discovery? Health Monitoring? Application Secrets? Stateful Applications?
SLIDE 25
job “my-app" { … task “my-app" { service { port = “http” check { type = “http” path = “/health” interval = “5s” } } } }
example.nomad
SLIDE 26
HASHICORP
Nomad Server Consul Server Client Nomad Consul App 1 App N
Schedule App Register Service Monitor Health
SLIDE 27
Nomad
HASHICORP
Secret Distribution: API Keys DB Credentials SSL/TLS Certificates
SLIDE 28
job “my-app" { … task “my-app" { env { DB_USERPASS = “foo:bar” } } }
example.nomad
SLIDE 29
Vault
Secure secret storage Dynamic secrets Leasing, renewal, and revocation Auditing Rich ACLs Multiple client authentication methods
SLIDE 30
HASHICORP
Login Vault Token
Vault Token + Operation Op Response
SLIDE 31
job “my-app" { … task “my-app" { env { VAULT_TOKEN = “b6a10b96-9060-11e6-9c6f-67a52bc6b8d3” } } }
example.nomad
SLIDE 32
job “my-app" { … task “my-app" { vault { policies = [“my-app-role”] } } }
example.nomad
SLIDE 33
HASHICORP
Nomad Server Client Nomad App 1 App N
Submit Job + Vault Token Verify Vault Token Schedule App Generate + Renew Vault Token
SLIDE 34
Nomad
HASHICORP
Native Vault Integration No Secrets in Jobs No Secrets on Client Disk Minimize Trust
SLIDE 35
HASHICORP
Stateful Applications
Stateless Stateful
SLIDE 36
HASHICORP
Stateful Applications
Stateless Stateful API Web Cache
SLIDE 37
HASHICORP
Stateful Applications
Stateless Stateful API Web Cache HDFS Cassandra MongoDB
SLIDE 38
HASHICORP
Stateful Applications
Stateless Stateful API Web Cache HDFS Cassandra MongoDB *SQL
SLIDE 39
HASHICORP
Stateful Applications
Stateless Stateful API Web Cache HDFS Cassandra MongoDB *SQL EASY MEDIUM HARD
SLIDE 40
job “my-app" { … task “my-app" { ephemeral_disk { sticky = true } } }
example.nomad
SLIDE 41
HASHICORP
Moves data between tasks on the same machine
SLIDE 42
HASHICORP
Copies data between tasks on different machines
SLIDE 43
Nomad
HASHICORP
Easily Deploy Apps: Declarative Jobs Flexible Workloads Consul Integration Vault Integration Sticky Volumes
SLIDE 44
HASHICORP
Operationally Simple
SLIDE 45
HASHICORP
Client Server
SLIDE 46
Built on Experience
GOSSIP CONSENSUS
SLIDE 47
Serf
Cluster Management Gossip Based (P2P) Membership Failure Detection Event System
SLIDE 48
Serf
Large Scale Production Hardened Simple Clustering and Federation
SLIDE 49
Consul
Service Discovery Configuration Coordination (Locking) Central Servers + Distributed Clients
SLIDE 50
Consul
Multi-Datacenter Raft Consensus Large Scale Production Hardened
SLIDE 51
Nomad
HASHICORP
Operational Simplicity: Single Binary No Dependencies Highly Available
SLIDE 52
HASHICORP
Built for Scale
SLIDE 53
Built on Experience
GOSSIP CONSENSUS
Mature Libraries Proven Design Patterns Lacking Scheduling Logic
SLIDE 54
Built on Research
GOSSIP CONSENSUS
SLIDE 55
SLIDE 56
HASHICORP
Single Region Architecture
SERVER SERVER SERVER CLIENT CLIENT CLIENT
DC1 DC2 DC3 FOLLOWER LEADER FOLLOWER REPLICATION FORWARDING REPLICATION FORWARDING RPC RPC RPC
SLIDE 57
HASHICORP
Multi Region Architecture
SERVER SERVER SERVER
FOLLOWER LEADER FOLLOWER REPLICATION FORWARDING REPLICATION
REGION B
GOSSIP REPLICATION REPLICATION FORWARDING REGION FORWARDING
REGION A
SERVER
FOLLOWER
SERVER SERVER
LEADER FOLLOWER
SLIDE 58
Nomad
HASHICORP
Region is Isolation Domain 1-N Datacenters Per Region Flexibility to do 1:1 (Consul) Scheduling Boundary
SLIDE 59
HASHICORP
Hundreds of regions Tens of thousands of clients per region Thousands of jobs per region
SLIDE 60
Nomad
Inspired by Google Omega Optimistic Concurrency State Coordination Service & Batch workloads Pluggable Architecture
SLIDE 61
Data Model
ALLOCATION JOB EVALUATION NODE
SLIDE 62
Evaluation ~= State Change
SLIDE 63
Evaluations
Create / Update / Delete Job Node Up / Node Down Allocation Failed / Finished
SLIDE 64
Evaluations
SCHEDULER
func(Evaluation) => []AllocationUpdates
SLIDE 65
Evaluations
SCHEDULER
func(Evaluation) => []AllocationUpdates
Service, Batch, System
SLIDE 66
HASHICORP
External Event EvaluaBon CreaBon EvaluaBon Queuing EvaluaBon Processing OpBmisBc CoordinaBon State Updates
SLIDE 67
Nomad
HASHICORP
Omega Architecture Optimistically Schedule 100’s of Jobs in Parallel Controls for Correctness
SLIDE 68
Nomad
Million Container Challenge
1,000 Jobs 1,000 Tasks per Job 5,000 Hosts on GCE 1,000,000 Containers
SLIDE 69
SLIDE 70
“
– Bill Gates
640 KB ought to be enough for anybody.
SLIDE 71
2nd Largest Hedge Fund 18K Cores 5 Hours 2,200 Containers/second
SLIDE 72
Nomad
HASHICORP
Cluster Scheduler Easily Deploy Applications Operationally Simple Built for Scale
SLIDE 73
HASHICORP
Thanks!
Q/A
SLIDE 74
HASHICORP