Nomad 和端口映射
Nomad and port mapping
Nomad 有三种不同的端口映射方式:
- 组级下的网络节
- 配置下的网络节 -> 资源级别
- port_map 配置级别下的节
有什么区别,什么时候应该使用哪个?
首先port_map是
弃用,
所以你不应该将它用作任务驱动程序配置的一部分。
Up until Nomad 0.12, ports could be specified in a task's resource stanza and set
using the docker port_map field. As more features have been added to the group
network resource allocation, task based network resources are deprecated. With it
the port_map field is also deprecated and can only be used with task network
resources.
Users should migrate their jobs to define ports in the group network stanza and
specified which ports a task maps with the ports field.
port 在 group network 节中定义了可用于标识
服务发现中的端口。此标签也用作环境变量名称的一部分
指示您的应用程序应绑定到哪个端口。
ports 在任务级别指定网络节中的哪个 port 应该是
在任务 allocation/container 中可用。来自官方
文档
A Docker container typically specifies which port a service will listen on by
specifying the EXPOSE directive in the Dockerfile.
Because dynamic ports will not match the ports exposed in your Dockerfile, Nomad
will automatically expose any ports specified in the ports field.
TLDR;
所以正确的定义只有一个:
job "example" {
group "example-group" {
network {
# Dynamic ports
port "foo" {}
port "bar" {}
# Mapped ports
port "http" { to = 80 }
port "https" { to = 443 }
# Static ports
port "lb" { static = 8080 }
}
task "task-1" {
driver = "docker"
config {
...
ports = [
"foo",
"http",
]
}
}
task "task-2" {
driver = "docker"
config {
...
ports = [
"bar",
"https",
]
}
}
task "task-3" {
driver = "docker"
config {
...
ports = [
"lb",
]
}
}
}
}
考虑 运行 这种类型的作业文件(带有任何图像)。然后你会得到以下内容
后端和容器之间的端口映射:
for port in $(docker ps --format "{{.Ports}}"); do echo $port; done | grep tcp | cut -d':' -f 2
# Dynamic ports 'foo' and 'bar'
# 25968->25968/tcp,
# 29080->29080/tcp,
# Mapped ports 'http' and 'https'
# 29936->80/tcp,
# 20987->443/tcp,
# Static port 'lb'
# 8080->8080/tcp,
现在,如果你进入 task-1 allocation/container 并检查环境变量,那么你
如果您的任务需要与
彼此。
env | grep NOMAD | grep PORT
# NOMAD_PORT_bar=29080
# NOMAD_HOST_PORT_bar=29080
# NOMAD_PORT_foo=25968
# NOMAD_HOST_PORT_foo=25968
# NOMAD_PORT_http=80
# NOMAD_HOST_PORT_http=29936
# NOMAD_PORT_https=443
# NOMAD_HOST_PORT_https=20987
# NOMAD_PORT_lb=8080
# NOMAD_HOST_PORT_lb=8080
为了让服务之间的通信更容易,最好使用服务
发现,例如Consul(也来自 HashiCorp)并让你
生活更容易考虑某种负载平衡器,例如
Fabio 或
Traefik。这是一个 不错的博客
post
来自 HashiCorp 的工程师。
Nomad 有三种不同的端口映射方式:
- 组级下的网络节
- 配置下的网络节 -> 资源级别
- port_map 配置级别下的节
有什么区别,什么时候应该使用哪个?
首先
port_map是 弃用, 所以你不应该将它用作任务驱动程序配置的一部分。Up until Nomad 0.12, ports could be specified in a task's resource stanza and set using the docker
port_mapfield. As more features have been added to the group network resource allocation, task based network resources are deprecated. With it theport_mapfield is also deprecated and can only be used with task network resources.Users should migrate their jobs to define ports in the group network stanza and specified which ports a task maps with the
portsfield.port在 group network 节中定义了可用于标识 服务发现中的端口。此标签也用作环境变量名称的一部分 指示您的应用程序应绑定到哪个端口。ports在任务级别指定网络节中的哪个port应该是 在任务 allocation/container 中可用。来自官方 文档A Docker container typically specifies which port a service will listen on by specifying the EXPOSE directive in the Dockerfile.
Because dynamic ports will not match the ports exposed in your Dockerfile, Nomad will automatically expose any ports specified in the ports field.
TLDR;
所以正确的定义只有一个:
job "example" {
group "example-group" {
network {
# Dynamic ports
port "foo" {}
port "bar" {}
# Mapped ports
port "http" { to = 80 }
port "https" { to = 443 }
# Static ports
port "lb" { static = 8080 }
}
task "task-1" {
driver = "docker"
config {
...
ports = [
"foo",
"http",
]
}
}
task "task-2" {
driver = "docker"
config {
...
ports = [
"bar",
"https",
]
}
}
task "task-3" {
driver = "docker"
config {
...
ports = [
"lb",
]
}
}
}
}
考虑 运行 这种类型的作业文件(带有任何图像)。然后你会得到以下内容 后端和容器之间的端口映射:
for port in $(docker ps --format "{{.Ports}}"); do echo $port; done | grep tcp | cut -d':' -f 2
# Dynamic ports 'foo' and 'bar'
# 25968->25968/tcp,
# 29080->29080/tcp,
# Mapped ports 'http' and 'https'
# 29936->80/tcp,
# 20987->443/tcp,
# Static port 'lb'
# 8080->8080/tcp,
现在,如果你进入 task-1 allocation/container 并检查环境变量,那么你
如果您的任务需要与
彼此。
env | grep NOMAD | grep PORT
# NOMAD_PORT_bar=29080
# NOMAD_HOST_PORT_bar=29080
# NOMAD_PORT_foo=25968
# NOMAD_HOST_PORT_foo=25968
# NOMAD_PORT_http=80
# NOMAD_HOST_PORT_http=29936
# NOMAD_PORT_https=443
# NOMAD_HOST_PORT_https=20987
# NOMAD_PORT_lb=8080
# NOMAD_HOST_PORT_lb=8080
为了让服务之间的通信更容易,最好使用服务 发现,例如Consul(也来自 HashiCorp)并让你 生活更容易考虑某种负载平衡器,例如 Fabio 或 Traefik。这是一个 不错的博客 post 来自 HashiCorp 的工程师。