Configuring nomad-podman-driver with a Nomad Cluster and Running a Nomad Job Using the Podman Driver

Avatar
Suyash Kumar
  • Updated

 

Introduction:

Nomad is a powerful, open-source cluster manager and scheduler designed to automate the deployment, scaling, and management of containerized applications and non-containerized workloads.

The Podman driver for Nomad allows you to manage and run containers using the Podman container engine.

This Knowledge Base (KB) article will guide you through the process of configuring the Nomad Podman Driver with a Nomad cluster and running a job using the Podman driver.

 

Prerequisites:

Before you begin, ensure that you have the following prerequisites in place:

  1. A working Nomad cluster: Make sure you have a functioning Nomad cluster set up. If not, refer to the official Nomad documentation for guidance on how to set up a Nomad cluster.

  2. Podman installed: Podman Engine must be installed on the Nomad clients where you intend to run jobs that use the Podman driver. You can install Podman on most Linux distributions using the package manager specific to your distribution.

  3. Basic familiarity with Nomad: A basic understanding of Nomad concepts, such as jobs, tasks, and job specifications, will be beneficial.

Runtime Dependencies:

  • Nomad 0.12.9+
  • Linux host with podman installed
  • For rootless containers you need a system supporting cgroup V2 and a few other things, follow this tutorial

You need a 3.0.x podman binary and a system socket activation unit, see https://www.redhat.com/sysadmin/podmans-new-rest-api

Nomad agent, nomad-driver-podman and podman will reside on the same host, so you do not have to worry about the ssh aspects of the podman api.

Ensure that Nomad can find the plugin, see plugin_dir

 

Configuration Steps:

Step 1: Install the Nomad Podman Driver Plugin:

The Nomad Podman driver plugin is not included in the default Nomad installation. To use it, you must install the driver on all Nomad client nodes. You can download the driver from the official HashiCorp releases.

 

Step 2: Configure Nomad for Podman Driver Plugin:

  • Place the downloaded nomad-podman-driver plugin on the path and configure the same path in your nomad configuration file on the Nomad client nodes like below - 
#Change the path as per your folder location
plugin_dir = "/home/ec2-user/nomad-driver-podman/examples/plugins"
  • Edit the Nomad configuration file [nomad.hcl{this can vary as per your cluster setup}] on each Nomad client node to include the Podman driver plugin: 
plugin "nomad-driver-podman" {
  config {
      socket_path = "unix:///run/podman/podman.sock"
      # Customize other Podman driver plugin options here if needed
  }
}

Save the configuration file and restart the Nomad client service on each node to apply the changes.

 

Step 3: Validate the Podman driver from Nomad Cluster:

Validate the podman driver whether it is detected healthy by the Nomad client. Below is the sample status of the Nomad client node after enabling podman driver- 

$ nomad node status <nomad_client_node_id> | grep -i "Driver status"
Driver Status = docker,exec,podman
$ nomad node status -verbose <nomad_client_node_id> | grep -i "podman"
podman true true ready 2023-09-14T08:53:44Z
driver.podman = 1
driver.podman.cgroupVersion = v2
driver.podman.rootless = false
driver.podman.version = 4.4.1

 

Step 4: Create a Nomad Job Specification:

To run a job using the Podman driver, create a Nomad job specification that defines the task to be executed. Ensure that you specify the driver as podman in your job specification.

Here's a sample example of a Nomad job specification that runs a simple NGINX container using the Podman driver:

job "nginx-podman-job" {
  datacenters = ["dc1"]
  type = "service"

  group "nginx-group" {
    count = 1

    task "nginx-task" {
      driver = "podman"

      config {
        image = "docker.io/library/nginx:latest"
      }

      resources {
        cpu = 500
        memory = 256
      }
    }
  }
}

Save this job specification to a file, such as nginx.nomad.

 

Step 5: Submit the Job to Nomad:

Submit the job to your Nomad cluster using the nomad job run command:

nomad job run nginx.nomad

 

Step 6: Monitor and Manage the Job from Nomad:

You can monitor the status of your job and its tasks using the Nomad CLI or Nomad UI web interface.

  • To check the job status using the CLI, run:
$ nomad job status nginx-podman-job
ID            = nginx-podman-job
Name          = nginx-podman-job
Submit Date   = 2023-09-16T10:32:28Z
Type          = service
Priority      = 50
Datacenters   = dc1
Namespace     = default
Status        = running
Periodic      = false
Parameterized = false

Summary
Task Group   Queued  Starting  Running  Failed  Complete  Lost  Unknown
nginx-group  0       0         1        0       0         0     0

Latest Deployment
ID          = 74e12bc1
Status      = successful
Description = Deployment completed successfully

Deployed
Task Group   Desired  Placed  Healthy  Unhealthy  Progress Deadline
nginx-group  1        1       1        0          2023-09-16T10:42:38Z

Allocations
ID        Node ID   Task Group   Version  Desired  Status   Created    Modified
91df6d6f  d75431f8  nginx-group  0        run      running  6m11s ago  6m ago
  • To validate it from UI, open your Nomad UI on your favourite web browser and go to the job section tab. You will get something like below -

To view logs or perform other job-related operations, consult the Nomad documentation.

Here are some commands to check the logs of above nginx-podman-job - 

nomad job allocs nginx-podman-job
nomad alloc logs 91df6d6f
podman ps
podman ps <podman_container_id_of_nginx-podman-job>

 

 

Step 7: Validate the container from Podman Engine:

To check the same from podman CLI, run commands podman ps and podman logs <podman_container_id> commands like below - 

$ podman ps
CONTAINER ID IMAGE                           COMMAND               CREATED           STATUS     PORTS  NAMES
19d6d07251e3 docker.io/library/nginx:latest  nginx -g daemon o...  6 minutes ago Up  6 minutes         nginx-task-f17c0d4e-37cf-0418-d788-d313f146b4b1
$ podman logs 19d6d07251e3
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2023/09/16 10:32:28 [notice] 1#1: using the "epoll" event method
2023/09/16 10:32:28 [notice] 1#1: nginx/1.25.2
2023/09/16 10:32:28 [notice] 1#1: built by gcc 12.2.0 (Debian 12.2.0-14)
2023/09/16 10:32:28 [notice] 1#1: OS: Linux 5.14.0-284.30.1.el9_2.x86_64
2023/09/16 10:32:28 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2023/09/16 10:32:28 [notice] 1#1: start worker processes
2023/09/16 10:32:28 [notice] 1#1: start worker process 24
2023/09/16 10:32:28 [notice] 1#1: start worker process 25
2023/09/16 10:32:28 [notice] 1#1: start worker process 26
2023/09/16 10:32:28 [notice] 1#1: start worker process 27

 

Conclusion:

Configuring the Nomad Podman Driver and running jobs with it enables you to manage containers seamlessly within your Nomad cluster. By following the steps outlined in this KB article, you can harness the power of both Nomad and Podman to efficiently orchestrate your containerized workloads.

 

Reference:

https://www.nomadproject.io/

https://podman.io/

Articles in this section

Related articles