On the 8th of December 2020, Nomad came of age, reaching the venerable milestone of 1.0. Nomad is a simple and flexible workload orchestrator to deploy and manage containers and non-containerized applications across locally installed deployment and multiple clouds at scale. It is one of those Hashicorp gems that is little known but widely adopted by many organizations including Cloudflare, Roblox, and Pandora. Let’s look at what’s new with Hashicorp Nomad 1.0.
What is Nomad?
Hashicorp says the product is a flexible workload orchestrator that helps organizations to easily deploy and manage many containerized or legacy applications using a single, unified workflow. It can be used to run a diverse set of workloads including Docker, non-containerized, micro-services, and batch applications. This has led to a significant sense of confusion, as this is not a clear definition of the product. From that, you could assume that it is a potential CI/CD product, but this is not the case. Nomad is more of a workload management product similar to Kubernetes, but with a much broader use case.
It enables developers to use a declarative infrastructure-as-code language for deploying applications called HCL2 and uses bin-packing to efficiently schedule jobs and optimize resource utilization. Nomad uses HCL, which is the same language Terraform and Consul use.
Architecturally, Nomad pretty simple. Nomad runs as a single process with zero external dependencies. Operators can easily provision, manage, and scale Nomad. Developers can easily define and run applications.
Which is flexible: it can run a diverse workload of containerized, legacy, microservice, and batch applications. Nomad can schedule service, batch processing, and system jobs, and can run on both Linux and Windows.
The product is highly scalable and highly performant; it can schedule thousands of containers per second, scale to thousands of nodes in a single cluster, and easily federate across regions and cloud providers. For me personally, the biggest benefit of Nomad is that it integrates seamlessly with Vault for secrets management and Consul for its service discovery. Coupled with the use of HCL, Nomad has a significantly lower barrier to entry to those that are already using the Hashicorp stack.
What is new with Nomad 1.0
Nomad, like most Hashicorp products, has both an Enterprise and a free open-source edition that has fewer core features. Nomad Enterprise has introduced Dynamic Application Sizing. The previously Enterprise-only feature Namespaces has been made available in the open-source edition. Here are the major features of this 1.0 release.
Nomad 1.0 Highlights
- Dynamic Application Sizing (Enterprise): This new feature monitors Nomad jobs to track resource usage, and will right-size applications to enable the most efficient level of resource consumption. By using recommendations based on the analysis of historical data organizations can optimize application resource consumption intelligently and non-disruptively at scale without the manual, trial-and-error of hardcoding resource requirements. This sounds very much like an autoscaling group. For a deeper understanding read Hashicorp’s writeup on the feature here.
- Namespaces (OSS): This feature enables jobs and their associated objects to be segmented from each other and from other users to achieve multi-tenant clusters. Prior to the release of version 1.0, this was an Enterprise-only feature.
- Event Stream: This feature lets you view and subscribe to a single, unified timeline that streams all high-level events to better understand how the Nomad cluster is performing. Observe state changes that occur at the Job, Allocation, Evaluation, Deployment, and Node levels in Nomad in real-time for stronger tracing and debuggability. Read more here.
- HCL2: Nomad can now use the latest version of the HashiCorp HCL2 which means that Nomad can use the benefits that HCL brings in terms of expressions to create Nomad job files. The addition of variables, functions, templates, and expression support allows users to create dynamic and flexible configurations that can adapt their Nomad job files to a much greater range of internal needs.
- Dynamic Envoy Versioning: At runtime, Nomad will now query HashiCorp Consul locally to launch the Connect sidecar proxy with the latest supported version of Envoy by default.
- CNI Improvements: IP addresses created via the Container Networking Interface (CNI) or multi-host networks can now be exposed and registered directly with Consul.
- Consul Namespace: Users of Consul Enterprise can now configure a single Nomad cluster to support a single Consul namespace.
- Topology Visualization: This new UI feature enables you to see all datacenter, node, and allocation information and their resource utilization in a Nomad cluster. Users can utilize this to intuitively understand cluster capacity, observe how application deployments are distributed across nodes, and proactively identify suboptimal collocations of allocations to lower blast radius in node failures. For a more in-depth overview read more here.
Nomad is one of those solutions that unfortunately has very scrambled messaging. Hashicorp’s standard messaging that states it is a flexible workload management solution; although technically correct; causes confusion between it as the capabilities of a CI/CD workflow program, from the perspective of HashiCorp Waypoint fills that gap. There is no doubt that when it is deployed for the correct use cases, like as a replacement for Kubernetes or as a supplement, however, unlike Kubernetes that is laser-focused on Containers and creating a complete lifecycle wrapper for them, Nomad focuses like traditional Unix tasks on a single task that of scheduling. Yes, it is not as functional as Kubernetes in the management of Containers, there is not life-cycle management for example, but conversely, there is no ability to manage non-container workloads with Kubernetes. It is horse for courses and Nomad is very good at what it does.
But the real question is whether it is a release worthy of the 1.0 version and the answer to that question is yes. Nomad is a very stable product and the addition of Dynamic Scaling to the Enterprise version is a massive step forward. Even more significant is the moving into the OSS version of Namespaces, significantly improving the security profile of the product for OSS users and as such is worthy of the 1.0 on its own.
That said I hope that Hashicorp will revisit the messaging around the product to provide a more focused definition that actually allows people to understand what it can and cannot do.