{"id":15175821,"url":"https://github.com/hashicorp/faas-nomad","last_synced_at":"2026-01-14T23:33:55.888Z","repository":{"id":41142628,"uuid":"102656963","full_name":"hashicorp/faas-nomad","owner":"hashicorp","description":"OpenFaaS plugin for Nomad","archived":true,"fork":false,"pushed_at":"2021-03-18T10:54:06.000Z","size":73229,"stargazers_count":255,"open_issues_count":12,"forks_count":45,"subscribers_count":28,"default_branch":"master","last_synced_at":"2025-10-01T14:43:05.694Z","etag":null,"topics":["go","nomad","openfaas","serverless"],"latest_commit_sha":null,"homepage":"https://www.openfaas.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hashicorp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-09-06T20:49:29.000Z","updated_at":"2025-02-13T19:44:40.000Z","dependencies_parsed_at":"2022-09-09T20:02:30.753Z","dependency_job_id":null,"html_url":"https://github.com/hashicorp/faas-nomad","commit_stats":null,"previous_names":[],"tags_count":37,"template":false,"template_full_name":null,"purl":"pkg:github/hashicorp/faas-nomad","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashicorp%2Ffaas-nomad","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashicorp%2Ffaas-nomad/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashicorp%2Ffaas-nomad/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashicorp%2Ffaas-nomad/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hashicorp","download_url":"https://codeload.github.com/hashicorp/faas-nomad/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashicorp%2Ffaas-nomad/sbom","scorecard":{"id":457013,"data":{"date":"2025-08-11","repo":{"name":"github.com/hashicorp/faas-nomad","commit":"36ba4ea25cadc51533835d37b4af9f13d13d1bf8"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.6,"checks":[{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":4,"reason":"Found 8/20 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.4.3 not signed: https://api.github.com/repos/hashicorp/faas-nomad/releases/22661050","Warn: release artifact v0.4.3-rc2 not signed: https://api.github.com/repos/hashicorp/faas-nomad/releases/19506425","Warn: release artifact v0.4.3-rc1 not signed: https://api.github.com/repos/hashicorp/faas-nomad/releases/18301209","Warn: release artifact v0.4.2-beta2 not signed: https://api.github.com/repos/hashicorp/faas-nomad/releases/16878034","Warn: release artifact v0.4.2 not signed: https://api.github.com/repos/hashicorp/faas-nomad/releases/16881043","Warn: release artifact v0.4.3 does not have provenance: https://api.github.com/repos/hashicorp/faas-nomad/releases/22661050","Warn: release artifact v0.4.3-rc2 does not have provenance: https://api.github.com/repos/hashicorp/faas-nomad/releases/19506425","Warn: release artifact v0.4.3-rc1 does not have provenance: https://api.github.com/repos/hashicorp/faas-nomad/releases/18301209","Warn: release artifact v0.4.2-beta2 does not have provenance: https://api.github.com/repos/hashicorp/faas-nomad/releases/16878034","Warn: release artifact v0.4.2 does not have provenance: https://api.github.com/repos/hashicorp/faas-nomad/releases/16881043"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: Dockerfile_arm7:1: pin your Docker image by updating alpine:latest to alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Info:   0 out of   2 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/hashicorp/.github/SECURITY.md:1","Info: Found linked content: github.com/hashicorp/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/hashicorp/.github/SECURITY.md:1","Info: Found text in security policy: github.com/hashicorp/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 26 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"107 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2021-0053 / GHSA-c3h9-896r-86jm","Warn: Project is vulnerable to: GO-2025-3372 / GHSA-6wxm-mpqj-6jpf","Warn: Project is vulnerable to: GO-2023-1850 / GHSA-4qvx-qq5w-695p","Warn: Project is vulnerable to: GO-2023-1853 / GHSA-q7fx-wm2p-qfj8","Warn: Project is vulnerable to: GO-2022-0776 / GHSA-23jv-v6qj-3fhh","Warn: Project is vulnerable to: GO-2022-0879 / GHSA-rqjq-mrgx-85hp","Warn: Project is vulnerable to: GO-2024-2505 / GHSA-6m72-467w-94rh","Warn: Project is vulnerable to: GO-2023-1851 / GHSA-8xmx-h8rq-h94j","Warn: Project is vulnerable to: GO-2022-0559 / GHSA-6hw5-6gcx-phmw","Warn: Project is vulnerable to: GO-2022-0593 / GHSA-ccw8-7688-vqx4","Warn: Project is vulnerable to: GO-2022-0615 / GHSA-q6h7-4qgw-2j9p","Warn: Project is vulnerable to: GO-2022-0894 / GHSA-25gf-8qrr-g78r","Warn: Project is vulnerable to: GO-2022-0895 / GHSA-8h2g-r292-j8xh","Warn: Project is vulnerable to: GO-2022-1029 / GHSA-m69r-9g56-7mv8","Warn: Project is vulnerable to: GO-2023-1827 / GHSA-c57c-7hrj-6q6v","Warn: Project is vulnerable to: GO-2022-0980 / GHSA-8449-7gc2-pwrp","Warn: Project is vulnerable to: GO-2024-2947 / GHSA-v6v8-xj6m-xwqh","Warn: Project is vulnerable to: GO-2022-0634 / GHSA-6hv3-7c34-4hx8","Warn: Project is vulnerable to: GO-2022-0821 / GHSA-cj2h-ww36-v932","Warn: Project is vulnerable to: GO-2022-0840 / GHSA-h43v-26r7-7j4c","Warn: Project is vulnerable to: GO-2022-0622 / GHSA-35qp-xq9f-2rjx","Warn: Project is vulnerable to: GO-2022-0709 / GHSA-vf6q-9f2f-mwhv","Warn: Project is vulnerable to: GO-2022-0591 / GHSA-c8x3-rg72-fwwg","Warn: Project is vulnerable to: GO-2022-0573 / GHSA-2jhh-5xm2-j4gf","Warn: Project is vulnerable to: GO-2022-0600 / GHSA-gwmc-6795-qghj","Warn: Project is vulnerable to: GO-2022-0732 / GHSA-526x-rm7j-v389","Warn: Project is vulnerable to: GO-2022-1062 / GHSA-7v3g-4878-5qrf","Warn: Project is vulnerable to: GO-2024-2670 / GHSA-rpvr-38xv-xvxq","Warn: Project is vulnerable to: GO-2024-3073 / GHSA-25qx-vfw2-fw8r","Warn: Project is vulnerable to: GO-2024-3262 / GHSA-2w5v-x29g-jw7j","Warn: Project is vulnerable to: GO-2024-3354 / GHSA-hr68-hvgv-xxqf","Warn: Project is vulnerable to: GO-2025-3510 / GHSA-c3q9-q986-vrwh","Warn: Project is vulnerable to: GO-2025-3758 / GHSA-rx97-6c62-55mf","Warn: Project is vulnerable to: GO-2024-2488 / GHSA-4mp7-2m29-gqxf","Warn: Project is vulnerable to: GO-2022-0825 / GHSA-fp52-qw33-mfmw","Warn: Project is vulnerable to: GO-2022-0816 / GHSA-9vh5-r4qw-v3vv","Warn: Project is vulnerable to: GO-2024-2485 / GHSA-j6vv-vv26-rh7c","Warn: Project is vulnerable to: GO-2024-2486 / GHSA-m979-w9wj-qfj9","Warn: Project is vulnerable to: GO-2022-0623 / GHSA-38j9-7pp9-2hjw","Warn: Project is vulnerable to: GO-2022-0632 / GHSA-6239-28c2-9mrm","Warn: Project is vulnerable to: GO-2022-0618 / GHSA-qv95-g3gm-x542","Warn: Project is vulnerable to: GO-2022-0611 / GHSA-pfmw-vj74-ph8g","Warn: Project is vulnerable to: GO-2023-1897 / GHSA-9mh8-9j64-443f","Warn: Project is vulnerable to: GO-2023-1900 / GHSA-wmg5-g953-qqfw","Warn: Project is vulnerable to: GO-2023-1708 / GHSA-hwc3-3qh6-r4gg","Warn: Project is vulnerable to: GO-2023-1685 / GHSA-v3hp-mcj5-pg39","Warn: Project is vulnerable to: GO-2023-1709 / GHSA-vq4h-9ghm-qmrr","Warn: Project is vulnerable to: GO-2023-1849 / GHSA-gq98-53rq-qr5h","Warn: Project is vulnerable to: GO-2023-2088 / GHSA-86c6-3g63-5w64","Warn: Project is vulnerable to: GO-2023-1986 / GHSA-9v3w-w2jh-4hff","Warn: Project is vulnerable to: GO-2023-2329 / GHSA-4qhc-v8r6-8vwm","Warn: Project is vulnerable to: GO-2024-2617 / GHSA-r3w7-mfpm-c2vw","Warn: Project is vulnerable to: GO-2024-2921 / GHSA-32cj-5wx4-gq8p","Warn: Project is vulnerable to: GO-2024-2690 / GHSA-j2rp-gmqv-frhv","Warn: Project is vulnerable to: GO-2024-3191 / GHSA-rr8j-7w34-xp5j","Warn: Project is vulnerable to: GO-2025-3663 / GHSA-gcqf-f89c-68hv","Warn: Project is vulnerable to: GO-2025-3837 / GHSA-6h4p-m86h-hhgh","Warn: Project is vulnerable to: GO-2025-3836 / GHSA-6c5r-4wfc-3mcx","Warn: Project is vulnerable to: GO-2025-3838 / GHSA-mr4h-qf9j-f665","Warn: Project is vulnerable to: GO-2025-3839 / GHSA-mwgr-84fv-3jh9","Warn: Project is vulnerable to: GO-2025-3841 / GHSA-qv3p-fmv3-9hww","Warn: Project is vulnerable to: GO-2025-3848 / GHSA-7rx2-769v-hrwf","Warn: Project is vulnerable to: GO-2020-0008 / GHSA-44r7-7p62-q3fr","Warn: Project is vulnerable to: GHSA-77vh-xpmg-72qh","Warn: Project is vulnerable to: GO-2022-0835 / GHSA-gp4j-w3vj-7299","Warn: Project is vulnerable to: GO-2021-0085 / GHSA-fgv8-vj5c-2ppq","Warn: Project is vulnerable to: GO-2021-0087 / GHSA-fh74-hm69-rqjw","Warn: Project is vulnerable to: GO-2022-0396 / GHSA-g54h-m393-cpwq","Warn: Project is vulnerable to: GO-2022-0914 / GHSA-c3xm-pvg7-gh7r","Warn: Project is vulnerable to: GHSA-v95c-p5hm-xq8f","Warn: Project is vulnerable to: GO-2022-0452 / GHSA-f3fp-gc8g-vw66","Warn: Project is vulnerable to: GO-2023-1683 / GHSA-g2j6-57v7-gm8c","Warn: Project is vulnerable to: GO-2023-1682 / GHSA-m8cg-xc2p-r3fc","Warn: Project is vulnerable to: GO-2024-3110 / GHSA-jfvp-7x6p-h2pv","Warn: Project is vulnerable to: GO-2022-0322 / GHSA-cg3q-j54f-5p7p","Warn: Project is vulnerable to: GO-2022-0209 / GHSA-r5c5-pr8j-pfp7","Warn: Project is vulnerable to: GO-2023-1992 / GHSA-x3jr-pf6g-c48f","Warn: Project is vulnerable to: GO-2022-0229 / GHSA-cjjc-xp8v-855w","Warn: Project is vulnerable to: GO-2020-0012 / GHSA-ffhg-7mh4-33c4","Warn: Project is vulnerable to: GO-2021-0227 / GHSA-3vm4-22fp-5rfm","Warn: Project is vulnerable to: GO-2022-0968 / GHSA-gwc9-m7rh-j2ww","Warn: Project is vulnerable to: GO-2021-0356 / GHSA-8c26-wmh5-6g9v","Warn: Project is vulnerable to: GO-2024-2961","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2022-0197 / GHSA-4r78-hx75-jjj2 / GHSA-mv93-wvcp-7m7r","Warn: Project is vulnerable to: GO-2020-0014 / GHSA-vfw5-hrgq-h5wf","Warn: Project is vulnerable to: GO-2022-0536 / GHSA-39qc-96h7-956f / GHSA-hgr8-6h9x-f7q9","Warn: Project is vulnerable to: GO-2022-0236 / GHSA-h86h-8ppg-mxmh","Warn: Project is vulnerable to: GO-2021-0238 / GHSA-83g2-8m93-v3w7","Warn: Project is vulnerable to: GO-2022-0288","Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622","Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m","Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h","Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9","Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8","Warn: Project is vulnerable to: GO-2023-2153 / GHSA-m425-mq94-257g / GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9","Warn: Project is vulnerable to: GO-2022-0493 / GHSA-p782-xgp4-8hr8","Warn: Project is vulnerable to: GO-2021-0061 / GHSA-r88r-gmrh-7j83","Warn: Project is vulnerable to: GO-2022-0956 / GHSA-6q6q-88xp-6f2r","Warn: Project is vulnerable to: GO-2020-0036 / GHSA-wxc4-f4m6-wwqv"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T09:58:48.656Z","repository_id":41142628,"created_at":"2025-08-19T09:58:48.657Z","updated_at":"2025-08-19T09:58:48.657Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28438700,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T22:37:52.437Z","status":"ssl_error","status_checked_at":"2026-01-14T22:37:31.496Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["go","nomad","openfaas","serverless"],"created_at":"2024-09-27T12:42:55.169Z","updated_at":"2026-01-14T23:33:55.845Z","avatar_url":"https://github.com/hashicorp.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n[![Build Status](https://travis-ci.org/hashicorp/faas-nomad.svg)](https://travis-ci.org/hashicorp/faas-nomad)\n[![Docker Repository on Quay](https://quay.io/repository/nicholasjackson/faas-nomad/status \"Docker Repository on Quay\")](https://quay.io/repository/nicholasjackson/faas-nomad)\n[![OpenFaaS](https://img.shields.io/badge/openfaas-serverless-blue.svg)](https://www.openfaas.com)\n[![Maintainability](https://api.codeclimate.com/v1/badges/c0c0865f3f5f1b9ba06c/maintainability)](https://codeclimate.com/github/hashicorp/faas-nomad/maintainability)\n[![Test Coverage](https://api.codeclimate.com/v1/badges/c0c0865f3f5f1b9ba06c/test_coverage)](https://codeclimate.com/github/hashicorp/faas-nomad/test_coverage)\n\n# OpenFaaS - Nomad Provider\nThis repository contains the OpenFaaS provider for the Nomad scheduler.  OpenFaaS allows you to run your private functions as a service.  Functions are packaged in Docker Containers which enables you to work in any language and also interact with any software which can also be installed in the container.\n\n## OpenFaaS Architecture\nFor the simplest installation, only two containers need to run on the Nomad cluster:\n1. OpenFaaS Gateway\n2. OpenFaaS Nomad provider\nHowever for OpenFaaS to automatically scale your function based on inbound requests and to be able to gather metrics from the Nomad provider two additional containers are optionally run.\n3. Prometheus DB\n4. StatsD server for Prometheus\n5. Grafana for querying Prometheus data\n\n![](images/openfaas_nomad.png)\n\n\n### OpenFaaS Gateway\nThe gateway provides a common API which is used by the command line of for deploying functions.  In addition to this it also hosts a Prometheus metrics endpoint which is used to provide operational metrics.  The gateway does not itself interact with the Nomad cluster instead it delegates all requests to the Nomad provider.  \n\n### Nomad provider\nThe Nomad provider is responsible for performing any actions on the Nomad server such as deploying new functions or scaling functions.  Also it also acts as a function proxy.  Metrics such as execution duration and other information are emitted by the proxy and captured by the StatsD server.  Prometheus regularly collects this information from the StatsD server and stores it as time series data.\n\n### OpenFaaS Functions\nThe functions performing the work on OpenFaaS are packaged as Docker images.  When running on the cluster these functions do not provide any external interface; instead, interactions are performed through the Nomad provider.  When a function is deployed, it is registered with Consul's service catalog.  The provider uses this service catalog for service discovery to be able to locate and call the downstream function.\n\n## Starting a local Nomad / Consul environment\nFirst, ensure that you have a recent version of Nomad and Consul installed, the latest versions can be found at:  \n[Consul Versions | HashiCorp Releases](https://releases.hashicorp.com/consul/)  \n[Nomad Versions | HashiCorp Releases](https://releases.hashicorp.com/nomad/)\n\nMake sure you download the correct architecture for your machine, binaries are available for most platforms, Mac, Windows, Linux, Arm, etc.\n\nTo get things up and running quickly you can run the bash script located in the root of this repository.\n\n```bash\n$ source ./startNomad.sh                                                                                                                                              \nDiscovered IP Address: 192.168.1.113                                                                                                                           \nStarting Consul, redirecting logs to /Users/nicj/log/consul.log                                                                                                \nStarting Nomad, redirecting logs to /Users/nicj/log/nomad.log                                                                                                  \nNOMAD Running \n```\n\nThe startup script will set the advertised address to your primary local IP address and run both Nomad and Consul in the background redirecting the logs to your home folder.\n\n## Using Vagrant for Local Development\nVagrant is a tool for provisioning dev environments. The `Vagrantfile` governs the Vagrant configuration:\n1) Install Vagrant via [download links](https://www.vagrantup.com/downloads.html) or package manager\n2) Install VirtualBox via [download links](https://www.virtualbox.org/wiki/Downloads) or preferred hypervisor of your choice (vagrant plugins may be required). VMWare Fusion is supported.\n3) `vagrant up` (default VirtualBox) or `vagrant up --provider vmware_fusion`\n\nThe provisioners install Docker, Nomad, Consul, and Vault (via Saltstack) then launch OpenFaaS components with Nomad. If successful, the following services will be available over the private network (192.168.50.2):\n- Nomad (v0.8.4) 192.168.50.2:4646\n- Consul (v1.2.0) 192.168.50.2:8500\n- Vault (v0.9.6) 192.168.50.2:8200\n- FaaS Gateway (0.9.14) 192.168.50.2:8080\n\nThis setup is intended to streamline local development of the faas-nomad provider with a more complete setup of the hashicorp ecosystem. Therefore, it is assumed that the faas-nomad source code is located on your workstation, and or is configured to listen on 0.0.0.0:8080 when debugging/running the Go process.\n\n## Starting a remote Nomad / Consul environment\nIf you would like to test OpenFaaS running on a cluster in AWS, a Terraform module and instructions can be found here:\n[faas-nomad/terraform at master · hashicorp/faas-nomad · GitHub](https://github.com/hashicorp/faas-nomad/tree/master/provisioning/terraform)\n\nRegardless of which method you use interacting with OpenFaaS is the same.\n\n## Running the OpenFaaS application\nFirst, we need to start the OpenFaaS application, to do this there are two job files located in the folder `nomad_job_files` which set things up using sensible defaults.\nTo run the main application execute the following command:\n\n```bash\n$ nomad run ./nomad_job_files/faas.hcl\n\n==\u003e Monitoring evaluation \"a3e54faa\"\n    Evaluation triggered by job \"faas-nomadd\"\n    Allocation \"28f60a54\" created: node \"867c6baa\", group \"faas-nomadd\"\n    Allocation \"7223b65d\" created: node \"d196a533\", group \"faas-nomadd\"\n    Allocation \"a4dbae6c\" created: node \"123e18c0\", group \"faas-nomadd\"\n    Evaluation status changed: \"pending\" -\u003e \"complete\"\n==\u003e Evaluation \"a3e54faa\" finished with status \"complete\"\n```\n\nThis job will start an instance of the OpenFaaS gateway and the Nomad provider on every node in the cluster.\n\nWe can then launch the monitoring job to start Prometheus and Grafana:\n\n```bash\n$ nomad run ./nomad_job_files/monitoring.hcl\n\n==\u003e Monitoring evaluation \"7d9c46df\"\n    Evaluation triggered by job \"faas-monitoring\"\n    Allocation \"e20ace08\" created: node \"123e18c0\", group \"faas-monitoring\"\n    Evaluation status changed: \"pending\" -\u003e \"complete\"\n==\u003e Evaluation \"7d9c46df\" finished with status \"complete\"\n```\n\nThis job starts a single instance of Prometheus and Grafana on the Nomad cluster.\n\n## Setting up Grafana to view application metrics\nIf you are not using the provided Terraform module, you will need to locate the node which Grafana is running on, assuming you have not changed the job file the port will be `3000`.\nTo log into Grafana use the default username and password `admin.`\n\n![](images/grafana_login.png)\n\nOnce you have successfully logged in, the next step is to create a data source for the Prometheus server.\n\n![](images/grafana_add_datasource.png)\n\nConfigure the options as shown ensuring that the URL points to the location of your Prometheus server.  The next step is to add a dashboard to view the data from the OpenFaaS gateway and provider.  A simple dash can be found at  `grafana\\faas-dashboard.json`, let's add this to Grafana.  Clicking the `Import` button from the `Dashboards` menu will pop up a box like the one below.  Choose the file for the example dashboard and press import.\n\n![](images/grafana_dashboard.png)\n\nAssuming all went well, you should now see the dashboard in Grafana:\n\n![](images/grafana_dashboard_details.png)\n\n## Creating and deploying a function\nTo create functions, we can install the `faas-cli` tool, to get the CLI tool you can run the following command:\n\n```bash\n$ curl -sL https://cli.openfaas.com | sudo sh\n```\n\nAlternately if you are using a Mac, the cli is also available via `brew install faas-cli`\n\n### Creating a new function\nChanging to a new folder we can create a new function by running the following command in the CLI:\n\n```bash\n$ faas-cli new gofunction -lang go\n#...\n2017/11/17 11:35:49 Cleaning up zip file...\n\nFolder: gofunction created.\n  ___                   _____           ____\n / _ \\ _ __   ___ _ __ |  ___|_ _  __ _/ ___|\n| | | | '_ \\ / _ \\ '_ \\| |_ / _` |/ _` \\___ \\\n| |_| | |_) |  __/ | | |  _| (_| | (_| |___) |\n \\___/| .__/ \\___|_| |_|_|  \\__,_|\\__,_|____/\n      |_|\n\n\nFunction created in folder: gofunction\nStack file written: gofunction.yml\n``` \n\nThe command will create two folders and one file in the current directory:\n\n```bash\n$ tree -L 1  \n.\n├── gofunction\n├── gofunction.yml\n└── template\n\n2 directories, 1 file\n```\n\nThe `gofunction` folder is where the source code for your application will live by default there is the main entry point called `handler.go`:\n\n```go\npackage function\n\nimport (\n    \"fmt\"\n)\n\n// Handle a serverless request\nfunc Handle(req []byte) string {\n    return fmt.Sprintf(\"Hello, Go. You said: %s\", string(req))\n}\n```\n\nThe Handle method receives the payload sent by calling the function as a slice of bytes and expects any output to be returned as a string.  For now, let's keep this function the same and run through the steps for building the function.  The first thing we need to do is to edit the `gofunction.yml.` file and change the image name so that we can push this to a Docker repo that our Nomad cluster will be able to pull.  Also, change the gateway address to the location of your OpenFaaS gateway.  Changing the gateway in this file saves us providing the location as an alternate parameter.\n\n```yaml\nprovider:\n  name: faas\n  gateway: http://localhost:8080\n\nfunctions:\n  gofunction:\n    lang: go\n    handler: ./gofunction\n    image: nicholasjackson/gofunction\n```\n\n### Building our new function\nNext step is to build the function; we can do this with the `faas-cli build` command:\n\n```bash\n$ faas-cli build -yaml gofunction.yml \n#...\nStep 16/17 : ENV fprocess \"./handler\"\n ---\u003e Using cache\n ---\u003e 5e39e4e30c60\nStep 17/17 : CMD ./fwatchdog\n ---\u003e Using cache\n ---\u003e 2ae72de493b7\nSuccessfully built 2ae72de493b7\nSuccessfully tagged nicholasjackson/gofunction:latest\nImage: gofunction built.\n[0] \u003c Builder done.\n```\n\nThe `build` command execute the Docker build command with the correct Dockerfile for your language.  All code is compiled inside of the container as a multi-stage build before being packaged into an Image.\n\n### Pushing the function to the Docker repository\nWe can either use the `faas-cli push` command to push this to a Docker repo, or we can manually push.\n\n```bash\n$ faas-cli push -yaml gofunction.yml \n[0] \u003e Pushing: gofunction.\nThe push refers to a repository [docker.io/nicholasjackson/gofunction]\ncc9df684d32a: Pushed \n4e12ae9c1d69: Pushed \ncdcffb5144dd: Pushed \n10d64a26ddb0: Pushed \ndbbae7ea208f: Pushed \n2aebd096e0e2: Pushed \nlatest: digest: sha256:57c0143772a1e6f585de019022203b8a9108c2df02ff54d610b7252ec4681886 size: 1574\n[0] \u003c Pushing done.\n```\n\n### Deploying the function\nTo deploy the function we can again use the `faas-cli` tool to deploy the function to our Nomad cluster:\n\n```bash\n$ faas-cli deploy -yaml gofunction.yml\nDeploying: gofunction.\nRemoving old function.\nDeployed.\nURL: http://192.168.1.113:8080/function/gofunction\n\n200 OK\n```\n\nIf you run the `nomad status` command, you will now see the additional job running on your Nomad cluster.\n\n```bash\n$ nomad status\nID                   Type     Priority  Status   Submit Date\nOpenFaaS-gofunction  service  1         running  11/17/17 11:52:59 GMT\nfaas-monitoring      service  50        running  11/15/17 14:43:11 GMT\nfaas-nomadd          system   50        running  11/15/17 11:00:31 GMT\n```\n\n### Running the function\nTo run the function, we can simply curl the OpenFaaS gateway and pass our payload as a string:\n```bash\n$ curl http://192.168.1.113:8080/function/gofunction -d 'Nic'\nHello, Go. You said: Nic\n```\n\nor you can use the cli\n\n```bash\n$ echo \"Nic\" | faas-cli --gateway http://192.168.1.113:8080/ invoke gofunction\n```\n\nThat is all there is to it, checkout the OpenFaaS community page for some inspiration and other demos.\n[faas/community.md at master · openfaas/faas · GitHub](https://github.com/openfaas/faas/blob/master/community.md)\n\n### Datacenters and Limits\nBy default, the Nomad provider will use the datacenter of the Nomad agent or `dc1`. This can be overridden by setting one or more constraints `datacenter == value`.  Limits for CPU and memory can also be set `memory` is an integer representing Megabytes, `cpu` is an integer representing MHz of CPU where 1024 equals one core.\n\ni.e.\n```bash\n$ faas-cli deploy --constraint 'datacenter == dc1' --constraint 'datacenter == dc2'\n```\n\nor from a stack file...\n```yaml\nfunctions:\n  facedetect:\n    lang: go-opencv\n    handler: ./facedetect\n    image: nicholasjackson/func_facedetect\n    limits:\n      memory: 512\n      cpu: 1000\n    constraints:\n      \"datacenter == test1\"\n```\n\n### Nomad Job Constraints\nAdditionally to the `datacenter` constraint [Nomad job constraints](https://www.nomadproject.io/docs/job-specification/constraint.html) are supported.\n\ni.e.\n```bash\n$ faas-cli deploy --constraint '${attr.cpu.arch} = arm'\n```\n\nFor compatibility and convenience the interpolation notation (`${}`) can be left out and `==` instead of `=` is supported.\n\nAll provided constraints are applied to the job (not the group or the task).\nLeaving out the a field (.e.g. `${meta.foo} is_set`) or using more than one operator (e.g. `${meta.foo} is_set = bar`) is currently __not supported__.\n\n### Annotations\nMetadata can be added to the Nomad job definition through the use of the OpenFaaS annotation config.  The below example would add the key `git` to the `Meta` section of nomad job definition which can be accessed through the API.\n\n```yaml\nfunctions:\n  facedetect:\n    lang: go-opencv\n    handler: ./facedetect\n    image: nicholasjackson/func_facedetect\n    annotations:\n      git: https://github.com/alexellis/super-pancake-fn.git\n```\n\n### Secrets API\nIt is possible to integrate Vault secrets [https://docs.openfaas.com/reference/secrets/](https://docs.openfaas.com/reference/secrets/) with the Nomad provider. Follow these steps to have OpenFaaS integrate with Nomad + Vault:\n\n1) First, we need to enable the approle auth backend in Vault:\n\n   ```vault auth enable approle```\n\n2) We also need to create a policy for faas-nomad and OpenFaaS functions:\n\n   ```vault policy write openfaas policy.hcl```\n\n   Policy file example: https://raw.githubusercontent.com/hashicorp/faas-nomad/master/provisioning/scripts/policy.hcl\n\n   It is important that the policy contain: create, update, delete and list capabilities that match your secret backend prefix. In this case, path `secret/openfaas/*` will work with the default configuration.\n\n   Also, faas-nomad takes care of renewing it's own auth token, so we need to make sure the policy uses path \"auth/token/renew-self\" and has the \"update\" capability.\n\n\n3) Finally, let's setup the approle itself:\n    ```bash\n    curl -i \\\n      --header \"X-Vault-Token: ${VAULT_TOKEN}\" \\\n      --request POST \\\n      --data '{\"policies\": [\"openfaas\"], \"period\": \"24h\"}' \\\n      https://${VAULT_HOST}/v1/auth/approle/role/openfaas\n    ```\n\n    This creates the role attached to the policy we just created. The \"period\" property and duration is important for renewing long-running service Vault tokens.\n\n    ```bash\n    curl -i \\\n      --header \"X-Vault-Token: ${VAULT_TOKEN}\" \\\n      https://${VAULT_HOST}/v1/auth/approle/role/openfaas/role-id\n    ```\n\n    Produces the role_id needed for -vault_app_role_id cli argument.\n\n    ```bash\n    curl -i \\\n      --header \"X-Vault-Token: ${VAULT_TOKEN}\" \\\n      --request POST \\\n      https://VAULT_HOST}/v1/auth/approle/role/openfaas/secret-id\n    ```\n\n    Produces the secret_id needed for -vault_app_secret_id cli argument.\n\nLet's assume the Vault parameters have been populated, and you're now running faas-nomad along with the other OpenFaaS components. Now, try out the new faas-cli secret commands:\n\n```bash\nfaas-cli secret create grafana_api_token --from-literal=foo --gateway ${FAAS_GATEWAY}\n```\n\nNow we can use our newly created secret \"grafana_api_token\" in a new function we want to deploy:\n\n```bash\nfaas-cli deploy --image acornies/grafana-annotate --secret grafana_api_token --env grafana_url=http://grafana.service.consul:3000\n```\n\n### Async functions\nOpenFaaS has the capability to immediately return when you call a function and add the work to a nats streaming queue.  To enable this feature in addition to the OpenFaaS gateway and Nomad provider you must run a nats streaming server.  \nTo run the server please use the `nats.hcl` job file.\n\n```bash\n$ nomad run ./nomad_job_files/nats.hcl\n```\n\nYou can then invoke a function using the `async-function` API, the call will be immediately retuned and OpenFaaS will queue your work for later execution.\n\n```\ncurl -d '{...}' http://gateway:8080/async-function/{function_name}\n```\n\n### Configuration and Function timeouts\nBy Default a function is allowed to run for 30s before it is terminated, should you require longer running functions timeout is configurable by setting the flag `-function_timeout` on the Nomad provider e.g:\n\n```hcl\n args = [\n   \"-nomad_region\", \"${NOMAD_REGION}\",\n   \"-nomad_addr\", \"${NOMAD_IP_http}:4646\",\n   \"-consul_addr\", \"${NOMAD_IP_http}:8500\",\n   \"-statsd_addr\", \"${NOMAD_ADDR_statsd_statsd}\",\n   \"-node_addr\", \"${NOMAD_IP_http}\",\n   \"-logger_format\", \"json\",\n   \"-logger_output\", \"/logs/nomadd.log\"\n   \"-function_timeout\", \"5m\"\n]\n```\n\nThis would set the timeout to 5m for a function.\n\n### Contributing\nThe application including docker containers is built using goreleaser [https://goreleaser.com](https://goreleaser.com).  \n\n#### Setup\n* Clone this repo: `go get github.com/hashicorp/faas-nomad`\n* Create a fork in your own github account\n* Add a new git remote to $GOPATH/src/hashicorp/faas-nomad with your fork `git remote add fork git@github.com:/yourname/faas-nomad.git`\n\n#### Building the application\n`make build_all` this runs the command `goreleaser -snapshot -rm-dist -skip-validate`\n\n#### Testing the application\n`make test` runs all unit tests in the application, for continuous test running try [http://goconvey.co](http://goconvey.co)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhashicorp%2Ffaas-nomad","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhashicorp%2Ffaas-nomad","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhashicorp%2Ffaas-nomad/lists"}