I’m just starting to learn about nomad and tried to run a simple test job after a fresh install of the nomad service. The job executes with error, and there is the following message on the log: “ping: socket: Operation not permitted”.

I can ping normally with root or other users, locally and remotely via ssh.

OS: Oracle Linux Server release 8.5
Running everything as root.

Job:

job "testjob" {
  datacenters = ["dc1"]

  type = "batch"

  periodic {
    cron = "*/1 * * * *"
    prohibit_overlap = true
  }

  group "bgt" {
    task "bgt" {
      driver = "exec"

      config {
        command = "/usr/bin/ping"
        args    = ["-c", "4", "www.google.com"]
      }
    }
  }
}

Solved.

Had to mess with “sysctl net.ipv4.ping_group_range” and “setcap /usr/bin/ping”.

Hi @uliss3s , by default the exec and docker drivers drop CAP_NET_RAW (required by ping), since it can be used maliciously. You can add it back per-task via cap_add.