Commit graph

1089 commits

Author SHA1 Message Date
Alex Dadgar 712e18707b add debugging 2016-11-29 14:29:37 -08:00
Diptanu Choudhury bff172939b Fixes an issue with purging containers with the same name Nomad is trying to start 2016-11-28 17:37:22 -08:00
Michael Schurter 1f0bfa00aa rkt: Support host and none dns options
Fixes #2025
2016-11-28 13:13:40 -08:00
Michael Schurter 44e4414490 Fix rkt volumes
I forgot to validate the volumes field!
2016-11-28 13:13:40 -08:00
Alex Dadgar 4f2a6eae8b Merge pull request #2029 from gliptak/dockerauth1
Log when lookup in docker.auth.config fails
2016-11-28 12:45:19 -08:00
Alex Dadgar d8048ad75d Merge pull request #2033 from hashicorp/b-docker-container-exists
Make container exist errors non-retriable
2016-11-28 12:38:52 -08:00
Michael Schurter b3ede6a5b7 Use net.JoinHostPort instead of fmt.Sprintf
Using fmt.Sprintf breaks IPv6 addresses.
2016-11-28 10:38:54 -08:00
Alex Dadgar 8a641a8672 Make container exist errors non-retriable
This change makes it so that the task runner does not retry container
exists errors and also a sleep is added on the local retry.
2016-11-25 19:22:58 -08:00
Gábor Lipták 6268112e86 Log when lookup in docker.auth.config fails 2016-11-23 18:43:58 -05:00
Ranjib Dey 0b29ad8787 Fix error message. Pass on template args 2016-11-21 20:12:59 -08:00
Dmitry Galinsky 3ec7ebac9c Add network_aliases for docker driver 2016-11-16 11:16:07 +03:00
Alex Dadgar 3e5bfcdbc4 respond to comment 2016-11-15 16:27:07 -08:00
Alex Dadgar cb187ffce6 Fix TestRktDriver_PortsMapping and TestAgent_LoadKeyrings 2016-11-15 15:49:05 -08:00
Alex Dadgar a11d66f639 Remove todo 2016-11-10 15:20:19 -08:00
Alex Dadgar eea35626b7 Changes the relative path from joining against the alloc dir to the
task's directory.

This PR changes the behavior when given a relative host path when
mounting docker containers. Prior to this, the behavior was to mount by
joining against the alloc/ directory. This PR changes it to be against
the task/ directory.
2016-11-10 14:47:54 -08:00
Alex Dadgar e8d6227b20 Do not validate the command does not contain spaces.
This PR removes validation that the command string does not contain
spaces. This can cause issues where the path contains a folder that
includes a space ("C:\Program Files\Python35\python.exe").

Fixes #1737
2016-11-10 10:22:17 -08:00
Alex Dadgar 20a5b6fa6b Merge pull request #1965 from hashicorp/b-docker-interpolate
Interpolate all docker driver configs that are strings
2016-11-08 15:35:27 -08:00
Alex Dadgar 3b33f49cde Merge pull request #1966 from hashicorp/b-service-interpolate
Interpolate all service/check fields
2016-11-08 15:35:19 -08:00
Alex Dadgar f1689bc7f9 Rkt env var 2016-11-08 15:14:04 -08:00
Alex Dadgar ddf101d7a2 Interpolate all check related variables 2016-11-08 14:43:46 -08:00
Alex Dadgar 691e09f863 remove debug 2016-11-08 14:21:37 -08:00
Alex Dadgar 9f2c0cb0c2 Interpolate everything that is a string 2016-11-08 14:20:51 -08:00
Alex Dadgar 742e11ddb4 Fix env vars relating to secretdir 2016-11-08 12:28:43 -08:00
Alex Dadgar a9e9b61216 Merge pull request #1938 from hashicorp/b-docker-reattach
Fix Docker container creation and task runner updating
2016-11-04 17:14:40 -07:00
Michael Schurter b1a01a9a0f Add userns_mode docker config option
Fixes #1904
2016-11-04 16:53:56 -07:00
Alex Dadgar 0cbd0188b1 Move the wait result to bottom of methods 2016-11-04 14:58:55 -07:00
Alex Dadgar 4741a4b129 Create container much more robust 2016-11-04 14:39:56 -07:00
Alex Dadgar b08f4e0b97 More recoverable errors 2016-11-02 10:36:04 -07:00
Michael Schurter a0340532cb Forgot to flip a bit 2016-11-01 14:35:22 -07:00
Alex Dadgar 478eebb19b Merge pull request #1908 from hashicorp/f-vault-docs
Vault docs
2016-11-01 12:39:14 -07:00
Alex Dadgar 747c3e7e68 Agent 2016-11-01 10:39:15 -07:00
Michael Schurter b84d8212ff Add LXC docs and enable by default for lxc builds 2016-11-01 10:18:16 -07:00
Alex Dadgar 62f1b98954 Add docker test 2016-10-28 17:53:25 -07:00
Alex Dadgar 6618f7a03d Fix passing of recoverable error from docker pull 2016-10-28 17:49:46 -07:00
Diptanu Choudhury f0e2178790 Making the executor lock the logger 2016-10-28 10:57:35 -07:00
Alex Dadgar 5ddf646615 Don't delete docker images in test 2016-10-27 12:31:53 -07:00
Michael Schurter 43a670d442 Merge pull request #1877 from hashicorp/b-expand-docker-vols
Expand env vars in docker volume paths
2016-10-27 11:32:45 -07:00
Michael Schurter b5df74e92e Merge pull request #1862 from hashicorp/f-rkt-portmap
driver.rkt: support network configuration [waiting]
2016-10-27 11:05:55 -07:00
Michael Schurter d3835283ca Expand env vars in docker volume paths
Fixes #1876
2016-10-27 11:02:38 -07:00
Alex Dadgar 150b678a6b Merge pull request #1806 from hashicorp/f-docker4mac-fixes
A couple fixes to make Docker For Mac work
2016-10-27 09:29:40 -07:00
Michael Schurter f430203505 Put lxc support behind a flag
Since lxc support requires linking to a C lib at compile and runtime
I'm putting it behind a build flag to avoid forcing all nomad users to
install liblxc (lxc-dev for development).
2016-10-26 14:55:54 -07:00
Diptanu Choudhury 067fcda3fe Making the cli use TLS if the client has enabled TLS 2016-10-26 11:13:53 -07:00
Michael Schurter 98600b5943 Fix LXC driver interface impls 2016-10-26 10:06:03 -07:00
Alex Dadgar 3c4a27e72b Fix panic 2016-10-25 17:27:13 -07:00
Michael Schurter 21b8030ded Fix tests for rkt port map 2016-10-25 17:06:41 -07:00
Kenjiro Nakayama 18bbfe8325 driver.rkt: add rkt drriver port mapping test 2016-10-25 15:41:49 -07:00
Kenjiro Nakayama 56d91632ca driver.rkt: support port mapping with net and port options 2016-10-25 15:41:49 -07:00
Diptanu Choudhury 9d3cdded9a Merge pull request #1699 from hashicorp/f-lxc-driver
LXC Support
2016-10-25 15:17:44 -07:00
Diptanu Choudhury b5cc153d54 Added lxc related dependencies 2016-10-25 15:17:02 -07:00
Alex Dadgar 8e07c2750e Merge pull request #1839 from hashicorp/f-signal-constraints
Signal creates an auto-constraints
2016-10-25 11:09:33 -07:00
Michael Schurter 4f45aece4b Fingerprint rkt volume support and make periodic
Fix rkt docs and custom volume mounting
2016-10-25 09:46:49 -07:00
Michael Schurter 5d358c7eba Allow mounting alloc-dir-relative paths in docker 2016-10-25 09:46:49 -07:00
Michael Schurter 49ed6da0ad Enable rkt and docker volume mounting by default 2016-10-25 09:46:49 -07:00
Michael Schurter f075bda9b9 Make volume name unique 2016-10-25 09:46:49 -07:00
Michael Schurter 83a11fc93b Bump minimum required rkt version; update docs
Make section names match between docker and rkt
2016-10-25 09:46:49 -07:00
Michael Schurter edf657b58a Fix docker reference in rkt test 2016-10-25 09:46:49 -07:00
Michael Schurter 02ed35bd1c Add arbitrary volume support to rkt 2016-10-25 09:46:49 -07:00
Michael Schurter 473c28824c Fix standard mounts in rkt and tests 2016-10-25 09:46:49 -07:00
Alex Dadgar 03eba049ed Merge pull request #1848 from hashicorp/f-vault-error
Thread through whether DeriveToken error is recoverable or not
2016-10-24 15:01:18 -07:00
Alex Dadgar 5577e53b20 Merge pull request #1845 from hashicorp/f-remove-disk-usage-acct
Remove disk usage enforcement
2016-10-22 19:01:51 -07:00
Alex Dadgar e85a67a49a Fix signal test for docker 2016-10-22 18:32:48 -07:00
Alex Dadgar 0070178741 Thread through whether DeriveToken error is recoverable or not 2016-10-22 18:08:30 -07:00
Michael Schurter d937d3aede Fix comment form 2016-10-21 16:56:33 -07:00
Michael Schurter 285e80ac0f Remove disk usage enforcement
Many thanks to @iverberk for the original PR (#1609), but we ended up
not wanting to ship this implementation with 0.5.

We'll come back to it after 0.5 and hopefully find a way to leverage
filesystem accounting and quotas, so we can skip the expensive polling.
2016-10-21 13:55:51 -07:00
Alex Dadgar 41b5679015 Advertise signalling abilities 2016-10-19 15:06:23 -07:00
Alex Dadgar ae1ea0e5ba Actually mount the local directory 2016-10-18 15:57:12 -07:00
Alex Dadgar 36cfe6e89e Large refactor of task runner and Vault token rehandling 2016-10-18 11:24:20 -07:00
Alex Dadgar 53eeec9bc1 Merge pull request #1801 from hashicorp/f-signals
Consul-template signal change mode
2016-10-18 11:23:47 -07:00
Michael Schurter 34f7cbd10f Disable lxc by default 2016-10-13 13:22:12 -07:00
Michael Schurter 1dbb2b7164 Cleanup comments/whitespace 2016-10-13 13:05:55 -07:00
Michael Schurter 38b2020291 Mount secret dir 2016-10-13 12:45:33 -07:00
Diptanu Choudhury 4e86a5f906 throwing an error if stats line can't be converted to k/v pair 2016-10-12 17:18:58 -07:00
Diptanu Choudhury ea5d9d959a Bind mounting alloc dir into container 2016-10-12 17:18:58 -07:00
Diptanu Choudhury 6312ea3f8f Setting the network type 2016-10-12 17:18:58 -07:00
Diptanu Choudhury ce334e0e04 Adding cpu resource limits 2016-10-12 17:18:58 -07:00
Diptanu Choudhury bb2a580ef1 Implemented an LXC Driver 2016-10-12 17:18:58 -07:00
Evan Phoenix 8864a506aa Disable the syslog logging system on Docker For Mac
The syslog logging system depends on the ability for a unix socket to be
accessed by the docker daemon in the $TMPDIR of the host. This doesn't
work on Docker For Mac because the docker daemon is running inside a VM,
and while /tmp is accessible, the filesystem used to share them doesn't
support unix socket files, and thus it doesn't work.
2016-10-12 17:07:21 -07:00
Alex Dadgar eec1a154ec add plugin kill 2016-10-12 13:24:22 -07:00
Alex Dadgar 86238387e7 Send Executor Ctx separately 2016-10-12 11:35:29 -07:00
Michael Schurter ca5439eca1 Add NOMAD_JOB_NAME to environment 2016-10-11 11:20:42 -07:00
Alex Dadgar bc35eaee21 Task runner sends signals 2016-10-10 15:09:00 -07:00
Alex Dadgar 00a1234c55 Executor + Java/Raw Exec/Exec 2016-10-10 11:47:04 -07:00
Alex Dadgar 5b01b1be1b Rkt 2016-10-10 11:47:04 -07:00
Alex Dadgar 280af8f4d1 Docker + Qemu 2016-10-10 11:47:04 -07:00
Michael Schurter f0d04bd798 Add comment and fix log line code style 2016-10-07 11:58:21 -07:00
Michael Schurter 523dbfcc81 Remove VolumesFrom feature
Since containers are named with alloc ids it's difficult to use safely.
Not to mention task scheduling ordering issues could break it as well.
2016-10-07 11:58:13 -07:00
Michael Schurter f777faba00 Add comments to config key constants 2016-10-03 16:04:33 -07:00
Michael Schurter 0d66b8aef0 Only launch syslog server if container uses syslog 2016-10-03 15:22:10 -07:00
Michael Schurter 44219cc083 Put docker volume support behind conf flag
Also add tests and fix bug with logging driver configuration.
2016-10-03 15:02:50 -07:00
Jan-Hendrik Lendholt a26a501120 Fixed a bug when giving in another logging driver than syslog.
Before this commit, if the Logging config did not contain a logging option "syslog-address", it would definitely insert this option.
If then, you decide to take another logdriver than syslog, docker would fail because it received a wrong log option for the selected driver.
Now, nomad will only insert the syslog address in a hard way if there are no logging options at all - this way it keeps the default nomad settings.
2016-10-03 15:02:50 -07:00
Jan-Hendrik Lendholt 6c7cbe5fcb Added support to mount host folders into container. For example if you don't want to bake certificates into the container, you can mount them into the directory directly.
Furthermore, I added support for volumes-from.

Currently, there is no support to move the data from one container to another, hence: If a container spawns on another host, it is very likely, that the data will not be found.
2016-10-03 15:02:49 -07:00
Jan-Hendrik Lendholt ac5cde4641 Added logging options support for docker driver 2016-10-03 15:02:49 -07:00
Alex Dadgar 320b89d57a Constant time space tracking of pids 2016-09-27 16:57:26 -07:00
Alex Dadgar b28e817b1d Test fix 2016-09-26 15:35:59 -07:00
Alex Dadgar 12de69a66f Struct and parse 2016-09-21 11:31:09 -07:00
Alex Dadgar 50efdb00e9 Merge pull request #1713 from hashicorp/f-alloc-runner-vault
Vault integration in client
2016-09-20 16:15:55 -07:00
Alex Dadgar 0fefaef008 Alloc runner tests 2016-09-15 17:24:09 -07:00
Alex Dadgar 6702a29071 Vault token threaded 2016-09-14 13:30:01 -07:00
Diptanu Choudhury 0f77d81f7d Merge pull request #1683 from mwieczorek/enable-syslog-for-windows
Enable syslog for windows
2016-09-04 17:07:25 -07:00
Michal Wieczorek 94071fc294 Enable syslog server and universal collector for windows 2016-09-05 00:26:36 +02:00
Alex Dadgar eef786dd9d Secret dir materialized in alloc/task directory 2016-09-02 12:44:05 -07:00
Alex Dadgar 2c8dd8bbd3 Revert "Introduce a Secret/ directory" 2016-09-01 17:23:15 -07:00
Alex Dadgar 1ed454dd60 Merge pull request #1671 from hashicorp/f-secret-dir2
Introduce a Secret/ directory
2016-09-01 09:56:17 -07:00
Alex Dadgar 5d3b47e648 Address comments and reserve 2016-08-31 18:11:02 -07:00
Alex Dadgar 0626eb9619 environment variables 2016-08-31 13:56:11 -07:00
Alex Dadgar d59e14eed4 Interface + tests 2016-08-30 21:40:32 -07:00
Michael Schurter 32626ac608 Remove unused embedded lock on ExecContext 2016-08-26 11:58:03 -07:00
Diptanu Choudhury e9b27a528c Fixed the raw_exec fingerprint test 2016-08-24 13:38:43 -05:00
Diptanu Choudhury 10e10b2fe1 fixed the qemu fingerprinter test 2016-08-24 12:25:02 -05:00
Diptanu Choudhury 9309247f9d Fixed a java test 2016-08-23 16:51:09 -05:00
Diptanu Choudhury 05fe72e89e fixed the exec fingerprinter test 2016-08-23 16:40:56 -05:00
Diptanu Choudhury 588a4802c1 removing driver_mock 2016-08-23 16:05:03 -05:00
Alex Dadgar 0f3ec9c759 Fix TestDockerDriver_Fingerprint 2016-08-23 10:39:40 -07:00
Alex Dadgar 1da8566322 Merge pull request #1580 from hashicorp/f-disk-usage-monitoring
Monitor and enforce shared allocation directory disk usage
2016-08-23 09:49:53 -07:00
Diptanu Choudhury 1e1eef56a1 Putting the mock driver behind a build flag 2016-08-22 15:02:28 -05:00
Diptanu Choudhury 4ca623bcfe blocking chained allocations until previous allocation hasn't terminated 2016-08-22 11:34:24 -05:00
Kenjiro Nakayama b06c6d9311 driver.docker: tiny: debug messages output task name instead of image name 2016-08-21 19:51:32 +09:00
Ivo Verberk 2a17895a83 Disk resource monitoring and enforcement 2016-08-18 07:59:03 +02:00
Diptanu Choudhury dc0e395982 re-using copyimage 2016-08-17 15:25:03 -07:00
Diptanu Choudhury 0d7cd53c63 Fixed docker tests 2016-08-17 15:25:03 -07:00
Diptanu Choudhury ab7f8847c1 changing error statement 2016-08-17 13:48:31 -07:00
Diptanu Choudhury 2968ce9399 Fixed the docker script check 2016-08-17 13:23:48 -07:00
Alex Dadgar 3b9188fcf0 Merge pull request #1598 from nak3/rkt-fix5
driver.rkt: Remove unnecessary job validation
2016-08-16 15:12:45 -07:00
Kenjiro Nakayama c97beb8deb driver.rkt: Remove unnecessary job validation 2016-08-16 23:33:34 +09:00
ramukima 4f18963a97 go fmt performed code when copied from another directory got messed up again ? Ok, ran go fmt again 2016-08-16 09:20:13 -04:00
ramukima 17b902f20f issue-1588 : Allow extra driver config args as a passthrough for qemu executable from a task specification 2016-08-15 23:36:13 -04:00
Alex Dadgar 64b86bed0d Merge pull request #1581 from nak3/fix-rkt2
Set host environment variables to taskEnv of rkt driver
2016-08-15 10:31:10 -07:00
Alex Dadgar a2b603bd82 Merge pull request #1586 from nak3/rkt-fix3
tiny: Catch error returned from SyncServices in rkt driver
2016-08-15 10:29:28 -07:00
Kenjiro Nakayama d0ccdacd08 rkt.driver: Fix wrong MB calculation 2016-08-14 14:27:42 +09:00
Kenjiro Nakayama 906526fbe0 tiny: Catch error returned from SyncServices in rkt driver 2016-08-14 13:11:17 +09:00
Kenjiro Nakayama 0efc0e0231 Set host environment variables to taskEnv of rkt driver 2016-08-14 00:42:53 +09:00
Diptanu Choudhury 8c8d00dd5b Merge pull request #1572 from hashicorp/fix-docker-test
Fixed docker tests
2016-08-12 13:04:33 -07:00
Diptanu Choudhury f3420c65e3 Updated the busybox images 2016-08-12 11:39:58 -07:00
Diptanu Choudhury dd7e69006e Not running tests parallal 2016-08-11 21:53:27 -07:00
Alex Dadgar b34d65f1a5 Update test.sh 2016-08-11 21:35:50 -07:00
Diptanu Choudhury 839ecd1df6 Fixed docker tests 2016-08-11 19:28:41 -07:00
Alex Dadgar b3dca54a1a Wrap file rotator tests in wait for 2016-08-11 19:23:03 -07:00
Diptanu Choudhury b71f687f62 Merge pull request #1413 from hashicorp/b-tests
Fix flaky tests
2016-08-11 18:15:29 -07:00
Diptanu Choudhury 9a75052d2c Merge pull request #1518 from pubnub/feature/chroot-map-rebase
Add config field to specify chroot mapping for exec driver
2016-08-10 17:00:03 -07:00
Kenjiro Nakayama 6ec6c27cb4 Update debug option from string to bool 2016-08-09 16:51:00 +09:00
Kenjiro Nakayama 11a8a7218e Add debug option to rkt task config 2016-08-09 09:01:05 +09:00
Jay Oster 09113ffbc8 Fix Linux executor isolation test
- Properly expects the hard-coded mounts (alloc, dev, and proc) and hardcoded local directories (local and tmp)
- Also verifies that etc contains only the requested paths
2016-08-08 14:04:09 -07:00
Diptanu Choudhury fb178a1f5f Merge pull request #1477 from nak3/add-syslog_server-test
Add Syslog server start shutdown test
2016-08-05 12:01:24 -07:00
Alex Dadgar ddd8adce96 changelog + use driver config 2016-08-05 10:55:20 -07:00
Alex Dadgar f8e4bc73c9 Merge pull request #1493 from nak3/rkt-fix1
Pass command and trust_prefix to the validation of rkt task configuration
2016-08-05 10:52:02 -07:00
Alex Dadgar 096956257d changelog 2016-08-05 10:47:44 -07:00
Kenjiro Nakayama fc1195b7ea Add Syslog server start shutdown test 2016-08-06 02:01:33 +09:00
Michal Wieczorek b688261a99 Set windows containers default network mode to 'nat' 2016-08-05 06:01:26 +02:00
Jay Oster 2ae059b41d Address review comments
- Simplify map length check in Linux Executor
- Added a `chroot_env` test for config parser
- Moved `ChrootEnv` field from ExecutorCommand to ExecutorContext
- Added a test for `chroot_env` functionality
2016-08-04 15:33:06 -07:00
Diptanu Choudhury 531b619ce4 Merge pull request #1475 from mwieczorek/windows-hostIp-portBindings
Empty host ip for windows containers port bindings
2016-08-04 13:30:43 -07:00