Commit graph

17762 commits

Author SHA1 Message Date
Jasmine Dahilig a7d1c44883
Merge pull request #7575 from hashicorp/b-fix-deps
Use latest go-bindata and go-bindata-assetfs
2020-03-31 17:42:06 -07:00
Mahmood Ali 5378b557e9 Use latest go-bindata and go-bindata-assetfs
These dep tools aren't tagged properly so shouldn't be installed with go
mod
2020-03-31 20:28:25 -04:00
Seth Hoenig 1e49ada3e0
Merge pull request #7573 from hashicorp/f-connect-expose-checks-percheck
merge changes for expose checks percheck
2020-03-31 17:52:33 -06:00
Mahmood Ali 33e34f06df
batch updates of changelog items (#7570)
* batch updates of changelog items

[ci skip]

* Update CHANGELOG.md

Co-Authored-By: Jasmine Dahilig <jasmine@dahilig.com>

* add PR to changelog

* update ui changelog message

* docs: note connect expose paths configuration in changelog

Co-authored-by: Michael Schurter <mschurter@hashicorp.com>
Co-authored-by: Jasmine Dahilig <jasmine@dahilig.com>
Co-authored-by: Seth Hoenig <shoenig@hashicorp.com>
2020-03-31 16:28:11 -07:00
Seth Hoenig 2d73d92510
Merge pull request #7323 from hashicorp/f-connect-expose-checks
connect: enable proxy.expose configuration
2020-03-31 17:20:23 -06:00
Seth Hoenig 9880e798bf docs: note why check.Expose is not part of chech.Hash 2020-03-31 17:15:50 -06:00
Seth Hoenig 14c7cebdea connect: enable automatic expose paths for individual group service checks
Part of #6120

Building on the support for enabling connect proxy paths in #7323, this change
adds the ability to configure the 'service.check.expose' flag on group-level
service check definitions for services that are connect-enabled. This is a slight
deviation from the "magic" that Consul provides. With Consul, the 'expose' flag
exists on the connect.proxy stanza, which will then auto-generate expose paths
for every HTTP and gRPC service check associated with that connect-enabled
service.

A first attempt at providing similar magic for Nomad's Consul Connect integration
followed that pattern exactly, as seen in #7396. However, on reviewing the PR
we realized having the `expose` flag on the proxy stanza inseperably ties together
the automatic path generation with every HTTP/gRPC defined on the service. This
makes sense in Consul's context, because a service definition is reasonably
associated with a single "task". With Nomad's group level service definitions
however, there is a reasonable expectation that a service definition is more
abstractly representative of multiple services within the task group. In this
case, one would want to define checks of that service which concretely make HTTP
or gRPC requests to different underlying tasks. Such a model is not possible
with the course `proxy.expose` flag.

Instead, we now have the flag made available within the check definitions themselves.
By making the expose feature resolute to each check, it is possible to have
some HTTP/gRPC checks which make use of the envoy exposed paths, as well as
some HTTP/gRPC checks which make use of some orthongonal port-mapping to do
checks on some other task (or even some other bound port of the same task)
within the task group.

Given this example,

group "server-group" {
  network {
    mode = "bridge"
    port "forchecks" {
      to = -1
    }
  }

  service {
    name = "myserver"
    port = 2000

    connect {
      sidecar_service {
      }
    }

    check {
      name     = "mycheck-myserver"
      type     = "http"
      port     = "forchecks"
      interval = "3s"
      timeout  = "2s"
      method   = "GET"
      path     = "/classic/responder/health"
      expose   = true
    }
  }
}

Nomad will automatically inject (via job endpoint mutator) the
extrapolated expose path configuration, i.e.

expose {
  path {
    path            = "/classic/responder/health"
    protocol        = "http"
    local_path_port = 2000
    listener_port   = "forchecks"
  }
}

Documentation is coming in #7440 (needs updating, doing next)

Modifications to the `countdash` examples in https://github.com/hashicorp/demo-consul-101/pull/6
which will make the examples in the documentation actually runnable.

Will add some e2e tests based on the above when it becomes available.
2020-03-31 17:15:50 -06:00
Seth Hoenig 41244c5857 jobspec: parse multi expose.path instead of explicit slice 2020-03-31 17:15:27 -06:00
Seth Hoenig 0266f056b8 connect: enable proxy.passthrough configuration
Enable configuration of HTTP and gRPC endpoints which should be exposed by
the Connect sidecar proxy. This changeset is the first "non-magical" pass
that lays the groundwork for enabling Consul service checks for tasks
running in a network namespace because they are Connect-enabled. The changes
here provide for full configuration of the

  connect {
    sidecar_service {
      proxy {
        expose {
          paths = [{
		path = <exposed endpoint>
                protocol = <http or grpc>
                local_path_port = <local endpoint port>
                listener_port = <inbound mesh port>
	  }, ... ]
       }
    }
  }

stanza. Everything from `expose` and below is new, and partially implements
the precedent set by Consul:
  https://www.consul.io/docs/connect/registration/service-registration.html#expose-paths-configuration-reference

Combined with a task-group level network port-mapping in the form:

  port "exposeExample" { to = -1 }

it is now possible to "punch a hole" through the network namespace
to a specific HTTP or gRPC path, with the anticipated use case of creating
Consul checks on Connect enabled services.

A future PR may introduce more automagic behavior, where we can do things like

1) auto-fill the 'expose.path.local_path_port' with the default value of the
   'service.port' value for task-group level connect-enabled services.

2) automatically generate a port-mapping

3) enable an 'expose.checks' flag which automatically creates exposed endpoints
   for every compatible consul service check (http/grpc checks on connect
   enabled services).
2020-03-31 17:15:27 -06:00
Seth Hoenig 1ce4eb17fa client: use consistent name for struct receiver parameter
This helps reduce the number of squiggly lines in Goland.
2020-03-31 17:15:27 -06:00
Zack Smith 89c2c322fb
Merge pull request #7569 from acidprime/fix/syntax/codeblock
[docs] Fix syntax error in docs
2020-03-31 15:07:41 -07:00
Zack Smith c1f67395aa Fix syntax error in docs
Prior to this commit, the HCL syntax was invalid. This commit adds a `,`
to make the example pass syntax checks.
2020-03-31 14:32:23 -07:00
Lang Martin e03c328792
csi: use node MaxVolumes during scheduling (#7565)
* nomad/state/state_store: CSIVolumesByNodeID ignores namespace

* scheduler/scheduler: add CSIVolumesByNodeID to the state interface

* scheduler/feasible: check node MaxVolumes

* nomad/csi_endpoint: no namespace inn CSIVolumesByNodeID anymore

* nomad/state/state_store: avoid DenormalizeAllocationSlice

* nomad/state/iterator: clean up SliceIterator Next

* scheduler/feasible_test: block with MaxVolumes

* nomad/state/state_store_test: fix args to CSIVolumesByNodeID
2020-03-31 17:16:47 -04:00
Lang Martin 8d4f39fba1
csi: add node events to report progress mounting and unmounting volumes (#7547)
* nomad/structs/structs: new NodeEventSubsystemCSI

* client/client: pass triggerNodeEvent in the CSIConfig

* client/pluginmanager/csimanager/instance: add eventer to instanceManager

* client/pluginmanager/csimanager/manager: pass triggerNodeEvent

* client/pluginmanager/csimanager/volume: node event on [un]mount

* nomad/structs/structs: use storage, not CSI

* client/pluginmanager/csimanager/volume: use storage, not CSI

* client/pluginmanager/csimanager/volume_test: eventer

* client/pluginmanager/csimanager/volume: event on error

* client/pluginmanager/csimanager/volume_test: check event on error

* command/node_status: remove an extra space in event detail format

* client/pluginmanager/csimanager/volume: use snake_case for details

* client/pluginmanager/csimanager/volume_test: snake_case details
2020-03-31 17:13:52 -04:00
Buck Doyle d70c3fbb3e
UI: Add exec loading template (#7566)
This closes #7460. Before this, there was an incongruous flash
of the non-exec UI during loading.
2020-03-31 13:59:43 -05:00
Buck Doyle 61164b856e
UI: Change exec button to not show on dead jobs (#7548)
I still want to add acceptance tests for the existence
of these buttons but this change makes the exec button
for jobs behave similarly to the others.
2020-03-31 13:11:26 -05:00
Charlie Voiselle 0275177d5f
Shortening Learn CTA sentence. 2020-03-31 13:24:27 -04:00
Mahmood Ali db4c263180
Merge pull request #7554 from benbuzbee/benbuz/fix-seccomp-file
Parse security_opts before sending them to docker daemon
2020-03-31 11:54:17 -04:00
Ben Buzbee 4f6ea87ec4 Parse security_opts before sending them to docker daemon
Fixes #6720

Copy the parsing function from the docker CLI. Docker daemon expects to see JSON for seccomp file not a path.
2020-03-31 08:34:41 -07:00
Charlie Voiselle 6600a59a75 Adding link to learn track 2020-03-31 10:34:28 -04:00
Mahmood Ali 14a461d6c4
Merge pull request #7560 from hashicorp/vendor-go-msgpack-v1.1.5
vendor: explicit use of hashicorp/go-msgpack
2020-03-31 10:09:05 -04:00
Tim Gross 4a834ea0fa
client: use NewNodeEvent builder for consistency (#7559) 2020-03-31 10:02:16 -04:00
Mahmood Ali 64dd10ac92 vendor: use tagged hashicorp/go-msgpack
This is to ease go mod migration
2020-03-31 09:51:17 -04:00
Yoan Blanc 225c9c1215 fixup! vendor: explicit use of hashicorp/go-msgpack
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2020-03-31 09:48:07 -04:00
Yoan Blanc 761d014071 vendor: explicit use of hashicorp/go-msgpack
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2020-03-31 09:45:21 -04:00
Mahmood Ali 7225055e80
Merge pull request #7550 from hashicorp/vendor-fsouza-go-docker-client-20200330
Vendor fsouza/go-docker-client update
2020-03-31 08:46:30 -04:00
Mahmood Ali 4edb245d3e
Merge pull request #7555 from hashicorp/dev-bootstrap-with-gomod
dev: use go mod to install dev dependencies
2020-03-31 07:07:18 -04:00
James Rasell 5dd4130a47
plugin: ensure plugin loader maps correct API version to type.
The plugin loader supplies a version map to ensure the Nomad agent
can support the plugins at the version they specify. The map was
incorrectly mapping the driver type to the device API supported
version identifier. This currently does not cause a bug as both
device and driver versions are the same string. This could cause
problems in the future, however, if either plugin interface were
to change and require version updates.
2020-03-31 12:31:56 +02:00
Mahmood Ali 68462d3553 dev: use go mod to install dev dependencies
This allows using https download and go mod cache proxies, over using
git and downloading entire dependencies git history, hopefully,
resulting into a faster installation process.
2020-03-30 21:32:45 -04:00
Michael Lange f1a921dba4
Merge pull request #7344 from hashicorp/f/volumes-facet
UI: Facet for host volumes
2020-03-30 17:50:49 -07:00
Michael Schurter 464dae514c test: assert HostVolumes included in ListNodes 2020-03-30 17:34:44 -07:00
Michael Lange 6eaf79f928 Tests for the new volumes facet 2020-03-30 17:33:46 -07:00
Michael Lange b8ce8c436f Account for an empty string node class 2020-03-30 17:33:45 -07:00
Michael Lange 01341530e7 Add a volume facet to the clients list page 2020-03-30 17:33:44 -07:00
Michael Lange 4707a625d6 Add HostVolumes to the NodeListStub 2020-03-30 17:33:43 -07:00
Seth Hoenig c46ba72c82
Merge pull request #7553 from hashicorp/docs-changelog-for-7540
docs: mention #7540 in changelog
2020-03-30 17:43:20 -06:00
Michael Lange 4209047092
Merge pull request #7551 from hashicorp/f-ui/use-new-text-encoder-for-stream-frames
UI: Use new text encoder for stream frames
2020-03-30 15:23:56 -07:00
Seth Hoenig fe5edc11f6 docs: mention #7540 in changelog 2020-03-30 15:37:28 -06:00
Seth Hoenig 47339dff4a
Merge pull request #7401 from hashicorp/docs-changelog-for-6459
docs: mention #6459 in the changelog
2020-03-30 15:16:07 -06:00
Seth Hoenig 53397cfa07 docs: mention #6459 in the changelog 2020-03-30 15:15:40 -06:00
Mahmood Ali 452a057a8c driver/docker: fix memory swapping
MemorySwappiness can only be set in non-Windows options: https://ci.appveyor.com/project/hashicorp/nomad/builds/31832149

Also fixes https://github.com/hashicorp/nomad/issues/6085
2020-03-30 16:51:16 -04:00
Tim Gross 14b4712f01
csi: annotate remaining missing cancellation contexts (#7552) 2020-03-30 16:46:43 -04:00
Mahmood Ali 4b6aee24bd
Merge pull request #7508 from greut/docker-drain-timer
docker: drain fingerprint timer
2020-03-30 16:37:53 -04:00
Mahmood Ali a6edc29b0a Fix docker/docker compile issue
Use docker master branch for specific branches, so we can pick up the
fix in https://github.com/moby/moby/pull/40021 .
2020-03-30 16:27:05 -04:00
Tim Gross 6ffd36c4e5
csi: add grpc retries to client controller RPCs (#7549)
The CSI Specification defines various gRPC Errors and how they may be retried. After auditing all our CSI RPC calls in #6863, this changeset:

* adds retries and backoffs to the where they were needed but not implemented
* annotates those CSI RPCs that do not need retries so that we don't wonder whether it's been left off accidentally
* added a timeout and cancellation context to the `Probe` call, which didn't have one.
2020-03-30 16:26:03 -04:00
Yoan Blanc c9f6cf385a
Update drivers/docker/fingerprint.go
Co-Authored-By: Mahmood Ali <mahmood@notnoop.com>
2020-03-30 22:11:42 +02:00
Michael Lange fdd2f8df37 Use new text encoder for stream frames
This pattern was introduced with Exec and fixes the multibyte encoding
issue that the native window.atob has.
2020-03-30 12:50:43 -07:00
Mahmood Ali bbd48deed0 vendor: github.com/containerd/continuity pkgs 2020-03-30 15:30:50 -04:00
Seth Hoenig b3664c628c
Merge pull request #7524 from hashicorp/docs-consul-acl-minimums
consul: annotate Consul interfaces with ACLs
2020-03-30 13:27:27 -06:00
Seth Hoenig 7dbc22539e docs: remove erroneous characters from comment 2020-03-30 13:26:48 -06:00