d8b4372904
Don't link shared alloc dir into task dir for raw_exec
...
Fixes running raw_exec tasks when nomad isn't root.
2017-01-18 11:28:34 -08:00
c90cd0d874
Stop trying to use mount for image based drivers
...
Fixes #2178 and allows using Docker and other image based drivers even
when nomad is run as a non-root user.
`client/allocdir` tests can be run as a non-root user to ensure this
behavior and tests that rely on root or non-root users properly detect
their effective user and skip instead of fail.
2017-01-13 13:04:12 -08:00
86fcf96f72
Put a logger in AllocDir/TaskDir
2017-01-05 16:31:56 -08:00
f43d3f074a
Add comments to TaskDir
2017-01-05 16:31:55 -08:00
3ea09ba16a
Move chroot building into TaskRunner
...
* Refactor AllocDir to have a TaskDir struct per task.
* Drivers expose filesystem isolation preference
* Fix lxc mounting of `secrets/`
2017-01-05 16:31:49 -08:00
072ff1c3ee
ensure file doesn't escape
2016-12-18 15:48:30 -08:00
d9f8e3a75a
Fixed comments
2016-11-08 12:55:15 -08:00
2132fbb68a
Fixed permission issues on client
2016-11-08 10:57:29 -08:00
5559300372
Change folder permission event when not root
2016-10-28 16:52:38 -07:00
1098dc4aa3
Fixed alloc dir move tests
2016-10-26 15:17:57 -07:00
4ae735c8ba
Disallow fs to read secret directory
2016-10-24 11:14:05 -07:00
285e80ac0f
Remove disk usage enforcement
...
Many thanks to @iverberk for the original PR (#1609 ), but we ended up
not wanting to ship this implementation with 0.5.
We'll come back to it after 0.5 and hopefully find a way to leverage
filesystem accounting and quotas, so we can skip the expensive polling.
2016-10-21 13:55:51 -07:00
83f647ed84
Replace "the the" with "the" in documentation and comments
2016-10-11 15:31:40 -04:00
d2837dec44
Do not allow path to escape the alloc dir for the FS commands
2016-10-03 14:58:44 -07:00
d50c395421
Getting snapshot of allocation from remote node ( #1741 )
...
* Added the alloc dir move
* Moving allocdirs when starting allocations
* Added the migrate flag to ephemeral disk
* Stopping migration if the allocation doesn't need migration any more
* Added the GetAllocDir method
* refactored code
* Added a test for alloc runner
* Incorporated review comments
2016-10-03 09:59:57 -07:00
2b1d214b0d
Avoiding copying files if they are already present in chrootw ( #1753 )
2016-09-27 11:43:27 -07:00
12c7873db2
Closing files when files are removed
2016-09-23 22:17:53 -07:00
589356fd55
Adding a snapshot endpoint on the client ( #1730 )
2016-09-21 21:28:12 -07:00
6702a29071
Vault token threaded
2016-09-14 13:30:01 -07:00
eecef73302
syscall error
2016-09-02 15:00:46 -07:00
eef786dd9d
Secret dir materialized in alloc/task directory
2016-09-02 12:44:05 -07:00
2c8dd8bbd3
Revert "Introduce a Secret/ directory"
2016-09-01 17:23:15 -07:00
9fa23e3536
Symlink on windows
2016-08-31 21:41:44 -07:00
5d3b47e648
Address comments and reserve
2016-08-31 18:11:02 -07:00
0626eb9619
environment variables
2016-08-31 13:56:11 -07:00
d59e14eed4
Interface + tests
2016-08-30 21:40:32 -07:00
14b7126511
Secret dir, hello world
2016-08-29 15:41:52 -07:00
aaca0bdaf4
Make maxSize exported so that it is serialized
2016-08-28 17:48:35 -07:00
57012e8d8c
Monitor the complete alloc directory, not just the shared part.
2016-08-25 20:48:19 +02:00
2a17895a83
Disk resource monitoring and enforcement
2016-08-18 07:59:03 +02:00
8323b6a0b5
only use polling
2016-08-11 18:59:48 -07:00
3ea95bb91c
initial log api impl
2016-07-25 11:16:01 -07:00
22af229cef
Merge pull request #1321 from mwieczorek/f-windows-binds
...
Volume binds for windows containers
2016-07-18 10:20:44 -06:00
c8e7b909c7
Merge pull request #1404 from hashicorp/f-streaming
...
Implement a streaming API and tail in the fs command
2016-07-12 17:23:04 -06:00
661d100f2f
address comments
2016-07-12 17:01:33 -06:00
d309649ada
Darwin currently has allocdir support.
...
Pointed out by: @dadgar
2016-07-11 12:19:17 -07:00
e9ffadfdc6
initial comments
2016-07-11 10:58:18 -06:00
2983bd6fce
Fix test for non-Linux platforms.
...
The following tests now check a whitelist for whether or not their
driver is present or not, or if the OS is supported or not.
* `TestAllocDir_MountSharedAlloc`
* `TestClient_Drivers_InWhitelist` (`exec` driver)
* `TestClient_Drivers` (`exec` driver)
* `TestJavaDriver_Fingerprint` (`java` driver)
2016-07-10 15:19:49 -07:00
51ae7ace25
initial tail impl
2016-07-10 13:57:04 -04:00
67a04bb1cc
Volume binds for windows containers
2016-06-20 21:46:33 +02:00
dc28ab0cb5
Speling police
2016-05-15 09:41:34 -07:00
514f22c4a8
Merge pull request #1160 from hashicorp/f-freebsd
...
Stubbed out raw_exec support for *NIX platforms
OOB LGTM: @diptanu
2016-05-11 12:54:27 -07:00
2f15842f3e
Merge pull request #1164 from hashicorp/fix-unmount
...
Removing directories only if we could successfully unmount them
2016-05-11 12:51:34 -07:00
5b12aebd31
Removing directories only if we could successfully unmount them
2016-05-10 14:57:16 -07:00
f2e01f0eab
Stub out FreeBSD support for Nomad
...
Compiles, but is not functional (yet).
2016-05-09 11:56:35 -07:00
09f7d5e595
Prefer `golang.org/x/sys/unix` where appropriate
...
Favor the `unix` package on *NIX platforms vs the now frozen `syscall` package.
2016-05-07 11:01:45 -07:00
1314227863
Explicitly enumaret the build targets in _unix
...
`!windows` was being used as the synonym for `darwin dragonfly freebsd linux netbsd openbsd solaris`. While I don't imagine `android` will be a prime target for Nomad in the near term, favor explicit build targets.
List of build targets generated by Go 1.7's dist command: `go tool dist list | sort | cut -d '/' -f 1 | sort | uniq`
2016-05-07 10:42:01 -07:00
cfd76aaf15
Rename from posix to unix to parallel x/sys/unix
...
Use the `_unix` file suffix to denote *NIX-like semantics in order to parallel the designation given by the package `golang.org/x/sys/unix`.
2016-05-07 10:33:43 -07:00
9288ac5117
Seeking to offset while doing readAt with non-zero offset
2016-04-04 13:05:02 -07:00
2de8ab6b1b
Alloc dir uses MkdirAll
2016-03-28 14:33:53 -07:00
Michael Schurter