Alex Dadgar
6b748fef9e
Remove consul log line
2018-01-04 15:08:12 -08:00
Alex Dadgar
2f561609b7
Fix detection of successful batch allocations
...
This PR restores older behavior of detecting successful batch
allocations (04d86ffd1006fde9dfb2ca8c1237fe60b995b0e3). This has the
side effect that we correctly filter desired status stop but not
successful batch allocations and create their replacements.
2018-01-04 14:20:32 -08:00
Michael Schurter
8496cc8192
Merge pull request #3685 from filipochnik/abs-path
...
Prevent absolute URLs in checks paths
2018-01-04 10:55:36 -08:00
Preetha
1712b03705
Merge branch 'master' into 0.8
2018-01-03 16:06:38 -06:00
Fabian Holler
f99aaa9134
revert change to increase min. CPU resource value from 20 to 100
...
In the commit 622d3ddb92ea7e656ef831641c02024cb5a5d6d1
"Fixed test and moved constants into standalone func" the minimum CPU
resource value for a job was increased from 100 to 20.
This can break the nomad setup for people that used lower CPU
values and are at the maximum MHz value of the available CPU on a
machine.
Change the minimum back to 20 MHz to ensure downwards compatibility.
2018-01-02 16:09:44 +01:00
Filip Ochnik
fc99d3fc2d
Prevent absolute URLs in checks paths
2017-12-21 10:32:12 +01:00
James Rasell
45e8f977f7
Update node-status
verbose command to include node address.
...
This change updates the `nomad node-status -verbose` command to
also include the addreess of the node. This is helpful for cluster
administrators to quickly discover information and access nodes
when required.
2017-12-21 08:58:35 +00:00
Chelsea Holland Komlo
940bc59790
Fixes #3679
...
code review fixups; add changelog
2017-12-20 17:58:07 -05:00
Chelsea Holland Komlo
24c56e3976
search endpoint forwarding
2017-12-20 17:57:28 -05:00
Alex Dadgar
bfc62ae41c
bump version and remove generated structs
2017-12-19 17:10:52 -08:00
Alex Dadgar
f0127afd93
generated files
2017-12-19 16:57:34 -08:00
Michael Schurter
5d65eba2e6
Strip mocked dynamic port for fsm test
2017-12-19 16:41:35 -08:00
Michael Schurter
714eb0b266
Services should not require a port
...
Fixes #3673
2017-12-19 15:50:23 -08:00
Preetha Appan
d788c0464c
Clean up error logging
2017-12-18 17:56:12 -06:00
Alex Dadgar
1791cc3ca5
Handle upgrade path
2017-12-18 15:51:35 -08:00
Kyle Havlovitz
1c07066064
Add autopilot functionality based on Consul's autopilot
2017-12-18 14:29:41 -08:00
Preetha Appan
40cb1d327c
Address some code review comments
2017-12-18 15:22:23 -06:00
Preetha Appan
51bd0b59c7
Return an error if evaluation doesn't exist in state store at plan apply time.
2017-12-18 14:55:36 -06:00
Preetha Appan
3c36abfe14
Update eval modify index as part of plan apply.
2017-12-18 10:03:55 -06:00
Preetha Appan
3b4d7ac2a3
Fix some typos
2017-12-14 13:29:27 -06:00
Kyle Havlovitz
045f346293
Use region instead of datacenter for version checking
2017-12-12 10:17:16 -06:00
Kyle Havlovitz
f088446d48
Add missing exist checks and doc line
2017-12-12 10:17:16 -06:00
Kyle Havlovitz
b775fc7b33
Added support for v2 raft APIs and -raft-protocol option
2017-12-12 10:17:16 -06:00
Alex Dadgar
d61ade8f02
remove generated structs
2017-12-11 17:51:41 -08:00
Alex Dadgar
8e63d545c4
generated assets
2017-12-11 17:30:37 -08:00
Chelsea Holland Komlo
5951222ccb
fix for rpc_upgrade_mode
2017-12-11 19:23:45 -05:00
Alex Dadgar
86608124ca
Fix followers not creating periodic launch
...
Fix an issue in which periodic launches wouldn't be made on followers.
2017-12-11 13:55:17 -08:00
Michael Schurter
2dca0671b7
Lowercase service IDs to prevent eye bleeding
2017-12-08 15:54:04 -08:00
Michael Schurter
45494f7304
Fix port labels on mock Alloc/Job/Node
2017-12-08 14:50:06 -08:00
Michael Schurter
0d8995fb83
Improve validation and testing of service/check ports
2017-12-08 13:52:23 -08:00
Michael Schurter
d613e0aaf5
Move service hash logic to Service.Hash method
2017-12-08 12:03:43 -08:00
Michael Schurter
b71edf846f
Hash fields used in task service IDs
...
Fixes #3620
Previously we concatenated tags into task service IDs. This could break
deregistration of tag names that contained double //s like some Fabio
tags.
This change breaks service ID backward compatibility so on upgrade all
users services and checks will be removed and re-added with new IDs.
This change has the side effect of including all service fields in the
ID's hash, so we no longer have to track PortLabel and AddressMode
changes independently.
2017-12-08 12:03:43 -08:00
Michael Schurter
af8964e896
Improve port label validation and diff testing
2017-12-08 12:03:43 -08:00
Michael Schurter
4b20441eef
Validate port label for host address mode
...
Also skip getting an address for script checks which don't use them.
Fixed a weird invalid reserved port in a TaskRunner test helper as well
as a problem with our mock Alloc/Job. Hopefully the latter doesn't cause
other tests to fail, but we were referencing an invalid PortLabel and
just not catching it before.
2017-12-08 12:03:43 -08:00
Michael Schurter
4ae115dc59
Allow custom ports for services and checks
...
Fixes #3380
Adds address_mode to checks (but no auto) and allows services and checks
to set literal port numbers when using address_mode=driver.
This allows SDNs, overlays, etc to advertise internal and host addresses
as well as do checks against either.
2017-12-08 12:03:00 -08:00
Chelsea Holland Komlo
3f231a0856
add test for kill signal in required signals
...
update changelog
2017-12-07 11:40:15 -05:00
Chelsea Holland Komlo
2f22442370
use assert library
2017-12-06 15:03:02 -05:00
Chelsea Holland Komlo
b08611cfac
move kill_signal to task level, extend to docker
2017-12-06 14:36:39 -05:00
Thomas Bartelmess
9acfa166c0
Changed Superset to only return the resource name
...
The Superset method on Resources used to return a string in the format of “[resource name] exhausted”.
This was leading to the output in plan/create job API DimensionExhausted to return keys like
```
"DimensionExhausted": {"cpu exhausted": 1}
```
This was not anywhere documented, however, one of the examples on the website showed it like this.
The other side effect of this is that the CLI formats the strings from the name of the key leading to output like
```
* Dimension "cpu exhausted" exhausted on 1 nodes
```
2017-11-28 23:16:08 -05:00
Thomas Bartelmess
60e4c777ac
Fixed error messges for MeetsMinResources
2017-11-28 19:44:33 -05:00
Preetha Appan
8e01dc27a3
Use request namespace in Register method
2017-11-20 17:12:13 -06:00
Charlie Voiselle
679e49448e
Changed permission check to requested namespace
...
Original code checked to see if the user had submit-job on the default namespace.
2017-11-20 15:00:24 -05:00
Preetha
785a1a3fcc
Merge pull request #3569 from iconara/patch-2
...
Fix error messages for transitioning jobs to/from periodic
2017-11-20 07:57:36 -06:00
Preetha
ff23499145
Shorter comment for SetEventDisplayMessage
2017-11-18 09:30:50 -06:00
Theo Hultberg
5a6984693f
Fix error messages for transitioning jobs to/from periodic
...
The error messages are flipped; when you transition a job from _not_ being periodic to being periodic you get the message "cannot update periodic job to being non-periodic", and vice versa.
2017-11-18 11:50:52 +01:00
Preetha Appan
3592635ede
Populate DisplayMessage in various http endpoints that return allocations, plus unit tests.
2017-11-17 14:53:26 -06:00
Preetha Appan
1c4375163a
Change error message to use original name for clarity, rather than the name after substituting env vars with placeholder.
2017-11-17 08:44:18 -06:00
Preetha Appan
d3110f21bd
Changes service name validation logic to ignore any environment variables first.
2017-11-15 15:35:43 -06:00
Chelsea Komlo
2dfda33703
Nomad agent reload TLS configuration on SIGHUP ( #3479 )
...
* Allow server TLS configuration to be reloaded via SIGHUP
* dynamic tls reloading for nomad agents
* code cleanup and refactoring
* ensure keyloader is initialized, add comments
* allow downgrading from TLS
* initalize keyloader if necessary
* integration test for tls reload
* fix up test to assert success on reloaded TLS configuration
* failure in loading a new TLS config should remain at current
Reload only the config if agent is already using TLS
* reload agent configuration before specific server/client
lock keyloader before loading/caching a new certificate
* introduce a get-or-set method for keyloader
* fixups from code review
* fix up linting errors
* fixups from code review
* add lock for config updates; improve copy of tls config
* GetCertificate only reloads certificates dynamically for the server
* config updates/copies should be on agent
* improve http integration test
* simplify agent reloading storing a local copy of config
* reuse the same keyloader when reloading
* Test that server and client get reloaded but keep keyloader
* Keyloader exposes GetClientCertificate as well for outgoing connections
* Fix spelling
* correct changelog style
2017-11-14 17:53:23 -08:00
Preetha
0e6484a397
Merge pull request #3536 from angrycub/b-resource-memory-test-fix
...
Fixed test and moved constants into standalone func
2017-11-13 17:00:14 -06:00
Charlie Voiselle
eda764c0ca
Review feedback + re-add dropped import
2017-11-13 12:51:19 -05:00
Charlie Voiselle
4b186861a9
gofmt and goimports nomad/structs/structs.go
2017-11-13 12:32:52 -05:00
Preetha Appan
be5fd87b9a
Fixes bug with display message logic due to deprecating GenericSource. Also added more test cases to cover a bunch more edge cases
2017-11-13 11:14:57 -06:00
Charlie Voiselle
26acd7f025
Fixed test and moved constants into standalone func
...
In #3520 , work was done to true up the defaults for Nomad resource
stanzas with the documentation. This fixes the tests that I
accidentally broke in the process. Some questions were raised about
using dynamic elements as part of expects, which is why I opted to
copy the MinResources pattern. During this refactor I also noticed
that structs.go had a similar issue and an inconsistent minium for CPU.
2017-11-13 12:05:30 -05:00
Preetha
0d0804d6ff
Merge pull request #3496 from hashicorp/b-auto-revert-stable
...
Makes auto reverts robust against infinite revert cycles
2017-11-03 17:28:28 -05:00
Preetha Appan
6468883cd1
Adds comment to handleRollbackValidity method and other small test readability fixes.
2017-11-03 17:05:15 -05:00
Preetha Appan
7526853b4b
Added more unit tests for testing rollback when job has identical spec to AllocHealth and DeploymentStatus endpoints.
2017-11-03 16:07:06 -05:00
Preetha Appan
b9f44c0ae0
Check that job version doesn't change when rollback does not occur due to identical spec
2017-11-03 15:46:37 -05:00
Alex Dadgar
2c587fd67b
Merge pull request #3402 from hashicorp/leader-loop
...
Applies leader loop fixes from Consul.
2017-11-03 13:40:59 -07:00
Preetha Appan
317fbf04b1
Adds SpecChanged check to alloc health and fail deployment end points, and other code review comments.
2017-11-03 15:33:34 -05:00
Preetha Appan
97474a1521
Clarify comment about infinite revert cycles
2017-11-03 14:25:14 -05:00
Preetha Appan
0eaef09675
Remove event GenericSource, and address other code review comments. Also added deprecation info in comments.
2017-11-03 10:10:06 -05:00
Preetha Appan
1a864dd7e8
Revert unintentional change to plan_apply.go during rebase
2017-11-03 09:13:01 -05:00
Preetha Appan
797af051b8
Address some code review comments
2017-11-03 09:13:01 -05:00
Preetha Appan
b86c5a99b1
Unit test for PopulateEventDisplayMessage
2017-11-03 09:13:01 -05:00
Preetha Appan
7672535290
Added explanatory comment
2017-11-03 09:13:01 -05:00
Preetha Appan
5f09c968b3
Move logic for determinic event display message to task_runner, added two new fields DisplayMessage and Details.
2017-11-03 09:13:01 -05:00
Preetha Appan
5b94a1ab45
Add ModifyTime to Allocation and update it both on plan applies and client initiated updates
2017-11-03 09:13:01 -05:00
Preetha Appan
b5e7985461
Remove extra newline
2017-11-03 08:15:11 -05:00
Preetha Appan
abbe4103d1
Update rollback test to add a spec change, and add new test for rollback failed status
2017-11-02 19:53:27 -05:00
Preetha Appan
5505391663
Fixes auto revert to check if the job's spec has changed before reverting. This prevents infinite reverting when reverting to a job version that was previously stable, but not so after attempting a revert.
2017-11-02 19:53:27 -05:00
Preetha
2f67e839c1
Merge pull request #3484 from hashicorp/b-nomad-0.7.1
...
merge nomad 0.7.1 branch
2017-11-01 16:50:37 -05:00
Chelsea Holland Komlo
bf90176278
connection receives only EOF
2017-11-01 15:21:05 -05:00
Chelsea Holland Komlo
e348deecf5
fixups from code review
2017-11-01 15:21:05 -05:00
Chelsea Holland Komlo
afe9f9a714
add rpc_upgrade_mode as config option for tls upgrades
2017-11-01 15:19:52 -05:00
Preetha Appan
f483e81ffe
Fix node end point test that was failing compilation
2017-11-01 15:16:38 -05:00
Diptanu Choudhury
5a0edf646b
Resetting the timer at the beginning of the loop
2017-11-01 13:15:06 -07:00
Diptanu Choudhury
46bc4280b2
Adding support for tagged metrics
2017-11-01 13:15:06 -07:00
Diptanu Choudhury
d4128f0e5a
Setting the default stats collection interval
2017-11-01 13:15:06 -07:00
Diptanu Choudhury
524a1f0712
Publishing metrics for job summary
2017-11-01 13:15:06 -07:00
Preetha Appan
d340c3adb1
Always set modify time on allocations, and other changes addressing review comments
2017-11-01 15:13:48 -05:00
Preetha Appan
39d70be009
Add ModifyTime to Allocation and update it both on plan applies and client initiated updates
2017-11-01 15:13:48 -05:00
Alex Dadgar
51c87ec858
bump version and remove generated
2017-11-01 10:02:25 -07:00
Alex Dadgar
11c24e90a1
generated
2017-11-01 09:42:18 -07:00
Alex Dadgar
51f869040f
remove generated structs
2017-10-31 13:50:16 -07:00
Alex Dadgar
08ffcd6dd1
spelling error
2017-10-31 13:32:31 -07:00
Alex Dadgar
586eeedd3c
Merge pull request #3447 from hashicorp/f-node-purge-api
...
Added the purge API on node endpoints
2017-10-27 10:42:26 -07:00
Alex Dadgar
635f320b18
Merge pull request #3452 from hashicorp/f-system-gc
...
GetClientAllocs handles garbage collection events
2017-10-27 09:50:55 -07:00
Alex Dadgar
7df78be840
Changelog + assert
2017-10-27 09:50:10 -07:00
Alex Dadgar
5d9db4c2df
Bypass status checks for system, periodic, parameterized jobs
2017-10-27 09:34:50 -07:00
Alex Dadgar
51795a6cb4
GetClientAllocs handles garbage collection events
2017-10-26 17:24:54 -07:00
Diptanu Choudhury
2868389c25
Added ACLs to the node de-register endpoint
2017-10-26 14:12:17 -07:00
Diptanu Choudhury
9b18737d15
Added the purge API on node endpoints
2017-10-25 23:51:53 -07:00
Alex Dadgar
593d4ceb45
generated code
2017-10-25 17:34:24 -07:00
Alex Dadgar
99496b2de3
Merge pull request #3431 from hashicorp/b-core-gc
...
Fix garbage collecting nodes/jobs when using ACLs
2017-10-25 16:30:26 -07:00
Alex Dadgar
3327dc8d2d
Merge pull request #3434 from hashicorp/f-flaky
...
Fix flaky tests
2017-10-25 10:49:54 -07:00
Alex Dadgar
f4aa5ea0c7
lax timing
2017-10-24 10:58:06 -07:00
Alex Dadgar
cb0d0ef009
move to consul freeport implementation
2017-10-23 16:51:40 -07:00
Alex Dadgar
10a07c525f
fix flaky vault test
2017-10-23 16:48:20 -07:00
Alex Dadgar
1d6cdfbdc3
lax timing
2017-10-23 16:48:20 -07:00
Alex Dadgar
9f91ce64f6
Fix some flaky tests
2017-10-23 16:48:20 -07:00
Alex Dadgar
dbc014b360
Standardize retrieving a free port into a helper package
2017-10-23 16:48:20 -07:00
Alex Dadgar
ae6be0dac7
spelling mistake
2017-10-23 15:12:45 -07:00
Alex Dadgar
794daefa5e
clear the token
2017-10-23 15:11:13 -07:00
Alex Dadgar
d3e119f4d0
thread leader token through core gc and test
2017-10-23 15:04:00 -07:00
Alex Dadgar
5c34af1ee1
leader acl token
2017-10-23 14:10:14 -07:00
Alex Dadgar
1192385c63
Lax blocking query test timing
2017-10-20 13:07:17 -07:00
Alex Dadgar
e7299676f6
generated
2017-10-19 15:20:39 -07:00
James Phillips
9a5651e83a
Applies leader loop fixes from Consul.
...
There was a deadlock issue we fixed under https://github.com/hashicorp/consul/issues/3230 ,
and then discovered an issue with under https://github.com/hashicorp/consul/issues/3545 . This
PR ports over those fixes, as well as makes the revoke actions only happen if leadership was
established. This brings the Nomad leader loop inline with Consul's.
2017-10-16 22:01:49 -07:00
Chelsea Komlo
1ccc1f79f6
Merge pull request #3393 from hashicorp/b-delete-nonexistent-tokens
...
Return error if tokens cannot be deleted because they do not exist
2017-10-16 18:36:41 -04:00
Alex Dadgar
be053364ba
no namespaces in oss test
2017-10-16 14:21:29 -07:00
Chelsea Holland Komlo
a8becb96c0
review feedback
2017-10-16 17:14:48 -04:00
Chelsea Holland Komlo
2377d97d51
return error if tokens cannot be deleted because they do not exist
2017-10-16 17:14:48 -04:00
Alex Dadgar
c3f06b2134
Merge pull request #3384 from hashicorp/f-self-policies
...
Ability to introspect self token
2017-10-13 17:11:22 -07:00
Alex Dadgar
c559f6652f
Merge pull request #3386 from hashicorp/f-sync
...
sync
2017-10-13 15:32:58 -07:00
Alex Dadgar
c1cc51dbee
sync
2017-10-13 14:36:02 -07:00
Michael Schurter
b63eee17e9
Merge pull request #3383 from hashicorp/b-migrate-token
...
base64 migrate token
2017-10-13 13:46:54 -07:00
Alex Dadgar
5d4f467519
ListPolicies and GetPolicy work w/o management token
2017-10-13 13:12:20 -07:00
Michael Schurter
dfd2967cdb
Merge pull request #3376 from hashicorp/f-node-acls
...
Allow Node.SecretID for Node.GetNode and Allocs.GetAlloc
2017-10-13 11:51:48 -07:00
Michael Schurter
93cea382dd
Remove support for pre-0.5 nodes
...
Nodes before 0.5 did not have a SecretID. Since SecretID is now a
required field and 0.4.x is >2 point releases ago, drop support for it.
2017-10-13 11:28:47 -07:00
Michael Schurter
15b991e039
base64 migrate token
...
HTTP header values must be ASCII.
Also constant time compare tokens and test the generate and compare
helper functions.
2017-10-13 10:59:13 -07:00
Michael Schurter
6a1a509ea5
Fix Request.SecretID -> Request.AuthToken
2017-10-13 09:56:56 -07:00
Michael Schurter
021b4c1ae9
Fix AuthToken use on Node.GetAllocs
2017-10-12 17:12:41 -07:00
Michael Schurter
15b3df0b80
Merge pull request #3374 from hashicorp/f-auth-token
...
SecretID -> AuthToken
2017-10-12 16:57:49 -07:00
Michael Schurter
ab7b6d1315
Allow Node.SecretID for GetNode and GetAlloc
2017-10-12 16:27:33 -07:00
Michael Schurter
a003e3dd43
Add StateStore.NodeBySecretID
2017-10-12 15:27:29 -07:00
Michael Schurter
51bce7b1a3
Add index to Node.SecretID
2017-10-12 15:21:20 -07:00
Michael Schurter
84d8a51be1
SecretID -> AuthToken
2017-10-12 15:16:33 -07:00
Alex Dadgar
e7e18c931c
Fix sorting of job versions
...
Fixes an issue in which the versions were improperly sorted which would
cause pruning of the wrong job version. This essentially meant that job
versions above 255 would be dropped from the job version table (note
this was due to the prefix walk crossing from the 1-byte to 2-byte
threshold).
Fixes https://github.com/hashicorp/nomad/issues/3357
2017-10-12 13:33:55 -07:00
Michael Schurter
e9c17c56d1
Merge pull request #3353 from hashicorp/f-acl-prefix-search
...
Prefix Search ACL enforcement
2017-10-11 20:26:03 -07:00
Alex Dadgar
d34c6e0135
fix test
2017-10-11 18:08:37 -07:00
Michael Schurter
2673481a48
Refactor permissions checks into funcs
...
funcs are in the _oss file to ease creating Enterprise versions which
support Quotas and Namespaces.
2017-10-11 18:05:27 -07:00
Alex Dadgar
53f2ea88a5
Small fixes
...
This commit:
* Fixes the error checking in migration tests now that we are using the
canonical ErrPermissionDenied error
* Guard against NPE when looking up objects to generate the migration
token
* Handle an additional case in ShouldMigrate()
2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo
c67bfc2ee4
fixups from code review
...
change creation of a migrate token to be for a previous allocation
2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo
b018ca4d46
fixing up code review comments
2017-10-11 17:09:20 -07:00
Chelsea Holland Komlo
410adaf726
Add functionality for authenticated volumes
2017-10-11 17:09:20 -07:00
Chelsea Holland Komlo
36ad6bc6bf
add MigrateTokens to server response for allocs
2017-10-11 17:09:20 -07:00
Michael Schurter
be69374ecd
Prefix Search ACL enforcement
2017-10-11 17:00:12 -07:00
Michael Schurter
d82db5ab45
Merge pull request #3351 from hashicorp/f-acl-system
...
System ACL enforcement
2017-10-11 16:32:50 -07:00
Michael Schurter
51fe1d8f73
Merge pull request #3350 from hashicorp/f-acl-status-members
...
Status.Members ACL enforcement
2017-10-11 16:32:25 -07:00
Michael Schurter
8c1a97765e
Merge pull request #3339 from hashicorp/f-acl-force-periodic
...
Force Periodic ACL enforcement
2017-10-11 16:26:29 -07:00
Michael Schurter
0d27053aab
Operator ACL enforcement
2017-10-10 15:18:19 -07:00
Michael Schurter
0cf7a3950b
Force Periodic ACL enforcement
2017-10-10 15:16:41 -07:00
Michael Schurter
4e005d4753
System ACL enforcement
...
Enforce ACL for System.GarbageCollect and System.ReconcileJobSummaries
RPC endpoints.
2017-10-10 10:53:10 -07:00
Michael Schurter
de767ffa04
Status.Members ACL enforcement
...
Was incorrectly checked on the HTTP API before. Moved to RPC endpoint.
2017-10-10 10:36:54 -07:00
Michael Schurter
e50acae1a9
ForceLeave endpoint must use Server.ResolveToken
...
The ForceLeaveRequest endpoint may only be called on servers, but the
code was using a Client to resolve tokens. This would cause a panic when
an agent wasn't both a Server and a Client.
2017-10-09 15:49:04 -07:00
Michael Schurter
492c861419
/v1/client/agent/* ACL enforcement
2017-10-09 12:18:54 -07:00
Michael Schurter
57ff12432b
Move acl helpers from nomad/ into nomad/mock
...
They're useful in command/agent/ tests.
2017-10-06 14:50:06 -07:00
Michael Schurter
4acff9c2bd
Support AnonymousACLToken in GetPolicies
2017-10-06 14:35:14 -07:00
Chelsea Komlo
7c8a5228d4
Merge pull request #3290 from hashicorp/f-acl-job-dispatch
...
Add ACL for dispatch job
2017-10-06 13:33:21 -04:00