Filip Ochnik
8ee3ce7a26
Add an option to add and drop capabilities in the Docker driver
2018-01-14 19:56:57 +01:00
Alex Dadgar
bec9a72eec
Remove networking from basic resources
2018-01-12 14:33:42 -08:00
Charlie Voiselle
867bb6f7f9
Found more priviledge.
...
priviledge -> privilege
2018-01-12 09:44:53 -05:00
Charlie Voiselle
1bb1ab5069
fix typo
...
Priviledge -> privilege
2018-01-08 15:56:07 -05:00
Michael Schurter
5032bf4f5a
Skip tests that require root when not root
...
Also skip Chown on allocdir migration on Windows and when non-root.
Windows doesn't support it, and it will always fail as a non-root user.
2017-12-12 16:58:27 -08:00
Alex Dadgar
f0b0697b57
Keyify struct
2017-12-11 17:23:14 -08:00
Michael Schurter
c4d4ead199
Fix test broken by mock updates
2017-12-08 16:45:25 -08:00
Michael Schurter
4347026f83
Test Consul from TaskRunner thoroughly
...
Rely less on the mockConsulServiceClient because the real
consul.ServiceClient needs all the testing it can get!
2017-12-08 12:03:00 -08:00
Chelsea Holland Komlo
61fa8ad4ba
code review fixes
2017-12-07 13:46:25 -05:00
Chelsea Holland Komlo
77ab41124b
set default kill signal on executor shutdown
2017-12-07 11:40:15 -05:00
Chelsea Holland Komlo
6cae8fe6e6
extend configurable kill signal to java driver
2017-12-07 11:40:10 -05:00
Chelsea Holland Komlo
350319239c
change location of default kill signal
2017-12-06 17:48:25 -05:00
Chelsea Holland Komlo
7dfb64f941
extract signal helper into utils
2017-12-06 14:36:44 -05:00
Chelsea Holland Komlo
b08611cfac
move kill_signal to task level, extend to docker
2017-12-06 14:36:39 -05:00
Chelsea Holland Komlo
80de7d5ebd
allow controlling the stop signal in exec/raw_exec
2017-12-06 11:28:45 -05:00
Chelsea Komlo
9ae849e09c
Merge pull request #3612 from hashicorp/docker-rkt-user
...
Set user for rkt tasks
2017-12-05 17:45:08 -05:00
Chelsea Holland Komlo
4463dc607e
fix up test
2017-12-05 10:12:40 -05:00
Chelsea Holland Komlo
7284f2385a
remove unused user option
2017-12-04 18:01:31 -05:00
Michael Schurter
6ccc4219d3
Merge pull request #3615 from hashicorp/b-rkt-host-ports
...
rkt: Don't require port_map with host networking
2017-12-04 14:49:42 -08:00
Chelsea Holland Komlo
7c74968452
add ability to specify user for rkt
2017-12-04 14:21:48 -05:00
Michael Schurter
2bf1d6d85e
rkt: Don't require port_map with host networking
...
Also don't try to return a DriverNetwork with host networking. None will
ever exist as that's the point of host networking: rkt won't create a
network namespace.
2017-12-01 17:23:25 -08:00
Chelsea Holland Komlo
4ee2122536
get KillTimeout in seconds, not nanoseconds
2017-12-01 10:43:00 -05:00
Chelsea Holland Komlo
2208964948
Support StopTimeout for Docker tasksw
...
Update github.com/fsouza/go-dockerclient
2017-11-29 14:33:05 -05:00
Preetha Appan
6ad65c51e6
Missed assert in one place
2017-11-20 13:04:38 -06:00
Preetha Appan
747bd59daa
Better error validation, and added test case for invalid sysctl inputs
2017-11-20 12:07:18 -06:00
Preetha Appan
c68973747b
Address some review comments
2017-11-20 11:15:09 -06:00
Preetha Appan
39ef9ee76d
Fix gofmt warnings
2017-11-18 09:23:09 -06:00
Preetha Appan
e53dd15f58
Fix test compilation after rebase
2017-11-17 17:46:04 -06:00
Samuel BERTHE
0fca2e19c8
review(docker driver): sysctls -> sysctl + ulimits -> ulimit
2017-11-17 16:30:45 -06:00
Samuel BERTHE
6c93922cb7
Oops
2017-11-17 16:14:14 -06:00
Samuel BERTHE
c8363bc44b
💄
2017-11-17 16:03:22 -06:00
Samuel BERTHE
281ab90484
test(docker driver): testing sysctls and ulimits
2017-11-17 16:03:22 -06:00
Samuel BERTHE
b9a10ff7fa
feat(docker driver): adds sysctls and ulimits configs
2017-11-17 16:03:22 -06:00
Michael Schurter
3845c8d200
Merge pull request #3562 from hashicorp/b-3561-rkt-rm
...
Remove rkt pods when exiting
2017-11-16 17:30:21 -08:00
Michael Schurter
437fce9954
Improve rktRemove error message
2017-11-16 15:45:14 -08:00
Michael Schurter
3ceec0caab
Remove rkt pods when exiting
...
Fixes #3561
2017-11-16 14:33:44 -08:00
Michael Schurter
3023336b39
Add a test demonstrating the bug
...
Fails on Docker 17.09, passes on Docker 17.06 and earlier
2017-11-14 15:25:52 -08:00
Preetha Appan
926c9ed997
Make device mounting unit test verify configuration via docker inspect
2017-11-13 09:56:54 -06:00
Preetha Appan
dc2d5fb5a4
Unit test (linux only) that tests mounting a device in the docker driver
2017-11-13 09:56:54 -06:00
Preetha Appan
4834710e45
Add default value for cgroup permissions for device if not set
2017-11-13 09:56:54 -06:00
Preetha Appan
9cdee6991c
Remove unnecessary check since validate method already checks this
2017-11-13 09:56:54 -06:00
Preetha Appan
110c1fd4f0
Add support for passing device into docker driver
2017-11-13 09:56:54 -06:00
Alex Dadgar
b3edc12dd9
Merge pull request #3411 from cheeseprocedure/f-qemu-graceful-shutdown
...
Qemu driver: graceful shutdown feature
2017-11-03 16:41:34 -07:00
Matt Mercer
11e2870875
Qemu driver: clean up logging; fail unsupported features on Windows
2017-11-03 15:40:20 -07:00
Alex Dadgar
6034916ad1
fix spelling mistake
2017-11-03 15:04:59 -07:00
Matt Mercer
cef9ba9770
Qemu driver: tweaks in response to PR feedback
...
Remove attribute for long qemu monitor path; misc cleanup; update tests
2017-11-03 11:28:56 -07:00
Matt Mercer
00f90323c2
Qemu driver: defer cleanup sooner
2017-11-01 17:37:43 -07:00
Matt Mercer
43256af5f3
Qemu driver: clean up test logging; retry integration test for longer
2017-11-01 17:21:56 -07:00
Matt Mercer
b1145705d3
Use strings.Replace() instead of custom function
2017-11-01 15:31:35 -07:00
Matt Mercer
d51d174fa0
Qemu driver: basic testing of graceful shutdown feature
2017-11-01 15:31:30 -07:00
Matt Mercer
c26013ea0b
Qemu driver: include PIDs in log output
2017-11-01 15:31:24 -07:00
Matt Mercer
38d9a391aa
Qemu driver: ensure proper cleanup of resources
2017-11-01 15:31:20 -07:00
Matt Mercer
46f7e2fa4c
Qemu driver: minor logging fixes
2017-11-01 15:31:14 -07:00
Matt Mercer
4afb9dfa2d
Standardize driver.qemu logging prefix
2017-11-01 15:30:44 -07:00
Matt Mercer
5127e75569
Qemu driver: add graceful shutdown feature
2017-11-01 15:30:36 -07:00
Jonathan Ballet
5429d1c656
docker: changed OOM killed error message
2017-10-27 20:30:52 +02:00
Jonathan Ballet
12615bde9c
docker: log that a container has been killed by the OOM killer
...
Fix : #2203 (at least for Docker tasks)
2017-10-27 18:05:27 +02:00
Alex Dadgar
f117eb28c7
go style vars
2017-10-25 10:49:34 -07:00
Alex Dadgar
3f8495dd0e
fix two flaky tests
2017-10-23 18:15:52 -07:00
Alex Dadgar
cb0d0ef009
move to consul freeport implementation
2017-10-23 16:51:40 -07:00
Alex Dadgar
dbc014b360
Standardize retrieving a free port into a helper package
2017-10-23 16:48:20 -07:00
Alex Dadgar
4a69e1ad15
don't double parallel
2017-10-23 16:48:06 -07:00
Alex Dadgar
96ca2bbe4c
respond to comments
2017-10-23 15:50:27 -07:00
Alex Dadgar
99c81b5848
Skip if no docker
2017-10-19 16:55:10 -07:00
Alex Dadgar
593536664e
fix flaky java tests
2017-10-19 16:49:57 -07:00
Alex Dadgar
4bc452b479
Undo darwin user setting
2017-10-19 16:49:57 -07:00
Alex Dadgar
c7c6964313
Run as user on mac
2017-10-19 16:49:57 -07:00
Alex Dadgar
55a1dffa2f
sudo docker works
2017-10-19 16:49:57 -07:00
Alex Dadgar
805e7b3b62
docker tests
2017-10-19 16:49:57 -07:00
Michael Schurter
797f49702e
Add logging around moby/moby#32648 bug
2017-10-18 10:44:03 -07:00
Michael Schurter
22ac450b2f
Properly fail rkt fingerprinting on old vesions
2017-10-16 13:58:58 -07:00
Michael Schurter
d7732c1a58
Squelch repeated rkt version warnings
2017-10-16 12:09:47 -07:00
Alex Dadgar
85178d6048
rkt remove allocid
2017-10-13 10:07:50 -07:00
Adam Stankiewicz
cefbc72b49
Remove AllocID from ExecutorContext
2017-10-13 17:07:49 +02:00
Alex Dadgar
6d3d0a9391
Nomad UI Command
2017-10-09 23:01:55 -07:00
Michael Schurter
f788974f8a
Merge pull request #3288 from simar7/qemu-improvements
...
qemu: Add bound checks for memory assignment
2017-10-02 14:47:05 -07:00
Simarpreet Singh
d801584c46
qemu: Fix lower memory bound to 128M
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2017-10-02 14:29:44 -07:00
Simarpreet Singh
10d7d6dab0
gofmt: format qemu.go and qemu_test.go
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2017-10-02 13:16:48 -07:00
Michael Schurter
a66c53d45a
Remove `structs` import from `api`
...
Goes a step further and removes structs import from api's tests as well
by moving GenerateUUID to its own package.
2017-09-29 10:36:08 -07:00
Michael Schurter
77f1fe40e7
Properly autodetect Docker IP in Windows
...
Our Docker network plugin autodetection code was erroneously treating
Window's default network `nat` as a plugin and defaulting to it instead
of the host.
Fixes #3218
2017-09-27 16:49:23 -07:00
Michael Schurter
a8a87af7ed
Only build rkt driver on linux
...
Build stub for non-linux targets
2017-09-27 14:21:45 -07:00
Simarpreet Singh
3d99e71de8
qemu: Add bound checks for memory assignment
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2017-09-26 21:07:48 -07:00
Michael Schurter
d7229ce6c5
Merge pull request #3256 from dalegaard/master
...
Enable rkt driver to use address_mode = 'driver'
2017-09-26 18:04:37 -05:00
Alex Dadgar
4173834231
Enable more linters
2017-09-26 15:26:33 -07:00
Lasse Dalegaard
9f584d1114
Ignore rkt network failure if container died early
...
If the container dies before the network can be read, we now ignore the
error coming out of the network information polling loop. Nomad will
restart the task regardless, so we might be masking the actual error.
The polling loop for the rkt network information, inside the `Start`
method, was getting a bit unwieldy. It's been refactored out so it's not
a seperate function.
2017-09-27 00:15:27 +02:00
Lasse Dalegaard
b43ec57c02
Make rkt port mapping test not exit immediately
...
The rkt port mapping test currently starts redis with --version, which
obviously makes redis exit again almost immediately. This means that the
container exists before the network status can be queried, and so the
test fails.
2017-09-26 23:10:24 +02:00
Lasse Dalegaard
17d155d316
Improve rkt driver network status poll loop
...
The network status poll loop will now report any networks it ignored, as
well as a no-networks situations.
2017-09-26 21:49:45 +02:00
Lasse Dalegaard
bafd32fda0
Refactor rkt network status loop
...
The network status poll loop for the rkt drivers `Start` method was a
bit messy, and could not display the last encountered error. Here we
clean it up.
2017-09-26 21:27:12 +02:00
Lasse Dalegaard
5e9e2b07bd
Small logging fix in rkt/driver
2017-09-26 19:36:13 +02:00
Lasse Dalegaard
3d25fd3b00
Bump minimum rkt version to 1.27.0.
...
The changes introduces in #3256 require at least rkt 1.27.0 because of
a bug in the JSON output of `rkt status` in previous versions.
Here we upgrade all references to rkt's minimum version, and also make
travis and vagrant use this version when running tests.
Finally we add a CHANGELOG notice.
2017-09-26 19:15:43 +02:00
Lasse Dalegaard
f55f2b8f24
Turn rkt network status failure into Start failure
...
If the rkt driver cannot get the network status, for a task with a
configured port mapping, it will now fail the Start() call and kill the
task instead of simply logging. This matches the Docker behavior.
If no port map is specified, the warnings will be logged but the task
will be allowed to start.
2017-09-26 10:20:57 +02:00
Lasse Dalegaard
55a2e60e1a
Test for rkt driver setting DriverNetwork
...
To test that the rkt driver correctly sets a DriverNetwork, at least
when a port mapping is requested, we amend the
TestRktDriver_PortsMapping test with a small check.
2017-09-26 09:10:50 +02:00
Lasse Dalegaard
2d307d5beb
Discard errors from rkt status and cat-manifest
...
Since we don't actually show these errors anywhere, just discard them
right away.
2017-09-26 09:05:47 +02:00
Lasse Dalegaard
cbcbe0da2e
Expose rkt DriverNetwork
...
Currently the rkt driver does not expose a DriverNetwork instance after
starting the container, which means that address_mode = 'driver' does
not work.
To get the container network information, we can call `rkt status` on
the UUID of the container and grab the container IP from there.
For the port map, we need to grab the pod manifest as it will tell us
which ports the container exposes. We then cross-reference the
configured port name with the container port names, and use that to
create a correct port mapping.
To avoid doing a (bad) reimplementation of the appc schema(which rkt
uses for its manifest) and rkt apis, we pull those in as vendored
dependencies. The versions used are the same ones that rkt use in their
glide dependency configuration for version 1.28.0.
2017-09-21 00:34:22 +02:00
Lasse Dalegaard
7ac599d509
Use rkt prepare + run-prepared instead of run.
...
The rkt driver currently executes run and asks that the pod UUID is
written to a file that is then polled for changes for up to five
seconds. Many container fetches will take longer than this, so this
method will often not be able to track the pod UUID reliably.
To avoid this problem, rkt allows pods to be first prepared, which will
return their UUID, and then run as a second invocation.
Here we convert the rkt driver's Start method to use this method
instead. This way, the UUID will always be tracked correctly.
2017-09-21 00:17:31 +02:00
epipho
a16c97394f
Fix incorrect docker stats
2017-09-16 00:43:03 -04:00
Alex Dadgar
b3958faa14
Merge pull request #3187 from hashicorp/b-windows-docker
...
Fix MemorySwappiness on Windows Docker
2017-09-11 09:56:49 -07:00
Alex Dadgar
d3a9463358
Fix MemorySwappiness on Windows Docker
...
Fixes https://github.com/hashicorp/nomad/issues/3181
2017-09-10 17:46:45 -07:00
Alex Dadgar
637ae9580a
Fix docker user specified syslogging
2017-09-10 14:57:48 -07:00
Alex Dadgar
31f9e099d9
Merge pull request #3148 from clinta/purge-stopped
...
Always purge stopped containers
2017-09-05 17:18:05 -07:00
Alex Dadgar
6fdaf38389
Fix repo name passed to docker credential helpers
...
This PR fixes the server url passed to docker credential helpers and
fixes stderr capture.
Fixes https://github.com/hashicorp/nomad/issues/2957
2017-09-05 16:43:21 -07:00
Alex Dadgar
21564c7c04
Parse Docker mounts correctly ( #3163 )
...
* Parse Docker mounts correctly
This PR fixes the parsing of Docker mounts and adds testing to ensure no
regressions.
Fixes https://github.com/hashicorp/nomad/issues/3156
* Review feedback
2017-09-05 14:02:57 -07:00
Clint Armstrong
b5c2636313
Always purge stopped containers
2017-08-31 14:28:48 -04:00
Clint Armstrong
7e35ab6abb
fix logging re-init
2017-08-30 12:36:31 -04:00
Alex Dadgar
876732833f
Merge pull request #3073 from clinta/docker-500
...
Allow retry of 500 API errors to be handled by restart policies
2017-08-24 16:57:36 -07:00
Alex Dadgar
211a793530
resolve feedback
2017-08-23 14:17:00 -07:00
Alex Dadgar
653733e093
Clean up docker mounts
2017-08-22 14:12:44 -07:00
Clint Armstrong
ae230395ba
Allow retry of 500 API errors to be handled by restart policies
2017-08-22 14:04:46 -04:00
Michael Schurter
5c015da3cb
Merge pull request #3021 from clinta/docker-mount2
...
Expose docker mount options
2017-08-17 16:57:09 -07:00
Clint Armstrong
f0460156ae
restrict mount to volume type
2017-08-17 09:52:13 -04:00
Alex Dadgar
1a86aecf55
Add version package
...
This PR adds a version package and consolidates version strings into a
Version struct.
2017-08-16 15:44:21 -07:00
Jan De Cooman
8b88d56c01
updated message in test
2017-08-11 09:24:15 +02:00
Clint Armstrong
9063b500e0
expose mount options to nomad
2017-08-10 12:37:17 -04:00
Jan De Cooman
633bcee661
fixed typo
2017-08-09 14:44:38 +02:00
Jan De Cooman
804fc0d06f
added dnsoptions to the docker driver
2017-08-09 13:30:06 +02:00
Luke Farnell
f0ced87b95
fixed all spelling mistakes for goreport
2017-08-07 17:13:05 -04:00
Michael Schurter
6243c9eb86
Merge pull request #2883 from kmalec/add-support-for-readonly-mount
...
rkt driver support for read-only volumes mounts
2017-07-31 10:58:22 -07:00
Alex Dadgar
010567dba8
Fix leaked plugin files for syslog server
...
This PR fixes a leaking of the unix socket used when launching a syslog
server for the Docker driver.
Fixes https://github.com/hashicorp/nomad/issues/2844
2017-07-30 17:51:38 -07:00
Alex Dadgar
031da7a21c
fix vet
2017-07-22 22:43:33 -07:00
Alex Dadgar
0f3f1ea68b
travis check fixes
2017-07-22 21:01:22 -07:00
Alex Dadgar
c1a72d24e6
fingerprinters
2017-07-22 20:38:03 -07:00
Alex Dadgar
72d055aa9c
drop rkt deadline
2017-07-22 19:54:06 -07:00
Alex Dadgar
219fecc705
Merge branch 'master' of github.com:hashicorp/nomad
2017-07-22 19:48:54 -07:00
Alex Dadgar
d760e68774
darwin test fixes
2017-07-22 19:48:47 -07:00
Alex Dadgar
553bc91725
Parallel client tests ( #2890 )
...
* alloc_runner
* Random tests
* parallel task_runner and no exec compatible check
* Parallel client
* Fail fast and use random ports
* Fix docker port mapping
* Make concurrent pull less timing dependant
* up parallel
* Fixes
* don't build chroots in parallel on travis
* Reduce parallelism on travis with lxc/rkt
* make java test app not run forever
* drop parallelism a little
* use docker ports that are out of the os's ephemeral port range
* Limit even more on travis
* rkt deadline
2017-07-22 19:04:36 -07:00
Alex Dadgar
b6f0782732
typo
2017-07-22 12:55:30 -07:00
Alex Dadgar
8cf9d15b01
typo
2017-07-22 12:33:07 -07:00
Alex Dadgar
9e9c20ca77
small fixes
2017-07-22 12:25:02 -07:00
Alex Dadgar
e509661cf9
executor and logging pkg
2017-07-21 12:14:54 -07:00
Alex Dadgar
7c433a1767
Parallel
2017-07-21 12:06:39 -07:00
Karel Malec
4b98f94a88
Allow rkt driver to mount volumes read-only
2017-07-21 13:05:15 +02:00
Karel Malec
cf985f011c
Pass task group name as NOMAD_GROUP_NAME environment variable
2017-07-21 01:22:54 +02:00
Michael Schurter
0a6bf87365
Fix nil panic in Docker error condition
...
Fixes #2835
Yet another bug caused by overwriting container and then trying to
reference container.ID in the err handling block. Did a quick audit of
docker.go and it seems to be the last offender. See #2804 for previous
bug.
2017-07-14 10:48:19 -07:00
Michael Schurter
95a9a5da71
Merge pull request #2787 from hashicorp/f-docker-test-mac
...
Test #2652 - Docker MAC Address option
2017-07-07 16:22:10 -07:00
Michael Schurter
4be4df21c9
Merge pull request #2797 from hashicorp/f-2785-docker-bridge-ip
...
Add driver.docker.bridge_ip node attribute
2017-07-07 16:20:20 -07:00
Michael Schurter
94389c3ecc
Remove debug logging
2017-07-07 16:19:42 -07:00
Michael Schurter
5e3e3818db
Merge pull request #2804 from hashicorp/b-2802-docker-panic
...
Don't panic in container list/remove/inspect race
2017-07-07 15:35:51 -07:00
Michael Schurter
67a7b0eac9
Don't panic in container list/remove/inspect race
...
Fixes #2802
While it's hard to reproduce the theoretical race is:
1. This goroutine calls ListContainers()
2. Another goroutine removes a container X
3. This goroutine attempts to InspectContainer(X)
However, this bug could be hit in the much simpler case of
InspectContainer() timing out.
In those cases an error is returned and the old code attempted to wrap
the error with the now-nil container.ID. Storing the container ID fixes
that panic.
2017-07-07 15:10:59 -07:00
Alex Dadgar
45712c6ca3
test fixes
2017-07-07 14:11:27 -07:00
Alex Dadgar
067ed86a47
Client watches for allocation health using task state and Consul checks
...
This PR adds watching of allocation health at the client. The client can
watch for health based on the tasks running on time and also based on
the consul checks passing.
2017-07-07 12:10:04 -07:00
Alex Dadgar
c77944ed29
assign names
2017-07-07 12:03:11 -07:00
Michael Schurter
084dd384c1
Add driver.docker.bridge_ip node attribute
...
Fixes #2785
2017-07-07 10:14:10 -07:00
Michael Schurter
39edf23fd5
Merge pull request #2786 from hashicorp/f-docker-auth-soft-fail
...
Default to auth hard fail but optionally soft fail
2017-07-06 13:25:56 -07:00
Michael Schurter
bae1b7db2d
Test #2652
...
Also cleanup docker config opts docs
2017-07-06 12:46:25 -07:00
Michael Schurter
8f4353779a
Merge branch 'master' into master
2017-07-06 12:09:36 -07:00
Michael Schurter
2900f941b5
Default to auth hard fail but optionally soft fail
2017-07-06 11:35:34 -07:00
Michael Schurter
b000bb8598
Merge pull request #2744 from aep/master
...
Do not fail when no docker registry auth is available
2017-07-06 11:04:11 -07:00
Michael Schurter
8e2e26c607
rkt: use %s instead of %q when interpolating env
...
Fixes #2686
2017-07-05 09:36:17 -07:00
Arvid E. Picciani
aa4f029f10
Do not fail when no docker registry auth is available
...
this amends the behaviour introduced with #2651
and allows pulling public images when docker.auth.helper is set
2017-06-27 11:11:18 +02:00
Michael Schurter
8fcf866a7d
Fix some tests still expecting reverted behavior
2017-06-23 16:51:38 -07:00