luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
10152 commits 1 branch 0 tags 311 MiB
Commit graph

943 commits

Author SHA1 Message Date
Michael Schurter 5e975bbd0f Add comment and normalize err check ordering 
as per PR comments
 2017-11-29 17:26:11 -08:00
Michael Schurter d996c3a231 Check for error file when receiving snapshots 2017-11-29 17:26:11 -08:00
Michael Schurter ca946679f6 Destroy partially migrated alloc dirs 
Test that snapshot errors don't return a valid tar currently fails.
 2017-11-29 17:26:11 -08:00
Michael Lange 96403746b1 Add CORS headers to client fs endpoints 2017-11-21 11:22:42 -08:00
Preetha Appan 3592635ede Populate DisplayMessage in various http endpoints that return allocations, plus unit tests. 2017-11-17 14:53:26 -06:00
Alex Dadgar 05b1588cea Only publish metric when the task is running and dev mode publishes metrics 2017-11-15 13:21:06 -08:00
Max Timchenko 8b7e61d055 Do not emit logs on SIGPIPE since logging service could be unavailable 
This should fix https://github.com/hashicorp/nomad/issues/3554
 2017-11-15 18:01:41 +02:00
Chelsea Komlo 2dfda33703 Nomad agent reload TLS configuration on SIGHUP (#3479) 
* Allow server TLS configuration to be reloaded via SIGHUP

* dynamic tls reloading for nomad agents

* code cleanup and refactoring

* ensure keyloader is initialized, add comments

* allow downgrading from TLS

* initalize keyloader if necessary

* integration test for tls reload

* fix up test to assert success on reloaded TLS configuration

* failure in loading a new TLS config should remain at current

Reload only the config if agent is already using TLS

* reload agent configuration before specific server/client

lock keyloader before loading/caching a new certificate

* introduce a get-or-set method for keyloader

* fixups from code review

* fix up linting errors

* fixups from code review

* add lock for config updates; improve copy of tls config

* GetCertificate only reloads certificates dynamically for the server

* config updates/copies should be on agent

* improve http integration test

* simplify agent reloading storing a local copy of config

* reuse the same keyloader when reloading

* Test that server and client get reloaded but keep keyloader

* Keyloader exposes GetClientCertificate as well for outgoing connections

* Fix spelling

* correct changelog style
 2017-11-14 17:53:23 -08:00
Michael Lange eb42e6d219 generated UI routes 2017-11-10 13:29:17 -08:00
Michael Lange 157abf2c76 Remove the connect-src self restriction for the UI 2017-11-10 13:28:11 -08:00
Alex Dadgar 8324ef3bc4 format 2017-11-10 12:47:59 -08:00
James Powis 4bf9e6a3ab [3503] adding consul-address flag to command.go 2017-11-04 18:05:20 -06:00
Alex Dadgar 701f462d33 remove atlas 2017-11-02 11:27:21 -07:00
Preetha 2f67e839c1
Merge pull request #3484 from hashicorp/b-nomad-0.7.1 
merge nomad 0.7.1 branch
 2017-11-01 16:50:37 -05:00
Chelsea Holland Komlo afe9f9a714 add rpc_upgrade_mode as config option for tls upgrades 2017-11-01 15:19:52 -05:00
Michael Schurter 1769db98b7 Fix regression by returning error on unknown alloc 2017-11-01 15:16:38 -05:00
Michael Schurter 2a81160dcd Fix GC'd alloc tracking 
The Client.allocs map now contains all AllocRunners again, not just
un-GC'd AllocRunners. Client.allocs is only pruned when the server GCs
allocs.

Also stops logging "marked for GC" twice.
 2017-11-01 15:16:38 -05:00
Diptanu Choudhury 46bc4280b2 Adding support for tagged metrics 2017-11-01 13:15:06 -07:00
Diptanu Choudhury 524a1f0712 Publishing metrics for job summary 2017-11-01 13:15:06 -07:00
Alex Dadgar 51c87ec858 bump version and remove generated 2017-11-01 10:02:25 -07:00
Alex Dadgar 11c24e90a1 generated 2017-11-01 09:42:18 -07:00
Alex Dadgar 51f869040f remove generated structs 2017-10-31 13:50:16 -07:00
Alex Dadgar a539483a35 changelog + PUT 2017-10-27 10:43:57 -07:00
Diptanu Choudhury 9b18737d15 Added the purge API on node endpoints 2017-10-25 23:51:53 -07:00
Alex Dadgar 68c0d8a77a add static ui assets 2017-10-25 17:01:26 -07:00
Alex Dadgar 74e612fe1e metrics test 2017-10-23 18:38:36 -07:00
Alex Dadgar cb0d0ef009 move to consul freeport implementation 2017-10-23 16:51:40 -07:00
Alex Dadgar dbc014b360 Standardize retrieving a free port into a helper package 2017-10-23 16:48:20 -07:00
Alex Dadgar 2d43e527d1 fix namespaces 2017-10-23 16:07:38 -07:00
Alex Dadgar fa55f3bc21 Fix on ipv6 2017-10-19 16:49:58 -07:00
Alex Dadgar e7299676f6 generated 2017-10-19 15:20:39 -07:00
Michael Schurter c9a73ac76e Support CORS for client endpoints 
Added to /v1/client/stats and /v1/client/allocation/
 2017-10-18 17:32:36 -07:00
Michael Schurter 0aace3d749 Don't set Interval on TTL health checks 2017-10-16 17:35:47 -07:00
Michael Schurter 916682f8a0 Merge pull request #3387 from hashicorp/f-aclless-health 
Agent Health Endpoint
 2017-10-16 11:05:09 -07:00
Alex Dadgar c3f06b2134 Merge pull request #3384 from hashicorp/f-self-policies 
Ability to introspect self token
 2017-10-13 17:11:22 -07:00
Michael Schurter 9d3f5a043e Better client health check and error handling 2017-10-13 16:25:25 -07:00
Michael Schurter 799a928812 Merge pull request #3388 from hashicorp/b-migration-fixes 
Test fixes from #3383
 2017-10-13 16:03:12 -07:00
Michael Schurter b5fd075d74 Test fixes from #3383 2017-10-13 15:45:35 -07:00
Michael Schurter c53aac9eea Agent Health Endpoint 2017-10-13 15:37:44 -07:00
Alex Dadgar c1cc51dbee sync 2017-10-13 14:36:02 -07:00
Alex Dadgar dd3920d681 Self token lookup 2017-10-13 13:12:20 -07:00
Alex Dadgar 44927ca449 remove bad test 2017-10-13 12:40:21 -07:00
Michael Schurter 15b3df0b80 Merge pull request #3374 from hashicorp/f-auth-token 
SecretID -> AuthToken
 2017-10-12 16:57:49 -07:00
Alex Dadgar d6b970eec9 Handle invalid token as well 2017-10-12 15:39:05 -07:00
Michael Schurter 84d8a51be1 SecretID -> AuthToken 2017-10-12 15:16:33 -07:00
Alex Dadgar 0b538ded83 403 instead of 500 for permission denied 2017-10-12 14:10:20 -07:00
Alex Dadgar b5fc557253 ACL command options 2017-10-12 13:51:39 -07:00
Alex Dadgar 53f2ea88a5 Small fixes 
This commit:

* Fixes the error checking in migration tests now that we are using the
canonical ErrPermissionDenied error
* Guard against NPE when looking up objects to generate the migration
token
* Handle an additional case in ShouldMigrate()
 2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo c67bfc2ee4 fixups from code review 
change creation of a migrate token to be for a previous allocation
 2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo e1c4701a43 fix up build warnings 2017-10-11 17:11:57 -07:00
Chelsea Holland Komlo 00a1f5fc9a adding migration token validation for gc endpoint 2017-10-11 17:11:57 -07:00
Chelsea Holland Komlo b018ca4d46 fixing up code review comments 2017-10-11 17:09:20 -07:00
Chelsea Holland Komlo 1b90a2eef0 adding valid case test for http endpoint 2017-10-11 17:09:20 -07:00
Chelsea Holland Komlo a77e462465 add tests for functionality 2017-10-11 17:09:20 -07:00
Chelsea Holland Komlo 410adaf726 Add functionality for authenticated volumes 2017-10-11 17:09:20 -07:00
Michael Schurter de767ffa04 Status.Members ACL enforcement 
Was incorrectly checked on the HTTP API before. Moved to RPC endpoint.
 2017-10-10 10:36:54 -07:00
Michael Schurter 180cbc4f5a Fix AgentSelf, AgentMembers, and KeyringOperations 2017-10-09 16:12:28 -07:00
Michael Schurter e50acae1a9 ForceLeave endpoint must use Server.ResolveToken 
The ForceLeaveRequest endpoint may only be called on servers, but the
code was using a Client to resolve tokens. This would cause a panic when
an agent wasn't both a Server and a Client.
 2017-10-09 15:49:04 -07:00
Michael Schurter 492c861419 /v1/client/agent/* ACL enforcement 2017-10-09 12:18:54 -07:00
Michael Schurter 04adc987ed /v1/client/allocation/./{stats,gc} ACL enforcement 2017-10-09 12:13:52 -07:00
Michael Schurter 84d82d79bb /v1/client/stats ACL enforcement 2017-10-09 12:02:32 -07:00
Michael Schurter 8a125759ae Refactor as there's no need for an ACL helper 2017-10-09 11:19:25 -07:00
Michael Schurter 260b66bf52 Test all fs endpoints in a loop 2017-10-09 11:19:14 -07:00
Michael Schurter a7450c8633 FS HTTP API ACL enforcement 
ACL enforcement for the filesystem HTTP APIs on clients.
 2017-10-09 11:06:34 -07:00
Michael Schurter 69bcfe78ba /v1/client/gc ACL enforcement 2017-10-06 14:50:16 -07:00
Michael Schurter fd9d09e290 Rename TestAgent.Token to TestAgent.RootToken 2017-10-06 14:35:14 -07:00
James Rasell 4628637b54
Update agent CLI to include Consul config option flags. 
This update introduces command line flags for all Consul options
thus allowing users to both use a config file and CLI options to
configure Consul.

Website documentation has also been updated.

Closes #3304
 2017-10-05 14:26:26 +01:00
Alex Dadgar 4173834231 Enable more linters 2017-09-26 15:26:33 -07:00
Alex Dadgar fb1ceabad6 generated code 2017-09-19 12:17:16 -05:00
Alex Dadgar f16167b5e1 always gzip 2017-09-19 10:37:49 -05:00
Alex Dadgar e5ec915ac3 sync 2017-09-19 10:08:23 -05:00
Michael Schurter a844fba8d2 Fix comments: task -> check 2017-09-15 15:19:53 -07:00
Michael Schurter bd3f517f2f Test converting CheckRestart from api->structs 2017-09-15 15:01:56 -07:00
Michael Schurter 0f2a3dcec9 Test check watch updates 2017-09-14 16:48:39 -07:00
Michael Schurter 847fe080f6 Rename unhealthy var and fix test indeterminism 2017-09-14 16:48:39 -07:00
Michael Schurter 573a0df03d Watched -> TriggersRestart 
Watched was a silly name
 2017-09-14 16:48:39 -07:00
Michael Schurter 4ea19baa52 Handle multiple failing checks on a single task 
Before this commit if a task had 2 checks cause restarts at the same
time, both would trigger restarts of the task! This change removes all
checks for a task whenever one of them is restarted.
 2017-09-14 16:48:39 -07:00
Michael Schurter 73fb71ca10 RestartDelay isn't needed as checks are re-added on restarts 
@dadgar made the excellent observation in #3105 that TaskRunner removes
and re-registers checks on restarts. This means checkWatcher doesn't
need to do *any* internal restart tracking. Individual checks can just
remove themselves and be re-added when the task restarts.
 2017-09-14 16:48:39 -07:00
Michael Schurter 448ad3945f Simplify from 2 select loops to one 2017-09-14 16:48:39 -07:00
Michael Schurter 550e631eea Wrap check watch updates in a struct 
Reusing checkRestart for both adds/removes and the main check restarting
logic was confusing.
 2017-09-14 16:48:39 -07:00
Michael Schurter d299d42089 Canonicalize and Merge CheckRestart in api 2017-09-14 16:48:39 -07:00
Michael Schurter 72e5c0c0aa Fix whitespace 2017-09-14 16:47:41 -07:00
Michael Schurter ade29ecbed Improve check watcher logging and add tests 
Also expose a mock Consul Agent to allow testing ServiceClient and
checkWatcher from TaskRunner without actually talking to a real Consul.
 2017-09-14 16:47:41 -07:00
Michael Schurter 99f4aa999a Default grace period to 1s 2017-09-14 16:46:54 -07:00
Michael Schurter a137676358 Add comments and move delay calc to TaskRunner 2017-09-14 16:46:54 -07:00
Michael Schurter a180c00fc3 on_warning=false -> ignore_warnings=false 
Treat warnings as unhealthy by default
 2017-09-14 16:46:54 -07:00
Michael Schurter 8a87475498 Use existing restart policy infrastructure 2017-09-14 16:46:54 -07:00
Michael Schurter 22690c5f4c Add check watcher for restarting unhealthy tasks 2017-09-14 16:46:54 -07:00
Michael Schurter b35d208428 Nest restart fields in CheckRestart 2017-09-14 16:46:54 -07:00
Michael Schurter bf34505509 Add restart fields 2017-09-14 16:46:54 -07:00
Alex Dadgar 01180fec58 use assert 2017-09-14 14:20:22 -07:00
Alex Dadgar c55b7ce4d6 Sort /v1/agent/servers output 
This PR sorts the output of the endpoint since its results are used as
part of Consul checks to avoid the value changing unnecessarily.

Fixes https://github.com/hashicorp/nomad/issues/3211
 2017-09-14 14:20:22 -07:00
Chelsea Holland Komlo c014cb014f fix bug to return prometheus sink 2017-09-13 19:21:21 +00:00
Chelsea Holland Komlo fcc3071e52 fixups from code review 2017-09-13 19:21:21 +00:00
Chelsea Holland Komlo faabf61c6d updated documentation 2017-09-13 19:21:21 +00:00
Chelsea Holland Komlo f5975dceb7 refactoring prometheus endpoint 2017-09-13 19:21:21 +00:00
Chelsea Holland Komlo 035fab0c8d enabling prometheus metrics should be a config option 2017-09-13 19:21:21 +00:00
Chelsea Holland Komlo d8e9f2fef7 add endpoint for prometheus 2017-09-13 19:21:21 +00:00
Alex Dadgar 5aa8f1a82e pass in uid to codecgen 2017-09-11 15:40:27 -07:00
Armon Dadgar c234e09d9e website: document ACL bootstrap reset process 2017-09-10 16:18:39 -07:00