a43e0a7b08
Allow overriding an image's entrypoint in Docker
...
Fixes https://github.com/hashicorp/nomad/issues/2219
2018-01-23 14:05:00 -08:00
98a03ad689
Merge pull request #3754 from filipochnik/docker-caps
...
Add an option to add and drop capabilities in the Docker driver
2018-01-23 12:02:50 -08:00
558812350d
Finish implementation of the capabilities whitelist
2018-01-21 12:14:24 +01:00
9d410c88a7
Improve driver network logging
2018-01-18 15:35:24 -08:00
583e17fad5
Always advertise driver IP when in driver mode
...
Fixes #3681
When in drive address mode Nomad should always advertise the driver's IP
in Consul even when no network exists. This matches the 0.6 behavior.
When in host address mode Nomad advertises the alloc's network's IP if
one exists. Otherwise it lets Consul determine the IP.
I also added some much needed logging around Docker's network discovery.
2018-01-18 15:35:24 -08:00
4eeb552a4f
Add a sketch of capabilities whitelist logic for the Docker driver
2018-01-14 20:01:47 +01:00
8ee3ce7a26
Add an option to add and drop capabilities in the Docker driver
2018-01-14 19:56:57 +01:00
61fa8ad4ba
code review fixes
2017-12-07 13:46:25 -05:00
350319239c
change location of default kill signal
2017-12-06 17:48:25 -05:00
b08611cfac
move kill_signal to task level, extend to docker
2017-12-06 14:36:39 -05:00
4ee2122536
get KillTimeout in seconds, not nanoseconds
2017-12-01 10:43:00 -05:00
2208964948
Support StopTimeout for Docker tasksw
...
Update github.com/fsouza/go-dockerclient
2017-11-29 14:33:05 -05:00
747bd59daa
Better error validation, and added test case for invalid sysctl inputs
2017-11-20 12:07:18 -06:00
c68973747b
Address some review comments
2017-11-20 11:15:09 -06:00
39ef9ee76d
Fix gofmt warnings
2017-11-18 09:23:09 -06:00
0fca2e19c8
review(docker driver): sysctls -> sysctl + ulimits -> ulimit
2017-11-17 16:30:45 -06:00
c8363bc44b
💄
2017-11-17 16:03:22 -06:00
b9a10ff7fa
feat(docker driver): adds sysctls and ulimits configs
2017-11-17 16:03:22 -06:00
4834710e45
Add default value for cgroup permissions for device if not set
2017-11-13 09:56:54 -06:00
9cdee6991c
Remove unnecessary check since validate method already checks this
2017-11-13 09:56:54 -06:00
110c1fd4f0
Add support for passing device into docker driver
2017-11-13 09:56:54 -06:00
5429d1c656
docker: changed OOM killed error message
2017-10-27 20:30:52 +02:00
12615bde9c
docker: log that a container has been killed by the OOM killer
...
Fix : #2203 (at least for Docker tasks)
2017-10-27 18:05:27 +02:00
805e7b3b62
docker tests
2017-10-19 16:49:57 -07:00
797f49702e
Add logging around moby/moby#32648 bug
2017-10-18 10:44:03 -07:00
cefbc72b49
Remove AllocID from ExecutorContext
2017-10-13 17:07:49 +02:00
77f1fe40e7
Properly autodetect Docker IP in Windows
...
Our Docker network plugin autodetection code was erroneously treating
Window's default network `nat` as a plugin and defaulting to it instead
of the host.
Fixes #3218
2017-09-27 16:49:23 -07:00
4173834231
Enable more linters
2017-09-26 15:26:33 -07:00
a16c97394f
Fix incorrect docker stats
2017-09-16 00:43:03 -04:00
b3958faa14
Merge pull request #3187 from hashicorp/b-windows-docker
...
Fix MemorySwappiness on Windows Docker
2017-09-11 09:56:49 -07:00
d3a9463358
Fix MemorySwappiness on Windows Docker
...
Fixes https://github.com/hashicorp/nomad/issues/3181
2017-09-10 17:46:45 -07:00
637ae9580a
Fix docker user specified syslogging
2017-09-10 14:57:48 -07:00
31f9e099d9
Merge pull request #3148 from clinta/purge-stopped
...
Always purge stopped containers
2017-09-05 17:18:05 -07:00
6fdaf38389
Fix repo name passed to docker credential helpers
...
This PR fixes the server url passed to docker credential helpers and
fixes stderr capture.
Fixes https://github.com/hashicorp/nomad/issues/2957
2017-09-05 16:43:21 -07:00
21564c7c04
Parse Docker mounts correctly ( #3163 )
...
* Parse Docker mounts correctly
This PR fixes the parsing of Docker mounts and adds testing to ensure no
regressions.
Fixes https://github.com/hashicorp/nomad/issues/3156
* Review feedback
2017-09-05 14:02:57 -07:00
b5c2636313
Always purge stopped containers
2017-08-31 14:28:48 -04:00
7e35ab6abb
fix logging re-init
2017-08-30 12:36:31 -04:00
876732833f
Merge pull request #3073 from clinta/docker-500
...
Allow retry of 500 API errors to be handled by restart policies
2017-08-24 16:57:36 -07:00
211a793530
resolve feedback
2017-08-23 14:17:00 -07:00
653733e093
Clean up docker mounts
2017-08-22 14:12:44 -07:00
ae230395ba
Allow retry of 500 API errors to be handled by restart policies
2017-08-22 14:04:46 -04:00
5c015da3cb
Merge pull request #3021 from clinta/docker-mount2
...
Expose docker mount options
2017-08-17 16:57:09 -07:00
f0460156ae
restrict mount to volume type
2017-08-17 09:52:13 -04:00
1a86aecf55
Add version package
...
This PR adds a version package and consolidates version strings into a
Version struct.
2017-08-16 15:44:21 -07:00
9063b500e0
expose mount options to nomad
2017-08-10 12:37:17 -04:00
633bcee661
fixed typo
2017-08-09 14:44:38 +02:00
804fc0d06f
added dnsoptions to the docker driver
2017-08-09 13:30:06 +02:00
f0ced87b95
fixed all spelling mistakes for goreport
2017-08-07 17:13:05 -04:00
0a6bf87365
Fix nil panic in Docker error condition
...
Fixes #2835
Yet another bug caused by overwriting container and then trying to
reference container.ID in the err handling block. Did a quick audit of
docker.go and it seems to be the last offender. See #2804 for previous
bug.
2017-07-14 10:48:19 -07:00
4be4df21c9
Merge pull request #2797 from hashicorp/f-2785-docker-bridge-ip
...
Add driver.docker.bridge_ip node attribute
2017-07-07 16:20:20 -07:00
94389c3ecc
Remove debug logging
2017-07-07 16:19:42 -07:00
67a7b0eac9
Don't panic in container list/remove/inspect race
...
Fixes #2802
While it's hard to reproduce the theoretical race is:
1. This goroutine calls ListContainers()
2. Another goroutine removes a container X
3. This goroutine attempts to InspectContainer(X)
However, this bug could be hit in the much simpler case of
InspectContainer() timing out.
In those cases an error is returned and the old code attempted to wrap
the error with the now-nil container.ID. Storing the container ID fixes
that panic.
2017-07-07 15:10:59 -07:00
084dd384c1
Add driver.docker.bridge_ip node attribute
...
Fixes #2785
2017-07-07 10:14:10 -07:00
39edf23fd5
Merge pull request #2786 from hashicorp/f-docker-auth-soft-fail
...
Default to auth hard fail but optionally soft fail
2017-07-06 13:25:56 -07:00
8f4353779a
Merge branch 'master' into master
2017-07-06 12:09:36 -07:00
2900f941b5
Default to auth hard fail but optionally soft fail
2017-07-06 11:35:34 -07:00
b000bb8598
Merge pull request #2744 from aep/master
...
Do not fail when no docker registry auth is available
2017-07-06 11:04:11 -07:00
aa4f029f10
Do not fail when no docker registry auth is available
...
this amends the behaviour introduced with #2651
and allows pulling public images when docker.auth.helper is set
2017-06-27 11:11:18 +02:00
5a274e6683
Style and comments
2017-06-23 15:20:04 -07:00
38a0695687
Simplify Docker Networks processing
2017-06-21 17:19:08 -07:00
fec83b271a
Bump error log level
2017-06-21 17:19:08 -07:00
67d154a274
Test driver network advertisement and checks
2017-06-21 17:19:08 -07:00
b9bfb84b53
Implement DriverNetwork and Service.AddressMode
...
Ideally DriverNetwork would be fully populated in Driver.Prestart, but
Docker doesn't assign the container's IP until you start the container.
However, it's important to setup the port env vars before calling
Driver.Start, so Prestart should populate that.
2017-06-21 17:19:08 -07:00
7695e636d5
Fix port map interpolation for docker
...
This PR fixes an issue in which the value of the portmap could not be
interpolated.
Fixes https://github.com/hashicorp/nomad/issues/2680
2017-06-08 13:12:32 -07:00
3b46fe136f
small cleanup
2017-05-31 15:56:54 -07:00
6138564f00
Implement support for docker-credential-helpers
...
Solves: #2334
2017-05-31 12:45:02 +02:00
fd9bef768f
Move task env into execcontext
...
Also inject PATH into rkt commands since we're no longer appending host
env vars for it.
2017-05-23 13:53:34 -07:00
37b148fb60
Add PortMap to struct returned by Driver.Prestart
...
Moves env.Builder out of drivers entirely so one less thing to worry
about when implementing driver plugins.
2017-05-23 13:53:34 -07:00
d2c08ff24b
Refactor TaskEnvironment into Builder and TaskEnv
2017-05-23 13:53:33 -07:00
6b2d5bd4fd
Add SecurityOpt as a config field in Docker driver
2017-05-19 16:18:49 -07:00
323a0a78f3
Fixed wrong newline
2017-05-17 16:51:22 +02:00
ea644237cf
mac address pinning in docker driver
...
This commit adds mac address pining to the docker driver.
2017-05-17 16:41:00 +02:00
caf317e3f2
Use a DriverAbility to expose Exec functionality
2017-04-19 12:42:47 -07:00
e204a287ed
Refactor Consul Syncer into new ServiceClient
...
Fixes #2478 #2474 #1995 #2294
The new client only handles agent and task service advertisement. Server
discovery is mostly unchanged.
The Nomad client agent now handles all Consul operations instead of the
executor handling task related operations. When upgrading from an
earlier version of Nomad existing executors will be told to deregister
from Consul so that the Nomad agent can re-register the task's services
and checks.
Drivers - other than qemu - now support an Exec method for executing
abritrary commands in a task's environment. This is used to implement
script checks.
Interfaces are used extensively to avoid interacting with Consul in
tests that don't assert any Consul related behavior.
2017-04-19 12:42:47 -07:00
cdd624ff5b
Add ExtraHosts to Docker driver
...
This PR allows job submitters to add extra hosts to the containers
/etc/hosts file.
Fixes https://github.com/hashicorp/nomad/issues/2546
2017-04-11 10:52:41 -07:00
d71ddcb756
Allow specifying container IP with docker driver
2017-04-07 11:56:07 -04:00
ae3810052d
Merge pull request #2482 from hashicorp/f-2289-better-artifact-err
...
Improve artifact download error message
2017-03-28 12:48:22 -07:00
507862ade3
Add WrapRecoverable helper
2017-03-27 15:37:15 -07:00
4ecebe7d8c
Proper reference counting through task restarts
...
This PR fixes an issue in which the reference count on a Docker image
would become inflated through task restarts.
2017-03-25 17:05:53 -07:00
0e6c564406
Improve artifact download error message
...
Fixes #2289
Unfortunately took more RecoverableError hijinx than I would have liked.
There might be a better way.
2017-03-24 15:26:05 -07:00
d220d9405b
return the recoverable err
2017-03-14 16:33:36 -07:00
5f7bf577cd
Docker doesn't need to init the stats helper
2017-03-14 13:41:57 -07:00
b4db9d33f9
Fixes docker-driver docker.auth.config processing
2017-03-01 16:16:11 -07:00
d2193048ce
Fix caching of pull future
2017-02-28 18:19:13 -08:00
5be806a3df
Fix vet script and fix vet problems
...
This PR fixes our vet script and fixes all the missed vet changes.
It also fixes pointers being printed in `nomad stop <job>` and `nomad
node-status <node>`.
2017-02-27 16:00:19 -08:00
c423626484
Docker open stores image/image ID for next ID
2017-02-27 13:49:54 -08:00
aa05ecc37c
Merge pull request #2361 from hashicorp/f-docker-coordination
...
Docker Image Coordinator and caching
2017-02-24 14:18:21 -08:00
b5d4f39734
Docker Image Coordinator
...
This PR introduces a coordinator for doing CRUD on a Docker image. It
should fix racy deletion of images. The issue before was images would be
deleted between prestart and start causing an error.
2017-02-24 13:20:40 -08:00
f61b7975a3
Put access to Docker volume drivers behind flag
2017-02-23 15:47:36 -08:00
2f88d6cb68
Docker Volume Drivers
...
This commit adds the functionality to use Docker Volume Drivers.
2017-02-23 14:36:32 -03:00
12c549d6a0
Skip setting MemorySwap on Windows
...
Windows doesn't support this Docker setting.
Fixes #2193
2017-02-21 13:21:42 -08:00
f9323f03df
Drivers log during fingerprinting
...
This PR fixes a regression in which some drivers did not log during
fingerprinting.
2017-02-20 19:35:51 -08:00
fda3a5250c
Merge pull request #2222 from hashicorp/b-docker-image-not-found
...
Making the docker driver retry when an image is not found
2017-01-23 14:58:00 -08:00
dfd1f03ec8
Added a comment
2017-01-23 14:57:30 -08:00
e160b2b38f
Add test and better logs
...
This commit adds a test to retrieving auth configurations, use either
the auth block in the config or specified via the agent config and adds
a log if lookup fails.
2017-01-23 14:48:02 -08:00
43a17b7d74
Close file
2017-01-23 11:37:45 -08:00
ee5296ba70
Deprecation notice
2017-01-23 11:32:51 -08:00
3365688571
Remove SSL
2017-01-23 11:32:51 -08:00
4a627b02ca
undo
2017-01-23 11:32:51 -08:00
08733b68d2
vendor
2017-01-23 11:32:51 -08:00
Alex Dadgar