94389c3ecc
Remove debug logging
2017-07-07 16:19:42 -07:00
67a7b0eac9
Don't panic in container list/remove/inspect race
...
Fixes #2802
While it's hard to reproduce the theoretical race is:
1. This goroutine calls ListContainers()
2. Another goroutine removes a container X
3. This goroutine attempts to InspectContainer(X)
However, this bug could be hit in the much simpler case of
InspectContainer() timing out.
In those cases an error is returned and the old code attempted to wrap
the error with the now-nil container.ID. Storing the container ID fixes
that panic.
2017-07-07 15:10:59 -07:00
084dd384c1
Add driver.docker.bridge_ip node attribute
...
Fixes #2785
2017-07-07 10:14:10 -07:00
39edf23fd5
Merge pull request #2786 from hashicorp/f-docker-auth-soft-fail
...
Default to auth hard fail but optionally soft fail
2017-07-06 13:25:56 -07:00
8f4353779a
Merge branch 'master' into master
2017-07-06 12:09:36 -07:00
2900f941b5
Default to auth hard fail but optionally soft fail
2017-07-06 11:35:34 -07:00
b000bb8598
Merge pull request #2744 from aep/master
...
Do not fail when no docker registry auth is available
2017-07-06 11:04:11 -07:00
aa4f029f10
Do not fail when no docker registry auth is available
...
this amends the behaviour introduced with #2651
and allows pulling public images when docker.auth.helper is set
2017-06-27 11:11:18 +02:00
5a274e6683
Style and comments
2017-06-23 15:20:04 -07:00
38a0695687
Simplify Docker Networks processing
2017-06-21 17:19:08 -07:00
fec83b271a
Bump error log level
2017-06-21 17:19:08 -07:00
67d154a274
Test driver network advertisement and checks
2017-06-21 17:19:08 -07:00
b9bfb84b53
Implement DriverNetwork and Service.AddressMode
...
Ideally DriverNetwork would be fully populated in Driver.Prestart, but
Docker doesn't assign the container's IP until you start the container.
However, it's important to setup the port env vars before calling
Driver.Start, so Prestart should populate that.
2017-06-21 17:19:08 -07:00
7695e636d5
Fix port map interpolation for docker
...
This PR fixes an issue in which the value of the portmap could not be
interpolated.
Fixes https://github.com/hashicorp/nomad/issues/2680
2017-06-08 13:12:32 -07:00
3b46fe136f
small cleanup
2017-05-31 15:56:54 -07:00
6138564f00
Implement support for docker-credential-helpers
...
Solves: #2334
2017-05-31 12:45:02 +02:00
fd9bef768f
Move task env into execcontext
...
Also inject PATH into rkt commands since we're no longer appending host
env vars for it.
2017-05-23 13:53:34 -07:00
37b148fb60
Add PortMap to struct returned by Driver.Prestart
...
Moves env.Builder out of drivers entirely so one less thing to worry
about when implementing driver plugins.
2017-05-23 13:53:34 -07:00
d2c08ff24b
Refactor TaskEnvironment into Builder and TaskEnv
2017-05-23 13:53:33 -07:00
6b2d5bd4fd
Add SecurityOpt as a config field in Docker driver
2017-05-19 16:18:49 -07:00
323a0a78f3
Fixed wrong newline
2017-05-17 16:51:22 +02:00
ea644237cf
mac address pinning in docker driver
...
This commit adds mac address pining to the docker driver.
2017-05-17 16:41:00 +02:00
caf317e3f2
Use a DriverAbility to expose Exec functionality
2017-04-19 12:42:47 -07:00
e204a287ed
Refactor Consul Syncer into new ServiceClient
...
Fixes #2478 #2474 #1995 #2294
The new client only handles agent and task service advertisement. Server
discovery is mostly unchanged.
The Nomad client agent now handles all Consul operations instead of the
executor handling task related operations. When upgrading from an
earlier version of Nomad existing executors will be told to deregister
from Consul so that the Nomad agent can re-register the task's services
and checks.
Drivers - other than qemu - now support an Exec method for executing
abritrary commands in a task's environment. This is used to implement
script checks.
Interfaces are used extensively to avoid interacting with Consul in
tests that don't assert any Consul related behavior.
2017-04-19 12:42:47 -07:00
cdd624ff5b
Add ExtraHosts to Docker driver
...
This PR allows job submitters to add extra hosts to the containers
/etc/hosts file.
Fixes https://github.com/hashicorp/nomad/issues/2546
2017-04-11 10:52:41 -07:00
d71ddcb756
Allow specifying container IP with docker driver
2017-04-07 11:56:07 -04:00
ae3810052d
Merge pull request #2482 from hashicorp/f-2289-better-artifact-err
...
Improve artifact download error message
2017-03-28 12:48:22 -07:00
507862ade3
Add WrapRecoverable helper
2017-03-27 15:37:15 -07:00
4ecebe7d8c
Proper reference counting through task restarts
...
This PR fixes an issue in which the reference count on a Docker image
would become inflated through task restarts.
2017-03-25 17:05:53 -07:00
0e6c564406
Improve artifact download error message
...
Fixes #2289
Unfortunately took more RecoverableError hijinx than I would have liked.
There might be a better way.
2017-03-24 15:26:05 -07:00
d220d9405b
return the recoverable err
2017-03-14 16:33:36 -07:00
5f7bf577cd
Docker doesn't need to init the stats helper
2017-03-14 13:41:57 -07:00
b4db9d33f9
Fixes docker-driver docker.auth.config processing
2017-03-01 16:16:11 -07:00
d2193048ce
Fix caching of pull future
2017-02-28 18:19:13 -08:00
5be806a3df
Fix vet script and fix vet problems
...
This PR fixes our vet script and fixes all the missed vet changes.
It also fixes pointers being printed in `nomad stop <job>` and `nomad
node-status <node>`.
2017-02-27 16:00:19 -08:00
c423626484
Docker open stores image/image ID for next ID
2017-02-27 13:49:54 -08:00
aa05ecc37c
Merge pull request #2361 from hashicorp/f-docker-coordination
...
Docker Image Coordinator and caching
2017-02-24 14:18:21 -08:00
b5d4f39734
Docker Image Coordinator
...
This PR introduces a coordinator for doing CRUD on a Docker image. It
should fix racy deletion of images. The issue before was images would be
deleted between prestart and start causing an error.
2017-02-24 13:20:40 -08:00
f61b7975a3
Put access to Docker volume drivers behind flag
2017-02-23 15:47:36 -08:00
2f88d6cb68
Docker Volume Drivers
...
This commit adds the functionality to use Docker Volume Drivers.
2017-02-23 14:36:32 -03:00
12c549d6a0
Skip setting MemorySwap on Windows
...
Windows doesn't support this Docker setting.
Fixes #2193
2017-02-21 13:21:42 -08:00
f9323f03df
Drivers log during fingerprinting
...
This PR fixes a regression in which some drivers did not log during
fingerprinting.
2017-02-20 19:35:51 -08:00
fda3a5250c
Merge pull request #2222 from hashicorp/b-docker-image-not-found
...
Making the docker driver retry when an image is not found
2017-01-23 14:58:00 -08:00
dfd1f03ec8
Added a comment
2017-01-23 14:57:30 -08:00
e160b2b38f
Add test and better logs
...
This commit adds a test to retrieving auth configurations, use either
the auth block in the config or specified via the agent config and adds
a log if lookup fails.
2017-01-23 14:48:02 -08:00
43a17b7d74
Close file
2017-01-23 11:37:45 -08:00
ee5296ba70
Deprecation notice
2017-01-23 11:32:51 -08:00
3365688571
Remove SSL
2017-01-23 11:32:51 -08:00
4a627b02ca
undo
2017-01-23 11:32:51 -08:00
08733b68d2
vendor
2017-01-23 11:32:51 -08:00
b1823a5fdb
Better auth lookup
2017-01-23 11:32:51 -08:00
3d5b31fc96
WIP
2017-01-23 11:32:51 -08:00
ec6b6e69d4
remove reference to entrypoint
2017-01-22 14:04:41 -08:00
295c2bf74a
Merge pull request #2186 from hashicorp/f-driver-cleanup
...
Add Cleanup method to Driver interface
2017-01-20 13:02:14 -08:00
be7081568c
Making the docker driver retry when an image is not found
2017-01-20 12:38:04 -08:00
010a7709f1
Bump unknown resource to ERR
2017-01-19 09:48:07 -08:00
578272b7f2
Add CreatedResources.Remove and use it
2017-01-17 16:41:59 -08:00
1bcf7cdbfe
Remove outdated comment
2017-01-17 16:23:29 -08:00
82b49d4547
Updated CreatedResources as images are cleaned
2017-01-17 16:13:40 -08:00
beed31ff6f
Remove outdated comment
2017-01-17 16:05:21 -08:00
b9d6d2c8d6
Return error from Prestart
2017-01-17 16:04:09 -08:00
255698e8af
Use Image ID instead of Image Name
2017-01-13 16:53:58 -08:00
a3a3656dbb
Switch to use recoverable errors from Cleanup
...
TaskRunner handles retrying but Cleanup handles all of CreatedResources.
2017-01-13 16:46:08 -08:00
25bf266606
Add ID to output
2017-01-13 12:46:55 -08:00
dc68aa1a5a
Return errors from cleanup and let TaskRunner retry
2017-01-12 17:21:54 -08:00
6809a4b104
Added executorconfig
2017-01-12 15:47:58 -08:00
b1d0078db5
Filter executor log messages
2017-01-12 11:54:19 -08:00
ec81325ddc
Stop being so confusing
2017-01-12 11:17:35 -08:00
4d081490e6
Add Cleanup method to Driver interface
...
Cleanup can be used for cleaning up resources created by drivers to run
a task. Initially the Docker driver is the only user (to remove
downloaded images).
2017-01-11 17:23:33 -08:00
7ccbd8a000
fixing typo in comment
2017-01-10 16:54:01 -06:00
88a462d5b9
add force_pull to docker driver
2017-01-10 16:54:01 -06:00
65fb580216
Fix inconsistent task env setting
...
Consolidate task environment building in GetTaskEnv since it can
determine what kind of filesystem isolation is used.
This means drivers no longer have to manipulate task environment paths.
2017-01-06 12:19:32 -08:00
baf6f078d6
Remove task name prefix from executor logs
2017-01-05 16:31:56 -08:00
3ea09ba16a
Move chroot building into TaskRunner
...
* Refactor AllocDir to have a TaskDir struct per task.
* Drivers expose filesystem isolation preference
* Fix lxc mounting of `secrets/`
2017-01-05 16:31:49 -08:00
4a9a574d9d
Merge pull request #2054 from hashicorp/f-prestart
...
Add Driver.Prestart method
2016-12-20 16:18:56 -08:00
05b49008eb
Remove unneeded waitClient field
2016-12-20 14:29:57 -08:00
458c2ed5f1
Fix formatting of downloading image message
2016-12-20 11:57:26 -08:00
e34d1e5d23
Use startContainer wrapper
2016-12-20 11:55:40 -08:00
85b0cecff2
Emit "Downloading image" event
2016-12-20 11:40:34 -08:00
746d4c7ee3
Small cleanups
2016-12-19 14:22:08 -08:00
18739a4433
Merge pull request #1980 from dmexe/network-aliases
...
Add network_aliases for docker driver
2016-12-19 14:17:48 -08:00
7cdf24f05f
Fix Docker Logging Type interpolation
...
This PR fixes an issue that made Logging.Type un-interpretable in the
docker driver.
2016-12-19 13:42:58 -08:00
2f3aeed2f8
Merge pull request #2063 from tmichaud314/fix-docker-driver-auth-interpolation
...
Fixes docker-driver Auth-config interpolation
2016-12-19 13:41:27 -08:00
d0c01c8816
Fixes docker-driver Auth-config interpolation
2016-12-06 13:30:23 -07:00
770ed703d0
Add Driver.Prestart method
...
The Driver.Prestart method currently does very little but lays the
foundation for where lifecycle plugins can interleave execution _after_
task environment setup but _before_ the task starts.
Currently Prestart does two things:
* Any driver specific task environment building
* Download Docker images
This change also attaches a TaskEvent emitter to Drivers, so they can
emit events during task initialization.
2016-12-02 11:03:48 -08:00
70396c464b
Make errors starting a container recoverable
...
This PR makes errors starting a container recoverable and tries to
optimistically handle 500 errors.
2016-11-30 15:59:47 -08:00
6c179d1695
Merge pull request #2045 from hashicorp/b-docker-create-container
...
Returning a container if it exists instead of creating a new one
2016-11-29 17:55:33 -08:00
50452520bf
Returning a container if it exists instead of creating a new one
2016-11-29 17:52:19 -08:00
712e18707b
add debugging
2016-11-29 14:29:37 -08:00
bff172939b
Fixes an issue with purging containers with the same name Nomad is trying to start
2016-11-28 17:37:22 -08:00
4f2a6eae8b
Merge pull request #2029 from gliptak/dockerauth1
...
Log when lookup in docker.auth.config fails
2016-11-28 12:45:19 -08:00
8a641a8672
Make container exist errors non-retriable
...
This change makes it so that the task runner does not retry container
exists errors and also a sleep is added on the local retry.
2016-11-25 19:22:58 -08:00
6268112e86
Log when lookup in docker.auth.config fails
2016-11-23 18:43:58 -05:00
3ec7ebac9c
Add network_aliases for docker driver
2016-11-16 11:16:07 +03:00
eea35626b7
Changes the relative path from joining against the alloc dir to the
...
task's directory.
This PR changes the behavior when given a relative host path when
mounting docker containers. Prior to this, the behavior was to mount by
joining against the alloc/ directory. This PR changes it to be against
the task/ directory.
2016-11-10 14:47:54 -08:00
691e09f863
remove debug
2016-11-08 14:21:37 -08:00
9f2c0cb0c2
Interpolate everything that is a string
2016-11-08 14:20:51 -08:00
742e11ddb4
Fix env vars relating to secretdir
2016-11-08 12:28:43 -08:00
a9e9b61216
Merge pull request #1938 from hashicorp/b-docker-reattach
...
Fix Docker container creation and task runner updating
2016-11-04 17:14:40 -07:00
b1a01a9a0f
Add userns_mode docker config option
...
Fixes #1904
2016-11-04 16:53:56 -07:00
0cbd0188b1
Move the wait result to bottom of methods
2016-11-04 14:58:55 -07:00
4741a4b129
Create container much more robust
2016-11-04 14:39:56 -07:00
b08f4e0b97
More recoverable errors
2016-11-02 10:36:04 -07:00
6618f7a03d
Fix passing of recoverable error from docker pull
2016-10-28 17:49:46 -07:00
5ddf646615
Don't delete docker images in test
2016-10-27 12:31:53 -07:00
d3835283ca
Expand env vars in docker volume paths
...
Fixes #1876
2016-10-27 11:02:38 -07:00
150b678a6b
Merge pull request #1806 from hashicorp/f-docker4mac-fixes
...
A couple fixes to make Docker For Mac work
2016-10-27 09:29:40 -07:00
3c4a27e72b
Fix panic
2016-10-25 17:27:13 -07:00
8e07c2750e
Merge pull request #1839 from hashicorp/f-signal-constraints
...
Signal creates an auto-constraints
2016-10-25 11:09:33 -07:00
4f45aece4b
Fingerprint rkt volume support and make periodic
...
Fix rkt docs and custom volume mounting
2016-10-25 09:46:49 -07:00
5d358c7eba
Allow mounting alloc-dir-relative paths in docker
2016-10-25 09:46:49 -07:00
49ed6da0ad
Enable rkt and docker volume mounting by default
2016-10-25 09:46:49 -07:00
0070178741
Thread through whether DeriveToken error is recoverable or not
2016-10-22 18:08:30 -07:00
41b5679015
Advertise signalling abilities
2016-10-19 15:06:23 -07:00
ae1ea0e5ba
Actually mount the local directory
2016-10-18 15:57:12 -07:00
36cfe6e89e
Large refactor of task runner and Vault token rehandling
2016-10-18 11:24:20 -07:00
53eeec9bc1
Merge pull request #1801 from hashicorp/f-signals
...
Consul-template signal change mode
2016-10-18 11:23:47 -07:00
8864a506aa
Disable the syslog logging system on Docker For Mac
...
The syslog logging system depends on the ability for a unix socket to be
accessed by the docker daemon in the $TMPDIR of the host. This doesn't
work on Docker For Mac because the docker daemon is running inside a VM,
and while /tmp is accessible, the filesystem used to share them doesn't
support unix socket files, and thus it doesn't work.
2016-10-12 17:07:21 -07:00
eec1a154ec
add plugin kill
2016-10-12 13:24:22 -07:00
86238387e7
Send Executor Ctx separately
2016-10-12 11:35:29 -07:00
280af8f4d1
Docker + Qemu
2016-10-10 11:47:04 -07:00
f0d04bd798
Add comment and fix log line code style
2016-10-07 11:58:21 -07:00
523dbfcc81
Remove VolumesFrom feature
...
Since containers are named with alloc ids it's difficult to use safely.
Not to mention task scheduling ordering issues could break it as well.
2016-10-07 11:58:13 -07:00
f777faba00
Add comments to config key constants
2016-10-03 16:04:33 -07:00
0d66b8aef0
Only launch syslog server if container uses syslog
2016-10-03 15:22:10 -07:00
44219cc083
Put docker volume support behind conf flag
...
Also add tests and fix bug with logging driver configuration.
2016-10-03 15:02:50 -07:00
a26a501120
Fixed a bug when giving in another logging driver than syslog.
...
Before this commit, if the Logging config did not contain a logging option "syslog-address", it would definitely insert this option.
If then, you decide to take another logdriver than syslog, docker would fail because it received a wrong log option for the selected driver.
Now, nomad will only insert the syslog address in a hard way if there are no logging options at all - this way it keeps the default nomad settings.
2016-10-03 15:02:50 -07:00
6c7cbe5fcb
Added support to mount host folders into container. For example if you don't want to bake certificates into the container, you can mount them into the directory directly.
...
Furthermore, I added support for volumes-from.
Currently, there is no support to move the data from one container to another, hence: If a container spawns on another host, it is very likely, that the data will not be found.
2016-10-03 15:02:49 -07:00
ac5cde4641
Added logging options support for docker driver
2016-10-03 15:02:49 -07:00
6702a29071
Vault token threaded
2016-09-14 13:30:01 -07:00
eef786dd9d
Secret dir materialized in alloc/task directory
2016-09-02 12:44:05 -07:00
2c8dd8bbd3
Revert "Introduce a Secret/ directory"
2016-09-01 17:23:15 -07:00
0626eb9619
environment variables
2016-08-31 13:56:11 -07:00
b06c6d9311
driver.docker: tiny: debug messages output task name instead of image name
2016-08-21 19:51:32 +09:00
ab7f8847c1
changing error statement
2016-08-17 13:48:31 -07:00
096956257d
changelog
2016-08-05 10:47:44 -07:00
b688261a99
Set windows containers default network mode to 'nat'
2016-08-05 06:01:26 +02:00
531b619ce4
Merge pull request #1475 from mwieczorek/windows-hostIp-portBindings
...
Empty host ip for windows containers port bindings
2016-08-04 13:30:43 -07:00
1fe4158097
Merge pull request #1519 from vrenjith/master
...
Remove docker volumes while removing container
2016-08-04 12:54:00 -07:00
41cf7cc623
Update docker.go
...
Remove container volumes
2016-08-04 11:43:50 +05:30
d91f7dbdf8
Docker driver: allow to configure working directory
2016-08-03 16:18:15 +02:00
47f5c8f523
use priviledge of the config
2016-08-02 16:10:15 -07:00
cec6d8a1eb
remove gating of ipc, user ns and pidmode based on hosts priviledge mode config
2016-08-02 16:02:34 -07:00
2999c12ef1
disable swap
2016-07-28 12:17:00 -07:00
4b82b6c3d4
Empty host ip for windows containers port bindings
2016-07-28 00:00:57 +02:00
22af229cef
Merge pull request #1321 from mwieczorek/f-windows-binds
...
Volume binds for windows containers
2016-07-18 10:20:44 -06:00
a73422b4ff
Fix docker driver lockup during nomad boot
...
Unit mismatch caused docker driver to wait almost indefinitely during boot
(when one or more containers were a bit uncooperative during StopContainer())
This should fix problems described in #1202
2016-06-28 14:26:47 +02:00
0a10873aa6
Merge pull request #1335 from hashicorp/f-set-docker-timeout
...
Setting a timeout in the docker client
2016-06-21 17:00:14 -07:00
2837d3395d
Setting a timeout in the docker client
2016-06-21 16:58:21 -07:00
1d5c5b18f3
Making SSL default
2016-06-21 16:41:14 -07:00
Michael Schurter