Commit graph

20854 commits

Author SHA1 Message Date
AndrewChubatiuk 99201412da removed proxy suffix 2021-02-13 02:42:13 +02:00
AndrewChubatiuk 844ac16900 fixed variable initialization 2021-02-13 02:42:13 +02:00
AndrewChubatiuk 78465bbd23 customized default sidecar checks 2021-02-13 02:42:13 +02:00
AndrewChubatiuk eff180be91 enabled hairpin mode 2021-02-13 02:42:13 +02:00
Charlie Voiselle d9c31741dc
Merge pull request #10020 from hashicorp/docs-update-install-brew
Updated Homebrew install instructions
2021-02-12 11:52:59 -05:00
Seth Hoenig 6cdfd8cc07
Merge pull request #10022 from hashicorp/docs-update-ig-example
docs: update ingress gateway runnable demo
2021-02-12 10:26:31 -06:00
Seth Hoenig eb8812dc3d docs: update ingress gateway runnable demo
Using the environment variable stopped working here a while back,
should be using the port label. Also upgrade to uuid-api:v5 which
supports linux/arm64.
2021-02-12 10:10:16 -06:00
Charlie Voiselle 7c6ffb9dcd
Updated Homebrew install instructions 2021-02-11 18:42:18 -05:00
Nick Ethier fcc1f4c805
Merge pull request #9946 from hashicorp/b-9477
structs: namespace port validation by host_network
2021-02-11 12:53:28 -05:00
James Rasell d136746113
Merge pull request #10011 from hashicorp/b-e2e-gh-9985
e2e: account for race condition in periodic dispatch test.
2021-02-11 15:12:50 +01:00
Shantanu Gadgil 3fa71d2c66 The encryption key uses 32 bytes now
The encryption key uses 32 bytes now, not 16 bytes
2021-02-11 08:34:39 -05:00
James Rasell f95e45b80c
e2e: account for race condition in periodic dispatch test. 2021-02-11 11:08:48 +01:00
Mark Lewis 56f1e7a324
Fix typo (#10008) 2021-02-10 14:43:11 -06:00
Buck Doyle 4adf59785d
Fix deployment failure error handling (#10003)
This is a supplement to #9831 to incorporate the extracted
missing-permissions error handling from #9909.

It fixes this failure on the main branch! 😳
https://app.circleci.com/pipelines/github/hashicorp/nomad/14728/workflows/4c147dca-fd1e-4de7-86aa-90ded7aabad2/jobs/137137
2021-02-10 10:23:19 -06:00
Buck Doyle f462d7d1c2
Add button to fail running deployments (#9831)
This closes #8744 and #9826.

It necessitated some customisation options for TwoStepButton. One is inlineText, which puts the confirmation text in the same line as the buttons. Also, there was a single-use configuration option named isInfoAction that I removed in favour of passing a set of class configuration options like this:

                @classes={{hash
                  idleButton="is-warning"
                  confirmationMessage="inherit-color"
                  cancelButton="is-danger is-important"
                  confirmButton="is-warning"}}
2021-02-10 08:38:37 -06:00
Karan Sharma 26199289fc fix: docs/job-specification change mounts to mount
Since [mounts](https://www.nomadproject.io/docs/drivers/docker#mounts) is deprecated,
switch to newer `mount` in `task.config` for `docker` driver.
2021-02-10 08:24:58 -05:00
Seth Hoenig 7d6e81e9e4
Merge pull request #9990 from hashicorp/f-nsiso-task
drivers/exec+java: Add task configuration to restore previous PID/IPC isolation behavior
2021-02-09 13:29:14 -06:00
Seth Hoenig 50b03faf3e
Merge pull request #9995 from hashicorp/f-expose-custom
consul/connect: enable custom sidecars to use expose checks
2021-02-09 12:33:30 -06:00
Seth Hoenig 6d30783679 docs: fix egregious changelog ordering 2021-02-09 12:33:03 -06:00
Seth Hoenig 45e0e70a50 consul/connect: enable custom sidecars to use expose checks
This PR enables jobs configured with a custom sidecar_task to make
use of the `service.expose` feature for creating checks on services
in the service mesh. Before we would check that sidecar_task had not
been set (indicating that something other than envoy may be in use,
which would not support envoy's expose feature). However Consul has
not added support for anything other than envoy and probably never
will, so having the restriction in place seems like an unnecessary
hindrance. If Consul ever does support something other than Envoy,
they will likely find a way to provide the expose feature anyway.

Fixes #9854
2021-02-09 10:49:37 -06:00
Buck Doyle e3392b7da8
Fix exec escaping for emoji task name (#7813)
This closes #7459.

While emoji don’t actually need escaping, expanding the
expression that enumerates all task name characters that
don’t need escaping to include emoji is prohibitive, since
it’s a discontinuous range. The emoji-regex project has
such an expression and it’s 12kB.

This fixes the regular expression to property escape emoji
as a single character instead of as its component bytes.
Thanks to @DingoEatingFuzz for the suggestion.
2021-02-09 09:33:48 -06:00
Bryce Kalow a412513c65
website: update next and nextjs-scripts (#9957) 2021-02-08 16:53:32 -06:00
Seth Hoenig 8ee9835923 drivers/exec+java: Add task configuration to restore previous PID/IPC isolation behavior
This PR adds pid_mode and ipc_mode options to the exec and java task
driver config options. By default these will defer to the default_pid_mode
and default_ipc_mode agent plugin options created in #9969. Setting
these values to "host" mode disables isolation for the task. Doing so
is not recommended, but may be necessary to support legacy job configurations.

Closes #9970
2021-02-08 14:26:35 -06:00
Nick Ethier 76cb4081f7
Merge pull request #9976 from hashicorp/hack-iptables-isolation
ar: isolate network actions performed by client
2021-02-08 14:15:45 -05:00
Nick Ethier b0a49ff37a
Update CHANGELOG.md 2021-02-08 14:14:39 -05:00
Tim Gross b04a040aed
document that Nomad ENT cannot be downgraded to Nomad OSS 2021-02-08 14:09:45 -05:00
Buck Doyle c22d1114d8
Add handling for license requests in OSS (#9963)
This changes the license-fetching endpoint to respond with 204 in
OSS instead of 501. It closes #9827.
2021-02-08 12:53:06 -06:00
Drew Bailey b5585882e4
address pr comments 2021-02-08 13:43:05 -05:00
Seth Hoenig 85723d6227
Merge pull request #9982 from hashicorp/f-nsiso-driver
drivers/exec+java: Add configuration to restore previous PID/IPC namespace behavior
2021-02-08 11:19:09 -06:00
Seth Hoenig 152534fe21 docs: fixup comments, var names 2021-02-08 10:58:44 -06:00
Seth Hoenig f5cc4c5d44
docs: clarify PID
Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>
2021-02-08 10:52:57 -06:00
Seth Hoenig 419044ed08
docs: shorten IPC
Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>
2021-02-08 10:52:42 -06:00
Seth Hoenig a911d4ca17
docs: clarify PID
Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>
2021-02-08 10:52:31 -06:00
Seth Hoenig 6c101e601d
docs: shorten IPC
Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>
2021-02-08 10:52:19 -06:00
Seth Hoenig 0134d2eab9
docs: capitalize posix
Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>
2021-02-08 10:52:08 -06:00
Seth Hoenig cb81d38f2e
docs: capitalize posix
Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>
2021-02-08 10:51:55 -06:00
Drew Bailey b0cf3ffa54
on_update check_restart e2e 2021-02-08 10:49:25 -05:00
Drew Bailey 8507d54e3b
e2e test for on_update service checks
check_restart not compatible with on_update=ignore

reword caveat
2021-02-08 08:32:40 -05:00
Drew Bailey 82f971f289
OnUpdate configuration for services and checks
Allow for readiness type checks by configuring nomad to ignore warnings
or errors reported by a service check. This allows the deployment to
progress and while Consul handles introducing the sercive into a
resource pool once the check passes.
2021-02-08 08:32:40 -05:00
Seth Hoenig 4bc6e5a215 drivers/exec+java: Add configuration to restore previous PID/IPC namespace behavior.
This PR adds default_pid_mode and default_ipc_mode options to the exec and java
task drivers. By default these will default to "private" mode, enabling PID and
IPC isolation for tasks. Setting them to "host" mode disables isolation. Doing
so is not recommended, but may be necessary to support legacy job configurations.

Closes #9969
2021-02-05 15:52:11 -06:00
Mike Wickett 1fda6a4126
website: update community page to be consistent with other projects (#9863) 2021-02-05 13:54:59 -05:00
Nick Ethier eacc4da499
Merge branch 'master' into b-9477 2021-02-05 11:58:13 -05:00
Alex Chan 768c02eaff
Correct the spelling of heirarchical/hierarchical (#9980) 2021-02-05 09:23:30 -06:00
Alex Iribarren ee15c8e899 Replace &lsquo; and &apos; with ' 2021-02-05 08:36:38 -05:00
Tim Gross eb3dd17fb2 volumes: implement plan diff for volume requests
The details of host volume and CSI volume requests do not show up in `nomad
plan` outputs, although the updates are detected by the scheduler and result
in an update as expected.
2021-02-04 16:55:17 -05:00
Buck Doyle 099162a55c
Change exec URLs to use job’s namespace/region (#9968)
This closes #9966. It was looking at the query parameters
for the namespace and region, but allocation (and task!)
routes don’t have a namespace query parameter. Since the URL
generator requires the job for all calls, it makes sense to
extract the namespace and region from the job instead.
2021-02-04 13:14:15 -06:00
Chris Baker 3c6a3ba63d
Merge pull request #9964 from hashicorp/f-9787-alloc-prefix-cli
add prefix-search and auto-completion for `scaling policy info` command
2021-02-04 10:00:57 -06:00
Chris Baker cbc1506478 changelog for 9964 2021-02-04 15:11:00 +00:00
Chris Baker 84f1902296 scaling policy -verbose flag, plus testing and other recommendations from review 2021-02-04 15:08:13 +00:00
Xopherus 76799c9f07 Fix aws secret key name in autoscaler aws target
- aws secret key is named incorrectly in the target docs.
  It needs to match what is in the nomad-autoscaler repo
  (see link below), otherwise the autoscaler will default to AWS sdk
  behavior, which could end up using an IAM instance profile
  or other environment variables instead of what is passed into the
  autoscaler config file.

Ref: e60fb5268d/plugins/builtin/target/aws-asg/plugin/plugin.go (L27)
2021-02-03 16:56:12 -05:00