Fixes#3620
Previously we concatenated tags into task service IDs. This could break
deregistration of tag names that contained double //s like some Fabio
tags.
This change breaks service ID backward compatibility so on upgrade all
users services and checks will be removed and re-added with new IDs.
This change has the side effect of including all service fields in the
ID's hash, so we no longer have to track PortLabel and AddressMode
changes independently.
Fixes#3380
Adds address_mode to checks (but no auto) and allows services and checks
to set literal port numbers when using address_mode=driver.
This allows SDNs, overlays, etc to advertise internal and host addresses
as well as do checks against either.
The Superset method on Resources used to return a string in the format of “[resource name] exhausted”.
This was leading to the output in plan/create job API DimensionExhausted to return keys like
```
"DimensionExhausted": {"cpu exhausted": 1}
```
This was not anywhere documented, however, one of the examples on the website showed it like this.
The other side effect of this is that the CLI formats the strings from the name of the key leading to output like
```
* Dimension "cpu exhausted" exhausted on 1 nodes
```
* Allow server TLS configuration to be reloaded via SIGHUP
* dynamic tls reloading for nomad agents
* code cleanup and refactoring
* ensure keyloader is initialized, add comments
* allow downgrading from TLS
* initalize keyloader if necessary
* integration test for tls reload
* fix up test to assert success on reloaded TLS configuration
* failure in loading a new TLS config should remain at current
Reload only the config if agent is already using TLS
* reload agent configuration before specific server/client
lock keyloader before loading/caching a new certificate
* introduce a get-or-set method for keyloader
* fixups from code review
* fix up linting errors
* fixups from code review
* add lock for config updates; improve copy of tls config
* GetCertificate only reloads certificates dynamically for the server
* config updates/copies should be on agent
* improve http integration test
* simplify agent reloading storing a local copy of config
* reuse the same keyloader when reloading
* Test that server and client get reloaded but keep keyloader
* Keyloader exposes GetClientCertificate as well for outgoing connections
* Fix spelling
* correct changelog style
In #3520, work was done to true up the defaults for Nomad resource
stanzas with the documentation. This fixes the tests that I
accidentally broke in the process. Some questions were raised about
using dynamic elements as part of expects, which is why I opted to
copy the MinResources pattern. During this refactor I also noticed
that structs.go had a similar issue and an inconsistent minium for CPU.
This commit:
* Fixes the error checking in migration tests now that we are using the
canonical ErrPermissionDenied error
* Guard against NPE when looking up objects to generate the migration
token
* Handle an additional case in ShouldMigrate()
This PR fixes:
* An issue in which a node-drain that contains a complete batch alloc
would cause a replacement
* An issue in which allocations with the same name during a scale
down/stop event wouldn't be properly stopped.
* An issue in which batch allocations from previous job versions may not
have been stopped properly.
Fixes https://github.com/hashicorp/nomad/issues/3210
This PR fixes a scheduling race condition in which the plan results from
one invocation of the scheduler were not being considered by the next
since the Worker was not waiting for the correct index.
Fixes https://github.com/hashicorp/nomad/issues/3198