Commit graph

973 commits

Author SHA1 Message Date
Michael Schurter 714eb0b266 Services should not require a port
Fixes #3673
2017-12-19 15:50:23 -08:00
Kyle Havlovitz 1c07066064 Add autopilot functionality based on Consul's autopilot 2017-12-18 14:29:41 -08:00
Preetha Appan 40cb1d327c
Address some code review comments 2017-12-18 15:22:23 -06:00
Preetha Appan 3c36abfe14
Update eval modify index as part of plan apply. 2017-12-18 10:03:55 -06:00
Preetha Appan 3b4d7ac2a3
Fix some typos 2017-12-14 13:29:27 -06:00
Kyle Havlovitz b775fc7b33
Added support for v2 raft APIs and -raft-protocol option 2017-12-12 10:17:16 -06:00
Alex Dadgar d61ade8f02 remove generated structs 2017-12-11 17:51:41 -08:00
Alex Dadgar 8e63d545c4 generated assets 2017-12-11 17:30:37 -08:00
Chelsea Holland Komlo 5951222ccb fix for rpc_upgrade_mode 2017-12-11 19:23:45 -05:00
Alex Dadgar 86608124ca Fix followers not creating periodic launch
Fix an issue in which periodic launches wouldn't be made on followers.
2017-12-11 13:55:17 -08:00
Michael Schurter 2dca0671b7 Lowercase service IDs to prevent eye bleeding 2017-12-08 15:54:04 -08:00
Michael Schurter 0d8995fb83 Improve validation and testing of service/check ports 2017-12-08 13:52:23 -08:00
Michael Schurter d613e0aaf5 Move service hash logic to Service.Hash method 2017-12-08 12:03:43 -08:00
Michael Schurter b71edf846f Hash fields used in task service IDs
Fixes #3620

Previously we concatenated tags into task service IDs. This could break
deregistration of tag names that contained double //s like some Fabio
tags.

This change breaks service ID backward compatibility so on upgrade all
users services and checks will be removed and re-added with new IDs.

This change has the side effect of including all service fields in the
ID's hash, so we no longer have to track PortLabel and AddressMode
changes independently.
2017-12-08 12:03:43 -08:00
Michael Schurter af8964e896 Improve port label validation and diff testing 2017-12-08 12:03:43 -08:00
Michael Schurter 4ae115dc59 Allow custom ports for services and checks
Fixes #3380

Adds address_mode to checks (but no auto) and allows services and checks
to set literal port numbers when using address_mode=driver.

This allows SDNs, overlays, etc to advertise internal and host addresses
as well as do checks against either.
2017-12-08 12:03:00 -08:00
Chelsea Holland Komlo 3f231a0856 add test for kill signal in required signals
update changelog
2017-12-07 11:40:15 -05:00
Chelsea Holland Komlo b08611cfac move kill_signal to task level, extend to docker 2017-12-06 14:36:39 -05:00
Thomas Bartelmess 9acfa166c0
Changed Superset to only return the resource name
The Superset method on Resources used to return a string in the format of “[resource name] exhausted”.
This was leading to the output in plan/create job API DimensionExhausted to return keys like
```
"DimensionExhausted": {"cpu exhausted": 1}
```
This was not anywhere documented, however, one of the examples on the website showed it like this.

The other side effect of this is that the CLI formats the strings from the name of the key leading to output like
```
* Dimension "cpu exhausted" exhausted on 1 nodes
```
2017-11-28 23:16:08 -05:00
Thomas Bartelmess 60e4c777ac
Fixed error messges for MeetsMinResources 2017-11-28 19:44:33 -05:00
Preetha ff23499145
Shorter comment for SetEventDisplayMessage 2017-11-18 09:30:50 -06:00
Preetha Appan 3592635ede Populate DisplayMessage in various http endpoints that return allocations, plus unit tests. 2017-11-17 14:53:26 -06:00
Preetha Appan 1c4375163a Change error message to use original name for clarity, rather than the name after substituting env vars with placeholder. 2017-11-17 08:44:18 -06:00
Preetha Appan d3110f21bd Changes service name validation logic to ignore any environment variables first. 2017-11-15 15:35:43 -06:00
Chelsea Komlo 2dfda33703 Nomad agent reload TLS configuration on SIGHUP (#3479)
* Allow server TLS configuration to be reloaded via SIGHUP

* dynamic tls reloading for nomad agents

* code cleanup and refactoring

* ensure keyloader is initialized, add comments

* allow downgrading from TLS

* initalize keyloader if necessary

* integration test for tls reload

* fix up test to assert success on reloaded TLS configuration

* failure in loading a new TLS config should remain at current

Reload only the config if agent is already using TLS

* reload agent configuration before specific server/client

lock keyloader before loading/caching a new certificate

* introduce a get-or-set method for keyloader

* fixups from code review

* fix up linting errors

* fixups from code review

* add lock for config updates; improve copy of tls config

* GetCertificate only reloads certificates dynamically for the server

* config updates/copies should be on agent

* improve http integration test

* simplify agent reloading storing a local copy of config

* reuse the same keyloader when reloading

* Test that server and client get reloaded but keep keyloader

* Keyloader exposes GetClientCertificate as well for outgoing connections

* Fix spelling

* correct changelog style
2017-11-14 17:53:23 -08:00
Preetha 0e6484a397
Merge pull request #3536 from angrycub/b-resource-memory-test-fix
Fixed test and moved constants into standalone func
2017-11-13 17:00:14 -06:00
Charlie Voiselle eda764c0ca Review feedback + re-add dropped import 2017-11-13 12:51:19 -05:00
Charlie Voiselle 4b186861a9 gofmt and goimports nomad/structs/structs.go 2017-11-13 12:32:52 -05:00
Preetha Appan be5fd87b9a Fixes bug with display message logic due to deprecating GenericSource. Also added more test cases to cover a bunch more edge cases 2017-11-13 11:14:57 -06:00
Charlie Voiselle 26acd7f025 Fixed test and moved constants into standalone func
In #3520, work was done to true up the defaults for Nomad resource
stanzas with the documentation.  This fixes the tests that I
accidentally broke in the process.  Some questions were raised about
using dynamic elements as part of expects, which is why I opted to
copy the MinResources pattern.   During this refactor I also noticed
that structs.go had a similar issue and an inconsistent minium for CPU.
2017-11-13 12:05:30 -05:00
Preetha 0d0804d6ff
Merge pull request #3496 from hashicorp/b-auto-revert-stable
Makes auto reverts robust against infinite revert cycles
2017-11-03 17:28:28 -05:00
Preetha Appan 7526853b4b Added more unit tests for testing rollback when job has identical spec to AllocHealth and DeploymentStatus endpoints. 2017-11-03 16:07:06 -05:00
Preetha Appan 317fbf04b1 Adds SpecChanged check to alloc health and fail deployment end points, and other code review comments. 2017-11-03 15:33:34 -05:00
Preetha Appan 0eaef09675 Remove event GenericSource, and address other code review comments. Also added deprecation info in comments. 2017-11-03 10:10:06 -05:00
Preetha Appan b86c5a99b1 Unit test for PopulateEventDisplayMessage 2017-11-03 09:13:01 -05:00
Preetha Appan 7672535290 Added explanatory comment 2017-11-03 09:13:01 -05:00
Preetha Appan 5f09c968b3 Move logic for determinic event display message to task_runner, added two new fields DisplayMessage and Details. 2017-11-03 09:13:01 -05:00
Preetha Appan 5505391663 Fixes auto revert to check if the job's spec has changed before reverting. This prevents infinite reverting when reverting to a job version that was previously stable, but not so after attempting a revert. 2017-11-02 19:53:27 -05:00
Chelsea Holland Komlo e348deecf5 fixups from code review 2017-11-01 15:21:05 -05:00
Chelsea Holland Komlo afe9f9a714 add rpc_upgrade_mode as config option for tls upgrades 2017-11-01 15:19:52 -05:00
Preetha Appan 39d70be009 Add ModifyTime to Allocation and update it both on plan applies and client initiated updates 2017-11-01 15:13:48 -05:00
Alex Dadgar 51c87ec858 bump version and remove generated 2017-11-01 10:02:25 -07:00
Alex Dadgar 11c24e90a1 generated 2017-11-01 09:42:18 -07:00
Alex Dadgar 51f869040f remove generated structs 2017-10-31 13:50:16 -07:00
Alex Dadgar 593d4ceb45 generated code 2017-10-25 17:34:24 -07:00
Alex Dadgar ae6be0dac7 spelling mistake 2017-10-23 15:12:45 -07:00
Alex Dadgar d3e119f4d0 thread leader token through core gc and test 2017-10-23 15:04:00 -07:00
Alex Dadgar e7299676f6 generated 2017-10-19 15:20:39 -07:00
Alex Dadgar c1cc51dbee sync 2017-10-13 14:36:02 -07:00
Michael Schurter 84d8a51be1 SecretID -> AuthToken 2017-10-12 15:16:33 -07:00
Alex Dadgar d34c6e0135 fix test 2017-10-11 18:08:37 -07:00
Alex Dadgar 53f2ea88a5 Small fixes
This commit:

* Fixes the error checking in migration tests now that we are using the
canonical ErrPermissionDenied error
* Guard against NPE when looking up objects to generate the migration
token
* Handle an additional case in ShouldMigrate()
2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo c67bfc2ee4 fixups from code review
change creation of a migrate token to be for a previous allocation
2017-10-11 17:13:50 -07:00
Chelsea Holland Komlo 36ad6bc6bf add MigrateTokens to server response for allocs 2017-10-11 17:09:20 -07:00
Michael Schurter efcc61a253 Merge pull request #3302 from hashicorp/b-remove-structs-from-api
Remove `structs` import from `api`
2017-09-29 11:39:43 -07:00
Michael Schurter a66c53d45a Remove structs import from api
Goes a step further and removes structs import from api's tests as well
by moving GenerateUUID to its own package.
2017-09-29 10:36:08 -07:00
Michael Schurter 0e0ea82916 Test Check.Header add/removes 2017-09-28 17:08:43 -07:00
Alex Dadgar fe491421a3 Fix empty map 2017-09-28 16:15:04 -07:00
Michael Schurter f9b66cbb60 Diff CheckRestart objects 2017-09-28 14:06:18 -07:00
Alex Dadgar 4173834231 Enable more linters 2017-09-26 15:26:33 -07:00
Alex Dadgar e5ec915ac3 sync 2017-09-19 10:08:23 -05:00
Michael Schurter c98b79dcb4 Test CheckRestart.Validate 2017-09-15 15:12:47 -07:00
Michael Schurter 573a0df03d Watched -> TriggersRestart
Watched was a silly name
2017-09-14 16:48:39 -07:00
Michael Schurter d299d42089 Canonicalize and Merge CheckRestart in api 2017-09-14 16:48:39 -07:00
Michael Schurter ade29ecbed Improve check watcher logging and add tests
Also expose a mock Consul Agent to allow testing ServiceClient and
checkWatcher from TaskRunner without actually talking to a real Consul.
2017-09-14 16:47:41 -07:00
Michael Schurter a180c00fc3 on_warning=false -> ignore_warnings=false
Treat warnings as unhealthy by default
2017-09-14 16:46:54 -07:00
Michael Schurter 22690c5f4c Add check watcher for restarting unhealthy tasks 2017-09-14 16:46:54 -07:00
Michael Schurter b35d208428 Nest restart fields in CheckRestart 2017-09-14 16:46:54 -07:00
Michael Schurter bf34505509 Add restart fields 2017-09-14 16:46:54 -07:00
Alex Dadgar 3904bde9a3 Fix batch handling of complete allocs/node drains
This PR fixes:
* An issue in which a node-drain that contains a complete batch alloc
would cause a replacement
* An issue in which allocations with the same name during a scale
down/stop event wouldn't be properly stopped.
* An issue in which batch allocations from previous job versions may not
have been stopped properly.

Fixes https://github.com/hashicorp/nomad/issues/3210
2017-09-14 15:08:57 -07:00
Alex Dadgar 6911bd7676 Worker waits til max ModifyIndex across EvalsByJob
This PR fixes a scheduling race condition in which the plan results from
one invocation of the scheduler were not being considered by the next
since the Worker was not waiting for the correct index.

Fixes https://github.com/hashicorp/nomad/issues/3198
2017-09-14 14:28:43 -07:00
Alex Dadgar 9b997d2670 fix multierror merge 2017-09-13 21:48:52 -07:00
Alex Dadgar a2363e7583 sync acls 2017-09-13 11:38:29 -07:00
Alex Dadgar 5aa8f1a82e pass in uid to codecgen 2017-09-11 15:40:27 -07:00
Armon Dadgar 20a8e590a0 nomad: support ACL bootstrap reset 2017-09-10 16:03:30 -07:00
Alex Dadgar 84d06f6abe Sync namespace changes 2017-09-07 17:04:21 -07:00
Armon Dadgar 1c7fb1bfbb Remove generated structs 2017-09-04 13:33:37 -07:00
Armon Dadgar 97404e3f8c nomad: compute hash for ACL policies and tokens 2017-09-04 13:09:34 -07:00
Armon Dadgar ac6283c31f nomad: enforce ACLs on job submit 2017-09-04 13:05:53 -07:00
Armon Dadgar 387a8a923b nomad: adding policy subset check 2017-09-04 13:05:53 -07:00
Armon Dadgar ddcc5f89bc Add ErrPermissionDenied, rename TokenNotFound 2017-09-04 13:05:53 -07:00
Armon Dadgar 304a02d93b nomad: Add SecretID to QueryOptions and WriteMeta 2017-09-04 13:05:53 -07:00
Armon Dadgar e24a4abf2c nomad: adding ACL bootstrap endpoints 2017-09-04 13:05:53 -07:00
Armon Dadgar 76a03f2d8e Address @dadgar feedback 2017-09-04 13:05:53 -07:00
Armon Dadgar e7586a80df nomad: Switch from SHA1 to Blake2 @chelseakomlo 2017-09-04 13:05:36 -07:00
Armon Dadgar fc23a4e7e5 structs: sort policies to avoid order dependence for caching 2017-09-04 13:05:36 -07:00
Armon Dadgar edc38185cc noamd: Adding batch fetch endpoints for ACL tokens and policies 2017-09-04 13:05:36 -07:00
Armon Dadgar 6a9d4e2dc3 nomad: Adding token resolution endpoint 2017-09-04 13:05:36 -07:00
Armon Dadgar 98e0f98f7e structs: Adding ACL compilation helper 2017-09-04 13:05:35 -07:00
Armon Dadgar 583e654246 structs: cache key helper for policy list 2017-09-04 13:05:35 -07:00
Armon Dadgar 99cea1ac23 Moving shared ACL objects 2017-09-04 13:04:45 -07:00
Armon Dadgar 583a11cebd nomad: Adding ability to filter list of tokens to global only 2017-09-04 13:04:45 -07:00
Armon Dadgar 30b607987e nomad: generate accessor/secret ID server side 2017-09-04 13:04:45 -07:00
Armon Dadgar bd2db18c80 agent: Adding HTTP endpoints for ACL tokens 2017-09-04 13:04:45 -07:00
Armon Dadgar e5c69f162c nomad: implement ACL token endpoints 2017-09-04 13:04:45 -07:00
Armon Dadgar e9c583807a nomad: adding ACLToken struct 2017-09-04 13:04:45 -07:00
Armon Dadgar 3702587667 nomad: Adding Validate for ACLPolicy 2017-09-04 13:04:44 -07:00
Armon Dadgar d52e099fc2 Addressing @dadgar feedback 2017-09-04 13:03:15 -07:00
Armon Dadgar afdde24799 nomad: adding upsert policy endpoint 2017-09-04 13:03:15 -07:00
Armon Dadgar e3e243f433 nomad: implement policy delete endpoint 2017-09-04 13:03:15 -07:00