Commit graph

426 commits

Author SHA1 Message Date
Michael Schurter 4be4df21c9 Merge pull request #2797 from hashicorp/f-2785-docker-bridge-ip
Add driver.docker.bridge_ip node attribute
2017-07-07 16:20:20 -07:00
Michael Schurter 94389c3ecc Remove debug logging 2017-07-07 16:19:42 -07:00
Michael Schurter 67a7b0eac9 Don't panic in container list/remove/inspect race
Fixes #2802

While it's hard to reproduce the theoretical race is:

1. This goroutine calls ListContainers()
2. Another goroutine removes a container X
3. This goroutine attempts to InspectContainer(X)

However, this bug could be hit in the much simpler case of
InspectContainer() timing out.

In those cases an error is returned and the old code attempted to wrap
the error with the now-nil container.ID. Storing the container ID fixes
that panic.
2017-07-07 15:10:59 -07:00
Michael Schurter 084dd384c1 Add driver.docker.bridge_ip node attribute
Fixes #2785
2017-07-07 10:14:10 -07:00
Michael Schurter 39edf23fd5 Merge pull request #2786 from hashicorp/f-docker-auth-soft-fail
Default to auth hard fail but optionally soft fail
2017-07-06 13:25:56 -07:00
Michael Schurter 8f4353779a Merge branch 'master' into master 2017-07-06 12:09:36 -07:00
Michael Schurter 2900f941b5 Default to auth hard fail but optionally soft fail 2017-07-06 11:35:34 -07:00
Michael Schurter b000bb8598 Merge pull request #2744 from aep/master
Do not fail when no docker registry auth is available
2017-07-06 11:04:11 -07:00
Arvid E. Picciani aa4f029f10 Do not fail when no docker registry auth is available
this amends the behaviour introduced with #2651
and allows pulling public images when docker.auth.helper is set
2017-06-27 11:11:18 +02:00
Michael Schurter 5a274e6683 Style and comments 2017-06-23 15:20:04 -07:00
Michael Schurter 38a0695687 Simplify Docker Networks processing 2017-06-21 17:19:08 -07:00
Michael Schurter fec83b271a Bump error log level 2017-06-21 17:19:08 -07:00
Michael Schurter 67d154a274 Test driver network advertisement and checks 2017-06-21 17:19:08 -07:00
Michael Schurter b9bfb84b53 Implement DriverNetwork and Service.AddressMode
Ideally DriverNetwork would be fully populated in Driver.Prestart, but
Docker doesn't assign the container's IP until you start the container.

However, it's important to setup the port env vars before calling
Driver.Start, so Prestart should populate that.
2017-06-21 17:19:08 -07:00
Alex Dadgar 7695e636d5 Fix port map interpolation for docker
This PR fixes an issue in which the value of the portmap could not be
interpolated.

Fixes https://github.com/hashicorp/nomad/issues/2680
2017-06-08 13:12:32 -07:00
Alex Dadgar 3b46fe136f small cleanup 2017-05-31 15:56:54 -07:00
Ulrik Mikaelsson 6138564f00 Implement support for docker-credential-helpers
Solves: #2334
2017-05-31 12:45:02 +02:00
Michael Schurter fd9bef768f Move task env into execcontext
Also inject PATH into rkt commands since we're no longer appending host
env vars for it.
2017-05-23 13:53:34 -07:00
Michael Schurter 37b148fb60 Add PortMap to struct returned by Driver.Prestart
Moves env.Builder out of drivers entirely so one less thing to worry
about when implementing driver plugins.
2017-05-23 13:53:34 -07:00
Michael Schurter d2c08ff24b Refactor TaskEnvironment into Builder and TaskEnv 2017-05-23 13:53:33 -07:00
Brandon Fulljames 6b2d5bd4fd Add SecurityOpt as a config field in Docker driver 2017-05-19 16:18:49 -07:00
johannesa 323a0a78f3 Fixed wrong newline 2017-05-17 16:51:22 +02:00
johannesa ea644237cf mac address pinning in docker driver
This commit adds mac address pining to the docker driver.
2017-05-17 16:41:00 +02:00
Michael Schurter caf317e3f2 Use a DriverAbility to expose Exec functionality 2017-04-19 12:42:47 -07:00
Michael Schurter e204a287ed Refactor Consul Syncer into new ServiceClient
Fixes #2478 #2474 #1995 #2294

The new client only handles agent and task service advertisement. Server
discovery is mostly unchanged.

The Nomad client agent now handles all Consul operations instead of the
executor handling task related operations. When upgrading from an
earlier version of Nomad existing executors will be told to deregister
from Consul so that the Nomad agent can re-register the task's services
and checks.

Drivers - other than qemu - now support an Exec method for executing
abritrary commands in a task's environment. This is used to implement
script checks.

Interfaces are used extensively to avoid interacting with Consul in
tests that don't assert any Consul related behavior.
2017-04-19 12:42:47 -07:00
Alex Dadgar cdd624ff5b Add ExtraHosts to Docker driver
This PR allows job submitters to add extra hosts to the containers
/etc/hosts file.

Fixes https://github.com/hashicorp/nomad/issues/2546
2017-04-11 10:52:41 -07:00
Clint Armstrong d71ddcb756 Allow specifying container IP with docker driver 2017-04-07 11:56:07 -04:00
Michael Schurter ae3810052d Merge pull request #2482 from hashicorp/f-2289-better-artifact-err
Improve artifact download error message
2017-03-28 12:48:22 -07:00
Michael Schurter 507862ade3 Add WrapRecoverable helper 2017-03-27 15:37:15 -07:00
Alex Dadgar 4ecebe7d8c Proper reference counting through task restarts
This PR fixes an issue in which the reference count on a Docker image
would become inflated through task restarts.
2017-03-25 17:05:53 -07:00
Michael Schurter 0e6c564406 Improve artifact download error message
Fixes #2289

Unfortunately took more RecoverableError hijinx than I would have liked.
There might be a better way.
2017-03-24 15:26:05 -07:00
Alex Dadgar d220d9405b return the recoverable err 2017-03-14 16:33:36 -07:00
Alex Dadgar 5f7bf577cd Docker doesn't need to init the stats helper 2017-03-14 13:41:57 -07:00
Tom Michaud b4db9d33f9 Fixes docker-driver docker.auth.config processing 2017-03-01 16:16:11 -07:00
Alex Dadgar d2193048ce Fix caching of pull future 2017-02-28 18:19:13 -08:00
Alex Dadgar 5be806a3df Fix vet script and fix vet problems
This PR fixes our vet script and fixes all the missed vet changes.

It also fixes pointers being printed in `nomad stop <job>` and `nomad
node-status <node>`.
2017-02-27 16:00:19 -08:00
Alex Dadgar c423626484 Docker open stores image/image ID for next ID 2017-02-27 13:49:54 -08:00
Alex Dadgar aa05ecc37c Merge pull request #2361 from hashicorp/f-docker-coordination
Docker Image Coordinator and caching
2017-02-24 14:18:21 -08:00
Alex Dadgar b5d4f39734 Docker Image Coordinator
This PR introduces a coordinator for doing CRUD on a Docker image. It
should fix racy deletion of images. The issue before was images would be
deleted between prestart and start causing an error.
2017-02-24 13:20:40 -08:00
Michael Schurter f61b7975a3 Put access to Docker volume drivers behind flag 2017-02-23 15:47:36 -08:00
Pietro Menna 2f88d6cb68 Docker Volume Drivers
This commit adds the functionality to use Docker Volume Drivers.
2017-02-23 14:36:32 -03:00
Michael Schurter 12c549d6a0 Skip setting MemorySwap on Windows
Windows doesn't support this Docker setting.

Fixes #2193
2017-02-21 13:21:42 -08:00
Alex Dadgar f9323f03df Drivers log during fingerprinting
This PR fixes a regression in which some drivers did not log during
fingerprinting.
2017-02-20 19:35:51 -08:00
Diptanu Choudhury fda3a5250c Merge pull request #2222 from hashicorp/b-docker-image-not-found
Making the docker driver retry when an image is not found
2017-01-23 14:58:00 -08:00
Diptanu Choudhury dfd1f03ec8 Added a comment 2017-01-23 14:57:30 -08:00
Alex Dadgar e160b2b38f Add test and better logs
This commit adds a test to retrieving auth configurations, use either
the auth block in the config or specified via the agent config and adds
a log if lookup fails.
2017-01-23 14:48:02 -08:00
Alex Dadgar 43a17b7d74 Close file 2017-01-23 11:37:45 -08:00
Alex Dadgar ee5296ba70 Deprecation notice 2017-01-23 11:32:51 -08:00
Alex Dadgar 3365688571 Remove SSL 2017-01-23 11:32:51 -08:00
Alex Dadgar 4a627b02ca undo 2017-01-23 11:32:51 -08:00
Alex Dadgar 08733b68d2 vendor 2017-01-23 11:32:51 -08:00
Alex Dadgar b1823a5fdb Better auth lookup 2017-01-23 11:32:51 -08:00
Alex Dadgar 3d5b31fc96 WIP 2017-01-23 11:32:51 -08:00
Alex Dadgar ec6b6e69d4 remove reference to entrypoint 2017-01-22 14:04:41 -08:00
Michael Schurter 295c2bf74a Merge pull request #2186 from hashicorp/f-driver-cleanup
Add Cleanup method to Driver interface
2017-01-20 13:02:14 -08:00
Diptanu Choudhury be7081568c Making the docker driver retry when an image is not found 2017-01-20 12:38:04 -08:00
Michael Schurter 010a7709f1 Bump unknown resource to ERR 2017-01-19 09:48:07 -08:00
Michael Schurter 578272b7f2 Add CreatedResources.Remove and use it 2017-01-17 16:41:59 -08:00
Michael Schurter 1bcf7cdbfe Remove outdated comment 2017-01-17 16:23:29 -08:00
Michael Schurter 82b49d4547 Updated CreatedResources as images are cleaned 2017-01-17 16:13:40 -08:00
Michael Schurter beed31ff6f Remove outdated comment 2017-01-17 16:05:21 -08:00
Michael Schurter b9d6d2c8d6 Return error from Prestart 2017-01-17 16:04:09 -08:00
Michael Schurter 255698e8af Use Image ID instead of Image Name 2017-01-13 16:53:58 -08:00
Michael Schurter a3a3656dbb Switch to use recoverable errors from Cleanup
TaskRunner handles retrying but Cleanup handles all of CreatedResources.
2017-01-13 16:46:08 -08:00
Michael Schurter 25bf266606 Add ID to output 2017-01-13 12:46:55 -08:00
Michael Schurter dc68aa1a5a Return errors from cleanup and let TaskRunner retry 2017-01-12 17:21:54 -08:00
Diptanu Choudhury 6809a4b104 Added executorconfig 2017-01-12 15:47:58 -08:00
Diptanu Choudhury b1d0078db5 Filter executor log messages 2017-01-12 11:54:19 -08:00
Michael Schurter ec81325ddc Stop being so confusing 2017-01-12 11:17:35 -08:00
Michael Schurter 4d081490e6 Add Cleanup method to Driver interface
Cleanup can be used for cleaning up resources created by drivers to run
a task. Initially the Docker driver is the only user (to remove
downloaded images).
2017-01-11 17:23:33 -08:00
Cameron Davison 7ccbd8a000
fixing typo in comment 2017-01-10 16:54:01 -06:00
Cameron Davison 88a462d5b9
add force_pull to docker driver 2017-01-10 16:54:01 -06:00
Michael Schurter 65fb580216 Fix inconsistent task env setting
Consolidate task environment building in GetTaskEnv since it can
determine what kind of filesystem isolation is used.

This means drivers no longer have to manipulate task environment paths.
2017-01-06 12:19:32 -08:00
Michael Schurter baf6f078d6 Remove task name prefix from executor logs 2017-01-05 16:31:56 -08:00
Michael Schurter 3ea09ba16a Move chroot building into TaskRunner
* Refactor AllocDir to have a TaskDir struct per task.
* Drivers expose filesystem isolation preference
* Fix lxc mounting of `secrets/`
2017-01-05 16:31:49 -08:00
Michael Schurter 4a9a574d9d Merge pull request #2054 from hashicorp/f-prestart
Add Driver.Prestart method
2016-12-20 16:18:56 -08:00
Michael Schurter 05b49008eb Remove unneeded waitClient field 2016-12-20 14:29:57 -08:00
Michael Schurter 458c2ed5f1 Fix formatting of downloading image message 2016-12-20 11:57:26 -08:00
Michael Schurter e34d1e5d23 Use startContainer wrapper 2016-12-20 11:55:40 -08:00
Michael Schurter 85b0cecff2 Emit "Downloading image" event 2016-12-20 11:40:34 -08:00
Alex Dadgar 746d4c7ee3 Small cleanups 2016-12-19 14:22:08 -08:00
Alex Dadgar 18739a4433 Merge pull request #1980 from dmexe/network-aliases
Add network_aliases for docker driver
2016-12-19 14:17:48 -08:00
Alex Dadgar 7cdf24f05f Fix Docker Logging Type interpolation
This PR fixes an issue that made Logging.Type un-interpretable in the
docker driver.
2016-12-19 13:42:58 -08:00
Alex Dadgar 2f3aeed2f8 Merge pull request #2063 from tmichaud314/fix-docker-driver-auth-interpolation
Fixes docker-driver Auth-config interpolation
2016-12-19 13:41:27 -08:00
Tom Michaud d0c01c8816 Fixes docker-driver Auth-config interpolation 2016-12-06 13:30:23 -07:00
Michael Schurter 770ed703d0 Add Driver.Prestart method
The Driver.Prestart method currently does very little but lays the
foundation for where lifecycle plugins can interleave execution _after_
task environment setup but _before_ the task starts.

Currently Prestart does two things:

* Any driver specific task environment building
* Download Docker images

This change also attaches a TaskEvent emitter to Drivers, so they can
emit events during task initialization.
2016-12-02 11:03:48 -08:00
Alex Dadgar 70396c464b Make errors starting a container recoverable
This PR makes errors starting a container recoverable and tries to
optimistically handle 500 errors.
2016-11-30 15:59:47 -08:00
Diptanu Choudhury 6c179d1695 Merge pull request #2045 from hashicorp/b-docker-create-container
Returning a container if it exists instead of creating a new one
2016-11-29 17:55:33 -08:00
Diptanu Choudhury 50452520bf Returning a container if it exists instead of creating a new one 2016-11-29 17:52:19 -08:00
Alex Dadgar 712e18707b add debugging 2016-11-29 14:29:37 -08:00
Diptanu Choudhury bff172939b Fixes an issue with purging containers with the same name Nomad is trying to start 2016-11-28 17:37:22 -08:00
Alex Dadgar 4f2a6eae8b Merge pull request #2029 from gliptak/dockerauth1
Log when lookup in docker.auth.config fails
2016-11-28 12:45:19 -08:00
Alex Dadgar 8a641a8672 Make container exist errors non-retriable
This change makes it so that the task runner does not retry container
exists errors and also a sleep is added on the local retry.
2016-11-25 19:22:58 -08:00
Gábor Lipták 6268112e86 Log when lookup in docker.auth.config fails 2016-11-23 18:43:58 -05:00
Dmitry Galinsky 3ec7ebac9c Add network_aliases for docker driver 2016-11-16 11:16:07 +03:00
Alex Dadgar eea35626b7 Changes the relative path from joining against the alloc dir to the
task's directory.

This PR changes the behavior when given a relative host path when
mounting docker containers. Prior to this, the behavior was to mount by
joining against the alloc/ directory. This PR changes it to be against
the task/ directory.
2016-11-10 14:47:54 -08:00
Alex Dadgar 691e09f863 remove debug 2016-11-08 14:21:37 -08:00
Alex Dadgar 9f2c0cb0c2 Interpolate everything that is a string 2016-11-08 14:20:51 -08:00
Alex Dadgar 742e11ddb4 Fix env vars relating to secretdir 2016-11-08 12:28:43 -08:00
Alex Dadgar a9e9b61216 Merge pull request #1938 from hashicorp/b-docker-reattach
Fix Docker container creation and task runner updating
2016-11-04 17:14:40 -07:00