Commit Graph

2264 Commits

Author SHA1 Message Date
Alex Dadgar 5d2b56b387 Random wait 2017-01-11 13:24:23 -08:00
Cameron Davison c910f9b304
using new ctx instead of getting both params back 2017-01-10 16:54:01 -06:00
Cameron Davison 7ccbd8a000
fixing typo in comment 2017-01-10 16:54:01 -06:00
Cameron Davison 88a462d5b9
add force_pull to docker driver 2017-01-10 16:54:01 -06:00
Alex Dadgar cdc08bbd22 Merge pull request #2179 from hashicorp/b-panic
Fix nil dereference
2017-01-10 14:15:17 -08:00
Alex Dadgar bb329977a4 Fix nil dereference 2017-01-10 14:14:58 -08:00
Michael Schurter 0b7f8163d2 Merge pull request #2174 from hashicorp/b-fix-executor-test
Switch to a less timing dependent test command
2017-01-10 13:45:12 -08:00
Michael Schurter 1347a941b0 Fix missing value in test failure message 2017-01-10 13:39:05 -08:00
Alex Dadgar 4127a3ea9d Merge pull request #2173 from hashicorp/b-stats
Don't retrieve Driver Stats if unsupported
2017-01-10 13:32:03 -08:00
Alex Dadgar c19985244a GetAllocs uses a blocking query
This PR makes GetAllocs use a blocking query as well as adding a sanity
check to the clients watchAllocation code to ensure it gets the correct
allocations.

This PR fixes https://github.com/hashicorp/nomad/issues/2119 and
https://github.com/hashicorp/nomad/issues/2153.

The issue was that the client was talking to two different servers, one
to check which allocations to pull and the other to pull those
allocations.  However the latter call was not with a blocking query and
thus the client would not retreive the allocations it requested.

The logging has been improved to make the problem more clear as well.
2017-01-10 13:30:35 -08:00
Michael Schurter 7462379086 Switch to a less timing dependent test command
`/usr/bin/yes` could produce output very quickly (100s of MBps on my
laptop) and therefore could cause log files to roll over.

A bash loop with a sleep avoids that issue. The test is slower but
should be much more resilient to the massive timing differences between
workstations and Travis.
2017-01-09 15:40:53 -08:00
Alex Dadgar 2be221d664 Don't retrieve Driver Stats if unsupported
This PR makes us only try to collect stats once if the Driver doesn't
support collecting stats.

Fixes https://github.com/hashicorp/nomad/issues/1986
2017-01-09 13:47:06 -08:00
Alex Dadgar 26e2c5bb74 Merge pull request #2164 from hashicorp/b-dispatch
Create Task directory structure in the Run method
2017-01-09 11:24:46 -08:00
Alex Dadgar 2a5fd85e3b Move to Run() 2017-01-08 13:55:12 -08:00
Alex Dadgar 2affef2972 Create task directory during Prestart() 2017-01-08 13:55:12 -08:00
Alex Dadgar 4ffd9a69e5 Send Driver events to servers immediately
This PR causes driver events to be sent to the server immediately rather
than waiting for Prestart() to finish.
2017-01-08 13:54:43 -08:00
Alex Dadgar 724edb6659 Fix fingerprint tests 2017-01-08 13:53:27 -08:00
Diptanu Choudhury eb123416c5 Fixed namespacing for the cpu arch 2017-01-06 14:23:22 -08:00
Michael Schurter 65fb580216 Fix inconsistent task env setting
Consolidate task environment building in GetTaskEnv since it can
determine what kind of filesystem isolation is used.

This means drivers no longer have to manipulate task environment paths.
2017-01-06 12:19:32 -08:00
Michael Schurter d3270799f0 Fix executor tests 2017-01-06 11:39:18 -08:00
Michael Schurter acd11f678d Add COMPAT comment 2017-01-06 11:39:17 -08:00
Michael Schurter e203928d64 Driver is now required in test tasks 2017-01-06 11:39:17 -08:00
Michael Schurter 90f6ac7490 Fix tests post rebase 2017-01-06 11:39:13 -08:00
Michael Schurter 579f378bee Remove debug logging 2017-01-05 16:31:56 -08:00
Michael Schurter baf6f078d6 Remove task name prefix from executor logs 2017-01-05 16:31:56 -08:00
Michael Schurter 86fcf96f72 Put a logger in AllocDir/TaskDir 2017-01-05 16:31:56 -08:00
Michael Schurter f43d3f074a Add comments to TaskDir 2017-01-05 16:31:55 -08:00
Michael Schurter 5a6bd19eb7 Fix upgrade path for #2132
AllocRunner's state dropped the Context struct which needs to be
converted to the new AllocDir+TaskDir structs in RestoreState.

TaskRunner added a TaskDirBuilt flag, but it's safe to just let that
default to `false` and rebuild all task dirs once on upgrade.
2017-01-05 16:31:55 -08:00
Michael Schurter 774afd8800 Fail fast on taskdir errors 2017-01-05 16:31:55 -08:00
Michael Schurter 7260d0bca3 Test tasks now require driver name 2017-01-05 16:31:55 -08:00
Michael Schurter 3ea09ba16a Move chroot building into TaskRunner
* Refactor AllocDir to have a TaskDir struct per task.
* Drivers expose filesystem isolation preference
* Fix lxc mounting of `secrets/`
2017-01-05 16:31:49 -08:00
Alex Dadgar 8d5f0fea69 Merge pull request #2128 from hashicorp/f-dispatch
Nomad Constructor Jobs and Dispatch
2017-01-06 05:22:49 +08:00
Alex Dadgar 34fc25757e Merge pull request #2157 from hashicorp/t-client-tests
Fix client tests deadlocking
2017-01-06 05:21:05 +08:00
Alex Dadgar a29f253a12 use helper 2017-01-05 13:19:01 -08:00
Diptanu Choudhury 247bda9a88 Unlocking if we return before adding a new alloc runner 2017-01-05 13:18:48 -08:00
Alex Dadgar ee523062d1 Fix TestClient_BlockedAllocations 2017-01-05 13:15:08 -08:00
Diptanu Choudhury 9721a1ab04 Fixed how alloc lock is held 2017-01-05 13:06:56 -08:00
Alex Dadgar 205caf341f Fix SaveRestoreState 2017-01-05 12:32:44 -08:00
Michael Schurter 13064768ac Fix race when shutting down in dev mode
Client.Shutdown holds the allocLock when destroying alloc runners in dev
mode.

Client.updateAllocStatus can be called during AllocRunner shutdown and
calls getAllocRunners which tries to acquire allocLock.RLock. This
deadlocks since Client.Shutdown already has the write lock.

Switching Client.Shutdown to use getAllocRunners and not hold a lock
during AllocRunner shutdown is the solution.
2017-01-03 17:21:50 -08:00
Michael Schurter 4a9a574d9d Merge pull request #2054 from hashicorp/f-prestart
Add Driver.Prestart method
2016-12-20 16:18:56 -08:00
Michael Schurter 8e1ae14feb Remove unneeded env building 2016-12-20 16:14:42 -08:00
Michael Schurter 39f587a2af Fix tests broken by TaskEnv change 2016-12-20 14:37:35 -08:00
Michael Schurter 0d90e96925 lxc: Set image local env vars 2016-12-20 14:37:18 -08:00
Michael Schurter 05b49008eb Remove unneeded waitClient field 2016-12-20 14:29:57 -08:00
Michael Schurter ea92cd102a Append host env vars on every task env 2016-12-20 12:24:24 -08:00
Michael Schurter 458c2ed5f1 Fix formatting of downloading image message 2016-12-20 11:57:26 -08:00
Michael Schurter e34d1e5d23 Use startContainer wrapper 2016-12-20 11:55:40 -08:00
Diptanu Choudhury 93091f7902 Fixed a test 2016-12-20 11:53:37 -08:00
Michael Schurter 2aa235f8f2 Rename InitializationMessage to DriverMessage 2016-12-20 11:51:09 -08:00
Michael Schurter 85b0cecff2 Emit "Downloading image" event 2016-12-20 11:40:34 -08:00
Diptanu Choudhury 6c11f38cb0 Merge pull request #2081 from hashicorp/f-gc
Garbage collector for allocations
2016-12-20 11:19:32 -08:00
Diptanu Choudhury b6120e2fc8 Removing the alloc runner from GC if it is destroyed by the server 2016-12-20 11:14:22 -08:00
Diptanu Choudhury 6e6e0d364a Added comments 2016-12-20 10:49:48 -08:00
Alex Dadgar 746d4c7ee3 Small cleanups 2016-12-19 14:22:08 -08:00
Alex Dadgar 18739a4433 Merge pull request #1980 from dmexe/network-aliases
Add network_aliases for docker driver
2016-12-19 14:17:48 -08:00
Alex Dadgar 7cdf24f05f Fix Docker Logging Type interpolation
This PR fixes an issue that made Logging.Type un-interpretable in the
docker driver.
2016-12-19 13:42:58 -08:00
Alex Dadgar 2f3aeed2f8 Merge pull request #2063 from tmichaud314/fix-docker-driver-auth-interpolation
Fixes docker-driver Auth-config interpolation
2016-12-19 13:41:27 -08:00
Diptanu Choudhury e072961cea Added tests 2016-12-19 13:21:47 -08:00
Alex Dadgar 4e8035756b Fix test and prevent job with payload from being submitted 2016-12-18 16:32:14 -08:00
Alex Dadgar 072ff1c3ee ensure file doesn't escape 2016-12-18 15:48:30 -08:00
Diptanu Choudhury 36b5545d6b Making the gc allocator understand real disk usage 2016-12-16 18:34:59 -08:00
Alex Dadgar 159c819e08 Client writes payload to disk 2016-12-16 15:11:56 -08:00
Alex Dadgar b1883daae8 Use new combined meta data function in env 2016-12-16 10:45:09 -08:00
Alex Dadgar 7778339f03 Fix mapstructure tag formatting for lxc driver 2016-12-16 10:24:17 -08:00
Diptanu Choudhury 7aef9bcabe Added the stats collector to GC 2016-12-14 15:11:11 -08:00
Diptanu Choudhury e855cd587b Refactored hoststats collector 2016-12-14 15:07:42 -08:00
Diptanu Choudhury 0ffd92668d GC-ing before we start a new allocation 2016-12-14 15:04:06 -08:00
Diptanu Choudhury afdaa979f7 Added a garbage collector for allocations 2016-12-14 15:01:12 -08:00
Alex Dadgar 648ad2ebc5 Merge pull request #2096 from hashicorp/b-addAlloc
Fix race and remove panic
2016-12-13 13:50:17 -08:00
Diptanu Choudhury 53fb09023c cancelling waiting for remote allocation if the alloc doesn't need migration 2016-12-13 13:06:33 -08:00
Alex Dadgar 3cbd237512 Fix race and remove panic 2016-12-13 12:34:23 -08:00
Christoffer Kylvåg 6a1f32b8ba #1680: Continue after not being able to stat a mountpoint 2016-12-13 12:28:57 +01:00
Tom Michaud d0c01c8816 Fixes docker-driver Auth-config interpolation 2016-12-06 13:30:23 -07:00
Diptanu Choudhury cbf73908ff Setting the appropriate file permissions which un-archiving compressed alloc dir 2016-12-05 17:04:43 -08:00
Diptanu Choudhury bc17cacca0 Merge pull request #2017 from hashicorp/b-sticky
Not moving alloc data when sticky is turned off
2016-12-05 14:11:45 -08:00
Diptanu Choudhury 21f49564d3 Not moving alloc data when sticky is turned off 2016-12-05 14:00:01 -08:00
Michael Schurter 770ed703d0 Add Driver.Prestart method
The Driver.Prestart method currently does very little but lays the
foundation for where lifecycle plugins can interleave execution _after_
task environment setup but _before_ the task starts.

Currently Prestart does two things:

* Any driver specific task environment building
* Download Docker images

This change also attaches a TaskEvent emitter to Drivers, so they can
emit events during task initialization.
2016-12-02 11:03:48 -08:00
Michael Schurter 1c4195b985 Fix string formatting 2016-12-01 11:22:51 -08:00
Alex Dadgar 86ed1fb2e5 Disallow stale queries when deriving Vault tokens
This PR disallows stale queries when deriving a Vault token. Allowing
stale queries could result in the allocation not existing on the server
that is servicing the request.
2016-12-01 11:13:36 -08:00
Alex Dadgar 70396c464b Make errors starting a container recoverable
This PR makes errors starting a container recoverable and tries to
optimistically handle 500 errors.
2016-11-30 15:59:47 -08:00
Diptanu Choudhury 6c179d1695 Merge pull request #2045 from hashicorp/b-docker-create-container
Returning a container if it exists instead of creating a new one
2016-11-29 17:55:33 -08:00
Diptanu Choudhury 50452520bf Returning a container if it exists instead of creating a new one 2016-11-29 17:52:19 -08:00
Michael Schurter e1d63f6c0f Bump timeout on test 2016-11-29 16:19:40 -08:00
Alex Dadgar ec4d6936ff add debug panic 2016-11-29 15:57:40 -08:00
Alex Dadgar 712e18707b add debugging 2016-11-29 14:29:37 -08:00
Diptanu Choudhury f67217297c Ensuring allocs are not added multiple times to blocking queue 2016-11-29 11:19:37 -08:00
Diptanu Choudhury bff172939b Fixes an issue with purging containers with the same name Nomad is trying to start 2016-11-28 17:37:22 -08:00
Michael Schurter 1f0bfa00aa rkt: Support host and none dns options
Fixes #2025
2016-11-28 13:13:40 -08:00
Michael Schurter 44e4414490 Fix rkt volumes
I forgot to validate the volumes field!
2016-11-28 13:13:40 -08:00
Alex Dadgar 4f2a6eae8b Merge pull request #2029 from gliptak/dockerauth1
Log when lookup in docker.auth.config fails
2016-11-28 12:45:19 -08:00
Alex Dadgar d8048ad75d Merge pull request #2033 from hashicorp/b-docker-container-exists
Make container exist errors non-retriable
2016-11-28 12:38:52 -08:00
Michael Schurter b3ede6a5b7 Use net.JoinHostPort instead of fmt.Sprintf
Using fmt.Sprintf breaks IPv6 addresses.
2016-11-28 10:38:54 -08:00
Alex Dadgar 8a641a8672 Make container exist errors non-retriable
This change makes it so that the task runner does not retry container
exists errors and also a sleep is added on the local retry.
2016-11-25 19:22:58 -08:00
Gábor Lipták 6268112e86 Log when lookup in docker.auth.config fails 2016-11-23 18:43:58 -05:00
Ranjib Dey 0b29ad8787 Fix error message. Pass on template args 2016-11-21 20:12:59 -08:00
Dmitry Galinsky 3ec7ebac9c Add network_aliases for docker driver 2016-11-16 11:16:07 +03:00
Alex Dadgar 0f426d219a Merge pull request #1993 from hashicorp/b-upgrade-path
Check for Ephemeral Disk being nil
2016-11-15 16:27:48 -08:00
Alex Dadgar c2697123a9 Merge pull request #1996 from hashicorp/t-failing-tests
Fix some failing tests
2016-11-15 16:27:19 -08:00
Alex Dadgar 3e5bfcdbc4 respond to comment 2016-11-15 16:27:07 -08:00
Alex Dadgar c47ebd508e Remove old TODOs 2016-11-15 16:23:37 -08:00
Alex Dadgar cb187ffce6 Fix TestRktDriver_PortsMapping and TestAgent_LoadKeyrings 2016-11-15 15:49:05 -08:00
Alex Dadgar 9497991590 Updated AWS speeds and network_speed now overrides
This PR:

* Makes AWS network speeds more granular
* Makes `network_speed` an override and not a default
* Adds a default of 1000 MBits if no network link speed is detected.

Fixes #1985
2016-11-15 13:55:51 -08:00
Alex Dadgar 88c7e04348 Check for Ephemeral Disk being nil 2016-11-15 10:03:06 -08:00
Alex Dadgar eba98da487 Merge pull request #1977 from hashicorp/b-volume-mount
Change relative path from joining against the alloc dir to the task's directory.
2016-11-10 15:20:49 -08:00
Alex Dadgar a11d66f639 Remove todo 2016-11-10 15:20:19 -08:00
Alex Dadgar 74a736155c Always disable renew_token for CT config
This PR makes Nomad always disable token renewal even if Vault is
disabled. The problem was when there was a vault token in the
environment variable and Nomad/Vault integration was disabled, the
template runner would still try to renew the token.
2016-11-10 15:16:08 -08:00
Alex Dadgar eea35626b7 Changes the relative path from joining against the alloc dir to the
task's directory.

This PR changes the behavior when given a relative host path when
mounting docker containers. Prior to this, the behavior was to mount by
joining against the alloc/ directory. This PR changes it to be against
the task/ directory.
2016-11-10 14:47:54 -08:00
Alex Dadgar e8d6227b20 Do not validate the command does not contain spaces.
This PR removes validation that the command string does not contain
spaces. This can cause issues where the path contains a folder that
includes a space ("C:\Program Files\Python35\python.exe").

Fixes #1737
2016-11-10 10:22:17 -08:00
Alex Dadgar ee921ccbb2 Merge pull request #1949 from carlpett/blacklist-fingerprints-and-drivers
Support blacklisting fingerprinters
2016-11-09 10:31:17 -08:00
Calle Pettersson 4304755c12 Address comments from PR 2016-11-09 11:50:16 +01:00
Alex Dadgar fe9a200979 Merge pull request #1952 from hashicorp/b-reserved-ports-aws
Run environmental fingerprinters after host fingerprinters and AWS overrides network
2016-11-08 15:35:46 -08:00
Alex Dadgar 20a5b6fa6b Merge pull request #1965 from hashicorp/b-docker-interpolate
Interpolate all docker driver configs that are strings
2016-11-08 15:35:27 -08:00
Alex Dadgar 3b33f49cde Merge pull request #1966 from hashicorp/b-service-interpolate
Interpolate all service/check fields
2016-11-08 15:35:19 -08:00
Alex Dadgar f1689bc7f9 Rkt env var 2016-11-08 15:14:04 -08:00
Alex Dadgar ddf101d7a2 Interpolate all check related variables 2016-11-08 14:43:46 -08:00
Alex Dadgar 691e09f863 remove debug 2016-11-08 14:21:37 -08:00
Alex Dadgar 9f2c0cb0c2 Interpolate everything that is a string 2016-11-08 14:20:51 -08:00
Diptanu Choudhury e4fdb849f9 Merge pull request #1960 from hashicorp/fix-perm-issues
Fixed permission issues on client
2016-11-08 12:57:18 -08:00
Diptanu Choudhury d9f8e3a75a Fixed comments 2016-11-08 12:55:15 -08:00
Alex Dadgar 742e11ddb4 Fix env vars relating to secretdir 2016-11-08 12:28:43 -08:00
Diptanu Choudhury 2132fbb68a Fixed permission issues on client 2016-11-08 10:57:29 -08:00
Alex Dadgar 79e55a9797 Merge pull request #1954 from hashicorp/b-secret-id
Add compatibility code for secret ID while upgrading cluster in both …
2016-11-08 09:39:52 -08:00
Calle Pettersson 8632696e2d Add blacklisting of drivers 2016-11-08 18:30:07 +01:00
Calle Pettersson b603bb007e Add blacklisting of fingerprinters 2016-11-08 18:29:44 +01:00
Alex Dadgar 9015e79aaa Add compatibility code for secret ID while upgrading cluster in both server/client mode on single nodes 2016-11-07 16:52:08 -08:00
Bastiaan Bakker 2c864172eb use snap.Alloc.TaskStates only after confirming snap.Alloc is not nil 2016-11-07 22:35:00 +01:00
Alex Dadgar 46893c7558 Merge pull request #1921 from hashicorp/f-abs-templ
Allow absolute paths for template sources
2016-11-07 12:28:49 -08:00
Alex Dadgar 92f526d902 Run environmental fingerprinters after host fingerprinters and do an override 2016-11-07 12:21:50 -08:00
Alex Dadgar 960424f086 Merge pull request #1941 from hashicorp/b-complete-transistion
Task state "dead" is terminal
2016-11-04 17:16:10 -07:00
Alex Dadgar 3643534531 Test fix 2016-11-04 17:15:58 -07:00
Alex Dadgar a9e9b61216 Merge pull request #1938 from hashicorp/b-docker-reattach
Fix Docker container creation and task runner updating
2016-11-04 17:14:40 -07:00
Alex Dadgar e6465e138b More precise marking of dead 2016-11-04 17:11:07 -07:00
Alex Dadgar 0fb7742c3c Task state "dead" is terminal 2016-11-04 16:57:24 -07:00
Michael Schurter b1a01a9a0f Add userns_mode docker config option
Fixes #1904
2016-11-04 16:53:56 -07:00
Alex Dadgar 8b7adb20e9 Fix tests 2016-11-04 15:10:18 -07:00
Alex Dadgar 0cbd0188b1 Move the wait result to bottom of methods 2016-11-04 14:58:55 -07:00
Alex Dadgar 4e8d39d674 Unique task 2016-11-04 14:53:37 -07:00
Alex Dadgar 4741a4b129 Create container much more robust 2016-11-04 14:39:56 -07:00
Alex Dadgar 2a5ac5e7ee Allow absolute paths for template sources 2016-11-02 13:04:47 -07:00
Alex Dadgar b08f4e0b97 More recoverable errors 2016-11-02 10:36:04 -07:00
Michael Schurter a0340532cb Forgot to flip a bit 2016-11-01 14:35:22 -07:00
Diptanu Choudhury 808718523b Merge pull request #1909 from hashicorp/region-wrapper
Making Nomad TLS configs region aware
2016-11-01 14:31:39 -07:00
Michael Schurter 536c2921e9 Remove ServerName because we verify based on region 2016-11-01 14:17:31 -07:00
Alex Dadgar 478eebb19b Merge pull request #1908 from hashicorp/f-vault-docs
Vault docs
2016-11-01 12:39:14 -07:00
Diptanu Choudhury 1a8fa8c8d5 Making Nomad TLS configs region aware 2016-11-01 11:55:29 -07:00
Alex Dadgar 747c3e7e68 Agent 2016-11-01 10:39:15 -07:00
Michael Schurter b84d8212ff Add LXC docs and enable by default for lxc builds 2016-11-01 10:18:16 -07:00
Diptanu Choudhury 0d911a8285 Merge pull request #1889 from hashicorp/f-migrate-snapshot-tls
Making the client use tls if the node from which migration has to be …
2016-10-31 13:08:06 -07:00
Alex Dadgar cd1791ed09 Download artifacts before templates 2016-10-31 11:29:26 -07:00
Diptanu Choudhury 4079545a92 Making the client use tls if the node from which migration has to be made has enabled tls 2016-10-31 10:20:04 -07:00
Alex Dadgar 62f1b98954 Add docker test 2016-10-28 17:53:25 -07:00
Alex Dadgar 6618f7a03d Fix passing of recoverable error from docker pull 2016-10-28 17:49:46 -07:00
Alex Dadgar c0eafb24ce Merge pull request #1887 from hashicorp/b-fixes
Fixes to Consul-Template when file exists + other small stuff
2016-10-28 17:12:31 -07:00
Alex Dadgar 893b37efc9 Merge pull request #1888 from hashicorp/b-folder-perms
Change folder permission event when not root
2016-10-28 17:12:16 -07:00
Alex Dadgar 5559300372 Change folder permission event when not root 2016-10-28 16:52:38 -07:00
Alex Dadgar b1fe7cd295 Remove thinking 2016-10-28 15:52:10 -07:00
Alex Dadgar fde7a24865 Consul-template fixes + PreviousAlloc in api 2016-10-28 15:50:35 -07:00
Michael Schurter cc115fe984 Swap log line classifiers to be consistent 2016-10-28 14:59:48 -07:00
Diptanu Choudhury f0e2178790 Making the executor lock the logger 2016-10-28 10:57:35 -07:00
Diptanu Choudhury 0d7a16bc92 Merge pull request #1879 from hashicorp/b-remote-alloc
Not blocking for remote alloc if the alloc is not sticky
2016-10-27 15:45:44 -07:00
Diptanu Choudhury 3182d0454f Adding the alloc if we can't find the TG 2016-10-27 15:45:10 -07:00
Alex Dadgar 5ddf646615 Don't delete docker images in test 2016-10-27 12:31:53 -07:00
Diptanu Choudhury 0682a1a113 Not blocking for remote alloc if the alloc is not sticky 2016-10-27 12:04:55 -07:00
Michael Schurter 43a670d442 Merge pull request #1877 from hashicorp/b-expand-docker-vols
Expand env vars in docker volume paths
2016-10-27 11:32:45 -07:00
Michael Schurter b5df74e92e Merge pull request #1862 from hashicorp/f-rkt-portmap
driver.rkt: support network configuration [waiting]
2016-10-27 11:05:55 -07:00
Michael Schurter d3835283ca Expand env vars in docker volume paths
Fixes #1876
2016-10-27 11:02:38 -07:00
Alex Dadgar 150b678a6b Merge pull request #1806 from hashicorp/f-docker4mac-fixes
A couple fixes to make Docker For Mac work
2016-10-27 09:29:40 -07:00
Michael Schurter 01b0d6746b Adjust timings to try to get test passing in Travis 2016-10-26 17:08:53 -07:00
Michael Schurter 6e1768e3ef Merge pull request #1873 from hashicorp/f-lxc-alt-build
Put lxc support behind a flag
2016-10-26 16:05:32 -07:00
Diptanu Choudhury 6c527581af Merge pull request #1871 from hashicorp/b-tls-tests
Fixed a bunch of TLS related failures
2016-10-26 15:19:54 -07:00
Diptanu Choudhury 1098dc4aa3 Fixed alloc dir move tests 2016-10-26 15:17:57 -07:00
Alex Dadgar a309fd6ba3 Fix Validate_UserEnforcement 2016-10-26 15:03:41 -07:00
Michael Schurter f430203505 Put lxc support behind a flag
Since lxc support requires linking to a C lib at compile and runtime
I'm putting it behind a build flag to avoid forcing all nomad users to
install liblxc (lxc-dev for development).
2016-10-26 14:55:54 -07:00
Diptanu Choudhury 84722234b4 Fixed a bunch of TLS related failures 2016-10-26 14:08:46 -07:00
Diptanu Choudhury 067fcda3fe Making the cli use TLS if the client has enabled TLS 2016-10-26 11:13:53 -07:00
Michael Schurter 98600b5943 Fix LXC driver interface impls 2016-10-26 10:06:03 -07:00
Alex Dadgar 3c4a27e72b Fix panic 2016-10-25 17:27:13 -07:00
Michael Schurter 21b8030ded Fix tests for rkt port map 2016-10-25 17:06:41 -07:00
Diptanu Choudhury 50ca5e1e9d Merge pull request #1853 from hashicorp/f-rpc-http-tls
TLS support for http and RPC
2016-10-25 16:14:43 -07:00
Diptanu Choudhury 7c61e115bd Moved tlsutil into helpers 2016-10-25 16:05:37 -07:00
Diptanu Choudhury 353e7fc7f1 Moving the certs into tlsutil package 2016-10-25 16:01:53 -07:00
Diptanu Choudhury cf35aeac84 Moving the TLSConfig to structs 2016-10-25 15:57:38 -07:00
Kenjiro Nakayama 18bbfe8325 driver.rkt: add rkt drriver port mapping test 2016-10-25 15:41:49 -07:00
Kenjiro Nakayama 56d91632ca driver.rkt: support port mapping with net and port options 2016-10-25 15:41:49 -07:00
Diptanu Choudhury 9d3cdded9a Merge pull request #1699 from hashicorp/f-lxc-driver
LXC Support
2016-10-25 15:17:44 -07:00
Diptanu Choudhury b5cc153d54 Added lxc related dependencies 2016-10-25 15:17:02 -07:00
Alex Dadgar 9bba036f13 Merge pull request #1852 from hashicorp/b-service-validation
Interpolate and then validate services
2016-10-25 14:28:32 -07:00
Alex Dadgar 4082732d3a Interpolate and then validate services 2016-10-25 14:27:49 -07:00
Alex Dadgar bf0981363f Merge pull request #1850 from hashicorp/f-fs-secret
Disallow fs to read secret directory
2016-10-25 11:35:08 -07:00
Alex Dadgar 8e07c2750e Merge pull request #1839 from hashicorp/f-signal-constraints
Signal creates an auto-constraints
2016-10-25 11:09:33 -07:00
Alex Dadgar f8419fdd6e Add CaPath to Vault config in consul-template 2016-10-25 11:01:50 -07:00
Diptanu Choudhury eefc8db3b3 Enabling TLS on cli 2016-10-25 10:39:17 -07:00
Michael Schurter 4f45aece4b Fingerprint rkt volume support and make periodic
Fix rkt docs and custom volume mounting
2016-10-25 09:46:49 -07:00
Michael Schurter 5d358c7eba Allow mounting alloc-dir-relative paths in docker 2016-10-25 09:46:49 -07:00
Michael Schurter 49ed6da0ad Enable rkt and docker volume mounting by default 2016-10-25 09:46:49 -07:00
Michael Schurter f075bda9b9 Make volume name unique 2016-10-25 09:46:49 -07:00
Michael Schurter 83a11fc93b Bump minimum required rkt version; update docs
Make section names match between docker and rkt
2016-10-25 09:46:49 -07:00
Michael Schurter edf657b58a Fix docker reference in rkt test 2016-10-25 09:46:49 -07:00
Michael Schurter 02ed35bd1c Add arbitrary volume support to rkt 2016-10-25 09:46:49 -07:00
Michael Schurter 473c28824c Fix standard mounts in rkt and tests 2016-10-25 09:46:49 -07:00
Alex Dadgar da8b05ba17 Fix merge 2016-10-24 17:04:10 -07:00
Alex Dadgar 03eba049ed Merge pull request #1848 from hashicorp/f-vault-error
Thread through whether DeriveToken error is recoverable or not
2016-10-24 15:01:18 -07:00
Diptanu Choudhury e03927bb5c Changed the way TLS config is parsed 2016-10-24 13:56:19 -07:00
Alex Dadgar e85d0ebace Merge pull request #1840 from hashicorp/f-kill-fail
Change how we mark tasks as failed and allow consul-template to fail tasks
2016-10-24 13:40:52 -07:00
Alex Dadgar 4ae735c8ba Disallow fs to read secret directory 2016-10-24 11:14:05 -07:00
Alex Dadgar 692a809919 Merge pull request #1842 from hashicorp/f-version-and-id
Print the version and client node ID
2016-10-24 10:13:33 -07:00
Diptanu Choudhury 2e3118e69c Implemented TLS support for http and rpc 2016-10-23 22:22:00 -07:00
Alex Dadgar 5577e53b20 Merge pull request #1845 from hashicorp/f-remove-disk-usage-acct
Remove disk usage enforcement
2016-10-22 19:01:51 -07:00
Alex Dadgar e85a67a49a Fix signal test for docker 2016-10-22 18:32:48 -07:00
Alex Dadgar ede3a814ba Small fixes 2016-10-22 18:20:50 -07:00
Alex Dadgar 0070178741 Thread through whether DeriveToken error is recoverable or not 2016-10-22 18:08:30 -07:00
Michael Schurter d937d3aede Fix comment form 2016-10-21 16:56:33 -07:00
Michael Schurter 285e80ac0f Remove disk usage enforcement
Many thanks to @iverberk for the original PR (#1609), but we ended up
not wanting to ship this implementation with 0.5.

We'll come back to it after 0.5 and hopefully find a way to leverage
filesystem accounting and quotas, so we can skip the expensive polling.
2016-10-21 13:55:51 -07:00
Alex Dadgar aa0d8d0d8d Print the version and client node ID 2016-10-20 17:46:04 -07:00
Alex Dadgar 46a7d1a0d7 Change how we mark tasks as failed and allow consul-template to fail tasks 2016-10-20 17:27:16 -07:00
Alex Dadgar 41b5679015 Advertise signalling abilities 2016-10-19 15:06:23 -07:00
Alex Dadgar ae1ea0e5ba Actually mount the local directory 2016-10-18 15:57:12 -07:00
Alex Dadgar b384bff053 Feedback 2016-10-18 15:01:04 -07:00
Alex Dadgar ba0b3963ef Comments 2016-10-18 11:36:04 -07:00
Alex Dadgar 4f8bfd7b18 Tests 2016-10-18 11:24:20 -07:00
Alex Dadgar 36cfe6e89e Large refactor of task runner and Vault token rehandling 2016-10-18 11:24:20 -07:00
Alex Dadgar 53eeec9bc1 Merge pull request #1801 from hashicorp/f-signals
Consul-template signal change mode
2016-10-18 11:23:47 -07:00
Michael Schurter 34f7cbd10f Disable lxc by default 2016-10-13 13:22:12 -07:00
Michael Schurter 1dbb2b7164 Cleanup comments/whitespace 2016-10-13 13:05:55 -07:00
Michael Schurter 38b2020291 Mount secret dir 2016-10-13 12:45:33 -07:00
Diptanu Choudhury 4e86a5f906 throwing an error if stats line can't be converted to k/v pair 2016-10-12 17:18:58 -07:00
Diptanu Choudhury ea5d9d959a Bind mounting alloc dir into container 2016-10-12 17:18:58 -07:00
Diptanu Choudhury 6312ea3f8f Setting the network type 2016-10-12 17:18:58 -07:00
Diptanu Choudhury ce334e0e04 Adding cpu resource limits 2016-10-12 17:18:58 -07:00
Diptanu Choudhury bb2a580ef1 Implemented an LXC Driver 2016-10-12 17:18:58 -07:00
Evan Phoenix e7a98d5500 Make EvalSymlink errors more verbose 2016-10-12 17:07:21 -07:00
Evan Phoenix 8864a506aa Disable the syslog logging system on Docker For Mac
The syslog logging system depends on the ability for a unix socket to be
accessed by the docker daemon in the $TMPDIR of the host. This doesn't
work on Docker For Mac because the docker daemon is running inside a VM,
and while /tmp is accessible, the filesystem used to share them doesn't
support unix socket files, and thus it doesn't work.
2016-10-12 17:07:21 -07:00
Evan Phoenix f8a65a3b9d Resolve alloc/state directories to make Docker For Mac happy
* In -dev mode, `ioutil.TempDir` is used for the alloc and state
directories.
* `TempDir` uses `$TMPDIR`, which os OS X contains a per user
directory which is under `/var/folder`.
* `/var` is actually a symlink to `/private/var`
* Docker For Mac validates the directories that are passed to bind and on
OS X. That whitelist contains `/private`, but not `/var`. It does not
expand the path, and so any paths in `$TMPDIR` fail the whitelist check.

And thusly, by expanding the alloc/state directories the value passed
for binding does contain `/private` and Docker For Mac is happy.
2016-10-12 17:06:25 -07:00
Alex Dadgar eec1a154ec add plugin kill 2016-10-12 13:24:22 -07:00
Alex Dadgar 86238387e7 Send Executor Ctx separately 2016-10-12 11:35:29 -07:00
Alex Dadgar db4e676d73 Merge pull request #1803 from hashicorp/b-vault-parse
Fix Vault Config parsing of booleans
2016-10-11 13:47:46 -07:00
Michael Schurter ed5ff3a104 Merge pull request #1804 from hashicorp/f-job-env-var
Add NOMAD_JOB_NAME to task environment
2016-10-11 13:34:54 -07:00
Alex Dadgar 82960c46d8 Tests 2016-10-11 13:28:18 -07:00
Ben Barnard 83f647ed84 Replace "the the" with "the" in documentation and comments 2016-10-11 15:31:40 -04:00
Michael Schurter ca5439eca1 Add NOMAD_JOB_NAME to environment 2016-10-11 11:20:42 -07:00
Alex Dadgar 751aa114bf Fix Vault parsing of booleans 2016-10-10 18:04:39 -07:00
Alex Dadgar bc35eaee21 Task runner sends signals 2016-10-10 15:09:00 -07:00
Alex Dadgar 00a1234c55 Executor + Java/Raw Exec/Exec 2016-10-10 11:47:04 -07:00
Alex Dadgar 5b01b1be1b Rkt 2016-10-10 11:47:04 -07:00
Alex Dadgar 280af8f4d1 Docker + Qemu 2016-10-10 11:47:04 -07:00
Alex Dadgar 08eeef0140 Merge pull request #1796 from hashicorp/f-task-runner
Task runner integrates with TaskTemplateManager
2016-10-07 15:13:14 -07:00
Michael Schurter d8f8048d85 Merge pull request #1767 from hashicorp/f-docker-volumes-logging
Support Docker Volumes and Logging
2016-10-07 12:10:59 -07:00
Michael Schurter f0d04bd798 Add comment and fix log line code style 2016-10-07 11:58:21 -07:00
Michael Schurter 523dbfcc81 Remove VolumesFrom feature
Since containers are named with alloc ids it's difficult to use safely.
Not to mention task scheduling ordering issues could break it as well.
2016-10-07 11:58:13 -07:00
Alex Dadgar e2d49eb4a2 Comments 2016-10-06 15:21:59 -07:00
Alex Dadgar 68c5fe78f8 Tests 2016-10-06 15:17:34 -07:00
Alex Dadgar 8fb07bb083 Fix handling of restart in TaskEvents 2016-10-06 15:06:54 -07:00
Alex Dadgar 8eb7fa91cf Start of integration 2016-10-06 15:05:49 -07:00
Alex Dadgar 3693de99d8 Merge pull request #1783 from hashicorp/f-consul-template
Consul template manager
2016-10-06 15:05:01 -07:00
Alex Dadgar c7f76ea78d Make tests channel based 2016-10-06 14:51:54 -07:00
Alex Dadgar 19a6aefd68 more vendoring 2016-10-06 12:36:44 -07:00
Michael Schurter f777faba00 Add comments to config key constants 2016-10-03 16:04:33 -07:00
Michael Schurter 0d66b8aef0 Only launch syslog server if container uses syslog 2016-10-03 15:22:10 -07:00
Michael Schurter 44219cc083 Put docker volume support behind conf flag
Also add tests and fix bug with logging driver configuration.
2016-10-03 15:02:50 -07:00
Jan-Hendrik Lendholt a26a501120 Fixed a bug when giving in another logging driver than syslog.
Before this commit, if the Logging config did not contain a logging option "syslog-address", it would definitely insert this option.
If then, you decide to take another logdriver than syslog, docker would fail because it received a wrong log option for the selected driver.
Now, nomad will only insert the syslog address in a hard way if there are no logging options at all - this way it keeps the default nomad settings.
2016-10-03 15:02:50 -07:00
Jan-Hendrik Lendholt 6c7cbe5fcb Added support to mount host folders into container. For example if you don't want to bake certificates into the container, you can mount them into the directory directly.
Furthermore, I added support for volumes-from.

Currently, there is no support to move the data from one container to another, hence: If a container spawns on another host, it is very likely, that the data will not be found.
2016-10-03 15:02:49 -07:00
Jan-Hendrik Lendholt ac5cde4641 Added logging options support for docker driver 2016-10-03 15:02:49 -07:00
Alex Dadgar d2837dec44 Do not allow path to escape the alloc dir for the FS commands 2016-10-03 14:58:44 -07:00
Michael Schurter 6dea6df919 Restore lost chan inits 2016-10-03 14:56:50 -07:00
Alex Dadgar 4eaabd675c Consul Template Manager 2016-10-03 12:59:31 -07:00
Diptanu Choudhury d50c395421 Getting snapshot of allocation from remote node (#1741)
* Added the alloc dir move

* Moving allocdirs when starting allocations

* Added the migrate flag to ephemeral disk

* Stopping migration if the allocation doesn't need migration any more

* Added the GetAllocDir method

* refactored code

* Added a test for alloc runner

* Incorporated review comments
2016-10-03 09:59:57 -07:00
Michael Schurter b117725dc9 Only log consul errors once since last succesful run 2016-09-28 17:18:45 -07:00
Alex Dadgar 9beee9c891 Merge pull request #1762 from hashicorp/b-scan-pids
Constant size space tracking of pids
2016-09-27 17:28:35 -07:00
Alex Dadgar 320b89d57a Constant time space tracking of pids 2016-09-27 16:57:26 -07:00
Michael Schurter 80085ddda5 Merge pull request #1735 from hashicorp/b-bootstrap-flapping
Retry all servers on RPC call failure
2016-09-27 16:33:15 -07:00
Michael Schurter d486de3804 Remove unused const 2016-09-27 16:04:01 -07:00
Diptanu Choudhury 2b1d214b0d Avoiding copying files if they are already present in chrootw (#1753) 2016-09-27 11:43:27 -07:00
Michael Schurter 2e696c5e61 Fix lies found in comments by fact checkers 2016-09-26 16:51:53 -07:00
Michael Schurter 11cf9686a6 No need to put reaper ticker on the struct 2016-09-26 16:15:19 -07:00
Michael Schurter 2eb0062959 Drop clumsy timeout on discovery notifications
It's better to just let goroutines fallback to their longer retry
intervals then try to be clever here.
2016-09-26 16:05:21 -07:00
Michael Schurter 307e674eca Flip disco chan; clarify method names/comments 2016-09-26 15:52:40 -07:00
Michael Schurter 888ee21270 Return csv of servers from Stats, not just count 2016-09-26 15:40:26 -07:00
Alex Dadgar b28e817b1d Test fix 2016-09-26 15:35:59 -07:00
Michael Schurter 7dc0079dd2 doDisco -> triggerDiscoveryCh; discovered -> serversDiscoveredCh
Also fix log line formatting
2016-09-26 15:21:28 -07:00
Michael Schurter 434e4be97c noServers -> noServersErr 2016-09-26 15:12:35 -07:00
Michael Schurter b2ddb85a78 consul -> Consul 2016-09-26 15:06:57 -07:00
Diptanu Choudhury 12c7873db2 Closing files when files are removed 2016-09-23 22:17:53 -07:00
Michael Schurter 37cfb2769c Replace periodic handlers with event driven disco
Remove use of periodic consul handlers in the client and just use
goroutines. Consul Discovery is now triggered with a chan instead of
using a timer and deadline to trigger.

Once discovery is complete a chan is ticked so all goroutines waiting
for servers will run.

Should speed up bootstraping and recovery while decreasing spinning on
timers.
2016-09-23 17:02:48 -07:00
Michael Schurter 2ab5264595 Retry all servers on RPC call failure
rpcproxy is refactored into serverlist which prioritizes good servers
over servers in a remote DC or who have had a failure.

Registration, heartbeating, and alloc status updating will retry faster
when new servers are discovered.

Consul discovery will be retried more quickly when no servers are
available (eg on startup or an outage).
2016-09-23 11:44:48 -07:00
Diptanu Choudhury 589356fd55 Adding a snapshot endpoint on the client (#1730) 2016-09-21 21:28:12 -07:00
Alex Dadgar 12de69a66f Struct and parse 2016-09-21 11:31:09 -07:00
Alex Dadgar 50efdb00e9 Merge pull request #1713 from hashicorp/f-alloc-runner-vault
Vault integration in client
2016-09-20 16:15:55 -07:00
Alex Dadgar 64de46432a Merge pull request #1677 from hashicorp/f-vault-implicit-constraint
Vault implicit Task Group constraint + allow root tokens
2016-09-20 16:15:32 -07:00
Diptanu Choudhury f7a9b39e8c Ensuring that we are not emitting stats when handle is nil (#1723)
* Ensuring that we are not emitting stats when handle is nil

* Updated the changelog
2016-09-20 11:29:34 -07:00
Alex Dadgar 83905075e5 Fix comment 2016-09-17 11:31:17 -07:00
Alex Dadgar 40fc1d1dfd Task runner test 2016-09-15 17:39:08 -07:00
Alex Dadgar 0fefaef008 Alloc runner tests 2016-09-15 17:24:09 -07:00
Alex Dadgar 0f40bd41a3 Handle recovery failure 2016-09-15 12:50:44 -07:00
Alex Dadgar 688e616200 Fix token renewal 2016-09-15 11:20:51 -07:00
Alex Dadgar ec152a6d12 Clean up vault client 2016-09-14 18:10:56 -07:00
Alex Dadgar 6702a29071 Vault token threaded 2016-09-14 13:30:01 -07:00
Robert Neumayer 8dc19dbd10 Log adding of servers at INFO level 2016-09-14 22:24:17 +02:00
Michael Schurter 9a2a17b48f Merge pull request #1682 from hashicorp/b-sanity-check-state-file
Prevent state file corruption and check state file sanity on save
2016-09-13 11:24:34 -07:00
Michael Schurter cd8606b9e3 Revert "A nil context isn't an error"
This reverts commit fe9fe4c26259c1ad3bd7e94bd711418aaf819b20.
2016-09-12 12:56:12 -07:00
Diptanu Choudhury ab6a9a5120 Fixing alloc runner tests 2016-09-04 19:09:08 -07:00