Commit graph

898 commits

Author SHA1 Message Date
Jay Oster 09113ffbc8 Fix Linux executor isolation test
- Properly expects the hard-coded mounts (alloc, dev, and proc) and hardcoded local directories (local and tmp)
- Also verifies that etc contains only the requested paths
2016-08-08 14:04:09 -07:00
Diptanu Choudhury fb178a1f5f Merge pull request #1477 from nak3/add-syslog_server-test
Add Syslog server start shutdown test
2016-08-05 12:01:24 -07:00
Alex Dadgar ddd8adce96 changelog + use driver config 2016-08-05 10:55:20 -07:00
Alex Dadgar f8e4bc73c9 Merge pull request #1493 from nak3/rkt-fix1
Pass command and trust_prefix to the validation of rkt task configuration
2016-08-05 10:52:02 -07:00
Alex Dadgar 096956257d changelog 2016-08-05 10:47:44 -07:00
Kenjiro Nakayama fc1195b7ea Add Syslog server start shutdown test 2016-08-06 02:01:33 +09:00
Michal Wieczorek b688261a99 Set windows containers default network mode to 'nat' 2016-08-05 06:01:26 +02:00
Jay Oster 2ae059b41d Address review comments
- Simplify map length check in Linux Executor
- Added a `chroot_env` test for config parser
- Moved `ChrootEnv` field from ExecutorCommand to ExecutorContext
- Added a test for `chroot_env` functionality
2016-08-04 15:33:06 -07:00
Diptanu Choudhury 531b619ce4 Merge pull request #1475 from mwieczorek/windows-hostIp-portBindings
Empty host ip for windows containers port bindings
2016-08-04 13:30:43 -07:00
Alex Dadgar 1fe4158097 Merge pull request #1519 from vrenjith/master
Remove docker volumes while removing container
2016-08-04 12:54:00 -07:00
Jay Oster 24e8f752ab Add chroot_env to Java driver (which uses the exec driver internally) 2016-08-04 11:15:35 -07:00
Kenjiro Nakayama cd12645e4c Add TestRktTaskValidate 2016-08-04 23:15:13 +09:00
Kenjiro Nakayama bf27963903 Add TestRktTrustPrefix 2016-08-04 17:26:10 +09:00
Kenjiro Nakayama 1176fd123e Pass command and trust_prefix to the validation of rkt task configuration 2016-08-04 17:24:56 +09:00
vrenjith 41cf7cc623 Update docker.go
Remove container volumes
2016-08-04 11:43:50 +05:30
vrenjith 4e603e1306 Update checks_test.go
Remove docker volumes while exiting container
2016-08-04 11:42:47 +05:30
Jay Oster 7df692226a Add config field to specify chroot mapping for exec driver
- Same format as used by the internal chroot mapping
- Map: source_path -> dest_path
- Example HCL:

client {
  chroot_env {
    "/etc" = "/etc"
    "/lib" = "/lib"
    "/opt/projects/foo/bin" = "/usr/bin"
  }
}
2016-08-03 17:17:17 -07:00
Mathias Lafeldt 0727db4ca0
Test configuration of Docker working directory 2016-08-03 16:35:49 +02:00
Mathias Lafeldt d91f7dbdf8
Docker driver: allow to configure working directory 2016-08-03 16:18:15 +02:00
Alex Dadgar 47f5c8f523 use priviledge of the config 2016-08-02 16:10:15 -07:00
Alex Dadgar cec6d8a1eb remove gating of ipc, user ns and pidmode based on hosts priviledge mode config 2016-08-02 16:02:34 -07:00
Alex Dadgar 2999c12ef1 disable swap 2016-07-28 12:17:00 -07:00
Michal Wieczorek 4b82b6c3d4 Empty host ip for windows containers port bindings 2016-07-28 00:00:57 +02:00
Diptanu Choudhury 22af229cef Merge pull request #1321 from mwieczorek/f-windows-binds
Volume binds for windows containers
2016-07-18 10:20:44 -06:00
Alex Dadgar 807bf3cf6c tests wait for the container to start 2016-07-12 11:36:06 -06:00
Alex Dadgar e1d68f3e9b Docker host network test 2016-07-12 10:59:34 -06:00
Diptanu Choudhury ed3be34105 Introduced an env var for rkt tests 2016-07-11 15:48:16 -06:00
Diptanu Choudhury 4e0b621ffa Skipping travis tests and not installing rkt on travis 2016-07-11 15:10:09 -06:00
Sean Chittenden a9b3f5e552
Alpha-sort the build platforms 2016-07-11 12:23:46 -07:00
Sean Chittenden 267198742f
Merge branch 'master' into f-resource-isolation-fingerprinter 2016-07-11 12:23:09 -07:00
Diptanu Choudhury e2909db9ef Merge pull request #1388 from novilabs/support-docker-syslog-unixformat-and-defaultformat
Support docker syslog unixformat and defaultformat
2016-07-11 11:17:30 -07:00
Alex Dadgar f11b1ce079 Get windows to build 2016-07-11 11:52:41 -06:00
Sean Chittenden 9966169596
Merge branch 'f-resource-isolation-cleanup' into f-resource-isolation-fingerprinter 2016-07-11 00:10:21 -07:00
Sean Chittenden d20c5fc327 Merge pull request #1402 from hashicorp/f-resource-isolation-cleanup
Resource isolation cleanup
2016-07-11 02:09:35 -05:00
Sean Chittenden be272168c7
Rename resourceContainer{,Context} and resCon{,Ctx}. 2016-07-11 00:02:55 -07:00
Sean Chittenden 1c14e01ac0
Add a comment describing IsolationConfig 2016-07-10 23:45:44 -07:00
Sean Chittenden 2983bd6fce
Fix test for non-Linux platforms.
The following tests now check a whitelist for whether or not their
driver is present or not, or if the OS is supported or not.

* `TestAllocDir_MountSharedAlloc`
* `TestClient_Drivers_InWhitelist` (`exec` driver)
* `TestClient_Drivers` (`exec` driver)
* `TestJavaDriver_Fingerprint` (`java` driver)
2016-07-10 15:19:49 -07:00
Sean Chittenden d4fe69ddf9
Update comments and pushdown a lock into the resource container 2016-07-10 00:12:59 -07:00
Sean Chittenden fc9cd8d4af
Push down the Linux-specific bits into resourceContainer 2016-07-10 00:06:53 -07:00
Sean Chittenden 6fc269d2a6
Move unit tests around into per-platform where appropriate. 2016-07-09 23:56:31 -07:00
Sean Chittenden a5dc6c2da9
Push the Client's cleanup of Cgroups down 2016-07-09 23:45:33 -07:00
Sean Chittenden 5dbc0bf382
Rename resourceContainer.cleanup() to executorCleanup()
Not to be confused with the imminent ClientCleanup().
2016-07-09 23:25:33 -07:00
Sean Chittenden 5f8f0a50ac
Begin cgroup pushdown into platform specific files 2016-07-09 23:01:14 -07:00
Diptanu Choudhury e5310b76a6 Merge pull request #1399 from hashicorp/b-exec-cleanup
WIP: Cleanup exec driver
2016-07-09 00:08:43 -07:00
Sean Chittenden 7530b27014 Move all non-Linux Fingerprinter items to the default exec driver 2016-07-08 18:35:46 -07:00
Diptanu Choudhury 5d61fa01f1 Fixed tests 2016-07-08 18:27:51 -07:00
Diptanu Choudhury 3c4002c48b Fixed the client tests 2016-07-08 17:49:58 -07:00
Diptanu Choudhury 1784d98182 Fixed the host port environment variable 2016-07-08 15:37:44 -07:00
Cameron Davison 921a6c889c remove the expected leading space, after the colon in syslog 2016-07-06 11:08:24 -05:00
Cameron Davison 07a9e15560 get into the hour minute second part of the time before looking for spaces, and then looking for the : seperator 2016-07-06 11:08:24 -05:00
Wojciech Bederski a73422b4ff Fix docker driver lockup during nomad boot
Unit mismatch caused docker driver to wait almost indefinitely during boot 
(when one or more containers were a bit uncooperative during StopContainer())
This should fix problems described in  #1202
2016-06-28 14:26:47 +02:00
Diptanu Choudhury 0a10873aa6 Merge pull request #1335 from hashicorp/f-set-docker-timeout
Setting a timeout in the docker client
2016-06-21 17:00:14 -07:00
Diptanu Choudhury 2837d3395d Setting a timeout in the docker client 2016-06-21 16:58:21 -07:00
Diptanu Choudhury 1d5c5b18f3 Making SSL default 2016-06-21 16:41:14 -07:00
Alex Dadgar 661dc200f3 Make line copy to avoid being overriden by subsequent scans 2016-06-20 13:14:43 -07:00
Michal Wieczorek 67a04bb1cc Volume binds for windows containers 2016-06-20 21:46:33 +02:00
Alex Dadgar c9f7467ccb Driver tests use client default config 2016-06-17 14:24:49 -07:00
Sean Chittenden 7b9961f09b
Initialize the stats helpers before accessing them for the first time 2016-06-17 13:23:30 -07:00
Alex Dadgar 27c6398639 debug message when stopping container 2016-06-17 11:52:44 -07:00
Diptanu Choudhury 266c417ac8 Changed the client options for docker volume selinux labels 2016-06-16 21:41:02 +01:00
Diptanu Choudhury fa216199ce Added documentation 2016-06-15 02:42:15 +02:00
Diptanu Choudhury e08083acfe Added a client options for setting selinux options 2016-06-15 02:33:09 +02:00
Alex Dadgar 4b04e503f3 address comments 2016-06-13 17:32:18 -07:00
Alex Dadgar 8bbf4a55e5 Fix IDs and domain scoping 2016-06-13 16:30:58 -07:00
Diptanu Choudhury d019d8ef8e implemented reconciliation of unwanted services 2016-06-13 14:52:26 +02:00
Alex Dadgar 232654cdee register checks 2016-06-12 21:28:56 -07:00
Alex Dadgar a82c2bb058 Do not reconcile in client and cleanup executor a bit 2016-06-12 18:22:07 -07:00
Alex Dadgar 8e231fa382 Rename ConsulService back to Service 2016-06-12 16:36:49 -07:00
Alex Dadgar e931b42473 unify cli output 2016-06-12 13:16:07 -07:00
Alex Dadgar 6ef4bfd6bf skip docker test if no docker found 2016-06-12 11:28:43 -07:00
Alex Dadgar 2628827b7c Merge pull request #1262 from hashicorp/remove-artifact-check
Removing artifact check for java and qemu drivers
2016-06-12 11:21:18 -07:00
Alex Dadgar c4a819528a Merge pull request #1260 from hashicorp/f-alloc-stats-struct
Allocation resources returned in a struct
2016-06-12 11:18:57 -07:00
Diptanu Choudhury 34f85baab0 Fix the calculation of total ticks for docker and exec 2016-06-12 18:08:35 +02:00
Diptanu Choudhury beb362e202 Setting a flag to indicate whether fs isolation is indeed happening 2016-06-12 15:43:24 +02:00
Diptanu Choudhury 641cf50682 Not converting the abs path relative to task dir for drivers which enforce FS isolation only in linux 2016-06-12 13:54:30 +02:00
Alex Dadgar e952540f6f Allocation resources returned in a struct 2016-06-11 21:04:10 -07:00
Sean Chittenden 2f036231e5 Merge pull request #1201 from hashicorp/f-dyn-server-list
Dynamic Server Lists/Client Bootstrapping via consul.
2016-06-11 18:58:25 -04:00
Sean Chittenden 445783889b
Remove default values and use nil for the executor. Much better. 2016-06-11 17:52:09 -04:00
Diptanu Choudhury 19f4adbcf1 Using a different client for collecting stats and waiting on containers 2016-06-11 20:37:29 +02:00
Diptanu Choudhury 7fb507e810 Moving the clkspeed code to helper 2016-06-11 17:31:49 +02:00
Sean Chittenden f891fa0ec8
Perform a nil-check for Executor's consulServices.
Executors can `Shutdown()` before calling `SyncServices()`.
2016-06-10 23:43:54 -04:00
Diptanu Choudhury 59540c3e93 Extracted a method for getting clock speed 2016-06-11 02:07:28 +02:00
Diptanu Choudhury f94f89b6d7 Pruning out pids which are no longer present 2016-06-11 01:40:52 +02:00
Diptanu Choudhury 0a9a3918d6 Not reset-ing the list of pids if they don't change 2016-06-11 01:19:50 +02:00
Diptanu Choudhury c38a6fb3c5 Implementing the total ticks per task for the docker driver 2016-06-10 23:33:25 +02:00
Diptanu Choudhury 2d3798b076 Calculating the cpu ticks in nomad client 2016-06-10 22:22:32 +02:00
Sean Chittenden d99467ef5e
Always create a consul.Syncer. Use a default Consul Config if necessary. 2016-06-10 15:55:27 -04:00
Sean Chittenden f6a0459ae5
Always create a consul.Syncer. Use a default Consul Config if necessary. 2016-06-10 15:55:27 -04:00
Sean Chittenden cc6e8792e0
Create a consulContext using a client's consul config.
This is wrong and should be the Agent's Consul Config.  This is a
step in the right direction, so committing to mark the necessary
future change.
2016-06-10 15:54:39 -04:00
Sean Chittenden 9a223936bb
Generate and sync Consul ServiceIDs consistently 2016-06-10 15:54:39 -04:00
Sean Chittenden 3892a0433e
Move the start of the UniversalExecutor's consulSyncer to initialize once
This should be handled via a sync.Once primative, but I don't want to
unpack that atm.
2016-06-10 15:54:39 -04:00
Sean Chittenden 7956eb0c80
Rename structs.Task's Service attribute to ConsulService 2016-06-10 15:54:39 -04:00
Sean Chittenden 8c813630e6
Move package client/consul/sync to command/agent/consul.
This has been done to allow the Server and Client to reuse the same
Syncer because the Agent may be running Client, Server, or both
simultaneously and we only want one Syncer object alive in the agent.
2016-06-10 15:54:39 -04:00
Sean Chittenden d6ef97911b
Rename Syncer.SetServiceIdentifier to SetServiceRegPrefix()
This attribute isn't actually an identifier because it can represent
a collection of services.  Rename `serviceIdentifier` to
`serviceRegPrefix which more accurately conveys the intention of this
Syncer attribute.

While here, also rename `SetServiceIdentifier()` to `SetServiceRegPrefix()`
and `GenerateServiceIdentifier()` to `GenerateServicePrefix()`.
2016-06-10 15:54:39 -04:00
Sean Chittenden 6b126ce488
Change the API signature of Syncer.SyncServices().
SyncServices() immediately attempts to sync whatever information
the process has with Consul.  Previously this method would take an
argument of the exclusive list of services that should exist,
however this is not condusive to having a Nomad Client and Nomad
Server share the same consul.Syncer.
2016-06-10 15:54:39 -04:00
Sean Chittenden 555f4fe135
Change client/consul.NewSyncer() to accept a shutdown channel
In addition to the API changing, consul.Syncer can now be signaled
to shutdown via the Shutdown() method, which will call the Run()'ing
sync task to exit gracefully.
2016-06-10 15:54:39 -04:00
Sean Chittenden 82d537fbd9
Update the nomad_server_service default from nomad-server to just nomad. 2016-06-10 15:50:11 -04:00
Sean Chittenden 10d1b6ba9b
Reduce all forms of ConsulConfig down to a single struct
nomad/structs/config/consul.go's ConsulConfig is the canonical definition
for all things Consul now.
2016-06-10 15:50:11 -04:00
Sean Chittenden 0dbd16aa5d
Rebalance Nomad client RPCs among different Nomad servers.
Implement client/rpc_proxy.RpcProxy.
2016-06-10 15:50:11 -04:00
Sean Chittenden a13cbe73c3
Rename ConsulConfig to ConsulAgentConfig 2016-06-10 15:50:11 -04:00