Commit Graph

16193 Commits

Author SHA1 Message Date
Michael Lange 6e061201f2 Screenshots for the securing ui guide 2019-09-27 19:27:38 -07:00
Michael Lange 089cadde3a Screenshots for the inspecting the cluster guide 2019-09-27 19:27:37 -07:00
Michael Lange 9c3b212b39 Screenshots for the operating a job guide 2019-09-27 13:21:06 -07:00
Michael Lange fd22b4a1dc Screenshots for the job submit guide 2019-09-27 13:21:05 -07:00
Michael Lange 31ec898b15 Image for the access the page 2019-09-27 13:21:04 -07:00
Michael Lange d9d72c3296 Swap out UI guide images 2019-09-27 13:21:03 -07:00
Michael Lange 6639189d04 Change resolution to neatly frame the UI 2019-09-27 13:21:02 -07:00
Michael Lange 3b90e82a2c Copy for the securing guide 2019-09-27 13:21:01 -07:00
Michael Lange 3e39d3872a Content for the inspecting the cluster page 2019-09-27 13:21:00 -07:00
Michael Lange 5d9c2f35a3 Content for the operating a job guide 2019-09-27 13:21:00 -07:00
Michael Lange 0b4c65b488 Edits and links for the submitting a job guide 2019-09-27 13:20:59 -07:00
Michael Lange d7261e20a8 Content for the submitting a job guide 2019-09-27 13:20:58 -07:00
Michael Lange b3cd3b095a Format line length 2019-09-27 13:20:57 -07:00
Michael Lange 692095996f New UI guides structure 2019-09-27 13:20:56 -07:00
Mahmood Ali 4a93081275
Merge pull request #6391 from hashicorp/b-ns-job-register-check
nomad: defensive check for namespaces in job registration call
2019-09-27 14:39:44 -04:00
Mahmood Ali bdccad567c
Merge pull request #6393 from hashicorp/r-ugorji-go-import-path
Fix hashicorp/go-msgpack import for golang 1.13
2019-09-27 12:27:38 -04:00
Mahmood Ali 4c548b9c75 Fix hashicorp/go-msgpack import
Golang 1.13 is pickier with importpaths and aliasing and fails
compilation currently.

Here, for go-msgpack dependency, we use upstream ugorji/go with a single
change
23165f7bc3
.

For consistency and to ease noticing descripency, I made ugorji/go and
hashicorp/go-msgpack reference the same sha.

This is a dependency management update and has no functional change to
product.
2019-09-27 09:08:30 -04:00
Tim Gross 9efca131be driver/java: pass task network isolation to executor
Without passing the network isolation configuration to the executor,
java tasks are not placed in the same network namespace as the other
processes in their task group, which breaks Consul Connect.
2019-09-27 08:26:54 -04:00
Mahmood Ali 674a457865 use RequestNamespace(), the canonical way to get namespace 2019-09-27 07:40:58 -04:00
Mahmood Ali e29ee4c400 nomad: defensive check for namespaces in job registration call
In a job registration request, ensure that the request namespace "header" and job
namespace field match.  This should be the case already in prod, as http
handlers ensures that the values match [1].

This mitigates bugs that exploit bugs where we may check a value but act
on another, resulting into bypassing ACL system.

[1] https://github.com/hashicorp/nomad/blob/v0.9.5/command/agent/job_endpoint.go#L415-L418
2019-09-26 17:02:47 -04:00
Mahmood Ali a9d93c52ba remove redundant changelog entries 2019-09-26 15:47:45 -04:00
Lang Martin ab7f4639e2 CHANGELOG remove raft proto 3 update announcement 2019-09-26 15:04:37 -04:00
Tim Gross 51438acbb0
doc: clarify driver support for netns/connect (#6357) 2019-09-26 14:50:06 -04:00
Buck Doyle 8950626c55
UI: Update Mirage to 1.1.2 (#6166) 2019-09-26 13:47:07 -05:00
Lang Martin 0648402150
Merge pull request #6373 from hashicorp/b-raft-proto-upgrade
raft protocol defaults to version 2
2019-09-26 14:33:09 -04:00
Lang Martin 3b4f11b8ac docs: autopilot guide additional raft proto upgrade documentation 2019-09-26 13:59:59 -04:00
Buck Doyle 1a47a11c95
UI: Restore proxy tag tests (#6360)
The recurring problem here was that sometimes the factories would
generate more than one task, and it was random whether the task
with the proxy task would be the first in the list. This ensures
that the proxy task is always first so the tests can run again.
2019-09-26 11:50:01 -05:00
Mahmood Ali 00c0be394d
Merge pull request #6386 from hashicorp/c-golang-1.12.10
Use golang 1.12.10
2019-09-26 12:03:31 -04:00
Mahmood Ali 916c6bdda4 Use golang to 1.12.10
To get fix for https://github.com/golang/go/issues/34540 .
2019-09-26 10:46:07 -04:00
Tim Gross 9703d3de3a doc: clarify command path requirements for exec 2019-09-25 16:37:45 -04:00
Tim Gross a6aadb3714 connect: remove proxy socket for restarted client 2019-09-25 14:58:17 -04:00
Tim Gross e43d33aa50 client: don't run alloc postrun during shutdown 2019-09-25 14:58:17 -04:00
Tim Gross d965a15490 driver/networking: don't recreate existing network namespaces 2019-09-25 14:58:17 -04:00
Tim Gross e86a476bbb failing test for #6310 2019-09-25 14:58:17 -04:00
Nick Ethier 53d3ea8ebd
driver: set correct network isolation caps for exec and java dr… (#6368) 2019-09-25 11:48:14 -04:00
Jasmine Dahilig d29074033b
Update CHANGELOG.md 2019-09-24 22:06:36 -07:00
Jasmine Dahilig 2148add5e6 update changelog 2019-09-24 16:32:19 -07:00
Jasmine Dahilig 0780adfa7f
timeout after 5 seconds when client opens a data directory (#6348) 2019-09-24 16:28:21 -07:00
Lang Martin fb41dd86ba default raft protocol v2 2019-09-24 14:37:55 -04:00
Lang Martin 31d7f116dd nomad/server comments 2019-09-24 14:36:18 -04:00
Lang Martin 6e0ec6302b script e2e/upgrades: cluster upgrade scripts 2019-09-24 14:35:45 -04:00
rpramodd 0d09b564fa utils: add missing error info in case of cmd failure (#6355) 2019-09-24 09:33:27 -04:00
ebarriosjr 4dadfc6d29 Added documentation for nomad pot driver. (#6369)
Added new external driver for Pot to nomad documentation
2019-09-24 09:22:04 -04:00
Tim Gross cd9c23617f
client/connect: ConsulProxy LocalServicePort/Address (#6358)
Without a `LocalServicePort`, Connect services will try to use the
mapped port even when delivering traffic locally. A user can override
this behavior by pinning the port value in the `service` stanza but
this prevents us from using the Consul service name to reach the
service.

This commits configures the Consul proxy with its `LocalServicePort`
and `LocalServiceAddress` fields.
2019-09-23 14:30:48 -04:00
Danielle Lancashire 39fe07f66b
api: Redact tokens in /agent/self 2019-09-23 19:07:27 +02:00
kaxap 60f0eb7d6d Fix broken links in README Guide section
Fix two broken links in the Documentation & Guides section, namely Advanced Job Scheduling on Nomad with Affinities and Increasing Nomad Fault Tolerance with Spread
2019-09-23 08:21:19 -04:00
Danielle Lancashire 8b44369073
api: Redact ACL Replication Token
Currently when hitting the /v1/agent/self API with ACL Replication
enabled results in the token being returned in the API. This commit
redacts that information, as it should be treated as a shared secret.
2019-09-22 14:35:53 +02:00
Buck Doyle f55d95694c
UI: Remove proxy tag tests again (#6359)
I thought #6343 would fix the flapping but it didn’t 😞
2019-09-20 15:27:33 -05:00
Chris Baker 5f6fd13064
Merge pull request #6356 from hashicorp/b-cli-job-deployments-all
fixed incorrect CLI `-help` in `job deployments`
2019-09-20 15:06:53 -05:00
Chris Baker 6f38cca15a
fixed incorrect CLI documentation in `job deployments`
listed `-all-allocs` instead of `-all`
2019-09-20 12:24:53 -05:00