98600b5943
Fix LXC driver interface impls
2016-10-26 10:06:03 -07:00
3c4a27e72b
Fix panic
2016-10-25 17:27:13 -07:00
21b8030ded
Fix tests for rkt port map
2016-10-25 17:06:41 -07:00
50ca5e1e9d
Merge pull request #1853 from hashicorp/f-rpc-http-tls
...
TLS support for http and RPC
2016-10-25 16:14:43 -07:00
7c61e115bd
Moved tlsutil into helpers
2016-10-25 16:05:37 -07:00
353e7fc7f1
Moving the certs into tlsutil package
2016-10-25 16:01:53 -07:00
cf35aeac84
Moving the TLSConfig to structs
2016-10-25 15:57:38 -07:00
18bbfe8325
driver.rkt: add rkt drriver port mapping test
2016-10-25 15:41:49 -07:00
56d91632ca
driver.rkt: support port mapping with net and port options
2016-10-25 15:41:49 -07:00
9d3cdded9a
Merge pull request #1699 from hashicorp/f-lxc-driver
...
LXC Support
2016-10-25 15:17:44 -07:00
b5cc153d54
Added lxc related dependencies
2016-10-25 15:17:02 -07:00
9bba036f13
Merge pull request #1852 from hashicorp/b-service-validation
...
Interpolate and then validate services
2016-10-25 14:28:32 -07:00
4082732d3a
Interpolate and then validate services
2016-10-25 14:27:49 -07:00
bf0981363f
Merge pull request #1850 from hashicorp/f-fs-secret
...
Disallow fs to read secret directory
2016-10-25 11:35:08 -07:00
8e07c2750e
Merge pull request #1839 from hashicorp/f-signal-constraints
...
Signal creates an auto-constraints
2016-10-25 11:09:33 -07:00
f8419fdd6e
Add CaPath to Vault config in consul-template
2016-10-25 11:01:50 -07:00
eefc8db3b3
Enabling TLS on cli
2016-10-25 10:39:17 -07:00
4f45aece4b
Fingerprint rkt volume support and make periodic
...
Fix rkt docs and custom volume mounting
2016-10-25 09:46:49 -07:00
5d358c7eba
Allow mounting alloc-dir-relative paths in docker
2016-10-25 09:46:49 -07:00
49ed6da0ad
Enable rkt and docker volume mounting by default
2016-10-25 09:46:49 -07:00
f075bda9b9
Make volume name unique
2016-10-25 09:46:49 -07:00
83a11fc93b
Bump minimum required rkt version; update docs
...
Make section names match between docker and rkt
2016-10-25 09:46:49 -07:00
edf657b58a
Fix docker reference in rkt test
2016-10-25 09:46:49 -07:00
02ed35bd1c
Add arbitrary volume support to rkt
2016-10-25 09:46:49 -07:00
473c28824c
Fix standard mounts in rkt and tests
2016-10-25 09:46:49 -07:00
da8b05ba17
Fix merge
2016-10-24 17:04:10 -07:00
03eba049ed
Merge pull request #1848 from hashicorp/f-vault-error
...
Thread through whether DeriveToken error is recoverable or not
2016-10-24 15:01:18 -07:00
e03927bb5c
Changed the way TLS config is parsed
2016-10-24 13:56:19 -07:00
e85d0ebace
Merge pull request #1840 from hashicorp/f-kill-fail
...
Change how we mark tasks as failed and allow consul-template to fail tasks
2016-10-24 13:40:52 -07:00
4ae735c8ba
Disallow fs to read secret directory
2016-10-24 11:14:05 -07:00
692a809919
Merge pull request #1842 from hashicorp/f-version-and-id
...
Print the version and client node ID
2016-10-24 10:13:33 -07:00
2e3118e69c
Implemented TLS support for http and rpc
2016-10-23 22:22:00 -07:00
5577e53b20
Merge pull request #1845 from hashicorp/f-remove-disk-usage-acct
...
Remove disk usage enforcement
2016-10-22 19:01:51 -07:00
e85a67a49a
Fix signal test for docker
2016-10-22 18:32:48 -07:00
ede3a814ba
Small fixes
2016-10-22 18:20:50 -07:00
0070178741
Thread through whether DeriveToken error is recoverable or not
2016-10-22 18:08:30 -07:00
d937d3aede
Fix comment form
2016-10-21 16:56:33 -07:00
285e80ac0f
Remove disk usage enforcement
...
Many thanks to @iverberk for the original PR (#1609 ), but we ended up
not wanting to ship this implementation with 0.5.
We'll come back to it after 0.5 and hopefully find a way to leverage
filesystem accounting and quotas, so we can skip the expensive polling.
2016-10-21 13:55:51 -07:00
aa0d8d0d8d
Print the version and client node ID
2016-10-20 17:46:04 -07:00
46a7d1a0d7
Change how we mark tasks as failed and allow consul-template to fail tasks
2016-10-20 17:27:16 -07:00
41b5679015
Advertise signalling abilities
2016-10-19 15:06:23 -07:00
ae1ea0e5ba
Actually mount the local directory
2016-10-18 15:57:12 -07:00
b384bff053
Feedback
2016-10-18 15:01:04 -07:00
ba0b3963ef
Comments
2016-10-18 11:36:04 -07:00
4f8bfd7b18
Tests
2016-10-18 11:24:20 -07:00
36cfe6e89e
Large refactor of task runner and Vault token rehandling
2016-10-18 11:24:20 -07:00
53eeec9bc1
Merge pull request #1801 from hashicorp/f-signals
...
Consul-template signal change mode
2016-10-18 11:23:47 -07:00
34f7cbd10f
Disable lxc by default
2016-10-13 13:22:12 -07:00
1dbb2b7164
Cleanup comments/whitespace
2016-10-13 13:05:55 -07:00
38b2020291
Mount secret dir
2016-10-13 12:45:33 -07:00
4e86a5f906
throwing an error if stats line can't be converted to k/v pair
2016-10-12 17:18:58 -07:00
ea5d9d959a
Bind mounting alloc dir into container
2016-10-12 17:18:58 -07:00
6312ea3f8f
Setting the network type
2016-10-12 17:18:58 -07:00
ce334e0e04
Adding cpu resource limits
2016-10-12 17:18:58 -07:00
bb2a580ef1
Implemented an LXC Driver
2016-10-12 17:18:58 -07:00
e7a98d5500
Make EvalSymlink errors more verbose
2016-10-12 17:07:21 -07:00
8864a506aa
Disable the syslog logging system on Docker For Mac
...
The syslog logging system depends on the ability for a unix socket to be
accessed by the docker daemon in the $TMPDIR of the host. This doesn't
work on Docker For Mac because the docker daemon is running inside a VM,
and while /tmp is accessible, the filesystem used to share them doesn't
support unix socket files, and thus it doesn't work.
2016-10-12 17:07:21 -07:00
f8a65a3b9d
Resolve alloc/state directories to make Docker For Mac happy
...
* In -dev mode, `ioutil.TempDir` is used for the alloc and state
directories.
* `TempDir` uses `$TMPDIR`, which os OS X contains a per user
directory which is under `/var/folder`.
* `/var` is actually a symlink to `/private/var`
* Docker For Mac validates the directories that are passed to bind and on
OS X. That whitelist contains `/private`, but not `/var`. It does not
expand the path, and so any paths in `$TMPDIR` fail the whitelist check.
And thusly, by expanding the alloc/state directories the value passed
for binding does contain `/private` and Docker For Mac is happy.
2016-10-12 17:06:25 -07:00
eec1a154ec
add plugin kill
2016-10-12 13:24:22 -07:00
86238387e7
Send Executor Ctx separately
2016-10-12 11:35:29 -07:00
db4e676d73
Merge pull request #1803 from hashicorp/b-vault-parse
...
Fix Vault Config parsing of booleans
2016-10-11 13:47:46 -07:00
ed5ff3a104
Merge pull request #1804 from hashicorp/f-job-env-var
...
Add NOMAD_JOB_NAME to task environment
2016-10-11 13:34:54 -07:00
82960c46d8
Tests
2016-10-11 13:28:18 -07:00
83f647ed84
Replace "the the" with "the" in documentation and comments
2016-10-11 15:31:40 -04:00
ca5439eca1
Add NOMAD_JOB_NAME to environment
2016-10-11 11:20:42 -07:00
751aa114bf
Fix Vault parsing of booleans
2016-10-10 18:04:39 -07:00
bc35eaee21
Task runner sends signals
2016-10-10 15:09:00 -07:00
00a1234c55
Executor + Java/Raw Exec/Exec
2016-10-10 11:47:04 -07:00
5b01b1be1b
Rkt
2016-10-10 11:47:04 -07:00
280af8f4d1
Docker + Qemu
2016-10-10 11:47:04 -07:00
08eeef0140
Merge pull request #1796 from hashicorp/f-task-runner
...
Task runner integrates with TaskTemplateManager
2016-10-07 15:13:14 -07:00
d8f8048d85
Merge pull request #1767 from hashicorp/f-docker-volumes-logging
...
Support Docker Volumes and Logging
2016-10-07 12:10:59 -07:00
f0d04bd798
Add comment and fix log line code style
2016-10-07 11:58:21 -07:00
523dbfcc81
Remove VolumesFrom feature
...
Since containers are named with alloc ids it's difficult to use safely.
Not to mention task scheduling ordering issues could break it as well.
2016-10-07 11:58:13 -07:00
e2d49eb4a2
Comments
2016-10-06 15:21:59 -07:00
68c5fe78f8
Tests
2016-10-06 15:17:34 -07:00
8fb07bb083
Fix handling of restart in TaskEvents
2016-10-06 15:06:54 -07:00
8eb7fa91cf
Start of integration
2016-10-06 15:05:49 -07:00
3693de99d8
Merge pull request #1783 from hashicorp/f-consul-template
...
Consul template manager
2016-10-06 15:05:01 -07:00
c7f76ea78d
Make tests channel based
2016-10-06 14:51:54 -07:00
19a6aefd68
more vendoring
2016-10-06 12:36:44 -07:00
f777faba00
Add comments to config key constants
2016-10-03 16:04:33 -07:00
0d66b8aef0
Only launch syslog server if container uses syslog
2016-10-03 15:22:10 -07:00
44219cc083
Put docker volume support behind conf flag
...
Also add tests and fix bug with logging driver configuration.
2016-10-03 15:02:50 -07:00
a26a501120
Fixed a bug when giving in another logging driver than syslog.
...
Before this commit, if the Logging config did not contain a logging option "syslog-address", it would definitely insert this option.
If then, you decide to take another logdriver than syslog, docker would fail because it received a wrong log option for the selected driver.
Now, nomad will only insert the syslog address in a hard way if there are no logging options at all - this way it keeps the default nomad settings.
2016-10-03 15:02:50 -07:00
6c7cbe5fcb
Added support to mount host folders into container. For example if you don't want to bake certificates into the container, you can mount them into the directory directly.
...
Furthermore, I added support for volumes-from.
Currently, there is no support to move the data from one container to another, hence: If a container spawns on another host, it is very likely, that the data will not be found.
2016-10-03 15:02:49 -07:00
ac5cde4641
Added logging options support for docker driver
2016-10-03 15:02:49 -07:00
d2837dec44
Do not allow path to escape the alloc dir for the FS commands
2016-10-03 14:58:44 -07:00
6dea6df919
Restore lost chan inits
2016-10-03 14:56:50 -07:00
4eaabd675c
Consul Template Manager
2016-10-03 12:59:31 -07:00
d50c395421
Getting snapshot of allocation from remote node ( #1741 )
...
* Added the alloc dir move
* Moving allocdirs when starting allocations
* Added the migrate flag to ephemeral disk
* Stopping migration if the allocation doesn't need migration any more
* Added the GetAllocDir method
* refactored code
* Added a test for alloc runner
* Incorporated review comments
2016-10-03 09:59:57 -07:00
b117725dc9
Only log consul errors once since last succesful run
2016-09-28 17:18:45 -07:00
9beee9c891
Merge pull request #1762 from hashicorp/b-scan-pids
...
Constant size space tracking of pids
2016-09-27 17:28:35 -07:00
320b89d57a
Constant time space tracking of pids
2016-09-27 16:57:26 -07:00
80085ddda5
Merge pull request #1735 from hashicorp/b-bootstrap-flapping
...
Retry all servers on RPC call failure
2016-09-27 16:33:15 -07:00
d486de3804
Remove unused const
2016-09-27 16:04:01 -07:00
2b1d214b0d
Avoiding copying files if they are already present in chrootw ( #1753 )
2016-09-27 11:43:27 -07:00
2e696c5e61
Fix lies found in comments by fact checkers
2016-09-26 16:51:53 -07:00
11cf9686a6
No need to put reaper ticker on the struct
2016-09-26 16:15:19 -07:00
2eb0062959
Drop clumsy timeout on discovery notifications
...
It's better to just let goroutines fallback to their longer retry
intervals then try to be clever here.
2016-09-26 16:05:21 -07:00
307e674eca
Flip disco chan; clarify method names/comments
2016-09-26 15:52:40 -07:00
888ee21270
Return csv of servers from Stats, not just count
2016-09-26 15:40:26 -07:00
b28e817b1d
Test fix
2016-09-26 15:35:59 -07:00
7dc0079dd2
doDisco -> triggerDiscoveryCh; discovered -> serversDiscoveredCh
...
Also fix log line formatting
2016-09-26 15:21:28 -07:00
434e4be97c
noServers -> noServersErr
2016-09-26 15:12:35 -07:00
b2ddb85a78
consul -> Consul
2016-09-26 15:06:57 -07:00
12c7873db2
Closing files when files are removed
2016-09-23 22:17:53 -07:00
37cfb2769c
Replace periodic handlers with event driven disco
...
Remove use of periodic consul handlers in the client and just use
goroutines. Consul Discovery is now triggered with a chan instead of
using a timer and deadline to trigger.
Once discovery is complete a chan is ticked so all goroutines waiting
for servers will run.
Should speed up bootstraping and recovery while decreasing spinning on
timers.
2016-09-23 17:02:48 -07:00
2ab5264595
Retry all servers on RPC call failure
...
rpcproxy is refactored into serverlist which prioritizes good servers
over servers in a remote DC or who have had a failure.
Registration, heartbeating, and alloc status updating will retry faster
when new servers are discovered.
Consul discovery will be retried more quickly when no servers are
available (eg on startup or an outage).
2016-09-23 11:44:48 -07:00
589356fd55
Adding a snapshot endpoint on the client ( #1730 )
2016-09-21 21:28:12 -07:00
12de69a66f
Struct and parse
2016-09-21 11:31:09 -07:00
50efdb00e9
Merge pull request #1713 from hashicorp/f-alloc-runner-vault
...
Vault integration in client
2016-09-20 16:15:55 -07:00
64de46432a
Merge pull request #1677 from hashicorp/f-vault-implicit-constraint
...
Vault implicit Task Group constraint + allow root tokens
2016-09-20 16:15:32 -07:00
f7a9b39e8c
Ensuring that we are not emitting stats when handle is nil ( #1723 )
...
* Ensuring that we are not emitting stats when handle is nil
* Updated the changelog
2016-09-20 11:29:34 -07:00
83905075e5
Fix comment
2016-09-17 11:31:17 -07:00
40fc1d1dfd
Task runner test
2016-09-15 17:39:08 -07:00
0fefaef008
Alloc runner tests
2016-09-15 17:24:09 -07:00
0f40bd41a3
Handle recovery failure
2016-09-15 12:50:44 -07:00
688e616200
Fix token renewal
2016-09-15 11:20:51 -07:00
ec152a6d12
Clean up vault client
2016-09-14 18:10:56 -07:00
6702a29071
Vault token threaded
2016-09-14 13:30:01 -07:00
8dc19dbd10
Log adding of servers at INFO level
2016-09-14 22:24:17 +02:00
9a2a17b48f
Merge pull request #1682 from hashicorp/b-sanity-check-state-file
...
Prevent state file corruption and check state file sanity on save
2016-09-13 11:24:34 -07:00
cd8606b9e3
Revert "A nil context isn't an error"
...
This reverts commit fe9fe4c26259c1ad3bd7e94bd711418aaf819b20.
2016-09-12 12:56:12 -07:00
ab6a9a5120
Fixing alloc runner tests
2016-09-04 19:09:08 -07:00
0f77d81f7d
Merge pull request #1683 from mwieczorek/enable-syslog-for-windows
...
Enable syslog for windows
2016-09-04 17:07:25 -07:00
94071fc294
Enable syslog server and universal collector for windows
2016-09-05 00:26:36 +02:00
8a57913a44
A nil context isn't an error
2016-09-02 16:24:53 -07:00
f601361d58
Don't serialize task states twice in state files
2016-09-02 16:07:06 -07:00
6cb6d9cdf1
Lock around saving state
...
Prevent interleaving state syncs as it could conceivably lead to
empty state files as per #1367
2016-09-02 16:07:06 -07:00
e7dd443447
Add sanity check to SaveState
...
Also just reuse the task states snapshot taken by `Alloc()` instead of
doing a redundant copy.
2016-09-02 16:07:06 -07:00
eecef73302
syscall error
2016-09-02 15:00:46 -07:00
eef786dd9d
Secret dir materialized in alloc/task directory
2016-09-02 12:44:05 -07:00
2c8dd8bbd3
Revert "Introduce a Secret/ directory"
2016-09-01 17:23:15 -07:00
4a8fba5cf7
small fixes
2016-09-01 13:38:31 -07:00
b0adaa5301
Allow root token
2016-09-01 12:05:08 -07:00
8ca3a16825
Fingerprint
2016-09-01 11:10:14 -07:00
1ed454dd60
Merge pull request #1671 from hashicorp/f-secret-dir2
...
Introduce a Secret/ directory
2016-09-01 09:56:17 -07:00
9fa23e3536
Symlink on windows
2016-08-31 21:41:44 -07:00
5d3b47e648
Address comments and reserve
2016-08-31 18:11:02 -07:00
cbb0b8e31e
Merge pull request #1668 from hashicorp/b-fix-consul-updates
...
Fix old services not getting removed from consul on update
2016-08-31 17:17:09 -07:00
0626eb9619
environment variables
2016-08-31 13:56:11 -07:00
d59e14eed4
Interface + tests
2016-08-30 21:40:32 -07:00
b6b73545ea
Merge pull request #1606 from hashicorp/f-vault-client
...
VaultClient for Nomad client's interactions with Vault
2016-08-30 13:13:54 -04:00
d0ad1603c3
Print debug message only when error is non-nil
2016-08-30 13:14:34 -04:00
55a6f06e15
Addressed review feedback
2016-08-30 13:08:13 -04:00
3808dd0ff8
Return only fatal error to renewal error channel
2016-08-30 12:46:59 -04:00
a0dbfe25b3
Fix tests
2016-08-29 21:30:06 -04:00
82f6209e97
tokenDeriver function pointer to derive tokens.
...
Remove rpc*, connPool, node and region from vaultclient.
2016-08-29 20:32:05 -04:00
14b7126511
Secret dir, hello world
2016-08-29 15:41:52 -07:00
Michael Schurter