Commit graph

2300 commits

Author SHA1 Message Date
Michael Schurter 521354ee99 Improve test timings
1234ms was far longer than needed and not sleeping between iterations
was just mean.
2017-04-06 11:10:36 -07:00
Michael Schurter a81c387adf Require TLS for server RPC when enabled
Fixes #2525

We used to be checking a RequireTLS field that was never set. Instead we
can just check the TLSConfig.EnableRPC field and require TLS if it's
enabled.

Added a few unfortunately slow integration tests to assert the intended
behavior of misconfigured RPC TLS.

Also disable a lot of noisy test logging when -v isn't specified.
2017-04-06 09:34:36 -07:00
Diptanu Choudhury 0944d9d640 Making the fingerprinter support ipv6 ips 2017-04-06 01:06:32 -07:00
Alex Dadgar d0da30324e Split driver tests 2017-04-04 15:12:14 -07:00
Alex Dadgar f95af65c75 Split task runner tests 2017-04-04 15:02:09 -07:00
Alex Dadgar f2ba6db607 Add sticky bit to temp directory
Fixes an issue where the Ruby runtime expects the sticky bit to be set
on the temp directory. The sticky bit is commonly set on the temp
directory since it is usually shared by many users. This change brings
ours in line with that assumption.
2017-04-04 10:48:29 -07:00
Alex Dadgar c52000f792 FinishedAt only records when the task has actually started 2017-03-31 17:06:05 -07:00
Alex Dadgar 81b78f77e1 Track task start/finish time & improve logs errors
This PR adds tracking to when a task starts and finishes and the logs
API takes advantage of this and returns better errors when asking for
logs that do not exist.
2017-03-31 16:14:11 -07:00
Alex Dadgar 6bee23047a Fix variable capture and add tests
This PR fixes token revocation and adds tests to make sure it is
working. The 0.5.6 RC1's token revocation does not work becasue the
token's value is captured at the instantiation of the deferred
stoprenewal statement rather than its exectution.
2017-03-29 13:17:50 -07:00
Robert Neumayer 804f83f1fb Fix typo and be consistent in naming 2017-03-29 09:33:54 +02:00
Michael Schurter ae3810052d Merge pull request #2482 from hashicorp/f-2289-better-artifact-err
Improve artifact download error message
2017-03-28 12:48:22 -07:00
Michael Schurter 2d07b75308 Recoverable struct field must be exported 2017-03-28 12:18:57 -07:00
Michael Schurter 1653b42400 Merge branch 'master' into b-2491-task-env 2017-03-28 11:28:00 -07:00
Alex Dadgar 1e95ae7e6a Merge pull request #2495 from hashicorp/b-vault-stop-renew
Stop Vault token renew on task exit
2017-03-28 11:14:18 -07:00
Alex Dadgar 5e7e19de4b Merge pull request #2461 from hashicorp/b-groups
Various fixes for setting user/group of task
2017-03-28 11:13:27 -07:00
Alex Dadgar 3b493b29b0 Merge pull request #2488 from hashicorp/f-node-values-template
Access Node Meta and Attrs in template
2017-03-28 11:10:29 -07:00
Alex Dadgar 5b36a90723 feedback 2017-03-28 11:10:11 -07:00
Michael Schurter d58bcde183 Make test more accurate and add changelog entry 2017-03-28 10:53:26 -07:00
Alex Dadgar d1645f47b1 Stop Vault token renew on task exit
This PR fixes an oversight in which the client would attempt to renew a
token even after the task exits.

Fixes https://github.com/hashicorp/nomad/issues/2475
2017-03-28 10:53:15 -07:00
Michael Schurter 9a0c66b55b Don't take a reference a var in a loop
Fixes #2491
2017-03-28 10:16:27 -07:00
Michael Schurter 41dcc72033 Recoverable is a method now, not a field 2017-03-27 15:41:35 -07:00
Michael Schurter 507862ade3 Add WrapRecoverable helper 2017-03-27 15:37:15 -07:00
Alex Dadgar 23562d77c9 Access Node Meta and Attrs in template
This PR allows accessing the Node's attributes and metadata as in a
template.

```
template {
    data = "{{ env \"attr.unique.network.ip-address\" }}"
    destination = "local/out"
}
```
2017-03-27 15:15:33 -07:00
Alex Dadgar 4ecebe7d8c Proper reference counting through task restarts
This PR fixes an issue in which the reference count on a Docker image
would become inflated through task restarts.
2017-03-25 17:05:53 -07:00
Michael Schurter 0e6c564406 Improve artifact download error message
Fixes #2289

Unfortunately took more RecoverableError hijinx than I would have liked.
There might be a better way.
2017-03-24 15:26:05 -07:00
Alex Dadgar 7e6c08191d Fix vet 2017-03-24 12:24:47 -07:00
Alex Dadgar c3551c761e Fix panic when restarting non-running task
This PR fixes an issue that is hit when running templates with restart
mode in which the client could panic when the handle is not running.

Fixes https://github.com/hashicorp/nomad/issues/2479
2017-03-24 12:04:22 -07:00
Alex Dadgar a171a014b3 Various fixes for setting user/group of task
This PR fixes two issues:
* Folder permissions in -dev mode were incorrect and not suitable for
running as a particular user.
* Was not setting the group membership properly for the launched
process.

Fixes https://github.com/hashicorp/nomad/issues/2160
2017-03-20 14:21:13 -07:00
Michael Schurter 39a8ce6cdb Fix test deadlock due to alloc runner not running
Don't actualy call AllocRunner.Run() because that executes so much
unneeded code for this test. Manually close the waitCh to simulate Run()
exiting.
2017-03-16 13:22:08 -07:00
Michael Schurter 9f8067e340 Fix test by adding new env vars 2017-03-14 17:15:12 -07:00
Alex Dadgar d220d9405b return the recoverable err 2017-03-14 16:33:36 -07:00
Alex Dadgar 177bd14718 rename cpu_total_compute and docs 2017-03-14 14:15:49 -07:00
Alex Dadgar 5f7bf577cd Docker doesn't need to init the stats helper 2017-03-14 13:41:57 -07:00
Alex Dadgar a1a7941dec Various fixes
This PR:
* Uses Go 1.8 executable lookup
* Stores any err message from stats init method
* Allows overriding of Cpu Compute for hosts where it can't be detected
2017-03-14 12:56:31 -07:00
Alex Dadgar 2a105c4eaa Merge pull request #2427 from hashicorp/f-gc-limit
Limit parallelism during garbage collection
2017-03-14 10:45:29 -07:00
Alex Dadgar 7700a3447e Review fixes 2017-03-14 10:45:15 -07:00
Michael Schurter 047b41f469 Merge pull request #2408 from hashicorp/b-2358-rkt-volume-name
Replace `_` with `-` in task names for rkt volumes
2017-03-14 10:10:00 -07:00
Michael Schurter a116d6441d Merge pull request #2426 from hashicorp/f-tg-port-ip-env-var
Add NOMAD_{IP,PORT}_<task>_<label> env vars
2017-03-13 12:00:59 -07:00
Alex Dadgar b5e53652aa Handle git ssh artifacts
This PR adds handling for downloading git artifacts using ssh with the
format git@github.com:hashicorp/go-getter.git

Fixes https://github.com/hashicorp/nomad/issues/2430
2017-03-11 15:12:41 -08:00
Alex Dadgar 3f68aae7ab TODO 2017-03-11 13:56:19 -08:00
Alex Dadgar fd8d6d0d89 Merge pull request #2424 from jen20/solaris-alloc-dirs
client/allocdir: Add missing functions on Solaris
2017-03-11 13:55:38 -08:00
Alex Dadgar 5716eee753 remove escape 2017-03-10 16:46:22 -08:00
Alex Dadgar 70e4feb045 Limit parallelism during garbage collection
This PR introduces a parallelism limit during garbage collection. This
is used to avoid large resource usage spikes if garbage collecting many
allocations at once.
2017-03-10 16:27:00 -08:00
Michael Schurter 71783e8e41 Add NOMAD_{IP,PORT}_<task>_<label> env vars 2017-03-10 12:17:43 -08:00
Alex Dadgar a60127b72e Merge pull request #2425 from hashicorp/f-client-metrics
Add metrics to show allocations on the client
2017-03-09 21:05:53 -08:00
Alex Dadgar 8238a8601e Address comment 2017-03-09 21:05:34 -08:00
Alex Dadgar 9011a7984c Add metrics to show allocations on the client
This PR adds the following metrics to the client:
client.allocations.migrating
client.allocations.blocked
client.allocations.pending
client.allocations.running
client.allocations.terminal

Also adds some missing fields to the API version of the evaluation.
2017-03-09 12:37:41 -08:00
James Nugent b3d1ef0af6 client/allocdir: Add missing functions on Solaris
This commit adds Solaris versions of the following functions:

- `linkDir`
- `unlinkDir`
- `createSecretDir`
- `removeSecretDir`

I believe this requires Go 1.8 in order to compile, as the unlink
syscall was previously missing.
2017-03-09 13:49:14 -05:00
Michael Schurter 16adc44358 Round two of env var cleaning
Should bring us into conformance with IEEE Std 1003.1, 2004 Edition:
http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html

1 alloc/op and ~80ns/op on my machine.
2017-03-08 16:46:13 -08:00
Michael Schurter a724779720 Replace _ with - in task names for rkt volumes
Fixes #2358
2017-03-07 14:34:57 -08:00
Michael Schurter 518e4f75a6 Replace "-" in env var keys with "_"
Fixes #2405
2017-03-06 19:57:44 -08:00
Alex Dadgar 36f3788cb7 Fix lint errors 2017-03-02 21:03:05 -08:00
Alex Dadgar 3fb285f7d3 Fix TestAllocRunner_SaveRestoreState 2017-03-02 20:45:46 -08:00
Alex Dadgar 4cba170e4b Mkdir -> MkdirAll to avoid error when folder already exists 2017-03-02 19:35:31 -08:00
Alex Dadgar 5cd43e837a Merge branch 'master' into b-remount 2017-03-02 19:23:13 -08:00
Michael Schurter 200d31e2e6 Fix tests broken by API change 2017-03-02 15:54:12 -08:00
Michael Schurter 8ac632c3ff Fix API breaks in tests 2017-03-02 15:50:18 -08:00
Michael Schurter d12949fbbd Cleanup comments/names 2017-03-02 15:44:52 -08:00
Michael Schurter e03f64ea6a Safely ensure {dev,proc,alloc} are mounted
If they're unmounted by a reboot they'll be properly remounted.
2017-03-02 13:21:34 -08:00
Michael Schurter d5b7c0c302 unlinkDir should not error if already unlinked 2017-03-02 13:20:47 -08:00
Michael Schurter a9f9c485b4 Fix typos 2017-03-02 13:20:05 -08:00
Michael Schurter f5ce13598b Merge pull request #2391 from hashicorp/b-idempotent-umount
Make sure unmounting the secrets dir is idempotent
2017-03-02 11:24:01 -08:00
Michael Schurter 1cfe9f88b8 Make sure unmounting the secrets dir is idemptoent 2017-03-01 17:19:39 -08:00
Alex Dadgar 2aa962a357 Merge pull request #2389 from tmichaud314/2388-docker-driver-auth-file
Fixes docker-driver docker.auth.config processing
2017-03-01 15:39:35 -08:00
Tom Michaud b4db9d33f9 Fixes docker-driver docker.auth.config processing 2017-03-01 16:16:11 -07:00
Alex Dadgar af4e400b36 Update go-getter and add support for git and hg
Fixes https://github.com/hashicorp/nomad/issues/2042
2017-03-01 14:46:04 -08:00
Dave Walker (Daviey) 4958154640 Enable kernel.version on Windows
Previously, this value was guarded against running on Windows
because it called the `uname` command which is unlikely to
be there.

This change now sets the value from gopsutil, which might
well be an empty string.

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2017-03-01 18:48:23 +00:00
Dave Walker (Daviey) 090e760928 Don't exec uname for node attribute kernel.version
Previously with client fingerprinting, sys/exec's Command
function was being used to execute `uname -r` and the return
string processed into the kernel.version node attribute.

This change uses gopsutil/host KernelVersion function
instead.  This means we can drop the os/exec, strings and
fmt imports... and not execute an external binary.

Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2017-03-01 09:45:56 +00:00
Alex Dadgar d2193048ce Fix caching of pull future 2017-02-28 18:19:13 -08:00
Alex Dadgar fa853c9696 Fix two issues during client restore state
This PR fixes two issues:

1) A close of a nil stopCollection channel when restoring and prestart
fails. The failure will cause the killCh to be triggered which will
close collection before it has been initialized.

2) Fixes a deadlock in which the handleWaitCh is never triggered since
it is not initialized when there is an error in prestart and the killCh
is triggered.

Both fixes are by maintaining the loop invariant that the two channels
are valid after there is a handle.
2017-02-28 10:29:12 -08:00
Alex Dadgar 48ab2a6c6a Delete on increment and add a safety guard 2017-02-27 20:23:21 -08:00
Alex Dadgar 3dc0e38feb Merge branch 'master' of github.com:hashicorp/nomad 2017-02-27 19:09:50 -08:00
Alex Dadgar 254b0e4ca6 Fix delete future 2017-02-27 19:09:13 -08:00
Alex Dadgar 5be806a3df Fix vet script and fix vet problems
This PR fixes our vet script and fixes all the missed vet changes.

It also fixes pointers being printed in `nomad stop <job>` and `nomad
node-status <node>`.
2017-02-27 16:00:19 -08:00
Alex Dadgar c423626484 Docker open stores image/image ID for next ID 2017-02-27 13:49:54 -08:00
Alex Dadgar 6910678c21 Allow random UUID 2017-02-27 13:42:37 -08:00
Alex Dadgar aa05ecc37c Merge pull request #2361 from hashicorp/f-docker-coordination
Docker Image Coordinator and caching
2017-02-24 14:18:21 -08:00
Alex Dadgar b5d4f39734 Docker Image Coordinator
This PR introduces a coordinator for doing CRUD on a Docker image. It
should fix racy deletion of images. The issue before was images would be
deleted between prestart and start causing an error.
2017-02-24 13:20:40 -08:00
Michael Schurter f61b7975a3 Put access to Docker volume drivers behind flag 2017-02-23 15:47:36 -08:00
Alex Dadgar 2239503e6e Fix noisy log 2017-02-23 14:40:24 -08:00
Pietro Menna 2f88d6cb68 Docker Volume Drivers
This commit adds the functionality to use Docker Volume Drivers.
2017-02-23 14:36:32 -03:00
Alex Dadgar c7e004b8c5 Merge pull request #2344 from hashicorp/b-fix-allocdir-move-test
Fix allocdir Move test and make code more defensive
2017-02-22 18:43:10 -08:00
Alex Dadgar 6936c81720 Merge pull request #2302 from hashicorp/f-task-state-setup
Adding a task event for setup
2017-02-22 18:42:57 -08:00
Alex Dadgar d2cbbac76e Merge pull request #2347 from hashicorp/b-parse
Remove defaulting from parse and fix tests
2017-02-22 18:42:43 -08:00
Alex Dadgar cef7882827 Fix tests and docs 2017-02-22 18:28:07 -08:00
Diptanu Choudhury 98921575af Adding a task event for setup 2017-02-22 18:28:07 -08:00
Alex Dadgar b5995c6cd7 Vendor + test fixes 2017-02-22 15:55:33 -08:00
Michael Schurter e5a29b82db Fix allocdir Move test and make code more defensive
A change in the behavior of `os.Rename` in Go 1.8 brought to light a
difference in the logic between `{Alloc,Task}Runner` and this test:

AllocRunner builds the alloc dir, moves dirs if necessary, and then lets
TaskRunner call TaskDir.Build().

This test called `TaskDir.Build` *before* `AllocDir.Move`, so in Go 1.8
it failed to `os.Rename over` the empty {data,local} dirs.

I updated the test to behave like the real code, but I defensively added
`os.Remove` calls as a subtle change in call order shouldn't break this
code. `os.Remove` won't remove a non-empty directory, so it's still
safe.
2017-02-21 17:22:10 -08:00
Michael Schurter 12c549d6a0 Skip setting MemorySwap on Windows
Windows doesn't support this Docker setting.

Fixes #2193
2017-02-21 13:21:42 -08:00
Alex Dadgar d0fd0e277a Don't force uppercase meta keys in env vars 2017-02-20 19:51:24 -08:00
Alex Dadgar f9323f03df Drivers log during fingerprinting
This PR fixes a regression in which some drivers did not log during
fingerprinting.
2017-02-20 19:35:51 -08:00
Alex Dadgar b49fceb491 rebase 2017-02-20 16:43:28 -08:00
Alex Dadgar c586cb653b Merge pull request #2318 from hashicorp/f-vault-debug
Server side Vault telemetry
2017-02-17 11:34:37 -08:00
Alex Dadgar 4223eb25eb Docs 2017-02-17 10:16:15 -08:00
Alex Dadgar 7203dee7ab Add allocated/unallocated metrics to client 2017-02-16 18:28:11 -08:00
Alex Dadgar c62cd5cc55 Revendor docker client 2017-02-14 17:34:05 -08:00
Alex Dadgar 0940fc08af Better derive token logging 2017-02-14 16:46:54 -08:00
Alex Dadgar 238b4bcafd Add Leader support to client 2017-02-10 17:55:19 -08:00
Michael Schurter fb59e42473 Fix test to assert new never-nil behavior 2017-02-10 10:11:15 -08:00
Michael Schurter 51e4fe9915 Use getters & setters with nil guards 2017-02-09 17:44:58 -08:00
Michael Schurter 37e7e7a3e5 Fix upgrade path for created resources
This *might* be a fix for #2295 -- I've been unable to reproduce the
bug. However, this guard seems wise regardless. I should never be
overwriting an intialized created resources with a nil.
2017-02-09 13:54:33 -08:00
Alex Dadgar b51ba01d54 Merge pull request #2293 from hashicorp/f-vendor-memdb
Vendor MemDB
2017-02-08 14:51:01 -08:00
Alex Dadgar 04862ca10e Tests compile 2017-02-07 21:30:57 -08:00
Sean Chittenden c4c321c770
Unconditionally lowercase the node ID read from disk. 2017-02-06 16:20:17 -08:00
Sean Chittenden adb5be23ef
Add better verification of a host's HostID. 2017-02-02 16:24:32 -08:00
Alex Dadgar d1f8301e73 Merge pull request #2277 from hashicorp/f-durable-uuid
Reproducible Node ID
2017-02-02 11:54:49 -08:00
Alex Dadgar 1562a7aeee Merge pull request #2262 from hashicorp/f-permissions
Template destination file permissions.
2017-02-02 11:28:44 -08:00
Sean Chittenden bb4347e277
Slight mis-merge: secret-id in dev mode is random and needs to be returned. 2017-02-01 22:20:52 -08:00
Sean Chittenden bb422a2258
Generate a durable NodeID if possible, otherwise fall back to a random HostID. 2017-02-01 22:11:33 -08:00
Alex Dadgar b40f284bd1 Merge branch 'master' into f-permissions 2017-02-01 16:57:46 -08:00
Alex Dadgar ec7bc783a4 Merge branch 'master' into b-vault-race 2017-02-01 16:57:26 -08:00
Alex Dadgar 9987a235a5 Fix race condition with Deriving vault tokens
This PR fixes a race condition in which the client was not locked while
deriving Vault tokens. This allowed the token to be set which would
cause subsequent Vault requests to fail with permission denied because
the incorrect Vault token was being used.

Further this PR makes the unsetting and unlocking of the client atomic
to avoid an even harder to hit race condition (not sure it was ever hit
but was still incorrect).
2017-02-01 16:25:59 -08:00
Diptanu Choudhury 90ac3e2774 Checking in updated gc tests 2017-02-01 13:12:46 -08:00
Alex Dadgar 6b7efa1ba6 Template destination file permissions.
This PR allows setting the file permissions of the rendered template.
2017-01-31 20:10:01 -08:00
Diptanu Choudhury 11d7cb1230 Making the GC related fields tunable 2017-01-31 15:51:20 -08:00
Michael Schurter aef3c2e380 Handle createdResourcs=nil
Combined with b522c472fdf this fixes #2256

Without these two commits in place upgrades to 0.5.3 panics.
2017-01-31 10:51:32 -08:00
Alex Dadgar 44d63318a4 Add nil guard 2017-01-31 09:19:59 -08:00
Alex Dadgar 91f485a189 slightly more verbose test 2017-01-30 16:16:26 -08:00
Alex Dadgar 7fa99037a4 up timing 2017-01-26 13:25:37 -08:00
Alex Dadgar 8196a58c4c Rename dispatch_input to dispatch_payload 2017-01-25 21:27:44 -08:00
Alex Dadgar 0933bcadf9 Fix import 2017-01-25 21:27:36 -08:00
Alex Dadgar b7e8bae128 Fix unreachable function in tests 2017-01-25 20:58:24 -08:00
Alex Dadgar 4f99243fa3 More timing fixes 2017-01-25 11:57:38 -08:00
Alex Dadgar 68fd18f5cf small env fix 2017-01-25 10:42:11 -08:00
Alex Dadgar 1e3ffec95f Fix flaky test 2017-01-24 09:40:13 -08:00
Alex Dadgar 75e3f2c996 Fix fsm/env test 2017-01-24 09:36:22 -08:00
Alex Dadgar 4e5de453c7 Fix template test 2017-01-23 16:42:02 -08:00
Alex Dadgar 985598d4b5 Fix test 2017-01-23 16:33:35 -08:00
Diptanu Choudhury 264a0c46cf Merge pull request #2223 from hashicorp/f-env-addr
Setting the Addrs of sibling tasks in the env
2017-01-23 15:05:48 -08:00
Diptanu Choudhury fda3a5250c Merge pull request #2222 from hashicorp/b-docker-image-not-found
Making the docker driver retry when an image is not found
2017-01-23 14:58:00 -08:00
Diptanu Choudhury dfd1f03ec8 Added a comment 2017-01-23 14:57:30 -08:00
Alex Dadgar 5fc629d4b7 Merge pull request #2190 from hashicorp/b-docker-auth
Better Docker Auth lookup
2017-01-23 14:50:50 -08:00
Alex Dadgar e160b2b38f Add test and better logs
This commit adds a test to retrieving auth configurations, use either
the auth block in the config or specified via the agent config and adds
a log if lookup fails.
2017-01-23 14:48:02 -08:00
Alex Dadgar 6b02229eb0 fix flaky test 2017-01-23 14:12:38 -08:00
Alex Dadgar 43a17b7d74 Close file 2017-01-23 11:37:45 -08:00
Alex Dadgar ee5296ba70 Deprecation notice 2017-01-23 11:32:51 -08:00
Alex Dadgar 3365688571 Remove SSL 2017-01-23 11:32:51 -08:00
Alex Dadgar 4a627b02ca undo 2017-01-23 11:32:51 -08:00
Alex Dadgar 08733b68d2 vendor 2017-01-23 11:32:51 -08:00
Alex Dadgar b1823a5fdb Better auth lookup 2017-01-23 11:32:51 -08:00
Alex Dadgar 3d5b31fc96 WIP 2017-01-23 11:32:51 -08:00
Alex Dadgar 625f738a6f fix test build 2017-01-23 11:26:34 -08:00
Alex Dadgar 024e9ec02a remove xxx 2017-01-23 11:04:44 -08:00
Alex Dadgar 66909bb7fc Finalize 2017-01-23 11:03:38 -08:00
Alex Dadgar 55fdf82513 test nomad env 2017-01-23 11:00:12 -08:00
Alex Dadgar 0db766872c fix lookup 2017-01-23 11:00:12 -08:00
Alex Dadgar f93f2249e9 Clear SSL 2017-01-23 11:00:12 -08:00
Alex Dadgar b71ec08b80 rebase 2017-01-23 11:00:12 -08:00
Diptanu Choudhury 84a491f85a Locking appropriately before closing the channel to indicate migration 2017-01-23 10:46:57 -08:00
Alex Dadgar ec6b6e69d4 remove reference to entrypoint 2017-01-22 14:04:41 -08:00