Commit graph

1579 commits

Author SHA1 Message Date
Drew Bailey 009b8d5363
Persist shared allocated ports for inplace update (#9830)
* Persist shared allocated ports for inplace update

Ports were not copied over when performing inplace updates in the
generic scheduler

* changelog

* drop spew
2021-01-15 12:45:12 -05:00
leonardobsjr 16ec2c76e7
Missed improvement regarding IGW improvement
Seems like this was missing from the docs. Was trying to make this work on 1.0.1 (it was on the docs), however, it's only working on 1.0.2.
2021-01-15 12:34:11 -03:00
Drew Bailey cdc7f85964
Release 1.0.2 (#9819)
* changelog for release 1.0.2

* Generate files for 1.0.2 release

* Release v1.0.2

* rm generated files, update changelog for next release

* checkout bindata_assetfs

* bump version

Co-authored-by: Nomad Release bot <nomad@hashicorp.com>
2021-01-14 15:08:28 -05:00
Drew Bailey 9cd274ba8d
changelogfmt (#9807) 2021-01-13 15:21:17 -05:00
Drew Bailey a7aaa57258
changelog for release 1.0.2 2021-01-13 11:44:30 -05:00
Dave May 35d43c19ab
nomad agent-info: Add json/gotemplate formatting (#9788)
* nomad agent-info: Add json/gotemplate formatting
* Add CHANGELOG entry
* update docs
2021-01-13 09:42:46 -05:00
Jasmine Dahilig 0b8c1865e1
changelog for #9361 (#9783) 2021-01-12 15:12:49 -05:00
Michael Lange 7f2cb4037a
Merge pull request #9780 from hashicorp/d/changelog-9733
Changelog entry for 9733
2021-01-12 10:34:52 -08:00
Seth Hoenig 17bb46903d
Merge pull request #9770 from hashicorp/docs-update-cl
docs: update cl with graviton fix
2021-01-12 12:30:01 -06:00
Michael Lange 1ea19d8616 Changelog entry for 9733 2021-01-12 09:56:02 -08:00
Florian Apolloner df7e22362d Properly detect unloaded dynamic modules on RHEL derivates. Fixes #9776
The modules.dep file on RHEL includes .xz for compressed kernel modules.
2021-01-12 18:28:00 +01:00
Seth Hoenig c145e630c4 docs: update cl with graviton fix 2021-01-11 12:07:05 -06:00
Tim Gross d78b4fc1a1 safely handle existing net namespace in default network manager
When a client restarts, the network_hook's prerun will call
`CreateNetwork`. Drivers that don't implement their own network manager will
fall back to the default network manager, which doesn't handle the case where
the network namespace is being recreated safely. This results in an error and
the task being restarted for `exec` tasks with `network` blocks (this also
impacts the community `containerd` and probably other community task drivers).

If we get an error when attempting to create the namespace and that error is
because the file already exists and is locked by its process, then we'll
return a `nil` error with the `created` flag set to false, just as we do with
the `docker` driver.
2021-01-11 11:31:03 -05:00
Chris Baker a53e54d7a6 changelog for 9761 2021-01-08 19:26:42 +00:00
Drew Bailey c87adfac62
persist shared ports during inplace updates (#9736)
AllocatedSharedResources were not being copied over to the new
allocation struct the scheduler makes during inplace updates. This
caused downstream issues after the plan was applied, namely the shared
ports were dropped causing issues with service
registration/deregistration.

test that shared ports are preserved

change log, also carry over shared network

copy networks
2021-01-08 09:00:41 -05:00
Tim Gross cb0c4b1d0b changelog entry for #9532 2021-01-07 15:44:13 -05:00
Seth Hoenig 09c13b0066
Merge pull request #9751 from hashicorp/b-envoyv-segfault
consul/connect: fix panic during in-place upgrade with connect jobs
2021-01-07 14:22:27 -06:00
Tim Gross 4eafcb06ef changelog: add entry for GH-9050 2021-01-07 15:01:04 -05:00
Seth Hoenig 303856183c consul/connect: fix panic during in-place upgrade with connect jobs
When upgrading from Nomad v0.12.x to v1.0.x, Nomad client will panic on
startup if the node is running Connect enabled jobs. This is caused by
a missing piece of plumbing of the Consul Proxies API interface during the
client restore process.

Fixes #9738
2021-01-07 13:24:24 -06:00
Nick Ethier ab01e19df3 command/agent/consul: use port's to value when building service address under 'alloc' addr_mode 2021-01-06 13:52:48 -05:00
Seth Hoenig c46a503fdb docs: update changelog 2021-01-05 09:31:22 -06:00
Seth Hoenig bc7dd881dd docs: add changelog entry 2021-01-05 08:48:12 -06:00
Chris Baker 60095f47a5 changelog 2021-01-04 22:25:37 +00:00
Michael Schurter 7a6e55b21f
Merge pull request #9686 from hashicorp/golang1.15.6
build: upgrade from Go 1.15.5 -> 1.15.6
2021-01-04 12:07:41 -08:00
Michael Schurter 772ab5502d build: upgrade from Go 1.15.5 -> 1.15.6
Also updated scripts/update_golang_version.sh to handle new CircleCI
file layout.
2021-01-04 08:34:00 -08:00
Mahmood Ali 66c0e85b9c add changelog 2021-01-04 09:09:58 -05:00
Tim Gross ea395d5636 changelog: add missing entry from 0.12.4 2020-12-17 14:31:43 -05:00
Seth Hoenig 93da234e9d docs: move changelog entry 2020-12-16 17:42:28 -06:00
Michael Schurter 72329f8356 docs: release v1.0.1
- Update release date in changelog
- Update download version
- Update alert banner to not be so specific
2020-12-16 13:55:09 -08:00
Michael Schurter 9530d0733e
Merge pull request #9653 from hashicorp/docs-9625-changelog
docs: add #9625 to changelog
2020-12-16 11:13:59 -08:00
Tim Gross 1785822386
template: trigger change_mode for dynamic secrets on restore (#9636)
When a task is restored after a client restart, the template runner will
create a new lease for any dynamic secret (ex. Consul or PKI secrets
engines). But because this lease is being created in the prestart hook, we
don't trigger the `change_mode`.

This changeset uses the the existence of the task handle to detect a
previously running task that's been restored, so that we can trigger the
template `change_mode` if the template is changed, as it will be only with
dynamic secrets.
2020-12-16 13:36:19 -05:00
Michael Schurter e5c54708a7 docs: add #9625 to changelog 2020-12-16 09:50:10 -08:00
Seth Hoenig 283be57d30 docs: add two connect entries to changelog
https://github.com/hashicorp/nomad/pull/9624
https://github.com/hashicorp/nomad/pull/9611
2020-12-16 11:02:12 -06:00
Tim Gross 782c05f8c0
cni: prevent NPE if no interface has sandbox field set
When we iterate over the interfaces returned from CNI setup, we filter for one
with the `Sandbox` field set. Ensure that if none of the interfaces has that
field set that we still return an available interface.
2020-12-16 10:36:03 -05:00
Mahmood Ali de954da350
docker: introduce a new hcl2-friendly mount syntax (#9635)
Introduce a new more-block friendly syntax for specifying mounts with a new `mount` block type with the target as label:

```hcl
config {
  image = "..."

  mount {
    type = "..."
    target = "target-path"
    volume_options { ... }
  }
}
```

The main benefit here is that by `mount` being a block, it can nest blocks and avoids the compatibility problems noted in https://github.com/hashicorp/nomad/pull/9634/files#diff-2161d829655a3a36ba2d916023e4eec125b9bd22873493c1c2e5e3f7ba92c691R128-R155 .

The intention is for us to promote this `mount` blocks and quietly deprecate the `mounts` type, while still honoring to preserve compatibility as much as we could.

This addresses the issue in https://github.com/hashicorp/nomad/issues/9604 .
2020-12-15 14:13:50 -05:00
Drew Bailey 54becaab7d
Events/acl events (#9595)
* fix acl event creation

* allow way to access secretID without exposing it to stream

test that values are omitted

test event creation

test acl events

payloads are pointers

fix failing tests, do all security steps inside constructor

* increase time

* ignore empty tokens

* uncomment line

* changelog
2020-12-11 10:40:50 -05:00
Seth Hoenig ead89d3a2b
docs: fixup changelog
Co-authored-by: Tim Gross <tgross@hashicorp.com>
2020-12-09 11:27:12 -06:00
Seth Hoenig b51459a879 consul/connect: interpolate connect block
This PR enables job submitters to use interpolation in the connect
block of jobs making use of consul connect. Before, only the name of
the connect service would be interpolated, and only for a few select
identifiers related to the job itself (#6853). Now, all connect fields
can be interpolated using the full spectrum of runtime parameters.

Note that the service name is interpolated at job-submission time,
and cannot make use of values known only at runtime.

Fixes #7221
2020-12-09 09:10:00 -06:00
Michael Schurter b70f5f2ff3 docs: fix cpu comment for 10->1 to 20->1
Reported by https://github.com/hashicorp/nomad/pull/8996/files#r538702174
2020-12-08 10:59:19 -08:00
Michael Schurter acd607ee68 docs: add the release date for 1.0 2020-12-08 09:27:26 -08:00
Tim Gross 82aad26330 changelog entry for #9495 2020-12-08 09:21:52 -05:00
davemay99 36022c9c59 nomad operator debug changelog / doc updates 2020-12-08 08:51:45 -05:00
Tim Gross ead6f801d8 changelog entry for #8822 2020-12-07 11:25:37 -05:00
James Rasell be48e89d6c
Merge pull request #9523 from hashicorp/b-improve-consul-template-dep-upgrade-detail-1.0.0
CHANGELOG: amend consul-template dep update to ref correct version.
2020-12-04 16:15:50 +01:00
Drew Bailey f37acc71ba
remove prerelease bug fix from GA changelog (#9524) 2020-12-04 10:15:21 -05:00
James Rasell 58f8afed50
CHANGELOG: amend consul-template dep update to ref correct version. 2020-12-04 14:43:18 +01:00
Drew Bailey 17de8ebcb1
API: Event stream use full name instead of Eval/Alloc (#9509)
* use full name for events

use evaluation and allocation instead of short name

* update api event stream package and shortnames

* update docs

* make sync; fix typo

* backwards compat not from 1.0.0-beta event stream api changes

* use api types instead of string

* rm backwards compat note that only changed between prereleases

* remove backwards incompat that only existed in prereleases
2020-12-03 11:48:18 -05:00
Tim Gross d286d941dc docker: kill signal API should include timeout context
When the Docker driver kills as task, we send a request via the Docker API for
dockerd to fire the signal. We send that signal and then block for the
`kill_timeout` waiting for the container to exit. But if the Docker API
blocks, we will block indefinitely because we haven't configured the API call
with the same timeout.

This changeset is a minimal intervention to add the timeout to the Docker API
call _only_ when we have the `kill_timeout` set. Future work should examine
whether we should be threading contexts through other `go-dockerclient` API
calls.
2020-12-02 16:51:57 -05:00
Seth Hoenig 3b2b083cbf
Merge pull request #9487 from hashicorp/f-connect-sidecar-concurrency
consul/connect: default envoy concurrency to 1
2020-12-01 15:51:41 -06:00
Seth Hoenig bf857684d1 consul/connect: default envoy concurrency to 1
Previously, every Envoy Connect sidecar would spawn as many worker
threads as logical CPU cores. That is Envoy's default behavior when
`--concurrency` is not explicitly set. Nomad now sets the concurrency
flag to 1, which is sensible for the default cpu = 250 Mhz resources
allocated for sidecar proxies. The concurrency value can be configured
in Client configuration by setting `meta.connect.proxy_concurrency`.

Closes #9341
2020-12-01 13:12:45 -06:00
Michael Schurter ea0e1789f4
Merge pull request #9435 from hashicorp/f-allocupdate-timer
client: always wait 200ms before sending updates
2020-12-01 08:45:17 -08:00
Drew Bailey a0b7f05a7b
Remove Managed Sinks from Nomad (#9470)
* Remove Managed Sinks from Nomad

Managed Sinks were a beta feature in Nomad 1.0-beta2. During the beta
period it was determined that this was not a scalable approach to
support community and third party sinks.

* update comment

* changelog
2020-11-30 14:00:31 -05:00
Michael Schurter b7c4d16a78 docs: add #9435 to changelog 2020-11-30 10:27:13 -08:00
Seth Hoenig e81e9223ef consul/connect: enable setting datacenter in connect upstream
Before, upstreams could only be defined using the default datacenter.
Now, the `datacenter` field can be set in a connect upstream definition,
informing consul of the desire for an instance of the upstream service
in the specified datacenter. The field is optional and continues to
default to the local datacenter.

Closes #8964
2020-11-30 10:38:30 -06:00
Tim Gross 8ba9bde2ff changelog entries for CSI 2020-11-25 16:44:20 -05:00
Mahmood Ali b2a8752c5f
honor task user when execing into raw_exec task (#9439)
Fix #9210 .

This update the executor so it honors the User when using nomad alloc exec. The bug was that the exec task didn't honor the init command when execing.
2020-11-25 09:34:10 -05:00
Seth Hoenig 3fe3259d32 docs: update changelog with group/task network labels fix 2020-11-23 12:56:54 -06:00
Chris Baker a659091fd9 api: Event().Stream() should use the index parameter 2020-11-21 16:49:52 +00:00
Michael Schurter 85b71e76f7 docs: add 0.12.9, 0.11.8, and 0.10.9 to changelog
upstream fix: #9383

backport PRs: #9391, #9402, and #9405
2020-11-19 14:23:42 -08:00
Chris Baker a207050f01 changelog for #9368 2020-11-16 16:52:40 +00:00
Seth Hoenig 4cc3c01d5b
Merge pull request #9352 from hashicorp/f-artifact-headers
jobspec: add support for headers in artifact stanza
2020-11-13 14:04:27 -06:00
Seth Hoenig bb8a5816a0 jobspec: add support for headers in artifact stanza
This PR adds the ability to set HTTP headers when downloading
an artifact from an `http` or `https` resource.

The implementation in `go-getter` is such that a new `HTTPGetter`
must be created for each artifact that sets headers (as opposed
to conveniently setting headers per-request). This PR maintains
the memoization of the default Getter objects, creating new ones
only for artifacts where headers are set.

Closes #9306
2020-11-13 12:03:54 -06:00
Michael Schurter 156410807f docs: mention upgrade to Go 1.15.5 2020-11-12 14:23:32 -08:00
Jasmine Dahilig aa5587f5df changelog: added poststop to task lifecycle 2020-11-12 08:56:46 -08:00
Mahmood Ali ed6968ade8 changelog: Update 0.12.8 and backported releases 2020-11-12 08:41:03 -05:00
Mahmood Ali bd654c4020 tweak 1.0 changelog 2020-11-12 08:40:49 -05:00
Seth Hoenig b19bc6be2b consul: prevent re-registration churn by correctly comparing sidecar tags
Previously, connect sidecars would be re-registered with consul every cycle
of Nomad's reconciliation loop around Consul service registrations. This is
because part of the comparison used `reflect.DeepEqual` on []string objects,
which returns false when one object is `[]string{}` and the other is `[]string{}(nil)`.

Unforunately, this was always the case, and every Connect sidecar service
would be re-registered on every iteration, which happens every 30 seconds.
2020-11-11 18:01:17 -06:00
Mahmood Ali a89da9982d
raw_exec: don't use cgroups when no_cgroup is set (#9328)
When raw_exec is configured with [`no_cgroups`](https://www.nomadproject.io/docs/drivers/raw_exec#no_cgroups), raw_exec shouldn't attempt to create a cgroup.

Prior to this change, we accidentally always required freezer cgroup to do stats PID tracking. We already have the proper fallback in place for metrics, so only need to ensure that we don't create a cgroup for the task.

Fixes https://github.com/hashicorp/nomad/issues/8565
2020-11-11 16:20:34 -05:00
Chris Baker d41d7dcad2 added changelog entry for 9311 and re-ordered changelog entries to respect secondary short-to-long ordering 2020-11-11 19:59:10 +00:00
Chris Baker fbe3670b74
Merge pull request #9317 from hashicorp/f-recommendations-cli-autocomplete
recommendations CLI: autocomplete support
2020-11-11 12:04:23 -06:00
Chris Baker 26469093cd
Merge pull request #9312 from hashicorp/b-9227-scaling-policy-filtering
use both job and type query on scaling policy list endpoint
2020-11-11 12:04:06 -06:00
Tim Gross 0ef0b17b82
docker: disallow volume mounts from host by default (#9321)
The default behavior for `docker.volumes.enabled` is intended to be `false`,
but the HCL schema defaults to `true` if the value is unset. Set the default
literal value to `true`.

Additionally, Docker driver mounts of type "volume" (but not "bind") are not
being properly sandboxed with that setting. Disable Docker mounts with type
"volume" entirely whenever the `docker.volumes.enabled` flag is set to
false. Note this is unrelated to the `volume_mount` feature, which is
constrained to preconfigured host volumes or whatever is mounted by a CSI
plugin.

This changeset includes updates to unit tests that should have been failing
under the documented behavior but were not.
2020-11-11 10:03:46 -05:00
Chris Baker 4fc913eb8c
Merge branch 'master' into b-9227-scaling-policy-filtering 2020-11-11 07:50:01 -06:00
Drew Bailey 11a0dc87ed
changelog for enterprise bug (#9320) 2020-11-11 08:32:16 -05:00
Chris Baker d297083d6b changelog 2020-11-11 11:57:04 +00:00
Chris Baker 53aa5e75c9 fix #9227: use both job and type query on scaling policy list endpoint 2020-11-10 23:26:35 +00:00
Michael Schurter 49c92433af
Merge pull request #9305 from hashicorp/go-1.15.4
go: update from 1.15.1 to 1.15.4
2020-11-10 10:34:43 -08:00
Mahmood Ali cac55f8991 update changelog
[ci skip]
2020-11-10 12:50:34 -05:00
Michael Schurter 1a4fe89866 docs: add go upgrade to changelog 2020-11-10 08:38:05 -08:00
Seth Hoenig 7427da2a41
Merge pull request #9299 from hashicorp/b-detect-unloaded-kmod
client/fingerprint: detect unloaded dynamic bridge kernel module
2020-11-10 08:24:28 -06:00
Luiz Aoqui fb0faa657c
add CHANGELOG entry for #9296 2020-11-09 15:26:38 -05:00
Seth Hoenig bbd6ab6167 docs: add changelog entry 2020-11-09 14:16:33 -06:00
Chris Baker be32fb7d3c updated Allocation.List to properly handle ACL checking for namespace=* 2020-11-05 17:26:33 +00:00
Mahmood Ali be11f735c2
Merge pull request #9205 from hashicorp/b-gh-7703
Repurpose dispatch-job capability to dispatch periodic jobs
2020-11-02 13:11:58 -05:00
Mahmood Ali a3755d526c update docs and changelog 2020-11-02 12:44:03 -05:00
Charlie Voiselle b762680102
CHANGELOG entry for #9225
changelog entry for https://github.com/hashicorp/nomad/pull/9225
2020-11-01 13:36:56 -05:00
Tim Gross 8b93397e5d
changelog entry for #8967 (#9164) 2020-10-23 14:27:32 -04:00
Michael Schurter dc5d16bd9e
Merge pull request #9135 from hashicorp/f-namespaces
core: open source namespaces
2020-10-23 10:23:55 -07:00
Tim Gross 10b6551065
docs: add regression warning for GH-9148 to upgrade guide (#9157)
* docs: add regression warning for GH-9148 to upgrade guide
* changelog entry
2020-10-23 10:05:56 -04:00
Michael Schurter 2c78d6cb5d docs: namespaces are oss in Nomad 1.0 2020-10-22 15:26:32 -07:00
Tim Gross 07fba1c92c changelog entry 2020-10-21 14:34:12 -04:00
Tim Gross 9b8d10875b
changelog entry for #9093 (#9132) 2020-10-20 16:20:23 -04:00
Seth Hoenig 59acc1ca1d docs: update changelog for canary meta 2020-10-20 12:54:30 -05:00
Michael Lange ef5eabc79a
Merge pull request #9105 from hashicorp/d/topo-changelog
Changelog entry for topo viz
2020-10-16 09:29:34 -07:00
Nick Ethier 4903e5b114
Consul with CNI and host_network addresses (#9095)
* consul: advertise cni and multi host interface addresses

* structs: add service/check address_mode validation

* ar/groupservices: fetch networkstatus at hook runtime

* ar/groupservice: nil check network status getter before calling

* consul: comment network status can be nil
2020-10-15 15:32:21 -04:00
Michael Lange 3917695602 Changelog entry for topo viz 2020-10-15 12:11:16 -07:00
Tim Gross eff5f6949c
changelog entry for Docker config image_delay fix (#9104) 2020-10-15 15:09:34 -04:00
Michael Schurter ea55c497b7
Merge pull request #9094 from hashicorp/f-1.0
s/0.13/1.0/g
2020-10-15 08:53:33 -07:00
James Rasell 3afce2e860
Merge pull request #9084 from hashicorp/f-gh-9083-docs
docs: update website and changelog for GH-9083
2020-10-15 08:41:05 +02:00
Michael Schurter 9c3972937b s/0.13/1.0/g
1.0 here we come!
2020-10-14 15:17:47 -07:00
Michael Schurter dd09fa1a4a
Merge pull request #9055 from hashicorp/f-9017-resources
api: add field filters to /v1/{allocations,nodes}
2020-10-14 14:49:39 -07:00
Drew Bailey 1215516c95
event stream changelog 2020-10-14 14:27:54 -04:00
Michael Schurter 7c3029b5e6 docs: document #9055 2020-10-14 10:41:32 -07:00
Seth Hoenig f2b1f3fa54 docs: more connect changelog updates 2020-10-14 10:06:53 -05:00
James Rasell 1ff6b4e6d1
changelog: add entry for #9083 2020-10-14 15:23:37 +02:00
Chris Baker c9f7744b0f updated changelog for 9080 2020-10-13 20:18:39 +00:00
Tim Gross 98a70d789e
docs: inclusive language configuration changes (#9069) 2020-10-13 08:02:29 -04:00
Seth Hoenig 5a3748ca82
Merge pull request #9038 from hashicorp/f-ec2-table
env_aws: get ec2 cpu perf data from AWS API
2020-10-12 18:55:33 -05:00
Seth Hoenig 723fc38cf1 docs: tweak changelog ordering 2020-10-12 18:35:26 -05:00
Tim Gross 4335d847a4
Allow job Version to start at non-zero value (#9071)
Stop coercing version of new job to 0 in the state_store, so that we can add
regions to a multi-region deployment. Send new version, rather than existing
version, to MRD to accomodate version-choosing logic changes in ENT.

Co-authored-by: Chris Baker <1675087+cgbaker@users.noreply.github.com>
2020-10-12 13:59:48 -04:00
Seth Hoenig e693d15a5b env_aws: get ec2 cpu perf data from AWS API
Previously, Nomad was using a hand-made lookup table for looking
up EC2 CPU performance characteristics (core count + speed = ticks).

This data was incomplete and incorrect depending on region. The AWS
API has the correct data but requires API keys to use (i.e. should not
be queried directly from Nomad).

This change introduces a lookup table generated by a small command line
tool in Nomad's tools module which uses the Amazon AWS API.

Running the tool requires AWS_* environment variables set.
  $ # in nomad/tools/cpuinfo
  $ go run .

Going forward, Nomad can incorporate regeneration of the lookup table
somewhere in the CI pipeline so that we remain up-to-date on the latest
offerings from EC2.

Fixes #7830
2020-10-08 12:01:09 -05:00
Tim Gross 29a5454894
csi: loosen ValidateVolumeCapability requirements (#9049)
The CSI specification for `ValidateVolumeCapability` says that we shall
"reconcile successful capability-validation responses by comparing the
validated capabilities with those that it had originally requested" but leaves
the details of that reconcilation unspecified. This API is not implemented in
Kubernetes, so controller plugins don't have a real-world implementation to
verify their behavior against.

We have found that CSI plugins in the wild may return "successful" but
incomplete `VolumeCapability` responses, so we can't require that all
capabilities we expect have been validated, only that the ones that have been
validated match. This appears to violate the CSI specification but until
that's been resolved in upstream we have to loosen our validation
requirements. The tradeoff is that we're more likely to have runtime errors
during `NodeStageVolume` instead of at the time of volume registration.
2020-10-08 12:53:24 -04:00
Tim Gross e8c13a2307
csi: validate mount options during volume registration (#9044)
Volumes using attachment mode `file-system` use the CSI filesystem API when
they're mounted, and can be passed mount options. But `block-device` mode
volumes don't have this option. When RPCs are made to plugins, we are silently
dropping the mount options we don't expect to see, but this results in a poor
operator experience when the mount options aren't honored. This changeset
makes passing mount options to a `block-device` volume a validation error.
2020-10-08 09:23:21 -04:00
Tim Gross 82749bd6a6
csi: allow volume detach to take a node ID prefix (#9041)
Fixes a bug where the `nomad volume detach` command would not accept a node ID
prefix instead of a full node ID. The volume ID is already prefix matched
server-side.
2020-10-07 11:14:57 -04:00
Tim Gross 3ceb5b36b1
csi: allow more than 1 writer claim for multi-writer mode (#9040)
Fixes a bug where CSI volumes with the `MULTI_NODE_MULTI_WRITER` access mode
were using the same logic as `MULTI_NODE_SINGLE_WRITER` to determine whether
the volume had writer claims available for scheduling.

Extends CSI claim endpoint test to exercise multi-reader and make sure `WriteFreeClaims`
is exercised for multi-writer in feasibility test.
2020-10-07 10:43:23 -04:00
James Rasell ed7eb77bc7
changelog: add entries for #9023 and #9025 2020-10-06 17:16:55 +02:00
Chris Baker 7f701fddd0 updated docs and validation to further prohibit null chars in region, datacenter, and job name 2020-10-05 18:01:50 +00:00
Chris Baker 23ea7cd27c updated job validate to refute job/group/task IDs containing null characters
updated CHANGELOG and upgrade guide
2020-10-05 18:01:49 +00:00
Tim Gross 12f3249390
changelog entry for Consul segment fingerprint (#9015) 2020-10-05 12:35:34 -04:00
Tim Gross 56a3e910ea
docs: add Consul policy for Consul Namespace support (#9014)
Co-authored-by: Seth Hoenig <shoenig@hashicorp.com>
2020-10-02 15:13:33 -04:00
Fredrik Hoem Grelland a015c52846
configure nomad cluster to use a Consul Namespace [Consul Enterprise] (#8849) 2020-10-02 14:46:36 -04:00
Seth Hoenig a8869bd304 docs: document docker signal fix, add tests
This PR adds a version specific upgrade note about the docker stop
signal behavior. Also adds test for the signal logic in docker driver.

Closes #8932 which was fixed in #8933
2020-10-02 10:06:43 -05:00
Fredrik Hoem Grelland 953d4de8dd
update consul-template to v0.25.1 (#8988) 2020-10-01 14:08:49 -04:00
Tim Gross 7cf000f64e
changelog: azure fingerprint (#9000) 2020-10-01 09:23:52 -04:00
Michael Schurter 765473e8b0 jobspec: lower min cpu resources from 10->1
Since CPU resources are usually a soft limit it is desirable to allow
setting it as low as possible to allow tasks to run only in "idle" time.

Setting it to 0 is still not allowed to avoid potential unintentional
side effects with allowing a zero value. While there may not be any side
effects this commit attempts to minimize risk by avoiding the issue.

This does *not* change the defaults.
2020-09-30 12:15:13 -07:00
Seth Hoenig af9543c997 consul: fix validation of task in group-level script-checks
When defining a script-check in a group-level service, Nomad needs to
know which task is associated with the check so that it can use the
correct task driver to execute the check.

This PR fixes two bugs:
1) validate service.task or service.check.task is configured
2) make service.check.task inherit service.task if it is itself unset

Fixes #8952
2020-09-28 15:02:59 -05:00
Seth Hoenig fd2a31a331 drivers/docker: detect arch for default infra_image
The 'docker.config.infra_image' would default to an amd64 container.
It is possible to reference the correct image for a platform using
the `runtime.GOARCH` variable, eliminating the need to explicitly set
the `infra_image` on non-amd64 platforms.

Also upgrade to Google's pause container version 3.1 from 3.0, which
includes some enhancements around process management.

Fixes #8926
2020-09-23 13:54:30 -05:00
Michael Schurter c79c0ace97 docs: add #8745 to changelog 2020-09-21 08:59:47 -07:00
Tim Gross 378e20ad75
changelog items for community PRs (#8924)
[ci skip]

* https://github.com/hashicorp/nomad/pull/8836
* https://github.com/hashicorp/nomad/pull/8921
2020-09-18 09:12:14 -04:00
Mahmood Ali 59c0c606e8
update changelog with 0.12.5 content (#8923)
[ci skip]
2020-09-17 21:53:12 -04:00
Tim Gross e730afa6ea
changelog entry for #8902 (#8904) 2020-09-16 18:25:49 -04:00
Mahmood Ali ba68554bde
changelog: Tag the ui with the right release (#8883) 2020-09-15 15:21:50 -04:00
Michael Schurter 1544341f09
Merge pull request #8862 from hashicorp/release-0.12.4
Prepare for 0.13 development cycle
2020-09-10 09:14:44 -07:00
Michael Schurter df167e1487 docs: bump 0.12.4 GA date to today 2020-09-09 08:32:50 -07:00
Michael Lange 4b217dc56c Changelog entry for 8833 2020-09-08 14:11:13 -07:00
Tim Gross 903f5c3199 changelog item for CSI socket connect (#8829) 2020-09-04 11:24:01 -04:00
Tim Gross 571365dc62
changelog item for CSI socket connect (#8829) 2020-09-04 11:22:49 -04:00
Michael Schurter 94c0a0c441 docs: update 0.12.4 release date 2020-09-02 08:40:26 -07:00
Mahmood Ali 7b99eea0e4
Changelog catchup (#8808) 2020-09-01 15:24:24 -04:00
Jasmine Dahilig 0203dc9983
Merge pull request #8797 from hashicorp/poststart-changelog
changelog: task lifecycle poststart hook
2020-09-01 10:34:36 -07:00
Seth Hoenig 4f2d84267a
Merge pull request #8803 from hashicorp/docs-cigs-cl
add consul ingress gateways to changelog
2020-09-01 11:33:10 -05:00
Mahmood Ali 79326dcfe9 update changelog 2020-09-01 12:18:04 -04:00
Seth Hoenig 2919341848 add consul ingress gateways to changelog 2020-09-01 10:14:05 -05:00
Mahmood Ali 8e3fc429b2
Merge pull request #8798 from hashicorp/b-esccaping-newline
Fix escapingio handling of `\n~\n`
2020-09-01 10:00:08 -04:00
Mahmood Ali fe65ad60c7 add changelog
[ci skip]
2020-09-01 09:57:41 -04:00
Tim Gross 003ab59b4b
changelog: panic in operator debug command (#8802) 2020-09-01 08:40:04 -04:00
Jasmine Dahilig 42fd2b7aa6 changelog: task lifecycle poststart hook 2020-08-31 14:47:14 -07:00
Tim Gross a20e3f6a74
changelog: global stop, misc bug fix (#8777) 2020-08-28 14:06:36 -04:00
Buck Doyle eadb91e734
Add exec heartbeat keepalive (#8759)
This closes #8727, thanks to @jfcantu for the suggestion.
The CLI implementation of exec already has a 10-second
heartbeat so this mirrors that:
https://github.com/hashicorp/nomad/blob/v0.12.3/api/allocations.go#L161-L173
2020-08-28 10:13:33 -05:00
Lang Martin 42d1b9bb51 CHANGELOG: use consistent indentation for 0.12.4 2020-08-27 18:00:55 -04:00
Lang Martin 1c65a452ba CHANGELOG: csi expected counts 2020-08-27 18:00:55 -04:00
Tim Gross 0e88dc0fec
changelog: batch of bug fixes for 0.12.4 (#8767) 2020-08-27 16:22:46 -04:00
Drew Bailey 1eae711307
fix changelog entry placement 2020-08-27 11:47:01 -04:00
Chris Baker 8b9145fabd state_store/fix the prefix bugs for scaling policies documented in 1a9318 2020-08-27 04:25:37 +00:00
Mahmood Ali 45f549e29e
Merge pull request #8691 from hashicorp/b-reschedule-job-versions
Respect alloc job version for lost/failed allocs
2020-08-25 18:02:45 -04:00
Drew Bailey 91e84a0460
changelog entry for enterprise bug 2020-08-25 11:16:11 -04:00
Mahmood Ali 8a342926b7 Respect alloc job version for lost/failed allocs
This change fixes a bug where lost/failed allocations are replaced by
allocations with the latest versions, even if the version hasn't been
promoted yet.

Now, when generating a plan for lost/failed allocations, the scheduler
first checks if the current deployment is in Canary stage, and if so, it
ensures that any lost/failed allocations is replaced one with the latest
promoted version instead.
2020-08-19 09:52:48 -04:00
James Rasell 39351e1902
changelog: add entry for GH-8142. 2020-08-17 08:58:50 +01:00
James Rasell b797341ab7
changelog: add entry for GH-8589. 2020-08-14 09:40:09 +01:00
Drew Bailey f8c7f94721
prepare release 2020-08-13 17:26:02 -04:00
Lang Martin e32f128435
CHANGELOG 0.12.3 (#8668) 2020-08-13 13:43:47 -04:00
Drew Bailey 65d124c413
fix date for 0.12.2 release 2020-08-12 10:55:19 -04:00
Drew Bailey 769a32a871
update changelog for 0.12.2 release 2020-08-12 10:54:29 -04:00
Buck Doyle 8d8177e9c2
Add CHANGELOG updates (#8644) 2020-08-11 16:21:14 -05:00
Lang Martin 15b55c500d
CHANGELOG entries for 0.12.2 (#8643) 2020-08-11 16:36:42 -04:00
Mahmood Ali fa57dbffa9
changelog vault fix (#8642) 2020-08-11 16:16:24 -04:00
Tim Gross 8ff8dde618
changelog entries for 0.12.2 CSI work (#8620) 2020-08-10 16:47:26 -04:00
Seth Hoenig fd4804bf26 consul: able to set pass/fail thresholds on consul service checks
This change adds the ability to set the fields `success_before_passing` and
`failures_before_critical` on Consul service check definitions. This is a
feature added to Consul v1.7.0 and later.
  https://www.consul.io/docs/agent/checks#success-failures-before-passing-critical

Nomad doesn't do much besides pass the fields through to Consul.

Fixes #6913
2020-08-10 14:08:09 -05:00
Tim Gross ff23be46d9
changelog entry for MRD bugfix (#8625) 2020-08-10 14:29:30 -04:00
Seth Hoenig d58a1f1311 docs: add cl entry for connect native bridge mode 2020-08-10 13:21:26 -05:00
Michael Schurter 8d5e4f160e
Merge pull request #8601 from hashicorp/build-go1.14.7
build: update from Go 1.14.6 to Go 1.14.7
2020-08-07 15:30:33 -07:00
Michael Schurter 98c9af95d4 docs: add v0.11.4 release to master changelog 2020-08-07 12:11:57 -07:00
Michael Schurter c7c603eda5 build: update from Go 1.14.6 to Go 1.14.7
Go 1.14.7 fixes CVE-2020-16845 which is not believed to impact Nomad.
2020-08-06 11:50:29 -07:00
Chris Baker 07e8b405d2
Update CHANGELOG.md
Co-authored-by: Mahmood Ali <mahmood@hashicorp.com>
2020-07-31 11:14:13 -05:00
Chris Baker e920bd22bb
Update CHANGELOG.md
Co-authored-by: Mahmood Ali <mahmood@hashicorp.com>
2020-07-31 11:13:40 -05:00
Chris Baker 8ba61e60d6
Update CHANGELOG.md
label in changelog listed wrong issue number
2020-07-31 11:05:53 -05:00
Mahmood Ali 490b9ce3a0
Handle Scaling Policies in Job Plan endpoint (#8567)
Fixes https://github.com/hashicorp/nomad/issues/8544

This PR fixes a bug where using `nomad job plan ...` always report no change if the submitted job contain scaling.

The issue has three contributing factors:
1. The plan endpoint doesn't populate the required scaling policy ID; unlike the job register endpoint
2. The plan endpoint suppresses errors on job insertion - the job insertion fails here, because the scaling policy is missing the required ID
3. The scheduler reports no update necessary when the relevant job isn't in store (because the insertion failed)

This PR fixes the first two factors.  Changing the scheduler to be more strict might make sense, but may violate some idempotency invariant or make the scheduler more brittle.
2020-07-30 12:27:36 -04:00
Michael Lange b7ade13e85 Add scaling observability feature to the changelog 2020-07-29 22:27:54 -07:00
Michael Schurter 1a997b81ab docs: add #8553 to changelog
Fix some capitalization too.
2020-07-29 14:33:20 -07:00
Drew Bailey e212c24f9e
update changelog for enterprise vault namespacesp (#8542)
* update changelog for enterprise vault namespacesp

* Update CHANGELOG.md

Co-authored-by: Seth Hoenig <shoenig@hashicorp.com>

Co-authored-by: Seth Hoenig <shoenig@hashicorp.com>
2020-07-29 09:45:35 -04:00
Tim Gross e604220084
docs and changelog entry for nomad volume deregister -force (#8537) 2020-07-24 15:13:11 -04:00
James Rasell b4ca4e09c5
changelog: add entry for GH-8530. 2020-07-24 14:45:07 +02:00
James Rasell 5980877931
changelog: add entry for GH-8481 2020-07-24 10:05:14 +02:00
Mahmood Ali 5068dcb6fc
update changelog for GH-7785 (#8522) 2020-07-23 14:45:21 -04:00
Drew Bailey 2070ed2c62
Update CHANGELOG.md
Co-authored-by: Mahmood Ali <mahmood@hashicorp.com>
2020-07-23 14:24:31 -04:00
Drew Bailey 96f4d7a6c7
0.12.2 version and changelog placeholder 2020-07-23 14:21:55 -04:00
Drew Bailey 82a3c6cc98
update changelog for 0.12.1 release 2020-07-23 08:50:03 -04:00
Michael Lange 4a1184b418
Merge pull request #8509 from hashicorp/b-ui/view-raw-include-region
UI: Include the region query param on the View Raw File link in the task fs explorer
2020-07-22 14:20:59 -07:00
Michael Lange 5a2dc526cf Add changelog entry for view raw file region bug fix 2020-07-22 14:05:58 -07:00
Mahmood Ali 9a24960898 changelog node networks change 2020-07-22 13:56:52 -04:00
Buck Doyle 9e3ae523d6
Fix layout of title component elements (#8495)
The spacing has been broken for job types that use this yield
(parameterised and periodic) since I added the exec button
to this template. This could be further refined to allow a more
logical grouping of elements where buttons and tags are
separate.
2020-07-22 11:30:58 -05:00
Michael Lange e398497a99 Add orphaned job detail page hanging bugfix to changelog 2020-07-21 21:57:15 -07:00
Michael Lange 588c1217cf Changelog entry for the region qp bug fix 2020-07-21 09:02:39 -07:00
Drew Bailey 59d8f7acce
changelog for license apply bug (#8482) 2020-07-21 11:32:19 -04:00
Mahmood Ali b614d0a67b
docs: enabled option for nvidia device plugin (#8480) 2020-07-21 10:14:32 -04:00
Mahmood Ali 9c4bde5d9f
Changelog updates and tweaks (#8479) 2020-07-21 08:05:20 -04:00
Buck Doyle abbdf00988
Update CHANGELOG with 8460 and 8463 (#8474) 2020-07-20 16:21:35 -05:00
Tim Gross 1df0f1a73f
changelog for host_network bug (#8469) 2020-07-20 13:33:49 -04:00
Mahmood Ali 4f2e09807f update changelog 2020-07-20 12:14:25 -04:00
Tim Gross 280c2de3e2
changelog item for MRD canary bugfix (#8465) 2020-07-20 11:36:24 -04:00
Michael Schurter db14a4d19c build: update from Go 1.14.4 to Go 1.14.5
Go 1.14.4 contains two CVEs which are fixed in 1.14.5:

 - [CVE-2020-15586](https://golang.org/issue/34902)
 - [CVE-2020-14039](https://golang.org/issue/39360)

Upon consideration with HashiCorp security these CVEs are considered low
severity for Nomad and no new security fix binary will be released.
2020-07-15 09:49:06 -07:00
Tim Gross 941fca3926
changelog for MRD datacenters validation (#8429) 2020-07-13 14:03:40 -04:00
Michael Lange 733151a18f Changelog addition 2020-07-10 15:31:25 -07:00
Michael Lange 069d67cbbf Changelog additions 2020-07-10 15:20:25 -07:00
Seth Hoenig 90318d9436 docs: update changelog for vault policies lookup fix 2020-07-10 13:14:12 -05:00
Buck Doyle b9708dedcc
Add #8409 to changelog (#8414) 2020-07-10 07:53:46 -05:00
Chris Baker 6a06a05731 updated changelog for 0.12.1 2020-07-09 16:53:18 +00:00
Chris Baker e51b1ede7b added release date to 0.12.0 CHANGELOG 2020-07-08 21:20:31 +00:00
Seth Hoenig 8e75b9f348 docs: update changelog with note for go modules switch 2020-07-08 14:49:39 -05:00
Seth Hoenig 5b1c0fe4fc docs: update changelog with some connect fixes 2020-07-08 14:46:45 -05:00
Chris Baker 098ccd23b8 added changelog entry for #8360 2020-07-04 19:10:24 +00:00
Lang Martin 496aab94aa
CHANGELOG agent host (#8346) 2020-07-02 14:09:33 -04:00
Mahmood Ali 4436d6861f changelog for sidecar bug 2020-07-02 12:10:26 -04:00
Lang Martin 717741a4cb
doc: nomad debug cli (#8278)
* doc: nomad debug cli

* CHANGELOG

* website/data/docs-navigation: add debug to navigation

* contributing/checklist-command: add website nav link to checklist
2020-06-25 13:48:27 -04:00
Mahmood Ali 4f1df4af40
Merge pull request #8261 from hashicorp/f-disable-host-volume-by-default
Restrict Host filesystem access in Docker and Qemu
2020-06-25 07:51:13 -04:00
Mahmood Ali 86b84eb936 add github issue links
[ci skip]
2020-06-25 07:50:29 -04:00
Seth Hoenig 4c71c0c155 docs: tweak changelog wording for multiregion deployments 2020-06-24 15:33:35 -05:00
Seth Hoenig 4563859e1b docs: update changelog for connect native 2020-06-24 14:44:43 -05:00
Mahmood Ali 2d64a404e6 docs: update docs for host path flags 2020-06-24 08:03:56 -04:00
Tim Gross 3b84c2d464
changelog for CSI volume context (#8243) 2020-06-22 14:49:56 -04:00
Michael Lange a113346728
Merge pull request #8227 from hashicorp/d-ui/changelog-entries
UI changelog entries for 0.12
2020-06-22 08:50:03 -07:00
Mahmood Ali 12ae1cb6cc changelog: 0.11.3 fixes a unresponsiveness bug 2020-06-22 10:31:24 -04:00
Michael Lange f79ad482fb
Merge branch 'master' into d-ui/changelog-entries 2020-06-19 16:29:34 -07:00
Michael Lange d28b630b46 UI changelog entries for 0.12 2020-06-19 15:55:02 -07:00
Michael Schurter d9a946dae2 docs: add CNI and MIN to changelog for 0.12-beta1 2020-06-19 15:52:18 -07:00
Mahmood Ali a5c19d43ab update changelog 2020-06-19 10:18:00 -04:00
Chris Baker fe9d654640
Merge pull request #8187 from hashicorp/f-8143-block-scaling-during-deployment
modify Job.Scale RPC to return an error if there is an active deployment
2020-06-17 14:38:55 -05:00
Tim Gross ca5161a8b7
changelog for multiregion deployments (#8188) 2020-06-17 14:14:04 -04:00
Chris Baker cd903218f7 added changelog entry and satisfied make check 2020-06-17 17:43:45 +00:00
Chris Baker 6a43aa31a5 changelog for -persist-counts, #8168 2020-06-16 18:45:29 +00:00
Michael Schurter 0db933b678
Merge pull request #8172 from hashicorp/go-1.14.4
build: update from Go 1.14.3 to Go 1.14.4
2020-06-16 10:22:33 -07:00
Michael Schurter b3f9c241b8 docs: add go bump to changelog 2020-06-16 10:07:06 -07:00
Seth Hoenig 7ed64211ee docs: update changelog for memory swap fix 2020-06-16 11:08:15 -05:00
Drew Bailey 4cabf70bb2
move bugfix to correct version (#8170) 2020-06-16 11:53:43 -04:00
James Rasell 5d5767901d
changelog: add entry for GH-8161 2020-06-16 17:39:47 +02:00
Chris Baker 322a97abb9 changelog for 8167 2020-06-16 12:43:35 +00:00
Drew Bailey 84afc28ceb
only report tasklogger is running if both stdout and stderr are still running (#8155)
* only report tasklogger is running if both stdout and stderr are still running

* changelog
2020-06-12 09:17:35 -04:00
Chris Baker b575f6170c changelog updates from release-0.11.3 2020-06-05 19:29:57 +00:00
Lang Martin ac7c39d3d3
Delayed evaluations for stop_after_client_disconnect can cause unwanted extra followup evaluations around job garbage collection (#8099)
* client/heartbeatstop: reversed time condition for startup grace

* scheduler/generic_sched: use `delayInstead` to avoid a loop

Without protecting the loop that creates followUpEvals, a delayed eval
is allowed to create an immediate subsequent delayed eval. For both
`stop_after_client_disconnect` and the `reschedule` block, a delayed
eval should always produce some immediate result (running or blocked)
and then only after the outcome of that eval produce a second delayed
eval.

* scheduler/reconcile: lostLater are different than delayedReschedules

Just slightly. `lostLater` allocs should be used to create batched
evaluations, but `handleDelayedReschedules` assumes that the
allocations are in the untainted set. When it creates the in-place
updates to those allocations at the end, it causes the allocation to
be treated as running over in the planner, which causes the initial
`stop_after_client_disconnect` evaluation to be retried by the worker.
2020-06-03 09:48:38 -04:00
Seth Hoenig 4bfa0548d9
Merge pull request #8087 from hashicorp/f-docker-mem-config
driver/docker: enable setting hard/soft memory limits
2020-06-01 12:16:55 -05:00
Seth Hoenig 2a25ba0493
docs: fix markdown for field in changelog
Co-authored-by: Michael Schurter <mschurter@hashicorp.com>
2020-06-01 10:52:12 -05:00
Chris Baker cb5d36bf4a
Merge pull request #8086 from hashicorp/docs-add-go-redirect-fix-changelog
docs: add go-getter redirect fix to changelog
2020-06-01 10:16:20 -05:00
Drew Bailey d3fb093082
license changelog (#8088) 2020-06-01 11:07:54 -04:00
Seth Hoenig d10a018283 docs: update docs & changelog for docker driver memory_hard_limit configuration 2020-06-01 09:24:49 -05:00
Seth Hoenig 0485824cd3 docs: add go-getter redirect fix to changelog 2020-06-01 09:01:35 -05:00
Buck Doyle 9c0f85d7b6
UI: add filesystem browsing for allocations (#7951)
This partially addresses #7799.

Task state filesystems are contained within a subdirectory of their
parent allocation, so almost everything that existed for browsing task
state filesystems was applicable to browsing allocations, just without
the task name prepended to the path. I aimed to push this differential
handling into as few contained places as possible.

The tests also have significant overlap, so this includes an extracted
behavior to run the same tests for allocations and task states.
2020-06-01 08:15:59 -05:00
Mahmood Ali fdacbc37e0 update changelog 2020-05-27 15:07:11 -04:00
Tim Gross 65b2672f16
changelog items for CSI in 0.11.3 (#8064) 2020-05-27 13:50:34 -04:00
Seth Hoenig b992ba8dee
Merge pull request #8018 from hashicorp/b-sidecar-task-resources-npe
api: canonicalize connect components
2020-05-26 09:19:02 -05:00
Seth Hoenig 7ab61709f3 docs: update changelog with sidecar task resources fix 2020-05-19 11:49:59 -06:00