Commit graph

441 commits

Author SHA1 Message Date
Tim Gross fbf98543f2 clarify raw_exec doesn't have filesystem isolation 2020-10-16 11:38:23 -04:00
Tim Gross 8fb55a2148 Apply suggestions from code review
Co-authored-by: Charlie Voiselle <464492+angrycub@users.noreply.github.com>
2020-10-16 11:02:49 -04:00
Tim Gross a3561a3d96 fix anchor links 2020-10-16 11:02:49 -04:00
Tim Gross 5c4fdd006c docs: clarify task working directories
The terms task directory and allocation directory are used throughout the
documentation but these directories are not the same as the `NOMAD_TASK_DIR`
and `NOMAD_ALLOC_DIR` locations. This is confusing when trying to use the
`template` and `artifact` stanzas, especially when trying to use a destination
outside the Nomad-mounted directories for Docker and similar drivers.

This changeset introduces "allocation working directory" to mean the location
on disk where the various directories and artifacts are staged, and "task
working directory" for the task. Clarify how specific task drivers interact
with the task working directory.
2020-10-16 11:02:49 -04:00
Sahil e83b4d470e
Remove Nomad-spark reference from use-cases.mdx
Removed ref to [Spark](https://github.com/hashicorp/nomad-spark) based on 
2c6092a2a6
2020-10-16 05:41:49 -04:00
Nick Ethier 4903e5b114
Consul with CNI and host_network addresses (#9095)
* consul: advertise cni and multi host interface addresses

* structs: add service/check address_mode validation

* ar/groupservices: fetch networkstatus at hook runtime

* ar/groupservice: nil check network status getter before calling

* consul: comment network status can be nil
2020-10-15 15:32:21 -04:00
Michael Schurter ea55c497b7
Merge pull request #9094 from hashicorp/f-1.0
s/0.13/1.0/g
2020-10-15 08:53:33 -07:00
James Rasell 3afce2e860
Merge pull request #9084 from hashicorp/f-gh-9083-docs
docs: update website and changelog for GH-9083
2020-10-15 08:41:05 +02:00
Michael Schurter 9c3972937b s/0.13/1.0/g
1.0 here we come!
2020-10-14 15:17:47 -07:00
Michael Schurter 7c3029b5e6 docs: document #9055 2020-10-14 10:41:32 -07:00
James Rasell 6f6693aa7f
docs: update configuration to detail ent difference. 2020-10-14 15:23:47 +02:00
Chris Baker 1d35578bed removed backwards-compatible/untagged metrics deprecated in 0.7 2020-10-13 20:18:39 +00:00
Seth Hoenig ed13e5723f consul/connect: dynamically select envoy sidecar at runtime
As newer versions of Consul are released, the minimum version of Envoy
it supports as a sidecar proxy also gets bumped. Starting with the upcoming
Consul v1.9.X series, Envoy v1.11.X will no longer be supported. Current
versions of Nomad hardcode a version of Envoy v1.11.2 to be used as the
default implementation of Connect sidecar proxy.

This PR introduces a change such that each Nomad Client will query its
local Consul for a list of Envoy proxies that it supports (https://github.com/hashicorp/consul/pull/8545)
and then launch the Connect sidecar proxy task using the latest supported version
of Envoy. If the `SupportedProxies` API component is not available from
Consul, Nomad will fallback to the old version of Envoy supported by old
versions of Consul.

Setting the meta configuration option `meta.connect.sidecar_image` or
setting the `connect.sidecar_task` stanza will take precedence as is
the current behavior for sidecar proxies.

Setting the meta configuration option `meta.connect.gateway_image`
will take precedence as is the current behavior for connect gateways.

`meta.connect.sidecar_image` and `meta.connect.gateway_image` may make
use of the special `${NOMAD_envoy_version}` variable interpolation, which
resolves to the newest version of Envoy supported by the Consul agent.

Addresses #8585 #7665
2020-10-13 09:14:12 -05:00
Tim Gross 98a70d789e
docs: inclusive language configuration changes (#9069) 2020-10-13 08:02:29 -04:00
Seth Hoenig 5a3748ca82
Merge pull request #9038 from hashicorp/f-ec2-table
env_aws: get ec2 cpu perf data from AWS API
2020-10-12 18:55:33 -05:00
Lens0021 a7e481c623
docs: fix link in docker driver docs (#9066) 2020-10-12 08:17:07 -04:00
Jimmy Merritello abaac1d72f
[Website] Add new HashiStackMenu (#9042)
* Add new HashiStackMenu

* Bump version

* Bump HSM version and rm meganav styles
2020-10-09 10:39:08 -05:00
Tim Gross ecec432653
csi: allow for volume detach to work with gc'd nodes (#9057)
When we try to prefix match the `nomad volume detach` node ID argument, the
node may have been already GC'd. The volume unpublish workflow gracefully
handles this case so that we can free the claim. So make a best effort to find
a node ID among the volume's claimed allocations, or otherwise just use the
node ID we've been given by the user as-is.
2020-10-09 09:45:03 -04:00
Tim Gross 67817068e0
docs: show distinct_hosts constraint for CSI plugins (#9052)
CSI plugins with the same plugin ID and type (controller, node, monolith) will
collide on a host, both in the communication socket and in the dynamic plugin
registry. Until this can be fixed, leave notice to operators in the
documentation.
2020-10-08 16:55:55 -04:00
Seth Hoenig ccc52c9896 docs: fix linter typos in docs 2020-10-08 13:01:33 -05:00
Seth Hoenig e693d15a5b env_aws: get ec2 cpu perf data from AWS API
Previously, Nomad was using a hand-made lookup table for looking
up EC2 CPU performance characteristics (core count + speed = ticks).

This data was incomplete and incorrect depending on region. The AWS
API has the correct data but requires API keys to use (i.e. should not
be queried directly from Nomad).

This change introduces a lookup table generated by a small command line
tool in Nomad's tools module which uses the Amazon AWS API.

Running the tool requires AWS_* environment variables set.
  $ # in nomad/tools/cpuinfo
  $ go run .

Going forward, Nomad can incorporate regeneration of the lookup table
somewhere in the CI pipeline so that we remain up-to-date on the latest
offerings from EC2.

Fixes #7830
2020-10-08 12:01:09 -05:00
Tim Gross 29a5454894
csi: loosen ValidateVolumeCapability requirements (#9049)
The CSI specification for `ValidateVolumeCapability` says that we shall
"reconcile successful capability-validation responses by comparing the
validated capabilities with those that it had originally requested" but leaves
the details of that reconcilation unspecified. This API is not implemented in
Kubernetes, so controller plugins don't have a real-world implementation to
verify their behavior against.

We have found that CSI plugins in the wild may return "successful" but
incomplete `VolumeCapability` responses, so we can't require that all
capabilities we expect have been validated, only that the ones that have been
validated match. This appears to violate the CSI specification but until
that's been resolved in upstream we have to loosen our validation
requirements. The tradeoff is that we're more likely to have runtime errors
during `NodeStageVolume` instead of at the time of volume registration.
2020-10-08 12:53:24 -04:00
Tim Gross 16913bf3a1
docs: CSI mount_options are available only for filesystem vols (#9043)
The CSI specification allows only the `file-system` attachment mode to have
mount options. The `block-device` mode is left "intentionally empty, for now"
in the protocol. We should be validating against this problem, but our
documentation also had it backwards.

Also adds missing mount_options on group volume.
2020-10-08 08:49:43 -04:00
Ryan Oaks 98bdb9ee2e Update docs site to deploy to Vercel instead of Netlify 2020-10-07 13:49:05 -04:00
Chris Baker 7f701fddd0 updated docs and validation to further prohibit null chars in region, datacenter, and job name 2020-10-05 18:01:50 +00:00
Chris Baker 23ea7cd27c updated job validate to refute job/group/task IDs containing null characters
updated CHANGELOG and upgrade guide
2020-10-05 18:01:49 +00:00
Seth Hoenig e48605809b
Merge pull request #9008 from luhhujbb/doc-portmap
[doc] fix deprecated port_map example
2020-10-05 12:25:53 -05:00
Ryan Oaks da3e4a9e71
Merge pull request #8991 from hashicorp/ro.docs-formatting
docs: Format docs website code and mdx
2020-10-05 10:31:40 -04:00
Kent 'picat' Gruber 5e1c716835
Merge pull request #8998 from hashicorp/keygen-32-bytes
Use 32-byte key for gossip encryption to enable AES-256
2020-10-02 17:17:55 -04:00
Tim Gross 56a3e910ea
docs: add Consul policy for Consul Namespace support (#9014)
Co-authored-by: Seth Hoenig <shoenig@hashicorp.com>
2020-10-02 15:13:33 -04:00
Charlie Voiselle c0eca08bcc
Update docker.mdx (#8913) 2020-10-02 14:54:14 -04:00
Fredrik Hoem Grelland a015c52846
configure nomad cluster to use a Consul Namespace [Consul Enterprise] (#8849) 2020-10-02 14:46:36 -04:00
Ryan Oaks 536aab271d Format docs website code and mdx 2020-10-02 13:31:40 -04:00
Seth Hoenig a8869bd304 docs: document docker signal fix, add tests
This PR adds a version specific upgrade note about the docker stop
signal behavior. Also adds test for the signal logic in docker driver.

Closes #8932 which was fixed in #8933
2020-10-02 10:06:43 -05:00
Jean-Baptiste Besselat ffd085b3d9 [doc] fix deprecated port_map example 2020-10-02 14:39:48 +02:00
Fredrik Hoem Grelland 953d4de8dd
update consul-template to v0.25.1 (#8988) 2020-10-01 14:08:49 -04:00
José Maia 9e14dc90f9
Fix docs on API for volume detaching (#9002)
`nomad volume detach volume-id 00000000-0000-0000-0000-000000000000` produces an API call containing the UUID as part of the query string. This is the only way the API accepts the request correctly - if you pass it in the payload you get `detach requires node ID`
2020-10-01 11:01:13 -04:00
Kent 'picat' Gruber ef36bcfc43 Update nomad operator keygen example command in docs 2020-09-30 17:07:31 -04:00
Kent 'picat' Gruber 4570952fe4 Update server configuration docs to use 32 bytes 2020-09-30 17:03:12 -04:00
Tim Gross 9853653f2a
docs: quota apply does not have a 'name' param (#8983) 2020-09-29 13:58:30 -04:00
Charlie Voiselle 9d85195361
[docs] Update redirects and links for learn.hashicorp.com (#8598)
* Fix links to ACL guides
* Managing Nomad guide links; links in jsx pages
* job updates guide URLS
* node-drain guide URLS
* outage recovery guide links
* fix guide links - sentinel
* fix guide links - namespaces
* fix guide links - quotas
* fix guide links - autopilot
* more guide links.
* more guide links - continued.
* Updating redirects for learn
* Getting Started
* Load Balancing Guides
* update redirects for ui guide
* Consolidate spark redirects to point to GH repo
* operating job update part 1
* finish operating job links; operations guides links.
* finish guide redirects
* coalesce EOL redirects for spark guides.
* one last link
* Checked links and found a few more stray links
* Found more .htmls
* Fixup links for new HC websites
* Post-merge fixups
* linkcheck caught missing ids
2020-09-29 12:48:32 -04:00
Seth Hoenig af9543c997 consul: fix validation of task in group-level script-checks
When defining a script-check in a group-level service, Nomad needs to
know which task is associated with the check so that it can use the
correct task driver to execute the check.

This PR fixes two bugs:
1) validate service.task or service.check.task is configured
2) make service.check.task inherit service.task if it is itself unset

Fixes #8952
2020-09-28 15:02:59 -05:00
Seth Hoenig fd2a31a331 drivers/docker: detect arch for default infra_image
The 'docker.config.infra_image' would default to an amd64 container.
It is possible to reference the correct image for a platform using
the `runtime.GOARCH` variable, eliminating the need to explicitly set
the `infra_image` on non-amd64 platforms.

Also upgrade to Google's pause container version 3.1 from 3.0, which
includes some enhancements around process management.

Fixes #8926
2020-09-23 13:54:30 -05:00
Ryan Oaks 7333335b1c
Merge pull request #8942 from hashicorp/ro.docs-component-update
docs: Update docs platform components
2020-09-22 16:21:35 -04:00
Tim Gross 3fb377b513
docs: fix escaping in job run env vars (#8944) 2020-09-22 14:32:29 -04:00
Ryan Oaks 950de562a1 Update docs platform components 2020-09-22 12:08:57 -04:00
Kris Hicks f9cb793193
docs: fix typo 'thre' -> 'the' (#8937) 2020-09-21 11:52:45 -04:00
Luiz Aoqui f024e6af5f
Merge pull request #8811 from hashicorp/docs/fix-local-service-port
docs: fix type for `local_service_port`
2020-09-17 10:04:36 -04:00
Mahmood Ali 4f3daaaeaa
Merge pull request #8789 from hashicorp/docs-fix-group-link
docs: Fix group link in job spec docs
2020-09-17 08:30:49 -05:00
Brad Phipps 4c983e7374
docs: add missing double quote (#8806) 2020-09-17 09:16:30 -04:00