kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-03 00:45:43 +03:00
Code Issues Packages Projects Releases Wiki Activity
15,247 Commits 1 Branch 0 Tags
80fa207ced1dfbe9db1fa60ea25f4ac4be8939c4
Commit Graph

114 Commits

Author SHA1 Message Date
Mahmood Ali
2cc2e60ded update comment 2019-06-11 13:00:26 -04:00
Mahmood Ali
c72bf13f8a exec: use an independent name=systemd cgroup path 
We aim for containers to be part of a new cgroups hierarchy independent
from nomad agent.  However, we've been setting a relative path as
libcontainer `cfg.Cgroups.Path`, which makes libcontainer concatinate
the executor process cgroup with passed cgroup, as set in [1].

By setting an absolute path, we ensure that all cgroups subsystem
(including `name=systemd` get a dedicated one).  This matches behavior
in Nomad 0.8, and behavior of how Docker and OCI sets CgroupsPath[2]

Fixes #5736

[1] d7edf9b2e4/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go (L326-L340)
[2] 238f8eaa31/vendor/github.com/containerd/containerd/oci/spec.go (L229)
 2019-06-10 22:00:12 -04:00
Mahmood Ali
6217d50803 Fix test comparisons 2019-05-24 21:38:22 -05:00
Mahmood Ali
a1414bd360 Test for expected capabilities specifically 2019-05-24 16:07:05 -05:00
Mahmood Ali
e855738e0c use /bin/bash 2019-05-24 14:50:23 -04:00
Mahmood Ali
1a6454d242 special case root capabilities 2019-05-24 14:10:10 -04:00
Mahmood Ali
3e1b136929 tests: Fix binary dir permissions 2019-05-24 11:31:12 -04:00
Mahmood Ali
67188714a3 fix 2019-05-20 15:30:07 -04:00
Mahmood Ali
82611af925 drivers/exec: Restore 0.8 capabilities 
Nomad 0.9 incidentally set effective capabilities that is higher than
what's expected of a `nobody` process, and what's set in 0.8.

This change restores the capabilities to ones used in Nomad 0.9.
 2019-05-20 13:11:29 -04:00
Lang Martin
568a120e7b Merge pull request #5649 from hashicorp/b-lookup-exe-chroot 
lookup executables inside chroot
 2019-05-17 15:07:41 -04:00
Mahmood Ali
7f76aedfae use pty/tty terminology similar to github.com/kr/pty 2019-05-10 19:17:14 -04:00
Mahmood Ali
976bfbc41a executors: implement streaming exec 
Implements streamign exec handling in both executors (i.e. universal and
libcontainer).

For creation of TTY, some incidental complexity leaked in.  The universal
executor uses github.com/kr/pty for creation of TTYs.

On the other hand, libcontainer expects a console socket and for libcontainer to
create the underlying console object on process start.  The caller can then use
`libcontainer.utils.RecvFd()` to get tty master end.

I chose github.com/kr/pty for managing TTYs here.  I tried
`github.com/containerd/console` package (which is already imported), but the
package did not work as expected on macOS.
 2019-05-10 19:17:14 -04:00
Mahmood Ali
efc4249f85 executor: scaffolding for executor grpc handling 
Prepare executor to handle streaming exec API calls that reuse drivers protobuf
structs.
 2019-05-10 19:17:14 -04:00
Lang Martin
a9da4bac11 executor_linux only do path resolution in the taskDir, not local 
split out lookPathIn to show it's similarity to exec.LookPath
 2019-05-10 11:33:35 -04:00
Lang Martin
60735deb7b executor_linux_test call lookupTaskBin with an ExecCommand 2019-05-08 10:01:51 -04:00
Lang Martin
0c4a45fa16 executor_linux pass the command to lookupTaskBin to get path 2019-05-08 10:01:20 -04:00
Lang Martin
9688710c10 executor/* Launch log at top of Launch is more explicit, trace 2019-05-07 17:01:05 -04:00
Lang Martin
538f387d8d move lookupTaskBin to executor_linux, for os dependency clarity 2019-05-07 16:58:27 -04:00
Lang Martin
2ea860a087 driver_test leave cat in the test, but add cat to the chroot 2019-05-07 16:14:01 -04:00
Lang Martin
bc5eaf6cdb executor_test cleanup old lookupBin tests 2019-05-04 10:21:59 -04:00
Lang Martin
8a7b5c6830 executor lookupTaskBin also does PATH expansion, anchored in taskDIR 2019-05-03 16:22:09 -04:00
Lang Martin
512bc52af5 executor_linux_test test PATH lookup inside the container 2019-05-03 16:21:58 -04:00
Lang Martin
7a2fdf7a2d executor and executor_linux debug launch prep and process start 2019-05-03 14:42:57 -04:00
Lang Martin
103d37d4f9 executor_linux_test new TestExecutor_EscapeContainer 2019-05-03 14:38:42 -04:00
Lang Martin
c16f82bb9a executor_test test for more edges of lookupBin behavior 2019-05-03 11:55:19 -04:00
Lang Martin
83930dcb9c executor_linux call new lookupTaskBin 2019-05-03 11:55:19 -04:00
Lang Martin
4538014cc3 executor split up lookupBin 2019-05-03 11:55:19 -04:00
Mahmood Ali
6747195682 comment on using init() for libcontainer handling 2019-04-19 09:49:04 -04:00
Mahmood Ali
9bf54eae97 comment what refer to 2019-04-19 09:49:04 -04:00
Mahmood Ali
b6af5c9dca Move libcontainer helper to executor package 2019-04-19 09:49:04 -04:00
Mahmood Ali
244544b735 an alternative order 2019-04-02 20:00:54 -04:00
Mahmood Ali
d441cdd52f try not without checking stat first 2019-04-02 19:55:44 -04:00
Mahmood Ali
9adab75ac8 basic test for #4809 2019-04-02 19:50:35 -04:00
Michael Schurter
800bd848c1 Merge pull request #5504 from hashicorp/b-exec-path 
executor/linux: make chroot binary paths absolute
 2019-04-02 14:09:50 -07:00
Michael Schurter
56048bda0a executor/linux: comment this bizarre code 2019-04-02 11:25:45 -07:00
Michael Schurter
21e895e2e7 Revert "executor/linux: add defensive checks to binary path" 
This reverts commit cb36f4537e.
 2019-04-02 11:17:12 -07:00
Michael Schurter
cb36f4537e executor/linux: add defensive checks to binary path 2019-04-02 09:40:53 -07:00
Michael Schurter
254901a51e executor/linux: make chroot binary paths absolute 
Avoid libcontainer.Process trying to lookup the binary via $PATH as the
executor has already found where the binary is located.
 2019-04-01 15:45:31 -07:00
Mahmood Ali
1450197936 comment configureTLogging 2019-04-01 16:52:58 -04:00
Mahmood Ali
714c41185c rename fifo methods for clarity 2019-04-01 16:52:58 -04:00
Mahmood Ali
48259078df avoid opening files just to close them 2019-04-01 13:24:18 -04:00
Mahmood Ali
3fb377ae6e Add test cases for waiting on children 
Also, make the test use files just like in the non-test case.
 2019-04-01 13:24:18 -04:00
Michael Schurter
e162e3b631 Update drivers/shared/executor/executor_test.go 
Co-Authored-By: notnoop <mahmood@notnoop.com>
 2019-03-31 20:34:24 -04:00
Mahmood Ali
d5eea3424a fix test setup 2019-03-26 09:15:22 -04:00
Mahmood Ali
f57cf5a365 test kill wait 2019-03-26 09:15:22 -04:00
Mahmood Ali
a0d025e90d Revert "executor: synchronize exitState accesses" (#5449) 
Reverts hashicorp/nomad#5433

Apparently, channel communications can constitute Happens-Before even for proximate variables, so this syncing isn't necessary.

> _The closing of a channel happens before a receive that returns a zero value because the channel is closed._
https://golang.org/ref/mem#tmp_7
 2019-03-20 07:33:05 -04:00
Nick Ethier
d9d90fa5f0 Merge pull request #5429 from hashicorp/b-blocking-executor-shutdown 
executor: block shutdown on process exiting
 2019-03-19 15:18:01 -04:00
Mahmood Ali
989175fc59 executor: synchronize exitState accesses 
exitState is set in `wait()` goroutine but accessed in a different
`Wait()` goroutine, so accesses must be synchronized by a lock.
 2019-03-17 11:56:58 -04:00
Nick Ethier
c2c984ea50 executor: block shutdown on process exiting 2019-03-15 23:50:17 -04:00
Mahmood Ali
eb5ab38ae5 Regenerate Proto files (#5421) 
Noticed that the protobuf files are out of sync with ones generated by 1.2.0 protoc go plugin.

The cause for these files seem to be related to release processes, e.g. [0.9.0-beta1 preperation](ecec3d38de (diff-da4da188ee496377d456025c2eab4e87)), and [0.9.0-beta3 preperation](b849d84f2f).

This restores the changes to that of the pinned protoc version and fails build if protobuf files are out of sync.  Sample failing Travis job is that of the first commit change: https://travis-ci.org/hashicorp/nomad/jobs/506285085
 2019-03-14 10:56:27 -04:00