Enable rkt and docker volume mounting by default

89a1b60c · Michael Schurter · Michael Schurter · 5ed12860 · 89a1b60c · 89a1b60c
Commit 89a1b60c authored 8 years ago by Michael Schurter Committed by Michael Schurter 8 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 16 additions and 17 deletions
+16 -17
--- a/client/driver/docker.go
+++ b/client/driver/docker.go
@@ -65,7 +65,8 @@ const (

 	// dockerVolumesConfigOption is the key for enabling the use of custom
 	// bind volumes.
-	dockerVolumesConfigOption = "docker.volumes.enabled"
+	dockerVolumesConfigOption  = "docker.volumes.enabled"
+	dockerVolumesConfigDefault = true

 	// dockerPrivilegedConfigOption is the key for running containers in
 	// Docker's privileged mode.
@@ -370,7 +371,7 @@ func (d *DockerDriver) Fingerprint(cfg *config.Config, node *structs.Node) (bool
 	node.Attributes["driver.docker.version"] = env.Get("Version")

 	// Advertise if this node supports Docker volumes (by default we do not)
-	if d.config.ReadBoolDefault(dockerVolumesConfigOption, false) {
+	if d.config.ReadBoolDefault(dockerVolumesConfigOption, dockerVolumesConfigDefault) {
 		node.Attributes["driver."+dockerVolumesConfigOption] = "1"
 	}

@@ -397,7 +398,7 @@ func (d *DockerDriver) containerBinds(driverConfig *DockerDriverConfig, alloc *a
 	secretDirBind := fmt.Sprintf("%s:%s", secret, allocdir.TaskSecretsContainerPath)
 	binds := []string{allocDirBind, taskLocalBind, secretDirBind}

-	volumesEnabled := d.config.ReadBoolDefault(dockerVolumesConfigOption, false)
+	volumesEnabled := d.config.ReadBoolDefault(dockerVolumesConfigOption, dockerVolumesConfigDefault)
 	if len(driverConfig.Volumes) > 0 && !volumesEnabled {
 		return nil, fmt.Errorf("%s is false; cannot use Docker Volumes: %+q", dockerVolumesConfigOption, driverConfig.Volumes)
 	}

--- a/client/driver/docker_test.go
+++ b/client/driver/docker_test.go
@@ -998,6 +998,7 @@ func setupDockerVolumes(t *testing.T, cfg *config.Config) (*structs.Task, Driver

 func TestDockerDriver_VolumesDisabled(t *testing.T) {
 	cfg := testConfig()
+	cfg.Options = map[string]string{dockerVolumesConfigOption: "false"}

 	task, driver, execCtx, _, cleanup := setupDockerVolumes(t, cfg)
 	defer cleanup()
@@ -1010,7 +1011,6 @@ func TestDockerDriver_VolumesDisabled(t *testing.T) {

 func TestDockerDriver_VolumesEnabled(t *testing.T) {
 	cfg := testConfig()
-	cfg.Options = map[string]string{dockerVolumesConfigOption: "true"}

 	task, driver, execCtx, hostpath, cleanup := setupDockerVolumes(t, cfg)
 	defer cleanup()

--- a/client/driver/rkt.go
+++ b/client/driver/rkt.go
@@ -46,7 +46,8 @@ const (

 	// rktVolumesConfigOption is the key for enabling the use of custom
 	// bind volumes.
-	rktVolumesConfigOption = "rkt.volumes.enabled"
+	rktVolumesConfigOption  = "rkt.volumes.enabled"
+	rktVolumesConfigDefault = true

 	// rktCmd is the command rkt is installed as.
 	rktCmd = "rkt"
@@ -237,7 +238,7 @@ func (d *RktDriver) Start(ctx *ExecContext, task *structs.Task) (DriverHandle, e

 	// Mount arbitrary volumes if enabled
 	if len(driverConfig.Volumes) > 0 {
-		if enabled := d.config.ReadBoolDefault(rktVolumesConfigOption, false); !enabled {
+		if enabled := d.config.ReadBoolDefault(rktVolumesConfigOption, rktVolumesConfigDefault); !enabled {
 			return nil, fmt.Errorf("%s is false; cannot use rkt volumes: %+q", rktVolumesConfigOption, driverConfig.Volumes)
 		}


--- a/client/driver/rkt_test.go
+++ b/client/driver/rkt_test.go
@@ -265,7 +265,6 @@ func TestRktDriver_Start_Wait_AllocDir(t *testing.T) {
 	}

 	driverCtx, execCtx := testDriverContexts(task)
-	driverCtx.config.Options = map[string]string{rktVolumesConfigOption: "1"}
 	defer execCtx.AllocDir.Destroy()
 	d := NewRktDriver(driverCtx)


--- a/website/source/docs/drivers/docker.html.md
+++ b/website/source/docs/drivers/docker.html.md
@@ -162,8 +162,8 @@ The `docker` driver supports the following configuration in the job spec:
    ```

 * `volumes` - (Optional) A list of `host_path:container_path` strings to bind
-  host paths to container paths. Can only be run on clients with the
-  `docker.volumes.enabled` option set to true.
+  host paths to container paths. Can be disabled on clients by setting the
+  `docker.volumes.enabled` option set to false.

    ```hcl
    config {
@@ -363,9 +363,8 @@ options](/docs/agent/config.html#options):
 * `docker.cleanup.image` Defaults to `true`. Changing this to `false` will
  prevent Nomad from removing images from stopped tasks.

-* `docker.volumes.enabled`: Defaults to `false`. Allows tasks to bind host
-  paths (`volumes`) or other containers (`volums_from`) inside their container.
-  Disabled by default as it removes the isolation between containers' data.
+* `docker.volumes.enabled`: Defaults to `true`. Allows tasks to bind host paths
+  (`volumes`) inside their container.

 * `docker.volumes.selinuxlabel`: Allows the operator to set a SELinux
  label to the allocation and task local bind-mounts to containers. If used

--- a/website/source/docs/drivers/rkt.html.md
+++ b/website/source/docs/drivers/rkt.html.md
@@ -76,8 +76,8 @@ The `rkt` driver supports the following configuration in the job spec:
 * `debug` - (Optional) Enable rkt command debug option.

 * `volumes` - (Optional) A list of `host_path:container_path` strings to bind
-  host paths to container paths. Can only be run on clients with the
-  `rkt.volumes.enabled` option set to true.
+  host paths to container paths. Can be disabled on clients by setting the
+  `rkt.volumes.enabled` option set to false.

    ```hcl
    config {
@@ -97,9 +97,8 @@ over HTTP.
 The `rkt` driver has the following [client configuration
 options](/docs/agent/config.html#options):

-* `rkt.volumes.enabled`: Defaults to `false`. Allows tasks to bind host paths
-  (`volumes`) inside their container.  Disabled by default as it removes the
-  isolation between containers' data.
+* `rkt.volumes.enabled`: Defaults to `true`. Allows tasks to bind host paths
+  (`volumes`) inside their container.

 ## Client Attributes