This project is mirrored from https://gitee.com/mirrors/nomad.git.
Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
- 06 Sep, 2022 1 commit
-
-
Seth Hoenig authored
This PR makes the Server agent(*) attempt to make a connection with a Client before marking it as NodeStatusDown due to a missed heartbeat. Manually double-checking responsiveness of the Client before marking it down paves over issues where the Client may still be fine, but coordination between Client, the server it is reporting status to, and the leader managing heartbeat timers is not lined up. (*) Who _should_ be the leader, but might not be in the immediate aftermath of something triggering an election. Potentially resolved causes of erroneous down-ed nodes: 1. Stale leader w/ expiring timers marking nodes it should not 2. Overloaded leader not responding to incoming update RPCs before timers expire
-
- 01 Sep, 2022 7 commits
-
-
Luiz Aoqui authored
These options are mutually exclusive but, since `-hcl2-strict` defaults to `true` users had to explicitily set it to `false` when using `-hcl1`. Also return `255` when job plan fails validation as this is the expected code in this situation.
-
Tim Gross authored
Nomad is generally compliant with the CSI specification for Container Orchestrators (CO), except for unimplemented features. However, some storage vendors have built CSI plugins that are not compliant with the specification or which expect that they're only deployed on Kubernetes. Nomad cannot vouch for the compatibility of any particular plugin, so clarify this in the docs. Co-authored-by:
Derek Strickland <1111455+DerekStrickland@users.noreply.github.com>
-
Luiz Aoqui authored
-
James Rasell authored
Log lines which include an error should use the full term "error" as the context key. This provides consistency across the codebase and avoids a Go style which operators might not be aware of.
-
dependabot[bot] authored
Signed-off-by:
dependabot[bot] <support@github.com> Co-authored-by:
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by:
James Rasell <jrasell@hashicorp.com>
-
James Rasell authored
In order to add an E2E test to cover token expiration, the server config has been updated to include a low minimum allowed TTL value. For ease of reading, the max value is also set.
-
Brett Larson authored
It is really unclear on how to use this feature. it took me a while to find this, so I thought I would purpose how to use this.
-
- 31 Aug, 2022 5 commits
-
-
Derek Strickland authored
* Merge release 1.3.5 files * Generate files for 1.3.5 release * Prepare for next release Co-authored-by:
hc-github-team-nomad-core <github-team-nomad-core@hashicorp.com>
-
Luiz Aoqui authored
-
Luiz Aoqui authored
-
James Rasell authored
The ACL command docs are now found within a sub-dir like the operator command docs. Updates to the ACL token commands to accommodate token expiry have also been added. The ACL API docs are now found within a sub-dir like the operator API docs. The ACL docs now include the ACL roles endpoint as well as updated ACL token endpoints for token expiration. The configuration section is also updated to accommodate the new ACL and server parameters for the new ACL features.
-
James Rasell authored
This adds a new ACL test suite to the e2e framework which includes an initial test for ACL roles. The ACL test includes a helper to track and clean created Nomad resources which keeps the test cluster clean no matter if the test fails early or not.
-
- 30 Aug, 2022 11 commits
-
-
Luiz Aoqui authored
PR #12130 refactored the test to use the `wantPeers` helper, but this function only returns the number of voting peers, which in this test should be equal to 2. I think the tests were passing back them because of a bug in Raft (https://github.com/hashicorp/raft/pull/483) where a non-voting server was able to transition to candidate state. One possible evidence of this is that a successful test run would have the following log line: ``` raft@v1.3.5/raft.go:1058: nomad.raft: updating configuration: command=AddVoter server-id=127.0.0.1:9101 server-addr=127.0.0.1:9101 servers="[{Suffrage:Voter ID:127.0.0.1:9107 Address:127.0.0.1:9107} {Suffrage:Voter ID:127.0.0.1:9105 Address:127.0.0.1:9105} {Suffrage:Voter ID:127.0.0.1:9103 Address:127.0.0.1:9103} {Suffrage:Voter ID:127.0.0.1:9101 Address:127.0.0.1:9101}]" ``` This commit reverts the test logic to check for peer count, regardless of voting status.
-
Charlie Voiselle authored
* Update Consul Template dep to support Nomad vars * Remove `Peering` config for Consul Testservers Upgrading to the 1.14 Consul SDK introduces and additional default configuration—`Peering`—that is not compatible with versions of Consul before v1.13.0. because Nomad tests against Consul v1.11.1, this configuration has to be nil'ed out before passing it to the Consul binary.
-
Tim Gross authored
Neither the `os.Setenv` nor `t.Setenv` helper are safe to use in parallel tests because environment variables are process-global. The stdlib panics if you try to do this. Remove the `ci.Parallel()` call from all tests where we're setting environment variables.
-
Tim Gross authored
-
Tim Gross authored
Update the on-disk format for the root key so that it's wrapped with a unique per-key/per-server key encryption key. This is a bit of security theatre for the current implementation, but it uses `go-kms-wrapping` as the interface for wrapping the key. This provides a shim for future support of external KMS such as cloud provider APIs or Vault transit encryption. * Removes the JSON serialization extension we had on the `RootKey` struct; this struct is now only used for key replication and not for disk serialization, so we don't need this helper. * Creates a helper for generating cryptographically random slices of bytes that properly accounts for short reads from the source. * No observable functional changes outside of the on-disk format, so there are no test updates.
-
Tim Gross authored
-
Seth Hoenig authored
cgroups: refactor v2 kill path to use cgroups.kill interface file
-
Seth Hoenig authored
cleanup: tidy up helper package some more
-
quoing authored
"path" parameter doesn't work, should be command
-
James Rasell authored
acl: add token expiration and ACL role functionality
-
James Rasell authored
-
- 29 Aug, 2022 13 commits
-
-
Phil Renaud authored
[ui] Variables Rename
-
Seth Hoenig authored
This PR refactors the cgroups v2 group kill code path to use the cgroups.kill interface file for destroying the cgroup. Previously we copied the freeze + sigkill + unfreeze pattern from the v1 code, but v2 provides a more efficient and more race-free way to handle this. Closes #14371
-
Luiz Aoqui authored
This reverts commit b9fec224.
-
Seth Hoenig authored
cleanup: more cleanup of slices that are really sets
-
Phil Renaud authored
-
Phil Renaud authored
-
Phil Renaud authored
-
Phil Renaud authored
-
Tim Gross authored
-
Seth Hoenig authored
-
Tim Gross authored
-
Tim Gross authored
Variables rename
-
Piotr Kazmierczak authored
Fixes #14367
-
- 26 Aug, 2022 3 commits
-
-
Michael Schurter authored
Nomad reconciles services it expects to be registered in Consul with what is actually registered in the local Consul agent. This is necessary to prevent leaking service registrations if Nomad crashes at certain points (or if there are bugs). When Consul has namespaces enabled, we must iterate over each available namespace to be sure no services were leaked into non-default namespaces. Since this reconciliation happens often, there's no need to require results from the Consul leader server. In large clusters this creates far more load than the "freshness" of the response is worth. Therefore this patch switches the request to AllowStale=true
-
Tim Gross authored
-
Tim Gross authored
-