This had a bug where it was using the `in` operator on a list. It may
have worked for some cases, but would have failed for others.
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
We add a database table, which holds information about the last
timestamp of a log successfully reported to a backend (local or remote).
We then use this value to calculate from which point in time to start
reporting logs from the container. If this is the first time we've seen
a container, we get all logs, and for every log reported we save the
timestamp. If it is not the first time we've seen a container, we
request all logs since the last reported time, ensuring no interruption
of service.
Change-type: minor
Closes: #937
Signed-off-by: Cameron Diver <cameron@balena.io>
Container logging is now handled by a class which attaches and emits
information from the container. We add these to the directory
logging-backends/, and rename it to logging/.
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
We also add a catch to any errors when getting configuration, and send 503 in this case, even if it's
unlikely.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
This commit does two related things:
* We make the poll interval a random time between 0.5 and 1.5 times the configured interval.
* We introduce the BALENA_SUPERVISOR_INSTANT_UPDATE_TRIGGER configuration variable, that defaults to true. If this variable is set
to false, then calls to /v1/update are ignored, and on startup the supervisor waits for a poll interval before getting the target state.
This will help especially on cases where there's a large number of devices on a single network. By disabling instant updates and setting a large
poll interval, we can now achieve a sitation where not all devices apply an update at the same time, which can help avoid
overwhelming the network.
Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
When comparing a stopped container after a start request, the container
ID will be present in the target state (where usually it is not). We
were already filtering this value out of the current state, but
neglected to do so for the target state. This change now ensures we
remove it from both alias lists if it exists.
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
In an edge case observed in the field, a supervisor's database held two applications
because the device had been moved and the update lock was set in the old app. This causes
the updated supervisor to be unable to start, logging "No compatible releases found in API",
because it can't fetch the release for the app it was moved from.
This commit changes the migration code to iterate through all apps, and remove any for which
we can't get a release.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
If the kernel was built with support for ip6tables, there's no need to load the module. This is the case when running
balenaOS in a container in Mac OS, which also can't do modprobes easily.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
Before this change, service name resolution would only occur in the
default network. This was because we were not explicitly adding aliases
of the service names to the aliases fields.
We also fix the comparison, which would do funny things based on
container IDs, which was correct but unnecessary.
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
Jessie recently had the jessie-updates repos dropped. We upgrade to
stretch to avoid a 404 on update (and to update things anyway).
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
If a value is requested which does not pass validation, we instead set
it to the default value, to ensure that the state engine continues to
work and move towards the target state.
Change-type: minor
Closes: #938
Signed-off-by: Cameron Diver <cameron@balena.io>
We put the supervisor0 network in the 10.114.104.0/25 subnet to avoid issues when the device
is in a network using the 172.17.* network.
We also ensure we recreate this network if it was created in the incorrect subnet (i.e. if we're updating
from an old supervisor that didn't do this), for which we have to kill any containers using this network.
Closes#731
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
Without this patch, if for some reason device pinning fails (e.g. connectivity goes down) or anything
interrupts the initialization after provisioning completes but before pinning is completed, after a retry
the supervisor would just skip the pinning code, leaving the device unpinned. This patch ensures that the
pinning procedure is run even if the device was already provisioned (as long as the pinning flag has been set,
of course). This matches the behavior that the CoffeeScript code had from before the TypeScript conversion.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>