Commit Graph

50 Commits

Author SHA1 Message Date
Pablo Carranza Velez
0eaae3d670 fix: When checking for legacy containers, properly get the labels from config
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-20 19:08:53 +02:00
Pablo Carranza Velez
ed3f5522ae Replace io.resin labels (and their env vars) with io.balena equivalents
But we keep backwards compatibility by normalizing existing io.resin labels
into io.balena ones, and adding both RESIN_ and BALENA_ env vars for these features.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 13:21:31 +02:00
Cameron Diver
5906e1427c
local mode: Add local mode manager module to handle cleanup
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-13 20:20:05 +01:00
Cameron Diver
19cd310da3
Support setting target state in local mode from supervisor API
Change-type: minor
Closes: #689
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-10 13:02:40 +01:00
Cameron Diver
5c0c880a10
Don't set empty target state in local mode
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-10 13:02:06 +01:00
Cameron Diver
892d227cc2
compose/service: Convert module to typescript and add network config
Stability improvements;
* Printing of unsupported compose fields
* Added a lot of tests
* All compose configuration has a default value, enabling better
comparison

Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-21 10:30:27 +01:00
Cameron Diver
e0231f15e9
Compose: Support more network creation options
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-21 10:30:27 +01:00
Cameron Diver
a7551abe93
Refactor: Split Networks class to Network and NetworkManager
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-19 15:41:09 +01:00
Cameron Diver
c61b16655e
Remove resinApiEndpoint meta-endpoint and use config.json entry instead
The resinApiEndpoint config option existed for legacy reasons, where the
apiEndpoint was passed in via env vars, but this is no longer the case,
and the current supervisor wouldn't run on these older versions of
resinOS anymore anyway, so I've removed the references to this legacy
endpoint, as it made reasoning about offline mode weird.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-12 13:33:57 +01:00
Cameron Diver
9259f231f8
Correctly apply current commit value to applications
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-12 12:42:22 +01:00
Cameron Diver
8abfd05718
Fix typo in config method call
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-09 11:09:42 +01:00
Cameron Diver
380d40f9f8
Fix /v1/device endpoint returning null for commit after an update
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:48 +01:00
Cameron Diver
6ca2701b85
Move v2 endpoints to separate module
Change-type: patch
Connects-to: #640
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:47 +01:00
Cameron Diver
981c7323ed
Refactor v1 api into seperate modules
Change-type: patch
Connects-to: #640
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:47 +01:00
Cameron Diver
bc37ee56e4
Check against application source for target applications
The supervisor will now check that a source of an application matches
the current source, and only start it if so.

Change-type: patch
Closes: #658
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-22 12:11:57 +01:00
Pablo Carranza Velez
6c4eaff02f On startup, only attach to logs for running containers, and remove any containers marked as dead
Closes #611
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-04-19 15:04:04 -07:00
Pablo Carranza Velez
d46d6513b5 Trim whitespace from the hostname file on the host before passing it as the hostname for containers with host network
Closes #594
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-19 17:19:59 -03:00
Pablo Carranza Velez
91ac11d0e8 In /v1/apps/:appId/stop, wait for the service to exit before responding
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-16 15:13:15 -03:00
Pablo Carranza Velez
08a98f47e4 compose: Use the hostname on the host as default hostname for services with host network mode
Otherwise if the hostname on the supervisor container differs from the hostname on the host, the current and target
services will never match.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-14 21:18:11 -03:00
Pablo Carranza Velez
0101d62ace ApplicationManager: try to match available images by imageId to avoid keeping around unused image entries in the db
This should fix an issue where, on an update that only changes container metadata, the image install for the old image
is kept around on the API.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-13 18:45:26 -03:00
Pablo Carranza Velez
de654ec60e Skip taking the lock when updating the releaseId or imageId for a service that comes from a legacy supervisor
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-13 18:00:07 -03:00
Pablo Carranza Velez
f76aacc7fb Avoid trying to send a response to API calls after we've already sent an error
In some cases we were using early `return res.status(...).send(...)` to send 400 errors
but this happened inside a promise chain that later sent another status and response.

We fix this with the correct indentation of the success response so that an early return doesn't fall there.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-09 14:48:34 -08:00
Pablo Carranza Velez
79b4d39acd Fix passing a target service to start in /v1/apps/:appId/start, and getting the containerId
We weren't passing a "target" to serviceAction, which made the start action fail.
Plus we need to get the container again after starting to get the latest containerId.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-09 14:41:19 -08:00
Pablo Carranza Velez
b6631b7367 ApplicationManager: only use dockerImageId to identify images for current apps, to avoid trying to delete an image that is in use
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-09 06:54:16 -08:00
Pablo Carranza Velez
dc62418db4 Some fixes in current state reporting, error handling for "container not found", plus more style improvements
Also, ensure the properties argument to eventTracker.track is an object

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
58b167b43d Various bugfixes and sytlistic improvements
* Use the correct defaults for the delta config variables that have them

* Only mount /lib/firmware and /lib/modules if they exist on the host

* hardcode-migrations.js: Nicer line separation

* APIBinder: switch to using a header for authentication, and keep credentials saved in the API clients

* Fix hrtime measurements in milliseconds

* Do not uses classes for routers

* compose: properly initialize networkMode to the first entry in networks if there is one

* Fix some details regarding defaults in validation and service

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
38c3a8bdf3 Avoid starting services that exit repeatedly
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
ba829412e1 Various bugfixes
* Get imageId when normalising a dep. app from the DB

* Fix the appId in migrations when updating the supervisor

* Use the update lock to update a service's metadata

* Restart clears volatile target state

* Fix function definition for updateMetadata

* Improve backwards compatibility of /v1/apps/:appId endpoint

* Fix multicontainer deltas to work with resumable-request 2.0

* Fix dependent target normalisation logic

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
7ed27ea203 Some fixes on migrations, dependent devices and deltas
* Switch default dependent device type to generic

* Reduce noise in logs

* Limit to 3 simultaneous delta downloads

* Better check for deltaSource

* When checking volume dependencies, do not compare regular (non-named) volumes

* Store imageId for dependent apps, and don't report dependent images with invalid imageIds

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
3fd52bb0c7 Simplify the update logic by making fetch and kill (the only long-running actions) happen in the background, and always waiting for all actions before continuing
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
484a688dbd Pause updates while purging or restarting apps, and ensure an applyTarget is triggered after the actions run
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
82d5a16c8c Add change events when services exit and restart, and add stop-service and start-service endpoints
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
8548222a00 Several bugfixes:
* Ensure commit is only reported when update has finished

* Change default delay between actions to 100ms

* Fix envArrayToObject for cases where the env var has an equal sign

* Use shell-quote to properly parse string command and entrypoint

* Fix preloading with a legacy apps.json

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
0a6d948bd2 Some fixes on image management and tagging
* Fix deleting unneeded image tags

* Fix inspectByName to work with tags besides digests when the image isn't really tagged

* Tag deltas that should have tags, and fix cleanup of dangling images

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
cba3a8e5fe Make v1 restart and purge work for multicontainer apps too
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
2b223f55fa Fix image comparison when running intermediate targets with depends_on
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
534f7d13cb Fix local mode and the host-config endpoint
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
cee8aae850 When in local mode, stop all services and ignore images
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
5ec8e57aa0 Implement v2 API endpoints to restart and purge apps, and restart a service
This also changes the deviceState object to use promises instead of timeouts to schedule
applying the target state.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
f653fa4961 Add support for service hostname
Plus several small bug fixes:

* Allow target states with apps with no release

* Fix lock override and a TypeError in compareServicesForUpdate

* Lowercase service names when doing migrations and legacy preload

* Fix deltas from scratch

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
839ebf8688 Fix preloaded apps and support legacy preloading, and fix some details in the default service when migrating
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
60f0cd2fcb Change all labels to use hyphens instead of underscores, and fix some instances of using split instead of a regex
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
3a710506a6 Switch to a new image management system keeping the docker image ID in the database, allowing deltas and proper comparison for images that have a digest.
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
918372b569 Some bugfixes and style improvements
* Fix validation of 0, fix ulimits, don't compare mem_limit or mem_reservation until OS supports them

* Remove all instances of _.forEach

* ApplicationManager: have separate compareNetworksForUpdate and compareVolumesForUpdate

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
25695aade5 Add support for init, mem_reservation, shm_size, read_only and sysctls.
Also several bugfixes:

* Fix VPN control, logging in deviceConfig, and action executors in proxyvisor

* Fix bug in calculation of dependencies due to fields still using snake_case

* Fix snake_case in a migration, and remove unused lib/migration.coffee

* In healthcheck, count deviceState as healthy when a fetch is in progress (as in the non-multicontainer supervisor)

* Set always as default restart policy

* Fix healthcheck, stop_grace_period and mem_limit

* Lint and reduce some cyclomatic complexities

* Namespace volumes and networks by appId, switch default network name to 'default', fix dependencies in networks and volumes, fix duplicated kill steps, fix fat arrow on provisioning

* Check that supervisor network is okay every time we're applying target state

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
739fe13cad Use a supervisor0 network interface for the supervisor network API. Remove RESIN_APP_COMMIT and RESIN_APP_RELEASE env vars.
Also add support for several networks per container (but with no configuration yet).
Also some bugfixes and implement healthcheck and not disabling VPN on startup.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
b003f48d7b Switch to using knex migrations to set up the database, and change the database format to use integers for ids instead of strings.
Also includes various improvements and bugfixes to services and the migration from legacy /data to volumes.

The switch ti migrations involves a dirty hack for webpack to properly resolve the paths to the migrations js files - it uses an expression
that webpack can't resolve, so we hardcode it to a value and use the ContextReplacementPlugin to make that value resolve to the migrations folder.

The downsides to this approach are:
- a change in knex code would break this
- the migration code is added twice to the supervisor image: once in the migrations folder (because knex needs to loop through the directory to find the files),
and once inside app.js (because I can't make webpack treat them as external)

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
7d8a208a06 ApplicationManager: Avoid deadlocks by killing services once its dependencies have been downloaded, and killing services with handover when it is absolutely necessary
Two cases could've caused deadlocks:
1) Two services use a volume, and one service depends on the other. The volume config changes, but we can't update the volume because we need to kill
both services, and yet we can't kill the dependent service because its dependency isn't ready either.
2) A service with handover strategy uses a volume. The volume config changes. We can't update the volume because the running service is using it, and we can't
start the handover because it depends on the volume being ready. So we need to kill the service to update the volume config.

(Same for networks as with volumes)

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
0d27658a87 Various improvements and fixes to how compositions are handled
Change the way we get the network gateway to set up the supervisor API address.

Added support for cap_add, cap_drop and devices.

Some fixes like missing fat arrows and removing leftover code.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
cb37f7ebcc ApplicationManager: implement a module to run multicontainer applications
This module takes care of inferring and applying the steps to run multicontainer applications. It will have a Proxyvisor to handle dependent apps and
devices. It understands the relationship between services, networks and volumes to infer the steps in the correct order, also taking update strategies into account.

Changelog-Entry: Allow running docker-compose-like multicontainer applications
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00