Commit Graph

1356 Commits

Author SHA1 Message Date
Cameron Diver
f3264862ca
fix: Normalize ports from compose file on instantiation
Adjacent ports are always grouped together by docker when reporting the
container state (from an inspect), so adjacent ports defined in the
compose file would not match as they would not have been normalized.

We make sure to always normalize the input port configuration, so that
it will match the docker output (if it should).

We also don't sort in the fromComposePorts function anymore as that is
handled by the normalize function.

Closes: #897
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-08 15:14:07 +00:00
Cameron Diver
e9b51bbcd7
fix: Rework delete-then-download handling in state engine
In the original implementation it was possible that the delete did not
wait for the kill step to be finished, so it would not be deleted.

We seperate this process into two steps, to allow for the container to
have stopped before proceeding.

Change-type: patch
Closes: #841
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-06 11:41:05 +00:00
Cameron Diver
828a0fc345
Make the failure backoff time the same as the appUpdatePollTime
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-05 18:40:18 +00:00
Cameron Diver
146267b402
Backoff on image download error
Change-type: patch
Closes: #873
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-05 18:40:18 +00:00
Cameron Diver
c0e68bb069
Add the release to the status endpoint
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-05 17:57:58 +00:00
Cameron Diver
769e2f3c51
Add application status endpoint
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-05 17:57:57 +00:00
Cameron Diver
d863326783
misc: Improve typings
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-05 17:57:57 +00:00
Cameron Diver
2e09ed071c
Ensure the balena-fin always has it's overlay assigned
Change-type: patch
Closes: #884
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-05 16:19:42 +00:00
Cameron Diver
d8085a6ef8
fix: Don't attempt a pull if the token requests fails
Change-type: patch
Closes: #879
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-04 17:50:26 +00:00
Cameron Diver
d75c58f09d
Move legacy renaming to formatting function
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-04 11:08:36 +00:00
Cameron Diver
f12f474516
Fix typo in OVERRIDE_LOCK
Closes: #885
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-02-04 11:08:26 +00:00
Cameron Diver
ef7d993db6
Wrap services.getAll in a bluebird promise
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-31 10:09:25 +00:00
Cameron Diver
6a9ca2a60d
fix: Properly bind context to healthchecks
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-29 14:19:45 +00:00
Cameron Diver
707ddb5f45
fix: Only apply supervisor api authentication after healthcheck entry
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-29 14:19:45 +00:00
Cameron Diver
8315413046
Add missing ServiceManager methods
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-29 11:47:41 +00:00
Cameron Diver
ba000a73fc
refactor: Convert ServiceManager to typescript
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-25 13:52:05 +00:00
Cameron Diver
e5893c0ee0
Improve error and logger typings
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-25 13:52:04 +00:00
Cameron Diver
ecffa12e41
misc: Lint fixes
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-25 13:52:04 +00:00
Cameron Diver
02736113a3
refactor: Convert docker-utils module to typescript
Change-type: patch
Closes: #868
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-25 13:52:04 +00:00
Cameron Diver
9a97451e7a
fix: Fix intial config reporting
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-23 17:51:52 +00:00
Cameron Diver
24ce72a2c3
Clear up images.ts module code for simiplicity
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-23 16:40:15 +00:00
Cameron Diver
6f9d9e5de6
Prefer optional type in ConfigChangeMap
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-23 16:31:33 +00:00
Cameron Diver
6a1e787eee
Use dictionary for db key
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-23 16:30:43 +00:00
Cameron Diver
32acde0a99
refactor: Convert volumes module to typescript
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-22 20:25:04 +00:00
Cameron Diver
91b553dd32
refactor: Convert compose/images module to typescript
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-22 20:20:05 +00:00
Cameron Diver
1af13d3373
typings: Improve database typings by allowing unknown dictionary keys
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-22 13:25:39 +00:00
Cameron Diver
fed01c355c
typings: Improve docker-utils typings
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-22 13:25:01 +00:00
Cameron Diver
d1e1297f6d
misc: Add Nullable<T> helper type
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-21 11:18:41 +00:00
Cameron Diver
0505c0f976
config: Properly type the change events from config module
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-21 11:13:14 +00:00
Cameron Diver
06cdaddd71
Send connection message when streaming local mode logs
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-16 13:14:49 +00:00
Cameron Diver
9a98fc4c84
refactor: Small code changes
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-11 10:38:05 +00:00
Cameron Diver
6a3148ff80
refactor: Remove unnecessary validations and casts
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-11 10:37:25 +00:00
Cameron Diver
db74e748a1
refactor: Fully type and validate config module set and get
We define the type for each config value, and validate the data when
retrieving and setting it.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-11 10:37:25 +00:00
Cameron Diver
ac4866170e
refactor: Remove scaffolding for unused mutable config functions
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-11 10:37:24 +00:00
Cameron Diver
81b17faab1
fix: Use logind manager to request reboots and shutdowns
Change-type: patch
Closes: #861
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-09 11:23:43 +00:00
Cameron Diver
a970ec5377
Fix context bind errors by switching to async/await
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-08 16:22:47 +00:00
Cameron Diver
de21c2ab2b
Specify TODO in DeviceApplicationState comment
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-08 11:59:56 +00:00
Cameron Diver
01ed7bb103
refactor: Convert ApiBinder module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-08 11:59:56 +00:00
Cameron Diver
d5f4ac690f
refactor: Only promisify read and write locks once
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-08 11:59:54 +00:00
Cameron Diver
9decea1d3b
refactor: Convert supervisor api module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-08 11:59:53 +00:00
Cameron Diver
3a130f4f9c
refactor: Change config modules export type to new-style
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-02 18:12:22 +00:00
Cameron Diver
dc34025545
refactor: Generate and normalise PortMaps from compose ports in-class
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-02 12:19:30 +00:00
Cameron Diver
557c32b80e
compose: Normalise target ports for comparison with docker's output
Docker always returns ports in ascending order, so if they aren't
specified like that in the compose, a restart loop would occur. This
patch changes the port maps to be stored in ascending order, based on
an alphabetical sort of the internalStart port (not taking into account
the protocol). This is the same as how Docker returns them, so they will
match, regardless of input form.

Change-type: patch
Closes: #824
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-01-02 11:24:56 +00:00
Cameron Diver
b32fba43e1
refactor: Convert DeviceConfig module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-21 17:18:35 +00:00
Cameron Diver
7ba1ab981c
types: Make DeviceApplicationState reflect state endpoint
Also change the return format of ApplicationManager.getStatus(), which
does not conform to the above.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-21 17:18:33 +00:00
Cameron Diver
de5157c04c
refactor: Change export style of db to named
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-21 17:18:33 +00:00
Cameron Diver
64db38204f
refactor: Add default export to logger module
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-21 17:18:33 +00:00
Cameron Diver
f4f67a5afc
refactor: Convert host-config module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-21 17:18:32 +00:00
Cameron Diver
9fab0fc5cc
fix: Correctly type top level network IPAM config
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-20 10:07:38 +00:00
Pagan Gazzard
019190646e Update pinejs-client to pinejs-client-request 5.x
Change-type: patch
2018-12-19 17:54:53 +00:00
Cameron Diver
45b322b7e0
device-api: Add morgan to log api requests
Change-type: minor
Closes: #834
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-19 14:30:37 +00:00
Cameron Diver
b977b30dfe
refactor: Convert update-lock module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-19 14:07:47 +00:00
Cameron Diver
ec37db597d
refactor: Convert systemd module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-19 14:07:45 +00:00
Cameron Diver
e00954babd
refactor: Convert request module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-19 14:07:45 +00:00
Cameron Diver
2ea657c95d
refactor: Convert migration module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-19 14:07:44 +00:00
Pablo Carranza Velez
42737cb9e9 Fix a race condition that could cause an unnecessary restart of a service immediately after download
Up to now, there was a slim but non-zero chance that an image would be downloaded between the call to `@getTarget` inside deviceState
(which gets the target state and creates Service objects using information from available images), and the call to
`@images.getAvailable` in ApplicationManager (which is used to determine whether we should keep waiting for a download or start the
service). If this race condition happened, then the ApplicationManager would infer that a service was ready to be started (because
the image appears as available), but would have incomplete information about the service because the image wasn't available when
the Service object was created. The result would be that the service would be started, and then immediately on the next applyTarget
the ApplicationManager would try to kill it and restart it to update it with the complete information from the image.

This patch changes this behavior by ensuring that all of the additional information about the current state, which includes available images,
is gathered *before* building the current and target states that we compare. This means that if the image is downloaded after the call to getAvailable, the Service might be constructed with all the information about the image, but it won't be started until the next pass, because ApplicationManager will treat it as still downloading.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-12-17 15:41:12 -03:00
Cameron Diver
96b614ad6a
Replace offline -> unmanaged in logs and tests
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-17 10:53:24 +00:00
Cameron Diver
c533631f70
unmanaged: Default to local mode in target state when unmanaged
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-17 10:53:23 +00:00
Cameron Diver
151af309fb
config: Force config values to strings when storing in db
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-17 10:53:23 +00:00
Cameron Diver
3ca1d7c864
join: Disable local mode when joining a cloud
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-17 10:53:23 +00:00
Cameron Diver
82602abf8d
config: Replace supervisorOfflineMode and offlineMode with unmanaged
Change-type: major
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-14 15:01:41 +00:00
Cameron Diver
5bea0fdc9d
fix: Give unmanaged target states a source of 'local'
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-14 15:01:41 +00:00
Cameron Diver
178e80d92a
Require an apikey for supervisor api in production unmanaged
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-14 15:01:41 +00:00
Cameron Diver
5bb3820d6a
Switch to local mode in unmanaged mode
Change-type: major
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-14 15:01:41 +00:00
Cameron Diver
91a6340563
Move config.json flag back to the database
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-14 15:01:40 +00:00
Cameron Diver
19f8b75766
Revert "localMode: Remove local mode from device-config"
This reverts commit eda477ff86.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-12-14 11:05:57 +00:00
Pablo Carranza Velez
b94921263a Use rimraf package instead of handmade function
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-12-12 14:22:15 -03:00
Pablo Carranza Velez
af717a3761 Stricter validation for backup file contents
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-12-12 14:17:34 -03:00
Pablo Carranza Velez
501272266b Add the ability to restore volumes from a backup.tgz in the data partition
Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-12-12 14:17:33 -03:00
Pablo Carranza Velez
d5b2fcd4dd Update knex to 0.15.2 and sqlite3 to 4.0.4
We also replace a createTableIfNotExists in the migrations with hasTable then createTable, to
avoid a warning message about it being not recommended.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-12-12 13:42:29 -03:00
Pablo Carranza Velez
a52683ade0 Fix typo that prevented deleting old resin/ supervisor images
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-12-11 13:27:39 -03:00
Heds Simons
80203f29ad
api: Ensure Supervisor API returns IP addresses
The move from pure CoffeeScript to TypeScript has brought a
few changes to the way transpiling happens. Previously, through
serendipity, the way `startIPAddressUpdate` was called worked
because of the binding convention pre-transpiling.

However, with the move to TypeScript, this has altered and
the assumption that a lack of parentheses would call the
method before supplying a callback into the returned function
is incorrect. The method must be specifically called first.

Connects-to: #836
Change-type: patch
Signed-off-by: Heds Simons <heds@balena.io>
2018-12-07 10:37:00 +00:00
Cameron Diver
64a8c03eba
unmanged: Don't require a device name when setting a target state
Also set a default device name of 'local', to avoid an undefined value.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-29 11:35:08 +00:00
Cameron Diver
eda477ff86
localMode: Remove local mode from device-config
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-29 11:35:07 +00:00
Cameron Diver
5c04df2cb8
compose: Fix network option field names and update dockerode types
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 17:43:31 +00:00
Pablo Carranza Velez
502167e267
fix: When updating from a legacy supervisor, use updated resource ids and image URL from the API
When updating from old supervisors (<7.0.0), we've been so far using a fake id 1 for serviceId, imageId
and releaseId since these were not available in the old supervisor. This causes problems when the supervisor
tries to report these values to the API. Moreover, the app from the legacy supervisor has an image URL
that doesn't include the content hash - this causes the supervisor to believe the image is not really downloaded
and try to fetch it again.

To fix these issues, we add a request to the API when the supervisor starts up and detects that there's a legacy
app that needs to be normalised. We fetch the appropriate release, and use it to populate the resource ids
and the updated image URL.

This should avoid the unnecessary image download, and errors reporting target state after an update.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-11-28 17:19:55 +00:00
Cameron Diver
311eaf0ac0
device-api: Add container id endpoint
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 16:44:19 +00:00
Cameron Diver
6317b16138
Convert network module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 15:15:06 +00:00
Cameron Diver
b37ce5e3d9
config: Set default apiKey of empty string to avoid undefined keys
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 14:53:09 +00:00
Cameron Diver
142d2a7c6f
config: Move config.ts -> config/index.ts
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 14:53:08 +00:00
Cameron Diver
a2e2948a4e
Allow local mode to be controlled via config.json
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 14:53:08 +00:00
Cameron Diver
2e80b49da1
Don't start connectivity check when in offlineMode
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 14:53:07 +00:00
Cameron Diver
ce543d820f
Improve UX when apps.json is not present
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 14:53:06 +00:00
Cameron Diver
f56be737ee
config: Switch default device type to unknown
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 14:26:05 +00:00
Cameron Diver
dfa9034fe9
Handle empty apiEndpoint when detecting mixpanel host
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 14:26:02 +00:00
Cameron Diver
940d8c9862
fix: Set default apiEndpoint to empty
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-28 13:11:45 +00:00
Shaun Mulligan
aface89fd2 compose: Set default config for stopSignal to SIGTERM
Change-type: patch
Signed-off-by: Shaun Mulligan shaun@balena.io
2018-11-27 12:21:08 -08:00
Shaun Mulligan
646a510310 compose: Change default stop signal from '' to SIGTERM
Change-type: patch
Signed-off-by: Shaun Mulligan <shaun@balena.io>
2018-11-27 12:13:20 -08:00
Cameron Diver
fe44d496fb
compose: Change default grace period to 10s
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-22 12:18:18 +00:00
Cameron Diver
f48e85095b
events: Correctly proxy mixpanel events
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-21 13:09:06 +00:00
Cameron Diver
96ecef8052
Fix m00001 migration by using targetValues
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-13 22:14:06 +00:00
Pagan Gazzard
2a17184d32 Let typescript do the json resolution so we get proper types
Change-type: patch
2018-11-06 18:13:52 +00:00
Cameron Diver
00bd88c50d
fix: Rework code to avoid prettier errors
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-06 11:07:55 +00:00
Cameron Diver
dfdc371a9c
device-api: Also support serviceName in v2 service endpoints
Now you can either pass a serviceName or imageId to restart a specific
service, which is much easier from a device container.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-05 11:44:29 +00:00
Cameron Diver
9963d24675
fix: Fix typo in image cleanup code
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-05 11:44:29 +00:00
Cameron Diver
2bdb34d78d
fix: Correctly type bluebird promises in application-manager typings
Signed-off-by: Cameron Diver <cameron@balena.io>
2018-11-05 11:44:26 +00:00
Pagan Gazzard
235f9f04af Remove some type casts
Change-type: patch
2018-11-02 20:45:13 +00:00
Pagan Gazzard
83927f36d8 Update to typescript 3
Change-type: patch
2018-11-02 15:41:14 +00:00
Pagan Gazzard
ab6401343b Run prettier on the typescript files 2018-11-02 14:50:13 +00:00
Pagan Gazzard
d6e9283a15 Fix coffee-script lint failures 2018-11-02 14:50:12 +00:00
Pablo Carranza Velez
4bf6f75a4f Remove unused codepaths that do deltas from resin/scratch
The supervisor has been doing regular pulls instead of deltas
from scratch for a while now. We remove remaining references to
resin/scratch, and add a handler in docker-utils to fall back
to a regular pull with a null deltaSource (which should never be
called anyways, but is left as a precaution).

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-11-01 17:00:13 -07:00
Pablo Carranza Velez
8298487a88 Rename most of the documentation and variable names from resin to balena
Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-11-01 17:00:13 -07:00
Pablo Carranza Velez
007bd168bb When updating from resin-supervisor to balena-supervisor, try to delete old resin-supervisor images
Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-11-01 14:59:41 -07:00
Akis Kesoglou
b71c59c002 api-binder: Use API v5
Change-type: major
2018-11-01 13:17:30 +02:00
Pablo Carranza Velez
989a5e2c6a fix: When calling the /v1/update endpoint, always trigger a target state apply
getAndSetTargetState in the APIBinder had a check for whether the target state has changed.
When triggering an update from the API, we want to *always* call triggerApplyTarget, especially
when the update is forced. Otherwise the API endpoint doesn't work for forced updates (and in general,
will rarely trigger an update unless a change in the API's target state has happened)

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-31 14:26:56 -07:00
Pablo Carranza Velez
d5094d8d3b fix: Properly check for the balena-api label to inject the API key env vars
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-31 13:13:09 -07:00
Pablo Carranza Velez
d6ee60100d fix: When setting target state, delete old apps from the same source
In commit 19cd310da3 this line was deleted,
probably to avoid deleting local mode apps when setting the API target and
viceversa but we need to delete old apps to avoid problems when moving
the device between apps.

We now filter by source to avoid the problem with local mode too.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-31 11:20:42 -07:00
Pablo Carranza Velez
1c5891ec09 ApplicationManager: when comparing images to save metadata, take docker image ids into account
Otherwise we may skip saving a target image to the db when updating from legacy supervisors,
which in turn prevents from deleting the legacy image entry (with imageId = 1), leaving the
supervisor in a state where it can't report its current state to the API.

While we're at it, we also remove an unused variable in _getStatus.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-23 15:43:59 -07:00
Cameron Diver
64de3d2f63
fix: Use fat arrow for cleanup method
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-23 19:13:34 +01:00
Cameron Diver
1879c76b00
fix: Run checkTruthy on config values before using them
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-23 18:32:38 +01:00
Pablo Carranza Velez
f5b005bcb2 fix: Properly get the config from target state before comparing during initial config reporting
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-22 13:18:53 -07:00
Pablo Carranza Velez
0eaae3d670 fix: When checking for legacy containers, properly get the labels from config
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-20 19:08:53 +02:00
Pablo Carranza Velez
922597e582 fix: Avoid trying to report duplicated values in initial config
We do this by formatting the keys from the target state before comparing them
with the ones from the current state (that are already formatted to strip the namespace
prefix).

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-20 18:58:13 +02:00
Pablo Carranza Velez
b3860b2b70 fix: Store and retrieve device config without namespaces
This avoids issues on provisioning where the current state
(esp. config.txt) that we want to save is retrieved without
a RESIN_ or BALENA_ prefix, causing those values to be lost.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-20 04:40:55 +02:00
Pablo Carranza Velez
32d5e58ead Keep defaulting tty to true to avoid accidental breakage
Otherwise old releases (where applications expected tty to be true)
would break.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-19 17:54:13 +02:00
Pablo Carranza Velez
6fb0147d3c Fix preloading in flasher images by reading apps.json if target hasn't been set
i.e. if we're not provisioned or if the target state is empty (of apps), then we
read apps.json to preload. We then mark that the target state has been set to avoid
trying to preload again if we ever get an empty target state from the API.

Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-19 14:42:29 +02:00
Pablo Carranza Velez
583ce34c01 apiBinder: Keep prepending RESIN_ to reported config variables
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 17:20:53 +02:00
Pablo Carranza Velez
24cbfbb860 deviceConfig: allow BALENA_ config variables
They will take precedence over any existing RESIN_ variables. We strip both namespaces now
whenever we get the target values.

This also fixes preloading with a legacy config (the interface to get the config keys from
the legacy apps.json was broken).

Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 17:20:53 +02:00
Cameron Diver
e04de0a170
fix: Add typescript cast to fix type error
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-18 15:14:12 +01:00
Cameron Diver
d939b2b9e6
fix: Remove debugging console logs
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-18 15:04:04 +01:00
Cameron Diver
6ad3a7981d
fix: Redact environment variable values in debug output
Chnage-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-18 15:04:04 +01:00
Cameron Diver
2a94a7b730
fix: Apply default config options when they're falsy
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-18 15:04:04 +01:00
Cameron Diver
5569e2bc84
fix: Always set the container name when generating creation options
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-18 15:04:04 +01:00
Pablo Carranza Velez
e17bb59844 config: Allow atomic config.json writes on balenaOS
Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 15:01:49 +02:00
Pablo Carranza Velez
0a4eefa9c6 network: Ignore resin-redsocks and balena-redsocks when reporting IP addresses
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 15:01:49 +02:00
Pablo Carranza Velez
31e730600d Use the DOCKER_SOCKET env var for the user container's balena socket mount
Instead of hardcoding balena.sock we use this variable since the path changes
with the balena -> balenaEngine rename.

We keep also mounting into balena.sock for backwards compatibility (even though
most tools should transparently use the DOCKER_HOST env var).

Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 15:01:49 +02:00
Pablo Carranza Velez
220f4b5810 service: Fix device name env vars by injecting and filtering in the interface with docker
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 14:49:00 +02:00
Pablo Carranza Velez
88b3682d51 ServiceManager: add BALENA_DEVICE_NAME_AT_INIT to injected env vars
Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 13:21:31 +02:00
Pablo Carranza Velez
ed3f5522ae Replace io.resin labels (and their env vars) with io.balena equivalents
But we keep backwards compatibility by normalizing existing io.resin labels
into io.balena ones, and adding both RESIN_ and BALENA_ env vars for these features.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-18 13:21:31 +02:00
Pablo Carranza Velez
83b4d5878e service-manager: Delete the correct handover complete file
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-17 17:38:49 +02:00
Pablo Carranza Velez
047ca2ae68 service: Fix typo and type errors
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-17 11:34:13 +02:00
Pablo Carranza Velez
87a8d8f8f4 Env var changes in API docs, new private env vars, remove unused vars
We update the supervisor API docs to reflect the new `BALENA_` injected env vars.
We also add the new sensitive env vars to the list of vars not sent by the API.

And we remove the unused RESIN_DATA_PATH and RESIN_PROXYVISOR_HOOK_RECEIVER from the
vars the supervisor parses from its own environment.

Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
2018-10-16 15:12:05 +02:00
Pablo Carranza Velez
802025c01f Make handover-complete an alternative to the resin-kill-me file
Also fixes the handover wait (since the service interface for it was missing).
We add some logging to this process too.

Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-10-16 15:12:04 +02:00
Pablo Carranza Velez
8003f25c3d Add /tmp/balena lock and handover paths and BALENA_ env vars
We change the lockfile to /tmp/balena/updates.lock, and the resin-kill-me file to /tmp/balena/handover-complete.
In the host, we change to use /tmp/balena-supervisor instead of /tmp/resin-supervisor.

We add BALENA_ env vars in addition to the RESIN_ env vars.

We keep backwards compatibility by using both paths for the lockfile and handover, and keeping the RESIN_ env vars.

Changelog-entry: Move the handover and lock files to /tmp/balena, rename them, and add BALENA_ env vars
Change-type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-10-16 15:12:04 +02:00
Pagan Gazzard
660d9ff6f3 Disable express' x-powered-by header
Change-type: patch
Signed-off-by: Pagan Gazzard <page@resin.io>
2018-10-16 13:26:21 +02:00
Cameron Diver
b1434e44ae
fix: overlay compose fields on image for healthcheck
This commit changes a bug where the compose healthcheck would always
overwrite the healthcheck set by the image - even if no compose
healthcheck exists.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-16 10:34:37 +01:00
Cameron Diver
16e7522a1f
fix: Remove support for broken storageOpt option
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-16 08:22:19 +01:00
Zubair Lutfullah Kakakhel
73b9895bdf
backend: Remove a few blacklisted config.txt options
These options were discussed in an arch call and the conclusion was
that they don't need to be in the blacklist.

Change-type: patch
Changelog-entry: Remove a few blacklisted config.txt options
Signed-off-by: Zubair Lutfullah Kakakhel <zubair@resin.io>
2018-10-15 11:41:22 +01:00
Cameron Diver
a143a07aaa
fix: Return void from config setter
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-15 11:12:47 +01:00
Cameron Diver
d7edd3eb63
fix: Don't assume config is defined for legacy images in logger
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-15 10:53:11 +01:00
Cameron Diver
ed73946af5
device-api: Add supervisor version endpoint
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-13 20:24:25 +01:00
Cameron Diver
479e0a8bb8
state: Don't consider local mode when storing state
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-13 20:20:05 +01:00
Cameron Diver
5906e1427c
local mode: Add local mode manager module to handle cleanup
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-13 20:20:05 +01:00
Cameron Diver
3e665c0f4a
logger: Enforce timestamp value to avoid logging server 400 errors
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-13 20:20:04 +01:00
Cameron Diver
6156825293
Add logging endpoint to supervisor
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-13 20:19:38 +01:00
Cameron Diver
6e2801380b
Support local logging via standard logging interface
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-10 13:02:40 +01:00
Cameron Diver
19cd310da3
Support setting target state in local mode from supervisor API
Change-type: minor
Closes: #689
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-10 13:02:40 +01:00
Cameron Diver
e0237e826e
Add several local mode enabling endpoints
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-10 13:02:08 +01:00
Cameron Diver
524d185c4c
Correctly type service-manager logger and event tracker fields
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-10 13:02:08 +01:00
Cameron Diver
5c0c880a10
Don't set empty target state in local mode
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-10 13:02:06 +01:00
Cameron Diver
5537ae4e2e
fix: Correctly handle array based network definitions for service
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-08 11:29:32 +01:00
Cameron Diver
367dd876aa
fix: Only join the default network when creating the container
We were joining every network on container creation, which is currently
bugged in Docker. We were also joining networks afterwards, so the
non-default networks are joined post-creation, and only the networkMode
container is joined on creation.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-10-08 11:29:23 +01:00
Cameron Diver
06bbf9751a
compose: Support changing the tty option for compose services
This enables the switch to be added to the compose, and the handling of
docker messages has been changed to ensure that the multiplexed logs
which result are handled properly.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-24 12:04:51 +01:00
Cameron Diver
e8a5edf774
types: Remove temporary Service type in favour of actual compose class
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-24 12:04:51 +01:00
Cameron Diver
892d227cc2
compose/service: Convert module to typescript and add network config
Stability improvements;
* Printing of unsupported compose fields
* Added a lot of tests
* All compose configuration has a default value, enabling better
comparison

Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-21 10:30:27 +01:00
Cameron Diver
e0231f15e9
Compose: Support more network creation options
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-21 10:30:27 +01:00
Cameron Diver
a7551abe93
Refactor: Split Networks class to Network and NetworkManager
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-19 15:41:09 +01:00
Cameron Diver
c5540404af
logger: Fix reporting the configuration change variables
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-13 14:44:20 +01:00
Cameron Diver
d37eb8e8a9
lib/errors: Improve typings by extending Error class for predicates
When using the predicate functions in bluebird `.catch`es from
typescript, the compiler would complain that the predicates do not
accept a function which takes an error. Because these are specific
errors, I've extended the base `Error` class, and added the extra fields
we expect.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-13 12:01:10 +01:00
Cameron Diver
68a6b1aef1
fix: Use throttle not debounce when ensuring we don't spam mixpanel
Debounce will mean that in certain cases, the events will never be sent,
whereas with throttle we can be sure that it will be sent a minimum
amount per time slice.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-12 12:30:31 +01:00
Cameron Diver
8abbfe36e0
fix: Don't send internal state tracking information to the API
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-05 12:09:35 -07:00
Cameron Diver
08b1c90ea1
fix: Fix event-tracker being passed no options object
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-04 16:02:06 -07:00
Cameron Diver
c1748436d8
fix: Import logger properly and add startup test
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-04 15:53:49 -07:00
Cameron Diver
8ca42062a3
events: Report supervisor version with any mixpanel events
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-04 13:17:20 -07:00
Cameron Diver
607c722b0b
events: Add rate limiting based on event name when reporting to mixpanel
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-04 13:17:17 -07:00
Cameron Diver
8bd895d24f
refactor: Use Dictionary<T> type in ports module
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-03 09:39:07 -07:00
Cameron Diver
328b07a092
fix: Respect logging enabling on instantiation of logger
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-03 09:39:07 -07:00
Cameron Diver
d3a18da573
Refactor: Convert logging module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-03 09:39:06 -07:00
Cameron Diver
99c807a48c
Refactor: Make exported log-types implement interface
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-03 09:36:21 -07:00
Cameron Diver
8ee26adbbe
Refactor: Convert event tracker module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-09-03 09:36:21 -07:00
Cameron Diver
16e102b3ba
fix: Dont bind service class methods in declaration
This was causing a bug where the applications were cloned when
restarting all of them. These clones did not carry over the binds, so
when starting the containers back up, two different versions of `this`
were being used.

Change-type: patch
Closes: #736
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-29 15:32:03 -07:00
Cameron Diver
0a93b9c18a
feature(host_config): Support gpio field as an array
Change-type: minor
Closes: #734
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-29 08:58:05 -07:00
Cameron Diver
ae446c01b2
ux: Warn on invalid device name when trying to start a service
Device names with newlines cause reboot loops, due to newlines not being
supported by docker. This PR will warn when a device name contains a
newline.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-16 21:52:49 +01:00
Cameron Diver
f7240ccce1
fix: Fix importing of service type location
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-16 16:38:43 +01:00
Cameron Diver
3a4f1594e0
Refactor: Add docker-utils typings
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-16 15:35:31 +01:00
Cameron Diver
b504306f28
Refactor: Convert log-types module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-16 15:35:30 +01:00
Cameron Diver
b7d991b98e
fix: Apply device name before generating container config
Currently the service has the device name applied after the docker
config is generated. This means that is has no effect until the next
restart.

This commit ensures that the device name is applied before the docker
config is generated, meaning that the env var gets applied to the
upcoming container.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-13 10:02:53 +01:00
Cameron Diver
430e45d6fb
Fix: Restart a service when it's memory limit changes
Change-type: patch
Closes: #720
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-08-07 13:15:37 +01:00
Pagan Gazzard
c6b77954a7 Add a backoff mechanism for state reporting errors
Change-type: patch
Signed-off-by: Pagan Gazzard <page@resin.io>
2018-08-01 11:56:55 -07:00
Cameron Diver
7ea48683be
Fix: Fix scoping issue with variables in service-manager
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-25 15:45:18 +01:00
Cameron Diver
f7958e6c6b
Dont restart service on device name change
Change-type: patch
Closes: #659
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-25 10:45:05 +01:00
Petros Angelatos
bba1da370b
logger: Remove pubnub leftovers
Change-type: minor
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
2018-07-18 12:31:10 -07:00
Petros Angelatos
6766c23bd9
logger: Only send logs produced after attaching
The previous approach had the bad side effect of resending tons of logs
in the case of a supervisor restart.

The approach can be improved by storing the last timestamp per container
and re-attaching at the correct point.

Change-type: minor
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
2018-07-18 12:31:06 -07:00
Petros Angelatos
0d812c272c
logger: Use the new logging backend
Change-type: minor
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
2018-07-18 12:30:59 -07:00
Cameron Diver
1604fdf276
Allow the enabling and disabling of persistent logging via env var
Closes: #698
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-17 19:43:54 +01:00
Cameron Diver
0e29e5f6f7
Refactor config code to be consistent in location
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-16 17:48:03 +01:00
Cameron Diver
c61b16655e
Remove resinApiEndpoint meta-endpoint and use config.json entry instead
The resinApiEndpoint config option existed for legacy reasons, where the
apiEndpoint was passed in via env vars, but this is no longer the case,
and the current supervisor wouldn't run on these older versions of
resinOS anymore anyway, so I've removed the references to this legacy
endpoint, as it made reasoning about offline mode weird.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-12 13:33:57 +01:00
Cameron Diver
9259f231f8
Correctly apply current commit value to applications
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-12 12:42:22 +01:00
Cameron Diver
8abfd05718
Fix typo in config method call
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-07-09 11:09:42 +01:00
Cameron Diver
080fdd3774
Bind db handle to fn variable
During the conversion to typescript, the behaviour of the database
handle changed slightly, meaning storing a reference to the models
function also requires a bind to be applied too.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-28 14:25:06 +01:00
Cameron Diver
39d8ac0133
Change config function providers to be mutable
Also change logsChannelSecret value to be queried with the api backend,
so that logs are not shared between instances. This has been implemented
as the first config function provider with mutability.

Change-type: minor
Closes: #675
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-26 14:02:25 +01:00
Cameron Diver
380d40f9f8
Fix /v1/device endpoint returning null for commit after an update
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:48 +01:00
Cameron Diver
cf85ae524b
Add applications state v2 endpoint
Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:48 +01:00
Cameron Diver
049398eec0
Move compose types to ./types and add partial definitions for compose modules
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:47 +01:00
Cameron Diver
6ca2701b85
Move v2 endpoints to separate module
Change-type: patch
Connects-to: #640
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:47 +01:00
Cameron Diver
981c7323ed
Refactor v1 api into seperate modules
Change-type: patch
Connects-to: #640
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 17:32:47 +01:00
Cameron Diver
bb8be44429
Reuse PortRange object in PortMap class, and other cleanup
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 09:46:07 +01:00
Cameron Diver
5b8068794e
Add fromDockerOpts and normalization to PortMap class, and use in fromContainer
This function takes the docker output representing ports, and generates
the port map values from them. This means that services can accurately
be compared and next steps can be inferred.

The normalization function ensures that regardless of source, PortMaps
that represent the same port setup will be represented correctly
internally.

Change-type: patch
Closes: #644
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-25 09:46:07 +01:00
Cameron Diver
7b77e45f69
Store port ranges as ranges, to reduce memory usage
Before this change, port ranges were iterated and stored as an object
per port mapping. Now the port ranges are stored as ranges until they
need to be converted to objects. The need to convert to objects still
exists as this is the format which the docker remote API expects, but
hopefully this should alleviate bugs like #644 by making the memory more
shorter-lived.

Also added more tests.

Change-type: patch
Closes: #644
Signed-of-by: Cameron Diver <cameron@resin.io>
2018-06-25 09:46:01 +01:00
Cameron Diver
809bc87b88
Convert config module to typescript
Extract config.json handling code out to separate modules too.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-18 13:41:18 +01:00
Cameron Diver
d656fbb1f5
Convert fs-utils module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-18 13:39:08 +01:00
Cameron Diver
c9904d8b5d
Convert os-release module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-18 13:39:08 +01:00
Cameron Diver
c5acb2f66d
Convert supervisor_version module to typescript, and add typings for json
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-18 13:39:08 +01:00
Cameron Diver
1b0fd82f51
Convert db module to typescript
Also had to change config module to bind `.this` value, due to
differences in setup.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-18 13:39:08 +01:00
Cameron Diver
3c9e3bba42
Show better UX when a delta download fails because the image is processing
Change-type: patch
Closes: #679
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-14 09:51:42 +01:00
Cameron Diver
31c6db2ccd
Upgrade TypedError and move docker-utils error to error module
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-13 16:55:34 +01:00
Cameron Diver
089f31cb5d
Pin a device to a commit when preload has a pinDevice field
Change-type: minor
Closes: #668
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-11 20:27:16 +01:00
Cameron Diver
0eb8b25b64
Fix typo in EEXIST error predicate
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-11 13:47:24 +01:00
Cameron Diver
5622ddce94
Convert iptables module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-11 10:20:17 +01:00
Cameron Diver
352a5684b3
Convert errors module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-06 21:24:08 +01:00
Cameron Diver
fa1d3da438
Use ES6 interpolation for string operations 2018-06-06 14:50:21 +01:00
Cameron Diver
51b5cff7b0
Rename ExtLinuxFile interface to match the codebase 2018-06-06 14:50:21 +01:00
Cameron Diver
1e48d02781
Move config backend code out to classes which implement a common base
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-06 14:50:21 +01:00
Cameron Diver
89627a3392
Add support for extlinux configuration files
Currently the only supported variable is RESIN_HOST_EXTLINUX_isolcpus

Change-type: minor
Closes: #671
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-05 17:00:45 +01:00
Cameron Diver
dc59c83409
Move boot config related code to config-utils module
This commit abstracts all of the boot config code out of the
device-config module, ready to extend with different config backends.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-05 17:00:45 +01:00
Cameron Diver
2b9d82e731
Add types for fs-utils module
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-06-05 14:27:27 +01:00
Akis Kesoglou
8479801674 Add support for Balena deltas
Resin’s delta server supports Balena deltas as version 3 deltas. This commit adds support for triggering delta generation for Balena deltas, and applying them locally to the device via a simple pull.

The delta version to use when updating has been abstracted away as an env var that is user-defined. The default value is still instructing use of rsync deltas (v2).

Change-Type: minor
2018-05-23 20:59:56 +03:00
Akis Kesoglou
56ecd845f7 Log delta debugging information
Change-Type: minor
2018-05-23 20:59:56 +03:00
Cameron Diver
bc37ee56e4
Check against application source for target applications
The supervisor will now check that a source of an application matches
the current source, and only start it if so.

Change-type: patch
Closes: #658
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-22 12:11:57 +01:00
Cameron Diver
343989f487
Add migration for source field to be added to app table
This field will represent the apiEndpoint that the application came
from, (or an empty string for local apps). This means that when
configuring an application to work on a different environment, as long
as the endpoint is different, the supervisor can know not to start the
old application.

Change-type: minor
Connects-to: #658
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-22 12:11:54 +01:00
Cameron Diver
bea0b00804
Ignore leading and trailing whitespace when parsing env vars
Change-type: patch
Closes: #644
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-22 11:32:31 +01:00
Cameron Diver
ea8e8d2f5f
Don't generate config fields in offline mode
Change-type: patch
Closes: #648
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-21 14:45:32 +01:00
Pablo Carranza Velez
3a815aa972 Add support for changing config.txt on balena fin devices
Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-05-18 10:19:28 -07:00
Cameron Diver
73b19a320f
Change intialConfigReported value to be an api endpoint
This api endpoint is the endpoint which the intial config was reported.
Also changed the code to detect if the api endpoint has changed, and
therefore whether we need to re-report the initial config, to avoid
losing hardware specific information.

Change-type: minor
Closes: #649
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-16 14:18:03 +01:00
Cameron Diver
96d7bbefd0
Fix handling of systemd errors when polling for log to display
Change-type: patch
Closes: #610
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-08 15:12:13 +01:00
Cameron Diver
9150c3fdbc
Convert conversions module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-02 09:36:21 +01:00
Cameron Diver
367e90d6e4
Move shared types to separate module
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-02 09:36:21 +01:00
Cameron Diver
273224547c
Convert blink module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-02 09:36:21 +01:00
Cameron Diver
c1fbc2dc21
Convert lib/constants module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-02 09:36:21 +01:00
Cameron Diver
67b9ec6ca7
Type parameters for validation functions better
They can now be string | null | undefined.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-05-02 09:36:21 +01:00
Pablo Carranza Velez
652b596c80 Add some more unit tests to the multicontainer supervisor
We add a bunch of additional unit tests, and also a coverage report using istanbul.

The tests are not meant to cover everything, but they're a first attempt at having *some* unit testing
on the supervisor. There's much to improve but hopefully it helps catch obvious errors.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-04-30 19:39:01 -07:00
Cameron Diver
ddbf3418de
Remove trailing slashes from working directories of services
This is to combat when a working directory is in the compose file for a
service with a trailing slash. Docker will strip this slash and that
means service comparisons will fail going forward - even if they are the
same.

Change-type: patch
Closes: #635
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-04-27 18:03:36 +01:00
Cameron Diver
cfddbf65e4
Start initial typescript conversion, and add validation debugging
Add webpack config and dependencies to have typescript built, and also
convert src/lib/validation.coffee to typescript.

In this conversion I also added a lot of debugging which should help the
upcoming local mode development.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-04-27 16:09:50 +01:00
Pablo Carranza Velez
6c4eaff02f On startup, only attach to logs for running containers, and remove any containers marked as dead
Closes #611
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-04-19 15:04:04 -07:00
Akis Kesoglou
1cde9dd16d Properly propagate delta failure
Change-Type: patch
Closes: #627
2018-04-18 18:34:42 +03:00
Pablo Carranza Velez
015d33f8f5 Allow services (and their images) to expose udp ports besides tcp
Closes #621
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-04-11 15:13:48 -07:00
Cameron Diver
1c27ebc354
Fix parsing of non-unit memory numbers and add tests
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-04-04 14:03:24 +01:00
Cameron Diver
7d233ea111
Fix regex for parsing memory numbers
It now allows a trailing `b`, as the docker-compose docs specify.

In addition the regex now specifies a case-insensitive flag, to catch
both upper and lower case memory numbers (the rest of the function
supported these already).

Change-type: patch
Closes: #603
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-04-04 11:25:37 +01:00
Cameron Diver
393671505c
Respond to reboot and shutdown endpoints with a success object
Change-type: patch
Closes: #607
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-03-29 13:11:02 +01:00
Pablo Carranza Velez
72a5f03b0c
Back off fetching the target state exponentially, for faster retries when there's no connectivity
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-29 10:20:52 +01:00
Cameron Diver
e458c4103c
Handle incorrectly parsed env vars from docker inspect
Change-type: patch
Closes: #604
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-03-26 16:56:06 +01:00
Pablo Carranza Velez
348ff66cee
Replace the gosuper component with a node module that handles communication with systemd, and stop using an init system in the supervisor container
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-22 15:55:15 +00:00
Pablo Carranza Velez
c8d79c3b7d Remove any leftover knex migrations locks before running migrations
Closes #598
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-21 18:20:15 -03:00
Pablo Carranza Velez
d46d6513b5 Trim whitespace from the hostname file on the host before passing it as the hostname for containers with host network
Closes #594
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-19 17:19:59 -03:00
Pablo Carranza Velez
e1e33b376e Force reboots and shutdowns if lock override is enabled
Closes #440
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-19 16:30:59 -03:00
Pablo Carranza Velez
91ac11d0e8 In /v1/apps/:appId/stop, wait for the service to exit before responding
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-16 15:13:15 -03:00
Pablo Carranza Velez
5d7e8afcee Avoid trying to clean up the supervisor image if it has several tags (even though it would never succeed)
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-14 22:38:52 -03:00
Pablo Carranza Velez
75ce55e932 Fix typo passing apiKey to the resin API client when exchanging apikeys
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-14 21:50:31 -03:00
Pablo Carranza Velez
7e342e9d80 Fix the check for whether the device is provisioned by correctly getting registered_at and deviceId from config.json into the ApiBinder
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-14 21:50:31 -03:00
Pablo Carranza Velez
08a98f47e4 compose: Use the hostname on the host as default hostname for services with host network mode
Otherwise if the hostname on the supervisor container differs from the hostname on the host, the current and target
services will never match.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-14 21:18:11 -03:00
Pablo Carranza Velez
557b6a8d07 Pass the correct working_dir to the container config, and compare containers for working dir changes
We were getting the correct working dir from the compose or image config, but not really using it.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-14 15:41:19 -03:00
Pablo Carranza Velez
1febdc9eb0 DeviceConfig: avoid trying to enable or disable the VPN when in offline mode
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-14 10:15:07 +02:00
Pablo Carranza Velez
0101d62ace ApplicationManager: try to match available images by imageId to avoid keeping around unused image entries in the db
This should fix an issue where, on an update that only changes container metadata, the image install for the old image
is kept around on the API.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-13 18:45:26 -03:00
Pablo Carranza Velez
4ba4736aba compose: Emit a change event when a container is renamed, so that the updated imageId and releaseId are reported
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-13 18:45:26 -03:00
Pablo Carranza Velez
de654ec60e Skip taking the lock when updating the releaseId or imageId for a service that comes from a legacy supervisor
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-13 18:00:07 -03:00
Pablo Carranza Velez
9dfb76d2c8 When migrating from legacy supervisors, mark the temporary composition as legacy
We migrate to a default composition because we need to avoid deleting existing docker images, but
we need to use the legacy-container label to avoid potentially creating a duplicated container when a target state comes in.

(Just like we do for preloaded apps)

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-13 08:17:25 -07:00
Pablo Carranza Velez
f76aacc7fb Avoid trying to send a response to API calls after we've already sent an error
In some cases we were using early `return res.status(...).send(...)` to send 400 errors
but this happened inside a promise chain that later sent another status and response.

We fix this with the correct indentation of the success response so that an early return doesn't fall there.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-09 14:48:34 -08:00
Pablo Carranza Velez
79b4d39acd Fix passing a target service to start in /v1/apps/:appId/start, and getting the containerId
We weren't passing a "target" to serviceAction, which made the start action fail.
Plus we need to get the container again after starting to get the latest containerId.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-09 14:41:19 -08:00
Pablo Carranza Velez
f009e34293 migrations: Use the correct service name for legacy apps
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-09 06:54:16 -08:00
Pablo Carranza Velez
b6631b7367 ApplicationManager: only use dockerImageId to identify images for current apps, to avoid trying to delete an image that is in use
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-09 06:54:16 -08:00
Cameron Diver
d27c529ebe
Fix bug in require for migrations for legacy preload
Change-type: patch
Connects-to: #573
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-03-09 14:10:11 +00:00
Petros Angelatos
4ba020a784
compose: fix type error, createVolume returns a promise
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
Change-type: patch
2018-03-09 00:00:44 -08:00
Petros Angelatos
7d03de51f6
lib: add missing flag to openAsync()
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
Change-type: patch
2018-03-08 14:59:07 -08:00
Petros Angelatos
4b83a08512
compose: fix volume migration code
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
Change-type: patch
2018-03-08 14:15:50 -08:00
Cameron Diver
a150dbf329
Convert object to array when normalising legacy target apps
Change-type: patch
Connects-to: #567
Signed-off-by: Cameron Diver <cameron@resin.io>
2018-03-08 15:48:03 +00:00
Petros Angelatos
cda561f997 Introduce workaround for IPv6 DNS resolution until nodejs becomes RFC 3484 compliant
Change-Type: patch
2018-03-07 07:01:43 -08:00
Pablo Carranza Velez
1b043230a5 Send logs to the resin API by default
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 21:10:04 -08:00
Pablo Carranza Velez
15da221382 Implement a new logger that sends logs to the resin API, that can be used optionally instead of PubNub
Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 21:09:06 -08:00
Pablo Carranza Velez
16f12920c1 Fix the way commands and entrypoints in string form are parsed
Turns out shell-quote's parse function also replaces environment variables, which we don't want in this case. So we escape dollar signs
before calling shell-quote's parse function.

Also shell-quote takes some characters like `>` and globs and returns an object - so we return those objects to string form.

This should still be simpler/better than writing our own shlex.split, I hope...

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
dc62418db4 Some fixes in current state reporting, error handling for "container not found", plus more style improvements
Also, ensure the properties argument to eventTracker.track is an object

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
bb57bcc37c Fix default volume name in migrations, and do not use the legacy-container flag on containers from older supervisors (they'll be restarted anyways)
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
58fede2976 Only report initial config variables when they're different from the default
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
58b167b43d Various bugfixes and sytlistic improvements
* Use the correct defaults for the delta config variables that have them

* Only mount /lib/firmware and /lib/modules if they exist on the host

* hardcode-migrations.js: Nicer line separation

* APIBinder: switch to using a header for authentication, and keep credentials saved in the API clients

* Fix hrtime measurements in milliseconds

* Do not uses classes for routers

* compose: properly initialize networkMode to the first entry in networks if there is one

* Fix some details regarding defaults in validation and service

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
ec22bfcb29 Support for several compose features
Plus a few bugfixes.

* Add support for cgroup_parent

* Add support for specifying a single value in tmpfs

* Fix support for extra_hosts

* Add support for group_add

* Add support for pid mode (only host and empty value are supported for now)

* Add support for pids_limit

* Add support for security_opt

* Add support for storage_opt

* Add support for userns_mode

* Add support for ipc (except for another container's)

* Add support for mac_address

* Add support for oom_kill_disable

* Add support for 'user' compose option

* Add support for working_dir and fix support for user when image specifies it

* Add support for bind-mounting the balena socket using a label

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
38c3a8bdf3 Avoid starting services that exit repeatedly
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
ba829412e1 Various bugfixes
* Get imageId when normalising a dep. app from the DB

* Fix the appId in migrations when updating the supervisor

* Use the update lock to update a service's metadata

* Restart clears volatile target state

* Fix function definition for updateMetadata

* Improve backwards compatibility of /v1/apps/:appId endpoint

* Fix multicontainer deltas to work with resumable-request 2.0

* Fix dependent target normalisation logic

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Lucian Buzzo
da2359e224 Fix API payload when provisioning a dependent device 2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
7ed27ea203 Some fixes on migrations, dependent devices and deltas
* Switch default dependent device type to generic

* Reduce noise in logs

* Limit to 3 simultaneous delta downloads

* Better check for deltaSource

* When checking volume dependencies, do not compare regular (non-named) volumes

* Store imageId for dependent apps, and don't report dependent images with invalid imageIds

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
e43c9052dd Improve backwards-compatible response of GET /v1/device
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
3fd52bb0c7 Simplify the update logic by making fetch and kill (the only long-running actions) happen in the background, and always waiting for all actions before continuing
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:29 -08:00
Pablo Carranza Velez
c0ac2c21a4 Do not override stop_grace_period
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
ef849f8d82 When exiting, try to clean up any taken update locks
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
2ed3c832ac Do a regular pull instead of delta from scratch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
484a688dbd Pause updates while purging or restarting apps, and ensure an applyTarget is triggered after the actions run
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
82d5a16c8c Add change events when services exit and restart, and add stop-service and start-service endpoints
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
8548222a00 Several bugfixes:
* Ensure commit is only reported when update has finished

* Change default delay between actions to 100ms

* Fix envArrayToObject for cases where the env var has an equal sign

* Use shell-quote to properly parse string command and entrypoint

* Fix preloading with a legacy apps.json

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
0a6d948bd2 Some fixes on image management and tagging
* Fix deleting unneeded image tags

* Fix inspectByName to work with tags besides digests when the image isn't really tagged

* Tag deltas that should have tags, and fix cleanup of dangling images

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
2809d3c2ca Avoid failed updates causing several instances of applyTarget
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
554d4789ff Add support for all possible port definitions in services
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
cba3a8e5fe Make v1 restart and purge work for multicontainer apps too
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
2b223f55fa Fix image comparison when running intermediate targets with depends_on
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
8956fc1e5a Actually send the hostname as part of container config
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
534f7d13cb Fix local mode and the host-config endpoint
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
cee8aae850 When in local mode, stop all services and ignore images
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
5ec8e57aa0 Implement v2 API endpoints to restart and purge apps, and restart a service
This also changes the deviceState object to use promises instead of timeouts to schedule
applying the target state.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
f653fa4961 Add support for service hostname
Plus several small bug fixes:

* Allow target states with apps with no release

* Fix lock override and a TypeError in compareServicesForUpdate

* Lowercase service names when doing migrations and legacy preload

* Fix deltas from scratch

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
839ebf8688 Fix preloaded apps and support legacy preloading, and fix some details in the default service when migrating
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
ac3e31edfb Support the legacy RESIN_OVERRIDE_LOCK
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
60f0cd2fcb Change all labels to use hyphens instead of underscores, and fix some instances of using split instead of a regex
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
3a710506a6 Switch to a new image management system keeping the docker image ID in the database, allowing deltas and proper comparison for images that have a digest.
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
d84bcf0fb4 When applying host config values like dtoverlay and dtparam, take values not starting with double quotes as single entries instead of arrays to parse
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
918372b569 Some bugfixes and style improvements
* Fix validation of 0, fix ulimits, don't compare mem_limit or mem_reservation until OS supports them

* Remove all instances of _.forEach

* ApplicationManager: have separate compareNetworksForUpdate and compareVolumesForUpdate

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
25695aade5 Add support for init, mem_reservation, shm_size, read_only and sysctls.
Also several bugfixes:

* Fix VPN control, logging in deviceConfig, and action executors in proxyvisor

* Fix bug in calculation of dependencies due to fields still using snake_case

* Fix snake_case in a migration, and remove unused lib/migration.coffee

* In healthcheck, count deviceState as healthy when a fetch is in progress (as in the non-multicontainer supervisor)

* Set always as default restart policy

* Fix healthcheck, stop_grace_period and mem_limit

* Lint and reduce some cyclomatic complexities

* Namespace volumes and networks by appId, switch default network name to 'default', fix dependencies in networks and volumes, fix duplicated kill steps, fix fat arrow on provisioning

* Check that supervisor network is okay every time we're applying target state

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
739fe13cad Use a supervisor0 network interface for the supervisor network API. Remove RESIN_APP_COMMIT and RESIN_APP_RELEASE env vars.
Also add support for several networks per container (but with no configuration yet).
Also some bugfixes and implement healthcheck and not disabling VPN on startup.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
b003f48d7b Switch to using knex migrations to set up the database, and change the database format to use integers for ids instead of strings.
Also includes various improvements and bugfixes to services and the migration from legacy /data to volumes.

The switch ti migrations involves a dirty hack for webpack to properly resolve the paths to the migrations js files - it uses an expression
that webpack can't resolve, so we hardcode it to a value and use the ContextReplacementPlugin to make that value resolve to the migrations folder.

The downsides to this approach are:
- a change in knex code would break this
- the migration code is added twice to the supervisor image: once in the migrations folder (because knex needs to loop through the directory to find the files),
and once inside app.js (because I can't make webpack treat them as external)

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
7c98a9d058 Supervisor API: remove the tcp-ping endpoints
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
7d8a208a06 ApplicationManager: Avoid deadlocks by killing services once its dependencies have been downloaded, and killing services with handover when it is absolutely necessary
Two cases could've caused deadlocks:
1) Two services use a volume, and one service depends on the other. The volume config changes, but we can't update the volume because we need to kill
both services, and yet we can't kill the dependent service because its dependency isn't ready either.
2) A service with handover strategy uses a volume. The volume config changes. We can't update the volume because the running service is using it, and we can't
start the handover because it depends on the volume being ready. So we need to kill the service to update the volume config.

(Same for networks as with volumes)

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
0d27658a87 Various improvements and fixes to how compositions are handled
Change the way we get the network gateway to set up the supervisor API address.

Added support for cap_add, cap_drop and devices.

Some fixes like missing fat arrows and removing leftover code.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
5f651c71f7 app.coffee: Switch to the multicontainer supervisor, add missing dependencies, and remove all files that are not used anymore
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
14d2bc3f39 APIBinder: implement a module to handle all interactions with the Resin API
This module provisions the device and takes care of getting the target state from the API, calling deviceState to apply it.
It also reports the current state of the device back to the API.

An important change is that the initial values of the device configuration (e.g. config.txt) are reported to the API, creating new config
variables if no values exist for a particular key. This will allow better management of config.txt by giving visibility to the initial configuration.

Changelog-Entry: Remove support for keeping the provisioning apiKey on Resin OS 1.X. Report initial values from config.txt and other device configuration variables to the Resin API.
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
bc191ee86c Proxyvisor: implement the Proxyvisor for the multicontainer supervisor
This will be quickly replaced by a newer version with a different API, but for now we needed to maintain backwards compatibility (see #508).

This proxyvisor handles dependent apps and devices with a multicontainer parent app.
It also switches to the new update mechanism by inferring and applying updates step by step.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:28 -08:00
Pablo Carranza Velez
195697a7e1 compose: implement the models that make up multicontainer applications
This commit adds models to manage services, images, volumes and networks.

The main model for this is ServiceManager, which manages the collection of services on the device. It has functions to query what services are running, and to perform actions like starting, killing or performing handovers.

The Service model allows defining the transformations between a container and its service representation, and includes the functions to compare a running service with a target to determine if an update needs to happen.
This model includes the relevant compose file entries for a service that are supported. Bind mounts are disallowed except for the ones that relate to supervisor features, and persistent data is now stored in named volumes.

The Images model allows fetching and removing images, and includes functionality to determine images that have to be cleaned up - now only dangling and old supervisor images are cleaned up automatically, and ApplicationManager
will remove images that correspond to old services that are no longer needed.

The Networks and Volumes models allow managing named networks and volumes that are part of composed applications.

Changelog-Entry: Remove all bind mounts that were specific to 1.X devices. Move the resin-kill-me file for the handover strategy to /tmp/resin. Add environment variables for the location of resin-kill-me and the lockfile. Use running containers to determine what services are running instead of storing them in the internal database. Use named volumes for persistent data.
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
be5623cbf1 DockerUtils: implement the docker utilities library as a class
This commit implements what we used to have in docker-utils.coffee now making use of coffeescript classes.

We remove the cleanup function as this is now handled directly by the ApplicationManager.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
dac153eb8c updateLock: implement a module for a file-based update lock
This update lock library allows an application to take a lockfile in several locations (subdirectories inside a base folder). The user of this library must be able
to exclusively create a lockfile in each of the corresponding locations, and if any of the files exist, the locking fails.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
cb37f7ebcc ApplicationManager: implement a module to run multicontainer applications
This module takes care of inferring and applying the steps to run multicontainer applications. It will have a Proxyvisor to handle dependent apps and
devices. It understands the relationship between services, networks and volumes to infer the steps in the correct order, also taking update strategies into account.

Changelog-Entry: Allow running docker-compose-like multicontainer applications
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
d3e98eab11 DeviceConfig: implement a module to manage device configuration, including config.txt
This model allows modifying config.txt on raspberry pi devices, as well as logging to display, bandwidth control variables and other supervisor
configuration settings. Configuration values are read from the underlying OS and the supervisor configuration where appropriate (i.e. the Config object), instead of storing the current state
in the database. This means that the supervisor will always use the real values to determine if changes have to be made.

This fixes several issues with config.txt, as the current values are now read from the file, and can be reported on the supervisor's first run (which will be implemented in APIBinder).

It also now treats dtoverlay and dtparam values as a JSON array without the enclosing brackets, for instance:

```
RESIN_HOST_CONFIG_dtparam="audio=on","spi=on"
```

Will produce the following lines in config.txt:

```
dtparam=audio=on
dtparam=spi=on
```

Changelog-Entry: Implement inference of device configuration. Allow array values for dtoverlay and dtparam.
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
2953b745ce Logger: implement a module that handles all logging to pubnub
This module can also send logs for dependent devices (by passing a specific channel to the "log" function).

The log types are also moved to a separate module to be used by modules that perform logging.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
93832d6540 network: implement a module to get IP addresses and check network connectivity
This module now uses the native node `os.networkInterfaces()` to retrieve the addresses,
instead of the gosuper endpoint.

We also add the very simple "blink" library that is also used by the Supervisor API.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
f77d3e1563 DeviceState: implement a module to manage the device's target and current state
This module will take care of applying the target state for the device and reporting its current state.
The state itself is handled by two other modules, ApplicationManager and DeviceConfig. The former will take care of running applications (including the dependent ones
via its Proxyvisor), and the latter will take care of device configuration like config.txt and supervisor configuration variables.

The way state is applied differs radically from the previous approach: the old application.coffee had a big `update` function that took all of the steps from fetching the target state
to running the containers. DeviceState, instead, does an iterative process through `triggerApplyTarget` of inferring the next steps to perform towards the target state, by looking at the current state and asking the ApplicationManager and DeviceConfig for
the next steps. It then applies the next steps and every time a step is completed, it schedules another round of inferring and applying the next steps.

Special care is taken to ensure `applyTarget` is not called simultaneously more than once.

This commit also adds a "device" module to handle reboot and shutdown, and moves gosuper calls to a separate module.

The module also uses a "network" module to manage network-related parts of the device's current state: IP addresses and the connectivity check.

The module implements a "normaliseLegacy" function that allows a migration from the models from older versions of the supervisor to the multicontainer models,
so that in case of a supervisor update we can have minimal downtime and bandwidth consumption when updating to the multicontainer supervisor - this migration allows
us to avoid cleaning up images, and also allows migrating the contents of the old /data for the app.

Changelog-Entry: Infer the current state of the device when applying the target state
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
0dc9fea4d3 DB, Config: Implement modules to interact with the sqlite DB and to manage configuration
These modules allow managing the models in the sqlite database and the configuration for the supervisor.

The database will now have a schema version, and the supervisor will normalize any legacy data when migrating
from an older schema (i.e. when doing a supervisor update). This will make model changes cleaner.
If a migration is needed, the DB initialization will return "true" and store the legacy data in a legacyData table. Once the supervisor finishes migrating the data,
it calls `db.finishMigration` to mark the migration complete and clear the legacyData table.

Changes in the models:
* The database implements the tables for multicontainer applications that now have services, networks and volumes as in a docker compose file.
* Dependent apps and devices now have separate tables to store their target states.
* The deviceConfig table now only stores target values, as the current ones will be inferred from the state of the device.
* We keep a table for images as we have no way to label them in docker storage, so we need to keep our own track of what images are relevant for the supervisor.

The Config object allows transparent management of configuration values, mainly through `get`, `getMany` and `set` functions. The values can be stored in config.json or
the database, and this is managed with a schema definition that also defines whether values are mutable and whether they have default values.

Some configuration values are of the "func" type, which means that instead of corresponding to a config.json or database key, they result from a helper function
that aggregates other configuration values or gets the value from other sources, like OS version and supervisor version.

Writes to config.json are atomic if a path to the file via /mnt/root can be found. We keep a write-through cache of the file to avoid unnecessary IO.

Changelog-Entry: Implement the multicontainer app models, and change the supervisor configuration management to avoid duplication between fields in config.json and fields in the internal database
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
23f81c28f5 EventTracker: add a module to track mixpanel events
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
60a4cccfd2 Supervisor: Implement a Supervisor class with a SupervisorAPI
This will be the top level object in the multicontainer supervisor, using the following objects
to perform its duties:

* A DB object to manage the sqlite database models
* A Config object to manage configuration in sqlite and config.json
* An EventTracker to track events and send them to mixpanel
* A DeviceState object to manage the device state, including containers, device configuration and dependent devices
* An APIBinder object to manage all interactions with the Resin API
* The SupervisorAPI, implemented here, which exposes functionality from the other objects over an HTTP API with apikey authentication.

We also include an iptables module that the SupervisorAPI will use to only allow traffic from certain interfaces.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-03-06 10:32:27 -08:00
Pablo Carranza Velez
f2d5a59727 Allow truthy values for deltas and lock override (i.e. the string 'true' besides '1')
We had previously done this for all the other configuration variables, but for some reason we had missed these two.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-02-27 09:27:45 -08:00
Akis Kesoglou
dc69917b5a Update resumable-request to v2.0
Turned out that disk I/O can be the bottleneck when applying deltas on some devices. When the disk can’t keep up and consume the downloaded delta, there’s memory bloat due to buffering.

The updated version provides far better reliability when the device is under load and pretty much constant memory consumption with any number of concurrent deltas.

Change-Type: patch
2018-02-05 10:59:56 +02:00
Pablo Carranza Velez
cff789ebfa Implement an API for proxy and hostname configuration, and centralize management of config.json
Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-01-17 14:05:40 -03:00
Pablo Carranza Velez
968d3ce1e3 Fix saving deviceApiKey to the DB (to fix the RESIN_API_KEY env var) when updating from some older supervisors
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-01-12 11:53:54 -03:00
Pablo Carranza Velez
8fac5c0e32 Avoid problems with null app names or invalid container names when migrating from old supervisors
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2018-01-05 11:10:41 -03:00
Pablo Carranza Velez
4b96ccbcc2 Avoid marking the supervisor as unhealthy if update is not happening because it's in offline mode
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-11 11:03:04 -08:00
Pablo Carranza Velez
54264e1b60 Measure time spent pulling images and substract it when considering the time between update cycles in the healthcheck
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-11 00:11:56 -08:00
Pablo Carranza Velez
9b4f912c7c Use the correct interface to compare times using process.hrtime to calculate time since last update cycle
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-11 00:11:56 -08:00
Pablo Carranza Velez
8484949a28 Fix config value for appUpdatePollInterval, and allow marking gosuper as healthy again after a failure
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-11 00:11:56 -08:00
Pablo Carranza Velez
95bbe6ea49 Add a /v1/healthy endpoint that fails if the supervisor is unhealthy, and a HEALTHCHECK command to the Dockerfile that uses it
We add an endpoint to the supervisor API that checks the following conditions to determine whether the supervisor is healthy:
* That the update cycle has run fully, in a time that's less than twice the poll interval. Unless we're downloading an image, in which case
we assume it's healthy (otherwise we'd get into the issue of determining a reasonable timeout for the image download, which is already done in a configurable way with delta options and the like).
* That the current state report to the Resin API hasn't failed more than 3 times. Unless the device has no connectivity, or the connectivity check is disabled, in which case we don't know
if the report failed simply because there's no network.
* That the gosuper component is working (since we periodically hit its API to get the IP addresses, we mark it as not working if this API call fails).

We need this endpoint to be unauthenticated for the docker daemon to be able to hit it (though, as the rest of the API, it is protected with iptables rules).

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-11 00:11:56 -08:00
Pablo Carranza Velez
f65822ba94 Use for own instead of _.forEach
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 21:52:03 -08:00
Pablo Carranza Velez
5a0042c33d Apply config.txt changes when the new config is empty, to fix deleting config.txt values
I realized we're not deleting config.txt entries because the function checked for the values to apply
not to be empty, instead of just checking if the *changes* are empty.

So this closes #450

(Still not a complete solution to config.txt issues, which will come with the multicontainer PR, but at least it's a step forward)

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 19:09:10 -08:00
Pablo Carranza Velez
e0d1d89419 Filter deviceConfig values that will be stored as current values to only include relevant keys
Otherwise, devices where we update from legacy supervisors might have other keys, like RESIN_SUPERVISOR_DELTA, stored in deviceConfig.values,
causing `_.isEqual(values, targetValues)` to always return false.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 18:54:08 -08:00
Pablo Carranza Velez
c05474b1a9 Always execute special actions if the value stored in memory doesn't match the target. And when storing target values, only store relevant ones
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 18:48:30 -08:00
Pablo Carranza Velez
8fc1a0935b Avoid stopping the VPN until a remote target state has been fetched, and retry applying config variables when they fail
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-08 00:16:34 -08:00
Pablo Carranza Velez
21a9bb4e82 When listenPort is not specified, use 48484 as default
Should only be relevant in really old OS versions, but still this is the correct default.

Fixes #439

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-23 14:08:32 -08:00
Pablo Carranza Velez
51d6ab01c9 Avoid an indefinite recursion that grows the call stack when reporting the current state fails
We used to have a recursion based on Promises and Promise.delay, which caused the promise never to resolve
so eventually the stack would be exhausted.

This fixes it by using a simpler way to check if reporting the state is in progress and using a setImmediate to
call applyState outside of the Promise chain.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-02 15:54:09 -07:00
Pablo Carranza Velez
20d95ff024 Add whitelist-based filtering to mixpanel events
When sending events to mixpanel, we now use an explicit whitelist for the properties sent with the event, to avoid accidental leakage of any sensitive information.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-31 23:22:38 -07:00
Pablo Carranza Velez
34d37814c9 Tunnel all mixpanel events through the resin API
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-31 23:22:38 -07:00
Pablo Carranza Velez
ecf7e4206c Avoid fetching an image when it might be available or when starting an app because it might not be necessary
This change removes the behavior where we would try to fetch an app image when starting the app. This might cause an unintended
download of an app that is not really needed anymore because we're starting the app on boot and an update cycle would make this image unnecessary.
So now we try to inspect the image, and if this fails we will throw an error, causing the app to be soft-deleted and the next update cycle to properly trigger
a download of whatever image we need from the target state.

We also improve the error catching when fetching an image, to specifically catch an "image not found" error before trying to download - otherwise, any other
random error will cause us to try to download the image again, which will not be a noop if we're using deltas. If there's any other error, the correct behavior
is to throw and retry later.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-30 15:25:49 -07:00
Pablo Carranza Velez
0bc23df8c9 Refactor container cleanup to remove all spurious containers
We change the way container cleanup works so that it compares running
app containers with the container names for the known apps. This allows
the cleanup to effectively delete any spurious/duplicated app containers.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-30 15:25:49 -07:00
Pablo Carranza Velez
bd34a19a79 Use container name instead of id to identify apps, and avoid duplicated containers
By storing the container name before creating the container, we avoid problems
if the supervisor crashes or the device reboots between creating a container and storing its id.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-30 15:25:49 -07:00
Pablo Carranza Velez
c532344dce If a device is already provisioned but the key exchange fails, retry it until it succeeds
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-27 18:40:29 -07:00
Pagan Gazzard
21712ae810 Change the update retry to back off to the standard update check interval
This means that the supervisor will be less aggressive in the case of the api experiencing issues, stopping it from compounding the issue if the api is being overloaded

Change-type: patch
2017-10-24 15:36:43 -07:00
Pablo Carranza Velez
a87c6682a2 Ensure preloaded apps are properly loaded by setting their internal markedForDeletion to false, and run apps that have it set to null
Currently preloaded apps don't run because their markedForDeletion field in the database is null. In this commit we set it to false, and we
also change the startup check to also run any apps that have markedForDeletion as null (which should now never happen, but is still good as a backup
plan in case something else fails and to avoid regressions).

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-23 17:29:41 -07:00
Pablo Carranza Velez
3f198fc6aa Improve the check for when the device has been provisioned but the supervisor doesn't have knowledge of it in its local state
This change improves the check for the DuplicateUuidError that can happen if a device has been provisioned but the API's response hasn't been persisted - the error message
returned from the API has been known to have a few variations (usually an extra dot at the end), so we now use _.startsWith instead of checking for equal strings to make the
supervisor still work under these variations.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-23 17:28:36 -07:00
Pablo Carranza Velez
d98897cdcf Ensure preloaded apps get the deviceApiKey in the env vars, and apps never get the provisioning key, and improve detection of cases when the device has been pre-provisioned
It appears preloaded apps have been getting restarted because the "apiKey" configuration value was only available after provisioning succeeded. This change ensures the
deviceApiKey that the device will use is injected into the env vars of preloaded apps, ensuring the app is not restarted (unless provisioning fails and the uuid and deviceApiKey are
regenerated, but this should be rare).

We also ensure that whenever an app's RESIN_API_KEY env var is populated, it is *always* done with the deviceApiKey and never with the provisioning apiKey.

Closes #457
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-23 17:28:17 -07:00
Akis Kesoglou
78f74d757d Delta improvements
- Updates resumable-request to 1.0.1
- Updates docker-progress to 2.0.3
- Removes `DEFAULT_DELTA_APPLY_TIMEOUT`; it’s not needed anymore, docker-delta reliably tracks rsync.
- Properly end the update when applying the delta results in an error.

Change-Type: patch
2017-10-17 10:43:12 +03:00
Pablo Carranza Velez
31d09e70e4 Explicitly define the source for deltas, allow cross-app deltas, and iterate serially through apps when updating
This commit changes the way the source for a delta is determined. We used to do
it by comparing the available tags with the one we want and relying on the format that
includes the app in the image name. Now we explicitly choose a delta source from the previous app
version if we have one, and otherwise use the image from any available app - which will allow us
to have a valid source when moving a device between apps.

For this to work consistently if there's an unexpected reboot, we now avoid deleting an app from the db
until the full update has succeeded. Instead, we mark the app for deletion so that we still have the image stored after the reboot.

This commit also changes a .map to .mapSeries when iterating over appIds for removal/install/update - this avoids parallel treatment
of apps which can cause inconsistencies in the status reported to the API.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-09-14 14:52:06 -07:00
Pablo Carranza Velez
81a6c2f344 Fix problem catching errors when killing a container that doesn't exist
We've been using `.catch Promise.OperationalError, ...` to catch errors when stopping a container and
detecting whether the error means that the container has already been stopped of removed.

Apparently, after the recent dockerode upgrade these errors are not typed as OperationalError anymore, causing error
messages like "No such container: null" when applying an update. This commit makes us catch all errors and check for their statusCode.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-09-05 20:17:43 -07:00
Pablo Carranza Velez
dbb4fd8292 Prefer err.message when reporting errors from dockerode, then err.json and err.reason
Errors from docker-modem that are passed from dockerode can have a "json" or "reason" property,
but that is generally less descriptive than the more standard "message", and can show up in the logs
as `[object Object]`. This commit changes it so that we log err.message if it is non-empty, and otherwise
look for json and reason.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-09-01 15:08:10 -07:00
Akis Kesoglou
a5980918b4 Forward resume options
Change-Type: patch
2017-08-29 00:02:26 +03:00
Akis Kesoglou
52c55a0c1b Apply a default timeout unless one is given 2017-08-09 11:55:22 +03:00
Akis Kesoglou
1412785886 Try to resume the download of a delta if it fails due to flaky network
Applying a delta update consists of two parts:

1. The request to the delta server for the delta payload (an rsync batch file, plus some prepended Docker metadata). The response is a redirect to a URL that contains the delta (currently S3).
2. The request for the actual download of the delta. The response is streamed directly to rsync, which applies it onto the mounted root filesystem of the final image.

The first step may take a while as it may trigger the generation of the delta if the request is the first one for this combination of src/dest image and the images are large. If the request times out, either because of the delta server taking too long to respond or bad network, the Supervisor automatically schedules a retry to be performed after a while.

Currently, similar behaviour applies to the second step as well -- if the request fails, we immediately bail out and the Supervisor schedules a retry of the whole process (i.e. from step 1). But in this case it means we might have downloaded and applied some or most of the delta when a socket timeout occurs causing us to start all over again, wasting time and bandwidth.

This commit splits the process into the two discreet steps and improves the behaviour on the second step. Specifically:

- makes the Supervisor try to resume the delta download request several times before it bails out and starts the process all over again.
- removes arbitrary timeout which applied over the whole process and meant some deltas would never manage to be applied (because of large delta size and low network bandwidth).
- makes sure any launched rsync processes always exit and any opened streams consumed and closed.

Most of the improvements are in the two dependencies linked below -- `resumable-request` and `node-docker-delta` -- and this commit merely combines the updated versions of these modules.

Change-Type: minor
Connects-To: #140
Depends-On: https://github.com/resin-io/node-docker-delta/pull/19
Depends-On: https://github.com/resin-io-modules/resumable-request/pull/2
2017-08-09 11:55:22 +03:00
Pablo Carranza Velez
6f87b1db18 Avoid starting apps on startup if device has to reboot due to a configuration change
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-08-02 20:07:13 -03:00
Pablo Carranza Velez
42ac7487e7 When the device is about to reboot or shutdown, close the API server and avoid applying updates
We mark when the device is rebooting and avoid some steps in the update cycle that change the device
state, similarly to when the device is in local mode, to avoid problems with non-atomic operations.
This doesn't solve *all* the potential scenarios of a reboot happening in the middle of an update, but at least
should prevent the case where we start an app container and reboot the device before saving the containerId, potentially
causing a duplicated container issue.

We also correct the API docs to reflect the 202 response when reboot or shutdown are successful.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-07-27 20:07:24 -03:00
Pablo Carranza Velez
55ad977ede Avoid unhandled errors when in offline mode due to a missing apiEndpoint
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-07-27 12:46:14 -03:00
Pablo Carranza Velez
f0344ca4be Do not persist the uuid when in offline mode, so that the supervisor tries to provision if it goes out of offline mode
We used to store the uuid which would cause the supervisor to not attempt a provisioning even if offline mode
was turned off. This was to avoid preloaded apps being reloaded constantly leaving multiple containers.

We now avoid persisting the uuid, so that when the supervisor goes out of offline mode it can provision
without the need to wipe out the db. We avoid the problem with preloaded apps by not loading them
if there's apps already stored on the db.

(In the future, apps in the db will only represent target state and we can make preloaded apps be reloaded on every
start, but for now we can't do it as long as we store the containerId on the db - deleting an app on the db
means losing track of its containerId and therefore leaving an orphaned container)

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-07-27 12:46:14 -03:00
Pablo Carranza Velez
7aedd7062d Update docker-delta to 1.1.1, docker-toolbelt to 3.0.1, docker-progress to 2.6.0 to add support for deltas and overlay2
This makes the Async suffix for docker functions unnecessary. It also allows us to remove dockerode as an
explicit dependency.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-07-27 01:48:35 -03:00
Pablo Carranza Velez
279ab60233 Fix the message shown when docker gives a 500 error when starting a container
The test for an exec format error caused a `err.json.trim` is not a function
error so the message shown didn't relate to what the problem actually was.
This makes the test for the exec format error safer.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-07-26 10:41:25 -03:00
Pablo Carranza Velez
1790939046 Use webpack to join all modules
This saves around 13MB in the resulting uncompressed docker image.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-07-11 14:01:16 -07:00
Joe Roberts
087e7c3af0
Deprecate edge device type
Change-type: major
2017-07-05 10:20:26 +01:00
Pablo Carranza Velez
8b2138f744 Fix semver comparison for OS version when determining if the device has deviceApiKey support
The current setup would cause the check to always fail - the consequence is not *that* bad since
the provisioning key still gets overwritten, but it's better to delete it if we can.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-07-04 02:56:31 -07:00
Pablo Carranza Velez
928df5b140 Allow registering the deviceApiKey in a non-compatible OS by making the apiKey equal the deviceApiKey, and add an fsync to all config.json writes
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-06-30 18:00:01 -07:00
Pablo Carranza Velez
597a2c6b65 Remove the undocumented and unused sideload and compose APIs
This allows us to also remove a few npm dependencies and the docker compose binary.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-06-26 13:08:52 -07:00
Pablo Carranza Velez
18ca98a2ae Fix provisioning key exchange by passing apikey in the request
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-06-26 07:04:43 -07:00
Pablo Carranza Velez
00b53bd03e When apiEndpoint is not defined, work in offline mode
The supervisor uses an `API_ENDPOINT` environment variable to define what API to register to. Up to now this has been defaulted to `https://api.resin.io`.
(In Resin OS devices this environment variable ultimately comes from config.json).
This commit changes the behavior so that an empty value of that environment variable causes the supervisor to work in "offline mode", i.e. not connected to a remote server.
Basically only preloaded apps and the supervisor API work in this mode.

The config.json `supervisorOfflineMode` field still works for backwards compatibility, but we'll treat it as deprecated and it should be removed eventually.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-06-14 12:57:47 -07:00
Pablo Carranza Velez
1e7bdad7a9 Fix mixpanel initialization when not in offline mode
The logic to disable mixpanel initialization in offline mode was inverted :S causing mixpanel
to *only* be initialized when in offline mode.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-06-14 12:48:29 -07:00
Joe Roberts
d4e3e45e52
Dependent device DB migrations 2017-06-14 09:27:47 +01:00
Joe Roberts
786874dbb6
Update dependent device DB
Change-type: patch
2017-06-14 09:27:47 +01:00
Petros Angelatos
171460041f
enable SSL when connecting to pubnub
Fixes #451

Connected-to: pubnub/javascript#89
Change-Type: patch
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
2017-06-13 19:13:09 +03:00
Pablo Carranza Velez
08c5413413 Fix typo in how hostOSVersionPath was camel-cased
This was properly done in the recently added changes in bootstrap.coffee,
but all other references where using "Os" instead of "OS.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-05-11 13:06:38 -07:00
Pablo Carranza Velez
cb0152c5ea Properly handle errors when requesting deltas
When requesting a delta, a `Promise.join` promise chain was producing unhandled
errors since it consisted in a separate promise chain from the parent function which,
was created with `new Promise`. This commit fixes this by creating the new Promise only
when it's needed, avoiding the creation of a separate promise chain.

Closes #432
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-05-08 15:05:42 -07:00
Pablo Carranza Vélez
ac2531368c Merge pull request #427 from resin-io/dont-update-deviceconfig-if-unchanged
Avoid writing target device config to DB if it hasn't changed
2017-04-27 21:18:38 -07:00
Pablo Carranza Velez
c251de1cd3 Only delete the provisioning key if the supervisor is running on an OS that supports using the deviceApiKey
This avoids problems when updating the supervisor on an older OS, where the VPN and other
host services still require config.json to have an apiKey field to authenticate.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-04-27 13:31:25 -07:00
Pablo Carranza Velez
e36fa601ad Avoid writing target device config to DB if it hasn't changed
This helps avoid unnecessary writes to the DB which may cause disk wearout.

We also change the error message in this section to show that the error might have happened
when fetching the device config as much as when setting it.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-04-27 09:42:41 -07:00
Pagan Gazzard
42cd3a6b01 Fix an infinite loop that could happen when trying to bootstrap if the key exchange fails
Change-Type: patch
2017-04-26 13:54:15 -07:00
Pagan Gazzard
89ccb6480d Fix the case of being registered with a version of the cli/sdk that does not support device api keys.
Change-Type: patch
2017-04-26 13:52:43 -07:00
Pagan Gazzard
d31ee452d0 Deduplicate the device fetching logic 2017-04-24 12:09:50 -07:00
Pagan Gazzard
1002629a5e Improve key exchange by first checking if an existing device api key is valid. 2017-04-22 15:17:00 -07:00
Pagan Gazzard
477184d72d Add handling for duplicate UUIDs and key exchanging for old user-api-keys
Change-Type: minor
2017-04-20 21:37:27 -07:00
Pagan Gazzard
03ec97ab8d Change to the new device registration method to exchange our provisioning key with a dedicated api key for the device.
Change-Type: minor
2017-04-20 21:37:27 -07:00
Pablo Carranza Velez
4d322c72a0 Issue #420: Avoid supervisor crash without connection by properly memoizing promise-returning functions
device.getID caused a fatal error when connection was down, as the memoization with `promise: true` throws
synchronously. Changing memoizee to use `promise: 'then'` makes the memoization work as expected.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-04-05 14:51:26 -07:00
Pablo Carranza Velez
0e288d75ab Report the OS variant as a separate field and not as part of the OS version
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-04-03 09:32:28 -07:00
Pablo Carranza Velez
99c9b96ed3 Issue #413: Fix an error applying the connectivity check config var
There was a ReferenceError from a leftover variable, introduced in #398.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-30 12:04:38 -03:00
Pablo Carranza Velez
5412e766da Issue #410: Cleanup images before running an update, preserving the ones that will be used in the target state
We add an extra image/container cleanup before applying updates, allowing any unwanted images to be deleted.
When doing this, we take care not to delete images that will be used when the target state is applied.

This prevents the problem of stale images being stored while the update lock is set, potentially
leaving the device out of space.

Running the cleanup *before* applying the update ensures that only one target image is downloaded: if a stale one
had been downloaded previously, it will be deleted before starting the update for the new one. This can have a slight
impact on delta performance, since the delta is potentially done from an older (and more different) version of the app,
but can have a big impact on storage usage, as not doing this would duplicate the required free storage space when
the update lock is set.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-29 16:50:12 -03:00
Andreas Fitzek
55a1742b1f Merge branch 'master' into 404_authentication_for_registry_and_delta 2017-03-29 11:08:03 +02:00
Andreas Fitzek
ff01d27b7a Authentication credentials for registry and delta server
Hand over authentication credentials to the docker engine
Fetch an access token from the API if possible and hand it over to the delta server

Change-Type: minor
Signed-off-by: Andreas Fitzek <andreas@resin.io>
2017-03-29 01:11:16 +02:00
Pablo Carranza Velez
147abe8a76 Issue #402: Ensure that app configs are non-null and valid json objects
This prevents duplicated containers when updating from older supervisors before the config column
was introduced.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-28 14:13:22 -03:00
Pablo Carranza Velez
8c59c2d768 Report OS variant to the API together with the OS version
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-23 20:29:52 -03:00
Pablo Carranza Velez
b2a2ca0246 Issue #230: Add a custom User-Agent header to all requests
Header is in the format Supervisor/X.Y.Z (Linux; Resin OS v2.A.B.revC; Dev) - omitting any fields
that are not available depending on the OS.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-23 20:28:50 -03:00
Pablo Carranza Velez
c2fe956967 Issue #396: Log when we're rebooting due to a device config change
We also add a 1s delay before rebooting to ensure logs are published.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:56 +02:00
Pablo Carranza Velez
27690e0c30 Issue #20: Change the update lock to a temporary filesystem
The lock is now located at `/tmp/resin-supervisor/<appId>/` on the host, and `/tmp/resin/`
on the user container. The old lock location is supported only in Resin OS 1.X (and both locks are
taken in that case).

This fixes the race condition when the app is started before the supervisor, and takes a lock that is
cleared on supervisor startup.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:35 +02:00
Pablo Carranza Velez
208b799c4b Make local mode only work in development OS, and make it remove app containers and allow unauthenticated API requests
Local mode makes the API accept unauthenticated requests.
Local mode now also removes app containers when stopping them.

Local mode only works on a host OS that has `VARIANT_ID = "dev"` in /etc/os-release.

Also add more explicit logging when stopping an app and it was already stopped
or the container was already removed.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
72f6b2cea5 Restore default value when clearing a special action config variable
Up to now we've only been running the "special actions" (like vpn on/off, logs on/off)
when the target state includes a current value for the corresponding config variable.
We now also check if there was a *previous* value, and in that case also call the action function.
These functions are prepared to reset to a default when they're called with an undefined value.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
538e384442 Allow all config variables to take truthy or falsy values
Config variables now use a checkTruthy validation function,
and can be "1", "on", "true" or true to be considered true, or
"0", "off", "false" or false to be considered false.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
9ae4f02bc5 Allow setting the supervisor to a "local mode" which stops apps and prevents cleanup
A RESIN_SUPERVISOR_LOCAL_MODE variable is introduced. When this variable is "1", all apps
are stopped and the update cycle stops executing changes other than deviceConfig changes
and the proxyvisor.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
9d36064bdb Quick fix: unindent the definition for dockerUtils.createContainer
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-09 08:57:26 -03:00
Pablo Carranza Velez
b6206f9012 Issues #23 and #236: Use docker logs to get all logs from the container, including those before supervisor start
We've been using docker attach, which only gives us the logs since we attach. This change allows getting the
full logs from the beginning.
We also use the timestamps that come with the logs from docker, as they will be more precise and are more relevant now
that we're getting previous logs from history.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-07 17:26:38 +02:00
Pablo Carranza Velez
b64ed9568c Issues #389 and #390: Remove /host_run/dbus and /host/var/lib/connman bind mounts for non-ResinOS-1.X devices
On ResinOS 2.X the default mounts should not include the previously deprecated host_run, and there's no connman which makes the connman mount confusing.
This is a breaking change as it is not backwards-compatible on non-ResinOS instances of the supervisor.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-07 17:26:23 +02:00
Pablo Carranza Velez
f7c702b845 Issue #386: Allow forcing updates when an update was already scheduled
The logic for updateStatus.forceNext is changed so that its value is checked when the scheduled update is run, instead
of when the update is scheduled. And when an update is already scheduled and a new request comes in,
we mark forceNext as true if the new request requires a force update.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-07 17:06:10 +02:00
Pablo Carranza Velez
e8fbadb8d6 Issue #381: Set target deviceConfig values from preloaded apps
Also split out deviceConfig set and get to a separate module to avoid circular dependencies.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-19 13:56:20 -03:00
Pablo Carranza Velez
0d870954ef Issue #382: Validate delta timeout variables
Also take validation functions into a module, and use that in all cases where
we need to check for an integer or string.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-18 12:28:24 -03:00
Pablo Carranza Vélez
0e76b540ea Merge pull request #379 from resin-io/378-delta-timeout
Increase delta timeouts, and provide nicer message when the delta server times out
2017-01-17 18:49:19 -03:00
Pablo Carranza Velez
9c8ac58128 Issue #378: Increase delta timeouts (to avoid ESOCKETTIMEOUT errors), make them configurable, and provide nicer message when the delta server times out
Current delta timeouts are too limiting, so we increase the request timeout to 30 minutes which is big enough that
the server will time out first and we can provide a nice message letting the user know we'll retry; and we increase
the total timeout to 24 hours to account for really big deltas over slower connections (the rsync calls will time out anyways
if something else goes wrong, as they have a 5 minute I/O timeout).

The timeouts are now configurable with the RESIN_SUPERVISOR_DELTA_REQUEST_TIMEOUT and RESIN_SUPERVISOR_DELTA_TOTAL_TIMEOUT
configuration variables.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-17 14:21:10 -03:00
Pablo Carranza Vélez
6ab2b45104 Merge pull request #370 from resin-io/359-kmod-only-in-resinos1
[Breaking] Do not bind mount kmod if the host is not Resin OS 1.X
2017-01-16 12:51:08 -03:00
Pablo Carranza Velez
f8d3ea1a22 Add a delay between successive updates of device state to the API
We add a 1s delay between requests to the API to apply state changes,
as this will throttle it to a point that it has a reasonable rate while
preventing too many unnecessary requests to the API.

Closes #375

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-12 15:57:09 -03:00
Pablo Carranza Velez
458add1759 Do not bind mount kmod if the host is not Resin OS 1.X
Resin OS 2.X removes the use of compressed modules, which was the initial
motivation for us to bind mount kmod into user containers (as Debian distros
don't include support for compressed modules).

This is a breaking change, but we still keep bind mounting on devices that are
on 1.X to ensure we don't break apps currently relying on the feature.

Implementation note: some functions in device.coffee have been refactored to
extract (DRY) a memoization procedure for Promise-returning functions.
`device.getOSVersion()` now also memoizes its result.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-04 18:48:45 -03:00
Pablo Carranza Velez
c67977cbed Fix error applying device configuration because deviceConfig table is empty
If there's no entries in deviceConfig table, always create one.

Avoids problems if the supervisor is stopped while running the db initialization
(deviceConfig gets created but not populated).

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2016-12-20 03:01:55 -03:00
Pablo Carranza Velez
fefb1e6928 Fallback to DROP when iptables REJECT is not available
Using REJECT allows better feedback for legitimate users while providing the same level
of security than drop (see http://www.chiark.greenend.org.uk/~peterb/network/drop-vs-reject).

But some hosts don't have REJECT support in the kernel config, so in that case we fall back to DROP.
2016-12-01 11:18:06 -03:00
Pagan Gazzard
01cd0cbc5a Fix an error when trying to call logSystemEvent with an undefined app 2016-11-03 19:43:15 +00:00
Pablo Carranza Velez
5bcff712dc Provide a better error message when app is not found for purging 2016-11-01 12:20:51 +00:00
Pablo Carranza Velez
0e2710152b Only iterate through remote apps to set device config 2016-10-31 21:41:35 +00:00
Pablo Carranza Velez
9af4ed0397 Properly delete dependent apps and their corresponding devices 2016-10-31 03:05:45 +00:00
Pablo Carranza Vélez
fe68b27acb Merge pull request #336 from resin-io/request-timeout
Add Promise timeouts to all external requests
2016-10-30 21:47:21 -03:00
Pablo Carranza Velez
ac02d50715 Improvements in container create/start:
* Add HostConfig in container create instead of start
* Make it clear in logs when container was already running
2016-10-29 10:20:44 -03:00
Pablo Carranza Velez
c06e047fba Add Promise timeouts to all external requests 2016-10-28 15:12:08 -03:00
Pablo Carranza Velez
3325ff47d4 Stop all apps before rebooting or shutting down 2016-10-27 20:18:30 -03:00
Pablo Carranza Velez
6077f1add4 Update request-progress to v2.0.1 2016-10-25 16:29:53 -03:00
Pablo Carranza Velez
e9e1a0b277 Use multiArgs to promisify gosuper requests
With the bluebird update to v3, all requests to gosuper (most notably, getting the IP addresses) got broken as we use .spread, which requires the Promise to fulfill with an array. So we need to add multiArgs so that getAsync and postAsync return an array.
2016-10-24 16:26:00 -03:00
Pablo Carranza Velez
d3761a699b Also make it explicit in mixpanel events when it's a full image download 2016-10-24 16:11:47 -03:00
Pablo Carranza Velez
43c1b2f92c Log whether deltas are being used when downloading an app 2016-10-23 20:18:20 -03:00
Pagan Gazzard
4ed64536ec Fix multiple update loops appearing after a long period of updates failing. 2016-10-21 16:03:24 -07:00
Pablo Carranza Velez
70dc744886 Avoid restarting the app if the device name changes 2016-10-21 18:40:03 -03:00
Pablo Carranza Velez
d6aead1bad AUFS support and dependent app assets improvement:
* Use appId in dependent app assets tar path, and only create the tar if it doesn't exist
* Support AUFS by upgrading node-docker-delta to 1.0.0 and docker-toolbelt to 1.3.0
2016-10-21 16:37:57 -03:00
Pablo Carranza Velez
8361a533a1 Send the uuid as distinct_id for mixpanel events 2016-10-21 16:36:11 -03:00
Pablo Carranza Velez
7bb3931f2c Properly set device name, and set undefined arguments to setConfig as null 2016-10-13 15:13:47 -03:00
Pagan Gazzard
158ce2810c Update knex to ~0.12.3 2016-10-11 12:04:28 -07:00
Pablo Carranza Velez
72d0401403 Do not use parsed JSON to compare dep. device state 2016-10-11 12:13:14 -03:00
Pablo Carranza Velez
6feba39948 Fix docker utils getImageEnv by correctly parsing the returned array 2016-10-10 21:58:20 +00:00
Pagan Gazzard
969d714baf Update to bluebird 3 2016-10-10 12:49:54 -07:00
Pablo Carranza Velez
feb97539ef Improvements in proxyvisor:
* Better parameter handling in PUT /v1/devices/:uuid
* An update hook response of 200 will cause the proxyvisor to stop pinging the hook
* Allow deleting dependent apps and devices
* Implement delete dependent device hook
* Omit some fields when responding with a device object
2016-10-10 18:16:16 +00:00
Pablo Carranza Velez
ceb5016fc3 Add validation to dependent device provisioning 2016-10-08 20:42:50 +00:00
Petros Angelatos
04edb15819 remove resolv.conf bind mount
connects to #310

Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
2016-10-07 16:36:18 -07:00
Page-
3a2ec489b8 Merge pull request #303 from resin-io/cleanup
Remove unnecessary Promise.all
2016-10-06 14:59:29 -07:00
Pagan Gazzard
81cb59262f Remove unnecessary Promise.all 2016-10-05 18:31:29 -07:00
Pablo Carranza Velez
c4e5d7afca Improvements on config and dependent device handling:
* Store config vars when there's nothing else to update
* Do not mark an update as failed if the hook failed
* When hitting the dependent devices hook, send appId as int
2016-10-05 23:21:29 +00:00
Pagan Gazzard
5c10644df7 Update to lodash 4 2016-10-05 23:03:12 +00:00
Pablo Carranza Velez
4785437ba8 Fixes in app restart behavior:
* Compare config vars to trigger an app restart
* In delete-then-download, only delete when a download is needed
2016-10-05 19:45:18 +00:00
Pablo Carranza Velez
503e043c4c In cleanup, normalize all image tags for comparison 2016-10-04 17:48:11 -03:00
Pablo Carranza Velez
ddaa9f12db Use getRegistryAndName from docker-toolbelt 1.2.0 2016-10-04 14:43:45 -03:00
Pagan Gazzard
19db0e78e0 Switch to v2 api to be able to set is_online 2016-09-30 23:40:03 -03:00
Pablo Carranza Velez
a6f2ff074c Dependent devices, state endpoint, extra env vars and deviceConfig:
* Implement proxyvisor API with dependent device handling
* Use the state endpoint from the API to get the full device state
* Add a deviceConfig db table to store host config separately, and allow deleting config.txt entries
* Expose RESIN_APP_NAME, RESIN_APP_RELEASE, RESIN_DEVICE_NAME_AT_INIT, RESIN_DEVICE_TYPE and RESIN_HOST_OS_VERSION env vars
* Add missing error handler on a stream in docker-utils
2016-09-30 23:40:03 -03:00
Pablo Carranza Velez
e7acff0bcf On cleanup, force removal for images and containers, and remove container volumes 2016-09-29 19:34:19 -03:00
Pablo Carranza Velez
f385fe6bcc Add system logs for Shutdown, Reboot and Purge 2016-09-28 03:32:38 +00:00
Pablo Carranza Velez
4a99fd8803 Implement delete-then-download update strategy 2016-09-26 18:16:01 +00:00
Kostas Lekkas
05690a81dc typo: fix startAppError message 2016-09-20 11:35:28 +03:00
Pablo Carranza Velez
16e2ec286e DRY up calls to gosuper API, and use empty Host header 2016-09-13 16:52:25 -03:00