If the kernel was built with support for ip6tables, there's no need to load the module. This is the case when running
balenaOS in a container in Mac OS, which also can't do modprobes easily.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
Before this change, service name resolution would only occur in the
default network. This was because we were not explicitly adding aliases
of the service names to the aliases fields.
We also fix the comparison, which would do funny things based on
container IDs, which was correct but unnecessary.
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
Jessie recently had the jessie-updates repos dropped. We upgrade to
stretch to avoid a 404 on update (and to update things anyway).
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
If a value is requested which does not pass validation, we instead set
it to the default value, to ensure that the state engine continues to
work and move towards the target state.
Change-type: minor
Closes: #938
Signed-off-by: Cameron Diver <cameron@balena.io>
We put the supervisor0 network in the 10.114.104.0/25 subnet to avoid issues when the device
is in a network using the 172.17.* network.
We also ensure we recreate this network if it was created in the incorrect subnet (i.e. if we're updating
from an old supervisor that didn't do this), for which we have to kill any containers using this network.
Closes#731
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
Without this patch, if for some reason device pinning fails (e.g. connectivity goes down) or anything
interrupts the initialization after provisioning completes but before pinning is completed, after a retry
the supervisor would just skip the pinning code, leaving the device unpinned. This patch ensures that the
pinning procedure is run even if the device was already provisioned (as long as the pinning flag has been set,
of course). This matches the behavior that the CoffeeScript code had from before the TypeScript conversion.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
Otherwise we'll keep doing the rest of the APIBinder init steps, like reporting initial config,
potentially before completing the provisioning.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
This avoid a race condition, in which config.txt can be cleared if a target state is fetched before the
initial values have been created as config vars.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
The last update of pinejs-client to pinejs-client-request made the way we were
using $expand on the migration break. This switches to the correct way of doing it now.
Change-type: patch
Signed-off-by: Pablo Carranza Velez <pablo@balena.io>
This endpoint returns the last known device name from the API. This
differs from the BALENA_DEVICE_NAME_AT_INIT env var because this will
not change throughout the runtime of the container.
Closes: #908
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
We run the risk of the state engine exiting early when a dependency is
not ready, especially in local mode. This changes forces a noop to be
returned when we are waiting on another service, which is the process
used elsewhere in the state engine.
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
This function would usually check that an image is present for a
dependency, but in local mode the images would have never been inserted
into the database.
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
