Commit Graph

2196 Commits

Author SHA1 Message Date
Pablo Carranza Velez
95bbe6ea49 Add a /v1/healthy endpoint that fails if the supervisor is unhealthy, and a HEALTHCHECK command to the Dockerfile that uses it
We add an endpoint to the supervisor API that checks the following conditions to determine whether the supervisor is healthy:
* That the update cycle has run fully, in a time that's less than twice the poll interval. Unless we're downloading an image, in which case
we assume it's healthy (otherwise we'd get into the issue of determining a reasonable timeout for the image download, which is already done in a configurable way with delta options and the like).
* That the current state report to the Resin API hasn't failed more than 3 times. Unless the device has no connectivity, or the connectivity check is disabled, in which case we don't know
if the report failed simply because there's no network.
* That the gosuper component is working (since we periodically hit its API to get the IP addresses, we mark it as not working if this API call fails).

We need this endpoint to be unauthenticated for the docker daemon to be able to hit it (though, as the rest of the API, it is protected with iptables rules).

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-11 00:11:56 -08:00
resin-io-versionbot[bot]
29616a6c29
Auto-merge for PR #532 via VersionBot
Avoid stopping the VPN until a remote target state has been fetched, …
2017-12-11 08:11:23 +00:00
resin-io-versionbot[bot]
3d3fdb1792 v6.4.9 2017-12-11 06:17:44 +00:00
Pablo Carranza Velez
f65822ba94 Use for own instead of _.forEach
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 21:52:03 -08:00
Pablo Carranza Velez
5a0042c33d Apply config.txt changes when the new config is empty, to fix deleting config.txt values
I realized we're not deleting config.txt entries because the function checked for the values to apply
not to be empty, instead of just checking if the *changes* are empty.

So this closes #450

(Still not a complete solution to config.txt issues, which will come with the multicontainer PR, but at least it's a step forward)

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 19:09:10 -08:00
Pablo Carranza Velez
e0d1d89419 Filter deviceConfig values that will be stored as current values to only include relevant keys
Otherwise, devices where we update from legacy supervisors might have other keys, like RESIN_SUPERVISOR_DELTA, stored in deviceConfig.values,
causing `_.isEqual(values, targetValues)` to always return false.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 18:54:08 -08:00
Pablo Carranza Velez
c05474b1a9 Always execute special actions if the value stored in memory doesn't match the target. And when storing target values, only store relevant ones
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-10 18:48:30 -08:00
Pablo Carranza Velez
8fc1a0935b Avoid stopping the VPN until a remote target state has been fetched, and retry applying config variables when they fail
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-12-08 00:16:34 -08:00
resin-io-versionbot[bot]
481888fc8b
Auto-merge for PR #529 via VersionBot
When listenPort is not specified, use 48484 as default
2017-12-01 21:05:26 +00:00
resin-io-versionbot[bot]
eef8ee0c33 v6.4.8 2017-12-01 20:35:58 +00:00
Pablo Carranza Velez
21a9bb4e82 When listenPort is not specified, use 48484 as default
Should only be relevant in really old OS versions, but still this is the correct default.

Fixes #439

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-23 14:08:32 -08:00
resin-io-versionbot[bot]
f1b6165650
Auto-merge for PR #527 via VersionBot
sync.js: Fix command to build the source code without optimizations
2017-11-20 16:21:56 +00:00
resin-io-versionbot[bot]
83b56ab49a v6.4.7 2017-11-20 15:52:03 +00:00
Pablo Carranza Velez
bcbd71998e sync.js: Fix command to build the source code without optimizations
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-15 02:49:50 -08:00
resin-io-versionbot[bot]
685889c5aa
Auto-merge for PR #525 via VersionBot
dind: Add a .gitkeep to docker.service.d to avoid dind build errors
2017-11-10 17:47:11 +00:00
resin-io-versionbot[bot]
2db6437c3a v6.4.6 2017-11-10 17:16:16 +00:00
Pablo Carranza Velez
65a287ea17 dind: Add a .gitkeep to docker.service.d to avoid dind build errors
This folder is used to add proxy configuration on build, and the dind build fails
if it doesn't exist.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-10 02:48:23 -08:00
resin-io-versionbot[bot]
f9f0f220f9
Auto-merge for PR #524 via VersionBot
Use uglifyjs-webpack-plugin ^1.0.1 to optimize the supervisor code
2017-11-09 04:45:05 +00:00
resin-io-versionbot[bot]
2882b97bcd v6.4.5 2017-11-09 04:13:42 +00:00
Pablo Carranza Velez
88291f08a8 Use uglifyjs-webpack-plugin ^1.0.1 to optimize the supervisor code
We've been using UglifyJS 0.4.6 (the webpack default) so far, but this doesn't support ES6 and some dependency
updates are starting to cause builds to break (e.g. https://github.com/request/request/issues/2772, which also happens to break
my builds in the multicontainer branch).

Here we switch to the latest uglifyjs-webpack-plugin which is designed for ES2015 support.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-08 19:03:19 -08:00
resin-io-versionbot[bot]
62cf72bf03
Auto-merge for PR #523 via VersionBot
dindctl: Use balena to refresh the supervisor container
2017-11-08 18:22:36 +00:00
resin-io-versionbot[bot]
701a2b7d13 v6.4.4 2017-11-08 17:58:59 +00:00
Pablo Carranza Velez
1d4df6cc50 dindctl: Use balena to refresh the supervisor container
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-07 18:26:40 -08:00
resin-io-versionbot[bot]
5613801219
Auto-merge for PR #518 via VersionBot
Use balena 17.06 and resin-base v2.9.2 for the docker-in-docker supervisor
2017-11-03 21:26:40 +00:00
resin-io-versionbot[bot]
8a2852eda6 v6.4.3 2017-11-03 20:57:09 +00:00
Pablo Carranza Velez
e75c331aa3 Use balena 17.06 and resin-base v2.9.2 for the docker-in-docker supervisor
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-03 09:57:28 -07:00
resin-io-versionbot[bot]
bb350eca92
Auto-merge for PR #480 via VersionBot
Avoid an indefinite recursion that grows the call stack when reporting the current state fails
2017-11-03 03:59:23 +00:00
resin-io-versionbot[bot]
a3b5b0370b v6.4.2 2017-11-03 02:31:04 +00:00
Pablo Carranza Velez
51d6ab01c9 Avoid an indefinite recursion that grows the call stack when reporting the current state fails
We used to have a recursion based on Promises and Promise.delay, which caused the promise never to resolve
so eventually the stack would be exhausted.

This fixes it by using a simpler way to check if reporting the state is in progress and using a setImmediate to
call applyState outside of the Promise chain.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-02 15:54:09 -07:00
resin-io-versionbot[bot]
a212d9b7ef
Auto-merge for PR #520 via VersionBot
automation: Always try to cache using the latest master build
2017-11-02 22:09:06 +00:00
resin-io-versionbot[bot]
219dc2874b v6.4.1 2017-11-02 21:44:14 +00:00
Pablo Carranza Velez
ab1be2c12d Improve caching when building gosuper
It seems that the ARG ARCH causes a cache miss in the next RUN statement (for some reason our use of cache-from in the other stages of the build works better, but here it always causes a miss).
We move the ARG statement to later in the Dockerfile, just before actually using it. Hopefully this will improve caching for most supervisor builds.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-01 19:04:10 -07:00
Pablo Carranza Velez
acf3771ea8 automation: Always try to cache using the latest master build
This change makes us always try to use the latest master builds of the intermediate images
for the --cache-from option in our docker build of the supervisor.

This prevents cache misses when we're rebasing a branch and a PR has been merged that modifies a component that we're not modifying
in the current branch.
For example:
Branch 1 modifies the base image. Branch 2 only modifies the nodejs code. Branch 1 gets merged before Branch 2, so in our Branch2 PR we
rebase from master - in the next build for Branch 2, we'll have a cache miss on the base image, unless we're using the last master for caching.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-11-01 18:15:33 -07:00
resin-io-versionbot[bot]
a1a020b074
Auto-merge for PR #512 via VersionBot
Fixes #511, add support for new supervisor image for IOT2000 board
2017-11-01 21:45:44 +00:00
resin-io-versionbot[bot]
81fac24c99 v6.4.0 2017-11-01 21:08:51 +00:00
Trong Nghia Nguyen
01c39f33b5 Fixes #511, add support for new supervisor image for x86 with quark cpu
boards.

Change-Type: minor
Signed-off-by: Trong Nghia Nguyen <nghiant2710@gmail.com>
2017-11-01 03:33:43 -07:00
resin-io-versionbot[bot]
89607fa2bc
Auto-merge for PR #500 via VersionBot
Mixpanel tunneling through resin API, and extra hiding of properties
2017-11-01 10:29:42 +00:00
resin-io-versionbot[bot]
087e335467 v6.3.11 2017-11-01 09:33:20 +00:00
Pablo Carranza Velez
20d95ff024 Add whitelist-based filtering to mixpanel events
When sending events to mixpanel, we now use an explicit whitelist for the properties sent with the event, to avoid accidental leakage of any sensitive information.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-31 23:22:38 -07:00
Pablo Carranza Velez
34d37814c9 Tunnel all mixpanel events through the resin API
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-31 23:22:38 -07:00
resin-io-versionbot[bot]
4c5fd68aea
Auto-merge for PR #517 via VersionBot
Use a custom webpack loader to avoid uncaught exceptions from JSONStream
2017-10-31 22:06:50 +00:00
resin-io-versionbot[bot]
75034ab1b5 v6.3.10 2017-10-31 21:23:03 +00:00
Pablo Carranza Velez
c422c91b66 Use a custom webpack loader to avoid uncaught exceptions from JSONStream
JSONStream is a hybrid executable-library that doesn't get along well with webpack: it tries to run its binary code
which can throw uncaught exceptions. So we use a custom loader for it - which replaces remove-hashbang-loader, as it only
affected JSONStream too.

(I tried replacing JSONStream altogether, but turns out dockerode uses it too)

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-31 13:29:59 -07:00
resin-io-versionbot[bot]
0b86a60618
Auto-merge for PR #507 via VersionBot
Better container management to avoid duplicated/spurious containers
2017-10-31 00:26:07 +00:00
resin-io-versionbot[bot]
eb6c4fb7c4 v6.3.9 2017-10-30 23:23:50 +00:00
Pablo Carranza Velez
ecf7e4206c Avoid fetching an image when it might be available or when starting an app because it might not be necessary
This change removes the behavior where we would try to fetch an app image when starting the app. This might cause an unintended
download of an app that is not really needed anymore because we're starting the app on boot and an update cycle would make this image unnecessary.
So now we try to inspect the image, and if this fails we will throw an error, causing the app to be soft-deleted and the next update cycle to properly trigger
a download of whatever image we need from the target state.

We also improve the error catching when fetching an image, to specifically catch an "image not found" error before trying to download - otherwise, any other
random error will cause us to try to download the image again, which will not be a noop if we're using deltas. If there's any other error, the correct behavior
is to throw and retry later.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-30 15:25:49 -07:00
Pablo Carranza Velez
0bc23df8c9 Refactor container cleanup to remove all spurious containers
We change the way container cleanup works so that it compares running
app containers with the container names for the known apps. This allows
the cleanup to effectively delete any spurious/duplicated app containers.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-30 15:25:49 -07:00
Pablo Carranza Velez
bd34a19a79 Use container name instead of id to identify apps, and avoid duplicated containers
By storing the container name before creating the container, we avoid problems
if the supervisor crashes or the device reboots between creating a container and storing its id.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-10-30 15:25:49 -07:00
resin-io-versionbot[bot]
15b9943f6d
Auto-merge for PR #513 via VersionBot
If a device is already provisioned but the key exchange fails, retry …
2017-10-30 22:22:23 +00:00
resin-io-versionbot[bot]
be6d44a09b v6.3.8 2017-10-30 21:43:55 +00:00