Documentation ¶
Index ¶
- Constants
- Variables
- func DefaultRPCAddr() *net.TCPAddr
- func NewConsulACLsAPI(aclClient consul.ACLsAPI, logger hclog.Logger, ...) *consulACLsAPI
- func NewConsulConfigsAPI(configsClient consul.ConfigAPI, logger hclog.Logger) *consulConfigsAPI
- func NewCoreScheduler(srv *Server, snap *state.StateSnapshot) scheduler.Scheduler
- func NewFSM(config *FSMConfig) (*nomadFSM, error)
- func NewPeriodicHeap() *periodicHeap
- func NewVaultClient(c *config.VaultConfig, logger log.Logger, purgeFn PurgeVaultAccessorFn, ...) (*vaultClient, error)
- func NodeRpc(session *yamux.Session, method string, args, reply interface{}) error
- func NodeStreamingRpc(session *yamux.Session, method string) (net.Conn, error)
- func ServersMeetMinimumVersion(members []serf.Member, region string, minVersion *version.Version, ...) bool
- func TestJoin(t testing.T, servers ...*Server)
- type ACL
- func (a *ACL) Bootstrap(args *structs.ACLTokenBootstrapRequest, reply *structs.ACLTokenUpsertResponse) error
- func (a *ACL) DeleteAuthMethods(args *structs.ACLAuthMethodDeleteRequest, ...) error
- func (a *ACL) DeleteBindingRules(args *structs.ACLBindingRulesDeleteRequest, ...) error
- func (a *ACL) DeletePolicies(args *structs.ACLPolicyDeleteRequest, reply *structs.GenericResponse) error
- func (a *ACL) DeleteRolesByID(args *structs.ACLRolesDeleteByIDRequest, ...) error
- func (a *ACL) DeleteTokens(args *structs.ACLTokenDeleteRequest, reply *structs.GenericResponse) error
- func (a *ACL) ExchangeOneTimeToken(args *structs.OneTimeTokenExchangeRequest, ...) error
- func (a *ACL) ExpireOneTimeTokens(args *structs.OneTimeTokenExpireRequest, reply *structs.GenericResponse) error
- func (a *ACL) GetAuthMethod(args *structs.ACLAuthMethodGetRequest, reply *structs.ACLAuthMethodGetResponse) error
- func (a *ACL) GetAuthMethods(args *structs.ACLAuthMethodsGetRequest, ...) error
- func (a *ACL) GetBindingRule(args *structs.ACLBindingRuleRequest, reply *structs.ACLBindingRuleResponse) error
- func (a *ACL) GetBindingRules(args *structs.ACLBindingRulesRequest, reply *structs.ACLBindingRulesResponse) error
- func (a *ACL) GetClaimPolicies(args *structs.GenericRequest, reply *structs.ACLPolicySetResponse) error
- func (a *ACL) GetPolicies(args *structs.ACLPolicySetRequest, reply *structs.ACLPolicySetResponse) error
- func (a *ACL) GetPolicy(args *structs.ACLPolicySpecificRequest, reply *structs.SingleACLPolicyResponse) error
- func (a *ACL) GetRoleByID(args *structs.ACLRoleByIDRequest, reply *structs.ACLRoleByIDResponse) error
- func (a *ACL) GetRoleByName(args *structs.ACLRoleByNameRequest, reply *structs.ACLRoleByNameResponse) error
- func (a *ACL) GetRolesByID(args *structs.ACLRolesByIDRequest, reply *structs.ACLRolesByIDResponse) error
- func (a *ACL) GetToken(args *structs.ACLTokenSpecificRequest, reply *structs.SingleACLTokenResponse) error
- func (a *ACL) GetTokens(args *structs.ACLTokenSetRequest, reply *structs.ACLTokenSetResponse) error
- func (a *ACL) ListAuthMethods(args *structs.ACLAuthMethodListRequest, ...) error
- func (a *ACL) ListBindingRules(args *structs.ACLBindingRulesListRequest, ...) error
- func (a *ACL) ListPolicies(args *structs.ACLPolicyListRequest, reply *structs.ACLPolicyListResponse) error
- func (a *ACL) ListRoles(args *structs.ACLRolesListRequest, reply *structs.ACLRolesListResponse) error
- func (a *ACL) ListTokens(args *structs.ACLTokenListRequest, reply *structs.ACLTokenListResponse) error
- func (a *ACL) Login(args *structs.ACLLoginRequest, reply *structs.ACLLoginResponse) error
- func (a *ACL) OIDCAuthURL(args *structs.ACLOIDCAuthURLRequest, reply *structs.ACLOIDCAuthURLResponse) error
- func (a *ACL) OIDCCompleteAuth(args *structs.ACLOIDCCompleteAuthRequest, reply *structs.ACLLoginResponse) error
- func (a *ACL) ResolveToken(args *structs.ResolveACLTokenRequest, reply *structs.ResolveACLTokenResponse) errordeprecated
- func (a *ACL) UpsertAuthMethods(args *structs.ACLAuthMethodUpsertRequest, ...) error
- func (a *ACL) UpsertBindingRules(args *structs.ACLBindingRulesUpsertRequest, ...) error
- func (a *ACL) UpsertOneTimeToken(args *structs.OneTimeTokenUpsertRequest, ...) error
- func (a *ACL) UpsertPolicies(args *structs.ACLPolicyUpsertRequest, reply *structs.GenericResponse) error
- func (a *ACL) UpsertRoles(args *structs.ACLRolesUpsertRequest, reply *structs.ACLRolesUpsertResponse) error
- func (a *ACL) UpsertTokens(args *structs.ACLTokenUpsertRequest, reply *structs.ACLTokenUpsertResponse) error
- func (a *ACL) WhoAmI(args *structs.GenericRequest, reply *structs.ACLWhoAmIResponse) error
- type Agent
- type Alloc
- func (a *Alloc) GetAlloc(args *structs.AllocSpecificRequest, reply *structs.SingleAllocResponse) error
- func (a *Alloc) GetAllocs(args *structs.AllocsGetRequest, reply *structs.AllocsGetResponse) error
- func (a *Alloc) GetServiceRegistrations(args *structs.AllocServiceRegistrationsRequest, ...) error
- func (a *Alloc) List(args *structs.AllocListRequest, reply *structs.AllocListResponse) error
- func (a *Alloc) Stop(args *structs.AllocStopRequest, reply *structs.AllocStopResponse) error
- func (a *Alloc) UpdateDesiredTransition(args *structs.AllocUpdateDesiredTransitionRequest, ...) error
- type AllocGetter
- type AutopilotDelegate
- func (d *AutopilotDelegate) AutopilotConfig() *autopilot.Config
- func (d *AutopilotDelegate) FetchServerStats(ctx context.Context, servers map[raft.ServerID]*autopilot.Server) map[raft.ServerID]*autopilot.ServerStats
- func (d *AutopilotDelegate) KnownServers() map[raft.ServerID]*autopilot.Server
- func (d *AutopilotDelegate) NotifyState(state *autopilot.State)
- func (d *AutopilotDelegate) RemoveFailedServer(failedSrv *autopilot.Server)
- type BadNodeTracker
- type BlockedEvals
- func (b *BlockedEvals) Block(eval *structs.Evaluation)
- func (b *BlockedEvals) EmitStats(period time.Duration, stopCh <-chan struct{})
- func (b *BlockedEvals) Enabled() bool
- func (b *BlockedEvals) Flush()
- func (b *BlockedEvals) GetDuplicates(timeout time.Duration) []*structs.Evaluation
- func (b *BlockedEvals) Reblock(eval *structs.Evaluation, token string)
- func (b *BlockedEvals) SetEnabled(enabled bool)
- func (b *BlockedEvals) SetTimetable(timetable *TimeTable)
- func (b *BlockedEvals) Stats() *BlockedStats
- func (b *BlockedEvals) Unblock(computedClass string, index uint64)
- func (b *BlockedEvals) UnblockClassAndQuota(class, quota string, index uint64)
- func (b *BlockedEvals) UnblockFailed()
- func (b *BlockedEvals) UnblockNode(nodeID string, index uint64)
- func (b *BlockedEvals) UnblockQuota(quota string, index uint64)
- func (b *BlockedEvals) Untrack(jobID, namespace string)
- type BlockedResourcesStats
- type BlockedResourcesSummary
- type BlockedStats
- type BrokerStats
- type CSIPlugin
- func (v *CSIPlugin) Delete(args *structs.CSIPluginDeleteRequest, reply *structs.CSIPluginDeleteResponse) error
- func (v *CSIPlugin) Get(args *structs.CSIPluginGetRequest, reply *structs.CSIPluginGetResponse) error
- func (v *CSIPlugin) List(args *structs.CSIPluginListRequest, reply *structs.CSIPluginListResponse) error
- type CSIVolume
- func (v *CSIVolume) Claim(args *structs.CSIVolumeClaimRequest, reply *structs.CSIVolumeClaimResponse) error
- func (v *CSIVolume) Create(args *structs.CSIVolumeCreateRequest, reply *structs.CSIVolumeCreateResponse) error
- func (v *CSIVolume) CreateSnapshot(args *structs.CSISnapshotCreateRequest, ...) error
- func (v *CSIVolume) Delete(args *structs.CSIVolumeDeleteRequest, reply *structs.CSIVolumeDeleteResponse) error
- func (v *CSIVolume) DeleteSnapshot(args *structs.CSISnapshotDeleteRequest, ...) error
- func (v *CSIVolume) Deregister(args *structs.CSIVolumeDeregisterRequest, ...) error
- func (v *CSIVolume) Get(args *structs.CSIVolumeGetRequest, reply *structs.CSIVolumeGetResponse) error
- func (v *CSIVolume) List(args *structs.CSIVolumeListRequest, reply *structs.CSIVolumeListResponse) error
- func (v *CSIVolume) ListExternal(args *structs.CSIVolumeExternalListRequest, ...) error
- func (v *CSIVolume) ListSnapshots(args *structs.CSISnapshotListRequest, reply *structs.CSISnapshotListResponse) error
- func (v *CSIVolume) Register(args *structs.CSIVolumeRegisterRequest, ...) error
- func (v *CSIVolume) Unpublish(args *structs.CSIVolumeUnpublishRequest, ...) error
- type CachedBadNodeTracker
- type CachedBadNodeTrackerConfig
- type ClientAllocations
- func (a *ClientAllocations) Checks(args *cstructs.AllocChecksRequest, reply *cstructs.AllocChecksResponse) error
- func (a *ClientAllocations) GarbageCollect(args *structs.AllocSpecificRequest, reply *structs.GenericResponse) error
- func (a *ClientAllocations) GarbageCollectAll(args *structs.NodeSpecificRequest, reply *structs.GenericResponse) error
- func (a *ClientAllocations) Restart(args *structs.AllocRestartRequest, reply *structs.GenericResponse) error
- func (a *ClientAllocations) Signal(args *structs.AllocSignalRequest, reply *structs.GenericResponse) error
- func (a *ClientAllocations) Stats(args *cstructs.AllocStatsRequest, reply *cstructs.AllocStatsResponse) error
- type ClientCSI
- func (a *ClientCSI) ControllerAttachVolume(args *cstructs.ClientCSIControllerAttachVolumeRequest, ...) error
- func (a *ClientCSI) ControllerCreateSnapshot(args *cstructs.ClientCSIControllerCreateSnapshotRequest, ...) error
- func (a *ClientCSI) ControllerCreateVolume(args *cstructs.ClientCSIControllerCreateVolumeRequest, ...) error
- func (a *ClientCSI) ControllerDeleteSnapshot(args *cstructs.ClientCSIControllerDeleteSnapshotRequest, ...) error
- func (a *ClientCSI) ControllerDeleteVolume(args *cstructs.ClientCSIControllerDeleteVolumeRequest, ...) error
- func (a *ClientCSI) ControllerDetachVolume(args *cstructs.ClientCSIControllerDetachVolumeRequest, ...) error
- func (a *ClientCSI) ControllerListSnapshots(args *cstructs.ClientCSIControllerListSnapshotsRequest, ...) error
- func (a *ClientCSI) ControllerListVolumes(args *cstructs.ClientCSIControllerListVolumesRequest, ...) error
- func (a *ClientCSI) ControllerValidateVolume(args *cstructs.ClientCSIControllerValidateVolumeRequest, ...) error
- func (a *ClientCSI) NodeDetachVolume(args *cstructs.ClientCSINodeDetachVolumeRequest, ...) error
- type ClientStats
- type Config
- type ConsulACLsAPI
- type ConsulConfigsAPI
- type ConsulKeyRule
- type ConsulPolicy
- type ConsulServiceRule
- type CoreScheduler
- type Deployment
- func (d *Deployment) Allocations(args *structs.DeploymentSpecificRequest, reply *structs.AllocListResponse) error
- func (d *Deployment) Cancel(args *structs.DeploymentCancelRequest, reply *structs.DeploymentUpdateResponse) error
- func (d *Deployment) Fail(args *structs.DeploymentFailRequest, reply *structs.DeploymentUpdateResponse) error
- func (d *Deployment) GetDeployment(args *structs.DeploymentSpecificRequest, ...) error
- func (d *Deployment) List(args *structs.DeploymentListRequest, reply *structs.DeploymentListResponse) error
- func (d *Deployment) Pause(args *structs.DeploymentPauseRequest, reply *structs.DeploymentUpdateResponse) error
- func (d *Deployment) Promote(args *structs.DeploymentPromoteRequest, ...) error
- func (d *Deployment) Reap(args *structs.DeploymentDeleteRequest, reply *structs.GenericResponse) error
- func (d *Deployment) Run(args *structs.DeploymentRunRequest, reply *structs.DeploymentUpdateResponse) error
- func (d *Deployment) SetAllocHealth(args *structs.DeploymentAllocHealthRequest, ...) error
- func (d *Deployment) Unblock(args *structs.DeploymentUnblockRequest, ...) error
- type Encrypter
- func (e *Encrypter) AddKey(rootKey *structs.RootKey) error
- func (e *Encrypter) Decrypt(ciphertext []byte, keyID string) ([]byte, error)
- func (e *Encrypter) Encrypt(cleartext []byte) ([]byte, string, error)
- func (e *Encrypter) GetKey(keyID string) ([]byte, error)
- func (e *Encrypter) RemoveKey(keyID string) error
- func (e *Encrypter) SignClaims(claim *structs.IdentityClaims) (string, string, error)
- func (e *Encrypter) VerifyClaim(tokenString string) (*structs.IdentityClaims, error)
- type EnterpriseEndpoints
- type EnterpriseState
- type ErrMinIndexDeadlineExceeded
- type Eval
- func (e *Eval) Ack(args *structs.EvalAckRequest, reply *structs.GenericResponse) error
- func (e *Eval) Allocations(args *structs.EvalSpecificRequest, reply *structs.EvalAllocationsResponse) error
- func (e *Eval) Count(args *structs.EvalCountRequest, reply *structs.EvalCountResponse) error
- func (e *Eval) Create(args *structs.EvalUpdateRequest, reply *structs.GenericResponse) error
- func (e *Eval) Delete(args *structs.EvalDeleteRequest, reply *structs.EvalDeleteResponse) error
- func (e *Eval) Dequeue(args *structs.EvalDequeueRequest, reply *structs.EvalDequeueResponse) error
- func (e *Eval) GetEval(args *structs.EvalSpecificRequest, reply *structs.SingleEvalResponse) error
- func (e *Eval) List(args *structs.EvalListRequest, reply *structs.EvalListResponse) error
- func (e *Eval) Nack(args *structs.EvalAckRequest, reply *structs.GenericResponse) error
- func (e *Eval) Reap(args *structs.EvalReapRequest, reply *structs.GenericResponse) error
- func (e *Eval) Reblock(args *structs.EvalUpdateRequest, reply *structs.GenericResponse) error
- func (e *Eval) Update(args *structs.EvalUpdateRequest, reply *structs.GenericResponse) error
- type EvalBroker
- func (b *EvalBroker) Ack(evalID, token string) error
- func (b *EvalBroker) Cancelable(batchSize int) []*structs.Evaluation
- func (b *EvalBroker) Dequeue(schedulers []string, timeout time.Duration) (*structs.Evaluation, string, error)
- func (b *EvalBroker) EmitStats(period time.Duration, stopCh <-chan struct{})
- func (b *EvalBroker) Enabled() bool
- func (b *EvalBroker) Enqueue(eval *structs.Evaluation)
- func (b *EvalBroker) EnqueueAll(evals map[*structs.Evaluation]string)
- func (b *EvalBroker) Nack(evalID, token string) error
- func (b *EvalBroker) Outstanding(evalID string) (string, bool)
- func (b *EvalBroker) OutstandingReset(evalID, token string) error
- func (b *EvalBroker) PauseNackTimeout(evalID, token string) error
- func (b *EvalBroker) ResumeNackTimeout(evalID, token string) error
- func (b *EvalBroker) SetEnabled(enabled bool)
- func (b *EvalBroker) Stats() *BrokerStats
- type EvaluatePool
- type Event
- type FSMConfig
- type FSMFilter
- type FileSystem
- type Job
- func (j *Job) Allocations(args *structs.JobSpecificRequest, reply *structs.JobAllocationsResponse) error
- func (j *Job) BatchDeregister(args *structs.JobBatchDeregisterRequest, ...) error
- func (j *Job) Deployments(args *structs.JobSpecificRequest, reply *structs.DeploymentListResponse) error
- func (j *Job) Deregister(args *structs.JobDeregisterRequest, reply *structs.JobDeregisterResponse) error
- func (j *Job) Dispatch(args *structs.JobDispatchRequest, reply *structs.JobDispatchResponse) error
- func (j *Job) Evaluate(args *structs.JobEvaluateRequest, reply *structs.JobRegisterResponse) error
- func (j *Job) Evaluations(args *structs.JobSpecificRequest, reply *structs.JobEvaluationsResponse) error
- func (j *Job) GetJob(args *structs.JobSpecificRequest, reply *structs.SingleJobResponse) error
- func (j *Job) GetJobVersions(args *structs.JobVersionsRequest, reply *structs.JobVersionsResponse) error
- func (j *Job) GetServiceRegistrations(args *structs.JobServiceRegistrationsRequest, ...) error
- func (j *Job) LatestDeployment(args *structs.JobSpecificRequest, reply *structs.SingleDeploymentResponse) error
- func (j *Job) List(args *structs.JobListRequest, reply *structs.JobListResponse) error
- func (j *Job) Plan(args *structs.JobPlanRequest, reply *structs.JobPlanResponse) error
- func (j *Job) Register(args *structs.JobRegisterRequest, reply *structs.JobRegisterResponse) error
- func (j *Job) Revert(args *structs.JobRevertRequest, reply *structs.JobRegisterResponse) error
- func (j *Job) Scale(args *structs.JobScaleRequest, reply *structs.JobRegisterResponse) error
- func (j *Job) ScaleStatus(args *structs.JobScaleStatusRequest, reply *structs.JobScaleStatusResponse) error
- func (j *Job) Stable(args *structs.JobStabilityRequest, reply *structs.JobStabilityResponse) error
- func (j *Job) Summary(args *structs.JobSummaryRequest, reply *structs.JobSummaryResponse) error
- func (j *Job) Validate(args *structs.JobValidateRequest, reply *structs.JobValidateResponse) error
- type JobEvalDispatcher
- type Keyring
- func (k *Keyring) Delete(args *structs.KeyringDeleteRootKeyRequest, ...) error
- func (k *Keyring) Get(args *structs.KeyringGetRootKeyRequest, ...) error
- func (k *Keyring) List(args *structs.KeyringListRootKeyMetaRequest, ...) error
- func (k *Keyring) Rotate(args *structs.KeyringRotateRootKeyRequest, ...) error
- func (k *Keyring) Update(args *structs.KeyringUpdateRootKeyRequest, ...) error
- type KeyringReplicator
- type LicenseConfig
- type LogApplier
- type LogAppliers
- type Namespace
- func (n *Namespace) DeleteNamespaces(args *structs.NamespaceDeleteRequest, reply *structs.GenericResponse) error
- func (n *Namespace) GetNamespace(args *structs.NamespaceSpecificRequest, reply *structs.SingleNamespaceResponse) error
- func (n *Namespace) GetNamespaces(args *structs.NamespaceSetRequest, reply *structs.NamespaceSetResponse) error
- func (n *Namespace) ListNamespaces(args *structs.NamespaceListRequest, reply *structs.NamespaceListResponse) error
- func (n *Namespace) UpsertNamespaces(args *structs.NamespaceUpsertRequest, reply *structs.GenericResponse) error
- type Node
- func (n *Node) BatchDeregister(args *structs.NodeBatchDeregisterRequest, reply *structs.NodeUpdateResponse) error
- func (n *Node) Deregister(args *structs.NodeDeregisterRequest, reply *structs.NodeUpdateResponse) error
- func (n *Node) DeriveSIToken(args *structs.DeriveSITokenRequest, reply *structs.DeriveSITokenResponse) error
- func (n *Node) DeriveVaultToken(args *structs.DeriveVaultTokenRequest, reply *structs.DeriveVaultTokenResponse) error
- func (n *Node) EmitEvents(args *structs.EmitNodeEventsRequest, reply *structs.EmitNodeEventsResponse) error
- func (n *Node) Evaluate(args *structs.NodeEvaluateRequest, reply *structs.NodeUpdateResponse) error
- func (n *Node) GetAllocs(args *structs.NodeSpecificRequest, reply *structs.NodeAllocsResponse) error
- func (n *Node) GetClientAllocs(args *structs.NodeSpecificRequest, reply *structs.NodeClientAllocsResponse) error
- func (n *Node) GetNode(args *structs.NodeSpecificRequest, reply *structs.SingleNodeResponse) error
- func (n *Node) List(args *structs.NodeListRequest, reply *structs.NodeListResponse) error
- func (n *Node) Register(args *structs.NodeRegisterRequest, reply *structs.NodeUpdateResponse) error
- func (n *Node) UpdateAlloc(args *structs.AllocUpdateRequest, reply *structs.GenericResponse) error
- func (n *Node) UpdateDrain(args *structs.NodeUpdateDrainRequest, reply *structs.NodeDrainUpdateResponse) error
- func (n *Node) UpdateEligibility(args *structs.NodeUpdateEligibilityRequest, ...) error
- func (n *Node) UpdateStatus(args *structs.NodeUpdateStatusRequest, reply *structs.NodeUpdateResponse) error
- type NodeMeta
- type NoopBadNodeTracker
- type Operator
- func (op *Operator) AutopilotGetConfiguration(args *structs.GenericRequest, reply *structs.AutopilotConfig) error
- func (op *Operator) AutopilotSetConfiguration(args *structs.AutopilotSetConfigRequest, reply *bool) error
- func (op *Operator) RaftGetConfiguration(args *structs.GenericRequest, reply *structs.RaftConfigurationResponse) error
- func (op *Operator) RaftRemovePeerByAddress(args *structs.RaftPeerByAddressRequest, reply *struct{}) error
- func (op *Operator) RaftRemovePeerByID(args *structs.RaftPeerByIDRequest, reply *struct{}) error
- func (op *Operator) SchedulerGetConfiguration(args *structs.GenericRequest, reply *structs.SchedulerConfigurationResponse) error
- func (op *Operator) SchedulerSetConfiguration(args *structs.SchedulerSetConfigRequest, ...) error
- func (op *Operator) ServerHealth(args *structs.GenericRequest, reply *structs.OperatorHealthReply) error
- type PendingEvaluations
- type PendingPlans
- type Periodic
- type PeriodicDispatch
- func (p *PeriodicDispatch) Add(job *structs.Job) error
- func (p *PeriodicDispatch) ForceEval(namespace, jobID string) (*structs.Evaluation, error)
- func (p *PeriodicDispatch) LaunchTime(jobID string) (time.Time, error)
- func (p *PeriodicDispatch) Remove(namespace, jobID string) error
- func (p *PeriodicDispatch) SetEnabled(enabled bool)
- func (p *PeriodicDispatch) Tracked() []*structs.Job
- type Plan
- type PlanFuture
- type PlanQueue
- func (q *PlanQueue) Dequeue(timeout time.Duration) (*pendingPlan, error)
- func (q *PlanQueue) EmitStats(period time.Duration, stopCh <-chan struct{})
- func (q *PlanQueue) Enabled() bool
- func (q *PlanQueue) Enqueue(plan *structs.Plan) (PlanFuture, error)
- func (q *PlanQueue) Flush()
- func (q *PlanQueue) SetEnabled(enabled bool)
- func (q *PlanQueue) Stats() *QueueStats
- type PurgeSITokenAccessorFunc
- type PurgeVaultAccessorFn
- type QueueStats
- type RPCContext
- type RaftLayer
- func (l *RaftLayer) Accept() (net.Conn, error)
- func (l *RaftLayer) Addr() net.Addr
- func (l *RaftLayer) Close() error
- func (l *RaftLayer) Dial(address raft.ServerAddress, timeout time.Duration) (net.Conn, error)
- func (l *RaftLayer) Handoff(ctx context.Context, c net.Conn) error
- func (l *RaftLayer) ReloadTLS(tlsWrap tlsutil.Wrapper)
- type ReadyEvaluations
- type Region
- type SITokenStats
- type Scaling
- type SchedulerStats
- type SchedulerWorkerPoolArgs
- type SchedulerWorkerStatus
- type Search
- type Server
- func NewServer(config *Config, consulCatalog consul.CatalogAPI, ...) (*Server, error)
- func TestACLServer(t testing.T, cb func(*Config)) (*Server, *structs.ACLToken, func())
- func TestServer(t testing.T, cb func(*Config)) (*Server, func())
- func TestServerErr(t testing.T, cb func(*Config)) (*Server, func(), error)
- func (s *Server) Authenticate(ctx *RPCContext, args structs.RequestWithIdentity) error
- func (s *Server) ClusterID() (string, error)
- func (s *Server) Datacenter() string
- func (s *Server) DispatchJob(job *structs.Job) (*structs.Evaluation, error)
- func (s *Server) EmitRaftStats(period time.Duration, stopCh <-chan struct{})
- func (s *Server) Encrypted() bool
- func (s *Server) GetClusterHealth() *structs.OperatorHealthReply
- func (s *Server) GetConfig() *Config
- func (s *Server) GetSchedulerWorkerConfig() SchedulerWorkerPoolArgs
- func (s *Server) GetSchedulerWorkersInfo() []WorkerInfo
- func (s *Server) IsLeader() bool
- func (s *Server) IsShutdown() bool
- func (s *Server) Join(addrs []string) (int, error)
- func (s *Server) KeyManager() *serf.KeyManager
- func (s *Server) Leave() error
- func (s *Server) LocalMember() serf.Member
- func (s *Server) MeasureRPCRate(endpoint, op string, args structs.RequestWithIdentity)
- func (s *Server) Members() []serf.Member
- func (s *Server) MinRaftProtocol() (int, error)
- func (s *Server) RPC(method string, args interface{}, reply interface{}) error
- func (s *Server) Region() string
- func (s *Server) Regions() []string
- func (s *Server) Reload(newConfig *Config) error
- func (s *Server) RemoveFailedNode(node string) error
- func (s *Server) ReplicationToken() string
- func (s *Server) ResolveACL(args structs.RequestWithIdentity) (*acl.ACL, error)
- func (s *Server) ResolveACLForToken(aclToken *structs.ACLToken) (*acl.ACL, error)
- func (s *Server) ResolveClaims(claims *structs.IdentityClaims) (*acl.ACL, error)
- func (s *Server) ResolveClientOrACL(args structs.RequestWithIdentity) (*acl.ACL, error)
- func (s *Server) ResolveSecretToken(secretID string) (*structs.ACLToken, error)
- func (s *Server) ResolveToken(secretID string) (*acl.ACL, error)
- func (s *Server) RunningChildren(job *structs.Job) (bool, error)
- func (s *Server) SetSchedulerWorkerConfig(newArgs SchedulerWorkerPoolArgs) SchedulerWorkerPoolArgs
- func (s *Server) Shutdown() error
- func (s *Server) State() *state.StateStore
- func (s *Server) Stats() map[string]map[string]string
- func (s *Server) StreamingRpcHandler(method string) (structs.StreamingRpcHandler, error)
- func (s *Server) VerifyClaim(token string) (*structs.IdentityClaims, error)
- type ServiceIdentityRequest
- type ServiceRegistration
- func (s *ServiceRegistration) DeleteByID(args *structs.ServiceRegistrationDeleteByIDRequest, ...) error
- func (s *ServiceRegistration) GetService(args *structs.ServiceRegistrationByNameRequest, ...) error
- func (s *ServiceRegistration) List(args *structs.ServiceRegistrationListRequest, ...) error
- func (s *ServiceRegistration) Upsert(args *structs.ServiceRegistrationUpsertRequest, ...) error
- type SnapshotRestorer
- type SnapshotRestorers
- type SnapshotType
- type StatsFetcher
- type Status
- func (s *Status) HasNodeConn(args *structs.NodeSpecificRequest, reply *structs.NodeConnQueryResponse) error
- func (s *Status) Leader(args *structs.GenericRequest, reply *string) error
- func (s *Status) Members(args *structs.GenericRequest, reply *structs.ServerMembersResponse) error
- func (s *Status) Peers(args *structs.GenericRequest, reply *[]string) error
- func (s *Status) Ping(args structs.GenericRequest, reply *struct{}) error
- func (s *Status) RaftStats(args *structs.GenericRequest, reply *structs.RaftStats) error
- type System
- type TestVaultClient
- func (v *TestVaultClient) CreateToken(ctx context.Context, a *structs.Allocation, task string) (*vapi.Secret, error)
- func (v *TestVaultClient) EmitStats(period time.Duration, stopCh <-chan struct{})
- func (v *TestVaultClient) GetConfig() *config.VaultConfig
- func (v *TestVaultClient) LookupToken(ctx context.Context, token string) (*vapi.Secret, error)
- func (v *TestVaultClient) MarkForRevocation(accessors []*structs.VaultAccessor) error
- func (v *TestVaultClient) RevokeTokens(ctx context.Context, accessors []*structs.VaultAccessor, committed bool) error
- func (v *TestVaultClient) Running() bool
- func (v *TestVaultClient) SetActive(enabled bool)
- func (v *TestVaultClient) SetConfig(config *config.VaultConfig) error
- func (v *TestVaultClient) SetCreateTokenError(allocID, task string, err error)
- func (v *TestVaultClient) SetCreateTokenSecret(allocID, task string, secret *vapi.Secret)
- func (v *TestVaultClient) SetLookupTokenAllowedPolicies(token string, policies []string)
- func (v *TestVaultClient) SetLookupTokenError(token string, err error)
- func (v *TestVaultClient) SetLookupTokenSecret(token string, secret *vapi.Secret)
- func (v *TestVaultClient) Stats() map[string]string
- func (v *TestVaultClient) Stop()
- type TimeTable
- type TimeTableEntry
- type Variables
- func (sv *Variables) Apply(args *structs.VariablesApplyRequest, reply *structs.VariablesApplyResponse) error
- func (sv *Variables) List(args *structs.VariablesListRequest, reply *structs.VariablesListResponse) error
- func (sv *Variables) Read(args *structs.VariablesReadRequest, reply *structs.VariablesReadResponse) error
- type VaultClient
- type VaultNoopDelegate
- type VaultStats
- type Worker
- func (w *Worker) CreateEval(eval *structs.Evaluation) error
- func (w *Worker) GetStatus() WorkerStatus
- func (w *Worker) GetWorkloadStatus() SchedulerWorkerStatus
- func (w *Worker) ID() string
- func (w *Worker) Info() WorkerInfo
- func (w *Worker) IsPaused() bool
- func (w *Worker) IsStarted() bool
- func (w *Worker) IsStopped() bool
- func (w *Worker) Pause()
- func (w *Worker) ReblockEval(eval *structs.Evaluation) error
- func (w *Worker) Resume()
- func (w *Worker) ServersMeetMinimumVersion(minVersion *version.Version, checkFailedServers bool) bool
- func (w *Worker) Start()
- func (w *Worker) Stop()
- func (w *Worker) SubmitPlan(plan *structs.Plan) (*structs.PlanResult, scheduler.State, error)
- func (w *Worker) UpdateEval(eval *structs.Evaluation) error
- type WorkerInfo
- type WorkerStatus
Constants ¶
const ( // AutopilotRZTag is the Serf tag to use for the redundancy zone value // when passing the server metadata to Autopilot. AutopilotRZTag = "ap_zone" // AutopilotRZTag is the Serf tag to use for the custom version value // when passing the server metadata to Autopilot. AutopilotVersionTag = "ap_version" )
const ( DefaultRegion = "global" DefaultDC = "dc1" DefaultSerfPort = 4648 )
const ( // ConsulPolicyWrite is the literal text of the policy field of a Consul Policy // Rule that we check when validating an Operator Consul token against the // necessary permissions for creating a Service Identity token for a given // service. // // The rule may be: // - service.<exact> // - service."*" (wildcard) // - service_prefix.<matching> (including empty string) // // e.g. // service "web" { policy = "write" } // service_prefix "" { policy = "write" } ConsulPolicyWrite = "write" // ConsulPolicyRead is the literal text of the policy field of a Consul Policy // Rule that we check when validating a job-submitter Consul token against the // necessary permissions for reading the key-value store. // // The only acceptable rule is // - service_prefix "" { policy = "read|write" } ConsulPolicyRead = "read" )
const ( // RegisterEnforceIndexErrPrefix is the prefix to use in errors caused by // enforcing the job modify index during registers. RegisterEnforceIndexErrPrefix = "Enforcing job modify index" // DispatchPayloadSizeLimit is the maximum size of the uncompressed input // data payload. DispatchPayloadSizeLimit = 16 * 1024 )
const ( // NodeDrainEvents are the various drain messages NodeDrainEventDrainSet = "Node drain strategy set" NodeDrainEventDrainDisabled = "Node drain disabled" NodeDrainEventDrainUpdated = "Node drain strategy updated" // NodeEligibilityEventEligible is used when the nodes eligiblity is marked // eligible NodeEligibilityEventEligible = "Node marked as eligible for scheduling" // NodeEligibilityEventIneligible is used when the nodes eligiblity is marked // ineligible NodeEligibilityEventIneligible = "Node marked as ineligible for scheduling" // NodeHeartbeatEventReregistered is the message used when the node becomes // reregistered by the heartbeat. NodeHeartbeatEventReregistered = "Node reregistered by heartbeat" )
const AllRegions = ""
const ( // DefaultDequeueTimeout is used if no dequeue timeout is provided DefaultDequeueTimeout = time.Second )
const ( // NodeHeartbeatEventMissed is the event used when the Nodes heartbeat is // missed. NodeHeartbeatEventMissed = "Node heartbeat missed" )
const ( // StatusReap is used to update the status of a node if we // are handling a EventMemberReap StatusReap = serf.MemberStatus(-1) )
Variables ¶
var ( // ErrNotOutstanding is returned if an evaluation is not outstanding ErrNotOutstanding = errors.New("evaluation is not outstanding") // ErrTokenMismatch is the outstanding eval has a different token ErrTokenMismatch = errors.New("evaluation token does not match") // ErrNackTimeoutReached is returned if an expired evaluation is reset ErrNackTimeoutReached = errors.New("evaluation nack timeout reached") )
var ErrMultipleNamespaces = errors.New("multiple Vault namespaces requires Nomad Enterprise")
ErrMultipleNamespaces is send when multiple namespaces are used in the OSS setup
var MinVersionPlanNormalization = version.Must(version.NewVersion("0.9.2"))
MinVersionPlanNormalization is the minimum version to support the normalization of Plan in SubmitPlan, and the denormalization raft log entry committed in ApplyPlanResultsRequest
Functions ¶
func DefaultRPCAddr ¶
func NewConsulACLsAPI ¶ added in v0.10.4
func NewConsulACLsAPI(aclClient consul.ACLsAPI, logger hclog.Logger, purgeFunc PurgeSITokenAccessorFunc) *consulACLsAPI
func NewConsulConfigsAPI ¶ added in v0.12.4
func NewCoreScheduler ¶
func NewCoreScheduler(srv *Server, snap *state.StateSnapshot) scheduler.Scheduler
NewCoreScheduler is used to return a new system scheduler instance
func NewPeriodicHeap ¶ added in v0.3.0
func NewPeriodicHeap() *periodicHeap
func NewVaultClient ¶ added in v0.5.0
func NewVaultClient(c *config.VaultConfig, logger log.Logger, purgeFn PurgeVaultAccessorFn, delegate taskClientHandler) (*vaultClient, error)
NewVaultClient returns a Vault client from the given config. If the client couldn't be made an error is returned.
func NodeRpc ¶ added in v0.8.0
NodeRpc is used to make an RPC call to a node. The method takes the Yamux session for the node and the method to be called.
func NodeStreamingRpc ¶ added in v0.8.0
NodeStreamingRpc is used to make a streaming RPC call to a node. The method takes the Yamux session for the node and the method to be called. It conducts the initial handshake and returns a connection to be used or an error. It is the callers responsibility to close the connection if there is no error.
func ServersMeetMinimumVersion ¶ added in v0.7.0
func ServersMeetMinimumVersion(members []serf.Member, region string, minVersion *version.Version, checkFailedServers bool) bool
ServersMeetMinimumVersion returns whether the Nomad servers are at least on the given Nomad version. The checkFailedServers parameter specifies whether version for the failed servers should be verified.
Types ¶
type ACL ¶ added in v0.7.0
type ACL struct {
// contains filtered or unexported fields
}
ACL endpoint is used for manipulating ACL tokens and policies
func NewACLEndpoint ¶ added in v1.5.0
func NewACLEndpoint(srv *Server, ctx *RPCContext) *ACL
func (*ACL) Bootstrap ¶ added in v0.7.0
func (a *ACL) Bootstrap(args *structs.ACLTokenBootstrapRequest, reply *structs.ACLTokenUpsertResponse) error
Bootstrap is used to bootstrap the initial token
func (*ACL) DeleteAuthMethods ¶ added in v1.5.0
func (a *ACL) DeleteAuthMethods( args *structs.ACLAuthMethodDeleteRequest, reply *structs.ACLAuthMethodDeleteResponse) error
DeleteAuthMethods is used to delete auth methods
func (*ACL) DeleteBindingRules ¶ added in v1.5.0
func (a *ACL) DeleteBindingRules( args *structs.ACLBindingRulesDeleteRequest, reply *structs.ACLBindingRulesDeleteResponse) error
DeleteBindingRules batch deletes ACL binding rules from Nomad state.
func (*ACL) DeletePolicies ¶ added in v0.7.0
func (a *ACL) DeletePolicies(args *structs.ACLPolicyDeleteRequest, reply *structs.GenericResponse) error
DeletePolicies is used to delete policies
func (*ACL) DeleteRolesByID ¶ added in v1.4.0
func (a *ACL) DeleteRolesByID( args *structs.ACLRolesDeleteByIDRequest, reply *structs.ACLRolesDeleteByIDResponse) error
DeleteRolesByID is used to batch delete ACL roles using the ID as the deletion key.
func (*ACL) DeleteTokens ¶ added in v0.7.0
func (a *ACL) DeleteTokens(args *structs.ACLTokenDeleteRequest, reply *structs.GenericResponse) error
DeleteTokens is used to delete tokens
func (*ACL) ExchangeOneTimeToken ¶ added in v1.1.0
func (a *ACL) ExchangeOneTimeToken(args *structs.OneTimeTokenExchangeRequest, reply *structs.OneTimeTokenExchangeResponse) error
ExchangeOneTimeToken provides a one-time token's secret ID to exchange it for the ACL token that created that one-time token
func (*ACL) ExpireOneTimeTokens ¶ added in v1.1.0
func (a *ACL) ExpireOneTimeTokens(args *structs.OneTimeTokenExpireRequest, reply *structs.GenericResponse) error
ExpireOneTimeTokens removes all expired tokens from the state store. It is called only by garbage collection
func (*ACL) GetAuthMethod ¶ added in v1.5.0
func (a *ACL) GetAuthMethod( args *structs.ACLAuthMethodGetRequest, reply *structs.ACLAuthMethodGetResponse) error
func (*ACL) GetAuthMethods ¶ added in v1.5.0
func (a *ACL) GetAuthMethods( args *structs.ACLAuthMethodsGetRequest, reply *structs.ACLAuthMethodsGetResponse) error
GetAuthMethods is used to get a set of auth methods
func (*ACL) GetBindingRule ¶ added in v1.5.0
func (a *ACL) GetBindingRule( args *structs.ACLBindingRuleRequest, reply *structs.ACLBindingRuleResponse) error
GetBindingRule is used to retrieve a single ACL binding rule as defined by its ID.
func (*ACL) GetBindingRules ¶ added in v1.5.0
func (a *ACL) GetBindingRules( args *structs.ACLBindingRulesRequest, reply *structs.ACLBindingRulesResponse) error
GetBindingRules is used to query for a set of ACL binding rules. This endpoint is used for replication purposes and is not exposed via the HTTP API.
func (*ACL) GetClaimPolicies ¶ added in v1.5.0
func (a *ACL) GetClaimPolicies(args *structs.GenericRequest, reply *structs.ACLPolicySetResponse) error
GetClaimPolicies return the ACLPolicy objects for a workload identity. Similar to GetPolicies except an error will *not* be returned if ACLs are disabled.
func (*ACL) GetPolicies ¶ added in v0.7.0
func (a *ACL) GetPolicies(args *structs.ACLPolicySetRequest, reply *structs.ACLPolicySetResponse) error
GetPolicies is used to get a set of policies
func (*ACL) GetPolicy ¶ added in v0.7.0
func (a *ACL) GetPolicy(args *structs.ACLPolicySpecificRequest, reply *structs.SingleACLPolicyResponse) error
GetPolicy is used to get a specific policy
func (*ACL) GetRoleByID ¶ added in v1.4.0
func (a *ACL) GetRoleByID( args *structs.ACLRoleByIDRequest, reply *structs.ACLRoleByIDResponse) error
GetRoleByID is used to look up an individual ACL role using its ID.
func (*ACL) GetRoleByName ¶ added in v1.4.0
func (a *ACL) GetRoleByName( args *structs.ACLRoleByNameRequest, reply *structs.ACLRoleByNameResponse) error
GetRoleByName is used to look up an individual ACL role using its name.
func (*ACL) GetRolesByID ¶ added in v1.4.0
func (a *ACL) GetRolesByID(args *structs.ACLRolesByIDRequest, reply *structs.ACLRolesByIDResponse) error
GetRolesByID is used to get a set of ACL Roles as defined by their ID. This endpoint is used by the replication process and Nomad agent client token resolution.
func (*ACL) GetToken ¶ added in v0.7.0
func (a *ACL) GetToken(args *structs.ACLTokenSpecificRequest, reply *structs.SingleACLTokenResponse) error
GetToken is used to get a specific token
func (*ACL) GetTokens ¶ added in v0.7.0
func (a *ACL) GetTokens(args *structs.ACLTokenSetRequest, reply *structs.ACLTokenSetResponse) error
GetTokens is used to get a set of token
func (*ACL) ListAuthMethods ¶ added in v1.5.0
func (a *ACL) ListAuthMethods( args *structs.ACLAuthMethodListRequest, reply *structs.ACLAuthMethodListResponse) error
ListAuthMethods returns a list of ACL auth methods
func (*ACL) ListBindingRules ¶ added in v1.5.0
func (a *ACL) ListBindingRules( args *structs.ACLBindingRulesListRequest, reply *structs.ACLBindingRulesListResponse) error
ListBindingRules returns a stub list of ACL binding rules.
func (*ACL) ListPolicies ¶ added in v0.7.0
func (a *ACL) ListPolicies(args *structs.ACLPolicyListRequest, reply *structs.ACLPolicyListResponse) error
ListPolicies is used to list the policies
func (*ACL) ListRoles ¶ added in v1.4.0
func (a *ACL) ListRoles( args *structs.ACLRolesListRequest, reply *structs.ACLRolesListResponse) error
ListRoles is used to list ACL roles within state. If not prefix is supplied, all ACL roles are listed, otherwise a prefix search is performed on the ACL role name.
func (*ACL) ListTokens ¶ added in v0.7.0
func (a *ACL) ListTokens(args *structs.ACLTokenListRequest, reply *structs.ACLTokenListResponse) error
ListTokens is used to list the tokens
func (*ACL) Login ¶ added in v1.5.4
func (a *ACL) Login(args *structs.ACLLoginRequest, reply *structs.ACLLoginResponse) error
Login RPC performs non-interactive auth using a given AuthMethod. This method can not be used for OIDC login flow.
func (*ACL) OIDCAuthURL ¶ added in v1.5.0
func (a *ACL) OIDCAuthURL(args *structs.ACLOIDCAuthURLRequest, reply *structs.ACLOIDCAuthURLResponse) error
OIDCAuthURL starts the OIDC login workflow. The response URL should be used by the caller to authenticate the user. Once this has been completed, OIDCCompleteAuth can be used for the remainder of the workflow.
func (*ACL) OIDCCompleteAuth ¶ added in v1.5.0
func (a *ACL) OIDCCompleteAuth( args *structs.ACLOIDCCompleteAuthRequest, reply *structs.ACLLoginResponse) error
OIDCCompleteAuth complete the OIDC login workflow. It will exchange the OIDC provider token for a Nomad ACL token, using the configured ACL role and policy claims to provide authorization.
func (*ACL) ResolveToken
deprecated
added in
v0.7.0
func (a *ACL) ResolveToken(args *structs.ResolveACLTokenRequest, reply *structs.ResolveACLTokenResponse) error
ResolveToken is used to lookup a specific token by a secret ID.
Deprecated: Prior to Nomad 1.5 this RPC was used by clients for authenticating local RPCs. Since Nomad 1.5 added workload identity support, clients now use the more flexible ACL.WhoAmI RPC. The /v1/acl/token/self API is the only remaining caller and should be switched to ACL.WhoAmI.
func (*ACL) UpsertAuthMethods ¶ added in v1.5.0
func (a *ACL) UpsertAuthMethods( args *structs.ACLAuthMethodUpsertRequest, reply *structs.ACLAuthMethodUpsertResponse) error
UpsertAuthMethods is used to create or update a set of auth methods
func (*ACL) UpsertBindingRules ¶ added in v1.5.0
func (a *ACL) UpsertBindingRules( args *structs.ACLBindingRulesUpsertRequest, reply *structs.ACLBindingRulesUpsertResponse) error
UpsertBindingRules creates or updates ACL binding rules held within Nomad.
func (*ACL) UpsertOneTimeToken ¶ added in v1.1.0
func (a *ACL) UpsertOneTimeToken(args *structs.OneTimeTokenUpsertRequest, reply *structs.OneTimeTokenUpsertResponse) error
func (*ACL) UpsertPolicies ¶ added in v0.7.0
func (a *ACL) UpsertPolicies(args *structs.ACLPolicyUpsertRequest, reply *structs.GenericResponse) error
UpsertPolicies is used to create or update a set of policies
func (*ACL) UpsertRoles ¶ added in v1.4.0
func (a *ACL) UpsertRoles( args *structs.ACLRolesUpsertRequest, reply *structs.ACLRolesUpsertResponse) error
UpsertRoles creates or updates ACL roles held within Nomad.
func (*ACL) UpsertTokens ¶ added in v0.7.0
func (a *ACL) UpsertTokens(args *structs.ACLTokenUpsertRequest, reply *structs.ACLTokenUpsertResponse) error
UpsertTokens is used to create or update a set of tokens
func (*ACL) WhoAmI ¶ added in v1.5.0
func (a *ACL) WhoAmI(args *structs.GenericRequest, reply *structs.ACLWhoAmIResponse) error
WhoAmI is a RPC for debugging authentication. This endpoint returns the same AuthenticatedIdentity that will be used by RPC handlers, but unlike other endpoints will try to authenticate workload identities even if ACLs are disabled.
TODO: At some point we might want to give this an equivalent HTTP endpoint once other Workload Identity work is solidified
type Agent ¶ added in v0.10.2
type Agent struct {
// contains filtered or unexported fields
}
func NewAgentEndpoint ¶ added in v1.5.0
func (*Agent) Host ¶ added in v0.12.0
func (a *Agent) Host(args *structs.HostDataRequest, reply *structs.HostDataResponse) error
Host returns data about the agent's host system for the `debug` command.
func (*Agent) Profile ¶ added in v0.10.4
func (a *Agent) Profile(args *structs.AgentPprofRequest, reply *structs.AgentPprofResponse) error
type Alloc ¶
type Alloc struct {
// contains filtered or unexported fields
}
Alloc endpoint is used for manipulating allocations
func NewAllocEndpoint ¶ added in v1.5.0
func NewAllocEndpoint(srv *Server, ctx *RPCContext) *Alloc
func (*Alloc) GetAlloc ¶
func (a *Alloc) GetAlloc(args *structs.AllocSpecificRequest, reply *structs.SingleAllocResponse) error
GetAlloc is used to lookup a particular allocation
func (*Alloc) GetAllocs ¶ added in v0.3.0
func (a *Alloc) GetAllocs(args *structs.AllocsGetRequest, reply *structs.AllocsGetResponse) error
GetAllocs is used to lookup a set of allocations
func (*Alloc) GetServiceRegistrations ¶ added in v1.3.0
func (a *Alloc) GetServiceRegistrations( args *structs.AllocServiceRegistrationsRequest, reply *structs.AllocServiceRegistrationsResponse) error
GetServiceRegistrations returns a list of service registrations which belong to the passed allocation ID.
func (*Alloc) List ¶
func (a *Alloc) List(args *structs.AllocListRequest, reply *structs.AllocListResponse) error
List is used to list the allocations in the system
func (*Alloc) Stop ¶ added in v0.9.2
func (a *Alloc) Stop(args *structs.AllocStopRequest, reply *structs.AllocStopResponse) error
Stop is used to stop an allocation and migrate it to another node.
func (*Alloc) UpdateDesiredTransition ¶ added in v0.8.0
func (a *Alloc) UpdateDesiredTransition(args *structs.AllocUpdateDesiredTransitionRequest, reply *structs.GenericResponse) error
UpdateDesiredTransition is used to update the desired transitions of an allocation.
type AllocGetter ¶ added in v0.9.6
AllocGetter is an interface for retrieving allocations by ID. It is satisfied by *state.StateStore and *state.StateSnapshot.
type AutopilotDelegate ¶ added in v0.8.0
type AutopilotDelegate struct {
// contains filtered or unexported fields
}
AutopilotDelegate is a Nomad delegate for autopilot operations. It implements the autopilot.ApplicationIntegration interface, and the methods required for that interface have been documented as such below.
func (*AutopilotDelegate) AutopilotConfig ¶ added in v0.8.0
func (d *AutopilotDelegate) AutopilotConfig() *autopilot.Config
AutopilotConfig is used to retrieve the latest configuration from the Nomad delegate. This method is required to implement the ApplicationIntegration interface.
func (*AutopilotDelegate) FetchServerStats ¶ added in v1.4.0
func (d *AutopilotDelegate) FetchServerStats(ctx context.Context, servers map[raft.ServerID]*autopilot.Server) map[raft.ServerID]*autopilot.ServerStats
FetchServerStats will be called by autopilot to request Nomad fetch the server stats out of band. This method is required to implement the ApplicationIntegration interface
func (*AutopilotDelegate) KnownServers ¶ added in v1.4.0
func (d *AutopilotDelegate) KnownServers() map[raft.ServerID]*autopilot.Server
KnownServers will be called by autopilot to request the list of servers known to Nomad. This method is required to implement the ApplicationIntegration interface
func (*AutopilotDelegate) NotifyState ¶ added in v1.4.0
func (d *AutopilotDelegate) NotifyState(state *autopilot.State)
NotifyState will be called when the autopilot state is updated. The Nomad leader heartbeats a metric for monitoring based on this information. This method is required to implement the ApplicationIntegration interface
func (*AutopilotDelegate) RemoveFailedServer ¶ added in v1.4.0
func (d *AutopilotDelegate) RemoveFailedServer(failedSrv *autopilot.Server)
RemoveFailedServer will be called by autopilot to notify Nomad to remove the server in a failed state. This method is required to implement the ApplicationIntegration interface. (Note this is expected to return immediately so we'll spawn a goroutine for it.)
type BadNodeTracker ¶ added in v1.3.2
type BlockedEvals ¶ added in v0.3.0
type BlockedEvals struct {
// contains filtered or unexported fields
}
BlockedEvals is used to track evaluations that shouldn't be queued until a certain class of nodes becomes available. An evaluation is put into the blocked state when it is run through the scheduler and produced failed allocations. It is unblocked when the capacity of a node that could run the failed allocation becomes available.
func NewBlockedEvals ¶ added in v0.3.0
func NewBlockedEvals(evalBroker *EvalBroker, logger hclog.Logger) *BlockedEvals
NewBlockedEvals creates a new blocked eval tracker that will enqueue unblocked evals into the passed broker.
func (*BlockedEvals) Block ¶ added in v0.3.0
func (b *BlockedEvals) Block(eval *structs.Evaluation)
Block tracks the passed evaluation and enqueues it into the eval broker when a suitable node calls unblock.
func (*BlockedEvals) EmitStats ¶ added in v0.3.0
func (b *BlockedEvals) EmitStats(period time.Duration, stopCh <-chan struct{})
EmitStats is used to export metrics about the blocked eval tracker while enabled
func (*BlockedEvals) Enabled ¶ added in v0.3.0
func (b *BlockedEvals) Enabled() bool
Enabled is used to check if the broker is enabled.
func (*BlockedEvals) Flush ¶ added in v0.3.0
func (b *BlockedEvals) Flush()
Flush is used to clear the state of blocked evaluations.
func (*BlockedEvals) GetDuplicates ¶ added in v0.3.0
func (b *BlockedEvals) GetDuplicates(timeout time.Duration) []*structs.Evaluation
GetDuplicates returns all the duplicate evaluations and blocks until the passed timeout.
func (*BlockedEvals) Reblock ¶ added in v0.4.0
func (b *BlockedEvals) Reblock(eval *structs.Evaluation, token string)
Reblock tracks the passed evaluation and enqueues it into the eval broker when a suitable node calls unblock. Reblock should be used over Block when the blocking is occurring by an outstanding evaluation. The token is the evaluation's token.
func (*BlockedEvals) SetEnabled ¶ added in v0.3.0
func (b *BlockedEvals) SetEnabled(enabled bool)
SetEnabled is used to control if the blocked eval tracker is enabled. The tracker should only be enabled on the active leader.
func (*BlockedEvals) SetTimetable ¶ added in v0.7.0
func (b *BlockedEvals) SetTimetable(timetable *TimeTable)
func (*BlockedEvals) Stats ¶ added in v0.3.0
func (b *BlockedEvals) Stats() *BlockedStats
Stats is used to query the state of the blocked eval tracker.
func (*BlockedEvals) Unblock ¶ added in v0.3.0
func (b *BlockedEvals) Unblock(computedClass string, index uint64)
Unblock causes any evaluation that could potentially make progress on a capacity change on the passed computed node class to be enqueued into the eval broker.
func (*BlockedEvals) UnblockClassAndQuota ¶ added in v0.7.0
func (b *BlockedEvals) UnblockClassAndQuota(class, quota string, index uint64)
UnblockClassAndQuota causes any evaluation that could potentially make progress on a capacity change on the passed computed node class or quota to be enqueued into the eval broker.
func (*BlockedEvals) UnblockFailed ¶ added in v0.4.0
func (b *BlockedEvals) UnblockFailed()
UnblockFailed unblocks all blocked evaluation that were due to scheduler failure.
func (*BlockedEvals) UnblockNode ¶ added in v0.9.4
func (b *BlockedEvals) UnblockNode(nodeID string, index uint64)
UnblockNode finds any blocked evalution that's node specific (system jobs) and enqueues it on the eval broker
func (*BlockedEvals) UnblockQuota ¶ added in v0.7.0
func (b *BlockedEvals) UnblockQuota(quota string, index uint64)
UnblockQuota causes any evaluation that could potentially make progress on a capacity change on the passed quota to be enqueued into the eval broker.
func (*BlockedEvals) Untrack ¶ added in v0.5.3
func (b *BlockedEvals) Untrack(jobID, namespace string)
Untrack causes any blocked evaluation for the passed job to be no longer tracked. Untrack is called when there is a successful evaluation for the job and a blocked evaluation is no longer needed.
type BlockedResourcesStats ¶ added in v1.1.0
type BlockedResourcesStats struct { ByJob map[structs.NamespacedID]BlockedResourcesSummary ByClassInDC map[classInDC]BlockedResourcesSummary }
BlockedResourcesStats stores resources requested by blocked evaluations, tracked both by job and by node.
func NewBlockedResourcesStats ¶ added in v1.1.0
func NewBlockedResourcesStats() *BlockedResourcesStats
NewBlockedResourcesStats returns a new BlockedResourcesStats.
func (*BlockedResourcesStats) Add ¶ added in v1.1.0
func (b *BlockedResourcesStats) Add(a *BlockedResourcesStats) *BlockedResourcesStats
Add returns a new BlockedResourcesStats with the values set to the current resource values plus the input.
func (*BlockedResourcesStats) Copy ¶ added in v1.1.0
func (b *BlockedResourcesStats) Copy() *BlockedResourcesStats
Copy returns a deep copy of the blocked resource stats.
func (*BlockedResourcesStats) Subtract ¶ added in v1.1.0
func (b *BlockedResourcesStats) Subtract(a *BlockedResourcesStats) *BlockedResourcesStats
Subtract returns a new BlockedResourcesStats with the values set to the current resource values minus the input.
type BlockedResourcesSummary ¶ added in v1.1.0
BlockedResourcesSummary stores resource values for blocked evals.
func (BlockedResourcesSummary) Add ¶ added in v1.1.0
func (b BlockedResourcesSummary) Add(a BlockedResourcesSummary) BlockedResourcesSummary
Add returns a new BlockedResourcesSummary with each resource set to the current value plus the input.
func (BlockedResourcesSummary) IsZero ¶ added in v1.1.0
func (b BlockedResourcesSummary) IsZero() bool
IsZero returns true if all resource values are zero.
func (BlockedResourcesSummary) Subtract ¶ added in v1.1.0
func (b BlockedResourcesSummary) Subtract(a BlockedResourcesSummary) BlockedResourcesSummary
Subtract returns a new BlockedResourcesSummary with each resource set to the current value minus the input.
type BlockedStats ¶ added in v0.3.0
type BlockedStats struct { // TotalEscaped is the total number of blocked evaluations that have escaped // computed node classes. TotalEscaped int // TotalBlocked is the total number of blocked evaluations. TotalBlocked int // TotalQuotaLimit is the total number of blocked evaluations that are due // to the quota limit being reached. TotalQuotaLimit int // BlockedResources stores the amount of resources requested by blocked // evaluations. BlockedResources *BlockedResourcesStats }
BlockedStats returns all the stats about the blocked eval tracker.
func NewBlockedStats ¶ added in v1.1.0
func NewBlockedStats() *BlockedStats
NewBlockedStats returns a new BlockedStats.
func (*BlockedStats) Block ¶ added in v1.1.0
func (b *BlockedStats) Block(eval *structs.Evaluation)
Block updates the stats for the blocked eval tracker with the details of the evaluation being blocked.
func (*BlockedStats) Unblock ¶ added in v1.1.0
func (b *BlockedStats) Unblock(eval *structs.Evaluation)
Unblock updates the stats for the blocked eval tracker with the details of the evaluation being unblocked.
type BrokerStats ¶
type BrokerStats struct { TotalReady int TotalUnacked int TotalPending int TotalWaiting int TotalCancelable int DelayedEvals map[string]*structs.Evaluation ByScheduler map[string]*SchedulerStats }
BrokerStats returns all the stats about the broker
type CSIPlugin ¶ added in v0.11.0
type CSIPlugin struct {
// contains filtered or unexported fields
}
CSIPlugin wraps the structs.CSIPlugin with request data and server context
func NewCSIPluginEndpoint ¶ added in v1.5.0
func NewCSIPluginEndpoint(srv *Server, ctx *RPCContext) *CSIPlugin
func (*CSIPlugin) Delete ¶ added in v0.11.2
func (v *CSIPlugin) Delete(args *structs.CSIPluginDeleteRequest, reply *structs.CSIPluginDeleteResponse) error
Delete deletes a plugin if it is unused
func (*CSIPlugin) Get ¶ added in v0.11.0
func (v *CSIPlugin) Get(args *structs.CSIPluginGetRequest, reply *structs.CSIPluginGetResponse) error
Get fetches detailed information about a specific plugin
func (*CSIPlugin) List ¶ added in v0.11.0
func (v *CSIPlugin) List(args *structs.CSIPluginListRequest, reply *structs.CSIPluginListResponse) error
List replies with CSIPlugins, filtered by ACL access
type CSIVolume ¶ added in v0.11.0
type CSIVolume struct {
// contains filtered or unexported fields
}
CSIVolume wraps the structs.CSIVolume with request data and server context
func NewCSIVolumeEndpoint ¶ added in v1.5.0
func NewCSIVolumeEndpoint(srv *Server, ctx *RPCContext) *CSIVolume
func (*CSIVolume) Claim ¶ added in v0.11.0
func (v *CSIVolume) Claim(args *structs.CSIVolumeClaimRequest, reply *structs.CSIVolumeClaimResponse) error
Claim submits a change to a volume claim
func (*CSIVolume) Create ¶ added in v1.1.0
func (v *CSIVolume) Create(args *structs.CSIVolumeCreateRequest, reply *structs.CSIVolumeCreateResponse) error
func (*CSIVolume) CreateSnapshot ¶ added in v1.1.0
func (v *CSIVolume) CreateSnapshot(args *structs.CSISnapshotCreateRequest, reply *structs.CSISnapshotCreateResponse) error
func (*CSIVolume) Delete ¶ added in v1.1.0
func (v *CSIVolume) Delete(args *structs.CSIVolumeDeleteRequest, reply *structs.CSIVolumeDeleteResponse) error
func (*CSIVolume) DeleteSnapshot ¶ added in v1.1.0
func (v *CSIVolume) DeleteSnapshot(args *structs.CSISnapshotDeleteRequest, reply *structs.CSISnapshotDeleteResponse) error
func (*CSIVolume) Deregister ¶ added in v0.11.0
func (v *CSIVolume) Deregister(args *structs.CSIVolumeDeregisterRequest, reply *structs.CSIVolumeDeregisterResponse) error
Deregister removes a set of volumes
func (*CSIVolume) Get ¶ added in v0.11.0
func (v *CSIVolume) Get(args *structs.CSIVolumeGetRequest, reply *structs.CSIVolumeGetResponse) error
Get fetches detailed information about a specific volume
func (*CSIVolume) List ¶ added in v0.11.0
func (v *CSIVolume) List(args *structs.CSIVolumeListRequest, reply *structs.CSIVolumeListResponse) error
List replies with CSIVolumes, filtered by ACL access
func (*CSIVolume) ListExternal ¶ added in v1.1.0
func (v *CSIVolume) ListExternal(args *structs.CSIVolumeExternalListRequest, reply *structs.CSIVolumeExternalListResponse) error
func (*CSIVolume) ListSnapshots ¶ added in v1.1.0
func (v *CSIVolume) ListSnapshots(args *structs.CSISnapshotListRequest, reply *structs.CSISnapshotListResponse) error
func (*CSIVolume) Register ¶ added in v0.11.0
func (v *CSIVolume) Register(args *structs.CSIVolumeRegisterRequest, reply *structs.CSIVolumeRegisterResponse) error
Register registers a new volume or updates an existing volume. Note that most user-defined CSIVolume fields are immutable once the volume has been created.
If the user needs to change fields because they've misconfigured the registration of the external volume, we expect that claims won't work either, and the user can deregister the volume and try again with the right settings. This lets us be as strict with validation here as the CreateVolume CSI RPC is expected to be.
func (*CSIVolume) Unpublish ¶ added in v0.12.2
func (v *CSIVolume) Unpublish(args *structs.CSIVolumeUnpublishRequest, reply *structs.CSIVolumeUnpublishResponse) error
Unpublish synchronously sends the NodeUnpublish, NodeUnstage, and ControllerUnpublish RPCs to the client. It handles errors according to the current claim state.
type CachedBadNodeTracker ¶ added in v1.3.2
type CachedBadNodeTracker struct {
// contains filtered or unexported fields
}
CachedBadNodeTracker keeps a record of nodes marked as bad by the plan applier in a LRU cache.
It takes a time window and a threshold value. Plan rejections for a node will be registered with its timestamp. If the number of rejections within the time window is greater than the threshold the node is reported as bad.
The tracker uses a fixed size cache that evicts old entries based on access frequency and recency.
func NewCachedBadNodeTracker ¶ added in v1.3.2
func NewCachedBadNodeTracker(logger hclog.Logger, config CachedBadNodeTrackerConfig) (*CachedBadNodeTracker, error)
NewCachedBadNodeTracker returns a new CachedBadNodeTracker.
func (*CachedBadNodeTracker) Add ¶ added in v1.3.2
func (c *CachedBadNodeTracker) Add(nodeID string) bool
Add records a new rejection for a node and returns true if the number of rejections reaches the threshold.
If it's the first time the node is added it will be included in the internal cache. If the cache is full the least recently updated or accessed node is evicted.
func (*CachedBadNodeTracker) EmitStats ¶ added in v1.3.2
func (c *CachedBadNodeTracker) EmitStats(period time.Duration, stopCh <-chan struct{})
EmitStats generates metrics for the bad nodes being currently tracked. Must be called in a goroutine.
type CachedBadNodeTrackerConfig ¶ added in v1.3.2
type CachedBadNodeTrackerConfig struct { CacheSize int RateLimit float64 BurstSize int Window time.Duration Threshold int }
func DefaultCachedBadNodeTrackerConfig ¶ added in v1.3.2
func DefaultCachedBadNodeTrackerConfig() CachedBadNodeTrackerConfig
type ClientAllocations ¶ added in v0.8.0
type ClientAllocations struct {
// contains filtered or unexported fields
}
ClientAllocations is used to forward RPC requests to the targeted Nomad client's Allocation endpoint.
func NewClientAllocationsEndpoint ¶ added in v1.5.0
func NewClientAllocationsEndpoint(srv *Server) *ClientAllocations
func (*ClientAllocations) Checks ¶ added in v1.4.0
func (a *ClientAllocations) Checks(args *cstructs.AllocChecksRequest, reply *cstructs.AllocChecksResponse) error
Checks is the server implementation of the allocation checks RPC. The ultimate response is provided by the node running the allocation. This RPC is needed to handle queries which hit the server agent API directly, or via another node which is not running the allocation.
func (*ClientAllocations) GarbageCollect ¶ added in v0.8.0
func (a *ClientAllocations) GarbageCollect(args *structs.AllocSpecificRequest, reply *structs.GenericResponse) error
GarbageCollect is used to garbage collect an allocation on a client.
func (*ClientAllocations) GarbageCollectAll ¶ added in v0.8.0
func (a *ClientAllocations) GarbageCollectAll(args *structs.NodeSpecificRequest, reply *structs.GenericResponse) error
GarbageCollectAll is used to garbage collect all allocations on a client.
func (*ClientAllocations) Restart ¶ added in v0.9.2
func (a *ClientAllocations) Restart(args *structs.AllocRestartRequest, reply *structs.GenericResponse) error
Restart is used to trigger a restart of an allocation or a subtask on a client.
func (*ClientAllocations) Signal ¶ added in v0.9.2
func (a *ClientAllocations) Signal(args *structs.AllocSignalRequest, reply *structs.GenericResponse) error
Signal is used to send a signal to an allocation on a client.
func (*ClientAllocations) Stats ¶ added in v0.8.0
func (a *ClientAllocations) Stats(args *cstructs.AllocStatsRequest, reply *cstructs.AllocStatsResponse) error
Stats is used to collect allocation statistics
type ClientCSI ¶ added in v0.11.0
type ClientCSI struct {
// contains filtered or unexported fields
}
ClientCSI is used to forward RPC requests to the targed Nomad client's CSIController endpoint.
func NewClientCSIEndpoint ¶ added in v1.5.0
func NewClientCSIEndpoint(srv *Server, ctx *RPCContext) *ClientCSI
func (*ClientCSI) ControllerAttachVolume ¶ added in v0.11.0
func (a *ClientCSI) ControllerAttachVolume(args *cstructs.ClientCSIControllerAttachVolumeRequest, reply *cstructs.ClientCSIControllerAttachVolumeResponse) error
func (*ClientCSI) ControllerCreateSnapshot ¶ added in v1.1.0
func (a *ClientCSI) ControllerCreateSnapshot(args *cstructs.ClientCSIControllerCreateSnapshotRequest, reply *cstructs.ClientCSIControllerCreateSnapshotResponse) error
func (*ClientCSI) ControllerCreateVolume ¶ added in v1.1.0
func (a *ClientCSI) ControllerCreateVolume(args *cstructs.ClientCSIControllerCreateVolumeRequest, reply *cstructs.ClientCSIControllerCreateVolumeResponse) error
func (*ClientCSI) ControllerDeleteSnapshot ¶ added in v1.1.0
func (a *ClientCSI) ControllerDeleteSnapshot(args *cstructs.ClientCSIControllerDeleteSnapshotRequest, reply *cstructs.ClientCSIControllerDeleteSnapshotResponse) error
func (*ClientCSI) ControllerDeleteVolume ¶ added in v1.1.0
func (a *ClientCSI) ControllerDeleteVolume(args *cstructs.ClientCSIControllerDeleteVolumeRequest, reply *cstructs.ClientCSIControllerDeleteVolumeResponse) error
func (*ClientCSI) ControllerDetachVolume ¶ added in v0.11.0
func (a *ClientCSI) ControllerDetachVolume(args *cstructs.ClientCSIControllerDetachVolumeRequest, reply *cstructs.ClientCSIControllerDetachVolumeResponse) error
func (*ClientCSI) ControllerListSnapshots ¶ added in v1.1.0
func (a *ClientCSI) ControllerListSnapshots(args *cstructs.ClientCSIControllerListSnapshotsRequest, reply *cstructs.ClientCSIControllerListSnapshotsResponse) error
func (*ClientCSI) ControllerListVolumes ¶ added in v1.1.0
func (a *ClientCSI) ControllerListVolumes(args *cstructs.ClientCSIControllerListVolumesRequest, reply *cstructs.ClientCSIControllerListVolumesResponse) error
func (*ClientCSI) ControllerValidateVolume ¶ added in v0.11.0
func (a *ClientCSI) ControllerValidateVolume(args *cstructs.ClientCSIControllerValidateVolumeRequest, reply *cstructs.ClientCSIControllerValidateVolumeResponse) error
func (*ClientCSI) NodeDetachVolume ¶ added in v0.11.0
func (a *ClientCSI) NodeDetachVolume(args *cstructs.ClientCSINodeDetachVolumeRequest, reply *cstructs.ClientCSINodeDetachVolumeResponse) error
type ClientStats ¶ added in v0.8.0
type ClientStats struct {
// contains filtered or unexported fields
}
ClientStats is used to forward RPC requests to the targed Nomad client's ClientStats endpoint.
func NewClientStatsEndpoint ¶ added in v1.5.0
func NewClientStatsEndpoint(srv *Server) *ClientStats
func (*ClientStats) Stats ¶ added in v0.8.0
func (s *ClientStats) Stats(args *nstructs.NodeSpecificRequest, reply *structs.ClientStatsResponse) error
type Config ¶
type Config struct { // BootstrapExpect mode is used to automatically bring up a // collection of Nomad servers. This can be used to automatically // bring up a collection of nodes. // // The BootstrapExpect can be of any of the following values: // 1: Server will form a single node cluster and become a leader immediately // N, larger than 1: Server will wait until it's connected to N servers // before attempting leadership and forming the cluster. No Raft Log operation // will succeed until then. // 0: Server will wait to get a Raft configuration from another node and may not // attempt to form a cluster or establish leadership on its own. BootstrapExpect int // DataDir is the directory to store our state in DataDir string // DevMode is used for development purposes only and limits the // use of persistence or state. DevMode bool // EnableDebug is used to enable debugging RPC endpoints // in the absence of ACLs EnableDebug bool // EnableEventBroker is used to enable or disable state store // event publishing EnableEventBroker bool // EventBufferSize is the amount of events to hold in memory. EventBufferSize int64 // LogOutput is the location to write logs to. If this is not set, // logs will go to stderr. LogOutput io.Writer // Logger is the logger used by the server. Logger log.InterceptLogger // RPCAddr is the RPC address used by Nomad. This should be reachable // by the other servers and clients RPCAddr *net.TCPAddr // ClientRPCAdvertise is the address that is advertised to client nodes for // the RPC endpoint. This can differ from the RPC address, if for example // the RPCAddr is unspecified "0.0.0.0:4646", but this address must be // reachable ClientRPCAdvertise *net.TCPAddr // ServerRPCAdvertise is the address that is advertised to other servers for // the RPC endpoint. This can differ from the RPC address, if for example // the RPCAddr is unspecified "0.0.0.0:4646", but this address must be // reachable ServerRPCAdvertise *net.TCPAddr // RaftConfig is the configuration used for Raft in the local DC RaftConfig *raft.Config // RaftTimeout is applied to any network traffic for raft. Defaults to 10s. RaftTimeout time.Duration // (Enterprise-only) NonVoter is used to prevent this server from being added // as a voting member of the Raft cluster. NonVoter bool // (Enterprise-only) RedundancyZone is the redundancy zone to use for this server. RedundancyZone string // (Enterprise-only) UpgradeVersion is the custom upgrade version to use when // performing upgrade migrations. UpgradeVersion string // SerfConfig is the configuration for the serf cluster SerfConfig *serf.Config // Node name is the name we use to advertise. Defaults to hostname. NodeName string // NodeID is the uuid of this server. NodeID string // Region is the region this Nomad server belongs to. Region string // AuthoritativeRegion is the region which is treated as the authoritative source // for ACLs and Policies. This provides a single source of truth to resolve conflicts. AuthoritativeRegion string // Datacenter is the datacenter this Nomad server belongs to. Datacenter string // Build is a string that is gossiped around, and can be used to help // operators track which versions are actively deployed Build string // BuildDate is the time of the git commit used to build the program. BuildDate time.Time // Revision is a string that carries the version.GitCommit of Nomad that // was compiled. Revision string // NumSchedulers is the number of scheduler thread that are run. // This can be as many as one per core, or zero to disable this server // from doing any scheduling work. NumSchedulers int // EnabledSchedulers controls the set of sub-schedulers that are // enabled for this server to handle. This will restrict the evaluations // that the workers dequeue for processing. EnabledSchedulers []string // ReconcileInterval controls how often we reconcile the strongly // consistent store with the Serf info. This is used to handle nodes // that are force removed, as well as intermittent unavailability during // leader election. ReconcileInterval time.Duration // EvalGCInterval is how often we dispatch a job to GC evaluations EvalGCInterval time.Duration // EvalGCThreshold is how "old" an evaluation must be to be eligible // for GC. This gives users some time to debug a failed evaluation. // // Please note that the rules for GC of evaluations which belong to a batch // job are separate and controlled by `BatchEvalGCThreshold` EvalGCThreshold time.Duration // BatchEvalGCThreshold is how "old" an evaluation must be to be eligible // for GC if the eval belongs to a batch job. BatchEvalGCThreshold time.Duration // JobGCInterval is how often we dispatch a job to GC jobs that are // available for garbage collection. JobGCInterval time.Duration // JobGCThreshold is how old a job must be before it eligible for GC. This gives // the user time to inspect the job. JobGCThreshold time.Duration // NodeGCInterval is how often we dispatch a job to GC failed nodes. NodeGCInterval time.Duration // NodeGCThreshold is how "old" a node must be to be eligible // for GC. This gives users some time to view and debug a failed nodes. NodeGCThreshold time.Duration // DeploymentGCInterval is how often we dispatch a job to GC terminal // deployments. DeploymentGCInterval time.Duration // DeploymentGCThreshold is how "old" a deployment must be to be eligible // for GC. This gives users some time to view terminal deployments. DeploymentGCThreshold time.Duration // CSIPluginGCInterval is how often we dispatch a job to GC unused plugins. CSIPluginGCInterval time.Duration // CSIPluginGCThreshold is how "old" a plugin must be to be eligible // for GC. This gives users some time to debug plugins. CSIPluginGCThreshold time.Duration // CSIVolumeClaimGCInterval is how often we dispatch a job to GC // volume claims. CSIVolumeClaimGCInterval time.Duration // CSIVolumeClaimGCThreshold is how "old" a volume must be to be // eligible for GC. This gives users some time to debug volumes. CSIVolumeClaimGCThreshold time.Duration // OneTimeTokenGCInterval is how often we dispatch a job to GC // one-time tokens. OneTimeTokenGCInterval time.Duration // ACLTokenExpirationGCInterval is how often we dispatch a job to GC // expired ACL tokens. ACLTokenExpirationGCInterval time.Duration // ACLTokenExpirationGCThreshold controls how "old" an expired ACL token // must be to be collected by GC. ACLTokenExpirationGCThreshold time.Duration // RootKeyGCInterval is how often we dispatch a job to GC // encryption key metadata RootKeyGCInterval time.Duration // RootKeyGCThreshold is how "old" encryption key metadata must be // to be eligible for GC. RootKeyGCThreshold time.Duration // RootKeyRotationThreshold is how "old" an active key can be // before it's rotated RootKeyRotationThreshold time.Duration // VariablesRekeyInterval is how often we dispatch a job to // rekey any variables associated with a key in the Rekeying state VariablesRekeyInterval time.Duration // EvalNackTimeout controls how long we allow a sub-scheduler to // work on an evaluation before we consider it failed and Nack it. // This allows that evaluation to be handed to another sub-scheduler // to work on. Defaults to 60 seconds. This should be long enough that // no evaluation hits it unless the sub-scheduler has failed. EvalNackTimeout time.Duration // EvalDeliveryLimit is the limit of attempts we make to deliver and // process an evaluation. This is used so that an eval that will never // complete eventually fails out of the system. EvalDeliveryLimit int // EvalNackInitialReenqueueDelay is the delay applied before reenqueuing a // Nacked evaluation for the first time. This value should be small as the // initial Nack can be due to a down machine and the eval should be retried // quickly for liveliness. EvalNackInitialReenqueueDelay time.Duration // EvalNackSubsequentReenqueueDelay is the delay applied before reenqueuing // an evaluation that has been Nacked more than once. This delay is // compounding after the first Nack. This value should be significantly // longer than the initial delay as the purpose it severs is to apply // back-pressure as evaluations are being Nacked either due to scheduler // failures or because they are hitting their Nack timeout, both of which // are signs of high server resource usage. EvalNackSubsequentReenqueueDelay time.Duration // EvalFailedFollowupBaselineDelay is the minimum time waited before // retrying a failed evaluation. EvalFailedFollowupBaselineDelay time.Duration // EvalReapCancelableInterval is the interval for the periodic reaping of // cancelable evaluations. Cancelable evaluations are canceled whenever any // eval is ack'd but this sweeps up on quiescent clusters. This config value // exists only for testing. EvalReapCancelableInterval time.Duration // EvalFailedFollowupDelayRange defines the range of additional time from // the baseline in which to wait before retrying a failed evaluation. The // additional delay is selected from this range randomly. EvalFailedFollowupDelayRange time.Duration // NodePlanRejectionEnabled controls if node rejection tracker is enabled. NodePlanRejectionEnabled bool // NodePlanRejectionThreshold is the number of times a node must have a // plan rejection before it is set as ineligible. NodePlanRejectionThreshold int // NodePlanRejectionWindow is the time window used to track plan // rejections for nodes. NodePlanRejectionWindow time.Duration // MinHeartbeatTTL is the minimum time between heartbeats. // This is used as a floor to prevent excessive updates. MinHeartbeatTTL time.Duration // MaxHeartbeatsPerSecond is the maximum target rate of heartbeats // being processed per second. This allows the TTL to be increased // to meet the target rate. MaxHeartbeatsPerSecond float64 // HeartbeatGrace is the additional time given as a grace period // beyond the TTL to account for network and processing delays // as well as clock skew. HeartbeatGrace time.Duration // FailoverHeartbeatTTL is the TTL applied to heartbeats after // a new leader is elected, since we no longer know the status // of all the heartbeats. FailoverHeartbeatTTL time.Duration // ConsulConfig is this Agent's Consul configuration ConsulConfig *config.ConsulConfig // VaultConfig is this Agent's Vault configuration VaultConfig *config.VaultConfig // RPCHoldTimeout is how long an RPC can be "held" before it is errored. // This is used to paper over a loss of leadership by instead holding RPCs, // so that the caller experiences a slow response rather than an error. // This period is meant to be long enough for a leader election to take // place, and a small jitter is applied to avoid a thundering herd. RPCHoldTimeout time.Duration // TLSConfig holds various TLS related configurations TLSConfig *config.TLSConfig // ACLEnabled controls if ACL enforcement and management is enabled. ACLEnabled bool // ReplicationBackoff is how much we backoff when replication errors. // This is a tunable knob for testing primarily. ReplicationBackoff time.Duration // ReplicationToken is the ACL Token Secret ID used to fetch from // the Authoritative Region. ReplicationToken string // TokenMinExpirationTTL is used to enforce the lowest acceptable value for // ACL token expiration. ACLTokenMinExpirationTTL time.Duration // TokenMaxExpirationTTL is used to enforce the highest acceptable value // for ACL token expiration. ACLTokenMaxExpirationTTL time.Duration // SentinelGCInterval is the interval that we GC unused policies. SentinelGCInterval time.Duration // SentinelConfig is this Agent's Sentinel configuration SentinelConfig *config.SentinelConfig // StatsCollectionInterval is the interval at which the Nomad server // publishes metrics which are periodic in nature like updating gauges StatsCollectionInterval time.Duration // DisableDispatchedJobSummaryMetrics allows for ignore dispatched jobs when // publishing Job summary metrics DisableDispatchedJobSummaryMetrics bool // DisableRPCRateMetricsLabels drops the label for the identity of the // requester when publishing metrics on RPC rate on the server. This may be // useful to control metrics collection costs in environments where request // rate is well-controlled but cardinality of requesters is high. DisableRPCRateMetricsLabels bool // AutopilotConfig is used to apply the initial autopilot config when // bootstrapping. AutopilotConfig *structs.AutopilotConfig // ServerHealthInterval is the frequency with which the health of the // servers in the cluster will be updated. ServerHealthInterval time.Duration // AutopilotInterval is the frequency with which the leader will perform // autopilot tasks, such as promoting eligible non-voters and removing // dead servers. AutopilotInterval time.Duration // DefaultSchedulerConfig configures the initial scheduler config to be persisted in Raft. // Once the cluster is bootstrapped, and Raft persists the config (from here or through API) // and this value is ignored. DefaultSchedulerConfig structs.SchedulerConfiguration `hcl:"default_scheduler_config"` // RPCHandshakeTimeout is the deadline by which RPC handshakes must // complete. The RPC handshake includes the first byte read as well as // the TLS handshake and subsequent byte read if TLS is enabled. // // The deadline is reset after the first byte is read so when TLS is // enabled RPC connections may take (timeout * 2) to complete. // // 0 means no timeout. RPCHandshakeTimeout time.Duration // RPCMaxConnsPerClient is the maximum number of concurrent RPC // connections from a single IP address. nil/0 means no limit. RPCMaxConnsPerClient int // LicenseConfig is a tunable knob for enterprise license testing. LicenseConfig *LicenseConfig LicenseEnv string LicensePath string // SearchConfig provides knobs for Search API. SearchConfig *structs.SearchConfig // RaftBoltNoFreelistSync configures whether freelist syncing is enabled. RaftBoltNoFreelistSync bool // AgentShutdown is used to call agent.Shutdown from the context of a Server // It is used primarily for licensing AgentShutdown func() error // DeploymentQueryRateLimit is in queries per second and is used by the // DeploymentWatcher to throttle the amount of simultaneously deployments DeploymentQueryRateLimit float64 // JobDefaultPriority is the default Job priority if not specified. JobDefaultPriority int // JobMaxPriority is an upper bound on the Job priority. JobMaxPriority int }
Config is used to parameterize the server
func DefaultConfig ¶
func DefaultConfig() *Config
DefaultConfig returns the default configuration. Only used as the basis for merging agent or test parameters.
type ConsulACLsAPI ¶ added in v0.10.4
type ConsulACLsAPI interface { // CheckPermissions checks that the given Consul token has the necessary ACL // permissions for each way that Consul is used as indicated by usage, // returning an error if not. CheckPermissions(ctx context.Context, namespace string, usage *structs.ConsulUsage, secretID string) error // Create instructs Consul to create a Service Identity token. CreateToken(context.Context, ServiceIdentityRequest) (*structs.SIToken, error) // RevokeTokens instructs Consul to revoke the given token accessors. RevokeTokens(context.Context, []*structs.SITokenAccessor, bool) bool // MarkForRevocation marks the tokens for background revocation MarkForRevocation([]*structs.SITokenAccessor) // Stop is used to stop background token revocations. Intended to be used // on Nomad Server shutdown. Stop() }
ConsulACLsAPI is an abstraction over the consul/api.ACL API used by Nomad Server.
ACL requirements - acl:write (transitive through ACLsAPI)
type ConsulConfigsAPI ¶ added in v0.12.4
type ConsulConfigsAPI interface { // SetIngressCE adds the given ConfigEntry to Consul, overwriting // the previous entry if set. SetIngressCE(ctx context.Context, namespace, service string, entry *structs.ConsulIngressConfigEntry) error // SetTerminatingCE adds the given ConfigEntry to Consul, overwriting // the previous entry if set. SetTerminatingCE(ctx context.Context, namespace, service string, entry *structs.ConsulTerminatingConfigEntry) error // Stop is used to stop additional creations of Configuration Entries. Intended to // be used on Nomad Server shutdown. Stop() }
ConsulConfigsAPI is an abstraction over the consul/api.ConfigEntries API used by Nomad Server.
Nomad will only perform write operations on Consul Ingress/Terminating Gateway Configuration Entries. Removing the entries is not yet safe, given that multiple Nomad clusters may be writing to the same config entries, which are global in the Consul scope. There was a Meta field introduced which Nomad can leverage in the future, when Consul no longer supports versions that do not contain the field. The Meta field would be used to track which Nomad "owns" the CE. https://github.com/hashicorp/nomad/issues/8971
type ConsulKeyRule ¶ added in v1.1.0
ConsulKeyRule represents a policy for the keystore.
type ConsulPolicy ¶ added in v0.10.4
type ConsulPolicy struct { Services []*ConsulServiceRule `hcl:"service,expand"` ServicePrefixes []*ConsulServiceRule `hcl:"service_prefix,expand"` KeyPrefixes []*ConsulKeyRule `hcl:"key_prefix,expand"` Namespaces map[string]*ConsulPolicy `hcl:"namespace,expand"` NamespacePrefixes map[string]*ConsulPolicy `hcl:"namespace_prefix,expand"` }
ConsulPolicy represents the parts of a ConsulServiceRule Policy that are relevant to Service Identity authorizations.
type ConsulServiceRule ¶ added in v0.10.4
ConsulServiceRule represents a policy for a service.
type CoreScheduler ¶
type CoreScheduler struct {
// contains filtered or unexported fields
}
CoreScheduler is a special "scheduler" that is registered as "_core". It is used to run various administrative work across the cluster.
func (*CoreScheduler) Process ¶
func (c *CoreScheduler) Process(eval *structs.Evaluation) error
Process is used to implement the scheduler.Scheduler interface
type Deployment ¶ added in v0.6.0
type Deployment struct {
// contains filtered or unexported fields
}
Deployment endpoint is used for manipulating deployments
func NewDeploymentEndpoint ¶ added in v1.5.0
func NewDeploymentEndpoint(srv *Server, ctx *RPCContext) *Deployment
func (*Deployment) Allocations ¶ added in v0.6.0
func (d *Deployment) Allocations(args *structs.DeploymentSpecificRequest, reply *structs.AllocListResponse) error
Allocations returns the list of allocations that are a part of the deployment
func (*Deployment) Cancel ¶ added in v0.12.0
func (d *Deployment) Cancel(args *structs.DeploymentCancelRequest, reply *structs.DeploymentUpdateResponse) error
Cancel is used to cancel a deployment
func (*Deployment) Fail ¶ added in v0.6.0
func (d *Deployment) Fail(args *structs.DeploymentFailRequest, reply *structs.DeploymentUpdateResponse) error
Fail is used to force fail a deployment
func (*Deployment) GetDeployment ¶ added in v0.6.0
func (d *Deployment) GetDeployment(args *structs.DeploymentSpecificRequest, reply *structs.SingleDeploymentResponse) error
GetDeployment is used to request information about a specific deployment
func (*Deployment) List ¶ added in v0.6.0
func (d *Deployment) List(args *structs.DeploymentListRequest, reply *structs.DeploymentListResponse) error
List returns the list of deployments in the system
func (*Deployment) Pause ¶ added in v0.6.0
func (d *Deployment) Pause(args *structs.DeploymentPauseRequest, reply *structs.DeploymentUpdateResponse) error
Pause is used to pause a deployment
func (*Deployment) Promote ¶ added in v0.6.0
func (d *Deployment) Promote(args *structs.DeploymentPromoteRequest, reply *structs.DeploymentUpdateResponse) error
Promote is used to promote canaries in a deployment
func (*Deployment) Reap ¶ added in v0.6.0
func (d *Deployment) Reap(args *structs.DeploymentDeleteRequest, reply *structs.GenericResponse) error
Reap is used to cleanup terminal deployments
func (*Deployment) Run ¶ added in v0.12.0
func (d *Deployment) Run(args *structs.DeploymentRunRequest, reply *structs.DeploymentUpdateResponse) error
Run is used to start a pending deployment
func (*Deployment) SetAllocHealth ¶ added in v0.6.0
func (d *Deployment) SetAllocHealth(args *structs.DeploymentAllocHealthRequest, reply *structs.DeploymentUpdateResponse) error
SetAllocHealth is used to set the health of allocations that are part of the deployment.
func (*Deployment) Unblock ¶ added in v0.12.0
func (d *Deployment) Unblock(args *structs.DeploymentUnblockRequest, reply *structs.DeploymentUpdateResponse) error
Unblock is used to unblock a deployment
type Encrypter ¶ added in v1.4.0
type Encrypter struct {
// contains filtered or unexported fields
}
Encrypter is the keyring for encrypting variables and signing workload identities.
func NewEncrypter ¶ added in v1.4.0
NewEncrypter loads or creates a new local keystore and returns an encryption keyring with the keys it finds.
func (*Encrypter) AddKey ¶ added in v1.4.0
AddKey stores the key in the keystore and creates a new cipher for it.
func (*Encrypter) Decrypt ¶ added in v1.4.0
Decrypt takes an encrypted buffer and then root key ID. It extracts the nonce, decrypts the content, and returns the cleartext data.
func (*Encrypter) Encrypt ¶ added in v1.4.0
Encrypt encrypts the clear data with the cipher for the current root key, and returns the cipher text (including the nonce), and the key ID used to encrypt it
func (*Encrypter) SignClaims ¶ added in v1.4.0
SignClaims signs the identity claim for the task and returns an encoded JWT (including both the claim and its signature), the key ID of the key used to sign it, and any error.
func (*Encrypter) VerifyClaim ¶ added in v1.4.0
func (e *Encrypter) VerifyClaim(tokenString string) (*structs.IdentityClaims, error)
VerifyClaim accepts a previously-signed encoded claim and validates it before returning the claim
type EnterpriseEndpoints ¶ added in v0.7.0
type EnterpriseEndpoints struct{}
EnterpriseEndpoints holds the set of enterprise only endpoints to register
func NewEnterpriseEndpoints ¶ added in v0.7.0
func NewEnterpriseEndpoints(s *Server, ctx *RPCContext) *EnterpriseEndpoints
NewEnterpriseEndpoints returns a stub of the enterprise endpoints since there are none in oss
func (*EnterpriseEndpoints) Register ¶ added in v0.7.0
func (e *EnterpriseEndpoints) Register(s *rpc.Server)
Register is a no-op in oss.
type EnterpriseState ¶ added in v0.7.0
type EnterpriseState struct{}
func (*EnterpriseState) Features ¶ added in v0.12.0
func (es *EnterpriseState) Features() uint64
func (*EnterpriseState) ReloadLicense ¶ added in v1.1.0
func (es *EnterpriseState) ReloadLicense(_ *Config) error
type ErrMinIndexDeadlineExceeded ¶ added in v1.5.0
type ErrMinIndexDeadlineExceeded struct {
// contains filtered or unexported fields
}
func (ErrMinIndexDeadlineExceeded) Error ¶ added in v1.5.0
func (e ErrMinIndexDeadlineExceeded) Error() string
func (ErrMinIndexDeadlineExceeded) Unwrap ¶ added in v1.5.0
func (ErrMinIndexDeadlineExceeded) Unwrap() error
Unwrapping an ErrMinIndexDeadlineExceeded always return context.DeadlineExceeded
type Eval ¶
type Eval struct {
// contains filtered or unexported fields
}
Eval endpoint is used for eval interactions
func NewEvalEndpoint ¶ added in v1.5.0
func NewEvalEndpoint(srv *Server, ctx *RPCContext) *Eval
func (*Eval) Ack ¶
func (e *Eval) Ack(args *structs.EvalAckRequest, reply *structs.GenericResponse) error
Ack is used to acknowledge completion of a dequeued evaluation
func (*Eval) Allocations ¶
func (e *Eval) Allocations(args *structs.EvalSpecificRequest, reply *structs.EvalAllocationsResponse) error
Allocations is used to list the allocations for an evaluation
func (*Eval) Count ¶ added in v1.4.3
func (e *Eval) Count(args *structs.EvalCountRequest, reply *structs.EvalCountResponse) error
Count is used to get a list of the evaluations in the system
func (*Eval) Create ¶
func (e *Eval) Create(args *structs.EvalUpdateRequest, reply *structs.GenericResponse) error
Create is used to make a new evaluation
func (*Eval) Delete ¶ added in v1.3.2
func (e *Eval) Delete( args *structs.EvalDeleteRequest, reply *structs.EvalDeleteResponse) error
Delete is used by operators to delete evaluations during severe outages. It differs from Reap while duplicating some behavior to ensure we have the correct controls for user initiated deletions.
func (*Eval) Dequeue ¶
func (e *Eval) Dequeue(args *structs.EvalDequeueRequest, reply *structs.EvalDequeueResponse) error
Dequeue is used to dequeue a pending evaluation
func (*Eval) GetEval ¶
func (e *Eval) GetEval(args *structs.EvalSpecificRequest, reply *structs.SingleEvalResponse) error
GetEval is used to request information about a specific evaluation
func (*Eval) List ¶
func (e *Eval) List(args *structs.EvalListRequest, reply *structs.EvalListResponse) error
List is used to get a list of the evaluations in the system
func (*Eval) Nack ¶
func (e *Eval) Nack(args *structs.EvalAckRequest, reply *structs.GenericResponse) error
Nack is used to negative acknowledge completion of a dequeued evaluation.
func (*Eval) Reap ¶
func (e *Eval) Reap(args *structs.EvalReapRequest, reply *structs.GenericResponse) error
Reap is used to cleanup dead evaluations and allocations
func (*Eval) Reblock ¶ added in v0.4.0
func (e *Eval) Reblock(args *structs.EvalUpdateRequest, reply *structs.GenericResponse) error
Reblock is used to reinsert an existing blocked evaluation into the blocked evaluation tracker.
func (*Eval) Update ¶
func (e *Eval) Update(args *structs.EvalUpdateRequest, reply *structs.GenericResponse) error
Update is used to perform an update of an Eval if it is outstanding.
type EvalBroker ¶
type EvalBroker struct {
// contains filtered or unexported fields
}
EvalBroker is used to manage brokering of evaluations. When an evaluation is created, due to a change in a job specification or a node, we put it into the broker. The broker sorts by evaluations by priority and scheduler type. This allows us to dequeue the highest priority work first, while also allowing sub-schedulers to only dequeue work they know how to handle. The broker is designed to be entirely in-memory and is managed by the leader node.
The broker must provide at-least-once delivery semantics. It relies on explicit Ack/Nack messages to handle this. If a delivery is not Ack'd in a sufficient time span, it will be assumed Nack'd.
func NewEvalBroker ¶
func NewEvalBroker(timeout, initialNackDelay, subsequentNackDelay time.Duration, deliveryLimit int) (*EvalBroker, error)
NewEvalBroker creates a new evaluation broker. This is parameterized with the timeout used for messages that are not acknowledged before we assume a Nack and attempt to redeliver as well as the deliveryLimit which prevents a failing eval from being endlessly delivered. The initialNackDelay is the delay before making a Nacked evaluation available again for the first Nack and subsequentNackDelay is the compounding delay after the first Nack.
func (*EvalBroker) Ack ¶
func (b *EvalBroker) Ack(evalID, token string) error
Ack is used to positively acknowledge handling an evaluation
func (*EvalBroker) Cancelable ¶ added in v1.4.3
func (b *EvalBroker) Cancelable(batchSize int) []*structs.Evaluation
Cancelable retrieves a batch of previously-pending evaluations that are now stale and ready to mark for canceling. The eval RPC will call this with a batch size set to avoid sending overly large raft messages.
func (*EvalBroker) Dequeue ¶
func (b *EvalBroker) Dequeue(schedulers []string, timeout time.Duration) (*structs.Evaluation, string, error)
Dequeue is used to perform a blocking dequeue. The next available evalution is returned as well as a unique token identifier for this dequeue. The token changes on leadership election to ensure a Dequeue prior to a leadership election cannot conflict with a Dequeue of the same evaluation after a leadership election.
func (*EvalBroker) EmitStats ¶
func (b *EvalBroker) EmitStats(period time.Duration, stopCh <-chan struct{})
EmitStats is used to export metrics about the broker while enabled
func (*EvalBroker) Enabled ¶
func (b *EvalBroker) Enabled() bool
Enabled is used to check if the broker is enabled.
func (*EvalBroker) Enqueue ¶
func (b *EvalBroker) Enqueue(eval *structs.Evaluation)
Enqueue is used to enqueue a new evaluation
func (*EvalBroker) EnqueueAll ¶ added in v0.3.0
func (b *EvalBroker) EnqueueAll(evals map[*structs.Evaluation]string)
EnqueueAll is used to enqueue many evaluations. The map allows evaluations that are being re-enqueued to include their token.
When requeuing an evaluation that potentially may be already enqueued. The evaluation is handled in one of the following ways: * Evaluation not outstanding: Process as a normal Enqueue * Evaluation outstanding: Do not allow the evaluation to be dequeued til:
- Ack received: Unblock the evaluation allowing it to be dequeued
- Nack received: Drop the evaluation as it was created as a result of a scheduler run that was Nack'd
func (*EvalBroker) Nack ¶
func (b *EvalBroker) Nack(evalID, token string) error
Nack is used to negatively acknowledge handling an evaluation
func (*EvalBroker) Outstanding ¶
func (b *EvalBroker) Outstanding(evalID string) (string, bool)
Outstanding checks if an EvalID has been delivered but not acknowledged and returns the associated token for the evaluation.
func (*EvalBroker) OutstandingReset ¶ added in v0.2.0
func (b *EvalBroker) OutstandingReset(evalID, token string) error
OutstandingReset resets the Nack timer for the EvalID if the token matches and the eval is outstanding
func (*EvalBroker) PauseNackTimeout ¶ added in v0.3.1
func (b *EvalBroker) PauseNackTimeout(evalID, token string) error
PauseNackTimeout is used to pause the Nack timeout for an eval that is making progress but is in a potentially unbounded operation such as the plan queue.
func (*EvalBroker) ResumeNackTimeout ¶ added in v0.3.1
func (b *EvalBroker) ResumeNackTimeout(evalID, token string) error
ResumeNackTimeout is used to resume the Nack timeout for an eval that was paused. It should be resumed after leaving an unbounded operation.
func (*EvalBroker) SetEnabled ¶
func (b *EvalBroker) SetEnabled(enabled bool)
SetEnabled is used to control if the broker is enabled. The broker should only be enabled on the active leader.
func (*EvalBroker) Stats ¶
func (b *EvalBroker) Stats() *BrokerStats
Stats is used to query the state of the broker
type EvaluatePool ¶ added in v0.3.0
type EvaluatePool struct {
// contains filtered or unexported fields
}
EvaluatePool is used to have a pool of workers that are evaluating if a plan is valid. It can be used to parallelize the evaluation of a plan.
func NewEvaluatePool ¶ added in v0.3.0
func NewEvaluatePool(workers, bufSize int) *EvaluatePool
NewEvaluatePool returns a pool of the given size.
func (*EvaluatePool) RequestCh ¶ added in v0.3.0
func (p *EvaluatePool) RequestCh() chan<- evaluateRequest
RequestCh is used to push requests
func (*EvaluatePool) ResultCh ¶ added in v0.3.0
func (p *EvaluatePool) ResultCh() <-chan evaluateResult
ResultCh is used to read the results as they are ready
func (*EvaluatePool) SetSize ¶ added in v0.3.0
func (p *EvaluatePool) SetSize(size int)
SetSize is used to resize the worker pool
func (*EvaluatePool) Shutdown ¶ added in v0.3.0
func (p *EvaluatePool) Shutdown()
Shutdown is used to shutdown the pool
func (*EvaluatePool) Size ¶ added in v0.3.0
func (p *EvaluatePool) Size() int
Size returns the current size
type Event ¶ added in v1.0.0
type Event struct {
// contains filtered or unexported fields
}
func NewEventEndpoint ¶ added in v1.5.0
type FSMConfig ¶ added in v0.7.0
type FSMConfig struct { // EvalBroker is the evaluation broker evaluations should be added to EvalBroker *EvalBroker // Periodic is the periodic job dispatcher that periodic jobs should be // added/removed from Periodic *PeriodicDispatch // BlockedEvals is the blocked eval tracker that blocked evaluations should // be added to. Blocked *BlockedEvals // Logger is the logger used by the FSM Logger hclog.Logger // Region is the region of the server embedding the FSM Region string // EnableEventBroker specifies if the FSMs state store should enable // it's event publisher. EnableEventBroker bool // EventBufferSize is the amount of messages to hold in memory EventBufferSize int64 }
FSMConfig is used to configure the FSM
type FSMFilter ¶ added in v1.3.4
type FSMFilter struct {
// contains filtered or unexported fields
}
func NewFSMFilter ¶ added in v1.3.4
type FileSystem ¶ added in v0.8.0
type FileSystem struct {
// contains filtered or unexported fields
}
FileSystem endpoint is used for accessing the logs and filesystem of allocations from a Node.
func NewFileSystemEndpoint ¶ added in v1.5.0
func NewFileSystemEndpoint(srv *Server) *FileSystem
func (*FileSystem) List ¶ added in v0.8.0
func (f *FileSystem) List(args *cstructs.FsListRequest, reply *cstructs.FsListResponse) error
List is used to list the contents of an allocation's directory.
func (*FileSystem) Stat ¶ added in v0.8.0
func (f *FileSystem) Stat(args *cstructs.FsStatRequest, reply *cstructs.FsStatResponse) error
Stat is used to stat a file in the allocation's directory.
type Job ¶
type Job struct {
// contains filtered or unexported fields
}
Job endpoint is used for job interactions
func NewJobEndpoints ¶ added in v0.10.0
func NewJobEndpoints(s *Server, ctx *RPCContext) *Job
NewJobEndpoints creates a new job endpoint with builtin admission controllers
func (*Job) Allocations ¶
func (j *Job) Allocations(args *structs.JobSpecificRequest, reply *structs.JobAllocationsResponse) error
Allocations is used to list the allocations for a job
func (*Job) BatchDeregister ¶ added in v0.8.0
func (j *Job) BatchDeregister(args *structs.JobBatchDeregisterRequest, reply *structs.JobBatchDeregisterResponse) error
BatchDeregister is used to remove a set of jobs from the cluster.
func (*Job) Deployments ¶ added in v0.6.0
func (j *Job) Deployments(args *structs.JobSpecificRequest, reply *structs.DeploymentListResponse) error
Deployments is used to list the deployments for a job
func (*Job) Deregister ¶
func (j *Job) Deregister(args *structs.JobDeregisterRequest, reply *structs.JobDeregisterResponse) error
Deregister is used to remove a job the cluster.
func (*Job) Dispatch ¶ added in v0.5.3
func (j *Job) Dispatch(args *structs.JobDispatchRequest, reply *structs.JobDispatchResponse) error
Dispatch a parameterized job.
func (*Job) Evaluate ¶
func (j *Job) Evaluate(args *structs.JobEvaluateRequest, reply *structs.JobRegisterResponse) error
Evaluate is used to force a job for re-evaluation
func (*Job) Evaluations ¶
func (j *Job) Evaluations(args *structs.JobSpecificRequest, reply *structs.JobEvaluationsResponse) error
Evaluations is used to list the evaluations for a job
func (*Job) GetJob ¶
func (j *Job) GetJob(args *structs.JobSpecificRequest, reply *structs.SingleJobResponse) error
GetJob is used to request information about a specific job
func (*Job) GetJobVersions ¶ added in v0.6.0
func (j *Job) GetJobVersions(args *structs.JobVersionsRequest, reply *structs.JobVersionsResponse) error
GetJobVersions is used to retrieve all tracked versions of a job.
func (*Job) GetServiceRegistrations ¶ added in v1.3.0
func (j *Job) GetServiceRegistrations( args *structs.JobServiceRegistrationsRequest, reply *structs.JobServiceRegistrationsResponse) error
GetServiceRegistrations returns a list of service registrations which belong to the passed job ID.
func (*Job) LatestDeployment ¶ added in v0.6.0
func (j *Job) LatestDeployment(args *structs.JobSpecificRequest, reply *structs.SingleDeploymentResponse) error
LatestDeployment is used to retrieve the latest deployment for a job
func (*Job) List ¶
func (j *Job) List(args *structs.JobListRequest, reply *structs.JobListResponse) error
List is used to list the jobs registered in the system
func (*Job) Plan ¶ added in v0.4.0
func (j *Job) Plan(args *structs.JobPlanRequest, reply *structs.JobPlanResponse) error
Plan is used to cause a dry-run evaluation of the Job and return the results with a potential diff containing annotations.
func (*Job) Register ¶
func (j *Job) Register(args *structs.JobRegisterRequest, reply *structs.JobRegisterResponse) error
Register is used to upsert a job for scheduling
func (*Job) Revert ¶ added in v0.6.0
func (j *Job) Revert(args *structs.JobRevertRequest, reply *structs.JobRegisterResponse) error
Revert is used to revert the job to a prior version
func (*Job) Scale ¶ added in v0.11.0
func (j *Job) Scale(args *structs.JobScaleRequest, reply *structs.JobRegisterResponse) error
Scale is used to modify one of the scaling targets in the job
func (*Job) ScaleStatus ¶ added in v0.11.0
func (j *Job) ScaleStatus(args *structs.JobScaleStatusRequest, reply *structs.JobScaleStatusResponse) error
ScaleStatus retrieves the scaling status for a job
func (*Job) Stable ¶ added in v0.6.0
func (j *Job) Stable(args *structs.JobStabilityRequest, reply *structs.JobStabilityResponse) error
Stable is used to mark the job version as stable
func (*Job) Summary ¶ added in v0.4.1
func (j *Job) Summary(args *structs.JobSummaryRequest, reply *structs.JobSummaryResponse) error
Summary retrieves the summary of a job.
func (*Job) Validate ¶ added in v0.5.5
func (j *Job) Validate(args *structs.JobValidateRequest, reply *structs.JobValidateResponse) error
Validate validates a job.
Must forward to the leader, because only the leader will have a live Vault client with which to validate vault tokens.
type JobEvalDispatcher ¶ added in v0.3.0
type JobEvalDispatcher interface { // DispatchJob takes a job a new, untracked job and creates an evaluation // for it and returns the eval. DispatchJob(job *structs.Job) (*structs.Evaluation, error) // RunningChildren returns whether the passed job has any running children. RunningChildren(job *structs.Job) (bool, error) }
JobEvalDispatcher is an interface to submit jobs and have evaluations created for them.
type Keyring ¶ added in v1.4.0
type Keyring struct {
// contains filtered or unexported fields
}
Keyring endpoint serves RPCs for root key management
func NewKeyringEndpoint ¶ added in v1.5.0
func NewKeyringEndpoint(srv *Server, ctx *RPCContext, enc *Encrypter) *Keyring
func (*Keyring) Delete ¶ added in v1.4.0
func (k *Keyring) Delete(args *structs.KeyringDeleteRootKeyRequest, reply *structs.KeyringDeleteRootKeyResponse) error
func (*Keyring) Get ¶ added in v1.4.0
func (k *Keyring) Get(args *structs.KeyringGetRootKeyRequest, reply *structs.KeyringGetRootKeyResponse) error
Get retrieves an existing key from the keyring, including both the key material and metadata. It is used only for replication.
func (*Keyring) List ¶ added in v1.4.0
func (k *Keyring) List(args *structs.KeyringListRootKeyMetaRequest, reply *structs.KeyringListRootKeyMetaResponse) error
func (*Keyring) Rotate ¶ added in v1.4.0
func (k *Keyring) Rotate(args *structs.KeyringRotateRootKeyRequest, reply *structs.KeyringRotateRootKeyResponse) error
func (*Keyring) Update ¶ added in v1.4.0
func (k *Keyring) Update(args *structs.KeyringUpdateRootKeyRequest, reply *structs.KeyringUpdateRootKeyResponse) error
Update updates an existing key in the keyring, including both the key material and metadata.
type KeyringReplicator ¶ added in v1.4.0
type KeyringReplicator struct {
// contains filtered or unexported fields
}
func NewKeyringReplicator ¶ added in v1.4.0
func NewKeyringReplicator(srv *Server, e *Encrypter) *KeyringReplicator
type LicenseConfig ¶ added in v0.12.0
type LicenseConfig struct { // BuildDate is the time of the git commit used to build the program. BuildDate time.Time // LicenseEnvBytes is the license bytes to use for the server's license LicenseEnvBytes string // LicensePath is the path to use for the server's license LicensePath string // AdditionalPubKeys is a set of public keys to AdditionalPubKeys []string Logger hclog.InterceptLogger }
LicenseConfig allows for tunable licensing config primarily used for enterprise testing
func (*LicenseConfig) Copy ¶ added in v1.2.13
func (c *LicenseConfig) Copy() *LicenseConfig
type LogApplier ¶ added in v0.7.0
LogApplier is the definition of a function that can apply a Raft log
type LogAppliers ¶ added in v0.7.0
type LogAppliers map[structs.MessageType]LogApplier
LogAppliers is a mapping of the Raft MessageType to the appropriate log applier
type Namespace ¶ added in v1.0.0
type Namespace struct {
// contains filtered or unexported fields
}
Namespace endpoint is used for manipulating namespaces
func NewNamespaceEndpoint ¶ added in v1.5.0
func NewNamespaceEndpoint(srv *Server, ctx *RPCContext) *Namespace
func (*Namespace) DeleteNamespaces ¶ added in v1.0.0
func (n *Namespace) DeleteNamespaces(args *structs.NamespaceDeleteRequest, reply *structs.GenericResponse) error
DeleteNamespaces is used to delete a namespace
func (*Namespace) GetNamespace ¶ added in v1.0.0
func (n *Namespace) GetNamespace(args *structs.NamespaceSpecificRequest, reply *structs.SingleNamespaceResponse) error
GetNamespace is used to get a specific namespace
func (*Namespace) GetNamespaces ¶ added in v1.0.0
func (n *Namespace) GetNamespaces(args *structs.NamespaceSetRequest, reply *structs.NamespaceSetResponse) error
GetNamespaces is used to get a set of namespaces
func (*Namespace) ListNamespaces ¶ added in v1.0.0
func (n *Namespace) ListNamespaces(args *structs.NamespaceListRequest, reply *structs.NamespaceListResponse) error
ListNamespaces is used to list the namespaces
func (*Namespace) UpsertNamespaces ¶ added in v1.0.0
func (n *Namespace) UpsertNamespaces(args *structs.NamespaceUpsertRequest, reply *structs.GenericResponse) error
UpsertNamespaces is used to upsert a set of namespaces
type Node ¶
type Node struct {
// contains filtered or unexported fields
}
Node endpoint is used for client interactions
func NewNodeEndpoint ¶ added in v1.5.0
func NewNodeEndpoint(srv *Server, ctx *RPCContext) *Node
func (*Node) BatchDeregister ¶ added in v0.9.4
func (n *Node) BatchDeregister(args *structs.NodeBatchDeregisterRequest, reply *structs.NodeUpdateResponse) error
BatchDeregister is used to remove client nodes from the cluster.
func (*Node) Deregister ¶
func (n *Node) Deregister(args *structs.NodeDeregisterRequest, reply *structs.NodeUpdateResponse) error
Deregister is used to remove a client from the cluster. If a client should just be made unavailable for scheduling, a status update is preferred.
func (*Node) DeriveSIToken ¶ added in v0.10.4
func (n *Node) DeriveSIToken(args *structs.DeriveSITokenRequest, reply *structs.DeriveSITokenResponse) error
func (*Node) DeriveVaultToken ¶ added in v0.5.0
func (n *Node) DeriveVaultToken(args *structs.DeriveVaultTokenRequest, reply *structs.DeriveVaultTokenResponse) error
DeriveVaultToken is used by the clients to request wrapped Vault tokens for tasks
func (*Node) EmitEvents ¶ added in v0.8.0
func (n *Node) EmitEvents(args *structs.EmitNodeEventsRequest, reply *structs.EmitNodeEventsResponse) error
func (*Node) Evaluate ¶
func (n *Node) Evaluate(args *structs.NodeEvaluateRequest, reply *structs.NodeUpdateResponse) error
Evaluate is used to force a re-evaluation of the node
func (*Node) GetAllocs ¶
func (n *Node) GetAllocs(args *structs.NodeSpecificRequest, reply *structs.NodeAllocsResponse) error
GetAllocs is used to request allocations for a specific node
func (*Node) GetClientAllocs ¶ added in v0.3.0
func (n *Node) GetClientAllocs(args *structs.NodeSpecificRequest, reply *structs.NodeClientAllocsResponse) error
GetClientAllocs is used to request a lightweight list of alloc modify indexes per allocation.
func (*Node) GetNode ¶
func (n *Node) GetNode(args *structs.NodeSpecificRequest, reply *structs.SingleNodeResponse) error
GetNode is used to request information about a specific node
func (*Node) List ¶
func (n *Node) List(args *structs.NodeListRequest, reply *structs.NodeListResponse) error
List is used to list the available nodes
func (*Node) Register ¶
func (n *Node) Register(args *structs.NodeRegisterRequest, reply *structs.NodeUpdateResponse) error
Register is used to upsert a client that is available for scheduling
func (*Node) UpdateAlloc ¶
func (n *Node) UpdateAlloc(args *structs.AllocUpdateRequest, reply *structs.GenericResponse) error
UpdateAlloc is used to update the client status of an allocation. It should only be called by clients.
Calling this method returns an error when:
- The node is not registered in the server yet. Clients must first call the Register method.
- The node status is down or disconnected. Clients must call the UpdateStatus method to update its status in the server.
func (*Node) UpdateDrain ¶
func (n *Node) UpdateDrain(args *structs.NodeUpdateDrainRequest, reply *structs.NodeDrainUpdateResponse) error
UpdateDrain is used to update the drain mode of a client node
func (*Node) UpdateEligibility ¶ added in v0.8.0
func (n *Node) UpdateEligibility(args *structs.NodeUpdateEligibilityRequest, reply *structs.NodeEligibilityUpdateResponse) error
UpdateEligibility is used to update the scheduling eligibility of a node
func (*Node) UpdateStatus ¶
func (n *Node) UpdateStatus(args *structs.NodeUpdateStatusRequest, reply *structs.NodeUpdateResponse) error
UpdateStatus is used to update the status of a client node.
Clients with non-terminal allocations must first call UpdateAlloc to be able to transition from the initializing status to ready.
┌────────────────────────────────────── No ───┐ │ │ ┌──▼───┐ ┌─────────────┐ ┌────────┴────────┐ ── Register ─► init ├─ ready ──► Has allocs? ├─ Yes ─► Allocs updated? │ └──▲───┘ └─────┬───────┘ └────────┬────────┘ │ │ │ ready └─ No ─┐ ┌─────── Yes ──┘ │ │ │ ┌──────┴───────┐ ┌──▼──▼─┐ ┌──────┐ │ disconnected ◄─ disconnected ─┤ ready ├─ down ──► down │ └──────────────┘ └───▲───┘ └──┬───┘ │ │ └──── ready ─────┘
type NodeMeta ¶ added in v1.5.0
type NodeMeta struct {
// contains filtered or unexported fields
}
func (*NodeMeta) Apply ¶ added in v1.5.0
func (n *NodeMeta) Apply(args *structs.NodeMetaApplyRequest, reply *structs.NodeMetaResponse) error
func (*NodeMeta) Read ¶ added in v1.5.0
func (n *NodeMeta) Read(args *structs.NodeSpecificRequest, reply *structs.NodeMetaResponse) error
type NoopBadNodeTracker ¶ added in v1.3.2
type NoopBadNodeTracker struct{}
NoopBadNodeTracker is a no-op implementation of bad node tracker that is used when tracking is disabled.
func (*NoopBadNodeTracker) Add ¶ added in v1.3.2
func (n *NoopBadNodeTracker) Add(string) bool
func (*NoopBadNodeTracker) EmitStats ¶ added in v1.3.2
func (n *NoopBadNodeTracker) EmitStats(time.Duration, <-chan struct{})
type Operator ¶ added in v0.5.5
type Operator struct {
// contains filtered or unexported fields
}
Operator endpoint is used to perform low-level operator tasks for Nomad.
func NewOperatorEndpoint ¶ added in v1.5.0
func NewOperatorEndpoint(srv *Server, ctx *RPCContext) *Operator
func (*Operator) AutopilotGetConfiguration ¶ added in v0.8.0
func (op *Operator) AutopilotGetConfiguration(args *structs.GenericRequest, reply *structs.AutopilotConfig) error
AutopilotGetConfiguration is used to retrieve the current Autopilot configuration.
func (*Operator) AutopilotSetConfiguration ¶ added in v0.8.0
func (op *Operator) AutopilotSetConfiguration(args *structs.AutopilotSetConfigRequest, reply *bool) error
AutopilotSetConfiguration is used to set the current Autopilot configuration.
func (*Operator) RaftGetConfiguration ¶ added in v0.5.5
func (op *Operator) RaftGetConfiguration(args *structs.GenericRequest, reply *structs.RaftConfigurationResponse) error
RaftGetConfiguration is used to retrieve the current Raft configuration.
func (*Operator) RaftRemovePeerByAddress ¶ added in v0.5.5
func (op *Operator) RaftRemovePeerByAddress(args *structs.RaftPeerByAddressRequest, reply *struct{}) error
RaftRemovePeerByAddress is used to kick a stale peer (one that it in the Raft quorum but no longer known to Serf or the catalog) by address in the form of "IP:port". The reply argument is not used, but it required to fulfill the RPC interface.
func (*Operator) RaftRemovePeerByID ¶ added in v0.8.0
func (op *Operator) RaftRemovePeerByID(args *structs.RaftPeerByIDRequest, reply *struct{}) error
RaftRemovePeerByID is used to kick a stale peer (one that is in the Raft quorum but no longer known to Serf or the catalog) by address in the form of "IP:port". The reply argument is not used, but is required to fulfill the RPC interface.
func (*Operator) SchedulerGetConfiguration ¶ added in v0.9.0
func (op *Operator) SchedulerGetConfiguration(args *structs.GenericRequest, reply *structs.SchedulerConfigurationResponse) error
SchedulerGetConfiguration is used to retrieve the current Scheduler configuration.
func (*Operator) SchedulerSetConfiguration ¶ added in v0.9.0
func (op *Operator) SchedulerSetConfiguration(args *structs.SchedulerSetConfigRequest, reply *structs.SchedulerSetConfigurationResponse) error
SchedulerSetConfiguration is used to set the current Scheduler configuration.
func (*Operator) ServerHealth ¶ added in v0.8.0
func (op *Operator) ServerHealth(args *structs.GenericRequest, reply *structs.OperatorHealthReply) error
ServerHealth is used to get the current health of the servers.
type PendingEvaluations ¶
type PendingEvaluations []*structs.Evaluation
PendingEvaluations is a list of pending evaluations for a given job. We implement the container/heap interface so that this is a priority queue.
func (PendingEvaluations) Len ¶
func (p PendingEvaluations) Len() int
Len is for the sorting interface
func (PendingEvaluations) Less ¶
func (p PendingEvaluations) Less(i, j int) bool
Less is for the sorting interface. We flip the check so that the "min" in the min-heap is the element with the highest priority or highest modify index
func (*PendingEvaluations) MarkForCancel ¶ added in v1.5.0
func (p *PendingEvaluations) MarkForCancel() []*structs.Evaluation
MarkForCancel is used to clear the pending list of all but the one with the highest modify index and highest priority. It returns a slice of cancelable evals so that Eval.Ack RPCs can write batched raft entries to cancel them. This must be called inside the broker's lock.
func (*PendingEvaluations) Pop ¶
func (p *PendingEvaluations) Pop() interface{}
Pop implements the heap interface and is used to remove an evaluation from the slice
func (*PendingEvaluations) Push ¶
func (p *PendingEvaluations) Push(e interface{})
Push implements the heap interface and is used to add a new evaluation to the slice
func (PendingEvaluations) Swap ¶
func (p PendingEvaluations) Swap(i, j int)
Swap is for the sorting interface
type PendingPlans ¶
type PendingPlans []*pendingPlan
PendingPlans is a list of waiting plans. We implement the container/heap interface so that this is a priority queue
func (PendingPlans) Less ¶
func (p PendingPlans) Less(i, j int) bool
Less is for the sorting interface. We flip the check so that the "min" in the min-heap is the element with the highest priority. For the same priority, we use the enqueue time of the evaluation to give a FIFO ordering.
func (PendingPlans) Peek ¶
func (p PendingPlans) Peek() *pendingPlan
Peek is used to peek at the next element that would be popped
func (*PendingPlans) Pop ¶
func (p *PendingPlans) Pop() interface{}
Pop is used to remove an evaluation from the slice
func (*PendingPlans) Push ¶
func (p *PendingPlans) Push(e interface{})
Push is used to add a new evaluation to the slice
type Periodic ¶ added in v0.3.0
type Periodic struct {
// contains filtered or unexported fields
}
Periodic endpoint is used for periodic job interactions
func NewPeriodicEndpoint ¶ added in v1.5.0
func NewPeriodicEndpoint(srv *Server, ctx *RPCContext) *Periodic
func (*Periodic) Force ¶ added in v0.3.0
func (p *Periodic) Force(args *structs.PeriodicForceRequest, reply *structs.PeriodicForceResponse) error
Force is used to force a new instance of a periodic job
type PeriodicDispatch ¶ added in v0.3.0
type PeriodicDispatch struct {
// contains filtered or unexported fields
}
PeriodicDispatch is used to track and launch periodic jobs. It maintains the set of periodic jobs and creates derived jobs and evaluations per instantiation which is determined by the periodic spec.
func NewPeriodicDispatch ¶ added in v0.3.0
func NewPeriodicDispatch(logger log.Logger, dispatcher JobEvalDispatcher) *PeriodicDispatch
NewPeriodicDispatch returns a periodic dispatcher that is used to track and launch periodic jobs.
func (*PeriodicDispatch) Add ¶ added in v0.3.0
func (p *PeriodicDispatch) Add(job *structs.Job) error
Add begins tracking of a periodic job. If it is already tracked, it acts as an update to the jobs periodic spec. The method returns whether the job was added and any error that may have occurred.
func (*PeriodicDispatch) ForceEval ¶ added in v1.3.14
func (p *PeriodicDispatch) ForceEval(namespace, jobID string) (*structs.Evaluation, error)
ForceEval causes the periodic job to be evaluated immediately and returns the subsequent eval.
func (*PeriodicDispatch) LaunchTime ¶ added in v0.3.0
func (p *PeriodicDispatch) LaunchTime(jobID string) (time.Time, error)
LaunchTime returns the launch time of the job. This is only valid for jobs created by PeriodicDispatch and will otherwise return an error.
func (*PeriodicDispatch) Remove ¶ added in v0.3.0
func (p *PeriodicDispatch) Remove(namespace, jobID string) error
Remove stops tracking the passed job. If the job is not tracked, it is a no-op.
func (*PeriodicDispatch) SetEnabled ¶ added in v0.3.0
func (p *PeriodicDispatch) SetEnabled(enabled bool)
SetEnabled is used to control if the periodic dispatcher is enabled. It should only be enabled on the active leader. Disabling an active dispatcher will stop any launched go routine and flush the dispatcher.
func (*PeriodicDispatch) Tracked ¶ added in v0.3.0
func (p *PeriodicDispatch) Tracked() []*structs.Job
Tracked returns the set of tracked job IDs.
type Plan ¶
type Plan struct {
// contains filtered or unexported fields
}
Plan endpoint is used for plan interactions
func NewPlanEndpoint ¶ added in v1.5.0
func NewPlanEndpoint(srv *Server, ctx *RPCContext) *Plan
func (*Plan) Submit ¶
func (p *Plan) Submit(args *structs.PlanRequest, reply *structs.PlanResponse) error
Submit is used to submit a plan to the leader
type PlanFuture ¶
type PlanFuture interface {
Wait() (*structs.PlanResult, error)
}
PlanFuture is used to return a future for an enqueue
type PlanQueue ¶
type PlanQueue struct {
// contains filtered or unexported fields
}
PlanQueue is used to submit commit plans for task allocations to the current leader. The leader verifies that resources are not over-committed and commits to Raft. This allows sub-schedulers to be optimistically concurrent. In the case of an overcommit, the plan may be partially applied if allowed, or completely rejected (gang commit).
func NewPlanQueue ¶
NewPlanQueue is used to construct and return a new plan queue
func (*PlanQueue) Enqueue ¶
func (q *PlanQueue) Enqueue(plan *structs.Plan) (PlanFuture, error)
Enqueue is used to enqueue a plan
func (*PlanQueue) Flush ¶
func (q *PlanQueue) Flush()
Flush is used to reset the state of the plan queue
func (*PlanQueue) SetEnabled ¶
SetEnabled is used to control if the queue is enabled. The queue should only be enabled on the active leader.
func (*PlanQueue) Stats ¶
func (q *PlanQueue) Stats() *QueueStats
Stats is used to query the state of the queue
type PurgeSITokenAccessorFunc ¶ added in v0.10.4
type PurgeSITokenAccessorFunc func([]*structs.SITokenAccessor) error
PurgeSITokenAccessorFunc is called to remove SI Token accessors from the system (i.e. raft). If the function returns an error, the token will still be tracked and revocation attempts will retry in the background until there is a success.
type PurgeVaultAccessorFn ¶ added in v0.5.0
type PurgeVaultAccessorFn func(accessors []*structs.VaultAccessor) error
PurgeVaultAccessorFn is called to remove VaultAccessors from the system. If the function returns an error, the token will still be tracked and revocation will retry till there is a success
type QueueStats ¶
type QueueStats struct {
Depth int
}
QueueStats returns all the stats about the plan queue
type RPCContext ¶ added in v0.8.0
type RPCContext struct { // Conn exposes the raw connection. Conn net.Conn // Session exposes the multiplexed connection session. Session *yamux.Session // TLS marks whether the RPC is over a TLS based connection TLS bool // VerifiedChains is is the Verified certificates presented by the incoming // connection. VerifiedChains [][]*x509.Certificate // NodeID marks the NodeID that initiated the connection. NodeID string }
RPCContext provides metadata about the RPC connection.
func (*RPCContext) Certificate ¶ added in v1.1.13
func (ctx *RPCContext) Certificate() *x509.Certificate
Certificate returns the first certificate available in the chain.
func (*RPCContext) ValidateCertificateForName ¶ added in v1.1.13
func (ctx *RPCContext) ValidateCertificateForName(name string) error
ValidateCertificateForName returns true if the RPC context certificate is valid for the given domain name.
type RaftLayer ¶
type RaftLayer struct {
// contains filtered or unexported fields
}
RaftLayer implements the raft.StreamLayer interface, so that we can use a single RPC layer for Raft and Nomad
func NewRaftLayer ¶
NewRaftLayer is used to initialize a new RaftLayer which can be used as a StreamLayer for Raft. If a tlsConfig is provided, then the connection will use TLS.
func (*RaftLayer) Accept ¶
Accept is used to return connection which are dialed to be used with the Raft layer
type ReadyEvaluations ¶ added in v1.5.0
type ReadyEvaluations []*structs.Evaluation
ReadyEvaluations is a list of ready evaluations across multiple jobs. We implement the container/heap interface so that this is a priority queue.
func (ReadyEvaluations) Len ¶ added in v1.5.0
func (r ReadyEvaluations) Len() int
Len is for the sorting interface
func (ReadyEvaluations) Less ¶ added in v1.5.0
func (r ReadyEvaluations) Less(i, j int) bool
Less is for the sorting interface. We flip the check so that the "min" in the min-heap is the element with the highest priority
func (ReadyEvaluations) Peek ¶ added in v1.5.0
func (r ReadyEvaluations) Peek() *structs.Evaluation
Peek is used to peek at the next element that would be popped
func (*ReadyEvaluations) Pop ¶ added in v1.5.0
func (r *ReadyEvaluations) Pop() interface{}
Pop is used to remove an evaluation from the slice
func (*ReadyEvaluations) Push ¶ added in v1.5.0
func (r *ReadyEvaluations) Push(e interface{})
Push is used to add a new evaluation to the slice
func (ReadyEvaluations) Swap ¶ added in v1.5.0
func (r ReadyEvaluations) Swap(i, j int)
Swap is for the sorting interface
type Region ¶ added in v0.2.1
type Region struct {
// contains filtered or unexported fields
}
Region is used to query and list the known regions
func NewRegionEndpoint ¶ added in v1.5.0
func NewRegionEndpoint(srv *Server, ctx *RPCContext) *Region
type SITokenStats ¶ added in v0.10.4
type SITokenStats struct {
TrackedForRevoke int
}
type Scaling ¶ added in v0.11.0
type Scaling struct {
// contains filtered or unexported fields
}
Scaling endpoint is used for listing and retrieving scaling policies
func NewScalingEndpoint ¶ added in v1.5.0
func NewScalingEndpoint(srv *Server, ctx *RPCContext) *Scaling
func (*Scaling) GetPolicy ¶ added in v0.11.0
func (p *Scaling) GetPolicy(args *structs.ScalingPolicySpecificRequest, reply *structs.SingleScalingPolicyResponse) error
GetPolicy is used to get a specific policy
func (*Scaling) ListPolicies ¶ added in v0.11.0
func (p *Scaling) ListPolicies(args *structs.ScalingPolicyListRequest, reply *structs.ScalingPolicyListResponse) error
ListPolicies is used to list the policies
type SchedulerStats ¶
SchedulerStats returns the stats per scheduler
type SchedulerWorkerPoolArgs ¶ added in v1.2.4
SchedulerWorkerPoolArgs are the two key configuration options for a Nomad server's scheduler worker pool. Before using, you should always verify that they are rational using IsValid() or IsInvalid()
func (SchedulerWorkerPoolArgs) Copy ¶ added in v1.2.4
func (swpa SchedulerWorkerPoolArgs) Copy() SchedulerWorkerPoolArgs
Copy returns a clone of a SchedulerWorkerPoolArgs struct. Concurrent access concerns should be managed by the caller.
func (SchedulerWorkerPoolArgs) IsInvalid ¶ added in v1.2.4
func (swpa SchedulerWorkerPoolArgs) IsInvalid() bool
IsInvalid returns true when the SchedulerWorkerPoolArgs.IsValid is false
func (SchedulerWorkerPoolArgs) IsValid ¶ added in v1.2.4
func (swpa SchedulerWorkerPoolArgs) IsValid() bool
IsValid verifies that the pool arguments are valid. That is, they have a non-negative numSchedulers value and the enabledSchedulers list has _core and only refers to known schedulers.
type SchedulerWorkerStatus ¶ added in v1.2.4
type SchedulerWorkerStatus int
const ( WorkloadUnknownStatus SchedulerWorkerStatus = iota WorkloadRunning WorkloadWaitingToDequeue WorkloadWaitingForRaft WorkloadScheduling WorkloadSubmitting WorkloadBackoff WorkloadStopped WorkloadPaused )
func (SchedulerWorkerStatus) String ¶ added in v1.2.4
func (i SchedulerWorkerStatus) String() string
type Search ¶ added in v0.6.1
type Search struct {
// contains filtered or unexported fields
}
Search endpoint is used to look up matches for a given prefix and context
func NewSearchEndpoint ¶ added in v1.5.0
func NewSearchEndpoint(srv *Server, ctx *RPCContext) *Search
func (*Search) FuzzySearch ¶ added in v1.1.0
func (s *Search) FuzzySearch(args *structs.FuzzySearchRequest, reply *structs.FuzzySearchResponse) error
FuzzySearch is used to list fuzzy or prefix matches for a given text argument and Context. If the Context is "all", all searchable contexts are searched. If ACLs are enabled, results are limited to policies of the provided ACL token.
These types are limited to prefix UUID searching:
Evals, Deployments, ScalingPolicies, Volumes
These types are available for fuzzy searching:
Nodes, Namespaces, Jobs, Allocs, Plugins, Variables
Jobs are a special case that expand into multiple types, and whose return values include Scope which is a descending list of IDs of parent objects, starting with the Namespace. The subtypes of jobs are fuzzy searchable.
The Jobs type expands into these sub types:
Jobs, Groups, Services, Tasks, Images, Commands, Classes
The results are in descending order starting with strongest match, per Context type.
func (*Search) PrefixSearch ¶ added in v0.6.1
func (s *Search) PrefixSearch(args *structs.SearchRequest, reply *structs.SearchResponse) error
PrefixSearch is used to list matches for a given prefix, and returns matching jobs, evaluations, allocations, and/or nodes.
type Server ¶
type Server struct { // EnterpriseState is used to fill in state for Pro/Ent builds EnterpriseState // contains filtered or unexported fields }
Server is Nomad server which manages the job queues, schedulers, and notification bus for agents.
func NewServer ¶
func NewServer(config *Config, consulCatalog consul.CatalogAPI, consulConfigEntries consul.ConfigAPI, consulACLs consul.ACLsAPI) (*Server, error)
NewServer is used to construct a new Nomad server from the configuration, potentially returning an error
func TestACLServer ¶ added in v0.8.0
func TestServerErr ¶ added in v1.3.0
func (*Server) Authenticate ¶ added in v1.5.0
func (s *Server) Authenticate(ctx *RPCContext, args structs.RequestWithIdentity) error
Authenticate extracts an AuthenticatedIdentity from the request context or provided token and sets the identity on the request. The caller can extract an acl.ACL, WorkloadIdentity, or other identifying tokens to use for authorization. Keeping these fields independent rather than merging them into an ephemeral ACLToken makes the original of the credential clear to RPC handlers, who may have different behavior for internal vs external origins.
Note: when called on the follower we'll be making stale queries, so it's possible if the follower is behind that the leader will get a different value if an ACL token or allocation's WI has just been created.
This method returns errors that are used for testing diagnostics. RPC callers should always return ErrPermissionDenied after checking forwarding when one of these errors is received.
func (*Server) ClusterID ¶ added in v0.10.4
ClusterID returns the unique ID for this cluster.
Any Nomad server agent may call this method to get at the ID. If we are the leader and the ID has not yet been created, it will be created now. Otherwise an error is returned.
The ID will not be created until all participating servers have reached a minimum version (0.10.4).
func (*Server) Datacenter ¶ added in v0.5.0
Datacenter returns the data center of the server
func (*Server) DispatchJob ¶ added in v0.3.0
DispatchJob creates an evaluation for the passed job and commits both the evaluation and the job to the raft log. It returns the eval.
func (*Server) EmitRaftStats ¶ added in v0.9.4
EmitRaftStats is used to export metrics about raft indexes and state store snapshot index
func (*Server) GetClusterHealth ¶ added in v1.4.0
func (s *Server) GetClusterHealth() *structs.OperatorHealthReply
GetClusterHealth is used to get the current health of the servers, as known by the leader.
func (*Server) GetConfig ¶ added in v0.5.0
GetConfig returns the config of the server for testing purposes only
func (*Server) GetSchedulerWorkerConfig ¶ added in v1.2.4
func (s *Server) GetSchedulerWorkerConfig() SchedulerWorkerPoolArgs
GetSchedulerWorkerConfig returns a clean copy of the server's current scheduler worker config.
func (*Server) GetSchedulerWorkersInfo ¶ added in v1.2.4
func (s *Server) GetSchedulerWorkersInfo() []WorkerInfo
GetSchedulerWorkerInfo returns a slice of WorkerInfos from all of the running scheduler workers.
func (*Server) IsShutdown ¶
IsShutdown checks if the server is shutdown
func (*Server) Join ¶
Join is used to have Nomad join the gossip ring The target address should be another node listening on the Serf address
func (*Server) KeyManager ¶
func (s *Server) KeyManager() *serf.KeyManager
KeyManager returns the Serf keyring manager
func (*Server) LocalMember ¶
LocalMember is used to return the local node
func (*Server) MeasureRPCRate ¶ added in v1.5.0
func (s *Server) MeasureRPCRate(endpoint, op string, args structs.RequestWithIdentity)
MeasureRPCRate increments the appropriate rate metric for this endpoint, with a label from the identity
func (*Server) MinRaftProtocol ¶ added in v1.4.0
MinRaftProtocol returns the lowest supported Raft protocol among alive servers
func (*Server) Reload ¶ added in v0.5.5
Reload handles a config reload specific to server-only configuration. Not all config fields can handle a reload.
func (*Server) RemoveFailedNode ¶
RemoveFailedNode is used to remove a failed node from the cluster
func (*Server) ReplicationToken ¶ added in v0.7.0
ReplicationToken returns the token used for replication. We use a method to support dynamic reloading of this value later.
func (*Server) ResolveACL ¶ added in v1.5.0
ResolveACL is an authentication wrapper which handles resolving both ACL tokens and Workload Identities. If both are provided the ACL token is preferred, but it is best for the RPC caller to only include the credentials for the identity they intend the operation to be performed with.
func (*Server) ResolveACLForToken ¶ added in v1.5.0
ResolveACLForToken resolves an ACL from a token only. It should be used only by Variables endpoints, which have additional implicit policies for their claims so we can't wrap them up in ResolveACL.
TODO: figure out a way to the Variables endpoint implicit policies baked into their acl.ACL object so that we can avoid using this method.
func (*Server) ResolveClaims ¶ added in v1.4.0
func (*Server) ResolveClientOrACL ¶ added in v1.5.0
ResolveClientOrACL resolves an ACL if the identity has a token or claim, and falls back to verifying the client ID if one has been set
func (*Server) ResolveSecretToken ¶ added in v0.11.0
ResolveSecretToken is used to translate an ACL Token Secret ID into an ACLToken object, nil if ACLs are disabled, or an error.
func (*Server) ResolveToken ¶ added in v0.7.0
ResolveToken is used to translate an ACL Token Secret ID into an ACL object, nil if ACLs are disabled, or an error.
func (*Server) RunningChildren ¶ added in v0.3.0
RunningChildren checks whether the passed job has any running children.
func (*Server) SetSchedulerWorkerConfig ¶ added in v1.2.4
func (s *Server) SetSchedulerWorkerConfig(newArgs SchedulerWorkerPoolArgs) SchedulerWorkerPoolArgs
func (*Server) State ¶
func (s *Server) State() *state.StateStore
State returns the underlying state store. This should *not* be used to modify state directly.
func (*Server) Stats ¶
Stats is used to return statistics for debugging and insight for various sub-systems
func (*Server) StreamingRpcHandler ¶ added in v0.8.0
func (s *Server) StreamingRpcHandler(method string) (structs.StreamingRpcHandler, error)
StreamingRpcHandler is used to make a streaming RPC call.
func (*Server) VerifyClaim ¶ added in v1.4.0
func (s *Server) VerifyClaim(token string) (*structs.IdentityClaims, error)
VerifyClaim asserts that the token is valid and that the resulting allocation ID belongs to a non-terminal allocation
type ServiceIdentityRequest ¶ added in v0.11.3
type ServiceIdentityRequest struct { ConsulNamespace string TaskKind structs.TaskKind TaskName string ClusterID string AllocID string }
func (ServiceIdentityRequest) Description ¶ added in v0.11.3
func (sir ServiceIdentityRequest) Description() string
func (ServiceIdentityRequest) Validate ¶ added in v0.11.3
func (sir ServiceIdentityRequest) Validate() error
type ServiceRegistration ¶ added in v1.3.0
type ServiceRegistration struct {
// contains filtered or unexported fields
}
ServiceRegistration encapsulates the service registrations RPC endpoint which is callable via the ServiceRegistration RPCs and externally via the "/v1/service{s}" HTTP API.
func NewServiceRegistrationEndpoint ¶ added in v1.5.0
func NewServiceRegistrationEndpoint(srv *Server, ctx *RPCContext) *ServiceRegistration
func (*ServiceRegistration) DeleteByID ¶ added in v1.3.0
func (s *ServiceRegistration) DeleteByID( args *structs.ServiceRegistrationDeleteByIDRequest, reply *structs.ServiceRegistrationDeleteByIDResponse) error
DeleteByID removes a single service registration, as specified by its ID from Nomad. This is typically called by Nomad nodes, however, in extreme situations can be used via the CLI and API by operators.
func (*ServiceRegistration) GetService ¶ added in v1.3.0
func (s *ServiceRegistration) GetService( args *structs.ServiceRegistrationByNameRequest, reply *structs.ServiceRegistrationByNameResponse) error
GetService is used to get all services registrations corresponding to a single name.
func (*ServiceRegistration) List ¶ added in v1.3.0
func (s *ServiceRegistration) List( args *structs.ServiceRegistrationListRequest, reply *structs.ServiceRegistrationListResponse) error
List is used to list service registration held within state. It supports single and wildcard namespace listings.
func (*ServiceRegistration) Upsert ¶ added in v1.3.0
func (s *ServiceRegistration) Upsert( args *structs.ServiceRegistrationUpsertRequest, reply *structs.ServiceRegistrationUpsertResponse) error
Upsert creates or updates service registrations held within Nomad. This RPC is only callable by Nomad nodes.
type SnapshotRestorer ¶ added in v0.7.0
type SnapshotRestorer func(restore *state.StateRestore, dec *codec.Decoder) error
SnapshotRestorer is the definition of a function that can apply a Raft log
type SnapshotRestorers ¶ added in v0.7.0
type SnapshotRestorers map[SnapshotType]SnapshotRestorer
SnapshotRestorers is a mapping of the SnapshotType to the appropriate snapshot restorer.
type SnapshotType ¶
type SnapshotType byte
SnapshotType is prefixed to a record in the FSM snapshot so that we can determine the type for restore
const ( NodeSnapshot SnapshotType = 0 JobSnapshot SnapshotType = 1 IndexSnapshot SnapshotType = 2 EvalSnapshot SnapshotType = 3 AllocSnapshot SnapshotType = 4 TimeTableSnapshot SnapshotType = 5 PeriodicLaunchSnapshot SnapshotType = 6 JobSummarySnapshot SnapshotType = 7 VaultAccessorSnapshot SnapshotType = 8 JobVersionSnapshot SnapshotType = 9 DeploymentSnapshot SnapshotType = 10 ACLPolicySnapshot SnapshotType = 11 ACLTokenSnapshot SnapshotType = 12 SchedulerConfigSnapshot SnapshotType = 13 ClusterMetadataSnapshot SnapshotType = 14 ServiceIdentityTokenAccessorSnapshot SnapshotType = 15 ScalingPolicySnapshot SnapshotType = 16 CSIPluginSnapshot SnapshotType = 17 CSIVolumeSnapshot SnapshotType = 18 ScalingEventsSnapshot SnapshotType = 19 EventSinkSnapshot SnapshotType = 20 ServiceRegistrationSnapshot SnapshotType = 21 VariablesSnapshot SnapshotType = 22 VariablesQuotaSnapshot SnapshotType = 23 RootKeyMetaSnapshot SnapshotType = 24 ACLRoleSnapshot SnapshotType = 25 ACLAuthMethodSnapshot SnapshotType = 26 ACLBindingRuleSnapshot SnapshotType = 27 // Namespace appliers were moved from enterprise and therefore start at 64 NamespaceSnapshot SnapshotType = 64 )
type StatsFetcher ¶ added in v0.8.0
type StatsFetcher struct {
// contains filtered or unexported fields
}
StatsFetcher has two functions for autopilot. First, lets us fetch all the stats in parallel so we are taking a sample as close to the same time as possible, since we are comparing time-sensitive info for the health check. Second, it bounds the time so that one slow RPC can't hold up the health check loop; as a side effect of how it implements this, it also limits to a single in-flight RPC to any given server, so goroutines don't accumulate as we run the health check fairly frequently.
func NewStatsFetcher ¶ added in v0.8.0
NewStatsFetcher returns a stats fetcher.
type Status ¶
type Status struct {
// contains filtered or unexported fields
}
Status endpoint is used to check on server status
func NewStatusEndpoint ¶ added in v1.5.0
func NewStatusEndpoint(srv *Server, ctx *RPCContext) *Status
func (*Status) HasNodeConn ¶ added in v0.8.0
func (s *Status) HasNodeConn(args *structs.NodeSpecificRequest, reply *structs.NodeConnQueryResponse) error
HasNodeConn returns whether the server has a connection to the requested Node.
func (*Status) Leader ¶
func (s *Status) Leader(args *structs.GenericRequest, reply *string) error
Leader is used to get the address of the leader
func (*Status) Members ¶ added in v0.5.0
func (s *Status) Members(args *structs.GenericRequest, reply *structs.ServerMembersResponse) error
Members return the list of servers in a cluster that a particular server is aware of
func (*Status) Peers ¶
func (s *Status) Peers(args *structs.GenericRequest, reply *[]string) error
Peers is used to get all the Raft peers
type System ¶ added in v0.3.0
type System struct {
// contains filtered or unexported fields
}
System endpoint is used to call invoke system tasks.
func NewSystemEndpoint ¶ added in v1.5.0
func NewSystemEndpoint(srv *Server, ctx *RPCContext) *System
func (*System) GarbageCollect ¶ added in v0.3.0
func (s *System) GarbageCollect(args *structs.GenericRequest, reply *structs.GenericResponse) error
GarbageCollect is used to trigger the system to immediately garbage collect nodes, evals and jobs.
func (*System) ReconcileJobSummaries ¶ added in v0.4.1
func (s *System) ReconcileJobSummaries(args *structs.GenericRequest, reply *structs.GenericResponse) error
ReconcileJobSummaries reconciles the summaries of all the jobs in the state store
type TestVaultClient ¶ added in v0.5.0
type TestVaultClient struct { // LookupTokenErrors maps a token to an error that will be returned by the // LookupToken call LookupTokenErrors map[string]error // LookupTokenSecret maps a token to the Vault secret that will be returned // by the LookupToken call LookupTokenSecret map[string]*vapi.Secret // CreateTokenErrors maps a token to an error that will be returned by the // CreateToken call CreateTokenErrors map[string]map[string]error // CreateTokenSecret maps a token to the Vault secret that will be returned // by the CreateToken call CreateTokenSecret map[string]map[string]*vapi.Secret RevokedTokens []*structs.VaultAccessor }
TestVaultClient is a Vault client appropriate for use during testing. Its behavior is programmable such that endpoints can be tested under various circumstances.
func (*TestVaultClient) CreateToken ¶ added in v0.5.0
func (v *TestVaultClient) CreateToken(ctx context.Context, a *structs.Allocation, task string) (*vapi.Secret, error)
func (*TestVaultClient) EmitStats ¶ added in v0.5.5
func (v *TestVaultClient) EmitStats(period time.Duration, stopCh <-chan struct{})
func (*TestVaultClient) GetConfig ¶ added in v1.1.17
func (v *TestVaultClient) GetConfig() *config.VaultConfig
func (*TestVaultClient) LookupToken ¶ added in v0.5.0
func (*TestVaultClient) MarkForRevocation ¶ added in v0.11.3
func (v *TestVaultClient) MarkForRevocation(accessors []*structs.VaultAccessor) error
func (*TestVaultClient) RevokeTokens ¶ added in v0.5.0
func (v *TestVaultClient) RevokeTokens(ctx context.Context, accessors []*structs.VaultAccessor, committed bool) error
func (*TestVaultClient) Running ¶ added in v0.5.5
func (v *TestVaultClient) Running() bool
func (*TestVaultClient) SetActive ¶ added in v0.5.0
func (v *TestVaultClient) SetActive(enabled bool)
func (*TestVaultClient) SetConfig ¶ added in v0.5.0
func (v *TestVaultClient) SetConfig(config *config.VaultConfig) error
func (*TestVaultClient) SetCreateTokenError ¶ added in v0.5.0
func (v *TestVaultClient) SetCreateTokenError(allocID, task string, err error)
SetCreateTokenError sets the error that will be returned by the token creation
func (*TestVaultClient) SetCreateTokenSecret ¶ added in v0.5.0
func (v *TestVaultClient) SetCreateTokenSecret(allocID, task string, secret *vapi.Secret)
SetCreateTokenSecret sets the secret that will be returned by the token creation
func (*TestVaultClient) SetLookupTokenAllowedPolicies ¶ added in v0.5.0
func (v *TestVaultClient) SetLookupTokenAllowedPolicies(token string, policies []string)
SetLookupTokenAllowedPolicies is a helper that adds a secret that allows the given policies
func (*TestVaultClient) SetLookupTokenError ¶ added in v0.5.0
func (v *TestVaultClient) SetLookupTokenError(token string, err error)
SetLookupTokenError sets the error that will be returned by the token lookup
func (*TestVaultClient) SetLookupTokenSecret ¶ added in v0.5.0
func (v *TestVaultClient) SetLookupTokenSecret(token string, secret *vapi.Secret)
SetLookupTokenSecret sets the secret that will be returned by the token lookup
func (*TestVaultClient) Stats ¶ added in v0.5.5
func (v *TestVaultClient) Stats() map[string]string
func (*TestVaultClient) Stop ¶ added in v0.5.0
func (v *TestVaultClient) Stop()
type TimeTable ¶
type TimeTable struct {
// contains filtered or unexported fields
}
TimeTable is used to associate a Raft index with a timestamp. This is used so that we can quickly go from a timestamp to an index or visa versa.
func NewTimeTable ¶
NewTimeTable creates a new time table which stores entries at a given granularity for a maximum limit. The storage space required is (limit/granularity)
func (*TimeTable) Deserialize ¶
Deserialize is used to deserialize the time table and restore the state
func (*TimeTable) NearestIndex ¶
NearestIndex returns the nearest index older than the given time
func (*TimeTable) NearestTime ¶
NearestTime returns the nearest time older than the given index
type TimeTableEntry ¶
TimeTableEntry is used to track a time and index
type Variables ¶ added in v1.4.0
type Variables struct {
// contains filtered or unexported fields
}
Variables encapsulates the variables RPC endpoint which is callable via the Variables RPCs and externally via the "/v1/var{s}" HTTP API.
func NewVariablesEndpoint ¶ added in v1.5.0
func NewVariablesEndpoint(srv *Server, ctx *RPCContext, enc *Encrypter) *Variables
func (*Variables) Apply ¶ added in v1.4.0
func (sv *Variables) Apply(args *structs.VariablesApplyRequest, reply *structs.VariablesApplyResponse) error
Apply is used to apply a SV update request to the data store.
func (*Variables) List ¶ added in v1.4.0
func (sv *Variables) List( args *structs.VariablesListRequest, reply *structs.VariablesListResponse) error
List is used to list variables held within state. It supports single and wildcard namespace listings.
func (*Variables) Read ¶ added in v1.4.0
func (sv *Variables) Read(args *structs.VariablesReadRequest, reply *structs.VariablesReadResponse) error
Read is used to get a specific variable
type VaultClient ¶ added in v0.5.0
type VaultClient interface { // SetActive activates or de-activates the Vault client. When active, token // creation/lookup/revocation operation are allowed. SetActive(active bool) // SetConfig updates the config used by the Vault client SetConfig(config *config.VaultConfig) error // GetConfig returns a copy of the config used by the Vault client, for // testing GetConfig() *config.VaultConfig // CreateToken takes an allocation and task and returns an appropriate Vault // Secret CreateToken(ctx context.Context, a *structs.Allocation, task string) (*vapi.Secret, error) // LookupToken takes a token string and returns its capabilities. LookupToken(ctx context.Context, token string) (*vapi.Secret, error) // RevokeTokens takes a set of tokens accessor and revokes the tokens RevokeTokens(ctx context.Context, accessors []*structs.VaultAccessor, committed bool) error // MarkForRevocation revokes the tokens in background MarkForRevocation(accessors []*structs.VaultAccessor) error // Stop is used to stop token renewal Stop() // Running returns whether the Vault client is running Running() bool // Stats returns the Vault clients statistics Stats() map[string]string // EmitStats emits that clients statistics at the given period until stopCh // is called. EmitStats(period time.Duration, stopCh <-chan struct{}) }
VaultClient is the Servers interface for interfacing with Vault
type VaultNoopDelegate ¶ added in v0.12.2
type VaultNoopDelegate struct{}
VaultVaultNoopDelegate returns the default vault api auth token handler
type VaultStats ¶ added in v0.5.5
type VaultStats struct { // TrackedForRevoke is the count of tokens that are being tracked to be // revoked since they could not be immediately revoked. TrackedForRevoke int // TokenTTL is the time-to-live duration for the current token TokenTTL time.Duration // TokenExpiry is the recorded expiry time of the current token TokenExpiry time.Time // LastRenewalTime is the time since the token was last renewed LastRenewalTime time.Time TimeFromLastRenewal time.Duration // NextRenewalTime is the time the token will attempt to renew NextRenewalTime time.Time TimeToNextRenewal time.Duration }
VaultStats returns all the stats about Vault tokens created and managed by Nomad.
type Worker ¶
type Worker struct {
// contains filtered or unexported fields
}
Worker is a single threaded scheduling worker. There may be multiple running per server (leader or follower). They are responsible for dequeuing pending evaluations, invoking schedulers, plan submission and the lifecycle around making task allocations. They bridge the business logic of the scheduler with the plumbing required to make it all work.
func (*Worker) CreateEval ¶
func (w *Worker) CreateEval(eval *structs.Evaluation) error
CreateEval is used to create a new evaluation. This allows the worker to act as the planner for the scheduler.
func (*Worker) GetStatus ¶ added in v1.2.4
func (w *Worker) GetStatus() WorkerStatus
GetStatus returns the status of the Worker
func (*Worker) GetWorkloadStatus ¶ added in v1.2.4
func (w *Worker) GetWorkloadStatus() SchedulerWorkerStatus
GetStatus returns the status of the Worker's Workload.
func (*Worker) Info ¶ added in v1.2.4
func (w *Worker) Info() WorkerInfo
func (*Worker) IsPaused ¶ added in v1.2.4
IsPaused returns a boolean indicating if this worker has been paused.
func (*Worker) IsStarted ¶ added in v1.2.4
IsStarted returns a boolean indicating if this worker has been started.
func (*Worker) IsStopped ¶ added in v1.2.4
IsStopped returns a boolean indicating if this worker has been stopped.
func (*Worker) Pause ¶ added in v1.2.4
func (w *Worker) Pause()
Pause transitions a worker to the pausing state. Check to see if it paused using IsPaused()
func (*Worker) ReblockEval ¶ added in v0.4.0
func (w *Worker) ReblockEval(eval *structs.Evaluation) error
ReblockEval is used to reinsert a blocked evaluation into the blocked eval tracker. This allows the worker to act as the planner for the scheduler.
func (*Worker) Resume ¶ added in v1.2.4
func (w *Worker) Resume()
Resume transitions a worker to the resuming state. Check to see if the worker restarted by calling IsStarted()
func (*Worker) ServersMeetMinimumVersion ¶ added in v1.3.0
func (w *Worker) ServersMeetMinimumVersion(minVersion *version.Version, checkFailedServers bool) bool
ServersMeetMinimumVersion allows implementations of the Scheduler interface in other packages to perform server version checks without direct references to the Nomad server.
func (*Worker) Start ¶ added in v1.2.4
func (w *Worker) Start()
Start transitions a worker to the starting state. Check to see if it paused using IsStarted()
func (*Worker) Stop ¶ added in v1.2.4
func (w *Worker) Stop()
Resume transitions a worker to the stopping state. Check to see if the worker stopped by calling IsStopped()
func (*Worker) SubmitPlan ¶
SubmitPlan is used to submit a plan for consideration. This allows the worker to act as the planner for the scheduler.
func (*Worker) UpdateEval ¶
func (w *Worker) UpdateEval(eval *structs.Evaluation) error
UpdateEval is used to submit an updated evaluation. This allows the worker to act as the planner for the scheduler.
type WorkerInfo ¶ added in v1.2.4
type WorkerInfo struct { ID string `json:"id"` EnabledSchedulers []string `json:"enabled_schedulers"` Started time.Time `json:"started"` Status string `json:"status"` WorkloadStatus string `json:"workload_status"` }
func (WorkerInfo) Copy ¶ added in v1.2.4
func (w WorkerInfo) Copy() WorkerInfo
func (WorkerInfo) String ¶ added in v1.2.4
func (w WorkerInfo) String() string
type WorkerStatus ¶ added in v1.2.4
type WorkerStatus int
const ( WorkerUnknownStatus WorkerStatus = iota // Unknown WorkerStarting WorkerStarted WorkerPausing WorkerPaused WorkerResuming WorkerStopping WorkerStopped )
func (WorkerStatus) String ¶ added in v1.2.4
func (i WorkerStatus) String() string
Source Files ¶
- acl.go
- acl_endpoint.go
- alloc_endpoint.go
- autopilot.go
- autopilot_oss.go
- blocked_evals.go
- blocked_evals_stats.go
- blocked_evals_system.go
- client_agent_endpoint.go
- client_alloc_endpoint.go
- client_csi_endpoint.go
- client_fs_endpoint.go
- client_meta_endpoint.go
- client_rpc.go
- client_stats_endpoint.go
- config.go
- consul.go
- consul_policy.go
- core_sched.go
- csi_endpoint.go
- deployment_endpoint.go
- deployment_watcher_shims.go
- drainer_shims.go
- encrypter.go
- endpoints_oss.go
- eval_broker.go
- eval_endpoint.go
- event_endpoint.go
- fsm.go
- fsm_oss.go
- fsm_registry_oss.go
- heartbeat.go
- job_endpoint.go
- job_endpoint_hook_connect.go
- job_endpoint_hook_expose_check.go
- job_endpoint_hook_vault.go
- job_endpoint_hook_vault_oss.go
- job_endpoint_hooks.go
- job_endpoint_oss.go
- job_endpoint_validators.go
- keyring_endpoint.go
- leader.go
- leader_oss.go
- merge.go
- namespace_endpoint.go
- node_endpoint.go
- operator_endpoint.go
- periodic.go
- periodic_endpoint.go
- plan_apply.go
- plan_apply_node_tracker.go
- plan_apply_oss.go
- plan_apply_pool.go
- plan_endpoint.go
- plan_queue.go
- raft_rpc.go
- regions_endpoint.go
- rpc.go
- rpc_rate_metrics.go
- scaling_endpoint.go
- search_endpoint.go
- search_endpoint_oss.go
- serf.go
- server.go
- server_setup.go
- server_setup_oss.go
- service_registration_endpoint.go
- stats_fetcher.go
- status_endpoint.go
- system_endpoint.go
- testing.go
- testing_oss.go
- timetable.go
- util.go
- variables_endpoint.go
- vault.go
- vault_testing.go
- worker.go
- worker_string_schedulerworkerstatus.go
- worker_string_workerstatus.go
Directories ¶
Path | Synopsis |
---|---|
deploymentwatcher creates and tracks Deployments, which hold meta data describing the process of upgrading a running job to a new set of Allocations.
|
deploymentwatcher creates and tracks Deployments, which hold meta data describing the process of upgrading a running job to a new set of Allocations. |