aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--nix2/driver.go132
-rw-r--r--nix2/handle.go8
2 files changed, 57 insertions, 83 deletions
diff --git a/nix2/driver.go b/nix2/driver.go
index 964ff56..8118f94 100644
--- a/nix2/driver.go
+++ b/nix2/driver.go
@@ -8,12 +8,12 @@ import (
"sync"
"time"
+ "github.com/Alexis211/nomad-driver-exec2/executor"
"github.com/hashicorp/consul-template/signals"
hclog "github.com/hashicorp/go-hclog"
"github.com/hashicorp/nomad/client/lib/cgutil"
"github.com/hashicorp/nomad/drivers/shared/capabilities"
"github.com/hashicorp/nomad/drivers/shared/eventer"
- "github.com/Alexis211/nomad-driver-exec2/executor"
"github.com/hashicorp/nomad/drivers/shared/resolvconf"
"github.com/hashicorp/nomad/helper/pluginutils/hclutils"
"github.com/hashicorp/nomad/helper/pluginutils/loader"
@@ -71,14 +71,9 @@ var (
hclspec.NewAttr("allow_caps", "list(string)", false),
hclspec.NewLiteral(capabilities.HCLSpecLiteral),
),
- // Default host directories to bind in tasks
- "bind": hclspec.NewDefault(
- hclspec.NewAttr("bind", "list(map(string))", false),
- hclspec.NewLiteral("{}"),
- ),
- "bind_read_only": hclspec.NewDefault(
- hclspec.NewAttr("bind_read_only", "list(map(string))", false),
- hclspec.NewLiteral("{}"),
+ "allow_bind": hclspec.NewDefault(
+ hclspec.NewAttr("allow_bind", "bool", false),
+ hclspec.NewLiteral("true"),
),
})
@@ -157,11 +152,8 @@ type Config struct {
// running on this node.
AllowCaps []string `codec:"allow_caps"`
- // Paths to bind for read-write acess in all jobs
- Bind hclutils.MapStrStr `codec:"bind"`
-
- // Paths to bind for read-only acess in all jobs
- BindReadOnly hclutils.MapStrStr `codec:"bind_read_only"`
+ // AllowBind defines whether users may bind host directories
+ AllowBind bool `codec:"allow_bind"`
}
func (c *Config) validate() error {
@@ -244,9 +236,9 @@ func (tc *TaskConfig) validate() error {
// StartTask. This information is needed to rebuild the task state and handler
// during recovery.
type TaskState struct {
- TaskConfig *drivers.TaskConfig
- Pid int
- StartedAt time.Time
+ TaskConfig *drivers.TaskConfig
+ Pid int
+ StartedAt time.Time
}
// NewPlugin returns a new DrivePlugin implementation
@@ -409,16 +401,16 @@ func (d *Driver) RecoverTask(handle *drivers.TaskHandle) error {
// Create new executor
exec := executor.NewExecutorWithIsolation(
- d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID),)
+ d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID))
h := &taskHandle{
- exec: exec,
- pid: taskState.Pid,
- taskConfig: taskState.TaskConfig,
- procState: drivers.TaskStateRunning,
- startedAt: taskState.StartedAt,
- exitResult: &drivers.ExitResult{},
- logger: d.logger,
+ exec: exec,
+ pid: taskState.Pid,
+ taskConfig: taskState.TaskConfig,
+ procState: drivers.TaskStateRunning,
+ startedAt: taskState.StartedAt,
+ exitResult: &drivers.ExitResult{},
+ logger: d.logger,
}
d.tasks.Set(taskState.TaskConfig.ID, h)
@@ -446,7 +438,7 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
handle.Config = cfg
exec := executor.NewExecutorWithIsolation(
- d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID),)
+ d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID))
user := cfg.User
if user == "" {
@@ -462,54 +454,36 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
}
// Bind mounts specified in driver config
- if d.config.Bind != nil {
- for host, task := range d.config.Bind {
- mount_config := drivers.MountConfig{
- TaskPath: task,
- HostPath: host,
- Readonly: false,
- PropagationMode: "private",
- }
- d.logger.Info("adding RW mount from driver config", "mount_config", hclog.Fmt("%+v", mount_config))
- cfg.Mounts = append(cfg.Mounts, &mount_config)
- }
- }
- if d.config.BindReadOnly != nil {
- for host, task := range d.config.BindReadOnly {
- mount_config := drivers.MountConfig{
- TaskPath: task,
- HostPath: host,
- Readonly: true,
- PropagationMode: "private",
- }
- d.logger.Info("adding RO mount from driver config", "mount_config", hclog.Fmt("%+v", mount_config))
- cfg.Mounts = append(cfg.Mounts, &mount_config)
- }
- }
// Bind mounts specified in task config
- if driverConfig.Bind != nil {
- for host, task := range driverConfig.Bind {
- mount_config := drivers.MountConfig{
- TaskPath: task,
- HostPath: host,
- Readonly: false,
- PropagationMode: "private",
+ if d.config.AllowBind {
+ if driverConfig.Bind != nil {
+ for host, task := range driverConfig.Bind {
+ mount_config := drivers.MountConfig{
+ TaskPath: task,
+ HostPath: host,
+ Readonly: false,
+ PropagationMode: "private",
+ }
+ d.logger.Info("adding RW mount from task spec", "mount_config", hclog.Fmt("%+v", mount_config))
+ cfg.Mounts = append(cfg.Mounts, &mount_config)
}
- d.logger.Info("adding RW mount from task spec", "mount_config", hclog.Fmt("%+v", mount_config))
- cfg.Mounts = append(cfg.Mounts, &mount_config)
}
- }
- if driverConfig.BindReadOnly != nil {
- for host, task := range driverConfig.BindReadOnly {
- mount_config := drivers.MountConfig{
- TaskPath: task,
- HostPath: host,
- Readonly: true,
- PropagationMode: "private",
+ if driverConfig.BindReadOnly != nil {
+ for host, task := range driverConfig.BindReadOnly {
+ mount_config := drivers.MountConfig{
+ TaskPath: task,
+ HostPath: host,
+ Readonly: true,
+ PropagationMode: "private",
+ }
+ d.logger.Info("adding RO mount from task spec", "mount_config", hclog.Fmt("%+v", mount_config))
+ cfg.Mounts = append(cfg.Mounts, &mount_config)
}
- d.logger.Info("adding RO mount from task spec", "mount_config", hclog.Fmt("%+v", mount_config))
- cfg.Mounts = append(cfg.Mounts, &mount_config)
+ }
+ } else {
+ if len(driverConfig.Bind) > 0 || len(driverConfig.BindReadOnly) > 0 {
+ return nil, nil, fmt.Errorf("bind and bind_read_only are deactivated for the %s driver", pluginName)
}
}
@@ -539,7 +513,7 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
ModeIPC: executor.IsolationMode(d.config.DefaultModeIPC, driverConfig.ModeIPC),
Capabilities: caps,
}
-
+
d.logger.Info("launching with", "exec_cmd", hclog.Fmt("%+v", execCmd))
ps, err := exec.Launch(execCmd)
@@ -548,18 +522,18 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
}
h := &taskHandle{
- exec: exec,
- pid: ps.Pid,
- taskConfig: cfg,
- procState: drivers.TaskStateRunning,
- startedAt: time.Now().Round(time.Millisecond),
- logger: d.logger,
+ exec: exec,
+ pid: ps.Pid,
+ taskConfig: cfg,
+ procState: drivers.TaskStateRunning,
+ startedAt: time.Now().Round(time.Millisecond),
+ logger: d.logger,
}
driverState := TaskState{
- Pid: ps.Pid,
- TaskConfig: cfg,
- StartedAt: h.startedAt,
+ Pid: ps.Pid,
+ TaskConfig: cfg,
+ StartedAt: h.startedAt,
}
if err := handle.SetDriverState(&driverState); err != nil {
diff --git a/nix2/handle.go b/nix2/handle.go
index 0bd7a2e..9de5d3e 100644
--- a/nix2/handle.go
+++ b/nix2/handle.go
@@ -6,15 +6,15 @@ import (
"sync"
"time"
- hclog "github.com/hashicorp/go-hclog"
"github.com/Alexis211/nomad-driver-exec2/executor"
+ hclog "github.com/hashicorp/go-hclog"
"github.com/hashicorp/nomad/plugins/drivers"
)
type taskHandle struct {
- exec executor.Executor
- pid int
- logger hclog.Logger
+ exec executor.Executor
+ pid int
+ logger hclog.Logger
// stateLock syncs access to all fields below
stateLock sync.RWMutex