From 06db08a4d3948999faf4bbd7735da01d7456e03d Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Fri, 17 Dec 2021 03:55:46 -0500 Subject: [PATCH 01/15] template documentation with explanations of configuration options; update changelog with changes --- .changelog/11606.txt | 6 ++ website/content/docs/configuration/client.mdx | 94 +++++++++++++++++++ .../docs/job-specification/template.mdx | 22 ++++- 3 files changed, 121 insertions(+), 1 deletion(-) create mode 100644 .changelog/11606.txt diff --git a/.changelog/11606.txt b/.changelog/11606.txt new file mode 100644 index 00000000000..cae81ce0d06 --- /dev/null +++ b/.changelog/11606.txt @@ -0,0 +1,6 @@ +```release-note:improvement +core: Expose consul-template configuration options at the client level for consul_retry, +vault_retry, max_stale, block_query_wait and wait. Expose per template configuration +for wait that will override the client level configuration. Add wait_bounds to +allow operators to constrain per-template overrides at the client level. +``` diff --git a/website/content/docs/configuration/client.mdx b/website/content/docs/configuration/client.mdx index f1a9ecc43cf..93f8a0ef65a 100644 --- a/website/content/docs/configuration/client.mdx +++ b/website/content/docs/configuration/client.mdx @@ -355,6 +355,100 @@ see the [drivers documentation](/docs/drivers). files on the client host via the `file` function. By default templates can access files only within the [task working directory]. +- `max_stale` `(string: "5s")` - # This is the maximum interval to allow "stale" + data. By default, only the Consul leader will respond to queries. Requests + to a follower will forward to the leader. In large clusters with many requests, + this is not as scalable, so this option allows any follower to respond to a query, + so long as the last-replicated data is within these bounds. Higher values result + in less cluster load, but are more likely to have outdated data. + +- `wait` `(Code: nil)` - Defines the minimum and maximum amount of time to wait + for the cluster to reach a consistent state before rendering a template. This + is useful to enable in systems that are experiencing a lot of flapping, because + it will reduce the number of times a template is rendered. This configuration is + also exposed at the _task level_ to allow overrides per task. + + ```hcl + wait { + enabled = true + min = "5s" + max = "10s" + } + ``` + +- `wait_bounds` `(Code: nil)` - Defines client level lower and upper bounds for + per-template `wait` configuration. If the individual template configuration has + a `min` lower than `wait_bounds.min` or a `max` greater than the `wait_bounds.max`, + the bounds will be enforced, and the template `wait` will be adjusted before being + sent to `consul-template`. + + ```hcl + wait_bounds { + enabled = true + min = "5s" + max = "10s" + } + ``` + +- `block_query_wait` `(string: "60s")` - This is amount of time in seconds to wait + on a blocking query for. Many endpoints in Consul support a feature known as + "blocking queries". A blocking query is used to wait for a potential change + using long polling. + +- `consul_retry` `(Code: nil)` - This controls the retry behavior when an error is + returned from Consul. Consul Template is highly fault tolerant, meaning it does + not exit in the face of failure. Instead, it uses exponential back-off and retry + functions to wait for the cluster to become available, as is customary in distributed + systems. + + ```hcl + consul_retry { + # This enables retries. + enabled = true + # This specifies the number of attempts to make before giving up. Each + # attempt adds the exponential backoff sleep time. Setting this to + # zero will implement an unlimited number of retries. + attempts = 12 + # This is the base amount of time to sleep between retry attempts. Each + # retry sleeps for an exponent of 2 longer than this base. For 5 retries, + # the sleep times would be: 250ms, 500ms, 1s, 2s, then 4s. + backoff = "250ms" + # This is the maximum amount of time to sleep between retry attempts. + # When max_backoff is set to zero, there is no upper limit to the + # exponential sleep between retry attempts. + # If max_backoff is set to 10s and backoff is set to 1s, sleep times + # would be: 1s, 2s, 4s, 8s, 10s, 10s, ... + max_backoff = "1m" + } + ``` + +- `vault_retry` `(Code: nil)` - This controls the retry behavior when an error is + returned from Vault. Consul Template is highly fault tolerant, meaning it does + not exit in the face of failure. Instead, it uses exponential back-off and retry + functions to wait for the cluster to become available, as is customary in distributed + systems. + + ```hcl + vault_retry { + # This enables retries. + enabled = true + # This specifies the number of attempts to make before giving up. Each + # attempt adds the exponential backoff sleep time. Setting this to + # zero will implement an unlimited number of retries. + attempts = 12 + # This is the base amount of time to sleep between retry attempts. Each + # retry sleeps for an exponent of 2 longer than this base. For 5 retries, + # the sleep times would be: 250ms, 500ms, 1s, 2s, then 4s. + backoff = "250ms" + # This is the maximum amount of time to sleep between retry attempts. + # When max_backoff is set to zero, there is no upper limit to the + # exponential sleep between retry attempts. + # If max_backoff is set to 10s and backoff is set to 1s, sleep times + # would be: 1s, 2s, 4s, 8s, 10s, 10s, ... + max_backoff = "1m" + } + ``` + ### `host_volume` Stanza The `host_volume` stanza is used to make volumes available to jobs. diff --git a/website/content/docs/job-specification/template.mdx b/website/content/docs/job-specification/template.mdx index c5f2f938d67..e576006f403 100644 --- a/website/content/docs/job-specification/template.mdx +++ b/website/content/docs/job-specification/template.mdx @@ -87,7 +87,7 @@ README][ct]. Since Nomad v0.6.0, templates can be read as environment variables. One of `source` or `data` must be specified, but not both. This source can optionally be fetched using an [`artifact`][artifact] resource. This template must exist on the machine prior to starting the task; it is not possible to - reference a template inside of a Docker container, for example. + reference a template inside a Docker container, for example. - `splay` `(string: "5s")` - Specifies a random amount of time to wait between 0 ms and the given splay value before invoking the change mode. This is @@ -95,6 +95,26 @@ README][ct]. Since Nomad v0.6.0, templates can be read as environment variables. prevent a thundering herd problem where all task instances restart at the same time. +- `wait` `(Code: nil)` - Defines the minimum and maximum amount of time to wait + for the cluster to reach a consistent state before rendering a template. This + is useful to enable in systems that are experiencing a lot of flapping, because + it will reduce the number of times a template is rendered. This is typically + set globally in the client configuration, but can be overridden on per-template + basis. Note that, this setting can be overridden by the `client.template.wait_bounds` + setting. The `client.template.wait_bounds` setting defines a client level lower + and upper bounds for per-template `wait` configuration. If the individual template + configuration has a `min` lower than `client.template.wait_bounds.min` or a `max` + greater than `client.template.wait_bounds.max`, the bounds will be enforced, + and the template `wait` will be adjusted before being sent to `consul-template`. + + ```hcl + wait { + enabled = true + min = "5s" + max = "10s" + } + ``` + - `vault_grace` `(string: "15s")` - [Deprecated](https://github.com/hashicorp/consul-template/issues/1268) ## `template` Examples From 551fe63eaaf9fbf1d8fa073e020e62d6e5338f44 Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Fri, 17 Dec 2021 04:06:30 -0500 Subject: [PATCH 02/15] Add WaitConfig and RetryConfig for template settings; Add fields to ClientTemplateConfig; Add and update utility methods; Add tests for new types; --- client/config/config.go | 467 +++++++++++++++++++++++- client/config/config_test.go | 683 ++++++++++++++++++++++++++++++++++- 2 files changed, 1147 insertions(+), 3 deletions(-) diff --git a/client/config/config.go b/client/config/config.go index fb9c7d1fc3c..448b40ed81f 100644 --- a/client/config/config.go +++ b/client/config/config.go @@ -1,13 +1,16 @@ package config import ( + "errors" "fmt" "io" "os" + "reflect" "strconv" "strings" "time" + "github.com/hashicorp/consul-template/config" "github.com/hashicorp/nomad/client/lib/cgutil" "github.com/hashicorp/nomad/command/agent/host" @@ -59,6 +62,8 @@ var ( // In non-systemd systems, this mount is a no-op and the path is ignored if not present. "/run/systemd/resolve": "/run/systemd/resolve", } + + DefaultTemplateMaxStale = 5 * time.Second ) // RPCHandler can be provided to the Client if there is a local server @@ -276,11 +281,72 @@ type Config struct { ReservableCores []uint16 } +// ClientTemplateConfig is configuration on the client specific to template +// rendering type ClientTemplateConfig struct { - FunctionDenylist []string - DisableSandbox bool + // FunctionDenylist disables functions in consul-template that + // are unsafe because they expose information from the client host. + FunctionDenylist []string `hcl:"function_denylist"` + + // Deprecated: COMPAT(1.0) consul-template uses inclusive language from + // v0.25.0 - function_blacklist is kept for compatibility + FunctionBlacklist []string `hcl:"function_blacklist"` + + // DisableSandbox allows templates to access arbitrary files on the + // client host. By default templates can access files only within + // the task directory. + DisableSandbox bool `hcl:"disable_file_sandbox"` + + // This is the maximum interval to allow "stale" data. By default, only the + // Consul leader will respond to queries; any requests to a follower will + // forward to the leader. In large clusters with many requests, this is not as + // scalable, so this option allows any follower to respond to a query, so long + // as the last-replicated data is within these bounds. Higher values result in + // less cluster load, but are more likely to have outdated data. + // NOTE: Since Consul Template uses a pointer, this field uses a pointer which + // is inconsistent with how Nomad typically works. This decision was made to + // maintain parity with the external subsystem, not to establish a new standard. + MaxStale *time.Duration `hcl:"-"` + MaxStaleHCL string `hcl:"max_stale,optional"` + + // BlockQueryWaitTime is amount of time in seconds to do a blocking query for. + // Many endpoints in Consul support a feature known as "blocking queries". + // A blocking query is used to wait for a potential change using long polling. + // NOTE: Since Consul Template uses a pointer, this field uses a pointer which + // is inconsistent with how Nomad typically works. This decision was made to + // maintain parity with the external subsystem, not to establish a new standard. + BlockQueryWaitTime *time.Duration `hcl:"-"` + BlockQueryWaitTimeHCL string `hcl:"block_query_wait,optional"` + + // Wait is the quiescence timers; it defines the minimum and maximum amount of + // time to wait for the cluster to reach a consistent state before rendering a + // template. This is useful to enable in systems that have a lot of flapping, + // because it will reduce the number of times a template is rendered. + Wait *WaitConfig `hcl:"wait,optional" json:"-"` + + // WaitBounds allows operators to define boundaries on individual template wait + // configuration overrides. If set, this ensures that if a job author specifies + // a wait configuration with values the cluster operator does not allow, the + // cluster operator's boundary will be applied rather than the job author's + // out of bounds configuration. + WaitBounds *WaitConfig `hcl:"wait_bounds,optional" json:"-"` + + // This controls the retry behavior when an error is returned from Consul. + // Consul Template is highly fault tolerant, meaning it does not exit in the + // face of failure. Instead, it uses exponential back-off and retry functions + // to wait for the cluster to become available, as is customary in distributed + // systems. + ConsulRetry *RetryConfig `hcl:"consul_retry,optional"` + + // This controls the retry behavior when an error is returned from Vault. + // Consul Template is highly fault tolerant, meaning it does not exit in the + // face of failure. Instead, it uses exponential back-off and retry functions + // to wait for the cluster to become available, as is customary in distributed + // systems. + VaultRetry *RetryConfig `hcl:"vault_retry,optional"` } +// Copy returns a deep copy of a ClientTemplateConfig func (c *ClientTemplateConfig) Copy() *ClientTemplateConfig { if c == nil { return nil @@ -289,9 +355,406 @@ func (c *ClientTemplateConfig) Copy() *ClientTemplateConfig { nc := new(ClientTemplateConfig) *nc = *c nc.FunctionDenylist = helper.CopySliceString(nc.FunctionDenylist) + + if c.BlockQueryWaitTime != nil { + nc.BlockQueryWaitTime = &*c.BlockQueryWaitTime + } + + if c.MaxStale != nil { + nc.MaxStale = &*c.MaxStale + } + + if c.Wait != nil { + nc.Wait = c.Wait.Copy() + } + + if c.ConsulRetry != nil { + nc.ConsulRetry = c.ConsulRetry.Copy() + } + + if c.VaultRetry != nil { + nc.VaultRetry = c.VaultRetry.Copy() + } + return nc } +// Merge merges the values of two ClientTemplateConfigs. If first copies the receiver +// instance, and then overrides those values with the instance to merge with. +func (c *ClientTemplateConfig) Merge(b *ClientTemplateConfig) *ClientTemplateConfig { + if c == nil { + return b + } + + result := *c + + if b == nil { + return &result + } + + if b.BlockQueryWaitTime != nil { + result.BlockQueryWaitTime = b.BlockQueryWaitTime + } + if b.BlockQueryWaitTimeHCL != "" { + result.BlockQueryWaitTimeHCL = b.BlockQueryWaitTimeHCL + } + + if b.ConsulRetry != nil { + result.ConsulRetry = result.ConsulRetry.Merge(b.ConsulRetry) + } + + result.DisableSandbox = b.DisableSandbox + + // Maintain backward compatibility for older clients + if len(b.FunctionBlacklist) > 0 { + for _, fn := range b.FunctionBlacklist { + if !helper.SliceStringContains(result.FunctionBlacklist, fn) { + result.FunctionBlacklist = append(result.FunctionBlacklist, fn) + } + } + } + + if len(b.FunctionDenylist) > 0 { + for _, fn := range b.FunctionDenylist { + if !helper.SliceStringContains(result.FunctionDenylist, fn) { + result.FunctionDenylist = append(result.FunctionDenylist, fn) + } + } + } + + if b.MaxStale != nil { + result.MaxStale = b.MaxStale + } + + if b.MaxStaleHCL != "" { + result.MaxStaleHCL = b.MaxStaleHCL + } + + if b.Wait != nil { + result.Wait = result.Wait.Merge(b.Wait) + } + + if b.WaitBounds != nil { + result.WaitBounds = result.WaitBounds.Merge(b.WaitBounds) + } + + if b.VaultRetry != nil { + result.VaultRetry = result.VaultRetry.Merge(b.VaultRetry) + } + + return &result +} + +func (c *ClientTemplateConfig) IsEmpty() bool { + if c == nil { + return true + } + + return c.BlockQueryWaitTime == nil && + c.BlockQueryWaitTimeHCL == "" && + c.MaxStale == nil && + c.MaxStaleHCL == "" && + c.Wait.IsEmpty() && + c.ConsulRetry.IsEmpty() && + c.VaultRetry.IsEmpty() +} + +// WaitConfig is mirrored from templateconfig.WaitConfig because we need to handle +// the HCL conversion which happens in agent.ParseConfigFile +// NOTE: Since Consul Template requires pointers, this type uses pointers to fields +// which is inconsistent with how Nomad typically works. This decision was made +// to maintain parity with the external subsystem, not to establish a new standard. +type WaitConfig struct { + Enabled *bool `hcl:"enabled,optional"` + Min *time.Duration `hcl:"-"` + MinHCL string `hcl:"min,optional" json:"-"` + Max *time.Duration `hcl:"-"` + MaxHCL string `hcl:"max,optional" json:"-"` +} + +// Copy returns a deep copy of the receiver. +func (wc *WaitConfig) Copy() *WaitConfig { + if wc == nil { + return nil + } + + nwc := new(WaitConfig) + + if wc.Enabled != nil { + nwc.Enabled = &*wc.Enabled + } + if wc.Min != nil { + nwc.Min = &*wc.Min + } + if wc.Max != nil { + nwc.Max = &*wc.Max + } + + return wc +} + +// Equals returns the result of reflect.DeepEqual +func (wc *WaitConfig) Equals(other *WaitConfig) bool { + return reflect.DeepEqual(wc, other) +} + +// IsEmpty returns true if the receiver only contains an instance with no fields set. +func (wc *WaitConfig) IsEmpty() bool { + if wc == nil { + return true + } + return wc.Equals(&WaitConfig{}) +} + +// Validate returns an error if the receiver is nil or empty or if Min is greater +// than Max the user specified Max, or if the user didn't specify a Max. +func (wc *WaitConfig) Validate() error { + // If the config is nil or empty return false so that it is never assigned. + if wc == nil || wc.IsEmpty() { + return errors.New("wait config is nil or empty") + } + + // If min is nil, return + if wc.Min == nil { + return nil + } + + // If min isn't nil, make sure Max is less than Min. + if wc.Max != nil { + if *wc.Min > *wc.Max { + return fmt.Errorf("wait config min %d is greater than max %d", *wc.Min, *wc.Max) + } + } + + // Otherwise, return nil. Consul Template will set a Max based off of Min. + return nil +} + +// Merge merges two WaitConfigs. The passed instance always takes precedence. +func (wc *WaitConfig) Merge(b *WaitConfig) *WaitConfig { + if wc == nil { + return b + } + + result := *wc + if b == nil { + return &result + } + + if b.Enabled != nil { + result.Enabled = &*b.Enabled + } + + if b.Min != nil { + result.Min = &*b.Min + } + + if b.MinHCL != "" { + result.MinHCL = b.MinHCL + } + + if b.Max != nil { + result.Max = &*b.Max + } + + if b.MaxHCL != "" { + result.MaxHCL = b.MaxHCL + } + + return &result +} + +// ToConsulTemplate converts a client WaitConfig instance to a consul-template WaitConfig +// TODO: Needs code review. The caller (TaskTemplateManager) takes direct pointers +// to other configuration values. Need to make sure that desired here as well. +func (wc *WaitConfig) ToConsulTemplate() (*config.WaitConfig, error) { + if wc.IsEmpty() { + return nil, errors.New("wait config is empty") + } + + if err := wc.Validate(); err != nil { + return nil, err + } + + result := &config.WaitConfig{} + + if wc.Enabled != nil { + result.Enabled = wc.Enabled + } + + if wc.Min != nil { + result.Min = wc.Min + } + + if wc.Max != nil { + result.Max = wc.Max + } + + return result, nil +} + +// RetryConfig is mirrored from templateconfig.WaitConfig because we need to handle +// the HCL indirection to support mapping in agent.ParseConfigFile. +// NOTE: Since Consul Template requires pointers, this type uses pointers to fields +// which is inconsistent with how Nomad typically works. However, since zero in +// Attempts and MaxBackoff have special meaning, it is necessary to know if the +// value was actually set rather than if it defaulted to 0. The rest of the fields +// use pointers to maintain parity with the external subystem, not to establish +// a new standard. +type RetryConfig struct { + // Enabled signals if this retry is enabled. + Enabled *bool `hcl:"enabled,optional"` + // Attempts is the total number of maximum attempts to retry before letting + // the error fall through. + // 0 means unlimited. + Attempts *int `hcl:"attempts,optional"` + // Backoff is the base of the exponential backoff. This number will be + // multiplied by the next power of 2 on each iteration. + Backoff *time.Duration `hcl:"-"` + BackoffHCL string `hcl:"backoff,optional" json:"-"` + // MaxBackoff is an upper limit to the sleep time between retries + // A MaxBackoff of 0 means there is no limit to the exponential growth of the backoff. + MaxBackoff *time.Duration `hcl:"-"` + MaxBackoffHCL string `hcl:"max_backoff,optional" json:"-"` +} + +func (rc *RetryConfig) Copy() *RetryConfig { + if rc == nil { + return nil + } + + nrc := new(RetryConfig) + *nrc = *rc + + // Now copy pointer values + if rc.Enabled != nil { + nrc.Enabled = &*rc.Enabled + } + if rc.Attempts != nil { + nrc.Attempts = &*rc.Attempts + } + if rc.Backoff != nil { + nrc.Backoff = &*rc.Backoff + } + if rc.MaxBackoff != nil { + nrc.MaxBackoff = &*rc.MaxBackoff + } + + return nrc +} + +// Equals returns the result of reflect.DeepEqual +func (rc *RetryConfig) Equals(other *RetryConfig) bool { + return reflect.DeepEqual(rc, other) +} + +// IsEmpty returns true if the receiver only contains an instance with no fields set. +func (rc *RetryConfig) IsEmpty() bool { + if rc == nil { + return true + } + + return rc.Equals(&RetryConfig{}) +} + +// Validate returns an error if the receiver is nil or empty, or if Backoff +// is greater than MaxBackoff. +func (rc *RetryConfig) Validate() error { + // If the config is nil or empty return false so that it is never assigned. + if rc == nil || rc.IsEmpty() { + return errors.New("retry config is nil or empty") + } + + // If Backoff not set, no need to validate + if rc.Backoff == nil { + return nil + } + + // MaxBackoff nil will end up defaulted to 1 minutes. We should validate that + // the user supplied backoff does not exceed that. + if rc.MaxBackoff == nil && *rc.Backoff > config.DefaultRetryMaxBackoff { + return fmt.Errorf("retry config backoff %d is greater than default max_backoff %d", *rc.Backoff, config.DefaultRetryMaxBackoff) + } + + // MaxBackoff == 0 means backoff is unbounded. No need to validate. + if *rc.MaxBackoff == 0 { + return nil + } + + if *rc.Backoff > *rc.MaxBackoff { + return fmt.Errorf("retry config backoff %d is greater than max_backoff %d", *rc.Backoff, *rc.MaxBackoff) + } + + return nil +} + +// Merge merges two RetryConfigs. The passed instance always takes precedence. +func (rc *RetryConfig) Merge(b *RetryConfig) *RetryConfig { + if rc == nil { + return b + } + + result := *rc + if b == nil { + return &result + } + + if b.Enabled != nil { + result.Enabled = &*b.Enabled + } + + if b.Attempts != nil { + result.Attempts = &*b.Attempts + } + + if b.Backoff != nil { + result.Backoff = &*b.Backoff + } + + if b.BackoffHCL != "" { + result.BackoffHCL = b.BackoffHCL + } + + if b.MaxBackoff != nil { + result.MaxBackoff = &*b.MaxBackoff + } + + if b.MaxBackoffHCL != "" { + result.MaxBackoffHCL = b.MaxBackoffHCL + } + + return &result +} + +// ToConsulTemplate converts a client RetryConfig instance to a consul-template RetryConfig +// TODO: Needs code review. The caller (TaskTemplateManager) takes direct pointers +// to other configuration values. Need to make sure that desired here as well. +func (rc *RetryConfig) ToConsulTemplate() (*config.RetryConfig, error) { + if err := rc.Validate(); err != nil { + return nil, err + } + + result := &config.RetryConfig{} + + if rc.Enabled != nil { + result.Enabled = rc.Enabled + } + + if rc.Attempts != nil { + result.Attempts = rc.Attempts + } + + if rc.Backoff != nil { + result.Backoff = rc.Backoff + } + + if rc.MaxBackoff != nil { + result.MaxBackoff = &*rc.MaxBackoff + } + + return result, nil +} + func (c *Config) Copy() *Config { nc := new(Config) *nc = *c diff --git a/client/config/config_test.go b/client/config/config_test.go index 9fa5e310e5c..465d224953a 100644 --- a/client/config/config_test.go +++ b/client/config/config_test.go @@ -1,6 +1,13 @@ package config -import "testing" +import ( + "testing" + "time" + + "github.com/hashicorp/consul-template/config" + "github.com/hashicorp/nomad/helper" + "github.com/stretchr/testify/require" +) func TestConfigRead(t *testing.T) { config := Config{} @@ -34,3 +41,677 @@ func TestConfigReadDefault(t *testing.T) { t.Errorf("Expected %s, found %s", expected, actual) } } + +func mockWaitConfig() *WaitConfig { + return &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + } +} + +func TestWaitConfig_Copy(t *testing.T) { + cases := []struct { + Name string + Wait *WaitConfig + Expected *WaitConfig + }{ + { + "fully-populated", + mockWaitConfig(), + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + }, + { + "enabled-only", + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + }, + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + }, + }, + { + "min-only", + &WaitConfig{ + Min: helper.TimeToPtr(5 * time.Second), + }, + &WaitConfig{ + Min: helper.TimeToPtr(5 * time.Second), + }, + }, + { + "max-only", + &WaitConfig{ + Max: helper.TimeToPtr(5 * time.Second), + }, + &WaitConfig{ + Max: helper.TimeToPtr(5 * time.Second), + }, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + result := _case.Expected.Equals(_case.Wait.Copy()) + if !result { + t.Logf("\nExpected %v\n Found %v", _case.Expected, result) + } + require.True(t, result) + }) + } +} + +func TestWaitConfig_IsEmpty(t *testing.T) { + cases := []struct { + Name string + Wait *WaitConfig + Expected bool + }{ + { + "is-nil", + nil, + true, + }, + { + "is-empty", + &WaitConfig{}, + true, + }, + { + "is-not-empty", + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + }, + false, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + require.Equal(t, _case.Expected, _case.Wait.IsEmpty()) + }) + } +} + +func TestWaitConfig_IsEqual(t *testing.T) { + cases := []struct { + Name string + Wait *WaitConfig + Other *WaitConfig + Expected bool + }{ + { + "are-equal", + mockWaitConfig(), + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + true, + }, + { + "min-different", + mockWaitConfig(), + &WaitConfig{ + Enabled: helper.BoolToPtr(false), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + false, + }, + { + "max-different", + mockWaitConfig(), + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), + }, + false, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + require.Equal(t, _case.Expected, _case.Wait.Equals(_case.Other)) + }) + } +} + +func TestWaitConfig_IsValid(t *testing.T) { + cases := []struct { + Name string + Retry *WaitConfig + Expected string + }{ + { + "is-valid", + &WaitConfig{ + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + "", + }, + { + "is-nil", + nil, + "is nil", + }, + { + "is-empty", + &WaitConfig{}, + "or empty", + }, + { + "min-greater-than-max", + &WaitConfig{ + Min: helper.TimeToPtr(10 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), + }, + "greater than", + }, + { + "max-not-set", + &WaitConfig{ + Min: helper.TimeToPtr(10 * time.Second), + }, + "", + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + if _case.Expected == "" { + require.Nil(t, _case.Retry.Validate()) + } else { + err := _case.Retry.Validate() + require.Contains(t, err.Error(), _case.Expected) + } + }) + } +} + +func TestWaitConfig_Merge(t *testing.T) { + cases := []struct { + Name string + Target *WaitConfig + Other *WaitConfig + Expected *WaitConfig + }{ + { + "all-fields", + mockWaitConfig(), + &WaitConfig{ + Enabled: helper.BoolToPtr(false), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), + }, + &WaitConfig{ + Enabled: helper.BoolToPtr(false), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), + }, + }, + { + "min-only", + mockWaitConfig(), + &WaitConfig{ + Enabled: helper.BoolToPtr(false), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + &WaitConfig{ + Enabled: helper.BoolToPtr(false), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + }, + { + "max-only", + mockWaitConfig(), + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), + }, + &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), + }, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + merged := _case.Target.Merge(_case.Other) + result := _case.Expected.Equals(merged) + if !result { + t.Logf("\nExpected %v\n Found %v", _case.Expected, merged) + } + require.True(t, result) + }) + } +} + +func TestWaitConfig_ToConsulTemplate(t *testing.T) { + expected := config.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + } + + actual := WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + } + + require.Equal(t, *expected.Enabled, *actual.Enabled) + require.Equal(t, *expected.Min, *actual.Min) + require.Equal(t, *expected.Max, *actual.Max) +} + +func mockRetryConfig() *RetryConfig { + return &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + } +} +func TestRetryConfig_Copy(t *testing.T) { + cases := []struct { + Name string + Retry *RetryConfig + Expected *RetryConfig + }{ + { + "fully-populated", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + }, + { + "enabled-only", + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + }, + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + }, + }, + { + "attempts-only", + &RetryConfig{ + Attempts: helper.IntToPtr(5), + }, + &RetryConfig{ + Attempts: helper.IntToPtr(5), + }, + }, + { + "backoff-only", + &RetryConfig{ + Backoff: helper.TimeToPtr(5 * time.Second), + }, + &RetryConfig{ + Backoff: helper.TimeToPtr(5 * time.Second), + }, + }, + { + "backoff-hcl-only", + &RetryConfig{ + BackoffHCL: "5s", + }, + &RetryConfig{ + BackoffHCL: "5s", + }, + }, + { + "max-backoff-only", + &RetryConfig{ + MaxBackoff: helper.TimeToPtr(10 * time.Second), + }, + &RetryConfig{ + MaxBackoff: helper.TimeToPtr(10 * time.Second), + }, + }, + { + "max-backoff-hcl-only", + &RetryConfig{ + MaxBackoffHCL: "10s", + }, + &RetryConfig{ + MaxBackoffHCL: "10s", + }, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + result := _case.Expected.Equals(_case.Retry.Copy()) + if !result { + t.Logf("\nExpected %v\n Found %v", _case.Expected, result) + } + require.True(t, result) + }) + } +} + +func TestRetryConfig_IsEmpty(t *testing.T) { + cases := []struct { + Name string + Retry *RetryConfig + Expected bool + }{ + { + "is-nil", + nil, + true, + }, + { + "is-empty", + &RetryConfig{}, + true, + }, + { + "is-not-empty", + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + }, + false, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + require.Equal(t, _case.Expected, _case.Retry.IsEmpty()) + }) + } +} + +func TestRetryConfig_IsEqual(t *testing.T) { + cases := []struct { + Name string + Retry *RetryConfig + Other *RetryConfig + Expected bool + }{ + { + "are-equal", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + true, + }, + { + "enabled-different", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(false), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + false, + }, + { + "attempts-different", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(4), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + false, + }, + { + "backoff-different", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(4 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + false, + }, + { + "backoff-hcl-different", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "4s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + false, + }, + { + "max-backoff-different", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(9 * time.Second), + MaxBackoffHCL: "10s", + }, + false, + }, + { + "max-backoff-hcl-different", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "9s", + }, + false, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + require.Equal(t, _case.Expected, _case.Retry.Equals(_case.Other)) + }) + } +} + +func TestRetryConfig_IsValid(t *testing.T) { + cases := []struct { + Name string + Retry *RetryConfig + Expected string + }{ + { + "is-valid", + &RetryConfig{ + Backoff: helper.TimeToPtr(5 * time.Second), + MaxBackoff: helper.TimeToPtr(10 * time.Second), + }, + "", + }, + { + "is-nil", + nil, + "is nil", + }, + { + "is-empty", + &RetryConfig{}, + "or empty", + }, + { + "backoff-greater-than-max-backoff", + &RetryConfig{ + Backoff: helper.TimeToPtr(10 * time.Second), + MaxBackoff: helper.TimeToPtr(5 * time.Second), + }, + "greater than max_backoff", + }, + { + "backoff-not-set", + &RetryConfig{ + MaxBackoff: helper.TimeToPtr(10 * time.Second), + }, + "", + }, + { + "max-backoff-not-set", + &RetryConfig{ + Backoff: helper.TimeToPtr(2 * time.Minute), + }, + "greater than default", + }, + { + "max-backoff-unbounded", + &RetryConfig{ + Backoff: helper.TimeToPtr(10 * time.Second), + MaxBackoff: helper.TimeToPtr(0 * time.Second), + }, + "", + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + if _case.Expected == "" { + require.Nil(t, _case.Retry.Validate()) + } else { + err := _case.Retry.Validate() + require.Contains(t, err.Error(), _case.Expected) + } + }) + } +} + +func TestRetryConfig_Merge(t *testing.T) { + cases := []struct { + Name string + Target *RetryConfig + Other *RetryConfig + Expected *RetryConfig + }{ + { + "all-fields", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(false), + Attempts: helper.IntToPtr(4), + Backoff: helper.TimeToPtr(4 * time.Second), + BackoffHCL: "4s", + MaxBackoff: helper.TimeToPtr(9 * time.Second), + MaxBackoffHCL: "9s", + }, + &RetryConfig{ + Enabled: helper.BoolToPtr(false), + Attempts: helper.IntToPtr(4), + Backoff: helper.TimeToPtr(4 * time.Second), + BackoffHCL: "4s", + MaxBackoff: helper.TimeToPtr(9 * time.Second), + MaxBackoffHCL: "9s", + }, + }, + { + "attempts-only", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(false), + Attempts: helper.IntToPtr(4), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + &RetryConfig{ + Enabled: helper.BoolToPtr(false), + Attempts: helper.IntToPtr(4), + Backoff: helper.TimeToPtr(5 * time.Second), + BackoffHCL: "5s", + MaxBackoff: helper.TimeToPtr(10 * time.Second), + MaxBackoffHCL: "10s", + }, + }, + { + "multi-field", + mockRetryConfig(), + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(4 * time.Second), + BackoffHCL: "4s", + MaxBackoff: helper.TimeToPtr(9 * time.Second), + MaxBackoffHCL: "9s", + }, + &RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(4 * time.Second), + BackoffHCL: "4s", + MaxBackoff: helper.TimeToPtr(9 * time.Second), + MaxBackoffHCL: "9s", + }, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + merged := _case.Target.Merge(_case.Other) + result := _case.Expected.Equals(merged) + if !result { + t.Logf("\nExpected %v\n Found %v", _case.Expected, merged) + } + require.True(t, result) + }) + } +} + +func TestRetryConfig_ToConsulTemplate(t *testing.T) { + expected := config.RetryConfig{ + Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + MaxBackoff: helper.TimeToPtr(10 * time.Second), + } + + actual := mockRetryConfig() + + require.Equal(t, *expected.Enabled, *actual.Enabled) + require.Equal(t, *expected.Attempts, *actual.Attempts) + require.Equal(t, *expected.Backoff, *actual.Backoff) + require.Equal(t, *expected.MaxBackoff, *actual.MaxBackoff) +} From 28725a7d5402c093e37e88e4736e3815d92554a4 Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Fri, 17 Dec 2021 04:19:03 -0500 Subject: [PATCH 03/15] Remove redundant type from agent; Update template conversion in agent.Config.convertClientConfig; Add duration parsing to agent.ParseConfigFile; Refactor duration parsing and extend to handle pointer fields; --- command/agent/agent.go | 46 ++++++++-- command/agent/config.go | 31 ++----- command/agent/config_parse.go | 156 +++++++++++++++++++++++++++------- command/agent/config_test.go | 56 +++++++++++- 4 files changed, 227 insertions(+), 62 deletions(-) diff --git a/command/agent/agent.go b/command/agent/agent.go index b070de55596..85fa645bd14 100644 --- a/command/agent/agent.go +++ b/command/agent/agent.go @@ -404,7 +404,7 @@ func convertServerConfig(agentConfig *Config) (*nomad.Config, error) { conf.StatsCollectionInterval = agentConfig.Telemetry.collectionInterval conf.DisableDispatchedJobSummaryMetrics = agentConfig.Telemetry.DisableDispatchedJobSummaryMetrics - // Parse Limits timeout from a string into durations + // Parse Limits timeout from a string into convertDurations if d, err := time.ParseDuration(agentConfig.Limits.RPCHandshakeTimeout); err != nil { return nil, fmt.Errorf("error parsing rpc_handshake_timeout: %v", err) } else if d < 0 { @@ -545,7 +545,7 @@ func (a *Agent) finalizeClientConfig(c *clientconfig.Config) error { // Config. There may be missing fields that must be set by the agent. To do this // call finalizeServerConfig func convertClientConfig(agentConfig *Config) (*clientconfig.Config, error) { - // Setup the configuration + // Set up the configuration conf := agentConfig.ClientConfig if conf == nil { conf = clientconfig.DefaultConfig() @@ -595,12 +595,44 @@ func convertClientConfig(agentConfig *Config) (*clientconfig.Config, error) { conf.MaxDynamicPort = agentConfig.Client.MaxDynamicPort conf.MinDynamicPort = agentConfig.Client.MinDynamicPort conf.DisableRemoteExec = agentConfig.Client.DisableRemoteExec - if agentConfig.Client.TemplateConfig.FunctionBlacklist != nil { - conf.TemplateConfig.FunctionDenylist = agentConfig.Client.TemplateConfig.FunctionBlacklist - } else { - conf.TemplateConfig.FunctionDenylist = agentConfig.Client.TemplateConfig.FunctionDenylist + + // TODO: Code review - Now that these aren't different types, would it be ok + // to just copy or directly reference the full struct instead of doing a field + // by field set? + if agentConfig.Client.TemplateConfig != nil { + conf.TemplateConfig.DisableSandbox = agentConfig.Client.TemplateConfig.DisableSandbox + + // TODO: Code Review - Should these all be direct references or copies? Mixed right now. + if agentConfig.Client.TemplateConfig.MaxStale != nil { + conf.TemplateConfig.MaxStale = &*agentConfig.Client.TemplateConfig.MaxStale + } + + if agentConfig.Client.TemplateConfig.BlockQueryWaitTime != nil { + conf.TemplateConfig.BlockQueryWaitTime = &*agentConfig.Client.TemplateConfig.BlockQueryWaitTime + } + + if agentConfig.Client.TemplateConfig.FunctionBlacklist != nil { + conf.TemplateConfig.FunctionDenylist = agentConfig.Client.TemplateConfig.FunctionBlacklist + } else { + conf.TemplateConfig.FunctionDenylist = agentConfig.Client.TemplateConfig.FunctionDenylist + } + + if agentConfig.Client.TemplateConfig.Wait != nil { + conf.TemplateConfig.Wait = agentConfig.Client.TemplateConfig.Wait + } + + if agentConfig.Client.TemplateConfig.WaitBounds != nil { + conf.TemplateConfig.WaitBounds = agentConfig.Client.TemplateConfig.WaitBounds + } + + if agentConfig.Client.TemplateConfig.ConsulRetry != nil { + conf.TemplateConfig.ConsulRetry = agentConfig.Client.TemplateConfig.ConsulRetry + } + + if agentConfig.Client.TemplateConfig.VaultRetry != nil { + conf.TemplateConfig.VaultRetry = agentConfig.Client.TemplateConfig.VaultRetry + } } - conf.TemplateConfig.DisableSandbox = agentConfig.Client.TemplateConfig.DisableSandbox hvMap := make(map[string]*structs.ClientHostVolumeConfig, len(agentConfig.Client.HostVolumes)) for _, v := range agentConfig.Client.HostVolumes { diff --git a/command/agent/config.go b/command/agent/config.go index 2a18f0e2a8a..762639a2f29 100644 --- a/command/agent/config.go +++ b/command/agent/config.go @@ -278,7 +278,7 @@ type ClientConfig struct { DisableRemoteExec bool `hcl:"disable_remote_exec"` // TemplateConfig includes configuration for template rendering - TemplateConfig *ClientTemplateConfig `hcl:"template"` + TemplateConfig *client.ClientTemplateConfig `hcl:"template"` // ServerJoin contains information that is used to attempt to join servers ServerJoin *ServerJoin `hcl:"server_join"` @@ -321,24 +321,6 @@ type ClientConfig struct { ExtraKeysHCL []string `hcl:",unusedKeys" json:"-"` } -// ClientTemplateConfig is configuration on the client specific to template -// rendering -type ClientTemplateConfig struct { - - // FunctionDenylist disables functions in consul-template that - // are unsafe because they expose information from the client host. - FunctionDenylist []string `hcl:"function_denylist"` - - // Deprecated: COMPAT(1.0) consul-template uses inclusive language from - // v0.25.0 - function_blacklist is kept for compatibility - FunctionBlacklist []string `hcl:"function_blacklist"` - - // DisableSandbox allows templates to access arbitrary files on the - // client host. By default templates can access files only within - // the task directory. - DisableSandbox bool `hcl:"disable_file_sandbox"` -} - // ACLConfig is configuration specific to the ACL system type ACLConfig struct { // Enabled controls if we are enforce and manage ACLs @@ -901,7 +883,7 @@ func DevConfig(mode *devModeConfig) *Config { conf.Client.GCDiskUsageThreshold = 99 conf.Client.GCInodeUsageThreshold = 99 conf.Client.GCMaxAllocs = 50 - conf.Client.TemplateConfig = &ClientTemplateConfig{ + conf.Client.TemplateConfig = &client.ClientTemplateConfig{ FunctionDenylist: []string{"plugin"}, DisableSandbox: false, } @@ -950,7 +932,7 @@ func DefaultConfig() *Config { RetryInterval: 30 * time.Second, RetryMaxAttempts: 0, }, - TemplateConfig: &ClientTemplateConfig{ + TemplateConfig: &client.ClientTemplateConfig{ FunctionDenylist: []string{"plugin"}, DisableSandbox: false, }, @@ -1671,8 +1653,11 @@ func (a *ClientConfig) Merge(b *ClientConfig) *ClientConfig { result.DisableRemoteExec = b.DisableRemoteExec } - if b.TemplateConfig != nil { - result.TemplateConfig = b.TemplateConfig + if result.TemplateConfig == nil && b.TemplateConfig != nil { + templateConfig := *b.TemplateConfig + result.TemplateConfig = &templateConfig + } else if b.TemplateConfig != nil { + result.TemplateConfig = result.TemplateConfig.Merge(b.TemplateConfig) } // Add the servers diff --git a/command/agent/config_parse.go b/command/agent/config_parse.go index b745835711d..363db9e1e33 100644 --- a/command/agent/config_parse.go +++ b/command/agent/config_parse.go @@ -9,10 +9,12 @@ import ( "time" "github.com/hashicorp/hcl" + client "github.com/hashicorp/nomad/client/config" "github.com/hashicorp/nomad/helper" "github.com/hashicorp/nomad/nomad/structs/config" ) +// ParseConfigFile returns an agent.Config from parsed from a file. func ParseConfigFile(path string) (*Config, error) { // slurp var buf bytes.Buffer @@ -32,7 +34,15 @@ func ParseConfigFile(path string) (*Config, error) { // parse c := &Config{ - Client: &ClientConfig{ServerJoin: &ServerJoin{}}, + Client: &ClientConfig{ + ServerJoin: &ServerJoin{}, + TemplateConfig: &client.ClientTemplateConfig{ + Wait: &client.WaitConfig{}, + WaitBounds: &client.WaitConfig{}, + ConsulRetry: &client.RetryConfig{}, + VaultRetry: &client.RetryConfig{}, + }, + }, ACL: &ACLConfig{}, Audit: &config.AuditConfig{}, Server: &ServerConfig{ServerJoin: &ServerJoin{}}, @@ -48,31 +58,79 @@ func ParseConfigFile(path string) (*Config, error) { } // convert strings to time.Durations - tds := []td{ - {"gc_interval", &c.Client.GCInterval, &c.Client.GCIntervalHCL}, - {"acl.token_ttl", &c.ACL.TokenTTL, &c.ACL.TokenTTLHCL}, - {"acl.policy_ttl", &c.ACL.PolicyTTL, &c.ACL.PolicyTTLHCL}, - {"client.server_join.retry_interval", &c.Client.ServerJoin.RetryInterval, &c.Client.ServerJoin.RetryIntervalHCL}, - {"server.heartbeat_grace", &c.Server.HeartbeatGrace, &c.Server.HeartbeatGraceHCL}, - {"server.min_heartbeat_ttl", &c.Server.MinHeartbeatTTL, &c.Server.MinHeartbeatTTLHCL}, - {"server.failover_heartbeat_ttl", &c.Server.FailoverHeartbeatTTL, &c.Server.FailoverHeartbeatTTLHCL}, - {"server.retry_interval", &c.Server.RetryInterval, &c.Server.RetryIntervalHCL}, - {"server.server_join.retry_interval", &c.Server.ServerJoin.RetryInterval, &c.Server.ServerJoin.RetryIntervalHCL}, - {"consul.timeout", &c.Consul.Timeout, &c.Consul.TimeoutHCL}, - {"autopilot.server_stabilization_time", &c.Autopilot.ServerStabilizationTime, &c.Autopilot.ServerStabilizationTimeHCL}, - {"autopilot.last_contact_threshold", &c.Autopilot.LastContactThreshold, &c.Autopilot.LastContactThresholdHCL}, - {"telemetry.collection_interval", &c.Telemetry.collectionInterval, &c.Telemetry.CollectionInterval}, + tds := []durationConversionMap{ + {"gc_interval", &c.Client.GCInterval, &c.Client.GCIntervalHCL, nil}, + {"acl.token_ttl", &c.ACL.TokenTTL, &c.ACL.TokenTTLHCL, nil}, + {"acl.policy_ttl", &c.ACL.PolicyTTL, &c.ACL.PolicyTTLHCL, nil}, + {"client.server_join.retry_interval", &c.Client.ServerJoin.RetryInterval, &c.Client.ServerJoin.RetryIntervalHCL, nil}, + {"server.heartbeat_grace", &c.Server.HeartbeatGrace, &c.Server.HeartbeatGraceHCL, nil}, + {"server.min_heartbeat_ttl", &c.Server.MinHeartbeatTTL, &c.Server.MinHeartbeatTTLHCL, nil}, + {"server.failover_heartbeat_ttl", &c.Server.FailoverHeartbeatTTL, &c.Server.FailoverHeartbeatTTLHCL, nil}, + {"server.retry_interval", &c.Server.RetryInterval, &c.Server.RetryIntervalHCL, nil}, + {"server.server_join.retry_interval", &c.Server.ServerJoin.RetryInterval, &c.Server.ServerJoin.RetryIntervalHCL, nil}, + {"consul.timeout", &c.Consul.Timeout, &c.Consul.TimeoutHCL, nil}, + {"autopilot.server_stabilization_time", &c.Autopilot.ServerStabilizationTime, &c.Autopilot.ServerStabilizationTimeHCL, nil}, + {"autopilot.last_contact_threshold", &c.Autopilot.LastContactThreshold, &c.Autopilot.LastContactThresholdHCL, nil}, + {"telemetry.collection_interval", &c.Telemetry.collectionInterval, &c.Telemetry.CollectionInterval, nil}, + {"client.template.block_query_wait", nil, &c.Client.TemplateConfig.BlockQueryWaitTimeHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.BlockQueryWaitTime = d + }, + }, + {"client.template.max_stale", nil, &c.Client.TemplateConfig.MaxStaleHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.MaxStale = d + }}, + {"client.template.wait.min", nil, &c.Client.TemplateConfig.Wait.MinHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.Wait.Min = d + }, + }, + {"client.template.wait.max", nil, &c.Client.TemplateConfig.Wait.MaxHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.Wait.Max = d + }, + }, + {"client.template.wait_bounds.min", nil, &c.Client.TemplateConfig.WaitBounds.MinHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.WaitBounds.Min = d + }, + }, + {"client.template.wait_bounds.max", nil, &c.Client.TemplateConfig.WaitBounds.MaxHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.WaitBounds.Max = d + }, + }, + {"client.template.consul_retry.backoff", nil, &c.Client.TemplateConfig.ConsulRetry.BackoffHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.ConsulRetry.Backoff = d + }, + }, + {"client.template.consul_retry.max_backoff", nil, &c.Client.TemplateConfig.ConsulRetry.MaxBackoffHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.ConsulRetry.MaxBackoff = d + }, + }, + {"client.template.vault_retry.backoff", nil, &c.Client.TemplateConfig.VaultRetry.BackoffHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.VaultRetry.Backoff = d + }, + }, + {"client.template.vault_retry.max_backoff", nil, &c.Client.TemplateConfig.VaultRetry.MaxBackoffHCL, + func(d *time.Duration) { + c.Client.TemplateConfig.VaultRetry.MaxBackoff = d + }, + }, } // Add enterprise audit sinks for time.Duration parsing for i, sink := range c.Audit.Sinks { - tds = append(tds, td{ - fmt.Sprintf("audit.sink.%d", i), &sink.RotateDuration, &sink.RotateDurationHCL, - }) + tds = append(tds, durationConversionMap{ + fmt.Sprintf("audit.sink.%d", i), &sink.RotateDuration, &sink.RotateDurationHCL, nil}) } // convert strings to time.Durations - err = durations(tds) + err = convertDurations(tds) if err != nil { return nil, err } @@ -83,27 +141,39 @@ func ParseConfigFile(path string) (*Config, error) { return nil, err } + // Set client template config or its members to nil if not set. + finalizeClientTemplateConfig(c) + return c, nil } -// td holds args for one duration conversion -type td struct { - path string - td *time.Duration - str *string +// durationConversionMap holds args for one duration conversion +type durationConversionMap struct { + targetFieldPath string + targetField *time.Duration + sourceField *string + setFunc func(*time.Duration) } -// durations parses the duration strings specified in the config files +// convertDurations parses the duration strings specified in the config files // into time.Durations -func durations(xs []td) error { +func convertDurations(xs []durationConversionMap) error { for _, x := range xs { - if x.td != nil && x.str != nil && "" != *x.str { - d, err := time.ParseDuration(*x.str) + // if targetField is not a pointer itself, use the field map. + if x.targetField != nil && x.sourceField != nil && "" != *x.sourceField { + d, err := time.ParseDuration(*x.sourceField) if err != nil { - return fmt.Errorf("%s can't parse time duration %s", x.path, *x.str) + return fmt.Errorf("%s can't parse time duration %s", x.targetFieldPath, *x.sourceField) } - *x.td = d + *x.targetField = d + } else if x.setFunc != nil && x.sourceField != nil && "" != *x.sourceField { + // if targetField is a pointer itself, use the setFunc closure. + d, err := time.ParseDuration(*x.sourceField) + if err != nil { + return fmt.Errorf("%s can't parse time duration %s", x.targetFieldPath, *x.sourceField) + } + x.setFunc(&d) } } @@ -168,3 +238,29 @@ func extraKeys(c *Config) error { return helper.UnusedKeys(c) } + +// hcl.Decode will error if the ClientTemplateConfig isn't initialized with empty +// structs, however downstream code expect nils if the struct only contains fields +// with the zero value for its type. This function nils out type members that are +// structs where all the member fields are just the zero value for its type. +func finalizeClientTemplateConfig(config *Config) { + if config.Client.TemplateConfig.Wait.IsEmpty() { + config.Client.TemplateConfig.Wait = nil + } + + if config.Client.TemplateConfig.WaitBounds.IsEmpty() { + config.Client.TemplateConfig.WaitBounds = nil + } + + if config.Client.TemplateConfig.ConsulRetry.IsEmpty() { + config.Client.TemplateConfig.ConsulRetry = nil + } + + if config.Client.TemplateConfig.VaultRetry.IsEmpty() { + config.Client.TemplateConfig.VaultRetry = nil + } + + if config.Client.TemplateConfig.IsEmpty() { + config.Client.TemplateConfig = nil + } +} diff --git a/command/agent/config_test.go b/command/agent/config_test.go index 8bb39a98fed..92b90fe0865 100644 --- a/command/agent/config_test.go +++ b/command/agent/config_test.go @@ -13,6 +13,7 @@ import ( "time" sockaddr "github.com/hashicorp/go-sockaddr" + client "github.com/hashicorp/nomad/client/config" "github.com/hashicorp/nomad/client/testutil" "github.com/hashicorp/nomad/helper" "github.com/hashicorp/nomad/helper/freeport" @@ -115,7 +116,7 @@ func TestConfig_Merge(t *testing.T) { MaxKillTimeout: "20s", ClientMaxPort: 19996, DisableRemoteExec: false, - TemplateConfig: &ClientTemplateConfig{ + TemplateConfig: &client.ClientTemplateConfig{ FunctionDenylist: []string{"plugin"}, DisableSandbox: false, }, @@ -299,7 +300,7 @@ func TestConfig_Merge(t *testing.T) { MemoryMB: 105, MaxKillTimeout: "50s", DisableRemoteExec: false, - TemplateConfig: &ClientTemplateConfig{ + TemplateConfig: &client.ClientTemplateConfig{ FunctionDenylist: []string{"plugin"}, DisableSandbox: false, }, @@ -1315,3 +1316,54 @@ func TestEventBroker_Parse(t *testing.T) { require.Equal(20000, *result.EventBufferSize) } } + +func TestConfig_LoadConsulTemplateConfig(t *testing.T) { + defaultConfig := DefaultConfig() + // Test that loading without template config didn't create load errors + agentConfig, err := LoadConfig("test-resources/minimal_client.hcl") + require.NoError(t, err) + + // Test loading with this config didn't create load errors + agentConfig, err = LoadConfig("test-resources/client_with_template.hcl") + require.NoError(t, err) + + agentConfig = defaultConfig.Merge(agentConfig) + + clientAgent := Agent{config: agentConfig} + clientConfig, err := clientAgent.clientConfig() + require.NoError(t, err) + + templateConfig := clientConfig.TemplateConfig + + // Make sure all fields to test are set + require.NotNil(t, templateConfig.BlockQueryWaitTime) + require.NotNil(t, templateConfig.MaxStale) + require.NotNil(t, templateConfig.Wait) + require.NotNil(t, templateConfig.WaitBounds) + require.NotNil(t, templateConfig.ConsulRetry) + require.NotNil(t, templateConfig.VaultRetry) + + // Direct properties + require.Equal(t, 300*time.Second, *templateConfig.MaxStale) + require.Equal(t, 90*time.Second, *templateConfig.BlockQueryWaitTime) + // Wait + require.True(t, *templateConfig.Wait.Enabled) + require.Equal(t, 2*time.Second, *templateConfig.Wait.Min) + require.Equal(t, 60*time.Second, *templateConfig.Wait.Max) + // WaitBounds + require.True(t, *templateConfig.WaitBounds.Enabled) + require.Equal(t, 2*time.Second, *templateConfig.WaitBounds.Min) + require.Equal(t, 60*time.Second, *templateConfig.WaitBounds.Max) + // Consul Retry + require.NotNil(t, templateConfig.ConsulRetry) + require.True(t, *templateConfig.ConsulRetry.Enabled) + require.Equal(t, 5, *templateConfig.ConsulRetry.Attempts) + require.Equal(t, 5*time.Second, *templateConfig.ConsulRetry.Backoff) + require.Equal(t, 10*time.Second, *templateConfig.ConsulRetry.MaxBackoff) + // Vault Retry + require.NotNil(t, templateConfig.VaultRetry) + require.True(t, *templateConfig.VaultRetry.Enabled) + require.Equal(t, 10, *templateConfig.VaultRetry.Attempts) + require.Equal(t, 15*time.Second, *templateConfig.VaultRetry.Backoff) + require.Equal(t, 20*time.Second, *templateConfig.VaultRetry.MaxBackoff) +} From 289bf122bed25a1f1eacca820ff06ac5fa21de0d Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Fri, 17 Dec 2021 04:34:46 -0500 Subject: [PATCH 04/15] Add WaitConfig; Add Wait field to Template; Add and update diff, copy, equals, canonicalize; --- jobspec2/parse_test.go | 21 +++ .../test-fixtures/template-wait-config.hcl | 13 ++ nomad/structs/diff.go | 146 +++++++++++++++++- nomad/structs/diff_test.go | 82 ++++++++-- nomad/structs/structs.go | 72 ++++++++- nomad/structs/structs_test.go | 103 ++++++++++++ scheduler/util_test.go | 26 ++++ 7 files changed, 443 insertions(+), 20 deletions(-) create mode 100644 jobspec2/test-fixtures/template-wait-config.hcl diff --git a/jobspec2/parse_test.go b/jobspec2/parse_test.go index 13e877325ca..8f5960b8876 100644 --- a/jobspec2/parse_test.go +++ b/jobspec2/parse_test.go @@ -5,6 +5,7 @@ import ( "os" "strings" "testing" + "time" "github.com/hashicorp/nomad/api" "github.com/hashicorp/nomad/jobspec" @@ -950,3 +951,23 @@ func TestParseServiceCheck(t *testing.T) { require.Equal(t, expectedJob, parsedJob) } + +func TestWaitConfig(t *testing.T) { + hclBytes, err := os.ReadFile("test-fixtures/template-wait-config.hcl") + require.NoError(t, err) + + job, err := ParseWithConfig(&ParseConfig{ + Path: "test-fixtures/template-wait-config.hcl", + Body: hclBytes, + AllowFS: false, + }) + + require.NoError(t, err) + + tmpl := job.TaskGroups[0].Tasks[0].Templates[0] + require.NotNil(t, tmpl) + require.NotNil(t, tmpl.Wait) + require.True(t, *tmpl.Wait.Enabled) + require.Equal(t, 5*time.Second, *tmpl.Wait.Min) + require.Equal(t, 60*time.Second, *tmpl.Wait.Max) +} diff --git a/jobspec2/test-fixtures/template-wait-config.hcl b/jobspec2/test-fixtures/template-wait-config.hcl new file mode 100644 index 00000000000..ebcec00332f --- /dev/null +++ b/jobspec2/test-fixtures/template-wait-config.hcl @@ -0,0 +1,13 @@ +job "example" { + group "group" { + task "task" { + template { + wait { + enabled = true + min = "5s" + max = "60s" + } + } + } + } +} diff --git a/nomad/structs/diff.go b/nomad/structs/diff.go index d0f9e5bb227..81cc2218199 100644 --- a/nomad/structs/diff.go +++ b/nomad/structs/diff.go @@ -525,12 +525,7 @@ func (t *Task) Diff(other *Task, contextual bool) (*TaskDiff, error) { } // Template diff - tmplDiffs := primitiveObjectSetDiff( - interfaceSlice(t.Templates), - interfaceSlice(other.Templates), - nil, - "Template", - contextual) + tmplDiffs := templateDiffs(t.Templates, other.Templates, contextual) if tmplDiffs != nil { diff.Objects = append(diff.Objects, tmplDiffs...) } @@ -1607,6 +1602,145 @@ func vaultDiff(old, new *Vault, contextual bool) *ObjectDiff { return diff } +// waitConfigDiff returns the diff of two WaitConfig objects. If contextual diff is +// enabled, all fields will be returned, even if no diff occurred. +func waitConfigDiff(old, new *WaitConfig, contextual bool) *ObjectDiff { + diff := &ObjectDiff{Type: DiffTypeNone, Name: "Template"} + var oldPrimitiveFlat, newPrimitiveFlat map[string]string + + if reflect.DeepEqual(old, new) { + return nil + } else if old == nil { + diff.Type = DiffTypeAdded + newPrimitiveFlat = flatmap.Flatten(new, nil, false) + } else if new == nil { + diff.Type = DiffTypeDeleted + oldPrimitiveFlat = flatmap.Flatten(old, nil, false) + } else { + diff.Type = DiffTypeEdited + oldPrimitiveFlat = flatmap.Flatten(old, nil, false) + newPrimitiveFlat = flatmap.Flatten(new, nil, false) + } + + // Diff the primitive fields. + diff.Fields = fieldDiffs(oldPrimitiveFlat, newPrimitiveFlat, contextual) + + return diff +} + +// templateDiff returns the diff of two Consul Template objects. If contextual diff is +// enabled, all fields will be returned, even if no diff occurred. +func templateDiff(old, new *Template, contextual bool) *ObjectDiff { + diff := &ObjectDiff{Type: DiffTypeNone, Name: "Template"} + var oldPrimitiveFlat, newPrimitiveFlat map[string]string + + if reflect.DeepEqual(old, new) { + return nil + } else if old == nil { + old = &Template{} + diff.Type = DiffTypeAdded + newPrimitiveFlat = flatmap.Flatten(new, nil, true) + } else if new == nil { + new = &Template{} + diff.Type = DiffTypeDeleted + oldPrimitiveFlat = flatmap.Flatten(old, nil, true) + } else { + diff.Type = DiffTypeEdited + oldPrimitiveFlat = flatmap.Flatten(old, nil, true) + newPrimitiveFlat = flatmap.Flatten(new, nil, true) + } + + // Diff the primitive fields. + diff.Fields = fieldDiffs(oldPrimitiveFlat, newPrimitiveFlat, contextual) + + // WaitConfig diffs + if waitDiffs := waitConfigDiff(old.Wait, new.Wait, contextual); waitDiffs != nil { + diff.Objects = append(diff.Objects, waitDiffs) + } + + return diff +} + +// templateDiffs returns the diff of two Consul Template slices. If contextual diff is +// enabled, all fields will be returned, even if no diff occurred. +// serviceDiffs diffs a set of services. If contextual diff is enabled, unchanged +// fields within objects nested in the tasks will be returned. +func templateDiffs(old, new []*Template, contextual bool) []*ObjectDiff { + // Handle trivial case. + if len(old) == 1 && len(new) == 1 { + if diff := templateDiff(old[0], new[0], contextual); diff != nil { + return []*ObjectDiff{diff} + } + return nil + } + + // For each template we will try to find a corresponding match in the other list. + // The following lists store the index of the matching template for each + // position of the inputs. + oldMatches := make([]int, len(old)) + newMatches := make([]int, len(new)) + + // Initialize all templates as unmatched. + for i := range oldMatches { + oldMatches[i] = -1 + } + for i := range newMatches { + newMatches[i] = -1 + } + + // Find a match in the new templates list for each old template and compute + // their diffs. + var diffs []*ObjectDiff + for oldIndex, oldTemplate := range old { + newIndex := findTemplateMatch(oldTemplate, new, newMatches) + + // Old templates that don't have a match were deleted. + if newIndex < 0 { + diff := templateDiff(oldTemplate, nil, contextual) + diffs = append(diffs, diff) + continue + } + + // If A matches B then B matches A. + oldMatches[oldIndex] = newIndex + newMatches[newIndex] = oldIndex + + newTemplate := new[newIndex] + if diff := templateDiff(oldTemplate, newTemplate, contextual); diff != nil { + diffs = append(diffs, diff) + } + } + + // New templates without match were added. + for i, m := range newMatches { + if m == -1 { + diff := templateDiff(nil, new[i], contextual) + diffs = append(diffs, diff) + } + } + + sort.Sort(ObjectDiffs(diffs)) + return diffs +} + +func findTemplateMatch(template *Template, newTemplates []*Template, newTemplateMatches []int) int { + indexMatch := -1 + + for i, newTemplate := range newTemplates { + // Skip template if it's already matched. + if newTemplateMatches[i] >= 0 { + continue + } + + if template.DiffID() == newTemplate.DiffID() { + indexMatch = i + break + } + } + + return indexMatch +} + // parameterizedJobDiff returns the diff of two parameterized job objects. If // contextual diff is enabled, all fields will be returned, even if no diff // occurred. diff --git a/nomad/structs/diff_test.go b/nomad/structs/diff_test.go index bfb2f960b22..3ec739ec2d9 100644 --- a/nomad/structs/diff_test.go +++ b/nomad/structs/diff_test.go @@ -6908,6 +6908,11 @@ func TestTaskDiff(t *testing.T) { ChangeSignal: "SIGHUP", Splay: 1, Perms: "0644", + Wait: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), + }, }, { SourcePath: "foo2", @@ -6931,6 +6936,11 @@ func TestTaskDiff(t *testing.T) { ChangeSignal: "SIGHUP", Splay: 1, Perms: "0644", + Wait: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, }, { SourcePath: "foo3", @@ -6940,6 +6950,11 @@ func TestTaskDiff(t *testing.T) { ChangeSignal: "SIGHUP3", Splay: 3, Perms: "0776", + Wait: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, }, }, }, @@ -6957,6 +6972,20 @@ func TestTaskDiff(t *testing.T) { New: "baz new", }, }, + Objects: []*ObjectDiff{ + { + Type: DiffTypeEdited, + Name: "Template", + Fields: []*FieldDiff{ + { + Type: DiffTypeEdited, + Name: "Max", + Old: "5000000000", + New: "10000000000", + }, + }, + }, + }, }, { Type: DiffTypeAdded, @@ -7017,6 +7046,32 @@ func TestTaskDiff(t *testing.T) { New: "0", }, }, + Objects: []*ObjectDiff{ + { + Type: DiffTypeAdded, + Name: "Template", + Fields: []*FieldDiff{ + { + Type: DiffTypeAdded, + Name: "Enabled", + Old: "", + New: "true", + }, + { + Type: DiffTypeAdded, + Name: "Max", + Old: "", + New: "10000000000", + }, + { + Type: DiffTypeAdded, + Name: "Min", + Old: "", + New: "5000000000", + }, + }, + }, + }, }, { Type: DiffTypeDeleted, @@ -7198,17 +7253,22 @@ func TestTaskDiff(t *testing.T) { } for i, c := range cases { - t.Run(c.Name, func(t *testing.T) { - t.Logf("running case: %d %v", i, c.Name) - - actual, err := c.Old.Diff(c.New, c.Contextual) - if c.Error { - require.Error(t, err) - } else { - require.NoError(t, err) - require.Equal(t, c.Expected, actual) - } - }) + //t.Run(c.Name, func(t *testing.T) { + t.Logf("running case: %d %v", i, c.Name) + if c.Name == "Template edited" { + t.Logf("got here") + } + actual, err := c.Old.Diff(c.New, c.Contextual) + if c.Name == "Template edited" { + t.Logf("%v", actual) + } + if c.Error { + require.Error(t, err) + } else { + require.NoError(t, err) + require.Equal(t, c.Expected, actual) + } + //}) } } diff --git a/nomad/structs/structs.go b/nomad/structs/structs.go index 50f9f640b7c..1a62e9b5480 100644 --- a/nomad/structs/structs.go +++ b/nomad/structs/structs.go @@ -7426,6 +7426,9 @@ type Template struct { // acquired. // COMPAT(0.12) VaultGrace has been ignored by Vault since Vault v0.5. VaultGrace time.Duration + + // WaitConfig is used to override the global WaitConfig on a per-template basis + Wait *WaitConfig } // DefaultTemplate returns a default template. @@ -7441,9 +7444,14 @@ func (t *Template) Copy() *Template { if t == nil { return nil } - copy := new(Template) - *copy = *t - return copy + nt := new(Template) + *nt = *t + + if t.Wait != nil { + nt.Wait = t.Wait.Copy() + } + + return nt } func (t *Template) Canonicalize() { @@ -7499,6 +7507,10 @@ func (t *Template) Validate() error { } } + if err = t.Wait.Validate(); err != nil { + _ = multierror.Append(&mErr, err) + } + return mErr.ErrorOrNil() } @@ -7518,6 +7530,60 @@ func (t *Template) DiffID() string { return t.DestPath } +// WaitConfig is the Min/Max duration used by the Consul Template Watcher. Consul +// Template relies on pointer based business logic. This struct uses points so +// that we tell the different between zero values and unset values. +type WaitConfig struct { + Enabled *bool + Min *time.Duration + Max *time.Duration +} + +// Copy returns a deep copy of this configuration. +func (wc *WaitConfig) Copy() *WaitConfig { + if wc == nil { + return nil + } + + nwc := new(WaitConfig) + + if wc.Enabled != nil { + nwc.Enabled = &*wc.Enabled + } + + if wc.Min != nil { + nwc.Min = &*wc.Min + } + + if wc.Max != nil { + nwc.Max = &*wc.Max + } + + return nwc +} + +func (wc *WaitConfig) Equals(o *WaitConfig) bool { + return reflect.DeepEqual(wc, o) +} + +// Validate that the min is not greater than the max +func (wc *WaitConfig) Validate() error { + if wc == nil { + return nil + } + + // If either one is nil, they aren't comparable, so they can't be invalid. + if wc.Min == nil || wc.Max == nil { + return nil + } + + if *wc.Min > *wc.Max { + return fmt.Errorf("wait min %s is greater than max %s", wc.Min, wc.Max) + } + + return nil +} + // AllocState records a single event that changes the state of the whole allocation type AllocStateField uint8 diff --git a/nomad/structs/structs_test.go b/nomad/structs/structs_test.go index b595b419b0a..e105d15701c 100644 --- a/nomad/structs/structs_test.go +++ b/nomad/structs/structs_test.go @@ -10,6 +10,7 @@ import ( "github.com/hashicorp/consul/api" "github.com/hashicorp/go-multierror" + "github.com/hashicorp/nomad/helper" "github.com/hashicorp/nomad/helper/uuid" "github.com/kr/pretty" @@ -2542,6 +2543,48 @@ func TestTemplate_Validate(t *testing.T) { "as octal", }, }, + { + Tmpl: &Template{ + SourcePath: "foo", + DestPath: "local/foo", + ChangeMode: "noop", + Wait: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(10 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), + }, + }, + Fail: true, + ContainsErrs: []string{ + "greater than", + }, + }, + { + Tmpl: &Template{ + SourcePath: "foo", + DestPath: "local/foo", + ChangeMode: "noop", + Wait: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), + }, + }, + Fail: false, + }, + { + Tmpl: &Template{ + SourcePath: "foo", + DestPath: "local/foo", + ChangeMode: "noop", + Wait: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + }, + Fail: false, + }, } for i, c := range cases { @@ -2563,6 +2606,66 @@ func TestTemplate_Validate(t *testing.T) { } } +func TestTaskWaitConfig_Equals(t *testing.T) { + testCases := []struct { + name string + config *WaitConfig + expected *WaitConfig + }{ + { + name: "all-fields", + config: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + expected: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + }, + { + name: "no-fields", + config: &WaitConfig{}, + expected: &WaitConfig{}, + }, + { + name: "enabled-only", + config: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + }, + expected: &WaitConfig{ + Enabled: helper.BoolToPtr(true), + }, + }, + { + name: "min-only", + config: &WaitConfig{ + Min: helper.TimeToPtr(5 * time.Second), + }, + expected: &WaitConfig{ + Min: helper.TimeToPtr(5 * time.Second), + }, + }, + { + name: "max-only", + config: &WaitConfig{ + Max: helper.TimeToPtr(10 * time.Second), + }, + expected: &WaitConfig{ + Max: helper.TimeToPtr(10 * time.Second), + }, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + require.True(t, tc.config.Equals(tc.expected)) + }) + } +} + func TestConstraint_Validate(t *testing.T) { c := &Constraint{} err := c.Validate() diff --git a/scheduler/util_test.go b/scheduler/util_test.go index 7064c50ae67..c0ecc41e5b0 100644 --- a/scheduler/util_test.go +++ b/scheduler/util_test.go @@ -4,6 +4,7 @@ import ( "fmt" "reflect" "testing" + "time" "github.com/stretchr/testify/require" @@ -753,6 +754,31 @@ func TestTasksUpdated(t *testing.T) { j21.TaskGroups[0].Tasks[0].Resources.Cores = 4 require.True(t, tasksUpdated(j20, j21, name)) + // Compare identical Template wait configs + j22 := mock.Job() + j22.TaskGroups[0].Tasks[0].Templates = []*structs.Template{ + { + Wait: &structs.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), + }, + }, + } + j23 := mock.Job() + j23.TaskGroups[0].Tasks[0].Templates = []*structs.Template{ + { + Wait: &structs.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), + }, + }, + } + require.False(t, tasksUpdated(j22, j23, name)) + // Compare changed Template wait configs + j23.TaskGroups[0].Tasks[0].Templates[0].Wait.Max = helper.TimeToPtr(10 * time.Second) + require.True(t, tasksUpdated(j22, j23, name)) } func TestTasksUpdated_connectServiceUpdated(t *testing.T) { From fc0d8bf81749429bc9ebb967bed195b87ebe0647 Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Fri, 17 Dec 2021 04:37:07 -0500 Subject: [PATCH 05/15] Add WaitConfig to api; Add conversion method; --- api/tasks.go | 29 +++++ api/tasks_test.go | 104 ++++++++++++++++++ command/agent/job_endpoint.go | 16 +++ command/agent/job_endpoint_test.go | 10 ++ .../test-resources/client_with_template.hcl | 35 ++++++ .../agent/test-resources/minimal_client.hcl | 3 + 6 files changed, 197 insertions(+) create mode 100644 command/agent/test-resources/client_with_template.hcl create mode 100644 command/agent/test-resources/minimal_client.hcl diff --git a/api/tasks.go b/api/tasks.go index efc1b87af9d..7fdeaa54ff6 100644 --- a/api/tasks.go +++ b/api/tasks.go @@ -772,6 +772,31 @@ func (a *TaskArtifact) Canonicalize() { } } +// WaitConfig is the Min/Max duration to wait for the Consul cluster to reach a +// consistent state before attempting to render Templates. +type WaitConfig struct { + Enabled *bool `mapstructure:"bool" hcl:"enabled"` + Min *time.Duration `mapstructure:"min" hcl:"min"` + Max *time.Duration `mapstructure:"max" hcl:"max"` +} + +func (wc *WaitConfig) Copy() *WaitConfig { + if wc == nil { + return nil + } + + nwc := new(WaitConfig) + *nwc = *wc + + return nwc +} + +func (wc *WaitConfig) Canonicalize() { + if wc.Enabled == nil { + wc.Enabled = boolToPtr(false) + } +} + type Template struct { SourcePath *string `mapstructure:"source" hcl:"source,optional"` DestPath *string `mapstructure:"destination" hcl:"destination,optional"` @@ -784,6 +809,7 @@ type Template struct { RightDelim *string `mapstructure:"right_delimiter" hcl:"right_delimiter,optional"` Envvars *bool `mapstructure:"env" hcl:"env,optional"` VaultGrace *time.Duration `mapstructure:"vault_grace" hcl:"vault_grace,optional"` + Wait *WaitConfig `mapstructure:"wait" hcl:"wait,block"` } func (tmpl *Template) Canonicalize() { @@ -824,6 +850,9 @@ func (tmpl *Template) Canonicalize() { if tmpl.Envvars == nil { tmpl.Envvars = boolToPtr(false) } + if tmpl.Wait != nil { + tmpl.Wait.Canonicalize() + } //COMPAT(0.12) VaultGrace is deprecated and unused as of Vault 0.5 if tmpl.VaultGrace == nil { diff --git a/api/tasks_test.go b/api/tasks_test.go index b922123f7a1..19e8c3775bf 100644 --- a/api/tasks_test.go +++ b/api/tasks_test.go @@ -406,6 +406,110 @@ func TestTask_Canonicalize_TaskLifecycle(t *testing.T) { } } +func TestTask_Template_WaitConfig_Canonicalize_and_Copy(t *testing.T) { + taskWithWait := func(wc *WaitConfig) *Task { + return &Task{ + Templates: []*Template{ + { + Wait: wc, + }, + }, + } + } + + testCases := []struct { + name string + canonicalized *WaitConfig + copied *WaitConfig + task *Task + }{ + { + name: "all-fields", + task: taskWithWait(&WaitConfig{ + Enabled: boolToPtr(true), + Min: timeToPtr(5), + Max: timeToPtr(10), + }), + canonicalized: &WaitConfig{ + Enabled: boolToPtr(true), + Min: timeToPtr(5), + Max: timeToPtr(10), + }, + copied: &WaitConfig{ + Enabled: boolToPtr(true), + Min: timeToPtr(5), + Max: timeToPtr(10), + }, + }, + { + name: "no-fields", + task: taskWithWait(&WaitConfig{}), + canonicalized: &WaitConfig{ + Enabled: boolToPtr(false), + Min: nil, + Max: nil, + }, + copied: &WaitConfig{ + Enabled: nil, + Min: nil, + Max: nil, + }, + }, + { + name: "enabled-only", + task: taskWithWait(&WaitConfig{ + Enabled: boolToPtr(true), + }), + canonicalized: &WaitConfig{ + Enabled: boolToPtr(true), + }, + copied: &WaitConfig{ + Enabled: boolToPtr(true), + }, + }, + { + name: "min-only", + task: taskWithWait(&WaitConfig{ + Min: timeToPtr(5), + }), + canonicalized: &WaitConfig{ + Enabled: boolToPtr(false), + Min: timeToPtr(5), + }, + copied: &WaitConfig{ + Min: timeToPtr(5), + }, + }, + { + name: "max-only", + task: taskWithWait(&WaitConfig{ + Max: timeToPtr(10), + }), + canonicalized: &WaitConfig{ + Enabled: boolToPtr(false), + Max: timeToPtr(10), + }, + copied: &WaitConfig{ + Max: timeToPtr(10), + }, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + tg := &TaskGroup{ + Name: stringToPtr("foo"), + } + j := &Job{ + ID: stringToPtr("test"), + } + require.Equal(t, tc.copied, tc.task.Templates[0].Wait.Copy()) + tc.task.Canonicalize(tg, j) + require.Equal(t, tc.canonicalized, tc.task.Templates[0].Wait) + }) + } +} + // Ensures no regression on https://github.com/hashicorp/nomad/issues/3132 func TestTaskGroup_Canonicalize_Update(t *testing.T) { // Job with an Empty() Update diff --git a/command/agent/job_endpoint.go b/command/agent/job_endpoint.go index 8a9da76feba..52c9f9fdc0e 100644 --- a/command/agent/job_endpoint.go +++ b/command/agent/job_endpoint.go @@ -1147,6 +1147,7 @@ func ApiTaskToStructsTask(job *structs.Job, group *structs.TaskGroup, RightDelim: *template.RightDelim, Envvars: *template.Envvars, VaultGrace: *template.VaultGrace, + Wait: ApiWaitConfigToStructsWaitConfig(template.Wait), }) } } @@ -1165,6 +1166,21 @@ func ApiTaskToStructsTask(job *structs.Job, group *structs.TaskGroup, } } +// ApiWaitConfigToStructsWaitConfig is a copy and type conversion between the API +// representation of a WaitConfig from a struct representation of a WaitConfig. +// TODO: Need code review to see if there's any reason we can't just take the pointer. +func ApiWaitConfigToStructsWaitConfig(waitConfig *api.WaitConfig) *structs.WaitConfig { + if waitConfig == nil { + return nil + } + + return &structs.WaitConfig{ + Enabled: &*waitConfig.Enabled, + Min: &*waitConfig.Min, + Max: &*waitConfig.Max, + } +} + func ApiCSIPluginConfigToStructsCSIPluginConfig(apiConfig *api.TaskCSIPluginConfig) *structs.TaskCSIPluginConfig { if apiConfig == nil { return nil diff --git a/command/agent/job_endpoint_test.go b/command/agent/job_endpoint_test.go index 841090014b2..0f5fe39c592 100644 --- a/command/agent/job_endpoint_test.go +++ b/command/agent/job_endpoint_test.go @@ -2498,6 +2498,11 @@ func TestJobs_ApiJobToStructsJob(t *testing.T) { LeftDelim: helper.StringToPtr("abc"), RightDelim: helper.StringToPtr("def"), Envvars: helper.BoolToPtr(true), + Wait: &api.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, }, }, DispatchPayload: &api.DispatchPayloadConfig{ @@ -2891,6 +2896,11 @@ func TestJobs_ApiJobToStructsJob(t *testing.T) { LeftDelim: "abc", RightDelim: "def", Envvars: true, + Wait: &structs.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, }, }, DispatchPayload: &structs.DispatchPayloadConfig{ diff --git a/command/agent/test-resources/client_with_template.hcl b/command/agent/test-resources/client_with_template.hcl new file mode 100644 index 00000000000..1d4c2690b66 --- /dev/null +++ b/command/agent/test-resources/client_with_template.hcl @@ -0,0 +1,35 @@ +client { + enabled = true + + template { + max_stale = "300s" + block_query_wait = "90s" + + wait { + enabled = true + min = "2s" + max = "60s" + } + + wait_bounds { + enabled = true + min = "2s" + max = "60s" + } + + consul_retry { + enabled = true + attempts = 5 + backoff = "5s" + max_backoff = "10s" + } + + vault_retry { + enabled = true + attempts = 10 + backoff = "15s" + max_backoff = "20s" + } + } + +} diff --git a/command/agent/test-resources/minimal_client.hcl b/command/agent/test-resources/minimal_client.hcl new file mode 100644 index 00000000000..cae89867b8f --- /dev/null +++ b/command/agent/test-resources/minimal_client.hcl @@ -0,0 +1,3 @@ +client { + enabled = true +} From 21bc1cdba850ca737b71584eeb85ffdea2adc7fa Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Fri, 17 Dec 2021 04:48:39 -0500 Subject: [PATCH 06/15] Modify TaskTemplateManager to pass client and template level configuration and enforce operator defined wait bounds. --- .../taskrunner/template/template.go | 94 ++++++- .../taskrunner/template/template_test.go | 246 ++++++++++++++++++ 2 files changed, 337 insertions(+), 3 deletions(-) diff --git a/client/allocrunner/taskrunner/template/template.go b/client/allocrunner/taskrunner/template/template.go index 5c6202941c5..500f9d7de83 100644 --- a/client/allocrunner/taskrunner/template/template.go +++ b/client/allocrunner/taskrunner/template/template.go @@ -191,7 +191,7 @@ func (tm *TaskTemplateManager) Stop() { // run is the long lived loop that handles errors and templates being rendered func (tm *TaskTemplateManager) run() { - // Runner is nil if there is no templates + // Runner is nil if there are no templates if tm.runner == nil { // Unblock the start if there is nothing to do close(tm.config.UnblockCh) @@ -602,6 +602,14 @@ func parseTemplateConfigs(config *TaskTemplateManagerConfig) (map[*ctconf.Templa ct.SandboxPath = &config.TaskDir } + if tmpl.Wait != nil { + ct.Wait = &ctconf.WaitConfig{ + Enabled: tmpl.Wait.Enabled, + Min: tmpl.Wait.Min, + Max: tmpl.Wait.Max, + } + } + // Set the permissions if tmpl.Perms != "" { v, err := strconv.ParseUint(tmpl.Perms, 8, 12) @@ -635,13 +643,68 @@ func newRunnerConfig(config *TaskTemplateManagerConfig, } conf.Templates = &flat + // TODO: Code review this. It seems that this setting is only used to force + // errors in a specific test scenarios. We need to rethink implementation. // Force faster retries if config.retryRate != 0 { rate := config.retryRate conf.Consul.Retry.Backoff = &rate } - // Setup the Consul config + // Set the amount of time to do a blocking query for. + if cc.TemplateConfig.BlockQueryWaitTime != nil { + conf.BlockQueryWaitTime = cc.TemplateConfig.BlockQueryWaitTime + } + + // Set the stale-read threshold to allow queries to be served by followers + // if the last replicated data is within this bound. + if cc.TemplateConfig.MaxStale != nil { + conf.MaxStale = cc.TemplateConfig.MaxStale + } + + // Set the minimum and maximum amount of time to wait for the cluster to reach + // a consistent state before rendering a template. + if cc.TemplateConfig.Wait != nil { + // If somehow the WaitConfig wasn't set correctly upstream, return an error. + var err error + err = cc.TemplateConfig.Wait.Validate() + if err != nil { + return nil, err + } + conf.Wait, err = cc.TemplateConfig.Wait.ToConsulTemplate() + if err != nil { + return nil, err + } + } + + // Make sure any template specific configuration set by the job author is within + // the bounds set by the operator. + if cc.TemplateConfig.WaitBounds != nil && *cc.TemplateConfig.WaitBounds.Enabled { + // If somehow the WaitBounds weren't set correctly upstream, return an error. + err := cc.TemplateConfig.WaitBounds.Validate() + if err != nil { + return nil, err + } + + // Check and override with bounds + for _, tmpl := range *conf.Templates { + if tmpl.Wait == nil || !*tmpl.Wait.Enabled { + continue + } + if cc.TemplateConfig.WaitBounds.Min != nil { + if tmpl.Wait.Min != nil && *tmpl.Wait.Min < *cc.TemplateConfig.WaitBounds.Min { + tmpl.Wait.Min = &*cc.TemplateConfig.WaitBounds.Min + } + } + if cc.TemplateConfig.WaitBounds.Max != nil { + if tmpl.Wait.Max != nil && *tmpl.Wait.Max > *cc.TemplateConfig.WaitBounds.Max { + tmpl.Wait.Max = &*cc.TemplateConfig.WaitBounds.Max + } + } + } + } + + // Set up the Consul config if cc.ConsulConfig != nil { conf.Consul.Address = &cc.ConsulConfig.Addr conf.Consul.Token = &cc.ConsulConfig.Token @@ -675,6 +738,19 @@ func newRunnerConfig(config *TaskTemplateManagerConfig, Password: &parts[1], } } + + // Set the user-specified Consul RetryConfig + if cc.TemplateConfig.ConsulRetry != nil { + var err error + err = cc.TemplateConfig.ConsulRetry.Validate() + if err != nil { + return nil, err + } + conf.Consul.Retry, err = cc.TemplateConfig.ConsulRetry.ToConsulTemplate() + if err != nil { + return nil, err + } + } } // Get the Consul namespace from job/group config. This is the higher level @@ -683,7 +759,7 @@ func newRunnerConfig(config *TaskTemplateManagerConfig, conf.Consul.Namespace = &config.ConsulNamespace } - // Setup the Vault config + // Set up the Vault config // Always set these to ensure nothing is picked up from the environment emptyStr := "" conf.Vault.RenewToken = helper.BoolToPtr(false) @@ -724,6 +800,18 @@ func newRunnerConfig(config *TaskTemplateManagerConfig, ServerName: &emptyStr, } } + + // Set the user-specified Vault RetryConfig + if cc.TemplateConfig.VaultRetry != nil { + var err error + if err = cc.TemplateConfig.VaultRetry.Validate(); err != nil { + return nil, err + } + conf.Vault.Retry, err = cc.TemplateConfig.VaultRetry.ToConsulTemplate() + if err != nil { + return nil, err + } + } } conf.Finalize() diff --git a/client/allocrunner/taskrunner/template/template_test.go b/client/allocrunner/taskrunner/template/template_test.go index 32fa862a6cc..ac445b8db39 100644 --- a/client/allocrunner/taskrunner/template/template_test.go +++ b/client/allocrunner/taskrunner/template/template_test.go @@ -16,6 +16,7 @@ import ( "testing" "time" + templateconfig "github.com/hashicorp/consul-template/config" ctestutil "github.com/hashicorp/consul/sdk/testutil" "github.com/hashicorp/nomad/client/allocdir" "github.com/hashicorp/nomad/client/config" @@ -1914,3 +1915,248 @@ WAIT_LOOP: t.Fatalf("bad event, expected only 3 and 5 blocked got: %q", event.DisplayMessage) } } + +func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { + t.Parallel() + + testNS := "test-namespace" + + clientConfig := config.DefaultConfig() + clientConfig.Node = mock.Node() + + clientConfig.VaultConfig = &sconfig.VaultConfig{ + Enabled: helper.BoolToPtr(true), + Namespace: testNS, + } + + clientConfig.ConsulConfig = &sconfig.ConsulConfig{ + Namespace: testNS, + } + + // helper to reduce boilerplate + waitConfig := &config.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + } + // helper to reduce boilerplate + retryConfig := &config.RetryConfig{ + Attempts: helper.IntToPtr(5), + Backoff: helper.TimeToPtr(5 * time.Second), + MaxBackoff: helper.TimeToPtr(20 * time.Second), + Enabled: helper.BoolToPtr(true), + } + + clientConfig.TemplateConfig.MaxStale = helper.TimeToPtr(5 * time.Second) + clientConfig.TemplateConfig.BlockQueryWaitTime = helper.TimeToPtr(60 * time.Second) + clientConfig.TemplateConfig.Wait = waitConfig.Copy() + clientConfig.TemplateConfig.ConsulRetry = retryConfig.Copy() + clientConfig.TemplateConfig.VaultRetry = retryConfig.Copy() + + alloc := mock.Alloc() + allocWithOverride := mock.Alloc() + allocWithOverride.Job.TaskGroups[0].Tasks[0].Templates = []*structs.Template{ + { + Wait: &structs.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(2 * time.Second), + Max: helper.TimeToPtr(12 * time.Second), + }, + }, + } + + cases := []struct { + Name string + ClientTemplateConfig *config.ClientTemplateConfig + TTMConfig *TaskTemplateManagerConfig + ExpectedRunnerConfig *config.Config + ExpectedTemplateConfig *templateconfig.TemplateConfig + }{ + { + "basic-wait-config", + &config.ClientTemplateConfig{ + MaxStale: helper.TimeToPtr(5 * time.Second), + BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), + Wait: waitConfig.Copy(), + ConsulRetry: retryConfig.Copy(), + VaultRetry: retryConfig.Copy(), + }, + &TaskTemplateManagerConfig{ + ClientConfig: clientConfig, + VaultToken: "token", + EnvBuilder: taskenv.NewBuilder(clientConfig.Node, alloc, alloc.Job.TaskGroups[0].Tasks[0], clientConfig.Region), + }, + &config.Config{ + TemplateConfig: &config.ClientTemplateConfig{ + MaxStale: helper.TimeToPtr(5 * time.Second), + BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), + Wait: waitConfig.Copy(), + ConsulRetry: retryConfig.Copy(), + VaultRetry: retryConfig.Copy(), + }, + }, + &templateconfig.TemplateConfig{ + Wait: &templateconfig.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + }, + }, + { + "template-override", + &config.ClientTemplateConfig{ + MaxStale: helper.TimeToPtr(5 * time.Second), + BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), + Wait: waitConfig.Copy(), + ConsulRetry: retryConfig.Copy(), + VaultRetry: retryConfig.Copy(), + }, + &TaskTemplateManagerConfig{ + ClientConfig: clientConfig, + VaultToken: "token", + EnvBuilder: taskenv.NewBuilder(clientConfig.Node, allocWithOverride, allocWithOverride.Job.TaskGroups[0].Tasks[0], clientConfig.Region), + }, + &config.Config{ + TemplateConfig: &config.ClientTemplateConfig{ + MaxStale: helper.TimeToPtr(5 * time.Second), + BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), + Wait: waitConfig.Copy(), + ConsulRetry: retryConfig.Copy(), + VaultRetry: retryConfig.Copy(), + }, + }, + &templateconfig.TemplateConfig{ + Wait: &templateconfig.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(2 * time.Second), + Max: helper.TimeToPtr(12 * time.Second), + }, + }, + }, + { + "bounds-override", + &config.ClientTemplateConfig{ + MaxStale: helper.TimeToPtr(5 * time.Second), + BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), + Wait: waitConfig.Copy(), + WaitBounds: &config.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(3 * time.Second), + Max: helper.TimeToPtr(11 * time.Second), + }, + ConsulRetry: retryConfig.Copy(), + VaultRetry: retryConfig.Copy(), + }, + &TaskTemplateManagerConfig{ + ClientConfig: clientConfig, + VaultToken: "token", + EnvBuilder: taskenv.NewBuilder(clientConfig.Node, allocWithOverride, allocWithOverride.Job.TaskGroups[0].Tasks[0], clientConfig.Region), + Templates: []*structs.Template{ + { + Wait: &structs.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(2 * time.Second), + Max: helper.TimeToPtr(12 * time.Second), + }, + }, + }, + }, + &config.Config{ + TemplateConfig: &config.ClientTemplateConfig{ + MaxStale: helper.TimeToPtr(5 * time.Second), + BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), + Wait: waitConfig.Copy(), + WaitBounds: &config.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(3 * time.Second), + Max: helper.TimeToPtr(11 * time.Second), + }, + ConsulRetry: retryConfig.Copy(), + VaultRetry: retryConfig.Copy(), + }, + }, + &templateconfig.TemplateConfig{ + Wait: &templateconfig.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(3 * time.Second), + Max: helper.TimeToPtr(11 * time.Second), + }, + }, + }, + } + + for _, _case := range cases { + t.Run(_case.Name, func(t *testing.T) { + // monkey patch the client config with the version of the ClientTemplateConfig we want to test. + _case.TTMConfig.ClientConfig.TemplateConfig = _case.ClientTemplateConfig + templateMapping, err := parseTemplateConfigs(_case.TTMConfig) + require.NoError(t, err) + + runnerConfig, err := newRunnerConfig(_case.TTMConfig, templateMapping) + require.NoError(t, err) + + // Direct properties + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.MaxStale, *runnerConfig.MaxStale) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.BlockQueryWaitTime, *runnerConfig.BlockQueryWaitTime) + // WaitConfig + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.Wait.Enabled, *runnerConfig.Wait.Enabled) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.Wait.Min, *runnerConfig.Wait.Min) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.Wait.Max, *runnerConfig.Wait.Max) + // Consul Retry + require.NotNil(t, runnerConfig.Consul) + require.NotNil(t, runnerConfig.Consul.Retry) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.Enabled, *runnerConfig.Consul.Retry.Enabled) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.Attempts, *runnerConfig.Consul.Retry.Attempts) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.Backoff, *runnerConfig.Consul.Retry.Backoff) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.MaxBackoff, *runnerConfig.Consul.Retry.MaxBackoff) + // Vault Retry + require.NotNil(t, runnerConfig.Vault) + require.NotNil(t, runnerConfig.Vault.Retry) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.Enabled, *runnerConfig.Vault.Retry.Enabled) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.Attempts, *runnerConfig.Vault.Retry.Attempts) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.Backoff, *runnerConfig.Vault.Retry.Backoff) + require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.MaxBackoff, *runnerConfig.Vault.Retry.MaxBackoff) + + // Test that wait_bounds are enforced + for _, tmpl := range *runnerConfig.Templates { + require.Equal(t, *_case.ExpectedTemplateConfig.Wait.Enabled, *tmpl.Wait.Enabled) + require.Equal(t, *_case.ExpectedTemplateConfig.Wait.Min, *tmpl.Wait.Min) + require.Equal(t, *_case.ExpectedTemplateConfig.Wait.Max, *tmpl.Wait.Max) + } + }) + } +} + +func TestTaskTemplateManager_Template_Wait_Set(t *testing.T) { + t.Parallel() + + c := config.DefaultConfig() + c.Node = mock.Node() + + alloc := mock.Alloc() + + ttmConfig := &TaskTemplateManagerConfig{ + ClientConfig: c, + VaultToken: "token", + EnvBuilder: taskenv.NewBuilder(c.Node, alloc, alloc.Job.TaskGroups[0].Tasks[0], c.Region), + Templates: []*structs.Template{ + { + Wait: &structs.WaitConfig{ + Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), + }, + }, + }, + } + + ctmplMapping, err := parseTemplateConfigs(ttmConfig) + require.NoError(t, err) + + for k, _ := range ctmplMapping { + require.True(t, *k.Wait.Enabled) + require.Equal(t, 5*time.Second, *k.Wait.Min) + require.Equal(t, 10*time.Second, *k.Wait.Max) + } +} From e5620ce0188cf28afbd9b301fca18ba4c763102b Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Mon, 20 Dec 2021 05:33:07 -0500 Subject: [PATCH 07/15] Add comments to tests; Make variable naming consistent across tests; --- .../allocrunner/taskrunner/template/template_test.go | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/client/allocrunner/taskrunner/template/template_test.go b/client/allocrunner/taskrunner/template/template_test.go index ac445b8db39..5e7f2f60027 100644 --- a/client/allocrunner/taskrunner/template/template_test.go +++ b/client/allocrunner/taskrunner/template/template_test.go @@ -1916,6 +1916,9 @@ WAIT_LOOP: } } +// TestTaskTemplateManager_ClientTemplateConfig_Set asserts that all client level +// configuration is accurately mapped from the client to the TaskTemplateManager +// and that any operator defined boundaries are enforced. func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { t.Parallel() @@ -2128,6 +2131,9 @@ func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { } } +// TestTaskTemplateManager_Template_Wait_Set asserts that all template level +// configuration is accurately mapped from the template to the TaskTemplateManager's +// template config. func TestTaskTemplateManager_Template_Wait_Set(t *testing.T) { t.Parallel() @@ -2151,10 +2157,10 @@ func TestTaskTemplateManager_Template_Wait_Set(t *testing.T) { }, } - ctmplMapping, err := parseTemplateConfigs(ttmConfig) + templateMapping, err := parseTemplateConfigs(ttmConfig) require.NoError(t, err) - for k, _ := range ctmplMapping { + for k, _ := range templateMapping { require.True(t, *k.Wait.Enabled) require.Equal(t, 5*time.Second, *k.Wait.Min) require.Equal(t, 10*time.Second, *k.Wait.Max) From 5e89ebaf38e0d343d362662eb7fb240011cc219e Mon Sep 17 00:00:00 2001 From: Derek Strickland <1111455+DerekStrickland@users.noreply.github.com> Date: Mon, 3 Jan 2022 08:45:00 -0500 Subject: [PATCH 08/15] Apply suggestions from code review Co-authored-by: Tim Gross --- .changelog/11606.txt | 6 +++--- client/config/config.go | 2 +- command/agent/agent.go | 1 - command/agent/job_endpoint.go | 1 - nomad/structs/structs.go | 2 +- website/content/docs/configuration/client.mdx | 2 +- 6 files changed, 6 insertions(+), 8 deletions(-) diff --git a/.changelog/11606.txt b/.changelog/11606.txt index cae81ce0d06..6798ace6a22 100644 --- a/.changelog/11606.txt +++ b/.changelog/11606.txt @@ -1,6 +1,6 @@ ```release-note:improvement -core: Expose consul-template configuration options at the client level for consul_retry, -vault_retry, max_stale, block_query_wait and wait. Expose per template configuration -for wait that will override the client level configuration. Add wait_bounds to +core: Expose consul-template configuration options at the client level for `consul_retry`, +`vault_retry`, `max_stale`, `block_query_wait` and `wait`. Expose per-template configuration +for wait that will override the client level configuration. Add `wait_bounds` to allow operators to constrain per-template overrides at the client level. ``` diff --git a/client/config/config.go b/client/config/config.go index 448b40ed81f..c5652e9400d 100644 --- a/client/config/config.go +++ b/client/config/config.go @@ -507,7 +507,7 @@ func (wc *WaitConfig) IsEmpty() bool { } // Validate returns an error if the receiver is nil or empty or if Min is greater -// than Max the user specified Max, or if the user didn't specify a Max. +// than Max the user specified Max. func (wc *WaitConfig) Validate() error { // If the config is nil or empty return false so that it is never assigned. if wc == nil || wc.IsEmpty() { diff --git a/command/agent/agent.go b/command/agent/agent.go index 85fa645bd14..0f0af47ce67 100644 --- a/command/agent/agent.go +++ b/command/agent/agent.go @@ -404,7 +404,6 @@ func convertServerConfig(agentConfig *Config) (*nomad.Config, error) { conf.StatsCollectionInterval = agentConfig.Telemetry.collectionInterval conf.DisableDispatchedJobSummaryMetrics = agentConfig.Telemetry.DisableDispatchedJobSummaryMetrics - // Parse Limits timeout from a string into convertDurations if d, err := time.ParseDuration(agentConfig.Limits.RPCHandshakeTimeout); err != nil { return nil, fmt.Errorf("error parsing rpc_handshake_timeout: %v", err) } else if d < 0 { diff --git a/command/agent/job_endpoint.go b/command/agent/job_endpoint.go index 52c9f9fdc0e..fba16713670 100644 --- a/command/agent/job_endpoint.go +++ b/command/agent/job_endpoint.go @@ -1168,7 +1168,6 @@ func ApiTaskToStructsTask(job *structs.Job, group *structs.TaskGroup, // ApiWaitConfigToStructsWaitConfig is a copy and type conversion between the API // representation of a WaitConfig from a struct representation of a WaitConfig. -// TODO: Need code review to see if there's any reason we can't just take the pointer. func ApiWaitConfigToStructsWaitConfig(waitConfig *api.WaitConfig) *structs.WaitConfig { if waitConfig == nil { return nil diff --git a/nomad/structs/structs.go b/nomad/structs/structs.go index 1a62e9b5480..3430fd989a2 100644 --- a/nomad/structs/structs.go +++ b/nomad/structs/structs.go @@ -7531,7 +7531,7 @@ func (t *Template) DiffID() string { } // WaitConfig is the Min/Max duration used by the Consul Template Watcher. Consul -// Template relies on pointer based business logic. This struct uses points so +// Template relies on pointer based business logic. This struct uses pointers so // that we tell the different between zero values and unset values. type WaitConfig struct { Enabled *bool diff --git a/website/content/docs/configuration/client.mdx b/website/content/docs/configuration/client.mdx index 93f8a0ef65a..bf52ec83038 100644 --- a/website/content/docs/configuration/client.mdx +++ b/website/content/docs/configuration/client.mdx @@ -391,7 +391,7 @@ see the [drivers documentation](/docs/drivers). ``` - `block_query_wait` `(string: "60s")` - This is amount of time in seconds to wait - on a blocking query for. Many endpoints in Consul support a feature known as + for the results of a blocking query. Many endpoints in Consul support a feature known as "blocking queries". A blocking query is used to wait for a potential change using long polling. From 72370f9c9c0e7ec6f38b6ebd88580094f9041cf1 Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Wed, 5 Jan 2022 09:48:19 -0500 Subject: [PATCH 09/15] Clarify documentation; Refactor to manual Equals from reflect.DeepEquals; Remove test debug code; --- client/config/config.go | 8 ++--- command/agent/agent.go | 36 +------------------ nomad/structs/diff_test.go | 27 ++++++-------- nomad/structs/structs.go | 26 +++++++++++++- website/content/docs/configuration/client.mdx | 18 +++++----- .../docs/job-specification/template.mdx | 7 ++-- 6 files changed, 52 insertions(+), 70 deletions(-) diff --git a/client/config/config.go b/client/config/config.go index c5652e9400d..814c57ef11c 100644 --- a/client/config/config.go +++ b/client/config/config.go @@ -319,9 +319,9 @@ type ClientTemplateConfig struct { BlockQueryWaitTimeHCL string `hcl:"block_query_wait,optional"` // Wait is the quiescence timers; it defines the minimum and maximum amount of - // time to wait for the cluster to reach a consistent state before rendering a - // template. This is useful to enable in systems that have a lot of flapping, - // because it will reduce the number of times a template is rendered. + // time to wait for the Consul cluster to reach a consistent state before rendering a + // template. This is useful to enable in systems where Consul is experiencing + // a lot of flapping because it will reduce the number of times a template is rendered. Wait *WaitConfig `hcl:"wait,optional" json:"-"` // WaitBounds allows operators to define boundaries on individual template wait @@ -565,8 +565,6 @@ func (wc *WaitConfig) Merge(b *WaitConfig) *WaitConfig { } // ToConsulTemplate converts a client WaitConfig instance to a consul-template WaitConfig -// TODO: Needs code review. The caller (TaskTemplateManager) takes direct pointers -// to other configuration values. Need to make sure that desired here as well. func (wc *WaitConfig) ToConsulTemplate() (*config.WaitConfig, error) { if wc.IsEmpty() { return nil, errors.New("wait config is empty") diff --git a/command/agent/agent.go b/command/agent/agent.go index 0f0af47ce67..66408bc6ceb 100644 --- a/command/agent/agent.go +++ b/command/agent/agent.go @@ -595,42 +595,8 @@ func convertClientConfig(agentConfig *Config) (*clientconfig.Config, error) { conf.MinDynamicPort = agentConfig.Client.MinDynamicPort conf.DisableRemoteExec = agentConfig.Client.DisableRemoteExec - // TODO: Code review - Now that these aren't different types, would it be ok - // to just copy or directly reference the full struct instead of doing a field - // by field set? if agentConfig.Client.TemplateConfig != nil { - conf.TemplateConfig.DisableSandbox = agentConfig.Client.TemplateConfig.DisableSandbox - - // TODO: Code Review - Should these all be direct references or copies? Mixed right now. - if agentConfig.Client.TemplateConfig.MaxStale != nil { - conf.TemplateConfig.MaxStale = &*agentConfig.Client.TemplateConfig.MaxStale - } - - if agentConfig.Client.TemplateConfig.BlockQueryWaitTime != nil { - conf.TemplateConfig.BlockQueryWaitTime = &*agentConfig.Client.TemplateConfig.BlockQueryWaitTime - } - - if agentConfig.Client.TemplateConfig.FunctionBlacklist != nil { - conf.TemplateConfig.FunctionDenylist = agentConfig.Client.TemplateConfig.FunctionBlacklist - } else { - conf.TemplateConfig.FunctionDenylist = agentConfig.Client.TemplateConfig.FunctionDenylist - } - - if agentConfig.Client.TemplateConfig.Wait != nil { - conf.TemplateConfig.Wait = agentConfig.Client.TemplateConfig.Wait - } - - if agentConfig.Client.TemplateConfig.WaitBounds != nil { - conf.TemplateConfig.WaitBounds = agentConfig.Client.TemplateConfig.WaitBounds - } - - if agentConfig.Client.TemplateConfig.ConsulRetry != nil { - conf.TemplateConfig.ConsulRetry = agentConfig.Client.TemplateConfig.ConsulRetry - } - - if agentConfig.Client.TemplateConfig.VaultRetry != nil { - conf.TemplateConfig.VaultRetry = agentConfig.Client.TemplateConfig.VaultRetry - } + conf.TemplateConfig = agentConfig.Client.TemplateConfig.Copy() } hvMap := make(map[string]*structs.ClientHostVolumeConfig, len(agentConfig.Client.HostVolumes)) diff --git a/nomad/structs/diff_test.go b/nomad/structs/diff_test.go index 3ec739ec2d9..3d46b50ce99 100644 --- a/nomad/structs/diff_test.go +++ b/nomad/structs/diff_test.go @@ -7252,23 +7252,16 @@ func TestTaskDiff(t *testing.T) { }, } - for i, c := range cases { - //t.Run(c.Name, func(t *testing.T) { - t.Logf("running case: %d %v", i, c.Name) - if c.Name == "Template edited" { - t.Logf("got here") - } - actual, err := c.Old.Diff(c.New, c.Contextual) - if c.Name == "Template edited" { - t.Logf("%v", actual) - } - if c.Error { - require.Error(t, err) - } else { - require.NoError(t, err) - require.Equal(t, c.Expected, actual) - } - //}) + for _, c := range cases { + t.Run(c.Name, func(t *testing.T) { + actual, err := c.Old.Diff(c.New, c.Contextual) + if c.Error { + require.Error(t, err) + } else { + require.NoError(t, err) + require.Equal(t, c.Expected, actual) + } + }) } } diff --git a/nomad/structs/structs.go b/nomad/structs/structs.go index 3430fd989a2..73c4e854798 100644 --- a/nomad/structs/structs.go +++ b/nomad/structs/structs.go @@ -7563,7 +7563,31 @@ func (wc *WaitConfig) Copy() *WaitConfig { } func (wc *WaitConfig) Equals(o *WaitConfig) bool { - return reflect.DeepEqual(wc, o) + if wc.Enabled == nil && o.Enabled != nil { + return false + } + + if wc.Min == nil && o.Min != nil { + return false + } + + if wc.Max == nil && o.Max != nil { + return false + } + + if wc.Enabled != nil && (o.Enabled == nil || &*wc.Enabled != &*o.Enabled) { + return false + } + + if wc.Min != nil && (o.Min == nil || &*wc.Min != &*o.Min) { + return false + } + + if wc.Max != nil && (o.Max == nil || &*wc.Max != &*o.Max) { + return false + } + + return true } // Validate that the min is not greater than the max diff --git a/website/content/docs/configuration/client.mdx b/website/content/docs/configuration/client.mdx index bf52ec83038..f0210ba3b08 100644 --- a/website/content/docs/configuration/client.mdx +++ b/website/content/docs/configuration/client.mdx @@ -352,20 +352,20 @@ see the [drivers documentation](/docs/drivers). the host as root (unless Nomad is configured to run as a non-root user). - `disable_file_sandbox` `(bool: false)` - Allows templates access to arbitrary - files on the client host via the `file` function. By default templates can + files on the client host via the `file` function. By default, templates can access files only within the [task working directory]. -- `max_stale` `(string: "5s")` - # This is the maximum interval to allow "stale" - data. By default, only the Consul leader will respond to queries. Requests - to a follower will forward to the leader. In large clusters with many requests, - this is not as scalable, so this option allows any follower to respond to a query, - so long as the last-replicated data is within these bounds. Higher values result +- `max_stale` `(string: "")` - # This is the maximum interval to allow "stale" + data. By default, only the Consul leader will respond to queries. Requests to + a follower will forward to the leader. In large clusters with many requests, + this is not as scalable. This option allows any follower to respond to a query, + so long as the last-replicated data is within this bound. Higher values result in less cluster load, but are more likely to have outdated data. - `wait` `(Code: nil)` - Defines the minimum and maximum amount of time to wait - for the cluster to reach a consistent state before rendering a template. This - is useful to enable in systems that are experiencing a lot of flapping, because - it will reduce the number of times a template is rendered. This configuration is + for the Consul cluster to reach a consistent state before rendering a template. + This is useful to enable in systems where Consul is experiencing a lot of flapping, + because it will reduce the number of times a template is rendered. This configuration is also exposed at the _task level_ to allow overrides per task. ```hcl diff --git a/website/content/docs/job-specification/template.mdx b/website/content/docs/job-specification/template.mdx index e576006f403..08c51631ed5 100644 --- a/website/content/docs/job-specification/template.mdx +++ b/website/content/docs/job-specification/template.mdx @@ -96,9 +96,10 @@ README][ct]. Since Nomad v0.6.0, templates can be read as environment variables. time. - `wait` `(Code: nil)` - Defines the minimum and maximum amount of time to wait - for the cluster to reach a consistent state before rendering a template. This - is useful to enable in systems that are experiencing a lot of flapping, because - it will reduce the number of times a template is rendered. This is typically + for the Consul cluster to reach a consistent state before rendering a template. + This is useful to enable in systems where Consul is experiencing a lot of flapping, + because it will reduce the number of times a template is rendered. This configuration is + also exposed at the _task level_ to allow overrides per task. This is typically set globally in the client configuration, but can be overridden on per-template basis. Note that, this setting can be overridden by the `client.template.wait_bounds` setting. The `client.template.wait_bounds` setting defines a client level lower From 98573f6bb0677d2561f7dc9a701a8e88ac5aee07 Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Wed, 5 Jan 2022 14:35:47 -0500 Subject: [PATCH 10/15] Refactor tests to use Consul retry config instead of test-only field; fix bug in RetryConfig.Validate --- client/allocrunner/taskrunner/template/template.go | 11 ----------- .../allocrunner/taskrunner/template/template_test.go | 2 +- client/config/config.go | 4 ++-- 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/client/allocrunner/taskrunner/template/template.go b/client/allocrunner/taskrunner/template/template.go index 500f9d7de83..069513df78a 100644 --- a/client/allocrunner/taskrunner/template/template.go +++ b/client/allocrunner/taskrunner/template/template.go @@ -102,9 +102,6 @@ type TaskTemplateManagerConfig struct { // MaxTemplateEventRate is the maximum rate at which we should emit events. MaxTemplateEventRate time.Duration - - // retryRate is only used for testing and is used to increase the retry rate - retryRate time.Duration } // Validate validates the configuration. @@ -643,14 +640,6 @@ func newRunnerConfig(config *TaskTemplateManagerConfig, } conf.Templates = &flat - // TODO: Code review this. It seems that this setting is only used to force - // errors in a specific test scenarios. We need to rethink implementation. - // Force faster retries - if config.retryRate != 0 { - rate := config.retryRate - conf.Consul.Retry.Backoff = &rate - } - // Set the amount of time to do a blocking query for. if cc.TemplateConfig.BlockQueryWaitTime != nil { conf.BlockQueryWaitTime = cc.TemplateConfig.BlockQueryWaitTime diff --git a/client/allocrunner/taskrunner/template/template_test.go b/client/allocrunner/taskrunner/template/template_test.go index 5e7f2f60027..81b436b07cc 100644 --- a/client/allocrunner/taskrunner/template/template_test.go +++ b/client/allocrunner/taskrunner/template/template_test.go @@ -146,6 +146,7 @@ func newTestHarness(t *testing.T, templates []*structs.Template, consul, vault b TemplateConfig: &config.ClientTemplateConfig{ FunctionDenylist: []string{"plugin"}, DisableSandbox: false, + ConsulRetry: &config.RetryConfig{Backoff: helper.TimeToPtr(10 * time.Millisecond)}, }}, emitRate: DefaultMaxTemplateEventRate, } @@ -203,7 +204,6 @@ func (h *testHarness) startWithErr() error { TaskDir: h.taskDir, EnvBuilder: h.envBuilder, MaxTemplateEventRate: h.emitRate, - retryRate: 10 * time.Millisecond, }) return err diff --git a/client/config/config.go b/client/config/config.go index 814c57ef11c..765d03d6f60 100644 --- a/client/config/config.go +++ b/client/config/config.go @@ -675,11 +675,11 @@ func (rc *RetryConfig) Validate() error { } // MaxBackoff == 0 means backoff is unbounded. No need to validate. - if *rc.MaxBackoff == 0 { + if rc.MaxBackoff != nil && *rc.MaxBackoff == 0 { return nil } - if *rc.Backoff > *rc.MaxBackoff { + if rc.MaxBackoff != nil && *rc.Backoff > *rc.MaxBackoff { return fmt.Errorf("retry config backoff %d is greater than max_backoff %d", *rc.Backoff, *rc.MaxBackoff) } From 9f37ccd84252be00e0cf1a818130d7b7dcc5944b Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Wed, 5 Jan 2022 15:27:33 -0500 Subject: [PATCH 11/15] Remove enabled field on WaitConfig and RetryConfig --- api/tasks.go | 14 ++------------ api/tasks_test.go | 43 ++++++++++++------------------------------- 2 files changed, 14 insertions(+), 43 deletions(-) diff --git a/api/tasks.go b/api/tasks.go index 7fdeaa54ff6..10629aa2d2b 100644 --- a/api/tasks.go +++ b/api/tasks.go @@ -775,9 +775,8 @@ func (a *TaskArtifact) Canonicalize() { // WaitConfig is the Min/Max duration to wait for the Consul cluster to reach a // consistent state before attempting to render Templates. type WaitConfig struct { - Enabled *bool `mapstructure:"bool" hcl:"enabled"` - Min *time.Duration `mapstructure:"min" hcl:"min"` - Max *time.Duration `mapstructure:"max" hcl:"max"` + Min *time.Duration `mapstructure:"min" hcl:"min"` + Max *time.Duration `mapstructure:"max" hcl:"max"` } func (wc *WaitConfig) Copy() *WaitConfig { @@ -791,12 +790,6 @@ func (wc *WaitConfig) Copy() *WaitConfig { return nwc } -func (wc *WaitConfig) Canonicalize() { - if wc.Enabled == nil { - wc.Enabled = boolToPtr(false) - } -} - type Template struct { SourcePath *string `mapstructure:"source" hcl:"source,optional"` DestPath *string `mapstructure:"destination" hcl:"destination,optional"` @@ -850,9 +843,6 @@ func (tmpl *Template) Canonicalize() { if tmpl.Envvars == nil { tmpl.Envvars = boolToPtr(false) } - if tmpl.Wait != nil { - tmpl.Wait.Canonicalize() - } //COMPAT(0.12) VaultGrace is deprecated and unused as of Vault 0.5 if tmpl.VaultGrace == nil { diff --git a/api/tasks_test.go b/api/tasks_test.go index 19e8c3775bf..14ccf837e02 100644 --- a/api/tasks_test.go +++ b/api/tasks_test.go @@ -426,45 +426,28 @@ func TestTask_Template_WaitConfig_Canonicalize_and_Copy(t *testing.T) { { name: "all-fields", task: taskWithWait(&WaitConfig{ - Enabled: boolToPtr(true), - Min: timeToPtr(5), - Max: timeToPtr(10), + Min: timeToPtr(5), + Max: timeToPtr(10), }), canonicalized: &WaitConfig{ - Enabled: boolToPtr(true), - Min: timeToPtr(5), - Max: timeToPtr(10), + Min: timeToPtr(5), + Max: timeToPtr(10), }, copied: &WaitConfig{ - Enabled: boolToPtr(true), - Min: timeToPtr(5), - Max: timeToPtr(10), + Min: timeToPtr(5), + Max: timeToPtr(10), }, }, { name: "no-fields", task: taskWithWait(&WaitConfig{}), canonicalized: &WaitConfig{ - Enabled: boolToPtr(false), - Min: nil, - Max: nil, - }, - copied: &WaitConfig{ - Enabled: nil, - Min: nil, - Max: nil, - }, - }, - { - name: "enabled-only", - task: taskWithWait(&WaitConfig{ - Enabled: boolToPtr(true), - }), - canonicalized: &WaitConfig{ - Enabled: boolToPtr(true), + Min: nil, + Max: nil, }, copied: &WaitConfig{ - Enabled: boolToPtr(true), + Min: nil, + Max: nil, }, }, { @@ -473,8 +456,7 @@ func TestTask_Template_WaitConfig_Canonicalize_and_Copy(t *testing.T) { Min: timeToPtr(5), }), canonicalized: &WaitConfig{ - Enabled: boolToPtr(false), - Min: timeToPtr(5), + Min: timeToPtr(5), }, copied: &WaitConfig{ Min: timeToPtr(5), @@ -486,8 +468,7 @@ func TestTask_Template_WaitConfig_Canonicalize_and_Copy(t *testing.T) { Max: timeToPtr(10), }), canonicalized: &WaitConfig{ - Enabled: boolToPtr(false), - Max: timeToPtr(10), + Max: timeToPtr(10), }, copied: &WaitConfig{ Max: timeToPtr(10), From 46a3a7021302c7e2d421d32e4da98c33311d16cb Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Wed, 5 Jan 2022 15:58:04 -0500 Subject: [PATCH 12/15] Remove enabled field from WaitConfig and RetryConfig --- .../taskrunner/template/template.go | 8 +++- client/config/config.go | 40 ++++--------------- command/agent/config_test.go | 4 -- command/agent/job_endpoint.go | 5 +-- command/agent/job_endpoint_test.go | 10 ++--- .../test-resources/client_with_template.hcl | 12 ++---- jobspec2/parse_test.go | 1 - .../test-fixtures/template-wait-config.hcl | 5 +-- nomad/structs/diff_test.go | 21 +++------- nomad/structs/structs.go | 24 +++-------- nomad/structs/structs_test.go | 34 +++++----------- scheduler/util_test.go | 10 ++--- website/content/docs/configuration/client.mdx | 6 --- .../docs/job-specification/template.mdx | 1 - 14 files changed, 51 insertions(+), 130 deletions(-) diff --git a/client/allocrunner/taskrunner/template/template.go b/client/allocrunner/taskrunner/template/template.go index 069513df78a..57f8b98d17b 100644 --- a/client/allocrunner/taskrunner/template/template.go +++ b/client/allocrunner/taskrunner/template/template.go @@ -600,8 +600,12 @@ func parseTemplateConfigs(config *TaskTemplateManagerConfig) (map[*ctconf.Templa } if tmpl.Wait != nil { + if err := tmpl.Validate(); err != nil { + return nil, err + } + ct.Wait = &ctconf.WaitConfig{ - Enabled: tmpl.Wait.Enabled, + Enabled: helper.BoolToPtr(true), Min: tmpl.Wait.Min, Max: tmpl.Wait.Max, } @@ -668,7 +672,7 @@ func newRunnerConfig(config *TaskTemplateManagerConfig, // Make sure any template specific configuration set by the job author is within // the bounds set by the operator. - if cc.TemplateConfig.WaitBounds != nil && *cc.TemplateConfig.WaitBounds.Enabled { + if cc.TemplateConfig.WaitBounds != nil { // If somehow the WaitBounds weren't set correctly upstream, return an error. err := cc.TemplateConfig.WaitBounds.Validate() if err != nil { diff --git a/client/config/config.go b/client/config/config.go index 765d03d6f60..45400fcaa96 100644 --- a/client/config/config.go +++ b/client/config/config.go @@ -465,11 +465,10 @@ func (c *ClientTemplateConfig) IsEmpty() bool { // which is inconsistent with how Nomad typically works. This decision was made // to maintain parity with the external subsystem, not to establish a new standard. type WaitConfig struct { - Enabled *bool `hcl:"enabled,optional"` - Min *time.Duration `hcl:"-"` - MinHCL string `hcl:"min,optional" json:"-"` - Max *time.Duration `hcl:"-"` - MaxHCL string `hcl:"max,optional" json:"-"` + Min *time.Duration `hcl:"-"` + MinHCL string `hcl:"min,optional" json:"-"` + Max *time.Duration `hcl:"-"` + MaxHCL string `hcl:"max,optional" json:"-"` } // Copy returns a deep copy of the receiver. @@ -480,12 +479,10 @@ func (wc *WaitConfig) Copy() *WaitConfig { nwc := new(WaitConfig) - if wc.Enabled != nil { - nwc.Enabled = &*wc.Enabled - } if wc.Min != nil { nwc.Min = &*wc.Min } + if wc.Max != nil { nwc.Max = &*wc.Max } @@ -541,10 +538,6 @@ func (wc *WaitConfig) Merge(b *WaitConfig) *WaitConfig { return &result } - if b.Enabled != nil { - result.Enabled = &*b.Enabled - } - if b.Min != nil { result.Min = &*b.Min } @@ -574,11 +567,7 @@ func (wc *WaitConfig) ToConsulTemplate() (*config.WaitConfig, error) { return nil, err } - result := &config.WaitConfig{} - - if wc.Enabled != nil { - result.Enabled = wc.Enabled - } + result := &config.WaitConfig{Enabled: helper.BoolToPtr(true)} if wc.Min != nil { result.Min = wc.Min @@ -600,8 +589,6 @@ func (wc *WaitConfig) ToConsulTemplate() (*config.WaitConfig, error) { // use pointers to maintain parity with the external subystem, not to establish // a new standard. type RetryConfig struct { - // Enabled signals if this retry is enabled. - Enabled *bool `hcl:"enabled,optional"` // Attempts is the total number of maximum attempts to retry before letting // the error fall through. // 0 means unlimited. @@ -625,9 +612,6 @@ func (rc *RetryConfig) Copy() *RetryConfig { *nrc = *rc // Now copy pointer values - if rc.Enabled != nil { - nrc.Enabled = &*rc.Enabled - } if rc.Attempts != nil { nrc.Attempts = &*rc.Attempts } @@ -697,10 +681,6 @@ func (rc *RetryConfig) Merge(b *RetryConfig) *RetryConfig { return &result } - if b.Enabled != nil { - result.Enabled = &*b.Enabled - } - if b.Attempts != nil { result.Attempts = &*b.Attempts } @@ -725,18 +705,12 @@ func (rc *RetryConfig) Merge(b *RetryConfig) *RetryConfig { } // ToConsulTemplate converts a client RetryConfig instance to a consul-template RetryConfig -// TODO: Needs code review. The caller (TaskTemplateManager) takes direct pointers -// to other configuration values. Need to make sure that desired here as well. func (rc *RetryConfig) ToConsulTemplate() (*config.RetryConfig, error) { if err := rc.Validate(); err != nil { return nil, err } - result := &config.RetryConfig{} - - if rc.Enabled != nil { - result.Enabled = rc.Enabled - } + result := &config.RetryConfig{Enabled: helper.BoolToPtr(true)} if rc.Attempts != nil { result.Attempts = rc.Attempts diff --git a/command/agent/config_test.go b/command/agent/config_test.go index 92b90fe0865..1c90e85cb7f 100644 --- a/command/agent/config_test.go +++ b/command/agent/config_test.go @@ -1347,22 +1347,18 @@ func TestConfig_LoadConsulTemplateConfig(t *testing.T) { require.Equal(t, 300*time.Second, *templateConfig.MaxStale) require.Equal(t, 90*time.Second, *templateConfig.BlockQueryWaitTime) // Wait - require.True(t, *templateConfig.Wait.Enabled) require.Equal(t, 2*time.Second, *templateConfig.Wait.Min) require.Equal(t, 60*time.Second, *templateConfig.Wait.Max) // WaitBounds - require.True(t, *templateConfig.WaitBounds.Enabled) require.Equal(t, 2*time.Second, *templateConfig.WaitBounds.Min) require.Equal(t, 60*time.Second, *templateConfig.WaitBounds.Max) // Consul Retry require.NotNil(t, templateConfig.ConsulRetry) - require.True(t, *templateConfig.ConsulRetry.Enabled) require.Equal(t, 5, *templateConfig.ConsulRetry.Attempts) require.Equal(t, 5*time.Second, *templateConfig.ConsulRetry.Backoff) require.Equal(t, 10*time.Second, *templateConfig.ConsulRetry.MaxBackoff) // Vault Retry require.NotNil(t, templateConfig.VaultRetry) - require.True(t, *templateConfig.VaultRetry.Enabled) require.Equal(t, 10, *templateConfig.VaultRetry.Attempts) require.Equal(t, 15*time.Second, *templateConfig.VaultRetry.Backoff) require.Equal(t, 20*time.Second, *templateConfig.VaultRetry.MaxBackoff) diff --git a/command/agent/job_endpoint.go b/command/agent/job_endpoint.go index fba16713670..9f31cd49d38 100644 --- a/command/agent/job_endpoint.go +++ b/command/agent/job_endpoint.go @@ -1174,9 +1174,8 @@ func ApiWaitConfigToStructsWaitConfig(waitConfig *api.WaitConfig) *structs.WaitC } return &structs.WaitConfig{ - Enabled: &*waitConfig.Enabled, - Min: &*waitConfig.Min, - Max: &*waitConfig.Max, + Min: &*waitConfig.Min, + Max: &*waitConfig.Max, } } diff --git a/command/agent/job_endpoint_test.go b/command/agent/job_endpoint_test.go index 0f5fe39c592..76b4bb9152b 100644 --- a/command/agent/job_endpoint_test.go +++ b/command/agent/job_endpoint_test.go @@ -2499,9 +2499,8 @@ func TestJobs_ApiJobToStructsJob(t *testing.T) { RightDelim: helper.StringToPtr("def"), Envvars: helper.BoolToPtr(true), Wait: &api.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, }, @@ -2897,9 +2896,8 @@ func TestJobs_ApiJobToStructsJob(t *testing.T) { RightDelim: "def", Envvars: true, Wait: &structs.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, }, diff --git a/command/agent/test-resources/client_with_template.hcl b/command/agent/test-resources/client_with_template.hcl index 1d4c2690b66..f094cda437e 100644 --- a/command/agent/test-resources/client_with_template.hcl +++ b/command/agent/test-resources/client_with_template.hcl @@ -6,26 +6,22 @@ client { block_query_wait = "90s" wait { - enabled = true - min = "2s" - max = "60s" + min = "2s" + max = "60s" } wait_bounds { - enabled = true - min = "2s" - max = "60s" + min = "2s" + max = "60s" } consul_retry { - enabled = true attempts = 5 backoff = "5s" max_backoff = "10s" } vault_retry { - enabled = true attempts = 10 backoff = "15s" max_backoff = "20s" diff --git a/jobspec2/parse_test.go b/jobspec2/parse_test.go index 8f5960b8876..7457b3b027b 100644 --- a/jobspec2/parse_test.go +++ b/jobspec2/parse_test.go @@ -967,7 +967,6 @@ func TestWaitConfig(t *testing.T) { tmpl := job.TaskGroups[0].Tasks[0].Templates[0] require.NotNil(t, tmpl) require.NotNil(t, tmpl.Wait) - require.True(t, *tmpl.Wait.Enabled) require.Equal(t, 5*time.Second, *tmpl.Wait.Min) require.Equal(t, 60*time.Second, *tmpl.Wait.Max) } diff --git a/jobspec2/test-fixtures/template-wait-config.hcl b/jobspec2/test-fixtures/template-wait-config.hcl index ebcec00332f..e410248fbee 100644 --- a/jobspec2/test-fixtures/template-wait-config.hcl +++ b/jobspec2/test-fixtures/template-wait-config.hcl @@ -3,9 +3,8 @@ job "example" { task "task" { template { wait { - enabled = true - min = "5s" - max = "60s" + min = "5s" + max = "60s" } } } diff --git a/nomad/structs/diff_test.go b/nomad/structs/diff_test.go index 3d46b50ce99..ef950b90d42 100644 --- a/nomad/structs/diff_test.go +++ b/nomad/structs/diff_test.go @@ -6909,9 +6909,8 @@ func TestTaskDiff(t *testing.T) { Splay: 1, Perms: "0644", Wait: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(5 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), }, }, { @@ -6937,9 +6936,8 @@ func TestTaskDiff(t *testing.T) { Splay: 1, Perms: "0644", Wait: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, { @@ -6951,9 +6949,8 @@ func TestTaskDiff(t *testing.T) { Splay: 3, Perms: "0776", Wait: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, }, @@ -7051,12 +7048,6 @@ func TestTaskDiff(t *testing.T) { Type: DiffTypeAdded, Name: "Template", Fields: []*FieldDiff{ - { - Type: DiffTypeAdded, - Name: "Enabled", - Old: "", - New: "true", - }, { Type: DiffTypeAdded, Name: "Max", diff --git a/nomad/structs/structs.go b/nomad/structs/structs.go index 73c4e854798..58c5a6fb08e 100644 --- a/nomad/structs/structs.go +++ b/nomad/structs/structs.go @@ -25,6 +25,8 @@ import ( "strings" "time" + "golang.org/x/crypto/blake2b" + "github.com/hashicorp/cronexpr" "github.com/hashicorp/go-msgpack/codec" "github.com/hashicorp/go-multierror" @@ -41,7 +43,6 @@ import ( psstructs "github.com/hashicorp/nomad/plugins/shared/structs" "github.com/miekg/dns" "github.com/mitchellh/copystructure" - "golang.org/x/crypto/blake2b" ) var ( @@ -7534,9 +7535,8 @@ func (t *Template) DiffID() string { // Template relies on pointer based business logic. This struct uses pointers so // that we tell the different between zero values and unset values. type WaitConfig struct { - Enabled *bool - Min *time.Duration - Max *time.Duration + Min *time.Duration + Max *time.Duration } // Copy returns a deep copy of this configuration. @@ -7547,10 +7547,6 @@ func (wc *WaitConfig) Copy() *WaitConfig { nwc := new(WaitConfig) - if wc.Enabled != nil { - nwc.Enabled = &*wc.Enabled - } - if wc.Min != nil { nwc.Min = &*wc.Min } @@ -7563,10 +7559,6 @@ func (wc *WaitConfig) Copy() *WaitConfig { } func (wc *WaitConfig) Equals(o *WaitConfig) bool { - if wc.Enabled == nil && o.Enabled != nil { - return false - } - if wc.Min == nil && o.Min != nil { return false } @@ -7575,15 +7567,11 @@ func (wc *WaitConfig) Equals(o *WaitConfig) bool { return false } - if wc.Enabled != nil && (o.Enabled == nil || &*wc.Enabled != &*o.Enabled) { - return false - } - - if wc.Min != nil && (o.Min == nil || &*wc.Min != &*o.Min) { + if wc.Min != nil && (o.Min == nil || *wc.Min != *o.Min) { return false } - if wc.Max != nil && (o.Max == nil || &*wc.Max != &*o.Max) { + if wc.Max != nil && (o.Max == nil || *wc.Max != *o.Max) { return false } diff --git a/nomad/structs/structs_test.go b/nomad/structs/structs_test.go index e105d15701c..f8d64451cf4 100644 --- a/nomad/structs/structs_test.go +++ b/nomad/structs/structs_test.go @@ -2549,9 +2549,8 @@ func TestTemplate_Validate(t *testing.T) { DestPath: "local/foo", ChangeMode: "noop", Wait: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(10 * time.Second), - Max: helper.TimeToPtr(5 * time.Second), + Min: helper.TimeToPtr(10 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), }, }, Fail: true, @@ -2565,9 +2564,8 @@ func TestTemplate_Validate(t *testing.T) { DestPath: "local/foo", ChangeMode: "noop", Wait: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(5 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), }, }, Fail: false, @@ -2578,9 +2576,8 @@ func TestTemplate_Validate(t *testing.T) { DestPath: "local/foo", ChangeMode: "noop", Wait: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, Fail: false, @@ -2615,14 +2612,12 @@ func TestTaskWaitConfig_Equals(t *testing.T) { { name: "all-fields", config: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, expected: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, { @@ -2630,15 +2625,6 @@ func TestTaskWaitConfig_Equals(t *testing.T) { config: &WaitConfig{}, expected: &WaitConfig{}, }, - { - name: "enabled-only", - config: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - }, - expected: &WaitConfig{ - Enabled: helper.BoolToPtr(true), - }, - }, { name: "min-only", config: &WaitConfig{ diff --git a/scheduler/util_test.go b/scheduler/util_test.go index c0ecc41e5b0..1b5ec8d9a30 100644 --- a/scheduler/util_test.go +++ b/scheduler/util_test.go @@ -759,9 +759,8 @@ func TestTasksUpdated(t *testing.T) { j22.TaskGroups[0].Tasks[0].Templates = []*structs.Template{ { Wait: &structs.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(5 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), }, }, } @@ -769,9 +768,8 @@ func TestTasksUpdated(t *testing.T) { j23.TaskGroups[0].Tasks[0].Templates = []*structs.Template{ { Wait: &structs.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(5 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(5 * time.Second), }, }, } diff --git a/website/content/docs/configuration/client.mdx b/website/content/docs/configuration/client.mdx index f0210ba3b08..ceda8b54538 100644 --- a/website/content/docs/configuration/client.mdx +++ b/website/content/docs/configuration/client.mdx @@ -370,7 +370,6 @@ see the [drivers documentation](/docs/drivers). ```hcl wait { - enabled = true min = "5s" max = "10s" } @@ -384,7 +383,6 @@ see the [drivers documentation](/docs/drivers). ```hcl wait_bounds { - enabled = true min = "5s" max = "10s" } @@ -403,8 +401,6 @@ see the [drivers documentation](/docs/drivers). ```hcl consul_retry { - # This enables retries. - enabled = true # This specifies the number of attempts to make before giving up. Each # attempt adds the exponential backoff sleep time. Setting this to # zero will implement an unlimited number of retries. @@ -430,8 +426,6 @@ see the [drivers documentation](/docs/drivers). ```hcl vault_retry { - # This enables retries. - enabled = true # This specifies the number of attempts to make before giving up. Each # attempt adds the exponential backoff sleep time. Setting this to # zero will implement an unlimited number of retries. diff --git a/website/content/docs/job-specification/template.mdx b/website/content/docs/job-specification/template.mdx index 08c51631ed5..d2c643a27a5 100644 --- a/website/content/docs/job-specification/template.mdx +++ b/website/content/docs/job-specification/template.mdx @@ -110,7 +110,6 @@ README][ct]. Since Nomad v0.6.0, templates can be read as environment variables. ```hcl wait { - enabled = true min = "5s" max = "10s" } From 4409ee3512cbc6302ae6e7861b08bf1109a4c22c Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Wed, 5 Jan 2022 18:19:21 -0500 Subject: [PATCH 13/15] Finish refactoring tests; Fix bug validating template configuration --- .../taskrunner/template/template.go | 2 +- .../taskrunner/template/template_test.go | 34 ++---- client/config/config_test.go | 115 +++++------------- 3 files changed, 42 insertions(+), 109 deletions(-) diff --git a/client/allocrunner/taskrunner/template/template.go b/client/allocrunner/taskrunner/template/template.go index 57f8b98d17b..f37d76f7be8 100644 --- a/client/allocrunner/taskrunner/template/template.go +++ b/client/allocrunner/taskrunner/template/template.go @@ -600,7 +600,7 @@ func parseTemplateConfigs(config *TaskTemplateManagerConfig) (map[*ctconf.Templa } if tmpl.Wait != nil { - if err := tmpl.Validate(); err != nil { + if err := tmpl.Wait.Validate(); err != nil { return nil, err } diff --git a/client/allocrunner/taskrunner/template/template_test.go b/client/allocrunner/taskrunner/template/template_test.go index 81b436b07cc..dcd9a8eb0da 100644 --- a/client/allocrunner/taskrunner/template/template_test.go +++ b/client/allocrunner/taskrunner/template/template_test.go @@ -1938,16 +1938,14 @@ func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { // helper to reduce boilerplate waitConfig := &config.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), } // helper to reduce boilerplate retryConfig := &config.RetryConfig{ Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(5 * time.Second), MaxBackoff: helper.TimeToPtr(20 * time.Second), - Enabled: helper.BoolToPtr(true), } clientConfig.TemplateConfig.MaxStale = helper.TimeToPtr(5 * time.Second) @@ -1961,9 +1959,8 @@ func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { allocWithOverride.Job.TaskGroups[0].Tasks[0].Templates = []*structs.Template{ { Wait: &structs.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(2 * time.Second), - Max: helper.TimeToPtr(12 * time.Second), + Min: helper.TimeToPtr(2 * time.Second), + Max: helper.TimeToPtr(12 * time.Second), }, }, } @@ -2044,9 +2041,8 @@ func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), Wait: waitConfig.Copy(), WaitBounds: &config.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(3 * time.Second), - Max: helper.TimeToPtr(11 * time.Second), + Min: helper.TimeToPtr(3 * time.Second), + Max: helper.TimeToPtr(11 * time.Second), }, ConsulRetry: retryConfig.Copy(), VaultRetry: retryConfig.Copy(), @@ -2058,9 +2054,8 @@ func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { Templates: []*structs.Template{ { Wait: &structs.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(2 * time.Second), - Max: helper.TimeToPtr(12 * time.Second), + Min: helper.TimeToPtr(2 * time.Second), + Max: helper.TimeToPtr(12 * time.Second), }, }, }, @@ -2071,9 +2066,8 @@ func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { BlockQueryWaitTime: helper.TimeToPtr(60 * time.Second), Wait: waitConfig.Copy(), WaitBounds: &config.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(3 * time.Second), - Max: helper.TimeToPtr(11 * time.Second), + Min: helper.TimeToPtr(3 * time.Second), + Max: helper.TimeToPtr(11 * time.Second), }, ConsulRetry: retryConfig.Copy(), VaultRetry: retryConfig.Copy(), @@ -2103,20 +2097,17 @@ func TestTaskTemplateManager_ClientTemplateConfig_Set(t *testing.T) { require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.MaxStale, *runnerConfig.MaxStale) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.BlockQueryWaitTime, *runnerConfig.BlockQueryWaitTime) // WaitConfig - require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.Wait.Enabled, *runnerConfig.Wait.Enabled) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.Wait.Min, *runnerConfig.Wait.Min) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.Wait.Max, *runnerConfig.Wait.Max) // Consul Retry require.NotNil(t, runnerConfig.Consul) require.NotNil(t, runnerConfig.Consul.Retry) - require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.Enabled, *runnerConfig.Consul.Retry.Enabled) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.Attempts, *runnerConfig.Consul.Retry.Attempts) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.Backoff, *runnerConfig.Consul.Retry.Backoff) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.ConsulRetry.MaxBackoff, *runnerConfig.Consul.Retry.MaxBackoff) // Vault Retry require.NotNil(t, runnerConfig.Vault) require.NotNil(t, runnerConfig.Vault.Retry) - require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.Enabled, *runnerConfig.Vault.Retry.Enabled) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.Attempts, *runnerConfig.Vault.Retry.Attempts) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.Backoff, *runnerConfig.Vault.Retry.Backoff) require.Equal(t, *_case.ExpectedRunnerConfig.TemplateConfig.VaultRetry.MaxBackoff, *runnerConfig.Vault.Retry.MaxBackoff) @@ -2149,9 +2140,8 @@ func TestTaskTemplateManager_Template_Wait_Set(t *testing.T) { Templates: []*structs.Template{ { Wait: &structs.WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, }, diff --git a/client/config/config_test.go b/client/config/config_test.go index 465d224953a..bef9995c6a1 100644 --- a/client/config/config_test.go +++ b/client/config/config_test.go @@ -44,9 +44,8 @@ func TestConfigReadDefault(t *testing.T) { func mockWaitConfig() *WaitConfig { return &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), } } @@ -60,18 +59,8 @@ func TestWaitConfig_Copy(t *testing.T) { "fully-populated", mockWaitConfig(), &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), - }, - }, - { - "enabled-only", - &WaitConfig{ - Enabled: helper.BoolToPtr(true), - }, - &WaitConfig{ - Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, { @@ -124,7 +113,7 @@ func TestWaitConfig_IsEmpty(t *testing.T) { { "is-not-empty", &WaitConfig{ - Enabled: helper.BoolToPtr(true), + Min: helper.TimeToPtr(10 * time.Second), }, false, }, @@ -148,9 +137,8 @@ func TestWaitConfig_IsEqual(t *testing.T) { "are-equal", mockWaitConfig(), &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, true, }, @@ -158,9 +146,8 @@ func TestWaitConfig_IsEqual(t *testing.T) { "min-different", mockWaitConfig(), &WaitConfig{ - Enabled: helper.BoolToPtr(false), - Min: helper.TimeToPtr(4 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, false, }, @@ -168,9 +155,8 @@ func TestWaitConfig_IsEqual(t *testing.T) { "max-different", mockWaitConfig(), &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(9 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), }, false, }, @@ -247,42 +233,36 @@ func TestWaitConfig_Merge(t *testing.T) { "all-fields", mockWaitConfig(), &WaitConfig{ - Enabled: helper.BoolToPtr(false), - Min: helper.TimeToPtr(4 * time.Second), - Max: helper.TimeToPtr(9 * time.Second), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), }, &WaitConfig{ - Enabled: helper.BoolToPtr(false), - Min: helper.TimeToPtr(4 * time.Second), - Max: helper.TimeToPtr(9 * time.Second), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), }, }, { "min-only", mockWaitConfig(), &WaitConfig{ - Enabled: helper.BoolToPtr(false), - Min: helper.TimeToPtr(4 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, &WaitConfig{ - Enabled: helper.BoolToPtr(false), - Min: helper.TimeToPtr(4 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + Min: helper.TimeToPtr(4 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), }, }, { "max-only", mockWaitConfig(), &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(9 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), }, &WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(9 * time.Second), + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(9 * time.Second), }, }, } @@ -306,20 +286,19 @@ func TestWaitConfig_ToConsulTemplate(t *testing.T) { Max: helper.TimeToPtr(10 * time.Second), } - actual := WaitConfig{ - Enabled: helper.BoolToPtr(true), - Min: helper.TimeToPtr(5 * time.Second), - Max: helper.TimeToPtr(10 * time.Second), + clientWaitConfig := &WaitConfig{ + Min: helper.TimeToPtr(5 * time.Second), + Max: helper.TimeToPtr(10 * time.Second), } - require.Equal(t, *expected.Enabled, *actual.Enabled) + actual, err := clientWaitConfig.ToConsulTemplate() + require.NoError(t, err) require.Equal(t, *expected.Min, *actual.Min) require.Equal(t, *expected.Max, *actual.Max) } func mockRetryConfig() *RetryConfig { return &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -337,7 +316,6 @@ func TestRetryConfig_Copy(t *testing.T) { "fully-populated", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -345,15 +323,6 @@ func TestRetryConfig_Copy(t *testing.T) { MaxBackoffHCL: "10s", }, }, - { - "enabled-only", - &RetryConfig{ - Enabled: helper.BoolToPtr(true), - }, - &RetryConfig{ - Enabled: helper.BoolToPtr(true), - }, - }, { "attempts-only", &RetryConfig{ @@ -431,7 +400,7 @@ func TestRetryConfig_IsEmpty(t *testing.T) { { "is-not-empty", &RetryConfig{ - Enabled: helper.BoolToPtr(true), + Attempts: helper.IntToPtr(12), }, false, }, @@ -455,7 +424,6 @@ func TestRetryConfig_IsEqual(t *testing.T) { "are-equal", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -464,24 +432,10 @@ func TestRetryConfig_IsEqual(t *testing.T) { }, true, }, - { - "enabled-different", - mockRetryConfig(), - &RetryConfig{ - Enabled: helper.BoolToPtr(false), - Attempts: helper.IntToPtr(5), - Backoff: helper.TimeToPtr(5 * time.Second), - BackoffHCL: "5s", - MaxBackoff: helper.TimeToPtr(10 * time.Second), - MaxBackoffHCL: "10s", - }, - false, - }, { "attempts-different", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(4), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -494,7 +448,6 @@ func TestRetryConfig_IsEqual(t *testing.T) { "backoff-different", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(4 * time.Second), BackoffHCL: "5s", @@ -507,7 +460,6 @@ func TestRetryConfig_IsEqual(t *testing.T) { "backoff-hcl-different", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "4s", @@ -520,7 +472,6 @@ func TestRetryConfig_IsEqual(t *testing.T) { "max-backoff-different", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -533,7 +484,6 @@ func TestRetryConfig_IsEqual(t *testing.T) { "max-backoff-hcl-different", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -630,7 +580,6 @@ func TestRetryConfig_Merge(t *testing.T) { "all-fields", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(false), Attempts: helper.IntToPtr(4), Backoff: helper.TimeToPtr(4 * time.Second), BackoffHCL: "4s", @@ -638,7 +587,6 @@ func TestRetryConfig_Merge(t *testing.T) { MaxBackoffHCL: "9s", }, &RetryConfig{ - Enabled: helper.BoolToPtr(false), Attempts: helper.IntToPtr(4), Backoff: helper.TimeToPtr(4 * time.Second), BackoffHCL: "4s", @@ -650,7 +598,6 @@ func TestRetryConfig_Merge(t *testing.T) { "attempts-only", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(false), Attempts: helper.IntToPtr(4), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -658,7 +605,6 @@ func TestRetryConfig_Merge(t *testing.T) { MaxBackoffHCL: "10s", }, &RetryConfig{ - Enabled: helper.BoolToPtr(false), Attempts: helper.IntToPtr(4), Backoff: helper.TimeToPtr(5 * time.Second), BackoffHCL: "5s", @@ -670,7 +616,6 @@ func TestRetryConfig_Merge(t *testing.T) { "multi-field", mockRetryConfig(), &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(4 * time.Second), BackoffHCL: "4s", @@ -678,7 +623,6 @@ func TestRetryConfig_Merge(t *testing.T) { MaxBackoffHCL: "9s", }, &RetryConfig{ - Enabled: helper.BoolToPtr(true), Attempts: helper.IntToPtr(5), Backoff: helper.TimeToPtr(4 * time.Second), BackoffHCL: "4s", @@ -710,7 +654,6 @@ func TestRetryConfig_ToConsulTemplate(t *testing.T) { actual := mockRetryConfig() - require.Equal(t, *expected.Enabled, *actual.Enabled) require.Equal(t, *expected.Attempts, *actual.Attempts) require.Equal(t, *expected.Backoff, *actual.Backoff) require.Equal(t, *expected.MaxBackoff, *actual.MaxBackoff) From 01442462aedf64c32e483dd390814260a8bc1286 Mon Sep 17 00:00:00 2001 From: Derek Strickland <1111455+DerekStrickland@users.noreply.github.com> Date: Fri, 7 Jan 2022 03:56:50 -0500 Subject: [PATCH 14/15] Update .changelog/11606.txt Co-authored-by: Michael Schurter --- .changelog/11606.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.changelog/11606.txt b/.changelog/11606.txt index 6798ace6a22..ee1e7cedb50 100644 --- a/.changelog/11606.txt +++ b/.changelog/11606.txt @@ -1,5 +1,5 @@ ```release-note:improvement -core: Expose consul-template configuration options at the client level for `consul_retry`, +template: Expose consul-template configuration options at the client level for `consul_retry`, `vault_retry`, `max_stale`, `block_query_wait` and `wait`. Expose per-template configuration for wait that will override the client level configuration. Add `wait_bounds` to allow operators to constrain per-template overrides at the client level. From 6c1d313c1573cae0104aa1f05547a87c9e51135d Mon Sep 17 00:00:00 2001 From: DerekStrickland Date: Sat, 8 Jan 2022 06:54:19 -0500 Subject: [PATCH 15/15] Clarify language in documentation; Add link to client.template.wait_bounds setting --- website/content/docs/configuration/client.mdx | 4 ++-- website/content/docs/job-specification/template.mdx | 13 +++++-------- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/website/content/docs/configuration/client.mdx b/website/content/docs/configuration/client.mdx index ceda8b54538..22e9c226144 100644 --- a/website/content/docs/configuration/client.mdx +++ b/website/content/docs/configuration/client.mdx @@ -364,9 +364,9 @@ see the [drivers documentation](/docs/drivers). - `wait` `(Code: nil)` - Defines the minimum and maximum amount of time to wait for the Consul cluster to reach a consistent state before rendering a template. - This is useful to enable in systems where Consul is experiencing a lot of flapping, + This is useful to enable in systems where network connectivity to Consul is degraded, because it will reduce the number of times a template is rendered. This configuration is - also exposed at the _task level_ to allow overrides per task. + also exposed in the _task template stanza_ to allow overrides per task. ```hcl wait { diff --git a/website/content/docs/job-specification/template.mdx b/website/content/docs/job-specification/template.mdx index b57991e92f3..7176a478603 100644 --- a/website/content/docs/job-specification/template.mdx +++ b/website/content/docs/job-specification/template.mdx @@ -102,15 +102,11 @@ refer to the [Learn Go Template Syntax][gt_learn] Learn guide. - `wait` `(Code: nil)` - Defines the minimum and maximum amount of time to wait for the Consul cluster to reach a consistent state before rendering a template. - This is useful to enable in systems where Consul is experiencing a lot of flapping, - because it will reduce the number of times a template is rendered. This configuration is - also exposed at the _task level_ to allow overrides per task. This is typically - set globally in the client configuration, but can be overridden on per-template - basis. Note that, this setting can be overridden by the `client.template.wait_bounds` - setting. The `client.template.wait_bounds` setting defines a client level lower - and upper bounds for per-template `wait` configuration. If the individual template + This is useful to enable in systems where network connectivity to Consul is degraded, + because it will reduce the number of times a template is rendered. This setting + can be overridden by the [`client.template.wait_bounds`]. If the template configuration has a `min` lower than `client.template.wait_bounds.min` or a `max` - greater than `client.template.wait_bounds.max`, the bounds will be enforced, + greater than `client.template.wait_bounds.max`, the client's bounds will be enforced, and the template `wait` will be adjusted before being sent to `consul-template`. ```hcl @@ -503,3 +499,4 @@ options](/docs/configuration/client#options): [go-envparse]: https://github.com/hashicorp/go-envparse#readme 'The go-envparse Readme' [task working directory]: /docs/runtime/environment#task-directories 'Task Directories' [filesystem internals]: /docs/internals/filesystem#templates-artifacts-and-dispatch-payloads +[`client.template.wait_bounds`]: /doc/configuration/client#wait_bounds