-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Autopilot feature from Consul #3670
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a little unclear on what Datacenter/dc represents for Autopilot. I don't think we have any other datacenter-specific APIs in Nomad, but I'm probably forgetting something. 😅
api/operator_autopilot.go
Outdated
) | ||
|
||
// AutopilotConfiguration is used for querying/setting the Autopilot configuration. | ||
// Autopilot helps manage operator tasks related to Consul servers like removing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consul servers -> Nomad servers
api/operator_autopilot.go
Outdated
// The status of the SerfHealth check for the server. | ||
SerfStatus string | ||
|
||
// Version is the Consul version of the server. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nomad version
api/operator_autopilot.go
Outdated
DisableUpgradeMigration bool | ||
|
||
// (Enterprise-only) UpgradeVersionTag is the node tag to use for version info when | ||
// performing upgrade migrations. If left blank, the Consul version will be used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nomad version
api/operator_autopilot.go
Outdated
return res, nil | ||
} | ||
|
||
// AutopilotServerHealth |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Incomplete comment
command/agent/operator_endpoint.go
Outdated
} | ||
} | ||
|
||
// OperatorServerHealth is used to get the health of the servers in the local DC |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think remove "in the local DC" (?) as DCs are defined differently in Consul and Nomad.
nomad/autopilot.go
Outdated
"github.com/hashicorp/serf/serf" | ||
) | ||
|
||
// AutopilotDelegate is a Consul delegate for autopilot operations. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consul delegate -> Nomad delegate
nomad/autopilot.go
Outdated
return server, nil | ||
} | ||
|
||
// Heartbeat a metric for monitoring if we're the leader |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// NotifyHealth heartbeats a metric ...
nomad/util.go
Outdated
@@ -80,6 +83,12 @@ func isNomadServer(m serf.Member) (bool, *serverParts) { | |||
} | |||
} | |||
|
|||
// If the server is missing the rpc_addr tag, default to the serf advertise addr | |||
rpc_ip := net.ParseIP(m.Tags["rpc_addr"]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rpcIP would be a more idiomatic name
"redundancy_zone_tag": "az", | ||
"disable_upgrade_migration": false, | ||
"upgrade_version_tag": "" | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
HCLify?
## Server Health Checking | ||
|
||
An internal health check runs on the leader to track the stability of servers. | ||
</br>A server is considered healthy if all of the following conditions are true: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
<br>
not </br>
but is it necessary?
api/operator_autopilot_test.go
Outdated
if err != nil { | ||
t.Fatalf("err: %v", err) | ||
} | ||
if !config.CleanupDeadServers { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
WE've been trying to be consistent using testify/assert for new tests and when we touch existing tests, would be nice if you could rewrite this to use asserts
An internal health check runs on the leader to track the stability of servers. | ||
</br>A server is considered healthy if all of the following conditions are true: | ||
|
||
- It has a SerfHealth status of 'Alive' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the term "SerfHealth" is specific to Consul and refers to the serfstatus health check. I would suggest calling this Serf status or rewrite the sentence to be "The server's status according to serf is "Alive", to avoid confusion.
} | ||
if agentConfig.Autopilot != nil { | ||
if agentConfig.Autopilot.CleanupDeadServers != nil { | ||
conf.AutopilotConfig.CleanupDeadServers = *agentConfig.Autopilot.CleanupDeadServers |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why do a couple of these do *agentConfig?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't want to override the defaults in the server config with different defaults from the user config
@@ -271,6 +279,9 @@ func NewServer(config *Config, consulCatalog consul.CatalogAPI, logger *log.Logg | |||
// Create the periodic dispatcher for launching periodic jobs. | |||
s.periodicDispatcher = NewPeriodicDispatch(s.logger, s) | |||
|
|||
// Initialize the stats fetcher that autopilot will use. | |||
s.statsFetcher = NewStatsFetcher(logger, s.connPool, s.config.Region) | |||
|
|||
// Setup Vault | |||
if err := s.setupVaultClient(); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The Leave
method here also calls RemovePeer and currently does not handle raft protocol 3, I left a TODO in there in the master branch.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The last of these (raft ID related) should be taken care of now
@schmichael those references to datacenter instead of region were just mistakes, I think. This should be ready for another look now. |
command/operator_autopilot.go
Outdated
|
||
func (c *OperatorAutopilotCommand) Help() string { | ||
helpText := ` | ||
Usage: consul operator autopilot <subcommand> [options] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consul -> nomad
command/operator_autopilot_get.go
Outdated
|
||
func (c *OperatorAutopilotGetCommand) Help() string { | ||
helpText := ` | ||
Usage: consul operator autopilot get-config [options] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consul -> nomad
command/operator_autopilot_set.go
Outdated
|
||
func (c *OperatorAutopilotSetCommand) Help() string { | ||
helpText := ` | ||
Usage: consul operator autopilot set-config [options] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consul -> nomad
command/operator_autopilot_set.go
Outdated
Set Config Options: | ||
|
||
-cleanup-dead-servers=[true|false] | ||
Controls whether Consul will automatically remove dead servers when |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consul -> nomad
command/operator_autopilot_set.go
Outdated
new ones are successfully added. Must be one of [true|false]. | ||
|
||
-disable-upgrade-migration=[true|false] | ||
(Enterprise-only) Controls whether Consul will avoid promoting |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consul -> nomad
command/operator_autopilot_set.go
Outdated
|
||
-upgrade-version-tag=<value> | ||
(Enterprise-only) The node_meta tag to use for version info when | ||
performing upgrade migrations. If left blank, the Consul version |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consul -> nomad
nomad/structs/config/autopilot.go
Outdated
DisableUpgradeMigration *bool `mapstructure:"disable_upgrade_migration"` | ||
|
||
// (Enterprise-only) UpgradeVersionTag is the node tag to use for version info when | ||
// performing upgrade migrations. If left blank, the Consul version will be used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
consul -> nomad
deploying just one server in each. | ||
|
||
If the `RedundancyZoneTag` setting is set, Nomad will use its value to look for a | ||
zone in each server's specified [`-meta`](/docs/agent/configuration/client.html#meta) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is only defined on clients that aren't participating in Raft/Serf.
|
||
// AutopilotGetConfiguration is used to query the current Autopilot configuration. | ||
func (op *Operator) AutopilotGetConfiguration(q *QueryOptions) (*AutopilotConfiguration, error) { | ||
r, err := op.c.newRequest("GET", "/v1/operator/autopilot/configuration") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
152-166 can be replaced by:
var resp AutopilotConfiguration
qm, err := n.client.query("/v1/operator/autopilot/configuration", &resp, q)
if err != nil {
return nil, nil, err
}
return resp, qm, nil
All of the APIs should use this format. There is a query as well as write helper for PUTs
} | ||
|
||
// AutopilotGetConfiguration is used to query the current Autopilot configuration. | ||
func (op *Operator) AutopilotGetConfiguration(q *QueryOptions) (*AutopilotConfiguration, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should also return the query meta result: (*AutopilotConfiguration, *QueryMeta, error)
and in the cases of writes, WriteMeta
if !hasID && !hasAddress { | ||
resp.WriteHeader(http.StatusBadRequest) | ||
fmt.Fprint(resp, "Must specify either ?id with the server's ID or ?address with IP:port of peer to remove") | ||
return nil, nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change to be return nil, CodedError(http.StatusBadRequest, error_string)
here and else where were this is used
return reply, nil | ||
|
||
default: | ||
resp.WriteHeader(http.StatusMethodNotAllowed) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return nil, CodedError(404, ErrInvalidMethod)
|
||
case "PUT": | ||
var args structs.AutopilotSetConfigRequest | ||
s.parseRegion(req, &args.Region) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
parseWriteRequest
// Check management permissions | ||
if aclObj, err := op.srv.ResolveToken(args.AuthToken); err != nil { | ||
return err | ||
} else if aclObj != nil && !aclObj.IsManagement() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not OperatorWrite?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That seems fine to me; the rest of the raft methods in here take a management token though
@@ -777,6 +801,8 @@ func (s *Server) setupRPC(tlsWrap tlsutil.RegionWrapper) error { | |||
} | |||
s.rpcListener = list | |||
|
|||
s.logger.Printf("[INFO] nomad: RPC listening on %q", s.rpcListener.Addr().String()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this useful? I would say lets remove
| ---------------- | ----------------- | --------------- | | ||
| `NO` | `none` | `operator:read` | | ||
|
||
### Parameters |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we remove both of these parameters (dc should be region) but they are both covered generically on this page: https://www.nomadproject.io/api/#consistency-modes
|
||
### Parameters | ||
|
||
- `dc` `(string: "")` - Specifies the datacenter to query. This will default to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove all of these across endpoints
<tr> | ||
<th width="120">Placement</th> | ||
<td> | ||
<code>**acl**</code> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
acl -> autopilot
I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions. |
This adds the OSS components for autopilot as well as the config fields/docs for the enterprise autopilot features. The autopilot logic is in the agent/consul/autopilot package over in the Consul repo.