Skip to content
/ jet-damon Public
forked from jet/damon

Damon is a supervisor program to constrain windows executables that are run under the raw_exec driver in Nomad.

License

Apache-2.0 license
0 stars 18 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

justenwalker/jet-damon

BranchesTags
 
 

Repository files navigation

Build status

Damon

Damon is a supervisor program to constrain windows executables that are run under the raw_exec driver in Nomad.

Usage

To use Damon, run it before your command.

damon.exe yourapp.exe [args]

Configuration

Damon uses environment variables to configure process monitoring and resource constraints.

Logging Options

  • DAMON_LOG_MAX_FILES: the number of old logs to keep after rotating.
  • DAMON_LOG_MAX_SIZE: the maximum size (in MB) of the active log file before it gets rotated.
  • DAMON_LOG_DIR: directory in which to place damon log files. When DAMON_LOG_DIR is unset, it will attempt to use the standard nomad log directory ${NOMAD_ALLOC_DIR}/logs. If NOMAD_ALLOC_DIR is unset, then it will default to the current working directory.
  • DAMON_NOMAD_LOG_SUFFIX: Is appended to the log name of the active log file. Rotated log files contain a datestamp. The default value is .damon.log
  • DAMON_LOG_NAME: Is the full name of the log file (without the directory) - Setting this overrides DAMON_NOMAD_LOG_SUFFIX. When this is unset, it will default to ${NOMAD_TASK_NAME}${DAMON_NOMAD_LOG_SUFFIX}

Constraint Options

  • DAMON_ENFORCE_CPU_LIMIT: When set to Y - it enforces CPU constraints on the wrapped process. Set to 'N' to disable CPU-rate limits. (Default: 'Y')
  • DAMON_ENFORCE_MEMORY_LIMIT: When set to Y - it enforces memory limits on the wrapped process. Set to 'N' to disable memory limits. (Default: 'Y')
  • DAMON_CPU_LIMIT: The CPU Limit in MHz. Defaults to NOMAD_CPU_LIMIT.
  • DAMON_MEMORY_LIMIT: The Memory Limit in MB. Defaults to NOMAD_MEMORY_LIMIT.
  • DAMON_RESTRICTED_TOKEN: When set to Y - it runs the wrapped process with a Restricted Token:
    • Drops all Privileges
    • Disables the BUILTIN\Administrator SID

Metrics Options

  • DAMON_ADDR: Listens on this address to serve prometheus metrics. Default: ${NOMAD_ADDR_damon} This option is designed to work with the NOMAD_ADDR_damon environment variable. This means you should change your job spec to:
    • request a port labeled "damon"
    • add a service to the task that advertises the "damon" port to Consul service discovery - so that your prometheus infrastructure can find it and scrape it.
  • DAMON_METRICS_ENDPOINT: The path to the prometheus metrics endpoint. Default: /metrics

Building & Testing Damon

Included with this repository is make.ps1 which can be used to build damon.exe and also run tests.

Build Binary

.\make.ps1 -Build

Lint Code

Runs golangci-lint against the codebase. It will Install golangci-lint if it doesn't exist in ${GOPATH}/bin.

.\make.ps1 -Lint

Test Code

Runs tests and generates code coverage files.

.\make.ps1 -Test

Give it a Try

Check out the examples directory for scripts and job definitions.

Be sure to alter to environment variables, artifact locations, etc... to match your environment.

About

Damon is a supervisor program to constrain windows executables that are run under the raw_exec driver in Nomad.

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Go 98.5%
  • PowerShell 1.5%