From 0cd76c2c0186850f5b773b181197395387599208 Mon Sep 17 00:00:00 2001 From: Nick Ethier Date: Tue, 2 Feb 2021 14:56:52 -0500 Subject: [PATCH 1/3] structs: namespace port validation by host_network --- nomad/structs/structs.go | 21 ++++++++- nomad/structs/structs_test.go | 87 +++++++++++++++++++++++++++++++++++ 2 files changed, 107 insertions(+), 1 deletion(-) diff --git a/nomad/structs/structs.go b/nomad/structs/structs.go index 88a2731334b3..5a4858776c89 100644 --- a/nomad/structs/structs.go +++ b/nomad/structs/structs.go @@ -6167,7 +6167,8 @@ func (tg *TaskGroup) Validate(j *Job) error { func (tg *TaskGroup) validateNetworks() error { var mErr multierror.Error portLabels := make(map[string]string) - staticPorts := make(map[int]string) + // host_network -> static port tracking + staticPortsIndex := make(map[string]map[int]string) for _, net := range tg.Networks { for _, port := range append(net.ReservedPorts, net.DynamicPorts...) { @@ -6178,6 +6179,14 @@ func (tg *TaskGroup) validateNetworks() error { } if port.Value != 0 { + hostNetwork := port.HostNetwork + if hostNetwork == "" { + hostNetwork = "default" + } + staticPorts, ok := staticPortsIndex[hostNetwork] + if !ok { + staticPorts = make(map[int]string) + } // static port if other, ok := staticPorts[port.Value]; ok { err := fmt.Errorf("Static port %d already reserved by %s", port.Value, other) @@ -6187,6 +6196,7 @@ func (tg *TaskGroup) validateNetworks() error { mErr.Errors = append(mErr.Errors, err) } else { staticPorts[port.Value] = fmt.Sprintf("taskgroup network:%s", port.Label) + staticPortsIndex[hostNetwork] = staticPorts } } @@ -6212,6 +6222,14 @@ func (tg *TaskGroup) validateNetworks() error { } if port.Value != 0 { + hostNetwork := port.HostNetwork + if hostNetwork == "" { + hostNetwork = "default" + } + staticPorts, ok := staticPortsIndex[hostNetwork] + if !ok { + staticPorts = make(map[int]string) + } if other, ok := staticPorts[port.Value]; ok { err := fmt.Errorf("Static port %d already reserved by %s", port.Value, other) mErr.Errors = append(mErr.Errors, err) @@ -6220,6 +6238,7 @@ func (tg *TaskGroup) validateNetworks() error { mErr.Errors = append(mErr.Errors, err) } else { staticPorts[port.Value] = fmt.Sprintf("%s:%s", task.Name, port.Label) + staticPortsIndex[hostNetwork] = staticPorts } } } diff --git a/nomad/structs/structs_test.go b/nomad/structs/structs_test.go index a055d4a1a340..4787c5832d43 100644 --- a/nomad/structs/structs_test.go +++ b/nomad/structs/structs_test.go @@ -1298,6 +1298,93 @@ func TestTaskGroupNetwork_Validate(t *testing.T) { }, ErrContains: "greater than", }, + { + TG: &TaskGroup{ + Name: "group-same-static-port-different-host_network", + Networks: Networks{ + &NetworkResource{ + ReservedPorts: []Port{ + { + Label: "net1_http", + Value: 80, + HostNetwork: "net1", + }, + { + Label: "net2_http", + Value: 80, + HostNetwork: "net2", + }, + }, + }, + }, + }, + }, + { + TG: &TaskGroup{ + Name: "mixing-group-task-ports", + Networks: Networks{ + &NetworkResource{ + ReservedPorts: []Port{ + { + Label: "group_http", + Value: 80, + }, + }, + }, + }, + Tasks: []*Task{ + &Task{ + Name: "task1", + Resources: &Resources{ + Networks: Networks{ + &NetworkResource{ + ReservedPorts: []Port{ + { + Label: "task_http", + Value: 80, + }, + }, + }, + }, + }, + }, + }, + }, + ErrContains: "already reserved by", + }, + { + TG: &TaskGroup{ + Name: "mixing-group-task-ports-with-host_network", + Networks: Networks{ + &NetworkResource{ + ReservedPorts: []Port{ + { + Label: "group_http", + Value: 80, + HostNetwork: "net1", + }, + }, + }, + }, + Tasks: []*Task{ + &Task{ + Name: "task1", + Resources: &Resources{ + Networks: Networks{ + &NetworkResource{ + ReservedPorts: []Port{ + { + Label: "task_http", + Value: 80, + }, + }, + }, + }, + }, + }, + }, + }, + }, } for i := range cases { From 41808d8610120e20a925c6b24c539af5bbb04c4a Mon Sep 17 00:00:00 2001 From: Nick Ethier Date: Tue, 2 Feb 2021 15:36:31 -0500 Subject: [PATCH 2/3] update CHANGELOG --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d55860333916..1076b303a4ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,9 +10,11 @@ BUG FIXES: * consul: Fixed a bug where failing tasks with group services would only cause the allocation to restart once instead of respecting the `restart` field. [[GH-9869](https://github.com/hashicorp/nomad/issues/9869)] * consul/connect: Fixed a bug where gateway proxy connection default timeout not set [[GH-9851](https://github.com/hashicorp/nomad/pull/9851)] * consul/connect: Fixed a bug preventing more than one connect gateway per Nomad client [[GH-9849](https://github.com/hashicorp/nomad/pull/9849)] + * nomad/structs: Fixed a bug where static ports with the same value but different `host_network` were invalid [[GH-9946](https://github.com/hashicorp/nomad/issues/9946)] * scheduler: Fixed a bug where shared ports were not persisted during inplace updates for service jobs. [[GH-9830](https://github.com/hashicorp/nomad/issues/9830)] * scheduler: Fixed a bug where job statuses and summaries where duplicated and miscalculated when registering a job. [[GH-9768](https://github.com/hashicorp/nomad/issues/9768)] - * scheduler (Enterprise): Fixed a bug where the deprecated network `mbits` field was being considered as part of quota enforcement. [[GH-9920](https://github.com/hashicorp/nomad/issues/9920)] + * scheduler: Fixed a bug that caused the scheduler not to detect changes for `host_network` port field. [[GH-9973](https://github.com/hashicorp/nomad/issues/9973)] + * scheduler (Enterprise): Fixed a bug where the deprecated network `mbits` field was being considered as part of quota enforcement. [[GH-9920](https://github.com/hashicorp/nomad/issues/9920)] * driver/qemu: Fixed a bug where network namespaces were not supported for QEMU workloads [[GH-9861](https://github.com/hashicorp/nomad/pull/9861)] ## 1.0.3 (January 28, 2021) From deb4261788bbc0a73640644cf944a41203fcd626 Mon Sep 17 00:00:00 2001 From: Nick Ethier Date: Mon, 8 Feb 2021 14:14:39 -0500 Subject: [PATCH 3/3] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb7783e7f118..192a9950a7b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ BUG FIXES: * scheduler: Fixed a bug where job statuses and summaries where duplicated and miscalculated when registering a job. [[GH-9768](https://github.com/hashicorp/nomad/issues/9768)] * scheduler: Fixed a bug that caused the scheduler not to detect changes for `host_network` port field. [[GH-9973](https://github.com/hashicorp/nomad/issues/9973)] * scheduler (Enterprise): Fixed a bug where the deprecated network `mbits` field was being considered as part of quota enforcement. [[GH-9920](https://github.com/hashicorp/nomad/issues/9920)] + * volumes: Fixed a bug where volume diffs were not displayed in the output of `nomad plan`. [[GH-9973](https://github.com/hashicorp/nomad/issues/9973)] ## 1.0.3 (January 28, 2021)