There appeared to be an issue with logs appearing #98 and #68
@LucasRoesler spent a considerable amount of time looking into
this and concluded that the faas-provider and approach we are
taking to stream logs from journalctl as a process was
working as expected.
The issue appears to have been with the proxy code and its
use of a HTTP connection. Somewhere within the code, a buffer
was holding onto the data before flushing it 20-30 seconds later
This appeared to users as if the logs were not working at all.
Before fixing, the gateway container was tested by exposing
it over an SSH tunnel and inlets tunnel, both worked as
expected. The updates have been tested on multipass with
Ubuntu 18.04 and a binary built locally.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
Tested by running against a new DO cluster. Readme updated with the new variable name and a
brief description of it
Signed-off-by: Simon Emms <simon@simonemms.com>
* Adds note to change public key in cloud-config
* Upgrades containerd version
Tested on DigitalOcean.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
There appeared to be a new error with containerd not having any
kind of network configs. Reported by @LucasRoesler.
containerd is taking a very long time to start with a basic
multipass VM, > 90s. This may be a red herring, but hope the
change will be helpful.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
Graph logic moves into depgraph package and makes internal
fields inaccessible. Completes feedback from @LucasRoesler
from previous PR where the dependency graph was added for 0.9.1
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
* Adds depends_on fields to compose YAML
* Updates parsing code to copy across depends_on field to
openfaas service from compose service definition
* Adds algorithm and unit tests for finding order
* Applies order to up.go command
* Makes unit testing on MacOS possible through build directives
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
* revendor k3sup to prevent arch / OS from being printed in
the logs
* print version on startup
* bump minor CNI and containerd version for e2e tests
* revendor faas-provider for latest log printing update
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
**What**
- Use the compose-go library to read the service definitions from an
external compose file instead of building them in Go
- Add default compose file and copy during `faasd install`
- Add test for load and parse of compose file
- Make testing easier by sorting the env keys
- Allow append to instantiate the slices so that we can more easily test
for proper parsing (e.g. nil is still nil etc)
- Add the arch suffix to the compose file and set this as part of the
env when we parse the compose file. This allows faasd to dynamically
set the arch suffix used for the basic auth and the gateway images.
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
This patch fixes a vulnerability in the secrets API, however
it is important to stress that the user must be authenticated
as the admin user on the REST API before they can attempt this.
Reported by Appsecco via email. @lucasroesler, Appsecco and
myself believe this to be of low severity.
The fix prevents directory traversal characters from being
used in secret names. If a secret name such as:
../../root/.ssh/authorized_keys were to be used, an attacker
could remove the value and write their own.
Tested with unit tests and tests are now made to run
via the CI and a new Makefile target.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
**What**
- Instead of sleeping to ensure the msg channel is populated, use an
unbuffered channel. This seems to work just as well in all the manual
tests cases
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Remove the `output-fields` flag because not all journalctl versions
support it
- Add a short sleep to the start of the log stream to avoid some kind of
race/buffering condition with the Handler
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- journald log provider using exec to journalctl
```
journalctl -t <namespace>:<name> --output=json --since=<timestamp> <--follow> --output-fields=SYSLOG_IDENTIFIER,MESSAGE,_PID,_SOURCE_REALTIME_TIMESTAMP
```
- This can be tested manually using `faas-cli logs` as normal, e.g.
`faas-cli logs nodeinfo` should tail the last 5 mins of logs.
- Very basic tests ensuring that the `journalctl` comamand is correctly
construction and that the json log entrys are parsed correctly.
- Add simple e2e test to grep the function logs
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
When ListFunctions populate it's function map, it should not add
functions that GetFunction returned error.
Signed-off-by: Carlos de Paula <me@carlosedp.com>
The behaviour prior to this patch caused some confusion for
users since they expected a behaviour like Swarm / Kubernetes
which always pulls images by default, even if cached. I've tested
the change and it is working as expected. By default images are
always pulled upon deployment.
To revert to the prior behaviour, simply add to faasd up:
--pull-policy=IfNotPresent
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
Adding label when a /system/function/<name> endpoint
is invoked as it was missed in the previous commit
Signed-off-by: Martin Dekov <mvdekov@gmail.com>
