mirror of
https://github.com/fnproject/fn.git
synced 2022-10-28 21:29:17 +03:00
71a88a991c
* fix docker build this is trivially incorrect since glide doesn't actually provide reproducible builds. the idea is to build with the deps that we have checked into git, so that we actually know what code is executing so that we might debug it... all for multi stage build instead of what we had, but adding the glide step is wrong. i added a loud warning so as to discourage this behavior in the future. * hang the runner, agent=new sheriff tl;dr agent is now runner, with a hopefully saner api the general idea is get rid of all the various 'task' structs now, change our terminology to only be 'calls' now, push a lot of the http construction of a call into the agent, allow calls to mutate their state around their execution easily and to simplify the number of code paths, channels and context timeouts in something [hopefully] easy to understand. this introduces the idea of 'slots' which are either hot or cold and are separate from reserving memory (memory is denominated in 'tokens' now). a 'slot' is essentially a container that is ready for execution of a call, be it hot or cold (it just means different things based on hotness). taking a look into Submit should make these relatively easy to grok. sorry, things were pretty broken especially wrt timings. I tried to keep good notes (maybe too good), to highlight stuff so that we don't make the same mistakes again (history repeating itself blah blah quote). even now, there is lots of work to do :) I encourage just reading the agent.go code, Submit is really simple and there's a description of how the whole thing works at the head of the file (after TODOs). call.go contains code for constructing calls, as well as Start / End (small atm). I did some amount of code massaging to try to make things simple / straightforward / fit reasonable mental model, but as always am open to critique (the more negative the better) as I'm just one guy and wth do i know... ----------------------------------------------------------------------------- below enumerates a number of changes as briefly as possible (heh..): models.Call all the things removes models.Task as models.Call is now what it previously was. models.FnCall is now rid of in favor of models.Call, despite the datastore only storing a few fields of it [for now]. we should probably store entire calls in the db, since app & route configurations can change at any given moment, it would be nice to see the parameters of each call (costs db space, obviously). this removes the endpoints for getting & deleting messages, we were just looping back to localhost to call the MQ (wtf? this was for iron integration i think) and just calls the MQ. changes the name of the FnLog to LogStore, confusing cause there's also a `FuncLogger` which uses the Logstore (punting). removes other `Fn` prefixed structs (redundant naming convention). removes some unused and/or weird structs (IDStatus, CompleteTime) updates the swagger makes the db methods consistent to use 'Call' nomenclature. remove runner nuisances: * push down registry stuff to docker driver * remove Environment / Stats stuff of yore * remove unused writers (now in FuncLogger) * remove 2 of the task types, old hot stuff, runner, etc fixes ram available calculation on startup to not always be 300GB (helps a lot on a laptop!) format for DOCKER_AUTH env now is not a list but a map (there are no docs, would prefer to get rid of this altogether anyway). the ~/.docker/cfg expected format is unchanged. removes arbitrary task queue, if a machine is out of ram we can probably just time out without queueing... (can open separate discussion) in any case the old one didn't really account well for hot tasks, it just lined everyone up in the task queue if there wasn't a place to run hot and then timed them out [even if a slot became free]. removes HEADER_ prefixing on any headers in the request to a invoke a call. (this was inconsistent with cli for test anyway) removes TASK_ID header sent in to hot only (this is a dupe of FN_CALL_ID, which has not been removed) now user functions can reply directly to the client. this means that for cold containers if they write to stdout it will send a 200 + headers. for hot containers, the user can reply directly to the client from the container, i.e. with its preferred status code / headers (vs. always getting a 200). the dispatch itself is a little http specific atm, i think we can add an interchange format but the current version is easily extended to add json for now, separate discussion. this eliminates a lot of the request/response rewriting and buffering we were doing (yey). now Dispatch ONLY does input and output, vs. managing the call timeout and having access to a call's fields. cache is pushed down into agent now instead of in the front end, would like to push it down to the datastore actually but it's here for now anyway. cache delete functions removed (b/c fn is distributed anyway?). added app caching, should help with latency. in general, a lot of server/runner.go got pushed down into the agent. i think it will be useful in testing to be able to construct calls without having to invoke http handlers + async also needs to construct calls without a handler. safe shutdown actually works now for everything (leaked / didn't wait on certain things before) now we're waiting for hot slots to open up while we're attempting to get ram to launch a container if we didn't find any hot slots to run the call in immediately. we can change this policy really easily now (no more channel jungle; still some channels). also looking for somewhere else to go while the container is launching now. slots now get sent _out_ of a container, vs. a container receiving calls, which makes this kind of policy easier to implement. this fixes a number of bugs around things like trying to execute calls against containers that have not and may never start and trying to launch a bazillion containers when there are no free containers. the driver api underwent some changes to make this possible (relatively minimal, added Wait). the easiest way to think about this is that allocating ram has moved 'up' instead of just wrapping launching containers, so that we can select on a channel trying to find ram. not dispatching hot calls to containers that died anymore either... the timeout is now started at the beginning of Submit, rather than Dispatch or the container itself having to manage the call timeout, which was an inaccurate way of doing things since finding a slot / allocating ram / pulling image can all take a non-trivial (timeout amount, even!) amount of time. this makes for much more reasonable response times from fn under load, there's still a little TODO about handling cold+timeout container removal response times but it's much improved. if call.Start is called with < call.timeout/2 time left, then the call will not be executed and return a timeout. we can discuss. this makes async play _a lot_ nicer, specifically. for large timeouts / 2 makes less sense. env is no longer getting upper cased (admittedly, this can look a little weird now). our whole route.Config/app.Config/env/headers stuff probably deserves a whole discussion... sync output no longer has the call id in json if there's an error / timeout. we could add this back to signify that it's _us_ writing these but this was out of place. FN_CALL_ID is still shipped out to get the id for sync calls, and async [server] output remains unchanged. async logs are now an entire raw http request (so that a user can write a 400 or something from their hot async container) async hot now 'just works' cold sync calls can now reply to the client before container removal, which shaves a lot of latency off of those (still eat start). still need to figure out async removal if timeout or something. ----------------------------------------------------------------------------- i've located a number of bugs that were generally inherited, and also added a number of TODOs in the head of the agent.go file according to robustness we probably need to add. this is at least at parity with the previous implementation, to my knowledge (hopefully/likely a good bit ahead). I can memorialize these to github quickly enough, not that anybody searches before adding bugs anyway (sigh). the big thing to work on next imo is async being a lot more robust, specifically to survive fn server failures / network issues. thanks for review (gulp)
270 lines
8.4 KiB
Go
270 lines
8.4 KiB
Go
// Interface for all container drivers
|
|
|
|
package drivers
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"io"
|
|
"strings"
|
|
"time"
|
|
)
|
|
|
|
// A DriverCookie identifies a unique request to run a task.
|
|
//
|
|
// Clients should always call Close() on a DriverCookie after they are done
|
|
// with it.
|
|
type Cookie interface {
|
|
// Close should clean up any resources the cookie was using, or was going to use.
|
|
Close(ctx context.Context) error
|
|
|
|
// Run should execute task on the implementation.
|
|
// RunResult captures the result of task execution. This means if task
|
|
// execution fails due to a problem in the task, Run() MUST return a valid
|
|
// RunResult and nil as the error. The RunResult's Error() and Status()
|
|
// should be used to indicate failure.
|
|
// If the implementation itself suffers problems (lost of network, out of
|
|
// disk etc.), a nil RunResult and an error message is preferred.
|
|
//
|
|
// Run() MUST monitor the context. task cancellation is indicated by
|
|
// cancelling the context.
|
|
Run(ctx context.Context) (WaitResult, error)
|
|
}
|
|
|
|
type WaitResult interface {
|
|
// Wait may be called to await the result of a container's execution. If the
|
|
// provided context is canceled and the container does not return first, the
|
|
// resulting status will be 'canceled'. If the provided context times out
|
|
// then the resulting status will be 'timeout'.
|
|
Wait(context.Context) (RunResult, error)
|
|
}
|
|
|
|
type Driver interface {
|
|
// Prepare can be used in order to do any preparation that a specific driver
|
|
// may need to do before running the task, and can be useful to put
|
|
// preparation that the task can recover from into (i.e. if pulling an image
|
|
// fails because a registry is down, the task doesn't need to be failed). It
|
|
// returns a cookie that can be used to execute the task.
|
|
// Callers should Close the cookie regardless of whether they run it.
|
|
//
|
|
// The returned cookie should respect the task's timeout when it is run.
|
|
Prepare(ctx context.Context, task ContainerTask) (Cookie, error)
|
|
}
|
|
|
|
// RunResult indicates only the final state of the task.
|
|
type RunResult interface {
|
|
// Error is an actionable/checkable error from the container.
|
|
error
|
|
|
|
// Status should return the current status of the task.
|
|
// Only valid options are {"error", "success", "timeout", "killed", "cancelled"}.
|
|
Status() string
|
|
}
|
|
|
|
// The ContainerTask interface guides task execution across a wide variety of
|
|
// container oriented runtimes.
|
|
// This interface is unstable.
|
|
//
|
|
// FIXME: This interface is large, and it is currently a little Docker specific.
|
|
type ContainerTask interface {
|
|
// Command returns the command to run within the container.
|
|
Command() string
|
|
|
|
// EnvVars returns environment variable key-value pairs.
|
|
EnvVars() map[string]string
|
|
|
|
// Input feeds the container with data
|
|
Input() io.Reader
|
|
|
|
// The id to assign the container
|
|
Id() string
|
|
|
|
// Image returns the runtime specific image to run.
|
|
Image() string
|
|
|
|
// Timeout specifies the maximum time a task is allowed to run. Return 0 to let it run forever.
|
|
Timeout() time.Duration
|
|
|
|
// Driver will write output log from task execution to these writers. Must be
|
|
// non-nil. Use io.Discard if log is irrelevant.
|
|
Logger() (stdout, stderr io.Writer)
|
|
|
|
// WriteStat writes a single Stat, implementation need not be thread safe.
|
|
WriteStat(Stat)
|
|
|
|
// Volumes returns an array of 2-element tuples indicating storage volume mounts.
|
|
// The first element is the path on the host, and the second element is the
|
|
// path in the container.
|
|
Volumes() [][2]string
|
|
|
|
// Memory determines the max amount of RAM given to the container to use.
|
|
// 0 is unlimited.
|
|
Memory() uint64
|
|
|
|
// WorkDir returns the working directory to use for the task. Empty string
|
|
// leaves it unset.
|
|
WorkDir() string
|
|
|
|
// Close is used to perform cleanup after task execution.
|
|
// Close should be safe to call multiple times.
|
|
Close()
|
|
}
|
|
|
|
// Stat is a bucket of stats from a driver at a point in time for a certain task.
|
|
type Stat struct {
|
|
Timestamp time.Time
|
|
Metrics map[string]uint64
|
|
}
|
|
|
|
// Set of acceptable errors coming from container engines to TaskRunner
|
|
var (
|
|
// ErrOutOfMemory for OOM in container engine
|
|
ErrOutOfMemory = userError(errors.New("out of memory error"))
|
|
)
|
|
|
|
// TODO agent.UserError should be elsewhere
|
|
func userError(err error) error { return &ue{err} }
|
|
|
|
type ue struct {
|
|
error
|
|
}
|
|
|
|
func (u *ue) UserVisible() bool { return true }
|
|
|
|
// TODO: ensure some type is applied to these statuses.
|
|
const (
|
|
// task statuses
|
|
StatusRunning = "running"
|
|
StatusSuccess = "success"
|
|
StatusError = "error"
|
|
StatusTimeout = "timeout"
|
|
StatusKilled = "killed"
|
|
StatusCancelled = "cancelled"
|
|
)
|
|
|
|
type Config struct {
|
|
Docker string `json:"docker"`
|
|
// TODO CPUShares should likely be on a per container basis
|
|
CPUShares int64 `json:"cpu_shares"`
|
|
}
|
|
|
|
// for tests
|
|
func DefaultConfig() Config {
|
|
return Config{
|
|
Docker: "unix:///var/run/docker.sock",
|
|
CPUShares: 0,
|
|
}
|
|
}
|
|
|
|
func average(samples []Stat) (Stat, bool) {
|
|
l := len(samples)
|
|
if l == 0 {
|
|
return Stat{}, false
|
|
} else if l == 1 {
|
|
return samples[0], true
|
|
}
|
|
|
|
s := Stat{
|
|
Metrics: samples[0].Metrics, // Recycle Metrics map from first sample
|
|
}
|
|
t := samples[0].Timestamp.UnixNano() / int64(l)
|
|
for _, sample := range samples[1:] {
|
|
t += sample.Timestamp.UnixNano() / int64(l)
|
|
for k, v := range sample.Metrics {
|
|
s.Metrics[k] += v
|
|
}
|
|
}
|
|
|
|
s.Timestamp = time.Unix(0, t)
|
|
for k, v := range s.Metrics {
|
|
s.Metrics[k] = v / uint64(l)
|
|
}
|
|
return s, true
|
|
}
|
|
|
|
// Decimate will down sample to a max number of points in a given sample by
|
|
// averaging samples together. i.e. max=240, if we have 240 samples, return
|
|
// them all, if we have 480 samples, every 2 samples average them (and time
|
|
// distance), and return 240 samples. This is relatively naive and if len(in) >
|
|
// max, <= max points will be returned, not necessarily max: length(out) =
|
|
// ceil(length(in)/max) -- feel free to fix this, setting a relatively high max
|
|
// will allow good enough granularity at higher lengths, i.e. for max of 1 hour
|
|
// tasks, sampling every 1s, decimate will return 15s samples if max=240.
|
|
// Large gaps in time between samples (a factor > (last-start)/max) will result
|
|
// in a shorter list being returned to account for lost samples.
|
|
// Decimate will modify the input list for efficiency, it is not copy safe.
|
|
// Input must be sorted by timestamp or this will fail gloriously.
|
|
func Decimate(maxSamples int, stats []Stat) []Stat {
|
|
if len(stats) <= maxSamples {
|
|
return stats
|
|
} else if maxSamples <= 0 { // protect from nefarious input
|
|
return nil
|
|
}
|
|
|
|
start := stats[0].Timestamp
|
|
window := stats[len(stats)-1].Timestamp.Sub(start) / time.Duration(maxSamples)
|
|
|
|
nextEntry, current := 0, start // nextEntry is the index tracking next Stats record location
|
|
for x := 0; x < len(stats); {
|
|
isLastEntry := nextEntry == maxSamples-1 // Last bin is larger than others to handle imprecision
|
|
|
|
var samples []Stat
|
|
for offset := 0; x+offset < len(stats); offset++ { // Iterate through samples until out of window
|
|
if !isLastEntry && stats[x+offset].Timestamp.After(current.Add(window)) {
|
|
break
|
|
}
|
|
samples = stats[x : x+offset+1]
|
|
}
|
|
|
|
x += len(samples) // Skip # of samples for next window
|
|
if entry, ok := average(samples); ok { // Only record Stat if 1+ samples exist
|
|
stats[nextEntry] = entry
|
|
nextEntry++
|
|
}
|
|
|
|
current = current.Add(window)
|
|
}
|
|
return stats[:nextEntry] // Return slice of []Stats that was modified with averages
|
|
}
|
|
|
|
// https://github.com/fsouza/go-dockerclient/blob/master/misc.go#L166
|
|
func parseRepositoryTag(repoTag string) (repository string, tag string) {
|
|
parts := strings.SplitN(repoTag, "@", 2)
|
|
repoTag = parts[0]
|
|
n := strings.LastIndex(repoTag, ":")
|
|
if n < 0 {
|
|
return repoTag, ""
|
|
}
|
|
if tag := repoTag[n+1:]; !strings.Contains(tag, "/") {
|
|
return repoTag[:n], tag
|
|
}
|
|
return repoTag, ""
|
|
}
|
|
|
|
func ParseImage(image string) (registry, repo, tag string) {
|
|
repo, tag = parseRepositoryTag(image)
|
|
// Officially sanctioned at https://github.com/moby/moby/blob/master/registry/session.go#L319 to deal with "Official Repositories".
|
|
// Without this, token auth fails.
|
|
// Registries must exist at root (https://github.com/moby/moby/issues/7067#issuecomment-54302847)
|
|
// This cannot support the `library/` shortcut for private registries.
|
|
parts := strings.Split(repo, "/")
|
|
switch len(parts) {
|
|
case 1:
|
|
repo = "library/" + repo
|
|
case 2:
|
|
if strings.Contains(repo, ".") {
|
|
registry = parts[0]
|
|
repo = parts[1]
|
|
}
|
|
case 3:
|
|
registry = parts[0]
|
|
repo = parts[1] + "/" + parts[2]
|
|
}
|
|
|
|
if tag == "" {
|
|
tag = "latest"
|
|
}
|
|
|
|
return registry, repo, tag
|
|
}
|