portainer / agent Goto Github PK

The Portainer agent

License: zlib License

Go 91.72% Shell 7.19% Dockerfile 0.42% HTML 0.12% CSS 0.07% Makefile 0.48%

portainer swarm docker kubernetes

agent's Introduction

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. It is designed to be as simple to deploy as it is to use. The application allows you to manage all your orchestrator resources (containers, images, volumes, networks and more) through a ‘smart’ GUI and/or an extensive API.

Portainer consists of a single container that can run on any cluster. It can be deployed as a Linux container or a Windows native container.

Portainer Business Edition builds on the open-source base and includes a range of advanced features and functions (like RBAC and Support) that are specific to the needs of business users.

Latest Version

Portainer CE is updated regularly. We aim to do an update release every couple of months.

Getting started

Features & Functions

View this table to see all of the Portainer CE functionality and compare to Portainer Business.

Getting help

Portainer CE is an open source project and is supported by the community. You can buy a supported version of Portainer at portainer.io

Learn more about Portainer's community support channels here.

Issues: https://github.com/portainer/portainer/issues
Slack (chat): https://portainer.io/slack

You can join the Portainer Community by visiting https://www.portainer.io/join-our-community. This will give you advance notice of events, content and other related Portainer content.

Reporting bugs and contributing

Want to report a bug or request a feature? Please open an issue.
Want to help us build portainer? Follow our contribution guidelines to build it locally and make a pull request.

Security

Here at Portainer, we believe in responsible disclosure of security issues. If you have found a security issue, please report it to [email protected].

Work for us

If you are a developer, and our code in this repo makes sense to you, we would love to hear from you. We are always on the hunt for awesome devs, either freelance or employed. Drop us a line to [email protected] with your details and/or visit our careers page.

Privacy

To make sure we focus our development effort in the right places we need to know which features get used most often. To give us this information we use Matomo Analytics, which is hosted in Germany and is fully GDPR compliant.

When Portainer first starts, you are given the option to DISABLE analytics. If you don't choose to disable it, we collect anonymous usage as per our privacy policy. Please note, there is no personally identifiable information sent or stored at any time and we only use the data to help us improve Portainer.

Limitations

Portainer supports "Current - 2 docker versions only. Prior versions may operate, however these are not supported.

Licensing

Portainer is licensed under the zlib license. See LICENSE for reference.

Portainer also contains code from open source projects. See ATTRIBUTIONS.md for a list.

agent's People

Contributors

Stargazers

Watchers

Forkers

pngmbh xiameihao openfans-community-offical thinkmap tekintian senyor olljanat aprosvetova bluearchive laashub-soa isgasho jangocheng redflowflag sanyaade-teachings devopstoday11 emrahtaylan lonewolf03282015 superior-holdings zhangyuming arrislee fossabot yyn1110 citux alainlompo sdvdxl golang108 svendowideit ekmixon getcaas-io suryatmodulus james128333 john-appleseed cloudnativeleague pks-os yang-xl bugfyi taigrr tbenton oscarzhou bendathierrycom tmac825 aonoa ymdxjunfengtian smartnexus zhuyong74 msgpo marcely0 madpeteguy yassineselmi neomantra iniationware raojiarui b166er luis-sousa-pinto saradark aaomidi ustb-ai3d 83945105 elicharlese vaibhav-009 jscntw superkael savastyl itlaonong kyr-sh jcruzcruz

agent's Issues

Support volumes which do not contain a _data folder

When creating a volume with bind mounting it from a specifiv path, docker creates a link to the volume in its volumes folder, but without the _data folder. This makes the volume not browsable in portainer.

Example for creating a volume which is bind mounted:

docker volume create \
  --driver local \
  --opt type=none \
  --opt o=bind \
  --opt device="${volume_path}" \
  "${volume_name}"

Possible fix would be to remove "_data" from the path concatenation in filesystem/filesystem.go:126

Small disadvantage would be that you see the _data folder in default volumes, managed by docker.

Allow multiple Portainer instances to connect to a single agent

Multiple agent users reported that they wanted a way to connect more than one Portainer instances to a single agent.

This cannot be done with the current security model.

We want to introduce a new shared secret mechanism allowing to start an agent with a secret token via an environment variable (-e PORTAINER_AGENT_SECRET="mysecret"), the agent will then be able to check for the presence of this token in the headers of any request it receives to allow the request.

Upgrade Serf from 0.8.1 to 0.8.3

Register the agent on mulitple portainers

Context

We have two portainer dashboard:

A global one to manage all our customer docker instances
A customer specific one

I registered the edge agent on the global portainer with a setup cli copy/paste (passsing edge key as env var)

Question

How can I register this already up agent to the second portainer in order to communicate with both?

dev.sh throws parse 10.0.7.10:2375: first path segment in URL cannot contain colon

it's seems to be related to a change in http/url package where url.Parse don't like urls that don't contain a protocol prefix. adding tcp:// to each docker -H line in the script fixes it.

Remove the EDGE_POLL_FREQUENCY option

Since the poll frequency is now defined on Portainer side and returned as part of the polled information, it can be removed from the options.

Add support for customizable timeout

Multiple users reporting having problems with the agent due to connection timeout for agent requests against the Docker daemon.

See portainer/portainer#2535 for more details. Exposing a timeout option to override default timeout configuration might be a way to work around this problem.

Document how to deploy the Edge agent with the EDGE_KEY option

Add a section in the README about how the deployment of the Edge agent can be automated by setting up the key directly at startup via the -e EDGE_KEY option.

Add non-authenticated ping endpoint to agent

On multi swarm setup we want to be able have hardware load balancer between Portainer and Agent.
That way we can have example three manager nodes behind of that LB and make sure that Portainer is always contacting to working node.

Configuration it selves works already using SSL bridging but problem is that LB is not able to see if agent is really up or not. That why it would be nice to have simple non-authenticated /status endpoint on agent which can example just say OK so LB knows that as long it gets this response Agent is good to be used.

Then we don't loose access to Swarm from Portainer even if one node goes down.

Fix a potential panic issue

The following logs were reported when using the Agent deployed on a Windows Server node:

Looks like the agent panic, the error should be properly handed instead of panicking.

2018/10/04 23:03:37 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.3,

2018/10/04 23:03:38 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:03:38 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:04:05 http error: Missing Portainer public key (err=Portainer public key unavailable) (code=403),

2018/10/04 23:04:09 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:04:09 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:04:09 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 90 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bce10, 0xc04214afe0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04250f400, 0xc042031840, 0xc042207380, 0xc04214b010),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:04:15 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.4,

2018/10/04 23:04:16 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:04:16 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:04:16 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:04:16 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 47 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcc60, 0xc0420a9390, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207f000, 0xc042031540, 0xc042206060, 0xc0420a93c0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:04:22 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.5,

2018/10/04 23:04:23 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:04:23 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:04:43 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 53 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bd200, 0xc04214a070, 0xc, 0x0, 0x0, 0xc04212fef8, 0x42bc0d, 0x42e712),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207f300, 0xc042030d40, 0xc0420330e0, 0xc04214a0a0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:04:48 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.6,

2018/10/04 23:04:49 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:04:49 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:04:51 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:04:51 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 34 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcab0, 0xc0420a8b20, 0x10, 0x0, 0x0, 0x412672, 0xc04205ecb8, 0x8),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207e700, 0xc042030480, 0xc042032120, 0xc0420a8bf0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:04:56 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.7,

2018/10/04 23:04:57 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:04:57 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:05:03 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:03 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 35 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bc7e0, 0xc04214a500, 0x10, 0x0, 0x0, 0x412672, 0xc04205cd88, 0x8),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207e500, 0xc04227d2c0, 0xc042207f20, 0xc04214a570),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:05:08 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.8,

2018/10/04 23:05:09 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:05:09 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:05:10 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:10 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:10 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:10 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 42 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcea0, 0xc0420a97f0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207ef00, 0xc0420304c0, 0xc0420327e0, 0xc0420a9820),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:05:15 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.9,

2018/10/04 23:05:16 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:05:16 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:05:17 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:17 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 78 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bc2d0, 0xc0421a87e0, 0x10, 0x0, 0x0, 0xc042233ef8, 0x42bc0d, 0x42e712),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc042510e00, 0xc042031d00, 0xc0422072c0, 0xc0421a8810),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:05:23 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.10,

2018/10/04 23:05:24 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:05:24 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:05:24 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:24 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:24 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 33 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcf30, 0xc04214b290, 0x10, 0x0, 0x0, 0x412672, 0xc04205ecb8, 0x8),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004140, 0xc04207e400, 0xc042031040, 0xc042033a40, 0xc04214b300),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:05:31 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.11,

2018/10/04 23:05:32 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:05:32 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:05:34 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:34 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:34 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 71 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bd560, 0xc0421a8740, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc042524a00, 0xc04228ab40, 0xc04253e720, 0xc0421a8770),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:05:41 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.12,

2018/10/04 23:05:42 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:05:42 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:05:49 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:49 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:05:49 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 42 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcbd0, 0xc04214a340, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207eb00, 0xc0422891c0, 0xc0420320c0, 0xc04214a370),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:05:55 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.13,

2018/10/04 23:05:56 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:05:56 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:07:31 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 91 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bdc20, 0xc0422a1a70, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004140, 0xc0423aae00, 0xc042375680, 0xc0423dc4e0, 0xc0422a1b80),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:07:36 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.14,

2018/10/04 23:07:37 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:07:37 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:07:38 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:07:38 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/04 23:07:38 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 41 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcd80, 0xc0420a96e0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207eb00, 0xc042030440, 0xc042032360, 0xc0420a9710),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/04 23:07:43 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.15,

2018/10/04 23:07:44 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/04 23:07:44 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/04 23:08:51 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/05 22:15:50 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.17,

2018/10/05 22:15:51 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/05 22:15:51 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/05 22:16:34 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/05 22:16:34 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 67 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bd3b0, 0xc04214b1a0, 0x10, 0x0, 0x0, 0xc04227a180, 0x50, 0xc042182138),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc0420040a8, 0xc04223a500, 0xc04227c600, 0xc042207080, 0xc04214b1d0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/05 22:16:39 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.18,

2018/10/05 22:16:40 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/05 22:16:40 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/05 22:16:41 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 44 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcbd0, 0xc04214a7f0, 0x10, 0x0, 0x0, 0xc04236ec00, 0xc04236ebd0, 0xc04236e6f0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207ee00, 0xc042031340, 0xc042033f80, 0xc04214a840),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/05 22:16:47 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.19,

2018/10/05 22:16:48 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/05 22:16:48 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/08 10:15:06 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:06 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:06 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

routine 12310 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bd4d0, 0xc0420182b0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc0423f1900, 0xc042031f00, 0xc042033aa0, 0xc0420182f0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/08 10:15:12 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.20,

2018/10/08 10:15:13 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/08 10:15:13 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/08 10:15:13 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:13 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 48 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bce10, 0xc04214b960, 0x10, 0x0, 0x0, 0xc04204def8, 0x42bc0d, 0x42e712),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004140, 0xc04207f200, 0xc042031880, 0xc042206b40, 0xc04214b9d0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/08 10:15:18 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.21,

2018/10/08 10:15:19 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/08 10:15:19 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/08 10:15:33 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:33 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:41 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 139 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc042448bd0, 0xc0422a1780, 0x9, 0x0, 0x0, 0xc0423b3ef8, 0x42bc0d, 0x42e712),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc042208b00, 0xc04222c200, 0xc0422777a0, 0xc0422a1a70),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/08 10:15:47 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.22,

2018/10/08 10:15:48 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/08 10:15:48 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/08 10:15:48 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:48 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:48 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 34 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcbd0, 0xc04214a140, 0xc, 0x0, 0x0, 0x412672, 0xc04205ebe8, 0x8),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207e700, 0xc042030480, 0xc042032120, 0xc04214a200),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/08 10:15:54 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.23,

2018/10/08 10:15:55 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/08 10:15:55 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/08 10:15:55 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

2018/10/08 10:15:55 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 34 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcea0, 0xc04214a440, 0x10, 0x0, 0x0, 0x412672, 0xc04205ae58, 0x8),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004138, 0xc04207e400, 0xc042375e00, 0xc0423af980, 0xc04214a4b0),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/08 10:16:01 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.24,

2018/10/08 10:16:02 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/08 10:16:02 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

2018/10/08 10:16:03 http error: Unable to proxy the request via the Docker socket (err=open //./pipe/docker_engine: The system cannot find the file specified.) (code=500),

panic: interface conversion: interface {} is map[string]interface {}, not []interface {},

,

goroutine 39 [running]:,

bitbucket.org/portainer/agent/http/proxy.responseToJSONArray(0xc0422bcd80, 0xc04214af40, 0x10, 0x0, 0x0, 0xf370a1c8ce872167, 0x13b69a62f24afc32, 0x91fa9cd51aad3c6c),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/response.go:47 +0x35e,

bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).copyAndExecuteRequest(0xc042004110, 0xc04207e900, 0xc042031300, 0xc0422060c0, 0xc04214af70),

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:101 +0x12a,

created by bitbucket.org/portainer/agent/http/proxy.(*ClusterProxy).executeRequestOnCluster,

                /home/tony/workspaces/go/src/bitbucket.org/portainer/agent/http/proxy/cluster.go:79 +0x93,

2018/10/08 10:16:09 [INFO] serf: EventMemberJoin: ee9b250aa26c 10.0.0.25,

2018/10/08 10:16:10 [WARN] memberlist: Failed to resolve tasks.agent: lookup tasks.agent: no such host,

2018/10/08 10:16:10 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true),

Agent takes a while to acknowledge that another agent is unavailable

Related to: portainer/portainer#2938

Add a new API endpoint to retrieve host information

Add a new endpoint /host/info to retrieve information about the host where the agent is running.

It might be necessary to bind-mount host folders such as /proc to retrieve information about the underlying host.

The following information should be retrieved:

physical device vendor, device version, device serial number, installed PCI devices, Physical Disk (block devices).

Memory leak

We're having trouble with the portainer agent memory increasing continously, here's a graph of a 2 node swarm:

As you can see from the screenshot one of the agents gets killed by the OOM after reaching 100% (128MB). The memory usage of the other agent then drop.

Here are logs from the agent around the time where it gets killed (chonologically reversed, sorry):

We see a lot of the memberlist and serf reconnect messages, is that normal?

Here's my compose file:

portainer-agent:
    image: portainer/agent:1.4.0
    environment:
      AGENT_CLUSTER_ADDR: tasks.portainer-agent
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    networks:
      - agent_network
    deploy:
      mode: global
      resources:
        limits:
          memory: 128M
      placement:
        constraints: [node.platform.os == linux]
  portainer:
    image: portainer/portainer:1.22.0
    command: -H tcp://tasks.portainer-agent:9001 --tlsskipverify --admin-password '********'
    ports:
      - "9000:9000"
    volumes:
      - portainer_data2:/data
    networks:
      - agent_network
    deploy:
      resources:
        limits:
          memory: 256M
      placement:
        constraints: [node.role == manager]

The --add-host option is ignored

In order to register an agent trough a private network, I have to add the --add-host option like this:

docker run -d -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes -v /:/host --restart always -e EDGE=1 -e EDGE_ID=xxx-xxx-xxx -e EDGE_KEY=XxX -e CAP_HOST_MANAGEMENT=1 -v portainer_agent_data:/data --name portainer_edge_agent --add-host=portainer.domain.io:10.10.200.101 portainer/agent

This is not working. It seems the agent is ignoring the host override and is still trying to fetch the public ip.

Support deployment in Swarm cluster with macvlan network

Following up disscussions in #95 and portainer/portainer#3279 re-openning this issue. @deviantony

Since 1.5 realease portainer-agent won't run.

Here is my configurations:
Portainer:

  Portainer:
    image:          portainer/portainer
    container_name: Portainer
    hostname: Portainer
    domainname: mydomain
    restart:        always
    mac_address:  xx:xx:xx:xx:xx:xx
    networks:
      mynet:
        ipv4_address: 192.168.1.104
    deploy:
      mode: global
      placement:
        constraints:
          - node.role == manager
          - node.hostname == server
    command: --no-auth --admin-password=''
    volumes:
      - /Dockers/Portainer:/data
      - /etc/localtime:/etc/localtime:ro
    environment:
      - CAP_HOST_MANAGEMENT=true

Portainer-Agent:

  Portainer-Agent-FRW:
    image:          "portainer/agent:dev"
    container_name: Portainer-Agent-FRW
    hostname: Portainer-Agent-FRW
    domainname: mydomain
    restart:        always
    mac_address: xx:xx:xx:xx:xx:xx
    networks:
      mynet:
        ipv4_address: 192.168.1.134
    deploy:
      mode: global
      placement:
        constraints:
          - node.hostname == server
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    environment:
      - AGENT_CLUSTER_ADDR=192.168.1.134
      - CAP_HOST_MANAGEMENT=true
      - LOG_LEVEL=debug

Network:

networks:
  mynet:
    name: mynet
    driver: macvlan
    driver_opts:
      parent: ens18
    ipam:
      config:
        - subnet: 192.168.1.0/24

Error:

│   2019/10/23 07:31:58 [DEBUG] [docker] [network_name: mynet] [scope: local] [ingress: false] [message: Skipping invalid container network]           │
│   2019/10/23 07:31:58 [ERROR] [main,docker] [message: Unable to retrieve local agent IP address] [error: unable to retrieve the address on which   │
│    the agent can advertise. Check your network settings]                                                                                           │
│   2019/10/23 07:32:00 [DEBUG] [main,configuration] [Member tags: map[AgentPort:9001 EngineStatus:swarm NodeName:ubuntu NodeRole:manager]]          │
│   2019/10/23 07:32:00 [INFO] [main] [message: Agent running on a Swarm cluster node. Running in cluster mode]

Manage dependencies via dep

As for other go projects, we should introduce the usage of dep to manage the go dependencies of this project.

Do not return an error if a resource list request fails for a specific node during an aggregation request

If a resource list request fails for a specific node during an aggregation request it should be logged instead of returning an error for the aggregation request.

Add a new API endpoint to upload a file to the filesystem

We must support uploading a file on the filesystem in the /browse handler, such as /browse/put.

Path traversal in volume-browser file upload

Description

It is possible to upload a file to an arbitrary location inside a container through the volume-browser file upload feature.

Affected version(s)

Portainer version <= 1.22.0

Credit to Tin Duong of Fortinet’s FortiGuard Labs

Add a new API endpoint to execute a script

We need to add a new API endpoint that can be used to execute a script on a specified path on the filesystem.

The script should be executed outside of the agent process such as if the agent is killed during the script execution, the script must continue its execution.

Agent does connect to some node's not all (armv7l /x64 mixed swarm)

Bug description
I have a swarm of 5 nodes (4x linux armv7l, 1 linux x86_64 ), when launching the agent stack the armv7l nodes join each other but not the linux x86_64 node

Expected behavior
I expect all agents to connect to each other irregardless of architecture.

Steps to reproduce the issue:
deploy stack with the following compose file:

version: '3.2'

services:
  agent:
    image: portainer/agent
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    ports:
      - target: 9001
        published: 9001
        protocol: tcp
        mode: host
    networks:
      - portainer_agent
    deploy:
      mode: global
      placement:
        constraints: [node.platform.os == linux]

networks:
  portainer_agent:
    driver: overlay
    attachable: true

amd64 node (manager)

2019/11/12 15:04:34 [INFO] [main] [message: Agent running on a Swarm cluster node. Running in cluster mode]
2019/11/12 15:04:37 [INFO] serf: EventMemberJoin: gen8-96cb79962f2b 10.0.5.6
2019/11/12 15:05:18 [INFO] [http] [server_addr: 0.0.0.0] [server_port: 9001] [secured: true] [api_version: 1.5.1] [message: Starting Agent API server]

arm64 node (workers)

2019/11/12 15:04:33 [INFO] [main] [message: Agent running on a Swarm cluster node. Running in cluster mode]
2019/11/12 15:04:36 [INFO] serf: EventMemberJoin: tethys-d77182e7507e 10.0.5.7
2019/11/12 15:04:36 [INFO] serf: EventMemberJoin: atlas-e2d118f82a55 10.0.5.3
2019/11/12 15:04:36 [INFO] serf: EventMemberJoin: titan-499886d03a92 10.0.5.5
2019/11/12 15:04:36 [INFO] serf: EventMemberJoin: ganymede-565f285dfcd6 10.0.5.4
2019/11/12 15:04:47 [INFO] [http] [server_addr: 0.0.0.0] [server_port: 9001] [secured: true] [api_version: 1.5.1] [message: Starting Agent API server]

They are on the same network and i've launched a container connected on the portainer agent network and did a nslookup on tasks.portainer_agent, all ip's show up

Technical details:

Portainer version: agent/latest
Docker version: 19.03.4
Platform (windows/linux): linux
Browser: n/a

Replace the advertising IP address retrieval mecanism

Current advertising IP address mecanism should be replaced with a more effective and stable implementation.

Duplicate HTTP response write failures

I am getting the follow error messages from a Windows agent:

http error: Unable to write JSON response (err=write tcp 192.168.137.30:1337->192.168.137.31:54478: wsasend: An existing connection was forcibly closed by the remote host.) (code=500)
http: multiple response.WriteHeader calls

1337 is the AGENT_PORT.

Portainer On swarm with agent, agent_secret doesn't fix authentication issue

services:
  agent:
    image: portainer/agent
    environment:
      AGENT_CLUSTER_ADDR: tasks.agent
      AGENT_PORT: 9001
      #AGENT_SECRET: mysecrettoken
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /hdd/zdocker/volumes:/var/lib/docker/volumes
    networks:
      - agent-network
    ports:
      - target: 9001
        published: 9001
        protocol: tcp
        mode: host
    deploy:
      mode: global
      placement:
        constraints: [node.platform.os == linux]
  portainer:
    image: portainer/portainer:latest
    command: -H tcp://tasks.agent:9001 --tlsskipverify
    volumes:
      - portainer-data:/data
    ports:
      - "9000:9000"
    networks:
      - agent-network
    environment:
          TZ: Pacific/Auckland
          SERVICE_PORTS: "9000"
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.role == manager]

Trying to get portainer to work in a swarm. I had it working, before I added agent_secret - which was added in efforts to fix an authentication issue when the swarm manager died and the portainer gui transferred to a 2nd manager (ref: https://portainer.readthedocs.io/en/stable/agent.html#shared-secret)

But now, upon starting the service, the ui asks for initial credentials, and then shows the primary, until you click on it, and then it reports down.

I see in the logs for the agent where the ui is running that it is reporting a 403 error.

Add support for container attach

Equivalent of portainer/portainer#2842

Introduce Edge mode

See portainer/portainer#3030

If the upload creates a directory, the directory has the wrong permissions

The agent tries to create a file and directory with permission 0644 which is fine for files(we probably want to support uploading executable files at some point) but directories need the execute permission. This can be done by doing two io writes, one on the path with 0774, and then the file with 0644

s390x is amd64

The most recent tag 1.5.1 contains two os/arch configurations on Docker Hub that are linux/amd64 where the one with digest 4b8cd6f451dd should be s390x.

See https://hub.docker.com/r/portainer/agent/tags.

Investigate a potential memory leak

Related to portainer/portainer#2254

Agent running on worker node not updating state when node is promoted to manager

Related to: portainer/portainer#2937

Error even though variable is set. [message: AGENT_CLUSTER_ADDR environment variable is required when deploying the agent inside a Swarm cluster]

Bug description
I am getting these errors despite, i think, setting the ENV VAR correctly in the stack file; this is resulting in many restarts and container creations and deletions - basically an infinite loop. These logs were pulled from the service logs UI in portainer (attached as local).

2019/10/09 05:19:13 [INFO] [main] [message: Agent running on a Swarm cluster node. Running in cluster mode], 2019/10/09 05:19:13 [ERROR] [main,configuration] [message: AGENT_CLUSTER_ADDR environment variable is required when deploying the agent inside a Swarm cluster], 2019/10/09 05:19:23 [INFO] [main] [message: Agent running on a Swarm cluster node. Running in cluster mode], 2019/10/09 05:19:23 [ERROR] [main,configuration] [message: AGENT_CLUSTER_ADDR environment variable is required when deploying the agent inside a Swarm cluster],

Expected behavior
I expected it to work and not get this error given i did set the AGENT_CLUSTER_ADDR in the stack file and 95% certain i got the synatx right, this may also explain why the curl and manual methods resulted in may restarts.

Steps to reproduce the issue:

Install portainer on synology
create symlink /var/lib/docker/volumes > /volume3/@docker/volumes (this is where they are located on synology - volumeN/@docker where N is the volume number)
create a swarm with docker command line tools
try and deploy this stack via portainer UI calling the stack 'agent' resulting in a service name of agent_agent


services:
  agent:
    image: portainer/agent
    environment:
      AGENT_CLUSTER_ADDR: tasks.agent_agent
      AGENT_SECRET: mysecrettoken
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    ports:
      - target: 9001
        published: 9001
        protocol: tcp
        mode: host
    networks:
      - portainer_agent
    deploy:
      mode: global
      placement:
        constraints: [node.platform.os == linux]

networks:
  portainer_agent:
    driver: overlay
    attachable: true

**Technical agent:
latest as of 10.8.2019

Docker version (managed by Portainer):
Server Version: 18.09.6
Storage Driver: btrfs
Platform (windows/linux):
Linux (synology)
Portainer is working well.
Docker appears to be running ok as root.

Is there a way to run the agent as a standalone container (not part of a swarm, for testing purposes)?

Upload fails on big files (>32MB)

When uploading big files, the handler return 404 error with the following message:

{
  "err": "Invalid request payload",
  "details": "Invalid file path"
}

I checked some file sizes and it seems like 32MB is the limit.

Edge Agent makes assumptions about swarm mode

I have a system in my network that has docker swarm mode enabled, but is not the system that the portainer server is running on.

when I use docker run to start an edge agent on this host, it complains that it needs AGENT_CLUSTER_ADDR set.

In this case, I want to have a non-swarm cluster agent...

Change reconnect policy for agents marked as failed

The current reconnect policy for agents marked as fail is a retry every 30 seconds for a period of 24h.

This will lead the agent to generate logs similar to these for that period:

portainer-agent-dev.0.4oscreqt5nhx@swarmnode1    | 2019/09/18 21:56:06 [INFO] serf: attempting reconnect to swarmnode2-d495f52ab440 10.0.14.6:7946
portainer-agent-dev.0.4oscreqt5nhx@swarmnode1    | 2019/09/18 21:56:39 [INFO] serf: attempting reconnect to swarmnode2-d495f52ab440 10.0.14.6:7946
portainer-agent-dev.0.4oscreqt5nhx@swarmnode1    | 2019/09/18 21:57:12 [INFO] serf: attempting reconnect to swarmnode2-d495f52ab440 10.0.14.6:7946

I believe that this configuration do not make sense in the context of the agent running inside a Swarm and it should be tuned to the context.

Expose a status API endpoint

Expose a new API endpoint to retrieve the status of a specific agent in the cluster.

Information exposed could be:

Number of agents in the cluster
Signature validation enabled
Edge details (key set, remote URL...)

It should be decided if this endpoint should be available publicly or not.

Upload corrupts non-text files

Uploads that involve non text files end up with a different md5 checksum then when they were uploaded.

Add more logging around the failed proxy requests

More DEBUG logging should be added.

Agent doesn't redirect headers to other nodes

related to portainer/portainer#2566

When a websocket opens to other nodes (e.g console) public key header isn't redirected to the node

see https://github.com/portainer/agent/blob/develop/http/proxy/proxy.go#L39-42

Add a short lived ping request before a resourceList operation for any aggregation request

The agent takes a few seconds to acknowledge that another agent in the cluster is not available anymore.

In order to prevent an aggregation request to send a long-lived request (timeout is set to 120seconds for resouceList requests) to a node that is not available anymore, we should introduce a short lived request to ping the target before sending the resourceList operation.

This should address portainer/portainer#2938

Load default value for advertise address automatically

In order to provide an easier way to deploy the agent (less parameters) and to prevent configuration errors related to providing an invalid value to the currently mandatory AGENT_CLUSTER_ADDR, it should be possible to leverage the container labels to retrieve the name of the service associated to the container.

This information is available under the com.docker.swarm.service.name container label which is present when deploying the agent as a service or via a Swarm stack.

For legacy deployments via containers such as hybrid Linux/Windows deployments requiring the agent to run as a container attached to an overlay network on Windows nodes, this option should still be available.

If specified the value of AGENT_CLUSTER_ADDR should override the default retrieved from the label.

Investigate a potential file handler leak

Related to portainer/portainer#1991

Use an error format that is compliant with the Docker API

Update the error format returned by the Agent API to include a message field. This will make it easier to integrate the agent with the Docker SDK.

Unable to retrieve local agent IP address with agent 1.5.0

After updating to agent 1.5.0 I only get error messages:

portainer_agent_1  | 2019/10/11 06:40:19 [ERROR] [main,docker] [message: Unable to retrieve local agent IP address] [error: unable to retrieve the address on which the agent can advertise. Check your network settings]

I am running agent from docker-compose using the following docker-compose.yml:

version: '2.3'

services:
  portainer_agent:
    image: "portainer/agent:1.5.0"
    ports:
      - "9001:9001"
    userns_mode: "host"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /mnt/docker/volumes:/var/lib/docker/volumes
      - ${MY_VOLUME_PATH}/admin_portainer_agent/:/data
    restart: "${RESTART:-unless-stopped}"

System environment:

sven@fangorn:~$ uname -a
Linux fangorn 5.0.0-31-generic #33~18.04.1-Ubuntu SMP Tue Oct 1 10:20:39 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
sven@fangorn:~$ docker version
Client: Docker Engine - Community
 Version:           19.03.3
 API version:       1.40
 Go version:        go1.12.10
 Git commit:        a872fc2f86
 Built:             Tue Oct  8 00:59:59 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.3
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.10
  Git commit:       a872fc2f86
  Built:            Tue Oct  8 00:58:31 2019
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.6
  GitCommit:        894b81a4b802e4eb2a91d1ce216b8817763c29fb
 runc:
  Version:          1.0.0-rc8
  GitCommit:        425e105d5a03fabd737a126ad93d62a9eeede87f
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683
sven@fangorn:~$ docker-compose version
docker-compose version 1.24.1, build 4667896b
docker-py version: 3.7.3
CPython version: 3.6.8
OpenSSL version: OpenSSL 1.1.0j  20 Nov 2018

Create the technical documentation for the Edge agent

Add the technical documentation for the Edge to the README and update existing documentation.

Topics to cover:

Add some documentation about the fact that when started in Edge mode, the agent API will listen on the advertiseAddr retrieved at startup (typically the container IP inside the container network) to prevent any unsecured communication with the API if the port was to be exposed.
Document edge key retrieval process

from options
from filesystem
from cluster

Add documentation about key persistence
Document container IP retrieval process and add a note about the agent and ingress that can break this process
document the extra security layer added by the Edge ID in the poll request payload

Build fails on Windows

I noticed that after 7745c37 building agent for windows-amd64 fails to error:

/go/src/github.com/portainer/agent/http/handler/websocket/dial_windows.go:10:9: undefined: winio

@deviantony is there some reason that you have removed github.com/Microsoft/go-winio import from there?

Add API versioning

With the introduction of breaking changes in the API (potential changes to the browse API related to #8) we'll need to add API versioning to the agent in order to pin a specific version of the agent to the Portainer backend.

Bump default Docker request timeout

Default Docker request timeout is 10 seconds which might not be enough in high latency environments causing issues with Portainer.

We should update the default value.

Replaces #51

Unable to retrieve PCI/Disk infos

One of our customer reported that he was unable to get the PCI/Disk info in the host view of Portainer. These features are agent related.

He reported the following error in the host view when trying to access it:

http error: Unable to retrieve host information (err=Get https://pci-ids.ucw.cz/v2.2/pci.ids.gz: x509: certificate signed by unknown authority) (code=500)

I did a quick investigation on this:

We leverage the jaypipes/ghw library (https://github.com/jaypipes/ghw) to retrieve PCI info, this library relays on https://github.com/jaypipes/pcidb to retrieve PCI info, more details in:

https://github.com/jaypipes/ghw#pci

It seems that the call to this URL https://pci-ids.ucw.cz/v2.2/pci.ids.gz was introduced with this PR: jaypipes/pcidb#2 around 3 weeks ago.

From what I understand of this PR, it will try to look for any PCI definitions on the filesystem first and if cannot find any definition, then will try to download these definitions from this URL.

I asked our customer to check if the /usr/share/misc/pci.ids file existed inside his environment and he confirmed the existence of this file:

Could this be because where searching for this file inside the container filesystem instead of the host? Should we leverage jaypipes/ghw#56 to fix this problem?

Ideally, avoiding any Internet related action would be better.

Disable host management capabilities by default

The host management capabilites are considered dangerous as they expect you to bind mount the host root inside the agent container.

They should be disabled by default, and enabled via the CAP_HOST_MANAGEMENT=1 environment variable.

Related features:

Ability to browse the filesystem outside of volumes

Add the ability to browse anywhere on the filesystem

Currently, the agent browse feature is limited to the a specific part of the filesystem defined via the constant SystemVolumePath.

As a part of portainer/portainer#2182, we need to support browsing the FS anywhere.

The filesystem browsing and volume browsing features are fundamentally the same but their target is different. We still need to limit the ability to browse outside of a volume in the context of volume browsing.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.