Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added resource limit worker for IIS webserver #33

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 17 additions & 4 deletions examples/iis-test.nomad
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,16 @@ job "iis-test" {
task "iis-test" {
driver = "win_iis"

artifact {
source = "https://github.com/iamabhishek-dubey/nomad-driver-iis/releases/download/v0.4/test-hello-world.zip"
}
config {
path = "C:\\inetpub\\wwwroot"
path = "${NOMAD_TASK_DIR}\\netcoreapp2.1"

apppool_identity {
identity="SpecificUser"
username="vagrant"
password="vagrant"
identity = "NetworkService"
}

bindings {
type = "http"
resource_port = "httplabel"
Expand All @@ -32,6 +35,16 @@ job "iis-test" {
port "httplabel" {}
}
}
service {
name = "iis-test"
tags = ["iis-test", "windows-iis-test"]
port = "httplabel"
check {
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
}
}
}
5 changes: 5 additions & 0 deletions iis/driver.go
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,10 @@ var (
"username": hclspec.NewAttr("username", "string", false),
"password": hclspec.NewAttr("password", "string", false),
})),
"resource_limit": hclspec.NewBlock("resource_limit", false, hclspec.NewObject(map[string]*hclspec.Spec{
"cpu_limit": hclspec.NewAttr("cpu_limit", "number", true),
"memory_limit": hclspec.NewAttr("memory_limit", "number", true),
})),
Comment on lines +90 to +93
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For this feature, I would prefer we use the resources stanza from Nomad and apply said values to IIS rather than configuring it within the driver config stanza.

https://www.nomadproject.io/docs/job-specification/resources

The resources stanza is a required setting for a nomad job spec, so we shouldn't have to worry about the value not being set. There might be a bit of conversion needed between nomad's value and types to what IIS is expecting, but this will facilitate a better UX for users who use other drivers and their settings.

"bindings": hclspec.NewBlockList("bindings", hclspec.NewObject(map[string]*hclspec.Spec{
"hostname": hclspec.NewAttr("hostname", "string", false),
"ipaddress": hclspec.NewAttr("ipaddress", "string", false),
Expand Down Expand Up @@ -123,6 +127,7 @@ type TaskConfig struct {
AppPoolConfigPath string `codec:"apppool_config_path"`
SiteConfigPath string `codec:"site_config_path"`
AppPoolIdentity iisAppPoolIdentity `codec:"apppool_identity"`
AppPoolResources iisResourceLimit `codec:"resource_limit"`
Bindings []iisBinding `codec:"bindings"`
}

Expand Down
45 changes: 45 additions & 0 deletions iis/iis.go
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,12 @@ type iisAppPoolIdentity struct {
Username string `codec:"username"`
}

// IIS ResourceLimit used for Application pool worker process
type iisResourceLimit struct {
CPULimit int `codec:"cpu_limit"`
MemoryLimit int `codec:"memory_limit"`
}

// IIS Binding struct to match
type iisBinding struct {
CertHash string `codec:"cert_hash"`
Expand Down Expand Up @@ -259,6 +265,42 @@ func applyAppPoolIdentity(appPoolName string, appPoolIdentity iisAppPoolIdentity
return nil
}

// Applies the Application Pool resource limit
func applyAppPoolResourceLimit(appPoolName string, appPoolResource iisResourceLimit) error {
properties := []string{"set", "config", "-section:system.applicationHost/applicationPools"}

if appPoolResource.CPULimit != 0 {

cpuLimitSize := appPoolResource.CPULimit * 1000

properties = append(properties, fmt.Sprintf("/[name='%s'].cpu.limit:%s", appPoolName, strconv.Itoa(cpuLimitSize)))
properties = append(properties, fmt.Sprintf("/commit:apphost"))

if _, err := executeAppCmd(properties...); err != nil {
return fmt.Errorf("Failed to set Application Pool Resources: %v", err)
}
}
properties = []string{"set", "config", "-section:system.applicationHost/applicationPools"}

properties = append(properties, fmt.Sprintf("/[name='%s'].cpu.action:%s", appPoolName, "KillW3wp"))
properties = append(properties, fmt.Sprintf("/commit:apphost"))
if _, err := executeAppCmd(properties...); err != nil {
return fmt.Errorf("Failed to set Application Pool Resources: %v", err)
}
Comment on lines +283 to +289
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would prefer this be a part of the CPULimit scope above as this pertains to configuring the CPU. Does applying this settings cause a noop if the CPULimit is left at 0?


properties = []string{"set", "config", "-section:system.applicationHost/applicationPools"}

if appPoolResource.MemoryLimit != 0 {
memoryLimitSize := appPoolResource.MemoryLimit * 1000
properties = append(properties, fmt.Sprintf("/[name='%s'].recycling.periodicRestart.privateMemory:%s", appPoolName, strconv.Itoa(memoryLimitSize)))
properties = append(properties, fmt.Sprintf("/commit:apphost"))
if _, err := executeAppCmd(properties...); err != nil {
return fmt.Errorf("Failed to set Application Pool Resources: %v", err)
}
}
return nil
}

// Creates an Application Pool with the given name and applies an IIS exported Application Pool xml if a path is provided
func createAppPool(appPoolName string, configPath string) error {
if exists, err := doesAppPoolExist(appPoolName); err != nil || exists {
Expand Down Expand Up @@ -593,6 +635,9 @@ func createWebsite(websiteName string, config *TaskConfig) error {
if err := applyAppPoolIdentity(websiteName, config.AppPoolIdentity); err != nil {
return err
}
if err := applyAppPoolResourceLimit(websiteName, config.AppPoolResources); err != nil {
return err
}
if err := createSite(websiteName, config.Path, config.SiteConfigPath); err != nil {
return err
}
Expand Down
4 changes: 4 additions & 0 deletions iis/iis_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -290,6 +290,10 @@ func TestWebsite(t *testing.T) {
{Type: "http", Port: 8080},
{Type: "https", Port: 8081, CertHash: hash},
},
AppPoolResources: iisResourceLimit{
CPULimit: 50,
MemoryLimit: 500,
},
AppPoolConfigPath: "C:\\vagrant\\vagrant\\testapppool.xml",
SiteConfigPath: "C:\\vagrant\\vagrant\\testsite.xml",
}
Expand Down
9 changes: 9 additions & 0 deletions scripts/win_provision.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,17 @@ Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://cho
choco install git.install --version=2.25.1 -y --no-progress
choco install golang --version=1.14 -y --no-progress
choco install nomad --version=0.11.0 -y --no-progress
choco install consul --version=1.8.5 -y --no-progress

Stop-Service nomad
Stop-Service consul

Get-CimInstance win32_service -filter "name='consul'" | Invoke-CimMethod -Name Change -Arguments @{StartName="LocalSystem"} | Out-Null
$consulDir = "C:\\ProgramData\\consul"
New-Item -ItemType Directory -Path "$consulDir\\data" -Force
Copy-Item "C:\\vagrant\\vagrant\\consul.json" -Destination "$consulDir\\config\\consul.json" -Force
Start-Service consul

Get-CimInstance win32_service -filter "name='nomad'" | Invoke-CimMethod -Name Change -Arguments @{StartName="LocalSystem"} | Out-Null
$nomadDir = "C:\\ProgramData\\nomad"
New-Item -ItemType Directory -Path "$nomadDir\\plugin" -Force
Expand Down
7 changes: 7 additions & 0 deletions vagrant/consul.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
{
"client_addr": "0.0.0.0",
"datacenter": "dc1",
"bind_addr": "172.17.8.101",
"data_dir": "C:\\ProgramData\\consul\\data",
"ui": true
}
4 changes: 4 additions & 0 deletions vagrant/win_client.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ log_level = "INFO"
data_dir = "C:\\ProgramData\\nomad\\data"
plugin_dir = "C:\\ProgramData\\nomad\\plugin"

consul {
address = "localhost:8500"
}

# Enable server mode
server {
enabled = true
Expand Down