Damon

Damon is a supervisor program to constrain windows executables that are run under the raw_exec driver in Nomad.

Usage

To use Damon, run it before your command.

damon.exe yourapp.exe [args]

Damon uses environment variables to configure process monitoring and resource constraints.

DAMON_LOG_MAX_FILES: the number of old logs to keep after rotating.
DAMON_LOG_MAX_SIZE: the maximum size (in MB) of the active log file before it gets rotated.
DAMON_LOG_DIR: directory in which to place damon log files. When DAMON_LOG_DIR is unset, it will attempt to use the standard nomad log directory ${NOMAD_ALLOC_DIR}/logs. If NOMAD_ALLOC_DIR is unset, then it will default to the current working directory.
DAMON_NOMAD_LOG_SUFFIX: Is appended to the log name of the active log file. Rotated log files contain a datestamp. The default value is .damon.log
DAMON_LOG_NAME: Is the full name of the log file (without the directory) - Setting this overrides DAMON_NOMAD_LOG_SUFFIX. When this is unset, it will default to ${NOMAD_TASK_NAME}${DAMON_NOMAD_LOG_SUFFIX}

DAMON_ENFORCE_CPU_LIMIT: When set to Y - it enforces CPU constraints on the wrapped process. Set to 'N' to disable CPU-rate limits. (Default: 'Y')
DAMON_ENFORCE_MEMORY_LIMIT: When set to Y - it enforces memory limits on the wrapped process. Set to 'N' to disable memory limits. (Default: 'Y')
DAMON_CPU_LIMIT: The CPU Limit in MHz. Defaults to NOMAD_CPU_LIMIT.
DAMON_MEMORY_LIMIT: The Memory Limit in MB. Defaults to NOMAD_MEMORY_LIMIT.
DAMON_RESTRICTED_TOKEN: When set to Y - it runs the wrapped process with a Restricted Token:
- Drops all Privileges
- Disables the BUILTIN\Administrator SID

DAMON_ADDR: Listens on this address to serve prometheus metrics. Default: ${NOMAD_ADDR_damon} This option is designed to work with the NOMAD_ADDR_damon environment variable. This means you should change your job spec to:
- request a port labeled "damon"
- add a service to the task that advertises the "damon" port to Consul service discovery - so that your prometheus infrastructure can find it and scrape it.
DAMON_METRICS_ENDPOINT: The path to the prometheus metrics endpoint. Default: /metrics

Included with this repository is make.ps1 which can be used to build damon.exe and also run tests.

.\make.ps1 -Build

Runs golangci-lint against the codebase. It will Install golangci-lint if it doesn't exist in ${GOPATH}/bin.

.\make.ps1 -Lint

Runs tests and generates code coverage files.

.\make.ps1 -Test

Check out the examples directory for scripts and job definitions.

Be sure to alter to environment variables, artifact locations, etc... to match your environment.

Name		Name	Last commit message	Last commit date
Latest commit History 49 Commits
.vscode		.vscode
container		container
examples		examples
log		log
metrics		metrics
testcmd		testcmd
vendor		vendor
version		version
win32		win32
.gitignore		.gitignore
.golangci.yml		.golangci.yml
HEADER		HEADER
LICENSE		LICENSE
README.md		README.md
SECURITY.md		SECURITY.md
appveyor.yml		appveyor.yml
config.go		config.go
go.mod		go.mod
go.sum		go.sum
main.go		main.go
make.ps1		make.ps1