mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gilbert Song <songzihao1...@gmail.com>
Subject Re: Review Request 49569: Added an option to the launch helper binary to unshare mount namespace.
Date Mon, 04 Jul 2016 08:16:18 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/49569/#review140624
-----------------------------------------------------------


Ship it!




LGTM! I will do some real container image command task tests tomorrow.

- Gilbert Song


On July 2, 2016, 10:51 p.m., Jie Yu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/49569/
> -----------------------------------------------------------
> 
> (Updated July 2, 2016, 10:51 p.m.)
> 
> 
> Review request for mesos, Benjamin Mahler, Gilbert Song, Ian Downes, and Joshua Cohen.
> 
> 
> Bugs: MESOS-5753
>     https://issues.apache.org/jira/browse/MESOS-5753
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This allows a custom executor to use this command to launch a command in
> a new root filesystem without worrying about creating a new mount
> namespace first. For example, the following command can be used to
> launch a command (`ls -al /`) using a root filesystem (`/tmp/alpine`).
> 
> `mesos-containerizer launch                         \
>     --unshare_namespace_mnt                         \
>     --rootfs=/tmp/alpine                            \
>     --command='{"shell":true,"value":"ls -al /"}'`
> 
> 
> Diffs
> -----
> 
>   src/slave/containerizer/mesos/launch.hpp c716e0396736d1f2f60ec31540f12f4f7597d081 
>   src/slave/containerizer/mesos/launch.cpp 83f4d7f28c066a605aa84862eca9fde900ec96c6 
> 
> Diff: https://reviews.apache.org/r/49569/diff/
> 
> 
> Testing
> -------
> 
> Manually tested the command on CentOS7:
> ```
> [root@core-dev ~]# /home/jie/workspace/dist/mesos/build/src/mesos-containerizer launch
--rootfs=/home/jie/alpine --unshare_namespace_mnt --command='{"shell":true,"value":"ls -al
/"}' --user=jie
> Changing root to /home/jie/alpine
> total 24
> drwxrwxr-x   17 1001     1002          4096 Jul  3 05:11 .
> drwxrwxr-x   17 1001     1002          4096 Jul  3 05:11 ..
> -rwxr-xr-x    1 root     root             0 Jul  3 05:09 .dockerenv
> drwxr-xr-x    2 root     root          4096 Apr  1 18:56 bin
> drwxr-xr-x    4 root     root           300 Jul  3 05:42 dev
> drwxr-xr-x   13 root     root          4096 Jul  3 05:09 etc
> drwxr-xr-x    2 root     root             6 Apr  1 18:56 home
> drwxr-xr-x    5 root     root          4096 Apr  1 18:56 lib
> lrwxrwxrwx    1 root     root            12 Apr  1 18:56 linuxrc -> /bin/busybox
> drwxr-xr-x    5 root     root            41 Apr  1 18:56 media
> drwxr-xr-x    2 root     root             6 Apr  1 18:56 mnt
> dr-xr-xr-x  685 root     root             0 Jun 18 02:22 proc
> drwx------    2 root     root            26 Jul  3 05:14 root
> drwxr-xr-x    2 root     root             6 Apr  1 18:56 run
> drwxr-xr-x    2 root     root          4096 Apr  1 18:56 sbin
> dr-xr-xr-x   13 root     root             0 Jun 18 02:23 sys
> drwxrwxrwt    2 root     root             6 Jul  3 05:13 tmp
> drwxr-xr-x    7 root     root            61 Apr  1 18:56 usr
> drwxr-xr-x   10 root     root            93 Apr  1 18:56 var
> ```
> 
> 
> Thanks,
> 
> Jie Yu
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message