mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chun-Hung Hsiao <chhs...@mesosphere.io>
Subject Re: Review Request 58939: Filesystem isolation check for Mesos image provisioner.
Date Wed, 03 May 2017 22:07:46 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58939/
-----------------------------------------------------------

(Updated May 3, 2017, 10:07 p.m.)


Review request for mesos, Anand Mazumdar, Gilbert Song, and Jie Yu.


Changes
-------

Added checks for 'linux' launcher dependencies.


Summary (updated)
-----------------

Filesystem isolation check for Mesos image provisioner.


Bugs: mesos-7374
    https://issues.apache.org/jira/browse/mesos-7374


Repository: mesos


Description (updated)
-------

Checked if the 'filesystem/linux' isolator is enabled and the 'linux'
launcher is used when launching a mesos containerizer with an image
under Linux. This prevents the executor from messing up with the host
filesystem. The check is in `MesosContainerizerProcess::prepare()`
after provisioning and before launching, since provisioning itself
does not depend on the filesystem isolator.

Also checked that the 'filesystem/linux' is enabled and the 'linux'
launcher is used when enabling the 'docker/runtime' isolator.


Diffs (updated)
-----

  src/slave/containerizer/mesos/containerizer.cpp b58baed64480e22f640a4852537f85922ed382ae

  src/slave/containerizer/mesos/provisioner/provisioner.cpp be45fc59027f176b43b767e9441fd8089ceec7b4



Diff: https://reviews.apache.org/r/58939/diff/2/

Changes: https://reviews.apache.org/r/58939/diff/1-2/


Testing
-------

sudo make check
Manually tested on a simplified case of mesos-7374.


Thanks,

Chun-Hung Hsiao


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message