mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chun-Hung Hsiao <>
Subject Re: Review Request 58939: Filesystem isolation check for Mesos image provisioner.
Date Wed, 26 Jul 2017 23:29:33 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated July 26, 2017, 11:29 p.m.)

Review request for mesos, Anand Mazumdar, Gilbert Song, and Jie Yu.


Adderessed Gilbert's comments and rebased.

Bugs: mesos-7374

Repository: mesos


Checked if the 'filesystem/linux' isolator is enabled and the 'linux'
launcher is used when launching a mesos containerizer with an image
under Linux. This prevents the executor from messing up with the host
filesystem. The check is in `MesosContainerizerProcess::prepare()`
after provisioning and before launching, since provisioning itself
does not depend on the filesystem isolator.

Also checked that the 'filesystem/linux' is enabled and the 'linux'
launcher is used when enabling the 'docker/runtime' isolator.

Diffs (updated)

  src/slave/containerizer/mesos/containerizer.cpp 9376d14d66f5dc7e91c7c0e9da253f5eb9347539

  src/slave/containerizer/mesos/provisioner/store.cpp cc5cc81e05f29bb0e11ffa13cdb8d63d4397114f




sudo make check
Manually tested on a simplified case of mesos-7374.


Chun-Hung Hsiao

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message