mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chun-Hung Hsiao <chhs...@mesosphere.io>
Subject Re: Review Request 58939: Filesystem isolation check for Mesos image provisioner.
Date Wed, 26 Jul 2017 23:29:33 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58939/
-----------------------------------------------------------

(Updated July 26, 2017, 11:29 p.m.)


Review request for mesos, Anand Mazumdar, Gilbert Song, and Jie Yu.


Changes
-------

Adderessed Gilbert's comments and rebased.


Bugs: mesos-7374
    https://issues.apache.org/jira/browse/mesos-7374


Repository: mesos


Description
-------

Checked if the 'filesystem/linux' isolator is enabled and the 'linux'
launcher is used when launching a mesos containerizer with an image
under Linux. This prevents the executor from messing up with the host
filesystem. The check is in `MesosContainerizerProcess::prepare()`
after provisioning and before launching, since provisioning itself
does not depend on the filesystem isolator.

Also checked that the 'filesystem/linux' is enabled and the 'linux'
launcher is used when enabling the 'docker/runtime' isolator.


Diffs (updated)
-----

  src/slave/containerizer/mesos/containerizer.cpp 9376d14d66f5dc7e91c7c0e9da253f5eb9347539

  src/slave/containerizer/mesos/provisioner/store.cpp cc5cc81e05f29bb0e11ffa13cdb8d63d4397114f



Diff: https://reviews.apache.org/r/58939/diff/7/

Changes: https://reviews.apache.org/r/58939/diff/6-7/


Testing
-------

sudo make check
Manually tested on a simplified case of mesos-7374.


Thanks,

Chun-Hung Hsiao


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message