From reviews-return-66103-apmail-mesos-reviews-archive=mesos.apache.org@mesos.apache.org Tue Sep 19 06:13:59 2017 Return-Path: X-Original-To: apmail-mesos-reviews-archive@minotaur.apache.org Delivered-To: apmail-mesos-reviews-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6E460C2CF for ; Tue, 19 Sep 2017 06:13:59 +0000 (UTC) Received: (qmail 40913 invoked by uid 500); 19 Sep 2017 06:13:59 -0000 Delivered-To: apmail-mesos-reviews-archive@mesos.apache.org Received: (qmail 40885 invoked by uid 500); 19 Sep 2017 06:13:59 -0000 Mailing-List: contact reviews-help@mesos.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: reviews@mesos.apache.org Delivered-To: mailing list reviews@mesos.apache.org Received: (qmail 40873 invoked by uid 99); 19 Sep 2017 06:13:58 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Sep 2017 06:13:58 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 70130182D47; Tue, 19 Sep 2017 06:13:58 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 4.451 X-Spam-Level: **** X-Spam-Status: No, score=4.451 tagged_above=-999 required=6.31 tests=[DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_REPLYTO_END_DIGIT=0.25, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=2, KAM_LAZY_DOMAIN_SECURITY=1, NML_ADSP_CUSTOM_MED=1.2, RP_MATCHES_RCVD=-0.001] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id ATHiuu3gjZdW; Tue, 19 Sep 2017 06:13:57 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 1BEB25FD1B; Tue, 19 Sep 2017 06:13:57 +0000 (UTC) Received: from reviews.apache.org (unknown [10.41.0.12]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id BF1DDE010F; Tue, 19 Sep 2017 06:13:55 +0000 (UTC) Received: from reviews-vm2.apache.org (localhost [IPv6:::1]) by reviews.apache.org (ASF Mail Server at reviews-vm2.apache.org) with ESMTP id BA849C410FC; Tue, 19 Sep 2017 06:13:52 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============6889728340273864119==" MIME-Version: 1.0 Subject: Re: Review Request 60496: Added socket checking to the network ports isolator. From: Qian Zhang To: Qian Zhang , Jiang Yan Xu Cc: James Peach , mesos Date: Tue, 19 Sep 2017 06:13:52 -0000 Message-ID: <20170919061352.56076.36833@reviews-vm2.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: Qian Zhang X-ReviewGroup: mesos X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/60496/ X-Sender: Qian Zhang References: <20170919002047.55959.10548@reviews-vm2.apache.org> In-Reply-To: <20170919002047.55959.10548@reviews-vm2.apache.org> X-ReviewBoard-Diff-For: src/slave/containerizer/mesos/isolators/network/ports.hpp X-ReviewBoard-Diff-For: src/slave/containerizer/mesos/isolators/network/ports.cpp Reply-To: Qian Zhang X-ReviewRequest-Repository: mesos --===============6889728340273864119== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/60496/#review185649 ----------------------------------------------------------- src/slave/containerizer/mesos/isolators/network/ports.cpp Lines 437 (patched) I think we need to introduce a new reason `REASON_CONTAINER_LIMITATION_PORT` and use it here rather than using `REASON_CONTAINER_LIMITATION`. - Qian Zhang On Sept. 19, 2017, 8:20 a.m., James Peach wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/60496/ > ----------------------------------------------------------- > > (Updated Sept. 19, 2017, 8:20 a.m.) > > > Review request for mesos, Qian Zhang and Jiang Yan Xu. > > > Bugs: MESOS-7675 > https://issues.apache.org/jira/browse/MESOS-7675 > > > Repository: mesos > > > Description > ------- > > Implemented ports resource restrictions in the network ports isolator. > Periodically, scan for listening sockets and match them up to all > the open sockets in the containers we are tracking in the network. > Check any sockets we find against the ports resource and trigger a > resource limitation if the port has not been allocated. > > > Diffs > ----- > > src/slave/containerizer/mesos/isolators/network/ports.hpp PRE-CREATION > src/slave/containerizer/mesos/isolators/network/ports.cpp PRE-CREATION > > > Diff: https://reviews.apache.org/r/60496/diff/19/ > > > Testing > ------- > > make check (Fedora 26) > > > Thanks, > > James Peach > > --===============6889728340273864119==--