mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <jpe...@apache.org>
Subject Re: Review Request 67097: Added `linux/devices` isolator whitelist support.
Date Fri, 11 May 2018 23:39:57 GMT


> On May 11, 2018, 11:34 p.m., Jie Yu wrote:
> > src/slave/containerizer/mesos/isolators/linux/devices.cpp
> > Lines 73 (patched)
> > <https://reviews.apache.org/r/67097/diff/1/?file=2020541#file2020541line74>
> >
> >     I'd suggest we just skip this whitelist entry, instead of fail the agent launch.
> >     
> >     If the operator does not specify the device path, it indicate that he does not
want the device path to show up in the container. He just want the device cgroup to allow
the device to be whitelisted. Thoughts?

I thought about that, and I'm happy to change to that behaviour. However, even in the devices
cgroup isolator, the path is actually required .. it just silently doesn't work if you omit
the path. Maybe we should require the path in both cases?


- James


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/67097/#review202975
-----------------------------------------------------------


On May 11, 2018, 6:32 p.m., James Peach wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/67097/
> -----------------------------------------------------------
> 
> (Updated May 11, 2018, 6:32 p.m.)
> 
> 
> Review request for mesos, Gilbert Song, Jason Lai, Jie Yu, and Zhitao Li.
> 
> 
> Bugs: MESOS-8792
>     https://issues.apache.org/jira/browse/MESOS-8792
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Added `linux/devices` isolator support for populating the container
> devices.  This introduces a general mechanism for populating devices
> into a specific container but currently only implements devices for all
> containers based on the devices specified by the `--allowed_devices`
> agent flag.
> 
> 
> Diffs
> -----
> 
>   src/slave/containerizer/mesos/isolators/linux/devices.hpp PRE-CREATION 
>   src/slave/containerizer/mesos/isolators/linux/devices.cpp PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/67097/diff/1/
> 
> 
> Testing
> -------
> 
> manual
> 
> 
> Thanks,
> 
> James Peach
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message