mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Xudong Ni via Review Board <nore...@reviews.apache.org>
Subject Re: Review Request 68366: Added agent protected port range option in network isolator.
Date Mon, 20 Aug 2018 21:53:10 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68366/
-----------------------------------------------------------

(Updated Aug. 20, 2018, 9:53 p.m.)


Review request for mesos and James Peach.


Bugs: MESOS-9133
    https://issues.apache.org/jira/browse/MESOS-9133


Repository: mesos


Description
-------

For a network isolator disabled environment, in practice, there could
be a lot of users already binding to ephemeral ports; It would take
a lot of efforts to find/notify/modify those apps; In order to take
advantage of network isolator and enable it in such system, it would
be useful to add mesos-agent configuration option to allow enforce
port isolation in only the specified certain port range


Diffs (updated)
-----

  docs/configuration/agent.md 4e50b681bb956d559da6bf1d2c504099aae3cafb 
  docs/isolators/network-ports.md 5d14fc2985e099783b09e2a19f99641b4ddbd768 
  src/slave/containerizer/mesos/isolators/network/ports.hpp 6944d01e0f8a11eda381ef1754f19ee0cf9359c8

  src/slave/containerizer/mesos/isolators/network/ports.cpp 2a7ff2530f898cf892739c715b07b3387b423ed9

  src/slave/flags.hpp 88c35da5fd754abbd4bd316e1fa9efa4a70a6b8c 
  src/slave/flags.cpp 54d9acc8693f53294bdc2a88183cac84a8dfbfd9 
  src/tests/containerizer/ports_isolator_tests.cpp db080c4e9c8b0c036294a8f7a42617ca1231f884



Diff: https://reviews.apache.org/r/68366/diff/5/

Changes: https://reviews.apache.org/r/68366/diff/4-5/


Testing (updated)
-------

New test added to test feature:

[       OK ] NetworkPortsIsolatorTest.ROOT_NC_PortEnforcementProtectedPort (1886 ms)
[----------] 1 test from NetworkPortsIsolatorTest (1887 ms total)

[----------] Global test environment tear-down
[==========] 1 test from 1 test case ran. (1900 ms total)
[  PASSED  ] 1 test.

Existing test updated to test the negative cases:

[       OK ] NetworkPortsIsolatorTest.ROOT_IsolatorFlags (58 ms)
[----------] 1 test from NetworkPortsIsolatorTest (58 ms total)

[----------] Global test environment tear-down
[==========] 1 test from 1 test case ran. (69 ms total)
[  PASSED  ] 1 test.

Existing test for isolator feature:

[       OK ] NetworkPortsIsolatorTest.ROOT_NC_AllocatedPorts (1992 ms)
[----------] 1 test from NetworkPortsIsolatorTest (1993 ms total)

[----------] Global test environment tear-down
[==========] 1 test from 1 test case ran. (2004 ms total)
[  PASSED  ] 1 test.


Thanks,

Xudong Ni


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message