mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <>
Subject Re: Review Request 69086: Moved container root construction to the isolators.
Date Sat, 17 Nov 2018 00:49:33 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated Nov. 17, 2018, 12:49 a.m.)

Review request for mesos, Gilbert Song, Jason Lai, Jie Yu, and Jiang Yan Xu.

Bugs: MESOS-9319

Repository: mesos


Previously, if the container was configured with a root filesytem,
the root was populated by a combination of the `fs::chroot:prepare`
API and the various isolators. The implementation details of some
isolators had leaked into the chroot code, which had a special case
for adding GPU devices.

This change moves all the responsibility for defining the
root filesystem from the `fs::chroot::prepare()` API to the
`filesystem/linux` isolator. The `filesystem/linux` isolator is
now the single place that captures how to mount the container
pseudo-filesystems as well as how to construct a proper `/dev`

Since the `linux/filesystem` isolator is now entirely responsible
for creating and mounting the container `/dev`, any other isolators
that enable access to devices should populate device nodes in the
container devices directory and add a corresponding bind mount.

Diffs (updated)

  src/linux/fs.hpp 31969f6ba82bf5ee549bfdf9698a21adaa486a90 
  src/linux/fs.cpp 5cdffe1f4c7f00aee5b8f640e7cfa4a0018cfa0a 
  src/slave/containerizer/mesos/isolators/filesystem/linux.cpp c7d753ac2e5575a8d687600bfb9e0617fa72c990

  src/slave/containerizer/mesos/isolators/gpu/isolator.hpp 4645c625877d9451516133b24bd3959e0f49c0a9

  src/slave/containerizer/mesos/isolators/gpu/isolator.cpp 56d835779618fd965d928c6926664583e9141f79

  src/slave/containerizer/mesos/isolators/linux/devices.cpp 8f8ff95ec3856ba06647637a80315365d0e66e23

  src/slave/containerizer/mesos/launch.cpp 882bcdf89e2b0cca3d3f62e6d017849a51ceaead 




sudo make check (Fedora 28)


James Peach

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message