aurora-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Pinkul <jpin...@live.com>
Subject Re: Review Request 53003: Adding logic to copy network files when using the Mesos containierizer with a Docker image.
Date Wed, 19 Oct 2016 16:26:19 GMT


> On Oct. 18, 2016, 11:59 p.m., Joshua Cohen wrote:
> > src/main/python/apache/aurora/executor/common/sandbox.py, lines 308-313
> > <https://reviews.apache.org/r/53003/diff/2/?file=1541037#file1541037line308>
> >
> >     Is this always necessary, or only necessary when filesystem isolation is used
in conjunction with the network/cni isolator? If the latter, does it make more sense to just
configure these as global mounts via the scheduler's `-global_container_mounts` command line
flag, rather than doing this for everyone where it may not be necessary/desirable?
> >     
> >     Alternately, I'm not super familiar w/ CNI, but is it possible to infer from
the TaskInfo whether CNI is enabled (e.g. is NetworkInfo set somewhere)?
> 
> Justin Pinkul wrote:
>     This is always nessisary when using a Docker image with the Mesos containierizer.
The reason I brought up the network/cni isolator is that when you are running with a Docker
image set as the rootfs this isolator will copy these files in, even if no CNI networks are
defined. Since the current Thermos executor is using a volume instead of a rootfs this logic
is completely bypassed. It makes sense for this change to be in the executor since it is required
for DNS to function properly.
>     
>     Pod support can be used as a longer term fix. This will allow us to set the rootfs
for processes and the ownership of this logic can return to Mesos.
> 
> Joshua Cohen wrote:
>     Gotcha, thanks for clarifying. Given the above, does it make sense to only do this
when the container is being launched with a Docker image?

Definitely, I placed the code in `FileSystemImageSandbox` which I believe is only used when
using a Docker image with the Mesos containierizer.


- Justin


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/53003/#review153217
-----------------------------------------------------------


On Oct. 18, 2016, 11:41 p.m., Justin Pinkul wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/53003/
> -----------------------------------------------------------
> 
> (Updated Oct. 18, 2016, 11:41 p.m.)
> 
> 
> Review request for Aurora, Joshua Cohen and Zameer Manji.
> 
> 
> Bugs: AURORA-1798
>     https://issues.apache.org/jira/browse/AURORA-1798
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> The networking files /etc/resolv.conf, /etc/hosts and /etc/hostname are now copied into
the taskfs when using the Mesos containierizer with a Docker image.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/aurora/executor/common/sandbox.py 4a0f3b5094940cc3dad34689a0b004fb33b348a0

>   src/test/python/apache/aurora/executor/common/test_sandbox.py 41ee884a309e8cc8fedecf19cab2fbc397fcf1dc

> 
> Diff: https://reviews.apache.org/r/53003/diff/
> 
> 
> Testing
> -------
> 
> Ran unit tests and launched a simple ping Aurora job with and without the change.
> 
> 
> Thanks,
> 
> Justin Pinkul
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message