mesos-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ji...@apache.org
Subject [2/2] mesos git commit: Enabled the `network/cni` isolator in `MesosContainerizer`.
Date Thu, 14 Apr 2016 16:17:56 GMT
Enabled the `network/cni` isolator in `MesosContainerizer`.

Review: https://reviews.apache.org/r/45983/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/6dc9f025
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/6dc9f025
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/6dc9f025

Branch: refs/heads/master
Commit: 6dc9f025a5d48fb4e76350fc22b93b51850c9546
Parents: 3f74562
Author: Avinash sridharan <avinash@mesosphere.io>
Authored: Thu Apr 14 09:15:31 2016 -0700
Committer: Jie Yu <yujie.jay@gmail.com>
Committed: Thu Apr 14 09:15:31 2016 -0700

----------------------------------------------------------------------
 src/slave/containerizer/mesos/containerizer.cpp | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/6dc9f025/src/slave/containerizer/mesos/containerizer.cpp
----------------------------------------------------------------------
diff --git a/src/slave/containerizer/mesos/containerizer.cpp b/src/slave/containerizer/mesos/containerizer.cpp
index dfaffd7..1e1a369 100644
--- a/src/slave/containerizer/mesos/containerizer.cpp
+++ b/src/slave/containerizer/mesos/containerizer.cpp
@@ -88,6 +88,7 @@
 
 #ifdef __linux__
 #include "slave/containerizer/mesos/isolators/namespaces/pid.hpp"
+#include "slave/containerizer/mesos/isolators/network/cni/cni.hpp"
 #endif
 
 #ifdef WITH_NETWORK_ISOLATOR
@@ -158,6 +159,18 @@ Try<MesosContainerizer*> MesosContainerizer::create(
     flags_.isolation += ",filesystem/posix";
   }
 
+#ifdef __linux__
+  // One and only one `network` isolator is required. The network
+  // isolator is responsible for preparing the network namespace for
+  // containers. If the user does not specify one, 'network/cni'
+  // isolator will be used.
+
+  // TODO(jieyu): Check that only one network isolator is used.
+  if (!strings::contains(flags_.isolation, "network/")) {
+    flags_.isolation += ",network/cni";
+  }
+#endif
+
   LOG(INFO) << "Using isolation: " << flags_.isolation;
 
   // Create the container logger for the MesosContainerizer.
@@ -234,6 +247,7 @@ Try<MesosContainerizer*> MesosContainerizer::create(
 #endif
     {"docker/runtime", &DockerRuntimeIsolatorProcess::create},
     {"namespaces/pid", &NamespacesPidIsolatorProcess::create},
+    {"network/cni", &NetworkCniIsolatorProcess::create},
 #endif
 #ifdef WITH_NETWORK_ISOLATOR
     {"network/port_mapping", &PortMappingIsolatorProcess::create},


Mime
View raw message