mesos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chi Zhang" <chzhc...@gmail.com>
Subject Re: Review Request 21594: Port-Range Based Network Isolator for Linux
Date Fri, 20 Jun 2014 00:13:48 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/21594/
-----------------------------------------------------------

(Updated June 20, 2014, 12:13 a.m.)


Review request for mesos, Ian Downes, Jie Yu, Vinod Kone, and Cong Wang.


Bugs: https://issues.apache.org/jira/browse/MESOS-1324
    https://issues.apache.org/jira/browse/https://issues.apache.org/jira/browse/MESOS-1324


Repository: mesos-git


Description
-------

Added a network isolator using port-range based traffic redirection on Linux.

- Containers are assigned non-ephemeral ports by the scheduler and ephemeral ports by the
network isolator. 
- Virtual ethernet devices and Traffic Control filters are set up so that network traffic
in and out of the containers is isolated based on the ports assigned to them. 
- Containers run inside their own network namespaces with separate network stacks, from which
per-container network statistics can be retrieved.

A joint work with:
- Cong Wang (cwang@twopensource.com)
- Jie Yu (yujie.jay@gmail.com)
- Ian Downes (ian.downes@gmail.com)


Diffs
-----

  include/mesos/mesos.proto 2f6be05 
  src/Makefile.am b1b7d2d 
  src/launcher/main.cpp b497e98 
  src/slave/constants.hpp c65a62d 
  src/slave/constants.cpp 51f65bb 
  src/slave/containerizer/isolators/network/port_mapping.hpp PRE-CREATION 
  src/slave/containerizer/isolators/network/port_mapping.cpp PRE-CREATION 
  src/slave/containerizer/linux_launcher.cpp 85c74f0 
  src/slave/containerizer/mesos_containerizer.cpp 61c0a8d 
  src/slave/flags.hpp 3b8ba08 
  src/slave/main.cpp 8c2b70c 
  src/tests/environment.cpp 21b9d1d 
  src/tests/mesos.cpp 1037420 

Diff: https://reviews.apache.org/r/21594/diff/


Testing
-------

make check on linux. more test cases are being written. 


Thanks,

Chi Zhang


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message