mesos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ian Downes" <>
Subject Re: Review Request 25865: Pid namespace isolator for the MesosContainerizer.
Date Tue, 14 Oct 2014 20:33:22 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated Oct. 14, 2014, 1:33 p.m.)

Review request for mesos, Jie Yu and Vinod Kone.


Added comments. Moved some code into cpp. Removed some unnecessary isolator dependencies.

Repository: mesos-git


Add namespaces/pid to --isolation slave flag. Places executor into a pid namespace so it and
all descendants will be contained in the namespace. Requires the filesystem/shared isolator
so /proc and /sys are remounted to reflect the different namespace.

Diffs (updated)

  src/ d503c8df73cda15a9d59254e8265e4a5d0e003a4 
  src/slave/containerizer/isolators/namespaces/pid.hpp PRE-CREATION 
  src/slave/containerizer/isolators/namespaces/pid.cpp PRE-CREATION 
  src/slave/containerizer/linux_launcher.cpp f7bc894830a7ca3f55465dacc7b653cdc2d7758b 
  src/slave/containerizer/mesos/containerizer.cpp 9d083294caa5c5a47ba3ceaa1b57346144cb795c

  src/tests/isolator_tests.cpp c38f87632cb6984543cb3767dbd656cde7459610 



Added test that command in pid namespaced container is in a different namespace and that the
command is 'init' (verifies remount of /proc).


Ian Downes

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message