mesos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ian Downes" <>
Subject Re: Review Request 25865: Pid namespace isolator for the MesosContainerizer.
Date Thu, 23 Oct 2014 17:48:18 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated Oct. 23, 2014, 10:48 a.m.)

Review request for mesos, Jie Yu and Vinod Kone.

Repository: mesos-git


Add namespaces/pid to --isolation slave flag. Places executor into a pid namespace so it and
all descendants will be contained in the namespace. Requires the filesystem/shared isolator
so /proc and /sys are remounted to reflect the different namespace.

Diffs (updated)

  src/ 2617f77b757cb7414889520c88b1bc203dedef09 
  src/slave/containerizer/isolators/namespaces/pid.hpp PRE-CREATION 
  src/slave/containerizer/isolators/namespaces/pid.cpp PRE-CREATION 
  src/slave/containerizer/linux_launcher.cpp f7bc894830a7ca3f55465dacc7b653cdc2d7758b 
  src/slave/containerizer/mesos/containerizer.cpp 9f745d897119a814bd9f8e1b6a0ce5eaef60ed36

  src/tests/isolator_tests.cpp 52b38a38eaafde3c42d464caa7bb028ba970a291 



Added test that command in pid namespaced container is in a different namespace and that the
command is 'init' (verifies remount of /proc).


Ian Downes

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message