mesos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jieyu <...@git.apache.org>
Subject [GitHub] mesos pull request #263: Allow nested containers in pods to have separate na...
Date Fri, 16 Feb 2018 01:21:29 GMT
Github user jieyu commented on a diff in the pull request:

    https://github.com/apache/mesos/pull/263#discussion_r168655002
  
    --- Diff: src/slave/containerizer/mesos/isolators/network/cni/cni.cpp ---
    @@ -751,10 +751,11 @@ Future<Option<ContainerLaunchInfo>> NetworkCniIsolatorProcess::prepare(
             launchInfo.add_clone_namespaces(CLONE_NEWNET);
             launchInfo.add_clone_namespaces(CLONE_NEWNS);
             launchInfo.add_clone_namespaces(CLONE_NEWUTS);
    +        infos[containerId]->needsSeparateNs = needsSeparateNs;
    --- End diff --
    
    I'd just store `joinParentNetwork` boolean in the `Info` struct.
    
    Looks like we need some way to checkpoint this information. Otherwise, after recovery,
how does the isolator tell if it needs to call CNI detach for nested container? Currently,
since nested container always share with its parent, no need to do any cleanup. But it's no
longer true with this change.
    
    But I think we can tell if we discover a nested container having checkpointed data under
`/var/run/mesos/isolators/network/cni/`. See `src/slave/containerizer/mesos/isolators/network/cni/paths.hpp`
for the checkpointing layout. You'll notice this when you properly implement recover() method.


---

Mime
View raw message