mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Qian Zhang <zhq527...@gmail.com>
Subject Re: Review Request 60591: Optionally isolate only the agent network ports.
Date Wed, 23 Aug 2017 02:14:47 GMT


> On Aug. 22, 2017, 5:09 p.m., Qian Zhang wrote:
> > src/slave/containerizer/mesos/isolators/network/ports.cpp
> > Lines 242-246 (patched)
> > <https://reviews.apache.org/r/60591/diff/12/?file=1801019#file1801019line242>
> >
> >     Sorry for the back and forth, is it possile for `ports.isSome()` to be false?
It seems not, right?
> 
> James Peach wrote:
>     Yes, it can be false. In [r/60765](https://reviews.apache.org/r/60765/) I added a
test to hit this case. However if I remove the code that tries to protect the agent port,
this can be simplified.

Not sure why it can be false. If we hit here, that means `havePortsResource(flags)` is true,
so we must have port resources, right?


- Qian


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/60591/#review183420
-----------------------------------------------------------


On Aug. 22, 2017, 4:36 a.m., James Peach wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/60591/
> -----------------------------------------------------------
> 
> (Updated Aug. 22, 2017, 4:36 a.m.)
> 
> 
> Review request for mesos, Qian Zhang and Jiang Yan Xu.
> 
> 
> Bugs: MESOS-7675
>     https://issues.apache.org/jira/browse/MESOS-7675
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Normally, the `network/ports` isolator will kill any task that
> listens on a port that it does not have resources for. However,
> executors that are based on the libprocess API will always listen
> on a port in the ephemeral range, and we want to make it possible
> to use libprocess-based executors.
> 
> Added the `--container_ports_watch_resources_only` option to only
> kill tasks when they listen on un-allocated ports within the port
> range published by the agent resources. This still prevents port
> collisions between tasks, but doesn't kill them just because the
> executor is listening on a port.
> 
> 
> Diffs
> -----
> 
>   src/slave/containerizer/mesos/isolators/network/ports.hpp PRE-CREATION 
>   src/slave/containerizer/mesos/isolators/network/ports.cpp PRE-CREATION 
>   src/slave/flags.hpp 2970fea0cfac6af275a758d4bfedfe9a943c2b60 
>   src/slave/flags.cpp 3b02f3e909a554f15104739832ae3f252926b45f 
> 
> 
> Diff: https://reviews.apache.org/r/60591/diff/13/
> 
> 
> Testing
> -------
> 
> make check (Fedora 26)
> 
> 
> Thanks,
> 
> James Peach
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message