----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/25865/ -----------------------------------------------------------
(Updated Sept. 23, 2014, 4:39 p.m.) Review request for mesos, Jie Yu and Vinod Kone. Repository: mesos-git Description ------- Add namespaces/pid to --isolation slave flag. Places executor into a pid namespace so it and all descendants will be contained in the namespace. Requires the filesystem/shared isolator so /proc and /sys are remounted to reflect the different namespace. Diffs (updated) ----- src/Makefile.am 9b973e5503e30180045e270220987ba647da8038 src/slave/containerizer/isolators/filesystem/shared.cpp PRE-CREATION src/slave/containerizer/isolators/namespaces/pid.hpp PRE-CREATION src/slave/containerizer/isolators/namespaces/pid.cpp PRE-CREATION src/slave/containerizer/linux_launcher.cpp f7bc894830a7ca3f55465dacc7b653cdc2d7758b src/slave/containerizer/mesos/containerizer.cpp 9d083294caa5c5a47ba3ceaa1b57346144cb795c src/tests/isolator_tests.cpp c38f87632cb6984543cb3767dbd656cde7459610 Diff: https://reviews.apache.org/r/25865/diff/ Testing ------- Added test that command in pid namespaced container is in a different namespace and that the command is 'init' (verifies remount of /proc). Thanks, Ian Downes
