> On March 18, 2015, 12:09 p.m., Jie Yu wrote: > > src/slave/containerizer/mesos/launch.cpp, lines 94-100 > > <https://reviews.apache.org/r/31444/diff/2/?file=898403#file898403line94> > > > > The typedef is not needed to me.
Not needed in what sense: I think it really helps to describe all the mounts? > On March 18, 2015, 12:09 p.m., Jie Yu wrote: > > src/slave/containerizer/mesos/launch.cpp, lines 249-251 > > <https://reviews.apache.org/r/31444/diff/2/?file=898403#file898403line249> > > > > The comment here is a little confusing to me. Are you saying that this > > is a best effort check? > > > > Also, if we are using pid namespace but not mount namespace, which of > > the 'later code' will fail? This check was an attempt to provide a more informative error message but it's pretty flawed: we also may be in a new mount namespace and not be pid 1 in a new pid namespace. I'm just going to remove this check and rely on later code to detect this. > On March 18, 2015, 12:09 p.m., Jie Yu wrote: > > src/slave/containerizer/mesos/launch.cpp, lines 278-280 > > <https://reviews.apache.org/r/31444/diff/2/?file=898403#file898403line278> > > > > Do you also want to check the case where the chroot target is not a > > mount point? The current code will output: > > ``` > > Chroot target is not a shared mount > > ``` > > which is fine but not as informative as > > ``` > > Chroot target needs to be a mount point > > ``` added - Ian ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31444/#review76909 ----------------------------------------------------------- On April 6, 2015, 11:02 a.m., Ian Downes wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/31444/ > ----------------------------------------------------------- > > (Updated April 6, 2015, 11:02 a.m.) > > > Review request for mesos, Chi Zhang, Dominic Hamon, Jay Buffington, Jie Yu, > and James Peach. > > > Bugs: MESOS-2350 > https://issues.apache.org/jira/browse/MESOS-2350 > > > Repository: mesos > > > Description > ------- > > Optionally take a path that the launch helper should chroot to before > exec'ing the executor. It is assumed that the work directory is mounted to > the appropriate location under the chroot. In particular, the path to the > executor must be relative to the chroot. > > Configuration that should be private to the chroot is done during the launch, > e.g. mounting proc and statically configuring basic devices. It is assumed > that other configuration, e.g., preparing the image, mounting in volumes or > persistent resources, is done by the caller. > > Mounts can be made to the chroot (e.g., updating the volumes or persistent > resources) and they will propagate in to the container but mounts made inside > the container will not propagate out to the host. > > It currently assumes that at least {{chroot}}/tmp is writeable and that mount > points {{chroot}}/{tmp,dev,proc,sys} exist in the chroot. > > This is specific to Linux. > > > Diffs > ----- > > src/slave/containerizer/mesos/launch.hpp > 7c8b535746b5ce9add00afef86fdb6faefb5620e > src/slave/containerizer/mesos/launch.cpp > 2f2d60e2011f60ec711d3b29fd2c157e30c83c34 > > Diff: https://reviews.apache.org/r/31444/diff/ > > > Testing > ------- > > Manual testing only so far. This is harder to automate because we need a > self-contained chroot to execute something in... Suggestions welcome. > > > Thanks, > > Ian Downes > >
