----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/21594/#review43559 -----------------------------------------------------------
Partial review only, sorry. Will continue review when back. src/slave/constants.cpp <https://reviews.apache.org/r/21594/#comment77769> Can you provide a comment on where this number came from? What's the maximum that it can be? src/slave/containerizer/isolators/network/port_mapping.hpp <https://reviews.apache.org/r/21594/#comment77772> Format of guard is different, e.g., the memory isolator is __MEM_ISOLATOR_HPP__ src/slave/containerizer/isolators/network/port_mapping.hpp <https://reviews.apache.org/r/21594/#comment77773> s/setup/set up/ src/slave/containerizer/isolators/network/port_mapping.hpp <https://reviews.apache.org/r/21594/#comment77774> Move this struct down the just above the hashmap? src/slave/containerizer/isolators/network/port_mapping.hpp <https://reviews.apache.org/r/21594/#comment77776> Comment why this isn't const? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77778> alphabetize src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77779> Where does this number come from? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77780> expand comment please - limitation is on the length of an interface name and it's limited to what? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77781> Can you document why this is safe to do. src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77782> s/begin/start/? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77783> assume -> you enforce this with a CHECK src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77793> This method is 350 lines... can it be refactored into reusable parts? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77784> use a single Try<int> check variable for both os::shell() calls? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77785> kill newline? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77786> what happens if it's !isSome()? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77787> s/continuous/contiguous/ src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77788> consistent terminology everywhere: s/overlap/intersect/ src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77789> kill newline src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77791> s/splitted/split/ src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77790> kill newline src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77792> please add your name to the TODO: // TODO(idownes): comment. src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77794> Document the behavior of the workaround if the patches are present. src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77795> Can we abstract out these sort of things like we did for cgroup operations to ensure correct output formatting and error checking? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77796> kill newline src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77797> kill newline src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77798> Document behavior for kernels newer than 3.6 src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77799> handle links.isError() ? src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77800> ditto src/slave/containerizer/isolators/network/port_mapping.cpp <https://reviews.apache.org/r/21594/#comment77777> If this needs to be a class method why not pass in the ContainerID rather than the raw pointer to the info? src/slave/flags.hpp <https://reviews.apache.org/r/21594/#comment77770> Is this information checkpointed for slave recovery? What happens if you recover a slave with a different value for max_containers? src/slave/flags.hpp <https://reviews.apache.org/r/21594/#comment77771> Ditto - is this checkpointed and what happens if changed on recovery. - Ian Downes On May 16, 2014, 5:08 p.m., Chi Zhang wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/21594/ > ----------------------------------------------------------- > > (Updated May 16, 2014, 5:08 p.m.) > > > Review request for mesos, Ian Downes, Jie Yu, Vinod Kone, and Cong Wang. > > > Bugs: https://issues.apache.org/jira/browse/MESOS-1324 > > https://issues.apache.org/jira/browse/https://issues.apache.org/jira/browse/MESOS-1324 > > > Repository: mesos-git > > > Description > ------- > > Added a network isolator using port-range based traffic redirection on Linux. > > - Containers are assigned non-ephemeral ports by the scheduler and ephemeral > ports by the network isolator. > - Virtual ethernet devices and Traffic Control filters are set up so that > network traffic in and out of the containers is isolated based on the ports > assigned to them. > - Containers run inside their own network namespaces with separate network > stacks, from which per-container network statistics can be retrieved. > > A joint work with: > - Cong Wang (cw...@twopensource.com) > - Jie Yu (yujie....@gmail.com) > - Ian Downes (ian.dow...@gmail.com) > > > Diffs > ----- > > include/mesos/mesos.proto 8012873 > src/Makefile.am ae576c5 > src/slave/constants.hpp c097525 > src/slave/constants.cpp 1854b16 > src/slave/containerizer/isolators/network/port_mapping.hpp PRE-CREATION > src/slave/containerizer/isolators/network/port_mapping.cpp PRE-CREATION > src/slave/containerizer/linux_launcher.cpp c17724b > src/slave/containerizer/mesos_containerizer.cpp 2a4816e > src/slave/flags.hpp 8616817 > src/tests/environment.cpp 1267b3e > src/tests/mesos.cpp 7f59b72 > > Diff: https://reviews.apache.org/r/21594/diff/ > > > Testing > ------- > > make check on linux. more test cases are being written. > > > Thanks, > > Chi Zhang > >
