[
https://issues.apache.org/jira/browse/MESOS-8786?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benjamin Bannier reassigned MESOS-8786:
---------------------------------------
Assignee: Benjamin Bannier
Sprint: Mesosphere Sprint 78
Reviews:
* https://reviews.apache.org/r/66634/
* https://reviews.apache.org/r/66635/
> CgroupIsolatorProcess accesses subsystem processes directly
> -----------------------------------------------------------
>
> Key: MESOS-8786
> URL: https://issues.apache.org/jira/browse/MESOS-8786
> Project: Mesos
> Issue Type: Bug
> Components: containerization
> Affects Versions: 1.5.0, 1.4.0, 1.3.0, 1.2.0, 1.1.0, 1.6.0
> Reporter: Benjamin Bannier
> Assignee: Benjamin Bannier
> Priority: Major
>
> The {{CgroupsIsolatorProcess}} interacts with the different cgroups
> subsystems via {{Processes}} dealing with a dedicated subsystem each. Each
> {{Process}} is held by {{CgroupsIsolatorProcess}} directly and e.g., no
> intermediate wrapper class is involved performing {{dispatch}} to an
> underlying process.
> Since no wrapper around these {{Subsystem}} processes is used, a user needs
> to make sure to only {{dispatch}} to the process himself, he should e.g.,
> never directly invoke functions on the {{Process}} or else inconsistencies or
> races can arise inside the {{Subsystem}} process; if e.g., a {{Subsystem}}
> dispatches to itself, {{CgroupsIsolatorProcess}} might concurrently invoke
> {{Subsystem}} functions.
>
> {{CgroupsIsolatorProcess}} does not always {{dispatch}} to these process,
> but invokes them directly. We should fix this by either introducing wrappers
> around the {{Subsystem}} wrappers, or by explicitly fixing
> {{CgroupsIsolatorProcess}} to always use {{dispatch}} to interact with its
> subsystems. While the first approach seems cleaner and more future-proof, the
> latter might be less effort _now_.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
