[jira] [Issue Comment Deleted] (MESOS-5350) Add asynchronous hook for validating docker containerizer tasks

Mon, 29 Apr 2019 02:43:08 -0700 


     [ 
https://issues.apache.org/jira/browse/MESOS-5350?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gavin updated MESOS-5350:
-------------------------
    Comment: was deleted

(was: www.rtat.net)

> Add asynchronous hook for validating docker containerizer tasks
> ---------------------------------------------------------------
>
>                 Key: MESOS-5350
>                 URL: https://issues.apache.org/jira/browse/MESOS-5350
>             Project: Mesos
>          Issue Type: Improvement
>          Components: docker, modules
>            Reporter: Joseph Wu
>            Assignee: Joseph Wu
>            Priority: Minor
>              Labels: containerizer, hooks, mesosphere
>             Fix For: 1.0.0
>
>
> It is possible to plug in custom validation logic for the MesosContainerizer 
> via an {{Isolator}} module, but the same is not true of the 
> DockerContainerizer.
> Basic logic can be plugged into the DockerContainerizer via {{Hooks}}, but 
> this has some notable differences compared to isolators:
> * Hooks are synchronous.
> * Modifications to tasks via Hooks have lower priority compared to the task 
> itself.  i.e. If both the {{TaskInfo}} and 
> {{slaveExecutorEnvironmentDecorator}} define the same environment variable, 
> the {{TaskInfo}} wins.
> * Hooks have no effect if they fail (short of segfaulting)
> i.e. The {{slavePreLaunchDockerHook}} has a return type of {{Try<Nothing>}}:
> https://github.com/apache/mesos/blob/628ccd23501078b04fb21eee85060a6226a80ef8/include/mesos/hook.hpp#L90
> But the effect of returning an {{Error}} is a log message:
> https://github.com/apache/mesos/blob/628ccd23501078b04fb21eee85060a6226a80ef8/src/hook/manager.cpp#L227-L230
> We should add a hook to the DockerContainerizer to narrow this gap.  This new 
> hook would:
> * Be called at roughly the same place as {{slavePreLaunchDockerHook}}
> https://github.com/apache/mesos/blob/628ccd23501078b04fb21eee85060a6226a80ef8/src/slave/containerizer/docker.cpp#L1022
> * Return a {{Future}} and require splitting up 
> {{DockerContainerizer::launch}}.
> * Prevent a task from launching if it returns a {{Failure}}.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to