> On Oct. 18, 2016, 11:59 p.m., Joshua Cohen wrote:
> > src/main/python/apache/aurora/executor/common/sandbox.py, lines 308-313
> > <https://reviews.apache.org/r/53003/diff/2/?file=1541037#file1541037line308>
> >
> >     Is this always necessary, or only necessary when filesystem isolation 
> > is used in conjunction with the network/cni isolator? If the latter, does 
> > it make more sense to just configure these as global mounts via the 
> > scheduler's `-global_container_mounts` command line flag, rather than doing 
> > this for everyone where it may not be necessary/desirable?
> >     
> >     Alternately, I'm not super familiar w/ CNI, but is it possible to infer 
> > from the TaskInfo whether CNI is enabled (e.g. is NetworkInfo set 
> > somewhere)?

This is always nessisary when using a Docker image with the Mesos 
containierizer. The reason I brought up the network/cni isolator is that when 
you are running with a Docker image set as the rootfs this isolator will copy 
these files in, even if no CNI networks are defined. Since the current Thermos 
executor is using a volume instead of a rootfs this logic is completely 
bypassed. It makes sense for this change to be in the executor since it is 
required for DNS to function properly.

Pod support can be used as a longer term fix. This will allow us to set the 
rootfs for processes and the ownership of this logic can return to Mesos.


- Justin


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/53003/#review153217
-----------------------------------------------------------


On Oct. 18, 2016, 11:41 p.m., Justin Pinkul wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/53003/
> -----------------------------------------------------------
> 
> (Updated Oct. 18, 2016, 11:41 p.m.)
> 
> 
> Review request for Aurora, Joshua Cohen and Zameer Manji.
> 
> 
> Bugs: AURORA-1798
>     https://issues.apache.org/jira/browse/AURORA-1798
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> The networking files /etc/resolv.conf, /etc/hosts and /etc/hostname are now 
> copied into the taskfs when using the Mesos containierizer with a Docker 
> image.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/aurora/executor/common/sandbox.py 
> 4a0f3b5094940cc3dad34689a0b004fb33b348a0 
>   src/test/python/apache/aurora/executor/common/test_sandbox.py 
> 41ee884a309e8cc8fedecf19cab2fbc397fcf1dc 
> 
> Diff: https://reviews.apache.org/r/53003/diff/
> 
> 
> Testing
> -------
> 
> Ran unit tests and launched a simple ping Aurora job with and without the 
> change.
> 
> 
> Thanks,
> 
> Justin Pinkul
> 
>

Reply via email to