> On Oct. 18, 2016, 11:59 p.m., Joshua Cohen wrote:
> > src/main/python/apache/aurora/executor/common/sandbox.py, lines 308-313
> > <https://reviews.apache.org/r/53003/diff/2/?file=1541037#file1541037line308>
> >
> >     Is this always necessary, or only necessary when filesystem isolation 
> > is used in conjunction with the network/cni isolator? If the latter, does 
> > it make more sense to just configure these as global mounts via the 
> > scheduler's `-global_container_mounts` command line flag, rather than doing 
> > this for everyone where it may not be necessary/desirable?
> >     
> >     Alternately, I'm not super familiar w/ CNI, but is it possible to infer 
> > from the TaskInfo whether CNI is enabled (e.g. is NetworkInfo set 
> > somewhere)?
> 
> Justin Pinkul wrote:
>     This is always nessisary when using a Docker image with the Mesos 
> containierizer. The reason I brought up the network/cni isolator is that when 
> you are running with a Docker image set as the rootfs this isolator will copy 
> these files in, even if no CNI networks are defined. Since the current 
> Thermos executor is using a volume instead of a rootfs this logic is 
> completely bypassed. It makes sense for this change to be in the executor 
> since it is required for DNS to function properly.
>     
>     Pod support can be used as a longer term fix. This will allow us to set 
> the rootfs for processes and the ownership of this logic can return to Mesos.

Gotcha, thanks for clarifying. Given the above, does it make sense to only do 
this when the container is being launched with a Docker image?


- Joshua


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/53003/#review153217
-----------------------------------------------------------


On Oct. 18, 2016, 11:41 p.m., Justin Pinkul wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/53003/
> -----------------------------------------------------------
> 
> (Updated Oct. 18, 2016, 11:41 p.m.)
> 
> 
> Review request for Aurora, Joshua Cohen and Zameer Manji.
> 
> 
> Bugs: AURORA-1798
>     https://issues.apache.org/jira/browse/AURORA-1798
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> The networking files /etc/resolv.conf, /etc/hosts and /etc/hostname are now 
> copied into the taskfs when using the Mesos containierizer with a Docker 
> image.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/aurora/executor/common/sandbox.py 
> 4a0f3b5094940cc3dad34689a0b004fb33b348a0 
>   src/test/python/apache/aurora/executor/common/test_sandbox.py 
> 41ee884a309e8cc8fedecf19cab2fbc397fcf1dc 
> 
> Diff: https://reviews.apache.org/r/53003/diff/
> 
> 
> Testing
> -------
> 
> Ran unit tests and launched a simple ping Aurora job with and without the 
> change.
> 
> 
> Thanks,
> 
> Justin Pinkul
> 
>

Reply via email to