-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/34135/#review84644
-----------------------------------------------------------



src/slave/containerizer/isolators/filesystem/linux.cpp
<https://reviews.apache.org/r/34135/#comment135988>

    We don't need to be root, we just need to have CAP_SYS_ADMIN, and we could 
pick that up through a helpful suid mount program.



src/slave/containerizer/isolators/filesystem/linux.cpp
<https://reviews.apache.org/r/34135/#comment135994>

    This really tests if the container_path exists in the filesystem namespace, 
the actual location could be anywhere.



src/slave/containerizer/isolators/filesystem/linux.cpp
<https://reviews.apache.org/r/34135/#comment135996>

    Should thie be comparing realpath(containerPath) with realpath(rootfs) in 
case the rootfs spec you are given contains symbolic links?



src/slave/containerizer/isolators/filesystem/linux.cpp
<https://reviews.apache.org/r/34135/#comment135999>

    Don't we want the option of mounting read only?



src/slave/containerizer/mesos/containerizer.cpp
<https://reviews.apache.org/r/34135/#comment136000>

    I'm sure there will be more than one linux filesystem isolator, should we 
call this filesystem/bind?


- Paul Brett


On May 13, 2015, 12:47 a.m., Ian Downes wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/34135/
> -----------------------------------------------------------
> 
> (Updated May 13, 2015, 12:47 a.m.)
> 
> 
> Review request for mesos, Chi Zhang, Paul Brett, Timothy Chen, and Vinod Kone.
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Moved code from Mesos Containerizer to filesystem isolators
>  - filesystem/posix (symlinks, doesn't support container rootfs)
>  - filesystem/linux (bind mounts, does support container rootfs)
> 
> The filesystem/posix isolator will be automatically included if no 
> filesystem/ isolator is specified.
> 
> 
> Diffs
> -----
> 
>   src/Makefile.am 14bc976a7b6a656fb58085484d25c3de3cf0f693 
>   src/slave/containerizer/isolators/filesystem/linux.hpp PRE-CREATION 
>   src/slave/containerizer/isolators/filesystem/linux.cpp PRE-CREATION 
>   src/slave/containerizer/isolators/filesystem/posix.hpp PRE-CREATION 
>   src/slave/containerizer/isolators/filesystem/posix.cpp PRE-CREATION 
>   src/slave/containerizer/linux_launcher.cpp 
> b9e22e3c70bed0c29e2ca8632411789d33f779a8 
>   src/slave/containerizer/mesos/containerizer.cpp 
> b644b9c74bc23cf78c0a53284544be6cdaef2f8a 
> 
> Diff: https://reviews.apache.org/r/34135/diff/
> 
> 
> Testing
> -------
> 
> existing persistent volumes tests.
> 
> 
> Thanks,
> 
> Ian Downes
> 
>

Reply via email to