> On Jan. 15, 2016, 6 a.m., Cong Wang wrote: > > Why do we need netcls to regulate framework traffic on a per-container > > basis? Given the fact that a) the port range based filters already work and > > the code (see egress fq_codel) already exists b) we only have port range > > based network isolation so far. > > > > I see no point of this. Please describe your use case with details, just > > pointing to netcls kernel doc doesn't help at all.
Since no one answers this, I assume no one in Mesosphere actually understands it... So looks like you are pushing something no one is actually going to use. - Cong ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/42047/#review114665 ----------------------------------------------------------- On Jan. 15, 2016, 5:42 p.m., Avinash sridharan wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/42047/ > ----------------------------------------------------------- > > (Updated Jan. 15, 2016, 5:42 p.m.) > > > Review request for mesos and Jie Yu. > > > Bugs: MESOS-4262 > https://issues.apache.org/jira/browse/MESOS-4262 > > > Repository: mesos > > > Description > ------- > > Specified the CgroupsNetClsIsolatorProcess class. This adds the ability to > isolate a mesos container using the net_cls cgroup subsystem. > > > Diffs > ----- > > src/CMakeLists.txt 39a23df3227a4f524ea0d408dc894fa5bbab7d10 > src/Makefile.am 8cbfb1ba5fa49f2d3cc26ea325838a1c68a79660 > src/slave/containerizer/mesos/isolators/cgroups/net_cls.hpp PRE-CREATION > src/slave/containerizer/mesos/isolators/cgroups/net_cls.cpp PRE-CREATION > > Diff: https://reviews.apache.org/r/42047/diff/ > > > Testing > ------- > > > Thanks, > > Avinash sridharan > >
