> On March 9, 2016, 10:31 p.m., Adam B wrote:
> > src/master/validation.cpp, line 381
> > <https://reviews.apache.org/r/44570/diff/3/?file=1293312#file1293312line381>
> >
> >     It may be sufficient to only check `if (task.has_owner() && 
> > task.has_executor())` since a custom executor should set the owner on the 
> > ExecutorInfo not the TaskInfo.
> 
> Jan Schlicht wrote:
>     That is if the `ExecutorInfo` is reused in a `TaskInfo` it's sufficient 
> to check for that? That makes sense because the `ExecutorInfo` validation 
> compares the `ExecutorId` against the ones of existing `ExecutorInfo`s. But 
> how'd we make sure that the owner is set in `ExecutorInfo` if that executor 
> isn't existing yet?

Well, we can't enforce that the owner field has to be set, since that would 
break backwards compatibility. It's an optional field, so even if a custom 
ExecutorInfo is provided, the owner field may not be set. Here's what's allowed:
a) !task.has_executor() && (task.has_owner() || !task.has_owner()) // Default 
executor, may or may not have owner set.
b) task.has_executor() && !task.has_owner() && (task.executor().has_owner() || 
!task.executor().has_owner()) // Custom executor, may or may not have owner 
set; taskInfo does not have an owner set.
Here's what's not allowed:
x) task.has_executor() && task.has_owner() && task.executor().has_owner() // 
How can the task have a different owner than the executor?
y) task.has_executor() && task.has_owner() && !task.executor().has_owner() // 
Why would the task have an owner but the executor doesn't?


- Adam


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44570/#review122887
-----------------------------------------------------------


On March 10, 2016, 4:49 a.m., Jan Schlicht wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44570/
> -----------------------------------------------------------
> 
> (Updated March 10, 2016, 4:49 a.m.)
> 
> 
> Review request for mesos, Adam B and Joerg Schad.
> 
> 
> Bugs: MESOS-4772
>     https://issues.apache.org/jira/browse/MESOS-4772
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> To be able to authenticate HTTP requests for tasks, the authorizer has to
> determine who owns the tasks. This is achieved by adding an owner field to
> TaskInfo and ExecutorInfo.
> 
> 
> Diffs
> -----
> 
>   include/mesos/mesos.proto 3d22ec32655dca741169e1f0e382303e061c38b7 
>   include/mesos/v1/mesos.proto 31960a52061f70d80528fb8326522ae1d6f75b2c 
>   src/master/validation.hpp 29dbdf1da540db4966ff9e86037badde06e69a4b 
>   src/master/validation.cpp 820a9faee6fde09a98317854b181fe897167e2ca 
>   src/tests/master_validation_tests.cpp 
> c9bc38ce604d2d44d6e6b1286507d1c45e5e9e25 
> 
> Diff: https://reviews.apache.org/r/44570/diff/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Jan Schlicht
> 
>

Reply via email to