-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52809/
-----------------------------------------------------------
(Updated Oct. 12, 2016, 11:01 p.m.)
Review request for mesos, Gilbert Song and Jie Yu.
Bugs: MESOS-2952
https://issues.apache.org/jira/browse/MESOS-2952
Repository: mesos
Description
-------
WIP: User Namespace implementation.
Diffs
-----
src/Makefile.am fd01e1dfbdb04d073484ff6b7cc94b8d769f8a8e
src/slave/containerizer/mesos/containerizer.cpp
32058c35ea9ca95f0a2665994c1ebccd5c840345
src/slave/containerizer/mesos/isolators/user/user.hpp PRE-CREATION
src/slave/containerizer/mesos/isolators/user/user.cpp PRE-CREATION
src/slave/containerizer/mesos/isolators/user/usermaps.hpp PRE-CREATION
src/slave/containerizer/mesos/launch.cpp
c6b669a04c006edfc78c06560d1eb088278c2f8e
src/slave/flags.hpp 3952d04f6a00ac1dca1adf2bea7cc6e415620ce5
src/slave/flags.cpp 491d10f6a8a7ea8adbfe0a09f5fce79943bccfac
Diff: https://reviews.apache.org/r/52809/diff/
Testing
-------
Work in progress implementing User namespaces.
Phase 1: Create isolator and enable isolator to when Agent is run with
"userns=true". If this flags is not set the original functionality will run the
task as user who started the task. With User namespace the task will be run
inside the user namespace with as a root with the user who started the task is
mapped to outside of the container. Approriate uid and gid maps are created.
Phase 2: Provide mount point support for containers running in user namespace.
Thanks,
Srinivas Brahmaroutu
