> On Sept. 19, 2017, 2:13 p.m., Qian Zhang wrote: > > src/slave/containerizer/mesos/isolators/network/ports.cpp > > Lines 437 (patched) > > <https://reviews.apache.org/r/60496/diff/19/?file=1828700#file1828700line437> > > > > I think we need to introduce a new reason > > `REASON_CONTAINER_LIMITATION_PORT` and use it here rather than using > > `REASON_CONTAINER_LIMITATION`. > > James Peach wrote: > Why do you think a special port limitation is needed? I rather thought > that the `DISK` and `MEMORY` reasons were the anomaly ... > > Qian Zhang wrote: > I just want it to be consistent with memory and disk, now > `REASON_CONTAINER_LIMITATION` is not used anywhere, I am not sure why we need > it. Actually I am OK with either way: 1) we remove > `REASON_CONTAINER_LIMITATION_MEMORY` and `REASON_CONTAINER_LIMITATION_DISK` > and always use `REASON_CONTAINER_LIMITATION` or 2) we use `DISK`, `MEMORY` > and `PORT` respectively. For now, I think 2) should be an easier one to go > with. > > James Peach wrote: > External isolators already have to use `REASON_CONTAINER_LIMITATION`. If > we add a new (IMHO unnecessary) reason here, then schedulers won't be able to > understand the limitation until they upgrade ther protobufs. I don't think > that `REASON_CONTAINER_LIMITATION_PORT` is worth it. > > The resource-specific reasons go all the way back to > [r/26382](https://reviews.apache.org/r/26382/) when `REASON_MEMORY_LIMIT` was > the only limitation that could be raised even though isolator modules did > exist at that time.
OK, I agree. - Qian ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/60496/#review185649 ----------------------------------------------------------- On Sept. 19, 2017, 8:20 a.m., James Peach wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/60496/ > ----------------------------------------------------------- > > (Updated Sept. 19, 2017, 8:20 a.m.) > > > Review request for mesos, Qian Zhang and Jiang Yan Xu. > > > Bugs: MESOS-7675 > https://issues.apache.org/jira/browse/MESOS-7675 > > > Repository: mesos > > > Description > ------- > > Implemented ports resource restrictions in the network ports isolator. > Periodically, scan for listening sockets and match them up to all > the open sockets in the containers we are tracking in the network. > Check any sockets we find against the ports resource and trigger a > resource limitation if the port has not been allocated. > > > Diffs > ----- > > src/slave/containerizer/mesos/isolators/network/ports.hpp PRE-CREATION > src/slave/containerizer/mesos/isolators/network/ports.cpp PRE-CREATION > > > Diff: https://reviews.apache.org/r/60496/diff/20/ > > > Testing > ------- > > make check (Fedora 26) > > > Thanks, > > James Peach > >
