----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/62965/#review187980 -----------------------------------------------------------
Is there any interaction with capabilities or filesystem isolation that should be mentioned? i.e. if a task does `mknod` is that always global or does it depend on whether there is a private mount of `/dev`? Are there interactions with udev that matter here? Is there any interaction with GPU devices that we should make explicit? docs/isolators/cgroups-devices.md Lines 8 (patched) <https://reviews.apache.org/r/62965/#comment265021> s/devices/device/ docs/isolators/cgroups-devices.md Lines 27 (patched) <https://reviews.apache.org/r/62965/#comment265023> Can you elaborate on what is meant by "make new devices"? Maybe: ``` Make new character devices using the [mknod(2)](http://man7.org/linux/man-pages/man2/mknod.2.html) system call. ``` - James Peach On Oct. 13, 2017, 1:30 a.m., Jie Yu wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/62965/ > ----------------------------------------------------------- > > (Updated Oct. 13, 2017, 1:30 a.m.) > > > Review request for mesos, Gilbert Song, Ilya Pronin, and James Peach. > > > Repository: mesos > > > Description > ------- > > Added doc for cgroups devices isolator. > > > Diffs > ----- > > docs/isolators/cgroups-devices.md PRE-CREATION > docs/mesos-containerizer.md 4c82474cd748abf6490fec51c8146fa8b8345906 > > > Diff: https://reviews.apache.org/r/62965/diff/2/ > > > Testing > ------- > > https://github.com/jieyu/mesos/blob/doc/docs/isolators/cgroups-devices.md > > > Thanks, > > Jie Yu > >
