-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68158/
-----------------------------------------------------------
(Updated Aug. 6, 2018, 11:42 p.m.)
Review request for mesos, Avinash sridharan, Chun-Hung Hsiao, and Greg Mann.
Changes
-------
Addressed comments.
Bugs: MESOS-9127
https://issues.apache.org/jira/browse/MESOS-9127
Repository: mesos
Description (updated)
-------
It is possible that the port mapping cleanup command will cause iptables
to deadlock if there are a lot of entires in the iptables, because the
`sed` won't process the next line while executing `iptables -w -t nat -D
...`. But the executing of `iptables -w -t nat -D ...` might get stuck
if the first command `iptables -w -t nat -S <TAG>` didn't finish
(because the xtables lock is not released). The first command might not
finish if it has a lot of output, filling the pipe that `sed` hasn't had
a chance to process yet. See more details in MESOS-9127.
This patch fixed the issue by writing the commands to a file and then
executing them.
Diffs (updated)
-----
src/slave/containerizer/mesos/isolators/network/cni/plugins/port_mapper/port_mapper.cpp
f1a3d263b7baa3ccbf270426745022d42fcc66ed
Diff: https://reviews.apache.org/r/68158/diff/5/
Changes: https://reviews.apache.org/r/68158/diff/4-5/
Testing
-------
sudo make check
```
[ OK ] CniIsolatorPortMapperTest.ROOT_INTERNET_CURL_PortMapper (8827 ms)
```
Thanks,
Jie Yu
